Table Of Contents

Configuration Fundamentals and Network Management Commands

absolute

activation-character

alias

alias (boomerang)

announce config

async-bootp

atm-slm statistics

attach

autobaud

banner exec

banner incoming

banner login

banner motd

banner slip-ppp

boot

boot bootldr

boot bootstrap

boot buffersize

boot config

boot host

boot network

boot system

boot-end-marker

boot-start-marker

buckets-of-history-kept

buffer-length

buffers

buffers element permanent

buffers huge size

calendar set

cd

cdp advertise-v2

cdp enable

cdp holdtime

cdp log mismatch duplex

cdp run

cdp source-interface

cdp timer

clear cdp counters

clear cdp table

clear cns config stats

clear cns counters

clear cns event stats

clear cns image connections

clear cns image status

clear logging

clear logging xml

clear parser cache

clear saa apm cache

clear tcp

clear xsm

cli

cli (cns)

clock calendar-valid

clock read-calendar

clock set

clock summer-time

clock timezone

Configuration Fundamentals and Network Management Commands

---

absolute

To specify an absolute time when a time range is in effect, use the absolute command in time-range configuration mode. To remove the time limitation, use the no form of this command.

absolute [start time date] [end time date]

no absolute

Syntax Description

start time date

(Optional) Absolute time and date that the permit or deny statement of the associated access list starts going into effect. The time is expressed in 24-hour notation, in the form of hours:minutes. For example, 8:00 is 8:00 a.m. and 20:00 is 8:00 p.m. The date is expressed in the format day month year. The minimum start is 00:00 1 January 1993. If no start time and date are specified, the permit or deny statement is in effect immediately.

end time date

(Optional) Absolute time and date that the permit or deny statement of the associated access list is no longer in effect. Same time and date format as described for the start keyword. The end time and date must be after the start time and date. The maximum end time is 23:59 31 December 2035. If no end time and date are specified, the associated permit or deny statement is in effect indefinitely.

Defaults

There is no absolute time when the time range is in effect.

Command Modes

Time-range configuration

Command History

Release	Modification
12.0(1)T	This command was introduced.

Usage Guidelines

Time ranges are used by IP and Internetwork Packet Exchange (IPX) extended access lists. For more information on using these functions, see the Cisco IOS IP Configuration Guide and the Cisco IOS AppleTalk and Novell IPX Configuration Guide. Time ranges are applied to the permit or deny statements found in these access lists.

The absolute command is one way to specify when a time range is in effect. Another way is to specify a periodic length of time with the periodic command. Use either of these commands after the time-range command, which enables time-range configuration mode and specifies a name for the time range. Only one absolute entry is allowed per time-range command.

If a time-range command has both absolute and periodic values specified, then the periodic items are evaluated only after the absolute start time is reached, and are not further evaluated after the absolute end time is reached.

---

Note All time specifications are interpreted as local time. To ensure that the time range entries take effect at the desired times, the software clock should be synchronized using the Network Time Protocol (NTP), or some other authoritative time source. For more information, refer to the "Performing Basic System Management" chapter of the Cisco IOS Configuration Fundamentals Configuration Guide.

---

Examples

The following example configures an access list named northeast, which references a time range named xyz. The access list and time range together permit traffic on Ethernet interface 0 starting at noon on January 1, 2001 and going forever.

time-range xyz

 absolute start 12:00 1 January 2001

!

ip access-list extended northeast

 permit ip any any time-range xyz

!

interface ethernet 0

 ip access-group northeast in

The following example permits UDP traffic until noon on December 31, 2000. After that time, UDP traffic is no longer allowed out Ethernet interface 0.

time-range abc

 absolute end 12:00 31 December 2000

!

ip access-list extended northeast

 permit udp any any time-range abc

!

interface ethernet 0

 ip access-group northeast out

The following example permits UDP traffic out Ethernet interface 0 on weekends only, from 8:00 a.m. on January 1, 1999 to 6:00 p.m. on December 31, 2001:

time-range test

 absolute start 8:00 1 January 1999 end 18:00 31 December 2001 
 periodic weekends 00:00 to 23:59

!

ip access-list extended northeast

 permit udp any any time-range test

!

interface ethernet 0

 ip access-group northeast out

Related Commands

Command	Description
deny	Sets conditions under which a packet does not pass a named access list.
periodic	Specifies a recurring (weekly) start and end time for a time range.
permit	Sets conditions under which a packet passes a named access list.
time-range	Enables time-range configuration mode and names a time range definition.

activation-character

To define the character you enter at a vacant terminal to begin a terminal session, use the activation-character command in line configuration mode. To make any character activate a terminal, use the no form of this command.

activation-character ascii-number

no activation-character

Syntax Description

ascii-number

Decimal representation of the activation character.

Defaults

Return (decimal 13)

Command Modes

Line configuration

Command History

Release	Modification
10.0	This command was introduced.

Usage Guidelines

See the "ASCII Character Set and Hex Values" appendix for a list of ASCII characters.

---

Note If you are using the autoselect function, set the activation character to the default, Return, and exec-character-bits to 7. If you change these defaults, the application will not recognize the activation request.

---

Examples

The following example sets the activation character for the console to Delete, which is decimal character 127:

Router(config)# line console

Router(config-line)# activation-character 127

alias

To create a command alias, use the alias command in global configuration mode. To delete all aliases in a command mode or to delete a specific alias, and to revert to the original command syntax, use the no form of this command.

alias mode command-alias original-command

no alias mode [command-alias]

Syntax Description

mode	Command mode of the original and alias commands.
command-alias	Command alias.
original-command	Original command syntax.

Defaults

A set of six basic EXEC mode aliases are enabled by default. See the "Usage Guidelines" section of this command for a list of default aliases.

Command Modes

Global configuration

Command History

Release	Modification
10.3	This command was introduced.

Usage Guidelines

You can use simple words or abbreviations as command aliases.

Table 5 lists the basic EXEC mode aliases that are enabled by default.

Table 5 Default Command Aliases

Command Alias	Original Command
h	help
lo	logout
p	ping
r	resume
s	show
w	where

The default aliases in Table 5 are predefined. These default aliases can be disabled with the no alias exec command.

Common keyword aliases (which cannot be disabled) include running-config (keyword alias for system:running-config) and startup-config (keyword alias for nvram:startup-config). See the description of the copy command for more information about these keyword aliases.

Note that aliases can be configured for keywords instead of entire commands. You can create, for example, an alias for the first part of any command and still enter the additional keywords and arguments as normal.

To determine the value for the mode argument, enter the command mode in which you would issue the original command (and in which you will issue the alias) and enter the ? command. The name of the command mode should appear at the top of the list of commands. For example, the second line in the following sample output shows the name of the command mode as "Interface configuration":

Router# configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)# interface e0

Router(config-if)# ?

Interface configuration commands:

  access-expression       Build a bridge boolean access expression

 .

 .

 .

To match the name of the command mode to the acceptable mode keyword for the alias command, issue the alias ? command. As shown in the following sample output, the keyword needed to create a command alias for the access-expression command is interface:

Router(config)# alias ?

  accept-dialin          VPDN group accept dialin configuration mode

  accept-dialout         VPDN group accept dialout configuration mode

  address-family         Address Family configuration mode

  call-discriminator     Call Discriminator Configuration

  cascustom              Cas custom configuration mode

  clid-group             CLID group configuration mode

  configure              Global configuration mode

  congestion             Frame Relay congestion configuration mode

  controller             Controller configuration mode

  cptone-set             custom call progress tone configuration mode

  customer-profile       customer profile configuration mode

  dhcp                   DHCP pool configuration mode

  dnis-group             DNIS group configuration mode

  exec                   Exec mode

  flow-cache             Flow aggregation cache config mode

  fr-fr                  FR/FR connection configuration mode

  interface              Interface configuration mode

 .

 .

 .

Router(config)# alias interface express access-expression

For a list of command modes with descriptions and references to related documentation, refer to the "Cisco IOS Command Modes" appendix of the Cisco IOS Configuration Fundamentals Configuration Guide.

When you use online help, command aliases are indicated by an asterisk (*), and displayed in the following format:

*command-alias=original-command

For example, the lo command alias is shown here along with other EXEC mode commands that start with "lo":

Router# lo?

*lo=logout  lock  login  logout 

When you use online help, aliases that contain multiple keyword elements separated by spaces are displayed in quotes, as shown here:

Router(config)#alias exec device-mail telnet device.cisco.com 25

Router(config)#end

Router#device-mail?

*device-mail="telnet device.cisco.com 25" 

To list only commands and omit aliases, begin your input line with a space. In the following example, the alias td is not shown, because there is a space before the t? command line.

Router(config)#alias exec td telnet device

Router(config)#end

Router# t?

telnet terminal test tn3270 trace

To circumvent command aliases, use a space before entering the command. In the following example, the command alias express is not recognized because a space is used before the command.

Router(config-if)#exp?

*express=access-expression 

Router(config-if)# express ? 

% Unrecognized command 

As with commands, you can use online help to display the arguments and keywords that can follow a command alias. In the following example, the alias td is created to represent the command telnet device. The /debug and /line switches can be added to telnet device to modify the command:

Router(config)#alias exec td telnet device

Router(config)#end

Router#td ?

      /debug     Enable telnet debugging mode

      /line      Enable telnet line mode

      ...

      whois      Whois port

      <cr>

Router# telnet device 

You must enter the complete syntax for the command alias. Partial syntax for aliases is not accepted. In the following example, the parser does not recognize the command t as indicating the alias td:

Router# t 

% Ambiguous command: "t"

Examples

In the following example, the alias fixmyrt is configured for the clear iproute 192.168.116.16 EXEC mode command:

Router(config)#alias exec fixmyrt clear ip route 192.168.116.16

In the following example, the alias express is configured for the first part of the access-expression interface configuration command:

Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#interface e0

Router(config-if)#?

Interface configuration commands:

  access-expression        Build a bridge boolean access expression

  .

  .

  .

Router(config-if)#exit

Router(config)#alias ?

  accept-dialin         VPDN group accept dialin configuration mode

  accept-dialout        VPDN group accept dialout configuration mode

  address-family        Address Family configuration mode

  call-discriminator    Call Discriminator Configuration

  cascustom             Cas custom configuration mode

  clid-group            CLID group configuration mode

  configure             Global configuration mode

  congestion            Frame Relay congestion configuration mode

  controller            Controller configuration mode

  cptone-set            custom call progress tone configuration mode

  customer-profile      customer profile configuration mode

  dhcp                  DHCP pool configuration mode

  dnis-group            DNIS group configuration mode

  exec                  Exec mode

  flow-cache            Flow aggregation cache config mode

  fr-fr                 FR/FR connection configuration mode

  interface             Interface configuration mode

 .

 .

 .

Router(config)#alias interface express access-expression

Router(config)#int e0

Router(config-if)#exp?

*express=access-expression  

Router(config-if)#express ?

  input   Filter input packets

  output   Filter output packets

!Note that the true form of the command/keyword alias appears on the screen after issuing

!the express ? command.

Router(config-if)#access-expression ?

  input   Filter input packets

  output  Filter output packets

Router(config-if)#ex?

*express=access-expression  exit  

!Note that in the following line, a space is used before the ex? command

!so the alias is not displayed.

Router(config-if)# ex?

exit

!Note that in the following line, the alias cannot be recognized because

!a space is used before the command.

Router#(config-if)# express ?

% Unrecognized command

Router(config-if)# end 

Router# show alias interface

Interface configuration mode aliases:

  express               access-expression

Related Commands

Command	Description
show aliases	Displays command aliases.

alias (boomerang)

To configure an alias name for a specified domain, use the alias command in boomerang configuration mode. To remove this command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.

alias alias-name

no alias alias-name

Syntax Description

alias-name

Alias name for a specified domain.

Defaults

No domain name alias is configured.

Command Modes

Boomerang configuration

Command History

Release	Modification
12.2(8)T	This command was introduced.

Usage Guidelines

The alias command can be used only on a Director Response Protocol (DRP) agent. The boomerang client is the DRP agent.

Use the alias command to specify one or more alias names for an existing domain. Because the boomerang client maintains separate counters for requests received for each domain name (alias or otherwise), use the show ip drp boomerang command to view these counters for a specified domain name and each of its aliases.

Examples

In the following example, the domain name alias is configured for www.boom1.com. The new alias for www.boom1.com is www.boom2.com:

Router(config)#  ip drp domain www.boom1.com

Router(config-boomerang)# alias www.boom2.com

Router# show running-config

.

.

.

ip drp domain www.boom1.com

alias www.boom2.com

Related Commands

Command	Description
ip drp domain	Adds a new domain to the DistributedDirector client or configures an existing domain and puts the client in boomerang configuration mode.
server (boomerang)	Configures the server address for a specified boomerang domain.
show ip drp	Displays DRP statistics on DistributedDirector or a DRP server agent.
show ip drp boomerang	Displays boomerang information on the DRP agent.
ttl dns	Configures the number of seconds for which an answer received from the boomerang client will be cached by the DNS client.
ttl ip	Configures the IP TTL value for the boomerang response packets sent from the boomerang client to the DNS client in number of hops.

announce config

To specify that an unsolicited configuration inventory is sent out by the CNS inventory agent at bootup, use the announce config command in CNS inventory configuration mode. To disable the sending of the configuration inventory, use the no form of this command.

announce config

no announce config

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

CNS inventory configuration

Command History

Release	Modification
12.3(1)	This command was introduced.

Usage Guidelines

Use this command to limit inventory requests by the CNS inventory agent. When configured, the routing device details will be announced on the CNS Event Bus, but the routing device will not respond to any queries from the CNS Event Bus.

Examples

The following example shows how to configure the CNS inventory agent to send out an unsolicited configuration inventory one time only at bootup:

Router(config)# cns inventory 

Router(cns_inv)# announce config 

Related Commands

Command	Description
cns inventory	Enables the CNS inventory agent and enters CNS inventory configuration mode.

async-bootp

To configure extended BOOTP requests for asynchronous interfaces as defined in RFC 1084, use the async-bootp command in global configuration mode. To restore the default, use the no form of this command.

async-bootp tag [:hostname] data

no async-bootp

Syntax Description

tag	Item being requested; expressed as filename, integer, or IP dotted decimal address. See Table 6 for possible keywords.
:hostname	(Optional) This entry applies only to the specified host. The :hostname argument accepts both an IP address and a logical host name.
data	List of IP addresses entered in dotted decimal notation or as logical host names, a number, or a quoted string.

Table 6 tag Keyword Options 

Keyword	Description
bootfile	Specifies use of a server boot file from which to download the boot program. Use the optional :hostname argument and the data argument to specify the filename.
subnet-mask mask	Dotted decimal address specifying the network and local subnetwork mask (as defined by RFC 950).
time-offset offset	Signed 32-bit integer specifying the time offset of the local subnetwork in seconds from Coordinated Universal Time (UTC).
gateway address	Dotted decimal address specifying the IP addresses of gateways for this subnetwork. A preferred gateway should be listed first.
time-server address	Dotted decimal address specifying the IP address of time servers (as defined by RFC 868).
IEN116-server address	Dotted decimal address specifying the IP address of name servers (as defined by IEN 116).
nbns-server address	Dotted decimal address specifying the IP address of Windows NT servers.
DNS-server address	Dotted decimal address specifying the IP address of domain name servers (as defined by RFC 1034).
log-server address	Dotted decimal address specifying the IP address of an MIT-LCS UDP log server.
quote-server address	Dotted decimal address specifying the IP address of Quote of the Day servers (as defined in RFC 865).
lpr-server address	Dotted decimal address specifying the IP address of Berkeley UNIX Version 4 BSD servers.
impress-server address	Dotted decimal address specifying the IP address of Impress network image servers.
rlp-server address	Dotted decimal address specifying the IP address of Resource Location Protocol (RLP) servers (as defined in RFC 887).
hostname name	The name of the client, which may or may not be domain qualified, depending upon the site.
bootfile-size value	A two-octet value specifying the number of 512-octet (byte) blocks in the default boot file.

Defaults

If no extended BOOTP commands are entered, the Cisco IOS software generates a gateway and subnet mask appropriate for the local network.

Command Modes

Global configuration

Command History

Release	Modification
10.0	This command was introduced.

Usage Guidelines

Use the show async-bootp EXEC command to list the configured parameters. Use the no async-bootp command to clear the list.

Examples

The following example illustrates how to specify different boot files: one for a PC, and one for a Macintosh. With this configuration, a BOOTP request from the host on 172.30.1.1 results in a reply listing the boot filename as pcboot. A BOOTP request from the host named "mac" results in a reply listing the boot filename as "macboot."

async-bootp bootfile :172.30.1.1 "pcboot"

async-bootp bootfile :mac "macboot"

The following example specifies a subnet mask of 255.255.0.0:

async-bootp subnet-mask 255.255.0.0

The following example specifies a negative time offset of the local subnetwork of 3600 seconds:

async-bootp time-offset -3600

The following example specifies the IP address of a time server:

async-bootp time-server 172.16.1.1

Related Commands

Command	Description
show async bootp	Displays the extended BOOTP request parameters that have been configured for asynchronous interfaces.

atm-slm statistics

To enable the Service Assurance Agent (SAA) ATM Service Level Monitoring (SLM) feature, use the atm-slm statistics command in global configuration mode. To disable ATM SLM, use the no form of this command.

atm-slm statistics

no atm-slm statistics

Syntax Description

This command has no arguments or keywords.

Defaults

ATM Service Level Monitoring is disabled.

Command Modes

Global configuration mode

Command History

Release	Modification
12.2(11)T	This command was introduced.

Usage Guidelines

To generate and retrieve performance statistics for ATM services using SAA, the ATM SLM feature must first be enabled on the device using the atm-slm statistics global configuration command. (Note that these performance statistics can be retrieved by other applications such as CNS or Visual Uptime.) If this command is not used, SAA SLM operations (type slm atm pvc, type slm atm interface, or type slm controller) cannot be configured on the system.

Disabling the ATM SLM feature with the no atm-slm statistics command will cause any currently configured SAA SLM operations to be removed from the configuration. When ATM SLM is disabled, no CNS/XML requests are processed.

Examples

In the following example, the ATM SLM feature is enabled before an SAA SLM operation is configured for ATM interface 0/1:

Router(config)# atm-slm statistics

Router(config)# rtr 1

Router(config-rtr)# type slm atm interface ATM0/1

Router(config-rtr-slm)# enhanced-history interval 900 buckets 100

Router(config-rtr-slm)# exit

Router(config)# rtr schedule 1 start-time now life forever

Related Commands

Command	Description
type slm atm pvc	Specifies that the operation is an SAA SLM ATM Circuit operation.
type slm atm interface	Specifies that the operation is an SAA SLM ATM Interface operation.
type slm controller	Specifies that the operation is an SAA SLM ATM or Frame Relay Controller operation.

attach

To connect to a specific line card for the purpose of executing monitoring and maintenance commands on that line card only, use the attach command in privileged EXEC mode. To exit from the Cisco IOS software image on the line card and return to the Cisco IOS image on the giabit route processor (GRP), use the exit command.

attach slot-number

Syntax Description

slot-number

Slot number of the line card you want to connect to. Slot numbers range from 0 to 11 for the Cisco 12012 router and 0 to 7 for the Cisco 12008 router. If the slot number is omitted, you are prompted for the slot number.

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release	Modification
11.2 GS	This command was introduced for the Cisco 12000 series.

Usage Guidelines

You must first use the attach privileged EXEC command to access the Cisco IOS software image on a line card before using line card-specific show EXEC commands. Alternatively, you can use the execute-on privileged EXEC command to execute a show command on a specific line card.

After you connect to the Cisco IOS image on the line card using the attach command, the prompt changes to LC-Slotx#, where x is the slot number of the line card.

The commands executed on the line card use the Cisco IOS image on that line card.

You can also use the execute-on slot privileged EXEC command to execute commands on one or all line cards.

---

Note Do not execute the config EXEC command from the Cisco IOS software image on the line card.

---

Examples

In the following example, the user connects to the Cisco IOS image running on the line card in slot 9, gets a list of valid show commands, and returns the Cisco IOS image running on the GRP:

Router# attach 9

Entering Console for 4 Port Packet Over SONET OC-3c/STM-1 in Slot: 9

Type exit to end this session

Press RETURN to get started!

LC-Slot9# show ?

  cef       Cisco Express Forwarding

  clock     Display the system clock

  context   Show context information about recent crash(s)

  history   Display the session command history

  hosts     IP domain-name, lookup style, nameservers, and host table

  ipc       Interprocess communications commands

  location  Display the system location

  sessions  Information about Telnet connections

  terminal  Display terminal configuration parameters

  users     Display information about terminal lines

  version   System hardware and software status

LC-Slot9# exit

Disconnecting from slot 9.

Connection Duration: 00:01:04

Router# 

---

Note Because not all statistics are maintained on the line cards, the output from some of the show commands might not be consistent.

---

Related Commands

Command	Description
attach shelf	Connects you to a specific (managed) shelf for the purpose of remotely executing commands on that shelf only.
execute-on slot	Executes commands remotely on a specific line card, or on all line cards simultaneously.

autobaud

To set the line for automatic baud rate detection (autobaud), use the autobaud command in line configuration mode. To disable automatic baud detection, use the no form of this command.

autobaud

no autobaud

Syntax Description

This command has no arguments or keywords.

Defaults

Autobaud detection is disabled. Fixed speed of 9600 bps.

Command Modes

Line configuration

Command History

Release	Modification
10.0	This command was introduced.

Usage Guidelines

The autobaud detection supports a range from 300 to 19200 baud. A line set for autobaud cannot be used for outgoing connections, nor can you set autobaud capability on a line using 19200 baud when the parity bit is set (because of hardware limitations).

---

Note Automatic baud rate detection must be disabled by using the no autobaud command prior to entering the rxspeed, speed, or txspeed commands.

---

Examples

In the following example, the auxiliary port is configured for autobaud detection:

Router(config)# line aux 

Router(config-line)# autobaud

banner exec

To specify and enable a message to be displayed when an EXEC process is created (an EXEC banner), use the banner exec command in global configuration mode. To delete the existing EXEC banner, use the no form of this command.

banner exec d message d

no banner exec

Syntax Description

d	Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
message	Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 7.

Defaults

Disabled (no EXEC banner is displayed).

Command Modes

Global configuration

Command History

Release	Modification
10.0	This command was introduced.
11.3(7.5)AA	Token functionality was introduced.
12.0(3)T	Token functionality was integrated into Cisco IOS Release 12.0(3)T.

Usage Guidelines

This command specifies a message to be displayed when an EXEC process is created (a line is activated, or an incoming connection is made to a vty). Follow this command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.

When a user connects to a router, the message-of-the-day (MOTD) banner appears first, followed by the login banner and prompts. After the user logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.

To disable the EXEC banner on a particular line or lines, use the no exec-banner line configuration command.

To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 7.

Table 7 banner exec Tokens 

Token	Information Displayed in the Banner
$(hostname)	Displays the host name for the router.
$(domain)	Displays the domain name for the router.
$(line)	Displays the vty or tty (asynchronous) line number.
$(line-desc)	Displays the description attached to the line.

Examples

The following example sets an EXEC banner that uses tokens. The percent sign (%) is used as a delimiting character. Notice that the $(token) syntax is replaced by the corresponding configuration variable.

Router(config)# banner exec %

Enter TEXT message.  End with the character '%'.

Session activated on line $(line), $(line-desc). Enter commands at the prompt. 

% 

When a user logs on to the system, the following output is displayed:

User Access Verification

Username: joeuser

Password: <password>

 Session activated on line 50, vty default line. Enter commands at the prompt.

Router>

Related Commands

Command	Description
banner incoming	Defines a customized banner to be displayed when there is an incoming connection to a terminal line from a host on the network.
banner login	Defines a customized banner to be displayed before the username and password login prompts.
banner motd	Defines a customized message-of-the-day banner.
banner slip-ppp	Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.
exec-banner	Controls (enables or disables) the display of EXEC banners and message-of-the-day banners on a specified line or lines.

banner incoming

To define and enable a banner to be displayed when there is an incoming connection to a terminal line from a host on the network, use the banner incoming command in global configuration mode. To delete the incoming connection banner, use the no form of this command.

banner incoming d message d

no banner incoming

Syntax Description

d	Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
message	Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 8.

Defaults

Disabled (no incoming banner is displayed).

Command Modes

Global configuration

Command History

Release	Modification
10.0	This command was introduced.
11.3(7.5)AA	Token functionality was introduced.
12.0(3)T	Token functionality was integrated into Cisco IOS Release 12.0(3)T.

Usage Guidelines

Follow the banner incoming command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.

An incoming connection is one initiated from the network side of the router. Incoming connections are also called reverse Telnet sessions. These sessions can display MOTD banners and incoming banners, but they do not display EXEC banners. Use the no motd-banner line configuration command to disable the MOTD banner for reverse Telnet sessions on asynchronous lines.

When a user connects to the router, the message-of-the-day (MOTD) banner (if configured) appears first, before the login prompt. After the user successfully logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.

Incoming banners cannot be suppressed. If you do not want the incoming banner to appear, you must delete it with the no banner incoming command.

To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 8.

Table 8 banner incoming Tokens

Token	Information Displayed in the Banner
$(hostname)	Displays the host name for the router.
$(domain)	Displays the domain name for the router.
$(line)	Displays the vty or tty (asynchronous) line number.
$(line-desc)	Displays the description attached to the line.

Examples

The following example sets an incoming connection banner. The pound sign (#) is used as a delimiting character.

Router(config)# banner incoming #

This is the Reuses router.

#

The following example sets an incoming connection banner that uses several tokens. The percent sign (%) is used as a delimiting character.

darkstar(config)# banner incoming %

Enter TEXT message.  End with the character '%'.

You have entered $(hostname).$(domain) on line $(line) ($(line-desc)) %

When the incoming connection banner is executed, the user will see the following banner. Notice that the $(token) syntax is replaced by the corresponding configuration variable.

You have entered darkstar.ourdomain.com on line 5 (Dialin Modem)

Related Commands

Command	Description
banner exec	Defines a customized banner to be displayed whenever the EXEC process is initiated.
banner login	Defines a customized banner to be displayed before the username and password login prompts.
banner motd	Defines a customized message-of-the-day banner.
banner slip-ppp	Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.

banner login

To define and enable a customized banner to be displayed before the username and password login prompts, use the banner login command in global configuration mode. To disable the login banner, use no form of this command.

banner login d message d

no banner login

Syntax Description

d	Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
message	Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 9.

Defaults

Disabled (no login banner is displayed).

Command Modes

Global configuration

Command History

Release	Modification
10.0	This command was introduced.
11.3(7.5)AA	Token functionality was introduced.
12.0(3)T	Token functionality was integrated into Cisco IOS Release 12.0(3)T.

Usage Guidelines

Follow the banner login command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.

When a user connects to the router, the message-of-the-day (MOTD) banner (if configured) appears first, followed by the login banner and prompts. After the user successfully logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.

To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 9.

Table 9 banner login Tokens 

Token	Information Displayed in the Banner
$(hostname)	Displays the host name for the router.
$(domain)	Displays the domain name for the router.
$(line)	Displays the vty or tty (asynchronous) line number.
$(line-desc)	Displays the description attached to the line.

Examples

The following example sets a login banner. Double quotes (") are used as the delimiting character.

Router# banner login " Access for authorized users only. Please enter your username and 
password. "

The following example sets a login banner that uses several tokens. The percent sign (%) is used as the delimiting character.

darkstar(config)# banner login %

Enter TEXT message. End with the character '%'.

You have entered $(hostname).$(domain) on line $(line) ($(line-desc)) %

When the login banner is executed, the user will see the following banner. Notice that the $(token) syntax is replaced by the corresponding configuration variable.

You have entered darkstar.ourdomain.com on line 5 (Dialin Modem)

Related Commands

Command	Description
banner exec	Defines a customized banner to be displayed whenever the EXEC process is initiated.
banner incoming	Defines a customized message to be displayed when there is an incoming connection to a terminal line from a host on the network.
banner motd	Defines a customized message-of-the-day banner.
banner slip-ppp	Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.

banner motd

To define and enable a message-of-the-day (MOTD) banner, use the banner motd command in global configuration mode. To delete the MOTD banner, use the no form of this command.