Open In App

Cisco iOS Command Hierarchy

Last Updated : 01 Jan, 2023
Improve
Improve
Like Article
Like
Save
Share
Report

The operating system that Cisco uses in many of its products is called Cisco IOS, and you can communicate with it using a command line shell (or Command Line Interface or CLI, as Cisco nomenclature calls it). You have access to about 2000 different commands if you count the commands for many advanced routers and wireless items. The basic commands available in the IOS Cisco CLI used by the router are described here. Some Cisco IOS commands allow you to perform more than one action. You can also navigate up and down the hierarchy of IOS configuration levels (or modes). Some of the various levels are shown below:

Note: Here we are talking about iOS in general and not to a specific version. So not all iOS versions support all the commands listed here, and certain iOS versions contain additional commands not included in this list. Also, note that PIX line of products was originally acquired by Cisco and is not manufactured, so it has (or had) its own operating system. Although some PIX operating system command line shells were eventually merged into the Cisco iOS CLI. Finally, many basic commands have multiple modes.

Start with Cisco iOS:

First, press “Return” to enter user mode, and you will see a “router” prompt. Cisco more accurately calls this User Executive mode or User EXEC mode.

 

Command
prompt		 Available
commands
router> access-enable
router> access-profile
router> clear
router> connect
router> disable
router> disconnect
router> enable
router> exit
router> help
router> lock
router> login
router> logout
router> mrinfo
router> mstat
router> mtrace
router> name-connection
router> pad
router> ping
router> ppp
router> resume
router> rlogin
router> set
router> show 
router> slip
router> systat

Privileged Mode:

As mentioned earlier, running the enable command in user mode puts you in privileged mode, specifically privileged EXEC mode. Most of the commands available in User mode are also available in privileged mode, so there is a fair amount of duplication in this table.
 

Command
prompt		 Available
commands
router# access-enable
router# access-profile
router# access-template
router# bfe
router#  cd
router# clear
router# clock
router# configure terminal
router# connect
router# copy
router# debug
router# delete
router# dir
router# disable
router# disconnect
router# enable
router# erase
router# exit
router# help
router# lock
router# login
router# logout
router# more
router# mstat
router# mtrace
router# name-connection
router# pad
router# ping
router# ppp
router# resume
router# rlogin
router# rsh
router# send
router# set
router# setup
router# show —-
router# slip
router# systat
router# telnet
router# terminal
router# test
router# traceroute
router# tunnel
router# undebug
router# verify
router# where
router# write

Global Configuration mode:

Invoking the “configure terminal” command in privileged mode will switch to global configuration mode as shown above. The accepted shortcut for the command is “config t” and it works. Note that in this mode, as in all configuration modes, configuration settings are applied to the router’s current configuration. If the configuration needs to be applied to the boot configuration, the running configuration must be copied to NVRAM using the “Write” or “Copy” command, depending on the iOS version.

Command
prompt		 Available
commands
router(config)#   aaa  
router(config)#   
router(config)# alias
router(config)# arp
router(config)# async-bootp
router(config)# banner
router(config)# boot
router(config)# bridge
router(config)# buffers
router(config)# busy-message
router(config)# call-history-mib
router(config)# cdp
router(config)# chat-script
router(config)# clock
router(config)# config-register
router(config)# default
router(config)# default-value
router(config)# dialer
router(config)# dialer-list
router(config)# dnsix-dmdp
router(config)# dnsix-nat
router(config)# downward-compatible-config
router(config)# enable
router(config)# end
router(config)# exception
router(config)# exit
router(config)# file
router(config)# frame-relay
router(config)# help
router(config)# hostname
router(config)# interface [ e0 or s0 or s1 ]
router(config)# ip —-
router(config)# key
router(config)# line aux
router(config)# line console
router(config)# line vty
router(config)# logging
router(config)# login-string
router(config)# map-class
router(config)# map-list
router(config)# menu
router(config)# modemcap
router(config)# multilink
router(config)# netbios
router(config)# no
router(config)# partition
router(config)# priority-list
router(config)# privilege
router(config)# prompt
router(config)# queue-list
router(config)# resume-string
router(config)# rlogin
router(config)# rmon
router(config)# route-map
router(config)# router {protocol}
router(config)# rtr
router(config)# scheduler
router(config)# service
router(config)# snmp-server
router(config)# sntp
router(config)# stackmaker
router(config)# state-machine
router(config)# subscriber-policy
router(config)# tacacs-server
router(config)# terminal-queue
router(config)# tftp-server
router(config)# username
router(config)# virtual-profile
router(config)# x25
router(config)# x29

Global IP configuration commands:

We are still in global configuration mode, therefore this is a subset of IP instructions.

Command Prompt Available Commands
router(config)# ip access-list
router(config)# ip access-list standard (name)
router(config)# ip access-list extended (name)
router(config)# ip accounting-list
router(config)# ip accounting-threshold
router(config)#  ip accounting-transits
router(config)# ip address-pool
router(config)# ip alias
router(config)# ip as-path
router(config)# ip bgp-community
router(config)# ip bootp
router(config)# ip classless
router(config)# ip community-list
router(config)# ip default-gateway
router(config)# ip default-network
router(config)# ip dhcp-server
router(config)# ip domain-list
router(config)# ip domain-lookup
router(config)# ip domain-name
router(config)# ip drp
router(config)# ip dvmrp
router(config)# ip finger
router(config)# ip forward-protocol
router(config)# ip ftp
router(config)# ip gdp
router(config)# ip gratuitous-arps
router(config)# ip host
router(config)# ip host-routing
router(config)# ip hp-host
router(config)# ip http
router(config)# ip icmp
router(config)# ip local
router(config)# ip mobile-host
router(config)# ip mroute
router(config)# ip multicast-routing
router(config)# ip name-server
router(config)# ip nat
router(config)# ip ospf
router(config)# ip pim
router(config)# ip prefix-list
router(config)# ip radius
router(config)#  ip rcmd
router(config)# ip reflexive-list
router(config)# ip route
router(config)# ip routing
router(config)# ip rsvp
router(config)# ip sap
router(config)# ip sdr
router(config)# ip security
router(config)# ip source-route
router(config)# ip subnet-zero
router(config)# ip tacacs
router(config)# ip tcp
router(config)# ip telnet
router(config)# ip tftp
router(config)# ip trigger-authentication 

Interface configuration mode:

The commands in the following table are used to configure a specific interface.

Command prompt Available commands
router(config-if)# access-expression
router(config-if)# arp
router(config-if)# backup
router(config-if)# bandwidth
router(config-if)# bridge-group
router(config-if)# carrier-delay
router(config-if)# cdp
router(config-if)# cmns
router(config-if)# custom-queue-list
router(config-if)# default
router(config-if)# delay
router(config-if)# description
router(config-if)# exit
router(config-if)# fair-queue
router(config-if)# help
router(config-if)# hold-queue
router(config-if)# ip —-
router(config-if)# keepalive
router(config-if)# llc2
router(config-if)# load-interval
router(config-if)# logging
router(config-if)# loopback
router(config-if)# mac-address
router(config-if)# media-type
router(config-if)# mtu
router(config-if)# netbios
router(config-if)# no
router(config-if)# priority-group
router(config-if)# random-detect
router(config-if)# shutdown
router(config-if)# snapshot
router(config-if)# snmp
router(config-if)# standby
router(config-if)# timeout
router(config-if)# traffic-shape
router(config-if)# transmit-interface
router(config-if)# tx-queue-limit

Interface specific IP configuration commands:

These are the IP instructions that apply only to the specified interface because we are still in interface setup mode.

Command prompt Available commands
router(config-if)# ip access-group {acl name/number} {in/out}
router(config-if)# ip accounting
router(config-if)# ip address
router(config-if)# ip authentication
router(config-if)# ip bandwidth-percent 
router(config-if)# ip broadcast-address
router(config-if)# ip cgmp
router(config-if)# ip directed-broadcast
router(config-if)# ip dvmrp
router(config-if)# ip hello-interval
router(config-if)# ip helper-address 
router(config-if)# ip hold-time
router(config-if)# ip igmp
router(config-if)# ip irdp
router(config-if)# ip mask-reply
router(config-if)# ip mobile
router(config-if)# ip mroute-cache
router(config-if)# ip mtu
router(config-if)# ip multicast
router(config-if)# ip nat
router(config-if)# ip nhrp
router(config-if)# ip ospf
router(config-if)# ip pim
router(config-if)# ip policy
router(config-if)# ip probe
router(config-if)# ip proxy-arp
router(config-if)# ip rarp-server
router(config-if)# ip redirects
router(config-if)# ip rip
router(config-if)# ip route-cache
router(config-if)# ip rsvp
router(config-if)# ip rtp
router(config-if)# ip sap
router(config-if)# ip sdr
router(config-if)# ip security
router(config-if)# ip split-horizon
router(config-if)# ip summary-address
router(config-if)# ip tcp
router(config-if)# ip unnumbered
router(config-if)# ip unreachables
router(config-if)# ip verify
router(config-if)# ip web-cache

Commands for line configuration:

These are to be used while setting up the router’s line connections. The same prompt is used for the console line, the vty line, and the auxiliary line, which can cause some confusion. Depending on the command that was sent in global configuration mode, i.e. – determine which one you are working on.

  • router(config)# line aux 0 
  • router(config)#  line console 0 
  • router(config)# line vty 0 4 in 

You can only configure one type of line connection at a time; to configure another, you must return to the global configuration mode and choose the appropriate line type as described above.

Command prompt Available commands Comments
router(config-line)# exec-timeout To configure the console time out
router(config-line)# logging synchronous This command disables console pop-up messages.
router(config-line)# line vty 0 ? To determine the number of available vty lines
router(config-line)# login To ask for a login that is valid for aux, console, and vty
router(config-line)# password Set a password that is valid for the aux, console, and vty
router(config-line)# no login Risky – this command says that a password is not necessary and is valid for vty


Like Article
Suggest improvement
Previous
Configuring RIP Route Summarization in Cisco
Next
How to Download and Install Soundop on Windows?
Share your thoughts in the comments

Similar Reads

Privileged Modem in Cisco IOS Switch
Process of Backing Up and Restoring the Cisco IOS
Steps For Verifying Flash Memory in Cisco iOS
What is Cisco iOS Filesystem?
Common iOS Navigation Techniques in Cisco
Cisco Interview Experience of Cisco Ideathon for Advanced Networking 2023
Cisco Interview Experience | Set 18 (Campus Recruitment)
Connecting Multiple Computers Using Hub in Cisco Packet Tracer
Cisco Interview experience | Set 21 (Off-Campus)
Configuring RIP Default Information Originate in Cisco

A
annieahujaweb2020
Article Tags :
Practice Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox