There are several commands on Cisco, I have tried to collect some effective commands:
Banner
conf t
banner motd #Unauthorized access to this device is prohibited!#
Password for console
conf t
(config)# line console 0
(config)# password yourpassword
(config)# login
Password for vty
conf t
(config)#line vty 0
(config)#password myvty0
(config)#login
Password for vty
conf t
(config)# line vty 1 4
(config)# password myvty
(config)# login
Secure access for previlage mode
conf t
(config)# enable password yourpassword
(config)# enable secret Mysecretpasword //encrypted
Secure all password
conf t
(config)#service password-encryption
Creating Vlans
conf t
(config)# int vlan1
(config)# ip address 192.168.1.2. 255.255.255.0
(config)# no shut
(config)# do wr
Default Gateway
conf t
(config)# ip default-gateway 192.168.1.1
(config)# no shut
(config)# do wr
Speed Control
conf t
(config)#int f0/2
(config)#speed 100
(config)#duplex full
Port Security
conf t
(config)# int fa0/2
(config)# switchport mode access
(config)# switchport port-security mac-address sticky
(config)# switchport port-security maximum 1
(config)# switchport port-security violation shutdown
Useful command for port security
show port-security address
show port-security in fa0/2
Create Vlan
conf t
(config)# vlan 100
(config)# name wireless
show vlan brief
Access port to Vlan
conf t
(config)# int fa0/3
(config)# switchport access vlan 100
Range of port to Vlan
conf t
(config)# int range fa0/5-9
(config)# switchport access vlan 200
Trunk
Trunk is a port which is not member of any vlans
conf t
(config)# int f0/24
(config)# switchport mode trunk
Trunk Useful Command
show int trunk
Show command
show mac-address-table ( shows mac switch)
sh running-config //config stored in RAM
sh startup-config //config stored in NVRAM
sh flash // display memory flash
sh version // all info about device
erase startup-config //erase router config completely
Static Routing
Recursive
(Destination Network) (Subnet mask) (next hub(enter))
Direct
(Destination Network) (Subnet mask) (exit interface)
ip route 192.168.3.0 255.255.255.0 serial0/0/0
Access List
conf t
(config)# ip access-list extended 100
(config)# deny tcp host 172.16.1.2 any eq 80
(config)# permit tcp host 172.16.1.2 any eq telnet
(config)# permit ip any any
(config)# exit
(config)# int f0/0
(config)# ip access-group 100 inbound
conf t
(config)# ip access-list extended Nohttp
(config)# deny tcp 172.16.1.2 0.0.0.0 any eq www
(config)# permit tcp any any
(config)# exit
(config)# int f0/0
(config)# ip access-group Nohttp inbound