D-link DES-3010PA, DES-3010FA, DES-3010GA User Manual

D-Link DES-3010FA/GA/PA CLI Reference Guide

Table of Contents

1.1 CLI Command Modes............................................................................................................. 10
1.1.1 Introduction............................................................................................................................... 10
1.1.2 User EXEC Mode ..................................................................................................................... 11
1.1.3 Privileged EXEC Mode ............................................................................................................. 11
1.1.4 Global Configuration Mode....................................................................................................... 12
1.1.5 Interface Configuration and Specific Configuration Modes ...................................................... 12
1.2 Starting the CLI....................................................................................................................... 13
1.3 Editing Features ..................................................................................................................... 14
1.3.1 Entering Commands................................................................................................................. 14
Section 2. AAA Commands................................................................................................ 17
aaa authentication login........................................................................................................17
aaa authentication enable..................................................................................................... 19
login authentication............................................................................................................... 21
enable authentication............................................................................................................ 22
ip http authentication............................................................................................................. 23
ip https authentication........................................................................................................... 24
show authentication methods ............................................................................................... 25
password............................................................................................................................... 26
enable password................................................................................................................... 27
username.............................................................................................................................. 28
Section 3. Address Table Commands................................................................................ 29
bridge address ...................................................................................................................... 29
bridge multicast filtering ........................................................................................................ 30
bridge multicast address....................................................................................................... 31
bridge multicast forbidden address....................................................................................... 32
bridge multicast forward-all................................................................................................... 33
bridge multicast forbidden forward-all................................................................................... 34
bridge aging-time .................................................................................................................. 35
clear bridge ........................................................................................................................... 36
port security .......................................................................................................................... 37
port security routed secure-address ..................................................................................... 38
show bridge address-table.................................................................................................... 39
show bridge address-table static .......................................................................................... 40
show bridge address-table count.......................................................................................... 41
show bridge multicast address-table..................................................................................... 42
show bridge multicast filtering............................................................................................... 44
Page 1
Table of Contents
show ports security ............................................................................................................... 45
Section 4. Clock.................................................................................................................. 47
clock set ................................................................................................................................ 47
clock source .......................................................................................................................... 48
clock timezone ...................................................................................................................... 49
clock summer-time................................................................................................................ 50
sntp authentication-key .........................................................................................................52
sntp authenticate................................................................................................................... 53
sntp trusted-key .................................................................................................................... 54
sntp client poll timer .............................................................................................................. 55
sntp broadcast client enable ................................................................................................. 56
sntp anycast client enable..................................................................................................... 57
sntp client enable (Interface)................................................................................................. 58
sntp unicast client enable......................................................................................................59
sntp unicast client poll........................................................................................................... 60
sntp server ............................................................................................................................ 61
show clock ............................................................................................................................ 62
show sntp configuration ........................................................................................................ 63
show sntp status ................................................................................................................... 64
Section 5. Configuration and Image Files........................................................................... 65
copy ...................................................................................................................................... 65
delete .................................................................................................................................... 68
delete startup-config ............................................................................................................. 69
show running-config.............................................................................................................. 70
show startup-config............................................................................................................... 71
Section 6. Ethernet Configuration Commands ................................................................... 72
interface ethernet .................................................................................................................. 72
interface range ethernet........................................................................................................73
shutdown............................................................................................................................... 74
description............................................................................................................................. 75
speed .................................................................................................................................... 76
duplex ................................................................................................................................... 77
negotiation ............................................................................................................................ 78
flowcontrol............................................................................................................................. 79
mdix ...................................................................................................................................... 80
back-pressure ....................................................................................................................... 81
clear counters ....................................................................................................................... 82
set interface active ................................................................................................................ 83
show interfaces advertise ..................................................................................................... 84
Page 2
D-Link DES-3010FA/GA/PA CLI Reference Guide
show interfaces configuration ............................................................................................... 86
show interfaces status ..........................................................................................................87
show interfaces description................................................................................................... 89
show interfaces counters ...................................................................................................... 91
port storm-control include-multicast...................................................................................... 94
port storm-control broadcast enable ..................................................................................... 95
port storm-control broadcast rate.......................................................................................... 96
show ports storm-control....................................................................................................... 97
Section 7. GVRP Commands............................................................................................. 98
gvrp enable (Global) ............................................................................................................. 98
gvrp enable (Interface).......................................................................................................... 99
garp timer............................................................................................................................ 100
gvrp vlan-creation-forbid ..................................................................................................... 101
gvrp registration-forbid........................................................................................................102
clear gvrp statistics ............................................................................................................. 103
show gvrp configuration...................................................................................................... 104
show gvrp statistics............................................................................................................. 105
show gvrp error-statistics .................................................................................................... 106
Section 8. IGMP Snooping Commands............................................................................ 107
ip igmp snooping (Global)................................................................................................... 107
ip igmp snooping (Interface) ............................................................................................... 108
ip igmp snooping host-time-out........................................................................................... 109
ip igmp snooping mrouter-time-out ..................................................................................... 110
ip igmp snooping leave-time-out......................................................................................... 111
show ip igmp snooping mrouter.......................................................................................... 112
show ip igmp snooping interface......................................................................................... 113
show ip igmp snooping groups ........................................................................................... 114
Section 9. IP Addressing Commands............................................................................... 115
ip address ........................................................................................................................... 115
ip address dhcp................................................................................................................... 116
ip default-gateway............................................................................................................... 117
show ip interface................................................................................................................. 118
arp....................................................................................................................................... 119
arp timeout.......................................................................................................................... 120
clear arp-cache ................................................................................................................... 121
show arp ............................................................................................................................. 122
ip domain-name ..................................................................................................................123
ip name-server.................................................................................................................... 124
ip host ................................................................................................................................. 125
Page 3
Table of Contents
clear host ............................................................................................................................ 126
clear host dhcp.................................................................................................................... 127
show hosts .......................................................................................................................... 128
Section 10. LACP Commands............................................................................................ 129
lacp system-priority ............................................................................................................. 129
lacp port-priority .................................................................................................................. 130
lacp timeout......................................................................................................................... 131
show lacp ethernet..............................................................................................................132
show lacp port-channel ....................................................................................................... 134
Section 11. Line Commands .............................................................................................. 135
line ...................................................................................................................................... 135
speed .................................................................................................................................. 136
exec-timeout ....................................................................................................................... 137
history ................................................................................................................................. 138
history size .......................................................................................................................... 139
terminal history.................................................................................................................... 140
terminal history size ............................................................................................................ 141
show line ............................................................................................................................. 142
Section 12. Management ACL............................................................................................ 143
management access-list ..................................................................................................... 143
permit (Management).......................................................................................................... 145
deny (Management)............................................................................................................ 146
management access-class ................................................................................................. 147
show management access-list............................................................................................ 148
show management access-class ........................................................................................ 149
Section 13. PHY Diagnostics Commands .......................................................................... 150
test copper-port tdr.............................................................................................................. 150
show copper-ports tdr ......................................................................................................... 151
show copper-ports cable-length.......................................................................................... 152
show fiber-ports optical-transceiver .................................................................................... 153
Section 14. Port Trunking Commands................................................................................ 154
interface port-channel ......................................................................................................... 154
interface range port-channel ............................................................................................... 155
channel-group ..................................................................................................................... 156
show interfaces port-channel .............................................................................................. 157
Page 4
D-Link DES-3010FA/GA/PA CLI Reference Guide
Section 15. Port Monitor Commands.................................................................................. 158
port monitor......................................................................................................................... 158
port monitor vlan-tagging .................................................................................................... 159
show ports monitor..............................................................................................................160
Section 16. System Management....................................................................................... 161
ping ..................................................................................................................................... 161
traceroute............................................................................................................................ 163
reload.................................................................................................................................. 165
hostname ............................................................................................................................ 166
show users.......................................................................................................................... 167
show system ....................................................................................................................... 168
show version....................................................................................................................... 169
show system id ................................................................................................................... 170
Section 17. QoS Commands.............................................................................................. 171
qos ...................................................................................................................................... 171
show qos............................................................................................................................. 172
priority-queue out num-of-queues....................................................................................... 173
rate-limit interface configuration.......................................................................................... 174
show qos interface..............................................................................................................175
traffic-shape ........................................................................................................................ 177
wrr-queue cos-map............................................................................................................. 178
qos map dscp-queue .......................................................................................................... 179
qos trust (Global) ................................................................................................................ 180
qos trust (Interface)............................................................................................................. 181
qos cos................................................................................................................................ 182
show qos map..................................................................................................................... 183
Section 18. Radius Commands.......................................................................................... 184
radius-server host ............................................................................................................... 184
radius-server key ................................................................................................................ 186
radius-server retransmit...................................................................................................... 187
radius-server source-ip ....................................................................................................... 188
radius-server timeout .......................................................................................................... 189
radius-server deadtime ....................................................................................................... 190
show radius-servers............................................................................................................ 191
Section 19. Power Over Ethernet....................................................................................... 193
power inline......................................................................................................................... 193
power inline powered-device .............................................................................................. 194
Page 5
Table of Contents
power inline usage-threshold .............................................................................................. 195
power inline traps enable .................................................................................................... 196
show power inline ...............................................................................................................197
Section 20. RMON Commands .......................................................................................... 199
show rmon statistics............................................................................................................199
rmon collection history ........................................................................................................ 201
show rmon collection history............................................................................................... 202
show rmon history...............................................................................................................203
rmon alarm.......................................................................................................................... 206
show rmon alarm ................................................................................................................ 208
rmon event .......................................................................................................................... 210
show rmon events............................................................................................................... 211
show rmon log..................................................................................................................... 212
rmon table-size ................................................................................................................... 214
Section 21. SNMP Commands........................................................................................... 215
snmp-server community...................................................................................................... 215
snmp-server view................................................................................................................217
snmp-server group.............................................................................................................. 218
snmp-server user ................................................................................................................219
snmp-server engineID local ................................................................................................ 221
snmp-server enable traps ................................................................................................... 223
snmp-server filter ................................................................................................................ 224
snmp-server host ................................................................................................................225
snmp-server v3-host ........................................................................................................... 226
snmp-server trap authentication ......................................................................................... 227
snmp-server contact ........................................................................................................... 228
snmp-server location........................................................................................................... 229
snmp-server set .................................................................................................................. 230
show snmp.......................................................................................................................... 231
show snmp engineid ........................................................................................................... 233
show snmp views................................................................................................................ 234
show snmp groups.............................................................................................................. 235
show snmp filters ................................................................................................................ 237
show snmp users ................................................................................................................ 238
Section 22. Spanning-Tree Commands ............................................................................. 239
spanning-tree ...................................................................................................................... 239
spanning-tree mode ............................................................................................................ 240
spanning-tree forward-time ................................................................................................. 241
spanning-tree hello-time ..................................................................................................... 242
Page 6
D-Link DES-3010FA/GA/PA CLI Reference Guide
spanning-tree max-age....................................................................................................... 243
spanning-tree priority ..........................................................................................................244
spanning-tree disable.......................................................................................................... 245
spanning-tree cost ..............................................................................................................246
spanning-tree port-priority................................................................................................... 247
spanning-tree portfast......................................................................................................... 248
spanning-tree link-type........................................................................................................ 249
spanning-tree pathcost method .......................................................................................... 250
spanning-tree bpdu............................................................................................................. 251
clear spanning-tree detected-protocols............................................................................... 252
spanning-tree guard root..................................................................................................... 253
spanning-tree mst priority ................................................................................................... 254
spanning-tree mst max-hops .............................................................................................. 255
spanning-tree mst port-priority............................................................................................ 256
spanning-tree mst cost........................................................................................................ 257
spanning-tree mst configuration.......................................................................................... 258
instance (mst) ..................................................................................................................... 259
name (mst).......................................................................................................................... 260
revision (mst) ...................................................................................................................... 261
show (mst) .......................................................................................................................... 262
exit (mst) ............................................................................................................................. 263
abort (mst)........................................................................................................................... 264
show spanning-tree............................................................................................................. 265
Section 23. Syslog Commands .......................................................................................... 267
logging on ........................................................................................................................... 267
logging ................................................................................................................................ 268
logging console................................................................................................................... 269
logging buffered .................................................................................................................. 270
logging buffered size...........................................................................................................271
clear logging........................................................................................................................ 272
logging file........................................................................................................................... 273
clear logging file.................................................................................................................. 274
aaa logging ......................................................................................................................... 275
file-system logging .............................................................................................................. 276
management logging .......................................................................................................... 277
show logging....................................................................................................................... 278
show logging file ................................................................................................................. 280
show syslog-servers ........................................................................................................... 282
Section 24. User Interface.................................................................................................. 283
enable ................................................................................................................................. 283
Page 7
Table of Contents
disable................................................................................................................................. 284
login .................................................................................................................................... 285
configure ............................................................................................................................. 286
exit (Configuration).............................................................................................................. 287
exit ...................................................................................................................................... 288
end ...................................................................................................................................... 289
help ..................................................................................................................................... 290
terminal data-dump ............................................................................................................. 291
show history ........................................................................................................................ 292
show privilege ..................................................................................................................... 293
Section 25. VLAN Commands............................................................................................ 294
vlan database...................................................................................................................... 294
vlan ..................................................................................................................................... 295
interface vlan....................................................................................................................... 296
interface range vlan ............................................................................................................297
name ................................................................................................................................... 298
private-vlan primary ............................................................................................................299
private-vlan isolated ............................................................................................................ 300
private-vlan community ....................................................................................................... 301
switchport mode.................................................................................................................. 302
switchport access vlan ........................................................................................................ 303
switchport private-vlan ........................................................................................................ 304
show vlan private-vlan ........................................................................................................ 305
switchport trunk allowed vlan .............................................................................................. 306
switchport trunk native vlan................................................................................................. 307
switchport general allowed vlan .......................................................................................... 308
switchport general pvid ....................................................................................................... 309
switchport general ingress-filtering disable ......................................................................... 310
switchport general acceptable-frame-type tagged-only ...................................................... 311
switchport forbidden vlan .................................................................................................... 312
ip internal-usage-vlan..........................................................................................................313
show vlan ............................................................................................................................ 314
show vlan internal usage .................................................................................................... 315
show interfaces switchport.................................................................................................. 316
Section 26. Web Server...................................................................................................... 318
ip http server ....................................................................................................................... 318
ip https server ..................................................................................................................... 319
ip http exec-timeout............................................................................................................. 320
ip https certificate ................................................................................................................ 321
show ip https ....................................................................................................................... 322
Page 8
D-Link DES-3010FA/GA/PA CLI Reference Guide
crypto certificate generate................................................................................................... 323
crypto certificate import.......................................................................................................324
show crypto certificate mycertificate ................................................................................... 326
ip http port........................................................................................................................... 327
ip https port ......................................................................................................................... 328
show ip http......................................................................................................................... 329
Section 27. 802.1x Commands .......................................................................................... 330
aaa authentication dot1x..................................................................................................... 330
dot1x system-auth-control................................................................................................... 331
dot1x port-control................................................................................................................ 332
dot1x re-authentication ....................................................................................................... 333
dot1x timeout re-authperiod................................................................................................ 334
dot1x re-authenticate .......................................................................................................... 335
dot1x timeout quiet-period .................................................................................................. 336
dot1x timeout tx-period ....................................................................................................... 337
dot1x max-req..................................................................................................................... 338
dot1x timeout supp-timeout................................................................................................. 339
dot1x timeout server-timeout .............................................................................................. 340
show dot1x.......................................................................................................................... 341
show dot1x users................................................................................................................344
show dot1x statistics...........................................................................................................346
ADVANCED FEATURES.................................................................................................... 348
dot1x auth-not-req............................................................................................................... 348
dot1x multiple-hosts............................................................................................................349
dot1x single-host-violation .................................................................................................. 350
dot1x guest-vlan.................................................................................................................. 351
dot1x guest-vlan enable...................................................................................................... 352
show dot1x advanced ......................................................................................................... 353
Troubleshooting .................................................................................................................. 355
International Offices.............................................................................................................. 359
Page 9
Using the CLI
CLI Command Modes

Section 1. Using the CLI

This chapter describes how to start using the CLI and describes implemented command editing features to assist in using the CLI.

1.1 CLI Command Modes

1.1.1 Introduction

To assist in configuring the device, the Command Line Interface (CLI) is divided into different command modes. Each command mode has its own set of specific commands. Entering a question mark "?" at the system prompt (console prompt) displays a list of commands available for that particular command mode.
From each mode, a specific command is used to navigate from one command mode to another. The standard order to access the modes is as follows: User EXEC mode, Privileged EXEC mode, Global Configuration mode, and Interface Configuration mode. The following figure illustrates the command mode access path.
When starting a session, the initial mode is the User EXEC mode. Only a limited subset of commands is available in User EXEC mode. This level is reserved for tasks that do not change the configuration. To enter the next level, the Privileged EXEC mode, a password is required.
The Privileged EXEC mode gives access to commands that are restricted on User EXEC mode and provides access to the device Configuration mode.
Page 10
D-Link DES-3010FA/GA/PA CLI Reference Guide
The Global Configuration mode manages the device configuration on a global level.
The Interface Configuration mode configures specific interfaces in the device.

1.1.2 User EXEC Mode

After logging into the device, the user is automatically in User EXEC command mode unless the user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information.
The user-level prompt consists of the device host name followed by the angle bracket (>).
Console>
The default host name is Console unless it has been changed using the hostname command in the Global Con­figuration mode.

1.1.3 Privileged EXEC Mode

Privileged access is password protected to prevent unauthorized use because many of the privileged commands set operating system parameters. The password is not displayed on the screen and is case sensitive.
Privileged users enter directly into the Privileged EXEC mode. To enter the Privileged EXEC mode from the User EXEC mode, perform the following steps:
1. At the prompt enter the enable command and press <Enter>. A password prompt is displayed.
2. Enter the password and press <Enter>. The password is displayed as *. The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device host name followed by #.
Console#
To return from the Privileged EXEC mode to the User EXEC mode, use the disable command. The following example illustrates how to access the Privileged EXEC mode and return to the User EXEC mode:
Console>
Enter Password: ******
Console#
Console#
Console>
The exit command is used to return from any mode to the previous mode except when returning to the User EXEC mode from the Privileged EXEC mode. For example, the exit command is used to return from the Interface Configuration mode to the Global Configuration mode.
enable
disable
Page 11
Using the CLI
CLI Command Modes

1.1.4 Global Configuration Mode

Global Configuration mode commands apply to features that affect the system as a whole, rather than just a spe­cific interface. The configure Privileged EXEC mode command is used to enter the Global Configuration mode.
To enter the Global Configuration mode perform the following steps:
1. At the Privileged EXEC mode prompt enter the configure command and press <Enter>. The Global Configu-
ration mode prompt is displayed. The Global Configuration mode prompt consists of the device host name followed by (config) and #.
Console(config)#
To return from the Global Configuration mode to the Privileged EXEC mode, the user can use one of the following commands:
exit
end
<Ctrl+Z>
The following example illustrates how to access the Global Configuration mode and return to the Privileged EXEC mode:
Console#
Console#
Console(config)#
Console#
configure
exit

1.1.5 Interface Configuration and Specific Configuration Modes

Interface Configuration mode commands modify specific interface operations. The following are the Interface Con­figuration modes:
Line Interface — Contains commands to configure the management connections. These include commands
such as line timeout settings, etc. The line Global Configuration mode command is used to enter the Line Configuration command mode.
VLAN Database — Contains commands to create a VLAN as a whole. The vlan database Global Configura-
tion mode command is used to enter the VLAN Database Interface Configuration mode.
Management Access List — Contains commands to define management access-lists. The management
access-list Global Configuration mode command is used to enter the Management Access List Configuration
mode.
Ethernet — Contains commands to manage port configuration. The interface ethernet Global Configuration
mode command is used to enter the Interface Configuration mode to configure an Ethernet type interface.
Port Channel — Contains commands to configure port-channels, for example, assigning ports to a port-
channel. Most of these commands are the same as the commands in the Ethernet interface mode, and are used to manage the member ports as a single entity. The interface port-channel Global Configuration mode command is used to enter the Port Channel Interface Configuration mode.
SSH Public Key-chain — Contains commands to manually specify other device SSH public keys. The
crypto key pubkey-chain ssh Global Configuration mode command is used to enter the SSH Public Key-
chain Configuration mode.
QoS — Contains commands related to service definitions. The qos Global Configuration mode command is
used to enter the QoS services configuration mode.
Page 12
D-Link DES-3010FA/GA/PA CLI Reference Guide
MAC Access-List — Configures conditions required to allow traffic based on MAC addresses. The mac
access-list Global Configuration mode command is used to enter the MAC access-list configuration mode..

1.2 Starting the CLI

The device can be managed over a direct connection to the device console port or via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device command­line interface (CLI) is very similar to entering commands on a UNIX system.
If access is via a Telnet connection, ensure that the device has a defined IP address, corresponding management access is granted, and the workstation used to access the device is connected to the device prior to using CLI commands.
Note
The following steps are for use on the console line only.
To start using the CLI, perform the following steps:
1. Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the device to the RS-232 serial port of the terminal or computer running the terminal emulation application.
Note
The default data rate is 9600.
a) Set the data format to 8 data bits, 1 stop bit, and no parity. b) Set Flow Control to none. c) Under Properties, select VT100 for Emulation mode. d) Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that the setting is for Terminal keys
(not Windows keys).
Note
When using HyperTerminal with Microsoft® Windows 2000,ensure that Windows® 2000 Service Pack 2 or later is installed.With Windows 2000 Service Pack 2, the arrow keys function properly in HyperTerminal’s VT100 emulation. Go to www.microsoft.com for information on Windows 2000 service packs.
2. Enter the following commands to begin the configuration procedure:
Console>
Console#
enable
configure
Console(config)#
3. Configure the device and enter the necessary commands to complete the required tasks.
4. When finished, exit the session with the exit command.
When a different user is required to log onto the system, use the login Privileged EXEC mode command. This effectively logs off the current user and logs on the new user.
Page 13
Using the CLI
Editing Features

1.3 Editing Features

1.3.1 Entering Commands

A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command show interfaces status ethernet 8, show, interfaces and status are keywords, ethernet is an argument that specifies the interface type, and 8 specifies the port.
To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter:
Console(config)#
When working with the CLI, the command options are not displayed. The command is not selected from a menu, but is manually entered. To see what commands are available in each mode or within an interface configuration, the CLI does provide a method of displaying the available commands, the command syntax requirements and in some instances parameters required to complete the command. The standard command to request help is ?.
There are two instances where help information can be displayed:
Keyword lookup — The character ? is entered in place of a command. A list of all valid commands and cor-
responding help messages are is displayed.
Partial keyword lookup — If a command is incomplete and or the character ? is entered in place of a
parameter. The matched keyword or parameters for this command are displayed.
To assist in using the CLI, there is an assortment of editing features. The following features are described:
Terminal Command Buffer
Command Completion
Keyboard Shortcuts
username
admin
password
smith
1.3.1.1 Terminal Command Buffer
Every time a command is entered in the CLI, it is recorded on an internally managed Command History buffer. Commands stored in the buffer are maintained on a First In First Out (FIFO) basis. These commands can be recalled, reviewed, modified, and reissued. This buffer is not preserved across device resets.
Keyword Description
Up-arrow key Ctrl+P
Down-arrow key Returns to more recent commands in the history buffer after recalling com-
By default, the history buffer system is enabled, but it can be disabled at any time. For information about the com­mand syntax to enable or disable the history buffer, see history.
There is a standard default number of commands that are stored in the buffer. The standard number of 10 com­mands can be increased to 216. By configuring 0, the effect is the same as disabling the history buffer system. For information about the command syntax for configuring the command history buffer, see history size.
To display the history buffer, see show history.
Recalls commands in the history buffer, beginning with the most recent com­mand. Repeats the key sequence to recall successively older commands.
mands with the up-arrow key. Repeating the key sequence will recall succes­sively more recent commands.
Page 14
D-Link DES-3010FA/GA/PA CLI Reference Guide
1.3.1.2 Negating the Effect of Commands
For many configuration commands, the prefix keyword no can be entered to cancel the effect of a command or reset the configuration to the default value. This guide describes the negation effect for all applicable commands.
1.3.1.3 Command Completion
If the command entered is incomplete, invalid or has missing or invalid parameters, then the appropriate error message is displayed. This assists in entering the correct command. By pressing the <Tab> button after an incom­plete command is entered, the system will attempt to identify and complete the command. If the characters already entered are not enough for the system to identify a single matching command, press ? to display the avail­able commands matching the characters already entered.
1.3.1.4 Keyboard Shortcuts
The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The following table describes the CLI shortcuts.
Keyboard Key Description
Up-arrow key Recalls commands from the history buffer, beginning with the most recent command.
Repeat the key sequence to recall successively older commands.
Down-arrow key Returns the most recent commands from the history buffer after recalling commands with
the up arrow key. Repeating the key sequence will recall successively more recent com­mands.
Ctrl+A Moves the cursor to the beginning of the command line.
Ctrl+E Moves the cursor to the end of the command line.
Ctrl+Z / End Returns back to the Privileged EXEC mode from any configuration mode.
Backspace key Deletes one character left to the cursor position.
1.3.1.5 CLI Command Conventions
When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions.
Convention Description
[ ] In a command line, square brackets indicates an optional entry.
{ } In a command line, curly brackets indicate a selection of compulsory parameters sepa-
rated by the | character. One option must be selected. For example: flowcontrol {auto|on|off} means that for the flowcontrol command either auto, on or off must be selected.
Italic font Indicates a parameter.
<Enter> Any individual key on the keyboard. For example click <Enter>.
Ctrl+F4 Any combination keys pressed simultaneously on the keyboard.
Page 15
Screen Display
all When a parameter is required to define a range of ports or parameters and all is an
Indicates system messages and prompts appearing on the console.
option, the default for the command is all when no parameters are defined. For exam­ple, the command interface range port-channel has the option of either entering a range of channels, or selecting all. When the command is entered without a parameter, it automatically defaults to all.
D-Link DES-3010FA/GA/PA CLI Reference Guide

Section 2. AAA Commands

aaa authentication login

The aaa authentication login Global Configuration mode command defines login authentication. To return to the default configuration, use the no form of this command.
Syntax
aaa authentication login {default | list-name} method1 [method2...]
no aaa authentication login {default | list-name}
Parameters
default — Uses the listed authentication methods that follow this argument as the default list of methods
when a user logs in.
list-name — Character string used to name the list of authentication methods activated when a user logs in.
(Range: 1-12 characters).
method1 [method2...] — Specify at least one from the following table:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command aaa authentication login list- name local.
Note
If the authentication method is not defined, console users will be able to log in without any authentication check.
Command Mode
Global Configuration mode
Page 17
AAA Commands
User Guidelines
The default and optional list names created with the aaa authentication login command are used with the login authentication command.
Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list. The method argument identifies the list of methods that the
authentication algorithm tries, in the given sequence.
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Example
The following example configures the authentication login.
Console(config)# aaa authentication login default radius enable line local none
Page 18
D-Link DES-3010FA/GA/PA CLI Reference Guide

aaa authentication enable

The aaa authentication enable Global Configuration mode command defines authentication method lists for accessing higher privilege levels. To return to the default configuration, use the no form of this command.
Syntax
aaa authentication enable {default | list-name} method1 [method2...]
no aaa authentication enable {default | list-name}
Parameters
default — Uses the listed authentication methods that follow this argument as the default list of methods,
when using higher privilege levels.
list-name — Character string used to name the list of authentication methods activated, when using access
higher privilege levels (Range: 1-12 characters).
method1 [method2...] — Specify at least one from the following table:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication. Uses username $enabx$.,
where x is the privilege level.
Default Configuration
If the default list is not set, only the enable password is checked. This has the same effect as the command aaa authentication enable default enable.
On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the command aaa authentication enable default enable none.
Command Mode
Global Configuration mode
User Guidelines
The default and optional list names created with the aaa authentication enable command are used with the enable authentication command.
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
All aaa authentication enable default requests sent by the device to a RADIUS server include the username $enabx$., where x is the requested privilege level.
Page 19
AAA Commands
Example
The following example sets the enable password for authentication when accessing higher privilege levels.
Console(config)#
aaa authentication enable default enable
Page 20
D-Link DES-3010FA/GA/PA CLI Reference Guide

login authentication

The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet or console. To return to the default configuration specified by the aaa authentication login com­mand, use the no form of this command.
Syntax
login authentication {default | list-name}
no login authentication
Parameters
default — Uses the default list created with the aaa authentication login command.
list-name — Uses the indicated list created with the aaa authentication login command.
Default Configuration
Uses the default set with the command aaa authentication login.
Command Mode
Line Configuration mode
User Guidelines
In order to change (or rename) an authentication method, use the negate command and create a new rule with the new method name.
Example
The following example specifies the default authentication method for a console.
Console(config)#
Console(config-line)#
line console
login authentication default
Page 21
AAA Commands

enable authentication

The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. To return to the default configuration specified by the aaa authentication enable command, use the no form of this command.
Syntax
enable authentication {default | list-name}
no enable authentication
Parameters
default — Uses the default list created with the aaa authentication enable command.
list-name — Uses the indicated list created with the aaa authentication enable command.
Default Configuration
Uses the default set with the aaa authentication enable command.
Command Mode
Line Configuration mode
User Guidelines
There are no user guidelines for this command.
Example
The following example specifies the default authentication method when accessing a higher privilege level from a console.
Console(config)#
Console(config-line)#
line console
enable authentication default
Page 22
D-Link DES-3010FA/GA/PA CLI Reference Guide

ip http authentication

The ip http authentication Global Configuration mode command specifies authentication methods for HTTP server users. To return to the default configuration, use the no form of this command.
Syntax
ip http authentication method1 [method2...]
no ip http authentication
Parameters
method1 [method2...] — Specify at least one from the following table:
Keyword Description
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command ip http authentication local.
Command Mode
Global Configuration mode
User Guidelines
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Example
The following example configures the HTTP authentication.
Console(config)#
ip http authentication radius local none
Page 23
AAA Commands

ip https authentication

The ip https authentication Global Configuration mode command specifies authentication methods for HTTPS server users. To return to the default configuration, use the no form of this command.
Syntax
ip https authentication method1 [method2...]
no ip https authentication
Parameters
method1 [method2...] — Specify at least one from the following table:
Keyword Source or destination
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command ip https authentication local.
Command Mode
Global Configuration mode
User Guidelines
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
Example
The following example configures HTTPS authentication.
Console(config)#
ip https authentication radius local none
Page 24
D-Link DES-3010FA/GA/PA CLI Reference Guide

show authentication methods

The show authentication methods Privileged EXEC mode command displays information about the authentica­tion methods.
Syntax
show authentication methods
Default Configuration
This command has no default configuration.
Command Mode
Privileged EXEC mode
User Guidelines
There are no user guidelines for this command.
Example
The following example displays the authentication configuration.
Console#
Login Authentication Method Lists
---------------------------------
Default: Local
Enable Authentication Method Lists
----------------------------------
Console_Default: Local
Network_Default:
Line Login Method List Enable Method List
-------------- ----------------- ------------------
Console Default Default
Telnet Default Default
SSH Default Default
http: Local
https: Local
dot1x:
show authentication methods
Enable
Page 25
AAA Commands

password

The password Line Configuration mode command specifies a password on a line. To remove the password, use the no form of this command.
Syntax
password password [encrypted]
no password
Parameters
password — Password for this level (Range: 1-159 characters).
encrypted — Encrypted password to be entered, copied from another device configuration.
Default Configuration
No password is defined.
Command Mode
Line Configuration mode
User Guidelines
If a password is defined as encrypted, the required password length is 32 characters.
Example
The following example specifies password secret on a console.
Console(config)#
Console(config-line)#
line console
password
secret
Page 26
D-Link DES-3010FA/GA/PA CLI Reference Guide

enable password

The enable password Global Configuration mode command sets a local password to control access to user and privilege levels. To remove the password requirement, use the no form of this command.
Syntax
enable password [level level] password [encrypted]
no enable password [level level]
Parameters
password — Password for this level (Range: 1-159 characters).
level — Level for which the password applies. If not specified the level is 15
(Range: 1-15).
encrypted — Encrypted password entered, copied from another device configuration.
Default Configuration
No enable password is defined.
Command Mode
Global Configuration mode
User Guidelines
There are no user guidelines for this command.
Example
The following example sets local level 15 password secret to control access to user and privilege levels.
Console(config)# enable password secret level 15
Page 27
AAA Commands

username

The username Global Configuration mode command creates a user account in the local database. To remove a user name, use the no form of this command.
Syntax
username name [password password] [level level] [encrypted]
no username name
Parameters
name — The name of the user (Range: 1- 20 characters).
password — The authentication password for the user (Range: 1-159 characters).
level — The user level (Range: 1-15). If not specified the level is 1.
encrypted — Encrypted password entered, copied from another device configuration.
Default Configuration
No user is defined.
If not specified, the user level is 1.
Command Mode
Global Configuration mode
User Guidelines
User account can be created without a password.
Example
The following example configures user bob with password lee and user level 15 to the system.
Console(config)#
username
bob
password
lee
level
15
Page 28
D-Link DES-3010FA/GA/PA CLI Reference Guide

Section 3. Address Table Commands

bridge address

The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of this command.
Syntax
bridge address mac-address {ethernet interface | port-channel port-channel-number} [permanent | delete-on- reset | delete-on-timeout | secure]
no bridge address [mac-address]
Parameters
mac-address — A valid MAC address.
interface — A valid Ethernet port.
port-channel-number — A valid port-channel number.
permanent — The address can only be deleted by the no bridge address command.
delete-on-reset — The address is deleted after reset.
delete-on-timeout — The address is deleted after "age out" time has expired.
secure — The address is deleted after the port changes mode to unlock learning (no port security com-
mand). This parameter is only available when the port is in the learning locked mode.
Default Configuration
No static addresses are defined. The default mode for an added address is permanent.
Command Mode
Interface Configuration (VLAN) mode
User Guidelines
Using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging to this VLAN).
Example
The following example adds a permanent static MAC-layer station source address 3aa2.64b3.a245 on port 7 to the bridge table.
Console(config)#
Console(config-if)#
interface vlan
bridge address
2
3aa2.64b3.a245
ethernet
7
permanent
Page 29
Loading...
+ 331 hidden pages