3COM 4500 PWR 50-PORT, 4500 PWR 26-PORT, 4500 26-PORT, 4500 50-PORT User Manual

0 (0)

3Com® Switch 4500 Family

Command Reference Guide

Switch 4500 26-Port

Switch 4500 50-Port

Switch 4500 PWR 26-Port

Switch 4500 PWR 50-Port

www.3Com.com

Part No. 10015729, Rev. AA

Published: January 2007

3Com Corporation

350 Campus Drive

Marlborough, MA

USA 01752-3064

Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.

3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.

3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time.

If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.

UNITED STATES GOVERNMENT LEGEND

If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following:

All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide.

Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries.

3Com and the 3Com logo are registered trademarks of 3Com Corporation.

Cisco is a registered trademark of Cisco Systems, Inc.

Funk RADIUS is a registered trademark of Funk Software, Inc.

Aegis is a registered trademark of Aegis Group PLC.

Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Novell and NetWare are registered trademarks of Novell, Inc. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd.

IEEE and 802 are registered trademarks of the Institute of Electrical and Electronics Engineers, Inc.

All other company and product names may be trademarks of the respective companies with which they are associated.

ENVIRONMENTAL STATEMENT

It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to:

Establishing environmental performance standards that comply with national legislation and regulations.

Conserving energy, materials and natural resources in all operations.

Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental standards. Maximizing the recyclable and reusable content of all products.

Ensuring that all products can be recycled, reused and disposed of safely.

Ensuring that all products are labelled according to recognized environmental standards.

Improving our environmental record on a continual basis.

End of Life Statement

3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.

Regulated Materials Statement

3Com products do not contain any hazardous or ozone-depleting material.

Environmental Statement about the Documentation

The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.

CONTENTS

ABOUT THIS GUIDE

 

About This Software Version

13

 

 

How This Guide is Organized

13

 

 

Intended Readership

14

 

 

 

Conventions 14

 

 

 

 

Related Documentation

15

 

 

1

 

USING SYSTEM ACCESS COMMANDS

 

Logging in Commands

18

 

 

2

 

 

 

USING PORT COMMANDS

 

 

 

Ethernet Port Configuration Commands

43

 

Ethernet Port Link Aggregation Commands 64

3

 

 

USING VLAN COMMANDS

 

 

VLAN Configuration Commands 76

 

 

Voice VLAN Configuration Commands

81

4 USING POWER OVER ETHERNET (POE) COMMANDS

 

PoE Configuration Commands

88

 

 

 

 

5 USING NETWORK PROTOCOL COMMANDS

 

IP Address Configuration Commands

99

 

 

ARP Configuration Commands

101

 

 

 

DHCP Client Configuration Commands

108

 

DHCP Relay Configuration Commands

110

 

Access Management Configuration Commands 114

 

UDP Helper Configuration Commands

118

 

IP Performance Configuration Commands

121

 

 

6 USING ROUTING PROTOCOL COMMANDS

 

Routing Table Display Commands

136

 

 

Static Route Configuration Command

146

 

 

RIP Configuration Commands 149

 

 

 

IP Routing Policy Configuration Commands

166

7

USING MULTICAST PROTOCOL COMMANDS

 

 

IGMP Snooping Configuration Commands 176

 

8

 

 

 

 

USING QOS/ACL COMMANDS

 

 

 

 

ACL Commands List

184

 

 

 

 

 

QoS Configuration Commands List

190

 

 

 

Logon User’s ACL Control Command

201

 

 

9

 

 

 

 

 

USING STACK COMMANDS

 

 

 

 

 

Stack Commands

207

 

 

 

 

10

 

 

 

 

 

USING RSTP COMMANDS

 

 

 

 

 

RSTP Configuration Commands

216

 

 

11

 

 

USING AAA AND RADIUS COMMANDS

 

 

802.1x Configuration Commands

236

 

 

 

Centralized MAC Address Authentication Configuration Commands 247

 

AAA and RADIUS Configuration Commands

254

 

 

RADIUS Protocol Configuration Commands

270

 

12

 

 

USING SYSTEM MANAGEMENT COMMANDS

 

 

File System Management Commands

299

 

 

 

Configuration File Management Commands

308

 

 

FTP Server Configuration Commands

315

 

 

 

FTP Client Commands

320

 

 

 

 

 

TFTP Configuration Commands

333

 

 

 

MAC Address Table Management Commands

334

 

 

Device Management Commands

338

 

 

 

Basic System Configuration and Management Commands

346

 

System Status and System Information Display Commands

348

 

System Debug Commands 351

 

 

 

 

 

Network Connection Test Commands

352

 

 

 

Log Commands

361

 

 

 

 

 

 

SNMP Configuration Commands

376

 

 

 

RMON Configuration Commands

394

 

 

 

NTP Configuration Commands

403

 

 

 

 

SSH Terminal Service Configuration Commands 417

 

 

SSH Client Configuration Commands

428

 

 

 

SFTP Server Configuration Commands

435

 

 

 

SFTP Client Configuration Commands

436

 

 

13 CONFIGURING PASSWORD CONTROL

A BOOTROM INTERFACE

Accessing the Bootrom Interface 455

Boot Menu 456

ALPHABETICAL LISTING OF

COMMANDS

display poe interface 88 display poe power 89

poe power-management 93 poe update 95

access-limit 254 accounting optional 270 acl 184

acl 201

am enable 114 am ip-pool 114

am trap enable 115 apply cost 166

arp check enable 101 arp static 102

arp static 103 ascii 320 attribute 254

authentication-mode 18 auto-execute command 19 binary 320

boot boot-loader 338 boot bootrom 338

Boot Menu File Download Commands 459 broadcast-suppression 43

bye 436 bye 321 cd 436 cdup 437 cdup 322 cd 299 cd 321

change self-unit 207 change unit-id 208 checkzero 149 clock datetime 346

clock summer-time 346 clock timezone 347 close 323

command-privilege level 19

copy configuration 43 copy 299

cut connection 255 databits 20 data-flow-format 270 debugging arp packet 104 debugging dhcp client 108

debugging dhcp xrn xha 108 debugging dhcp-relay 110 debugging lacp packet 64 debugging lacp state 65

debugging link-aggregation error 64 debugging link-aggregation event 64 debugging mac-authentication event 247 debugging ssh server 417

debugging udp-helper 118 debugging 351

default cost 149 delete 437

Delete File from Flash 457 delete static-routes all 147 delete 300

delete 323 description 44 description 76 dhcp-server ip 112 dhcp-server 111 dir 438

dir 301 dir 324

disconnect 324

display password-control blacklist 446 display acl 185

Display all Files in Flash 457 display am 116

display arp timer aging 106 display arp 105

display boot-loader 339 display channel 361 display clock 348 display config-agent 349 display connection 256 display cpu 339

display current-configuration 308 display debugging 350

display device 340 display dhcp client 109

display dhcp-server 112

display dhcp-server interface vlan-interface 113 display diagnostic-information 352

display domain 258 display dot1x 236 display fan 340 display fib 121 display fib 123 display fib acl 122

display fib ip_address 122 display fib ip-prefix 123 display fib statistics 124 display ftm 209

display ftp-server 315 display ftp-user 315

display history-command 21 display icmp statistics 124

display igmp-snooping configuration 176 display igmp-snooping group 176 display igmp-snooping statistics 177 display info-center 361

display interface VLAN-interface 76 display interface 45

display ip host 99

display ip interface vlan 99 display ip ip-prefix 166 display ip routing-table acl 137

display ip routing-table ip_address1 ip_address2 141 display ip routing-table ip_address 139

display ip routing-table ip-prefix 141 display ip routing-table protocol 143 display ip routing-table radix 144 display ip routing-table statistics 144 display ip routing-table verbose 145 display ip routing-table 136

display ip socket 125 display ip statistics 126 display isolate port 117 display lacp system-id 69

display link-aggregation interface 68 display link-aggregation summary 66 display link-aggregation verbose 67 display local-server statistics 271 display local-user 258

display loopback-detection 47 display mac-address aging-time 335 display mac-address 334

display mac-authentication 248

display memory 341 display mirror 190

display ntp-service sessions 404 display ntp-service status 405 display ntp-service trace 406 display password-control 445 display password-control super 446 display poe powersupply 90 display port 48

display power 341

display qos cos-local-precedence- map 191

display qos-interface all 191 display qos-interface line-rate 192

display qos-interface mirrored-to 192 display qos-interface traffic-limit 193 display radius statistics 273

display radius 272 display remote-ping 356 display rip 150

display rmon alarm 394 display rmon eventlog 395 display rmon event 394 display rmon history 396 display rmon prialarm 397 display rmon statistics 398 display route-policy 167

display rsa local-key-pair public 418 display rsa peer-public-key 419 display saved-configuration 310 display schedule reboot 342

display snmp-agent community 377 display snmp-agent group 377 display snmp-agent mib-view 378 display snmp-agent statistics 379 display snmp-agent sys-info 381 display snmp-agent usm-user 381 display snmp-agent 376

display snmp-proxy unit 382 display ssh server 420 display ssh server-info 428

display ssh user-information 421 display startup 312

display stop-accounting-buffer 274 display stp 216

display tcp statistics 128 display tcp status 129

display this 311

display udp statistics 129 display udp-helper server 119 display unit 48

display user-interface 21 display users 23

display version 350 display vlan 77

display voice vlan oui 81 display voice vlan status 82 display xrn-fabric 209 domain 260

dot1x authentication-method 238 dot1x dhcp-launch 239

dot1x max-user 239 dot1x port-control 240 dot1x port-method 241 dot1x quiet-period 242 dot1x retry 243

dot1x supp-proxy-check 244 dot1x timer 245

dot1x 237

Download Application File to Flash 456 duplex 49

enable snmp trap 382

end-station polling ip-address 352 Enter Bootrom Upgrade Menu 458 execute 302

exit 438

fabric save-unit-id 210 fabric-port enable 211 file prompt 302 filter-policy export 151 filter-policy import 152 flow-control 24 flow-control 50

format 303

free user-interface 24 ftm stacking-vlan 211 ftp server 316

ftp timeout 316 ftp 325

get 439 get 326 header 25 help 439

history-command max-size 27 host-route 153

idle-cut 261 idle-timeout 27 if-match cost 168 if-match interface 169 if-match ip next-hop 170 igmp-snooping 178

igmp-snooping host-aging-time 178 igmp-snooping max-response-time 179 igmp-snooping router-aging-time 180 import-route 153

info-center channel name 362 info-center enable 363 info-center logbuffer 364 info-center loghost source 366 info-center loghost 365 info-center monitor channel 366 info-center snmp channel 367 info-center source 368 info-center switch-on 371 info-center timestamp 372 info-center trapbuffer 373 interface VLAN-interface 78 interface 50

ip address dhcp-alloc 109 ip address 100

ip host 101

ip ip-prefix 170 ip route-static 147 key 275

lacp enable 69

lacp port-priority 70 lacp system-priority 70 language-mode 28

lcd 326 level 262 line-rate 193

link-aggregation group agg-id description 71 link-aggregation group agg-id mode 71 local-server 276

local-user password-display-mode 263 local-user 262

local-user 317 lock 28 loopback 51

loopback-detection control enable 52 loopback-detection enable 52 loopback-detection interval-time 53

loopback-detection per-vlan enable 54 ls 440

ls 327

mac-address max-mac-count 336 mac-address timer 337 mac-address 335 mac-authentication 249 mac-authentication authmode 250

mac-authentication authpassword 251 mac-authentication authusername 252 mac-authentication domain 252 mac-authentication timer 253

mdi 54 messenger 264 mirrored-to 194 mirroring-port 195 mkdir 440

mkdir 303 mkdir 327

Modify Bootrom Password 458 monitor-port 196

more 303 move 304

multicast-suppression 55 nas-ip 276

network 154 ntp-service access 406

ntp-service authentication enable 407 ntp-service authentication-keyid 408 ntp-service broadcast-client 409 ntp-service broadcast-server 409 ntp-service in-interface disable 410 ntp-service max-dynamic-sessions 410 ntp-service multicast-client 411 ntp-service multicast-server 412

ntp-service reliable authentication-keyid 413 ntp-service source-interface 413

ntp-service unicast-peer 414 ntp-service unicast-server 415 packet-filter 186

parity 29 passive 328 password 318 password 447

password-control 447 password-control enable 449 password-control super 450 password 265

peer-public-key end 421 peer-public-key end 428 peer 155

ping 353

poe enable 91

poe legacy enable 91 poe max-power 92 poe mode 93

poe priority 94 port 79

port access vlan 56 port hybrid pvid vlan 56 port hybrid vlan 57 port isolate 117

port link-aggregation group 72 port link-type 58

port trunk permit vlan 59 port trunk pvid vlan 59 preference 156

primary accounting 277 primary authentication 278 priority 196

priority trust 197 protocol inbound 29 protocol inbound 422

public-key-code begin 423 public-key-code begin 429 public-key-code end 423 public-key-code end 430 put 441

put 329 pwd 441 pwd 305 pwd 329

qos cos-local-precedence -map 198 quit 430

quit 441 quit 30 quit 330

radius nas-ip 279 radius scheme 280 radius-scheme 265 Reboot 459 reboot 342 remotehelp 330 remote-ping 355

remote-ping-agent enable 358

remove 442 rename 442 rename 305 reset 156

reset acl counter 187 reset arp 107

reset counters interface 60 reset dot1x statistics 246

reset igmp-snooping statistics 180 reset ip statistics 130

reset lacp statistics 73 reset logbuffer 373

reset password-control blacklist 452 reset password-control history-record 451

reset password-control history-record super 452 reset radius statistics 280

reset recycle-bin 306

reset saved-configuration 312 reset stop-accounting-buffer 281 reset stp 217

reset tcp statistics 130 reset trapbuffer 374 reset udp statistics 131

retry realtime-accounting 283 retry stop-accounting 283 retry 282

return 31

rip authentication-mode 157 rip input 159

rip metricin 159 rip metricout 160 rip output 160

rip split-horizon 161 rip version 162

rip work 163 rip 157 rmdir 443 rmdir 306 rmdir 331

rmon alarm 399 rmon event 400 rmon history 401 rmon prialarm 402 rmon statistics 403 route-policy 172

rsa local-key-pair create 424 rsa local-key-pair destroy 425 rsa peer-public-key 425

rsa peer-public-key 431 rule 187

save 313

schedule reboot at 343 schedule reboot delay 344 scheme 266 screen-length 31 secondary accounting 284

secondary authentication 285 Select Application File to Boot 456 self-service-url 267

send 32 server-type 285 service-type 319 service-type 268 service-type 32

set authentication password 33

Set Bootrom Password Recovery 458 Set Switch Startup Mode 459

set unit name 212 sftp 443

sftp server enable 435 shell 34

shutdown 80 shutdown 61

Skip Current Configuration File 458 snmp-agent community 202 snmp-agent community 383 snmp-agent group 203

snmp-agent group 384 snmp-agent local-engineid 385 snmp-agent mib-view 385 snmp-agent packet max-size 386 snmp-agent sys-info 387 snmp-agent target-host 387 snmp-agent trap enable 389 snmp-agent trap life 390 snmp-agent trap queue-size 391 snmp-agent trap source 391 snmp-agent usm-user 392 snmp-agent usm-user 204

speed 35 speed 61

ssh client assign rsa-key 431 ssh client first-time enable 432

ssh server authentication-retries 425 ssh server timeout 426

ssh user assign rsa-key 426

ssh user authentication-type 427 ssh user service-type 435

ssh2 433

startup bootrom-access enable 314 state 269

state 286

stop-accounting-buffer enable 287 stopbits 35

stp 218

stp bpdu-protection 219 stp cost 220

stp edged-port 220

stp loop-protection 221 stp mcheck 222

stp mode 222

stp pathcost-standard 223 stp point-to-point 224 stp port priority 224

stp priority 225

stp root primary 226 stp root secondary 226 stp root-protection 227 stp timeout-factor 228

stp timer forward-delay 228 stp timer hello 229

stp timer max-age 230 stp transmit-limit 230 summary 163

super password 37 super 36

sysname 213 sysname 348 sysname 37 system-view 38

tcp timer fin-timeout 131 tcp timer syn-timeout 131 tcp window 132

telnet 38

terminal debugging 374 terminal logging 375 terminal monitor 375 terminal trapping 376 tftp get 333

tftp put 333 timer quiet 289

timer realtime-accounting 289 timer response-timeout 290

timers 164 timer 288 tracert 359 traffic-limit 199

udp-helper enable 119 udp-helper port 119 udp-helper server 120 undelete 307

undo snmp-agent 393 unicast-suppression 62 user privilege level 40 user 331 user-interface 39 user-name-format 291 verbose 332

View 32 vlan 81 voice vlan 84

voice vlan aging 83 voice vlan enable 83

voice vlan mac_address 84 voice vlan mode 85

voice vlan security enable 86 wred 200

xrn-fabric authentication-mode 212 display packet-filter 185

if-match { acl | ip-prefix } 168 info-center console channel 363 ip http acl 202

startup saved configuration 314

ABOUT THIS GUIDE

This guide provides all the information you need to use the configuration commands supported by version 3.0.x software on the 3Com® Switch 4500.

About This Software The software in the Switch 4500 is a subset of that used in some other 3Com Version products. Depending on the capabilities of your hardware platform, some

commands described in this guide may not be available on your Switch, although the unavailable commands may still display on the command line interface (CLI). If you try to use an unavailable command, an error message displays.

CAUTION: Any command that displays on the CLI, but is not described in this guide, is not supported in version 3.0.x software. 3Com only supports the commands described in this guide. Other commands may result in the loss of data, and are entered at the user’s risk.

How This Guide is Organized

The Switch 4500 Command Reference Guide consists of the following chapters:

Using System Access Commands — Introduces the commands used for accessing the Switch 4500.

Using Port Commands — Introduces the commands used for configuring Ethernet port and link aggregation.

Using VLAN Commands — Introduces the commands used for configuring VLANs.

Using Power over Ethernet (PoE) Commands — Introduces the commands used for configuring PoE.

Using Network Protocol Commands — Introduces the commands used for configuring network protocols.

Using Routing Protocol Commands — Introduces the commands used for configuring routing protocols.

Using Multicast Protocol Commands — Introduces the commands used for configuring multicast protocols.

Using QoS and ACL Commands — Introduces the commands used for configuring QoS/ACL.

Using STP Commands — Introduces the commands used for configuring STP.

Using AAA and RADIUS Commands — Introduces the commands used for configuring 802.1x, AAA and RADIUS.

Using Reliability Commands — Introduces the commands used for configuring VRRP.

3COM 4500 PWR 50-PORT, 4500 PWR 26-PORT, 4500 26-PORT, 4500 50-PORT User Manual

14 ABOUT THIS GUIDE

Using System Management Commands — Introduces the commands used for system management and maintenance.

Intended Readership The guide is intended for the following readers:

Network administrators

Network engineers

Users who are familiar with the basics of networking

Conventions

This guide uses the following conventions:

 

Table 1

Icons

 

 

 

 

 

 

Icon

Notice Type

Description

 

 

 

 

 

 

Information note

Information that describes important features or instructions.

 

 

Caution

Information that alerts you to potential loss of data or

 

 

 

potential damage to an application, system, or device.

 

 

Warning

Information that alerts you to potential personal injury.

Table 2 Text conventions

Convention

Description

Screen displays

This typeface represents text as it appears on the screen.

 

 

Keyboard key names

If you must press two or more keys simultaneously, the key names are

 

linked with a plus sign (+), for example:

 

Press Ctrl+Alt+Del

The words “enter”

When you see the word “enter” in this guide, you must type

and “type”

something, and then press Return or Enter. Do not press Return or

 

Enter when an instruction simply says “type.”

Fixed command

This typeface indicates the fixed part of a command text. You must type

text

the command, or this part of the command, exactly as shown, and

 

press Return or Enter when you are ready to enter the command.

 

Example: The command display history-command must be

 

entered exactly as shown.

Variable

This typeface indicates the variable part of a command text. You must

command text

type a value here, and press Return or Enter when you are ready to

 

enter the command.

 

Example: in the command super level , a value in the range 0 to 3

 

must be entered in the position indicated by level

{ x | y | ... }

Alternative items, one of which must be entered, are grouped in braces

 

and separated by vertical bars. You must select and enter one of the

 

items.

 

Example: in the command flow-control {hardware | none |

 

software}, the braces and the vertical bars combined indicate that

 

you must enter one of the parameters. Enter either hardware, or

 

none, or software.

 

 

Related Documentation 15

 

Table 2

Text conventions

 

 

 

 

[ ]

Items shown in square brackets [ ] are optional.

 

 

Example 1: in the command display users [all], the square

 

 

brackets indicate that the parameter all is optional. You can enter the

 

 

command with or without this parameter.

 

 

Example 2: in the command user-interface [type]

 

 

first-number [last-number] the square brackets indicate that the

 

 

parameters [type] and [last-number] are both optional. You can

 

 

enter a value in place of one, both or neither of these parameters.

 

 

Alternative items, one of which can optionally be entered, are grouped

 

 

in square brackets and separated by vertical bars.

 

 

Example 3: in the command header [shell | incoming |

 

 

login] text, the square brackets indicate that the parameters

 

 

shell, incoming and login are all optional. The vertical bars

 

 

indicate that only one of the parameters is allowed.

 

 

 

 

 

Related

The 3Com Switch 4500 Getting Started Guide provides information about

Documentation

installation.

The 3Com Switch 4500 Configuration Guide provides information about configuring your network using the commands described in this guide.

16 ABOUT THIS GUIDE

1

USING SYSTEM ACCESS COMMANDS

 

This chapter describes how to use the following commands:

Logging in Commands

authentication-mode

auto-execute command

command-privilege level

databits

display history-command

display user-interface

display users

flow-control

free user-interface

header

history-command max-size

idle-timeout

language-mode

lock

parity

protocol inbound

quit

return

screen-length

send

service-type

View

set authentication password

shell

speed

stopbits

super

super password

sysname

18CHAPTER 1: USING SYSTEM ACCESS COMMANDS

system-view

telnet

user-interface

user privilege level

Logging in Commands This section describes the commands that you can use to configure system access and system security.

authentication-mode Syntax

authentication-mode { password | scheme | none }

View

User interface view

Parameter

password: Requires local authentication of password at log in.

scheme: Requires local or remote authentication of username and password at log in.

none: Allows users to log in without username or password.

Description

This command configures the authentication method for a user at log in.

Use the command authentication-mode password to prompt a user for local password authentication at login. To set the password, use set authentication password.

Use the command authentication-mode scheme to prompt a user to provide local or remote user name and password authentication at login. The type of the authentication depends on your network configuration. For further information, see “AAA and RADIUS”.

Use the command authentication-mode none to allow a user to log in without username or password authentication.

By default, users logging in using the console port do not need to pass any terminal authentication. Users logging in via modem or Telnet are required to provide password authentication when they log in.

Example

To configure local password authentication, enter the following command:

<4500>system-view

System View: return to User View with Ctrl+Z.

[4500]user-interface aux 0

[4500-ui-aux0]authentication-mode password

Logging in Commands 19

auto-execute command Syntax

auto-execute command text

undo auto-execute command

View

User Interface View

Parameter

text: Specifies the command to be run automatically.

Description

Enter auto-execute command text to configure the Switch to automatically run a specified command. When the user logs in, the command will be executed automatically. This command is usually used to configure the telnet command on the terminal, which will connect the user to a designated device automatically.

Enter undo auto-execute command to cancel the auto-execute command so the command is not run automatically.

By default, auto-execute is disabled.

CAUTION: If you execute this command, the user-interface can no longer be used to perform routine configurations on the local system. Ensure that you can log in to the system in some other way to cancel the configuration, before you configure the auto-execute command and save the configuration.

Example

To configure the Switch to automatically Telnet to device 10.110.100.1 after the user logs in via VTY 0, enter the following command:

<4500>system-view

System View: return to User View with Ctrl+Z. [4500]user-interface vty 0

[4500-ui-vty0]auto-execute command telnet 10.110.100.1

command-privilege level Syntax

command-privilege level level view view command

undo command-privilege view view command

View

System View

Parameter

level: Enter the command level you want to assign to this command, ranging from 0 to 3.

view: Enter the name of the view that contains the command. This can be any of the views supported by the Switch.

command: Enter the command to be configured.

20 CHAPTER 1: USING SYSTEM ACCESS COMMANDS

Description

Use the command-privilege level command to configure the priority level assigned to any command within a selected view.

The command levels are, from lowest to highest:

0 – Visit

1 – Monitoring

2 – System

3 – Management

When the user logs into the Switch, the commands used depends on the user level settings and the command level settings on the user interface. The two types of settings may differ as follows:

If AAA/RADIUS authentication is used, the commands the user can access are determined by the user level settings. For example, if a user is set to level 3 and the command level on the VTY 0 user interface is level 1, the user can only user the commands of level 3 or lower when logging into the Switch from the VTY interface.

If RSA public key authentication is used, the commands the user can access are determined by the command level settings on the user interface.

By default:

ping, tracert, and telnet are at level 0

display and debugging are at level 1

all configuration commands are at system level 2

FTP, XMODEM, TFTP and commands for file system operations are at level 3

Use the undo command-privilege view command to restore the default priority to a command.

Example

To configure the precedence of the command ‘interface’ as 0, enter the following:

<4500>system-view

System View: return to User View with Ctrl+Z.

[4500]command-privilege level 0 view system interface

databits Syntax

databits { 7 | 8 }

undo databits

View

User interface view

Parameter

7 – Sets the data bits to 7.

Logging in Commands 21

display history-command

8 – Sets the data bits to 8.

Description

Use the databits command to configure the data bits for the AUX (Console) port to either 7 or 8. By default, the value is 8. Use the undo databits command to restore the default value (8).

This command can only be performed in the AUX user interface view.

Example

To configure the data bits of the AUX (Console) port to 7 bits, enter the following:

<4500>system-view

System View: return to User View with Ctrl+Z.

[4500]user-interface aux 0

[4500-ui-aux0]databits 7

Syntax

display history-command

View

All views

Parameter

None

Description

Use the display history-command command to view the commands previously entered during this login session, up to a specified maximum.

To set the maximum number of commands to display, see history-command max-size.

Example

To display previously entered commands, enter the following.

<4500>display history-command

The commands display on screen.

display user-interface Syntax

display user-interface [ type number | number ] [summary]

View

All views

Parameter

type number: Enter the type and number of the user interface you want to display details on, for example VTY 3.

number: Enter the index number of the user interface you want to display details on.

22 CHAPTER 1: USING SYSTEM ACCESS COMMANDS

summary: Display the summary of a user interface.

Description

Use the display user-interface command to view information on a user interface. You can choose to access this information by user interface type and type number, or by user interface index number. The information displayed is the same whichever access method you use.

This command without the summary parameter displays user interface type, absolute/relative index, transmission speed, priority, authentication methods, and physical location. This command with the summary parameter displays one user interface in use with user interface name and other user interface information.

Example

To display information on a user interface with an index number of 0, enter the following.

<4500>display user-interface aux 0

The information is displayed in the following format:

Idx

Type

Tx/Rx

Modem Privi Auth

Int

0

AUX 0

19200

-

3

P

-

+: Current user-interface is active.

F

: Current user-interface is active and work in async mode.

Idx

: Absolute index of user-interface.

Type

: Type and relative index of user-interface.

Privi: The privilege of user-interface.

Auth

: The authentication mode of user-interface.

Int

: The physical location of UIs.

A

: Authentication use AAA.

N

: Current UI need not authentication.

P

: Authentication use current UI's password.

Table 3

Output description of the display user-interface command

Field Description

+Indicates that the user interface is in use

FCurrent user interface is in use and working in asynchronous mode

Idx

Displays the index number of the user interface

Type

Displays the type and type number of the user interface

Tx/Rx

Displays the user interface speed

Modem

Displays the modem operation mode

Privi

Indicates the command level that can be accessed from this

 

user interface

Auth

Indicates the user interface authentication method

Int

Indicates the physical location of the user interface

 

 

Display the summary information of user interface 0.

<4500>display user-interface 0 summary

0: U

Logging in Commands 23

1 character mode users. (U)

1 total UIs in use.

UI's name: aux0

Table 4 Output Description of the display user-interface summary Command

Field

Description

 

 

0: U

User interface type

1 character mode users

One type of user interface

1 total UIs in use

The total number of user interfaces in use

UI’s name

User interface name

 

 

display users Syntax

display users [ all ]

View

All views

Parameter

all: Enter to display information on all user interfaces.

Description

Use the display users command to view information on the current user interface. Use the display users all command to view the information on all user interfaces.

Example

To display information on the current user interface, enter the following

[4500]display users

The information displays in the following format:

UI

Delay Type

IPaddress Username Userlevel

F 0 AUX 0

00:00:00

3

The categories of information displayed are as follows:

Table 5 Output description of the display users command

Field

Description

 

 

F

Indicates that the user interface is in use and is working in asynchronous mode

UI

Number of the first list is the absolute number of user interface.

 

Number of the second list is the relative number of user interface

Delay

Indicates the interval from the latest input until now, in seconds.

Type

Indicates the user interface type.

IPaddress

Displays initial connection location, namely the host IP address of the incoming

 

connection.

Username

Display the login name of the user who is using this interface

Userlevel

Display the level of the user using this user interface

 

 

24 CHAPTER 1: USING SYSTEM ACCESS COMMANDS

flow-control Syntax

flow-control { hardware | none | software }

undo flow-control

View

User interface view

Parameter

hardware: Enter to set hardware flow control.

none: Enter to set no flow control.

software: Enter to set software flow control.

Description

Use the flow-control command to configure the flow control mode on the AUX (Console) port to hardware, software or none. Use the undo flow-control command to restore the default flow control mode (no flow control).

This command can only be performed in the AUX user interface view.

Example

To configure software flow control on the AUX (Console) port, enter the following:

<4500>system-view

System View: return to User View with Ctrl+Z.

[4500]user-interface aux 0

[4500-ui-aux0]flow-control software

free user-interface Syntax

free user-interface { type | number }

View

User view

Parameter

type: Enter the type and type number of the user interface to be reset.

number: Enter the index number of the user interface to be reset.

Description

Use this command to reset a specified user interface to its default settings. The user interface will be disconnected after the reset.

Use free user-interface type to reset the interface with the specified type and type number to its default settings. Use free user-interface number to reset the interface with the specified index number to its default settings.

You cannot use this command on the current user interface.

Loading...
+ 436 hidden pages