# Cisco Helper

Cisco helper

Last Updated 16.10.2016

My little Cisco IOS Helper. A CheatSheet for forgetful people.


Show config

show run

Show Switch Model and IOS Version

show version

Show interfaces with status up

sh ip int bri | inc up

Show Port VLAN assignment

show vlan brief

Show Trunk Interfaces

show interfaces trunk

Show Interface information

show interface description
sh int des

Show interface information

show run int Gi1/0/1


Switch to privileged mode


Switch to configure terminal mode
We need to be in privileged mode

configure terminal
config t

Descend menu, go back one step


Config save

write mem

Configure Interface

interface Gi1/0/25
int Gi1/0/25

Change interface to access port, set vlan

switchport access vlan 3

Change interface to access port

switchport mode access

Change interface to trunk

switchport mode trunk

Change interface description

description *** My Interface ***
Configure Trunk Interface
  1. Edit the interface you would like to use as a trunk Interface.
  2. Add Encapsulation
switchport trunk encapsulation dot1q
  1. Change the mode
switchport mode trunk
  1. Add Vlans to the trunk
switchport trunk allowed vlan 2,3
Remove/Undo Settings
  1. Setting can be undone quite easily. Example Settings:
switchport trunk allowed vlan 22, 24
  1. copy the value you would like to remove

  2. Configure the interface

  3. write no a blank and paste the previous copied setting

no switchport trunk allowed vlan 22,24
  1. Setting is now removed from the interface

Create a new VLAN

conf t
v3 config
snmp-server group GROUPNAME v3 priv access ACCESSLISTNAME
snmp-server user USERNAME GROUPNAME v3 auth md5 AUTHPASS priv aes 128 PRIVPASS

I use md5 for authentication and aes 128bit for encryption. There ar more settings possible. see here.

Access Control List

Show all ACL

show ip access-list 

Show ACL per Interface

show ip access-list interface INTERFACENAME

your get the name bye executing sh int des

Add entry to ACL List

ip access-list standard NAMEOFACCESSLIST
permit IP

ip access-list standard NAMEOFACCESSLIST 

Remove an enytry

ip access-list standard NAMEOFACCESSLIST 
no permit IP

First we select the specific ACL. Then we remove the entry

Renumber the existing entries

ip access-list resequence NAMEOFACCESSLIST 10 20

Starting at number 10 increment by 20

Remove entire ACL

no ip access-list standard NAMEOFACCESSLIST 

Here is a good webpage which explains it a little bit better.


Add Trunk, rejected

Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to "trunk" mode.

Make sure you enabled the encapsulation dot1q

Icinga 2, Check Cisco Switch with Centreon
Icinga2, monitor vCenter

Share it

Written by

Martin Schmidli

Welcome! My focus these days is mainly on Modern Workplace, based on Microsoft 365 solutions. Feel free to reach out if you have any questions!