Cisco Troubleshooting: Quick Command Reference

By /

Listen to this Post

Troubleshooting Cisco networks can be complex, but having the right commands at your fingertips makes it easier. Here’s a handy breakdown of essential commands for different protocols and technologies:

🔹 Basic Diagnostics: Quickly check network status with commands like show version, show ip interface brief, and show logging.
🔹 Routing Protocols: Troubleshoot EIGRP, OSPF, and BGP using show ip eigrp neighbors, show ip ospf interface, and show ip bgp summary.
🔹 Security: Manage and verify IPsec configurations with `show crypto isakmp sa` and show crypto ipsec transform-set.

You Should Know:

Basic Diagnostics Commands

– `show version` – Displays device hardware, software version, and uptime.
– `show ip interface brief` – Lists all interfaces with IP and status (up/down).
– `show logging` – Shows system logs for error analysis.
– `ping ` – Tests connectivity to a target IP.
– `traceroute ` – Traces the path packets take to reach a destination.

Routing Protocol Troubleshooting

  • EIGRP:
    show ip eigrp neighbors  Verifies EIGRP neighbor adjacencies 
show ip eigrp topology  Displays the EIGRP topology table 
debug eigrp packets  Debugs EIGRP packet exchanges (use cautiously)
  • OSPF:
    show ip ospf neighbor  Checks OSPF neighbor relationships 
show ip ospf database  Views OSPF LSDB (Link-State Database) 
debug ip ospf events  Monitors OSPF events in real-time
  • BGP:
    show ip bgp summary  Lists BGP peers and their status 
show ip bgp neighbors  Displays detailed BGP neighbor info 
debug ip bgp updates  Debugs BGP routing updates

Security & VPN Troubleshooting

  • IPsec VPN Verification:
    show crypto isakmp sa  Checks IKE (Phase 1) security associations 
show crypto ipsec sa  Verifies IPsec (Phase 2) tunnels 
show crypto engine connections active  Displays active crypto sessions
  • Firewall & ACL Checks:
    show access-lists  Lists configured ACLs and hit counts 
show firewall session detail  Checks active firewall sessions (ASA/Firepower)

Advanced Debugging

– `debug ip packet` – Captures real-time IP packet processing (use with ACL filters).
– `terminal monitor` – Sends debug output to the terminal.
– `logging buffered ` – Increases log buffer for extended troubleshooting.

What Undercode Say:

Mastering Cisco troubleshooting requires familiarity with both show and debug commands. Always start with `show` commands before using `debug` to avoid performance issues. For routing problems, verify neighbor adjacencies first. In security contexts, check VPN phases systematically. Automation with EEM (Embedded Event Manager) can help log critical events.

Linux Equivalent Commands:

– `ip a` (Like show ip interface brief)
– `tcpdump` (Packet capture, similar to debug ip packet)
– `netstat -rn` (Routing table, like show ip route)

Windows Networking Commands:

– `tracert ` (Like traceroute)
– `netsh interface ip show config` (Similar to show ip interface brief)
– `route print` (Displays routing table)

Expected Output:

A structured troubleshooting approach ensures faster resolution. Bookmark these commands for quick access during network outages.

Note: Always test debug commands in lab environments before production use.

References:

Reported By: Nasir Amin – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: