Cisco Console命令(1)
:IT学习乐园
:Builder
:20240329
:798

 

Show users    ---------显示连接的用户信息。

Clear line x    ----------清除某个用户连接。

Show session          ---------显示会话。

 

网络拓朴如下:

Router1 S0/0 <----> Router2 S0/0 

Router1配置如下:

R1#show running-config 
Building configuration...

Current configuration : 1325 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$mceS$BOoZJ5Pp/7QwSE6GJgnIq/
enable password 7 030752180500
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username builder privilege 10 password 7 1415070200002F39
!

!
!
!         
!
interface Serial0/0
 bandwidth 64
 ip address 192.168.1.1 255.255.255.0
 serial restart-delay 0
 clock rate 64000
 no dce-terminal-timing-enable
!
interface Serial0/1
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial0/2
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial0/3
 no ip address
 shutdown 
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface FastEthernet1/0
 ip address 192.168.2.1 255.255.255.0
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
!
!
!
cdp timer 90
cdp holdtime 240
!
!
!
control-plane
!
!
!
!         
!
!
!
!
!
banner motd ^C Welcome to connect to Router1! ^C
privilege exec level 10 show
!
line con 0
 exec-timeout 0 0
 password 7 030752180500
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 045802150C2E
 login
!
!
end

R1#

Router2配置如下

R1#show running-config 
Building configuration...

Current configuration : 1325 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$mceS$BOoZJ5Pp/7QwSE6GJgnIq/
enable password 7 030752180500
!
no aaa new-model
!
resource policy 
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username builder privilege 10 password 7 1415070200002F39
!

!
!
!         
!

它们可以相互Ping通

R2#show running-config 
Building configuration...

Current configuration : 1122 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$rfd5$/0v212MLcNsfWPmQNceVi0
enable password 7 05080F1C2243
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface Serial0/0
 ip address 192.168.1.2 255.255.255.0
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial0/1
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial0/2
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial0/3
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!         
interface FastEthernet1/0
 ip address 192.168.3.1 255.255.255.0
 duplex auto
 speed auto
!
ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!         
!
line con 0
 exec-timeout 0 0
 password 7 0822455D0A16
 logging synchronous
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 01100F175804
 login
!
!
end

它们可以相互Ping通

R1#ping 192.168.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/38/88 ms
R1#
R1#

R2#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/32/80 ms
R2#

========================

R1#
R1#show users 
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00  

  Interface    User               Mode         Idle     Peer Address

R1#

 

R2 telnet 到R1 并按下ctrl+shif+6 x返回R2

R2#telnet 192.168.1.1 
Trying 192.168.1.1 ... Open
 Welcome to connect to Router1!

User Access Verification

Password: 
R1>enable
Password: 
R1#show users 
    Line       User       Host(s)              Idle       Location
   0 con 0                idle                 00:00:33   
*130 vty 0                idle                 00:00:00 192.168.1.2

  Interface    User               Mode         Idle     Peer Address

R1# 
R2#

 

R1#show users 
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00   
 130 vty 0                idle                 00:01:01

 R1#show line 
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int
*    0 CTY              -    -      -    -    -      0       1     0/0       -
   129 AUX   9600/9600  -    -      -    -    -      0       0     0/0       -
*  130 VTY              -    -      -    -    -      7       0     0/0       -
   131 VTY              -    -      -    -    -      0       0     0/0       -
   132 VTY              -    -      -    -    -      0       0     0/0       -
   133 VTY              -    -      -    -    -      0       0     0/0       -
   134 VTY              -    -      -    -    -      0       0     0/0       -

Line(s) not in async mode -or- with no hardware support: 
1-128
 
R1#

 R2#show users 
    Line       User       Host(s)              Idle       Location
*  0 con 0                192.168.1.1          00:01:41

  Interface    User               Mode         Idle     Peer Address

R2#show sessions
Conn Host                Address             Byte  Idle Conn Name
*  1 192.168.1.1         192.168.1.1            0     1 192.168.1.1

R2#

 

R2输入1连接到R1


R2#1 
[Resuming connection 1 to 192.168.1.1 ... ]

R1#
R1#

从R1踢除R2的telnet

R1#clear line 130 
[confirm]
 [OK]
R1#show users
    Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00  

  Interface    User               Mode         Idle     Peer Address

R1#

 



###################


Show controllrs serial x/x -------------查看DCE或DTE。

bandwidth 64                     -------------设置带宽64k,64k不是实际带宽,用来作为度量用(Metric)。

clock rate 64000                -------------设定时钟频率。

 

==========================================
R1#show controllers serial 0/0

M4T: show controller:
PAS unit 0, subunit 0, f/w version 1-45, rev ID 0x2800001, version 1
idb = 0x65058E10, ds = 0x65059ED8, ssb=0x6505A294
Clock mux=0x0, ucmd_ctrl=0x0, port_status=0x7B
Serial config=0x8, line config=0x200
maxdgram=1608, bufpool=78Kb, 120 particles
     DCD=up  DSR=up  DTR=up  RTS=up  CTS=up
line state: down
cable type : V.11 (X.21) DCE cable, received clockrate 2015232

base0 registers=0x3C000000, base1 registers=0x3C002000
mxt_ds=0x64DED088, rx ring entries=78, tx ring entries=128
rxring=0x5D237A0, rxr shadow=0x650608F0, rx_head=0
txring=0x5D23A60, txr shadow=0x65060CCC, tx_head=0, tx_tail=0, tx_count=0
throttled=0, enabled=0
halted=0, last halt reason=0
Microcode fatal errors=0
rx_no_eop_err=0, rx_no_stp_err=0, rx_no_eop_stp_err=0
rx_no_buf=0, rx_soft_overrun_err=0, dump_err= 0, bogus=0, mxt_flags=0x0
tx_underrun_err=0, tx_soft_underrun_err=0, tx_limited=1(2)
tx_fullring=0, tx_started=0, mxt_flush_count=2
rx_int_count=0, tx_int_count=3
R1#

----------------------------------------------------------------

 R1(config)#interface serial0/0
R1(config-if)#bandwidth 64
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown


###################


Cisco有0~15,16个特权级别。默认是级别15.

 

===========================================

网络拓朴如下:

Router1 S1/0 <----> Router2 S1/1

Router1配置如下:

R1#
R1#
R1#show run
R1#show running-config 
Building configuration...

Current configuration : 1244 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$QHHQ$MNawjclidsr.4sQiCMt5M/
enable password 7 110A1016141D
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!         
interface FastEthernet0/0
 ip address 192.168.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial1/0
 bandwidth 64
 ip address 192.168.1.1 255.255.255.0
 serial restart-delay 0
 clock rate 64000
 no dce-terminal-timing-enable
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.1.2
!
!
!
!
!
!
control-plane
!
!
!
!
!
!         
!
!
!
banner motd ^C Welcome to connect to Router1 ^C
!
line con 0
 exec-timeout 0 0
 password 7 030752180500
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 02050D480809
 login
!
!
end

R1#

 

Router2配置如下:

R2#
R2#show run
R2#show running-config 
Building configuration...

Current configuration : 1220 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$gOAL$ndDQoj62SMHClFj3RLkKB0
enable password 7 104D000A0618
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
!
!
ip cef    
!         
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!

!
!
!
!
interface FastEthernet0/0
 ip address 192.168.3.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial1/1
 ip address 192.168.1.2 255.255.255.0
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
 no dce-terminal-timing-enable
!
ip http server
no ip http secure-server
ip route 192.168.2.0 255.255.255.0 Serial1/1
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!         
banner motd ^C Welcome to connect to Router2 ^C
!
line con 0
 exec-timeout 0 0
 password 7 110A1016141D
 logging synchronous
 login
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 110A1016141D
 login
!
!
end

R2#

---------------------

R1用默认路由,R2用静态路由。它们可以相互Ping通


R1#
R1#
R1#ping 192.168.3.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/31/68 ms
R1#

ping 192.168.2.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/25/56 ms
R2#
======================================

从R2上telnet R1

R2#
R2#telnet 192.168.2.1
Trying 192.168.2.1 ... Open
 Welcome to connect to Router1

User Access Verification

Password: 
R1>enable
Password: 
R1#
R1#

----------------------------

显示当前特权级别 show privilege 
 R1#show privilege 
Current privilege level is 15
R1#
R1#


定义无用户名的特权登录密码

R1(config)#enable ?
  last-resort  Define enable action if no TACACS servers respond
  password     Assign the privileged level password
  secret       Assign the privileged level secret
  use-tacacs   Use TACACS to check enable passwords

R1(config)#enable secret ?
  0      Specifies an UNENCRYPTED password will follow
  5      Specifies an ENCRYPTED secret will follow
  LINE   The UNENCRYPTED (cleartext) 'enable' secret
  level  Set exec level password

R1(config)#enable secret 5 ?
  LINE  The ENCRYPTED 'enable' secret string

R1(config)#enable secret level ?
  <1-15>  Level number

R1(config)#enable secret level 5 builder 
R1(config)#

 

用级别5登录

R1>enable 5 
Password: 
R1#

R1#show privilege 
Current privilege level is 5
R1#

没有权限进不了配置模式

R1#configure terminal 
      ^
% Invalid input detected at '^' marker.

R1#

R1(config)#privilege exec level 5 configure terminal 
*Mar  1 01:06:54.035: %SYS-5-CONFIG_I: Configured from console by console
R1#disable 10 
R1#show privilege
Current privilege level is 10
R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#

R1(config)#interface s1/0 
           ^
% Invalid input detected at '^' marker.

R1(config)#

------------------------

定义有用户名的特权级别:

R1#
R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#username ?
  WORD  User name

R1(config)#username builder ?
  aaa                  AAA directive
  access-class         Restrict access by access-class
  autocommand          Automatically issue a command after the user logs in
  callback-dialstring  Callback dialstring
  callback-line        Associate a specific line with this callback
  callback-rotary      Associate a rotary group with this callback
  dnis                 Do not require password when obtained via DNIS
  nocallback-verify    Do not require authentication after callback
  noescape             Prevent the user from using an escape character
  nohangup             Do not disconnect after an automatic command
  nopassword           No password is required for the user to log in
  password             Specify the password for the user
  privilege            Set user privilege level
  secret               Specify the secret for the user
  user-maxlinks        Limit the user's number of inbound links
  view                 Set view name
  <cr>

R1(config)#username builder privilege ?
  <0-15>  User privilege level

R1(config)#username builder privilege 5 ?
  aaa                  AAA directive
  access-class         Restrict access by access-class
  autocommand          Automatically issue a command after the user logs in
  callback-dialstring  Callback dialstring
  callback-line        Associate a specific line with this callback
  callback-rotary      Associate a rotary group with this callback
  dnis                 Do not require password when obtained via DNIS
  nocallback-verify    Do not require authentication after callback
  noescape             Prevent the user from using an escape character
  nohangup             Do not disconnect after an automatic command
  nopassword           No password is required for the user to log in
  password             Specify the password for the user
  privilege            Set user privilege level
  secret               Specify the secret for the user
  user-maxlinks        Limit the user's number of inbound links
  view                 Set view name
  <cr>

R1(config)#username builder privilege 5 secret ?
  0     Specifies an UNENCRYPTED secret will follow
  5     Specifies a HIDDEN secret will follow
  LINE  The UNENCRYPTED (cleartext) user secret

R1(config)#username builder privilege 5 secret builder ?
LINE    <cr>

R1(config)#username builder privilege 5 secret builder 
R1(config)#

 

执行Show running-config命令就可能看到刚才新建的用户信息。

R1#show running-config

username builder privilege 5 secret 5 $1$Hdfr$/S4683jx9FpWbTI0aMtTR1

修改控制台和VTY登录方式为login local

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#line console 0
R1(config-line)#login local
R1(config-line)#line vty 0
R1(config-line)#login local 

R1(config-line)#end
R1#

----------------------

验证:

Press RETURN to get started.

Welcome to connect to Router1

User Access Verification

Username: builder
Password: 

R1#  

---配置主机列表:

R2(config)#ip host R1 192.168.2.1

R2#show hosts
Default domain is not set
Name/address lookup uses domain service
Name servers are 255.255.255.255

Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
       temp - temporary, perm - permanent
       NA - Not Applicable None - Not defined

Host                      Port  Flags      Age Type   Address(es)
R1                        None  (perm, OK)  0   IP    192.168.2.1
 
R2#

R2#connect R1 
Translating "R1"...domain server (255.255.255.255)
 (255.255.255.255)Trying R1 (192.168.2.1)... Open
 Welcome to connect to Router1

User Access Verification

Username: builder
Password: 

R1#show privilege 
Current privilege level is 5
R1#enable 
Password: 
R1#show privilege 
Current privilege level is 15
R1#





开发者免费试用
开发者免费试用

9:30开抢,每天限量100份.个人认证新用户绑定邮箱后...

立刻前往...
华为云容器引擎
华为云容器引擎

提供高可靠性的企业级容器应用管理服务,支持K8应用工具....

立刻前往...
阿里飞天加速计划
阿里飞天加速计划

高校学生免费领用ECS 2.5个月! 助力开发者全生命周...

立刻前往...
新用户专属大礼包
新用户专属大礼包

新客户无门槛领取总价值高达2860元代金券,先到先得。...

立刻前往...