NETWORKS TRAINING

HOME Cisco Networking  Cisco ASA  Certifications Training  General  Cisco Routers
ABOUT RECOMMENDED SOFTWARE MY BOOKS IP TOOLS

Cisco Switches

You are here: Home / Cisco Switches / Cisco Switch Commands Cheat Sheet (CLI)

Cisco Switch Commands Cheat Sheet (CLI)

Edited By Harris Andrea

Cisco switches can be used as plug-and-play devices out of the box but they also offer an
enormous amount of features. Although the main purpose of the switch is to provide inter-
connectivity in Layer 2 for the connected devices of the network, there are myriad features and
functionalities that can be configured on Cisco Switches.

In the following Cisco Switch Commands Cheat Sheet, I have tried to include the most
important and frequently-used CLI commands that Cisco professionals encounter in real world
networks. I know that the list is not exhaustive but I believe that the most useful commands are
:
 included. Make sure to download the whole commands cheat sheet in PDF format below so
you can print it or save it on your computer for future reference.

[xyz-ihs snippet=”Cheat-Sheet-Opt-In-Within-Posts”]
NOTE: Other Cisco Command Cheat Sheet Posts:

Cisco Router Commands Cheat Sheet

Cisco ASA Firewall Commands Cheat Sheet

The following commands will work on most Cisco switch models such as 4500, 3850, 3650,
2960, 3560 etc.

Table of Contents

Verification Commands:
TestSwitch#show version

[Displays software and hardware information]

TestSwitch#show running-config

[Displays currently running configuration in DRAM]

TestSwitch#show start

[Displays configuration in NVRAM which will be loaded after reboot]

TestSwitch#show flash:

[Displays Flash memory information]

TestSwitch#show boot
:
 [Displays boot path and image]

TestSwitch#show clock

[Displays the system clock]

TestSwitch#show interfaces

[Displays all interfaces configuration and status of line]

TestSwitch#show vlan

[Displays vlan number, name, status and ports associated with it]

TestSwitch#show vtp status

[Displays VTP mode, Number of existing vlans and config revision]

TestSwitch#show interface status

MORE READING: Deleting the VLAN Database from a Cisco Switch

[Displays interface status, vlan, Duplex, Speed and type]

TestSwitch#show etherchannel

[Displays etherchannel information]

TestSwitch#show cdp neighbors

[Displays information of connected devices]

TestSwitch#show cdp neighbors detail

[Displays detailed information of connected devices]

:
 TestSwitch#show mac address-table

[Displays current MAC address forwarding table and which MAC is learned on each
switch port]

TestSwitch#show spanning-tree

[Displays spanning-tree state information, which interfaces are in active or blocking

state etc]

Resetting the Switch

TestSwitch#delete flash:vlan.dat

[Deletes vlan database from flash memory so you can start adding new VLANs from
scratch]

TestSwitch#erase startup-config

[Delete start-up file from NVRAM]

TestSwitch#reload

[Reboot the Switch]

Setting Host Names

TestSwitch#config t

[Entering into Global Configuration Mode]

TestSwitch(config)#hostname MySwitch

[Enter the hostname of the switch]

MySwitch(config)#

Setting login credentials:

:
 MySwitch(config)#username admin password csico1234

[create username and password for logging in to the switch]

MySwitch(config)#enable secret test1

[Sets encrypted secret password using MD5 algorithm. This is the enable password that
you will be asked to enter when trying to enter into “enable” mode]

MySwitch(config)#service password-encryption

[Encrypt all the passwords using MD5]

Console Access:
MySwitch(config)#line con 0

[Enter into line console mode]

MySwitch(config-line)#password test3

[Set password on console]

MySwitch(config-line)#login

[Enable password checking on console]

SSH/Telnet Access to the switch:

MySwitch(config)#line vty 0 4

[Enters line vty mode for all five virtual ports]

MySwitch(config-line)#transport input ssh

[Enable SSH]

MySwitch(config-line)#transport input telnet

:
 [Enable telnet]

MySwitch(configiline)#password test3

[Set password]

Setting IP Address (To allow remote access to the switch):

MySwitch(config)#interface vlan1

[Enters vlan1, the native vlan]

MySwitch(config-if)#ip address 192.168.1.2 255.255.255.0

[Set IP address for management]

MySwitch(config-if)#exit

MySwitch(config)#ip default-gateway 192.168.1.1

[Exit path for the switch – gateway IP]

Interface description
MySwitch(config)#interface g0/1

MySwitch(config-if)#description TO SERVER

Duplex and Speed Settings

MySwitch(config)#interface g0/1

MySwitch(config-if)#speed 10

[Force 10Mbps Speed]

MySwitch(config-if)#speed 100
:
 [Force 100Mbps Speed]

MySwitch(config-if)#speed auto

[Enable auto speed configuration]

MySwitch(config-if)#duplex auto

MORE READING: Layer 2 VLAN Configuration on a Cisco Switch (with Example)

[Enable auto duplex configuration on switch port]

MySwitch(config-if)#duplex full

[Enable full duplex configuration on switch port]

MySwitch(config-if)#duplex half

[Enable half duplex configuration on switch port]

Setting Web-based interface for configuration (GUI):

MySwitch(config)#ip http server

[Enable HTTP server]

MySwitch(config)#ip http port 80

[Set port number for HTTP]

Port-Security
MySwitch(config)#interface g0/1

[Enter the interface to set port-security]

:
 MySwitch(config-if)#switchport port-security

[Enable port security on the interface]

MySwitch(config-if)#switchport port-security mac-address sticky

[Interface converts all MAC addresses to sticky secure addresses]

MySwitch(config-if)#switchport port-security maximum 1

[Only one MAC address will be allowed for this port]

MySwitch(config-if)#switchport port-security violation shutdown

[Port will shut down if violation occurs]

MySwitch(config-if)#exit

MySwitch(config)#exit

MySwitch#show port-security

[Verifying Port security]

Save current configuration

MySwitch(config)# copy running-config startup-config

PortFast
“Portfast” bypasses the Spanning Tree states and brings the port up as quickly as possible.
Use it only if you connect a regular host (e.g Computer) on the port. Do not use this command
when the port is trunk or if you connect other switches on the specific port.

MySwitch(config)# interface FastEthernet 0/1

MySwitch(config-if)# spanning-tree portfast

:
 Configuring VLANs
MySwitch(config)#vlan 20

[Create a Layer2 VLAN with id 20]

MySwitch(config-vlan)# name testvlan

[Enter a name for the vlan]

MySwitch(config-vlan)#exit

MySwitch(config)#exit

MySwitch#show vlan brief

[Verify the vlan database]

Assigning access ports to a vlan

MySwitch(config)#interface g0/1

MySwitch(config-if)#switchport mode access

[Set the interface in switch access mode]

MySwitch(config-if)#switchport access vlan 20

[Assign the port to vlan 20]

MySwitch(config-if)#exit

The following commands will select a range of interfaces (from 1 to 24) and add all of
them to vlan20

MySwitch(config)#interface range gigabitEthernet 0/1-24

MySwitch(config-if)#switchport mode access

:
 MySwitch(config-if)#switchport access vlan 20

MySwitch(config-if)#exit

Configuring trunk port

MySwitch(config)#interface g0/2

MySwitch(config-if)#switchport trunk encapsulation dot1q

[Configure the port to support 802.1Q Encapsulation (default is negotiate)]

MySwitch(config-if)#switchport mode trunk

[Set the interface in permanent trunking mode]

MySwitch(config-if)#switchport trunk native vlan 20

[Specify native vlan for 802.1q trunks – OPTIONAL]

MySwitch(config-if)#switchport trunk allowed vlan 2-5

[vlans 2 to 5 are allowed to pass through the trunk]

MySwitch(config-if)#switchport trunk allowed vlan add 7

[add also vlan 7 in the allowed vlans]

MySwitch(config-if)#switchport trunk allowed vlan remove 3

[remove vlan 3 from the allowed vlans in the trunk]

MySwitch#show interface g0/2 trunk

[Verify the trunk ports and associated vlans on the specific interface]

DOWNLOAD THE CHEAT SHEET AS PDF FILE

:
 Related Posts
What is Cisco Virtual Port Channel (vPC) – Explained and Discussed
Discussion and Explanation of BPDU Guard (With Cisco Config Example)
From Reactive to Proactive: Mastering Network Performance with Switch Monitoring
How Does a Network Switch Learn MAC Addresses?
How to Find a Device MAC Address on a Cisco Switch (show mac address-table)

Filed Under: Cisco Switches

Download Free Cisco Commands Cheat Sheets

Enter your Email below to Download our Free Cisco Commands Cheat Sheets for Routers, Switches and
ASA Firewalls.

Email

Please enter your email address

We use Elastic Email as our marketing automation service. By submitting this form, you agree that the
information you provide will be transferred to Elastic Email for processing in accordance with their Terms of
Use and Privacy Policy. Also, you allow me to send you informational and marketing emails from time-to-time.

I'm not a robot

reCAPTCHA
Privacy - Terms

SUBSCRIBE

About Harris Andrea

Harris Andrea is an Engineer with more than two decades of professional experience in
the fields of TCP/IP Networks, Information Security and I.T. Over the years he has
acquired several professional certifications such as CCNA, CCNP, CEH, ECSA etc.
He is a self-published author of two books ("Cisco ASA Firewall Fundamentals" and "Cisco VPN
Configuration Guide") which are available at Amazon and on this website as well.
:
 Comments

J. A. Macdonald says
August 9, 2016 at 1:09 pm

Hi

Have used your e-books a number of times as reference material, and found them very
helpful.

One topic I would like to see you cover is hair pinning, from the aspect of vpn client
connecting into HO ASA but hair pinning through site-to-site to remote office resource.

Hope you cover it soon, as I always have issue with it doing this config so infrequently.

Thanks

Harris Andrea says

August 9, 2016 at 3:17 pm

Hi Jon,

Thanks for the feedback. I cover this scenario in my VPN book

(https://www.networkstraining.com/ciscovpnebook/info.html) but I’ll find some time to
cover it here as well.

Harris
:
 P. Serbo Kpan, Jr. says
June 5, 2017 at 3:51 pm

Please send me cisco switches configuration statements functions and meaning.

Harris Andrea says

June 7, 2017 at 4:14 pm

When you subscribe you will get an email with Cisco switch commands etc

Jabari says
December 5, 2018 at 11:55 pm

this really helped me

Ranjit Singh says

January 17, 2019 at 3:51 pm

I need cisco router command sheet.

Harris Andrea says

January 17, 2019 at 4:22 pm

Here is the LINK for the Cisco Router Commands Cheat Sheet
:
 Sarkis S Badal says
November 14, 2022 at 3:39 pm

I looking for all cisco commands for switches.

Thank you

Shaik Khaiser says

October 26, 2023 at 9:31 pm

I looking for all cisco commands for switches.

Thank you

Leave a Reply
Your email address will not be published. Required fields are marked *

Comment *

Name *
:
 Email *

POST COMMENT

This site uses Akismet to reduce spam. Learn how your comment data is processed.

SEARCH THIS SITE

Search this website

ABOUT NETWORKS TRAINING AMAZON DISCLOSURE

We Provide Technical Tutorials and Configuration As an Amazon Associate I earn from qualifying
Examples about TCP/IP Networks with focus on Cisco purchases.
Products and Technologies. This blog entails my own Amazon and the Amazon logo are trademarks of
thoughts and ideas, which may not represent the Amazon.com, Inc. or its affiliates.
thoughts of Cisco Systems Inc. This blog is NOT
affiliated or endorsed by Cisco Systems Inc. All product
SEARCH
names, logos and artwork are copyrights/trademarks of
their respective owners.
Search this website

BLOGROLL

Tech21Century
Firewall.cx

Copyright © 2025 | Privacy Policy | Terms and Conditions | Hire Me | Contact | Amazon Disclaimer | Delivery Policy
:
 DO NOT SELL OR SHARE MY INFORMATION
: