Basic Cisco IOS switch commands enable #go into enable/privilegemode show running-config #non-default settings show ip interface brief #ports up or down ("up and up") show interfaces status #which ports are connected, at what duplex and speed (PT doesn't have?) show interfaces [INTERFACE] #info and stats about a port, or all ports show vlan brief #which ports are in which Vlans show mac-address-table dynamic #learned MAC addresses table. Port->MAC show port-security interface INTERFACE show version #hardware, OS, ports show flash #contents of flash memory show arp #arp cache show users #logged-on users *'ed line is you show cdp neighbors #directly connected switches and routers #find port your telnet session is connected to: sh users find your IP sh whoami sh line ??? sh arp find your MAC sh mac dy find your port ping IP.ADDR #if vlan1 IP address is set ************************************************************************** #hardcode speed and duplex for key ports (maybe to routers, servers): interface INTERFACE duplex full|half|auto speed 10|100|auto description Whatever You Want To Say #sh int desc #configure switch's IP address for telnetting to it, pinging it: interface vlan 1 ip address IP.ADD.RESS SUB.NET.MASK no shutdown #administratively down by default #if want access to/from internetwork (telnet or ping): ip default-gateway IP.ADD.RESS #in global config mode #port security. allow only specified MAC to use port: #in interface config mode: switchport mode access switchport port-security switchport port-security mac-address ABCD.1234.9876 #VLAN creation and port assignment to a vlan: vlan N #in global config. create VLAN n name NAME #optionally give it a name in (config-vlan) mode #in interface config mode of port: switchport access vlan N #assign the port to VLAN n switchport mode access #optional security so port is access, not trunk interface range fa0/1 - 20 #range of interfaces (config-int-range)# switchport access vlan 50 (config-int-range)# switchport mode access #what trunking: sh int trunk sh int INT switchport #modes: trunking, what encapsualtion #interface config mode: default is dynamic desirable, but is bad, so hardwire it. switchport trunk encapsulation dot1q #optional if switch has other encapsulations switchport mode trunk #frames tagged w/4B Vlan # header #VTP Vlan info replication protocol show vtp status vtp domain NAME #global config mode. will be adopted by other switches. vtp mode server|client|transparent #default is server #STP. set this switch as Root bridge: (config)# spanning-tree vlan N root primary OR: (config)# spanning-tree vlan N priority NUM show spanning-tree #STP info. which port(s) blocked. #Note that a port can be Up and Up but BLKed! (config-if)# spanning-tree portfast #only on an access port PVST: per-Vlan spanning tree: load-balancing RSTP: (config)# spanning-tree mode rapid-pvst on all switches