Hirschmann EAGLE 20, EAGLE 20 TX/TX, EAGLE 20 TX/MM, EAGLE 20 TX/SM, EAGLE 20 MM/TX Reference Manual
...
RM CLI EAGLE 20
Release 4.3 09/08
Technical Support
HAC-Support@hirschmann.de
Reference Manual
Command Line Interface (CLI)
Industrial ETHERNET Firewall
EAGLE 20
EAGLE 20 TX/TX
EAGLE 20 TX/MM
EAGLE 20 TX/SM
EAGLE 20 MM/TX
EAGLE 20 MM/MM
1
P
21
FAULT
LS/DA
21
k
STATUS
V.24
IP-ADDRESS
V.24
R
EAGLE 20
USB
+24V (P1)
FAULT
+24V (P2)
0V
0V
g
2
Aufkleber MAC-Adresse
1
P
21
FAULT
LS/DA
21
k
STATUS
V.24
IP-ADDRESS
V.24
R
EAGLE 20
USB
+24V (P1)
FAULT
+24V (P2)
0V
0V
g
2
Aufkleber MAC-Adresse
1
P
21
FAULT
LS/DA
21
k
STATUS
V.24
IP-ADDRESS
V.24
R
EAGLE 20
USB
+24V (P1)
FAULT
+24V (P2)
0V
0V
g
2
Aufkleber MAC-Adresse
1
P
21
FAULT
LS/DA
21
k
STATUS
V.24
IP-ADDRESS
V.24
R
EAGLE 20
USB
+24V (P1)
FAULT
+24V (P2)
0V
0V
g
2
Aufkleber MAC-Adresse
_
___________________________________________________________________________
_
Copyright (c) 2007-2008 Hirschmann Automation and Control GmbH
All rights reserved
EAGLE Release SDV-04.3.00
(Build date 2008-08-26 11:46)
System Name: EAGLE-000000
Netw. Mode : transparent
Mgmt-IP : a.b.c.d
Base-MAC : 00:80:63:62:B0:FF
System Time: WED JAN 02 01:26:13 2008
NOTE: Enter '?' for Command Help. Command help displays all options
that are valid .or the particular mode.
.or the syntax of a particular command form, please
consult the documentation.
!*(Hirschmann Eagle) >
_
___________________________________________________________________________
_
The naming of copyrighted trademarks in this manual, even when not specially indicated, should
not be taken to mean that these names may be considered as free in the sense of the trademark
and tradename protection law and hence that they may be freely used by anyone.
© 2008 Hirschmann Automation and Control GmbH
Manuals and software are protected by copyright. All rights reserved. The copying, reproduction,
translation, conversion into any electronic medium or machine scannable form is not permitted,
either in whole or in part. An exception is the preparation of a backup copy of the software for
your own use. For devices with embedded software, the end-user license agreement on the enclosed CD applies.
The performance features described here are binding only if they have been expressly guaranteed in the contract. This publication has been created by Hirschmann Automation and Control
GmbH according to the best of our knowledge. Hirschmann reserves the right to change the contents of this manual without prior notice. Hirschmann can give no guarantee in respect of the
correctness or accuracy of the details in this publication.
Hirschmann can accept no responsibility for damages, resulting from the use of the network
components or the associated operating software. In addition, we refer to the conditions of use
specified in the license contract.
Printed in Germany
Hirschmann Automation and Control GmbH
Stuttgarter Str. 45-51
72654 Neckartenzlingen
Germany
Tel.: +49 1805 141538
039 xxx-001-01-0908 – 29.9.08
Content
RM CLI EAGLE 20
Release 4.3 09/08
3
Content
About this Manual 5
Key 7
1 Introduction 8
1.1 Industrial ETHERNET Firewall 9
1.1.1 Application areas 9
1.1.2 Operating modes 9
1.2 User interfaces 11
1.3 Command Line Interface 12
2 Access to CLI 13
2.1 Preparing the connection 14
2.2 CLI via SSH (Secure Shell) 15
2.3 CLI via the V.24 port 19
3 Using the CLI 21
3.1 Mode-based command hierarchy 22
3.2 Executing commands 27
3.2.1 Syntax analysis 27
3.2.2 Command tree 27
3.2.3 Structure of a command 28
3.3 Properties of the CLI 31
3.3.1 Input prompt 31
3.3.2 Key combinations 32
3.3.3 Data entry elements 34
3.3.4 Line length 35
4Example 37
A Index 41
B Further support 43
Content
4
RM CLI EAGLE 20
Release 4.3 09/08
About this Manual
RM CLI EAGLE 20
Release 4.3 09/08
5
About this Manual
The "Command Line Interface" reference manual contains detailed information on using the Command Line Interface to operate the individual functions
of the device.
The “Configuration” user manual contains all the information you need to
start operating the Industrial ETHERNET Firewall EAGLE 20. It takes you
step by step from the first startup operation through to the basic settings for
operation in your environment.
The "Web-based Interface" reference manual contains detailed information
on using the Web interface to operate the individual functions of the device.
The “Installation” user manual contains a device description, safety instructions, a description of the display, and all the other information that you need
to install the device before you begin with the configuration of the device.
The Network Management Software HiVision provides you with additional
options for smooth configuration and monitoring:
X Event logbook.
X Configuration of „System Location“ and „System Name“.
X Configuration of the network address range and SNMP parameters.
X Saving the configuration on the device.
X Simultaneous configuration of multiple devices.
X Configuration of the port display color red for a connection error.
About this Manual
6
RM CLI EAGLE 20
Release 4.3 09/08
Key
RM CLI EAGLE 20
Release 4.3 09/08
7
Key
The designations used in this manual have the following meanings:
X List
Work step
Subheading
Link Indicates a cross-reference with a stored link
Note: A note emphasizes an important fact or draws your
attention to a dependency.
Courier ASCII representation in user interface
Introduction
8
RM CLI EAGLE 20
Release 4.3 09/08
1 Introduction
Introduction
RM CLI EAGLE 20
Release 4.3 09/08
1.1 Industrial ETHERNET Firewall
9
1.1 Industrial ETHERNET
Firewall
1.1.1 Application areas
The EAGLE 20 industrial firewall/VPN system ensures the authentication,
security and confidentiality of communication within production networks, but
also beyond company boundaries.
The EAGLE 20 supports the following network modes:
X Transparent Mode
X Router Mode
X PPPoE Mode
1.1.2 Operating modes
This device protects the network to be secured (secure port) from external
influences (non-secure port). These influences can include deliberate attacks
or unauthorized access attempts, as well as interfering network events such
as overloads.
State on delivery
On delivery, the device works in the Transparent Mode. In this mode, no
network settings (e.g., for subnetworks) are required for operation.
Introduction
10
1.1 Industrial ETHERNET Firewall
RM CLI EAGLE 20
Release 4.3 09/08
The firewall has been preconfigured so that all IP traffic from the secure
network is possible; however, traffic from the insecure network to the secure one is not possible. Thus, already in the delivery state, external attacks on the secure network are not possible.
Modes
X Transparent Mode
In transparent mode, the Firewall transmits on level 2 of the ISO/OSI
layer model. The IP address ranges before and after the Firewall are
located in the same subnetwork.
In the state on delivery, you can access the device via address
192.168.1.1/24 without configuring the IP address.
X Router Mode
In router mode, the Firewall transmits on level 3 of the ISO/OSI layer
model. The IP address ranges before and after the Firewall are located
in different subnetworks. You will find a detailed description of the IP
configuration in the “Basic Configuration” user manual of the EAGLE
20.
X PPPoE Mode
In PPPoE Mode, the EAGLE 20 works like in the router mode, with the
difference that the PPPoE protocol is used at the external port. This
enables Internet connections via a DSL modem, for example.
Introduction
RM CLI EAGLE 20
Release 4.3 09/08
1.2 User interfaces
11
1.2 User interfaces
The device has three user interfaces, which you can access via different
interfaces:
X System monitor via the V.24 interface (out-of-band)
X Command Line Interface (CLI) via the V.24 connection (out-of-band) or
via SSH (in-band)
X Web-based interface via Ethernet (in-band)
Introduction
12
1.3 Command Line Interface
RM CLI EAGLE 20
Release 4.3 09/08
1.3 Command Line Interface
The Command Line Interface enables you to use all the functions of the device via a local or remote connection. This enables you to securely administer
the firewall via V.24 or via the Secure Shell (SSH) protocol. You can also define rules to secure the access and the administration.
The Command Line Interface provides IT specialists with a familiar environment for configuring IT devices. As an experienced user or administrator, you
have knowledge about the basics and about using secure shell (SSH)
connections.
The “Command Line Interface” reference manual gives you step-by-step information on using the Command Line Interface (CLI) and its commands.
The commands in the Command Line Interface of the EAGLE 20 Firewall can
be divided into the following areas:
X Authentication
X Delete
X Copy
X Deny Service
X Device Status
X Interface
X Logging
X NAT (Network Address Translation)
X Network
X Packet Filter
X Profiles
X Signal Contact
X SNMP Trap (Simple Network Management Protocol)
X SNTP (Simple Network Time Protocol)
X Users
X Display
Access to CLI
RM CLI EAGLE 20
Release 4.3 09/08
1.3 Command Line Interface
13
2 Access to CLI
Access to CLI
14
2.1 Preparing the connection
RM CLI EAGLE 20
Release 4.3 09/08
2.1 Preparing the connection
Information for assembling and starting up your EAGLE 20 Industrial
ETHERNET Firewall can be found in the “Installation” user manual.
Information for configuring your EAGLE 20 Industrial ETHERNET Firewall
can be found in the “Configuration” user manual.
Connect your Firewall with the network.
The network parameters must be set correctly for the connection to be
successful.
You can access the user interface of the Command Line Interface with the
freeware program “PuTTY”. This program is located on the product CD.
Make sure that PuTTY is installed on your computer.
If the required programs are not already installed on your PC, please install them.
Loading...