In the world of enterprise networking, managing Cisco devices can be an essential skill—and it starts with understanding the operating systems Cisco uses and how to interact with their command-line interface (CLI).
Cisco Operating Systems at a Glance
Cisco devices don’t all run on the same operating system. Here’s a quick breakdown of the main ones and where you’ll find them:
- NX-OS: Runs on Cisco Nexus and MDS data center switches.
- IOS-XR: Used on NCS, CRS, ASR9000, and XR12000 series service provider routers.
- IOS-XE: Found on the ASR1000 series service provider routers.
- IOS: The classic Cisco OS—many devices still use it, and most CLI commands across NX-OS, IOS-XR, and IOS-XE are very similar.
This familiarity across platforms makes it easier to jump between devices once you’re comfortable with the CLI.
Accessing the CLI
To manage a Cisco device day-to-day, you’ll typically connect to its CLI over the network using SSH (Secure Shell). SSH encrypts the session, protecting your credentials and data.
While Telnet is also supported, it’s not recommended—it’s insecure and transmits data in plain text, which can easily be intercepted.
In enterprise environments, secure logins are often enforced using a centralized AAA server (Authentication, Authorization, and Accounting), providing a consistent access policy across the network.
Initial Access with Console Connections
Before a device is configured for network access, you’ll need to connect directly to it:
- Console Cable: Traditionally, this is a serial connection from your PC to the device’s console port.
- USB to Mini USB: Newer devices come with this cable instead, making it easier to connect modern laptops.
Console access is also used for troubleshooting boot issues or regaining control if the device’s IP becomes unresponsive—something you can’t do over SSH, since the system needs to be up for the IP stack to work.
Navigating the CLI: Modes and Commands
Cisco’s CLI is mode-based, and understanding these modes is key:
- User EXEC Mode (
Router>): Limited access. Mainly for viewing basic information. - Privileged EXEC Mode (
Router#): Accessed with theenableorencommand. Allows deeper inspection and changes. - Global Configuration Mode (
Router(config)#): Accessed withconfigure terminalorconf t. Needed to make configuration changes. - Interface Configuration Mode (
Router(config-if)#): Accessed from global config using commands likeinterface fastethernet 0/0orint giga0/0.
You can drop down a level using exit or return directly to privileged EXEC with end or Ctrl + C.
Need to run a command from within a sub-mode? Prefix it with do. For example:
"Router(config)# do show ip interface brief"
Handy shortcuts:
Ctrl + A: Move to the beginning of the lineCtrl + E: Move to the end of the line
Useful CLI Commands
See interface statuses and IP assignments:
"show ip interface brief"
Display the current active configuration:
"show running-config" or "show run"
Show config specific to one interface:
"show run int fast0/0"
You can use filters to narrow output with pipes (|), which are case sensitive due to regular expression (regex) usage:
show run | begin hostnameshow run | include interfaceshow run | exclude VTY
This exception to IOS’s usual case insensitivity can trip you up if you’re not careful.
Managing Configuration Files
Cisco devices maintain two configurations:
- Running Configuration: Active now, stored in RAM
- Startup Configuration: Used on boot, stored in NVRAM
By default, changes are made to the running config. To make them persistent across a reboot, save the changes with:
"copy running-config startup-config"
You can also back up configurations to destinations like Flash memory.
Summary of Storage:
- RAM: Running configuration
- NVRAM: Startup configuration
- Flash: Stores the IOS image and backups
Ctrl+Alt+Route 
Leave a comment