CLI For CISCO Firepower FTD|info@networkjourney.

com | +91 9739521088

Cheatsheet Guide

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 1 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

Enable-based Commands
Sr.No CLI Command Privilege Mode Description
1 enable Enters privileged exec mode
Displays system information and
2 show version
software version
3 show interfaces Displays interface information
4 show inventory Displays hardware inventory
Displays system processes and CPU
5 show processes
utilization
6 show memory Displays memory usage
Gathers detailed system information
7 show tech-support
for support
Displays hardware platform
8 show platform hardware
information
Displays the current running
9 show running-config
configuration
Saves the running configuration to
10 write memory
startup
11 reload Reloads the system
show access-control- Displays access control policy
12
config configuration
Enable
show platform software Displays software status of the
13
status control-processor control processor

show platform software Displays software status of the

14
status firewall firewall

show running-config Displays the current boot

15
boot configuration
Displays failover status and
16 show failover
configuration
Displays IKE (Phase 1) security
17 show crypto isakmp sa
associations
Displays IPSec (Phase 2) security
18 show crypto ipsec sa
associations
show threat-detection
19 Displays threat detection statistics
statistics
show capture <name>
20 Displays captured packets in a buffer
buffer <buffer>
Resets the configuration to factory
21 configure factory-default
defaults

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 2 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

debug module <module- Enables debugging for a specific

22
name> module
configure manager Deletes a registered FMC from the
23
delete <manager> configuration
show capture <name> Displays options and settings for a
24
options capture

show platform hardware Displays hardware throughput level

25
throughput level statistics

26 `show cpu Enable (#)

show platform hardware Displays hardware throughput

27
throughput monitor monitor statistics

show threat-detection
28 Displays threat detection rate settings
rate

show asp table classify Displays class-map information for a

29
domain <domain> domain

show memory Displays memory allocation for each

30
allocating-process table process

show health-monitor
31 Displays health monitor status
status

32 debug flow basic <filter> Enables basic flow debugging

33 debug packet detail Enables detailed packet debugging

34 show policy-map Displays policy-map information

show platform hardware Displays overall hardware throughput

35
throughput all statistics

36 show failover history Displays failover history information

Displays detailed system version
37 show version all
information
show capture <name> Displays a summary of a specific
38
summary capture
show capture <name> Displays the contents of a captured
39
dump packet
Displays detailed memory usage
40 show memory detail
information
41 show cpu usage Displays CPU usage per process
42 show platform session Displays session-related information
show threat-detection Displays threat detection statistics per
43
statistics host host

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 3 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

Displays local cluster debugging

44 debug cluster show local
information
45 debug dhcpd events Enables debugging of DHCP events
show run-config Displays the commands in the running
46
commands configuration
Displays the status of a software
47 show upgrade-status
upgrade
48 show logging Displays system log messages

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 4 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

User Exec (privileged exec) Commands

Sr.No CLI Command Privilege Mode Description
Sends ICMP echo requests to a
1 ping <destination>
destination
traceroute
2 Traces the route to a destination
<destination>
Displays a brief summary of all
3 show interfaces brief
interfaces
4 show route Displays the routing table
5 show arp Displays the ARP table
6 show conn Displays active connections
Clears connections for a specific IP
7 clear conn address <ip>
address
debug packet Enables packet debugging on a specific
8
<interface> interface
capture <name> Configures a packet capture on a
9
interface <if> specific interface
Sends ICMP echo requests to an
10 ping <interface>
interface

11 show access-list Displays configured access control lists

Displays the route lookup for a specific

12 show route-lookup User Exec
IP
13 show dhcpd binding Displays DHCP bindings
Displays dropped packets and their
14 show asp drop frame
reasons

15 show version detail Displays detailed system information

show access-list Displays a summary of configured

16
summary access lists
clear configure access-
17 Clears configured access-list counters
list
18 debug icmp trace Enables ICMP packet tracing
Enables debugging for IKE (Phase 1)
19 debug crypto isakmp
negotiations
Enables debugging for IPSec (Phase 2)
20 debug crypto ipsec
negotiations
21 show ssl Displays SSL/TLS information
show vpn-sessiondb
22 Displays a summary of VPN sessions
summary
show connection host
23 Displays connections for a specific host
<ip>

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 5 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

show asp drop Displays dropped packets for a specific

24
protocol <protocol> protocol
Displays detailed information about
25 show access-list detail
access-lists
show access-list Displays a specific access-list
26
<number> configuration
show snmp-server
27 Displays SNMP statistics
statistics
28 clear xlate Clears the translation table
29 clear conn all Clears all connections
30 debug snmp packet Enables SNMP packet debugging
31 debug dhcpd packet Enables DHCP packet debugging
show service-policy Displays service policy information for
32
interface <interface> an interface
33 show arp detail Displays detailed ARP information
Displays detailed connection
34 show conn detail
information

35 show network Displays network-related information

36 show asp drop counter Displays counters for dropped packets

show access-list Displays a summary of access-list

37
summary configuration
show access-list
38 Displays details of a specific access-list
<name>
Displays the count of active
39 show connection count
connections
Clears local information about a
40 clear local-host <host>
specific host

41 clear xlate local <ip> Clears translations for a specific local IP

clear configure access-

42 Clears counters for a specific access-list
list <number>
debug crypto engine Enables debugging for a specific crypto
43
<engine> engine
debug packet-buffer Enables debugging for dropped
44
drop packets in buffer
45 show dns database Displays the DNS cache database
46 show cluster info Displays cluster information
Displays NTP associations and
47 show ntp associations
synchronization status
clear threat-detection Clears SYN-ACK threat detection rate
48
rate syn-ack counters

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 6 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

49 show user-identity Displays user identity information

show mac-address-
50 Displays the MAC address table
table

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 7 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

Global Configuration Commands

Sr.No CLI Command Privilege Mode Description
1 configure terminal Enters global configuration mode
2 interface <interface> Enters interface configuration mode
Configures IP address on an
3 ip address <ip> <mask>
interface
route <destination>
4 Configures a static route
<next-hop>
access-list <number>
5 Configures an access control list
<permit/deny>
object-group network
6 Creates a network object group
<name>
Creates a policy map for QoS
7 policy-map <name>
configuration
Creates a class map for QoS
8 class-map <name>
configuration
Applies a service policy to an
9 service-policy <name>
interface
Configures NTP server
10 ntp server <ip>
synchronization
Enters policy-map configuration
11 policy-map global_policy
mode
Global Config
Enters class-map configuration
12 class global-class
mode

set connection timeout Configures idle timeout for

13
idle <seconds> connections

Configures the security level for an

14 set security-level <level>
interface
Enables logging for system
15 logging enable
messages
Configures a syslog server for log
16 logging host <ip>
messages
17 ntp enable Enables NTP synchronization
Enables the HTTP server for
18 http server enable
management access
ntp server <ip> source Configures the NTP server source
19
<interface> interface
threat-detection basic-
20 Enables basic threat detection
threat
Configures threat detection rate
21 threat-detection rate
settings

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 8 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

Generates RSA key pair for

22 crypto key generate rsa
encryption
23 ssh <ip> Configures SSH access to the device

username <username>
24 Configures local user authentication
password <password>

25 object network <name> Creates a network object

26 object service <name> Creates a service object

object-group service
27 Creates a service object group
<name>
service-policy
28 Applies a global service policy
global_policy global
29 show object network Displays configured network objects
30 show object service Displays configured service objects
31 show object-group Displays configured object groups
show running-config Displays the running configuration
32
object for objects
33 configure terminal Enters global configuration mode
interface <interface> Enters subinterface configuration
34
<subinterface> mode
policy-map type inspect
35 Creates an inspection policy map
<name>
class type inspect
36 Creates an inspection class map
<name>

37 inspect <protocol> Configures inspection for a protocol

set connection
38 Decrements TTL for inspection
decrement-ttl
threat-detection rate Configures SYN-ACK threat
39
syn-ack detection rate
dns domain-lookup Enables DNS domain lookup on the
40
inside inside interface
clear configure access-
41 Clears configured access-list entries
list <access-list>
policy-map type inspect
42 Creates an inspection policy map
<name>
class type inspect
43 Creates an inspection class map
<name>
set connection timeout Configures timeout for half-closed
44
half-closed connections
set security-level <level> Configures security level for an
45
<interface> interface

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 9 | 10

 CLI For CISCO Firepower FTD|info@networkjourney.com | +91 9739521088

Configures settings for an interface

46 set interface <interface>
in a class map
set connection conn-max Configures maximum connections
47
<value> for a class map
48 clear xlate global Clears the global translation table
clear configure threat- Clears threat detection rate
49
detection rate counters
clear configure access-
50 Clears all configured access-lists
list all
Updates the calendar from the NTP
51 ntp update-calendar
server
52 ntp authenticate Enables NTP authentication
53 ntp trusted-key <key> Configures a trusted NTP key
service-policy <policy-
54 Applies a global service policy
map> global
Clears translations for a specific IP
55 clear xlate conn <ip>
address
56 debug ssl-proxy error Enables SSL proxy error debugging

CLI For CISCO Firepower FTD | info@networkjourney.com | +91 9739521088 || P a g e 10 | 10