Command Guide
WGSW-50040
50-Port 10/100/1000Mbps with 4 Shared SFP Managed Gigabit Switch
Content
CHAPTER 1 COMMANDS FOR BASIC SWITCH CONFIGURATION...... |
1-21 |
1.1 COMMANDS FOR BASIC CONFIGURATION..................................................................... |
1-21 |
1.1.1 Authentication line........................................................................................................ |
1-21 |
1.1.2 clock set....................................................................................................................... |
1-22 |
1.1.3 config ........................................................................................................................... |
1-22 |
1.1.4 debug ssh-server ......................................................................................................... |
1-23 |
1.1.5 enable.......................................................................................................................... |
1-23 |
1.1.6 enable password.......................................................................................................... |
1-24 |
1.1.7 exec-timeout ................................................................................................................ |
1-24 |
1.1.8 end............................................................................................................................... |
1-25 |
1.1.9 exit ............................................................................................................................... |
1-25 |
1.1.10 help............................................................................................................................ |
1-26 |
1.1.11 hostname ................................................................................................................... |
1-27 |
1.1.12 ip host ........................................................................................................................ |
1-27 |
1.1.13 ipv6 host .................................................................................................................... |
1-28 |
1.1.14 ip http server.............................................................................................................. |
1-28 |
1.1.15 language.................................................................................................................... |
1-29 |
1.1.16 login ........................................................................................................................... |
1-29 |
1.1.17 password ................................................................................................................... |
1-30 |
1.1.18 reload......................................................................................................................... |
1-30 |
1.1.19 service password-encryption ..................................................................................... |
1-31 |
1.1.20 service terminal-length............................................................................................... |
1-31 |
1.1.21 sysContact ................................................................................................................. |
1-32 |
1.1.22 sysLocation................................................................................................................ |
1-32 |
1.1.23 set default .................................................................................................................. |
1-33 |
1.1.24 setup.......................................................................................................................... |
1-33 |
1.1.25 show clock ................................................................................................................. |
1-34 |
1.1.26 show temperature ...................................................................................................... |
1-34 |
1.1.27 show tech-support ..................................................................................................... |
1-35 |
1.1.28 show version.............................................................................................................. |
1-35 |
1.1.29 username................................................................................................................... |
1-35 |
1.1.30 web language ............................................................................................................ |
1-36 |
1.1.31 write ........................................................................................................................... |
1-37 |
1.2 COMMANDS FOR TELNET ............................................................................................ |
1-37 |
1.2.1 authentication ip access-class ..................................................................................... |
1-37 |
1.2.2 authentication ipv6 access-class ................................................................................. |
1-38 |
1.2.3 authentication line login ............................................................................................... |
1-38 |
1.2.4 authentication securityip .............................................................................................. |
1-39 |
1.2.5 authentication securityipv6........................................................................................... |
1-40 |
1.2.6 authentication .............................................................................................................. |
1-41 |
1.2.7 terminal length ............................................................................................................. |
1-42 |
1.2.8 terminal monitor ........................................................................................................... |
1-42 |
1.2.9 telnet............................................................................................................................ |
1-43 |
1.2.10 telnet server enable ................................................................................................... |
1-44 |
1.2.11 telnet-server max-connection..................................................................................... |
1-44 |
1.2.12 ssh-server authentication-retries................................................................................ |
1-45 |
1.2.13 ssh-server enable ...................................................................................................... |
1-45 |
1.2.14 ssh-server host-key create rsa................................................................................... |
1-46 |
1.2.15 ssh-server max-connection........................................................................................ |
1-46 |
1.2.16 ssh-server timeout ..................................................................................................... |
1-47 |
1.2.17 show ssh-server......................................................................................................... |
1-47 |
1.2.18 show telnet login ........................................................................................................ |
1-48 |
1.3 COMMANDS FOR CONFIGURING SWITCH IP.................................................................. |
1-48 |
1.3.1 interface vlan ............................................................................................................... |
1-48 |
1.3.2 ip address .................................................................................................................... |
1-49 |
1.3.3 ipv6 address ................................................................................................................ |
1-50 |
1.3.4 ip bootp-client enable................................................................................................... |
1-50 |
1.3.5 ip dhcp-client enable.................................................................................................... |
1-51 |
1.4 COMMANDS FOR SNMP ............................................................................................. |
1-52 |
1.4.1 debug snmp mib .......................................................................................................... |
1-52 |
1.4.2 debug snmp kernel ...................................................................................................... |
1-52 |
1.4.3 rmon enable................................................................................................................. |
1-53 |
1.4.4 show snmp................................................................................................................... |
1-53 |
1.4.5 show snmp engineid .................................................................................................... |
1-55 |
1.4.6 show snmp group ........................................................................................................ |
1-55 |
1.4.7 show snmp mib............................................................................................................ |
1-56 |
1.4.8 show snmp status ........................................................................................................ |
1-56 |
1.4.9 show snmp user........................................................................................................... |
1-57 |
1.4.10 show snmp view ........................................................................................................ |
1-57 |
1.4.11 snmp-server community............................................................................................. |
1-58 |
1.4.12 snmp-server enable ................................................................................................... |
1-59 |
1.4.13 snmp-server enable traps .......................................................................................... |
1-60 |
1.4.14 snmp-server engineid ................................................................................................ |
1-60 |
1.4.15 snmp-server group..................................................................................................... |
1-61 |
1.4.16 snmp-server host ....................................................................................................... |
1-62 |
1.4.17 snmp-server securityip............................................................................................... |
1-63 |
1.4.18 snmp-server securityip............................................................................................... |
1-64 |
1.4.19 snmp-server view....................................................................................................... |
1-64 |
1.4.20 snmp-server user....................................................................................................... |
1-65 |
1.5 COMMANDS FOR SWITCH UPGRADE ............................................................................ |
1-66 |
1.5.1 copy FTP ............................................................................................................... |
1-66 |
1.5.2 copy TFTP ............................................................................................................. |
1-67 |
1.5.3 ftp-dir............................................................................................................................ |
1-68 |
1.5.4 ftp-server enable.......................................................................................................... |
1-69 |
1.5.5 ftp-server timeout......................................................................................................... |
1-69 |
1.5.6 ip ftp............................................................................................................................. |
1-70 |
1.5.7 show ftp ....................................................................................................................... |
1-71 |
1.5.8 show tftp ...................................................................................................................... |
1-71 |
1.5.9 tftp-server enable......................................................................................................... |
1-72 |
1.5.10 tftp-server retransmission-number ............................................................................. |
1-72 |
1.5.11 tftp-server transmission-timeout................................................................................. |
1-73 |
CHAPTER 2 COMMANDS FOR CLUSTER.............................................. |
2-74 |
2.1 CLEAR CLUSTER NODES .............................................................................................. |
2-74 |
2.2 CLUSTER AUTO-ADD.................................................................................................... |
2-74 |
2.3 CLUSTER COMMANDER................................................................................................ |
2-75 |
2.4 CLUSTER IP-POOL ....................................................................................................... |
2-76 |
2.5 CLUSTER KEEPALIVE INTERVAL .................................................................................... |
2-76 |
2.6 CLUSTER KEEPALIVE LOSS-COUNT............................................................................... |
2-77 |
2.7 CLUSTER MEMBER ...................................................................................................... |
2-78 |
2.8 CLUSTER MEMBER AUTO-TO-USER............................................................................... |
2-79 |
2.9 CLUSTER RESET MEMBER............................................................................................ |
2-80 |
2.10 CLUSTER RUN........................................................................................................... |
2-80 |
2.11 CLUSTER UPDATE MEMBER........................................................................................ |
2-81 |
2.12 DEBUG CLUSTER....................................................................................................... |
2-82 |
2.13 DEBUG CLUSTER PACKETS ........................................................................................ |
2-83 |
2.14 SHOW CLUSTER ........................................................................................................ |
2-83 |
2.15 SHOW CLUSTER MEMBERS ........................................................................................ |
2-84 |
2.16 SHOW CLUSTER CANDIDATES .................................................................................... |
2-85 |
2.17 SHOW CLUSTER TOPOLOGY....................................................................................... |
2-86 |
2.18 RCOMMAND COMMANDER.......................................................................................... |
2-88 |
2.19 RCOMMAND MEMBER ................................................................................................ |
2-89 |
CHAPTER 3 COMMANDS FOR NETWORK PORT CONFIGURATION |
.. 3-90 |
3.1 COMMANDS FOR ETHERNET PORT CONFIGURATION ..................................................... |
3-90 |
3.1.1 bandwidth .................................................................................................................... |
3-90 |
3.1.2 combo-forced-mode..................................................................................................... |
3-91 |
3.1.3 clear counters interface................................................................................................ |
3-92 |
3.1.4 flow control................................................................................................................... |
3-93 |
3.1.5 interface ethernet......................................................................................................... |
3-93 |
3.1.6 loopback ...................................................................................................................... |
3-94 |
3.1.7 mdi............................................................................................................................... |
3-94 |
3.1.8 name............................................................................................................................ |
3-95 |
3.1.9 negotiation ................................................................................................................... |
3-96 |
3.1.10 port-scan-mode.......................................................................................................... |
3-96 |
3.1.11 rate-suppression ........................................................................................................ |
3-97 |
3.1.12 rate-violation .............................................................................................................. |
3-98 |
3.1.13 show interface............................................................................................................ |
3-99 |
3.1.14 shutdown ................................................................................................................. |
3-102 |
3.1.15 speed-duplex ........................................................................................................... |
3-103 |
CHAPTER 4 COMMANDS FOR PORT LOOPBACK DETECTION |
|
FUNCTION ...................................................................... |
4-105 |
4.1 LOOPBACK-DETECTION CONTROL .............................................................................. |
4-105 |
4.2 LOOPBACK-DETECTION SPECIFIED-VLAN.................................................................... |
4-106 |
4.3 LOOPBACK-DETECTION INTERVAL-TIME...................................................................... |
4-106 |
4.4 LOOPBACK-DETECTION CONTROL-RECOVERY TIMEOUT............................................... |
4-107 |
4.5 SHOW LOOPBACK-DETECTION ................................................................................... |
4-108 |
4.6 DEBUG LOOPBACK-DETECTION.................................................................................. |
4-108 |
CHAPTER 5 COMMANDS FOR PORT CHANNEL ................................. |
5-110 |
5.1 DEBUG LACP ............................................................................................................ |
5-110 |
5.2 INTERFACE PORT-CHANNEL ....................................................................................... |
5-110 |
5.3 PORT-GROUP............................................................................................................ |
5-111 |
5.4 PORT-GROUP MODE .................................................................................................. |
5-112 |
5.5 SHOW PORT-GROUP .................................................................................................. |
5-113 |
CHAPTER 6 COMMANDS FOR JUMBO................................................. |
6-117 |
6.1 JUMBO ENABLE ........................................................................................................ |
6-117 |
CHAPTER 7 VLAN CONFIGURATION.................................................... |
7-118 |
7.1 COMMANDS FOR VLAN CONFIGURATION .................................................................. |
7-118 |
7.1.1 debug gvrp.................................................................................................................. |
7-118 |
7.1.2 dot1q-tunnel enable .................................................................................................... |
7-118 |
7.1.3 dot1q-tunnel tpid ......................................................................................................... |
7-119 |
7.1.4 gvrp............................................................................................................................ |
7-120 |
7.1.5 garp timer hold........................................................................................................... |
7-121 |
7.1.6 garp timer join............................................................................................................ |
7-121 |
7.1.7 garp timer leave ......................................................................................................... |
7-122 |
7.1.8 garp timer leaveall ..................................................................................................... |
7-122 |
7.1.9 name.......................................................................................................................... |
7-123 |
7.1.10 private-vlan .............................................................................................................. |
7-124 |
7.1.11 private-vlan association............................................................................................ |
7-125 |
7.1.12 show dot1q-tunnel ................................................................................................... |
7-126 |
7.1.13 show garp ................................................................................................................ |
7-126 |
7.1.14 show gvrp ................................................................................................................ |
7-127 |
7.1.15 show vlan................................................................................................................. |
7-127 |
7.1.16 switchport access vlan............................................................................................. |
7-128 |
7.1.17 switchport interface.................................................................................................. |
7-129 |
7.1.18 switchport mode....................................................................................................... |
7-130 |
7.1.19 switchport trunk allowed vlan................................................................................... |
7-130 |
7.1.20 switchport trunk native vlan...................................................................................... |
7-131 |
7.1.21 vlan .......................................................................................................................... |
7-132 |
7.1.22 vlan ingress enable.................................................................................................. |
7-132 |
7.2 COMMANDS FOR DYNAMIC VLAN CONFIGURATION.................................................... |
7-133 |
7.2.1 dynamic-vlan mac-vlan prefer.................................................................................... |
7-133 |
7.2.2 dynamic-vlan subnet-vlan prefer................................................................................ |
7-134 |
7.2.3 mac-vlan .................................................................................................................... |
7-134 |
7.2.4 mac-vlan vlan............................................................................................................. |
7-135 |
7.2.5 protocol-vlan .............................................................................................................. |
7-135 |
7.2.6 show dynamic-vlan prefer.......................................................................................... |
7-136 |
7.2.7 show mac-vlan........................................................................................................... |
7-137 |
7.2.8 show mac-vlan interface ............................................................................................ |
7-137 |
7.2.9 show protocol-vlan..................................................................................................... |
7-138 |
7.2.10 show subnet-vlan..................................................................................................... |
7-138 |
7.2.11 show subnet-vlan interface ...................................................................................... |
7-139 |
7.2.12 subnet-vlan .............................................................................................................. |
7-139 |
7.2.13 switchport mac-vlan enable ..................................................................................... |
7-140 |
7.2.14 switchport subnet-vlan enable ................................................................................. |
7-141 |
7.3 COMMANDS FOR VOICE VLAN CONFIGURATION ........................................................ |
7-142 |
7.3.1 show voice-vlan ......................................................................................................... |
7-142 |
7.3.2 switchport voice-vlan enable...................................................................................... |
7-142 |
7.3.3 voice-vlan................................................................................................................... |
7-143 |
7.3.4 voice-vlan vlan........................................................................................................... |
7-144 |
CHAPTER 8 COMMANDS FOR MAC ADDRESS TABLE CONFIGURATION
......................................................................................... 8-145
8.1 COMMANDS FOR MAC ADDRESS TABLE CONFIGURATION .......................................... |
8-145 |
8.1.1 mac-address-table aging-time ................................................................................... |
8-145 |
8.1.2 mac-address-table static|blackhole............................................................................ |
8-145 |
8.1.3 show mac-address-table............................................................................................ |
8-146 |
8.2 COMMANDS FOR MAC ADDRESS BINDING CONFIGURATION......................................... |
8-147 |
8.2.1 clear port-security dynamic........................................................................................ |
8-147 |
8.2.2 show port-security...................................................................................................... |
8-148 |
8.2.3 show port-security address........................................................................................ |
8-149 |
8.2.4 show port-security interface....................................................................................... |
8-150 |
8.2.5 switchport port-security.............................................................................................. |
8-151 |
8.2.6 switchport port-security convert ................................................................................. |
8-151 |
8.2.7 switchport port-security lock....................................................................................... |
8-152 |
8.2.8 switchport port-security mac-address ........................................................................ |
8-152 |
8.2.9 switchport port-security maximum ............................................................................. |
8-153 |
8.2.10 switchport port-security timeout ............................................................................... |
8-153 |
8.2.11 switchport port-security violation .............................................................................. |
8-154 |
CHAPTER 9 COMMANDS FOR MSTP................................................... |
9-156 |
9.1 COMMANDS FOR MSTP............................................................................................ |
9-156 |
9.1.1 abort .......................................................................................................................... |
9-156 |
9.1.2 exit ............................................................................................................................. |
9-156 |
9.1.3 instance vlan.............................................................................................................. |
9-157 |
9.1.4 name.......................................................................................................................... |
9-157 |
9.1.5 revision-level.............................................................................................................. |
9-158 |
9.1.6 spanning-tree............................................................................................................. |
9-159 |
9.1.7 spanning-tree forward-time........................................................................................ |
9-159 |
9.1.8 spanning-tree hello-time ............................................................................................ |
9-160 |
9.1.9 spanning-tree link-type p2p........................................................................................ |
9-160 |
9.1.10 spanning-tree maxage ............................................................................................. |
9-161 |
9.1.11 spanning-tree max-hop ............................................................................................ |
9-162 |
9.1.12 spanning-tree mcheck.............................................................................................. |
9-162 |
9.1.13 spanning-tree mode................................................................................................. |
9-163 |
9.1.14 spanning-tree mst configuration............................................................................... |
9-164 |
9.1.15 spanning-tree mst cost............................................................................................. |
9-164 |
9.1.16 spanning-tree mst port-priority ................................................................................. |
9-165 |
9.1.17 spanning-tree mst priority ........................................................................................ |
9-166 |
9.1.18 spanning-tree mst rootguard.................................................................................... |
9-167 |
9.1.19 spanning-tree portfast.............................................................................................. |
9-167 |
9.1.20 spanning-tree priority ............................................................................................... |
9-168 |
9.1.21 spanning-tree format................................................................................................ |
9-169 |
9.1.22 spanning-tree digest-snooping................................................................................. |
9-170 |
9.1.23 spanning-tree tcflush (Global mode)........................................................................ |
9-170 |
9.1.24 spanning-tree tcflush (Port mode)............................................................................ |
9-171 |
9.2 COMMANDS FOR MONITOR AND DEBUG ..................................................................... |
9-172 |
9.2.1 show spanning-tree.................................................................................................... |
9-172 |
9.2.2 show spanning-tree mst config .................................................................................. |
9-175 |
9.2.3 show mst-pending...................................................................................................... |
9-175 |
9.2.4 debug spanning-tree.................................................................................................. |
9-176 |
CHAPTER 10 COMMANDS FOR QOS................................................. |
10-178 |
10.1 ACCOUNTING ........................................................................................................ |
10-178 |
10.2 CLASS.................................................................................................................. |
10-178 |
10.3 CLASS-MAP .......................................................................................................... |
10-179 |
10.4 CLASS MLS QOS STATISTICS .................................................................................. |
10-180 |
10.5 MATCH ................................................................................................................. |
10-180 |
10.6 MLS QOS COS ....................................................................................................... |
10-182 |
10.7 MLS QOS MAP ....................................................................................................... |
10-182 |
10.8 MLS QOS QUEUE ALGORITHM................................................................................. |
10-184 |
10.9 MLS QOS QUEUE WRR WEIGHT ............................................................................... |
10-184 |
10.10 MLS QOS QUEUE WDRR WEIGHT........................................................................... |
10-185 |
10.11 MLS QOS QUEUE BANDWIDTH............................................................................... |
10-186 |
10.12 MLS QOS TRUST.................................................................................................. |
10-187 |
10.13 POLICY............................................................................................................... |
10-187 |
10.14 POLICY AGGREGATE............................................................................................ |
10-189 |
10.15 POLICY-MAP ....................................................................................................... |
10-190 |
10.16 SET.................................................................................................................... |
10-191 |
10.17 SERVICE-POLICY INPUT ....................................................................................... |
10-192 |
10.18 SERVICE-POLICY INPUT VLAN............................................................................... |
10-192 |
10.19 SHOW CLASS-MAP .............................................................................................. |
10-193 |
10.20 SHOW POLICY-MAP ............................................................................................. |
10-194 |
10.21 SHOW MLS QOS INTERFACE ................................................................................. |
10-195 |
10.22 SHOW MLS QOS MAPS ......................................................................................... |
10-198 |
10.23 SHOW MLS QOS VLAN.......................................................................................... |
10-200 |
CHAPTER 11 COMMANDS FOR FLOW-BASED REDIRECTION ........ |
11-201 |
11.1 ACCESS-GROUP REDIRECT TO INTERFACE ETHERNET .............................................. |
11-201 |
11.2 SHOW FLOW-BASED-REDIRECT .............................................................................. |
11-201 |
CHAPTER 12 COMMANDS FOR LAYER 3 FORWARDING ................ |
12-203 |
12.1 COMMANDS FOR LAYER 3 INTERFACE.................................................................... |
12-203 |
12.1.1 interface vlan ......................................................................................................... |
12-203 |
12.1.2 ip address .............................................................................................................. |
12-203 |
12.1.3 ip default-gatway.................................................................................................... |
12-204 |
12.1.4 debug ip packet ..................................................................................................... |
12-205 |
12.1.5 show ip traffic......................................................................................................... |
12-205 |
12.1.6 show ip route ......................................................................................................... |
12-208 |
12.2 COMMANDS FOR IPV6 CONFIGURATION ................................................................. |
12-209 |
12.2.1 clear ipv6 neighbor ................................................................................................ |
12-209 |
12.2.2 debug ipv6 packet.................................................................................................. |
12-209 |
12.2.3 debug ipv6 icmp..................................................................................................... |
12-210 |
12.2.4 debug ipv6 nd ......................................................................................................... |
12-211 |
12.2.5 ipv6 default-gateway............................................................................................... |
12-211 |
12.2.6 ipv6 address .......................................................................................................... |
12-212 |
12.2.7 ipv6 redirect ........................................................................................................... |
12-213 |
12.2.8 ipv6 nd dad attempts.............................................................................................. |
12-213 |
12.2.9 ipv6 nd ns-interval.................................................................................................. |
12-214 |
12.2.10 ipv6 nd suppress-ra ............................................................................................. |
12-214 |
12.2.11 ipv6 nd ra-lifetime................................................................................................. |
12-215 |
12.2.12 ipv6 nd min-ra-interval ......................................................................................... |
12-216 |
12.2.13 ipv6 nd max-ra-interval ........................................................................................ |
12-216 |
12.2.14 ipv6 nd prefix ....................................................................................................... |
12-217 |
12.2.15 ipv6 neighbor ....................................................................................................... |
12-218 |
12.2.16 show ipv6 interface .............................................................................................. |
12-218 |
12.2.17 show ipv6 route.................................................................................................... |
12-220 |
12.2.18 show ipv6 neighbors ............................................................................................ |
12-221 |
12.2.19 show ipv6 traffic ................................................................................................... |
12-222 |
12.2.20 show ipv6 enable ................................................................................................. |
12-223 |
12.2.21 show ipv6 redirect................................................................................................ |
12-224 |
12.3 COMMANDS FOR ARP CONFIGURATION................................................................. |
12-224 |
12.3.1 arp ......................................................................................................................... |
12-224 |
12.3.2 clear arp-cache ...................................................................................................... |
12-225 |
12.3.3 debug arp............................................................................................................... |
12-225 |
12.3.4 show arp ................................................................................................................ |
12-226 |
12.3.5 show arp traffic ...................................................................................................... |
12-227 |
CHAPTER 13 COMMANDS FOR ARP SCANNING PREVENTION......... |
13-1 |
13.1 ANTI-ARPSCAN ENABLE............................................................................................. |
13-1 |
13.2 ANTI-ARPSCAN PORT-BASED THRESHOLD................................................................... |
13-1 |
13.3 ANTI-ARPSCAN IP-BASED THRESHOLD........................................................................ |
13-2 |
13.4 ANTI-ARPSCAN TRUST ............................................................................................... |
13-3 |
13.5 ANTI-ARPSCAN TRUST IP ........................................................................................... |
13-3 |
13.6 ANTI-ARPSCAN RECOVERY ENABLE............................................................................ |
13-4 |
13.7 ANTI-ARPSCAN RECOVERY TIME................................................................................. |
13-5 |
13.8 ANTI-ARPSCAN LOG ENABLE...................................................................................... |
13-5 |
13.9 ANTI-ARPSCAN TRAP ENABLE .................................................................................... |
13-6 |
13.10 SHOW ANTI-ARPSCAN.............................................................................................. |
13-6 |
13.11 DEBUG ANTI-ARPSCAN ............................................................................................ |
13-8 |
CHAPTER 14 COMMAND FOR ARP GUARD |
.......................................... 14-9 |
14.1 ARP-GUARD IP .......................................................................................................... |
14-9 |
CHAPTER 15 COMMANDS FOR DHCP ................................................ |
15-10 |
15.1 COMMANDS FOR DHCP SERVER CONFIGURATION ................................................... |
15-10 |
15.1.1 bootfile ..................................................................................................................... |
15-10 |
15.1.2 clear ip dhcp binding................................................................................................ |
15-10 |
15.1.3 clear ip dhcp conflict ................................................................................................. |
15-11 |
15.1.4 clear ip dhcp server statistics................................................................................... |
15-12 |
15.1.5 client-identifier.......................................................................................................... |
15-12 |
15.1.6 debug ip dhcp server ............................................................................................... |
15-13 |
15.1.7 default-router ........................................................................................................... |
15-13 |
15.1.8 dns-server................................................................................................................ |
15-14 |
15.1.9 domain-name........................................................................................................... |
15-14 |
15.1.10 hardware-address.................................................................................................. |
15-15 |
15.1.11 host ........................................................................................................................ |
15-16 |
15.1.12 ip dhcp conflict logging........................................................................................... |
15-17 |
15.1.13 ip dhcp excluded-address...................................................................................... |
15-17 |
15.1.14 ip dhcp pool ........................................................................................................... |
15-18 |
15.1.15 ip dhcp conflict ping-detection enable.................................................................... |
15-18 |
15.1.16 ip dhcp ping packets .............................................................................................. |
15-19 |
15.1.17 ip dhcp ping timeout............................................................................................... |
15-20 |
15.1.18 lease ...................................................................................................................... |
15-20 |
15.1.19 netbios-name-server.............................................................................................. |
15-21 |
15.1.20 netbios-node-type .................................................................................................. |
15-22 |
15.1.21 network-address .................................................................................................... |
15-22 |
15.1.22 next-server............................................................................................................. |
15-23 |
15.1.23 option..................................................................................................................... |
15-24 |
15.1.24 service dhcp........................................................................................................... |
15-24 |
15.1.25 show ip dhcp binding ............................................................................................. |
15-25 |
15.1.26 show ip dhcp conflict.............................................................................................. |
15-25 |
15.1.27 show ip dhcp server statistics ................................................................................ |
15-26 |
CHAPTER 16 COMMANDS FOR DHCP SNOOPING ............................ |
16-28 |
16.1 DEBUG IP DHCP SNOOPING PACKET INTERFACE ........................................................ |
16-28 |
16.2 DEBUG IP DHCP SNOOPING PACKET.......................................................................... |
16-28 |
16.3 DEBUG IP DHCP SNOOPING UPDATE.......................................................................... |
16-29 |
16.4 DEBUG IP DHCP SNOOPING EVENT............................................................................ |
16-29 |
16.5 DEBUG IP DHCP SNOOPING BINDING ......................................................................... |
16-29 |
16.6 IP DHCP SNOOPING ................................................................................................. |
16-30 |
16.7 IP DHCP SNOOPING BINDING .................................................................................... |
16-30 |
16.8 IP DHCP SNOOPING BINDING USER............................................................................ |
16-31 |
16.9 IP DHCP SNOOPING BINDING ARP.............................................................................. |
16-32 |
16.10 IP DHCP SNOOPING BINDING DOT1X........................................................................ |
16-33 |
16.11 IP DHCP SNOOPING BINDING USER-CONTROL .......................................................... |
16-33 |
16.12 IP DHCP SNOOPING BINDING USER-CONTROL MAX-USER.......................................... |
16-34 |
16.13 IP DHCP SNOOPING TRUST ..................................................................................... |
16-35 |
16.14 IP DHCP SNOOPING ACTION.................................................................................... |
16-35 |
16.15 IP DHCP SNOOPING ACTION MAXNUM..................................................................... |
16-36 |
16.16 IP DHCP SNOOPING LIMIT-RATE .............................................................................. |
16-37 |
16.17 IP DHCP SNOOPING INFORMATION ENABLE.............................................................. |
16-37 |
16.18 IP DHCP SNOOPING OPTION82 ENABLE................................................................... |
16-38 |
16.19 ENABLE TRUSTVIEW KEY ....................................................................................... |
16-39 |
16.20 IP USER PRIVATE PACKET VERSION TWO ................................................................. |
16-40 |
16.21 IP USER HELPER-ADDRESS .................................................................................... |
16-40 |
16.22 SHOW TRUSTVIEW STATUS..................................................................................... |
16-41 |
16.23 SHOW IP DHCP SNOOPING...................................................................................... |
16-42 |
16.24 SHOW IP DHCP SNOOPING BINDING ALL .................................................................. |
16-45 |
CHAPTER 17 COMMANDS FOR DHCP SNOOPING OPTION 82......... |
17-47 |
17.1 IP DHCP SNOOPING INFORMATION ENABLE................................................................ |
17-47 |
CHAPTER 18 IPV4 MULTICAST PROTOCOL ....................................... |
18-48 |
18.1 COMMANDS FOR DCSCM....................................................................................... |
18-48 |
18.1.1 access-list (Multicast Destination Control) ............................................................... |
18-48 |
18.1.2 access-list (Multicast Source Control)...................................................................... |
18-49 |
18.1.3 ip multicast destination-control access-group .......................................................... |
18-50 |
18.1.4 ip multicast destination-control access-group (sip) .................................................. |
18-50 |
18.1.5 ip multicast destination-control access-group (vmac) .............................................. |
18-51 |
18.1.6 ip multicast policy..................................................................................................... |
18-52 |
18.1.7 ip multicast source-control ....................................................................................... |
18-52 |
18.1.8 ip multicast source-control access-group................................................................. |
18-53 |
18.1.9 multicast destination-control .................................................................................... |
18-54 |
18.1.10 show ip multicast destination-control ..................................................................... |
18-54 |
18.1.11 show ip multicast destination-control access-list.................................................... |
18-55 |
18.1.12 show ip multicast policy ......................................................................................... |
18-55 |
18.1.13 show ip multicast source-control............................................................................ |
18-56 |
18.1.14 show ip multicast source-control access-list .......................................................... |
18-57 |
18.2 COMMANDS FOR IGMP SNOOPING.......................................................................... |
18-57 |
18.2.1 clear ip igmp snooping vlan ..................................................................................... |
18-57 |
18.2.2 clear ip igmp snooping vlan <1-4094> mrouter-port ................................................ |
18-58 |
18.2.3 debug igmp snooping all/packet/event/timer/mfc ..................................................... |
18-58 |
18.2.4 ip igmp snooping...................................................................................................... |
18-59 |
18.2.5 ip igmp snooping vlan .............................................................................................. |
18-59 |
18.2.6 ip igmp snooping vlan immediate-leave................................................................... |
18-60 |
18.2.7 ip igmp snooping vlan l2-general-querier................................................................. |
18-60 |
18.2.8 ip igmp snooping vlan l2-general-querier-source ..................................................... |
18-61 |
18.2.9 ip igmp snooping vlan l2-general-querier-version .................................................... |
18-62 |
18.2.10 ip igmp snooping vlan limit..................................................................................... |
18-62 |
18.2.11 ip igmp snooping vlan mrouter-port interface ......................................................... |
18-63 |
18.2.12 ip igmp snooping vlan mrpt.................................................................................... |
18-64 |
18.2.13 ip igmp snooping vlan query-interval...................................................................... |
18-64 |
18.2.14 ip igmp snooping vlan query-mrsp ......................................................................... |
18-65 |
18.2.15 ip igmp snooping vlan query-robustness................................................................ |
18-65 |
18.2.16 ip igmp snooping vlan report source-address ........................................................ |
18-66 |
18.2.17 ip igmp snooping vlan static-group......................................................................... |
18-66 |
18.2.18 ip igmp snooping vlan suppression-query-time...................................................... |
18-67 |
18.2.19 show ip igmp snooping .......................................................................................... |
18-68 |
CHAPTER 19 IPV6 MULTICAST PROTOCOL ....................................... |
19-70 |
19.1 COMMANDS FOR MLD SNOOPING CONFIGURATION.................................................. |
19-70 |
19.1.1 clear ipv6 mld snooping vlan.................................................................................... |
19-70 |
19.1.2 clear ipv6 mld snooping vlan <1-4094> mrouter-port............................................... |
19-70 |
19.1.3 debug mld snooping all/packet/event/timer/mfc ....................................................... |
19-71 |
19.1.4 ipv6 mld snooping.................................................................................................... |
19-71 |
19.1.5 ipv6 mld snooping vlan ............................................................................................ |
19-72 |
19.1.6 ipv6 mld snooping vlan immediate-leave ................................................................. |
19-73 |
19.1.7 ipv6 mld snooping vlan l2-general-querier ............................................................... |
19-73 |
19.1.8 ipv6 mld snooping vlan limit..................................................................................... |
19-74 |
19.1.9 ipv6 mld snooping vlan mrouter-port interface......................................................... |
19-75 |
19.1.10 ipv6 mld snooping vlan mrpt .................................................................................. |
19-75 |
19.1.11 ipv6 mld snooping vlan query-interval.................................................................... |
19-76 |
19.1.12 ipv6 mld snooping vlan query-mrsp ....................................................................... |
19-76 |
19.1.13 ipv6 mld snooping vlan query-robustness.............................................................. |
19-77 |
19.1.14 ipv6 mld snooping vlan static-group....................................................................... |
19-78 |
19.1.15 ipv6 mld snooping vlan static-group....................................................................... |
19-78 |
19.1.16 show ipv6 mld snooping......................................................................................... |
19-79 |
CHAPTER 20 COMMANDS FOR MULTICAST VLAN ........................... |
20-82 |
20.1 MULTICAST-VLAN .................................................................................................... |
20-82 |
20.2 MULTICAST-VLAN ASSOCIATION ............................................................................... |
20-82 |
CHAPTER 21 COMMANDS FOR ACL ................................................... |
21-84 |
21.1 ABSOLUTE-PERIODIC/PERIODIC................................................................................ |
21-84 |
21.2 ABSOLUTE START ................................................................................................... |
21-85 |
21.3 ACCESS-LIST (IP EXTENDED).................................................................................... |
21-86 |
21.4 ACCESS-LIST (IP STANDARD) ................................................................................... |
21-88 |
21.5 ACCESS-LIST(MAC EXTENDED) ................................................................................ |
21-88 |
21.6 ACCESS-LIST(MAC-IP EXTENDED)............................................................................. |
21-89 |
21.7 ACCESS-LIST(MAC STANDARD) ................................................................................ |
21-92 |
21.8 CLEAR ACCESS-GROUP STATISTIC INTERFACE .......................................................... |
21-93 |
21.9 FIREWALL............................................................................................................... |
21-93 |
21.10 FIREWALL DEFAULT............................................................................................... |
21-94 |
21.11 IP ACCESS EXTENDED............................................................................................ |
21-94 |
21.12 IP ACCESS STANDARD ........................................................................................... |
21-95 |
21.13 IPV6 ACCESS-LIST................................................................................................. |
21-96 |
21.14 IPV6 ACCESS STANDARD ....................................................................................... |
21-96 |
21.15 {IP|IPV6|MAC|MAC-IP} ACCESS-GROUP................................................................... |
21-97 |
21.16 MAC ACCESS EXTENDED........................................................................................ |
21-98 |
21.17 MAC-IP ACCESS EXTENDED.................................................................................... |
21-99 |
21.18 PERMIT | DENY (IP EXTENDED) ............................................................................... |
21-99 |
21.19 PERMIT | DENY(IP STANDARD) .............................................................................. |
21-101 |
21.20 PERMIT | DENY(IPV6 STANDARD) .......................................................................... |
21-101 |
21.21 PERMIT | DENY(MAC EXTENDED) .......................................................................... |
21-102 |
21.22 PERMIT | DENY(MAC-IP EXTENDED) ...................................................................... |
21-104 |
21.23 SHOW ACCESS-LISTS .......................................................................................... |
21-106 |
21.24 SHOW ACCESS-GROUP........................................................................................ |
21-107 |
21.25 SHOW FIREWALL ................................................................................................. |
21-108 |
21.26 SHOW IPV6 ACCESS-LISTS................................................................................... |
21-108 |
21.27 SHOW TIME-RANGE ............................................................................................. |
21-109 |
21.28 TIME-RANGE ....................................................................................................... |
21-110 |
CHAPTER 22 COMMANDS FOR 802.1X .............................................. |
22-111 |
22.1 DEBUG DOT1X DETAIL ........................................................................................... |
22-111 |
22.2 DEBUG DOT1X ERROR ........................................................................................... |
22-111 |
22.3 DEBUG DOT1X FSM ............................................................................................... |
22-112 |
22.4 DEBUG DOT1X PACKET.......................................................................................... |
22-113 |
22.5 DOT1X ACCEPT-MAC ............................................................................................. |
22-113 |
22.6 DOT1X EAPOR ENABLE.......................................................................................... |
22-114 |
22.7 DOT1X ENABLE..................................................................................................... |
22-115 |
22.8 DOT1X IPV6 PASSTHROUGH................................................................................... |
22-115 |
22.9 DOT1X GUEST-VLAN.............................................................................................. |
22-116 |
22.10 DOT1X MACFILTER ENABLE ................................................................................. |
22-117 |
22.11 DOT1X MAX-REQ ................................................................................................. |
22-118 |
22.12 DOT1X USER FREE-RESOURCE ............................................................................ |
22-118 |
22.13 DOT1X MAX-USER MACBASED ............................................................................. |
22-119 |
22.14 DOT1X MAX-USER USERBASED ............................................................................ |
22-120 |
22.15 DOT1X PORT-CONTROL ....................................................................................... |
22-120 |
22.16 DOT1X PORT-METHOD ......................................................................................... |
22-121 |
22.17 DOT1X PRIVATECLIENT ENABLE ........................................................................... |
22-122 |
22.18 DOT1X RE-AUTHENTICATE ................................................................................... |
22-123 |
22.19 DOT1X RE-AUTHENTICATION ................................................................................ |
22-123 |
22.20 DOT1X TIMEOUT QUIET-PERIOD............................................................................ |
22-124 |
22.21 DOT1X TIMEOUT RE-AUTHPERIOD ........................................................................ |
22-124 |
22.22 DOT1X TIMEOUT TX-PERIOD................................................................................. |
22-125 |
22.23 DOT1X UNICAST ENABLE ..................................................................................... |
22-126 |
22.24 DOT1X WEB AUTHENTICATION ENABLE ................................................................. |
22-126 |
22.25 DOT1X WEB AUTHENTICATION IPV6 PASSTHROUGH ............................................... |
22-127 |
22.26 DOT1X WEB REDIRECT ........................................................................................ |
22-127 |
22.27 DOT1X WEB REDIRECT ENABLE............................................................................ |
22-128 |
22.28 SHOW DOT1X...................................................................................................... |
22-129 |
CHAPTER 23 COMMANDS FOR THE NUMBER LIMITATION FUNCTION
OF PORT, MAC IN VLAN AND IP................................. |
23-132 |
23.1 SWITCHPORT MAC-ADDRESS DYNAMIC MAXIMUM .................................................... |
23-132 |
23.2 VLAN MAC-ADDRESS DYNAMIC MAXIMUM................................................................ |
23-133 |
23.3 MAC-ADDRESS QUERY TIMEOUT............................................................................. |
23-134 |
23.4 SHOW MAC-ADDRESS DYNAMIC COUNT .................................................................. |
23-134 |
23.5 DEBUG SWITCHPORT MAC COUNT .......................................................................... |
23-135 |
23.6 DEBUG VLAN MAC COUNT...................................................................................... |
23-136 |
CHAPTER 24 COMMANDS FOR AM CONFIGURATION .................... |
24-137 |
24.1 AM ENABLE .......................................................................................................... |
24-137 |
24.2 AM PORT .............................................................................................................. |
24-137 |
24.3 AM IP-POOL .......................................................................................................... |
24-138 |
24.4 AM MAC-IP-POOL .................................................................................................. |
24-138 |
24.5 NO AM ALL............................................................................................................ |
24-139 |
24.6 SHOW AM ............................................................................................................. |
24-139 |
CHAPTER 25 COMMANDS FOR SECURITY FEATURE ..................... |
25-141 |
25.1 DOSATTACK-CHECK SRCIP-EQUAL-DSTIP ENABLE ................................................... |
25-141 |
25.2 DOSATTACK-CHECK IPV4-FIRST-FRAGMENT ENABLE ............................................... |
25-141 |
25.3 DOSATTACK-CHECK TCP-FLAGS ENABLE ................................................................ |
25-142 |
25.4 DOSATTACK-CHECK SRCPORT-EQUAL-DSTPORT ENABLE ........................................ |
25-142 |
25.5 DOSATTACK-CHECK TCP-FRAGMENT ENABLE ......................................................... |
25-143 |
25.6 DOSATTACK-CHECK TCP-SEGMENT ........................................................................ |
25-143 |
25.7 DOSATTACK-CHECK ICMP-ATTACKING ENABLE........................................................ |
25-144 |
25.8 DOSATTACK-CHECK ICMPV4-SIZE........................................................................... |
25-145 |
25.9 DOSATTACK-CHECK ICMPV6-SIZE........................................................................... |
25-145 |
CHAPTER 26 COMMANDS FOR TACACS+........................................ |
26-146 |
26.1 TACACS-SERVER AUTHENTICATION HOST................................................................ |
26-146 |
26.2 TACACS-SERVER KEY............................................................................................ |
26-147 |
26.3 TACACS-SERVER NAS-IPV4.................................................................................... |
26-147 |
26.4 TACACS-SERVER TIMEOUT..................................................................................... |
26-148 |
26.5 DEBUG TACACS-SERVER ....................................................................................... |
26-149 |
CHAPTER 27 COMMANDS FOR RADIUS............................................... |
27-1 |
27.1 AAA ENABLE............................................................................................................. |
27-1 |
27.2 AAA-ACCOUNTING ENABLE........................................................................................ |
27-1 |
27.3 AAA-ACCOUNTING UPDATE ........................................................................................ |
27-2 |
27.4 DEBUG AAA PACKET.................................................................................................. |
27-2 |
27.5 DEBUG AAA DETAIL ATTRIBUTE .................................................................................. |
27-3 |
27.6 DEBUG AAA DETAIL CONNECTION ............................................................................... |
27-4 |
27.7 DEBUG AAA DETAIL EVENT......................................................................................... |
27-4 |
27.8 DEBUG AAA ERROR ................................................................................................... |
27-5 |
27.9 RADIUS NAS-IPV4...................................................................................................... |
27-5 |
27.10 RADIUS NAS-IPV6.................................................................................................... |
27-6 |
27.11 RADIUS-SERVER ACCOUNTING HOST ........................................................................ |
27-7 |
27.12 RADIUS-SERVER AUTHENTICATION HOST .................................................................. |
27-8 |
27.13 RADIUS-SERVER DEAD-TIME .................................................................................... |
27-9 |
27.14 RADIUS-SERVER KEY............................................................................................. |
27-10 |
27.15 RADIUS-SERVER RETRANSMIT................................................................................ |
27-10 |
27.16 RADIUS-SERVER TIMEOUT...................................................................................... |
27-11 |
27.17 RADIUS-SERVER ACCOUNTING-INTERIM-UPDATE TIMEOUT ....................................... |
27-12 |
27.18 SHOW AAA AUTHENTICATED-USER ......................................................................... |
27-13 |
27.19 SHOW AAA AUTHENTICATING-USER ........................................................................ |
27-13 |
27.20 SHOW AAA CONFIG................................................................................................ |
27-14 |
27.21 SHOW RADIUS COUNT............................................................................................ |
27-15 |
CHAPTER 28 COMMANDS FOR MRPP ................................................ |
28-16 |
28.1 CONTROL-VLAN ...................................................................................................... |
28-16 |
28.2 CLEAR MRPP STATISTICS ......................................................................................... |
28-17 |
28.3 DEBUG MRPP.......................................................................................................... |
28-17 |
28.4 ENABLE.................................................................................................................. |
28-18 |
28.5 FAIL-TIMER ............................................................................................................. |
28-19 |
28.6 HELLO-TIMER.......................................................................................................... |
28-19 |
28.7 MRPP ENABLE......................................................................................................... |
28-20 |
28.8 MRPP RING ............................................................................................................. |
28-21 |
28.9 MRPP RING PRIMARY-PORT ...................................................................................... |
28-21 |
28.10 MRPP RING SECONDARY-PORT............................................................................... |
28-22 |
28.11 NODE-MODE ......................................................................................................... |
28-22 |
28.12 SHOW MRPP ......................................................................................................... |
28-23 |
28.13 SHOW MRPP STATISTICS ........................................................................................ |
28-23 |
CHAPTER 29 COMMANDS FOR MIRRORING CONFIGURATION....... |
29-24 |
29.1 MONITOR SESSION SOURCE INTERFACE.................................................................... |
29-24 |
29.2 MONITOR SESSION SOURCE INTERFACE ACCESS-LIST................................................ |
29-25 |
29.3 MONITOR SESSION DESTINATION INTERFACE............................................................. |
29-26 |
29.4 SHOW MONITOR ...................................................................................................... |
29-27 |
CHAPTER 30 COMMANDS FOR SFLOW.............................................. |
30-27 |
30.1 SFLOW DESTINATION............................................................................................... |
30-27 |
30.2 SFLOW AGENT-ADDRESS ......................................................................................... |
30-28 |
30.3 SFLOW PRIORITY..................................................................................................... |
30-29 |
30.4 SFLOW HEADER-LEN ............................................................................................... |
30-29 |
30.5 SFLOW DATA-LEN.................................................................................................... |
30-30 |
30.6 SFLOW COUNTER-INTERVAL..................................................................................... |
30-30 |
30.7 SFLOW RATE........................................................................................................... |
30-31 |
30.8 SHOW SFLOW ......................................................................................................... |
30-32 |
CHAPTER 31 COMMANDS FOR SNTP ................................................. |
31-33 |
31.1 DEBUG SNTP........................................................................................................... |
31-33 |
31.2 SNTP SERVER ......................................................................................................... |
31-34 |
31.3 SNTP POLLTIME....................................................................................................... |
31-35 |
31.4 SNTP TIMEZONE ...................................................................................................... |
31-35 |
31.5 SHOW SNTP ............................................................................................................ |
31-36 |
CHAPTER 32 COMMANDS FOR SHOW ............................................... |
32-37 |
32.1 CLEAR LOGGING ..................................................................................................... |
32-37 |
32.2 LOGGING................................................................................................................ |
32-37 |
32.3 LOGGING LOGHOST SEQUENCE-NUMBER.................................................................. |
32-38 |
32.4 PING ...................................................................................................................... |
32-39 |
32.5 PING6 .................................................................................................................... |
32-41 |
32.6 SHOW DEBUGGING.................................................................................................. |
32-43 |
32.7 SHOW FLASH .......................................................................................................... |
32-43 |
32.8 SHOW HISTORY ....................................................................................................... |
32-44 |
32.9 SHOW LOGGING BUFFERED ..................................................................................... |
32-44 |
32.10 SHOW MEMORY..................................................................................................... |
32-45 |
32.11 SHOW RUNNING-CONFIG ........................................................................................ |
32-46 |
32.12 SHOW STARTUP-CONFIG........................................................................................ |
32-46 |
32.13 SHOW SWITCHPORT INTERFACE ............................................................................. |
32-47 |
32.14 SHOW TCP ............................................................................................................ |
32-48 |
32.15 SHOW TELNET LOGIN ............................................................................................ |
32-48 |
32.16 SHOW TECH-SUPPORT........................................................................................... |
32-49 |
32.17 SHOW UDP............................................................................................................ |
32-49 |
32.18 SHOW VERSION..................................................................................................... |
32-50 |
32.19 TRACEROUTE ....................................................................................................... |
32-50 |
32.20 TRACEROUTE6 ..................................................................................................... |
32-51 |
CHAPTER 33 COMMANDS FOR RELOAD SWITCH AFTER SPECIFIED
TIME .................................................................................. |
33-1 |
33.1 RELOAD AFTER ......................................................................................................... |
33-1 |
33.2 RELOAD CANCEL ...................................................................................................... |
33-1 |
33.3 SHOW RELOAD.......................................................................................................... |
33-2 |
CHAPTER 34 COMMANDS FOR DEBUGGING AND DIAGNOSIS FOR |
|
PACKETS RECEIVED AND SENT BY CPU ..................... |
34-1 |
34.1 CPU-RX-RATELIMIT TOTAL.......................................................................................... |
34-1 |
34.2 CPU-RX-RATELIMIT QUEUE-LENGTH............................................................................ |
34-1 |
34.3 CPU-RX-RATELIMIT PROTOCOL................................................................................... |
34-2 |
34.4 CLEAR CPU-RX-STAT PROTOCOL ................................................................................ |
34-3 |
34.5 SHOW CPU-RX PROTOCOL ......................................................................................... |
34-3 |
34.6 DEBUG DRIVER ......................................................................................................... |
34-4 |
Chapter 1 Commands for
Basic Switch Configuration
Command:
authentication line {console | vty | web} login {local | radius | tacos} No authentication line {console | vty | web} login
Function:
Configure VTY (login with Telnet and SSH), Web and Console, so as to select the priority of the authentication mode for the login user. The no form command restores the default authentication mode.
Default:
No configuration is enabled for the console login method by default. Local authentication is enabled for the VTY and Web login method by default.
Command Mode:
Global Mode.
Usage Guide:
The authentication method for Console, VTY and Web login can be configured respectively. And authentication method can be any one or combination of Local, RADIUS or TACCACS. When login method is configuration in combination, the preference goes from left to right. If the users have passed the authentication method, authentication method of lower preferences will be ignored. To be mentioned, if the user receives correspond protocol’s answer whether refuse or incept, it will not attempt the next authentication method (Exception: if the local authentication method failed, it will attempt the next authentication method); it will attempt the next authentication method if it receives nothing. And AAA function RADIUS server should be configured before the RADIUS configuration method can be used. And TACACS server should be configured before the TACACS configuration method can be used.
The authentication line console login command is exclusive with the login command. The authentication line console login command configures the switch to use the Console login method. And the login command makes the Console login to use the passwords configured by the password command for authentication.
If local authentication is configured while no local users are configured, users will be able to login the switch via the Console method.
Example:
To configure the Telnet and ssh login method to use RADIUS authentication method.
Switch(config)# authentication line vty login local radius
Relative Command:
aaa enable, radius-server authentication host, tacacs-server authentication host, tacacs-server key
Command:
clock set <HH:MM:SS> <YYYY.MM.DD>
Function:
Set system date and time.
Parameter:
<HH:MM:SS>is the current time, and the valid scope for HH is 0 to 23, MM and SS 0 to 59; <YYYY.MM.DD> is the current year, month and date, and the valid scope for YYYY is 1970~2038, MON meaning month, and DD between 1 to 31.
Command mode:
Admin Mode.
Default:
upon first time start-up, it is defaulted to 2001.1.1 0: 0: 0.
Usage guide:
The switch can not continue timing with power off, hence the current date and time must be first set at environments where exact time is required.
Example:
To set the switch current date and time to 2002.8.1 23: 0: 0:
Switch#clock set 23:0:0 2002.8.1
Command:
config [terminal]
Function:
Enter Global Mode from Admin Mode.
Parameter:
[terminal] indicates terminal configuration.
Command mode:
Admin Mode.
Example:
Switch#config
Command:
debug ssh-server no debug ssh-server
Function:
Display SSH server debugging information; the “no debug ssh-server” command stops displaying SSH server debugging information.
Default:
This function is disabled by default.
Command mode:
Admin Mode.
Example:
Switch#debug ssh-server
Command:
enable
disable
Function:
Enter Admin Mode from User Mode.
Command mode:
User Mode/ Admin Mode.
Usage Guide:
To prevent unauthorized access of non-admin user, user authentication is required (i.e. Admin user password is required) when entering Admin Mode from User Mode. If the correct Admin user password is entered, Admin Mode access is granted; if 3 consecutive entry of Admin user password are all wrong, it remains in the User Mode. Set the Admin user password under Global Mode with “enable password” command.
Example:
Switch>enable
Switch#
Command:
enable password [0|7] <password>
no enable password
Function:
Configure the password used for enter Admin Mode from the User Mode. The “no enable password” command deletes this password.
Parameter:
password is the password for the user. If input option 0 on password setting, the password is not encrypted; if input option 7, the password is encrypted.
Command mode:
Global Mode
Default:
This password is empty by system default
Usage Guide:
Configure this password to prevent unauthorized entering Admin Mode. It is recommended to set the password at the initial switch configuration. Also, it is recommended to exit Admin Mode with “exit” command when the administrator needs to leave the terminal for a long time.
Example:
Set the Admin user password to “admin”.
Switch(config)# enable password 0 admin
Command:
exec-timeout <minutes> [<seconds>] no exec-timeout
Function:
Configure the timeout of exiting admin mode. The “no exec-timeout” command restores the default
value.
Parameters:
<minute> is the time value shown in minute and ranges between 0~35791.<seconds> is the time value shown in seconds and ranges between 0~2147483.
Command mode:
Global mode
Default:
Default timeout is 10 minutes.
Usage guide:
To secure the switch, as well to prevent malicious actions from unauthorized user, the time will be count from the last configuration the admin had made, and the system will exit the admin mode at due time. It is required to enter admin code and password to enter the admin mode again. The timeout timer will be disabled when the timeout is set to 0.
Example:
Set the admin mode timeout value to 6 minutes
Switch(config)#exec-timeout 6
Set the admin mode timeout value to 5 minutes, 30 seconds
Switch(config)#exec-timeout 5 30
1.1.8 end
Command:
end
Function:
Quit current mode and return to Admin mode when not at User Mode/ Admin Mode.
Command mode:
Except User Mode/ Admin Mode
Example:
Quit VLAN mode and return to Admin mode.
Switch(config-vlan1)#end
Switch#
Command:
exit
Function:
Quit current mode and return to it’s previous mode.
Command mode:
All Modes
Usage Guide:
This command is to quit current mode and return to it’s previous mode.
Example:
Quit global mode to it’s previous mode
Switch#exit
Switch#
Command:
help
Function:
Output brief description of the command interpreter help system.
Command mode:
All configuration modes.
Usage Guide:
An instant online help provided by the switch. Help command displays information about the whole help system, including complete help and partial help. The user can type in ? any time to get online help.
Example:
switch(config)#help
PLANETOS CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options.
Two styles of help are provided:
1.Full help is available when you are ready to enter acommand argument (e.g. 'show ?') and describes each possible argument.
2.Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input (e.g. 'show ve?'.)
Command:
hostname <hostname>
no hostname
Function:
Set the prompt in the switch command line interface. The no operation cancels the configuration.
Parameter:
<hostname> is the string for the prompt, up to 30 characters are allowed.
Command mode:
Global Mode
Default:
The default prompt is relatived with the switch.
Usage Guide:
With this command, the user can set the CLI prompt of the switch according to their own requirements.
Example:
Set the prompt to “Test”.
Switch(config)#hostname Test
Test(config)#
Command:
ip host <hostname> <ip_addr>
no ip host {<hostname>|all}
Function:
Set the mapping relationship between the host and IP address; the “no ip host” parameter of this command will delete the mapping.
Parameter:
<hostname> is the host name, up to 15 characters are allowed;
<ip_addr> is the corresponding IP address for the host name, takes a dot decimal format; all is all of the host name.
Command mode:
Global Mode
Usage Guide:
Set the association between host and IP address, which can be used in commands like “ping
<host>“.
Example:
Set IP address of a host with the hostname of “beijing” to 200.121.1.1.
Switch(config)#ip host beijing 200.121.1.1
Command related:
telnet, ping, traceroute
Command:
ipv6 host <hostname> <ipv6_addr> no ipv6 host {<hostname>|all}
Function:
Configure the mapping relationship between the IPv6 address and the host; the “no ipv6 host
<hostname>” command deletes this mapping relationship.
Parameter:
<hostname> is the name of the host, containing max 15 characters;
<ipv6_addr> is the IPv6 address corresponding to the host name.<all> is all the host address.
Command Mode:
Global Mode
Usage Guide:
Configure a fixed corresponding relationship between the host and the IPv6 address, applicable in commands such as “traceroute6 <host>”, etc.
Example:
Set the IPv6 address of the host named beijing to 2001:1:2:3::1
Switch(config)#ipv6 host beijing 2001:1:2:3::1
Command related: ping6,traceroute6
Command:
ip http server no ip http server
Function:
Enable Web configuration; the “no ip http server” command disables Web configuration
Command mode:
Global mode
Usage guide:
Web configuation is for supplying a interface configured with HTTP for the user, which is straight and visual, esay to understand.
Example:
Enable Web Server function and enable Web configurations.
Switch(config)#ip http server
Command:
language {chinese | english}
Function:
Set the language for displaying the help information.
Parameter:
chinese for Chinese display; english for English display.
Command mode:
Admin and Config Mode.
Default:
The default setting is English display.
Usage Guide:
Switch provides help information in two languages, the user can select the language according to their preference. After the system restart, the help information display will revert to English.
Command:
login
no login
Function:
login enable password authentication, no login command cancels the login configuration.
Command mode:
Global mode
Default: