3Com® Switch 4500 Family
Command Reference Guide
Switch 4500 26-Port
Switch 4500 50-Port
Switch 4500 PWR 26-Port
Switch 4500 PWR 50-Port
www.3Com.com
Part No. 10015729, Rev. AA
Published: January 2007
3Com Corporation
350 Campus Drive
Marlborough, MA
USA 01752-3064
Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries.
3Com and the 3Com logo are registered trademarks of 3Com Corporation.
Cisco is a registered trademark of Cisco Systems, Inc.
Funk RADIUS is a registered trademark of Funk Software, Inc.
Aegis is a registered trademark of Aegis Group PLC.
Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Novell and NetWare are registered trademarks of Novell, Inc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd.
IEEE and 802 are registered trademarks of the Institute of Electrical and Electronics Engineers, Inc.
All other company and product names may be trademarks of the respective companies with which they are associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to:
Establishing environmental performance standards that comply with national legislation and regulations.
Conserving energy, materials and natural resources in all operations.
Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental standards. Maximizing the recyclable and reusable content of all products.
Ensuring that all products can be recycled, reused and disposed of safely.
Ensuring that all products are labelled according to recognized environmental standards.
Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.
ABOUT THIS GUIDE
|
About This Software Version |
13 |
|
|
|
How This Guide is Organized |
13 |
|
|
|
Intended Readership |
14 |
|
|
|
Conventions 14 |
|
|
|
|
Related Documentation |
15 |
|
|
1 |
|
|||
USING SYSTEM ACCESS COMMANDS |
||||
|
Logging in Commands |
18 |
|
|
2 |
|
|
|
|
USING PORT COMMANDS |
|
|
||
|
Ethernet Port Configuration Commands |
43 |
||
|
Ethernet Port Link Aggregation Commands 64 |
|||
3 |
|
|
||
USING VLAN COMMANDS |
|
|||
|
VLAN Configuration Commands 76 |
|
||
|
Voice VLAN Configuration Commands |
81 |
4 USING POWER OVER ETHERNET (POE) COMMANDS
|
PoE Configuration Commands |
88 |
|
|
|
|
|||
5 USING NETWORK PROTOCOL COMMANDS |
||||
|
IP Address Configuration Commands |
99 |
|
|
|
ARP Configuration Commands |
101 |
|
|
|
DHCP Client Configuration Commands |
108 |
||
|
DHCP Relay Configuration Commands |
110 |
||
|
Access Management Configuration Commands 114 |
|||
|
UDP Helper Configuration Commands |
118 |
||
|
IP Performance Configuration Commands |
121 |
||
|
|
|||
6 USING ROUTING PROTOCOL COMMANDS |
||||
|
Routing Table Display Commands |
136 |
|
|
|
Static Route Configuration Command |
146 |
|
|
|
RIP Configuration Commands 149 |
|
|
|
|
IP Routing Policy Configuration Commands |
166 |
7 |
USING MULTICAST PROTOCOL COMMANDS |
|
|||||
|
IGMP Snooping Configuration Commands 176 |
|
|||||
8 |
|
|
|
|
|||
USING QOS/ACL COMMANDS |
|
|
|
||||
|
ACL Commands List |
184 |
|
|
|
|
|
|
QoS Configuration Commands List |
190 |
|
|
|||
|
Logon User’s ACL Control Command |
201 |
|
|
|||
9 |
|
|
|
|
|
||
USING STACK COMMANDS |
|
|
|
|
|||
|
Stack Commands |
207 |
|
|
|
|
|
10 |
|
|
|
|
|
||
USING RSTP COMMANDS |
|
|
|
|
|||
|
RSTP Configuration Commands |
216 |
|
|
|||
11 |
|
|
|||||
USING AAA AND RADIUS COMMANDS |
|
||||||
|
802.1x Configuration Commands |
236 |
|
|
|||
|
Centralized MAC Address Authentication Configuration Commands 247 |
||||||
|
AAA and RADIUS Configuration Commands |
254 |
|
||||
|
RADIUS Protocol Configuration Commands |
270 |
|
||||
12 |
|
|
|||||
USING SYSTEM MANAGEMENT COMMANDS |
|
||||||
|
File System Management Commands |
299 |
|
|
|||
|
Configuration File Management Commands |
308 |
|
||||
|
FTP Server Configuration Commands |
315 |
|
|
|||
|
FTP Client Commands |
320 |
|
|
|
|
|
|
TFTP Configuration Commands |
333 |
|
|
|||
|
MAC Address Table Management Commands |
334 |
|
||||
|
Device Management Commands |
338 |
|
|
|||
|
Basic System Configuration and Management Commands |
346 |
|||||
|
System Status and System Information Display Commands |
348 |
|||||
|
System Debug Commands 351 |
|
|
|
|
||
|
Network Connection Test Commands |
352 |
|
|
|||
|
Log Commands |
361 |
|
|
|
|
|
|
SNMP Configuration Commands |
376 |
|
|
|||
|
RMON Configuration Commands |
394 |
|
|
|||
|
NTP Configuration Commands |
403 |
|
|
|
||
|
SSH Terminal Service Configuration Commands 417 |
|
|||||
|
SSH Client Configuration Commands |
428 |
|
|
|||
|
SFTP Server Configuration Commands |
435 |
|
|
|||
|
SFTP Client Configuration Commands |
436 |
|
|
13 CONFIGURING PASSWORD CONTROL
A BOOTROM INTERFACE
Accessing the Bootrom Interface 455
Boot Menu 456
ALPHABETICAL LISTING OF
COMMANDS
display poe interface 88 display poe power 89
poe power-management 93 poe update 95
access-limit 254 accounting optional 270 acl 184
acl 201
am enable 114 am ip-pool 114
am trap enable 115 apply cost 166
arp check enable 101 arp static 102
arp static 103 ascii 320 attribute 254
authentication-mode 18 auto-execute command 19 binary 320
boot boot-loader 338 boot bootrom 338
Boot Menu File Download Commands 459 broadcast-suppression 43
bye 436 bye 321 cd 436 cdup 437 cdup 322 cd 299 cd 321
change self-unit 207 change unit-id 208 checkzero 149 clock datetime 346
clock summer-time 346 clock timezone 347 close 323
command-privilege level 19
copy configuration 43 copy 299
cut connection 255 databits 20 data-flow-format 270 debugging arp packet 104 debugging dhcp client 108
debugging dhcp xrn xha 108 debugging dhcp-relay 110 debugging lacp packet 64 debugging lacp state 65
debugging link-aggregation error 64 debugging link-aggregation event 64 debugging mac-authentication event 247 debugging ssh server 417
debugging udp-helper 118 debugging 351
default cost 149 delete 437
Delete File from Flash 457 delete static-routes all 147 delete 300
delete 323 description 44 description 76 dhcp-server ip 112 dhcp-server 111 dir 438
dir 301 dir 324
disconnect 324
display password-control blacklist 446 display acl 185
Display all Files in Flash 457 display am 116
display arp timer aging 106 display arp 105
display boot-loader 339 display channel 361 display clock 348 display config-agent 349 display connection 256 display cpu 339
display current-configuration 308 display debugging 350
display device 340 display dhcp client 109
display dhcp-server 112
display dhcp-server interface vlan-interface 113 display diagnostic-information 352
display domain 258 display dot1x 236 display fan 340 display fib 121 display fib 123 display fib acl 122
display fib ip_address 122 display fib ip-prefix 123 display fib statistics 124 display ftm 209
display ftp-server 315 display ftp-user 315
display history-command 21 display icmp statistics 124
display igmp-snooping configuration 176 display igmp-snooping group 176 display igmp-snooping statistics 177 display info-center 361
display interface VLAN-interface 76 display interface 45
display ip host 99
display ip interface vlan 99 display ip ip-prefix 166 display ip routing-table acl 137
display ip routing-table ip_address1 ip_address2 141 display ip routing-table ip_address 139
display ip routing-table ip-prefix 141 display ip routing-table protocol 143 display ip routing-table radix 144 display ip routing-table statistics 144 display ip routing-table verbose 145 display ip routing-table 136
display ip socket 125 display ip statistics 126 display isolate port 117 display lacp system-id 69
display link-aggregation interface 68 display link-aggregation summary 66 display link-aggregation verbose 67 display local-server statistics 271 display local-user 258
display loopback-detection 47 display mac-address aging-time 335 display mac-address 334
display mac-authentication 248
display memory 341 display mirror 190
display ntp-service sessions 404 display ntp-service status 405 display ntp-service trace 406 display password-control 445 display password-control super 446 display poe powersupply 90 display port 48
display power 341
display qos cos-local-precedence- map 191
display qos-interface all 191 display qos-interface line-rate 192
display qos-interface mirrored-to 192 display qos-interface traffic-limit 193 display radius statistics 273
display radius 272 display remote-ping 356 display rip 150
display rmon alarm 394 display rmon eventlog 395 display rmon event 394 display rmon history 396 display rmon prialarm 397 display rmon statistics 398 display route-policy 167
display rsa local-key-pair public 418 display rsa peer-public-key 419 display saved-configuration 310 display schedule reboot 342
display snmp-agent community 377 display snmp-agent group 377 display snmp-agent mib-view 378 display snmp-agent statistics 379 display snmp-agent sys-info 381 display snmp-agent usm-user 381 display snmp-agent 376
display snmp-proxy unit 382 display ssh server 420 display ssh server-info 428
display ssh user-information 421 display startup 312
display stop-accounting-buffer 274 display stp 216
display tcp statistics 128 display tcp status 129
display this 311
display udp statistics 129 display udp-helper server 119 display unit 48
display user-interface 21 display users 23
display version 350 display vlan 77
display voice vlan oui 81 display voice vlan status 82 display xrn-fabric 209 domain 260
dot1x authentication-method 238 dot1x dhcp-launch 239
dot1x max-user 239 dot1x port-control 240 dot1x port-method 241 dot1x quiet-period 242 dot1x retry 243
dot1x supp-proxy-check 244 dot1x timer 245
dot1x 237
Download Application File to Flash 456 duplex 49
enable snmp trap 382
end-station polling ip-address 352 Enter Bootrom Upgrade Menu 458 execute 302
exit 438
fabric save-unit-id 210 fabric-port enable 211 file prompt 302 filter-policy export 151 filter-policy import 152 flow-control 24 flow-control 50
format 303
free user-interface 24 ftm stacking-vlan 211 ftp server 316
ftp timeout 316 ftp 325
get 439 get 326 header 25 help 439
history-command max-size 27 host-route 153
idle-cut 261 idle-timeout 27 if-match cost 168 if-match interface 169 if-match ip next-hop 170 igmp-snooping 178
igmp-snooping host-aging-time 178 igmp-snooping max-response-time 179 igmp-snooping router-aging-time 180 import-route 153
info-center channel name 362 info-center enable 363 info-center logbuffer 364 info-center loghost source 366 info-center loghost 365 info-center monitor channel 366 info-center snmp channel 367 info-center source 368 info-center switch-on 371 info-center timestamp 372 info-center trapbuffer 373 interface VLAN-interface 78 interface 50
ip address dhcp-alloc 109 ip address 100
ip host 101
ip ip-prefix 170 ip route-static 147 key 275
lacp enable 69
lacp port-priority 70 lacp system-priority 70 language-mode 28
lcd 326 level 262 line-rate 193
link-aggregation group agg-id description 71 link-aggregation group agg-id mode 71 local-server 276
local-user password-display-mode 263 local-user 262
local-user 317 lock 28 loopback 51
loopback-detection control enable 52 loopback-detection enable 52 loopback-detection interval-time 53
loopback-detection per-vlan enable 54 ls 440
ls 327
mac-address max-mac-count 336 mac-address timer 337 mac-address 335 mac-authentication 249 mac-authentication authmode 250
mac-authentication authpassword 251 mac-authentication authusername 252 mac-authentication domain 252 mac-authentication timer 253
mdi 54 messenger 264 mirrored-to 194 mirroring-port 195 mkdir 440
mkdir 303 mkdir 327
Modify Bootrom Password 458 monitor-port 196
more 303 move 304
multicast-suppression 55 nas-ip 276
network 154 ntp-service access 406
ntp-service authentication enable 407 ntp-service authentication-keyid 408 ntp-service broadcast-client 409 ntp-service broadcast-server 409 ntp-service in-interface disable 410 ntp-service max-dynamic-sessions 410 ntp-service multicast-client 411 ntp-service multicast-server 412
ntp-service reliable authentication-keyid 413 ntp-service source-interface 413
ntp-service unicast-peer 414 ntp-service unicast-server 415 packet-filter 186
parity 29 passive 328 password 318 password 447
password-control 447 password-control enable 449 password-control super 450 password 265
peer-public-key end 421 peer-public-key end 428 peer 155
ping 353
poe enable 91
poe legacy enable 91 poe max-power 92 poe mode 93
poe priority 94 port 79
port access vlan 56 port hybrid pvid vlan 56 port hybrid vlan 57 port isolate 117
port link-aggregation group 72 port link-type 58
port trunk permit vlan 59 port trunk pvid vlan 59 preference 156
primary accounting 277 primary authentication 278 priority 196
priority trust 197 protocol inbound 29 protocol inbound 422
public-key-code begin 423 public-key-code begin 429 public-key-code end 423 public-key-code end 430 put 441
put 329 pwd 441 pwd 305 pwd 329
qos cos-local-precedence -map 198 quit 430
quit 441 quit 30 quit 330
radius nas-ip 279 radius scheme 280 radius-scheme 265 Reboot 459 reboot 342 remotehelp 330 remote-ping 355
remote-ping-agent enable 358
remove 442 rename 442 rename 305 reset 156
reset acl counter 187 reset arp 107
reset counters interface 60 reset dot1x statistics 246
reset igmp-snooping statistics 180 reset ip statistics 130
reset lacp statistics 73 reset logbuffer 373
reset password-control blacklist 452 reset password-control history-record 451
reset password-control history-record super 452 reset radius statistics 280
reset recycle-bin 306
reset saved-configuration 312 reset stop-accounting-buffer 281 reset stp 217
reset tcp statistics 130 reset trapbuffer 374 reset udp statistics 131
retry realtime-accounting 283 retry stop-accounting 283 retry 282
return 31
rip authentication-mode 157 rip input 159
rip metricin 159 rip metricout 160 rip output 160
rip split-horizon 161 rip version 162
rip work 163 rip 157 rmdir 443 rmdir 306 rmdir 331
rmon alarm 399 rmon event 400 rmon history 401 rmon prialarm 402 rmon statistics 403 route-policy 172
rsa local-key-pair create 424 rsa local-key-pair destroy 425 rsa peer-public-key 425
rsa peer-public-key 431 rule 187
save 313
schedule reboot at 343 schedule reboot delay 344 scheme 266 screen-length 31 secondary accounting 284
secondary authentication 285 Select Application File to Boot 456 self-service-url 267
send 32 server-type 285 service-type 319 service-type 268 service-type 32
set authentication password 33
Set Bootrom Password Recovery 458 Set Switch Startup Mode 459
set unit name 212 sftp 443
sftp server enable 435 shell 34
shutdown 80 shutdown 61
Skip Current Configuration File 458 snmp-agent community 202 snmp-agent community 383 snmp-agent group 203
snmp-agent group 384 snmp-agent local-engineid 385 snmp-agent mib-view 385 snmp-agent packet max-size 386 snmp-agent sys-info 387 snmp-agent target-host 387 snmp-agent trap enable 389 snmp-agent trap life 390 snmp-agent trap queue-size 391 snmp-agent trap source 391 snmp-agent usm-user 392 snmp-agent usm-user 204
speed 35 speed 61
ssh client assign rsa-key 431 ssh client first-time enable 432
ssh server authentication-retries 425 ssh server timeout 426
ssh user assign rsa-key 426
ssh user authentication-type 427 ssh user service-type 435
ssh2 433
startup bootrom-access enable 314 state 269
state 286
stop-accounting-buffer enable 287 stopbits 35
stp 218
stp bpdu-protection 219 stp cost 220
stp edged-port 220
stp loop-protection 221 stp mcheck 222
stp mode 222
stp pathcost-standard 223 stp point-to-point 224 stp port priority 224
stp priority 225
stp root primary 226 stp root secondary 226 stp root-protection 227 stp timeout-factor 228
stp timer forward-delay 228 stp timer hello 229
stp timer max-age 230 stp transmit-limit 230 summary 163
super password 37 super 36
sysname 213 sysname 348 sysname 37 system-view 38
tcp timer fin-timeout 131 tcp timer syn-timeout 131 tcp window 132
telnet 38
terminal debugging 374 terminal logging 375 terminal monitor 375 terminal trapping 376 tftp get 333
tftp put 333 timer quiet 289
timer realtime-accounting 289 timer response-timeout 290
timers 164 timer 288 tracert 359 traffic-limit 199
udp-helper enable 119 udp-helper port 119 udp-helper server 120 undelete 307
undo snmp-agent 393 unicast-suppression 62 user privilege level 40 user 331 user-interface 39 user-name-format 291 verbose 332
View 32 vlan 81 voice vlan 84
voice vlan aging 83 voice vlan enable 83
voice vlan mac_address 84 voice vlan mode 85
voice vlan security enable 86 wred 200
xrn-fabric authentication-mode 212 display packet-filter 185
if-match { acl | ip-prefix } 168 info-center console channel 363 ip http acl 202
startup saved configuration 314
This guide provides all the information you need to use the configuration commands supported by version 3.0.x software on the 3Com® Switch 4500.
About This Software The software in the Switch 4500 is a subset of that used in some other 3Com Version products. Depending on the capabilities of your hardware platform, some
commands described in this guide may not be available on your Switch, although the unavailable commands may still display on the command line interface (CLI). If you try to use an unavailable command, an error message displays.
CAUTION: Any command that displays on the CLI, but is not described in this guide, is not supported in version 3.0.x software. 3Com only supports the commands described in this guide. Other commands may result in the loss of data, and are entered at the user’s risk.
The Switch 4500 Command Reference Guide consists of the following chapters:
■Using System Access Commands — Introduces the commands used for accessing the Switch 4500.
■Using Port Commands — Introduces the commands used for configuring Ethernet port and link aggregation.
■Using VLAN Commands — Introduces the commands used for configuring VLANs.
■Using Power over Ethernet (PoE) Commands — Introduces the commands used for configuring PoE.
■Using Network Protocol Commands — Introduces the commands used for configuring network protocols.
■Using Routing Protocol Commands — Introduces the commands used for configuring routing protocols.
■Using Multicast Protocol Commands — Introduces the commands used for configuring multicast protocols.
■Using QoS and ACL Commands — Introduces the commands used for configuring QoS/ACL.
■Using STP Commands — Introduces the commands used for configuring STP.
■Using AAA and RADIUS Commands — Introduces the commands used for configuring 802.1x, AAA and RADIUS.
■Using Reliability Commands — Introduces the commands used for configuring VRRP.
14 ABOUT THIS GUIDE
■Using System Management Commands — Introduces the commands used for system management and maintenance.
■Network administrators
■Network engineers
■Users who are familiar with the basics of networking
Conventions |
This guide uses the following conventions: |
||
|
Table 1 |
Icons |
|
|
|
|
|
|
Icon |
Notice Type |
Description |
|
|
|
|
|
|
Information note |
Information that describes important features or instructions. |
|
|
Caution |
Information that alerts you to potential loss of data or |
|
|
|
potential damage to an application, system, or device. |
|
|
Warning |
Information that alerts you to potential personal injury. |
Table 2 Text conventions
Convention |
Description |
Screen displays |
This typeface represents text as it appears on the screen. |
|
|
Keyboard key names |
If you must press two or more keys simultaneously, the key names are |
|
linked with a plus sign (+), for example: |
|
Press Ctrl+Alt+Del |
The words “enter” |
When you see the word “enter” in this guide, you must type |
and “type” |
something, and then press Return or Enter. Do not press Return or |
|
Enter when an instruction simply says “type.” |
Fixed command |
This typeface indicates the fixed part of a command text. You must type |
text |
the command, or this part of the command, exactly as shown, and |
|
press Return or Enter when you are ready to enter the command. |
|
Example: The command display history-command must be |
|
entered exactly as shown. |
Variable |
This typeface indicates the variable part of a command text. You must |
command text |
type a value here, and press Return or Enter when you are ready to |
|
enter the command. |
|
Example: in the command super level , a value in the range 0 to 3 |
|
must be entered in the position indicated by level |
{ x | y | ... } |
Alternative items, one of which must be entered, are grouped in braces |
|
and separated by vertical bars. You must select and enter one of the |
|
items. |
|
Example: in the command flow-control {hardware | none | |
|
software}, the braces and the vertical bars combined indicate that |
|
you must enter one of the parameters. Enter either hardware, or |
|
none, or software. |
|
|
Related Documentation 15 |
|
Table 2 |
Text conventions |
|
|
|
|
[ ] |
Items shown in square brackets [ ] are optional. |
|
|
Example 1: in the command display users [all], the square |
|
|
brackets indicate that the parameter all is optional. You can enter the |
|
|
command with or without this parameter. |
|
|
Example 2: in the command user-interface [type] |
|
|
first-number [last-number] the square brackets indicate that the |
|
|
parameters [type] and [last-number] are both optional. You can |
|
|
enter a value in place of one, both or neither of these parameters. |
|
|
Alternative items, one of which can optionally be entered, are grouped |
|
|
in square brackets and separated by vertical bars. |
|
|
Example 3: in the command header [shell | incoming | |
|
|
login] text, the square brackets indicate that the parameters |
|
|
shell, incoming and login are all optional. The vertical bars |
|
|
indicate that only one of the parameters is allowed. |
|
|
|
|
|
|
Related |
The 3Com Switch 4500 Getting Started Guide provides information about |
|
Documentation |
installation. |
The 3Com Switch 4500 Configuration Guide provides information about configuring your network using the commands described in this guide.
16 ABOUT THIS GUIDE
1 |
USING SYSTEM ACCESS COMMANDS |
|
This chapter describes how to use the following commands:
Logging in Commands
■authentication-mode
■auto-execute command
■command-privilege level
■databits
■display history-command
■display user-interface
■display users
■flow-control
■free user-interface
■header
■history-command max-size
■idle-timeout
■language-mode
■lock
■parity
■protocol inbound
■quit
■return
■screen-length
■send
■service-type
■View
■set authentication password
■shell
■speed
■stopbits
■super
■super password
■sysname
18CHAPTER 1: USING SYSTEM ACCESS COMMANDS
■system-view
■telnet
■user-interface
■user privilege level
authentication-mode Syntax
authentication-mode { password | scheme | none }
View
User interface view
Parameter
password: Requires local authentication of password at log in.
scheme: Requires local or remote authentication of username and password at log in.
none: Allows users to log in without username or password.
Description
This command configures the authentication method for a user at log in.
Use the command authentication-mode password to prompt a user for local password authentication at login. To set the password, use set authentication password.
Use the command authentication-mode none to allow a user to log in without username or password authentication.
By default, users logging in using the console port do not need to pass any terminal authentication. Users logging in via modem or Telnet are required to provide password authentication when they log in.
Example
To configure local password authentication, enter the following command:
<4500>system-view
System View: return to User View with Ctrl+Z.
[4500]user-interface aux 0
[4500-ui-aux0]authentication-mode password
Logging in Commands 19
auto-execute command Syntax
undo auto-execute command
View
User Interface View
Parameter
text: Specifies the command to be run automatically.
Description
Enter auto-execute command text to configure the Switch to automatically run a specified command. When the user logs in, the command will be executed automatically. This command is usually used to configure the telnet command on the terminal, which will connect the user to a designated device automatically.
Enter undo auto-execute command to cancel the auto-execute command so the command is not run automatically.
By default, auto-execute is disabled.
CAUTION: If you execute this command, the user-interface can no longer be used to perform routine configurations on the local system. Ensure that you can log in to the system in some other way to cancel the configuration, before you configure the auto-execute command and save the configuration.
Example
To configure the Switch to automatically Telnet to device 10.110.100.1 after the user logs in via VTY 0, enter the following command:
<4500>system-view
System View: return to User View with Ctrl+Z. [4500]user-interface vty 0
[4500-ui-vty0]auto-execute command telnet 10.110.100.1
command-privilege level Syntax
undo command-privilege view view command
View
System View
Parameter
level: Enter the command level you want to assign to this command, ranging from 0 to 3.
view: Enter the name of the view that contains the command. This can be any of the views supported by the Switch.
command: Enter the command to be configured.
20 CHAPTER 1: USING SYSTEM ACCESS COMMANDS
Description
Use the command-privilege level command to configure the priority level assigned to any command within a selected view.
The command levels are, from lowest to highest:
■0 – Visit
■1 – Monitoring
■2 – System
■3 – Management
When the user logs into the Switch, the commands used depends on the user level settings and the command level settings on the user interface. The two types of settings may differ as follows:
■If AAA/RADIUS authentication is used, the commands the user can access are determined by the user level settings. For example, if a user is set to level 3 and the command level on the VTY 0 user interface is level 1, the user can only user the commands of level 3 or lower when logging into the Switch from the VTY interface.
■If RSA public key authentication is used, the commands the user can access are determined by the command level settings on the user interface.
By default:
■ping, tracert, and telnet are at level 0
■display and debugging are at level 1
■all configuration commands are at system level 2
■FTP, XMODEM, TFTP and commands for file system operations are at level 3
Use the undo command-privilege view command to restore the default priority to a command.
Example
To configure the precedence of the command ‘interface’ as 0, enter the following:
<4500>system-view
System View: return to User View with Ctrl+Z.
[4500]command-privilege level 0 view system interface
databits Syntax
databits { 7 | 8 }
undo databits
View
User interface view
Parameter
7 – Sets the data bits to 7.
Logging in Commands 21
8 – Sets the data bits to 8.
Description
Use the databits command to configure the data bits for the AUX (Console) port to either 7 or 8. By default, the value is 8. Use the undo databits command to restore the default value (8).
This command can only be performed in the AUX user interface view.
Example
To configure the data bits of the AUX (Console) port to 7 bits, enter the following:
<4500>system-view
System View: return to User View with Ctrl+Z.
[4500]user-interface aux 0
[4500-ui-aux0]databits 7
Syntax
display history-command
View
All views
Parameter
None
Description
Use the display history-command command to view the commands previously entered during this login session, up to a specified maximum.
To set the maximum number of commands to display, see history-command max-size.
Example
To display previously entered commands, enter the following.
<4500>display history-command
The commands display on screen.
display user-interface Syntax
display user-interface [ type number | number ] [summary]
View
All views
Parameter
type number: Enter the type and number of the user interface you want to display details on, for example VTY 3.
number: Enter the index number of the user interface you want to display details on.
22 CHAPTER 1: USING SYSTEM ACCESS COMMANDS
summary: Display the summary of a user interface.
Description
Use the display user-interface command to view information on a user interface. You can choose to access this information by user interface type and type number, or by user interface index number. The information displayed is the same whichever access method you use.
This command without the summary parameter displays user interface type, absolute/relative index, transmission speed, priority, authentication methods, and physical location. This command with the summary parameter displays one user interface in use with user interface name and other user interface information.
Example
To display information on a user interface with an index number of 0, enter the following.
<4500>display user-interface aux 0
The information is displayed in the following format:
Idx |
Type |
Tx/Rx |
Modem Privi Auth |
Int |
||
0 |
AUX 0 |
19200 |
- |
3 |
P |
- |
+: Current user-interface is active.
F |
: Current user-interface is active and work in async mode. |
Idx |
: Absolute index of user-interface. |
Type |
: Type and relative index of user-interface. |
Privi: The privilege of user-interface. |
|
Auth |
: The authentication mode of user-interface. |
Int |
: The physical location of UIs. |
A |
: Authentication use AAA. |
N |
: Current UI need not authentication. |
P |
: Authentication use current UI's password. |
Table 3 |
Output description of the display user-interface command |
Field Description
+Indicates that the user interface is in use
FCurrent user interface is in use and working in asynchronous mode
Idx |
Displays the index number of the user interface |
Type |
Displays the type and type number of the user interface |
Tx/Rx |
Displays the user interface speed |
Modem |
Displays the modem operation mode |
Privi |
Indicates the command level that can be accessed from this |
|
user interface |
Auth |
Indicates the user interface authentication method |
Int |
Indicates the physical location of the user interface |
|
|
Display the summary information of user interface 0.
<4500>display user-interface 0 summary
0: U
Logging in Commands 23
1 character mode users. (U)
1 total UIs in use.
UI's name: aux0
Table 4 Output Description of the display user-interface summary Command
Field |
Description |
|
|
0: U |
User interface type |
1 character mode users |
One type of user interface |
1 total UIs in use |
The total number of user interfaces in use |
UI’s name |
User interface name |
|
|
display users Syntax
display users [ all ]
View
All views
Parameter
all: Enter to display information on all user interfaces.
Description
Use the display users command to view information on the current user interface. Use the display users all command to view the information on all user interfaces.
Example
To display information on the current user interface, enter the following
The information displays in the following format:
UI |
Delay Type |
IPaddress Username Userlevel |
F 0 AUX 0 |
00:00:00 |
3 |
The categories of information displayed are as follows:
Table 5 Output description of the display users command
Field |
Description |
|
|
F |
Indicates that the user interface is in use and is working in asynchronous mode |
UI |
Number of the first list is the absolute number of user interface. |
|
Number of the second list is the relative number of user interface |
Delay |
Indicates the interval from the latest input until now, in seconds. |
Type |
Indicates the user interface type. |
IPaddress |
Displays initial connection location, namely the host IP address of the incoming |
|
connection. |
Username |
Display the login name of the user who is using this interface |
Userlevel |
Display the level of the user using this user interface |
|
|
24 CHAPTER 1: USING SYSTEM ACCESS COMMANDS
flow-control Syntax
flow-control { hardware | none | software }
undo flow-control
View
User interface view
Parameter
hardware: Enter to set hardware flow control.
none: Enter to set no flow control.
software: Enter to set software flow control.
Description
This command can only be performed in the AUX user interface view.
Example
To configure software flow control on the AUX (Console) port, enter the following:
<4500>system-view
System View: return to User View with Ctrl+Z.
[4500]user-interface aux 0
[4500-ui-aux0]flow-control software
free user-interface Syntax
free user-interface { type | number }
View
User view
Parameter
type: Enter the type and type number of the user interface to be reset.
number: Enter the index number of the user interface to be reset.
Description
Use this command to reset a specified user interface to its default settings. The user interface will be disconnected after the reset.
Use free user-interface type to reset the interface with the specified type and type number to its default settings. Use free user-interface number to reset the interface with the specified index number to its default settings.
You cannot use this command on the current user interface.