| snmp-server community community-string [ view view- name ] [ ro rw ][ access-list number ] | Defines the community string, what predefined view is available using this community string, the type of access this community string allows (ro or rw), and an associated access list, specifying the devices allowed to use this community string. |
| snmp-server view view-name oid-tree { included excluded } | Limits which MIB objects an SNMP manager can access. |
| snmp-server system-shutdown | Enables an SNMP manager to send a message to users logged in to the router, and to then reboot the router, via SNMP. |
| snmp-server tftp-server-list access-list_number | Limits the capability for TFTP servers to load configuration files via SNMP to those specified in the access list. |
| snmp-server host host [ version { 1 2c }] community-string [ udp-port port ] [ trap-type ] | Specifies a host to which to send traps. |
| snmp-server enable traps trap-type trap-option | Makes traps of the listed types available for sending. |
| snmp trap link-status | Enables link up/down traps on the interface. |
| show snmp | Shows SNMP statistics. |
| rmon alarm number variable interval { delta absolute } rising -threshold value [ event-number ] falling-threshold value [ event-number ] [ owner string ] | Defines an alarm and specifies when the alarm is triggered and cleared and what event the alarm triggers. |
| rmon event number [ log ] [ trap community ] [ description string ] [ owner string ] | Defines an RMON event and specifies where to log the event when it is triggered by an alarm. |
| show rmon alarms | Displays information about the defined alarms. |
| show rmon events | Displays the event table. |
| logging buffered [ size ] | Enables buffered logging on the router and specifies the size of the log. |
| show logging | Displays the buffered log. |
| clear logging | Clears the buffered log. |
| logging host | Specifies the host name or IP address of the host that will receive syslog messages. |
| terminal monitor | Sends log information to the current terminal line. |
| service timestamps log uptime | Adds time stamps to the log. |
| service timestamps log datetime [ msec ] [ localtime ] [ show-timezone ] | Adds time stamps to the log. |
| logging console level | Limits messages logged to the console. |
| logging monitor level | Limits messages logged to the terminal line. |
| logging trap level | Limits messages logged to the syslog servers. |
| logging facility facility-type | Defines the facility type used when sending log messages to a syslog server. |
| snmp-server enable traps syslog | Enables SNMP traps for syslog messages. |
| logging history level | Specifies the level of syslog messages to be sent via SNMP. |
| ntp server ip_address [ version number ] [ key keyid ] [ source interface ] [ prefer ] | Creates a server association so that this router can synchronize its clock to another NTP clock source. |
| ntp peer ip_address [ version number ] [ key keyid ] [ source interface ] [ prefer ] | Creates a peer association so that this router can synchronize its clock to another device, or so that another device can synchronize to it. |
| ntp access- group { query-only serve-only serve peer } access-list-number | Controls access to the router's NTP services. |
| clock calendar-valid | Enables the router's calendar as an authoritative time source. |
| ntp master [ stratum ] | Configures the IOS as an NTP master clock to which peers synchronize. |
| ntp update-calendar | Updates the router's calendar with the time/date learned via NTP. |
| ntp authenticate | Globally enables NTP authentication. |
| ntp authentication-key number md5 key | Defines the NTP authentication key. |
| ntp trusted-key number | Lists key numbers , which have already been defined with the ntp authentication-key command, which the server must include in its NTP packets before this router will synchronize to it. |
| ip accounting | Enables IP accounting on an interface. |
| ip accounting-threshold threshold | Sets the maximum number of entries that can be stored in the accounting table. |
| show ip accounting [ checkpoint ] [ access-violations ] | Displays IP accounting data. |
| clear ip accounting | Clears IP accounting data. |
| ip route-cache flow | Enables NetFlow on an interface. |
| ip flow-export destination ip-address udp-port | Specifies the IP address and UDP port number for the host receiving NetFlow data. |
| ip flow-export [ version 1 version 5 [ origin-as peer-as ]] | Specifies the NetFlow version to use when sending data to the flow collector and which AS number to send, the traffic's origin AS or the router's peer AS. |
| show ip flow export | Displays information about how the data is exported. |
| show ip cache flow | Displays the data to be exported. |
| ip cef | Enables CEF globally and on all interfaces that support it. |
| ip flow-aggregation cache { as destination-prefix prefix protocol-port source-prefix } | Defines an aggregated NetFlow cache. |
| cache entries number_of_entries | Specifies the maximum number of entries in the aggregated cache. |
| cache timeout inactive seconds | Specifies the timeout value for inactive entries in the aggregated cache. |
| cache timeout active minutes | Modifies the number of minutes that an active aggregated cache entry remains active. |
| export destination ip_address udp_port | Specifies the export destination for the aggregated cache. |
| enabled | Enables the aggregated cache. |
| show ip cache flow aggregation as | Displays the AS cache data. |
| show ip cache flow aggregation destination-prefix | Displays the destination-prefix cache data. |
| show ip cache flow aggregation source-prefix | Displays the source-prefix cache data. |
| show ip cache flow aggregation protocol-port | Displays the protocol port cache data. |
| enable “secret password | Defines the enable-level password. |
| service password-encryption | Encrypts passwords when viewing the configuration. |
| access-class access-list_1-199_or_1300-2699 [ in out ] | Specifies an access list to use before permitting an incoming or outgoing terminal session. |
| transport input telnet ssh | Limits the protocols permitted to establish terminal sessions. |
| transport input none | Disables all terminal protocols on the configured line. |
| exec -timeout | Defines the timeout value for inactive terminal sessions. |
| service tcp- keepalives -in | Enables TCP keepalive messages on incoming connections. |
| no ip directed-broadcast | Disables IP directed broadcasts on interfaces. |
| no ip source-route | Globally disables the forwarding of packets that include source-route information. |
| scheduler interval milliseconds | Configures the interval for the router to stop handling interrupts and attend to other business. |
| scheduler allocate interrupt-time process-time | Defines the maximum amount of time the router spends on fast switching within any one network interrupt context, and the minimum amount of time the router spends at the process level when network interrupts are disabled. |
| no service tcp-small-servers | Disables the TCP small servers. |
| no service udp-small-servers | Disables the UDP small servers. |
| no service finger | Disables the Finger server. |
| no ip bootp server | Disables the BOOTP server. |
| aaa new-model | Enables AAA. |
| aaa authentication login { default list_name } group auth_type [ auth_type ] | Defines an AAA authentication method list. |
| login authentication list_name | Specifies which defined AAA authentication method list to use when authenticating a connecting user . |
| tacacs-server host ip_address | Specifies the TACACS server. |
| radius-server host ip_address | Specifies the RADIUS server. |
| tacacs-server key key | Defines a shared key to use between the router and TACACS server. |
| radius-server key key | Defines a shared key to use between the router and RADIUS server. |
| aaa authentication enable default group auth_type [ auth_type ] | Defines the type of authentication to use for enable-level access. |
| aaa authorization { network exec commands level reverse-access } { default list-name } [ method1 [ method2 ]] | Defines an AAA authorization method list. |
| authorization { arap exec commands level reverse-access } { default list-name } | Specifies which defined AAA authorization method list to use for connecting users. |
| aaa accounting { system network exec connection commands level } { default list-name } { start-stop wait-start stop-only none } [ method1 [ method2 ]] | Defines an AAA accounting method list and defines what type of information to account. |
| accounting { arap exec connection commands level } { default list-name } | Specifies which defined AAA accounting method list to use for connecting user sessions. |
| hostname hostname | Defines the router's hostname, required for RSA crypto generation. |
| ip domain-name domainname | Defines the router's domain name, required for RSA crypto generation. |
| crypto key generate rsa | Generates an RSA crypto key (and enables SSH). |
| ip ssh {[ timeout seconds ] [ authentication-retries integer ]} | Modifies SSH parameters. |
| standby [ group-number ] ip [ ip-address [ secondary ]] | Defines the HSRP address for the specified standby group. |
| standby [ group-number ] timers hellotime holdtime | Modifies the timers for the specified standby group. |
| standby [ group-number ] priority priority [ preempt [ delay delay ]] | Modifies the priority of the router in the specified standby group. Also specifies the preemption characteristics. |
| standby [ group-number ] [ priority priority ] preempt [ delay delay ] | Specifies the preemption characteristics. Also modifies the priority of the router in the specified standby group. |
| standby [ group-number ] track type number [ interface-priority ] | Identifies a standby tracked interface. |
| standby [ group-number ] authentication string | Defines a standby authentication string. |
| standby use-bia [ scope interface ] | Specifies that the burnt-in address is to be used as the standby MAC address. |
| show standby | Displays current HSRP properties. |
![Routing TCP[s]IP (Vol. 22001)](/icons/blank_book.jpg "Routing TCP[s]IP (Vol. 22001)"){kind=icon}