D-link DSR-500AC, DSR-1000AC User Manual

CLI Reference Guide

Unified Services Router

D-Link Corporation

http://www.dlink.com

CLI Reference Guide

DSR-500/500AC/1000/1000AC Unified Services Router

Version 1.10

Copyright Notice

This publication, including all photographs, illustrat ions and soft ware, is protected under internat ional copyright laws, with all rights reserved. Neither this manual, nor any of the material cont ained herein, may be reproduc ed without written consent of the author.

Disclaimer

The inf ormation in this document is subject to change without notice. The manufacturer makes no representations or warranties with respect to the contents hereof and specific ally disclaim any implied warranties of merchantability or fitness for any particular purpose. The manufacturer reserves the right to revise t his publication and to make changes from time to time in the content hereof without obligation of the manuf acturer to notify any person of suc h revision or changes.

Limitations of Liability

UNDER NO CIRCUMSTANCES SHALL D-LINK OR ITS SUPPLIERS BE LIABL E FOR DAMAGES OF ANY CHARACTER (E.G. DAMAGES FOR LOSS OF PROFIT, SOFTWARE RESTORATION, WORK STOPPAGE, LOSS OF SAVED DATA OR AN Y OTHER COMMERCIAL DAMAG ES OR LOSSES) RESULTING FROM THE APPLICATION OR IMPROPER USE OF THE D-LINK PRODUCT OR FAILURE OF THE PRODUCT, EVEN IF D-LINK IS INFORMED OF THE PO SSIBILITY OF SUCH DAMAG ES. FURTHERMORE, D-LINK WILL NOT BE LIABLE FOR T HIRD-PART Y CLAIMS AGAINST CUSTOMER FOR LOSSES OR DAMAG ES. D-LINK WILL IN NO EVENT BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE AMOUNT D-LINK R ECEIVED FROM THE END- USER FOR THE PRODUCT.

2

able of Contents

T

Chapter 1. Introduction ........................................................................................................................... 10

1.1 Accessing the CLI ................................................................................................... 10

Chapter 2. Basic commands available on the CLI ............................................................................. 11

2.1 Context Sensitive Help ........................................................................................... 11

2.2 Auto-Completion ..................................................................................................... 11

2.3 Movement Keys....................................................................................................... 11

2.4 Deletion Keys .......................................................................................................... 11

2.5 Escape Sequences ................................................................................................. 12

Chapter 3. Command Hierarchy in CLI ................................................................................................ 13

3.1 CLI Commands ....................................................................................................... 13

3.2 Router Configuration .............................................................................................. 13

Chapter 4. Global commands used in CLI ........................................................................................... 14

Chapter 5. Show commands used in CLI ............................................................................................ 15

Chapter 6. Configuration commands under branch VPN .................................................................. 46

6.1 vpn gre_tunnel add ................................................................................................. 46

6.2 vpn gre_tunnel edit <row_id> ................................................................................ 47

6.3 vpn gre_tunnel delete <row_id> ........................................................................... 47

6.4 vpn l2tp client configure ......................................................................................... 48

6.5 vpn l2tp client_action <action> .............................................................................. 48

6.6 vpn l2tp server configure ....................................................................................... 48

6.7 vpn openvpn config................................................................................................. 50

6.8 vpn openvpn remote_network add ....................................................................... 52

6.9 vpn openvpn remote_network edit <row_id> ...................................................... 52

6.10 vpn openvpn remote_network delete <row_id> ................................................. 53

6.11 vpn openvpn local_network add ........................................................................... 53

6.12 vpn openvpn local_network edit <row_id> .......................................................... 53

6.13 vpn openvpn local_network delete <row_id>...................................................... 54

6.14 vpn openvpn cert_upload ca <fileName> <ipAddr> .......................................... 54

6.15 vpn openvpn cert_upload server_client_cert <fileName> <ipAddr> ............... 54

6.16 vpn openvpn cert_upload client_key <fileName> <ipAddr> ............................. 54

6.17 vpn openvpn cert_upload dh_Key <fileName> <ipAddr> ................................. 55

6.18 vpn openvpn cert_upload tls_Authkey <fileName> <ipAddr> .......................... 55

6.19 vpn openvpn cert_upload crl_cert <fileName> <ipAddr> .................................. 55

6.20 vpn openvpn cert_upload config <fileName> <ipAddr> .................................... 55

6.21 vpn pptp client configure ........................................................................................ 56

6.22 vpn pptp client_action <action> ............................................................................ 56

6.23 vpn pptp server configure ...................................................................................... 56

6.24 vpn sslvpn portal-layouts add................................................................................ 58

3

.25 vpn sslvpn portal-layouts edit <row_id> .............................................................. 59

6

6.26 vpn sslvpn portal-layouts delete <row_id> .......................................................... 60

6.27 vpn sslvpn portforwarding appconfig add ............................................................ 60

6.28 vpn sslvpn portforwarding appconfig delete <row_id> ...................................... 60

6.29 vpn sslvpn portforwarding hostconfig add ........................................................... 60

6.30 vpn sslvpn portforwarding hostconfig delete <row_id> ..................................... 61

6.31 vpn sslvpn resource add ........................................................................................ 61

6.32 vpn sslvpn resource configure add <resource_name> ..................................... 61

6.33 vpn sslvpn resource configure delete <row_id> ................................................. 62

6.34 vpn sslvpn resource delete <row_id> .................................................................. 62

6.35 vpn sslvpn policy add ............................................................................................. 62

6.36 vpn sslvpn policy edit <row_id> ............................................................................ 63

6.37 vpn sslvpn policy delete <row_id> ........................................................................ 64

6.38 vpn sslvpn client ...................................................................................................... 64

6.39 vpn sslvpn route add .............................................................................................. 64

6.40 vpn sslvpn route delete <row_id> ......................................................................... 65

6.41 vpn ipsec policy configure <name> ...................................................................... 65

6.42 vpn ipsec dhcp configure ....................................................................................... 74

6.43 vpn ipsec policy enable <name> .......................................................................... 74

6.44 vpn ipsec policy disable <name> .......................................................................... 74

6.45 vpn ipsec policy delete <name> ........................................................................... 74

6.46 vpn ipsec policy connect <name> ........................................................................ 75

6.47 vpn ipsec policy drop <name> .............................................................................. 75

Chapter 7. Configuration commands under branch DOT11 ............................................................. 76

7.1 dot11 profile add <profile_name> ......................................................................... 76

7.2 dot11 profile edit <profile_name> ......................................................................... 76

7.3 dot11 wmm edit <profile_name> .......................................................................... 77

7.4 dot11 radius configure ............................................................................................ 79

7.5 dot11 profile delete <profile_name>..................................................................... 80

7.6 dot11 accesspoint add <ap_name> ..................................................................... 81

7.7 dot11 accesspoint edit <ap_name> ..................................................................... 81

7.8 dot11 accesspoint delete <ap_name> ................................................................. 82

7.9 dot11 wds enable <radio_no> ............................................................................... 82

7.10 dot11 wds disable <radio_no> .............................................................................. 82

7.11 dot11 wds add_peer <radio_no> <mac_addr> .................................................. 83

7.12 dot11 wds delete_peer <radio_no> <mac_addr> .............................................. 83

7.13 dot11 accesspoint disable <ap_name> ............................................................... 83

7.14 dot11 accesspoint enable <ap_name> ................................................................ 83

7.15 dot11 radio configure <radio_no> ........................................................................ 83

7.16 dot11 radio advanced configure <radio_no> ...................................................... 84

7.17 dot11 accesspoint wps configure ......................................................................... 85

7.18 dot11 accesspoint ACL configure <ap_name> .................................................. 85

7.19 dot11 accesspoint acl delete_mac_address <rowid> ........................................ 86

4

hapter 8. Configuration commands under branch SYSTEM .......................................................... 87

C

8.1 System NT-Domain-Settings ................................................................................. 87

8.2 system Active-Directory-Settings .......................................................................... 88

8.3 system LDAP_Settings .......................................................................................... 89

8.4 system POP3_Settings POP3_Server_Configuration ....................................... 90

8.5 system POP3_Settings POP3_Trusted_CA ....................................................... 91

8.6 system logging ipv4 configure ............................................................................... 91

8.7 system logging facility configure <facility> .......................................................... 93

8.8 system logging remote configure .......................................................................... 93

8.9 system logging ipv6 configure ............................................................................... 97

8.10 system Radius-Settings ......................................................................................... 97

8.11 system remote_management https configure .................................................... 98

8.12 system remote_management telnet configure ................................................... 99

8.13 system sessionSettings admin configure .......................................................... 100

8.14 system sessionSettings guest configure ........................................................... 100

8.15 system snmp trap configure <agent_ip> ........................................................... 100

8.16 system snmp trap delete <agent_ip> ................................................................. 101

8.17 system snmp users configure <user> ................................................................ 101

8.18 system snmp sys configure ................................................................................. 102

8.19 system snmp access add .................................................................................... 102

8.20 system snmp access edit <rowid> ..................................................................... 103

8.21 system snmp access delete <rowid> ................................................................. 104

8.22 system switch_settings power_saving configure ............................................. 104

8.23 system switch_settings jumbo_frame configure ............................................... 104

8.24 system admin_setting configure ......................................................................... 105

8.25 system time configure .......................................................................................... 105

8.26 system traffic_meter configure ............................................................................ 106

8.27 system usb usb1 configure .................................................................................. 106

8.28 system usb usb2 configure .................................................................................. 107

8.29 system usb shareport_vlan configure <row_id> ............................................... 107

8.30 system group add ................................................................................................. 108

8.31 system group edit <row_id> ................................................................................ 108

8.32 system group delete <row_id> ............................................................................ 109

8.33 system users add .................................................................................................. 109

8.34 system users edit <row_id> ................................................................................. 110

8.35 system users delete <row_id> ............................................................................ 110

8.36 system group groupaccesscontrol configure <group_id> ............................... 110

8.37 system group access_control_browser add...................................................... 111

8.38 system group access_control_browser delete <row_id> ................................ 111

8.39 system group access_control_ip add ................................................................. 111

8.40 system group access_control_ip delete <row_id> ........................................... 112

Chapter 9. Configuration commands under branch UTIL ............................................................... 113

9.1 util system_check ping <ip_address> ................................................................ 113

5

.2 util system_check dns_lookup <dns> ................................................................ 113

9

9.3 util system_check traceroute <ip_address> ..................................................... 113

9.4 util system_check capturePackets start <interface> ....................................... 113

9.5 util system_check capturePackets download <fileName> <ipAddr>............. 113

9.6 util dbglog_download <fileName> <ipAddr> ..................................................... 113

9.7 util usb_test <ipAddr> <fileName> ..................................................................... 114

9.8 util firmware_upgrade <IpAddr> <FileName> ................................................... 114

9.9 util enable_auto_backup <status> ...................................................................... 114

9.10 util enable_config_encryp <status> .................................................................... 114

9.11 util watchdog_disable <status> ........................................................................... 114

Chapter 10. Configuration commands under branch LICENSE ....................................................... 115

10.1 license list ............................................................................................................... 115

10.2 license activate <activationKey> ........................................................................ 115

Chapter 11. Configuration commands under branch NET ................................................................ 116

11.1 net ipv6_tunnel six_to_four configure ................................................................ 116

11.2 net bandwidth profile enable <enable> .............................................................. 116

11.3 net bandwidth profile add ..................................................................................... 116

11.4 net bandwidth profile edit <row_id> ................................................................... 117

11.5 net bandwidth profile delete <row_id> ............................................................... 118

11.6 net bandwidth traffic_selector add ...................................................................... 118

11.7 net bandwidth traffic_selector edit <row_id> .................................................... 119

11.8 net bandwidth traffic_selector delete <row_id> ................................................ 119

11.9 net ddns wan1 configure ...................................................................................... 120

11.10 net ddns wan2 configure ...................................................................................... 120

11.11 net lan dhcp reserved_ip configure <mac_address> ...................................... 121

11.12 net lan dhcp reserved_ip delete <mac_address> ............................................ 121

11.13 net dmz dhcp reserved_ip configure <mac_address> .................................... 122

11.14 net dmz dhcp reserved_ip delete <mac_address> .......................................... 122

11.15 net ethernet configure <interface_name> ......................................................... 122

11.16 net lan ipv4 configure ........................................................................................... 123

11.17 net lan ipv6 configure ........................................................................................... 125

11.18 net lan ipv6 pool configure <ipv6PoolStartAddr> ............................................. 126

11.19 net lan ipv6 pool delete <ipv6PoolStartAddr> .................................................. 127

11.20 net igmp configure ................................................................................................ 127

11.21 net intel_Amt server configure ............................................................................ 127

11.22 net intel_Amt_Reflector configure ...................................................................... 128

11.23 net ip_Aliasing server add ................................................................................... 129

11.24 net ip_Aliasing server edit <row_id> .................................................................. 129

11.25 net ip_Aliasing server delete <row_id> .............................................................. 130

11.26 net mode configure ............................................................................................... 130

11.27 net ipv6_tunnel isatap add ................................................................................... 131

11.28 net ipv6_tunnel isatap edit <row_id> ................................................................. 131

6

1.29 net ipv6_tunnel isatap delete <row_id> ............................................................. 132

1

11.30 net routing mode configure .................................................................................. 132

11.31 net wan wan1 ipv4 configure ............................................................................... 133

11.32 net wan wan2 ipv4 configure ............................................................................... 145

11.33 net wan wan3 threeG configure .......................................................................... 158

11.34 net wan mode configure ....................................................................................... 159

11.35 net wan port_setup configure .............................................................................. 162

11.36 net wan vlan_setup configure ............................................................................. 162

11.37 net wan vlan_setup vlanId_Add .......................................................................... 162

11.38 net wan vlan_setup vlanId_Delete ..................................................................... 163

11.39 net wan configurable_port configure .................................................................. 163

11.40 net wan wan1 ipv6 configure ............................................................................... 163

11.41 net wan wan2 ipv6 configure ............................................................................... 165

11.42 net routing ospfv2 configure <interface> ........................................................... 166

11.43 net routing ospfv3 configure <interface> ........................................................... 168

11.44 16.44 net routing protocol_binding add ............................................................. 169

11.45 net routing protocol_binding edit <row_id> ....................................................... 169

11.46 net routing protocol_binding enable <row_id>.................................................. 170

11.47 net routing protocol_binding disable <row_id> ................................................. 171

11.48 net routing protocol_binding delete <row_id> ................................................... 171

11.49 net radvd configure ............................................................................................... 172

11.50 net radvd pool add ................................................................................................ 173

11.51 net radvd pool edit <row_id> ............................................................................... 174

11.52 net radvd pool delete <row_id> .......................................................................... 175

11.53 net routing dynamic configure ............................................................................. 175

11.54 net routing static ipv4 configure <name> .......................................................... 177

11.55 net routing static ipv6 configure <name> .......................................................... 178

11.56 net routing static ipv4 delete <name> ................................................................ 179

11.57 net routing static ipv6 delete <name> ................................................................ 179

11.58 net tahi add-default-route <ip_address> ........................................................... 179

11.59 net tahi add-route <ip_address> <gw> .............................................................. 179

11.60 net tahi del-route <ip_address> <gw> ............................................................... 179

11.61 net tahi ipv6-Alias-Add(LAN) <ip6_address>.................................................... 180

11.62 net tahi ipv6-Alias-Del(LAN) <ip6_address> ..................................................... 180

11.63 net tahi ipv6-Alias-Add(WAN) <ip6_address> .................................................. 180

11.64 net tahi ipv6-Alias-Del(WAN) <ip6_address> ................................................... 180

11.65 net tahi reachable-time <time> ........................................................................... 181

11.66 net tahi ping6 <ip> <size> ................................................................................... 181

11.67 net tahi mping6 <mip> .......................................................................................... 181

11.68 net tahi bping6 <bip> <psize> ............................................................................. 181

11.69 net tahi pmtu-route-add <ipAdd> ........................................................................ 181

11.70 net tahi interface-down <interface> .................................................................... 182

11.71 net tahi interface-up <interface> ......................................................................... 182

11.72 net tahi start-RA-custom <fileName> <ipAddr> ................................................ 182

7

1.73 net tahi RA-Start .................................................................................................... 182

1

11.74 net ipv6_tunnel teredo configure ........................................................................ 183

11.75 net upnp configure ................................................................................................ 184

11.76 net port-vlan lan_edit <portnamew>................................................................... 184

11.77 net port-vlan wlan_edit <ssidName> .................................................................. 184

11.78 net vlan-membership lan_edit <portw> ............................................................. 185

11.79 net vlan-membership wlan_edit <ssidName> ................................................... 185

11.80 net multiVlan subnet edit <vlanID>..................................................................... 186

11.81 net vlan config add <vlan_id> ............................................................................. 187

11.82 net vlan config edit <vlan_Id> ............................................................................. 188

11.83 net vlan config delete <VlanId> .......................................................................... 188

11.84 net dmz configure ................................................................................................. 188

Chapter 12. Configuration commands under branch SECURITY .................................................... 190

12.1 security advanced_network attack_checks configure ..................................... 190

12.2 security advanced_network ips setup ................................................................ 191

12.3 security application_rules add ............................................................................. 191

12.4 security application_rules edit <row_id> ........................................................... 192

12.5 security application_rules delete <row_id> ....................................................... 193

12.6 security firewall custom_service add ................................................................. 193

12.7 security firewall custom_service edit <row_id> ................................................ 194

12.8 security firewall custom_service delete <row_id> ............................................ 194

12.9 security firewall ipv4 configure ............................................................................ 195

12.10 security firewall ipv4 default_outbound_policy <default_outbound_policy>. 196

12.11 security firewall ipv4 edit <row_id>..................................................................... 197

12.12 security firewall ipv4 enable <row_id> ............................................................... 198

12.13 security firewall ipv4 disable <row_id> .............................................................. 199

12.14 security firewall ipv4 delete <row_id> ................................................................ 199

12.15 security firewall ipv4 move <row_id> ................................................................. 199

12.16 security firewall algs ............................................................................................. 199

12.17 security firewall ipv6 configure ............................................................................ 200

12.18 security firewall ipv6 edit <row_id>..................................................................... 201

12.19 security firewall ipv6 enable <row_id> ............................................................... 202

12.20 security firewall ipv6 disable <row_id> .............................................................. 202

12.21 security firewall ipv6 delete <row_id> ................................................................ 202

12.22 security firewall ipv6 move <row_id> ................................................................. 202

12.23 security firewall ipv6 default_outbound_policy <default_outbound_policy>. 203

12.24 security ids configure ............................................................................................ 203

12.25 security session_settings configure ................................................................... 203

12.26 security schedules add ......................................................................................... 204

12.27 security schedules edit <row_id> ....................................................................... 205

12.28 security schedules delete <row_id> ................................................................... 207

12.29 security firewall smtpAlg configure ..................................................................... 207

12.30 security firewall smtpAlg approvedMailId add .................................................. 207

8

2.31 security firewall smtpAlg approvedMailId edit <row_id> ................................. 208

1

12.32 security firewall smtpAlg approvedMailId delete <row_id> ............................. 208

12.33 security firewall smtpAlg blockedMailId add ..................................................... 208

12.34 security firewall smtpAlg blockedMailId edit <row_id> .................................... 209

12.35 security firewall smtpAlg blockedMailId delete <row_id> ................................ 209

12.36 security firewall smtpAlg subjectList add ........................................................... 209

12.37 security firewall smtpAlg subjectList edit <row_id> .......................................... 210

12.38 security firewall smtpAlg subjectList delete <row_id> ..................................... 210

12.39 security mac_filter configure ................................................................................ 210

12.40 security mac_filter source add ............................................................................ 211

12.41 security mac_filter source edit <row_id> ........................................................... 211

12.42 security mac_filter source delete <row_id> ....................................................... 211

12.43 security ip_or_mac_binding add ......................................................................... 212

12.44 security ip_or_mac_binding edit <row_id> ........................................................ 212

12.45 security ip_or_mac_binding delete <row_id> ................................................... 213

12.46 security firewall vpn_passthrough configure ..................................................... 213

12.47 security webAccess status <status> .................................................................. 213

12.48 security webAccess add ...................................................................................... 213

12.49 security webAccess edit <row_id> ..................................................................... 214

12.50 security webAccess delete <row_id> ................................................................. 214

12.51 security website_filter content_filtering configure ............................................ 215

12.52 security website_filter approved_urls add ......................................................... 215

12.53 security website_filter approved_urls edit <row_id> ........................................ 215

12.54 security website_filter approved_urls delete <row_id> ................................... 216

12.55 security website_filter blocked_keywords add .................................................. 216

12.56 security website_filter blocked_keywords edit <row_id> ................................ 216

12.57 security website_filter blocked_keywords delete <row_id> ............................ 217

12.58 security website_filter blocked_keywords enable <row_id> ........................... 217

12.59 security website_filter blocked_keywords disable <row_id> .......................... 217

9

Chapter 1. Introduction

This document describes the Command Line Interface (CLI) for managing D-Link's DSR-500/500AC/1000/1000AC router.

The CLI user requires advanced knowledge about the configuration of the system, and it should be used only by those users who are familiar with CLI-based configuration.

Note that the following features in the DSR Unified Services Router cannot be managed by the CLI:

• Firmware Upgrade

• Configuration Backup/Restore

• Certificate Generate/Upload

• Power Savings mode configuration

• System Dashboard/Resource Utilization

Please access the web browser based UI of the DSR router for managing these features.

1.1 Accessing the CLI

T

he CLI can be accessed by logging in with the same user credentials used to

access the web browser based UI.

*****************************************************

Welcome to the DSR Command Line Interface

****************************************************

D-Link DSR>

 N

ote: D-Link DSR> is the CLI prompt.

10

hapter 2. Basic commands available

C

on the CLI

2.1 Context Sensitive Help

[?] - Displays context sensitive help. This is eithe completions with summaries, or the full syntax of the current command. A subsequent repeat of this key, when a command has been resolved, will display a detailed reference.

r a list of possible command

2.2 Auto-Completion

The following keys both perform auto-completion for the current command line. If the command prefix is not unique a subsequent repeat of the key will display possible completions.

• [enter] - Auto-completes, syntax-checks then executes a command. If there

is a syntax error then offending part of the command line will be highlighted

and explained.

• [space] - Auto-completes, or if the command is already resolved, inserts a

space.

2.3 Movement Keys

[CTRL-A] - Moves to the start of the line.

•

• [CTRL-E] - Moves to the end of the line.

• [up] - Moves to the previous command line held in history.

• [down] - Moves to the next command line held in history.

• [left] - Moves the insertion point left one character.

• [right] - Moves the insertion point right one character.

2.4 Deletion Keys

• [CTRL-C] - Deletes the whole line.

• [CTRL-D] - Deletes the character to the right on the insertion point.

• [CTRL-K] - Deletes all the characters to the right of the insertion point.

• [Backspace] - Deletes the character to the left of the insertion point.

1

.5 Escape Sequences

2

•

!! - Substitutes the last command line.

• !N - Substitutes the Nth command line (absolute as per 'history' command).

• !-N - Substitutes the command line entered N lines before (relative).

1

2

hapter 3. Command Hierarchy in CLI

C

3.1 CLI Commands

The CLI commands are divided into 4 categories:

•

Global commands

• Show commands

• Utility commands

• Configuration commands

3.2 Router Configuration

The router configuration is divided into 5 branches:

• Net: Network Settings

• Security: Security Settings

• System: Admin Settings

• Dot11: Wireless Settings

• Vpn: VPN Settings

• Radius: RADIUS Settings

1

3

hapter 4. Global commands used in

C

CLI

The global commands that are used in CLI are given b

• .exit: Exit this session

• .help:

• .top: Returns to the default mode

• .reboot: Reboots the system.

• .history: Displays the current session's command line history. Number

of commands in history list can be controlled by setting limit argument;

by default it is unbounded.

Displays an overview of the CLI syntax

elow:

1

4

hapter 5. Show commands used in

C

CLI

The show commands for all the above mentioned branch section.

The command show activeDirectory-serverCheck? at the CLI description of all the show commands in the branch activeDirectory-serverCheck, which is as follows:

1

The command show NT-Domain-Settings? at the CLI prompt would give the description of all the show commands in the branch NT-Domain-Settings, which is as follows:

1 show NT-Domain-Settings Displays NT Domain configuration.

The command show vpn? at the CLI prompt would give the description of all the show commands in the branch vpn, which is as follows:

1 show vpn gre_tunnels gre tunnels display mode. 2 show vpn l2tp client Shows l2tp client details. 3 show vpn l2tp client setup Displays l2tp client setup.

show activeDirectoryserverCheck

Displays status of Active Directory servers.

es are outlined in this

prompt would give the

4 show vpn l2tp client status Displays l2tp client status.

5 show vpn l2tp Shows l2tp server details. 6 show vpn l2tp server Shows l2tp server details. 7 show vpn l2tp server setup Displays l2tp server setup.

8

9 show vpn openvpn Displays openvpn commands. 10 show vpn openvpn config Displays openvpn configuration.

11

12

13

14 show vpn pptp client Shows pptp client details. 15 show vpn pptp client setup Displays pptp client setup. 16 show vpn pptp client_status Shows pptp client status details.

17

show vpn l2tp server connections

show vpn openvpn remote_network_all

show vpn openvpn local_network_all

show vpn openvpn cert_upload_status

show vpn pptp client_status setup

Displays l2tp server stats.

Displays all openvpn remote network on system.

Displays all openvpn local network on system.

Displays openvpn certificate status.

Displays pptp client status setup.

1

5

8 show vpn pptp Shows pptp server details.

Access Point configuration. This

s the list of configured Access

Points for the device. From this summary list,

status and parameters of each AP are available

1 19 show vpn pptp server Shows pptp server details. 20 show vpn pptp server setup Displays pptp server setup.

21

show vpn pptp server connections

Displays pptp server stats.

22 show vpn sslvpn Shows sslvpn settings.

23

show vpn sslvpn connections

Shows sslvpn active connections.

24 show vpn sslvpn client Shows sslvpn client settings. 25 show vpn sslvpn route Shows route settings. 26 show vpn sslvpn policy Shows sslvpn policy settings.

27

28

29

30

show vpn sslvpn portallayouts

show vpn sslvpn portforwarding

show vpn sslvpn portforwarding appconfig

show vpn sslvpn portforwarding hostconfig

Shows sslvpn portal-layouts settings.

Shows sslvpn portforwarding settings.

Shows sslvpn portforwarding appconfig settings.

Shows sslvpn portforwarding hostconfig settings.

31 show vpn sslvpn resource Shows sslvpn resource settings.

32

show vpn sslvpn resourceobject <resource_name>

Shows sslvpn resource object settings.

33 show vpn ipsec Shows vpn policy. 34 show vpn ipsec policy Shows vpn policy. 35 show vpn ipsec policy setup Shows vpn policy. 36 show vpn ipsec policy status Shows vpn status.

37

show vpn ipsec policy backup_policies

Shows a list of backup policies.

38 show vpn ipsec dhcp Shows vpn ipsec dhcp setup. 39 show vpn ipsec dhcp setup Shows vpn ipsec dhcp setup.

The command show LDAP-Settings? at the CLI prompt would give the description of all the show commands in the branch LDAP-Settings, which is as follows:

1 show LDAP-Settings Displays LDAP configuration.

The command show dot11? at the CLI prompt would give the description of all the show commands in the branch dot11, which is as follows:

1 show dot11 Displays 802.11 configuration

2

show dot11 accesspoint<ap_name>

Displays command display

for display.

1

6

ap_name:

This is an AP identifier which

quely identifies an AP in the list of configured

An AP can be disabled if not in

use and enabled as needed. The AP is disabled

if this field has the value 'N' and it is enabled if it

has the value 'Y'. Disabling an AP does not

iguration, but stops the AP.

Enabling the AP creates a wireless network

where computers and other devices can join and

communicate with the devices connected to the

access point or the devices on the Local Area

The name or Service Set

Identifier (SSID) is the name of the wireless

network serviced by this AP. Note that since a

given wireless profile can be common to multiple

APs, the SSID is not unique to an AP. In order

for computers or devices to communicate via

erviced by this AP, all

devices must select the same SSID from the list

The field indicates whether SSID is broadcasted

or not in the beacon frames transmitted by the

, the wireless

devices will not be able to see the network name

(SSID). If this field has the value 'Y', it indicates

that the AP's SSID is broadcasted to the public.

If it is 'N' it indicates the SSID is not to be

broadcasted and a device would have to specify

This field has a brief description of the

security, encryption and authentication

combination assigned to the AP. A Profile is not

necessarily unique to an AP, rather this

The physical radio(s) on which this AP is

running on. An AP can run on multiple radios at

balancing and better

part of a logical network

AN id. This allows devices

connected to the VLAN through this AP to

exchange data with one another as in a LAN. If

the optional argument ap_name is specified, the

following configuration information is displayed

amount of time in

milliseconds between beacon transmissions.

Interval for delivery of traffic

uni APs. Enabled:

delete the conf

Network (LAN). SSID:

this wireless network s

of wireless networks in the area.Broadcast:

AP. If SSID is not broadcasted

the SSID exactly to connect to this AP. Profile:

grouping of wireless settings can be used on more than one AP at the same time. Radio:

the same time for loadthroughput. VLAN: The AP can be a defined by the VL

for the access point.

Beacon Interval: The

DTIM Interval:

17

indication message. It is related to beacon

The Request to Send (RTS)

threshold is the value the AP checks against its

ansmitting frames to determine if the

RTS/Clear To Send (CTS) handshake is

required with the receiving client. Using a small

value causes RTS packets to be sent more

often, consuming more of the available

bandwidth, therefore reducing the apparent

ut of the network packet. The default is

Frag

This is the maximum length of the

frame, beyond which packets must be broken up

(fragmented) into two or more frames. Collisions

because

. The default is 2346, which effectively

802.11b requires that a preamble be prepended

to every frame before it is transmitted to the air.

e either the traditional long

preamble, which requires 192 micro second for

transmission, or it may be an optional short

preamble that requires only 96 micro second.

Long preamble is needed for the compatibility

d

RTS/CTS

If selected the AP always performs

RTS/CTS handshake before transmitting a

packet. It is generally used to minimize collisions

n (gain) in dbm

for transmitted packets which is added to the TX

Retry

The number of retries the AP will use

when a frame transmission fails. It is used for

both long and short frames, of size less than or

The rate or rates (in Mbps) which the AP will

Profile configuration. If no profile name

ay a

summary of the details of all the profiles

configured in the system. If a profile name is

specified, this command will display a detailed

of the profile. If the argument

'DisplayQosInfo' is set to 'Y', the profile details

interval. RTS Threshold:

tr

throughp 2346, which effectively disables RTS. Threshold:

occur more often for long frames sending them occupies the channel for a longer time disables Fragmentation. Preamble Mode:

3

show dot11 profile<profile_name><displ ay_qos>

The preamble may b

with legacy 802.11 systems operating at 1 an 2 Mbps. The default is 'long'. Protection:

among hidden stations Transmit Power Gain: Defines the relative amplificatio

power configured on the physical radio. Limit:

equal to the RTS threshold. Supported Rate:

advertise in the beacon frames. Displays

is specified, this command will displ

configuration

will include the QoS details as well.

18

access point and radio statistics. This

table shows a cumulative total of relevant

wireless statistics for the APs and radios; the

counter is reset when the device is rebooted.

table displays

transmit/receive data for each radio. It has the

The number of

/received packet errors reported to

The number of

transmitted/received packet drops between the

: The number of multicast

The number

AP

This table displays transmit/receive

data for each AP. An AP can have multiple

entries if it is running on multiple radios. It has

the following fields: Pkt(Tx/Rx): The number of

transmitted/received wireless packets

ber of

transmitted/received bytes of information

The number of

transmitted/received packet errors reported to

The number of

The number of multicast packets sent

The number of packet

access control list information for the

Available Radios

This table shows the list of available radios that

an AP may use. It has the following fields:

This field

This field indicates which path the radio is

Displays

Radio Statistics: This

following fields: Pkt(Tx/Rx): transmitted/received wireless packets. Byte(Tx/Rx): transmitted/received bytes of information. Err(TRx/Rx): transmitted the radio. Drop(Tx/Rx):

radio and client. Mcast

4 show dot11 statistics

packets sent over this radio. Coll: of packet collisions reported to the radio.

Statistics:

Byte(Tx/Rx): The num

Err(TRx/Rx):

the AP. Drop(Tx/Rx): transmitted/received packet dropped by the AP. Mcast: over this AP. Coll: collisions reported to the AP

5 show dot11 acl<ap_name>

6

7

show dot11 accesspoint status<ap_name>

show dot11 wmm<profile_name>

Displays specified access point.

Displays wireless stats.

8 show dot11 radius Displays radius Information. 9 show dot11 wps Displays WPS Information. 10 show dot11 wds<radio_no> Displays WDS Information.

11

show dot11 wireless_statistics

Displays wireless_statistics Information.

Displays Radio configuration.

12 show dot11 radio<radio_no>

Radio: The radio number. Card: indicates which card the radio is using. Path:

19

RogueAP Enabled:

If this field has

value 'Y' it indicates that RogueAP detection is

enabled on this radio. If it is 'N' it indicates that

RogueAP detection is disabled on this radio. If

the

following cofiguration information is displayed

The

This field indicates

This field

io is mapped to.

The channel used by the

If this field has the

it indicates that RogueAP detection

Value in

dBm is the default transmitted power level for all

Enable

receive diversity (use multiple antennas to

receive packets) List of Access Points for Radio

This table shows all the APs that are configured

This is the

ID of the AP

The SSID serviced by AP Profile: This

field has a brief description of the security,

encryption and authentication combination

show system logging remote

mapped to.

the optional argument radioNum is given,

for the given radio. Radio Settings Radio: radio number. Card Name: which card the radio is using. Path: indicates which path the rad Current Channel: radio. RogueAP Enabled: value 'Yes', is enabled on this radio. TX Power:

APs that use this radio. RX Diversity:

for a particular radio. AP Name: name of the AP. BSSID: The BSS SSID:

assigned to the AP.

The command show POP3-Settings? at the CLI prompt would give the description of all the show commands in the branch POP3-Settings, which is as follows:

1 show POP3-Settings Displays POP3 configuration.

The command show POP3-Trusted-CA? at the CLI prompt would give the description of all the show commands in the branch POP3-Trusted-CA, which is as follows:

1 show POP3-Trusted-CA Displays POP3 Trusted Certificates.

The command show system? at the CLI prompt would give the description of all the show commands in the branch system, which is as follows:

1 show system logging . 2 show system logging remote .

3

setup

Displays remote logging configuration

4 show system logging facility .

5

show system logging facility setup <facility>

Displays logging facility configuration

6 show system logging ipv4 .

20

captured log messages of the router

captured log messages of the

router activities from Event Log. The logs

displayed on this event viewer can be defined in

captured log messages of

vent Log. The logs

displayed on this event viewer can be defined in

remote management over https

jumbo_frame

s the resources being used in the system

7

show system logging ipv4 setup

Displays logging configuration

8 show system logging ipv6 .

9

10 show system log

show system logging ipv6 setup

Displays ipv6 logs configuration

Displays activities

Displays all the

11 show system log all

the Log Configuration commands Displays Page Wise,

12 show system log page

the router activities from E

the Log Configuration commands

13

14

15

16

show system remote_management

show system remote_management setup

show system sessionSettings

show system snmp <agentIP>

.

Displays configuration

Displays sessionSettings Configuration

Displays SNMP configuration

17 show system switch_setting .

18

19

show system switch_setting power_mode

show system switch_setting

Displays power mode configuration

Displays jumbo frame configuration

20 show system status Displays system status

21 show system dashboard

Display

currently 22 show system time . 23 show system time setup Displays Timezone and NTP configuration 24 show system traffic_meter .

25

show system traffic_meter setup

Displays traffic meter configuration

26 show system usb-status Displays USB Status 27 show system users System group display mode 28 show system group System user display mode

29

show system group specific<row_id>

Displays information for given group

30 show system group all Displays all groups on system 31 show system users all Displays all users on system

32

show system users specific<row_id>

Displays information for given user

21

s Group Access Control configuration for

A RADIUS server maintains a database of user

larger environments. If a

RADIUS server already exists, it can be used for

authenticating users that want to connect to the

wireless network provided by this device. When

they

e table.

If first RADIUS server is not accessible, then

the next RADIUS

This table

33

34

35

36

show system group groupaccesscontrol <group_ id>

show system group access_control_browser

show system group access_control_ip

show system firmwareVersion

Display

the selected group

Displays Access Control browsers Policies

Displays Access Control ips Policies

Displays the firmware Version.

The command show ntDomain-serverCheck? at the CLI prompt would give the description of all the show commands in the branch ntDomain-serverCheck, which is as follows:

1

show ntDomainserverCheck

Displays status of NT Domain servers.

The command show Active-Directory-Settings? at the CLI prompt would give the description of all the show commands in the branch Active-Directory-Settings, which is as follows:

1

show Active-DirectorySettings

Displays Active Directory configuration.

The command show pop3-serverCheck? at the CLI prompt would give the description of all the show commands in the branch pop3-serverCheck, which is as follows:

1 show pop3-serverCheck Displays status of Pop3 servers.

The command show Radius-serverCheck? at the CLI prompt would give the description of all the show commands in the branch Radius-serverCheck, which is as follows:

1 show Radius-serverCheck Displays status of Radius servers.

The command show Radius-Settings? at the CLI prompt would give the description of all the show commands in the branch Radius-Settings, which is as follows:

Displays RADIUS configuration.

accounts used in

1 show Radius-Settings

multiple RADIUS servers are configured,

are accessed in the same order as in th

system tries to contact to

server. Configured Radius Servers

22

displays the list of all configured RADIUS

servers. If the optional argument ServerIP is

figuration of the RADIUS

IP address of

IP address of RADIUS accounting

RADIUS authentication

server port to send the RADIUS messages.

in seconds) the device waits

The number of tries the router will make to the

RADIUS server secret. This field is only

list of interface for Inbound

specified, detailed con

server is displayed. Server IP:

RADIUS authentication server Accounting

Server IP:

server Server Port:

Timeout: The time (

for a response from the RADIUS server Retries:

RADIUS server before giving up. Secret:

displayed if the argument ServerIP is specified.

The command show net? At the CLI prompt would give the description of all the show commands in the branch net, which is as follows:

1 show net ipv6_tunnel status Displays ipv6 tunnels status 2 show net bandwidth . 3 show net bandwidth profile .

4

5

6

7

8

show net bandwidth profile setup

show net bandwidth traffic_selector

show net bandwidth traffic_selector setup

show net bandwidth profile interface_list

show net bandwidth traffic_selector services

Displays list of Available Bandwidth Profile(s).

.

Shows the list of Available Traffic Selector(s).

Displays the

Bandwidth Profile. It includes Available VLANs

Displays a list of available services

9 show net ddns . 10 show net ddns setup Show Dynamic DNS Configuration. 11 show net lan dhcp .

12

13

14

15

show net lan dhcp reserved_ip

show net lan dhcp reserved_ip setup

show net lan dhcp leased_clients

show net lan dhcp leased_clients list

.

Shows a list of DHCP Reserved Addresses.

.

Shows a list of Available DHCP Leased Clients.

16 show net dmz . 17 show net dmz setup Shows DMZ Configuration. 18 show net dmz dhcp .

23

list of DMZ DHCP Reserved

list of Available DMZ DHCP Leased

19

20

21

22

show net dmz dhcp reserved_ip

show net dmz dhcp reserved_ip setup

show net dmz dhcp leased_clients

show net dmz dhcp leased_clients list

.

Displays a

Addresses.

.

Shows a

Clients. 23 show net ethernet Displays Ethernet interfaces 24 show net lan . 25 show net lan ipv4 . 26 show net lan ipv4 setup Displays LAN Configuration. 27 show net lan ipv6 . 28 show net lan ipv6 setup Shows IPv6 LAN Configuration.

29

show net statistics <interface>

Shows Interface Statistics

30 show net igmp Displays igmp configuration 31 show net intel_Amt Shows IntelAmt details 32 show net intel_Amt server Shows IntelAmt Server Configuration

33

34

35

show net intel_Amt Reflector

show net intel_Amt server setup

show net intel_Amt Reflector setup

show IntelAmt Reflector Configuration

Displays Intel_Amt server configuration.

Displays Intel_Amt Reflector setup.

36 show net Ip_Alias Shows Ip Alias configuration details. 37 show net Ip_Alias server Shows Ip Alias configuration details.

38

show net Ip_Alias server setup

Displays net Intel_Amt server setup.

39 show net mode . 40 show net mode setup Displays IP MODE configuration 41 show net ipv6_tunnel . 42 show net ipv6_tunnel setup Displays ipv6 tunnels configuration 43 show net routing mode .

44

show net routing mode setup

Routing Mode between WAN and LAN

45 show net wan wan1 . 46 show net wan wan1 ipv4 .

47

48

show net wan wan1 ipv4 status

show net wan wan1 ipv4 setup

Displays ipv4 wan1 Information.

Displays Wan1 Setup Information.

49 show net wan wan2 . 50 show net wan wan2 ipv4 .

24

51

52

show net wan wan2 ipv4 status

show net wan wan2 ipv4 setup

Displays ipv4 wan2 Information.

Displays wan2 Setup Information.

53 show net wan wan3 Displays the wan3 configuration 54 show net wan wan3 threeG Shows ThreeG information.

55

56

show net wan wan3 threeG setup

show net wan wan3 threeG status

Displays ThreeG Configuration.

Displays wan3 ThreeG status.

57 show net wan . 58 show net wan mode Displays wan mode Setup. 59 show net wan port_setup Displays wan port Setup. 60 show net wan vlan_setup Displays vlan port Information for wan.

61

show net wan configurable_port

Displays configurable port Information.

62 show net wan wan1 ipv6 .

63

64

show net wan wan1 ipv6 status

show net wan wan1 ipv6 setup

Displays ipv6 wan1 Information.

Displays Wan1 Setup Information.

65 show net wan wan2 ipv6 .

66

67

show net wan wan2 ipv6 status

show net wan wan2 ipv6 setup

Displays ipv6 wan2 Information.

Displays Wan2 Setup Information.

68 show net routing ospfv2 Shows OSPFv2 Configuration 69 show net routing ospfv3 Shows OSPFv3 Configuration

70

71

72

73

show net routing ospfv2 setup

show net routing ospfv3 setup

show net routing protocol_binding

show net routing protocol_binding setup

Displays OSPFv2 Configuration

Displays OSPFv3 Configuration

Shows protocol_binding rules

Displays protocol Binding Rules

74 show net radvd . 75 show net radvd setup Displays RADVD configuration 76 show net routing dynamic Shows dynamic routing setup

77

show net routing dynamic setup

Shows dynamic routing Setup.

78 show net routing Displays routing setup 79 show net routing static Displays Static Routes Info 80 show net routing static ipv4 Displays IPv4 Static Routes Info

25

static route

81

82

show net routing static ipv4 setup

show net routing static interface_list

Shows all the configured IPV4 routes.

Shows all the interfaces on which

can be configured 83 show net routing static ipv6 Displays IPv6 Static Routes Info

84

show net routing static ipv6 setup

Shows all the configured IPV6 Static routes.

85 show net upnp Displays UPnP Information 86 show net upnp portmap Displays UPnP portmap Table Information. 87 show net upnp setup Displays UPnP Setup Information. 88 show net vlan 89 show net vlan configuration Displays VLAN Confgiuration. 90 show net multivlan Shows vlan server status 91 show net multivlan subnet Shows vlan server status

92

show net multivlan subnet status

Displays multi vlan Subnet List.

93 show net port-vlan Shows Port vlan status 94 show net port-vlan status Displays Port vlan status. 95 show net wireless_vlan Shows Port vlan status

96

show net wireless_vlan status

Displays Port vlan status.

The command show ldap-serverCheck? at the CLI prompt would give the description of all the show commands in the branch ldap-serverCheck, which is as follows:

1 show ldap-serverCheck Displays status of Ldap servers.

The command show security? at the CLI prompt would give the description of all the show commands in the branch security, which is as follows:

1

show security advanced_network

Shows advanced firewall attack checks

show security

2

advanced_network

Displays Security Checks configuration

attack_checks

3

4

5

6

7

show security advanced_network ips

show security application_rules

show security application_rules setup

show security application_rules status

show security firewall custom_service

Displays ips configuration

.

Displays application rules configuration

Displays application rules status

.

26

8

show security firewall custom_service setup

Displays a list of available Custom Service

configuration 9 show security firewall Displays Firewall Rules 10 show security firewall ipv4 Displays IPv4 Firewall Rules

11

show security firewall ipv4 setup

Displays IPv4 Firewall Rules

12 show security firewall algs Displays ALGs protocals status 13 show security firewall ipv6 Displays IPv6 Firewall Rules

14

show security firewall ipv6 setup

Displays IPv6 Firewall Rules

15 show security ids . 16 show security ids setup Displays IDS configuration

17

show security session_settings

Displays Session Settings configuration

18 show security schedules .

19

20

21

22

23

show security schedules setup

show security firewall smtpAlg

show security firewall smtpAlg configure

show security firewall smtpAlg configure setup

show security firewall smtpAlg approvedMailId

Displays Schedules configuration

.

Shows SmtpAlg Status.

.

show security firewall

24

smtpAlg approvedMailId

Shows a List of Approved Mail_Id.

setup

25

show security firewall smtpAlg blockedMailId

.

show security firewall

26

smtpAlg blockedMailId

Shows a List of Blocked Mail_Id.

setup

27

28

show security firewall smtpAlg subjectList

show security firewall smtpAlg subjectList setup

.

Shows a List of Subject, corresponding Mail_Id

and Action. 29 show security mac_filter .

30

31

32

show security mac_filter setup

show security ip_or_mac_binding

show security ip_or_mac_binding setup

Displays Source Mac Filter configuration

.

Displays IP/MAC Binding configuration

27

configuration and

n

33

34

show security firewall vpn_passthrough

show security firewall vpn_passthrough setup

.

Displays VPN passthrough Configuration

35 show security webAccess .

Displays security webAccess

36

show security webAccess setup

rules

Displays a list of Allowed IpAdrr/Network Web

Access 37 show security website_filter .

38

39

40

show security website_filter content_filtering

show security website_filter approved_urls

show security website_filter blocked_keywords

Displays content filtering configuration

Displays trusted domains configuration

Displays a list of available Approved URLs

Displays blocked keywords configuration

The command vpn? at the CLI prompt would give the description of all the configuration commands in the branch vpn, which is as follows:

1 vpn gre_tunnel GRE Tunnel. 2 vpn gre_tunnel add GRE Tunnel add mode

3

4

vpn gre_tunnel edit <row_id>

vpn gre_tunnel delete <row_id>

GRE Tunnel edit mode

GRE Tunnel delete mode

5 vpn l2tp client Vpn policy mode. 6 vpn l2tp client configure l2tp client configuration mode

7

vpn l2tp client_action <action>

Vpn l2tp client action set.

8 vpn l2tp Vpn policy mode. 9 vpn l2tp server Vpn policy mode. 10 vpn l2tp server configure l2tp server configuration mode 11 vpn openvpn Displays openvpn configure commands 12 vpn openvpn config openvpn configuration mode

13

14

vpn openvpn remote_network

vpn openvpn remote_network add

Opens vpn remote networks configuratio

commands.

Adds a new remote network

vpn openvpn

15

remote_network

Remote network edit mode.

edit <row_id> vpn openvpn

16

remote_network

Openvpn remote network delete mode.

delete <row_id>

28

Opens vpn local networks configuration

rver / Client

the pem formatted Tls Authentication

17 vpn openvpn local_network

18

19

20

vpn openvpn local_network add

vpn openvpn local_network edit <row_id>

vpn openvpn local_network delete <row_id>

commands.

Adds a new local network.

Local network edit mode.

Openvpn local network delete mode.

21 vpn openvpn cert_upload Openvpn local network display mode.

22

23

vpn openvpn cert_upload ca <fileName> <ipAddr>

vpn openvpn cert_upload server_client_cert <fileNam e> <ipAddr>

Uploads the pem formatted CA Certificate.

Uploads the pem formatted Se

Certificate.

vpn openvpn cert_upload

24

client_key <fileName> <ipA

Uploads the pem formatted Server/Client key.

ddr> vpn openvpn cert_upload

25

26

dh_Key <fileName> <ipAddr> Uploads the pem formatted Diffie Hellman key.

vpn openvpn cert_upload tls_Authkey <fileName> <ip Addr>

Uploads

Key.

vpn openvpn cert_upload

27

crl_cert <fileName> <ipAddr> Uploads the pem formatted CRL Certificate.

28

vpn openvpn cert_upload config <fileName> <ipAddr>

Uploads the pem formatted config file.

29 vpn pptp client Vpn policy mode. 30 vpn pptp client configure PPTP client configuration mode.

31

vpn pptp client_action <action>

Vpn pptp client action set.

32 vpn pptp Vpn policy mode. 33 vpn pptp server Vpn policy mode. 34 vpn pptp server configure pptp server configuration mode 35 vpn sslvpn sslvpn configuration commands 36 vpn sslvpn portal-layouts sslvpn portal layout configuration commands

37

38

39

40

vpn sslvpn portal-layouts add

vpn sslvpn portal-layouts edit <row_id>

vpn sslvpn portal-layouts delete <row_id>

Adds sslvpn portal layout.

Edits sslvpn portal layout.

Deletes sslvpn portal layout.

vpn sslvpn portforwarding Sslvpn portforwarding configuration commands.

29

ortforwarding application configuration

slvpn portforwarding host configuration

41

42

43

44

45

46

vpn sslvpn portforwarding appconfig

vpn sslvpn portforwarding appconfig add

vpn sslvpn portforwarding appconfig delete <row_id>

vpn sslvpn portforwarding hostconfig

vpn sslvpn portforwarding hostconfig add

vpn sslvpn portforwarding hostconfig delete <row_id>

Sslvpn p

commands.

Adds an application configuration rule.

Deletes an application configuration rule.

S

commands.

Adds a host configuration rule.

Deletes a host configuration rule.

47 vpn sslvpn resource Sslvpn resource configuration commands. 48 vpn sslvpn resource add Adds an sslvpn resource.

49

vpn sslvpn resource configure

Configures an sslvpn resource.

vpn sslvpn resource

50

configure

Adds an sslvpn resource object.

add <resource_name>

51

52

vpn sslvpn resource configure delete <row_id>

vpn sslvpn resource delete <row_id>

Deletes an sslvpn resource object.

Deletes an sslvpn resource.

53 vpn sslvpn policy Sslvpn policy configuration commands. 54 vpn sslvpn policy add Adds an sslvpn policy.

55

56

vpn sslvpn policy edit <row_id>

vpn sslvpn policy delete <row_id>

Edits an sslvpn policy.

Deletes an sslvpn policy.

57 vpn sslvpn client Sslvpn client configuration commands. 58 vpn sslvpn route Sslvpn route configuration commands. 59 vpn sslvpn route add Adds sslvpn client route.

60

vpn sslvpn route delete <row_id>

Deletes sslvpn client route.

61 vpn ipsec Vpn policy mode. 62 vpn ipsec policy Vpn policy mode.

63

vpn ipsec policy configure <name>

Vpn policy configuration mode.

64 vpn ipsec dhcp Vpn ipsec over dhcp mode. 65 vpn ipsec dhcp configure vpn dhcp over ipsec policy configuration mode

66

67

vpn ipsec policy enable <name>

vpn ipsec policy disable <name>

Enables a vpn policy.

Disables a vpn policy.

30

_addr>

68

69

70

vpn ipsec policy delete <name>

vpn ipsec policy connect <name>

vpn ipsec policy drop <name>

Deletes a vpn policy.

Connects a vpn tunnel.

Drops a vpn tunnel.

The command dot11? at the CLI prompt would give the description of all the configuration commands in the branch dot11, which is as follows:

1 dot11 profile 802.11 profile configuration commands. 2 dot11 accesspoint 802.11 access point configuration commands. 3 dot11 radio 802.11 radio configuration commands. 4 dot11 wds 802.11 wds configuration commands. 5 dot11 wmm 802.11 wmm configuration. 6 dot11 radius 802.11 radius configuration mode.

7

8

9

dot11 profile add <profile_name>

dot11 profile edit <profile_name>

dot11 wmm edit <profile_name>

802.11 profile configuration mode.

802.11 wmm configuration mode.

10 dot11 radius configure 802.11 radius configuration mode.

11

12

13

14

15

16

dot11 profile delete <profile_name>

dot11 accesspoint add <ap_name>

dot11 accesspoint edit <ap_name>

dot11 accesspoint delete <ap_name>

dot11 wds enable <radio_no>

dot11 wds disable <radio_no>

Deletes an 802.11 profile.

802.11 access point configuration mode

Deletes an 802.11 access point.

Enables wds.

Disables wds.

dot11 wds

17

add_peer <radio_no> <mac

Adds peer mac address wds.

dot11 wds

18

delete_peer <radio_no> <m

Deletes peer mac address wds.

ac_addr>

19

20

dot11 accesspoint disable <ap_name>

dot11 accesspoint enable <ap_name>

Disables an 802.11 access point.

Enables an 802.11 access point.

31

21

dot11 radio configure <radio_no>

802.11 radio configuration mode.

22 dot11 radio advanced Advanced radio configure

23

dot11 radio advanced configure <radio_no>

802.11 AP advanced configuration mode.

24 dot11 accesspoint wps Advanced AP configure

25

dot11 accesspoint wps configure

802.11 AP wps configuration mode.

26 dot11 accesspoint acl Accesspoint ACL configure commands

27

dot11 accesspoint ACL configure <ap_name>

802.11 AP ACL configuration mode.

dot11 accesspoint acl

28

delete_mac_address <rowid> Deletes acl mac address entry.

The command system? at the CLI prompt would give the description of all the configuration commands in the branch system, which is as follows:

1 system POP3_Settings System POP3 configuration commands. 2 system NT-Domain-Settings Configures NT-Domain Settings

3

system Active-DirectorySettings

Configures Active-Directory Settings

4 system LDAP_Settings Configures LDAP Settings

5

6

system POP3_Settings POP3_Server_Configuration

system POP3_Settings POP3_Trusted_CA

Configures POP3 Server

Uploads POP3 trusted Certificates

7 system logging . 8 system logging ipv4 System logging ipv4 configuration. 9 system logging facility System log Facility configuration.

10

system logging facility Options

System log Facility Options configuration.

11 system logging remote System remote Logging configuration. 12 system logging ipv6 System ipv6 logs configuration.

13

14

15

16

system logging ipv4 configure

system logging facility configure <facility>

system logging remote configure

system logging ipv6 configure

System logging configuration mode.

System logging facility configuration mode.

System remote Logging configuration mode.

System ipv6 logs configuration mode.

17 system Radius-Settings Configures Radius-Settings.

18

system remote_management

Remote Mgmt Setup.

32

remote management support for

ment support for

jumbo_frame

jumbo_frame configure

19

20

21

system remote_management https

system remote_management https configure

system remote_management telnet configure

Remote Mgmt Setup for https.

Configures

https.

Configures remote manage

telnet.

22 system sessionSettings Session Settings Configuration.

23

24

25

26

system sessionSettings admin

system sessionSettings admin configure

system sessionSettings guest

system sessionSettings guest configure

Session Settings Configuration.

Admin Session Settings Configuration.

Session Settings Configuration.

Guest Session Settings Configuration.

27 system snmp System SNMP configuration 28 system snmp trap System SNMP trap configuration. 29 system snmp sys System SNMP system configuration. 30 system snmp access System SNMP Access Configuration. 31 system snmp users System SNMP v3 User Configuration.

32

33

34

system snmp trap configure <agent_ip>

system snmp trap delete <agent_ip>

system snmp users configure <user>

SNMP trap configuration mode.

Deletes a SNMP trap configuration.

SNMP v3 User list configuration settings

35 system snmp sys configure SNMP system configuration mode 36 system snmp access add SNMP access configuration mode

37

38

system snmp access edit <rowid>

system snmp access delete <rowid>

SNMP configuration mode

SNMP access configuration mode

39 system switch_settings Switch setting setup.

40

41

42

43

system switch_settings power_saving

system switch_settings

system switch_settings power_saving configure

system switch_settings

Power saving setup.

Jumbo frame setup.

Power saving configuration mode.

Jumbo frame configuration mode.

44 system admin_setting System configuration.

33

List of browsers for which login policies can be

45

system admin_setting configure

System configuration mode.

46 system time System time configuration mode 47 system time configure System time configuration mode 48 system traffic_meter Traffic meter Configuration setup.

49

system traffic_meter configure

Traffic meter configuration mode.

50 system usb USB Configuration. 51 system usb usb1 USB1 Configuration. 52 system usb usb1 configure USB1 Configuration.

53

54

55

system usb safelyRemoveUsb

system usb SafelyRemoveUSB usb1

system usb SafelyRemoveUSB usb2

Safely removing the USB.

To unmount usb1

To unmount usb2

56 system usb usb2 USB2 Configuration. 57 system usb usb2 configure USB2 Configuration. 58 system usb shareport_vlan USB SharePort settings.

59

60

system usb shareport_vlan configure <row_id>

system usb shareport_vlan show

SharePort on vlan configuration.

Displays SharePort on vlan configuration.

61 system users System user configuration commands. 62 system group System group configuration commands. 63 system group add System groups add mode. 64 system group edit <row_id> System groups edit mode.

65

system group delete <row_id>

System groups delete mode.

66 system users add System users add mode. 67 system users edit <row_id> System users edit mode.

68

69

system users delete <row_id>

system group groupaccesscontrol

System users delete mode.

Group access control.

system group

70

groupaccesscontrol

Group access control configuration.

configure <group_id>

71

system group access_control_browser

applied.

system group

72

access_control_browser

Adds a browser to Access Control browsers list

add

34

a browser from Access Control

To retrieve the IP address of a Web, FTP, Mail

all the routers present between the

Allows you to capture all packets that pass

the packet capture to the host

73

74

75

system group access_control_browser delete <row_id>

system group access_control_ip

system group access_control_ip add

Deletes

browsers list.

List of ip for which login policies can be applied

Adds an ip to Access Control ip list.

system group

76

access_control_ip

Deletes an ip from Access Control ip list.

delete <row_id>

The command util ? at the CLI prompt would give the description of all the configuration commands in the branch util , which is as follows:

1 util restore-factory-defaults Revert to factory default settings. 2 util system_check System check options

3

4

5

6

7

8

util system_check ping <ip_address>

util system_check dns_lookup <dns>

util system_check traceroute <ip_address>

util system_check display_IPV4_routingtable

util system_check display_IPV6_routingtable

util system_check capturePackets

Pings an Internet Address.

or any other Server on the Internet

Displays

destination IP address and this router

Displays IPV4 Routing Table

Displays IPV6 Routing Table

through the selected interface

util system_check

9

capturePackets

Starts the packet capture

start <interface> util system_check

10

capturePackets

Displays available interfaces for packet capture

avail_interfaces

11

util system_check capturePackets stop

Stops the packet capture

util system_check

12

capturePackets download <fileName><ipAd

Downloads

machine

dr> util

13

dbglog_download <fileName

Downloads Dbglogs to the host machine

> <ipAddr>

14 util reboot Reboots the system.

35

Configuration encryption

It gives options to add/edit/delete a bandwidth

It gives options to add/edit/delete a traffic

It allows to add a traffic selector for a bandwidth

It allows to edit a traffic selector for a bandwidth

util

15

usb_test <ipAddr> <fileNam

To test the USB.

e> util

16

firmware_upgrade <IpAddr>

To upgrade the firmware.

<FileName> util

17

enable_auto_backup <statu

Enables/Disables Auto Backup support.

s>

18

19

util enable_config_encryp <stat us>

util watchdog_disable <status>

Enables/Disables

support.

Disables/Enables watchdog timer.

The command license? at the CLI prompt would give the description of all the configuration commands in the branch license, which is as follows:

1 license list List license on the device.

2

license activate <activationKey>

Activates a license on the device.

The command net? at the CLI prompt would give the description of all the configuration commands in the branch net, which is as follows:

1 net ipv6_tunnel Ipv6 tunnel configuration setup. 2 net ipv6_tunnel six_to_four Six to four tunnel configuration setup.

3

net ipv6_tunnel six_to_four configure

Six To Four Tunnel configuration mode.

4 net bandwidth .

5 net bandwidth profile

6

net bandwidth profile enable <enable>

profile.

It allows to enable/disable bandwidth profiles.

7 net bandwidth profile add It allows to add a bandwidth profile.

8

9

10

11

net bandwidth profile edit <row_id>

net bandwidth profile delete <row_id>

net bandwidth traffic_selector

net bandwidth traffic_selector add

It allows to edit a bandwidth profile.

It allows to delete a bandwidth profile.

selector for a bandwidth profile.

profile.

net bandwidth

12

traffic_selector edit <row_id>

profile.

36

It allows to delete a traffic selector for a

igmp proxy should be enable or

net bandwidth

13

traffic_selector delete <row_id>

bandwidth profile.

14 net ddns DDNS setup. 15 net ddns wan1 DDNS setup. 16 net ddns wan2 DDNS setup. 17 net ddns wan1 configure DDNS configuration mode. 18 net ddns wan2 configure DDNS configuration mode. 19 net lan dhcp DHCP setup. 20 net lan dhcp reserved_ip DHCP Reserved IPs setup.

21

22

net lan dhcp reserved_ip configure <mac_address>

net lan dhcp reserved_ip delete <mac_address>

DHCP Reserved IPs add/edit mode.

Deletes a specific reserved ip entry.

23 net dmz dhcp DHCP setup. 24 net dmz dhcp reserved_ip DHCP Reserved IPs setup.

25

26

net dmz dhcp reserved_ip configure <mac_address>

net dmz dhcp reserved_ip delete <mac_address>

DHCP Reserved IPs add/edit mode.

Deletes a specific reserved ip entry.

27 net ethernet Ethernet configuration.

28

net ethernet configure <interface_name>

Ethernet configuration mode.

29 net lan LAN setup. 30 net lan ipv4 . 31 net lan ipv4 configure IPv4 LAN configuration mode. 32 net lan ipv6 . 33 net lan ipv6 configure IPv6 LAN configuration mode. 34 net lan ipv6 pool .

net lan ipv6 pool

35

configure <ipv6PoolStartAd

IPv6 LAN configuration add/edit mode.

dr>

36

net lan ipv6 pool delete <ipv6PoolStartAddr>

IPv6 LAN configuration delete mode.

37 net igmp Igmp configuration commands.

38 net igmp configure

Specifies

disable 39 net intel_Amt Net policy mode. 40 net intel_Amt server Net policy mode.

41

net intel_Amt server configure

Intel Amt server configuration mode

42 net intel_Amt_Reflector Net policy mode.

43

net intel_Amt_Reflector configure

Intel Amt Reflector configuration mode

37

Routing Mode between WAN and LAN

44 net ip_Aliasing Net policy mode. 45 net ip_Aliasing server Net policy mode. 46 net ip_Aliasing server add Adding Ip Aliasing server configuration

47

48

net ip_Aliasing server edit <row_id>

net ip_Aliasing server delete <row_id>

Editing Ip Aliasing server configuration.

Deleting Ip Aliasing configuration

49 net mode IP Mode Setup 50 net mode configure IP Mode configuration mode. 51 net ipv6_tunnel isatap Isatap tunnel configuration commands. 52 net ipv6_tunnel isatap add Isatap tunnel configuration add mode.

53

54

net ipv6_tunnel isatap edit <row_id>

net ipv6_tunnel isatap delete <row_id>

Isatap Tunnel configuration edit mode.

Isatap tunnel configuration delete mode.

55 net routing mode Routing Mode between WAN and LAN setup.

56 net routing mode configure

configuration mode. 57 net wan wan1 Wan configuration mode. 58 net wan wan1 ipv4 Ipv4 wan configuration mode. 59 net wan wan1 ipv4 configure Ipv4 wan wan1 configuration mode.. 60 net wan wan2 Wan configuration mode. 61 net wan wan2 ipv4 Ipv4 wan configuration mode. 62 net wan wan2 ipv4 configure Ipv4 wan wan2 configuration mode. 63 net wan wan3 Wan3 configuration mode. 64 net wan wan3 threeG Wan3 configuration mode.

65

net wan wan3 threeG configure

ThreeG wan wan3 configuration mode.

66 net wan Net wan configuration mode. 67 net wan mode Net wan configuration mode. 68 net wan mode configure Net wan configuration mode. 69 net wan port_setup Displays net wan port configuration.

70

net wan port_setup configure

Displays wan port configuration mode.

71 net wan vlan_setup Displays wan vlan setup.

72

73

74

net wan vlan_setup configure

net wan vlan_setup vlanId_Add

net wan vlan_setup vlanId_Delete

Displays wan vlan configuration mode.

Displays wan vlan Id Add mode.

Displays wan vlan Id delete mode.

75 net wan configurable_port Net wan configurable port setup.

76

net wan configurable_port configure

Net wan configurable port setup.

38

configuration

routing mode, static and dynamic

77 net wan wan1 ipv6 Displays ipv6 wan configuration mode 78 net wan wan1 ipv6 configure Displays ipv6 wan1 configuration mode 79 net wan wan2 ipv6 Displays ipv6 wan2 configuration mode 80 net wan wan2 ipv6 configure Displays ipv6 wan2 configuration mode 81 net routing ospfv2 Displays OSPF Configuration for IPV4 82 net routing ospfv3 Displays OSPF Configuration for IPV6

83

84

85 net routing protocol_binding

86

87

88

89

90

net routing ospfv2 configure <interface>

net routing ospfv3 configure <interface>

net routing protocol_binding add

net routing protocol_binding edit <row_id>

net routing protocol_binding enable <row_id>

net routing protocol_binding disable <row_id>

net routing protocol_binding delete <row_id>

Displays ospfv2 configuration mode.

Displays ospfv3 configuration mode.

Displays protocol_binding

commands

Protocol_binding rules configuration add mode.

To edit the selected protocol_binding

Protocol_binding rules configuration mode.

91 net radvd RADVD configuration setup. 92 net radvd pool RADVD configuration setup. 93 net radvd configure RADVD configuration mode. 94 net radvd pool add RADVD Pool configuration mode. 95 net radvd pool edit <row_id> RADVD Pool configuration mode.

96

net radvd pool delete <row_id>

RADVD pool configuration mode.

97 net routing dynamic Configures the routes dynamically.

98

99 net routing

net routing dynamic configure

Configures the routes dynamically.

Configures

route(s). 100 net routing static Configures the routes. 101 net routing static ipv4 Configures the IPv4 routes. 102 net routing static ipv6 Configures the IPV6 routes.

103

104

105

106

net routing static ipv4 configure <name>

net routing static ipv6 configure <name>

net routing static ipv4 delete <name>

net routing static ipv6 delete <name>

Adds new IPv4 static routes.

Adds new IPV6 static routes.

Deletes a specific IPv4 route.

Deletes a specific IPV6 route.

39

sending RA with AdvRetransTimer as

achableTime as

sending RA with AdvReachableTime as

sending RA with minimum values of

sending RA with maximum values of

sending RA with MaxRtrAdvInterval value

nterval value

it value

sending RA with AdvCurHopLimit value

107

108

net routing static ipv4 deleteAll

net routing static ipv6 deleteAll

Deletes all the configured IPv4 routes.

Deletes all the configured IPv6 routes.

109 net tahi Settings for tahi test suite.

110

net tahi add-defaultroute <ip_address>

Adds ipv6 default route on lan interface.

111 net tahi delete-default-route Deletes ipv6 default route on lan interface.

112

113

net tahi addroute <ip_address> <gw>

net tahi delroute <ip_address> <gw>

Adds ipv6 route on lan interface.

114 net tahi stop-RA Stop sending RA.

115

116

117

118

119

net tahi start-RAAdvRetransTimer(1000)

net tahi start-RAAdvRetransTimer(5000)

net tahi startRAReachable(30000)Retrans(1

000) net tahi start-RA-

AdvReachableTime(10000) net tahi start-RA-

AdvReachableTime(30000)

Starts

1000.

Starts

5000.

Starts sending RA with AdvRe

30000 and AdvRetransTimer as 1000.

Starts

10000.

Starts

30000.

120 net tahi start-RA(Default) Starts sending RA with default parameters.

121 net tahi start-RA-MinValues

122 net tahi start-RA-MaxValues

123

124

125

126

127

128

129

net tahi start-RAMaxRtrAdvInterval(10)

net tahi start-RAMaxRtrAdvInterval(40)

net tahi start-RAMinRtrAdvInterval(198)

net tahi start-RAprefix(8000::)

net tahi start-RAprefix(fec0::)

net tahi start-RAAdvCurHopLimit(0)

net tahi start-RAAdvCurHopLimit(15)

Starts

parameters.

Starts

parameters.

Starts

of 10.

Starts

of 40.

Starts sending RA with MinRtrAdvI

of 198.

Starts sending RA with prefix 8000::/64.

Starts sending RA with prefix fec0::/64.

Starts sending RA with AdvCurHopLim

as 0.

Starts

as 15. 130 net tahi start-RA-WAN Starts sending RA on the WAN interface. 131 net tahi ipv6-down Disables the ipv6 stack on the router.

40

and adds

the reachable time of neighbour cache

arts RA with configuration file obtained

Use command 'show net

132 net tahi ipv6-up Enables the ipv6 stack on the router.

133 net tahi ipv6-global-up

134

135

136

137

net tahi ipv6-AliasAdd(LAN) <ip6_address>

net tahi ipv6-AliasDel(LAN) <ip6_address>

net tahi ipv6-AliasAdd(WAN) <ip6_address>

net tahi ipv6-AliasDel(WAN) <ip6_address>

Enables the ipv6 stack on the router,

global ip.

Adds ipv6 address to LAN interface.

Deletes an ipv6 address from LAN interface.

Adds ipv6 address to WAN interface.

Deletes an ipv6 address from WAN interface.

138 net tahi neigh-cache-del Deletes the ipv6 neighbor cache.

139

net tahi reachabletime <time>

Sets

entries 140 net tahi mcast-start Starts ipv6 multicast. 141 net tahi mcast-stop Stops ipv6 multicast. 142 net tahi ping6 <ip> <size> Ping6 on LAN interface with count one. 143 net tahi mping6 <mip> Multicast ping6 on LAN.

144

145

net tahi bping6 <bip> <psize>

net tahi pmtu-routeadd <ipAdd>

ping6

Adds ipv6 route on lan interface.

146 net tahi disable-ipv6-firewall Disables ipv6 firewall. 147 net tahi show-LAN-ip Shows ipv6 addresses of LAN interface.

148

149

150

net tahi interfacedown <interface>

net tahi interfaceup <interface>

net tahi start-RAcustom <fileName> <ipAddr >

Brings selected interface down.

Brings selected interface up.

St

through tftp.

151 net tahi RA-Start Starts RA with custom configuration. 152 net ipv6_tunnel teredo Teredo tunnel configuration setup.

153

net ipv6_tunnel teredo configure

Teredo Tunnel configuration mode.

154 net upnp Upnp configuration mode 155 net upnp configure Upnp configuration mode 156 net port-vlan port vlan

157

158

net port-vlan lan_edit <portnamew>

net port-vlan wlan_edit <ssidName>

Vlan port name range 1-4.

SSID to be edited.

wireless_vlan status 'to dislay all SSID's Name 159 net vlan-membership Vlan-membership

160

net vlan-membership lan_edit <portw>

Net vlan membership for the vlan and Wlan port.

41

'show net

161

net vlan-membership wlan_edit <ssidName>

SSID to be edited. Use command

wireless_vlan status 'to dislay all SSID's Name 162 net multivlan Multivlan server configure 163 net multivlan subnet Multivlan Server configure

164

net multiVlan subnet edit <vlanID>

Multivlan server edit mode

165 net vlan Displays vlan Configuration Settings. 166 net vlan config Displays vlan configuration.

167

168

169

net vlan config add <vlan_id>

net vlan config edit <vlan_Id>

net vlan config delete <VlanId>

Adds a vlan.

Edits a configured vlan.

Deletes a vlan.

170 net vlan config enable Enables vlan configuration. 171 net vlan config disable Disables vlan configuration. 172 net dmz Dmz configuration mode. 173 net dmz configure Dmz configuration mode.

The command security? at the CLI prompt would give the description of all the configuration commands in the branch security, which is as follows:

1 security advanced_network Security advanced setup.

2

3

4

5

security advanced_network attack_checks

security advanced_network attack_checks configure

security advanced_network ips

security advanced_network ips setup

Firewall Security Checks setup.

Security Checks configuration mode.

Security ips setup.

Displays ips configuration mode.

6 security application_rules Application Rules Configuration setup.

7

8

9

10

11

security application_rules add

security application_rules edit <row_id>

security application_rules delete <row_id>

security firewall custom_service

security firewall custom_service add

To add an application rule.

To edit the selected application rule.

To delete the selected application rule.

Custom Services Configuration setup.

Custom services configuration add mode.

security firewall

12

custom_service

Custom services configuration edit mode.

edit <row_id>

42

Firewall Settings, Default Outbound Policy

Firewall IPV4 rules configuration

Firewall IPV4 Rules configuration

Firewall IPV6 rules configuration

Firewall IPV6 Rules configuration

Firewall Settings, IPv6 Default Outbound Policy

security firewall

13

custom_service

Custom services configuration delete mode.

delete <row_id> 14 security firewall Firewall rules setup. 15 security firewall ipv4 Firewall IPv4 rules setup.

16

security firewall ipv4

configure

Firewall IPV4 rules configuration mode.

security firewall ipv4 17

18

19

20

21

22

default_outbound_policy <d

efault_outbound_policy>

security firewall ipv4

edit <row_id>

security firewall ipv4

enable <row_id>

security firewall ipv4

disable <row_id>

security firewall ipv4

delete <row_id>

security firewall ipv4

move <row_id>

configuration mode.

To edit the selected Firewall IPV4.

To Enable mode.

To Disable mode.

To delete the selected Firewall IPV4 Rule.

Firewall IPV4 Rule reordering mode.

23 security firewall algs Firewall ALGs configuration mode. 24 security firewall ipv6 Firewall IPv6 rules setup.

25

26

27

28

29

30

security firewall ipv6

configure

security firewall ipv6

edit <row_id>

security firewall ipv6

enable <row_id>

security firewall ipv6

disable <row_id>

security firewall ipv6

delete <row_id>

security firewall ipv6

move <row_id>

Firewall IPV6 rules configuration mode.

To edit the selected Firewall IPV6 rule.

To enable mode.

To disable mode.

To delete the selected Firewall IPV6 Rule

Firewall IPV6 Rule reordering mode.

security firewall ipv6 31

default_outbound_policy <d

efault_outbound_policy>

configuration mode.

32 security ids IDS Configuration setup. 33 security ids configure IDS configuration mode. 34 security session_settings Session Settings Configuration setup.

35

security session_settings

configure

Session Settings configuration mode.

36 security schedules Schedules Configuration setup. 37 security schedules add To add new Schedule.

43

ip/mac binding configuration

38

39

security schedules

edit <row_id>

security schedules

delete <row_id>

To edit the selected Schedule.

To delete the selected schedule.

40 security firewall smtpAlg SmtpAlg configuration setup.

41

42

43

44

45

security firewall smtpAlg

approvedMailId

security firewall smtpAlg

blockedMailId

security firewall smtpAlg

subjectList

security firewall smtpAlg

configure

security firewall smtpAlg

approvedMailId add

To list the MailId approved by the user.

Lists the blockedMailIds.

To list all the subjects and Mail ids.

SmtpAlg configuration mode.

It allows Configuration of the approved MailId.

security firewall smtpAlg 46

approvedMailId

It allows to edit an approved MailId.

edit <row_id>

security firewall smtpAlg 47

approvedMailId

It allows to delete an approved MailId.

delete <row_id>

48

49

security firewall smtpAlg

blockedMailId add

security firewall smtpAlg

blockedMailId edit <row_id>

It allows to Configure a blocked MailId.

It allows to edit a blocked MailId.

security firewall smtpAlg 50

blockedMailId

It allows to delete a blocked MailId.

delete <row_id>

51

52

53

security firewall smtpAlg

subjectList add

security firewall smtpAlg

subjectList edit <row_id>

security firewall smtpAlg

subjectList delete <row_id>

It allows to add subject with MailId and action.

It allows to edit subject with MailId and action.

It allows to delete the configuration.

54 security mac_filter Source mac filter configuration mode. 55 security ip_or_mac_binding Ip mac binding configuration mode. 56 security mac_filter configure Source mac filter configuration mode. 57 security mac_filter source .

58

59

60

61

security mac_filter source

add

security mac_filter source

edit <row_id>

security mac_filter source

delete <row_id>

security ip_or_mac_binding

add

To add a new mac address.

To edit the selected mac address from the list.

To delete the selected mac address.

To link to the mode.

44

ip/mac binding

Blocked Keywords

blocked Keywords

blocked Keywords configuration

62

63

64

65

security ip_or_mac_binding

edit <row_id>

security ip_or_mac_binding

delete <row_id>

security firewall

vpn_passthrough

security firewall

vpn_passthrough configure

To edit the selected rule in the configuration page.

To delete the selected rule/rules.

VPN Passthrough setup.

VPN Passthrough configuration mode.

66 security webAccess Web Access Filter Configuration setup.

67

security webAccess

status <status>

Displays security webAccess status

68 security webAccess add Security webAccess add.

69

70

security webAccess

edit <row_id>

security webAccess

delete <row_id>

Security webAccess edit.

Security webAccess delete.

71 security website_filter Website filtering configuration setup.

72

73

74

75

76

77

security website_filter

content_filtering

security website_filter

approved_urls

security website_filter

blocked_keywords

security website_filter

content_filtering configure

security website_filter

approved_urls add

security website_filter

approved_urls edit <row_id>

Content filtering configuration setup.

Trusted domains configuration setup.

Blocked keywords configuration setup.

Content filtering configuration mode.

To add the approved URL configuration page

To edit the selected URL configuration.

security website_filter 78

approved_urls

To delete the selected URL configuration.

delete <row_id>

79

80

81

82

83

security website_filter

blocked_keywords add

security website_filter

blocked_keywords

edit <row_id>

security website_filter

blocked_keywords

delete <row_id>

security website_filter

blocked_keywords

enable <row_id>

security website_filter

blocked_keywords

disable <row_id>

Blocked Keyword configuration mode.

To edit the selected configuration mode.

To delete the selected configuration mode.

To enable the mode.

To disable the mode.

45

S.No

Command Name

Description

Type and Description

Enter the tunnel IP Address

Chapter 6. Configuration commands

under branch VPN

6.1 vpn gre_tunnel add

1 save

2 exit

3 cancel

4 tunnelname

5 ipaddress

6 subnet_mask

Saves system user configuration settings.

Saves system user configuration settings and exit current mode.

To revert to the previous system user configuration settings.

Enter the Tunnel Name here.

here.

Enter the tunnel Subnet Mask here.

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

7 interface

8 remote_ip

9 ddp_broadcast

10 route_network

11 route_netmask

12 gateway

Enter the Interface on which the tunnel is established on.

Enter the Remote IP to which the tunnel is being established here.

Select enable/disable DDP packet forwarding on the tunnel here.

Enter the destination network of GRE tunnel here.

Enter the subnet mask of destination network here.

Enter the gateway of the destination network here.

WAN interface type

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

46

S.No

Command Name

Description

Type and Description

ddress

S.No

Command Name

Description

Type and Description

6.2 vpn gre_tunnel edit <row_id>

1 <row_id>

2 save

3 exit

4 cancel

5 tunnelname

6 ipaddress

7 subnet_mask

8 interface

9 remote_ip

10 ddp_broadcast

11 route_network

12 route_netmask

13 gateway

GRE Tunnel configuration mode

Saves system user configuration settings.

Saves system user configuration settings and exit current mode.

To revert to the previous settings.

Enter the Tunnel Name here.

Enter the tunnel IP A here.

Enter the tunnel Subnet Mask here.

Enter the Interface on which the tunnel is established on.

Enter the Remote IP to which the tunnel is being established here.

Select enable/disable DDP packet forwarding on the tunnel here.

Enter the destination network of GRE tunnel here.

Enter the subnet mask of destination network here.

Enter the gateway of the destination network here.

Unsigned integer

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

WAN interface type

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.3 vpn gre_tunnel delete <row_id>

1 <row_id> GRE Tunnel delete mode Unsigned integer

47

S.No

Command Name

Description

Type and Description

of remote

S.No

Command Name

Description

Type and Description

S.No

Command Name

Descripti

on Type and Description

6.4 vpn l2tp client configure

1 save

2 cancel

3 exit

4 enable

5 server_address L2TP server IP address.

6 remote_network

7 remote_subnet

8 username

9 password

10 mppe_enable Enables mppe encryption. Boolean choice 11 reconnect_mode Selects reconnect mode. Reconnect Mode type

12 time_out

Saves l2tp client configuration settings.

To revert to the previous settings.

Saves l2tp client configuration settings, and exit current mode.

Enables/disables L2TP client.

Network Address network which is local to L2TP Server.

Remote Network Subnet Mask.

Username allocated to L2TP client to connect to L2TP server.

Password allocated to client.

If there is no traffic from a user for more than the specified time out, the connection is disconnected.

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

number in range of 1 to 32

String

Radius client authentication timeout Type.

6.5 vpn l2tp client_action <action>

1

6.6 vpn l2tp server configure

1 save

Vpn l2tp client action set. Reconnect Mode type

Saves l2tp server configuration settings.

48

S.No

Command Name

Descripti

on Type and Description

2 cancel

3 exit

4 enable_v4

5 enable_v6

6 Routing_mode Select L2TP routing mode. Select Route Mode

7 start_address

8 end_address

9 ipv6_prefix L2TP server IPv6 Prefix. String

10 ipv6_prefix_length

11 Authentication_type

12 EnablePap

13 EnableChap

14 EnableMSChap

15 EnableMSChapv2

16

17 secretKey

18 timeout

l2tpSecretKeyEnabl e

To revert to the previous settings.

Saves l2tp server configuration settings, and exits current mode.

Enables/disables L2TP server in IPv4 mode only.

Enables/disables L2TP server in IPv4/IPv6 mode.

L2TP server starting IP address.

L2TP server ending IP address.

L2TP server IPv6 Prefix length.

Selects the type of Authentication required.

Enables PAP authentication.

Enables CHAP authentication.

Enables MS-CHAP authentication.

Enables MS-CHAPv2 authentication.

Enables/Disables support for Secret Key, and enters Secret Key if support is enabled.

Enter L2TP secret Key if Secret Key is enabled.

If there is no traffic from a user for more than the specified time out, the connection is disconnected.

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Unsigned integer

Authentication type

Boolean choice

String

Radius client authentication timeout Type.

49

S.No

Command Name

Description

Type and Description

VPN daemon mode. It

o which the

CBC

ssage digest algorithm used

6.7 vpn openvpn config

1 save

2 cancel

3 exit

4 enable

5 mode

6

7 server_ip

8

9 server_ip fqdn

10 vpn_network

11 vpn_netmask

12 port

13 tunnel_protocol

14 encription_algorithm

15 hash_algorithm

server_identifier_type OpenVPN server identifier

server_ip ip_address

Saves openvpn configuration settings.

To revert to previous settings openvpn configuration settings

Saves openvpn configuration settings, and exit current mode.

Enables/disables openvpn client/server.

Open can run in server mode, client mode or access server client mode

type. OpenVPN server IP

address/FQDN t client connect.

OpenVPN server IP address to which the client connect.

OpenVPN server FQDN to which the client connect.

Address of the Virtual Network.

Netmask of the Virtual Network.

The port number on which openvpn server (or Access Server) runs.

The protocol used to communicate with the remote host. E.g.TCP, UDP. UDP is the default.

The cipher with which the packets are encrypted. E.g. BF-CBC, AES-128, AES192 and AES-256. BFis the default

Message digest algorithm used to

Boolean choice

OpenVPN daemon mode.

OpenVPN server identifier type

IPV4 or IPv6 address depending upon protocol selected IPV4 or IPV6

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Port number

The protocol used to communicate with the remote host

The cipher with which the packets are encrypted

Me to authenticate packets.

50

S.No

Command Name

Description

Type and Description

16 tunnel_type

17

18 select_primaryCert

19

20 enable_tls_authkey

21

allow_client_to_clien t

select_secondaryCe rt

block_invalid_client_ certificates

authenticate.packets. E.g.: SHA1, SHA256 and SHA512. SHA1 is the default.

Selects Full Tunnel to redirect all the traffic through the tunnel. Select Split Tunnel to redirect traffic to only specified resources (added from openVpnClient Routes) through the tunnel. Full Tunnel is the default.

Enables this to allow openvpn clients to communicate with each other in split tunnel case. Disabled by default.

Enables this to select the Set of certificates and keys the server uses. Enable this for first time configuration.

Enables this to select Set of certificates and keys newly uploaded.

Enabling this adds Tls authentication which adds an additional layer of authentication. Can be checked only when the tls key is uploaded. Disabled by default.

Enabling this blocks invalid client certificates based on the CRL certificate uploaded. Can be checked only when the CRL certificate is uploaded. Disabled by default.

type of tunnel

Boolean choice

51

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Descrip

tion

6.8 vpn openvpn remote_network add

1 save

2 cancel

3 exit

4 common_name

5 remote_network

6 remote_netmask

Saves Remote network Configuration settings.

To revert to previous settings.

Saves Remote network configuration settings, and exits current mode.

Common Name of the OpenVPN client certificate

Network address of the remote resource.

Netmask of the remote resource.

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.9 vpn openvpn remote_network edit <row_id>

1 <row_id> Remote network edit mode. Unsigned integer

2 save

3 cancel

4 exit

5 common_name

6 remote_network

7 remote_netmask

Saves Remote network Configuration settings.

To revert to previous Remote network Configuration settings.

Saves Remote network configuration settings and exit current mode.

Common Name of the OpenVPN client certificate.

Network address of the remote resource.

Netmask of the remote resource.

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

52

S.No

Command Name

Description

Type and Description

Openvpn remote network

S

.No Command Name

Description

Type and Description

S.No

Command

Name

Description

Type and Description

6.10 vpn openvpn remote_network delete <row_id>

1

<row_id>

delete mode.

Unsigned integer

6.11 vpn openvpn local_network add

1 save

2 cancel

3 exit

4 local_network

5 local_netmask

Save local network settings.

To revert to previous local network settings.

Save local network configuration settings and exit current mode.

Network address of the local resource.

Netmask of the local resource.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.12 vpn openvpn local_network edit <row_id>

1 <row_id> Local network edit mode. Unsigned integer

2 save

3 cancel

4 exit

5

6 local_netmask

local_network

Saves local network settings.

To revert to previous local network settings.

Saves local network configuration settings, and exits current mode.

Network address of the local resource.

Netmask of the local resource.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

53

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Descr

iption

S.No

Command Name

Descr

iption

Type and Description

6.13 vpn openvpn local_network delete <row_id>

1 <row_id>

Deletes the selected openvpn Local network.

Unsigned integer

6.14 vpn openvpn cert_upload ca <fileName> <ipAddr>

1

Browse and upload the pem formatted CA Certificate.

String IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.15 vpn openvpn cert_upload server_client_cert <fileName> <ipAddr>

S.No Command Name Description Type and Description

String IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

1

Browse and upload the pem formatted Server / Client Certificate.

6.16 vpn openvpn cert_upload client_key <fileName> <ipAddr>

1

<fileName> <ipAddr> Uploads the pem formatted

Server/Client key.

54

String IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

the pem formatted

S.No

Command Name

Description

Type and Desc

ription

the pem formatted

S.No

Command Name

Description

Type and Description

6.17 vpn openvpn cert_upload dh_Key <fileName> <ipAddr>

S.No Command Name Description Type and Description

String

1

<fileName> <ipAddr> Uploads

Diffie Hellman key.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.18 vpn openvpn cert_upload tls_Authkey <fileName> <ipAddr>

S.No Command Name Description Type and Description

String

1

<fileName> <ipAddr> Uploads the pem formatted

Tls Authentication Key.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.19 vpn openvpn cert_upload crl_cert <fileName> <ipAddr>

1

<fileName> <ipAddr> Uploads

CRL Certificate.

6.20 vpn openvpn cert_upload config <fileName> <ipAddr>

1

<fileName> <ipAddr> Uploads the pem formatted

config file.

String IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

55

S.No

Command Name

Description

Type and Description

Network Address of remote

S.No

Command Name

Description

Type and Description

S.No

Command Name

Descripti

on Type and Description

6.21 vpn pptp client configure

1 save

2 cancel

3 exit

4 enable

5 server_address PPTP server IP address.

6 remote_network

7 remote_subnet

8 username

9 password

10 mppe_enable Enables mppe encryption. Boolean choice

11 time_out

Saves pptp client configuration settings.

To revert to previous PPTP Client configuration settings.

Saves pptp client configuration settings, and exits current mode.

Enables/disables PPTP client.

network which is local to PPTP Server.

Remote Network Subnet Mask.

Username allocated to client to connect to PPTP Server.

Password allocated to client to connect to PPTP Server.

Specified time after which the connection is disconnected.

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Number in range of 1 to 32.

String

Unsigned integer

6.22 vpn pptp client_action <action>

1 <action> vpn pptp client action set. Boolean choice

6.23 vpn pptp server configure

1 save

2 cancel

Saves pptp server configuration settings.

To revert to the previous pptp server configuration settings.

56

S.No

Command Name

Descripti

on Type and Description

Saves pptp server

3 exit

configuration settings, and exits current mode.

4 enable_v4

5 enable_v6

Enables/disables PPTP server in IPv4 mode only.

Enables/disables PPTP server in IPv4/IPv6 mode.

Boolean choice

6 Routing_Mode Selects Routing mode. Select Route Mode

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

7 start_address

8 end_address

PPTP server starting IP address.

PPTP server ending IP address.

9 ipv6_prefix PPTP server IPv6 Prefix. String

10 ipv6_prefix_length

11 Authentication_type

12 pap_enable

13 chap_enable

PPTP server IPv6 Prefix length.

Selects the type of authentication required.

Enables support for PAP authentication method.

Enables support for CHAP authentication method.

Unsigned integer

Authentication type

Boolean choice

Enables support for MS-

14 mschap_enable

CHAP authentication

Boolean choice

method. Enables support for MS-

15 mschapv2_enable

CHAPv2 authentication

Boolean choice

method.

16 Mppe40Enable

17 Mppe128Enable

18 MppeStatefulEnable

19 UserTimeOut

20 Enable_Netbios

21

Primary_Wins_Serv er

Enables Mppe 40 bit encryption

Enables Mppe 128 bit encryption

Enables Stateful Mppe encryption

The specified time after which the connection is disconnected.

Enables/Disables the Netbios functionality.

Enter primary Windows server ip Address here.

Boolean choice

Radius client authentication timeout Type.

Boolean choice

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

57

S.No

Command Name

Descripti

on Type and Description

S.No

Command Name

Description

Type and Description

22

Secondary_Wins_S erver

Enter Secondary Windows server ip address.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

6.24 vpn sslvpn portal-layouts add

1 save Saves portal settings.

2 exit

3 cancel

4 portal_name Specifies the portal name

5 profile_name Specifies the profile name

6 portal_title

7 banner_title

8 banner_message

9 display_banner

10

11

12 enable_vpntunnel

13

14 sslAuthType

15 SSL_GROUP

enable_httpmetatag s

enable_activexwebc achecleaner

enable_portforwardi ng

Saves portal settings, and exits current mode.

To revert to previous portal settings.

Specifies the web browser window title for the portal.

Specifies the banner title to Displays to users before logging into the portal.

Specifies the banner message that would be displaysed along with the banner title.

Specifies whether the banner message and banner title should be displayed.

Specifies whether the http meta tags should be enabled.

Specifies whether the activex web cache cleaner should be enabled.

Specifies whether the vpn tunnel should be enabled

Specifies whether the port forwarding should be enabled.

Selects the authentication type for the portal.

Selects a group name for the portal (only for local authentication).

String, Max 32 characters and no ' or empty space or "

String, Max of 32 alpha numeric characters

String, Max 64 characters and no ' or empty space or "

String, MAX 64 characters, ' is not supported;

String, 'character is not supported;

Boolean choice

Supported authentication type

String, Max 32 characters and no ' or empty space or "

58

S.No

Command Name

Description

Type and Description

the banner title to

6.25 vpn sslvpn portal-layouts edit <row_id>

1 <row_id> Edits sslvpn portal layout Unsigned integer 2 save Saves portal settings

3 exit

4 cancel

5 profile_name Specifies the profile name

6 portal_title Specifies the portal title

7 banner_title

8 banner_message

9 display_banner

10

11

12 enable_vpntunnel

13

14 SSL_GROUP

enable_httpmetatag s

enable_activexwebc achecleaner

enable_portforwardi ng

Saves portal settings and exit current mode

To revert to previous settingsTo revert to the previous settings

Specifies Displays to users before logging into the portal.

Specifies the banner message that would be displayed along with the banner title.

Specifies whether the banner message and banner title should be displayed.

Specifies whether the http meta tags should be enabled.

Specifies whether the activex web cache cleaner should be enabled.

Specifies whether the vpn tunnel should be enabled

Specifies whether the port forwarding should be enabled.

Selects a group name for the portal (only for local authentication).

String, Max 32 characters and no ' or empty space or "

String, Max 64 characters and no ' or empty space or "

String, MAX 64 characters, ' is not supported;

String, ' character is not supported;

Boolean choice

String, Max 32 characters and no ' or empty space or "

59

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Comma

nd Name

Description

Type and Description

6.26 vpn sslvpn portal-layouts delete <row_id>

1 <row_id>

Deletes sslvpn portal layout.

Unsigned integer

6.27 vpn sslvpn portforwarding appconfig add

1 save

2 exit

3 cancel

4 serverip Server ip address

5 port Server port Port number

Saves portforwarding Apps settings

Saves portforwarding Apps settings and exit current mode

To revert to the previous portforwarding Apps settings.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.28 vpn sslvpn portforwarding appconfig delete <row_id>

1 <row_id>

Deletes an application configuration rule

Unsigned integer

6.29 vpn sslvpn portforwarding hostconfig add

1 save

2 exit

3 cancel

Saves portforwarding Host settings

Saves portforwarding Host settings and exit current mode

To revert to the previous portforwarding Host settings.

60

S.No

Comma

nd Name

Description

Type and Description

String, Max 128 characters and

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

sslvpn

S.No

Command Name

Description

Type a

nd Description

sslvpn

4 serverip server ip address

5 domain_name domain name

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

no ' or empty space or "

6.30 vpn sslvpn portforwarding hostconfig delete <row_id>

1 <row_id>

Deletes a host configuration rule.

Unsigned integer

6.31 vpn sslvpn resource add

1 save

2 exit

3 cancel

4 resource_name resource name

5 service_type service type Sslvpn resource.

Saves sslvpn resource settings

Saves sslvpn resource settings and exit current mode

To revert to previous resource settings.

String, MAX 128 characters, ' is not supported;

6.32 vpn sslvpn resource configure add <resource_name>

1 <resource_name>

2 save

3 exit

4 cancel

Adds an sslvpn resource object.

Saves sslvpn resource object settings

Saves sslvpn resource settings, and exit current mode.

To revert to previous resource settings.

61

String, MAX 128 characters, ' is not supported;

S.No

Command Name

Description

Type a

nd Description

S.No

Comman

d Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

sslvpn

5 object_type object type Sslvpn resource object type.

6 object_address

7 mask_length

8 start_port start port Port number 9 end_port end port Port number

10 icmp

The object address of the resource object.

The mask length of the network.

Enables this option to include ICMP traffic.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

number in range of 1 to 32

Source address type for users’ ip policy.

6.33 vpn sslvpn resource configure delete <row_id>

1 <row_id>

Deletes an sslvpn resource object

Unsigned integer.

6.34 vpn sslvpn resource delete <row_id>

1 <row_id> Deletes an sslvpn resource Unsigned integer

6.35 vpn sslvpn policy add

1 save

2 exit

3 cancel

4 policy_type Shows policy type. Sslvpn policy type. 5 policy_owner Shows policy owner String

6

7 policy_name policy name

destination_objectty pe

Saves sslvpn policy settings

Saves sslvpn policy settings and exit current mode

To revert to previous policy settings.

destination object type Sslvpn policy destination type.

String, character is not supported;

62

S.No

Command Name

Description

Type and Description

This can be either Permit or

S.No

Command Name

Description

Type and Description

sslvpn

8 policy_address policy address

9 policy_masklength policy masklength number in range of 1 to 32 10 start_port start port Port number 11 end_port end port Port number 12 service_type service type sslvpn resource

13 resource_name resource name

14 policy_permission

15 icmp

Deny. Enables this option to

include ICMP traffic.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

String, MAX 128 characters, ' is not supported;

sslvpn policy type

source address type for users ip policy

6.36 vpn sslvpn policy edit <row_id>

1 <row_id> Edits an sslvpn policy Unsigned integer

2 save

3 exit

4 cancel

5 policy_address

6 policy_masklength

7 start_port Start port. Port number 8 end_port End port. Port number

9 resource_name resource name

10 policy_permission

11 icmp

Saves sslvpn policy settings

Saves sslvpn policy settings, and exit current mode

To revert to previous policy settings.

Enter the IP Address to which the SSL VPN Policy needs to be applied.

Enter the subnet mask for the above IP address.

Chooses either Permit or Deny for this policy.

Enables this option to include ICMP traffic.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

number in range of 1 to 32

String, MAX 128 characters, ' is not supported.

Sslvpn policy type.

Source address type for users ip policy.

63

S.No

Command Name

Description

Type and Description

S.No

Co

mmand Name

Description

Type and Description

sslvpn client settings

sslvpn

the DNS Suffix for this

S.No

Command Name

Description

Ty

pe and Description

sslvpn

6.37 vpn sslvpn policy delete <row_id>

1 <row_id> Deletes an sslvpn policy Unsigned integer.

6.38 vpn sslvpn client

1 save Saves sslvpn client settings

2 exit

3 cancel

4 enable_fulltunnel Enables full tunnel. Boolean choice

5 dns_suffix

6 primary_dns

7 secondary_dns

8 begin_clientaddress

9 end_clientaddress

10 lcp_timeout

Saves and exit current mode

To revert to previous client settings.

Sets client.

Sets the primary DNS Server for this client.

Sets the secondary DNS Server for this client.

Sets the first IP address of the IP address range.

Sets the last IP address of the IP address range.

This setting is to determine the wait time for a SSL VPN tunnel negotiation attempts.

String

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

Unsigned integer

6.39 vpn sslvpn route add

1 save Saves sslvpn route settings

2 exit

3 cancel

Saves sslvpn route settings, and exits current mode.

To revert to previous route settings.

64

S.No

Command Name

Description

Ty

pe and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

mode to IP address or

Internet Name/FQDN of the

4 destination_network destination network

5 subnet_mask subnet mask

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

6.40 vpn sslvpn route delete <row_id>

1 <row_id> Deletes sslvpn client route Unsigned integer

6.41 vpn ipsec policy configure <name>

1 <name>

2 save

3 cancel

4 exit

5 general_policy_type

6 general_ike_version

7

8

9

10

11

general_ip_protocol _version

general_select_local _gateway

general_remote_end _point_type

general_remote_end _point

general_remote_end _point ip_address

vpn policy configuration mode

Saves vpn policy configuration settings.

To revert to previous vpn policy configuration settings.

Saves vpn policy configuration settings, and exits current mode.

Setting policy manual or auto.

Setting version ikev1 or ikev2.

Setting protocol version ipv4 or ipv6

Setting local gateway for the vpn policy.

Sets

remote gateway or client PC.

The IP address or Internet Name/FQDN of the remote gateway or client PC.

The IP address of the remote gateway or client PC.

String

Vpn policy type.

IPsec VPN IKE Version.

Vpn protocol version.

VPN gateway.

Vpn remote end point type.

IPV4 or IPv6 address depending upon protocol selected IPV4 or IPV6.

65

S.No

Command Name

Description

Type and Description

Rollover on the WAN Mode

cal side that will be

IP address where the range

12

general_remote_end _point fqdn

The IP address or Internet Name/FQDN of the remote gateway or client PC.

String.

Enables/disables mode config which is similar to DHCP and is used to assign IP addresses to

Boolean choice.

13

general_enable_mo de_config

remote VPN clients. Enables/disables this to

14

general_enable_net bios

allow NetBIOS broadcasts to travel over the VPN

Boolean choice.

tunnel. Enables this to allow the

VPN to rollover when WAN Mode is set to Auto

Boolean choice

15

general_enable_roll over

page.

16 general_protocol Setting protocol esp or ah. IPsec VPN Protocol

17

18

19

20

general_enable_dhc p

general_redundant_ vpn_gateway

general_backup_poli cy_name

Enables/disables dhcp. Boolean choice

Enables/disables Redundant vpn gateway.

Backup policy name. String

general_failback_time Failback time to switch

from back-up to primary.

Boolean choice

Unsigned integer

Selects the IP addresses on the lo part of the tunnel. This can be either a single IP address, several IP addresses in a range, an

Vpn network type

21

general_local_netwo rk_type

entire subnet, or any IP address that wants to connect.

IPV4 or IPv6 address depending upon protocol selected IPV4 or IPV6

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

IPv6 Prefix length

22

23

24

25

general_local_start_ address

general_local_end_ address

general_local_subne t_mask

general_local_prefix _length

IP address from where the range needs to begin.

needs to end.

Enter the Subnet Mask of the network.

Prefix length of the ipv6 subnet used.

66

S.No

Command Name

Description

Type and Description

IP address where the range

Takes a hexadecimal value

26

27

28

29

30

31

32

33

34

35

36 general_l2tp_mode

general_remote_net work_type

general_remote_star t_address

general_remote_end _address

general_remote_sub net_mask

general_remote_pre fix_length

general_enable_kee palive

general_keepalive_s ourceip

general_keepalive_d estinationip

general_keepalive_d etection_period

general_keepalive_f ailure_count

Selects the IP addresses on the remote side that will be part of the tunnel. This can be either a single IP address, several IP

Vpn network type. addresses in a range, an entire subnet, or any IP address that wants to connect.

IP address from where the range needs to begin.

IPV4 or IPv6 address

depending upon protocol

selected IPV4 or IPV6.

IPV4 or IPv6 address

needs to end.

Subnet mask of the subnet used.

Prefix length of the ipv6 subnet used.

depending upon protocol

selected IPV4 or IPV6.

IP address

AAA.BBB.CCC.DDD where

each part is in the range 0-255.

IPv6 Prefix length.

Enables/disables keepalive Boolean choice.

IPV4 or IPv6 address keepalive sourceip

depending upon protocol

selected IPV4 or IPV6.

IPV4 or IPv6 address keepalive destinationip

depending upon protocol

selected IPV4 or IPV6. Router sends ping packets

periodically at regular intervals of time which is

Keepalive detection period in

seconds. specified by the user.

Keepalive failure count of the specified number of consecutive packets for which the

Keepalive failure count.

acknowledgement is not received.

Setting l2tp mode as None(0) or Client(1) or

IPsec L2tp Mode. Gateway(2).

37 manual_spi_in

between 3 and 8 characters.

67

Takes a hexadecimal value

between 3 and 8 characters.

S.No

Command Name

Description

Type and Description

Takes a hexadecimal value

outbound policy. The length

Algorithm used to verify the

38 manual_spi_out

39

40 manual_key_length

41

42

43

44

45

46

47

48

49

50

51

52

53

54

manual_encryption_ algorithm

manual_encryption_ key_in

manual_encryption_ key_out

manual_authenticati on_algorithm

manual_authenticati on_key_in

manual_authenticati on_key_out

auto_phase1_excha nge_mode

auto_phase1_enabl e_nat_traversal

auto_phase1_nat_k eepalive_frequecy

auto_phase1_local_i denttype

auto_phase1_directi on_type

auto_phase1_local_i dentifier

auto_phase1_remot e_identtype

auto_phase1_remot e_identifier

auto_phase1_encry ption_algorithm

between 3 and 8 characters.

The algorithm used to encrypt the data.

The key length for the algorithm.

Takes a hexadecimal value

between 3 and 8 characters.

Vpn encryption algorithm.

Unsigned integer.

Encryption key of the inbound policy. The length of the key depends on the

String

algorithm chosen Encryption key of the

of the key depends on the

String

algorithm chosen.

integrity of the data.

Vpn authentication algorithm.

This is the integrity key (for ESP with Integrity-mode) for the inbound policy and

String depends on the algorithm chosen.

This is the integrity key (for ESP with Integrity-mode) for the outbound policy and

String depends on the algorithm chosen.

Setting IKE exchange Mode.

Enabling/Disabling Nat traversal.

Setting IKE nat alive frequency.

Setting IKE local identifier type.

VPN Exchange Mode

Boolean choice

Unsigned integer

IPsec VPN IKE local identifier

type.

Setting IKE direction type. IPsec VPN IKE direction Mode.

Setting IKE local identifier. String

Setting IKE remote identifier.

Setting IKE encryption algorithm.

IPsec VPN IKE local identifier

type.

String

68

S.No

Command Name

Description

Type and Description

ption_algorithm DES

55

56

57

58

59

60

61

62

63

64

65

66

67

auto_phase1_encry ption_algorithm DES

auto_phase1_encry

enable_DES auto_phase1_encry

ption_algorithm 3DES

auto_phase1_encry ption_algorithm 3DES enable_3DES <3des >

auto_phase1_encry ption_algorithm AES-128

auto_phase1_encry ption_algorithm AES-128 enable_AES-128

auto_phase1_encry ption_algorithm AES-192

auto_phase1_encry ption_algorithm AES-192 enable_AES-192

auto_phase1_encry ption_algorithm AES-256

auto_phase1_encry ption_algorithm AES-256 enable_AES-256

auto_phase1_encry ption_algorithm BLOWFISH

auto_phase1_encry ption_algorithm BLOWFISH enable_BLOWFISH

auto_phase1_encry ption_algorithm BLOWFISH keylength

Setting IKE encryption algorithm.

Enables DES encryption algorithm.

Setting IKE encryption algorithm.

Enables 3DES encryption algorithm.

Setting IKE encryption algorithm.

Enables AES-128 encryption algorithm.

Setting IKE encryption algorithm.

Enables AES-192 encryption algorithm.

Setting IKE encryption algorithm.

Enables AES-256 encryption algorithm

Setting IKE encryption algorithm.

Enables BLOWFISH encryption algorithm.

Enter BLOWFISH keylength.

Boolean choice

Unsigned integer

69

S.No

Command Name

Description

Type and Description

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

auto_phase1_encry ption_algorithm CAST128

auto_phase1_encry ption_algorithm CAST128 enable_CAST128

auto_phase1_encry ption_algorithm CAST128 keylength

auto_phase1_auth_ algorithm

auto_phase1_auth_ algorithm MD5

auto_phase1_auth_ algorithm MD5 enable_MD5

auto_phase1_auth_ algorithm SHA1

auto_phase1_auth_ algorithm SHA1 enable_SHA1

auto_phase1_auth_ algorithm SHA2-256

auto_phase1_auth_ algorithm SHA2-256 enable_SHA2-256

auto_phase1_auth_ algorithm SHA2-384

auto_phase1_auth_ algorithm SHA2-384 enable_SHA2-384

auto_phase1_auth_ algorithm SHA2-512

auto_phase1_auth_ algorithm SHA2-512 enable_SHA2-512

auto_phase1_auth_ method

auto_phase1_dh_gr oup

auto_phase1_sa_life time

auto_phase1_pre_s hared_key

Setting IKE encryption algorithm.

Enables CAST128 encryption algorithm.

Boolean choice

Enter CAST128 keylength. Unsigned integer

Setting IKE authentication algorithm.

Enables MD5 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA1 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-256 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-384 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-512 authentication algorithm.

Setting IKE authentication algorithm method.

Setting IKE Diffie-Hellman (DH) Group.

Setting IKE SA lifetime in seconds.

Boolean choice

IPsec VPN IKE authentication

algorithm method.

IPsec VPN IKE Diffie-Hellman

(DH) Group type.

Unsigned integer.

Setting IKE pre shared key. String

70

S.No

Command Name

Description

Type and Description

ng dead peer detection

Setting dead peer detection

ption_algorithm DES

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

auto_phase1_enabl e_dead_peer_detect ion

auto_phase1_detect ion_period

auto_phase1_recon nect_failure_count

auto_phase1_exten ded_authentication

auto_phase1_authe ntication_type

auto_phase1_xauth _username

auto_phase1_xauth _password

auto_phase2_sa_life time

auto_phase2_sa_life time seconds

auto_phase2_sa_life time bytes

auto_phase2_encry ption_algorithm

auto_phase2_encry ption_algorithm DES

auto_phase2_encry

enable_DES auto_phase2_encry

ption_algorithm 3DES

auto_phase2_encry ption_algorithm 3DES enable_3DES <3des >

auto_phase2_encry ption_algorithm AES-128

auto_phase2_encry ption_algorithm AES-128 enable_AES-128

Enabling/Disabling dead peer detection.

Setti time period.

failure count. Setting extended

authentication method. Setting extended

authentication type. Username for extended

authentication. Password for extended

authentication. Vpn auto policy phase2

configure. Setting IKE SA lifetime in

seconds. Setting IKE SA lifetime in

bytes. Setting IKE encryption

algorithm. Setting IKE encryption

algorithm.

Enables DES encryption algorithm.

Setting IKE encryption algorithm.

Enables 3DES encryption algorithm.

Setting IKE encryption algorithm.

Enables AES-128 encryption algorithm.

Boolean choice

Unsigned integer

IPsec VPN IKE extended

authentication method.

IPsec VPN IKE extended

authentication method.

String

Unsigned integer

Boolean choice

71

S.No

Command Name

Description

Type and Description

103

104

105

106

107

108

109

110

111

112

113

114

auto_phase2_encry ption_algorithm AES-192

auto_phase2_encry ption_algorithm AES-192 enable_AES-192

auto_phase2_encry ption_algorithm AES-256

auto_phase2_encry ption_algorithm AES-256 enable_AES-256

auto_phase2_encry ption_algorithm TWOFISH-128

auto_phase2_encry ption_algorithm TWOFISH-128 enable_TWOFISH128

auto_phase2_encry ption_algorithm TWOFISH-192

auto_phase2_encry ption_algorithm TWOFISH-192 enable_TWOFISH192

auto_phase2_encry ption_algorithm TWOFISH-256

auto_phase2_encry ption_algorithm TWOFISH-256 enable_TWOFISH256

auto_phase2_encry ption_algorithm BLOWFISH

auto_phase2_encry ption_algorithm BLOWFISH enable_BLOWFISH

Setting IKE encryption algorithm.

Enables AES-192 encryption algorithm.

Setting IKE encryption algorithm.

Enables AES-256 encryption algorithm.

Setting IKE encryption algorithm.

Enables TWOFISH-128 encryption algorithm.

Setting IKE encryption algorithm.

Enables TWOFISH-192 encryption algorithm.

Setting IKE encryption algorithm.

Enables TWOFISH-256 encryption algorithm.

Setting IKE encryption algorithm.

Enables BLOWFISH encryption algorithm.

Boolean choice

72

S.No

Command Name

Description

Type and Description

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

auto_phase2_encry ption_algorithm BLOWFISH keylength

auto_phase2_encry ption_algorithm CAST128

auto_phase2_encry ption_algorithm CAST128 enable_CAST128

auto_phase2_encry ption_algorithm CAST128 keylength

auto_phase2_auth_ algorithm

auto_phase2_auth_ algorithm MD5

auto_phase2_auth_ algorithm MD5 enable_MD5

auto_phase2_auth_ algorithm SHA1

auto_phase2_auth_ algorithm SHA1 enable_SHA1

auto_phase2_auth_ algorithm SHA2-256

auto_phase2_auth_ algorithm SHA2-256 enable_SHA2-256

auto_phase2_auth_ algorithm SHA2-384

auto_phase2_auth_ algorithm SHA2-384 enable_SHA2-384

auto_phase2_auth_ algorithm SHA2-224

auto_phase2_auth_ algorithm SHA2-224 enable_SHA2-224

auto_phase2_auth_ algorithm SHA2-512

auto_phase2_auth_ algorithm SHA2-512 enable_SHA2-512

Enters BLOWFISH keylength.

Setting IKE encryption algorithm.

Enables CAST128 encryption algorithm.

Unsigned integer

Boolean choice

Enter CAST128 keylength. Unsigned integer

Setting IKE authentication algorithm.

Enables MD5 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA1 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-256 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-384 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-224 authentication algorithm.

Setting IKE authentication algorithm.

Enables SHA2-512 authentication algorithm.

Boolean choice

73

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Na

me Description

Type and Description

132

133

auto_phase2_enabl e_pfskeygroup

auto_phase2_dh_gr oup

Enables/DIsables PFS key group.

Setting IKE Diffie-Hellman (DH) Group.

6.42 vpn ipsec dhcp configure

1 save

2 cancel

3 exit

4 start_address

5 end_address

6 subnet_mask

Saves vpn ipsec dhcp configuration settings.

To revert to the previous vpn ipsec dhcp configuration settings.

Saves vpn ipsec dhcp configuration settings and exits current mode.

Setting ipsec dhcp start address.

Setting ipsec dhcp end address.

Setting ipsec dhcp subnet mask.

Boolean choice

IPsec VPN IKE Diffie-Hellman

(DH) Group type

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

6.43 vpn ipsec policy enable <name>

1 <name> Enables a vpn policy String

6.44 vpn ipsec policy disable <name>

1 <name> Disables a vpn policy String

6.45 vpn ipsec policy delete <name>

1 <name> Deletes a vpn policy String

74

S.No

Command Name

Description

Type and Description

S.No

Command Name

Descripti

on Type and Description

6.46 vpn ipsec policy connect <name>

1 <name> Connects a vpn tunnel String

6.47 vpn ipsec policy drop <name>

1 <name>

Drops/Disconnects a vpn tunnel

String

75

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

Chapter 7. Configuration commands

under branch DOT11

7.1 dot11 profile add <profile_name>

1 <profile_name>

2 save

3 exit

4 ssid

5 broadcast-ssid

6 security_type

7 radio_mode Sets the profile radio mode. Dot11 Radio band 8 wep Sets profile WEP options.

9 wep authentication

10 wep encryption Sets WEP encryption type. WEP Encryption Types

11 wep key

12 wep passphrase

13 wpa Sets the WPA options.

14 wpa authentication

15 wpa encryption Sets WPA encryption type. WPA Encryption Types

16 wpa wpa-password

802.11 profile configuration mode.

Saves profile configuration settings.

Saves profile configuration settings and exit current mode.

Sets the 802.11 profile SSID.

Enables or Disables SSID broadcast.

Sets the profile security type.

Sets WEP authentication type.

Sets WEP key. Not required if passphrase is set.

Sets WEP passphrase to generate WEP key from.

Sets WPA authentication type.

WPA Password. Needed only if authentication is PSK

String

Boolean choice

802.11 Security Types

WEP Authentication Types

WEP key index type (1-4) String

WPA Authentication Types

String

7.2 dot11 profile edit <profile_name>

1 <profile_name>

802.11 profile configuration mode.

76

String

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

2 save

3 exit

4 ssid

5 broadcast-ssid

6 security_type

7 radio_mode Sets the profile radio mode. Dot11 Radio band

8 wep

9 wep authentication

10 wep encryption

11 wep key

12 wep passphrase

13 wpa Sets the WPA options.

14 wpa authentication

15 wpa encryption

16 wpa wpa-password

Saves profile configuration settings.

Saves profile configuration settings, and exit current mode.

Sets the 802.11 profile SSID.

Enables or DisablesSSID broadcast.

Sets the profile security type.

Sets the profile WEP options.

Sets the WEP authentication type.

Sets the WEP encryption type.

Sets the WEP key. Not required if passphrase is set.

Sets the WEP passphrase to generate WEP key from.

Sets the WPA authentication type.

Sets the WPA encryption type.

WPA Password. Needed only if authentication is PSK

String

Boolean choice

802.11 Security Types

WEP Authentication Types

WEP Encryption Types

WEP key index type (1-4) String

WPA Authentication Types

WPA Encryption Types

String

7.3 dot11 wmm edit <profile_name>

1 <profile_name>

2 save

The name of the profile to which service is being added will be displayed here. 802.11 wmm configuration mode.

Saves wmm configuration settings.

77

String

S.No

Command Name

Description

Type and Description

"Background", "Best Effort",

Saves wmm configuration

3 exit

settings, and exit current mode.

4 enable

Enables/Disables the

802.11 profile wmm.

Boolean choice

Choose among

"video", "Voice". This class of service is used for the

5 default_class

traffic for whose IP

Dot11 WMM class DSCP/TOS value is set to "Default" in IP TOS/DiffServ Mapping table.

6 dscp_0 Selects class of ip dscp. Dot11 WMM class 7 dscp_1 Selects class of ip dscp. Dot11 WMM class 8 dscp_2 Selects class of ip dscp. Dot11 WMM class 9 dscp_3 Selects class of ip dscp. Dot11 WMM class 10 dscp_4 Selects class of ip dscp. Dot11 WMM class 11 dscp_5 Selects class of ip dscp. Dot11 WMM class 12 dscp_6 Selects class of ip dscp. Dot11 WMM class 13 dscp_7 Selects class of ip dscp. Dot11 WMM class 14 dscp_8 Selects class of ip dscp. Dot11 WMM class 15 dscp_9 Selects class of ip dscp. Dot11 WMM class 16 dscp_10 Selects class of ip dscp. Dot11 WMM class 17 dscp_11 Selects class of ip dscp. Dot11 WMM class 18 dscp_12 Selects class of ip dscp. Dot11 WMM class 19 dscp_13 Selects class of ip dscp. Dot11 WMM class 20 dscp_14 Selects class of ip dscp. Dot11 WMM class 21 dscp_15 Selects class of ip dscp. Dot11 WMM class 22 dscp_16 Selects class of ip dscp. Dot11 WMM class 23 dscp_17 Selects class of ip dscp. Dot11 WMM class 24 dscp_18 Selects class of ip dscp. Dot11 WMM class 25 dscp_19 Selects class of ip dscp. Dot11 WMM class 26 dscp_20 Selects class of ip dscp. Dot11 WMM class 27 dscp_21 Selects class of ip dscp. Dot11 WMM class 28 dscp_22 Selects class of ip dscp. Dot11 WMM class 29 dscp_23 Selects class of ip dscp. Dot11 WMM class 30 dscp_24 Selects class of ip dscp. Dot11 WMM class 31 dscp_25 Selects class of ip dscp. Dot11 WMM class 32 dscp_26 Selects class of ip dscp. Dot11 WMM class 33 dscp_27 Selects class of ip dscp. Dot11 WMM class 34 dscp_28 Selects class of ip dscp. Dot11 WMM class

78

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

35 dscp_29 Selects class of ip dscp. Dot11 WMM class 36 dscp_30 Selects class of ip dscp. Dot11 WMM class 37 dscp_31 Selects class of ip dscp. Dot11 WMM class 38 dscp_32 Selects class of ip dscp. Dot11 WMM class 39 dscp_33 Selects class of ip dscp. Dot11 WMM class 40 dscp_34 Selects class of ip dscp. Dot11 WMM class 41 dscp_35 Selects class of ip dscp. Dot11 WMM class 42 dscp_36 Selects class of ip dscp. Dot11 WMM class 43 dscp_37 Selects class of ip dscp. Dot11 WMM class 44 dscp_38 Selects class of ip dscp. Dot11 WMM class 45 dscp_39 Selects class of ip dscp. Dot11 WMM class 46 dscp_40 Selects class of ip dscp. Dot11 WMM class 47 dscp_41 Selects class of ip dscp. Dot11 WMM class 48 dscp_42 Selects class of ip dscp. Dot11 WMM class 49 dscp_43 Selects class of ip dscp. Dot11 WMM class 50 dscp_44 Selects class of ip dscp. Dot11 WMM class 51 dscp_45 Selects class of ip dscp. Dot11 WMM class 52 dscp_46 Selects class of ip dscp. Dot11 WMM class 53 dscp_47 Selects class of ip dscp. Dot11 WMM class 54 dscp_48 Selects class of ip dscp. Dot11 WMM class 55 dscp_49 Selects class of ip dscp. Dot11 WMM class 56 dscp_50 Selects class of ip dscp. Dot11 WMM class 57 dscp_51 Selects class of ip dscp. Dot11 WMM class 58 dscp_52 Selects class of ip dscp. Dot11 WMM class 59 dscp_53 Selects class of ip dscp. Dot11 WMM class 60 dscp_54 Selects class of ip dscp. Dot11 WMM class 61 dscp_55 Selects class of ip dscp. Dot11 WMM class 62 dscp_56 Selects class of ip dscp. Dot11 WMM class 63 dscp_57 Selects class of ip dscp. Dot11 WMM class 64 dscp_58 Selects class of ip dscp. Dot11 WMM class 65 dscp_59 Selects class of ip dscp. Dot11 WMM class 66 dscp_60 Selects class of ip dscp. Dot11 WMM class 67 dscp_61 Selects class of ip dscp. Dot11 WMM class 68 dscp_62 Selects class of ip dscp. Dot11 WMM class 69 dscp_63 Selects class of ip dscp. Dot11 WMM class

.

7.4 dot11 radius configure

1 save

Saves radius configuration settings.

79

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

2 cancel

3 exit

4 primary_server

5 secondary_server

6 port Sets port number. number in range of 0 to 65535 7 secret Sets secret key for radius. String

8 timeout

9 retries

To revert to the previous radius configuration settings

Saves ACL configuration settings and exit current mode.

Sets Radius Primary authentication Server.

Sets Radius Seconadry authentication Server.

Sets timeout for radius client.

Authentication retries limit to radius server.

IP address

AAA.BBB.CCC.DDD where

each part is in the range 0-255

IP address

AAA.BBB.CCC.DDD where

each part is in the range 0-255

Radius client authentication

timeout Type.

Radius client authentication

timeout Type.

7.5 dot11 profile delete <profile_name>

1 <profile_name> Deletes an 802.11 profile. String

80

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

7.6 dot11 accesspoint add <ap_name>

1 <ap_name>

2 save

3 cancel

4 exit

5 profile

6 wlan_partition

7 enable_active_time Setting time. Boolean choice

8

9 start Setting the time limits. 10 stop Setting the time limits. 11 start hour Setting the time limits. H(1-12) using 12 hour clock 12 stop hour Setting the time limits. H(1-12) using 12 hour clock

13 start minute Setting the time limits.

14 stop minute Setting the time limits.

15 start meridian Setting the time limits. Schedule Meridiem Types. 16 stop meridian Setting the time limits. Schedule Meridiem Types.

enable_schedule_co ntrol

802.11 access point configuration mode.

Saves AP configuration settings.

To revert to the previous AP configuration settings.

Saves AP configuration settings, and exit current mode.

Sets the 802.11 profile the AP will use.

Enables or Disables wlan_partition.

Enables/disables Schedule Control.

String

Boolean choice

minute in the format MM(00-

59)

minute in the format MM(00-

59)

7.7 dot11 accesspoint edit <ap_name>

1 <ap_name>

2 save

3 cancel

4 exit

5 profile

802.11 access point configuration mode

Saves AP configuration settings.

To revert to the previous AP configuration settings

Saves AP configuration settings, and exits current mode.

Sets the 802.11 profile the AP will use.

81

String

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Comman

d Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

6 wlan_partition

7 enable_active_time Setting time. Boolean choice

8

9 start Setting the time limits. 10 stop Setting the time limits. 11 start hour Setting the time limits. H(1-12) using 12 hour clock 12 stop hour Setting the time limits. H(1-12) using 12 hour clock

13 start minute Setting the time limits.

14 stop minute Setting the time limits.

15 start meridian Setting the time limits. Schedule Meridiem Types. 16 stop meridian Setting the time limits. Schedule Meridiem Types.

enable_schedule_co ntrol

Enables or Disables wlan_partition.

Enables/disables Schedule Control.

Boolean choice

minute in the format MM(00-

59)

minute in the format MM(00-

59)

7.8 dot11 accesspoint delete <ap_name>

1 <ap_name>

Deletes an 802.11 access point.

String

7.9 dot11 wds enable <radio_no>

1 <radio_no> Enables wds. Unsigned integer

7.10 dot11 wds disable <radio_no>

1 <radio_no> Disables wds. Unsigned integer

82

S.

No Command Name

Description

Type and Description

S.No

Command Name

Descr

iption

Type and Description

S.No

Command Name

Description

Type and Descriptio

n

S.No

Command Name

Description

Type and Description

S.No

Command Name

Descript

ion Type and Description

settings.

7.11 dot11 wds add_peer <radio_no> <mac_addr>

1

<radio_no> <mac_a ddr>

Adds peer mac address wds.

Unsigned integer MAC address AA:BB:CC:DD:EE:FF where each part is in the range 00-FF

7.12 dot11 wds delete_peer <radio_no> <mac_addr>

1

<radio_no> <mac_a ddr>

Deletes peer mac address wds.

Unsigned integer MAC address AA:BB:CC:DD:EE:FF where each part is in the range 00-FF

7.13 dot11 accesspoint disable <ap_name>

1 <ap_name>

Disables an 802.11 access point.

String

7.14 dot11 accesspoint enable <ap_name>

1 <ap_name>

Enables an 802.11 access point.

String

7.15 dot11 radio configure <radio_no>

1 <radio_no>

2 save

3 cancel

802.11 radio configuration mode.

Saves radio configuration settings.

To revert to the previous radio configuration

83

Unsigned integer

S.No

Command Name

Descript

ion Type and Description

Transmission Rate

S.No

Command Name

Description

Type and Description

4 exit

5 channel

6

7 operating_freqency

8 2.4mode Sets the dot11 radio mode. Dot11 Radio Mode 9 5mode Sets the dot11 radio mode. Dot11 Radio Mode

10 transmission_rate

11 channel_spacing

12 control_side_band

default-transmitpower

Saves radio configuration settings, and exit current mode.

Sets the channel used by radio.

Sets the default transmit power for APs using this radio.

Sets the dot11 radio operating frequency.

Sets the for the radio.

Sets the channel spacing for the radio.

Sets the contol band for radio.

Dot11 Radio Channels.

Dot11 Radio default transmit power.

Dot11 Radio operating frequency band

Dot11 Radio Transmission Rate

Radio Channel Spacing.

Dot11 Radio control band

7.16 dot11 radio advanced configure <radio_no>

1 <radio_no>

2 save

3 cancel

4 exit

5 beacon_interval

6 dtim_interval

7 rts_threshold

8

fragmentation_thres hold

802.11 AP advanced configuration mode.

Saves advanced AP configuration settings.

To revert to the previous advanced AP configuration settings.

Saves advanced AP configuration settings and exit current mode.

Sets the time between beacon transmissions (in milliseconds).

Sets the interval between delivery traffic indication messages.

Sets the Request to Send (RTS) threshold.

Sets the maximum length of the frame.

Unsigned integer

Dot11 BEACON Interval.

Dot11 Dtim Interval.

Dot11 Rts thresold Interval.

Dot11 Fragmentation Interval.

84

S.No

Command Name

Description

Type and Description

RTS/CTS

the retry limit for frame

rame

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

9 preamble_mode

10 protection_mode

11 short_retry_limit

12 long_retry_limit

13 power_save_enable

14 tx_antennas

15 rx_antennas

16 ampdu_enable Enables/Disables ampdu. Boolean choice.

Sets the 802.11b preamble type to be prepended to every frame

Enables/disables handshake before packet transmission.

Sets retransmission on transmission failure.

Sets the retry limit for f retransmission on transmission failure.

Enables/Disables power save mode.

Sets the no of transmit antennas to use.

Sets the no of receive antennas to use.

802.11b Preamble Types.

RTSCTS Protection mode.

802.11 Retry Limit.

Boolean choice.

Dot11 Antenna No.

7.17 dot11 accesspoint wps configure

1 save

2 cancel

3 exit

4 access_point Access point. String. 5 wps_status WPS status. WPS status. 6 configure_via_pin Configures WPS via PIN. Boolean choice. 7 configure_via_pbc Configures WPS via PBC. Boolean choice.

8 station_pin

Saves WPS configuration settings.

To revert to the previous WPS configuration settings

Saves WPS configuration settings, and exit current mode.

Sets the PIN for WPS config.

String.

7.18 dot11 accesspoint ACL configure <ap_name>

1 <ap_name>

802.11 AP ACL configuration mode.

85

String

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

2 save

3 cancel

4 exit

5 acl_policy

6 mac_address

Saves AP ACL configuration settings.

To revert to the previous AP ACL configuration settings.

Saves the AP ACL configuration settings, and exit current mode.

Sets the accesspoint ACL Policy.

Sets the accesspoint mac address.

7.19 dot11 accesspoint acl delete_mac_address <rowid>

1 <rowid>

Deletes acl mac address entry.

Accesspoint ACL Policy type.

MAC address AA:BB:CC:DD:EE:FF where each part is in the range 00FF.

Unsigned integer.

86

S.No

Command Name

Description

Type and Description

Second alternative

second alternative

NT Domain server

Chapter 8. Configuration commands

under branch SYSTEM

8.1 System NT-Domain-Settings

save

2 exit

3 cancel

4

5

6

7 workgroup

8 second_workgroup

9 third_workgroup

10 timeout

11 retries

12 first_admin_name

13 first_admin_passwd

14

15

16

Authentication_Serv er_1

Authentication_Serv er_2

Authentication_Serv er_3

first_admin_hostna me

second_admin_nam e

second_admin_pass wd

Saves NT Domain configuration settings.

Saves the NT Domain configuration settings and exit.

To revert to the previous configuration settings.

Sets the primary server IP address.

Sets the server IP address.

Sets the third alternative server IP address.

Sets the NT Domain Workgroup.

Sets the Workgroup.

Sets the Third alternative Workgroup.

Sets the connection timeout.

Sets the connection retry attempts.

Sets the NT Domain first server admin name.

Sets the NT Domain first server admin password.

Sets the NT Domain first server admin hostname.

Sets the NT Domain second server admin name.

Sets the NT Domain second server admin password.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

String

Unsigned integer

String

87

S.No

Command Name

Description

Type and Description

17

18 third_admin_name

19 third_admin_passwd

20

21 serverCheck

second_admin_host name

third_admin_hostna me

Sets the NT Domain second server admin hostname.

Sets the NT Domain third server admin name.

Sets the NT Domain third server admin password.

Sets the NT Domain third server admin hostname.

Checks the reachability of configured servers.

String

8.2 system Active-Directory-Settings

S.No Command Name Description Type and Description

1 save

2 exit

3 cancel

4

5

6

7

8

9

10 timeout

11 retries

12 first_admin_name

Authentication_Serv er_1

Authentication_Serv er_2

Authentication_Serv er_3

Active_Directory_Do main

Second_Active_Dire ctory_Domain

Third_Active_Direct ory_Domain

Saves Active Directory Configuration settings.

Saves Active Directory configuration settings and exit.

To revert to the previous configuration settings.

Sets the primary server IP address.

Sets the second alternative server IP address.

Sets the third alternative server IP address.

Sets the Active Directory Domain.

Sets the Second Alternative Active Directory Domain.

Sets the Third Alternative Active Directory Domain.

Sets the Active Directory domain connection timeout.

Sets the Active Directory connection retry attempts.

Sets the Active Directory first server admin name.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

String

Unsigned integer

String

88

S.No

Command Name

Description

Type and Description

S.No Command Name Description Type and Description

Sets the Active Directory

13 first_admin_passwd

14

15

16

17

18 third_admin_name

19 third_admin_passwd

20

21 serverCheck

first_admin_hostna me

second_admin_nam e

second_admin_pass wd

second_admin_host name

third_admin_hostna me

first server admin password.

Sets the Active Directory first server admin hostname.

Sets the Active Directory second server admin name.

Sets the Active Directory second server admin password.

Sets the Active Directory second server admin hostname.

Sets the Active Directory third server admin name.

Sets the Active Directory third server admin password.

Sets the Active Directory third server admin hostname.

Checks the reachability of configured servers.

String

8.3 system LDAP_Settings

1 save

2 exit

3 cancel

4

5

6

Authentication_Serv er_1

Authentication_Serv er_2

Authentication_Serv er_3

Saves LDAP configuration settings.

Saves LDAP configuration settings and exit.

To revert to the previous configuration settings.

Sets the primary server IP address.

Sets the second alternative server IP address.

Sets the third alternative server IP address.

89

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

7 LDAP_Base_DN Sets the LDAP Base DN. String

8

9

10 LDAPAttribute1 Sets the LDAP Attribute 1. String 11 LDAPAttribute2 Sets the LDAP Attribute 2. String 12 LDAPAttribute3 Sets the LDAP Attribute 3. String 13 LDAPAttribute4 Sets the LDAP Attribute 4. String

14 timeout

15 retries

16 first_admin_name

17 first_admin_passwd

18

19

20 third_admin_name

21 third_admin_passwd

22 serverCheck

Second_LDAP_Bas e_DN

Third_LDAP_Base_ DN

second_admin_name Sets the LDAP second

second_admin_pass wd

Sets the second alternative LDAP Base DN.

Sets the Third alternative LDAP Base DN.

Sets the LDAP server connection timeout.

Sets the LDAP server connection retry attempts.

Sets the LDAP first server admin name.

Sets the LDAP first server admin password.

server admin name. Sets the LDAP second

server admin password. Sets the LDAP third server

admin name. Sets the LDAP third server

admin password. Checks the reachability of

configured servers.

String

Unsigned integer

String

8.4 system POP3_Settings

1 save

2 exit

3 cancel

4

5

POP3_Server_Configuration

Authentication_Serv er_1

Authentication_Serv er_2

Saves POP3 configuration settings.

Saves POP3 configuration settings and exit.

To revert to the previous configuration settings.

Sets the primary server. String

Sets the secondary server. String

90

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

logging configuration

ng configuration

6

7

8

9

10 SSL_Enable_1

11 SSL_Enable_2

12 SSL_Enable_3

13 CA_File_1 CAFILE for primary server. String

14 CA_File_2

15 CA_File_3 CAFILE for optional server. String

16 serverCheck

Authentication_Serv er_3

Authentication_Port _1

Authentication_Port _2

Authentication_Port _3

Sets the optional server. String

Sets the port for primary server.

Sets the port for secondary server.

Sets the port for optional server.

Enables the SSL for primary server.

Enables the SSL for secondary server.

Enables the SSL for optional server.

CAFILE for secondary server.

Checks the reachability of configured servers.

Port number

Boolean choice

String

8.5 system POP3_Settings POP3_Trusted_CA

1 exit

2 add Adds a certificate.

3 delete Deletes a certificate. String

Exits the POP3_Trusted_CA.

String IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

8.6 system logging ipv4 configure

1 save

2 exit

3 cancel

Saves settings.

Saves loggi settings and exit current mode.

To revert to the previous logging configuration settings.

91

S.No

Command Name

Description

Type and Description

4

5

6

7

8

9

10

11

12

13

14

15

16 unicast_traffic_logs

17

18

19

lan_wan_accept_pa cket_logs

lan_wan_drop_pack et_logs

wan_lan_accept_pa cket_logs

wan_lan_drop_pack et_logs

wan_dmz_accept_p acket_logs

wan_dmz_drop_pac ket_logs

dmz_wan_accept_p acket_logs

dmz_wan_drop_pac ket_logs

dmz_lan_accept_pa cket_logs

dmz_lan_drop_pack et_logs

lan_dmz_accept_pa cket_logs

lan_dmz_drop_pack et_logs

broadcast_or_multic ast_traffic_logs

source_mac_filter_lo gs

bandwidth_limit_logs Bandwidth Limit logs

LAN to wan accepted Pkts Enable/Disable.

LAN to wan dropped Pkts Enable/Disable.

Wan to lan accepted Pkts logs Enable/Disable.

Wan to lan dropped Pkts logs Enable/Disable.

Wan to dmz accepted Pkts logs Enable/Disable.

Wan to dmz dropped Pkts logs Enable/Disable.

DMZ to wan accepted Pkts logs Enable/Disable.

DMZ to wan dropped Pkts logs Enable/Disable.

DMZ to lan accepted Pkts logs Enable/Disable.

DMZ to lan dropped Pkts logs Enable/Disable.

LAN to dmz accepted Pkts logs Enable/Disable.

LAN to dmz dropped Pkts logs Enable/Disable.

All Unicast Traffic logs Enable/Disable.

All Broadcast/Multicast Traffic logs Enable/Disable.

Source mac filter logs Enable/Disable.

Enable/Disable.

Boolean choice

20 ftp_logs FTP logs Enable/Disable. Boolean choice

21 icmp_invalid_logs

22 icmp_redirect_logs

23 log_invalid_packet

Invalid ICMP Packets logs Enable/Disable.

Redirected ICMP Packets logs Enable/Disable.

Log invalid packet Enable/Disable.

Boolean choice

92

S.No

Command Name

Description

Type and Description

mail and

ether or not system

8.7 system logging facility configure <facility>

S.No Command Name Description Type and Description

1 <facility>

2 save

3 exit

4 cancel

5 level_options_set

System logging facility configuration mode.

Saves log Facility configuration settings.

Saves log facility configuration settings and exit current mode.

To revert to the previous log Facility configuration settings.

Sets level options. This command can run multiple times in this view to set different level options.

Logging Facility Type.

Logging Facility Type. Logging Level Options Type. Boolean choice.

8.8 system logging remote configure

1 save

2 exit

3 cancel

4 log_identifier

5 email_logs_enable

6 email_server

7 smtp_port

8

9

10

return_email_address Sets email address SMTP

send_to_email_addr ess

send_to_email_addr ess2

Saves remote Logging configuration settings.

Saves remote logging configuration settings and exit current mode.

To revert to the previous remote logging configuration settings.

Sets the log identifier prefixed to both, eSyslog messages.

Sets wh emails scheduled logs.

Sets options for emailing of logs.

The SMTP port of the email server.

server replies are sent. Sets email address where

logs and alerts will be sent. Sets email address where

logs and alerts will be sent.

String

Boolean choice

String

Port number

String

93

S.No

Command Name

Description

Type and Description

11

12 smtp_auth

13 smtp_auth type

14

send_to_email_addr ess3

smtp_auth username

Sets email address where logs and alerts will be sent.

Sets SMTP authentication details.

Sets SMTP authentication types.

Sets SMTP authentication username (for plain and CRAM-MD5 auth).

String

SMTP Authentication Types.

String

Sets SMTP authentication

15 smtp_auth password

password (for plain and

String

CRAM-MD5 auth). Enables Tls support (for

16 Tls_Enable

plain and CRAM-MD5

Boolean choice

auth).

17

identd_from_smtp_s erver_enable

18 schedule

Enables/Diables to identd from smtp server.

Sets schedule for sending log by email.

Boolean choice

19 schedule unit Sets schedule unit. Schedule Unit Types. 20 schedule day Sets schedule day. Schedule Day Types. 21 schedule time Sets schedule time. Schedule Time Units Types. 22 schedule meridiem Sets schedule meridiem. Schedule Meridiem Types. 23 syslog_server syslog

24

25

26

27

28

29

30

31

syslog_server server_name1

syslog_server server_name2

syslog_server server_name3

syslog_server server_name4

syslog_server server_name5

syslog_server server_name6

syslog_server server_name7

syslog_server server_name8

server1

server2

server3

server4

server5

server6

server7

server8

syslog_server

32

server_name1

Boolean Choice Y/N Boolean choice

enable

94

S.No

Command Name

Description

Type and Description

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

syslog_server server_name1 name

syslog_server server_name1 severity

syslog_server server_name1 facility

syslog_server server_name2 enable

syslog_server server_name2 name

syslog_server server_name2 severity

syslog_server server_name2 facility

syslog_server server_name3 enable

syslog_server server_name3 name

syslog_server server_name3 severity

syslog_server server_name3 facility

syslog_server server_name4 enable

syslog_server server_name4 name

syslog_server server_name4 severity

syslog_server server_name4 facility

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types

Boolean Choice Y/N. Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

Boolean Choice Y/N. Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

Boolean Choice Y/N Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

95

S.No

Command Name

Description

Type and Description

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

syslog_server server_name5 enable

syslog_server server_name5 name

syslog_server server_name5 severity

syslog_server server_name5 facility

syslog_server server_name6 enable

syslog_server server_name6 name

syslog_server server_name6 severity

syslog_server server_name6 facility

syslog_server server_name7 enable

syslog_server server_name7 name

syslog_server server_name7 severity

syslog_server server_name7 facility

syslog_server server_name8 enable

syslog_server server_name8 name

syslog_server server_name8 severity

Boolean Choice Y/N. Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

Boolean Choice Y/N. Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

Boolean Choice Y/N. Boolean choice

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255.

Sets Syslog severity. Syslog server severity types.

Sets Syslog facility. Syslog server facility ID types.

Boolean Choice Y/N. Boolean choice.

IP address

Sets Syslog server.

AAA.BBB.CCC.DDD where each part is in the range 0-255.

Sets Syslog severity. Syslog server severity types.

96

S.No

Command Name

Description

Type and Description

S.No

Command Name

Description

Type and Description

for the LAN to WAN Accept

for the WAN to LAN Accept

S.No

Command Name

Description

Type and Description

63

syslog_server server_name8 facility

Sets Syslog facility. Syslog server facility ID types.

8.9 system logging ipv6 configure

2 exit

3 cancel

4

5

6

7

lan_wan_accept_en able

lan_wan_drop_enab le

wan_lan_accept_en able

wan_lan_drop_enab le

Saves ipv6 logging configuration settings.

Saves ipv6 logging configuration settings, and exits current mode.

To revert to the previous ipv6 logging configuration settings.

Enasbles/Disables logging

packets. Enables/Disables logging

for the LAN to WAN Dropped packets.

Enables/Disables logging

packets. Enables/Disables logging

for the WAN to LAN Dropped packets.

Boolean choice

8.10 system Radius-Settings

1 save

2 exit

3 cancel

4

5

primary-radiusserver

secondary-radiusserver

Saves RADIUS configuration settings.

Saves RADIUS configuration settings and exit current mode.

To revert to the previous configuration settings

Sets Primary RADIUS server IP address.

Sets Secondary RADIUS server IP address.

97

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

S.No

Command Name

Description

Type and Description

Command

access Management

nt

6

7

8

9

10

11

12

13

14

15

16

17

18

19 serverCheck

optional-radiusserver

primary-serverauthentication-port

secondary-serverauthentication-port

optional-serverauthentication-port

primary-serversecret

secondary-serversecret

optional-serversecret

primary-servertimeout

secondary-servertimeout

optional-servertimeout

primary-serverretries

secondary-serverretries

optional-serverretries

Sets Optional RADIUS server IP address.

Sets Primary RADIUS server port.

Sets Secondary RADIUS server port.

Sets Optional RADIUS server port.

Sets Primary RADIUS server secret.

Sets Secondary RADIUS server secret.

Sets Optional RADIUS server secret.

Sets primary server connection timeout.

Sets secondary server connection timeout.

Sets optional server connection timeout.

Sets primary server connection retry attempts.

Sets secondary server connection retry attempts.

Sets optional server connection retry attempts.

Checks the reachability of configured servers.

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Port number

String

Radius server connection timeout in seconds

Radius server retries attempts.

8.11 system remote_management https

S.No

1 save

2 exit

3 cancel

4 enable

configure

Name

Description Type and Description

Saves settings for https.

Saves access Manageme settings for https and exit current mode.

To revert to the previous Remote Mgmt settings.

Enables/disables remote mgmt over https.

98

Boolean choice

Command

S.No

Command Name

Description

Type and Description

access Management

S.No

5 type

6 from_address

7 end_address

8 port

9

10

Name

enable_remote_sn mp

enable_remote_ssh Enables/disables remote

Description Type and Description

Enables/disables remote mgmt over https.

Sets the starting IP in case of range, and the IP to be allowed access in case of granting access to a particular machine

Sets the Ending IP in case of range.

Sets the port you want to use for HTTP.

Enables/disables remote snmp.

ssh.

Unsigned integer

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

Unsigned integer

Boolean choice

8.12 system remote_management telnet configure

1 save

2 exit

3 cancel

4 enable

5 type

6 from_address

7 to_address

aves

for telnet.

Saves settings for telnet and exit current mode.

To revert to the previous Remote Mgmt settings.

Enables/disables remote mgmt over telnet.

The kind of access you want to allow.

Sets the starting IP in case of range, and the IP to be allowed access in case of granting access to a particular machine.

Sets the Ending IP in case of range.

Boolean choice

Unsigned integer

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255

99

S

.No Command Name

Description

Type and Description

configurable settings

S.No

Command Name

Description

Type and Description

configurable settings

S.No

Command Name

Description

Type and Descri

ption

8.13 system sessionSettings admin configure

1 save

2 exit

3 cancel

4 SessionTimeout

Saves Configurable WAN settings.

Saves and exit current mode.

To revert to the previous Configurable Session settings settings.

Enters the Session timeout for the admin group.

Idle timeout value for user.

8.14 system sessionSettings guest configure

1 save

2 exit

3 cancel

4 SessionTimeout

Saves Configurable settings.

Saves and exit current mode.

To revert to the previous Configurable Session settings.

Enters the Session timeout for the guest group.

Idle timeout value for user.

8.15 system snmp trap configure <agent_ip>

1 <agent_ip>

2 save

3 exit

4 cancel

5 agent

6 snmp_version Snmp Version v1/v2/v3 String

SNMP trap configuration mode.

Saves SNMP trap configuration settings.

Saves SNMP trap configuration settings, and exit current mode.

To revert to the previous snmp configuration settings.

The IP address of the SNMP agent.

100

IP address AAA.BBB.CCC.DDD where each part is in the range 0-255.

D-link DSR-500AC, DSR-1000AC User Manual [ru]

Specifications and Main Features

Frequently Asked Questions

User Manual