D-link DXS-3250 User Manual
CLI Guide
Product Model : DXS-3200 Series
L2 Stackable Gigabit Mngd. Switch with Optional 10Gig Uplinks
Release 1
©Copyright 2005. All rights reserved.
Table of Contents
Section 1.Using the CLI......................................................................................................12
Overview........................................................................................................................................12
CLI Command Modes....................................................................................................................13
Introduction..............................................................................................................................................13
User EXEC Mode ....................................................................................................................................14
Privileged EXEC Mode............................................................................................................................14
Global Configuration Mode......................................................................................................................14
Interface Configuration and Specific Configuration Modes............................................... ... ....................15
Starting the CLI..............................................................................................................................15
Editing Features ............................................................................................................................16
Entering Commands................................................................................................................................16
Terminal Command Buffer................................................................................................................................. 17
Negating the Effect of Commands..................................................................................................................... 17
Command Completion ....................................................................................................................................... 17
Nomenclature..................................................................................................................................................... 17
Keyboard Shortcuts............................................................................................................................................ 18
CLI Command Conventions............................................................................................................................... 18
Copying and Pasting Text........................................................................................................................18
Section 2.AAA Commands................................................................................................. 20
aaa authentication login.......................................................................................................................20
aaa authentication enable....................................................................................................................22
login authentication..............................................................................................................................24
enable authentication...........................................................................................................................25
ip http authentication......................................................................... ... ... .............................................26
ip https authentication.................................................................................................... ... ...................27
show authentication methods...............................................................................................................28
password..............................................................................................................................................29
enable password..................................................................................................................................30
username.............................................................................................................................................31
Section 3.ACL Commands................................................................................................. 32
stack light unit ......................................................................................................................................32
ip access-list........................... .... .......................................................... ... ... ..........................................33
permit (ip).............................................................................................................................................34
deny (IP)...............................................................................................................................................37
mac access-list........................... ... .......................................................... ... ... .......................................39
permit (MAC)........................................................................................................................................40
deny (MAC)..........................................................................................................................................41
service acl.................................. ... ... ... .... .............................................................................................42
show access-lists.................................................................................................................................43
show interfaces access-lists.................................................................................................................44
Page 1
D-Link CLI Reference Guide
Section 4.Address Table Commands................................................................................ 46
bridge address..................................................................................................................................... 46
bridge multicast filtering....................................................................................................................... 47
bridge multicast address...................................................................................................................... 48
bridge multicast forbidden address...................................................................................................... 49
bridge multicast forward-all.................................................................................................................. 50
bridge multicast forbidden forward-all.................................................................................................. 51
bridge aging-time................................................................................................................................. 52
clear bridge.......................................................................................................................................... 53
port security......................................................................................................................................... 54
port security mode...............................................................................................................................55
port security routed secure-address.................................................................................................... 56
show bridge address-table .................................................................................................................. 57
show bridge address-table static......................................................................................................... 58
show bridge address-table count......................................................................................................... 59
show bridge multicast address-table ................................................................................................... 60
show bridge multicast filtering ............................................................................................................. 62
show ports security.............................................................................................................................. 63
show ports security addresses......................... ... ... ... .... ... ................................................................... 65
Section 5.Clock Commands............................................................................................... 68
clock set.................. ... .......................................................... ... .... ......................................................... 68
clock source.................. ... .... ... ... ... ........................................................... ... ... ... ... .... ... ......................... 69
clock timezone........................................ ... .... ... ... ... ... .... ... ... ... ............................................................. 70
clock summer-time ................................................. ... .... ......................................................................71
sntp authentication-key........................................................................................................................ 73
sntp authenticate................................................................................................................................. 74
sntp trusted-key................................................................................................................................... 75
sntp client poll timer............................................................................................................................. 76
sntp broadcast client enable................................................................................................................ 77
sntp anycast client enable ................................................................................................................... 78
sntp client enable (Interface) ............................................................................................................... 79
sntp unicast client enable.................................................................................................................... 80
sntp unicast client poll ......................................................................................................................... 81
sntp server........................................................................................................................................... 82
show clock........................................................................................................................................... 83
show sntp configuration....................................................................................................................... 84
show sntp status.................................................................................................................................. 85
Section 6.Configuration and Image File Commands....................................................... 86
copy..................................................................................................................................................... 86
delete................................................................................................................................................... 89
boot system......................................................................................................................................... 90
show running-config ............................................................................................................................ 91
show startup-config ............................................................................................................................. 92
show bootvar....................................................................................................................................... 93
Page 2
Section 7.Ethernet Configuration Commands ................................................................. 94
interface ethernet.................................................................................................................................94
interface range ethernet.......................................................................................................................95
shutdown..............................................................................................................................................96
description............................................................................................................................................97
speed ...................................................................................................................................................98
duplex...................................................................................................................................................99
negotiation..........................................................................................................................................100
flowcontrol..........................................................................................................................................101
mdix....................................................................................................................................................102
back-pressure ....................................................................................................................................103
port jumbo-frame................................................................................................................................104
clear counters.....................................................................................................................................105
set interface active.............................................................................................................................106
show interfaces advertise...................................................................................................................107
show interfaces configuration.............................................................................................................109
show interfaces status........................................................................................................................111
show interfaces description................................................................................................................113
show interfaces counters ...................................................................................................................114
show ports jumbo-frame.....................................................................................................................117
port storm-control include-multicast (GC) ..........................................................................................118
port storm-control include-multicast (IC)............................................................................................119
port storm-control broadcast enable ..................................................................................................120
port storm-control broadcast rate.......................................................................................................121
show ports storm-control....................................................................................................................122
Section 8.GVRP Commands ............................................................................................ 124
gvrp enable (Global)...........................................................................................................................124
gvrp enable (Interface).......................................................................................................................125
garp timer...........................................................................................................................................126
gvrp vlan-creation-forbid ....................................................................................................................127
gvrp registration-forbid.......................................................................................................................128
clear gvrp statistics.............................................................................................................................129
show gvrp configuration.....................................................................................................................130
show gvrp statistics............................................................................................................................131
show gvrp error-statistics...................................................................................................................132
Section 9.IGMP Snooping Commands............................................................................ 134
ip igmp snooping (Global)..................................................................................................................134
ip igmp snooping (Interface)...............................................................................................................135
ip igmp snooping mrouter learn-pim-dvmrp .......................................................................................136
ip igmp snooping host-time-out..........................................................................................................137
ip igmp snooping mrouter-time-out ....................................................................................................138
ip igmp snooping leave-time-out........................................................................................................139
show ip igmp snooping mrouter.........................................................................................................140
show ip igmp snooping interface........................................................................................................141
show ip igmp snooping groups...........................................................................................................142
Page 3
D-Link CLI Reference Guide
Section 10.IP Addressing Commands............................................................................ 144
ip address...................................................................... ... ... ... ........................................................... 144
ip address dhcp................................ ... ... ... .... ... ... .......................................................... .................... 145
ip default-gateway ..................................... .... ... ... ... ... .... .................................................................... 146
show ip interface................................................................................................................................ 147
arp ..................................................................................................................................................... 148
arp timeout......................................................................................................................................... 149
ip proxy-arp................... ... .... .......................................................... ... ... .............................................. 150
clear arp-cache.................................................................................................................................. 151
show arp............................................................................................................................................ 152
interface ip.........................................................................................................................................153
directed-broadcast............................................................................................................................. 154
broadcast-address............................................................................................................................. 155
helper-address................................................................................................................................... 156
ip domain-lookup.............................. ... ... ... .... ... ... ... ... .... ... ................................................................. 158
ip domain-name............................................. ... ... ... ... .... ... ... ... ........................................................... 159
ip name-server................. .... ... ... ... ........................................................... ... ... ... ... .... ... ... .................... 160
ip host..................................................................... ........................................................................... 161
clear host...........................................................................................................................................162
clear host dhcp.................................................................................................................................. 163
show hosts.........................................................................................................................................164
Section 11.IP Routing Commands .................................................................................. 166
ip route.................... ... .......................................................... .............................................................. 166
show ip route..................................................................................................................................... 167
Section 12.LACP Commands........................................................................................... 170
lacp system-priority.......... .... ... ... .......................................................... .... ... ... ... ... .... .......................... 170
lacp port-priority...................................... ... .... .......................................................... ... ....................... 171
lacp timeout............................ ... ... .... ... ... .......................................................... ... .... ... ....................... 172
show lacp ethernet ............................................................................................................................ 173
show lacp port-channel...................................................................................................................... 175
Section 13.Line Commands............................................................................................. 176
line..................................................................................................................................................... 176
speed................................................................................................................................................. 177
autobaud............................................................................................................................................ 178
exec-timeout...................................................................................................................................... 179
history................................................................................................................................................ 180
history size.............. ... ... .......................................................... .... ... .................................................... 181
terminal history.................................................................................................................................. 182
terminal history size........................................................................................................................... 183
show line............................................................................................................................................ 184
Section 14.Management ACL Commands...................................................................... 186
management access-list.................................................................................................................... 186
permit (Management)........................................................................................................................ 188
Page 4
deny (Management)...........................................................................................................................189
management access-class.................................................................................................................190
show management access-list...........................................................................................................191
show management access-class .......................................................................................................192
Section 15.PHY Diagnostics Commands........................................................................ 194
test copper-port tdr. ... .... ... ... ...............................................................................................................194
show copper-ports tdr ........................................................................................................................195
show copper-ports cable-length.........................................................................................................196
show fiber-ports optical-transceiver ...................................................................................................197
Section 16.Port Channel Commands.............................................................................. 200
interface port-channel ........................................................................................................................200
interface range port-channel..............................................................................................................201
channel-group....................................................................................................................................202
show interfaces port-channel.............................................................................................................203
Section 17.Port Monitor Commands...............................................................................204
port monitor........................................................................................................................................204
port monitor vlan-tagging ...................................................................................................................205
show ports monitor.............................................................................................................................206
Section 18.Power over Ethernet Commands .................................................................208
power inline............................ .... ... ... .......................................................... ... .... ... ..............................208
power inline powered-device............................... .... ... ... ... .... ... ... ... .... ... ... ... ... .... ... ..............................209
power inline priority............................................................................................................................210
power inline usage-threshold........................................... .... ... ...........................................................211
power inline traps enable...................................................................................................................212
show power inline...............................................................................................................................213
Section 19.QoS Commands............................................................................................. 216
qos .....................................................................................................................................................216
show qos............................................................................................................................................217
class-map...........................................................................................................................................218
show class-map .................................................................................................................................219
match access-group................................................... ... ... .... ..............................................................220
policy-map..........................................................................................................................................221
class...................................................................................................................................................222
show policy-map ................................................................................................................................223
trust cos-dscp.....................................................................................................................................224
set ......................................................................................................................................................225
police..................................................................................................................................................226
service-policy .....................................................................................................................................227
qos aggregate-policer ......... ... ........................................................... ... ... ... ... .... ... ... ...........................228
show qos aggregate-policer...............................................................................................................230
police aggregate.................................................................................................................................231
wrr-queue cos-map............................................................................................................................232
Page 5
D-Link CLI Reference Guide
wrr-queue bandwidth......................................................................................................................... 233
priority-queue out num-of-queues ..................................................................................................... 234
traffic-shape....................................................................................................................................... 235
show qos interface............................................................................................................................. 236
qos wrr-queue threshold................................................ ... ................................................................. 238
qos map policed-dscp....................... ... ... ... .... ... ... ... ... .... .................................................................... 239
qos map dscp-queue................. ... .... ... ... ... .... ... ... ... ... .... ... ... .............................................................. 240
qos trust (Global).......... ... .... ... ... .......................................................... .... ... ... ... ... .... ... ....................... 241
qos trust (Interface) ............................................. ... ... .... ... ... ... .... ... ... ... .............................................. 242
qos cos................................... .......................................................... ... .... .......................................... 243
qos dscp-mutation .................. ... ... ........................................................... ... ... .................................... 244
qos map dscp-mutation................................. ... ... ... ... .... ... ... ... .... ... .................................................... 245
Section 20.Radius Commands ........................................................................................ 246
radius-server host.............................................................................................................................. 246
radius-server key............................................................................................................................... 248
radius-server retransmit..................................................................................................................... 249
radius-server source-ip...................................................................................................................... 250
radius-server timeout......................................................................................................................... 251
radius-server deadtime...................................................................................................................... 252
show radius-servers .......................................................................................................................... 253
Section 21.RMON Commands ......................................................................................... 254
show rmon statistics .......................................................................................................................... 254
rmon collection history............................................ ... .... ... ... ... .... ... ... ... .... ... ....................................... 256
show rmon collection history ............................................................................................................. 257
show rmon history ............................................................................................................................. 258
rmon alarm ................................................ .... ... ... ... ... ........................................................................ 261
show rmon alarm-table...................................................................................................................... 263
show rmon alarm............................................................................................................................... 264
rmon event.................... ... .... ... .......................................................... ... .... ... ... ... ... .............................. 266
show rmon events ............................................................................................................................. 267
show rmon log ................................................................................................................................... 268
rmon table-size............. ... ........................................................... ... ... ... .............................................. 270
Section 22.SNMP Commands.......................................................................................... 272
snmp-server community.................................................................................................................... 272
snmp-server view ................................................... ... .... ... ... ... .... ... ... ... .... .......................................... 274
snmp-server group ............................................................................................................................ 275
snmp-server user............. .... .......................................................... ... ... .... .......................................... 276
snmp-server engineID local............................................................................................................... 278
snmp-server enable traps.................................................................................................................. 280
snmp-server filter............................................................................................................................... 281
snmp-server host............................................................................................................................... 282
snmp-server v3-host.......................................................................................................................... 283
snmp-server trap authentication........................................................................................................ 284
snmp-server contact.......................................................................................................................... 285
Page 6
snmp-server location..................................................... ... .... ... ... ........................................................286
snmp-server set .................................................................................................................................287
show snmp.........................................................................................................................................288
show snmp engineid ..........................................................................................................................290
show snmp views...............................................................................................................................291
show snmp groups.............................................................................................................................292
show snmp filters ...............................................................................................................................294
show snmp users...............................................................................................................................295
Section 23.Spanning-Tree Commands ........................................................................... 296
spanning-tree.....................................................................................................................................296
spanning-tree mode......................................... ... .... ... ... ... .... ... ... ........................................................297
spanning-tree forward-time................................................................................................................298
spanning-tree hello-time.....................................................................................................................299
spanning-tree max-age......................................................................................................................300
spanning-tree priority .......... ... .... ... ... ... .... ... ........................................................................................301
spanning-tree disable .... ... ... .......................................................... .... ... ... ... ... .... .................................302
spanning-tree cost............................... .... ... ... ... ... ........................................................... ....................303
spanning-tree port-priority..................................................................................................................304
spanning-tree portfast........................................................................................................................305
spanning-tree link-type............................................... ... ... .... ... ... ... .... ... ..............................................306
spanning-tree pathcost method..........................................................................................................307
spanning-tree bpdu....................................... ... ... .... ... ... ... .... ..............................................................308
clear spanning-tree detected-protocols..............................................................................................309
spanning-tree mst priority........................ ... ........................................................................................310
spanning-tree mst max-hops............................ ... .... ... ... ... .... ..............................................................311
spanning-tree mst port-priority...........................................................................................................312
spanning-tree mst cost............................................... ... ... .... ..............................................................313
spanning-tree mst configuration.........................................................................................................314
instance (mst).....................................................................................................................................315
name (mst).......................... ... .... ... .......................................................... ... ... .....................................316
revision (mst)......................................................................................................................................317
show (mst)..........................................................................................................................................318
exit (mst) ............................................................................................................................................319
abort (mst) . .......................................................... .... ... ... .....................................................................320
spanning-tree guard root.. ..................................................................................................................321
show spanning-tree............................................................................................................................322
Section 24.SSH Commands............................................................................................. 334
ip ssh port...................................... ... ... .... ... ... .......................................................... ... ........................334
ip ssh server.. ... ... ... ... ........................................................... ... ... ... .... ... ... ...........................................335
crypto key generate dsa.....................................................................................................................336
crypto key generate rsa......................................................................................................................337
ip ssh pubkey-auth........................... ... .... ... ... ... ... ........................................................... ... .................338
crypto key pubkey-chain ssh..............................................................................................................339
user-key .............................................................................................................................................340
key-string............................................................................................................................................341
Page 7
D-Link CLI Reference Guide
show ip ssh........................................................................................................................................ 343
show crypto key mypubkey ............................................................................................................... 344
show crypto key pubkey-chain ssh.................................................................................................... 345
Section 25.Syslog Commands......................................................................................... 346
logging on.......................................................................................................................................... 346
logging............................................................................................................................................... 347
logging console.................................................................................................................................. 348
logging buffered................................................................................................................................. 349
logging buffered size ......................................................................................................................... 350
clear logging...................................................................................................................................... 351
logging file ......................................................................................................................................... 352
clear logging file................................................................................................................................. 353
aaa logging login ...............................................................................................................................354
file-system logging............................................................................................................................. 355
management logging......................................................................................................................... 356
show logging......................................................................................................................................357
show logging file................................................................................................................................359
show syslog-servers.......................................................................................................................... 361
Section 26.System Management Commands................................................................. 362
ping.................................................................................................................................................... 362
traceroute .......................................................................................................................................... 364
telnet.................................................................................................................................................. 366
resume............................................................................................................................................... 369
reload................................................................................................................................................. 370
hostname........................................................................................................................................... 371
stack master...................................................................................................................................... 372
stack reload....................................................................................................................................... 373
stack display-order ............................................................................................................................ 374
stack light unit.................................................................................................................................... 375
show stack......................................................................................................................................... 376
set system mode ............................................................................................................................... 378
show system mode............................................................................................................................ 379
show users ........................................................................................................................................ 380
show sessions................................................................................................................................... 381
show system...................................................................................................................................... 382
show version......................................................................................................................................383
service cpu-utilization ................... .... ... .......................................................... ... ... .............................. 384
show cpu utilization ........................................................................................................................... 385
Section 27.TACACS+ Commands ................................................................................... 386
tacacs-server host............................................................................................................................. 386
tacacs-server key ... ... ... ... .... .............................................................................................................. 388
tacacs-server timeout................................ .... ... ... ... ... .... ... ... ... .... ... ... ... .............................................. 389
tacacs-server source-ip..................................................................................................................... 390
show tacacs....................................................................................................................................... 391
Page 8
Section 28.User Interface Commands ............................................................................392
do.......................................................................................................................................................392
enable ................................................................................................................................................392
disable................................................................................................................................................394
login....................................................................................................................................................395
configure ............................................................................................................................................396
exit (Configuration).............................................................................................................................397
exit......................................................................................................................................................398
end.....................................................................................................................................................399
help ....................................................................................................................................................400
terminal data-dump............................................................................................................................401
show history.......................................................................................................................................402
show privilege ....................................................................................................................................403
Section 29.VLAN Commands........................................................................................... 404
vlan database... ... ... ... ........................................................... ... ... ... .... ... ... ...........................................404
vlan.....................................................................................................................................................405
interface vlan......................................................................................................................................406
interface range vlan............................................................................................................................407
name..................................................................................................................................................408
switchport protected...........................................................................................................................409
switchport mode.................................................................................................................................410
switchport access vlan.......................................................................................................................411
map protocol protocols-group ............................................................................................................412
switchport trunk allowed vlan........................ ... ... ...............................................................................413
switchport trunk native vlan................................................................................................................414
switchport general allowed vlan....................................... .... ... ... ... .....................................................415
switchport general map protocols-group vlan ....................................................................................416
switchport general pvid ......................................................................................................................417
switchport general ingress-filtering disable ........................................................................................418
switchport general acceptable-frame-type tagged-only .....................................................................419
switchport forbidden vlan ........................................................ ... ... .....................................................420
ip internal-usage-vlan .... ... ... ... .... ... ... ... .......................................................... .... ... ... ... .... ... .................421
show vlan...........................................................................................................................................422
show vlan internal usage....................................................................................................................423
show interfaces switchport.................................................................................................................424
Section 30.Web Server Commands................................................................................. 428
ip http server .............................................................. ........................................................................428
ip http port........................................... .... ... .......................................................... ... ... ........................429
ip https server................................ ... ... .... .......................................................... ... ... ... ........................430
ip https port ............... ........................................................... ... ... ........................................................431
crypto certificate generate....................................................... ... ... .... ... ... ... ... .... .................................432
crypto certificate request..................... .... ... ... ... ... .... ... ... ... .... ... ... ........................................................433
crypto certificate import.................... ... .... ... ... ... ... .... ... ... ... .... ..............................................................435
ip https certificate.......................................... ... ... .... ... ... ... .... ... ...........................................................436
show crypto certificate mycertificate ..................................................................................................437
Page 9
D-Link CLI Reference Guide
show ip http ....................................................................................................................................... 438
show ip https......................................................................................................................................439
Section 31.802.1x Commands ......................................................................................... 440
aaa authentication dot1x default........................................................................................................ 440
dot1x system-auth-control......................... .... ... ... ... ... .... .................................................................... 441
dot1x port-control................. .......................................................... ... ... .... ... ... ... ... .............................. 442
dot1x re-authentication........... ........................................................................................................... 443
dot1x timeout re-authperiod................. ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... .............................................. 444
dot1x re-authenticate........................................ ... ... ... .... ... ... ... .... ....................................................... 445
dot1x timeout quiet-period................................................................................................................. 446
dot1x timeout tx-period........ ... ... ... ........................................................... ... ... ... ... .... ... ....................... 447
dot1x max-req.................................................................................................................................... 448
dot1x timeout supp-timeout.............................. ... ... ... .... ... ... ... .... ... ... ... .... ... ... ... ................................. 449
dot1x timeout server-timeout..... ... .... ... .......................................................... ... ... .... ... ... ... .... ............. 450
show dot1x ........................................................................................................................................ 451
show dot1x users...............................................................................................................................454
show dot1x statistics.......................................................................................................................... 456
ADVANCED FEATURES .................................... ... .......................................................... .... ... ... ....... 458
dot1x auth-not-req ............................................................................................................................. 458
dot1x multiple-hosts........................................................................................................................... 459
dot1x single-host-violation................................................................................................................. 460
dot1x guest-vlan .................. ... ... ... .... ... ... ... .... .......................................................... ... ... .................... 461
dot1x guest-vlan enable ................................................ ... ... ... .... ... ... ................................................. 462
show dot1x advanced........................................................................................................................ 463
Page 10
Page 11
D-Link CLI Reference Guide
Section 1. Using the CLI
Overview
This document describes the Command Line Interface (CLI) used to manage the D-Link family of managed
devices. This family includes:
DXS-3250 – Stackabel device with 48-port 10/100/1000BASE-T, 4 FSP ports, one Infiniband port and a 10G port.
DXS-3227P – Stackabel
two 10G ports.
DXS-3227 – Stackabel device with 24-port 10/100/1000BASE-T, with one XFP fixed port and two 10G ports.
The DXS-3250, DXS-3227P and DXS-3227 can operate as standalone systems, or can be stacked together in the
same system.
Most of the CLI commands are applicable to all devices.
This chapter describes how to start using the CLI and the CLI command editing features.
Power over Ethernet device with 24-port 10/100/1000BASE-T, with one XFP fixed port and
Page 12
Using the CLI
CLI Command Modes
CLI Command Modes
Introduction
To assist in configuring the device, the Command Line In terface (CLI) is divided into different command modes.
Each command mode has its own set of specific commands. Entering a question mark "?" at the system prompt
(console prompt) displays a list of commands available for that particular command mode.
From each mode a specific command is used to navigate from one command mode to another. The standard
order to access the modes is as follows: User EXEC mode, Privileged EXEC mode, Glob al Configuration mode,
and Interface Configuration mode. The following figure illustrates the command mode access path.
When starting a session, the initial mode is the User EXEC mode. Only a limited subset of commands are
available in User EXEC mode. This level is reserved for tasks that do not change the configuration. To enter the
next level, the Privileged EXEC mode, a password is required.
The Privileged EXEC mode gives access to commands that are restricted on User EXEC mode and provides
access to the device Configuration mode.
The Global Configuration mode manages the device configuration on a global level.
The Interface Configuration mode configures specific interfaces in the device.
Page 13
D-Link CLI Reference Guide
User EXEC Mode
After logging into the device, the user is automatically in User EXEC command mode unless the user is defined as
a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system
information.
The user-level prompt consists of the device host name followed by the angle bracket (>).
Console>
The default host name is Console unless it has been changed using the hostname command in the Global
Configuration mode.
Privileged EXEC Mode
Privileged access is password protected to prevent unauthorized use because many of the privileged commands
set operating system parameters. The password is not displayed on the screen and is case sensitive.
Privileged users enter directly into the Privileged EXEC mode. To enter the Privileged EXEC mode from the User
EXEC mode, perform the following steps:
1. At the prompt enter the enable command and press <Enter>. A password prompt is displayed.
2. Enter the password and press <Enter>. The password is displayed as *. The Privileged EXEC mode prompt
is displayed. The Privileged EXEC mode prompt consists of the device host name followed by #.
Console#
To return from the Privileged EXEC mode to the User EXEC mode, use the disable command. The following
example illustrates how to access the Privileged EXEC mode and return to the User EXEC mode:
Console>
Enter Password: ******
Console#
Console#
Console>
The exit command is used to return from any mode to the previous mode except when returning to the User
EXEC mode from the Privileged EXEC mode. For example, the exit command is used to return from th e Int erface
Configuration mode to the Global Configuration mode.
enable
disable
Global Configuration Mode
Global Configuration mode commands apply to features that affect the system as a whole, rather than just a
specific interface. The configure Privileged EXEC mode command is used to enter the Global Configuration
mode.
To enter the Global Configuration mode perform the following steps:
1. At the Privileged EXEC mode prompt enter the configure command and press <Enter>. The Global Configuration mode prompt is displayed. The Global Configuration mode prompt consists of the device host name
followed by (config) and #.
Console(config)#
Page 14
Using the CLI
Starting the CLI
To return from the Global Configuration mode to the Privileged EXEC mode, the user can use one of the following
commands:
• exit
• end
• Ctrl+Z
The following example illustrates how to access the Global Configuration mode and return to the Privileged EXEC
mode:
Console#
Console#
Console(config)#
Console#
configure
exit
Interface Configuration and Specific Configuration Modes
Interface Configuration mode commands modify specific interface operations. The following are the Interface
Configuration modes:
• Line Interface — Contains commands to configure the management connections. These include commands
such as line timeout settings, etc. The line Global Configuration mode command is used to enter the Line
Configuration command mode.
• VLAN Database — Contains commands to create a VLAN as a whole. The vlan database Global
Configuration mode command is used to enter the VLAN Database Interface Configuration mode.
• Management Access List — Contains commands to define management access-lists. The management
access-list Global Configuration mode command is used to enter the Management Access List Configuration
mode.
• Ethernet — Contains commands to manage port configuration. The interface ethernet Global Configuration
mode command is used to enter the Interface Configuration mode to configure an Ethernet type interface.
• Port Channel — Contains commands to configure port-channels, for example, assigning ports to a port-
channel. Most of these commands are the same as the commands in the Ethernet interface mode, and are
used to manage the member ports as a single entity. The interface port-channel Global Configuration mode
command is used to enter the Port Channel Interface Configuration mode.
• SSH Public Key-chain — Contains commands to manually specify other device SSH public keys. The
crypto key pubkey-chain ssh Global Configuration mode command is used to enter the SSH Publi c Key-
chain Configuration mode.
• QoS — Contains commands related to service definitions. The qos Global Configuration mode command is
used to enter the QoS services configuration mode.
• MAC Access-List— Configures conditions required to allow traffic based on MAC addresses. The mac
access-list Global Configuration mode command is used to enter the MAC access-list configuration mode..
Starting the CLI
The device can be managed over a direct connection to the device console port or via a Telnet connection. The
device is managed by entering command keywords and parameters at the prompt. Using the device commandline interface (CLI) is very similar to entering commands on a UNIX system.
If access is via a Telnet connection, ensure that the device has a defined IP address, corresponding management
access is granted, and the workstation used to access the device is connected to the device prior to using CLI
commands.
Page 15
D-Link CLI Reference Guide
Note
The following steps are for use on the console line only.
To start using the CLI, perform the following steps:
1. Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the device to the RS-232 serial
port of the terminal or computer running the terminal emulation application.
a) Set the data format to 8 data bits, 1 stop bit, and no parity.
b) Set Flow Control to none.
c) Under Properties, select VT100 for Emulation mode.
d) Select Te rminal keys for Function, Ar row, and Ctrl keys. Ensure that the setting is for Terminal ke ys
(not Windows keys).
Note
When using HyperTerminal with Microsoft® Windows 2000,ensure that Windows® 2000 Service Pack 2
or later is installed.With Windows 2000 Service Pack 2, the arrow keys function properly in
HyperTerminal’s VT100 emulation. Go to www.microsoft.com for information on Windows 2000 service
packs.
2. Enter the following commands to begin the configuration procedure:
Console>
Console#
enable
configure
Console(config)#
3. Configure the device and enter the necessary commands to complete the required tasks.
4. When finished, exit the session with the exit command.
When a different user is required to log onto the system, use the login Privileged EXEC mode command. This
effectively logs off the current user and logs on the new user.
Editing Features
Entering Commands
A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify
configuration parameters. For example, in the command show interfaces status ethernet 1/11, show,
interfaces and status are keywords, ethernet is an argument that specifies the interface type, and 1/11 specifies
the port.
To enter commands that require parameters, enter the required parameters after the command keyword. For
example, to set a password for the administrator, enter:
Console(config)#
When working with the CLI, the com m an d op t i o ns are not displayed. The command is not selected from a menu,
but is manually entered. To see what commands are available in each mode or within an interface configuration,
the CLI does provide a method of displaying the available commands, the command syntax requirements and in
some instances parameters required to complete the command. The standard command to request help is ?.
There are two instances where help information can be displayed:
username
admin
password
alansmith
Page 16
Using the CLI
Editing Features
• Keyword lookup — The character ? is entered in place of a command. A list of all valid commands and
corresponding help messages are is displayed.
• Partial keyword lookup — If a command is incomplete and or the character ? is entered in place of a
parameter. The matched keyword or parameters for this command are displayed.
To assist in using the CLI, there is an assortment of editing features. The following features are described:
• Terminal Command Buffer
• Command Completion
• Nomenclature
• Keyboard Shortcuts
Terminal Command Buffer
Every time a command is entered in the CLI, it is recorded on an internally managed Command History buffer.
Commands stored in the buffer are maintained on a First In First Out (FIF O) basis. These commands can be
recalled, reviewed, modified, and reissued. This buffer is not preserved across device resets.
Keyword Description
Up-arrow key
Ctrl+P
Down-arrow key Returns to more recent commands in the history buffer after recalling com-
Recalls commands in the history buffer, beginning with the most recent command. Repeats the key sequence to recall successively older commands.
mands with the up-arrow key. Repeating the key sequence will recall successively more recent commands.
By default, the history buffer system is enabled, but it can be disabled at any time. For information about the
command syntax to enable or disable the history buffer, see history.
There is a standard default number of commands that are stored in the buffer. The standard number of 10
commands can be increased to 216. By configuring 0, the effect is the same as disabling the history buffer
system. For information about the command syntax for configuring the command history buffer, see history size.
To display the history buffer, see show history.
Negating the Effect of Commands
For many configuration commands, the prefix keyword no can be entered to cancel the effect of a command or
reset the configuration to the default value. This guide describes the negation effect for all applicable commands.
Command Completion
If the command entered is incomplete, invalid or has missing or invalid parameters, then the appropriate error
message is displayed. This assists in entering the correct command. By pressing the <Tab> button, an incomplete
command is entered. If the characters already entered are not enough for the system to identify a single matching
command, press ? to display the available commands matching the characters already entered.
Nomenclature
When referring to an Ethernet port in a CLI command, the following format is used:
• For an Ethernet port on a standalone device: Ethernet_type port_number
• For an Ethernet port on a stacked device: unit_number/Ethernet_type port number
Page 17
The ports may be described on an individual basis or within a range. Use format port number-port number to
specify a set of consecutive ports and port number,port number to indicates a set of non-consecutive ports. For
example, 1-3 stands for Gigabit Ethernet ports 1, 2 and 3, and 1,5 stands for Gigabit Ethernet ports 1 and 5.
Keyboard Shortcuts
The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The following table describes
the CLI shortcuts.
Keyboard Key Description
Up-arrow key Recalls commands from the history buffer, beginning with the most recent command.
Repeat the key sequence to recall successively older commands.
Down-arrow key Returns the most recent commands from the history buffer after recalling commands with
the up arrow key. Repeating the key sequence will recall successively more recent com-
mands.
Ctrl+A Moves the cursor to the beginning of the command line.
Ctrl+E Moves the cursor to the end of the command line.
Ctrl+Z / End Returns back to the Privileged EXEC mode from any configuration mode.
Backspace key Deletes one character left to the cursor position.
CLI Command Conventions
When entering commands there are certain command entry standards that apply to all commands. The following
table describes the command conventions.
Convention Description
[ ] In a command line, square brackets indicates an optional entry.
{ } In a command line, curly brackets indicate a selection of compulsory parameters sepa-
rated by the | character. One option must be selected. For example: flowcontrol
{auto|on|off} means that for the flowcontrol command either auto, on or off must be
selected.
Italic font Indicates a parameter.
<Enter> Indicates an individual key on the keyboard. For example, <Enter> indicates the Enter
key.
Ctrl+F4 Any combination keys pressed simultaneously on the keyboard.
Screen Display
all When a parameter is required to define a range of ports or parameters and all is an
Indicates system messages and prompts appearing on the console.
option, the default for the command is all when no parameters are defined. For exam-
ple, the command interface range port-channel has the option of either entering a
range of channels, or selecting all. When the command is entered without a parameter,
it automatically defaults to all.
Copying and Pasting Text
Up to 1000 lines of text (i.e., commands) can be copied and pasted into the device.
Using the CLI
Editing Features
Note
It is the user’s responsibility to ensure that the text copied into the device consists of legal commands only.
This feature is dependent on the baud rate of the device.
When copying and pasting commands from a configuration file, make sure that the following conditions exist:
• A device Configuration mode has been accessed.
• The commands contain no encrypted data, like encrypted passwords or keys. Encrypted data cannot be
copied and pasted into the device.
Page 19
D-Link CLI Reference Guide
Section 2. AAA Commands
aaa authentication login
The aaa authentication login Global Configuration mode command defines login authentication. To return to the
default configuration, use the no form of this command.
Syntax
aaa authentication login {default | list-name} method1 [method2...]
no aaa authentication login {default | list-name}
Parameters
default — Uses the listed authentication methods that follow this argument as the default list of methods
•
when a user logs in.
• list-name — Character string used to name the list of authentication methods activated when a user logs in.
(Range: 1-12 characters).
• method1 [method2...] — Specify at least one from the following table:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACA CS+ servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command aaa authentication login list-
name local.
Note
On the console, login succeeds without any authentication check if the authentication method is not
defined.
Command Mode
Global Configuration mode
Page 20
AAA Commands
User Guidelines
The default and optional list names created with the aaa authentication login command are used with the login
authentication command.
Create a list by entering the aaa authentication login list-name method command for a particular protocol, where
list-name is any character string used to name this list. The method argument identifies the list of methods that the
authentication algorithm tries, in the given sequence.
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To
ensure that the authentication succeeds even if all methods return an error, specify none as the final method in
the command line.
Example
The following example configures the authentication login.
Console(config)#
aaa authentication login default radius local enable none
Page 21
D-Link CLI Reference Guide
aaa authentication enable
The aaa authentication enable Global Configuration mode command defines authentication method lists for
accessing higher privilege levels. To return to the default configuration, use the no form of this command.
Syntax
aaa authentication enable {default | list-name} method1 [method2...]
no aaa authentication enable {default | list-name}
Parameters
•
default — Uses the listed authentication methods that follow this argument as the default list of methods,
when using higher privilege levels.
• list-name — Character string used to name the list of authentication methods activated, when using access
higher privilege levels (Range: 1-12 characters).
• method1 [method2...] — Specify at least one from the following table:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication. Uses username $enabx$.,
where x is the privilege level.
tacacs Uses the list of all TACACS+ servers for authentication. Uses username
"$enabx$." where x is the privilege level.
Default Configuration
If the default list is not set, only the enable password is checked. This has the same effect as the command aaa
authentication enable default enable.
On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has
the same effect as using the command aaa authentication enable default enable none.
Command Mode
Global Configuration mode
User Guidelines
The default and optional list names created with the aaa authentication enable command are used with the
enable authentication command.
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To
ensure that the authentication succeeds even if all methods return an error, specify none as the final method in
the command line.
All aaa authentication enable default requests sent by the device to a RADIUS or TACACS+ server include the
username $enabx$., where x is the requested privilege level.
Page 22
AAA Commands
Example
The following example sets the enable password for authentication when accessing higher privilege levels.
Console(config)#
aaa authentication enable default enable
Page 23
D-Link CLI Reference Guide
login authentication
The login authentication Line Configuration mode command specifies the login authentication method list for a
remote telnet or console. To return to the default configuration specified by the aaa authentication login
command, use the no form of this command.
Syntax
login authentication {default | list-name}
no login authentication
Parameters
default — Uses the default list created with the aaa authentication login command.
•
• list-name — Uses the indicated list created with the aaa authentication login command.
Default Configuration
Uses the default set with the command aaa authentication login.
Command Mode
Line Configuration mode
User Guidelines
Changing login authentication from default to another value may disconnect the telnet session.
Example
The following example specifies the default authentication method for a console.
Console(config)#
Console(config-line)#
line console
login authentication default
Page 24
AAA Commands
enable authentication
The enable authentication Line Configuration mode command specifies the authentication method list when
accessing a higher privilege level from a remote Telnet or console. To return to the default configuration specified
by the aaa authentication enable command, use the no form of this command.
Syntax
enable authentication {default | list-name}
no enable authentication
Parameters
default — Uses the default list created with the aaa authentication enable command.
•
• list-name — Uses the indicated list created with the aaa authentication enable command.
Default Configuration
Uses the default set with the aaa authentication enable command.
Command Mode
Line Configuration mode
User Guidelines
There are no user guidelines for this command.
Example
The following example specifies the default authentication method when accessing a higher privilege level from a
console.
Console(config)#
Console(config-line)#
line console
enable authentication default
Page 25
D-Link CLI Reference Guide
ip http authentication
The ip http authentication Global Configuration mode command specifies authentication methods for HTTP
server users. To return to the default configuration, use the no form of this command.
Syntax
ip http authentication method1 [method2...]
no ip http authentication
Parameters
•
method1 [method2...] — Specify at least one from the following table:
Keyword Description
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command ip http authentication local.
Command Mode
Global Configuration mode
User Guidelines
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To
ensure that the authentication succeeds even if all methods return an error, specify none as the final method in
the command line.
Example
The following example configures the HTTP authentication.
Console(config)#
ip http authentication radius local
Page 26
AAA Commands
ip https authentication
The ip https authentication Global Configuration mode command specifies authentication methods for HTTPS
server users. To return to the default configuration, use the no form of this command.
Syntax
ip https authentication method1 [method2...]
no ip https authentication
Parameters
•
method1 [method2...] — Specify at least one from the following table:
Keyword Source or destination
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command ip https authentication local.
Command Mode
Global Configuration mode
User Guidelines
The additional methods of authentication are used only if the previous method returns an error, not if it fails. To
ensure that the authentication succeeds even if all methods return an error, specify none as the final method in
the command line.
Example
The following example configures HTTPS authentication.
Console(config)#
ip https authentication radius local
Page 27
D-Link CLI Reference Guide
show authentication methods
The show authentication methods Privileged EXEC mode command displays information abo ut the
authentication methods.
Syntax
show authentication methods
Default Configuration
This command has no default configuration.
Command Mode
Privileged EXEC mode
User Guidelines
There are no user guidelines for this command.
Example
The following example displays the authentication configuration.
Console#
Login Authentication Method Lists
--------------------------------Default: Radius, Local, Line
Console_Login:
Enable Authentication Method Lists
---------------------------------Default: Radius, Enable
Console_Enable:
Line Login Method List Enable Method List
-------------- ----------------- -----------------Console Console_Login Console_Enable
Telnet Default Default
SSH Default Default
http: Radius, Local
https: Radius, Local
dot1x: Radius
show authentication methods
Line, None
Enable, None
Page 28
AAA Commands
password
The password Line Configuration mode command specifies a password on a line. To remove the password, use
the no form of this command.
Syntax
password password [encrypted]
no password
Parameters
•
password — Password for this level (Range: 1-159 characters).
• encrypted — Encrypted password to be entered, copied from another device configuration.
Default Configuration
No password is defined.
Command Mode
Line Configuration mode
User Guidelines
If a password is defined as encrypted, the required password length is 32 characters.
Example
The following example specifies password secret on a console.
Console(config)#
Console(config-line)#
line console
password
secret
Page 29
Loading...