HP A7500 Command Reference Manual

HP A7500 Switch Series

Fundamentals Command Reference

Part number: 5998-1877

Software version: Release 6626 and later

Document version: 6W101-20111130

Legal and notice information

No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice.

HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

CLI configuration commands······································································································································· 1

command-alias enable·············································································································································1 command-alias mapping ·········································································································································1 command-privilege···················································································································································2 display clipboard ·····················································································································································3 display command-alias ············································································································································4 display history-command ·········································································································································5 display hotkey···························································································································································5 hotkey ········································································································································································7 quit ·············································································································································································7 return··········································································································································································8 screen-length disable················································································································································8 super ··········································································································································································9 super authentication-mode···································································································································· 10 super password ····················································································································································· 11 system-view ····························································································································································12

Logging in to the switch commands··························································································································13

acl (user interface view)········································································································································ 13 activation-key ·························································································································································14 auto-execute command ········································································································································· 15 authentication-mode ·············································································································································· 17 command accounting············································································································································ 18 command authorization········································································································································ 19 databits··································································································································································· 19 display telnet client configuration ························································································································ 20 display user-interface ············································································································································ 21 display users ·························································································································································· 23 escape-key······························································································································································ 24 flow-control····························································································································································· 25 free user-interface ·················································································································································· 26 history-command max-size···································································································································· 27 idle-timeout ····························································································································································· 27 lock·········································································································································································· 28 modem···································································································································································· 29 modem auto-answer·············································································································································· 30 modem timer answer············································································································································· 30 parity······································································································································································· 31 protocol inbound ···················································································································································32 screen-length ··························································································································································32 send ········································································································································································ 33 set authentication password································································································································· 35 shell········································································································································································· 35 speed (user interface view)··································································································································· 36 stopbits···································································································································································· 37 telnet ······································································································································································· 38 telnet client source················································································································································· 39 telnet ipv6······························································································································································· 39 telnet server enable ··············································································································································· 40

terminal type ·························································································································································· 40 user privilege level ················································································································································41 user-interface·························································································································································· 42

FTP configuration commands ····································································································································44

FTP server configuration commands····························································································································· 44

display ftp-server···················································································································································· 44 display ftp-user······················································································································································· 45 free ftp user ···························································································································································· 46 ftp server acl ·························································································································································· 46 ftp server enable···················································································································································· 47 ftp timeout······························································································································································· 47 ftp update······························································································································································· 48

FTP client configuration commands ······························································································································ 49

ascii········································································································································································· 49 binary ····································································································································································· 49 bye ·········································································································································································· 50 cd ············································································································································································50 cdup········································································································································································ 51 close········································································································································································52 debugging······························································································································································ 52 delete ······································································································································································ 54 dir············································································································································································ 54 disconnect ······························································································································································ 55 display ftp client configuration····························································································································· 56 ftp ············································································································································································ 57 ftp client source······················································································································································ 58 ftp ipv6 ··································································································································································· 58 get ··········································································································································································· 60 lcd ··········································································································································································· 61 ls·············································································································································································· 61 mkdir······································································································································································· 62 open········································································································································································ 63 open ipv6······························································································································································· 64 passive···································································································································································· 64 put ··········································································································································································· 65 pwd········································································································································································· 66 quit ·········································································································································································· 66 remotehelp ····························································································································································· 67 rmdir ······································································································································································· 69 user ········································································································································································· 69 verbose ··································································································································································· 70

TFTP client configuration commands·························································································································72

display tftp client configuration···························································································································· 72 tftp-server acl·························································································································································· 72 tftp ··········································································································································································· 73 tftp client source····················································································································································· 75 tftp ipv6 ·································································································································································· 76

File management commands·····································································································································77

cd ············································································································································································77 copy ········································································································································································ 78 delete ······································································································································································ 79 dir············································································································································································ 81 execute ··································································································································································· 85

file prompt ······························································································································································ 86 fixdisk······································································································································································ 86 format······································································································································································ 87 mkdir······································································································································································· 87 more········································································································································································88 mount ······································································································································································ 90 move ······································································································································································· 91 pwd········································································································································································· 91 rename···································································································································································· 92 reset recycle-bin····················································································································································· 92 rmdir ······································································································································································· 94 umount ···································································································································································· 95 undelete·································································································································································· 96

Configuration file management commands·············································································································98

archive configuration ············································································································································ 98 archive configuration interval ······························································································································ 98 archive configuration location ····························································································································· 99 archive configuration max··································································································································101 backup startup-configuration······························································································································102 configuration replace file····································································································································102 display archive configuration·····························································································································103 display current-configuration······························································································································104 display saved-configuration ·······························································································································105 display startup ·····················································································································································107 display this ···························································································································································109 reset saved-configuration····································································································································110 restore startup-configuration·······························································································································111 save·······································································································································································112 slave auto-update config·····································································································································115 startup saved-configuration ································································································································116

Software upgrade commands································································································································ 118

boot-loader···························································································································································118 bootrom ································································································································································120 display boot-loader ·············································································································································123 display patch ·······················································································································································124 display patch information···································································································································125 patch active··························································································································································127 patch deactive ·····················································································································································128 patch delete ·························································································································································129 patch install··························································································································································130 patch load····························································································································································131 patch location ······················································································································································132 patch run ······························································································································································133

ISSU configuration commands······························································································································· 135

display issu rollback-timer···································································································································135 display issu state··················································································································································136 display version comp-matrix·······························································································································138 issu accept····························································································································································140 issu commit···························································································································································141 issu load ·······························································································································································143 issu rollback ·························································································································································146 issu rollback-timer ················································································································································147 issu run switchover ··············································································································································148

iii

Device management commands ···························································································································· 151

clock datetime······················································································································································151 clock summer-time one-off···································································································································151 clock summer-time repeating······························································································································152 clock timezone·····················································································································································153 copyright-info enable ··········································································································································154 display alarm ·······················································································································································155 display clock ························································································································································156 display cpu-usage················································································································································157 display cpu-usage history ···································································································································160 display device······················································································································································163 display device manuinfo·····································································································································165 display diagnostic-information ···························································································································167 display environment ············································································································································168 display fan ···························································································································································169 display job ···························································································································································170 display memory ···················································································································································171 display oem··························································································································································172 display power······················································································································································173 display schedule job ···········································································································································175 display schedule reboot······································································································································175 display switch-mode status ·································································································································176 display system-failure ··········································································································································177 display transceiver ··············································································································································178 display transceiver alarm ···································································································································180 display transceiver diagnosis·····························································································································182 display transceiver manuinfo ·····························································································································183 display version·····················································································································································184 display version-update-record ····························································································································186 header ··································································································································································187 job·········································································································································································188 loadsharing enable ·············································································································································189 monitor handshake-timeout disable-port ···········································································································189 mmu-monitor enable············································································································································190 oem hp··································································································································································191 reboot ···································································································································································192 reset unused porttag············································································································································193 reset version-update-record ································································································································194 schedule job·························································································································································194 schedule reboot at···············································································································································196 schedule reboot delay·········································································································································197 shutdown-interval·················································································································································198 strict-standby enable············································································································································199 switch-mode (for MPUs) ······································································································································199 switch-mode (for LPUs) ········································································································································201 switch-mode optional-proxy-board ····················································································································202 sysname································································································································································203 system-failure························································································································································203 temperature-limit ··················································································································································204 time at···································································································································································205 time delay·····························································································································································207 view ······································································································································································208

Index ········································································································································································ 210

CLI configuration commands

command-alias enable

Syntax

command-alias enable

undo command-alias enable

View

System view

Default level

2: System level

Parameters

None

Description

Use the command-alias enable command to enable the command alias function.

Use the undo command-alias enable command to disable the command alias function.

By default, the command alias function is disabled.

Related commands: command-alias mapping.

Examples

# Enable the command alias function.

<Sysname> system-view [Sysname] command-alias enable

# Disable the command alias function.

<Sysname> system-view [Sysname] undo command-alias enable

command-alias mapping

Syntax

command-alias mapping cmdkey alias

undo command-alias mapping cmdkey

View

System view

Default level

2: System level

Parameters

cmdkey: The complete form of the first keyword of a command.

alias: Specifies the command alias, which cannot be the same as the first keyword of an existing command.

Description

Use the command-alias mapping command to configure command aliases.

Use the undo command-alias mapping command to delete command aliases.

By default, a command has no alias.

The configured alias takes effect only after you enable the command alias function.

Examples

# Configure command aliases by specifying show to replace the display keyword.

<Sysname> system-view [Sysname] command-alias mapping display show

After configuring the command aliases, the display commands have their aliases. For example, if the original command is display clock, now its alias is show clock and you can input the alias to view the system time and date.

# Delete the command aliases by canceling the replacement of the display keyword.

<Sysname> system-view [Sysname] undo command-alias mapping display

command-privilege

Syntax

command-privilege level level view view command

undo command-privilege view view command

View

System view

Default level

3: Manage level

Parameters

level level: Command level, in the range of 0 to 3.

view view: Specifies a view. The value shell represents a user view. The view argument must be the view

where the command resides.

command: Command to be set in the specified view.

Description

Use the command-privilege command to assign a level for the specified command in the specified view.

Use the undo command-privilege view command to restore the default.

By default, each command in a view has a specified level.

Command levels include four privileges: visit (0), monitor (1), system (2), and manage (3). You can assign a privilege level according to the user’s need. When logging in to the switch, the user can access the assigned level and all levels below it.

• Level changes can cause maintenance, operation, and security problem. HP recommends that you

use the default command level or that you modify the command level under the guidance of professional staff.

• The command specified in the command-privilege command must be complete, and has valid

arguments. For example, the default level of the tftp server-address { get | put | sget }

source-filename [ destination-filename ] [ source { interface interface-type interface-number | ip source-ip-address } ] command is 3. After the command-privilege level 0 view shell tftp 1.1.1.1 put

a.cfg command is executed, when users with the user privilege level of 0 log in to the switch, they can execute the tftp server-address put source-filename command (such as the tftp 192 .168 .1. 26 put syslog.txt command), but cannot execute the command with the get, sget or source keyword, and cannot specify the destination-filename argument.

• The command specified in the undo command-privilege view command can be incomplete. For

example, after the undo command-privilege view system ftp command is executed, all commands starting with the keyword ftp (such as ftp server acl, ftp server enable, and ftp timeout) are restored to their default level. If you have modified the level of commands ftp server enable and ftp timeout, and you want to restore only the ftp server enable command to its default level, you should use the undo command-privilege view system ftp server command.

• If you modify the command level of a command in a specified view from the default command level

to a lower level, remember to modify the command levels of the quit c corresponding command used to enter this view. For example, the default command level of commands interface and system-view is 2 (system level). If you want to make the interface command available to the level 1 users, you need to execute the following three commands:

command-privilege level 1 view shell system-view, command-privilege level 1 view system interface GigabitEthernet 2/0/1, and command-privilege level 1 view system quit. Then, the level

1 users can enter system view, execute the interface GigabitEthernet command, and return to user view.

ommand and the

Examples

# Set the command level of the system-view command to 3 in system view. (By default, level 2 and level 3 users can use the system-view command. After the configuration, only level 3 users can use this command.)

<Sysname> system-view [Sysname] command-privilege level 3 view shell system-view

display clipboard

Syntax

display clipboard [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display clipboard command to view the contents of the clipboard.

To copy the specified content to the clipboard:

• Move the cursor to the starting position of the content and press the <Esc+Shift+,> combination.

• Move the cursor to the ending position of the content and press the <Esc+Shift+.> combination.

Examples

# View the content of the clipboard.

<Sysname> display clipboard

---------------- CLIPBOARD----------------display current-configuration

display command-alias

Syntax

display command-alias [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display command-alias command to display defined command aliases and the corresponding commands.

Examples

# Display the defined command aliases and the corresponding commands.

<Sysname> display command-alias Command alias is enabled index alias command key 1 show display

display history-command

Syntax

display history-command [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display history-command command to display commands saved in the history command buffer.

By default, the system saves the last 10 executed commands in the history command buffer.

To set the size of the history command buffer, use the history-command max-size command. For more information, see the chapter “Logging in to the switch commands.”

Examples

# Display history commands in current user view.

<Sysname> display history-command display history-command system-view vlan 2 quit

display hotkey

Syntax

display hotkey [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display hotkey command to display hotkey information.

Examples

# Display hotkey information.

<Sysname> display hotkey

----------------- HOTKEY -----------------

=Defined hotkeys= Hotkeys Command CTRL_G display current-configuration CTRL_L display ip routing-table CTRL_O undo debug all

=Undefined hotkeys= Hotkeys Command CTRL_T NULL CTRL_U NULL

=System hotkeys= Hotkeys Function CTRL_A Move the cursor to the beginning of the current line. CTRL_B Move the cursor one character left. CTRL_C Stop current command function. CTRL_D Erase current character. CTRL_E Move the cursor to the end of the current line. CTRL_F Move the cursor one character right. CTRL_H Erase the character left of the cursor. CTRL_K Kill outgoing connection. CTRL_N Display the next command from the history buffer. CTRL_P Display the previous command from the history buffer. CTRL_R Redisplay the current line. CTRL_V Paste text from the clipboard. CTRL_W Delete the word left of the cursor. CTRL_X Delete all characters up to the cursor. CTRL_Y Delete all characters after the cursor. CTRL_Z Return to the User View. CTRL_] Kill incoming connection or redirect connection. ESC_B Move the cursor one word back. ESC_D Delete remainder of word. ESC_F Move the cursor forward one word. ESC_N Move the cursor down a line. ESC_P Move the cursor up a line. ESC_< Specify the beginning of clipboard.

ESC_> Specify the end of clipboard.

hotkey

Syntax

hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U } command

undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U }

View

System view

Default level

2: System level

Parameters

CTRL_G: Associates hot key Ctrl+G to the specified command.

CTRL_L: Associates hot key Ctrl+L to the specified command.

CTRL_O: Associates hot key Ctrl+O to the specified command.

CTRL_T: Associates hot key Ctrl+T to the specified command.

CTRL_U: Associates hot key Ctrl+U to the specified command.

command: The command line associated with the hot key.

Description

Use the hotkey command to associate a hot key to a command.

Use the undo hotkey command to restore the default.

By default, Ctrl+G, Ctrl+L and Ctrl+O have these corresponding commands:

• Ctrl+G corresponds to display current-configuration.

• Ctrl+L corresponds to display ip routing-table.

• Ctrl+O corresponds to undo debugging all.

You can modify the associations as needed.

Examples

# Associate the hot key Ctrl+T to the display tcp status command.

<Sysname> system-view [Sysname] hotkey ctrl_t display tcp status

quit

Syntax

quit

View

Any view

Default level

0: Visit level (in user view)

2: System level (in other views)

Parameters

None

Description

Use the quit command to return to a lower-level view.

In user view, the quit command terminates the connection and reconnects to the switch.

Examples

# Switch from GigabitEthernet 2/0/1 interface view to system view, and then to user view.

[Sysname-GigabitEthernet2/0/1] quit [Sysname] quit <Sysname>

return

Syntax

return

View

Any view except user view

Default level

2: System level

Parameters

None

Description

Use the return command to return to user view from the current view, which can also be done with the hot key Ctrl+Z.

Related commands: quit.

Examples

# Return to user view from GigabitEthernet 2/0/1 view.

[Sysname-GigabitEthernet2/0/1] return <Sysname>

screen-length disable

Syntax

screen-length disable

undo screen-length disable

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use the screen-length disable command to disable the multiple-screen output function.

Use the undo screen-length disable command to enable the multiple-screen output function.

By default, a login user uses the settings of the screen-length command. The default settings of the screen-length command are: multiple-screen output is enabled and 24 lines are displayed on the next screen. (For more information about the screen-length command, see the chapter “Logging in to the switch commands.”)

Disabling the multiple-screen output function prevents you from viewing the information in time because the information refreshes continuously.

When the user logs out, the settings restore to their default values.

Examples

# Disable multiple-screen output for the current user.

<Sysname> screen-length disable

super

Syntax

super [ level ]

View

User view

Default level

0: Visit level

Parameters

level: User level, in the range of 0 to 3. The default value is 3.

Description

Use the super command to switch from the current user privilege level to a specified user privilege level.

If a level is not specified, the command switches the user privilege level to 3. Command levels include four privileges: visit (0), monitor (1), system (2), and manage (3). You can assign a privilege level according to the user’s need. When logging in to the switch, the user can access the assigned level and all levels below it.

A user can switch to a lower privilege level unconditionally. An AUX user can switch to a higher privilege level without inputting any password. A VTY user must input the switching password set by the super password command to switch to a higher privilege level. If the password is incorrect or no password is configured, the switching operation fails.

Examples

Related commands: super password.

# Switch to user privilege level 2 (The current user privilege level is 3.).

<Sysname> super 2 User privilege level is 2, and only those commands can be used

whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE

# Switch the user privilege level back to 3 (switching password 12 3 has been set. If no password is set, the user privilege level cannot be switched to 3.).

<Sysname> super 3 Password: User privilege level is 3, and only those commands can be used whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE

super authentication-mode

Syntax

super authentication-mode { local | scheme } *

undo super authentication-mode

View

System view

Default level

2: System level

Parameters

local: Authenticates a user by using the local password set with the super password command. When no

password is set with the super password command, two results can occur: The privilege level switch succeeds if the user is logged in through the console port. The switch fails if the user logs in through a VTY user interface or inputs an incorrect switch password.

scheme: AAA authentication. For more information about AAA, see Security Configuration Guide.

local scheme: First local and then scheme, which means to authenticate a user by using the local

password first. If no password is set for the user logged in through the console port, the privilege level switch succeeds. If no password is set for the user logged in through a VTY user interface, the AAA authentication is performed.

scheme local: First scheme and then local, which means that AAA authentication is performed first. If the AAA configuration is invalid (the domain parameters or authentication scheme are not configured) or the server does not respond, the local password authentication is performed.

Description

Use the super authentication-mode command to set the authentication mode for user privilege level switch.

Use the undo super authentication-mode command to restore the default.

By default, the authentication mode for the user privilege level switch is local.

Related commands: super password.

Examples

# Set the authentication mode for the user privilege level switch to local.

<Sysname> system-view [Sysname] super authentication-mode local

# Set the authentication mode for the user privilege level switch to scheme local.

<Sysname> system-view [Sysname] super authentication-mode scheme local

super password

Syntax

super password [ level user-level ] { simple | cipher } password

undo super password [ level user-level ]

View

System view

Default level

2: System level

Parameters

level user-level: User privilege level, in the range of 1 to 3. The default value is 3.

simple: Sets a password in plain text, and the password is displayed in plain text.

cipher: Sets a password in cipher text, and the password is displayed in cipher text.

password: Password, a case-sensitive string of characters.

• A simple password is a string of 1 to 16 characters.

• A cipher password is a string of 1 to 16 characters in plain text or 24 characters in cipher text. For

Description

Use the super password command to set the password used to switch from the current user privilege level to a higher one.

Use the undo super password command to restore the default.

By default, no password is set for switching to a higher privilege level.

• A cipher-text password is recommended because a simple-text password easily gets cracked.

• During authentication, you must input a simple-text password regardless of the password type you

Examples

# Set simple-text password abc for switching to user privilege level 3.

<Sysname> system-view [Sysname] super password level 3 simple abc

# Display the configured password for level switching.

[Sysname] display current-configuration # super password level 3 simple abc

example, the simple text “1234567” corresponds to the cipher text “(TT8F]Y\5SQ=^Q`MAF4<1!!”.

set.

# Set cipher-text password abc for switching to user privilege level 3.

<Sysname> system-view [Sysname] super password level 3 cipher abc

# Display the configured password for level switching.

[Sysname] display current-configuration | include super super password level 3 cipher ;)<01%^&;YGQ=^Q`MAF4<1!!

system-view

Syntax

system-view

View

User view

Default level

2: System level

Parameters

None

Description

Use the system-view command to enter system view from the current user view.

Related commands: quit, return.

Examples

# Enter system view from the current user view.

<Sysname> system-view System View: return to User View with Ctrl+Z. [Sysname]

Logging in to the switch commands

acl (user interface view)

Syntax

To use a basic or advanced ACL:

acl [ ipv6 ] acl-number { inbound | outbound }

undo acl [ ipv6 ] acl-number { inbound | outbound }

To use an Ethernet frame header ACL:

acl acl-number inbound

undo acl acl-number inbound

View

VTY user interface view

Default level

2: System level

Parameters

ipv6: When this keyword is present, the command supports IPv6; otherwise, it supports IPv4.

acl-number: Number of the access control list (ACL):

• Basic ACL: 2000 to 2999

• Advanced ACL: 3000 to 3999

• Ethernet frame header ACL: 4000 to 4999

inbound: Restricts Telnet or SSH connections established in the inbound direction through the VTY user interface. If the received packets for establishing a Telnet or SSH connection are permitted by an ACL rule, the connection is allowed to be established. When the device functions as a Telnet server or SSH server, this keyword is used to control access of Telnet clients or SSH clients.

outbound: Restricts Telnet connections established in the outbound direction through the VTY user interface. If the packets sent for establishing a Telnet connection are permitted by an ACL rule, the connection is allowed to be established. When the device functions as a Telnet client, this keyword is used to define Telnet servers accessible to the client.

Description

Use the acl command to reference ACLs to control access to the VTY user interface.

Use the undo acl command to cancel the ACL application. For more information about ACL, see ACL and QoS Configuration Guide.

By default, access to the VTY user interface is not restricted.

• If no ACL is referenced in VTY user interface view, the V TY user interface has no access control over

establishing a Telnet or SSH connection.

• If an ACL is referenced in VTY user interface view, the connection is permitted to be established

only when packets for establishing a Telnet or SSH connection match a permit statement in the ACL.

Examples

The system regards the basic/advanced ACL with the inbound keyword, the basic/advanced ACL with the outbound keyword, and Ethernet frame header ACL as different types of ACLs, which can coexist in one VTY user interface. The match order is basic/advanced ACL, Ethernet frame header ACL. At most one ACL of each type can be referenced in the same VTY user interface, and the last configured one takes effect.

# Allow only the user with the IP address of 192.168.1.26 to access the device through Telnet or SSH.

<Sysname> system-view [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 192.168.1.26 0 [Sysname-acl-basic-2001] quit [Sysname] user-interface vty 0 [Sysname-ui-vty0] acl 2001 inbound

After your configuration, user A (with IP address 192.168.1.26) can Telnet to the device while user B (with IP address 192.168.1.60) cannot Telnet to the device. Upon a connection failure, a message appears, saying "%connection closed by remote host!"

# Allow the device to only Telnet to the Telnet server with IP address 192.168.1.41.

<Sysname> system-view [Sysname] acl number 3001 [Sysname-acl-adv-3001] rule permit tcp destination 192.168.1.41 0 [Sysname-acl-adv-3001] quit [Sysname] user-interface vty 0 15 [Sysname-ui-vty0-15] acl 3001 outbound [Sysname-ui-vty0-15] return <Sysname>

After your configuration, if you Telnet to 192.168.1.46, your operation fails.

<Sysname> telnet 192.168.1.46 %Can't access the host from this terminal!

But you can Telnet to 192.168.1.41.

<Sysname> telnet 192.168.1.41 Trying 192.168.1.41 ... Press CTRL+K to abort Connected to 192.168.1.41 ...

activation-key

Syntax

activation-key character

undo activation-key

View

User interface view

Default level

3: Manage level

Parameters

character: Shortcut key for starting a terminal session, a single character (or its corresponding ASCII code value that ranges from 0 to 127) or a string of 1 to 3 characters. However, only the first character functions as the shortcut key. For example, if you input an ASCII code value of 97, the system uses its corresponding character a as the shortcut key. If you input string b@c, the system uses the first character

b as the shortcut key.

Description

Use the activation-key command to define a shortcut key for starting a terminal session.

Use the undo activation-key command to restore the default.

By default, pressing the Enter key starts a terminal session. However, if a new shortcut key is defined with the activation-key command, the Enter key no longer functions. To display the shortcut key you have defined, use the display current-configuration | include activation-key command.

NOTE:

The activation-key command is not supported by the VTY user interface.

Examples

# Configure character s as the shortcut key for starting a terminal session on the console port.

<Sysname> system-view [Sysname] user-interface aux 0 [Sysname-ui-aux0] activation-key s

To verify the configuration:

• Exit the terminal session on the console port.

[Sysname-ui-aux0] return <Sysname> quit

• Log in to the console port again. The following message appears.

****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ******************************************************************************

User interface aux0 is available.

Please press ENTER.

• At this moment, pressing Enter does not start a session. To start the terminal session, enter s.

<Sysname> %Mar 2 18:40:27:981 2005 Sysname SHELL/5/LOGIN: Console login from aux0

auto-execute command

Syntax

auto-execute command command

undo auto-execute command

View

User interface view

Default level

3: Manage level

Parameters

command: Specifies a command to be automatically executed.

Description

Use the auto-execute command command to specify a command to be automatically executed when a user logs in to the current user interface.

Use the undo auto-execute command command to remove the configuration.

By default, command auto-execution is disabled.

The auto-execute command command is not supported by the AUX user interface.

The system automatically executes the specified command when a user logs in to the user interface, and tears down the user connection after the command is executed. If the command triggers another task, the system does not tear down the user connection until the task is completed.

Examples

Typically, you can use the auto-execute command telnet command in user interface view to enable a user to automatically Telnet to the specified host when the user logs in to the device. After the user terminates the connection with the host, the user’s connection with the device is automatically terminated.

CAUTION:

The auto-execute command command may disable you from configuring the system through the user interface to which the command is applied. Before confi

uring the command and saving the configuration (by using the save command), make sure that you can access the device through VTY or AUX user interfaces to remove the configuration when a problem occurs.

# Configure the device to automatically Telnet to 192.168.1.41 after a user logs in to interface VTY 0.

<Sysname> system-view <Sysname> system-view [Sysname] user-interface vty 0 [Sysname -ui-vty0] auto-execute command telnet 192.168.1.41 % This action will lead to configuration failure through ui-vty0. Are you sure? [Y/N]:y [Sysname-ui-vty0]

To verify the configuration:

Tel net to 19 2.168 .1.4 0 . T h e d e vic e aut o ma tic a ll y Tel n et s to 19 2.168 .1.41. T he f oll owin g ou tpu t is displayed:

C:\> telnet 192.168.1.40 ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. *

******************************************************************************

<Sysname> Trying 192.168.1.41 ... Press CTRL+K to abort Connected to 192.168.1.41 ... ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ******************************************************************************

<Sysname.41>

This operation is the same as directly logging in to the device at 192.168.1.41. If the Telnet connection to

192.168.1.41 is broken down, the Telnet connection to 192.168.1.40 breaks down at the same time.

authentication-mode

Syntax

authentication-mode { none | password | scheme }

undo authentication-mode

View

User interface view

Default level

3: Manage level

Parameters

none: Performs no authentication.

password: Performs local password authentication.

scheme: Performs AAA authentication. For more information about AAA, see Security Configuration Guide.

Description

Use the authentication-mode command to set the authentication mode for the user interface.

Use the undo authentication-mode command to restore the default.

By default, the authentication mode for VTY user interfaces is password, and for AUX user interfaces is none.

Related commands: set authentication password.

Examples

# Specify that no authentication is needed for VTY 0. (This mode is insecure.)

<Sysname> system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode none

# Use password authentication when users log in to the device through VTY 0, and set the authentication password to 321.

<Sysname> system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode password [Sysname-ui-vty0] set authentication password cipher 321

# Authenticate users by username and password for VTY 0. Set the username to 12 3 and the password to 321.

<Sysname> system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode scheme [Sysname-ui-vty0] quit [Sysname] local-user 123 [Sysname-luser-123] password cipher 321 [Sysname-luser-123] service-type telnet [Sysname-luser-123] authorization-attribute level 3

command accounting

Syntax

command accounting

undo command accounting

View

User interface view

Default level

3: Manage level

Parameters

None

Description

Use the command accounting command to enable command accounting.

Use the undo command accounting command to restore the default.

By default, command accounting is disabled. The accounting server does not record the commands that users have executed.

When command accounting is enabled and command authorization is not, every executed command is recorded on the HWTACACS server.

When both command accounting and command authorization are enabled, only the authorized and executed commands are recorded on the HWTACACS server.

Examples

# Enable command acc ounting on VTY 0. Then t he HW TACACS ser ver records the commands executed by users that have logged in through VTY 0.

<Sysname> system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] command accounting

command authorization

Syntax

command authorization

undo command authorization

View

User interface view

Default level

3: Manage level

Parameters

None

Description

Use the command authorization command to enable command authorization.

Use the undo command authorization command to restore the default.

By default, command authorization is disabled. Logged-in users can execute commands without authorization.

With command authorization enabled, users can perform only commands authorized by the server.

Examples

# Enable command accounting for VTY 0 so that users logging in from VTY 0 can perform only the commands authorized by the HWTACACS server.

<Sysname> system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] command authorization

databits

Syntax

databits { 5 | 6 | 7 | 8 }

undo databits

View

User interface view

Default level

2: System level

Parameters

5: Sets 5 data bits for each character.

6: Sets 6 data bits for each character.

7: Sets 7 data bits for each character.

8: Sets 8 data bits for each character.

Description

Use the databits command to set data bits for each character.

Use the undo databits command to restore the default.

By default, 8 data bits are set for each character.

NOTE:

• The command is only applicable to the asynchronous serial port (console port).

• The data bits settin

must be the same for the user interfaces of the connecting ports on the device and

the terminal device for communication.

Examples

# Specify 5 data bits for each character.

<Sysname> system-view [Sysname] user-interface aux 0 [Sysname-ui-aux0] databits 5

display telnet client configuration

Syntax

display telnet client configuration [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display telnet client configuration command to display the configuration of the device when it serves as a Telnet client.

Examples

# Display the configuration of the device when it serves as a Telnet client.

<Sysname> display telnet client configuration The source IP address is 1.1.1.1.

The output shows that when the device serves as a client, the source IPv4 address for sending Telnet p a c k et s i s 1.1.1.1.

display user-interface

Syntax

display user-interface [ num1 | { aux | vty } num2 ] [ summary ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

num1: Absolute number of a user interface. The value range varies with devices, and typically starts from

aux: Specifies the AUX user interface.

vty: Specifies the VTY user interface.

num2: Relative number of a user interface. The value range varies with devices for an AUX user interface and the value is in the range of 0 to 15 for a VTY user interface.

summary: Displays summary about user interfaces.

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display user-interface command to display information about the specified or all user interfaces.

If the summary keyword is not included, the command displays the type of the user interface, absolute or relative number, transmission rate, user privilege level, authentication mode, and the access port.

If the summary keyword is included, the command displays all the numbers and types of user interfaces.

Examples

# Display information about user interface 0.

<Sysname> display user-interface 0 Idx Type Tx/Rx Modem Privi Auth Int F 0 AUX 0 9600 - 3 N -

+ : Current user-interface is active. F : Current user-interface is active and work in async mode. Idx : Absolute index of user-interface. Type : Type and relative index of user-interface. Privi: The privilege of user-interface. Auth : The authentication mode of user-interface. Int : The physical location of UIs.

A : Authentication use AAA. L : Authentication use local database. N : Current UI need not authentication. P : Authentication use current UI's password.

Table 1 Output description

Field Description

+ The current user interface is active.

F The current user interface is active and works in asynchronous mode.

Idx Absolute number of the user interface.

Type Type and relative number of the user interface.

Tx/Rx Transmission/Receive rate of the user interface

Modem

Whether the modem is allowed to dial in (in), dial out (out), or both (inout)

By default, the character - is displayed to indicate that this function is disabled.

Privi Indicates the command level of a user under that user interface

Auth Authentication mode for the users, which can be A, P, L, and N.

Int

The physical port that corresponds to the user interface. (For AUX and VTY user interfaces,

- is displayed.)

A AAA authentication

L Local authentication (not supported)

N No authentication

P Password authentication

# Display summary about all user interfaces.

<Sysname> display user-interface summary User interface type : [AUX] 0:UX User interface type : [VTY] 18:UXXX XXXX XXXX XXXX

2 character mode users. (U) 16 UI never used. (X) 2 total UI in use

Table 2 Output description

Field Description

User interface type Type of user interface (AUX/VTY)

0:X

character mode users. (U) Number of users, or, the total number of character U.

UI never used. (X)

0 represents the absolute number of the user interface. X means this user interface is not used; U means this user interface is in use.

Number of user interfaces not used, or, the total number of character X.

Field Description

total UI in use Total number of user interfaces in use

display users

Syntax

display users [ all ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all: Displays information about all user interfaces that the device supports.

|: Filters command output by specifying a regular expression. For more information about regular

expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display users command to display information about the user interfaces that are being used.

Use the display users all command to display information about all user interfaces supported by the device.

Examples

# Display information about the user interfaces that are being used.

<Sysname> display users The user application information of the user interface(s): Idx UI Delay Type Userlevel + 18 VTY 0 00:00:00 TEL 3 19 VTY 1 00:02:34 TEL 3

Following are more details. VTY 0 : Location: 192.168.1.54 VTY 1 : Location: 192.168.1.58 + : Current operation user. F : Current operation user work in async mode.

The output shows that two users have logged in to the device. The one with IP address 192.168.1.54 uses VTY 0, and the other with IP address 192.168.1.58 uses VTY 1.

+ 190 hidden pages

HP A7500 Command Reference Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

CLI configuration commands

command-alias enable

command-alias mapping

command-privilege

display clipboard

display command-alias

display history-command

display hotkey

hotkey

quit

return

screen-length disable

super

super authentication-mode

super password

system-view

Logging in to the switch commands

acl (user interface view)

activation-key

auto-execute command

authentication-mode

command accounting

command authorization

databits

display telnet client configuration

display user-interface

display users