We’ve already learned that IOS has three main command modes: the user exec, privileged exec, and the global configuration modes. Each of these modes serves a different purpose and has its own set of commands. In this lesson we will describe each of this modes in more detail.
User EXEC mode commands
Initially, a user logs into the User Exec mode. This is the mode with the least number of commands. You can get a list of all available commands by typing the character ?.
Router>? Exec commands: <1-99> Session number to resume connect Open a terminal connection disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit from the EXEC logout Exit from the EXEC ping Send echo messages resume Resume an active network connection show Show running system information ssh Open a secure shell client connection telnet Open a telnet connection terminal Set terminal line parameters traceroute Trace route to destination
As you can see, most of the commands available are used to show statistics and perform some basic troubleshooting. The prompt on the left side of the screen always displays the device hostname (R1 in this case), followed by the character >.
All commands can be abbreviated to their first letters of the command name. For example, you can abbreviate ping by typing pin, because no other command in the User EXEC mode IOS mode begins with these letters.
Privileged EXEC mode commands
This IOS mode is also called enable mode because you must enter the enable command from a user EXEC mode if you want to access this mode. You can use more commands in the privileged EXEC mode than you were able to use in the user EXEC mode. You can save a device configuration or reload a device in this mode. You can also enter a third mode, the configuration mode. The access to the privileged EXEC mode is usually protected with a password.
The prompt for this mode shows # after the device hostname.
Router>en Router#? Exec commands: <1-99> Session number to resume auto Exec level Automation clear Reset functions clock Manage the system clock configure Enter configuration mode connect Open a terminal connection copy Copy from one file to another debug Debugging functions (see also 'undebug') delete Delete a file dir List files on a filesystem disable Turn off privileged commands disconnect Disconnect an existing network connection enable Turn on privileged commands erase Erase a filesystem exit Exit from the EXEC logout Exit from the EXEC mkdir Create new directory more Display the contents of a file no Disable debugging informations ping Send echo messages reload Halt and perform a cold restart resume Resume an active network connection rmdir Remove existing directory send Send a message to other tty lines setup Run the SETUP command facility show Show running system information ssh Open a secure shell client connection telnet Open a telnet connection terminal Set terminal line parameters traceroute Trace route to destination undebug Disable debugging functions (see also 'debug') vlan Configure VLAN parameters write Write running configuration to memory, network, or terminal
Global configuration mode commands
To change a device configuration, you need to enter the global configuration mode. This mode can be accessed by typing configure terminal (or conf t, the abbreviated version of the command) from the enable mode. The prompt for this mode is hostname(config).
Global configuration mode commands are used to configure a device. You can set a hostname, configure authentication, set an IP address for an interface, etc. From this mode you can also access submodes, for example the interface mode, from where you can configure interface options.
You can get back to a privileged EXEC mode by typing the end command. You can also type CTRL + C to exit the configuration mode.
Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#? Configure commands: aaa Authentication, Authorization and Accounting. access-list Add an access list entry banner Define a login banner bba-group Configure BBA Group boot Modify system boot parameters cdp Global CDP configuration subcommands class-map Configure Class Map clock Configure time-of-day clock config-register Define the configuration register crypto Encryption module default Set a command to its defaults do To run exec commands in config mode dot11 IEEE 802.11 config commands enable Modify enable password parameters end Exit from configure mode exit Exit from configure mode flow Global Flow configuration subcommands hostname Set system's network name interface Select an interface to configure ip Global IP configuration subcommands ipv6 Global IPv6 configuration commands key Key management license Configure license features line Configure a terminal line lldp Global LLDP configuration subcommands logging Modify message logging facilities login Enable secure login checking mac-address-table Configure the MAC address table no Negate a command or set its defaults ntp Configure NTP parameter-map parameter map parser Configure parser policy-map Configure QoS Policy Map port-channel EtherChannel configuration priority-list Build a priority list privilege Command privilege parameters queue-list Build a custom queue list router Enable a routing process secure Secure image and configuration archival commands security Infra Security CLIs service Modify use of network based services snmp-server Modify SNMP engine parameters spanning-tree Spanning Tree Subsystem tacacs-server Modify TACACS query parameters username Establish User Name Authentication vpdn Virtual Private Dialup Network vpdn-group VPDN group configuration zone FW with zoning zone-pair Zone pair command
A global configuration mode contains many submodes. For example, if you want to configure an interface you have to enter that interface configuration mode. Each submode contains only commands that pertain to the resource that is being configured.
To enter the interface configuration mode you need to specify which interface you would like to configure. This is done by using the interface INTERFACE_TYPE/INTERFACE_NUMBER global configuration command, where INTERFACE_TYPE represents the type of an interface (Ethernet, FastEthernet, Serial…) and INTERFACE_NUMBER represents the interface number, since CIsco devices usually have more than one physical interface. Once inside the interface configuration mode, you can get a list of available commands by typing the “?” character. Each submode has its own prompt. Notice how the command prompt was changed to Router(config-if) after I’ve entered the interface submode:
Router(config)#interface GigabitEthernet 0/1 Router(config-if)#? arp Set arp type (arpa, probe, snap) or timeout bandwidth Set bandwidth informational parameter cdp CDP interface subcommands channel-group Add this interface to an Etherchannel group crypto Encryption/Decryption commands custom-queue-list Assign a custom queue list to an interface delay Specify interface throughput delay description Interface specific description duplex Configure duplex operation. exit Exit from interface configuration mode fair-queue Enable Fair Queuing on an Interface hold-queue Set hold queue depth ip Interface Internet Protocol config commands ipv6 IPv6 interface subcommands lldp LLDP interface subcommands mac-address Manually set interface MAC address mtu Set the interface Maximum Transmission Unit (MTU) no Negate a command or set its defaults pppoe pppoe interface subcommands pppoe-client pppoe client priority-group Assign a priority group to an interface service-policy Configure QoS Service Policy shutdown Shutdown the selected interface speed Configure speed operation. standby HSRP interface configuration commands tx-ring-limit Configure PA level transmit ring limit
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.
We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training: