Table Of Contents
Configuration Fundamentals and Network Management Commands
absolute
activation-character
alias
alias (boomerang)
announce config
async-bootp
atm-slm statistics
attach
autobaud
banner exec
banner incoming
banner login
banner motd
banner slip-ppp
boot
boot bootldr
boot bootstrap
boot buffersize
boot config
boot host
boot network
boot system
boot-end-marker
boot-start-marker
buckets-of-history-kept
buffer-length
buffers
buffers element permanent
buffers huge size
calendar set
cd
cdp advertise-v2
cdp enable
cdp holdtime
cdp log mismatch duplex
cdp run
cdp source-interface
cdp timer
clear cdp counters
clear cdp table
clear cns config stats
clear cns counters
clear cns event stats
clear cns image connections
clear cns image status
clear logging
clear logging xml
clear parser cache
clear saa apm cache
clear tcp
clear xsm
cli
cli (cns)
clock calendar-valid
clock read-calendar
clock set
clock summer-time
clock timezone
Configuration Fundamentals and Network Management Commands
absolute
To specify an absolute time when a time range is in effect, use the absolute command in time-range configuration mode. To remove the time limitation, use the no form of this command.
absolute [start time date] [end time date]
no absolute
Syntax Description
start time date
|
(Optional) Absolute time and date that the permit or deny statement of the associated access list starts going into effect. The time is expressed in 24-hour notation, in the form of hours:minutes. For example, 8:00 is 8:00 a.m. and 20:00 is 8:00 p.m. The date is expressed in the format day month year. The minimum start is 00:00 1 January 1993. If no start time and date are specified, the permit or deny statement is in effect immediately.
|
end time date
|
(Optional) Absolute time and date that the permit or deny statement of the associated access list is no longer in effect. Same time and date format as described for the start keyword. The end time and date must be after the start time and date. The maximum end time is 23:59 31 December 2035. If no end time and date are specified, the associated permit or deny statement is in effect indefinitely.
|
Defaults
There is no absolute time when the time range is in effect.
Command Modes
Time-range configuration
Command History
Release
|
Modification
|
12.0(1)T
|
This command was introduced.
|
Usage Guidelines
Time ranges are used by IP and Internetwork Packet Exchange (IPX) extended access lists. For more information on using these functions, see the Cisco IOS IP Configuration Guide and the Cisco IOS AppleTalk and Novell IPX Configuration Guide. Time ranges are applied to the permit or deny statements found in these access lists.
The absolute command is one way to specify when a time range is in effect. Another way is to specify a periodic length of time with the periodic command. Use either of these commands after the time-range command, which enables time-range configuration mode and specifies a name for the time range. Only one absolute entry is allowed per time-range command.
If a time-range command has both absolute and periodic values specified, then the periodic items are evaluated only after the absolute start time is reached, and are not further evaluated after the absolute end time is reached.
Note
All time specifications are interpreted as local time. To ensure that the time range entries take effect at the desired times, the software clock should be synchronized using the Network Time Protocol (NTP), or some other authoritative time source. For more information, refer to the "Performing Basic System Management" chapter of the Cisco IOS Configuration Fundamentals Configuration Guide.
Examples
The following example configures an access list named northeast, which references a time range named xyz. The access list and time range together permit traffic on Ethernet interface 0 starting at noon on January 1, 2001 and going forever.
absolute start 12:00 1 January 2001
ip access-list extended northeast
permit ip any any time-range xyz
ip access-group northeast in
The following example permits UDP traffic until noon on December 31, 2000. After that time, UDP traffic is no longer allowed out Ethernet interface 0.
absolute end 12:00 31 December 2000
ip access-list extended northeast
permit udp any any time-range abc
ip access-group northeast out
The following example permits UDP traffic out Ethernet interface 0 on weekends only, from 8:00 a.m. on January 1, 1999 to 6:00 p.m. on December 31, 2001:
absolute start 8:00 1 January 1999 end 18:00 31 December 2001
periodic weekends 00:00 to 23:59
ip access-list extended northeast
permit udp any any time-range test
ip access-group northeast out
Related Commands
Command
|
Description
|
deny
|
Sets conditions under which a packet does not pass a named access list.
|
periodic
|
Specifies a recurring (weekly) start and end time for a time range.
|
permit
|
Sets conditions under which a packet passes a named access list.
|
time-range
|
Enables time-range configuration mode and names a time range definition.
|
activation-character
To define the character you enter at a vacant terminal to begin a terminal session, use the activation-character command in line configuration mode. To make any character activate a terminal, use the no form of this command.
activation-character ascii-number
no activation-character
Syntax Description
ascii-number
|
Decimal representation of the activation character.
|
Defaults
Return (decimal 13)
Command Modes
Line configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
Usage Guidelines
See the "ASCII Character Set and Hex Values" appendix for a list of ASCII characters.
Note
If you are using the autoselect function, set the activation character to the default, Return, and exec-character-bits to 7. If you change these defaults, the application will not recognize the activation request.
Examples
The following example sets the activation character for the console to Delete, which is decimal character 127:
Router(config)# line console
Router(config-line)# activation-character 127
alias
To create a command alias, use the alias command in global configuration mode. To delete all aliases in a command mode or to delete a specific alias, and to revert to the original command syntax, use the no form of this command.
alias mode command-alias original-command
no alias mode [command-alias]
Syntax Description
mode
|
Command mode of the original and alias commands.
|
command-alias
|
Command alias.
|
original-command
|
Original command syntax.
|
Defaults
A set of six basic EXEC mode aliases are enabled by default. See the "Usage Guidelines" section of this command for a list of default aliases.
Command Modes
Global configuration
Command History
Release
|
Modification
|
10.3
|
This command was introduced.
|
Usage Guidelines
You can use simple words or abbreviations as command aliases.
Table 5 lists the basic EXEC mode aliases that are enabled by default.
Table 5 Default Command Aliases
Command Alias
|
Original Command
|
h
|
help
|
lo
|
logout
|
p
|
ping
|
r
|
resume
|
s
|
show
|
w
|
where
|
The default aliases in Table 5 are predefined. These default aliases can be disabled with the no alias exec command.
Common keyword aliases (which cannot be disabled) include running-config (keyword alias for system:running-config) and startup-config (keyword alias for nvram:startup-config). See the description of the copy command for more information about these keyword aliases.
Note that aliases can be configured for keywords instead of entire commands. You can create, for example, an alias for the first part of any command and still enter the additional keywords and arguments as normal.
To determine the value for the mode argument, enter the command mode in which you would issue the original command (and in which you will issue the alias) and enter the ? command. The name of the command mode should appear at the top of the list of commands. For example, the second line in the following sample output shows the name of the command mode as "Interface configuration":
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface e0
Interface configuration commands:
access-expression Build a bridge boolean access expression
To match the name of the command mode to the acceptable mode keyword for the alias command, issue the alias ? command. As shown in the following sample output, the keyword needed to create a command alias for the access-expression command is interface:
accept-dialin VPDN group accept dialin configuration mode
accept-dialout VPDN group accept dialout configuration mode
address-family Address Family configuration mode
call-discriminator Call Discriminator Configuration
cascustom Cas custom configuration mode
clid-group CLID group configuration mode
configure Global configuration mode
congestion Frame Relay congestion configuration mode
controller Controller configuration mode
cptone-set custom call progress tone configuration mode
customer-profile customer profile configuration mode
dhcp DHCP pool configuration mode
dnis-group DNIS group configuration mode
flow-cache Flow aggregation cache config mode
fr-fr FR/FR connection configuration mode
interface Interface configuration mode
Router(config)# alias interface express access-expression
For a list of command modes with descriptions and references to related documentation, refer to the "Cisco IOS Command Modes" appendix of the Cisco IOS Configuration Fundamentals Configuration Guide.
When you use online help, command aliases are indicated by an asterisk (*), and displayed in the following format:
*command-alias=original-command
For example, the lo command alias is shown here along with other EXEC mode commands that start with "lo":
*lo=logout lock login logout
When you use online help, aliases that contain multiple keyword elements separated by spaces are displayed in quotes, as shown here:
Router(config)#alias exec device-mail telnet device.cisco.com 25
*device-mail="telnet device.cisco.com 25"
To list only commands and omit aliases, begin your input line with a space. In the following example, the alias td is not shown, because there is a space before the t? command line.
Router(config)#alias exec td telnet device
telnet terminal test tn3270 trace
To circumvent command aliases, use a space before entering the command. In the following example, the command alias express is not recognized because a space is used before the command.
*express=access-expression
Router(config-if)# express ?
As with commands, you can use online help to display the arguments and keywords that can follow a command alias. In the following example, the alias td is created to represent the command telnet device. The /debug and /line switches can be added to telnet device to modify the command:
Router(config)#alias exec td telnet device
/debug Enable telnet debugging mode
/line Enable telnet line mode
You must enter the complete syntax for the command alias. Partial syntax for aliases is not accepted. In the following example, the parser does not recognize the command t as indicating the alias td:
Examples
In the following example, the alias fixmyrt is configured for the clear iproute 192.168.116.16 EXEC mode command:
Router(config)#alias exec fixmyrt clear ip route 192.168.116.16
In the following example, the alias express is configured for the first part of the access-expression interface configuration command:
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface e0
Interface configuration commands:
access-expression Build a bridge boolean access expression
accept-dialin VPDN group accept dialin configuration mode
accept-dialout VPDN group accept dialout configuration mode
address-family Address Family configuration mode
call-discriminator Call Discriminator Configuration
cascustom Cas custom configuration mode
clid-group CLID group configuration mode
configure Global configuration mode
congestion Frame Relay congestion configuration mode
controller Controller configuration mode
cptone-set custom call progress tone configuration mode
customer-profile customer profile configuration mode
dhcp DHCP pool configuration mode
dnis-group DNIS group configuration mode
flow-cache Flow aggregation cache config mode
fr-fr FR/FR connection configuration mode
interface Interface configuration mode
Router(config)#alias interface express access-expression
*express=access-expression
Router(config-if)#express ?
input Filter input packets
output Filter output packets
!Note that the true form of the command/keyword alias appears on the screen after issuing
Router(config-if)#access-expression ?
input Filter input packets
output Filter output packets
*express=access-expression exit
!Note that in the following line, a space is used before the ex? command
!so the alias is not displayed.
!Note that in the following line, the alias cannot be recognized because
!a space is used before the command.
Router#(config-if)# express ?
Router# show alias interface
Interface configuration mode aliases:
express access-expression
Related Commands
Command
|
Description
|
show aliases
|
Displays command aliases.
|
alias (boomerang)
To configure an alias name for a specified domain, use the alias command in boomerang configuration mode. To remove this command from the configuration file and restore the system to its default condition with respect to this command, use the no form of this command.
alias alias-name
no alias alias-name
Syntax Description
alias-name
|
Alias name for a specified domain.
|
Defaults
No domain name alias is configured.
Command Modes
Boomerang configuration
Command History
Release
|
Modification
|
12.2(8)T
|
This command was introduced.
|
Usage Guidelines
The alias command can be used only on a Director Response Protocol (DRP) agent. The boomerang client is the DRP agent.
Use the alias command to specify one or more alias names for an existing domain. Because the boomerang client maintains separate counters for requests received for each domain name (alias or otherwise), use the show ip drp boomerang command to view these counters for a specified domain name and each of its aliases.
Examples
In the following example, the domain name alias is configured for www.boom1.com. The new alias for www.boom1.com is www.boom2.com:
Router(config)# ip drp domain www.boom1.com
Router(config-boomerang)# alias www.boom2.com
Router# show running-config
ip drp domain www.boom1.com
Related Commands
Command
|
Description
|
ip drp domain
|
Adds a new domain to the DistributedDirector client or configures an existing domain and puts the client in boomerang configuration mode.
|
server (boomerang)
|
Configures the server address for a specified boomerang domain.
|
show ip drp
|
Displays DRP statistics on DistributedDirector or a DRP server agent.
|
show ip drp boomerang
|
Displays boomerang information on the DRP agent.
|
ttl dns
|
Configures the number of seconds for which an answer received from the boomerang client will be cached by the DNS client.
|
ttl ip
|
Configures the IP TTL value for the boomerang response packets sent from the boomerang client to the DNS client in number of hops.
|
announce config
To specify that an unsolicited configuration inventory is sent out by the CNS inventory agent at bootup, use the announce config command in CNS inventory configuration mode. To disable the sending of the configuration inventory, use the no form of this command.
announce config
no announce config
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
CNS inventory configuration
Command History
Release
|
Modification
|
12.3(1)
|
This command was introduced.
|
Usage Guidelines
Use this command to limit inventory requests by the CNS inventory agent. When configured, the routing device details will be announced on the CNS Event Bus, but the routing device will not respond to any queries from the CNS Event Bus.
Examples
The following example shows how to configure the CNS inventory agent to send out an unsolicited configuration inventory one time only at bootup:
Router(config)# cns inventory
Router(cns_inv)# announce config
Related Commands
Command
|
Description
|
cns inventory
|
Enables the CNS inventory agent and enters CNS inventory configuration mode.
|
async-bootp
To configure extended BOOTP requests for asynchronous interfaces as defined in RFC 1084, use the async-bootp command in global configuration mode. To restore the default, use the no form of this command.
async-bootp tag [:hostname] data
no async-bootp
Syntax Description
tag
|
Item being requested; expressed as filename, integer, or IP dotted decimal address. See Table 6 for possible keywords.
|
:hostname
|
(Optional) This entry applies only to the specified host. The :hostname argument accepts both an IP address and a logical host name.
|
data
|
List of IP addresses entered in dotted decimal notation or as logical host names, a number, or a quoted string.
|
Table 6 tag Keyword Options
Keyword
|
Description
|
bootfile
|
Specifies use of a server boot file from which to download the boot program. Use the optional :hostname argument and the data argument to specify the filename.
|
subnet-mask mask
|
Dotted decimal address specifying the network and local subnetwork mask (as defined by RFC 950).
|
time-offset offset
|
Signed 32-bit integer specifying the time offset of the local subnetwork in seconds from Coordinated Universal Time (UTC).
|
gateway address
|
Dotted decimal address specifying the IP addresses of gateways for this subnetwork. A preferred gateway should be listed first.
|
time-server address
|
Dotted decimal address specifying the IP address of time servers (as defined by RFC 868).
|
IEN116-server address
|
Dotted decimal address specifying the IP address of name servers (as defined by IEN 116).
|
nbns-server address
|
Dotted decimal address specifying the IP address of Windows NT servers.
|
DNS-server address
|
Dotted decimal address specifying the IP address of domain name servers (as defined by RFC 1034).
|
log-server address
|
Dotted decimal address specifying the IP address of an MIT-LCS UDP log server.
|
quote-server address
|
Dotted decimal address specifying the IP address of Quote of the Day servers (as defined in RFC 865).
|
lpr-server address
|
Dotted decimal address specifying the IP address of Berkeley UNIX Version 4 BSD servers.
|
impress-server address
|
Dotted decimal address specifying the IP address of Impress network image servers.
|
rlp-server address
|
Dotted decimal address specifying the IP address of Resource Location Protocol (RLP) servers (as defined in RFC 887).
|
hostname name
|
The name of the client, which may or may not be domain qualified, depending upon the site.
|
bootfile-size value
|
A two-octet value specifying the number of 512-octet (byte) blocks in the default boot file.
|
Defaults
If no extended BOOTP commands are entered, the Cisco IOS software generates a gateway and subnet mask appropriate for the local network.
Command Modes
Global configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
Usage Guidelines
Use the show async-bootp EXEC command to list the configured parameters. Use the no async-bootp command to clear the list.
Examples
The following example illustrates how to specify different boot files: one for a PC, and one for a Macintosh. With this configuration, a BOOTP request from the host on 172.30.1.1 results in a reply listing the boot filename as pcboot. A BOOTP request from the host named "mac" results in a reply listing the boot filename as "macboot."
async-bootp bootfile :172.30.1.1 "pcboot"
async-bootp bootfile :mac "macboot"
The following example specifies a subnet mask of 255.255.0.0:
async-bootp subnet-mask 255.255.0.0
The following example specifies a negative time offset of the local subnetwork of 3600 seconds:
async-bootp time-offset -3600
The following example specifies the IP address of a time server:
async-bootp time-server 172.16.1.1
Related Commands
Command
|
Description
|
show async bootp
|
Displays the extended BOOTP request parameters that have been configured for asynchronous interfaces.
|
atm-slm statistics
To enable the Service Assurance Agent (SAA) ATM Service Level Monitoring (SLM) feature, use the atm-slm statistics command in global configuration mode. To disable ATM SLM, use the no form of this command.
atm-slm statistics
no atm-slm statistics
Syntax Description
This command has no arguments or keywords.
Defaults
ATM Service Level Monitoring is disabled.
Command Modes
Global configuration mode
Command History
Release
|
Modification
|
12.2(11)T
|
This command was introduced.
|
Usage Guidelines
To generate and retrieve performance statistics for ATM services using SAA, the ATM SLM feature must first be enabled on the device using the atm-slm statistics global configuration command. (Note that these performance statistics can be retrieved by other applications such as CNS or Visual Uptime.) If this command is not used, SAA SLM operations (type slm atm pvc, type slm atm interface, or type slm controller) cannot be configured on the system.
Disabling the ATM SLM feature with the no atm-slm statistics command will cause any currently configured SAA SLM operations to be removed from the configuration. When ATM SLM is disabled, no CNS/XML requests are processed.
Examples
In the following example, the ATM SLM feature is enabled before an SAA SLM operation is configured for ATM interface 0/1:
Router(config)# atm-slm statistics
Router(config-rtr)# type slm atm interface ATM0/1
Router(config-rtr-slm)# enhanced-history interval 900 buckets 100
Router(config-rtr-slm)# exit
Router(config)# rtr schedule 1 start-time now life forever
Related Commands
Command
|
Description
|
type slm atm pvc
|
Specifies that the operation is an SAA SLM ATM Circuit operation.
|
type slm atm interface
|
Specifies that the operation is an SAA SLM ATM Interface operation.
|
type slm controller
|
Specifies that the operation is an SAA SLM ATM or Frame Relay Controller operation.
|
attach
To connect to a specific line card for the purpose of executing monitoring and maintenance commands on that line card only, use the attach command in privileged EXEC mode. To exit from the Cisco IOS software image on the line card and return to the Cisco IOS image on the giabit route processor (GRP), use the exit command.
attach slot-number
Syntax Description
slot-number
|
Slot number of the line card you want to connect to. Slot numbers range from 0 to 11 for the Cisco 12012 router and 0 to 7 for the Cisco 12008 router. If the slot number is omitted, you are prompted for the slot number.
|
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Release
|
Modification
|
11.2 GS
|
This command was introduced for the Cisco 12000 series.
|
Usage Guidelines
You must first use the attach privileged EXEC command to access the Cisco IOS software image on a line card before using line card-specific show EXEC commands. Alternatively, you can use the execute-on privileged EXEC command to execute a show command on a specific line card.
After you connect to the Cisco IOS image on the line card using the attach command, the prompt changes to LC-Slotx#, where x is the slot number of the line card.
The commands executed on the line card use the Cisco IOS image on that line card.
You can also use the execute-on slot privileged EXEC command to execute commands on one or all line cards.
Note
Do not execute the config EXEC command from the Cisco IOS software image on the line card.
Examples
In the following example, the user connects to the Cisco IOS image running on the line card in slot 9, gets a list of valid show commands, and returns the Cisco IOS image running on the GRP:
Entering Console for 4 Port Packet Over SONET OC-3c/STM-1 in Slot: 9
Type exit to end this session
Press RETURN to get started!
cef Cisco Express Forwarding
clock Display the system clock
context Show context information about recent crash(s)
history Display the session command history
hosts IP domain-name, lookup style, nameservers, and host table
ipc Interprocess communications commands
location Display the system location
sessions Information about Telnet connections
terminal Display terminal configuration parameters
users Display information about terminal lines
version System hardware and software status
Disconnecting from slot 9.
Connection Duration: 00:01:04
Note
Because not all statistics are maintained on the line cards, the output from some of the show commands might not be consistent.
Related Commands
Command
|
Description
|
attach shelf
|
Connects you to a specific (managed) shelf for the purpose of remotely executing commands on that shelf only.
|
execute-on slot
|
Executes commands remotely on a specific line card, or on all line cards simultaneously.
|
autobaud
To set the line for automatic baud rate detection (autobaud), use the autobaud command in line configuration mode. To disable automatic baud detection, use the no form of this command.
autobaud
no autobaud
Syntax Description
This command has no arguments or keywords.
Defaults
Autobaud detection is disabled. Fixed speed of 9600 bps.
Command Modes
Line configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
Usage Guidelines
The autobaud detection supports a range from 300 to 19200 baud. A line set for autobaud cannot be used for outgoing connections, nor can you set autobaud capability on a line using 19200 baud when the parity bit is set (because of hardware limitations).
Note
Automatic baud rate detection must be disabled by using the no autobaud command prior to entering the rxspeed, speed, or txspeed commands.
Examples
In the following example, the auxiliary port is configured for autobaud detection:
Router(config-line)# autobaud
banner exec
To specify and enable a message to be displayed when an EXEC process is created (an EXEC banner), use the banner exec command in global configuration mode. To delete the existing EXEC banner, use the no form of this command.
banner exec d message d
no banner exec
Syntax Description
d
|
Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
|
message
|
Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 7.
|
Defaults
Disabled (no EXEC banner is displayed).
Command Modes
Global configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
11.3(7.5)AA
|
Token functionality was introduced.
|
12.0(3)T
|
Token functionality was integrated into Cisco IOS Release 12.0(3)T.
|
Usage Guidelines
This command specifies a message to be displayed when an EXEC process is created (a line is activated, or an incoming connection is made to a vty). Follow this command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.
When a user connects to a router, the message-of-the-day (MOTD) banner appears first, followed by the login banner and prompts. After the user logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.
To disable the EXEC banner on a particular line or lines, use the no exec-banner line configuration command.
To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 7.
Table 7 banner exec Tokens
Token
|
Information Displayed in the Banner
|
$(hostname)
|
Displays the host name for the router.
|
$(domain)
|
Displays the domain name for the router.
|
$(line)
|
Displays the vty or tty (asynchronous) line number.
|
$(line-desc)
|
Displays the description attached to the line.
|
Examples
The following example sets an EXEC banner that uses tokens. The percent sign (%) is used as a delimiting character. Notice that the $(token) syntax is replaced by the corresponding configuration variable.
Router(config)# banner exec %
Enter TEXT message. End with the character '%'.
Session activated on line $(line), $(line-desc). Enter commands at the prompt.
When a user logs on to the system, the following output is displayed:
Session activated on line 50, vty default line. Enter commands at the prompt.
Related Commands
Command
|
Description
|
banner incoming
|
Defines a customized banner to be displayed when there is an incoming connection to a terminal line from a host on the network.
|
banner login
|
Defines a customized banner to be displayed before the username and password login prompts.
|
banner motd
|
Defines a customized message-of-the-day banner.
|
banner slip-ppp
|
Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.
|
exec-banner
|
Controls (enables or disables) the display of EXEC banners and message-of-the-day banners on a specified line or lines.
|
banner incoming
To define and enable a banner to be displayed when there is an incoming connection to a terminal line from a host on the network, use the banner incoming command in global configuration mode. To delete the incoming connection banner, use the no form of this command.
banner incoming d message d
no banner incoming
Syntax Description
d
|
Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
|
message
|
Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 8.
|
Defaults
Disabled (no incoming banner is displayed).
Command Modes
Global configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
11.3(7.5)AA
|
Token functionality was introduced.
|
12.0(3)T
|
Token functionality was integrated into Cisco IOS Release 12.0(3)T.
|
Usage Guidelines
Follow the banner incoming command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.
An incoming connection is one initiated from the network side of the router. Incoming connections are also called reverse Telnet sessions. These sessions can display MOTD banners and incoming banners, but they do not display EXEC banners. Use the no motd-banner line configuration command to disable the MOTD banner for reverse Telnet sessions on asynchronous lines.
When a user connects to the router, the message-of-the-day (MOTD) banner (if configured) appears first, before the login prompt. After the user successfully logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.
Incoming banners cannot be suppressed. If you do not want the incoming banner to appear, you must delete it with the no banner incoming command.
To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 8.
Table 8 banner incoming Tokens
Token
|
Information Displayed in the Banner
|
$(hostname)
|
Displays the host name for the router.
|
$(domain)
|
Displays the domain name for the router.
|
$(line)
|
Displays the vty or tty (asynchronous) line number.
|
$(line-desc)
|
Displays the description attached to the line.
|
Examples
The following example sets an incoming connection banner. The pound sign (#) is used as a delimiting character.
Router(config)# banner incoming #
This is the Reuses router.
The following example sets an incoming connection banner that uses several tokens. The percent sign (%) is used as a delimiting character.
darkstar(config)# banner incoming %
Enter TEXT message. End with the character '%'.
You have entered $(hostname).$(domain) on line $(line) ($(line-desc)) %
When the incoming connection banner is executed, the user will see the following banner. Notice that the $(token) syntax is replaced by the corresponding configuration variable.
You have entered darkstar.ourdomain.com on line 5 (Dialin Modem)
Related Commands
Command
|
Description
|
banner exec
|
Defines a customized banner to be displayed whenever the EXEC process is initiated.
|
banner login
|
Defines a customized banner to be displayed before the username and password login prompts.
|
banner motd
|
Defines a customized message-of-the-day banner.
|
banner slip-ppp
|
Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.
|
banner login
To define and enable a customized banner to be displayed before the username and password login prompts, use the banner login command in global configuration mode. To disable the login banner, use no form of this command.
banner login d message d
no banner login
Syntax Description
d
|
Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the banner message.
|
message
|
Message text. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. Tokens are described in Table 9.
|
Defaults
Disabled (no login banner is displayed).
Command Modes
Global configuration
Command History
Release
|
Modification
|
10.0
|
This command was introduced.
|
11.3(7.5)AA
|
Token functionality was introduced.
|
12.0(3)T
|
Token functionality was integrated into Cisco IOS Release 12.0(3)T.
|
Usage Guidelines
Follow the banner login command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.
When a user connects to the router, the message-of-the-day (MOTD) banner (if configured) appears first, followed by the login banner and prompts. After the user successfully logs in to the router, the EXEC banner or incoming banner will be displayed, depending on the type of connection. For a reverse Telnet login, the incoming banner will be displayed. For all other connections, the router will display the EXEC banner.
To customize the banner, use tokens in the form $(token) in the message text. Tokens will display current Cisco IOS configuration variables, such as the router's host name and IP address. The tokens are described in Table 9.
Table 9 banner login Tokens
Token
|
Information Displayed in the Banner
|
$(hostname)
|
Displays the host name for the router.
|
$(domain)
|
Displays the domain name for the router.
|
$(line)
|
Displays the vty or tty (asynchronous) line number.
|
$(line-desc)
|
Displays the description attached to the line.
|
Examples
The following example sets a login banner. Double quotes (") are used as the delimiting character.
Router# banner login " Access for authorized users only. Please enter your username and
password. "
The following example sets a login banner that uses several tokens. The percent sign (%) is used as the delimiting character.
darkstar(config)# banner login %
Enter TEXT message. End with the character '%'.
You have entered $(hostname).$(domain) on line $(line) ($(line-desc)) %
When the login banner is executed, the user will see the following banner. Notice that the $(token) syntax is replaced by the corresponding configuration variable.
You have entered darkstar.ourdomain.com on line 5 (Dialin Modem)
Related Commands
Command
|
Description
|
banner exec
|
Defines a customized banner to be displayed whenever the EXEC process is initiated.
|
banner incoming
|
Defines a customized message to be displayed when there is an incoming connection to a terminal line from a host on the network.
|
banner motd
|
Defines a customized message-of-the-day banner.
|
banner slip-ppp
|
Defines a customized banner to be displayed when a serial-line IP or point-to-point connection is made.
|
banner motd
To define and enable a message-of-the-day (MOTD) banner, use the banner motd command in global configuration mode. To delete the MOTD banner, use the no form of this command.