Cisco Route/Switch Checklist

BobMeadBobMead Member Posts: 55 ■■■□□□□□□□
Anyone have a list on steps you do to support all Cisco devices you deploy. I'm trying to build a master list of best practices for router and switch deployment. Let me know what you would add as well. Now I know some commands may not be the best security practice but a list of options for Network Engineers to deploy & tshoot cisco installations.

Cisco Router Configuration Commands

[TH="width: 214"]Requirement[/TH]
[TH="width: 262"]Cisco Command[/TH]

Set a console password to cisco
Router(config)#line con 0
Router(config-line)#password cisco

Set a telnet password
Router(config)#line vty 0 4
Router(config-line)#password cisco

Stop console timing out
Router(config)#line con 0
Router(config-line)#exec-timeout 0 0

Set the enable password to cisco
Router(config)#enable password cisco

Set the enable secret password to peter. This password overrides the enable password and is encypted within the config file
Router(config)#enable secret peter

Enable an interface
Router(config-if)#no shutdown

To disable an interface

Set the clock rate for a router with a DCE cable to 64K
Router(config-if)clock rate 64000

Set a logical bandwidth assignment of 64K to the serial interface
Router(config-if)bandwidth 64
Note that the zeroes are not missing

To add an IP address to a interface
Router(config-if)#ip addr

To enable RIP on all 172.16.x.y interfaces
Router(config)#router rip

Disable RIP
Router(config)#no router rip

To enable IRGP with a AS of 200, to all interfaces
Router(config)#router igrp 200

Disable IGRP
Router(config)#no router igrp 200

Static route the remote network is, with a mask of, the next hop is, at a cost of 5 hops
Router(config)#ip route 5

Disable CDP for the whole router
Router(config)#no cdp run

Enable CDP for he whole router
Router(config)#cdp run

Disable CDP on an interface
Router(config-if)#no cdp enable

Press RETURN to get started



  • Dieg0MDieg0M Member Posts: 861
    IGRP icon_lol.gif, from what year are these "best practices"?
    Follow my CCDE journey at
  • IristheangelIristheangel CCIEx2 (Sec + DC), CCNP RS, CCNA V/S/R/DC, CISSP, CEH, MCSE 2003, A+/L+/N+/S+, and a lot more from m Pasadena, CAMod Posts: 4,133 Mod
    The IGRP one made me chuckle a little too.

    I would say that best practices should always include security if you can. Avoid telnet if you can and if you have to go that route, then create a local account and put login local under con and vty lines or use AAA.

    Same with the enable password. Just stick with enable secret.

    Don't even mention RIP. If I was making a **** sheet for newer engineers, I wouldn't want them thinking they have the option of using RIP. I would want them to forget they ever heard of RIP or IGRP.

    Might as well throw in EIGRP, OSPF, and BGP. I'd also mention that EIGRP performs auto-summarization and how to disable that. OSPF and areas. How to manually summarize for EIGRP and OSPF. Different stub types. How to perform secure authentication between IGPs. The basics of eBGP and iBGP, attributes, route filtering, etc. Redistribution basics. For legal purposes, how to configure banners on your equipment. Setting NTP, logging, SNMP traps, Netflow, DHCP, DNS, VTP transparent, NBAR, SVIs, Radius vs TACACS, DHCP snooping, IGMP snooping, STP, commonly used macros, Energywise, VLANs, etc.
    BS, MS, and CCIE #50931
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I think what you are looking for is something like the IOS Cookbook.
    An expert is a man who has made all the mistakes which can be made.
  • fredrikjjfredrikjj Member Posts: 879
    Have the intern plug in the switch and leave the rest to the controller.

    The future is now.
Sign In or Register to comment.