www.clipearth.com - www.facebook.

com/ahmedclipearth

Cisco CLI command line for cisco Router
Command(s)

Description

Router#clock set 14:45:05 June 18 2013

Set the Time of Day clock on the router.

Router>ping

Basic ICMP ping function from within EXEC mode.

A more detailed ICMP ping from within Privileged EXEX

Router#ping {ip address}

mode.

Router#traceroute {ip address}

Performs a traceroute for a given IP address

Enters the Global Configuration Mode for higher level

Router#configure terminal

configuration

Router(config)#hostname RouterName

Sets the hostname of the router

Router(config)#ip route network-address

Adds a static route the routing table. (Remember to add in

subnet-mask {next-hop IP or exit-interface}

pairs to communicating router pair)

Copies the current configuration into the register, for

Router#copy running-config startup-config

retrieval upon boot

Router(config)#line console 0 Router(config-

Overcomes line interruption from router prompts, whilst

line)#logging synchronous

typing commands.

CNTRL+SHIFT+6

Exit process

DHCP Configuration
Router(config)#ip dhcp pool {name}
Router(dhcp-config)#network {net address}
{submask}
Router(config)#ip dhcp excluded-address {start
IP} {end IP}
Router(dhcp-config)#dns-server {net address}

Create a DHCP Pool on the router.

Set the network on which to act as a DHCP server.

Set a range of address to be excluded from the DHCP pool.

Set the address of the DNS server to be issued to clients.

Router(dhcp-config)#default-router {netaddress} Set the default gateway to be issued to clients.


www.clipearth.com - www.facebook.com/ahmedclipearth

Router(config-if)#ip helper-address {network

Set this on an intermediary router. Instructs router to

address}

forward DHCP requests to a specified address.

Router#show ip dhcp binding

Shows DHCP lease information.

Router#show ip dhcp pool

Displays pool utilisation statistics.

NAT & PAT Configuration

Network Address Translation
Router(config)#ip nat inside source static {inside

Create a static NAT mapping between an inside local address

local} {outside global}

and an outside global address.

Router(config-if)#ip nat outside

Router(config-if)#ip nat inside
Router(config)#ip nat pool {name} {inside local}
{inside Global} netmask {submask}
Router(config)#ip nat inside source list {ACL
name} pool {pool name}

Create a NAT pool on the router.

Control NAT operations with an access control list.

Router(config)#ip nat inside source list {NAT}

Specify a NAT pool to translate to hosts permitted by an

pool {MY-NAT-POOL}

Access Control List.

Router#clear ip nat translation *

Deletes all current dynamic NAT mappings.

Router#show ip nat translations

Shows the active NAT mappings on the router.

Router#show ip nat statistics

Shows various statistics associated with NAT.

NAT Overload / Port Address Translation

Router(config)#ip nat inside source list {ACL
name} interface {int name} overload

Configure NAT to work in overload mode on the specified

interface and apply an access control list. I.e. to a single
inside global IP address.

Security Configuration
Router(config)#no cdp run

Router(config-line)#exec-timeout {minutes}
[seconds]

Disable Cisco Discovery Protocol functionality, for security

reasons.
Controls the amount of time a console or virtual session can
be idle before termination. Set to 00 for infinite, use only for
labs!
2


www.clipearth.com - www.facebook.com/ahmedclipearth

Create a login message. End this with a delimiting character

Router(config)# banner login & message &

like # or &

Router(config)#banner motd & message

Create a banner message. End with an &

Router(config)#no ip domain-lookup

Prevents DNS look-up for lab setups

Removes the enable password, often used in favour of

Router(config)#no enable password

enable secret password.

Provides better security by encrypting an enable password.

Router(config)#enable secret {password}

It is separate to the line password!

Router(config)#service password-encryption

Obscures the passwords within the config on the device.

Router(config)#line console 0 Router(configline)#password cisco Router(config-line)#login

Configures the console password.

Router(config-line)#exit
Router(config)#line vty 0 4 Router(configline)#password cisco Router(config-line)#login

Configures the password for virtual terminal lines

Router(config-line)#exit
Router(config-line)#no transport
inputRouter(config-line)#transport input {telnet
| ssh | etc}

Set the VTY lines to deny any input but the methods
specified.

Access Control Lists

One ACL per protocol, per direction, per
interface.
One very important thing to remember about ACLs is that an implicit deny all rule is placed at the end of all
ACL entries. So it is essential to make a statement for ALL intended communications, otherwise they will be
blocked.
All ACLs are parsed sequentially.

Standard ACLs
Router(config)#access-list {access-list-number}

Configure a Standard ACL that allows traffic to be

{deny | permit} [remark] {source-IP | any}

permitted or denied based upon the source IP address

[source-wildcard | any] [log]

only.Use the no prefix to remove the ACL.


www.clipearth.com - www.facebook.com/ahmedclipearth

Router(config)#ip access-list standard {name}

Router(config-std-nacl)#sequence-number

Configure a named Standard ACL for IP.

{permit | deny} [remark] {sourceIP} [source

wildcard] [log]

Extended ACLs
Configure an Extended ACL that allows for much greater
granularity of control i.e. Protocols, Port#s, Source addresses
& Destination addresses. (Extended IP ACL numbers range
Router(config)#access-list {access-list-number}

from 100 to 199), (Expanded IP ACLs range 2000 thru

{deny | permit} [remark] {protocol} {source}

2699).The optional (operand) is used to compare source

{source-wildcard} [operand] [port port-

and destination ports. Possible values are: lt (less than), gt

number/name] {destination} {destination-

(greater than), eq (equal to), neq (not equal to) and range

wildcard} [operator operand] [port port-

(inclusive range).The optional (established) keyword is for

number/name] [established]

TCP sessions and means that the rule will allow only TCP
communications that have the ACK bit set i.e. already
established. This rule could be used inbound, to prevent TCP
sessions being initiated from outside the network.

Router(config)#ip access-list extended {name}

Router(config-ext-nacl)#[sequence-number]
{permit | deny} [remark] {sourceIP} [source
wildcard] [log]
Router(config)#ip access-list extended {ACL
name} Router(config-extnacl)#permit ip

Configure a named, Extended ACL for IP.

{network} {wildcard mask} any

Router(config-if)#access-class {aclNumber} {in |
out}

Apply a ACL to a specific interface.

R2(config-if)#ip access-group

Interface Configuration
Router#show interfaces {interface name}

Displays details and the bandwidth of individual interfaces.


www.clipearth.com - www.facebook.com/ahmedclipearth

Displays hardware details of an interface. Useful for fault

Router#show controllers [interface name]

finding serial connections.

Shows a condensed brief of link state and IP addresses of

Router#show ip interface brief

attached interfaces & loopback(s)

Router(config)#interface [range] {interface ID}

Router(config-if)#ip address {int ip address}

Enters the interface configuration mode for a given interface

or range of interfaces.
Configure the ip address for a particular interface.

{subnet mask}

Router-on-a-stick
Configures a logical sub-interface on a physical interface.
Router(config)#interface {interface-ID.xxxx}

interfaceID.xxxx might be fa0/1.10 for FastEthernet 0/1

sub-interface#10.
This is used in router-on-a-stick configurations. After

Router(config-subif)#encapsulation {type} {vlanID}

configuring a sub-interface as shown above, you must

specify the encapsulation method, such as dot1q or isl etc
Then specify the VLAN to which this sub-interface should
interact with.

Router(config-subif)#ip address {int ip address}

{subnet mask}

Configure the ip address for a particular sub-interface.

WAN Link Technologies

Set the interface to use a specified protocol of encapsulation

Router(config-if)#encapsulation {type}

e.g. hdlc, ppp, frame-relay etc

Point-to-Point Protocol
Router#debug ppp [packet | negotiation | error

Troubleshoot PPP, or use the options to troubleshoot PPP

| authentication | compression | cbcp]

sub-processes.

Router(config-if)#encapsulation ppp

Set the interface to use PPP encapsulation method.

Configure the router to use traffic compression. Optional

Router(config-if)#compress [predictor | stac]

elements enable the use of different algorithms. Only use

with appropriate forms of traffic i.e. uncompressed.


www.clipearth.com - www.facebook.com/ahmedclipearth

Apply Link Quality Monitoring. Specify the LCP percentage

Router(config-if)#ppp quality {%}

threshold for the link to become active.

Router(config-if)#ppp multilink

Enable load balancing across multiple physical links.

PPP authentication
Router(config)#aaa new-model

Enable AAA with this command.

R1(config)#aaa authentication ppp default local

Enable AAA authentication for PPP using the locally

none

configured credentials.
Configuration parameters for PPP authentication. CHAP PAP
performs CHAP before PAP.[if-needed] should not be

Router(config-if)#ppp authentication {chap |

applied alongside of PAP or CHAP used with TACACS or

chap pap | pap chap | pap} [if-needed] [list-

XTACACS (only compatible with asynchronous

name | default ] [callin]

interfaces).The list-name and default are only required for

AAA/TACACS+.[callin] option is used to specify
authentication on incoming calls only.

Router(config)#username {user} password

Sets a local username and password for use with PPP

{cisco}

authentication protocols.

Router(config)#ppp pap sent-username {user}

Set a PAP username and password for use with PPP coms

password {password}

leaving the local router.

Frame Relay
Router#show frame-relay lmi

Router#show frame-relay pvc

Show stats for the Frame Relay, Local Management

Interface.
Show details regarding established Permanent Virtual
Circuits on the local device.

Router#show frame-relay route

Displays any Frame-Relay Layer2 routes through the device.

Router#show frame-relay map

Display Frame-Relay mappings known to the local device.

Router(config-if)#frame-relay lmi-type [type]

Specifiy the type of LMI to be used. Either [cisco | ansi |

q933a].


www.clipearth.com - www.facebook.com/ahmedclipearth

This enables a router to perform Frame Relay switching

Router(config)#frame-relay switching

globally on the router, by using the DLCIs instead of IP.

Router(config-if)#frame-relay route {incoming

DLCI} interface {outgoing interface-name}

Sets up a PVC on a Frame-Relay switch.

{outgoing DLCI}
Changes the data-link layer protocol to be used on the
Router(config-if)#encapsulation frame-relay

interface. The type of encapsulation can be set to use the

[encapType]

IETF standard with the [ietf] option. Default is set to autonegotiate.

Frame Relay interface types are separate to physical
interface types i.e. a physical DTE device can be assigned as

Router(config-if)#frame-relay intf-type {dce |

a Frame Relay DCE device. Setting an interface type as DCE,

dte}

tells the router to send LMI keepalives and route statements

on the link. Note that a PVC cannot be established between
two frame-relay DTE devices.

Router(config-if)#frame-relay interface-dlci

Manually configure the DLCI for the interface. Can be within

{number}

the range of 16-991.

This creates a static mapping of a Layer3 protocol address to
a DLCI on the local device. Frame-Relay is an NBMA type of

Router(config)#frame-relay map {L3protocol}

{protocol-address} {DLCI value} [broadcast] [ietf]

network. However, using the broadcast option, L3 broadcast

traffic destined for the mapped network can be forwarded
over the link too. Note: for the local device to be able to ping
its own interface, a static map must be created for that local
interface too.
Inverse ARP can be used to dynamically discover devices at
each end of a Frame-Relay link. Although, due to reliability

Router(config-if)#frame-relay inverse-arp

issues with Inverse ARP, best practice is to statically map IPs

to DLCIs. Inverse ARP is enabled by default, append the [no]
prefix to disable.

Frame-Relay Sub-interfaces
7


www.clipearth.com - www.facebook.com/ahmedclipearth

Router(config)#interface

Sets up a Frame-Relay sub-interface. Note that this can only

{PhyIntName}.{subNumber} {point-to-point |

be performed once frame-relay encapsulation has been

multipoint}

configured on the physical interface.

Router(config-subif)#frame-relay interface-dlci

Manually configure the DLCI for the interface. Can be within

{number}

the range of 16-991.

Dynamic Routing Protocols

Set the metric bandwidth of a link in kbps. This value is used
Router(config-if)#bandwidth {value}

to calculate the cost of a route in some dynamic protocols.

Note: This does not alter the actual level 1 bandwidth.

Router#debug ip routing
Router#show ip protocols
Router(config)#router ?

Router(config-router)#no auto-summary

Used to show modifications being made to the routing table

in real-time.
Use to verify the dynamic routing protocol in use.
Show which versions of dynamic routing protocol the IOS
version will support
Prevents auto summarization occurring at major network
boundaries.

Router(config-router)#default-information

Configure router to share static route information along with

originate

dynamic updates.

RIPv1 & v2
Router(config)#router rip
Router(config-router)#passive-interface
interface name
Router#debug ip rip

Enter RIP configuration state

To prevent RIP updates being sent from a specific interface
Show RIP updates as they are sent and received

Router(config)#router rip Router(configrouter)#network address of directly connected

Configure RIPv1 advertisements on a specific interface.

classful network
Router(config-router)#default-information

Configure router to share static route information along with

originate

dynamic updates.

RIPv2
8


www.clipearth.com - www.facebook.com/ahmedclipearth

Router(config)#router rip Router(configrouter)#version 2

Enter RIP configuration state & configure RIPv2.

EIGRP
Router(config)#router eigrp [A.S. number]
Router(config-router)#network network address
Router#show ip eigrp topology Router#show ip
eigrp topology [network address]

Enables EIGRP functionality on the router and allows for

further configuration.
Advertise the specified network address to others
Displays the EIGRP topology table on a specified router.
Including a [network address] Shows more detailed topology
for a specific network.

Router(config-if)#ip summary-address eigrp

Apply manual network summarization to a specific interface,

[a.s.] [network] [mask]

to be shared with other EIGRP neighbours.

Router(config)#router eigrp [a.s.] Router(config-

This command will share the static route of the current

router)#redistribute static

router, with other EIGRP neighbours.

OSPF
Router(config)#router ospf [process-ID]

Router(config-router)#network [network
address] [wildcard mask] area [area ID]

Router#show ip ospf
Router#show ip ospf interface
Router#show ip ospf neighbor
Router(config)#interface [OSPF interface]
Router(config-if)#ip ospf message-digest-key
[key #] md5 [key value] Router(config-if)#exit
Router(config)#router ospf [process ID]

Enables OSPF dynamic routing protocol, and enters

configuration mode. Default process ID is 1.
Configures a network to be advertised by OSPF. Use 0 area
ID for labs. This must be identical to all included OSPF
routers in the same area.
Display detailed OSPF information. Such as process and
router ID
Displays detailed information about OSPF interfaces
Show a brief list of OSPF neighbors and which interface they
are connected to on the local router.
Configures an interface for use with MD5 routing update
authentication. Note: The same key must be used for an
entire area!


www.clipearth.com - www.facebook.com/ahmedclipearth

Router(config-router)#area [area ID]

authentication message-digest

Router(config-router)#router-id [network

Manually sets the router ID for the local router. (Will require

address]

a reload if neigbours are present).

Router#clear ip ospf process

This will erase and restart the current OSPF process.

Router(config-if)#ip ospf cost [calculated value]

Router(config-router)#auto-cost referencebandwidth [value]

Manually set the cost of a link. The value is calculated by 108

bandwidth of link in bps
This can be used to simulate different connection speeds
between routers. This must be set the same for the whole
area. 10GigEthernet is 10000.

Router(config-if)#ip ospf hello-interval [seconds]

Router(config-if)#ip ospf dead-interval [seconds]

Change the hello interval from the default value: (multiaccess is 10 seconds, or 30 seconds for NBMA segments).
Change the dead interval from the default value: (40
seconds).
Change the priority of an OSPF interface. This can alter

Router(config-if)#ip ospf priority [int value]

eligibility for DR & BDR election. Range from 0-255, with

Zero as lowest. Setting Zero will stop the router from
participating in DR / BDR elections.

Lesser Used Commands

Router#debug {process-name]

Debug a specific process. Such as ip routing Show IP routes

being learned instantaneously (Use sparingly)

Router#undebug all

Stop ALL debugging

Router#undebug {process-name}

Stop a debug of a specific process.

Router(config-if)#description R1 LAN

Provides a description of the interface

Router#reload

Reloads IOS from the NVRAM

Router(config)#no cdp run

Disables the CDP functionality that is enabled as standard.

This improves security if not required.

10


www.clipearth.com - www.facebook.com/ahmedclipearth

This disables CDP advertisements ONLY on the selected

Router(config-if)#no cdp enable

interface.
Provides a description of the version of IOS loaded and the

Router#show version

memory register in use

Router#copy running-config tftp:

Backup Configuration Settings TO a TFTP Server

Router#copy tftp: running-configAddress or

name of remote host []? xxx.xxx.xxx.xxxSource

Copy configuration FROM a TFTP Server

filename []? backup_cfg_for_my_router

Register Configuration
Set the configuration register to a value. Standard is usually
Router(config)#config-register [registerValue]

set to: 02102.Set to 02142 to disable the router from

saving configurations.

IOS v.11 Irregularities

Router(config)#subnet-zero Router(config)#ip

This is a fix to the problem encountered when attempting to

classless

use a classless mask such as /30 with IOS v.11.

11


www.clipearth.com - www.facebook.com/ahmedclipearth

Cisco CLI command line for cisco Switch
Command

Description
File Management

Switch# show flash

Displays details of the available IOS images.

Displays the content and size of a specified directory.
E.g. flash is one such directory.

Switch# dir {directory}

Switch# delete
flash:{subdirectory/filename}

Deletes a specific file. Can delete all files within a

directory/subdirectory when an asterisk * is used.

Switch# show boot

Switch(config)# boot system flash:{/c2960lanbase-mz.122-25.SEE1.bin}

Display the boot environment variables.

Set the switch to boot from a different IOS image.
Restores the configuration of the Switch to default
settings. Note: Does not erase VLAN configuration.

Switch# write eraseSwitch# reload

Switch# copy running-config startup-config
Switch# copy startup-config tftp

Save the current configuration settings.

Copy the current version of the startup configuration TO
a TFTP server.

Switch# copy flash tftp

Copy a file from the flash memory TO a TFTP server.

Switch# copy tftp flash

Copy a file FROM a TFTP server to the flash memory.

Switch# rename flash:/{directory/filename}

flash:/{directory/newfilename}

Renames a file held within the flash memory.

General Configuration
Switch# terminal history
Switch# terminal history size {value}

Enables the terminal history feature.

Enter a value for the number of lines to recall under the
terminal history feature. 0-256 lines.

Switch# terminal no history size

Restores the history size to the default value of 10 lines.

Switch# terminal no history

Switch(config)# ip default-gateway {IPaddress}

Disables the terminal history feature.

Configures the default gateway for the switch.

Switch(config)# ip http authentication

enable

Optional authentication for securing HTTP access.

Switch(config)# ip http server

Enable HTTP server on the switch enables switch

configuration via TCP/IP.
12


www.clipearth.com - www.facebook.com/ahmedclipearth

Security Configuration
Enable anti-DHCP spoofing measures on catalyst
switches.

Switch(config)# ip dhcp snooping

Switch(config)# ip dhcp snooping vlan
number {number}
Switch(config-if)# ip dhcp snooping trust
Switch(config)# ip dhcp snooping limit rate
{value}

Enable DHCP snooping for specific VLANs.

Set ports as trusted DHCP ports.
Set an upper limit on the number of times an attacker
can send bogus DHCP requests through an untrusted
port.

Switch-port Security
Switch# show port-security interface {value}

Display the details of port security settings for an

interface.

Switch(config-if)# switchport port-security

mac-address {MAC-address}

Sets a static port security rule for an interface.

Switch(config-if)# switchport port-security

maximum {value}

Sets the maximum permissible number of secure

addresses allowed on a port.

Switch(config-if)# switchport port-security

violation {protect | restrict | shutdown}

Define the course of remedial action to be taken by the

switch if the maximum number of layer 2 addresses is
reached on a port. Protect = drop | Restrict = drop, log,
send SNMP trap, increment violation counter |
Shutdown = set port to error-disabled state, log, send
SNMP trap and increment violation counter.

Switch(config-if)# switchport port-security

mac-address sticky

Enables sticky learning on a port. This will dynamically

learn secure layer 2 addresses and add them to the
running-config. Note that running-config must be saved
after learning is complete!

SSH Configuration
Switch(config)# ip domain-name {domainname}

Sets a host domain name for the switch, required for

SSH.

Switch(config)# crypto key generate rsa

Enables the SSH server on the switch and generates an

RSA key pair. Recommended modulus length is 1024
bits.

Switch# ip ssh version [1 or 2]

Set the version of SSH standard to run on the local SSH

server. If option is left blank, the latest version will be
selected.

Switch# ip ssh {timeout seconds}

Set the time period for an SSH session to be established.

Default is 120. Range is 0 120 seconds.
13


www.clipearth.com - www.facebook.com/ahmedclipearth

Switch# ip ssh {authentication-retries

number}
Switch(config-line)#transport input {telnet |
ssh | all}
Switch(config-line)#login local
Switch(config)#username {username}
password {Password}

Sets the number of times a client can re-authenticate

within a 10 minute period. Range is 0 to 5 attempts.
Either accept just telnet or SSH or accept both.
Use local usernames instead of AAA.
Create a local set of credentials.

Interface Configuration
Switch(config)# interface range {interface
prefix / number range}

Configure a group of interfaces e.g. fa0/1 5 for Fast

Ethernet ports 1 thru 5.

Switch(config-if)# mdix auto

Permits the switch to use the MDIX automatic cable

medium detection facility append no to disable the
feature. (Command is not compatible with Catalyst
2950 or 3550).

Switch(config)# mac-address-table static

{MAC address} vlan {vlan-id} interface
{interface-id}

This creates a static mapping of a MAC to a specified

port on the switch. Append no to remove.

Switch(config)# interface vlan {value}

Enter the interface configuration mode for a VLAN of

number.

Switch(config-if)# ip address {interface

address} {subnet mask}

Configure a VLAN-interface IP address.

Switch(config-if)# switchport mode {type}

Set the VLAN membership mode for a port access or

trunk.

Switch(config-if)# switchport access vlan

{number}

Assign a specific switch port to use a specified VLAN

number.

Switch(config-if)# switchport trunk native

vlan {native id}

Assign a specific VLAN to the switch port to be the

NATIVE. This is necessary for untagged traffic on 802.1Q
trunk ports.

Switch(config-if)# no switchport trunk

native vlan

Reset the NATIVE VLAN back to the default of VLAN 1.

Dynamic Trunking Protocol

Switch# show dtp [interface]

Displays details of DTP configuration.

Switch(config-if)# switchport mode {type}

Set the membership mode for a port access or trunk.

This sets the port to ON if trunk mode is selected.

Switch(config-if)# switchport mode dynamic

desirable

Sets the local switch port to advertise to the remote

port that it would like to trunk. Will only trunk if remote
port is set to ON, DESIRABLE or AUTO.

14


www.clipearth.com - www.facebook.com/ahmedclipearth

Spanning Tree Protocol

Switch(config-if)# spanning-tree cost {value}

Manually set the cost of an interface for the STA to use

in calculations. Between 1 and 200,000,000.

Switch(config)# spanning-tree vlan {vlan-id}

root primary

Set the switch to be the lowest priority value on the

network. Set to either 24576 or the next 4096
increment below the lowest already on the network.

Switch(config)# spanning-tree vlan {vlan-id}

priority {value}

Allows the admin to manually set bridge priority for a

specified VLAN. Used to setup load balancing between
0 and 65536 in increments of 4096. Default on Catalyst
switches is 32768.

Switch(config-if)#spanning-tree portfast

Enable PortFast feature on an access port to mitigate

STP processes on that port. This will reduce the time
taken for the link to come up.

Switch(config-vlan)# name {enter a name

for the VLAN}.

Sets the name of a VLAN.

Switch(config-if)#switchport trunk native

vlan {vlanNo.}

Specify the Native vlan for the Trunk.

Switch(config-if)# switchport trunk allowed

vlan remove {vlanNo.}

Remove specific VLANs permitted on a trunk.

VTP

Switch(config)# vtp domain {name}

Switch(config)# vtp password {value}

Set the VTP mode for the device. Client, server or

transparent. Be sure this is set first!
Set the VTP domain name.
Set a password for the VTP domain.

Switch(config)# vtp pruning

Enables VTP pruning, use on the VTP server only.

Switch(config)# vtp mode {server}

2900 Series (Legacy Commands)

Switch# vlan database
Switch(vlan)# vlan {id} [name]

This accesses the VLAN database.

Assign an ASCI name to the VLAN.

Troubleshooting
Switch# show history

Displays the terminal history if enabled (See general

configuration).

Switch# show env {all}

Shows the status of all hardware monitoring sensors on

the device.

Switch# show interface [interface-id | vlan

vlan-id | switchport]

Shows detailed information for specific interfaces, vlans

or switch ports.
15


www.clipearth.com - www.facebook.com/ahmedclipearth

Switch# show interface trunk

Shows detailed information about trunk ports in use on

the switch.

Switch# show vlan [brief | id vlan-id | name

vlan-name | summary]
Switch# show spanning-tree
Switch# debug spanning-tree events

Is used to display VLAN information for verification

purposes.
Displays details of the STP environment.
Show notifications of STP events in real-time.

Switch# show ip ssh

Shows the status of the SSH server on the switch.

Switch# show mac-address-table

Displays the Media Access Control address table (CAM

table) on the switch.

16