Cisco IOS Mode – Configuration, Privileged and User EXEC Mode

Cisco router and switches have an operating system called InterOperating System (IOS). The CLI is the primary user interface of the Cisco IOS for their router and switches. Command line interface (CLI) supports different IOS mode:

In addition, the Global configuration mode contains sub-configuration Modes. The figure below illustrates the Cisco IOS sub-configuration modes also called extended configuration mode or specific configuration mode of the global configuration.

IOS Mode

User mode

User Mode is also known is User EXEC mode is the first IOS mode a user entered and get access to the router after logging in. We can recognize user mode by the > prompt after the name of the router/switch. The router default name is Router and switch default name is Switch. We can change the default hostname from Global configuration mode using the hostname command. We will explain the command later in coming articles.

The user mode is usually password protected. You need a valid username and password to access this mode. This mode allows the user to execute only the basic commands, such as those that show the system’s status. The router cannot be configured or restarted from this mode. The figure below illustrates the user mode at CLI.

Privileged Mode

This mode is also known is enable mode or a privileged exec mode. Privileged exec mode allows a user to view extensive info about the router’s configuration and allows a user to change some of the configuration parameters. The Privileged mode also password protected. The user should enter the password to access this mode.

In the lab environment, it’s usually unprotected. You can use this mode by executing an enable command at user exec mode. We can list all available commands of this mode by entering at command line interface (CLI). Most commands of this mode are one-time commands. Which show the result and current status and clear counters on interfaces? We can enter common show commands both from user exec mode or privileged exec mode. The Exec mode commands do not save across the reboot of the device. The figure-3 illustrates the Privileged mode of the router.

Global Configuration Mode

The configuration mode is actually only a temporary gateway IOS mode to get to extended configuration modes.  Global configuration mode is used for configuring devices globally, or to enter in the element like interface, protocols specific configuration mode. Use configures terminal command at privileged exec mode to access global configuration mode.

Global configuration mode and extended (specific) configuration mode allows the user to make a change in the running configuration. By default running configuration does not store across the reboot, but you can save the running configuration to keep it across the reboot. To save running configuration use copy running-config startup-config from privileged EXEC mode commands. To return in privileged exec mode from global configuration mode or specific configuration mode we have used three commands.

  • Ctrl + Z – This key combination work in all mode.
  • Exit – Only works in global configuration mode
  • end – end command is the safest way to exit from global configuration mode or interface specific mode.

Setup Mode

When a Cisco router powered on, it first runs a POST test to make sure all hardware is working fine, and then router tries to find the running configuration. If the router finds the configuration it would load that. If it fails to find the configuration, it would start the setup mode. The setup mode is a step-by-step process which helps you configure basic aspects of the router. In this mode, the router will ask you questions about the first settings in a sequence for basic configuration values. Depending on answers provided by you, the router will automatically build initial configuration.

ROMMON Mode

ROMMON Mode also known as ROM Monitor Mode works if during the boot process, a router does not find a valid IOS image and failed to load IOS in RAM, it would enter in ROMMON mode. We can also access ROMMON Mode manually. It is the diagnostic mode just like safe mode in windows. By default, the router does not enter in ROMMON Mode unless it fails to find the IOS image. To enter manually in ROMMON mode, execute reload command from privileged exec mode and then press CTRL + C key combination or break during the first 60 seconds of startup. We can also use this mode for password recovery. Prompt for this mode is rommon>