Netopia CLI 874 User Manual
Command Line Interface
Commands Reference
Firmware Version 8.7.4
Motorola Netopia® ENT-Series Routers
2 Command Line Interface Commands Reference
Copyright
Copyright © 2007 by Motorola, Inc.
All rights reserved. No part of this publication may be reproduced in any form or by any means or
used to make any derivative work (such as translation, transformation or adaptation) without
written permission from Motorola, Inc.
Motorola reserves the right to revise this publication and to make changes in content from time to
time without obligation on the part of Motorola to provide notification of such revision or change.
Motorola provides this guide without warranty of any kind, either implied or expressed, including,
but not limited to, the implied warranties of merchantability and fitness for a par ticular purpose.
Motorola may make improvements or changes in the product(s) described in this manual at any
time. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office.
Microsoft, Windows, Windows Me, and Windows NT are either trademarks or registered
trademarks of Microsoft Corporation in the U.S and/or other countries. Macintosh is a registered
trademark of Apple, Inc. Firefox is a registered trademark of the Mozilla Foundation. All other
product or service names are the property of their respective owners.
Motorola, Inc.
1303 East Algonquin Road
Schaumburg, Illinois 60196
USA
Firmware Version 8.7.4
Part Number
Motorola part number 6160028-00-24
Contents
Contents 3
Chapter 1 — Introduction.......................................................... 1-1
New Commands in Firmware Version 8.7.4...................... 1-1
Syntax Notation ............................................................. 1-2
Interface Naming Conventions ........................................ 1-3
Security (Configuration Access) ....................................... 1-3
Entering and Editing Commands...................................... 1-3
Online Help ................................................................... 1-5
Chapter 2 — Motorola Netopia® Router CLI Commands ............. 2-1
Configuration Access Commands .................................... 2-3
MAC Address Security Commands....................... 2-12
System Heartbeat Configuration Commands.................. 2-13
Tiered Configuration Access Commands ........................ 2-15
Interface Configuration Commands ............................... 2-16
Additional LAN configuration command ................ 2-16
Ethernet Interface configuration commands ......... 2-18
Virtual LAN (VLAN) configuration commands......... 2-36
RADIUS Authentication Profile configuration
commands ........................................................ 2-39
NetBIOS configuration commands ....................... 2-41
Generic WAN Interface configuration commands... 2-43
Restricted WAN Interface configuration
commands ........................................................ 2-44
ISDN WAN Interface configuration commands ...... 2-45
ADSL WAN Interface configuration commands ...... 2-49
SDSL WAN Interface configuration commands...... 2-51
Priority Queuing (TOS bit) Commands .................. 2-55
Differentiated Services (Diffserv) commands....... 2-56
PVCs................................................................. 2-58
DSL Line Type Interface Configuration Commands 2-61
T1 WAN Interface configuration commands .......... 2-62
T1 Statistic and Diagnostic commands................ 2-65
Unprotected Services Configuration Commands ............. 2-68
G
4 Command Line Interface Commands Reference
IGMP Configuration Commands..................................... 2-70
Global IP Configuration Commands................................ 2-73
DHCP Gen-Options, Option Groups, and Option Filtersets
Commands.................................................................. 2-77
DHCP Gen-Options commands ............................ 2-77
DHCP Option Groups commands......................... 2-81
DHCP Option Filtersets commands...................... 2-82
Wireless Configuration Commands ................................ 2-86
Wireless Privacy Commands (new and revised) .... 2-91
Wireless Multiple SSID Commands ..................... 2-93
Wireless MultiMedia (WMM) Configuration
Commands........................................................ 2-96
ARP Configuration Commands....................................... 2-97
ARP and Bridge timeout settings ......................... 2-98
Scheduled Connections Configuration Commands .......... 2-98
Default Profile Configuration Commands ...................... 2-100
Frame Relay Configuration Commands......................... 2-101
Miscellaneous Commands.......................................... 2-103
IP Network Address Translation (NAT) Commands......... 2-110
NAT Application Layer Gateway Commands ........ 2-114
Backup Configuration Commands................................ 2-115
Serial port modem backup configuration
commands ...................................................... 2-118
RADIUS Authentication Configuration Commands ......... 2-119
TACACS+ Authentication Configuration Commands ....... 2-120
IP Filterset Configuration Commands ........................... 2-121
Hardware Acceleration Configuration Commands.......... 2-123
Global IPSec/IKE Configuration Commands.................. 2-124
IKE Dead Peer Detection .................................. 2-129
Xauth configuration commands ......................... 2-130
Current Restrictions ................................................... 2-131
Chapter 3 — Motorola Netopia® Router Connection
Profile Commands ................................................3-1
Contents 5
Connection Profile Commands ........................................ 3-2
Note on Connection Profile numbering sequence.. 3-10
PPTP commands................................................ 3-18
Manual connect/disconnect commands .............. 3-19
Backup configuration commands......................... 3-19
RIP-2 MD5 configuration commands .................... 3-19
IP NAT Passthrough Commands .......................... 3-20
Stateful Inspection Commands ........................... 3-21
L2TP Connection Profile Configuration Commands 3-22
GRE Connection Profile Configuration Commands . 3-23
CompuServe Login............................................. 3-24
IPSec/IKE ......................................................... 3-26
Chapter 4 — Motorola Netopia® Router Text Configuration
Upload ................................................................. 4-1
TFTP Text Configuration Upload Overview ......................... 4-1
SNMP ................................................................. 4-1
VT100 Menu Console........................................... 4-1
VT100 Command Line Console ............................. 4-2
Example Text Configuration File....................................... 4-3
G
Chapter 5 — CLI Error Messages ..............................................5-1
Negative errors.............................................................. 5-1
Fatal system errors .............................................. 5-1
Parsing or tokenizing errors .................................. 5-1
Fatal syntax errors ............................................... 5-2
Voice command errors ....................................... 5-10
Fatal access control errors ................................. 5-11
Positive errors ............................................................. 5-11
Index of Commands ................................................................. 1-13
6 Command Line Interface Commands Reference
Introduction 1-1
Chapter 1
Introduction
This
Command Line Interface Commands Reference
Command Line Interface for the Motorola Netopia® router family. It provides information required to configure
the router firmware and troubleshoot problems using the Command Line Interface.
This document is intended for small office, home office, and remote office users, and other networking
professionals who administer networks using Motorola Netopia® routers.
contains information on the syntax and use of the
Note:
version is noted, the commands given are supported on all platforms.
Restrictions among firmware versions are noted in the body of this document. Where no firmware
New Commands in Firmware Version 8.7.4
Firmware Version 8.7.4 adds new and revised commands for the following:
IP multicast to layer 2 unicast mapping. See “IGMP Configuration Commands” on page 2-70.
■
Change backup timer from minutes to seconds. See “Backup Configuration Commands” on page 2-115.
■
■
Support for router-generated packets with source address outside of local member range for IPSec force all
tunnels. See “Unprotected Services Configuration Commands” on page 2-68.
Enhanced VLAN Support and configuration changes. See “Virtual LAN (VLAN) configuration commands” on
■
page 2-36.
■
DHCP Filterset, Option Groups, DHCP Generic Options support. See “DHCP Gen-Options, Option Groups,
and Option Filtersets Commands” on page 2-77.
1-2 Command Line Interface Commands Reference
Syntax Notation
The command descriptions use formatted text to indicate various attributes of each command. The syntax is as
follows:
Required keywords and commands that must be typed literally are in
■
■
Optional elements are enclosed in square brackets “[]”.
■
Mutually exclusive elements are contained in braces “{}” and separated by vertical bars “|”.
Arguments for which you supply values are in
■
■
Examples of commands you type and the results of those commands are in the
■
An element that may be repeated one or more times is followed by a superscripted plus sign
■
An element that may be repeated zero or more times is followed by a superscripted asterisk
italics
.
boldface
.
courier
typeface.
“+”.
“*”.
Introduction 1-3
Interface Naming Conventions
A number of commands described in this document require you to identify the router inter face to be affected by
the command. This requires specifying both an interface type (denoted
(denoted id).
The
intf-type
argument may be replaced with one of the following keywords:
intf-type
) and an interface index
adsl | aux
If a command is not specific to a particular WAN interface type, the
the more specific
Note:
The id argument can be replaced with 0, 1, or 2, as follows:
■
■
■
So, for example, the ethernet hublet is identified as “interface ethernet 0”. In some contexts, only a WAN
interface may be specified, in which case the command syntax will specify
id
equipment.
For IDSL interfaces, use the keyword
0
means the motherboard
1
means the WAN 1 slot
2
means the WAN 2 slot
. The
wan-id
|
dds
|
ethernet
intf-type
argument can be replaced by either 1 (the WAN 1 slot) or 2 (the WAN 2 slot) on R-Series
must be specified.
|
isdn
isdn
.
|
sdsl
| t1 |
intf-type wan
wan
|
serial
may be specified; otherwise,
wan-id
instead of the more general
Security (Configuration Access)
If the device is password-protected, the device requires you to enter a name and password before you can
access the menu-based or command line console interface. See the section “Configuration Access
Commands” on page 2-3.
Entering and Editing Commands
The device’s console user interface comes up in Menu mode by default. In this mode you use the arrow,
Escape, and Return/Enter keys to navigate through a series of screens. To invoke the command line at any
time, type
Menu mode type Control-N again.
Control-N
. The console will erase the window, and you will be presented with a # prompt. To return to
1-4 Command Line Interface Commands Reference
The following table provides a description of keys that can be used when entering and editing commands.
Control indicates the Control key, which must be pressed simultaneously with the associated letter key. Escape
indicates the Escape key, which must be pressed and released first, followed by its associated letter key. Keys
are not case-sensitive.
Command Editing Keys and Functions
Key Function
Control-A Moves the cursor to the beginning of the command line.
Control-E Moves the cursor to the end of the command line.
Control-K Deletes all characters from the cursor to the end of the
command line.
Control-N Invokes the command line interface from the menu console.
Invokes the menu console from the command line interface.
Control-U Deletes all characters from the cursor back to the beginning of
the command line.
Control-W Deletes the word to the left of the cursor.
Escape B Moves the cursor back one word.
Escape D Deletes from the cursor to the end of the word.
Escape F Moves the cursor forward one word.
Introduction 1-5
Online Help
Beginning with Firmware Version 8.6, online help is available to prompt you when entering commands. If you
enter a partial or incorrect command, the help facility displays prompts to aler t you to the correct syntax for the
command. The help facility offers expected keywords from which to select, and an explanation of error
messages.
Example:
If you enter the partial command
the command is successfully entered.
#show snmp
; error 103: incomplete command
; acceptable next keywords:
; authentication
; community
; heartbeat-interval
; notify
; system
; trap
#show snmp authentication
; error 103: incomplete command
; next keyword must be:
; traps
#show snmp authentication traps
; error 103: incomplete command
; next keyword must be:
; enable
#show snmp authentication traps enable
snmp authentication traps enable no
show snmp
, the help facilty will prompt you with the appropriate keywords until
1-6 Command Line Interface Commands Reference
Motorola Netopia® Router CLI Commands 2-1
Chapter 2
Motorola Netopia® Router CLI Commands
This chapter describes the syntax of the supported command set of the Motorola Netopia® R-series,
4000-series, and 3000 Enterprise-series Router families.
“Configuration Access Commands” on page 2-3
■
■
“MAC Address Security Commands” on page 2-12
“System Heartbeat Configuration Commands” on page 2-13
■
■
“Tiered Configuration Access Commands” on page 2-15
■
“Interface Configuration Commands” on page 2-16
“Additional LAN configuration command” on page 2-16
■
■
“Ethernet Interface configuration commands” on page 2-18
■
“Ethernet Interface Stateful Inspection Commands” on page 2-22
“Virtual LAN (VLAN) configuration commands” on page 2-36
■
■
“RADIUS Authentication Profile configuration commands” on page 2-39
“NetBIOS configuration commands” on page 2-41
■
■
“Generic WAN Interface configuration commands” on page 2-43
■ “Restricted WAN Interface configuration commands” on page 2-44
■ “ISDN WAN Interface configuration commands” on page 2-45
■ “ADSL WAN Interface configuration commands” on page 2-49
■ “SDSL WAN Interface configuration commands” on page 2-51
■ “Priority Queuing (TOS bit) Commands” on page 2-55
■ “Differentiated Services (Diffserv) commands” on page 2-56
■ “PVCs” on page 2-58
■ “DSL Line Type Interface Configuration Commands” on page 2-61
■ “T1 WAN Interface configuration commands” on page 2-62
■ “T1 Statistic and Diagnostic commands” on page 2-65
■ “Unprotected Services Configuration Commands” on page 2-68
■ “IGMP Configuration Commands” on page 2-70
■ “Global IP Configuration Commands” on page 2-73
■ “DHCP Gen-Options, Option Groups, and Option Filtersets Commands” on page 2-77
■ “Wireless Configuration Commands” on page 2-86
2-2 Command Line Interface Commands Reference
■ “ARP Configuration Commands” on page 2-97
■ “Scheduled Connections Configuration Commands” on page 2-98
■ “Default Profile Configuration Commands” on page 2-100
■ “Frame Relay Configuration Commands” on page 2-101
■ “Miscellaneous Commands” on page 2-103
■ “IP Network Address Translation (NAT) Commands” on page 2-110
■ “Backup Configuration Commands” on page 2-115
■ “Serial port modem backup configuration commands” on page 2-118
■ “RADIUS Authentication Configuration Commands” on page 2-119
■ “TACACS+ Authentication Configuration Commands” on page 2-120
■ “IP Filterset Configuration Commands” on page 2-121
■ “Hardware Acceleration Configuration Commands” on page 2-123
■ “Global IPSec/IKE Configuration Commands” on page 2-124
■ “IKE Dead Peer Detection” on page 2-129
■ “Xauth configuration commands” on page 2-130
■ “Current Restrictions” on page 2-131
Configuration Access Commands
Configuration Access Commands
date xx/yy/zz
show date
exit
preferences changes immediate { yes | no }
show preferences changes immediate
no preferences changes immediate
preferences check vci { yes | no }
preferences console default { menu | cli }
show preferences console default
preferences console timeout seconds
no preferences console timeout
show preferences console timeout
Motorola Netopia® Router CLI Commands 2-3
preferences date format { mm/dd/yy | dd/mm/yy | yy/mm/dd }
show preferences date format
preferences output format { terse | verbose }
show preferences output format
preferences output mask { bits | dotted-quad }
show preferences output mask
preferences time format { am-pm | 24-hour }
show preferences time format
security password
no security password
snmp authentication traps enable [ yes | no ]
no snmp authentication traps enable
show snmp authentication traps enable
snmp community { ro | read-only
no snmp community [ ro | read-only | rw | read-write ] [string]
| rw | read-write } string
2-4 Command Line Interface Commands Reference
Configuration Access Commands (cont. 1)
snmp heartbeat-interval interval
show snmp heartbeat-interval
no snmp heartbeat-interval
snmp notify type [ v1-trap | v2-trap | inform ]
snmp system contact string
show snmp system contact
no snmp system contact
snmp system location string
show snmp system location
no snmp system location
snmp system name string
show snmp system name
no snmp system name
snmp system trap source address [ lan | wan ]
system syslog enable { yes | no }
no system syslog enable
show system syslog enable
system syslog host-name hostname
no system syslog host-name
show system syslog host-name
system syslog facility facility
show system syslog facility
system syslog log-violations { yes | no }
no system syslog log-violations
show system syslog log-violations
system syslog log-accepts { yes | no }
no system
show system syslog log-accepts
syslog log-accepts
Configuration Access Commands (cont. 2)
system syslog log-attempts { yes | no }
no system syslog log-attempts
show system syslog log-attempts
telnet { hostname | ip-addr } [ port value ] [ source ip_addr ]
show telnet sessions
telnet suspend [ a... z ]
show telnet suspend
telnet resume [ 1... 6 ]
telnet terminate [ 1... 6 ]
telnet server port [ port number ]
show telnet server port
time hh:mm [ am | pm ]
show time
Motorola Netopia® Router CLI Commands 2-5
user name password
no user name [password]
MAC Address Security Commands
security mac-auth mode [ disabled | allow-list | deny-list ]
show security mac-auth mode
security mac-auth wireless-only [ yes | no ]
show security mac-auth wireless-only
security mac-auth mac-deny MAC-addr
show security mac-deny
security mac-auth mac-allow MAC-addr
show security mac-auth mac-allow
2-6 Command Line Interface Commands Reference
The preferences command allows you to customize certain aspects of the command line interface. Preference
settings persist across restarts, and are specific to the user name, if any, you used to authenticate yourself
before issuing the preferences command. If no users are defined, no authentication is required, and preference
settings are global.
date xx/yy/zz
show date
These commands allow you to set or display the current date for the router’s system clock.
exit
The exit command terminates your current console session. If you are connected via telnet or a modem, the
connection will be closed. If you are logged in via the serial console, you will return to the command line or
menu-based console based on your default console setting. (See the preferences console default command on
page 2-6.) In either case, you will be prompted either with a login prompt (if one or more users are defined), or
the initial prompt for the selected console interface (if no users are defined).
preferences changes immediate { yes | no }
show preferences changes immediate
no preferences changes immediate
These commands allow you to specify whether or not WAN configuration changes will take effect immediately.
When you specify no, any changes you make to the WAN configuration (except NAT) will not take effect until the
router is reset.
Note: The router will reboot immediately when the value of the changes immediate preference item changes.
No warning is given.
preferences check vci { yes | no }
Note: This command is supported beginning with firmware version 8.2.
This command allows you to set the VCI to any value in the CLI, menu, or SNMP. The ability to set a VCI to 0 –
31 is not normally permitted. This command allows you to override this check and allow a VCI of value 0 – 31.
preferences console default { menu | cli }
show preferences console default
The preferences console default command specifies the console interface that will be presented to the user on
subsequent logins. When set to menu (the default), the user will be presented with the menu-based console
interface on subsequent logins. When set to cli, the user will be presented with the command line console
interface on subsequent logins. If the preferences console default command is issued and there are no users
defined, the setting will determine the console interface that will be presented to all newly established console
sessions (via either the serial console port or via telnet).
Motorola Netopia® Router CLI Commands 2-7
preferences console timeout seconds
no preferences console timeout
show preferences console timeout
These commands control the command-line and menu-based console auto logout. Note that the no preferences
console timeout command sets the timeout to zero, which disables the timeout.
The command:
no preferences console timeout
is equivalent to:
preferences console timeout 0
Example:
preferences console timeout 300
preferences date format { mm/dd/yy | dd/mm/yy | yy/mm/dd }
show preferences date format
These commands allow you to set or display your date formatting preferences for the router’s system clock.
preferences output format { terse | verbose }
show preferences output format
The preferences output format command affects the format of the output from show commands. When set to
verbose (the default), the output from show commands is formatted as a valid command line interface
command that could be entered at a command prompt. When set to terse, the output from show commands is
not formatted as a valid command line interface command that could be entered at a command prompt, but
rather includes only the value of the requested attribute. The terse mode may be more useful if the output will
be processed by a computer rather than a human being.
Example:
#preferences output format verbose
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1/24
#preferences output format terse
#show interface ethernet 0 ip address
192.168.1.1/24
2-8 Command Line Interface Commands Reference
preferences output mask { bits | dotted-quad }
show preferences output mask
The preferences output mask command affects the format of the output from those show commands that
display an IP address together with a subnet mask. When set to bits (the default), the IP address and subnet
mask are output in prefix notation – i.e., an IP address in dotted-quad notation followed by a slash followed by
the number of consecutive ones-bits in the subnet mask – whereas when set to dotted-quad, the IP address
and subnet mask are output as two consecutive dotted-quads.
Example:
#preferences output mask bits
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1/24
#preferences output mask dotted-quad
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1 255.255.255.0
preferences time format { am-pm | 24-hour }
show preferences time format
These commands allow you to set or display your time formatting preferences for the router’s system clock.
security password
Enter old password: old password
Enter new password: new password
Re-enter password: new password
no security password
Enter old password:old password
These commands let you set and delete the Security Options screen password. After you enter the command
the console prompts you for the existing password if you have one, then it prompts you to enter and re-enter a
new password (eleven characters maximum). The no command will prompt you for a password if there was one,
and will then delete that password.
snmp authentication traps enable [ yes | no ]
no snmp authentication traps enable
show snmp authentication traps enable
These commands allow you to enable, disable, or show the status of SNMP authentication traps.
snmp community { ro | read-only | rw | read-write } string
no snmp community [ ro | read-only | rw | read-write ] [string]
These commands allow you to add or delete the SNMP community Read-Only and Read-Write strings.
Motorola Netopia® Router CLI Commands 2-9
snmp heartbeat-interval interval
show snmp heartbeat-interval
no snmp heartbeat-interval
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to set, show, or delete the SNMP heartbeat interval. A single configuration item
governs heartbeat traps, the time interval between traps. Permitted values are 0 – 65535 minutes. A value of
zero, the default, means the trap is disabled. This value can be configured by the CLI and SNMP. When the
interval value is set to a positive number, a trap is sent immediately and the new (or same) interval value takes
effect.
snmp notify type [ v1-trap | v2-trap | inform ]
Note: This command is supported beginning with firmware version 8.4.2.
This command allows you to set the type of SNMP traps that the system will generate: v1, v2(c), or, beginning
with Firmware Version 8.4.2, inform.
snmp system contact string
show snmp system contact
no snmp system contact
These commands set, display, or clear the router's SNMP system contact (sysContact) string.
snmp system location string
show snmp system location
no snmp system location
These commands set, display, or clear the router's SNMP system location (sysLocation) string.
snmp system name string
show snmp system name
no snmp system name
These commands set, display, or clear the router's SNMP system name (sysName) string.
snmp system trap source address [ lan | wan ]
Note: This command is supported beginning with firmware version 8.5.
This command allows you to specify whether the source address for SNMP traps should be on the LAN or the
WAN. When this parameter is set to lan, all SNMP v2 and inform traps use the source IP address of the primary
LAN interface. Otherwise, the IP address of the WAN interface is used.
system syslog enable { yes | no }
no system syslog enable
show system syslog enable
Note: These commands are supported beginning with Firmware Version 8.2.
2-10 Command Line Interface Commands Reference
These commands allow you to enable, disable, or show the status of logging of system events for reporting by
a Syslog client. By default, all events are logged in the event history. By using the syslog commands that follow
to set each event descriptor to either yes or no, you can determine which ones are logged and which are
ignored.
system syslog host-name hostname
no system syslog host-name
show system syslog host-name
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to specify, disable, or show the status of the syslog server’s address either in
dotted decimal format or as a DNS name up to 64 characters.
system syslog facility facility
show system syslog facility
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to specify or show the UNIX syslog Facility. facility values may be "local0" through
"local7".
system syslog log-violations { yes | no }
no system syslog log-violations
show system syslog log-violations
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether violations are logged or ignored.
system syslog log-accepts { yes | no }
no system syslog log-accepts
show system syslog log-accepts
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether acceptances are logged or ignored.
system syslog log-attempts { yes | no }
no system syslog log-attempts
show system syslog log-attempts
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether connection attempts are logged or ignored.
Motorola Netopia® Router CLI Commands 2-11
telnet { hostname | ip-addr } [ port value ] [ source ip_addr ]
show telnet sessions
Note: These commands are supported beginning with Firmware Version 8.7.
These commands allow you to initiate or show up to six telnet sessions from the command line without
returning to the console menu interface. Using the command line, you can resume sessions star ted by the
console menu and vice versa.
Example:
#show telnet sessions
#1 192.168.1.253
#2 192.168.1.91
#3 10.8.200.16
#4 no active session
#5 no active session
#6 no active session
telnet suspend [ a... z ]
show telnet suspend
telnet resume [ 1... 6 ]
telnet terminate [ 1... 6 ]
Note: These commands are supported beginning with Firmware Version 8.7.
These commands allow you to suspend telnet sessions indicated by alphabetic letter, a through z, from the
command line.
Telnet sessions specified by number, 1 through 6, may be resumed or terminated.
The show command displays telnet sessions that have been previously suspended using the suspend
command.
telnet server port [ port number ]
show telnet server port
These commands allow you to set or display the TCP port on which the router is currently listening for incoming
telnet management sessions. If you change the port number, the router will immediately stop accepting new
sessions at the old port number, and only accept incoming sessions on the new port number. All sessions
currently connected to the old por t number will remain connected. Allowed values for por t number are 1 65535, except for 80 and 1723.
time hh:mm [ am | pm ]
show time
These commands allow you to set or display the current time for the router’s system clock.
2-12 Command Line Interface Commands Reference
MAC Address Security Commands
Note: These commands are supported beginning with firmware version 8.5.
security mac-auth mode [ disabled | allow-list | deny-list ]
show security mac-auth mode
These commands allow you to configure or display the global MAC authentication mode. If set to allow-list, all
non-matching unicasts will be dropped. If set to deny-list, all matching unicasts will be dropped.
security mac-auth wireless-only [ yes | no ]
show security mac-auth wireless-only
These commands allow you to restrict or display the restricted status of MAC address authentication. If set to
yes, the MAC authentication applies only to the wireless interface, on models so equipped. If set to no, packets
received at all interfaces on the LAN are subject to the MAC filtering table.
security mac-auth mac-deny MAC-addr
show security mac-deny
These commands allow you to specify or display the MAC address for hosts on the wired or wireless LAN (if so
restricted) whose source or destination MAC address will cause the router to filter their packets.
security mac-auth mac-allow MAC-addr
show security mac-auth mac-allow
These commands allow you to specify or display the MAC address for hosts on the wired or wireless LAN (if so
restricted) whose source or destination MAC address will cause the router to pass their packets.
Note: Wireless MAC authentication commands are also supported. See “Wireless Configuration Commands”
on page 2-86.
Motorola Netopia® Router CLI Commands 2-13
System Heartbeat Configuration Commands
Note: The commands in this section are supported beginning with firmware version 8.5.
System Heartbeat Configuration Commands
heartbeat enable { yes | no }
show heartbeat enable
heartbeat protocol { udp | tcp }
show heartbeat protocol
heartbeat client-por t por t
show heartbeat client-por t
heartbeat interval time (in seconds)
show heartbeat interval time
heartbeat count count
show heartbeat count
heartbeat sleep-time time (in seconds)
show heartbeat sleep-time
heartbeat server port por t
show heartbeat server port
heartbeat server address address
show heartbeat server address
heartbeat server url url
show heartbeat server url
heartbeat interval contact-email email_address
show heartbeat interval contact-email
heartbeat interval location location
show heartbeat interval location
reset heartbeat
2-14 Command Line Interface Commands Reference
heartbeat enable { yes | no }
show heartbeat enable
These commands allow you to enable, disable, or show the status of the system heartbeat.
Once a unit is configured and restarted, the WAN link is up and the WAN IP address is established, the
heartbeat will begin executing and sending its payloads (or establishing its connection in the case of TCP). A
special case is when the ip-server address is on the LAN. In this case, the payloads will be routed to the LAN
side address, but only after the WAN link and WAN IP addresses have been established.
If, at any time during the heartbeat sequence, the link state changes – which means, for example, that there is
a layer 1 disconnect or a change in the IP layer parameters from a DHCP acquisition or a renegotiated PPP
session – the sequence will restart. You can also restart the sequence manually. In addition, in TCP mode once
the connection has been established, the sequence will be restarted any time the remote server closes it.
heartbeat protocol { udp | tcp }
show heartbeat protocol
These commands allow you to specify or show the protocol to be used for the system heartbeat, udp or tcp.
The heartbeat is a state machine:
■ If you select udp, there are no connections to the server. If the server address is known, it simply sends
the payloads in UDP.
■ If you select tcp, it tries to connect to the server address, and keeps trying to connect for 20 attempts at
thirty-second intervals. If a connection is not established, it sleeps for a minimum of either 30 minutes, or
whatever is programmed as the sleep-time. See below.
heartbeat client-por t por t
show heartbeat client-por t
These commands allow you to specify or show the client port to be used for the system heartbeat.
heartbeat interval time (in seconds)
show heartbeat interval
These commands allow you to specify or show the heartbeat interval. in seconds.
heartbeat count count
show heartbeat count
These commands allow you to specify or show the heartbeat count within the specified interval.
heartbeat sleep-time time (in seconds)
show heartbeat sleep-time
These commands allow you to specify or show the heartbeat sleep time, in seconds, during which the system
will wait before retrying a failed connection attempt, if tcp is the specified protocol.
heartbeat server port por t
show heartbeat server port
These commands allow you to specify or show the heartbeat server port number.
Motorola Netopia® Router CLI Commands 2-15
heartbeat server address address
show heartbeat server address
These commands allow you to specify or show the heartbeat server IP address. Beginning with Firmware
Version 8.5.1, the address can also be a DNS name of up to 63 characters.
heartbeat server url url
show heartbeat server url
These commands allow you to specify or show a heartbeat server URL.
heartbeat interval contact-email email_address
show heartbeat interval contact-email
These commands allow you to specify or show an email address to be placed into the heartbeat Xml payload.
heartbeat interval location location
show heartbeat interval location
These commands allow you to specify or show a location to be placed into the heartbeat Xml payload.
reset heartbeat
This command allows you to restart the heartbeat sequence.
Tiered Configuration Access Commands
Tiered Configuration Access Commands
superuser name password
show superuser
no superuser
user name password [ { wan | lan | cp | nat | pvc | global | subnet | voice | no-web | no-telnet }*]
show user
no user name
superuser name password
show superuser
no superuser
These commands allow you to create, show, or delete a Superuser. You can only configure a Superuser if no
authorized users exist. There can be but one Superuser. The Superuser can change any attributes of any user,
including itself. However, even the Superuser cannot see what the password for a user is – the show command
will display 5 asterisks regardless of its actual length.
2-16 Command Line Interface Commands Reference
user name password [ { wan | lan | cp | nat | pvc | global | subnet | no-telnet }*]
show user
no user name
These commands allow a Superuser to create, show, or delete a user and his/her access privileges. A user can
change only his/her own password, and cannot change their access privileges. If a Superuser creates a new
user, this user inherits the privileges of the first non-Superuser, or has the default access privileges of lan |
subnet | nat | cp | global if there is no non-Superuser configured.
Permissible modifiers are:
wan
lan
cp
nat
pvc
global
subnet
no-telnet
WAN interface(s) configuration
LAN (Ethernet id) interface configuration
connection profile (and default profile) configuration
Network Address Translation configuration. This includes the ability to configure NAT
attributes in connection profiles.
ATM PVC and Frame DLCI configuration
other parameters, such as console preferences. This includes ping and traceroute
functionality.
LAN (Ethernet 0) interface ip subnet configuration
Prevents Telnet access.
Interface Configuration Commands
Additional LAN configuration command
Note: Beginning with Firmware Version 8.4.2, the firmware includes support for creating additional logical
local area networks. When used in combination with VLANs (see “Virtual LAN (VLAN) configuration commands”
on page 2-36), you can maintain separate functional end-to-end networks to support such services as
voice-over-IP, point-of-sale applications, or audio and video ser vices.
Multiple logical IP LAN support allows you to create additional IP routed LAN interfaces (ALANs). You can add,
edit, or delete Additional LANs similarly to Connection Profiles on the WAN connection. You then associate
physical or logical Ethernet-encapsulated interfaces, such as wired Ethernet por ts, wireless SSIDs, and ATM
RFC 1483 bridged VCs by attaching the ALAN to a VLAN containing these interfaces.
The additional LAN IP routed interfaces duplicate all the same parameters that apply to the primary LAN
interface, such as DHCP servers, filtersets, multicast forwarding, and RIP. You can configure up to six ALANs.
Motorola Netopia® Router CLI Commands 2-17
interface ethernet id [ yes | no ]
This command allows you to create or delete an additional LAN (ALAN) of id id. If you create an ALAN, you must
provision it with the same parameters that apply to the primary LAN.
Example:
interface ethernet 2 yes
interface ethernet 2 tag "Telecommuter"
interface ethernet 2 enable yes
interface ethernet 2 ip address 3.0.0.1/8
interface ethernet 2 ip rip receive both
interface ethernet 2 ip rip transmit no
interface ethernet 2 ip multicast-fwd no
interface ethernet 2 address-serve enable no
interface ethernet 2 address-serve clients none
interface ethernet 2 address-serve dhcp lease-time 1
interface ethernet 2 address-serve gateway default 3.0.0.1/8
interface ethernet 2 address-serve mode server
interface ethernet 2 address-serve netbios mode enable no
interface ethernet 2 address-serve netbios mode type b-node
interface ethernet 2 address-serve netbios scope enable no
interface ethernet 2 address-serve netbios name-server enable no
interface ethernet 2 address-serve netbios name-server address 0.0.0.0
interface ethernet 2 address-serve range 3.0.0.100 3.0.0.199
interface ethernet 2 mac address 00:00:c5:fa:dd:04
2-18 Command Line Interface Commands Reference
Ethernet Interface configuration commands
Ethernet Interface Configuration Commands
interface ethernet id ip address [{ ip-addr/ mask-bits | ip-addr mask | secondary }]
no interface ethernet id ip address [{ ip-addr/mask-bits | ip-addr mask | secondary }]
show interface ethernet id ip address
interface ethernet id ip dhcp client mode { standard | copper-mountain | cmn }
show interface ethernet id ip dhcp client mode
interface ethernet id ip multicast-fwd { yes | no }
no interface ethernet id ip multicast-fwd
show interface ethernet id ip multicast-fwd
interface ethernet id ip igmp-version { v1 | v2 | v3 }
show interface ethernet id ip igmp-version
interface ethernet id mac address { MAC-address | default }
show interface ethernet id mac address
interface ethernet id mode { autonegotiate | 100full | 100half | 10full | 10half |
100full-fixed | 100half-fixed | 10full-fixed | 10half-fixed }
show interface ethernet id mode
interface ethernet id ip nat enable { yes | no }
no interface ethernet id ip nat enable
show interface ethernet id ip nat enable
interface ethernet id ip nat map-list list-tag
no interface ethernet id ip nat map-list
show interface ethernet id ip nat map-list
interface ethernet wan-id ip nat passthrough enable { yes | no }
no interface ethernet id ip nat passthrough enable
show interface ethernet id ip nat passthrough enable
interface ethernet wan-id ip nat passthrough dhcp enable { yes | no }
no interface ethernet wan-id ip nat passthrough dhcp enable
show interface ethernet wan-id ip nat passthrough dhcp enable
Loading...