Siemens RUGGEDCOM ROX II, RX1500, RX1512, RX1501, RX1510 User Manual

Preface

RUGGEDCOM ROX II
v2.9

CLI User Guide

Introduction

Using RUGGEDCOM ROX II

Device Management

System Administration

Setup and Configuration

Troubleshooting

1

2

3

4

5

6

For RX1500, RX1501, RX1510, RX1511, RX1512

01/2016

RC1243-EN-02

RUGGEDCOM ROX II

CLI User Guide

Copyright © 2016 Siemens Canada Ltd.

All rights reserved. Dissemination or reproduction of this document, or evaluation and communication of its contents, is not authorized
except where expressly permitted. Violations are liable for damages. All rights reserved, particularly for the purposes of patent application or
trademark registration.

This document contains proprietary information, which is protected by copyright. All rights are reserved. No part of this document may be
photocopied, reproduced or translated to another language without the prior written consent of Siemens Canada Ltd..

Disclaimer Of Liability

Siemens has verified the contents of this document against the hardware and/or software described. However, deviations between the
product and the documentation may exist.

Siemens shall not be liable for any errors or omissions contained herein or for consequential damages in connection with the furnishing,
performance, or use of this material.

The information given in this document is reviewed regularly and any necessary corrections will be included in subsequent editions. We
appreciate any suggested improvements. We reserve the right to make technical improvements without notice.

Registered Trademarks

RUGGEDCOM™ and ROS™ are trademarks of Siemens Canada Ltd..

Linux® is the registered trademark of Linus Torvalds in the United States and other countries.

The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a
world-wide basis.

Other designations in this manual might be trademarks whose use by third parties for their own purposes would infringe the rights of the
owner.

Open Source

RUGGEDCOM ROX II is based on Linux®. Linux® is made available under the terms of the GNU General Public License Version 2.0 [http://
www.gnu.org/licenses/gpl-2.0.html].

RUGGEDCOM ROX II contains additional Open Source Software. For license conditions, refer to the associated License Conditions
document.

Security Information

Siemens provides products and solutions with industrial security functions that support the secure operation of plants, machines, equipment
and/or networks. They are important components in a holistic industrial security concept. With this in mind, Siemens' products and solutions
undergo continuous development. Siemens recommends strongly that you regularly check for product updates.

For the secure operation of Siemens products and solutions, it is necessary to take suitable preventive action (e.g. cell protection concept)
and integrate each component into a holistic, state-of-the-art industrial security concept. Third-party products that may be in use should also
be considered. For more information about industrial security, visit http://www.siemens.com/industrialsecurity.

To stay informed about product updates as they occur, sign up for a product-specific newsletter. For more information, visit http://

support.automation.siemens.com.

Warranty

Refer to the License Agreement for the applicable warranty terms and conditions, if any.

For warranty details, visit www.siemens.com/ruggedcom or contact a Siemens customer service representative.

ii

RUGGEDCOM ROX II

CLI User Guide

Contacting Siemens

Address

Siemens Canada Ltd.
Industry Sector
300 Applewood Crescent
Concord, Ontario
Canada, L4K 5C7

Telephone

Toll-free: 1 888 264 0006
Tel: +1 905 856 5288
Fax: +1 905 856 1995

E-mail

ruggedcom.info.i-ia@siemens.com

Web

www.siemens.com/ruggedcom

iii

RUGGEDCOM ROX II

CLI User Guide

iv

RUGGEDCOM ROX II

CLI User Guide

Table of Contents

Table of Contents

Preface ............................................................................................................. xxxv

Conventions ................................................................................................................................... xxxv

Alerts ..................................................................................................................................... xxxv

CLI Command Syntax ............................................................................................................ xxxv

Related Documents ....................................................................................................................... xxxvi

System Requirements .................................................................................................................... xxxvi

Accessing Documentation .............................................................................................................. xxxvi

License Conditions ........................................................................................................................ xxxvii

Training ........................................................................................................................................ xxxvii

Customer Support ......................................................................................................................... xxxvii

Chapter 1

Introduction .......................................................................................................... 1

1.1 Features and Benefits .................................................................................................................. 1

1.2 Feature Keys ............................................................................................................................... 5

1.3 Security Recommendations .......................................................................................................... 6

1.4 Available Services by Port ............................................................................................................ 9

1.5 User Permissions ....................................................................................................................... 10

1.6 Removable Memory ................................................................................................................... 12

Chapter 2

Using RUGGEDCOM ROX II ............................................................................ 15

2.1 Connecting to RUGGEDCOM ROX II .......................................................................................... 15

2.1.1 Connecting Directly .......................................................................................................... 15

2.1.2 Connecting Through the Network ..................................................................................... 17

2.2 Default User Names and Passwords ........................................................................................... 17

2.3 Logging In ................................................................................................................................. 18

2.4 Logging Out ............................................................................................................................... 19

2.5 Using Network Utilities ................................................................................................................ 19

2.5.1 Pinging a Host ................................................................................................................ 19

2.5.2 Dumping Raw Data to a Terminal or File ........................................................................... 20

2.5.3 Tracing the Route to a Remote Host ................................................................................ 20

2.5.4 Pinging an IPv4 Address Using MPLS Protocols ............................................................... 20

2.5.5 Tracing the Route of an IPv4 Address Using MPLS Protocols ............................................. 21

2.5.6 Tracing Activities on a Serial Port ..................................................................................... 21

v

Table of Contents

2.6 Using the Command Line Interface ............................................................................................. 21

2.7 Configuring the CLI Interface ...................................................................................................... 43

2.8 Accessing Different Modes ......................................................................................................... 43

RUGGEDCOM ROX II

CLI User Guide

2.6.1 Accessing Different CLI Modes ........................................................................................ 21

2.6.2 Using Command Line Completion .................................................................................... 22

2.6.3 Displaying Available Commands ....................................................................................... 22

2.6.4 Editing Commands .......................................................................................................... 23

2.6.5 Using Output Redirects .................................................................................................... 25

2.6.6 Using Regular Expressions .............................................................................................. 28

2.6.7 Using CLI Utilities ............................................................................................................ 29

2.6.8 Specifying a Range ......................................................................................................... 29

2.6.9 Common Commands ....................................................................................................... 30

2.6.9.1 Basic CLI Commands ........................................................................................... 30

2.6.9.2 File Commands .................................................................................................... 32

2.6.9.3 Interface and Services Commands ......................................................................... 36

2.6.9.4 Administration Commands ..................................................................................... 37

2.6.9.5 Configuration Mode General Commands ................................................................ 39

2.8.1 Accessing BIST Mode ..................................................................................................... 44

2.8.2 Accessing Service Mode .................................................................................................. 46

2.8.3 Accessing Maintenance Mode .......................................................................................... 47

Chapter 3

Device Management .......................................................................................... 49

3.1 Determining the Product Version ................................................................................................. 50

3.2 Viewing Chassis Information and Status ...................................................................................... 50

3.2.1 Viewing the Slot Hardware ............................................................................................... 51

3.2.2 Viewing Module Information ............................................................................................. 51

3.2.3 Viewing Flash Card Storage Utilization ............................................................................. 52

3.2.4 Viewing CPU/RAM Utilization ........................................................................................... 53

3.2.5 Viewing the Slot Status .................................................................................................... 53

3.2.6 Viewing the Slot Sensor Status ........................................................................................ 54

3.2.7 Viewing the Power Controller Status ................................................................................. 55

3.3 Viewing the Parts List ................................................................................................................. 56

3.4 Shutting Down the Device .......................................................................................................... 56

3.5 Rebooting the Device ................................................................................................................. 57

3.6 Restoring Factory Defaults .......................................................................................................... 57

3.7 Decommissioning the Device ...................................................................................................... 57

3.8 Managing Files .......................................................................................................................... 58

3.8.1 Installing Files ................................................................................................................. 58

3.8.2 Backing Up Files ............................................................................................................. 58

3.9 Managing Logs .......................................................................................................................... 59

vi

RUGGEDCOM ROX II

CLI User Guide

3.10 Managing the Software Configuration ........................................................................................ 71

3.11 Upgrading/Downgrading the RUGGEDCOM ROX II Software ...................................................... 72

3.12 Managing RUGGEDCOM ROX II Applications ........................................................................... 78

Table of Contents

3.9.1 Viewing Logs ................................................................................................................... 60

3.9.2 Deleting Logs .................................................................................................................. 61

3.9.3 Configuring a Source IP Address for Remote Syslog Messages .......................................... 61

3.9.4 Managing Diagnostic Logs ............................................................................................... 61

3.9.4.1 Enabling/Disabling the Developer's Log .................................................................. 62

3.9.4.2 Enabling/Disabling the SNMP Log ......................................................................... 62

3.9.4.3 Enabling/Disabling the NETCONF Summary Log .................................................... 63

3.9.4.4 Enabling/Disabling the NETCONF Trace Log .......................................................... 63

3.9.4.5 Enabling/Disabling the XPATH Trace Log ............................................................... 64

3.9.4.6 Enabling/Disabling the WebUI Trace Log ................................................................ 64

3.9.5 Configuring Secure Remote Syslog .................................................................................. 65

3.9.5.1 Enabling/Disabling Secure Remote Syslog ............................................................. 65

3.9.5.2 Viewing a List of Permitted Peers .......................................................................... 66

3.9.5.3 Adding a Permitted Peer ....................................................................................... 66

3.9.5.4 Deleting a Permitted Peer ..................................................................................... 66

3.9.6 Managing Remote Syslog Servers .................................................................................... 67

3.9.6.1 Viewing a List of Remote Servers .......................................................................... 67

3.9.6.2 Adding a Remote Server ....................................................................................... 67

3.9.6.3 Deleting a Remote Server ..................................................................................... 68

3.9.7 Managing Remote Server Selectors .................................................................................. 68

3.9.7.1 Viewing a List of Remote Server Selectors ............................................................. 69

3.9.7.2 Adding a Remote Server Selector .......................................................................... 69

3.9.7.3 Deleting a Remote Server Selector ........................................................................ 70

3.10.1 Saving the Configuration ................................................................................................ 71

3.10.2 Loading a Configuration ................................................................................................. 71

3.11.1 Configuring the Upgrade Source ..................................................................................... 72

3.11.2 Setting Up an Upgrade Server ........................................................................................ 73

3.11.2.1 Configuring the Upgrade Server ........................................................................... 73

3.11.2.2 Adding Software Releases to the Upgrade Server ................................................. 74

3.11.3 Upgrading the RUGGEDCOM ROX II Software ................................................................ 74

3.11.4 Stopping/Declining a Software Upgrade ........................................................................... 76

3.11.5 Downgrading the RUGGEDCOM ROX II Software ........................................................... 76

3.11.5.1 Rolling Back a Software Upgrade ......................................................................... 76

3.11.5.2 Downgrading Using ROXflash .............................................................................. 77

3.12.1 Viewing a List of Installed Applications ............................................................................ 78

3.12.2 Installing an Application ................................................................................................. 79

3.12.3 Upgrading an Application ............................................................................................... 79

vii

Table of Contents

3.13 Managing Feature Keys ............................................................................................................ 81

3.14 Managing Fixed Modules .......................................................................................................... 84

3.15 Managing Line Modules ............................................................................................................ 85

3.16 Managing Event Trackers ......................................................................................................... 88

3.17 Managing Switched Ethernet Ports ............................................................................................ 91

3.18 Managing Routable Ethernet Ports .......................................................................................... 104

3.19 Managing Serial Ports ............................................................................................................ 106

RUGGEDCOM ROX II

CLI User Guide

3.12.4 Uninstalling an Application ............................................................................................. 79

3.12.5 Managing Application Repositories ................................................................................. 80

3.12.5.1 Viewing a List of Repositories .............................................................................. 80

3.12.5.2 Checking the Repository Connection .................................................................... 80

3.12.5.3 Adding a Repository ............................................................................................ 81

3.12.5.4 Deleting a Repository .......................................................................................... 81

3.13.1 Viewing the Contents of a Feature Key ........................................................................... 82

3.13.2 Installing Feature Keys ................................................................................................... 83

3.14.1 Viewing a List of Fixed Module Configurations ................................................................. 84

3.14.2 Adding a Fixed Module Configuration .............................................................................. 85

3.14.3 Deleting a Fixed Module Configuration ............................................................................ 85

3.15.1 Removing a Line Module ............................................................................................... 86

3.15.2 Installing a New Line Module ......................................................................................... 86

3.15.3 Viewing a List of Line Module Configurations ................................................................... 86

3.15.4 Configuring a Line Module ............................................................................................. 87

3.15.5 Enabling/Disabling Controlled Bypass for M12 Line Modules ............................................ 87

3.16.1 Viewing a List of Event Trackers .................................................................................... 89

3.16.2 Viewing Event Tracker Statistics ..................................................................................... 89

3.16.3 Adding an Event Tracker ................................................................................................ 90

3.16.4 Deleting an Event Tracker .............................................................................................. 91

3.17.1 Viewing a List of Switched Ethernet Ports ....................................................................... 91

3.17.2 Configuring a Switched Ethernet Port .............................................................................. 92

3.17.3 Configuring Port Security ............................................................................................... 96

3.17.4 Viewing Switched Ethernet Port Statistics ........................................................................ 98

3.17.5 Viewing RMON Port Statistics ........................................................................................ 99

3.17.6 Clearing Switched Ethernet Port Statistics ..................................................................... 101

3.17.7 Resetting a Switched Ethernet Port ............................................................................... 102

3.17.8 Testing Switched Ethernet Port Cables .......................................................................... 102

3.17.8.1 Running a Cable Diagnostic Test ....................................................................... 102

3.17.8.2 Viewing Cable Diagnostic Statistics .................................................................... 103

3.17.8.3 Clearing Cable Diagnostic Statistics ................................................................... 104

3.18.1 Viewing a List of Routable Ethernet Ports ...................................................................... 104

3.18.2 Configuring a Routable Ethernet Port ............................................................................ 105

viii

RUGGEDCOM ROX II

CLI User Guide

3.20 Managing Serial Port Protocols ............................................................................................... 111

3.21 Managing Ethernet Trunk Interfaces ........................................................................................ 121

3.22 Managing Cellular Modem Interfaces ....................................................................................... 125

Table of Contents

3.19.1 Viewing a List of Serial Ports ........................................................................................ 107

3.19.2 Viewing Serial Port Statistics ........................................................................................ 107

3.19.3 Viewing Transport Connection Statistics ........................................................................ 108

3.19.4 Viewing DNP Device Table Statistics ............................................................................. 108

3.19.5 Clearing Serial Port Statistics ....................................................................................... 109

3.19.6 Configuring a Serial Port .............................................................................................. 109

3.19.7 Restarting the Serial Server .......................................................................................... 110

3.19.8 Resetting a Serial Port ................................................................................................. 110

3.20.1 Serial Port Protocol Concepts ....................................................................................... 111

3.20.1.1 Raw Socket Applications ................................................................................... 111

3.20.1.2 Modbus TCP Applications .................................................................................. 112

3.20.1.3 DNP Applications .............................................................................................. 113

3.20.1.4 Incoming/Outgoing Serial Connections ................................................................ 114

3.20.2 Viewing a List of Serial Port Protocols ........................................................................... 114

3.20.3 Adding a Serial Port Protocol ....................................................................................... 115

3.20.4 Configuring the DNP Protocol ....................................................................................... 115

3.20.5 Configuring the Modbus TCP Protocol .......................................................................... 116

3.20.6 Configuring the Raw Socket Protocol ............................................................................ 116

3.20.7 Deleting a Serial Port Protocol ...................................................................................... 118

3.20.8 Managing Device Address Tables ................................................................................. 118

3.20.8.1 Viewing a List of Device Address Tables ............................................................. 118

3.20.8.2 Adding a Device Address Table ......................................................................... 119

3.20.8.3 Deleting a Device Address Table ........................................................................ 119

3.20.9 Managing Remote Hosts .............................................................................................. 120

3.20.9.1 Viewing a List of Remote Hosts ......................................................................... 120

3.20.9.2 Adding a Remote Host ...................................................................................... 120

3.20.9.3 Deleting a Remote Host .................................................................................... 121

3.21.1 Viewing a List of Ethernet Trunk Interfaces .................................................................... 121

3.21.2 Adding an Ethernet Trunk Interface ............................................................................... 122

3.21.3 Deleting an Ethernet Trunk Interface ............................................................................. 124

3.21.4 Managing Ethernet Trunk Ports .................................................................................... 124

3.21.4.1 Viewing a List of Ethernet Trunk Ports ................................................................ 124

3.21.4.2 Adding an Ethernet Trunk Port ........................................................................... 125

3.21.4.3 Deleting an Ethernet Trunk Port ......................................................................... 125

3.22.1 Viewing a List of Cellular Modem Interfaces .................................................................. 126

3.22.2 Viewing the Status of a Cellular Modem Interface .......................................................... 126

3.22.3 Viewing PPP Interface Statistics ................................................................................... 127

ix

Table of Contents

3.23 Managing WAN Interfaces ....................................................................................................... 133

3.24 Managing Virtual Switches ...................................................................................................... 145

RUGGEDCOM ROX II

CLI User Guide

3.22.4 Viewing the HSPA Network Status for Cellular Modems .................................................. 127

3.22.5 Viewing the CDMA Network Status for Cellular Modems ................................................. 128

3.22.6 Configuring a Cellular Modem Interface ......................................................................... 129

3.22.7 Activating a Cellular Modem Account ............................................................................ 130

3.22.7.1 Activating a Cellular Modem Account Over-the-Air ............................................... 130

3.22.7.2 Activating a Cellular Modem Account Manually ................................................... 131

3.22.8 Resetting the Cellular Modem ....................................................................................... 131

3.22.9 Running AT Commands ............................................................................................... 132

3.22.10 Connecting as a PPP Client ....................................................................................... 132

3.23.1 Viewing a List of WAN Interfaces .................................................................................. 133

3.23.2 Configuring a WAN Interface ........................................................................................ 133

3.23.3 Viewing WAN Statistics ................................................................................................ 134

3.23.4 Clearing WAN Statistics ............................................................................................... 135

3.23.5 Performing a Loopback Test ......................................................................................... 136

3.23.6 Configuring a T1 Line .................................................................................................. 136

3.23.7 Configuring an E1 Line ................................................................................................ 137

3.23.8 Configuring DDS .......................................................................................................... 138

3.23.9 Managing Channels ..................................................................................................... 138

3.23.9.1 Viewing a List of Channels ................................................................................ 138

3.23.9.2 Adding a Channel ............................................................................................. 139

3.23.9.3 Deleting Channels ............................................................................................. 140

3.23.10 Configuring an HDLC-ETH Connection ........................................................................ 140

3.23.11 Configuring a Multi Link PPP Connection ..................................................................... 141

3.23.12 Configuring a PPP Connection .................................................................................... 141

3.23.13 Configuring a Frame Relay Connection ....................................................................... 142

3.23.14 Managing Data Links for Frame Relay Connections ..................................................... 143

3.23.14.1 Viewing a List of Data Links ............................................................................. 143

3.23.14.2 Adding a Data Link .......................................................................................... 144

3.23.14.3 Deleting a Data Link ........................................................................................ 144

3.24.1 Viewing a List of Virtual Switches ................................................................................. 146

3.24.2 Adding a Virtual Switch ................................................................................................ 146

3.24.3 Deleting a Virtual Switch .............................................................................................. 147

3.24.4 Managing Virtual Switch Interfaces ............................................................................... 147

3.24.4.1 Viewing a List of Virtual Switch Interfaces ........................................................... 148

3.24.4.2 Adding a Virtual Switch Interface ........................................................................ 148

3.24.4.3 Deleting a Virtual Switch Interface ...................................................................... 149

3.24.5 Filtering Virtual Switch Traffic ........................................................................................ 149

3.24.5.1 Enabling/Disabling Virtual Switch Filtering ........................................................... 149

x

RUGGEDCOM ROX II

CLI User Guide

3.25 Managing a Domain Name System (DNS) ............................................................................... 155

Table of Contents

3.24.5.2 Viewing a List of Virtual Switch Filters ................................................................ 150

3.24.5.3 Adding a Virtual Switch Filter ............................................................................. 150

3.24.5.4 Deleting a Virtual Switch Filter ........................................................................... 151

3.24.6 Managing Filtering Rules .............................................................................................. 151

3.24.6.1 Viewing a List of Rules ...................................................................................... 151

3.24.6.2 Viewing a List of Rules Assigned to a Virtual Switch Filter .................................... 152

3.24.6.3 Adding a Rule ................................................................................................... 152

3.24.6.4 Adding a Rule to a Virtual Switch Filter ............................................................... 153

3.24.6.5 Deleting a Rule ................................................................................................. 153

3.24.6.6 Deleting a Rule from a Virtual Switch Filter ......................................................... 154

3.24.7 Managing In/Out Interfaces ........................................................................................... 154

3.24.7.1 Viewing a List of In/Out Interfaces ...................................................................... 154

3.24.7.2 Adding In/Out Interfaces .................................................................................... 155

3.24.7.3 Deleting an In/Out Interface ............................................................................... 155

3.25.1 Managing Domain Names ............................................................................................ 156

3.25.1.1 Viewing a List of Domain Names ....................................................................... 156

3.25.1.2 Adding a Domain Name .................................................................................... 156

3.25.1.3 Deleting a Domain Name .................................................................................. 156

3.25.2 Managing Domain Name Servers ................................................................................. 157

3.25.2.1 Viewing a List of Domain Name Servers ............................................................. 157

3.25.2.2 Adding a Domain Name Server .......................................................................... 157

3.25.2.3 Deleting a Domain Name Server ........................................................................ 158

Chapter 4

System Administration ...................................................................................... 159

4.1 Configuring the System Name and Location ............................................................................... 159

4.2 Configuring the Hostname ........................................................................................................ 160

4.3 Customizing the Welcome Screen ............................................................................................. 160

4.4 Setting the User Authentication Mode ........................................................................................ 160

4.5 Setting the Maximum Number of Sessions ................................................................................. 161

4.6 Managing Alarms ..................................................................................................................... 161

4.6.1 Pre-Configured Alarms ................................................................................................... 162

4.6.2 Viewing a List of Active Alarms ...................................................................................... 162

4.6.3 Clearing and Acknowledging Alarms ............................................................................... 163

4.6.3.1 Clearing Alarms .................................................................................................. 163

4.6.3.2 Acknowledging Alarms ........................................................................................ 164

4.6.4 Configuring an Alarm ..................................................................................................... 164

4.7 Managing Certificates and Keys ................................................................................................ 165

4.7.1 Managing CA Certificates and CRLs ............................................................................... 165

4.7.1.1 Viewing a List of CA Certificates and CRLs .......................................................... 166

xi

Table of Contents

4.8 Managing RADIUS Authentication ............................................................................................. 175

4.9 Managing Users ....................................................................................................................... 178

4.10 Managing Passwords and Passphrases ................................................................................... 181

4.11 Scheduling Jobs ..................................................................................................................... 188

RUGGEDCOM ROX II

CLI User Guide

4.7.1.2 Viewing the Status of a CA Certificate and CRL .................................................... 166

4.7.1.3 Adding a CA Certificate and CRL ......................................................................... 167

4.7.1.4 Deleting a CA Certificate and CRL ....................................................................... 168

4.7.2 Managing Private Keys .................................................................................................. 168

4.7.2.1 Viewing a List of Private Keys ............................................................................. 169

4.7.2.2 Adding a Private Key .......................................................................................... 169

4.7.2.3 Deleting a Private Key ........................................................................................ 170

4.7.3 Managing Public Keys ................................................................................................... 170

4.7.3.1 Viewing a List of Public Keys ............................................................................... 170

4.7.3.2 Adding a Public Key ............................................................................................ 171

4.7.3.3 Adding an IPSec-Formatted Public Key ................................................................ 171

4.7.3.4 Deleting a Public Key .......................................................................................... 172

4.7.4 Managing Certificates .................................................................................................... 172

4.7.4.1 Viewing a List of Certificates ................................................................................ 173

4.7.4.2 Viewing the Status of a Certificate ....................................................................... 173

4.7.4.3 Adding a Certificate ............................................................................................. 173

4.7.4.4 Deleting a Certificate ........................................................................................... 174

4.8.1 Configuring RADIUS Authentication for LOGIN Services .................................................. 176

4.8.2 Configuring RADIUS Authentication for PPP Services ...................................................... 177

4.8.3 Configuring RADIUS Authentication for Switched Ethernet Ports ....................................... 177

4.9.1 Viewing a List of Users .................................................................................................. 179

4.9.2 Adding a User ............................................................................................................... 179

4.9.3 Deleting a User ............................................................................................................. 179

4.9.4 Monitoring Users ........................................................................................................... 180

4.9.4.1 Kicking Users from the Network ........................................................................... 180

4.9.4.2 Sending Messages to Users ................................................................................ 180

4.10.1 Configuring Password/Passphrase Complexity Rules ..................................................... 181

4.10.2 Setting a User Password/Passphrase ............................................................................ 182

4.10.3 Setting the Boot Password/Passphrase ......................................................................... 183

4.10.4 Setting the Maintenance Password/Passphrase ............................................................. 184

4.10.5 Resetting the Admin Password/Passphrase ................................................................... 185

4.10.6 Resetting the Boot Password/Passphrase ..................................................................... 186

4.10.7 Resetting the Maintenance Password/Passphrase ......................................................... 186

4.11.1 Viewing a List of Scheduled Jobs .................................................................................. 188

4.11.2 Adding Scheduled Jobs ................................................................................................ 188

4.11.3 Deleting a Scheduled Job ............................................................................................. 190

xii

RUGGEDCOM ROX II

CLI User Guide

Chapter 5

Table of Contents

Setup and Configuration .................................................................................. 191

5.1 Configuring a Basic Network ..................................................................................................... 192

5.1.1 Configuring a Basic IPv4 Network ................................................................................... 192

5.1.2 Configuring a Basic IPv6 Network ................................................................................... 193

5.2 Configuring ICMP Control ......................................................................................................... 193

5.3 Enabling and Configuring CLI Sessions ..................................................................................... 194

5.4 Enabling and Configuring SFTP Sessions .................................................................................. 195

5.5 Enabling and Configuring WWW Interface Sessions ................................................................... 195

5.6 Enabling/Disabling Brute Force Attack Protection ....................................................................... 196

5.7 Viewing the Status of IPv4 Routes ............................................................................................ 198

5.8 Viewing the Status of IPv6 Routes ............................................................................................ 198

5.9 Viewing the Memory Statistics ................................................................................................... 199

5.10 Managing NETCONF .............................................................................................................. 200

5.10.1 Enabling and Configuring NETCONF Sessions .............................................................. 200

5.10.2 Viewing NETCONF Statistics ........................................................................................ 202

5.11 Managing SNMP .................................................................................................................... 202

5.11.1 MIB Files and SNMP Traps .......................................................................................... 203

5.11.2 Enabling and Configuring SNMP Sessions ..................................................................... 205

5.11.3 Viewing Statistics for SNMP ......................................................................................... 206

5.11.4 Discovering SNMP Engine IDs ...................................................................................... 207

5.11.5 Managing SNMP Communities ..................................................................................... 207

5.11.5.1 Viewing a List of SNMP Communities ................................................................. 207

5.11.5.2 Adding an SNMP Community ............................................................................. 208

5.11.5.3 Deleting an SNMP Community ........................................................................... 208

5.11.6 Managing SNMP Target Addresses ............................................................................... 208

5.11.6.1 Viewing a List of SNMP Target Addresses .......................................................... 209

5.11.6.2 Adding an SNMP Target Address ....................................................................... 209

5.11.6.3 Deleting an SNMP Target Address ..................................................................... 210

5.11.7 Managing SNMP Users ................................................................................................ 210

5.11.7.1 Viewing a List of SNMP Users ........................................................................... 211

5.11.7.2 Adding an SNMP User ...................................................................................... 211

5.11.7.3 Deleting an SNMP User ..................................................................................... 212

5.11.8 Managing SNMP Security Model Mapping ..................................................................... 212

5.11.8.1 Viewing a List of SNMP Security Models ............................................................. 212

5.11.8.2 Adding an SNMP Security Model ....................................................................... 213

5.11.8.3 Deleting an SNMP Security Model ...................................................................... 213

5.11.9 Managing SNMP Group Access .................................................................................... 214

5.11.9.1 Viewing a List of SNMP Groups ......................................................................... 214

5.11.9.2 Adding an SNMP Group .................................................................................... 214

xiii

Table of Contents

5.12 Managing Time Synchronization Functions ............................................................................... 216

5.13 Managing Cellular Modem Profiles .......................................................................................... 229

5.14 Managing the DHCP Relay Agent ........................................................................................... 234

RUGGEDCOM ROX II

CLI User Guide

5.11.9.3 Deleting an SNMP Group .................................................................................. 215

5.12.1 Configuring the Time Synchronization Settings .............................................................. 217

5.12.2 Configuring the System Time and Date ......................................................................... 217

5.12.3 Configuring the System Time Zone ............................................................................... 218

5.12.4 Configuring the Local Time Settings .............................................................................. 218

5.12.5 Configuring NTP Multicast Clients ................................................................................. 218

5.12.6 Configuring NTP Broadcast Clients ............................................................................... 219

5.12.7 Enabling/Disabling the NTP Service .............................................................................. 219

5.12.8 Viewing the NTP Service Status ................................................................................... 220

5.12.9 Viewing the Status of Reference Clocks ........................................................................ 220

5.12.10 Monitoring Subscribers ............................................................................................... 221

5.12.11 Managing NTP Servers .............................................................................................. 222

5.12.11.1 Viewing a List of NTP Servers .......................................................................... 223

5.12.11.2 Adding an NTP Server ..................................................................................... 223

5.12.11.3 Deleting an NTP Server ................................................................................... 224

5.12.12 Managing NTP Broadcast/Multicast Addresses ............................................................ 224

5.12.12.1 Viewing a List of Broadcast/Multicast Addresses ................................................ 224

5.12.12.2 Adding a Broadcast/Multicast Address .............................................................. 225

5.12.12.3 Deleting a Broadcast/Multicast Address ............................................................ 226

5.12.13 Managing Server Keys ............................................................................................... 226

5.12.13.1 Viewing a List of Server Keys .......................................................................... 226

5.12.13.2 Adding a Server Key ....................................................................................... 227

5.12.13.3 Deleting a Server Key ..................................................................................... 227

5.12.14 Managing Server Restrictions ..................................................................................... 227

5.12.14.1 Viewing a List of Server Restrictions ................................................................. 228

5.12.14.2 Adding a Server Restriction ............................................................................. 228

5.12.14.3 Deleting a Server Restriction ............................................................................ 229

5.13.1 Managing CDMA Profiles ............................................................................................. 229

5.13.1.1 Viewing a List of CDMA Profiles ......................................................................... 230

5.13.1.2 Adding a CDMA Profile ..................................................................................... 230

5.13.1.3 Deleting a CDMA Profile .................................................................................... 231

5.13.2 Managing GSM Profiles ............................................................................................... 232

5.13.2.1 Viewing a List of GSM Profiles ........................................................................... 232

5.13.2.2 Adding a GSM Profile ........................................................................................ 232

5.13.2.3 Deleting a GSM Profile ...................................................................................... 234

5.14.1 Configuring the DHCP Relay Agent .............................................................................. 235

5.14.2 Viewing a List of DHCP Client Ports ............................................................................. 235

xiv

RUGGEDCOM ROX II

CLI User Guide

5.15 Managing the DHCP Server .................................................................................................... 236

Table of Contents

5.14.3 Adding DHCP Client Ports ............................................................................................ 236

5.14.4 Deleting a DHCP Client Port ........................................................................................ 236

5.15.1 Configuring the DHCP Server ....................................................................................... 237

5.15.2 Enabling/Disabling the DHCP Server ............................................................................ 237

5.15.3 Enabling/Disabling the DHCP Relay Support ................................................................. 238

5.15.4 Viewing a List of Active Leases .................................................................................... 238

5.15.5 Managing DHCP Listen Interfaces ................................................................................ 239

5.15.5.1 Viewing a List of DHCP Listen Interfaces ............................................................ 239

5.15.5.2 Adding a DHCP Listen Interface ......................................................................... 239

5.15.5.3 Deleting a DHCP Listen Interface ....................................................................... 240

5.15.6 Managing Shared Networks .......................................................................................... 240

5.15.6.1 Viewing a List of Shared Networks ..................................................................... 240

5.15.6.2 Adding a Shared Network .................................................................................. 241

5.15.6.3 Configuring Shared Network Options .................................................................. 241

5.15.6.4 Configuring a Shared Network Client .................................................................. 242

5.15.6.5 Customizing Shared Network Clients .................................................................. 243

5.15.6.6 Deleting a Shared Network ................................................................................ 243

5.15.7 Managing Subnets ....................................................................................................... 244

5.15.7.1 Viewing a List of Subnets .................................................................................. 244

5.15.7.2 Adding a Subnet ............................................................................................... 244

5.15.7.3 Configuring Subnet Options ............................................................................... 245

5.15.7.4 Configuring a Subnet Client ............................................................................... 246

5.15.7.5 Deleting a Subnet ............................................................................................. 247

5.15.8 Managing Custom Client Options for Subnets ................................................................ 247

5.15.8.1 Viewing a List of Custom Client Options ............................................................. 247

5.15.8.2 Adding a Custom Client Option .......................................................................... 248

5.15.8.3 Deleting a Custom Client Option ........................................................................ 248

5.15.9 Managing Hosts ........................................................................................................... 249

5.15.9.1 Viewing a List of Hosts ...................................................................................... 249

5.15.9.2 Adding a Host ................................................................................................... 249

5.15.9.3 Configuring Host Options ................................................................................... 250

5.15.9.4 Configuring a Host Client ................................................................................... 250

5.15.9.5 Deleting Hosts .................................................................................................. 251

5.15.10 Managing Custom Host Client Configurations .............................................................. 252

5.15.10.1 Viewing a List of Custom Host Client Configurations .......................................... 252

5.15.10.2 Adding Custom Host Client Configurations ........................................................ 252

5.15.10.3 Deleting Custom Host Client Configurations ...................................................... 253

5.15.11 Managing Host Groups ............................................................................................... 253

5.15.11.1 Viewing a List of Host Groups .......................................................................... 253

xv

Table of Contents

5.16 Managing Port Mirroring .......................................................................................................... 264

5.17 Managing Firewalls ................................................................................................................. 268

RUGGEDCOM ROX II

CLI User Guide

5.15.11.2 Adding a Host Group ....................................................................................... 254

5.15.11.3 Configuring Host Group Options ....................................................................... 254

5.15.11.4 Configuring a Host Group Client ....................................................................... 255

5.15.11.5 Deleting a Host Group ..................................................................................... 256

5.15.12 Managing Custom Host Group Client Configurations .................................................... 256

5.15.12.1 Viewing a List of Custom Host Group Client Configurations ................................ 256

5.15.12.2 Adding Custom Host Group Client Configurations .............................................. 257

5.15.12.3 Deleting Custom Host Group Client Configurations ............................................ 257

5.15.13 Managing IP Pools ..................................................................................................... 258

5.15.13.1 Viewing a List of IP Pools ................................................................................ 258

5.15.13.2 Adding an IP Pool ........................................................................................... 258

5.15.13.3 Deleting an IP Pool ......................................................................................... 259

5.15.14 Managing IP Ranges for Subnets ............................................................................... 260

5.15.14.1 Viewing a List of IP Ranges for Subnets ........................................................... 260

5.15.14.2 Adding an IP Range to a DHCP Subnet ............................................................ 260

5.15.14.3 Deleting an IP Range From a Subnet ............................................................... 261

5.15.15 Managing IP Ranges for IP Pools ............................................................................... 261

5.15.15.1 Viewing a List of IP Ranges for IP Pools ........................................................... 261

5.15.15.2 Adding an IP Range to an IP Pool .................................................................... 262

5.15.15.3 Deleting an IP Range From an IP Pool ............................................................. 262

5.15.16 Managing Option 82 Classes for IP Pools .................................................................... 262

5.15.16.1 Viewing a List of Option 82 Classes for IP Pools ............................................... 263

5.15.16.2 Adding an Option 82 Class to an IP Pool .......................................................... 263

5.15.16.3 Deleting an Option 82 Class From an IP Pool ................................................... 264

5.16.1 Configuring Port Mirroring ............................................................................................. 265

5.16.2 Managing Egress Source Ports .................................................................................... 265

5.16.2.1 Viewing a List of Egress Source Ports ................................................................ 265

5.16.2.2 Adding an Egress Source Port ........................................................................... 266

5.16.2.3 Deleting an Egress Source Port ......................................................................... 266

5.16.3 Managing Ingress Source Ports .................................................................................... 266

5.16.3.1 Viewing a List of Ingress Source Ports ............................................................... 267

5.16.3.2 Adding an Ingress Source Port .......................................................................... 267

5.16.3.3 Deleting an Ingress Source Port ......................................................................... 267

5.17.1 Firewall Concepts ........................................................................................................ 269

5.17.1.1 Stateless vs. Stateful Firewalls ........................................................................... 269

5.17.1.2 Linux netfilter .................................................................................................... 269

5.17.1.3 Network Address Translation ............................................................................. 269

5.17.1.4 Port Forwarding ................................................................................................ 270

xvi

RUGGEDCOM ROX II

CLI User Guide

Table of Contents

5.17.1.5 Protecting Against a SYN Flood Attack ............................................................... 270

5.17.2 Viewing a List of Firewalls ............................................................................................ 271

5.17.3 Adding a Firewall ......................................................................................................... 271

5.17.4 Deleting a Firewall ....................................................................................................... 272

5.17.5 Working with Multiple Firewall Configurations ................................................................. 272

5.17.6 Configuring the Firewall for a VPN ................................................................................ 273

5.17.7 Configuring the Firewall for a VPN in a DMZ ................................................................. 274

5.17.8 Managing Zones .......................................................................................................... 275

5.17.8.1 Viewing a List of Zones ..................................................................................... 275

5.17.8.2 Adding a Zone .................................................................................................. 276

5.17.8.3 Deleting a Zone ................................................................................................ 277

5.17.9 Managing Interfaces ..................................................................................................... 277

5.17.9.1 Viewing a List of Interfaces ................................................................................ 278

5.17.9.2 Adding an Interface ........................................................................................... 278

5.17.9.3 Associating an Interface with a Zone .................................................................. 279

5.17.9.4 Configuring a Broadcast Address ....................................................................... 280

5.17.9.5 Deleting an Interface ......................................................................................... 280

5.17.10 Managing Hosts ......................................................................................................... 281

5.17.10.1 Viewing a List of Hosts .................................................................................... 281

5.17.10.2 Adding a Host ................................................................................................. 281

5.17.10.3 Deleting a Host ............................................................................................... 282

5.17.11 Managing Policies ...................................................................................................... 283

5.17.11.1 Viewing a List of Policies ................................................................................. 283

5.17.11.2 Adding a Policy ............................................................................................... 284

5.17.11.3 Configuring the Source Zone ............................................................................ 285

5.17.11.4 Configuring the Destination Zone ...................................................................... 285

5.17.11.5 Deleting a Policy ............................................................................................. 285

5.17.12 Managing Network Address Translation Settings .......................................................... 286

5.17.12.1 Viewing a List of NAT Settings ......................................................................... 286

5.17.12.2 Adding a NAT Setting ...................................................................................... 287

5.17.12.3 Deleting a NAT Setting .................................................................................... 287

5.17.13 Managing Masquerade and SNAT Settings .................................................................. 288

5.17.13.1 Viewing a List of Masquerade and SNAT Settings .............................................. 288

5.17.13.2 Adding Masquerade or SNAT Settings .............................................................. 288

5.17.13.3 Deleting a Masquerade or SNAT Setting ........................................................... 289

5.17.14 Managing Rules ......................................................................................................... 290

5.17.14.1 Viewing a List of Rules .................................................................................... 290

5.17.14.2 Adding a Rule ................................................................................................. 291

5.17.14.3 Configuring the Source Zone ........................................................................... 292

5.17.14.4 Configuring the Destination Zone ..................................................................... 292

xvii

Table of Contents

5.18 Managing IS-IS ...................................................................................................................... 294

RUGGEDCOM ROX II

CLI User Guide

5.17.14.5 Deleting Rules ................................................................................................ 293

5.17.15 Validating a Firewall Configuration ............................................................................... 293

5.17.16 Enabling/Disabling a Firewall ...................................................................................... 293

5.18.1 IS-IS Concepts ............................................................................................................ 294

5.18.1.1 IS-IS Routers .................................................................................................... 295

5.18.1.2 Network Entity Title (NET) Addresses ................................................................. 295

5.18.1.3 Advantages and Disadvantages of Using IS-IS .................................................... 296

5.18.2 Configuring IS-IS ......................................................................................................... 296

5.18.3 Viewing the Status of Neighbors ................................................................................... 297

5.18.4 Viewing the Status of the Link-State Database ............................................................... 298

5.18.5 Managing Area Tags .................................................................................................... 299

5.18.5.1 Viewing a List of Area Tags ............................................................................... 299

5.18.5.2 Adding an Area Tag .......................................................................................... 300

5.18.5.3 Deleting an Area Tag ........................................................................................ 301

5.18.6 Managing Interfaces ..................................................................................................... 302

5.18.6.1 Viewing a List of Interfaces ................................................................................ 302

5.18.6.2 Configuring an Interface .................................................................................... 302

5.18.7 Managing LSP Generation ........................................................................................... 304

5.18.7.1 Viewing a List of LSP Generation Intervals ......................................................... 304

5.18.7.2 Adding an LSP Generation Interval .................................................................... 304

5.18.7.3 Deleting an LSP Generation Interval ................................................................... 305

5.18.8 Managing SPF Calculations .......................................................................................... 305

5.18.8.1 Viewing a List of SPF Calculation Intervals ......................................................... 305

5.18.8.2 Adding an SPF Calculation Interval .................................................................... 306

5.18.8.3 Deleting an SPF Calculation Interval .................................................................. 306

5.18.9 Managing the Lifetime of LSPs ..................................................................................... 307

5.18.9.1 Viewing a List of LSP Lifetime Intervals .............................................................. 307

5.18.9.2 Adding an LSP Lifetime Interval ......................................................................... 307

5.18.9.3 Deleting an LSP Lifetime Interval ....................................................................... 308

5.18.10 Managing LSP Refresh Intervals ................................................................................. 308

5.18.10.1 Viewing a List of LSP Refresh Intervals ............................................................ 309

5.18.10.2 Adding an LSP Refresh Interval ....................................................................... 309

5.18.10.3 Deleting an LSP Refresh Interval ..................................................................... 309

5.18.11 Managing Network Entity Titles (NETs) ........................................................................ 310

5.18.11.1 Viewing a List of NETs ..................................................................................... 310

5.18.11.2 Adding a NET ................................................................................................. 311

5.18.11.3 Deleting a NET ................................................................................................ 311

5.18.12 Managing Redistribution Metrics ................................................................................. 312

5.18.12.1 Viewing a List of Redistribution Metrics ............................................................. 312

xviii

RUGGEDCOM ROX II

CLI User Guide

5.19 Managing BGP ....................................................................................................................... 313

Table of Contents

5.18.12.2 Adding a Redistribution Metric .......................................................................... 312

5.18.12.3 Deleting a Redistribution Metric ........................................................................ 313

5.19.1 Configuring BGP .......................................................................................................... 314

5.19.2 Viewing the Status of Dynamic BGP Routes .................................................................. 315

5.19.3 Managing Route Maps ................................................................................................. 317

5.19.3.1 Viewing a List of Route Map Filters .................................................................... 318

5.19.3.2 Viewing a List of Route Map Filter Entries ........................................................... 318

5.19.3.3 Adding a Route Map Filter ................................................................................. 318

5.19.3.4 Adding a Route Map Filter Entry ........................................................................ 319

5.19.3.5 Deleting a Route Map Filter ............................................................................... 319

5.19.3.6 Deleting a Route Map Filter Entry ...................................................................... 320

5.19.3.7 Configuring Match Rules ................................................................................... 320

5.19.3.8 Configuring a Set .............................................................................................. 321

5.19.4 Managing Prepended and Excluded Autonomous System Paths ..................................... 321

5.19.4.1 Viewing a List of Prepended Autonomous System Path Filters .............................. 322

5.19.4.2 Viewing a List of Excluded Autonomous System Paths ........................................ 322

5.19.4.3 Adding a Prepended Autonomous System Path Filter .......................................... 323

5.19.4.4 Adding an Excluded Autonomous System Path filter ............................................ 323

5.19.4.5 Deleting a Prepended Autonomous System Path Filter ........................................ 323

5.19.4.6 Deleting an Excluded Autonomous System Path Filter ......................................... 324

5.19.5 Managing Prefix Lists and Entries ................................................................................. 324

5.19.5.1 Viewing a List of Prefix Lists .............................................................................. 324

5.19.5.2 Viewing a List of Prefix Entries ........................................................................... 325

5.19.5.3 Adding a Prefix List ........................................................................................... 325

5.19.5.4 Adding a Prefix Entry ........................................................................................ 326

5.19.5.5 Deleting a Prefix List ......................................................................................... 326

5.19.5.6 Deleting a Prefix Entry ...................................................................................... 327

5.19.6 Managing Autonomous System Paths and Entries ......................................................... 327

5.19.6.1 Viewing a List of Autonomous System Paths ....................................................... 327

5.19.6.2 Viewing a List of Autonomous System Path Entries ............................................. 328

5.19.6.3 Adding an Autonomous System Path Filter ......................................................... 328

5.19.6.4 Adding an Autonomous System Path Filter Entry ................................................. 328

5.19.6.5 Deleting an Autonomous System Path ................................................................ 329

5.19.6.6 Deleting an Autonomous System Path Filter Entry ............................................... 329

5.19.7 Managing Neighbors .................................................................................................... 329

5.19.7.1 Viewing a List of Neighbors ............................................................................... 330

5.19.7.2 Adding a Neighbor ............................................................................................ 330

5.19.7.3 Configuring the Distribution of Prefix Lists ........................................................... 331

5.19.7.4 Tracking Commands for BGP Neighbors ............................................................. 332

xix

Table of Contents

5.20 Managing RIP ........................................................................................................................ 338

RUGGEDCOM ROX II

CLI User Guide

5.19.7.5 Deleting a Neighbor .......................................................................................... 332

5.19.8 Managing Networks ..................................................................................................... 332

5.19.8.1 Viewing a List of Networks ................................................................................. 333

5.19.8.2 Adding a Network ............................................................................................. 333

5.19.8.3 Tracking Commands for a BGP Network ............................................................. 334

5.19.8.4 Deleting a Network ............................................................................................ 334

5.19.9 Managing Aggregate Addresses ................................................................................... 335

5.19.9.1 Viewing a List of Aggregate Addresses ............................................................... 335

5.19.9.2 Adding an Aggregate Address ........................................................................... 335

5.19.9.3 Deleting an Aggregate Address .......................................................................... 335

5.19.10 Managing Aggregate Address Options ........................................................................ 336

5.19.10.1 Viewing a List of Aggregate Address Options .................................................... 336

5.19.10.2 Adding an Aggregate Address Option ............................................................... 336

5.19.10.3 Deleting an Aggregate Address Option ............................................................. 337

5.19.11 Managing Redistribution Metrics .................................................................................. 337

5.19.11.1 Viewing a List of Redistribution Metrics ............................................................. 337

5.19.11.2 Adding a Redistribution Metric .......................................................................... 337

5.19.11.3 Deleting a Redistribution Metric ........................................................................ 338

5.20.1 Configuring RIP ........................................................................................................... 339

5.20.2 Viewing the Status of Dynamic RIP Routes ................................................................... 340

5.20.3 Managing Prefix Lists and Entries ................................................................................. 341

5.20.3.1 Viewing a List of Prefix Lists .............................................................................. 342

5.20.3.2 Viewing a List of Prefix Entries ........................................................................... 342

5.20.3.3 Adding a Prefix List ........................................................................................... 343

5.20.3.4 Adding a Prefix Entry ........................................................................................ 343

5.20.3.5 Deleting a Prefix List ......................................................................................... 344

5.20.3.6 Deleting a Prefix Entry ...................................................................................... 344

5.20.4 Managing Networks ..................................................................................................... 344

5.20.4.1 Configuring a Network ....................................................................................... 345

5.20.4.2 Tracking Commands .......................................................................................... 345

5.20.5 Managing Network IP Address ...................................................................................... 346

5.20.5.1 Viewing a List of Network IP Addresses .............................................................. 346

5.20.5.2 Adding a Network IP Address ............................................................................ 346

5.20.5.3 Deleting a Network IP Address .......................................................................... 346

5.20.6 Managing Network Interfaces ....................................................................................... 347

5.20.6.1 Viewing a List of Network Interfaces ................................................................... 347

5.20.6.2 Adding a Network Interface ................................................................................ 347

5.20.6.3 Deleting a Network Interface .............................................................................. 348

5.20.7 Managing Neighbors .................................................................................................... 348

xx

RUGGEDCOM ROX II

CLI User Guide

5.21 Managing OSPF ..................................................................................................................... 356

Table of Contents

5.20.7.1 Viewing a List of Neighbors ............................................................................... 348

5.20.7.2 Adding a Neighbor ............................................................................................ 348

5.20.7.3 Deleting a Neighbor .......................................................................................... 349

5.20.8 Managing the Prefix List Distribution ............................................................................. 349

5.20.8.1 Viewing a List of Prefix List Distribution Paths ..................................................... 349

5.20.8.2 Adding a Prefix List Distribution Path .................................................................. 350

5.20.8.3 Deleting a Prefix List Distribution Path ................................................................ 350

5.20.9 Managing Key Chains and Keys ................................................................................... 350

5.20.9.1 Viewing a List of Key Chains ............................................................................. 351

5.20.9.2 Viewing a List of Keys ....................................................................................... 351

5.20.9.3 Adding a Key Chain .......................................................................................... 352

5.20.9.4 Adding a Key .................................................................................................... 352

5.20.9.5 Deleting a Key Chain ........................................................................................ 353

5.20.9.6 Deleting a Key .................................................................................................. 353

5.20.10 Managing Redistribution Metrics ................................................................................. 354

5.20.10.1 Viewing a List of Redistribution Metrics ............................................................. 354

5.20.10.2 Adding a Redistribution Metric .......................................................................... 354

5.20.10.3 Deleting a Redistribution Metric ........................................................................ 355

5.20.11 Managing Routing Interfaces ....................................................................................... 355

5.20.11.1 Viewing a List of Routing Interfaces .................................................................. 355

5.20.11.2 Configuring a Routing Interface ........................................................................ 355

5.21.1 OSPF Concepts ........................................................................................................... 357

5.21.2 Configuring OSPF ........................................................................................................ 358

5.21.3 Viewing the Status of Dynamic OSPF Routes ................................................................ 359

5.21.4 Managing Prefix Lists and Entries ................................................................................. 362

5.21.4.1 Viewing a List of Prefix Lists .............................................................................. 362

5.21.4.2 Viewing a List of Prefix Entries ........................................................................... 362

5.21.4.3 Adding a Prefix List ........................................................................................... 363

5.21.4.4 Adding a Prefix Entry ........................................................................................ 364

5.21.4.5 Deleting a Prefix List ......................................................................................... 364

5.21.4.6 Deleting a Prefix Entry ...................................................................................... 365

5.21.5 Managing Areas .......................................................................................................... 365

5.21.5.1 Viewing a List of Areas ...................................................................................... 366

5.21.5.2 Adding an Area ................................................................................................. 366

5.21.5.3 Deleting an Area ............................................................................................... 367

5.21.6 Managing Route Maps ................................................................................................. 367

5.21.6.1 Viewing a List of Route Map Filters .................................................................... 368

5.21.6.2 Viewing a List of Route Map Filter Entries ........................................................... 368

5.21.6.3 Adding a Route Map Filter ................................................................................. 369

xxi

Table of Contents

5.22 Managing Virtual Routing and Forwarding (VRF) ...................................................................... 379

RUGGEDCOM ROX II

CLI User Guide

5.21.6.4 Adding a Route Map Filter Entry ........................................................................ 369

5.21.6.5 Deleting a Route Map Filter ............................................................................... 370

5.21.6.6 Deleting a Route Map Filter Entry ...................................................................... 370

5.21.6.7 Configuring Match Rules ................................................................................... 371

5.21.7 Managing Incoming Route Filters .................................................................................. 371

5.21.7.1 Viewing List of Incoming Route Filters ................................................................ 372

5.21.7.2 Adding an Incoming Route Filter ........................................................................ 372

5.21.7.3 Deleting an Incoming Route Filter ...................................................................... 373

5.21.8 Managing Redistribution Metrics ................................................................................... 373

5.21.8.1 Viewing a List of Redistribution Metrics ............................................................... 373

5.21.8.2 Adding a Redistribution Metric ........................................................................... 374

5.21.8.3 Deleting a Redistribution Metric .......................................................................... 374

5.21.9 Managing Routing Interfaces ........................................................................................ 375

5.21.9.1 Viewing a List of Routing Interfaces ................................................................... 375

5.21.9.2 Configuring a Routing Interface .......................................................................... 375

5.21.10 Managing Message Digest Keys ................................................................................. 377

5.21.10.1 Viewing a List of Message Digest Keys ............................................................ 378

5.21.10.2 Adding a Message Digest Key ......................................................................... 378

5.21.10.3 Deleting a Message Digest Key ....................................................................... 379

5.22.1 VRF Concepts ............................................................................................................. 380

5.22.1.1 VRF and VRF-Lite ............................................................................................. 380

5.22.1.2 Advantages and Disadvantages of Using VRF .................................................... 380

5.22.2 Viewing VRF Interface Statistics ................................................................................... 381

5.22.3 Configuring VRF .......................................................................................................... 382

5.22.4 Configuring a VRF Interface ......................................................................................... 383

5.22.5 Managing VRF Definitions ............................................................................................ 383

5.22.5.1 Viewing a List of VRF Definitions ....................................................................... 384

5.22.5.2 Adding a VRF Definition .................................................................................... 384

5.22.5.3 Deleting a VRF Definition .................................................................................. 385

5.22.6 Managing Route Targets .............................................................................................. 385

5.22.6.1 Viewing a List of Route Targets .......................................................................... 386

5.22.6.2 Adding a Route Target ...................................................................................... 386

5.22.6.3 Deleting a Route Target ..................................................................................... 386

5.22.7 Managing VRF Instances and OSPF ............................................................................. 387

5.22.7.1 Viewing a List of VRF Instances ......................................................................... 387

5.22.7.2 Adding a VRF Instance and Configuring OSPF ................................................... 387

5.22.7.3 Deleting a VRF Instance .................................................................................... 389

5.22.8 Managing IP/VPN Tunnels ............................................................................................ 389

5.22.8.1 Viewing a List of IP/VPN Tunnels ....................................................................... 390

xxii

RUGGEDCOM ROX II

CLI User Guide

5.23 Managing Static Routing ......................................................................................................... 403

Table of Contents

5.22.8.2 Adding an IP/VPN Tunnel .................................................................................. 390

5.22.8.3 Deleting an IP/VPN Tunnels .............................................................................. 390

5.22.9 Managing VPNv4 Neighbors ......................................................................................... 391

5.22.9.1 Viewing a List of Neighbors ............................................................................... 391

5.22.9.2 Adding a Neighbor ............................................................................................ 391

5.22.9.3 Deleting a Neighbor .......................................................................................... 391

5.22.10 Managing IPv4 Address Families ................................................................................ 392

5.22.10.1 Viewing a List of IPv4 Address Families ............................................................ 392

5.22.10.2 Adding an IPv4 Address Family ....................................................................... 393

5.22.10.3 Deleting an IPv4 Address Family ...................................................................... 393

5.22.11 Managing Redistribution for IPv4 Address Families ...................................................... 393

5.22.11.1 Viewing a List of Redistributions ....................................................................... 394

5.22.11.2 Adding a Redistribution .................................................................................... 394

5.22.11.3 Deleting a Redistribution .................................................................................. 394

5.22.12 Managing Neighbors for IPv4 Address Families ........................................................... 395

5.22.12.1 Viewing a List of Neighbors ............................................................................. 395

5.22.12.2 Adding a Neighbor .......................................................................................... 396

5.22.12.3 Configuring the Distribution of Prefix Lists ......................................................... 397

5.22.12.4 Tracking Commands ........................................................................................ 397

5.22.12.5 Deleting a Neighbor ......................................................................................... 398

5.22.13 Managing Static VRF Routes ...................................................................................... 398

5.22.13.1 Viewing a List of Static VRF Routes ................................................................. 398

5.22.13.2 Adding a Static VRF Route .............................................................................. 399

5.22.13.3 Configuring a Black Hole Connection for a Static VRF Route .............................. 400

5.22.13.4 Deleting a Static VRF Route ............................................................................ 400

5.22.14 Managing Gateways for Static VRF Routes ................................................................. 400

5.22.14.1 Viewing a List of Gateways for Static VRF Routes ............................................. 400

5.22.14.2 Adding a Gateway for a Static VRF Route ........................................................ 401

5.22.14.3 Deleting a Gateway for a Static VRF Route ....................................................... 401

5.22.15 Managing Interfaces for Static VRF Routes ................................................................. 402

5.22.15.1 Viewing a List of Gateways for Static VRF Routes ............................................. 402

5.22.15.2 Adding a Gateway for a Static VRF Route ........................................................ 402

5.22.15.3 Deleting a Gateway for a Static VRF Route ....................................................... 403

5.23.1 Viewing a List of Static Routes ..................................................................................... 403

5.23.2 Adding an IPv4 Static Route ......................................................................................... 404

5.23.3 Adding an IPv6 Static Route ......................................................................................... 405

5.23.4 Deleting a Static Route ................................................................................................ 405

5.23.5 Configuring a Black Hole Connection for an IPv4 Static Route ........................................ 405

5.23.6 Managing Gateways for Static Routes ........................................................................... 406

xxiii

Table of Contents

5.24 Managing Static Multicast Routing ........................................................................................... 409

5.25 Managing Dynamic Multicast Routing ...................................................................................... 413

5.26 Managing Multicast Filtering .................................................................................................... 419

RUGGEDCOM ROX II

CLI User Guide

5.23.6.1 Configuring Gateways for IPv6 Static Routes ...................................................... 406

5.23.6.2 Viewing a List of Gateways for IPv4 Static Routes ............................................... 406

5.23.6.3 Adding a Gateway for an IPv4 Static Route ........................................................ 407

5.23.6.4 Deleting a Gateway for an IPv4 Static Route ....................................................... 407

5.23.7 Managing Interfaces for Static Routes ........................................................................... 407

5.23.7.1 Configuring Interfaces for IPv6 Static Routes ...................................................... 408

5.23.7.2 Viewing a List of Interfaces for IPv4 Static Routes ............................................... 408

5.23.7.3 Adding an Interface for an IPv4 Static Route ....................................................... 408

5.23.7.4 Deleting an Interface for an IPv4 Static Route ..................................................... 409

5.24.1 Enabling/Disabling Static Multicast Routing .................................................................... 409

5.24.2 Managing Static Multicast Groups ................................................................................. 410

5.24.2.1 Viewing a List of Static Multicast Groups ............................................................ 410

5.24.2.2 Adding a Static Multicast Group ......................................................................... 410

5.24.2.3 Deleting a Static Multicast Group ....................................................................... 411

5.24.3 Managing Out-Interfaces .............................................................................................. 411

5.24.3.1 Viewing a List of Out-Interfaces ......................................................................... 412

5.24.3.2 Adding an Out-Interface ..................................................................................... 412

5.24.3.3 Deleting an Out-Interface ................................................................................... 412

5.25.1 PIM-SM Concepts ........................................................................................................ 414

5.25.2 Configuring PIM-SM ..................................................................................................... 414

5.25.3 Viewing a List of PIM-SM Interfaces .............................................................................. 415

5.25.4 Enabling/Disabling a PIM-SM Interface .......................................................................... 416

5.25.5 Configuring a Static RP Address ................................................................................... 416

5.25.6 Managing a Boot Strap Router ..................................................................................... 416

5.25.6.1 Configuring a BSR Candidate ............................................................................ 417

5.25.6.2 Configuring a Group Prefix ................................................................................ 417

5.25.6.3 Configuring an RP Candidate ............................................................................. 417

5.25.7 Viewing the Status of PIM-SM ...................................................................................... 418

5.25.8 Viewing the Status of Dynamic Multicast Routing ........................................................... 419

5.26.1 Multicast Filtering Concepts .......................................................................................... 419

5.26.1.1 IGMP ................................................................................................................ 420

5.26.1.2 GMRP (GARP Multicast Registration Protocol) .................................................... 423

5.26.2 Enabling and Configuring GMRP .................................................................................. 426

5.26.3 Managing IGMP Snooping ............................................................................................ 426

5.26.3.1 Configuring IGMP Snooping ............................................................................... 427

5.26.3.2 Viewing a List of Router Ports ............................................................................ 427

5.26.3.3 Adding a Router Port ........................................................................................ 428

xxiv

RUGGEDCOM ROX II

CLI User Guide

5.27 Managing VRRP ..................................................................................................................... 432

Table of Contents

5.26.3.4 Deleting a Router Port ....................................................................................... 428

5.26.4 Managing the Static Multicast Group Table .................................................................... 428

5.26.4.1 Viewing a List of Static Multicast Group Entries ................................................... 429

5.26.4.2 Adding a Static Multicast Group Entry ................................................................ 429

5.26.4.3 Deleting a Static Multicast Group Entry ............................................................... 429

5.26.5 Managing Egress Ports for Multicast Groups ................................................................. 430

5.26.5.1 Viewing a List of Egress Ports ........................................................................... 430

5.26.5.2 Adding an Egress Port ...................................................................................... 430

5.26.5.3 Deleting an Egress Port .................................................................................... 431

5.26.6 Viewing a Summary of Multicast Groups ....................................................................... 431

5.26.7 Viewing a List of IP Multicast Groups ............................................................................ 432

5.27.1 VRRP Concepts .......................................................................................................... 433

5.27.1.1 Static Routing vs. VRRP .................................................................................... 433

5.27.1.2 VRRP Terminology ............................................................................................ 434

5.27.2 Viewing the Status of VRRP ......................................................................................... 436

5.27.3 Enabling/Disabling VRRP ............................................................................................. 437

5.27.4 Managing VRRP Trackers ............................................................................................ 437

5.27.4.1 Viewing a List of VRRP Trackers ....................................................................... 438

5.27.4.2 Adding a VRRP Tracker .................................................................................... 438

5.27.4.3 Deleting a VRRP Tracker .................................................................................. 439

5.27.5 Managing VRRP Groups .............................................................................................. 439

5.27.5.1 Viewing a List of VRRP Groups ......................................................................... 439

5.27.5.2 Adding a VRRP Group ...................................................................................... 440

5.27.5.3 Deleting a VRRP Group .................................................................................... 440

5.27.6 Managing VRRP Instances ........................................................................................... 440

5.27.6.1 Viewing a List of VRRP Instances ...................................................................... 441

5.27.6.2 Adding a VRRP Instance ................................................................................... 441

5.27.6.3 Deleting a VRRP Instance ................................................................................. 443

5.27.7 Managing VRRP Monitors ............................................................................................ 443

5.27.7.1 Viewing a List of VRRP Monitors ....................................................................... 443

5.27.7.2 Adding a VRRP Monitor .................................................................................... 444

5.27.7.3 Deleting a VRRP Monitor ................................................................................... 444

5.27.8 Managing Track Scripts ................................................................................................ 444

5.27.8.1 Viewing a List of Track Scripts ........................................................................... 445

5.27.8.2 Adding a Track Script ........................................................................................ 445

5.27.8.3 Deleting a Track Script ...................................................................................... 446

5.27.9 Managing Virtual IP Addresses ..................................................................................... 446

5.27.9.1 Viewing a List of Virtual IP Addresses ................................................................ 446

5.27.9.2 Adding a Virtual IP Address ............................................................................... 447

xxv

Table of Contents

5.28 Managing Link Failover Protection ........................................................................................... 447

5.29 Managing IPsec Tunnels ......................................................................................................... 456

RUGGEDCOM ROX II

CLI User Guide

5.27.9.3 Deleting a Virtual IP Address ............................................................................. 447

5.28.1 Viewing the Link Failover Log ....................................................................................... 448

5.28.2 Viewing the Link Failover Status ................................................................................... 449

5.28.3 Managing Link Failover Parameters .............................................................................. 449

5.28.3.1 Viewing a List of Link Failover Parameters .......................................................... 449

5.28.3.2 Adding a Link Failover Parameter ...................................................................... 450

5.28.3.3 Deleting a Link Failover Parameter ..................................................................... 451

5.28.4 Managing Link Failover Backup Interfaces ..................................................................... 451

5.28.4.1 Viewing a List of Link Failover Backup Interfaces ................................................ 451

5.28.4.2 Adding a Link Failover Backup Interface ............................................................. 452

5.28.4.3 Deleting a Link Failover Backup Interface ........................................................... 453

5.28.5 Managing Link Failover Ping Targets ............................................................................. 453

5.28.5.1 Viewing a List of Link Failover Ping Targets ........................................................ 454

5.28.5.2 Adding a Link Failover Ping Target ..................................................................... 454

5.28.5.3 Deleting a Link Failover Ping target .................................................................... 455

5.28.6 Testing Link Failover .................................................................................................... 455

5.28.7 Canceling a Link Failover Test ...................................................................................... 455

5.29.1 IPsec Tunneling Concepts ............................................................................................ 456

5.29.1.1 IPsec Modes ..................................................................................................... 457

5.29.1.2 Supported Encryption Protocols ......................................................................... 457

5.29.1.3 Public and Secret Key Cryptography .................................................................. 457

5.29.1.4 X509 Certificates ............................................................................................... 458

5.29.1.5 NAT Traversal ................................................................................................... 458

5.29.1.6 Remote IPsec Client Support ............................................................................. 458

5.29.1.7 IPsec and Router Interfaces ............................................................................... 459

5.29.2 Configuring IPsec Tunnels ............................................................................................ 459

5.29.3 Configuring Certificates and Keys ................................................................................. 460

5.29.4 Viewing the IPsec Tunnel Status ................................................................................... 460

5.29.5 Managing Pre-Shared Keys .......................................................................................... 462

5.29.5.1 Viewing a List of Pre-Shared Keys ..................................................................... 462

5.29.5.2 Adding a Pre-Shared Key .................................................................................. 462

5.29.5.3 Deleting a Pre-Shared Key ................................................................................ 463

5.29.6 Managing Connections ................................................................................................. 463

5.29.6.1 Viewing a List of Connections ............................................................................ 463

5.29.6.2 Adding a Connection ......................................................................................... 464

5.29.6.3 Configuring Dead Peer Detection ....................................................................... 466

5.29.6.4 Deleting a Connection ....................................................................................... 467

5.29.7 Managing the Internet Key Exchange (IKE) Protocol ...................................................... 467

xxvi

RUGGEDCOM ROX II

CLI User Guide

5.30 Managing 6in4 and 4in6 Tunnels ............................................................................................. 474

5.31 Managing Layer 2 Tunnels ...................................................................................................... 476

Table of Contents

5.29.7.1 Viewing a List of IKE Algorithms ........................................................................ 467

5.29.7.2 Adding an IKE Algorithm ................................................................................... 468

5.29.7.3 Deleting an IKE Algorithm .................................................................................. 468

5.29.8 Managing the Encapsulated Security Payload (ESP) Protocol ......................................... 468

5.29.8.1 Configuring ESP Encryption ............................................................................... 469

5.29.8.2 Viewing a List of ESP Algorithms ....................................................................... 469

5.29.8.3 Adding ESP Algorithms ..................................................................................... 469

5.29.8.4 Deleting ESP Algorithms ................................................................................... 470

5.29.9 Configuring the Connection Ends .................................................................................. 470

5.29.10 Managing Private Subnets .......................................................................................... 472

5.29.10.1 Configuring Private Subnets for Connection Ends .............................................. 472

5.29.10.2 Viewing a List of Addresses for Private Subnets ................................................ 473

5.29.10.3 Adding an Address for a Private Subnet ........................................................... 473

5.29.10.4 Deleting an Address for a Private Subnet .......................................................... 473

5.30.1 Enabling/Disabling 6in4 or 4in6 Tunnels ........................................................................ 474

5.30.2 Viewing a List of 6in4 or 4in6 Tunnels ........................................................................... 474

5.30.3 Viewing the Status of 6in4/4in6 Tunnels ........................................................................ 475

5.30.4 Adding a 6in4 or 4in6 Tunnel ....................................................................................... 475

5.30.5 Deleting a 6in4 or 4in6 Tunnel ...................................................................................... 475

5.31.1 Viewing the Round Trip Time Statistics ......................................................................... 476

5.31.2 Configuring L2TP Tunnels ............................................................................................ 477

5.31.3 Configuring L2TPv3 Tunnels ......................................................................................... 478

5.31.4 Configuring the Layer 2 Tunnel Daemon ....................................................................... 480

5.31.5 Managing GOOSE Tunnels .......................................................................................... 481

5.31.5.1 Viewing the GOOSE Tunnel Statistics ................................................................ 482

5.31.5.2 Viewing a List of GOOSE Tunnels ...................................................................... 483

5.31.5.3 Adding a GOOSE Tunnel .................................................................................. 483

5.31.5.4 Deleting a GOOSE Tunnel ................................................................................. 483

5.31.6 Managing Remote Daemons for GOOSE Tunnels .......................................................... 484

5.31.6.1 Viewing a List of Remote Daemons .................................................................... 484

5.31.6.2 Adding a Remote Daemon ................................................................................ 484

5.31.6.3 Deleting a Remote Daemon ............................................................................... 485

5.31.7 Managing Generic Tunnels ........................................................................................... 485

5.31.7.1 Viewing the Generic Tunnel Statistics ................................................................. 485

5.31.7.2 Viewing a List of Generic Tunnels ...................................................................... 486

5.31.7.3 Adding a Generic Tunnel ................................................................................... 486

5.31.7.4 Deleting a Generic Tunnel ................................................................................. 487

5.31.8 Managing Remote Daemon IP Addresses for Generic Tunnels ........................................ 487

xxvii

Table of Contents

5.32 Managing Generic Routing Encapsulation Tunnels ................................................................... 491

5.33 Managing Layer 3 Switching ................................................................................................... 494

5.34 Managing Classes of Service .................................................................................................. 504

RUGGEDCOM ROX II

CLI User Guide

5.31.8.1 Viewing a List of IP Addresses ........................................................................... 488

5.31.8.2 Adding an IP Address ....................................................................................... 488

5.31.8.3 Deleting an IP Address ...................................................................................... 488

5.31.9 Managing Remote Daemon Egress Interfaces for Generic Tunnels .................................. 489

5.31.9.1 Viewing a List of Egress Interfaces ..................................................................... 489

5.31.9.2 Adding an Egress Interface ................................................................................ 489

5.31.9.3 Deleting an Egress Interface .............................................................................. 490

5.31.10 Managing Ethernet Types for Generic Tunnels ............................................................. 490

5.31.10.1 Viewing a List of Ethernet Types ...................................................................... 490

5.31.10.2 Adding an Ethernet Type ................................................................................. 490

5.31.10.3 Deleting an Ethernet Type ............................................................................... 491

5.32.1 Viewing Statistics for GRE Tunnels ............................................................................... 492

5.32.2 Viewing a List of GRE Tunnels ..................................................................................... 493

5.32.3 Adding a GRE Tunnel .................................................................................................. 493

5.32.4 Deleting a GRE Tunnel ................................................................................................ 494

5.33.1 Layer 3 Switching Concepts ......................................................................................... 496

5.33.1.1 Layer 3 Switch Forwarding Table ....................................................................... 496

5.33.1.2 Static Layer 3 Switching Rules ........................................................................... 496

5.33.1.3 Dynamic Learning of Layer 3 Switching Rules ..................................................... 497

5.33.1.4 Layer 3 Switch ARP Table ................................................................................. 497

5.33.1.5 Multicast Cross-VLAN Layer 2 Switching ............................................................ 498

5.33.1.6 Size of the Layer 3 Switch Forwarding Table ....................................................... 498

5.33.1.7 Interaction with the Firewall ............................................................................... 498

5.33.2 Configuring Layer 3 Switching ...................................................................................... 499

5.33.3 Managing Static ARP Table Entries ............................................................................... 500

5.33.3.1 Viewing a List of ARP Table Entries ................................................................... 500

5.33.3.2 Adding a Static ARP Table Entry ........................................................................ 501

5.33.3.3 Deleting a Static ARP Table Entry ...................................................................... 501

5.33.4 Viewing a Static and Dynamic ARP Table Summary ....................................................... 502

5.33.5 Viewing Routing Rules ................................................................................................. 502

5.33.6 Flushing Dynamic Hardware Routing Rules ................................................................... 504

5.34.1 Configuring Classes of Service ..................................................................................... 505

5.34.2 Managing Priority-to-CoS Mapping ................................................................................ 506

5.34.2.1 Viewing a List of Priority-to-CoS Mapping Entries ................................................ 506

5.34.2.2 Adding a Priority-to-CoS Mapping Entry .............................................................. 506

5.34.2.3 Deleting a Priority-to-CoS Mapping Entry ............................................................ 507

5.34.3 Managing DSCP-to-CoS Mapping ................................................................................. 507

xxviii

RUGGEDCOM ROX II

CLI User Guide

5.35 Managing MAC Addresses ...................................................................................................... 509

5.36 Managing Spanning Tree Protocol ........................................................................................... 512

Table of Contents

5.34.3.1 Viewing a List of DSCP-to-CoS Mapping Entries ................................................. 508

5.34.3.2 Adding a DSCP-to-CoS Mapping Entry ............................................................... 508

5.34.3.3 Deleting a DSCP-to-CoS Mapping Entry ............................................................. 508

5.35.1 Viewing a Dynamic List of MAC Addresses ................................................................... 509

5.35.2 Purging the Dynamic MAC Address List ........................................................................ 510

5.35.3 Configuring MAC Address Learning Options .................................................................. 510

5.35.4 Managing Static MAC Addresses .................................................................................. 511

5.35.4.1 Viewing a List of Static MAC Addresses ............................................................. 511

5.35.4.2 Adding a Static MAC Address ............................................................................ 511

5.35.4.3 Deleting a Static MAC Address .......................................................................... 512

5.36.1 RSTP Operation .......................................................................................................... 513

5.36.1.1 RSTP States and Roles .................................................................................... 513

5.36.1.2 Edge Ports ....................................................................................................... 515

5.36.1.3 Point-to-Point and Multipoint Links ..................................................................... 516

5.36.1.4 Path and Port Costs .......................................................................................... 516

5.36.1.5 Bridge Diameter ................................................................................................ 517

5.36.1.6 eRSTP ............................................................................................................. 517

5.36.1.7 Fast Root Failover ............................................................................................. 518

5.36.2 RSTP Applications ....................................................................................................... 518

5.36.2.1 RSTP in Structured Wiring Configurations ........................................................... 519

5.36.2.2 RSTP in Ring Backbone Configurations .............................................................. 520

5.36.2.3 RSTP Port Redundancy .................................................................................... 522

5.36.3 MSTP Operation .......................................................................................................... 522

5.36.3.1 MSTP Regions and Interoperability .................................................................... 523

5.36.3.2 MSTP Bridge and Port Roles ............................................................................. 524

5.36.3.3 Benefits of MSTP .............................................................................................. 525

5.36.3.4 Implementing MSTP on a Bridged Network ......................................................... 526

5.36.4 Configuring STP Globally ............................................................................................. 526

5.36.5 Configuring STP for Switched Ethernet Ports and Ethernet Trunk Interfaces ..................... 529

5.36.6 Managing Multiple Spanning Tree Instances Globally ..................................................... 530

5.36.6.1 Viewing Statistics for Multiple Spanning Tree Instances ....................................... 531

5.36.6.2 Viewing a List of Multiple Spanning Tree Instances .............................................. 532

5.36.6.3 Adding a Multiple Spanning Tree Instance .......................................................... 532

5.36.6.4 Deleting a Multiple Spanning Tree Instance ........................................................ 533

5.36.7 Managing Multiple Spanning Tree Instances Per-Port ..................................................... 533

5.36.7.1 Viewing Per-Port Multiple Spanning Tree Instance Statistics ................................. 534

5.36.7.2 Viewing a List of Per-Port Multiple Spanning Tree Instances ................................. 535

5.36.7.3 Adding a Port-Specific Multiple Spanning Tree Instance ....................................... 536

xxix

Table of Contents

5.37 Managing VLANs .................................................................................................................... 541

RUGGEDCOM ROX II

CLI User Guide

5.36.7.4 Deleting a Port-Specific Multiple Spanning Tree Instances ................................... 537

5.36.8 Viewing the Status of RSTP ......................................................................................... 538

5.36.9 Viewing RSTP Per-Port Statistics .................................................................................. 539

5.36.10 Clearing Spanning Tree Protocol Statistics .................................................................. 541

5.37.1 VLAN Concepts ........................................................................................................... 542

5.37.1.1 Tagged vs. Untagged Frames ............................................................................ 542

5.37.1.2 Native VLAN ..................................................................................................... 542

5.37.1.3 Edge and Trunk Port Types ............................................................................... 542

5.37.1.4 Ingress and Egress Rules .................................................................................. 543

5.37.1.5 Forbidden Ports List .......................................................................................... 544

5.37.1.6 VLAN-Aware Mode of Operation ........................................................................ 544

5.37.1.7 GARP VLAN Registration Protocol (GVRP) ......................................................... 544

5.37.1.8 PVLAN Edge .................................................................................................... 546

5.37.1.9 VLAN Advantages ............................................................................................. 546

5.37.2 Configuring the Internal VLAN Range ............................................................................ 548

5.37.3 Managing VLANs for Switched Ethernet Ports ............................................................... 549

5.37.3.1 Viewing VLAN Assignments for Switched Ethernet Ports ...................................... 549

5.37.3.2 Configuring VLANs for Switch Ethernet Ports ...................................................... 550

5.37.4 Managing Static VLANs ............................................................................................... 551

5.37.4.1 Viewing a List of Static VLANs ........................................................................... 551

5.37.4.2 Adding a Static VLAN ........................................................................................ 551

5.37.4.3 Deleting a Static VLAN ...................................................................................... 552

5.37.5 Managing Forbidden Ports ........................................................................................... 552

5.37.5.1 Viewing a List of Forbidden Ports ....................................................................... 552

5.37.5.2 Adding a Forbidden Port .................................................................................... 553

5.37.5.3 Deleting a Forbidden Port .................................................................................. 553

5.37.6 Managing VLANs for HDLC-ETH Connections ............................................................... 553

5.37.6.1 Viewing a List of HDLC-ETH VLANs .................................................................. 554

5.37.6.2 Adding an HDLC-ETH VLAN ............................................................................. 554

5.37.6.3 Deleting an HDLC-ETH VLAN ............................................................................ 555

5.37.7 Managing VLANs for Virtual Switches ........................................................................... 555

5.37.7.1 Viewing a List of Virtual Switch VLANs ............................................................... 556

5.37.7.2 Adding a Virtual Switch VLAN ............................................................................ 556

5.37.7.3 Deleting a Virtual Switch VLAN .......................................................................... 556

5.37.8 Managing VLANs for Routable-Only Ethernet Ports ........................................................ 557

5.37.8.1 Viewing a List of VLANs for Routable Ethernet Ports ........................................... 557

5.37.8.2 Viewing a List of VLANs for T1/E1 Lines ............................................................ 558

5.37.8.3 Adding a VLAN to a Routable Ethernet Port ........................................................ 558

5.37.8.4 Adding a VLAN to a T1/E1 Line ......................................................................... 559

xxx

RUGGEDCOM ROX II

CLI User Guide

5.38 Managing Network Discovery and LLDP .................................................................................. 560

5.39 Managing Traffic Control ......................................................................................................... 566

5.40 Managing IP Addresses for Routable Interfaces ....................................................................... 591

Table of Contents

5.37.8.5 Deleting a VLAN for a Routable Ethernet Port ..................................................... 559

5.37.8.6 Deleting a VLAN for a T1/E1 Line ...................................................................... 560

5.38.1 Configuring LLDP ........................................................................................................ 561

5.38.2 Viewing Global Statistics and Advertised System Information .......................................... 562

5.38.3 Viewing Statistics for LLDP Neighbors ........................................................................... 563

5.38.4 Viewing Statistics for LLDP Ports .................................................................................. 565

5.39.1 Enabling and Configuring Traffic Control ........................................................................ 567

5.39.2 Managing Traffic Control Interfaces ............................................................................... 568

5.39.2.1 Viewing a List of Traffic Control Interfaces .......................................................... 568

5.39.2.2 Adding a Traffic Control Interface ....................................................................... 569

5.39.2.3 Deleting a Traffic Control Interface ..................................................................... 570

5.39.3 Managing Traffic Control Priorities ................................................................................ 570

5.39.3.1 Viewing a List of Traffic Control Priorities ............................................................ 570

5.39.3.2 Adding a Traffic Control Priority .......................................................................... 571

5.39.3.3 Deleting a Traffic Control Priority ........................................................................ 572

5.39.4 Managing Traffic Control Classes .................................................................................. 572

5.39.4.1 Viewing a List of Traffic Control Classes ............................................................. 573

5.39.4.2 Adding a Traffic Control Class ............................................................................ 573

5.39.4.3 Deleting a Traffic Control Class .......................................................................... 575

5.39.5 Managing Traffic Control Devices .................................................................................. 575

5.39.5.1 Viewing a List of Traffic Control Devices ............................................................. 576

5.39.5.2 Adding a Traffic Control Device .......................................................................... 576

5.39.5.3 Deleting a Traffic Control Device ........................................................................ 577

5.39.6 Managing Traffic Control Rules ..................................................................................... 577

5.39.6.1 Viewing a List of Traffic Control Rules ................................................................ 578

5.39.6.2 Adding a Traffic Control Rule ............................................................................. 578

5.39.6.3 Configuring QoS Marking ................................................................................... 579

5.39.6.4 Deleting aTraffic Control Rule ............................................................................ 583

5.39.7 Managing QoS Mapping for VLANs .............................................................................. 583

5.39.7.1 Viewing a List of QoS Maps .............................................................................. 583

5.39.7.2 Adding a QoS Map ........................................................................................... 584

5.39.7.3 Deleting a QoS Map .......................................................................................... 585

5.39.8 Managing Egress Markers for QoS Maps ...................................................................... 586

5.39.8.1 Viewing a List of Egress Marks .......................................................................... 587

5.39.8.2 Adding an Egress Mark ..................................................................................... 588

5.39.8.3 Deleting an Egress Mark ................................................................................... 589

5.39.9 Viewing QoS Statistics ................................................................................................. 590

xxxi

Table of Contents

5.41 Managing MPLS ..................................................................................................................... 598

RUGGEDCOM ROX II

CLI User Guide

5.40.1 Configuring Costing for Routable Interfaces ................................................................... 591

5.40.2 Viewing Statistics for Routable Interfaces ...................................................................... 591

5.40.3 Managing IPv4 Addresses ............................................................................................ 592

5.40.3.1 Viewing a List of IPv4 Addresses ....................................................................... 592

5.40.3.2 Adding an IPv4 Address .................................................................................... 593

5.40.3.3 Deleting an IPv4 Address .................................................................................. 593

5.40.4 Configuring IPv6 Neighbor Discovery ............................................................................ 594

5.40.5 Managing IPv6 Network Prefixes .................................................................................. 596

5.40.5.1 Adding an IPv6 Network Prefix .......................................................................... 596

5.40.5.2 Deleting an IPv6 Network Prefix ......................................................................... 597

5.40.6 Managing IPv6 Addresses ............................................................................................ 597

5.40.6.1 Viewing a List of IPv6 Addresses ....................................................................... 597

5.40.6.2 Adding an IPv6 Address .................................................................................... 598

5.40.6.3 Deleting an IPv6 Address .................................................................................. 598

5.41.1 Viewing the Status of IP Binding ................................................................................... 599

5.41.2 Viewing the Status of the Forwarding Table ................................................................... 599

5.41.3 Enabling/Disabling MPLS Routing ................................................................................. 600

5.41.4 Managing the MPLS Interfaces ..................................................................................... 600

5.41.4.1 Viewing the Status of MPLS Interfaces ............................................................... 601

5.41.4.2 Viewing a List of MPLS Interfaces ...................................................................... 601

5.41.4.3 Enabling/Disabling an MPLS Interface ................................................................ 602

5.41.5 Managing Static Label Binding ...................................................................................... 602

5.41.5.1 Viewing the Status of Static Label Binding .......................................................... 602

5.41.5.2 Viewing a List of Static Labels ........................................................................... 603

5.41.5.3 Adding a Static Label ........................................................................................ 603

5.41.5.4 Deleting a Static Label ...................................................................................... 604

5.41.6 Managing Static Cross-Connects .................................................................................. 604

5.41.6.1 Viewing the Status of Static Cross-Connects ....................................................... 605

5.41.6.2 Viewing a List of Static Cross-Connects .............................................................. 605

5.41.6.3 Adding a Static Cross-Connect .......................................................................... 606

5.41.6.4 Deleting a Static Cross-Connect ......................................................................... 606

5.41.7 Managing LDP ............................................................................................................. 607

5.41.7.1 Viewing the Status of LDP Binding ..................................................................... 607

5.41.7.2 Viewing the Status of the LDP Discovery Interfaces ............................................. 608

5.41.7.3 Viewing the Status of the LDP Neighbor Local Node Information ........................... 609

5.41.7.4 Viewing the Status of the LDP Neighbor Connection Information ........................... 609

5.41.7.5 Viewing the Status of the LDP Neighbor Discovery Information ............................. 610

5.41.7.6 Configuring LDP ................................................................................................ 611

5.41.7.7 Configuring Neighbor Discovery ......................................................................... 611

xxxii

RUGGEDCOM ROX II

CLI User Guide

5.42 Managing the RUGGEDCOM CROSSBOW Application ............................................................ 613

5.43 Managing the RUGGEDCOM ELAN Application ....................................................................... 617

Table of Contents

5.41.7.8 Viewing a List of LDP Interfaces ........................................................................ 612

5.41.7.9 Enabling/Disabling an LDP Interface ................................................................... 612

5.42.1 Enabling/Disabling CROSSBOW ................................................................................... 613

5.42.2 Configuring the Client Connection ................................................................................. 613

5.42.3 Configuring the SAC Connection .................................................................................. 614

5.42.4 Configuring CROSSBOW Certificates and Private Keys .................................................. 614

5.42.5 Managing CROSSBOW CA Certificate Lists .................................................................. 615

5.42.5.1 Viewing a List of RUGGEDCOM CROSSBOW Certificate Lists ............................. 615

5.42.5.2 Adding a CA Certificate List ............................................................................... 615

5.42.5.3 Deleting a CA Certificate List ............................................................................. 616

5.42.6 Viewing the Status of RUGGEDCOM CROSSBOW ........................................................ 616

5.42.7 Viewing the RUGGEDCOM CROSSBOW Log ............................................................... 616

5.43.1 Configuring RUGGEDCOM ELAN ................................................................................. 617

5.43.2 Configuring Certificates and Private Keys ...................................................................... 618

5.43.3 Managing eLAN Addresses .......................................................................................... 618

5.43.3.1 Viewing a List of Network Addresses .................................................................. 619

5.43.3.2 Adding a Network Address ................................................................................ 619

5.43.3.3 Deleting a Network Address ............................................................................... 619

5.43.4 Managing CA Certificate Lists ....................................................................................... 620

5.43.4.1 Viewing a List of RUGGEDCOM ELAN CA Certificate Lists .................................. 620

5.43.4.2 Adding a CA Certificate List ............................................................................... 620

5.43.4.3 Deleting a CA Certificate List ............................................................................. 620

5.43.5 Enabling/Disabling RUGGEDCOM ELAN ....................................................................... 621

Chapter 6

Troubleshooting ................................................................................................ 623

6.1 Feature Keys ........................................................................................................................... 623

6.2 Ethernet Ports .......................................................................................................................... 623

6.3 Multicast Filtering ..................................................................................................................... 624

6.4 Spanning Tree ......................................................................................................................... 625

6.5 VLANs ..................................................................................................................................... 626

xxxiii

Table of Contents

RUGGEDCOM ROX II

CLI User Guide

xxxiv

RUGGEDCOM ROX II

CLI User Guide

Preface

This guide describes the CLI user interface for RUGGEDCOM ROX II v2.9 running on the RUGGEDCOM
RX1500/RX1501/RX1510/RX1511/RX1512. It contains instructions and guidelines on how to use the software, as
well as some general theory.

It is intended for use by network technical support personnel who are familiar with the operation of networks. It is
also recommended for use by network and system planners, system programmers, and line technicians.

Conventions

This CLI User Guide uses the following conventions to present information clearly and effectively.

Alerts

Preface

The following types of alerts are used when necessary to highlight important information.

DANGER!

DANGER alerts describe imminently hazardous situations that, if not avoided, will result in death or
serious injury.

WARNING!

WARNING alerts describe hazardous situations that, if not avoided, may result in serious injury and/or
equipment damage.

CAUTION!

CAUTION alerts describe hazardous situations that, if not avoided, may result in equipment damage.

IMPORTANT!

IMPORTANT alerts provide important information that should be known before performing a procedure
or step, or using a feature.

NOTE

NOTE alerts provide additional information, such as facts, tips and details.

CLI Command Syntax

The syntax of commands used in a Command Line Interface (CLI) is described according to the following
conventions:

Conventions xxxv

Preface

Example Description

RUGGEDCOM ROX II

CLI User Guide

command

command parameter

command parameter1 parameter2

command parameter1 parameter2

command [ parameter1 | parameter2 ]

command { parameter3 | parameter4 }

command parameter1 parameter2 { parameter3 |

parameter4 }

Related Documents

Other documents that may be of interest include:

• RUGGEDCOM RX1500 Installation Guide

• RUGGEDCOM RX1500 Data Sheet

Commands are in bold.

Parameters are in plain text.

Parameters are listed in the order they must be entered.

Parameters in italics must be replaced with a user-defined value.

Alternative parameters are separated by a vertical bar (|).

Square brackets indicate a required choice between two or more
parameters.

Curly brackets indicate an optional parameter(s).

All commands and parameters are presented in the order they must
be entered.

System Requirements

Each workstation used to connect to the RUGGEDCOM ROX II Rugged CLI interface must meet the following
system requirements:

• Must have a working Ethernet interface compatible with at least one of the port types on the RUGGEDCOM
RX1500

• The ability to configure an IP address and netmask on the computer’s Ethernet interface

• A suitable Ethernet cable

• An SSH client application installed on a computer

Accessing Documentation

The latest user documentation for RUGGEDCOM ROX II v2.9 is available online at

www.siemens.com/ruggedcom. To request or inquire about a user document, contact Siemens Customer

Support.

xxxvi Related Documents

RUGGEDCOM ROX II

CLI User Guide

License Conditions

RUGGEDCOM ROX II contains open source software. Read the license conditions for open source software
carefully before using this product.

License conditions are detailed in a separate document accessible via RUGGEDCOM ROX II. To access the
license conditions, log in to the RUGGEDCOM ROX II CLI and type the following command:

file show-license LicenseSummary.txt

Training

Siemens offers a wide range of educational services ranging from in-house training of standard courses on
networking, Ethernet switches and routers, to on-site customized courses tailored to the customer's needs,
experience and application.

Siemens' Educational Services team thrives on providing our customers with the essential practical skills to make
sure users have the right knowledge and expertise to understand the various technologies associated with critical
communications network infrastructure technologies.

Siemens' unique mix of IT/Telecommunications expertise combined with domain knowledge in the utility,
transportation and industrial markets, allows Siemens to provide training specific to the customer's application.

For more information about training services and course availability, visit www.siemens.com/ruggedcom or
contact a Siemens sales representative.

Preface

Customer Support

Customer support is available 24 hours, 7 days a week for all Siemens customers. For technical support or
general information, contact Siemens Customer Support through any of the following methods:

Online

Visit http://www.siemens.com/automation/support-request to submit a Support Request (SR) or check
on the status of an existing SR.

Telephone

Call a local hotline center to submit a Support Request (SR). To locate a local hotline center, visit

http://www.automation.siemens.com/mcms/aspa-db/en/automation-technology/Pages/default.aspx.

Mobile App

Install the Industry Online Support app by Siemens AG on any Android, Apple iOS or Windows mobile
device and be able to:

• Access Siemens' extensive library of support documentation, including FAQs and manuals

• Submit SRs or check on the status of an existing SR

• Contact a local Siemens representative from Sales, Technical Support, Training, etc.

• Ask questions or share knowledge with fellow Siemens customers and the support community

License Conditions xxxvii

RUGGEDCOM ROX II

CLI User Guide

Preface

Customer Support xxxviii

RUGGEDCOM ROX II

CLI User Guide

Introduction

Welcome to the RUGGEDCOM ROX II (Rugged Operating System on Linux®) v2.9 CLI User Guide for the
RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512. This document details how to configure the RX1500
via the RUGGEDCOM ROX II Command Line Interface (CLI). RUGGEDCOM ROX II also features a Web
interface, which is described in a separate CLI User Guide.

IMPORTANT!

This CLI User Guide describes all features of RUGGEDCOM ROX II, but some features can only
be configured through the Web interface. This is indicated throughout the CLI User Guide where
applicable.

The following sections provide more detail about RUGGEDCOM ROX II:

• Section 1.1, “Features and Benefits”

• Section 1.2, “Feature Keys”

• Section 1.3, “Security Recommendations”

Chapter 1

Introduction

• Section 1.4, “Available Services by Port”

• Section 1.5, “User Permissions”

Section 1.1

Features and Benefits

Feature support in RUGGEDCOM ROX II is driven by feature keys that unlock feature levels. For more
information about feature keys, refer to Section 1.2, “Feature Keys”.

The following describes the many features available in RUGGEDCOM ROX II and their benefits:

• Cyber Security
Cyber security is an urgent issue in many industries where advanced automation and communications
networks play a crucial role in mission critical applications and where high reliability is of paramount
importance. Key RUGGEDCOM ROX II features that address security issues at the local area network level
include:

Passwords Multi-level user passwords secures against unauthorized configuration

SSH/SSL Extends capability of password protection to add encryption of passwords and data as

Enable/Disable Ports Capability to disable ports so that traffic cannot pass

802.1Q VLAN Provides the ability to logically segregate traffic between predefined ports on switches

they cross the network

SNMPv3 Encrypted authentication and access security

HTTPS For secure access to the Web interface

Firewall Integrated stateful firewall provides protected network zones

VPN/IPSEC Allows creation of secure encrypted and authenticated tunnels

Features and Benefits 1

Chapter 1

Introduction

• Enhanced Rapid Spanning Tree Protocol (eRSTP)™
Siemens's eRSTP allows the creation of fault-tolerant ring and mesh Ethernet networks that incorporate
redundant links that are pruned to prevent loops. eRSTP implements both STP and RSTP to promote
interoperability with commercial switches, unlike other proprietary ring solutions. The fast root failover feature of
eRSTP provides quick network convergence in case of an RSTP root bridge failure in a mesh topology.

• Quality of Service (IEEE 802.1p)
Some networking applications such as real-time control or VoIP (Voice over IP) require predictable arrival
times for Ethernet frames. Switches can introduce latency in times of heavy network traffic due to the internal
queues that buffer frames and then transmit on a first come first serve basis. RUGGEDCOM ROX II supports
Class of Service, which allows time critical traffic to jump to the front of the queue, thus minimizing latency and
reducing jitter to allow such demanding applications to operate correctly. RUGGEDCOM ROX II allows priority
classification by port, tags, MAC address, and IP Type of Service (ToS). A configurable weighted fair queuing
algorithm controls how frames are emptied from the queues.

• VLAN (IEEE 802.1Q)
Virtual Local Area Networks (VLAN) allow the segregation of a physical network into separate logical networks
with independent broadcast domains. A measure of security is provided since hosts can only access other
hosts on the same VLAN and traffic storms are isolated. RUGGEDCOM ROX II supports 802.1Q tagged
Ethernet frames and VLAN trunks. Port based classification allows legacy devices to be assigned to the correct
VLAN. GVRP support is also provided to simplify the configuration of the switches on the VLAN.

• Simple Network Management Protocol (SNMP)
SNMP provides a standardized method, for network management stations, to interrogate devices from different
vendors. SNMP versions supported by RUGGEDCOM ROX II are v1, v2c and v3. SNMPv3 in particular
provides security features (such as authentication, privacy, and access control) not present in earlier SNMP
versions. RUGGEDCOM ROX II also supports numerous standard MIBs (Management Information Base)
allowing for easy integration with any Network Management System (NMS). A feature of SNMP supported by
RUGGEDCOM ROX II is the ability to generate traps upon system events. RUGGEDCOM NMS, the Siemens
management solution, can record traps from multiple devices providing a powerful network troubleshooting
tool. It also provides a graphical visualization of the network and is fully integrated with all Siemens products.

• Remote Monitoring and Configuration with RUGGEDCOM NMS
RUGGEDCOM NMS (RNMS) is Siemens's Network Management System software for the discovery,
monitoring and management of RUGGEDCOM products and other IP enabled devices on a network. This
highly configurable, full-featured product records and reports on the availability and performance of network
components and services. Device, network and service failures are quickly detected and reported to reduce
downtime.

RNMS is especially suited for remotely monitoring and configuring RUGGEDCOM routers, switches,
serial servers and WiMAX wireless network equipment. For more information, contact a Siemens Sales
representative.

• NETCONF Configuration Interface
The NETCONF configuration interface allows administrators to set device parameters and receive device
updates through the use of XML-based commands. This standard, supported by multiple vendors, makes it
possible to greatly simplify the task of network management.

For more information about how to use NETCONF to configure RUGGEDCOM ROX II,
refer to the RUGGEDCOM RUGGEDCOM ROX II NETCONF Reference Guide available on

www.siemens.com/ruggedcom.

• NTP (Network Time Protocol)
NTP automatically synchronizes the internal clock of all RUGGEDCOM ROX II devices on the network. This
allows for correlation of time stamped events for troubleshooting.

RUGGEDCOM ROX II

CLI User Guide

2 Features and Benefits

RUGGEDCOM ROX II

CLI User Guide

• Port Rate Limiting
RUGGEDCOM ROX II supports configurable rate limiting per port to limit unicast and multicast traffic. This can
be essential to managing precious network bandwidth for service providers. It also provides edge security for
Denial of Service (DoS) attacks.

• Broadcast Storm Filtering
Broadcast storms wreak havoc on a network and can cause attached devices to malfunction. This could be
disastrous on a network with mission critical equipment. RUGGEDCOM ROX II limits this by filtering broadcast
frames with a user-defined threshold.

• Port Mirroring
RUGGEDCOM ROX II can be configured to duplicate all traffic on one port to a designated mirror port. When
combined with a network analyzer, this can be a powerful troubleshooting tool.

• Port Configuration and Status
RUGGEDCOM ROX II allows individual ports to be hard configured for speed, duplex, auto-negotiation, flow
control and more. This allows proper connection with devices that do not negotiate or have unusual settings.
Detailed status of ports with alarm and SNMP trap on link problems aid greatly in system troubleshooting.

• Port Statistics and RMON (Remote Monitoring)
RUGGEDCOM ROX II provides continuously updating statistics per port that provide both ingress and egress
packet and byte counters, as well as detailed error figures.

Also provided is full support for RMON statistics. RMON allows for very sophisticated data collection, analysis
and detection of traffic patterns.

• Event Logging and Alarms
RUGGEDCOM ROX II records all significant events to a non-volatile system log allowing forensic
troubleshooting. Events include link failure and recovery, unauthorized access, broadcast storm detection,
and self-test diagnostics among others. Alarms provide a snapshot of recent events that have yet to be
acknowledged by the network administrator. An external hardware relay is de-energized during the presence of
critical alarms, allowing an external controller to react if desired.

• HTML Web Browser User Interface
RUGGEDCOM ROX II provides a simple, intuitive user interface for configuration and monitoring via a
standard graphical Web browser or via a standard telecom user interface. All system parameters include
detailed online help to make setup a breeze. RUGGEDCOM ROX II presents a common look and feel and
standardized configuration process, allowing easy migration to other RUGGEDCOM managed products.

• Command Line Interface (CLI)
A command line interface used in conjunction with remote shell to automate data retrieval, configuration
updates, and firmware upgrades. A powerful Telecom Standard style Command Line Interface (CLI) allows
expert users the ability to selectively retrieve or manipulate any parameters the device has to offer.

• Link Backup
Link backup provides an easily configured means of raising a backup link upon the failure of a designated
main link. The main and backup links can be Ethernet, Cellular, T1/E1, DDS or T3. The feature can back up to
multiple remote locations, managing multiple main: backup link relationships. The feature can also back up a
permanent high speed WAN link to a permanent low speed WAN link and can be used to migrate the default
route from the main to the backup link.

• OSPF (Open Shortest Path First)
OSPF is a routing protocol that determines the best path for routing IP traffic over a TCP/IP network based on
link states between nodes and several quality parameters. OSPF is an Interior Gateway Protocol (IGP), which
is designed to work within an autonomous system. It is also a link state protocol, meaning the best route is
determined by the type and speed of the inter-router links, not by how many router hops they are away from
each other (as in distance-vector routing protocols such as RIP).

Chapter 1

Introduction

Features and Benefits 3

Chapter 1

Introduction

• BGP (Border Gateway Protocol)
BGPv4 is a path-vector routing protocol where routing decisions are made based on the policies or rules laid
out by the network administrator. It is typically used where networks are multi-homed between multiple Internet
Service Providers, or in very large internal networks where internal gateway protocols do not scale sufficiently.

• RIP (Routing Information Protocol)
RIP version 1 and version 2 are distance-vector routing protocols that limit the number of router hops to 15
when determining the best routing path. This protocol is typically used on small, self-contained networks, as
any router beyond 15 hops is considered unreachable.

• IS-IS (Intermediate System - Intermediate System)
IS-IS is one of a suite of routing protocols tasked with sharing routing information between routers. The job of
the router is to enable the efficient movement of data over sometimes complex networks. Routing protocols are
designed to share routing information across these networks and use sophisticated algorithms to decide the
shortest route for the information to travel from point A to point B. One of the first link-state routing protocols
was IS-IS developed in 1985 and adopted by the ISO in 1998 (ISO/IEC 10589:2002). It was later republished
as an IETF standard (RFC 1142 [http://tools.ietf.org/html/rfc1142]).

• Brute Force Attack Prevention
Protection against Brute Force Attacks (BFAs) is standard in RUGGEDCOM ROX II. If an external host fails
to log in to the CLI, NETCONF or Web interfaces after a fixed number of attempts, the host's IP address will
be blocked for a period of time. That period of time will increase if the host continues to fail on subsequent
attempts.

• USB Mass Storage
Use a removable USB Mass Storage drive to manage important files and configure RUGGEDCOM ROX II.

▪ Upgrade/Downgrade Firmware – Use the USB Mass Storage drive as a portable repository for new or legacy

versions of the RUGGEDCOM ROX II firmware.

▪ Backup Files – Configure RUGGEDCOM ROX II to backup important information to the USB Mass Storage

drive, such as rollbacks, log files, feature keys and configuration files.

▪ Share Files – Quickly configure or upgrade other RUGGEDCOM RX1500 devices by copying files using the

same microSD/microSDHC Flash drive.

RUGGEDCOM ROX II

CLI User Guide

IMPORTANT!

Do not remove the USB Mass Storage drive during a file transfer.

NOTE

Only one partition is supported on the USB Mass Storage drive.

NOTE

Only USB Mass Storage drives with one partition are supported.

• Hot Swapping Modules
Power Modules (PM) and Line Modules (LM) can be safely replaced with modules of exactly the same type
while the device is running, with minimal disruption to the network. The device only needs to be restarted after
swapping a module with a different type, such as an Ethernet module with a serial module.

Following a hot swap, the new module will be automatically configured to operate in the same operational state
as the previous module.

4 Features and Benefits

RUGGEDCOM ROX II

CLI User Guide

NOTE

A reboot is required if a module is installed in a slot that was empty when the device was started.

Section 1.2

Feature Keys

Feature keys add features to an existing installation of RUGGEDCOM ROX II. They can be purchased and
installed at any time.

Three feature keys are currently available: L2STD, L3STD and L3SEC. By default, each new RX1500/RX1501/
RX1510/RX1511/RX1512 is ordered with a base feature key, which is permanently installed on the device.
Additional feature keys can be installed on the compact flash card or placed on a USB Mass Storage device,
which allows them to be moved to other devices when needed.

NOTE

Each feature key is signed with the serial number of the device it is intended to be used in. Feature
keys can be used in other RUGGEDCOM ROX II devices, but a low-level alarm will be generated
indicating a hardware mismatch.

Chapter 1

Introduction

Feature keys include the following features:

Feature

VLANs (802.1Q)

QoS (802.1p)

MSTP (802.1Q-2005)

RSTP

eRSTP™

SNTP

L2TPv2 and L2TPv3

Port Rate Limiting

Broadcast Storm Filtering

Port Mirroring

SNMP v1/v2/v3

RMON

CLI

a

Feature Key

Layer 2 Standard

Edition (L2STD)

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

ü ü ü

Layer 3 Standard

Edition (L3STD)

Layer 3 Security

Edition (L3SEC)

HTML User Interface

MPLS

DHCP

ü ü ü

û ü ü

û ü ü

Feature Keys 5

Chapter 1

Introduction

Feature

Layer 2 Standard

Edition (L2STD)

Feature Key

Layer 3 Standard

Edition (L3STD)

RUGGEDCOM ROX II

CLI User Guide

Layer 3 Security

Edition (L3SEC)

VRRPv2 and VRRPv3

PIM-SM

Firewall

OSPF

BGP

RIP v1/v2

IS-IS

Traffic Prioritization

VPN

IPSec

Virtualization

a

Formerly 802.1s

û ü ü

û ü ü

û ü ü

û ü ü

û ü ü

û ü ü

û ü ü

û ü ü

û û ü

û û ü

ü ü ü

For information about installing and viewing the contents of feature keys, refer to Section 3.13, “Managing

Feature Keys”.

Section 1.3

Security Recommendations

To prevent unauthorized access to the device, note the following security recommendations:

Authentication

CAUTION!

Accessibility hazard – risk of data loss. Do not misplace the passwords for the device. If both the
maintenance and boot passwords are misplaced, the device must be returned to Siemens Canada Ltd.
for repair. This service is not covered under warranty. Depending on the action that must be taken to
regain access to the device, data may be lost.

• Replace the default passwords for all user accounts, access modes (e.g. maintenance mode) and processes
(where applicable) before the device is deployed.

• Use strong passwords. Avoid weak passwords such as password1, 123456789, abcdefgh, etc. For more
information about creating strong passwords, refer to the password requirements in Section 4.10, “Managing

Passwords and Passphrases”.

• Make sure passwords are protected and not shared with unauthorized personnel.

• Do not re-use passwords across different user names and systems, or after they expire.

• Record passwords in a safe, secure, off-line location for future retrieval should they be misplaced.

• When RADIUS authentication is done remotely, make sure all communications are within the security perimeter
or on a secure channel.

6 Security Recommendations

RUGGEDCOM ROX II

CLI User Guide

• PAP (Password Authentication Protocol) is not considered a secure protocol and should only be enabled when
required. Consider using CHAP (Challenge-Handshake Authentication Protocol) whenever possible.

Physical/Remote Access

• It is highly recommended to enable Brute Force Attack (BFA) protection to prevent a third-party from obtaining
unauthorized access to the device. For more information, refer to Section 5.6, “Enabling/Disabling Brute Force

Attack Protection”.

• SSH and SSL keys are accessible to users who connect to the device via the serial console. Make sure to take
appropriate precautions when shipping the device beyond the boundaries of the trusted environment:

▪ Replace the SSH and SSL keys with throwaway keys prior to shipping.

▪ Take the existing SSH and SSL keys out of service. When the device returns, create and program new keys

for the device.

• The default and auto-generated SSL certificates are self-signed. It is recommended to use an SSL certificate
that is either signed by a trusted third-party Certificate Authority (CA) or by an organization's own CA. For more
information, refer to Generating SSH Keys and SSL Certificates for ROS and ROX Using Windows [http://
w3.siemens.com/mcms/industrial-communication/Documents/AN22_Application-Note_EN.pdf].

• Restrict physical access to the device to only trusted personnel. A person with malicious intent in possession
of the flash card could extract critical information, such as certificates, keys, etc. (user passwords are protected
by hash codes), or reprogram the card.

Chapter 1

Introduction

• Passwords/passphrases for service mode and maintenance mode should only be given to a limited number of
trusted users. These modes provide access to private keys and certificates.

• Control access to the serial console to the same degree as any physical access to the device. Access to
the serial console allows for potential access to BIST mode, which includes tools that may be used to gain
complete access to the device.

• When using SNMP (Simple Network Management Protocol):

▪ Limit the number of IP addresses that can connect to the device and change the community names. Also

configure SNMP to raise a trap upon authentication failures. For more information, refer to Section 5.11,

“Managing SNMP”.

▪ Make sure the default community strings are changed to unique values.

• When using RUGGEDCOM ROX II as a client to securely connect to a server (such as, in the case of a
secure upgrade or a secure syslog transfer), make sure the server side is configured with strong ciphers and
protocols.

• Limit the number of simultaneous Web Server, CLI, SFTP and NETCONF sessions allowed.

• If a firewall is required, configure and start the firewall before connecting the device to a public network. Make
sure the firewall is configured to accept connections from a specific domain. For more information, refer to

Section 5.17, “Managing Firewalls”.

• Modbus is deactivated by default in RUGGEDCOM ROX II. If Modbus is required, make sure to follow the
security recommendations outlined in this CLI User Guide and configure the environment according to defense­in-depth best practices.

• Configure secure remote system logging to forward all logs to a central location. For more information, refer to

Section 3.9, “Managing Logs”.

• Configuration files are provided in either NETCONF or CLI format for ease of use. Make sure configuration files
are properly protected when they exist outside of the device. For instance, encrypt the files, store them in a
secure place, and do not transfer them via insecure communication channels.

• It is highly recommended that critical applications be limited to private networks, or at least be accessible only
through secure services, such as IPsec. Connecting a RUGGEDCOM ROX II device to the Internet is possible.

Security Recommendations 7

Chapter 1

Introduction

RUGGEDCOM ROX II

CLI User Guide

However, the utmost care should be taken to protect the device and the network behind it using secure means
such as firewall and IPsec. For more information about configuring firewalls and IPsec, refer to Section 5.17,

“Managing Firewalls” and Section 5.29, “Managing IPsec Tunnels”.

• Management of the certificates and keys is the responsibility of the device owner. Consider using RSA key
sizes of 2048 bits in length for increased cryptographic strength. Before returning the device to Siemens
Canada Ltd. for repair, replace the current certificates and keys with temporary throwaway certificates and keys
that can be destroyed upon the device's return.

• Be aware of any non-secure protocols enabled on the device. While some protocols, such as HTTPS, SSH
and 802.1x, are secure, others, such as Telnet and RSTP, were not designed for this purpose. Appropriate
safeguards against non-secure protocols should be taken to prevent unauthorized access to the device/
network.

• Prevent access to external, untrusted Web pages while accessing the device via a Web browser. This can
assist in preventing potential security threats, such as session hijacking.

• Make sure the device is fully decommissioned before taking the device out of service. For more information,
refer to Section 3.7, “Decommissioning the Device”.

• Configure port security features on access ports to prevent a third-party from launching various attacks that can
harm the network or device. For more information, refer to Section 3.17.3, “Configuring Port Security”.

Hardware/Software

CAUTION!

Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting
purposes and should only be used by Siemens Canada Ltd. technicians. As such, this mode is not fully
documented. Misuse of this maintenance mode commands can corrupt the operational state of the
device and render it inaccessible.

• Make sure the latest firmware version is installed, including all security-related patches. For the latest
information on security patches for Siemens products, visit the Industrial Security website [http://
www.industry.siemens.com/topics/global/en/industrial-security/news-alerts/Pages/alerts.aspx] or the

ProductCERT Security Advisories website [http://www.siemens.com/innovation/en/technology-focus/siemens-

cert/cert-security-advisories.htm]. Updates to Siemens Product Security Advisories can be obtained by
subscribing to the RSS feed on the Siemens ProductCERT Security Advisories website, or by following
@ProductCert on Twitter.

• Only enable the services that will be used on the device, including physical ports. Unused physical ports could
potentially be used to gain access to the network behind the device.

• Use the latest Web browser version compatible with RUGGEDCOM ROX II to make sure the most secure
Transport Layer Security (TLS) versions and ciphers available are employed. Additionally, 1/n-1 record splitting
is enabled in the latest Web browser versions of Mozilla Firefox, Google Chrome and Internet Explorer, and
mitigates against attacks such as SSL/TLS Protocol Initialization Vector Implementation Information Disclosure
Vulnerability (e.g. BEAST).

• For optimal security, use SNMPv3 whenever possible. Use strong passwords with this feature. For more
information about creating strong passwords, refer to the password requirements in Section 4.10, “Managing

Passwords and Passphrases”.

Policy

• Periodically audit the device to make sure it complies with these recommendations and/or any internal security
policies.

• Review the user documentation for other Siemens products used in coordination with the device for further
security recommendations.

8 Security Recommendations

RUGGEDCOM ROX II

CLI User Guide

Section 1.4

Available Services by Port

The following table lists the services available by the device, including the following information:

• Services
The service supported by the device

• Port Number
The port number associated with the service

• Port Open
The port state, whether it is always open and cannot be closed, or open only, but can be configured

• Port Default
The default state of the port (i.e. open or closed)

• Access Authorized
Denotes whether the ports/services are authenticated during access

Chapter 1

Introduction

Services Port Number Port Open

SSH TCP/22 Open (if configured with login) Open Yes

SSH (Service Mode) TCP/222 Open (if configured with login) Closed Yes

NETCONF TCP/830 Open (if configured with login) Open Yes

SFTP TCP/2222 Open (if configured with login) Closed Yes

HTTP TCP/80 Open (if configured with login) Open N/A

NTP UDP/123 Open (if configured) Closed No

SNMP UDP/161 Open (if configured with login) Closed Yes

HTTPS TCP/443 Open (if configured with login) Open Yes

TCP Modbus TCP/502 Open (if configured) Closed No

IPSec IKE UDP/500 Open (if configured) Closed Yes

IPSec NAT-T UDP/4500 Open (if configured) Closed Yes

DNPv3 TCP/20000 Open (if configured) Closed No

RawSocket TCP/configured Open (if configured) Closed No

DHCP Agent UDP/67 Open (if configured) Closed No

DHCP Server UDP/67 listening, 68 responding Open (if configured) Closed No

Port

Default

Access

Authorized

RADIUS UDP/1812 to send, opens random port

to listen

L2TP Random Port Open (if configured) Closed Yes

BGP TCP/179 Open (if configured) Closed No

RIP UDP/520 Open (if configured) Closed No

MPLS-Ping UDP/3503 Open (if configured) Closed No

Open (if configured) Closed Yes

Available Services by Port 9

Chapter 1

Introduction

Section 1.5

User Permissions

The following table lists the operation, configuration, and action commands permitted to the administrator,
operator, and guest users.

Types of user access:

• Create (C) - can create and remove optional parameters

• Execute (E) - can run an action or command

• No - no read/write/execute access

• Read (R) - read access

• Update (U) - can modify existing parameter

RUGGEDCOM ROX II

CLI User Guide

Commands/Paths Permitted

config private | exclusive | no-confirm Allowed Allowed No

/admin/software-upgrade R/U No No

/admin/rox-imaging R/U No No

/admin/authentication R/U No No

/admin/authentication/password­complexity

/admin/logging C/R/U No No

/admin/alarms (status) R R No Administrator and operator can see status

/admin/alarms-config/ R/U R/U No Administrator and operator cannot create

/admin/users C/R/U No No

/admin/users/userid R/U R/U No Operator can only change own password

/admin/cli R/U R/U No

/admin/snmp C/R/U No No

Administrator Operator Guest

R/U R No

Access

Notes

of active-alarms, acknowledge and clear
alarms

or delete alarm-lists

and cannot create users.

/admin/netconf R/U No No

/admin/dns C/R/U No No

/admin/webui R/U R/U No

/admin/scheduler C/R/U No No

/admin/contact R/U R/U No

/admin/hostname R/U R/U No

/admin/location R/U R/U No

/admin/session-limits R/U R/U No

/admin/session-security R/U R/U No

10 User Permissions

RUGGEDCOM ROX II

CLI User Guide

Chapter 1

Introduction

Commands/Paths Permitted

Access

Administrator Operator Guest

/admin/sftp R/U R/U No

/admin/time (status) R R No

/admin/switch-config (status) R/U R No

/admin/system R/U R/U No

/admin/sytem-name R/U R/U No

/admin/timezone R/U C/R/U No

/admin/clear-all-alarms (action) E C/R/U No

/admin/backup-files (action) E/R/U No No

/admin/delete-all-ssh-known-hosts (action) E E No

/admin/delete-logs (action) E No No

/admin/delete-ssh-known-host (action) E E No

/admin/full-configuration-load (action) E/U No No

/admin/full-configuration-save (action) E/U No No

/admin/install-files (action) E/U No No

/admin/reboot (action) E E No

Notes

/admin/restore-factory-defaults (action) E/U No No

/admin/set-system-clock (action) E/U E No

/admin/shutdown (action) E E No

/apps C/R/U C/R/U R

/chassis/part-list R/U R R

/chassis/fixed-modules C/R/U R/U R

/chassis/line-module-list R/U R R

/chassis/line-modules/line-module R/U R/U R

/interfaces R C/R/U R

/interface C/R/U R/U R

/routing C/R/U C/R/U R

/routing/dynamic/ospf/interface C/R/U R/U R

/routing/dynamic/rip/interface C/R/U R/U R

/routing/multicast/dynamic/pim-sm/

C/R/U R/U R

interface

/routing/dynamic/isis/interface C/R/U R/U R

/security/firewall C/R/U C/R/U R

/security/crypto C/R/U R R

/security/crypto/private-key C/R/U No No

User Permissions 11

Chapter 1

Introduction

RUGGEDCOM ROX II

CLI User Guide

Commands/Paths Permitted

Access

Administrator Operator Guest

/services C/R/U C/R/U R

/services/time/ntp/key/ C/R/U No No

/tunnel C/R/U C/R/U R

/tunnel/ipsec C/R/U No No

/ip C/R/U C/R/U R

/mpls C/R/U C/R/U R

/mpls/interface-mpls R/U R/U R

/mpls/ldp/interface-ldp R/U R/U R

/switch C/R/U C/R/U R

/switch/vlans/all-vlans C/R/U C/R/U R

/switch/port-security R/U No No

/qos C/R/U C/R/U R

/global C/R/U No No

hints E E E

monitor E E No

Notes

mpls-ping E E No

mpls-traceroute E E No

ping E E No

ping6 E E No

reportstats E E No

ssh E No No

tcpdump E E No

telnet E E No

traceroute E E No

traceroute6 E E No

traceserial E E No

wizard E No No

Section 1.6

Removable Memory

The RUGGEDCOM RX1500 features a user-accessible memory slot that supports a USB Mass Storage device.
The drive can be used to manage configuration, firmware and other files on the device or a fleet of devices.

12 Removable Memory

RUGGEDCOM ROX II

CLI User Guide

• Upgrade/Downgrade Firmware – Use the USB Mass Storage device as a portable repository for new or legacy
versions of the RUGGEDCOM ROX II firmware.

• Backup Files – Configure RUGGEDCOM ROX II to backup important information to the USB Mass Storage
device, such as rollbacks, log files, feature keys and configuration files.

• Share Files – Quickly configure or upgrade other RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512
devices by copying files using the same USB Mass Storage device.

IMPORTANT!

Do not remove the USB Mass Storage device during a file transfer.

NOTE

Only one partition is supported on the USB Mass Storage device.

For information about how to insert or remove the USB Mass Storage device, refer to the Installation Guide for
the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512.

Chapter 1

Introduction

Removable Memory 13

RUGGEDCOM ROX II

CLI User Guide

Chapter 1

Introduction

Removable Memory 14

RUGGEDCOM ROX II

CLI User Guide

Using RUGGEDCOM ROX II

Using RUGGEDCOM ROX II

This chapter describes how to use the RUGGEDCOM ROX II interface. It describes the following tasks:

• Section 2.1, “Connecting to RUGGEDCOM ROX II”

• Section 2.2, “Default User Names and Passwords”

• Section 2.3, “Logging In”

• Section 2.4, “Logging Out”

• Section 2.5, “Using Network Utilities”

• Section 2.6, “Using the Command Line Interface”

• Section 2.7, “Configuring the CLI Interface”

• Section 2.8, “Accessing Different Modes”

Chapter 2

Section 2.1

Connecting to RUGGEDCOM ROX II

The following describes the various methods for connecting the device:

• Section 2.1.1, “Connecting Directly”

• Section 2.1.2, “Connecting Through the Network”

Section 2.1.1

Connecting Directly

RUGGEDCOM ROX II can be accessed through a direct serial or Ethernet connection.

Using the RS-232 Serial Console Port

To establish a serial connection to the device, do the following:

1. Connect a serial terminal or a computer running terminal emulation software to the RS-232 console port on

the device.

Connecting to RUGGEDCOM ROX II 15

Chapter 2

Using RUGGEDCOM ROX II

Figure 1: RS-232 Console Port (RUGGEDCOM RX1500 Model Shown)

2. Configure the terminal as follows:

• 57600 bps

• No parity

• 8 bits

• Set the terminal type to VT100

• Disable hardware and software flow control

3. Establish a connection to the device and press any key. The login prompt appears.

4. Log in to RUGGEDCOM ROX II. For more information about logging in to RUGGEDCOM ROX II, refer to

Section 2.3, “Logging In”.

RUGGEDCOM ROX II

CLI User Guide

Using an Ethernet Port

To establish a direct Ethernet connection to the device, do the following:

1. Connect a serial terminal or a computer running terminal emulation software to either the MGMT
(Management) port or any other RJ-45 Ethernet port on the device.

Figure 2: MGMT Port (RUGGEDCOM RX1500 Model Shown)

16 Connecting Directly

RUGGEDCOM ROX II

CLI User Guide

Using RUGGEDCOM ROX II

2. Configure the IP address range and subnet for the serial terminal or computer's Ethernet port. The range is
typically the IP address for the device's IP interface plus one, ending at *.*.*.254.

By default, the RUGGEDCOM RX1500 has a different IP address and subnet configured for two types of IP
interfaces, both of which are mapped to one or more physical ports:

Port IP Address/Mask

MGMT 192.168.1.2/24

All other Ethernet ports 192.168.0.2/24

For example, if the serial terminal or computer is connected to the device's MGMT port, configure the serial
terminal or computer's Ethernet port with an IP address in the range of 192.168.1.3 to 192.168.1.254.
Connect to the device using the IP address 192.168.1.2, the address of the MGMT interface.

3. Launch the SSH client on the computer and connect to admin@{ipaddress}, where {ipaddress} is the IP
address for the MGMT port. The login prompt appears:

Using username "admin".
admin@192.168.0.2's password:

4. Log in to RUGGEDCOM ROX II. For more information about logging in to RUGGEDCOM ROX II, refer to

Section 2.3, “Logging In”.

Chapter 2

Section 2.1.2

Connecting Through the Network

To connect to RUGGEDCOM ROX II through the network, do the following:

1. On the workstation being used to connect to the device, configure the Ethernet port to use an IP address
falling within the subnet of the device.

By default, the RUGGEDCOM RX1500 has a different IP address and subnet configured for two types of IP
interfaces, both of which are mapped to one or more physical ports:

Port IP Address/Mask

MGMT 192.168.1.2/24

All other Ethernet ports 192.168.0.2/24

For example, if the device is connected via the MGMT port, configure the computer's Ethernet port with
an IP address in the range of 192.168.1.3 to 192.168.1.254. Connect to the device using the IP address

192.168.1.2, the address of the MGMT interface.

2. Launch the SSH client on the computer and connect to admin@{ipaddress}, where {ipaddress} is the IP
address for the port that is connected to the network.

3. Log in to RUGGEDCOM ROX II. For more information, refer to Section 2.3, “Logging In”.

Section 2.2

Default User Names and Passwords

The following default passwords are pre-configured on the device for each access mode:

Connecting Through the Network 17

Chapter 2

Using RUGGEDCOM ROX II

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. To prevent unauthorized access to
the device, change the default passwords before commissioning the device. For more information,
refer to Section 4.10, “Managing Passwords and Passphrases”.

Mode Username Password

Service root admin

Maintenance root admin

Administrator admin admin

Operator oper oper

Guest guest guest

Section 2.3

Logging In

RUGGEDCOM ROX II

CLI User Guide

To log in to RUGGEDCOM ROX II, do the following:

1. Connect to the device. For more information about the various methods of connecting to the device, refer

Section 2.1, “Connecting to RUGGEDCOM ROX II”.

2. Once a connection is established with the device, press Enter. The login prompt appears.

NOTE

RUGGEDCOM ROX II features three default user accounts: admin, operator and guest. Additional
user accounts can be added. For information about adding user accounts, refer to Section 4.9.2,

“Adding a User”.

3. Type the user name and press Enter. The password prompt appears.

NOTE

If a unique password/passphrase has not been configured, use the factory default password. For
more information, refer to Section 2.2, “Default User Names and Passwords”.

IMPORTANT!

RUGGEDCOM ROX II features a Brute Force Attack (BFA) protection system to detect potentially
malicious attempts to access the device. When enabled, the protection system will block an IP
address after 15 failed login attempts over a 10 minute period. The IP address will be blocked
for 720 seconds or 12 minutes the first time. If the same IP address fails again 15 times in a 10
minute period, it will be blocked again, but the waiting period will be 1.5 times longer than the
previous wait period.

Siemens strongly recommends that BFA protection be enabled. For more information about
enabling BFA protection, refer to Section 5.6, “Enabling/Disabling Brute Force Attack Protection”.

BFA protection is enabled by default for new installations of RUGGEDCOM ROX II.

4. Type the password associated with the username and press Enter.

login as: admin
admin@127.0.0.1's password:
Welcome to Rugged CLI

18 Logging In

RUGGEDCOM ROX II

CLI User Guide

admin connected from 127.0.0.1 using console on ruggedcom
ruggedcom#

Section 2.4

Logging Out

To log out of the device, type exit at the root level.

ruggedcom# exit

Section 2.5

Using Network Utilities

The following sections describe how to use the built-in RUGGEDCOM ROX II network utilities:

• Section 2.5.1, “Pinging a Host”

• Section 2.5.2, “Dumping Raw Data to a Terminal or File”

• Section 2.5.3, “Tracing the Route to a Remote Host”

• Section 2.5.4, “Pinging an IPv4 Address Using MPLS Protocols”

• Section 2.5.5, “Tracing the Route of an IPv4 Address Using MPLS Protocols”

• Section 2.5.6, “Tracing Activities on a Serial Port”

Using RUGGEDCOM ROX II

Chapter 2

Section 2.5.1

Pinging a Host

To ping a host, type:

• For Hosts with IPv4 Addresses

ping address iface interface count attempts wait seconds

• For Hosts with IPv6 Addresses

ping6 address iface interface count attempts wait seconds

Where:

• address is the IP address of the host

• attempts is the number of ping attempts

• interface is the interface to use

• seconds is the maximum number of seconds to for a response from the host

Logging Out 19

Chapter 2

Using RUGGEDCOM ROX II

Section 2.5.2

RUGGEDCOM ROX II

CLI User Guide

Dumping Raw Data to a Terminal or File

Tcpdump is a packet analyzer for TCP/IP and other packets. It can be used to dump raw data to a terminal or file.

To dump raw data to a terminal or file, type tcpdump and configure the following parameters:

Parameter Description

address Displays the source IP for each packet.

count The number of packets to capture

hex Converts the data to hexadecimal or ASCII characters.

host The host name to be ignored or allowed.

interface The interface from the IP list to dump.

linkheader Displays the link level header.

port The ports to trace.

proto { tCP | uDP | iCMP | aRP | vRRP | IqMP | oSPF | eSP | Ah } The protocol(s) to filter out. To select more than one protocol, string

verbosity The verbosity level. Type v, vv or vvv to set the level.

Section 2.5.3

the lowercase letters together. For example, tui will filter out TCP,
UDP and ICMP packets.

To ignore a protocol, place an n before the protocol name (e.g. ntui).

Tracing the Route to a Remote Host

To trace the route between the device and a remote host, type:

• For Hosts with IPv4 Addresses

traceroute host

• For Hosts with IPv6 Addresses

traceroute6 host

Where:

• host is the name or IP address of the remote host

Section 2.5.4

Pinging an IPv4 Address Using MPLS Protocols

To ping an IPv4 address using the MPLS protocols, type:

mpls-ping ipaddress/prefix number_of_pings

Where:

• ipaddress/prefix is the IPv4 address of the MPLS ping

• number_of_pings is the number of ping attempts

20 Dumping Raw Data to a Terminal or File

RUGGEDCOM ROX II

CLI User Guide

Section 2.5.5

Using RUGGEDCOM ROX II

Chapter 2

Tracing the Route of an IPv4 Address Using MPLS Protocols

To trace the route of an IPv4 address using MPLS protocols, type:

mpls-traceroute remoteIPAddr/Pre

Where:

• remoteIPAddr/Pre is the IPv4 address of the MPLS trace route

Section 2.5.6

Tracing Activities on a Serial Port

To trace activities on a serial port, type:

traceserial [ port slot port | hex | protocol | tcp-udp ]

Where:

• port slot port defines the port to trace

• hex displays the content of serial data in a hex

• protocol traces the serial protocol on the serial port

• tcp-udp traces TCP-UDP events on the serial port

Section 2.6

Using the Command Line Interface

The following sections describe how use the Command Line Interface (CLI):

• Section 2.6.1, “Accessing Different CLI Modes”

• Section 2.6.2, “Using Command Line Completion”

• Section 2.6.3, “Displaying Available Commands”

• Section 2.6.4, “Editing Commands”

• Section 2.6.5, “Using Output Redirects”

• Section 2.6.6, “Using Regular Expressions”

• Section 2.6.7, “Using CLI Utilities”

• Section 2.6.8, “Specifying a Range”

• Section 2.6.9, “Common Commands”

Section 2.6.1

Accessing Different CLI Modes

RUGGEDCOM ROX II provides commands for monitoring and configuring software, hardware and network
connectivity. The Command Line Interface (CLI) supports the following modes:

Tracing the Route of an IPv4 Address Using MPLS
Protocols 21

Chapter 2

Using RUGGEDCOM ROX II

Mode Description

RUGGEDCOM ROX II

CLI User Guide

Operational Mode Operational mode is the default mode after a user logs in to the device. It allows users to perform general

Configuration Mode Configuration mode is launched from the Operational Mode. It allows users to change the actual configuration

device management actions and provides troubleshooting and maintenance utilities. It is used for viewing
the system status, controlling the CLI environment, monitoring and troubleshooting network connectivity, and
launching the Configuration mode.

of the device.

All changes to the configuration are made on a copy of the active configuration, called the candidate
configuration. Changes do not take effect until they are committed.

In both modes, the CLI prompt indicates the current mode. In Operational mode, the prompt is:

ruggedcom#

In Configuration mode, the prompt is:

ruggedcom(config)#

As a user navigates through the configuration data hierarchy, the prompt indicates the user's location in the
configuration. For example, after navigating to interface » eth » lm3 » 1, the CLI prompt will be:

ruggedcom(config-eth-lm3/1)#

Section 2.6.2

Using Command Line Completion

Commands and parameters do not need to be entered completely for the CLI to recognize them. By typing the
first few letters of a command and pressing Tab, the CLI will display the possible completions. If the first few
letters are unique to a specific command, the full command is automatically displayed. If the first few letters
match more than one possible command, a lit of possible completions appears.

NOTE

Automatic completion is disabled inside quotation marks. If the name of a command or parameter
contains a space, such as a filename, escape the space with a \ or enclose the string in quotation
marks. For example:

who file foo\ bar

or

who file "foo bar"

NOTE

Auto-completion also applies to filenames and directories, but cannot be initiated using a space. Auto­completion using a space is disabled when typing a filename or directory name.

Section 2.6.3

Displaying Available Commands

To display a list of available commands at any point in the CLI, type ?.

For example, in Operational mode, typing ? at the command prompt displays a list of all Operational mode
commands:

22 Using Command Line Completion

RUGGEDCOM ROX II

CLI User Guide

ruggedcom# ?
Possible completions:
admin Configures the general device characteristics
autowizard Automatically query for mandatory elements
clear Clear parameter
commit Confirm a pending commit
compare Compare running configuration to another configuration or a file
.
.
.
traceserial Trace serial ports activities
who Display currently logged on users
write Write configuration
ruggedcom#

Using RUGGEDCOM ROX II

Section 2.6.4

Editing Commands

The following commands can be used to edit command lines and move around the command history.

Chapter 2

Moving the Cursor

Command Description

Ctrl+b or Left Arrow Moves the cursor back one character

Ctrl+f or Right Arrow Moves the cursor forward one character

Esc+b or Alt+b Moves the cursor back one word

Esc+f or Alt+f Moves the cursor forward one word

Ctrl+a or Home Moves the cursor to the beginning of the command line

Ctrl+e or End Moves the cursor to the end of the command line

Deleting Characters

Command Description

Ctrl+h, Delete or
Backspace

Ctrl+d Delete the character after the cursor

Ctrl+k Delete all characters from the cursor to the end of the line

Ctrl+u or Ctrl+x Delete the whole line

Delete the character before the cursor

Ctrl+w, Esc+Backspace
or Alt+Backspace

Esc+d or Alt+d Delete the whole after the cursor

Delete the whole before the cursor

Editing Commands 23

Chapter 2

Using RUGGEDCOM ROX II

Inserting Recently Deleted Text

Command Description

Ctrl+y Inserts the most recently deleted text at the cursor's location

Displaying Previously Entered Commands

Command Description

Ctrl+p or Up Arrow Shows the previous command in the command history

Ctrl+n or Down Arrow Shows the next command in the command history

Ctrl+r Reverses the order of commands in the command history

RUGGEDCOM ROX II

CLI User Guide

show history

shows a list of previous commands

Capitalization

Command Description

Esc+c Capitalizes the first letter of the word at the cursor's location and sets all other characters to lowercase

Esc+l Changes the entire word at the cursor's location to lowercase

Esc+u Changes the entire word at the cursor's location to uppercase

Special Actions

Command Description

Ctrl+c Aborts a command or clears the command line

Ctrl+v or Esc+q Treats the next character(s) as character data, not a command

Ctrl+l Redraws the screen

Ctrl+t Transposes characters

Esc+m Enters multi-line mode

Ctrl+d Exits multi-line mode

Ctrl+z Exits configuration mode

Inserting Hard Returns

Command Description

Esc+M Inserts a hard return

24 Editing Commands

RUGGEDCOM ROX II

CLI User Guide

Using RUGGEDCOM ROX II

Section 2.6.5

Using Output Redirects

Information returned from a CLI term can be processed in various ways using an output redirect term. To specify
an output redirect, type | after the CLI term and then type the redirect term. To display the available redirects,
type | ? after a CLI term. For example:

ruggedcom# show admin | ?
Possible completions:
append Append output text to a file
begin Begin with the line that matches
count Count the number of lines in the output display
exclude Exclude lines that match
include Include lines that match
linnum Enumerate lines in the output
more Paginate output
nomore Suppress pagination
notab Suppress table output
repeat Repeat show term with a given interval
save Save output text to a file
select Select additional columns
tab Enforce table output
until End with the line that matches

Chapter 2

Parameter Description

append Appends the output text to a specified ASCII text file.

For example, running these two terms appends the admin and
chassis information to the specified file:

ruggedcom# show admin | append foo.txt
ruggedcom# show interface | append foo.txt

The resulting file contains the results of show interface appended to
the results of show admin (lines truncated with ... are shortened for
illustrative purposes only):

ruggedcom# file show-config foo.txt
admin
time
gmtime "Wed Oct 22 20:05:50 2014"
localtime "Wed Oct 22 16:05:50 2014"
rox-imaging
roxflash-progress
phase Inactive
status message ""
image flashing 0
netconf
statistics
in bad hellos 0
in sessions 0
dropped sessions 0
in rpcs 0
in bad rpcs 0
out rpc errors 0
out notifications 0
alarms
active-alarms chassis 11 1
severity notice
description "Line Module with serial number
L15R-1710-PR002 in slot lm4 is i
nserted or up"

Using Output Redirects 25

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

begin Begins the output with the line containing the specified text. Regular

expressions can be used with this redirect. For more information
about regular expressions, refer to Section 2.6.6, “Using Regular

Expressions”.

For example, show admin | begin netconf returns all of the

admin information following the netconf line:

ruggedcom# show admin | begin netconf
netconf
statistics
in sessions 0 in xml parse errs 0 in bad
hellos 0 in rpcs 0 in bad rpcs 0 in not...

count Displays the number of lines returned by the term.

For example, show admin | count shows the number of lines in the
admin information.

ruggedcom# show admin | count
Count: 9 lines

exclude Excludes lines containing the specified text. Information that is a

child of the excluded line is also excluded. Regular expressions
can be used with this redirect. For more information about regular
expressions, refer to Section 2.6.6, “Using Regular Expressions”.

For example, show admin | exclude netconf shows the admin
information, excluding the netconf lines.

ruggedcom# show admin | exclude netconf
admin
time
gmtime "Tue Feb 15 08:25:27 2011\n" localtime
"Tue Feb 15 03:25:27 2011\n"
software-upgrade
upgrade-progress
software partition "Partition #1" current
version "ROX 2.1.0 (2010-12-03 17:38) ...
statistics
in sessions 0 in xml parse errs 0 in bad
hellos 0 in rpcs 0 in bad rpcs 0 in not...
supported rpcs 0 out rpc replies 0 out rpc
errors 0 out notifications 0

include Includes lines containing the specified text. Information that is a

child of the included line is usually included, but may not be in some
cases. Regular expressions can be used with this redirect. For more
information about regular expressions, refer to Section 2.6.6, “Using

Regular Expressions”.

For example, show admin | include time shows the time lines from
the admin information.

ruggedcom# show admin | include time
time
gmtime "Tue Feb 15 08:34:55 2011\n" localtime
"Tue Feb 15 03:34:55 2011\n"
ruggedcom#

linnum Numbers the lines in the output. For example:

ruggedcom# show admin | linnum
1: admin
2: time

26 Using Output Redirects

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

3: gmtime "Tue Feb 15 08:37:42 2011\n"
localtime "Tue Feb 15 03:37:42 2011\n"
4: software-upgrade
.
.
.

more Paginates the output. When the output reaches the screen-length

setting, the CLI prompts you to press a key for more. Press Enter to
advance line-by-line; press space to advance page-by-page.

nomore Suppresses pagination.

notab Suppresses table output.

For example, show chassis | begin line-modules shows the following
table:

ruggedcom# show chassis | begin line-modules
line-modules
line-module
BYPASS
OVERCURRENT
SLOT DETECTED MODULE STATUS
STATUS

---------------------------------------------------------­lm1 1000TX w/ 2x RJ45 - ­lm2 none - ­lm3 6x RS232/RS422/RS485 via RJ45 - ­lm4 E1 w/ 2x BNC - ­lm5 none - ­lm6 none - -

power-controller
PM MOV PM PM PM
SLOT PROTECTION TEMPERATURE CURRENT VOLTAGE

-----------------------------------------------­pm1 na 43 2907 3381

For example, show chassis | begin line-modules | notab suppresses
the table formatting:

ruggedcom# show chassis | begin line-modules |
notab
line-modules
line-module lm1
detected module "1000TX w/ 2x RJ45"
line-module lm2
detected module none
line-module lm3
detected module "6x RS232/RS422/RS485 via
RJ45"
line-module lm4
detected module "E1 w/ 2x BNC"
line-module lm5
detected module none
line-module lm6
detected module none
power-controller
PM MOV PM PM PM
SLOT PROTECTION TEMPERATURE CURRENT VOLTAGE

-----------------------------------------------­pm1 na 43 2892 3381

repeat Repeats the term at the specified interval. Specify an interval in

seconds. The term repeats until you cancel it with Ctrl-C.

Using Output Redirects 27

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

For example, show admin | repeat 10s repeats the show admin term
every 10 seconds.

save Saves the output to the specified ASCII text file.

For example, show chassis | save foo.txt saves the chassis
information to the file foo.txt

RUGGEDCOM ROX II

CLI User Guide

select

tab Enforces table layout for columnar data.

until Includes output until a line containing the specified text appears.

This redirect is not yet implemented.

Regular expressions can be used with this redirect. For more
information about regular expressions, refer to Section 2.6.6, “Using

Regular Expressions”.

For example, show chassis | begin cpu | until status returns the

chassis information beginning with cpu and ending with status:

ruggedcom# show chassis | begin cpu | until
status
cpu
slot-cpu main
detected module "RX1501 8 Gigabit Layer 3 w/ 6
LM slots and 1 PM slots"
cpu load 22
ram avail 53
ram avail low 20
status

Section 2.6.6

Using Regular Expressions

RUGGEDCOM ROX II command line regular expressions are a subset of the regular expressions found in egrep
and in the AWK programming language. Regular expressions can be used along with several of the output
redirects. For more information about using output redirects, refer to Section 2.6.5, “Using Output Redirects”.

Character Description Example

. Matches any single character (e.g. .100, 100., .100.) .100

100.

.100.

* Matches zero (0) or more occurrences of a pattern 100*

+ Matches 1 or more occurrences of a pattern 100+

? Match 0 or 1 occurrences of a pattern 100?

^ Matches the beginning of the line ^100

$ Matches the end of the line 100$

() Matches only the characters specified (38a)

[] Matches any character other than those specified [^abc]

_ (underscore) The underscore character has special meanings in an autonomous system

path. It matches to:

• Each space ( ) and comma (,)

_100,100_, _100_

28 Using Regular Expressions

RUGGEDCOM ROX II

CLI User Guide

Character Description Example

• Each AS set delimiter (e.g. { and })

• Each AS confederation delimiter (e.g. ( and ))

• The beginning and end of the line

Therefore, the underscore can be used to match AS values.

For example, to show all the IP interfaces that are in the up state:

ruggedcom# show interfaces ip | include up
admin state up
state up
admin state up
state up
admin state up
state up
admin state up
admin state up
admin state up
admin state up
admin state up

Section 2.6.7

Using RUGGEDCOM ROX II

Chapter 2

Using CLI Utilities

The Operational mode provides a set of standard utility applications, similar to those on a typical Linux-based
operating system.

Parameter Description

ssh [ host | address/name ] { bind-address |
address } { cipher-spec | cipher } { login | name
} { port | number } { sub-system }

telnet { host | address/name }

Further information about these well-known applications is publicly available on the Internet.

Opens a secure shell on another host. Parameters include:

• host is the name or IP address of the host. It is mandatory.

• bind-address is the source address of the connection. Only
useful on systems with more than one address.

• cipher-spec is the cipher specification for encrypting the
session. Supported cipher options include aes128-cbc, 3des­cbc, blowfish-cbc, cast128-cbc, arcfour128, arcfour256, arcfour,
aes192-cbc, aes256-cbc, aes128-ctr, aes192-ctr and aes256-ctr.

• login is the users login name on the host.

• port is the TCP port number to open an SSH session to.

• sub-system invokes a subsystem on the remote system, such
as NETCONF.

Opens a telnet session to another host. Parameters include:

• host is the name or IP address of the host

Section 2.6.8

Specifying a Range

Some CLI commands accept a range of values, such as LM1-3 or 3-6, to specify multiple targets. In the following
example, a command is applied to port 1 on LM1, LM2 and LM3:

ruggedcom(config)# interface switch lm1-3 1

Using CLI Utilities 29

Chapter 2

Using RUGGEDCOM ROX II

In this example, a command is issued to ports 1, 2 and 4 on LM1, LM2 and LM4:

ruggedcom(config)# interface switch lm1-2,4 1-2,4

When available, the range parameter can be included before the value range:

ruggedcom(config)# interface switch range lm1-3 1-6

Section 2.6.9

Common Commands

The following sections describe common commands that can be used in the CLI:

• Section 2.6.9.1, “Basic CLI Commands”

• Section 2.6.9.2, “File Commands”

• Section 2.6.9.3, “Interface and Services Commands”

• Section 2.6.9.4, “Administration Commands”

• Section 2.6.9.5, “Configuration Mode General Commands”

RUGGEDCOM ROX II

CLI User Guide

Section 2.6.9.1

Basic CLI Commands

Use the following commands to perform basic CLI functions.

Parameter Description

exit [ level | configuration-mode | no-confirm ]

help command

id

logout [ logout | sessionid ]

quit

Default: level

Exits from the current mode.

• level exits from the current mode. If performed at the top level,
this command exits from the configuration mode.

• configuration-mode exits from configuration mode regardless
of mode.

• no-confirm exits from configuration mode without prompting the
user to commit any pending changes.

Displays help text for the specified command.

Displays the current user's information. For example:

ruggedcom# id
user = admin(0), gid=0, groups=admin, gids=

Terminates the specified session. A session can by specified based
on its user ID or session ID.

Logs out of and ends the CLI session.

send [ all | admin ] message

Sends a message to all users of the specified type. The message
appears in both the CLI and web interface. For example:

ruggedcom# send all "Rebooting at
midnight!"Message from admin@ruggedcom at
2011-02-15 08:42:49...
Rebooting at midnight!

30 Common Commands

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

EOF

show [ admin | chassis | interface | interfaces |
netconf | routing | services ]

Shows selected configuration information. Use auto completion to
display the list of options available at each configuration level. For
example:

ruggedcom# show chassis hardware slot-hardware

ORDER

SLOT FIELD DETECTED MODULE
SERIAL NUMBER

------------------------------------------------------------­ pm1 48 48VDC (36-59VDC) Power Supply

lm1 XX none none

lm2 M1_ Old V90 Modem

lm3 TX01 2x 10/100Tx RJ45

lm4 TX01 2x 10/100Tx RJ45

lm5 DS3 1x T3/E3

lm6 TC2 2x Chan T1/E1

pm2 XX none none

main CM01 RX1000 Main Board
RX1K-12-11-0015

show [ cli | history | jobs | log | logfile ]

show parser dump command

show running-config option

Shows selected system information.

• cli shows the CLI environment settings. For example:

ruggedcom# show cli
autowizard true
complete-on-space true
display-level 99999999
history 100
ignore-leading-space true
output-file terminal
paginate true
screen-length 65
screen-width 237
service prompt config true
show-defaults false
terminal xterm

• history displays the CLI command history.

• jobs displays currently running background jobs. For example:

ruggedcom# show jobs
JOB COMMAND
2 monitor start /tmp/saved

• log and logfile display the selected log file. Use auto
completion to view a list of available log files.

Displays all possible commands starting with the specified
command.

Displays the current configuration. If an option parameter is not
specified, the entire configuration will be displayed by default . Use

Basic CLI Commands 31

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

auto completion to see a list of configuration options. Use | and one
or more output redirects to restrict the information to be shown.

Section 2.6.9.2

File Commands

Operational mode provides commands for managing log, configuration and feature key files on the device.

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

compare file

file

Compares the running configuration to a file. A > character indicates
text that is present in the selected file but not in the running
configuration. A < character indicates text that is present in the
running configuration, but not in the selected file. In the following
example, the user information is present in the configuration, but not
in the selected file:

ruggedcom# compare file deleted_users
125,127d124
< userid jsmith
< password $1$N1YT8Azl$KcG1E6/r91EXc4mgEEsAW.
role administrator
< !
ruggedcom#

Performs file operations, including:

• compare-config

• copy-config

• delete-config

• delete-featurekey

• list-config

• list-featurekey

• rename-config

• rename-featurekey

• scp-config-from-url

• scp-config-to-url

• scp-featurekey-from-url

• scp-featurekey-to-url

• scp-log-to-url

• show-config

• show-featurekey

file compare-config filename1 filename2

Compares the contents of two files. A < character indicates text
that is present in the first selected file but not in the second file. A >
character indicates text that is present in the second selected file but
not in the first file. In the following example, the user information is
present in the second file, but not in the first:

ruggedcom# file compare deleted_users all_users
125,127d124
< userid jsmith
< password $1$N1YT8Azl$KcG1E6/r91EXc4mgEEsAW.
role administrator
< !

32 File Commands

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

file copy-config current-filename new-filename

file delete-config filename

file delete-featurekey filename

file list-config

file list-featurekey

Copies a configuration file. After typing the command, press Tab to
view a list of available files. For example, the following command
copies the deleted_users file to the archive001 file:

ruggedcom# file copy-config deleted_users
archive001

Deletes a configuration file. After typing the command, press Tab
to view a list of available files. For example, the following command
deletes the deleted_users file:

ruggedcom# file delete-config deleted_users

Deletes a feature key file. After typing the command, press Tab to
view a list of available files. For example, the following command
deletes the feature key 1_cmRX1K-12-11-0217.key file:

ruggedcom# file delete-featurekey
1_cmRX1K-12-11-0217.key

Lists the configuration files. For example:

ruggedcom# file list-config

--help 10.200.20.39 _tmp_confd_cmd.0 archive001
archive002 default_rx1000_config

Lists the feature key files. For example:

ruggedcom# file list-featurekey
1_cmRX1K-12-11-0015.key

file rename-config current-filename new-filename

file rename-config current-filename new-filename

file scp-config-from-url user@host:/path/current-

filename new-filename

Renames a configuration file. For example, the following command
renames the test002 file to production_config:

ruggedcom# file rename-config test002
production_config

Renames a feature key file. For example, the following command
renames the feature key 1_cmRX1K-12-11-0217.key file to

old_featurekey:

ruggedcom# file rename-featurekey
1_cmRX1K-12-11-0217.key old_featurekey

Securely copies a configuration file from a remote computer to the
device. The remote computer must have an SCP or SSH (secure
shell) service or client installed and running.

To use this command, the user credentials for the remote computer,
the IP address or host name of the remote computer, the directory
path to the configuration file on the remote computer, and the
configuration file filename must all be known.

Type the command in the following format:

file scp-config-from-url user@host:/path/current-
filename new-filename

Where:

• user is a user name with access rights to the remote computer.

• host is the host name or IP address of the remote computer.

• path path is the path to the configuration file on the remote
computer.

File Commands 33

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

• current-filename is the current filename of the configuration
file.

• new-filename is the new filename for the configuration file. To
use the current filename, specify the current filename or exclude
this parameter from the command.

When prompted, type the password to connect to the remote
computer. For example:

ruggedcom# file scp-config-from-url
jsmith@10.200.20.39:/c:/ruggedcom/
standard_config standard_config
jsmith@10.200.20.39's password:
standard_config.txt
100% 7673 7.5KB/s 00:00

file scp-config-to-url current-filename
user@host:/path/new-filename

Securely copies a configuration file from the device to a remote
computer. The remote computer must have an SCP or SSH (secure
shell) service or client installed and running.

To use this command, the user credentials for the remote computer,
the IP address or host name of the remote computer, the directory
path to the configuration file on the remote computer, and the
configuration file filename must all be known.

Type the command in the following format:

file scp-config-to-url current-filename
user@host:/path/new-filename

Where:

• current-filename is the current filename of the configuration
file.

• user is a user name with access rights to the remote computer.

• host is the host name or IP address of the remote computer.

• path path specifies where to save the configuration file on the
remote computer.

• new-filename is the new filename for the configuration file. To
use the current filename, specify the current filename or exclude
this parameter from the command.

When prompted, type the password to connect to the remote
computer. For example:

ruggedcom# file scp-config-to-url default_config
jsmith@10.200.20.39:/c:/ruggedcom/
default_config
jsmith@10.200.20.39's password:
standard_config.txt
100% 7673 7.5KB/s 00:00

file scp-featurekey-from-url
user@host:/path/current-filename new-filename

Securely copies a feature key file from a remote computer to the
device. The remote computer must have an SCP or SSH (secure
shell) service or client installed and running.

To use this command, the user credentials for the remote computer,
the IP address or host name of the remote computer, the directory
path to the feature key file on the remote computer, and the feature
key file filename must all be known.

Type the command in the following format:

file scp-featurekey-from-url current-filename
user@host:/path/new-filename

Where:

• user is a user name with access rights to the remote computer.

34 File Commands

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

• host is the host name or IP address of the remote computer.

• path path is the path to the feature key file on the remote
computer.

• current-filename is the current filename of the feature key
file.

• new-filename is the new filename for the feature key file. To
use the current filename, specify the current filename or exclude
this parameter from the command.

When prompted, type the password to connect to the remote
computer. For example:

ruggedcom# file scp-featurekey­from-url jsmith@10.200.20.39:/c:/
ruggedcom/1_cmRX1K-12-11-0015.key
1_cmRX1K-12-11-0015.key
jsmith@10.200.20.39's password:
1_cmRX1K-12-11-0015.key
100% 192 0.2KB/s 00:00

file scp-featurekey-to-url current-filename
user@host:/path/new-filename

Securely copies a feature key file to a remote computer from the
device. The remote computer must have an SCP or SSH (secure
shell) service or client installed and running.

To use this command, the user credentials for the remote computer,
the IP address or host name of the remote computer, the directory
path to the feature key file on the remote computer, and the feature
key file filename must all be known.

Type the command in the following format:

file scp-featurekey-to-url current-filename
user@host:/path/new-filename

Where:

• current-filename is the current filename of the feature key
file.

• user is a user name with access rights to the remote computer.

• host is the host name or IP address of the remote computer.

• path path specifies where to save the feature key file on the
remote computer.

• new-filename is the new filename for the feature key file. To
use the current filename, specify the current filename or exclude
this parameter from the command.

When prompted, type the password to connect to the remote
computer. For example:

ruggedcom# file scp-featurekey-to-url
1_cmRX1K-12-11-0015.key jsmith@10.200.20.39:/c:/
ruggedcom/1_cmRX1K-12-11-0015.key
jsmith@10.200.20.39's password:
1_cmRX1K-12-11-0015.key
100% 192 0.2KB/s 00:00

file scp-log-to-url current-filename
user@host:/path/new-filename

scp-log-to-url

Securely copies a log file to a remote computer from the device. The
remote computer must have an SCP or SSH (secure shell) service
or client installed and running.

To use this command, the user credentials for the remote computer,
the IP address or host name of the remote computer, the directory
path to the log file on the remote computer, and the log file filename
must all be known.

Where:

• current-filename is the current filename of the log file.

File Commands 35

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

• user is a user name with access rights to the remote computer.

• host is the host name or IP address of the remote computer.

• path path specifies where to save the log file on the remote
computer.

• new-filename is the new filename for the log file. To use the
current filename, specify the current filename or exclude this
parameter from the command.

When prompted, type the password to connect to the remote
computer. For example:

ruggedcom# file scp-log-to-url syslog.1
jsmith@10.200.20.39:/c:/ruggedcom/syslog.1
jsmith@10.200.20.39's password:
syslog.1 100% 12KB

12.4KB/s 00:00

file show-config filename

file show-featurekey filename

Section 2.6.9.3

Interface and Services Commands

Displays the content of a specified file. Use auto completion to
display a list of available files. For example:

ruggedcom# file show-config added_users.txt
admin system-name "System Name" location Location
contact Contact
admin hostname name ruggedcom domain localdomain
admin session-limits max-sessions 50
.
.
.

Displays the content of a specified feature key file. Use auto
completion to display a list of available feature key files. For
example:

ruggedcom# file show-featurekey
1_cmRX1K-12-11-0015.key
GPG_FEATUREKEY_LEVEL=1
GPG_FEATUREKEY_CM_SERIALNUMBER=RX1K-12-11-0015
GPG_FEATUREKEY_SIGNATURE=iEYEABECAAYFAk091pAACgkQP2pya
+G5kdZeKACeKdHUB2G1T73Dymq8IjSdYDKAiskAn3abBpCEhfLXxY2ZlVbv
GNwDZow2

Operational mode provides commands for restarting and displaying information for various interfaces and
services.

Parameter Description

interfaces modem modem [ at | reset ]

interfaces serial restart-serserver

36 Interface and Services Commands

Sends an AT or reset command to the specified modem. Use auto
completion to display a list of available modems.

• at: Sends an AT command to the selected modem. To send
multiple AT commands, separate each command with a : colon.

• reset: Resets the modem.

Restarts the serial communication service.

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

interfaces clearstatistics [ ddsName | t1e1Name |
t3e3Name ] name

services dhcpserver show-active-leases

Clears statistics for the specified WAN interface. Use tab completion
to display a list of available WAN interfaces.

Displays active DHCP leases.

Section 2.6.9.4

Administration Commands

Operational mode provides commands for performing device administration tasks.

Parameter Description

admin acknowledge-all-alarms

admin clear-all-alarms

admin delete-all-ssh-known-hosts

admin delete-ssh-known-hosts

admin restore-factory-defaults

Acknowledges all system alarms.

Clears all system alarms.

Deletes the list of known hosts.

Deletes the host entry from the list of known hosts.

Restores the factory default configuration and settings, but does not
erase any files you have saved on the device.

admin reboot

admin restore-factory-defaults

admin set-system-clock time YYYY-MM-DD HH:MM:SS

admin shutdown

admin software-upgrade decline-upgrade

admin software-upgrade launch-upgrade

admin software-upgrade rollback-reboot

maint-login

Reboots the device.

Restores the factory default configuration and settings, but does not
erase any files you have saved on the device.

Sets the date and time on the device. To specify just the date, type
the date in the format YYYY-MM-DD. To specify just the time, type
the time in the format HH:MM:SS. To specify both date and time,
enclose the string in quotation marks and type the date and time in
the format "YYYY-MM-DD HH:MM:SS".

NOTE

When setting the time, specifying seconds seconds
(SS) is optional.

Shuts down the device.

For more information on shutting down the device, refer to

Section 3.4, “Shutting Down the Device”

Cancels (or declines) a recent software upgrade that is waiting for a
reboot to the upgraded partition.

Launches an upgrade in the alternate partition.

Boots to a previous software release on the alternate partition.

CAUTION!

Configuration hazard – risk of data loss/corruption.
Maintenance mode is provided for troubleshooting
purposes and should only be used by Siemens Canada
Ltd. technicians. Maintenance mode is provided for

Administration Commands 37

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

troubleshooting purposes and all possible commands
are not documented. Misuse of maintenance mode
commands can corrupt the operational state of the
device and render the device inaccessible.

Logs in to the underlying operating system as the root user. The
user must be an administrator and be able to provide the maint-login
password.

monitor start filename

monitor stop filename

reportstats

config private

config exclusive

Starts displaying the specified system log or tracing the specified
file. If necessary, the output can be redirected to a file. For
information on how to redirect output, refer to Section 2.6.5, “Using

Output Redirects”. Use auto completion to view a list of available

logs and files.

Stops displaying the specified system log or tracing the specified
file. Use auto completion to view a list of available logs and files.

Displays an extensive collection of device-specific statistics. If
necessary, the output can be redirected to a file. For information
on how to redirect output, refer to Section 2.6.5, “Using Output

Redirects”.

Enters a configuration mode where users can make changes to the
system. This is the primary mode for most users who want to make
changes to the device/network configuration. It can be accessed by
multiple Operator and Admin users.

All changes made during a private configuration session are hidden
from other users until they are committed. Each change must be
committed before it is applied to the active system.

If a user opens an exclusive configuration session during another
user's private configuration session, the user in the private
configuration session cannot commit their changes until the other
user ends their session.

Enters a configuration mode where users can make changes to
the system. This mode is similar to the private configuration mode,
except all other users are blocked from committing their changes
until the user using the exclusive configuration mode exits. Only one
Operator or Admin user can use the exclusive configuration mode at
a time per device.

When committing changes in exclusive configuration mode, use the
confirmed option to set a timeout period. Changes will be applied
for the set period of time, after which the configuration will be reset
to its previous settings. This allows users to test their configuration
changes before fully applying them to the active system.

For more information about the confirmed option, refer to

Section 2.6.9.5, “Configuration Mode General Commands”.

IMPORTANT!

Always log out of the exclusive configuration mode
or exit the transaction. If the session is terminated
before a user exits properly, other users logged in to
the device will continue to be blocked from making
changes until the session timeout period expires.

38 Administration Commands

RUGGEDCOM ROX II

CLI User Guide

Using RUGGEDCOM ROX II

Section 2.6.9.5

Configuration Mode General Commands

Configuration mode provides a set of general commands that allow users to work with configuration data.

Parameter Description

Chapter 2

abort

clear

commit no-confirm

commit abort

commit and-quit

commit check

commit confirmed timeout

Exits the configuration session without saving changes.

NOTE

In an edit exclusive session, any pending unconfirmed
commits will not be canceled until their timeout periods
expire. A new edit exclusive session cannot be opened
until the timeout period ends.

Deletes all configuration changes.

Immediately commits the current set of configuration changes. This
command will prompt the user to confirm the action. Use the no-
confirm parameter to revert the configuration without requiring
confirmation.

In an edit exclusive session, this command aborts/cancels all
confirmed commits.

Commits all confirmed and unconfirmed changes and exits the
configuration mode.

Validates the current configuration.

Temporarily commits changes for a period of time, allowing users
to test the configuration before fully committing the changes. The
changes must be committed using a standard commit command
before the timeout period ends. If changes are not committed before
the timeout period ends, they are automatically discarded and the
previous settings are restored.

A timeout period can be specified at the end of the command. The
default timeout period is 10 minutes. The minimum timeout period is
1 minute. For example:

ruggedcom(config-admin)# commit confirmed 2

To cancel a commit before the time elapses and discard the
changes, type:

commit abort

To permanently commit the changes before the time elapses, type:

commit

commit comment text

commit label text

commit persist-id text

commit save-running file

Immediately commits the current set of configuration changes
along with a custom comment. The comment will appear next to the
commit in a list of pending of commits.

Immediately commits the current set of configuration changes
along with a custom label. In a list of pending commits, the label will
appear instead of the auto-generated commit ID.

Immediately commits the current set of configuration changes and
assigns a user-specified ID or flag.

Immediately commits the current set of configuration changes and
saves them to the specified file. It does not save the complete
running configuration.

Configuration Mode General Commands 39

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

copy

details

do

end

Copies a configured element to a new element. For example, the
following command copies the userid admin to the new userid
wsmith:

ruggedcom(config)# copy admin users userid admin
smith

The new item has all of the attributes of the item from which it is
copied. In this example, userid wsmith will have the same password
and role attributes as the userid admin.

When used in combination with the save command, the details
command includes default values in the saved configuration file. For
example:

ruggedcom(config)# save {filename} | details

The details command can also be used to show default
configuration values. For example:

ruggedcom(config)# show running-config admin
session-limits | details

Performs an Operational mode command. For example, the
following command performs the Operational mode ping command
in the Configuration mode session:

ruggedcom(config)# do ping 172.30.134.12

Terminates the configuration session. The system prompts the user
to commit uncommitted changes.

exit

help command

load [ merge | override ] filename

Exits from the current mode. Unlike the end command, the system
does not prompt the user to commit uncommitted changes.

Displays help information for the specified command.

Loads a configuration from an ASCII CLI configuration file.

Two parameters are available for the CLI load command: override
and merge.

• Override: this parameter is for users who have a full configuration
file saved and want to load it back on to the device. The full
configuration file can be previously created with the CLI save
command executed from the top level in the configuration tree
or with the admin full-configuration-save command.
With the override parameter, the entire running configuration is
overwritten by the contents of the configuration file.

The override option has the following restrictions:

▪ The configuration file must be a complete configuration for the

device. A complete configuration is the entire configuration tree.

▪ The load command must be invoked at the base of the

configuration tree.

• Merge: this parameter is for users who want to build a template
configuration and load it to many devices. The template
configuration file can be obtained by using the CLI save
command. With the merge parameter, the contents of the
configuration file will be merged with the running configuration.
The remaining configurations, which are not included in the
configuration file, will remain unchanged.

After loading the configuration, use the commit command to commit
the changes.

40 Configuration Mode General Commands

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

Using RUGGEDCOM ROX II

Chapter 2

move [ after | before | first | last | ipv4 ]

no

Moves an existing IPv4 address to a new position in the list
of addresses. The address can be moved to the first or last
(default) position in the list, or before or after another address. For
example, the following command moves 172.30.137.37/9 before

172.30.137.31/19:

ruggedcom(config)# move ip fe-3-1 ipv4 address

172.30.137.37/19 before 172.30.137.31/19

Negates a command or sets it to its default setting. For example, the
following command deletes the IP address 172.30.137.37/19:

ruggedcom(config)# no ip fe-3-1 ipv4 address

172.30.137.37/19

NOTE

The no command affects only the parameter or setting
of the node explicitly specified in the command. When
using no to negate a parameter or setting that has
dependencies, clearing the specific parameter does not
clear the related dependencies.

For example, the following command adds an IPv4
route with a gateway:

ruggedcom(config)# routing ipv4 route

192.168.33.0/24 via 192.168.11.2

The following command deletes the gateway, but it
does not delete the route:

ruggedcom(config)# no routing ipv4 route

192.168.33.0/24 via 192.168.11.2

pwd

rename

resolved

revert no-confirm

rollback configuration number

The no deletes only the explicitly specified parameter
or object.

Displays the path to the current node. For example, after navigating
to an IPv4 address, the following command displays the path
through the command hierarchy to the current node:

ruggedcom(config-address-172.30.137.31/19)# pwd
Current submode path:
ip fe-3-1 \ ipv4 \ address 172.30.137.31/19

Changes the value of a parameter. For example, the following
command changes the IPv4 address 172.30.137.36/19 to

172.30.137.40/19:

ruggedcom(config)# rename ip fe-3-1 ipv4 address

172.30.137.36/19 172.30.137.40/19

Issue this command when conflicts have been resolved. Conflicts
are normally discovered when the commit operation is performed.
Conflicts typically arise when multiple users edit the same parts of a
configuration.

Copies the running configuration into the current configuration. This
discards all changes to the current configuration. This command
will prompt the user to confirm the action. Use the no-confirm
parameter to revert the configuration without requiring confirmation.

Returns the configuration to a previously committed configuration.
The system stores a limited number of old configurations. After

Configuration Mode General Commands 41

Chapter 2

Using RUGGEDCOM ROX II

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

reaching the maximum number of old configurations, storing a new
configuration deletes the oldest configuration in the list. The most
recently committed configuration (the running configuration) appears
as item 0 in the list. Select a number from the list and press Enter.

ruggedcom(config)# rollback configuration
Possible completions:
0 2012-01-08 13:51:46 by admin via cli
1 2012-01-08 13:50:58 by admin via cli
2 2012-01-08 12:05:46 by admin via cli
3 2012-01-08 10:47:42 by admin via cli
4 2012-01-08 07:49:38 by admin via cli
5 2012-01-08 07:46:14 by admin via cli

ruggedcom(config)# rollback configuration

After rolling back the configuration, use the commit command to
commit the changes.

save filename

show

Saves the current configuration, without default values, to an ASCII
file. Specify a filename for the file.

Current configuration means the configuration of the user's current
level in the configuration data hierarchy. For example, if the user
is at the top level, the save command will save the complete/full
configuration of the device.

ruggedcom(config)# save {full-configuration­filename}

If the user is at a level other than the top level, such as the firewall
level, the save command will save a partial configuration of the
current level.

ruggedcom(config)#security firewall
ruggedcom(config-firewall)# save {firewall­configuration-filename}

Use this command along with the details command to include
default values in the saved configuration file. For example:

ruggedcom(config)# save {filename} | details

Shows configuration, history or command line interface parser
information. Type show and press Tab to navigate through the items
available to display.

This command can also be combined with the details command
to display the default configuration values. For example:

ruggedcom# show running-config admin session­limits | details

top command

validate

wizard [ rox_flash | rox_upgrade ]

Exits to the top level of the command hierarchy and, optionally, runs
a command.

Validates the current configuration.

Runs the rox_flash or rox_upgrade wizards. For more information,
refer to Section 3.11.5.2, “Downgrading Using ROXflash” and

Section 3.11.3, “Upgrading the RUGGEDCOM ROX II Software”.

42 Configuration Mode General Commands

RUGGEDCOM ROX II

CLI User Guide

Using RUGGEDCOM ROX II

Section 2.7

Configuring the CLI Interface

The following commands can be used to configure certain characteristics and customize the CLI interface.

Parameter Description

Chapter 2

autowizard { true | false }

clear history

display-level

history integer

output-file { filename | terminal }

paginate { true | false }

screen-length integer

screen-width integer

show-defaults { true | false }

When enabled, the CLI prompts for required settings when a new
identifier is created.

Clears the CLI history.

Determines the depth of hierarchical information to display in
command results.

Determines the number of items to record in the CLI history.

Directs CLI output to the specified ASCII text file, or to the terminal.
Output is directed to the specified destination until another
destination is set with a subsequent output-file command.

Lengthy output is paginated by default. When the output reaches the
screen-length setting, the CLI prompts the user to press a key for
more output. Press Enter to advance line-by-line or press Space to
advance page-by-page. When disabled, output is not paginated.

Determines the number of lines in a terminal page.

Determines the length of terminal lines.

Determines if default values are shown when displaying the
configuration. When enabled, default values appear as comments
after the configured value. In the following example, the default
value for the contact value is shown as a comment following the
configured contact string of wsmith@example.com:

ruggedcom# show running-config admin contact
admin
contact "wsmith@example.com" ! Contact
!

Default values only appear for parameters that have default values.
If a parameter does not have a default value, no default appears
when show-defaults is set to true.

terminal { dumb | vt100 | xterm | linux | ansi }

Determines the terminal type and controls how line editing is
performed. Supported terminals are: dumb, vt100, xterm, linux, and
ansi. Other terminals may also work but have no explicit support.

Section 2.8

Accessing Different Modes

Aside from normal mode, there are three additional modes within RUGGEDCOM ROX II that offer various
controls over the operating system.

The following sections describe how to access the different modes within RUGGEDCOM ROX II:

• Section 2.8.1, “Accessing BIST Mode”

Configuring the CLI Interface 43

Chapter 2

Using RUGGEDCOM ROX II

RUGGEDCOM ROX II

CLI User Guide

• Section 2.8.2, “Accessing Service Mode”

• Section 2.8.3, “Accessing Maintenance Mode”

Section 2.8.1

Accessing BIST Mode

BIST (Built-In-Self-Test) mode is used by RUGGEDCOM ROX II to test and configure internal functions of the
device. The method for accessing BIST is different if a new software image has been flashed onto the flash card.

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. Access to BIST mode should be
restricted to admin users only.

CAUTION!

Configuration hazard – risk of data corruption. BIST mode is provided for troubleshooting and
advanced configuration purposes and should only be used by Siemens Canada Ltd. technicians. As
such, this mode is not fully documented. Misuse of the commands available in this mode can corrupt
the operational state of the device and render it inaccessible.

NOTE

BIST mode opens port 222.

To access BIST mode normally, do the following:

IMPORTANT!

Do not connect the device to the network when it is in BIST mode. The device will generate excess
multicast traffic in this mode.

1. Disconnect the device from the network.

2. Connect to the RUGGEDCOM RX1500 through the RS-232 console connection and a terminal application.
For more information, refer to Section 2.1.1, “Connecting Directly”.

3. Reboot the device. For more information, refer to Section 3.5, “Rebooting the Device”.

4. If prompted, provide the boot password/passphrase for the device.

5. As soon as the device starts to boot up, press ESC. A list of possible boot modes for each partition appears.

****Boot Partition 4****
[4-0]: Debian GNU/Linux, kernel 3.0.0-2-8360e
[4-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode)
[4-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode)
[4-3]: Debian GNU/Linux, kernel 3.0.0-2-8360e (service mode)

****Boot Partition 6****
[6-0]: Debian GNU/Linux, kernel 3.0.0-2-8360e
[6-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode)
[6-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode)
[6-3]: Debian GNU/Linux, kernel 3.0.0-2-8360e (service mode)

Auto booting [4-0], Hit [ESC] key to stop: 0
Welcome to the boot menu. Please select from the following options:

Enter [BootPartition-BootTarget] (e.g. '4.0') to boot.
'h' Show this help menu

44 Accessing BIST Mode

RUGGEDCOM ROX II

CLI User Guide

'l' List the available boot targets
'c' Exit to the boot loader command line

Will reboot after 60 seconds of inactivity
:

Using RUGGEDCOM ROX II

NOTE

In the example above, the text Auto booting [4-0] indicates the active partition is Boot
Partition 4.

6. Enter boot mode on the active partition by typing the associated target number. For example, if the active
partition is Boot Partition 6, type 6-1 and press Enter. The self-test cycle begins.

7. Press Ctrl+c to stop the self-test cycle and halt the excess multicast traffic. A BIST prompt appears.

BIST:~#

To access BIST mode after flashing a new software image on to the flash card, do the following:

1. Connect to the RUGGEDCOM RX1500 through the RS-232 console connection and a terminal application.
For more information, refer to Section 2.1.1, “Connecting Directly”.

2. Cycle power to the device.

3. If prompted, provide the boot password/passphrase for the device.

Chapter 2

4. Press Ctrl+c to stop the self-test cycle and halt the excess multicast traffic. A BIST prompt appears.

BIST:~#

Once all configuration changes or tests are complete, it is important to change the boot mode by doing the
following:

1. Set the next boot to normal by typing:

nextboot normal

2. Reboot the device by typing:

reboot

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. Upon accessing BIST mode
on a device that is connected to a network, make sure SSH is disabled. Failure to disable SSH
once in BIST mode would allow anyone with remote access to the device and the root password to
access the Linux shell.

NOTE

SSH is enabled automatically once the device is rebooted in normal mode. It can also be enabled
manually by typing:

/etc/init.d/ssh start

3. Once the device is rebooted, disable SSH immediately by typing:

/etc/init.d/ssh stop

4. Connect the device to the network.

Accessing BIST Mode 45

Chapter 2

Using RUGGEDCOM ROX II

Section 2.8.2

Accessing Service Mode

Service mode grants access to the Linux shell.

To access service mode, do the following:

CAUTION!

Configuration hazard – risk of data corruption. Service mode is provided for troubleshooting and
advanced configuration purposes and should only be used by Siemens technicians. As such, this
mode is not fully documented. Misuse of the commands available in this mode can corrupt the
operational state of the device and render it inaccessible.

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. SSH is automatically enabled on
port 222 when the device is put in service mode. If the device is connected to the network, a user with
remote access to the device and the root password could access the Linux shell. If required, protect
the device by either:

• Disconnecting the device from the network

• Disabling SSH via maintenance mode before accessing service mode

RUGGEDCOM ROX II

CLI User Guide

IMPORTANT!

Changes made to the configuration in this mode will override the current configuration settings (e.g. IP
addresses, VLAN settings, etc.), but are discarded following a system reboot.

1. Connect to RUGGEDCOM ROX II through the RS-232 console connection and a terminal application. For
more information, refer to Section 2.1.1, “Connecting Directly”.

2. Reboot the device. For more information, refer to Section 3.5, “Rebooting the Device”.

3. As soon as the device starts to boot up, press ESC. A list of possible boot modes for each partition appears.

****Boot Partition 4****
[4-0]: Debian GNU/Linux, kernel 3.0.0-2-8360e
[4-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode)
[4-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode)
[4-3]: Debian GNU/Linux, kernel 3.0.0-2-8360e (service mode)

****Boot Partition 6****
[6-0]: Debian GNU/Linux, kernel 3.0.0-2-8360e
[6-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode)
[6-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode)
[6-3]: Debian GNU/Linux, kernel 3.0.0-2-8360e (service mode)

Auto booting [4-0], Hit [ESC] key to stop: 0
Welcome to the boot menu. Please select from the following options:

Enter [BootPartition-BootTarget] (e.g. '4.0') to boot.
'h' Show this help menu
'l' List the available boot targets
'c' Exit to the boot loader command line

Will reboot after 60 seconds of inactivity
:

NOTE

In the example above, the text

46 Accessing Service Mode

RUGGEDCOM ROX II

CLI User Guide

Auto booting [4-0]

Using RUGGEDCOM ROX II

indicates the active partition is Boot Partition 4.

4. Enter service mode on the active partition by typing the associated target number. For example, if the active
partition is Boot Partition 6, type 6-3. A login prompt for service mode appears.

5. Type root and press Enter. A password prompt appears.

NOTE

If a unique password/passphrase has not been configured, use the factory default password. For
more information, refer to Section 2.2, “Default User Names and Passwords”.

NOTE

The current service mode password/passphrase is the same as the password/passphrase for
accessing maintenance mode.

6. Type the current service mode password/passphrase and press Enter.

ruggedcom login: root
Password:
Last login: Tue Oct 13 13:37:38 EDT 2020 on ttyS0
Linux ruggedcom 3.0.0-2-8360e #1 Thu Jan 24 21:20:30 UTC 2013 ppc

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
8t-eterminal size
now 80x20

Welcome to ruggedcom Partition1 (Rev ROX 2.4.0 (2013-01-24 18:20)) RX1510 SN
12110102-0012-0030060017 13:42:07 up 7 min
Temperature +38.5 C (+101.3 F) Disk 24% Memory 41%

root@ruggedcom:~#

Chapter 2

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. Upon accessing service mode
on a device that is connected to a network, make sure SSH is disabled. Failure to disable SSH
once in service mode would allow anyone with remote access to the device and the root password
to access the Linux shell.

Section 2.8.3

Accessing Maintenance Mode

Maintenance mode grants access to the Linux shell.

To access maintenance mode, do the following:

CAUTION!

Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting
purposes and should only be used by Siemens Canada Ltd. technicians. As such, this mode is not fully

Accessing Maintenance Mode 47

Chapter 2

Using RUGGEDCOM ROX II

documented. Misuse of the commands available in this mode can corrupt the operational state of the
device and render it inaccessible.

IMPORTANT!

Changes made to the configuration in this mode will override the current configuration settings (e.g. IP
addresses, VLAN settings, etc.), but are discarded following a system reboot.

1. In normal mode, type maint-login and press Enter. A password prompt appears.

NOTE

The current maintenance mode password/passphrase is the same as the password/passphrase
for accessing service mode.

2. Type the current maintenance mode password/passphrase and press Enter.

Example:

ruggedcom# maint-login
Password:

Welcome to ruggedcom Partition2 (Rev ROX 2.4.0 (2013-01-24 18:20)) RX1511 SN R15R-3410-PR061
22:29:20 up 1 day, 8:42
Temperature +41.0 C (+105.8 F) Disk 25% Memory 43%

root@ruggedcom:~#

RUGGEDCOM ROX II

CLI User Guide

48 Accessing Maintenance Mode

RUGGEDCOM ROX II

CLI User Guide

Device Management

Device Management

This chapter describes how to configure and manage the device and its components, such as module interfaces,
logs and files. It describes the following tasks:

NOTE

For information about how to configure the device to work with a network, refer to Chapter 5, Setup and

Configuration.

• Section 3.1, “Determining the Product Version”

• Section 3.2, “Viewing Chassis Information and Status”

• Section 3.3, “Viewing the Parts List”

• Section 3.4, “Shutting Down the Device”

• Section 3.5, “Rebooting the Device”

• Section 3.6, “Restoring Factory Defaults”

Chapter 3

• Section 3.7, “Decommissioning the Device”

• Section 3.8, “Managing Files”

• Section 3.9, “Managing Logs”

• Section 3.10, “Managing the Software Configuration”

• Section 3.11, “Upgrading/Downgrading the RUGGEDCOM ROX II Software”

• Section 3.12, “Managing RUGGEDCOM ROX II Applications”

• Section 3.13, “Managing Feature Keys”

• Section 3.14, “Managing Fixed Modules”

• Section 3.15, “Managing Line Modules”

• Section 3.16, “Managing Event Trackers”

• Section 3.17, “Managing Switched Ethernet Ports”

• Section 3.18, “Managing Routable Ethernet Ports”

• Section 3.19, “Managing Serial Ports”

• Section 3.20, “Managing Serial Port Protocols”

• Section 3.21, “Managing Ethernet Trunk Interfaces”

• Section 3.22, “Managing Cellular Modem Interfaces”

• Section 3.23, “Managing WAN Interfaces”

• Section 3.24, “Managing Virtual Switches”

• Section 3.25, “Managing a Domain Name System (DNS)”

49

Chapter 3

Device Management

Section 3.1

Determining the Product Version

During troubleshooting or when ordering new devices, Siemens Canada Ltd. personnel may request specific
information about the device, such as the model, order code or serial number.

To display general information about the product, type:

show chassis chassis-status

A table or list similar to the following example appears:

ruggedcom# show chassis chassis-status
chassis-status
model RX1501
software license "Layer 3 Standard Edition"
order code RX1501-L3-MNT-HI-L3SE-CG01-XX-S01-E02-XX-XX
rox release "ROX 2.6.0-QA3.14 (2014-08-11 18:00)"
system serial number RX1501R-0812-00664

This table or list provides the following information:

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

model Synopsis: A string

The RuggedCom device model name.

software-license Synopsis: A string

The current software capability.

mlfb Synopsis: A string 1 to 256 characters long

rox-release Synopsis: A string

system-serial-number Synopsis: A string 1 to 32 characters long

BootLoader Synopsis: A string

Section 3.2

Prerequisite: /ruggedcom:ruggedcom-internal/
ruggedcom:chassis-type/ruggedcom:family = 'RX1400'

MLFB(Machine-Readable Product Designation) or order code

The release of ROX running on the chassis.

The system serial number on the chassis label.

The version of the ROX bootloader software on the installed
module.

Prerequisite: /ruggedcom:ruggedcom-internal/
ruggedcom:chassis-type/ruggedcom:family = 'RX1400'

Viewing Chassis Information and Status

The following sections describe how to view the routing status for various routing protocols and related statistics:

• Section 3.2.1, “Viewing the Slot Hardware”

• Section 3.2.2, “Viewing Module Information”

• Section 3.2.3, “Viewing Flash Card Storage Utilization”

50 Determining the Product Version

RUGGEDCOM ROX II

CLI User Guide

• Section 3.2.4, “Viewing CPU/RAM Utilization”

• Section 3.2.5, “Viewing the Slot Status”

• Section 3.2.6, “Viewing the Slot Sensor Status”

• Section 3.2.7, “Viewing the Power Controller Status”

Section 3.2.1

Viewing the Slot Hardware

To view a list of the hardware installed in each slot, type:

show chassis hardware slot-hardware

A table or list similar to the following example appears:

ruggedcom# show chassis hardware slot-hardware | tab
ORDER
SLOT FIELD DETECTED MODULE SERIAL N

-------------------------------------------------------------------------------­pm1 HI 88-300 VDC or 85-264VAC, screw terminal block P15R-071
lm1 CG01 1000TX w/ 2x RJ45 L15R-081
lm2 XX none none
lm3 S01 6x RS232/RS422/RS485 via RJ45 L15R-081
lm4 XX none none
lm5 XX none none
lm6 XX none none
main RX1501-L3 RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots 49110102

Device Management

Chapter 3

This table or list provides the following information:

Parameter Description

slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport,

order-field Synopsis: A string 1 to 25 characters long

detected-module Synopsis: A string 1 to 60 characters long

serial-number Synopsis: A string 1 to 64 characters long

celport, cm, em, trnk }

The slot name, as marked on the silkscreen across the top of the chassis.

The order code of the chassis as derived from the current hardware configuration.

The installed module's type specifier.

The installed module's unique serial number.

Section 3.2.2

Viewing Module Information

To view information about the modules installed in the device, type:

show chassis info slot-info

A table or list similar to the following example appears:

ruggedcom# show chassis info slot-info | tab
SLOT DETECTED MODULE BootLoader FPGA

Viewing the Slot Hardware 51

Chapter 3

Device Management

--------------------------------------------------------------------------------­main RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots 2010.09RR12 14-23

This table or list provides the following information:

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport,

detected-module Synopsis: A string 1 to 60 characters long

boot-loader-version Synopsis: A string

fpga-version Synopsis: A string

celport, cm, em, trnk }

The slot name, as marked on the silkscreen across the top of the chassis.

The installed module's type specifier.

The version of the ROX bootloader software on the installed module.

The version of the ROX FPGA firmware (if any) running on the installed module.

Section 3.2.3

Viewing Flash Card Storage Utilization

To view the Flash card storage utilization statistics for the Flash card installed in the device, type:

show chassis storage

A table or list similar to the following example appears:

ruggedcom# show chassis storage | tab
storage
flash
storage name "Compact Flash"
total capacity 994896
current partition "Partition #1"
current partition capacity 490496
secondary partition capacity 490496
current partition usage 67

This table or list provides the following information:

Parameter Description

storage-name Synopsis: A string 0 to 32 characters long

The type of storage.

total-capacity Synopsis: An integer between 0 and 4294967295

The total capacity of the flash storage in KB.

current-partition Synopsis: A string 0 to 32 characters long

The partition ROX is currently running on and booted from.

current-partition-capacity Synopsis: An integer between 0 and 4294967295

The capacity of the current partition in KB.

secondary-partition-capacity Synopsis: An integer between 0 and 4294967295

The capacity of the secondary partition in KB.

current-partition-usage Synopsis: An integer between 0 and 100

52 Viewing Flash Card Storage Utilization

RUGGEDCOM ROX II

CLI User Guide

Parameter Description

The %usage of the current partition.

Section 3.2.4

Viewing CPU/RAM Utilization

To view the CPU/RAM utilization statistics for each module installed in the device, type:

show chassis cpu slot-cpu

A table or list similar to the following example appears:

ruggedcom# show chassis cpu slot-cpu | tab
RAM
CPU RAM AVAIL
SLOT DETECTED MODULE LOAD AVAIL LOW

--------------------------------------------------------------------------------­main RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots 26 56 56

This table or list provides the following information:

Device Management

Chapter 3

Parameter Description

slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport,

detected-module Synopsis: A string 1 to 60 characters long

cpu-load Synopsis: An integer between 0 and 100

ram-avail Synopsis: An integer between 0 and 100

ram-avail-low Synopsis: An integer between 0 and 100

celport, cm, em, trnk }

The slot name, as marked on the silkscreen across the top of the chassis.

The installed module's type specifier.

The CPU load, in percent, on the installed module.

The proportion of memory (RAM) currently unused, in percent, on the installed module.

The lowest proportion of unused memory (RAM), in percent, recorded for the installed
module since start-up.

Section 3.2.5

Viewing the Slot Status

To view the overall status of each slot, type:

show chassis status slot-status

A table or list similar to the following example appears:

ruggedcom# show chassis status slot-status | tab
STATUS
START
SLOT DETECTED MODULE STATE STRING UPTIME
START DATE TIME

--------------------------------------------------------------------------------------------

Viewing CPU/RAM Utilization 53

Chapter 3

Device Management

pm1 88-300 VDC or 85-264VAC, screw terminal block operating Normal 1D 4hr 47min 12sec
2012-10-24Z 06:44:32Z
lm1 1000TX w/ 2x RJ45 operating Normal 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
lm2 none empty ---- 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
lm3 6x RS232/RS422/RS485 via RJ45 operating Normal 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
lm4 none empty ---- 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
lm5 none empty ---- 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
lm6 none empty ---- 0D 0hr 0min 0sec
2012-10-24Z 06:42:28Z
main RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots operating Normal 1D 4hr 47min 12sec
2012-10-24Z 06:44:32Z

This table or list provides the following information:

Parameter Description

RUGGEDCOM ROX II

CLI User Guide

slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport,

detected-module Synopsis: A string 1 to 60 characters long

state Synopsis: { unknown, empty, disabled, resetting, operating, failed, disconnected }

status-string Synopsis: A string

uptime Synopsis: A string

start-date Synopsis: A string

start-time Synopsis: A string

celport, cm, em, trnk }

The slot name, as marked on the silkscreen across the top of the chassis.

The installed module's type specifier.

The current state of the installed module.

The runtime status of the installed module.

The total time elapsed since the start-up of the installed module.

The date on which the installed module was started up.

The time at which the installed module was started up.

Section 3.2.6

Viewing the Slot Sensor Status

To view information about the slot sensors, type:.

show chassis sensors slot-sensors

A table or list similar to the following example appears:

ruggedcom# show chassis sensors slot-sensors | tab
CURRENT VOLTAGE
SLOT DETECTED MODULE TEMPERATURE SUPPLY SUPPLY

-------------------------------------------------------------------------------------------­pm1 88-300 VDC or 85-264VAC, screw terminal block 48 2669 3385
lm1 1000TX w/ 2x RJ45 - - ­lm3 6x RS232/RS422/RS485 via RJ45 - - ­main RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots 42 1661 3327

54 Viewing the Slot Sensor Status

RUGGEDCOM ROX II

CLI User Guide

This table or list provides the following information:

Parameter Description

Device Management

Chapter 3

slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport,

detected-module Synopsis: A string 1 to 60 characters long

temperature Synopsis: An integer between 55 and 125

current-supply Synopsis: An integer between 0 and 15000

voltage-supply Synopsis: An integer between 0 and 15000

celport, cm, em, trnk }

The slot name, as marked on the silkscreen across the top of the chassis.

The installed module's type specifier.

The temperature, in degrees C, of the installed module. If multiple temperature sensors are
present on the board, the maximum reading is reported.

The power supply current, in mA, being drawn by the installed module.

Prerequisite: /ruggedcom:ruggedcom-internal/ruggedcom:chassis-type/
ruggedcom:family != 'RX1400'

The power supply voltage, in mV, seen by the installed module.

Section 3.2.7

Viewing the Power Controller Status

To view information about the power controller, type:

show chassis power-controller pm-status

A table or list similar to the following example appears:

ruggedcom# show chassis power-controller pm-status | tab
PM MOV PM PM PM
SLOT PROTECTION TEMPERATURE CURRENT VOLTAGE

------------------------------------------------­pm1 na 48 2666 3387

This table or list provides the following information:

Parameter Description

pm-slot Synopsis: { pm1, pm2 }

The name of the power module slot as labeled on the chassis.

mov-protection Synopsis: { na, working, damaged }

The state of the MOV protection circuit.

pm-temperature Synopsis: An integer between 55 and 125

The temperature (Celsius) inside the power module.

pm-current Synopsis: An integer between 0 and 15000

The current (mA) sourced by the power module.

pm-voltage Synopsis: An integer between 0 and 15000

The voltage (mV) sourced by the power module.

Viewing the Power Controller Status 55

Chapter 3

Device Management

Section 3.3

Viewing the Parts List

To view a list of parts installed in the device, type:

show running-config chassis part-list

If jobs have been configured, a table or list similar to the following example appears:

ruggedcom# show running-config chassis part-list | tab
MODEL ORDERFIELD PARTNUMBER PARTNAME

-------------------------------------------------------------------------------­RX1500 12 12-02-9999-001 12VDC (9-15VDC), screw terminal block
RX1500 12P 12-02-9999-002 12VDC (9-15VDC), pluggable terminal block
RX1500 24 12-02-0027-003 24VDC (10-36VDC), screw terminal block
RX1500 24 12-02-0035-003 24VDC (10-36VDC), screw terminal block
RX1500 24P 12-02-0027-004 24VDC (10-36VDC), pluggable terminal block
RX1500 24P 12-02-0035-004 24VDC (10-36VDC), pluggable terminal block
RX1500 48 12-02-0027-001 48VDC (36-72VDC), screw terminal block
RX1500 48 12-02-0035-001 48VDC (36-72VDC), screw terminal block
RX1500 48P 12-02-0027-002 48VDC (36-72VDC), pluggable terminal block
RX1500 48P 12-02-0035-002 48VDC (36-72VDC), pluggable terminal block
RX1500 4FX03 12-02-0018-005 4 x 100FX - Multimode, 1300nm, MTRJ connectors, 2km
RX1500 4FX06 12-02-0018-002 4 x 100FX - Singlemode, 1300nm, LC connectors, 20km
RX1500 4FX08 12-02-0018-003 4 x 100FX - Singlemode, 1300nm, LC connectors, 50km
.
.
.

RUGGEDCOM ROX II

CLI User Guide

Section 3.4

Shutting Down the Device

To shut down the device, type:

CAUTION!

Security hazard – risk of unauthorized access and/or exploitation. Always shutdown the device before
disconnecting power. Failure to shutdown the device first could result in data corruption.

NOTE

The device never enters a permanent shutdown state. When instructed to shutdown, the devices shuts
down and provides a time-out period during which power can be disconnected from the device. The
default time-out period is 300 seconds (five minutes). At the end of the time-out period, the device
reboots and restarts.

NOTE

If wiring hinders the process of disconnecting power from the device, the power module(s) can be
removed instead.

admin shutdown

56 Viewing the Parts List

RUGGEDCOM ROX II

CLI User Guide

Section 3.5

Device Management

Rebooting the Device

To reboot the device, type:

admin reboot

Section 3.6

Restoring Factory Defaults

To restore the factory defaults for the device, navigate to admin » restore-factory-defaults and configure the
following parameter(s):

admin restore-factory-defaults

If necessary, include the following options in the command:

Parameter Description

Chapter 3

delete-logs Synopsis: true or false

default-both-partitions Synopsis: true or false

delete-saved-configurations Synopsis: true or false

shutdown Synopsis: true or false

Section 3.7

Default: false

Delete system logs as well as restoring default settings.

Default: false

Perform the operation on both partitions.

Default: false

Delete saved configuration files (works with default-both-partitions option).

Default: false

Shutdown rather than reboot after restoring factory defaults.

Decommissioning the Device

Before taking the device out of service, either permanently or for maintenance by a third-party, make sure the
device has been fully decommissioned. This includes removing any sensitive, proprietary information.

To decommission the device, do the following:

1. Obtain a copy of the RUGGEDCOM ROX II firmware currently installed on the device. For more information,
contact Siemens Customer Support.

2. Log in to maintenance mode. For more information, refer to Section 2.8.3, “Accessing Maintenance Mode”.

3. Delete the current boot password/passphrase by typing:

rox-delete-bootpwd --force

4. Type exit and press Enter.

Rebooting the Device 57

Chapter 3

Device Management

RUGGEDCOM ROX II

CLI User Guide

5. Log in to RUGGEDCOM ROX II. For more information, refer to Section 2.3, “Logging In”.

6. Flash the RUGGEDCOM ROX II firmware obtained in Step 1 to the inactive partition and reboot the device.
For more information, refer to Section 3.11.5.2, “Downgrading Using ROXflash”.

7. Repeat Step 5 and Step 6 to flash the RUGGEDCOM ROX II firmware obtained in Step 1 to the other
partition and reboot the device.

8. Shut down the device. For more information, refer to Section 3.4, “Shutting Down the Device”.

Section 3.8

Managing Files

The following sections describe how to manage important files on the device:

NOTE

Only feature keys and configuration files can be installed or backed up.

• Section 3.8.1, “Installing Files”

• Section 3.8.2, “Backing Up Files”

Section 3.8.1

Installing Files

To install a file on the device, such as a configuration file or feature key, do the following:

1. If the source of the file is a USB Mass Storage drive, insert the drive in the USB port on the device. For more
information, refer to the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512 Installation Guide.

2. Navigate to admin » install-files and configure the following parameter(s) as required:

Parameter Description

file-type { file-type } Synopsis: { config, featurekey, vmfile }

The file types to be copied.

url { url } Synopsis: A string 1 to 1024 characters long

The URL of the ROX II file to copy. Supported URIs are HTTP,
SCP, SFTP, FTPS and FTP. To install from a USB flash drive
or microSD/microSDHC drive (if applicable), the URL format is
"usb://<usb-device-name>/path-to-file-on-system" or "sd://sd-1//
path-to-file-on-system". Run "show chassis" to determine the
name of the USB device. Note that only one single partition is
supported for either data medium. For all other protocols, the
format is "protocol://user:password@host:port/path-to-file". If
"port" is not specified, the default port for the protocol is used.

Section 3.8.2

Backing Up Files

To backup files stored on the device, do the following:

58 Managing Files

RUGGEDCOM ROX II

CLI User Guide

Device Management

1. If the file's destination is a USB Mass Storage drive, insert the drive in the USB port on the device. For more
information, refer to the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512 Installation Guide.

2. Make sure the CLI is in Configuration mode.

3. Navigate to admin » backup-files and configure the following parameter(s) as required:

Parameter Description

file-type { file-type } Synopsis: { config, featurekey, logfiles, rollbacks, licenses }

The file types to copy.

file { file } Synopsis: A string 1 to 255 characters long

The file names to copy.

Chapter 3

timestamp Synopsis: true or false

url { url } Synopsis: A string 1 to 1024 characters long

Default: false

If enabled, a time stamp will be appended to the file name. This
option is not applicable to file names that contain '*'.

The URL of the ROX II file to copy. Supported URIs are HTTP,
SCP, SFTP, FTPS and FTP. To save to a USB flash drive or
microSD/microSDHC drive (if applicable), the URL format is
"usb://<usb-device-name>/path-to-file-on-system" or "sd://sd-1//
path-to-file-on-system". Run "show chassis" to determine the
name of the USB device. Note that only one single partition is
supported for either data medium. For all other protocols, the
format is "protocol://user:password@host:port/path-to-file". If
using a path only, close it with '/'. If "port" is not specified, the
default port for the protocol is used.

Section 3.9

Managing Logs

RUGGEDCOM ROX II maintains various logs to record information about important events. Each log falls into
one of the following log types:

Security Event Logs Information related to the following security events are logged by RUGGEDCOM ROX II:

NOTE

Passwords can be retried up to 3 times before the login attempt is considered a security event.

• Successful and unsuccessful login attempts

• Local and remote (RADIUS) authentication

• Security-sensitive commands (whether successful or unsuccessful)

• An optionally configurable SNMP Authentication Failure Trap (disabled by default) in accordance with
SNMPv2-MIB

All security event logs are recorded in var/log/auth.log and can be viewed in the Authlog Viewer. For
more information about viewing logs, refer to Section 3.9.1, “Viewing Logs”.

Syslogs Syslog allows users to configure local and remote syslog connections to record important, non-security event

Managing Logs 59

information. The remote Syslog protocol, defined in RFC 3164 [http://tools.ietf.org/html/rfc3164], is a UDP/
IP-based transport that enables a device to send event notification messages across IP networks to event
message collectors, also known as Syslog servers. The protocol is designed to simply transport these event
messages from the generating device to the collector.

Chapter 3

Device Management

All log files are organized in the log directory (/var/log) according to the facility and priority at which they
have been logged. Remote Syslog sends the requested logs to the remote server(s) at whichever facility and
priority they were initially logged, after filtering the logs based on the selectors configured for the server.

The following log files are setup with the following default selectors:

• syslog catches all logs except daemon.debug, auth or authpriv logs

• daemon.log catches all err level (and above) logs written to the daemon facility

• messages catches all info, notice and warn level logs for all facilities except auth, authpriv, cron, daemon,
mail and news

A selector setup using the following facilities at level info and up is recommended:

• daemon

• user

• kern

• syslog

Diagnostic Logs Diagnostic logs record system information for the purposes of troubleshooting.

The following sections describe how to view, configure and manage logs:

• Section 3.9.1, “Viewing Logs”

• Section 3.9.2, “Deleting Logs”

• Section 3.9.3, “Configuring a Source IP Address for Remote Syslog Messages”

• Section 3.9.4, “Managing Diagnostic Logs”

• Section 3.9.5, “Configuring Secure Remote Syslog”

• Section 3.9.6, “Managing Remote Syslog Servers”

• Section 3.9.7, “Managing Remote Server Selectors”

RUGGEDCOM ROX II

CLI User Guide

Section 3.9.1

Viewing Logs

Select logs can be viewed directly within the CLI. Otherwise, these and other logs can be downloaded from the
device and viewed in a text editor/viewer.

NOTE

For information about downloading log files from the device, refer to Section 3.8.2, “Backing Up Files”.

To view a log in the CLI, do the following:

show log file

Where:

• file is the log file to view

For example, to view the auth.log, type:

show log auth.log

A result similar to the following is displayed:

ruggedcom# show log auth.log
Jan 29 09:25:00 ruggedcom confd[2068]: audit user: admin/0 failed to login using externalauth: Local
authentication
Jan 29 09:25:00 ruggedcom confd[2068]: audit user: admin/0 logged in through Web UI from 192.168.0.200
Jan 29 09:25:00 ruggedcom confd[2068]: audit user: admin/32 assigned to groups: admin
Jan 29 09:25:01 ruggedcom CRON[4599]: pam_unix(cron:session): session opened for user root by (uid=0)

60 Viewing Logs

RUGGEDCOM ROX II

CLI User Guide

.
.
.

Section 3.9.2

Device Management

Deleting Logs

To delete all logs stored on the device, type:

admin delete-logs

Section 3.9.3

Configuring a Source IP Address for Remote Syslog Messages

IP packets for remote syslog messages include a destination IP address and a source IP address. The source
IP address is the interface from which the message is sent (e.g. switch.0001). However, that address may not
be meaningful within the system log, or the address may conflict with a firewall rule or policy. In such cases, an
alternative source IP address can be configured for all remote syslog messages.

To configure a specific source IP address for all remote syslog messages, do the following:

1. Make sure the CLI is in Configuration mode.

2. Make sure an IP address is first defined for the desired interface. For more information, refer to either

Section 5.40.3.2, “Adding an IPv4 Address” or Section 5.40.6.2, “Adding an IPv6 Address”.

3. Configure the source IP address by typing:

Chapter 3

admin logging source-ip address

Where:

• address is the alternative source IP address

4. Type commit and press Enter to save the changes, or type revert and press Enter to abort.

Section 3.9.4

Managing Diagnostic Logs

Diagnostic logs are available for troubleshooting the device. Various device behavior is recorded in the following
logs:

Log Filename

Developer's Log /var/log/confd-dev.log

SNMP Log /var/log/snmp-trace.log

NETCONF Summary Log /var/log/netconf.log

NETCONF Trace Log /var/log/netconf-trace.log

XPATH Trace Log /var/log/xpath-trace.log

Deleting Logs 61

Chapter 3

Device Management

Log Filename

WebUI Trace Log /var/log/webui-trace.log

CAUTION!

Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect
the performance of RUGGEDCOM ROX II. Only enable diagnostic logging when directed by Siemens.

The following sections describe how to configure and manage diagnostic logs:

• Section 3.9.4.1, “Enabling/Disabling the Developer's Log”

• Section 3.9.4.2, “Enabling/Disabling the SNMP Log”

• Section 3.9.4.3, “Enabling/Disabling the NETCONF Summary Log”

• Section 3.9.4.4, “Enabling/Disabling the NETCONF Trace Log”

• Section 3.9.4.5, “Enabling/Disabling the XPATH Trace Log”

• Section 3.9.4.6, “Enabling/Disabling the WebUI Trace Log”

Section 3.9.4.1

Enabling/Disabling the Developer's Log

RUGGEDCOM ROX II

CLI User Guide

The Developer's log records internal system transactions from the operational view.

CAUTION!

Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect
the performance of RUGGEDCOM ROX II. Only enable diagnostic logging when directed by Siemens.

To enable or disable the Developer's log, do the following:

1. Make sure the CLI is in Configuration mode.

2. Enable or disable the Developer's log by typing the following commands:

Enable

admin logging diagnostics developer-log enabled

Disable

no admin logging diagnostics developer-log enabled

3. Configure the level of information provided by the Developer's log by typing:

Parameter Description

log-level { log-level } Synopsis: { error, info, trace }

4. Type commit and press Enter to save the changes, or type revert and press Enter to abort.

Default: info

Sets the verbosity level for developer logging.

Section 3.9.4.2

Enabling/Disabling the SNMP Log

The SNMP log records all SNMP related events.

62 Enabling/Disabling the Developer's Log