Gebruiksaanwijzing /service van het product 3CRUS2475 van de fabrikant 3Com
Ga naar pagina of 522
www.3Com.com Part No. 10015248 Rev . AA Published October 2006 3Com ® Unified Gigabit Wir eless PoE Switch 24 Command Refer ence Guide 3CRUS2475.
3Com Corporati on 350 Campus Drive Marlborough, MA 01752-3064 Copyright © 2 006, 3Com Corporation. All rights reserved . No part of this documen tation may be reproduced in any form or by any means or used to make any derivative work (such as tran slation, transformation , or adaptation) without writt e n permission fr om 3Com Corporation.
C ONTENTS U SING THE CLI Overview 19 CLI Command Modes 19 Introduction 19 User EXEC Mode 20 Privileged EXEC 20 Global Configuration Mode 21 Interface Configuration and Specific Configur ation Modes 21.
ACL C OMMANDS ip access-list 41 permit (ip) 41 deny (IP) 4 5 mac access-list 47 permit (MAC) 48 deny (MAC) 49 service-acl 50 show access-lists 51 show interfaces access- lists 52 A DDRESS T ABLE C OMM.
description 79 speed 80 duplex 81 negotiation 8 1 flowcontr ol 82 mdix 83 clear counters 84 set interface active 85 show interfaces advertise 85 show interfaces configur ation 87 show interfaces statu.
P ORT C HANNEL C OMMANDS interface port-channel 113 interface rang e port-chan nel 1 13 channel-group 114 show interfaces port-channel 115 Q O S C OMMANDS qos 117 show qos 118 class-map 118 show class.
security-suite do s protect 145 security-suite deny martian-addr esses 146 C LOCK C OMMANDS clock set 149 clock sour ce 150 clock timezon e 150 clock summer -time 151 sntp authentication-key 153 sntp .
IGMP S NOOPING C OMMANDS ip igmp snooping (Global) 185 ip igmp snooping (Inter face) 185 ip igmp snooping mr outer lear n-pim-dvmrp 186 ip igmp snoop ing host-time-out 1 87 ip igmp snooping mr outer -.
spanning-tree cost 214 spanning-tr ee port-priority 215 spanning-tr ee portfast 216 spanning-tree link-type 217 spanning-tr ee pathcost method 217 spanning-tr ee bpdu 218 clear spanning-tree de tected.
show radius-servers 276 P ORT M ONITOR C OMMANDS port monito r 279 show ports monitor 280 SNMP C OMMANDS snmp-server commun ity 283 snmp-server view 284 snmp-server group 2 86 snmp-server user 287 snm.
show arp 313 ip domain-name 314 ip name-server 315 M ANAGEMENT ACL C OMMANDS management acce ss-list 317 permit (Management) 318 deny (Management) 319 management acce ss-class 320 show manage ment acc.
wpa2 pre-authentication 343 show wlan ess 344 show wlan ess mac-filtering lists 347 show wlan ess counters 348 W IRELESS AP G ENERAL C OMMANDS clear wlan ap 351 wlan ap active 352 wlan ap key 352 wlan.
show crypto key pubkey -chain ssh 380 W EB S ERVER C OMMANDS ip http server 383 ip http port 383 ip http exec-time out 384 ip https server 385 ip https port 385 crypto certificate generate 386 crypto .
show logging 409 show logging file 411 show syslog-server s 413 W IRELESS AP BSS C OMMANDS bss 415 bss enable 415 advertise-ssid 416 data-rate s 417 S YSTEM M ANAGEMENT C OMMANDS ping 419 traceroute 4.
show history 442 show privilege 443 GVRP C OMMANDS gvrp enable (Global) 445 gvrp enable (Interface) 446 garp time r 44 6 gvrp vlan-creation-forbid 448 gvrp registration-forb id 448 clear gvrp statisti.
dot1x port-con trol 470 dot1x re -authentication 471 dot1x timeout r e-authperiod 472 dot1x re -authenticate 473 dot1x timeout quiet-perio d 473 dot1x timeout tx-period 475 dot1x max-r eq 475 dot1x ti.
wlan tx -power au to signal -loss 506 wlan station idle-timeout 507 clear wlan station 508 show wlan 509 show wlan au to-tx-power 510 show wlan logging con figuration 511 show wlan stations 512 show w.
.
1 U SING THE CLI Overview This document describes the Comman d Line Interface (CLI) used to manage the 3Com Unified Gi gabit W ireless PoE switch. Most of the CLI commands ar e applicable to all devices. This chapter describes how to start using the CLI and the CLI command editing features.
20 C HAPTER 1: U SING THE CL I User EXEC Mode After logging into the device, the user is automatically in User EXEC command mode unless the user is define d as a privileged user . In general, the User EXEC commands allow the user to perform basic tests, and list system information.
Overview 21 Global Configuration Mode Global Configuratio n mode commands apply to features that af f ect the system as a whole, r ather than just a specific interface. The configure Privileged EXEC mode command is used to enter the Global Configuration mode.
22 C HAPTER 1: U SING THE CL I ■ Ethern et — Contains commands to manage port configuratio n. The interface ethernet Global Configuration mode command is u sed to enter the Interface Configuration mode to configure an Ether net type interface.
Editing Features 23 T o start using the CLI, perform the following steps: 1 Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the device to the RS-232 serial port of the terminal or computer running the termin al emulation application.
24 C HAPTER 1: U SING THE CL I T o enter commands that requir e parameters, enter the required parameters a fter the command keywo rd. For examp le, to set a pa ssword for the administrator , enter: When working with the CLI, the comm and options are not displayed.
Editing Features 25 By default, the history buffer system is enabled, but it can be disabled at any time. For informa tion about the command synta x to enable or disabl e the history buffer , see history . There is a standar d default number of commands th at are stor e d in the buffer .
26 C HAPTER 1: U SING THE CL I The ports may be described on an indi vidual basis or within a ra nge. Use format port number -port number to specify a set of consecutive po rts and port number , port number to indicat es a set of non-consecutive ports.
Editing Features 27 CLI Command Conventions When entering commands ther e are certain command entry standar ds that apply to all commands. The following table describ es the command conventions. Copying and Pasting Te x t Up to 1000 lines of text (or commands) can be copied and pasted into the device.
28 C HAPTER 1: U SING THE CL I ■ A device Configu ration mode has been accessed. ■ The commands contain no encryp te d data, like encrypted passwords or keys.
2 AAA C OMMANDS aaa authentication login The aaa authentication login Global Configuration mode command defines login authentication. T o restore defaults, use the no form of this command. Syntax aaa authentication login { default | list-name } method1 [ metho d2 .
30 C HAPTER 2: AAA C OMMANDS On the console, login succ eeds withou t any authenticati on check if the authenticatio n method is not defined. Command Mode Global Configurat ion mode User Guidelines The default and optional list names created with the aaa authentication login command are used with the login authentication command.
aaa authentication enable 31 ■ list-name — Character string used to name the list of authentication methods activated, when using acce ss higher privilege levels.
32 C HAPTER 2: AAA C OMMANDS The following example sets the en able password for authentication when accessing higher privilege levels. login authentication The login authentication Line Configu ration mode command specifies the login authentication method list for a remote telnet or console.
enable authentication 33 enable authentication The enable authentication Line Config uration mode command specifies the authenticat ion method list when accessing a higher privilege level from a re mote T elnet or console. T o restore the default configurat ion specified by the aaa authentication enable command, use the no form of this command.
34 C HAPTER 2: AAA C OMMANDS Syntax ip http authentication method1 [ method2 ...] no ip http authen tication Parameters ■ Method1 [ metho d2 ...] — Specify at least one method from the following list: Default Configuration The local user database is checked .
show authentication methods 35 Syntax ip https authentication method1 [ method2 ...] no ip https authentication Parameters ■ method1 [ method2 ...] — Specify at least one method fr om the following list: Default Configuration The local user database is checked .
36 C HAPTER 2: AAA C OMMANDS Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays t he authentication configu ration.
password 37 password The passwor d Line Configuration mode command specifies a password on a line. T o r emo ve the password, use the no form of this command. Syntax password pa ssword [ encrypted ] no password Parameters ■ password — Password for this level.
38 C HAPTER 2: AAA C OMMANDS Parameters ■ password — Password for this level. (Range: 1-159 characters) ■ level — Level for which the password a pplies. If not specified the level is 15 (Range: 1-15). ■ encrypted — Encrypted password enter ed, copied from another device configuration.
username 39 ■ encrypted — Encrypted password enter ed, copied from another device configuration. Default Configuration No user is defined. Command Mode Global Configurat ion mode User Guidelines User account can be cr eated without a passwor d .
40 C HAPTER 2: AAA C OMMANDS.
3 ACL C OMMANDS ip access-list The ip access-list Global Configuration mode command enables the IP-Access Configuration mode and crea tes Layer 3 ACLs. T o delete an ACL, use the no form of th is command. Syntax ip access-list name no ip access-list name Parameters ■ name — Specifies the name of the ACL.
42 C HAPTER 3: ACL C OMMANDS Syntax permit { any | protoc ol } { any | { source source-wildcard }} { any | { destination destin ation-wildcard }} [ dscp dscp numbe r | ip-pr ecedence ip-precedence ] p.
permit (ip) 43 The following table lists the protocols that can be specified: ■ dscp — Indicates matchin g the dscp number wi th the packet dscp value. ■ ip-pr ecedence — Indi cates matchi ng ip-p r ecedence with th e packet ip-precedence value.
44 C HAPTER 3: ACL C OMMANDS alternate-host-address, echo-re quest, r outer -advertisement, router -solicitation, time- exceeded, parameter -problem, timestamp, timest amp-reply , information-request,.
deny (IP) 45 Example The following ex ample shows how to define a permit statement for an IP ACL. deny (IP) The deny IP-Access List Configuration mo de command denies traffic if the conditions defined in the deny statement match.
46 C HAPTER 3: ACL C OMMANDS ■ dscp — Indicates matchin g the dscp number wi th the packet dscp value. ■ ip-pr ecedence — Indicat es matching i p -p r ecedence with the packet ip-precedence value.
mac access-list 47 Default Configuration This command has no default configurat ion Command Mode IP-Access List Config uration mode User Guidelines Use the ip access-list Global Configuration mode command to enable the IP-Access List Configuration mode.
48 C HAPTER 3: ACL C OMMANDS User Guidelines There ar e no user guideline s for this command. Example The following example shows how to create a MAC ACL. permit (MAC) The permit MAC-Access List Configuration mode command def ines permit conditions of an MAC ACL.
deny (MAC) 49 User Guidelines Before an Access Contr ol Element (A CE) is added to an ACL, all packets are permitted. After an ACE is added, an implied deny-any-any condition exists at the end of the list and those packet s that do not match the conditions defined in the permit statement are denied.
50 C HAPTER 3: ACL C OMMANDS ■ cos-wildcard — Specifies wildcard bits to be applied to the CoS. ■ eth-type — Specifies the packet ’ s Ethernet type. Default Configuration This command has no default configurat ion. Command Mode MAC-Access List Configuration mode User Guidelines MAC BPDU packets cannot be denied.
show access-lists 51 Parameters ■ acl-name —Specifies the ACL to be a pplied to the input interface. Default Configuration This command has no default configurat ion.
52 C HAPTER 3: ACL C OMMANDS Example The following example displays access list s defined on a device. show interfaces access-lists The show interfaces access-lists Privileged EXEC mode command displays access lists applied on interfaces.
show interfaces access-lists 53 Example The following example displays ACLs applied t o the interfaces of a device: Console# show interfaces access-lists Interface Input ACL --------- --------- g1 ACL.
54 C HAPTER 3: ACL C OMMANDS.
4 A DDR ESS T ABLE C OMMANDS bridge address The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source addre ss to the bridge table.
56 C HAPTER 4: A DDRESS T ABLE C OMMA NDS Command Mode Interface Configur ation (VLAN) mo de User Guidelines Using the no form of the command without specifying a MAC address deletes all static MAC addre sses belonging to this VLAN). Example The following example adds a permanen t static MAC-layer station sour ce address 3aa2.
bridge multicast address 57 If multicast devices exist on the VL AN and IGMP-snooping is not en abled, the bridge multicast forwar d-all command should be used to enable forwarding all multicast packet s to the multicast switches. Example In the folowing example, bridge multicast filtering is enabled.
58 C HAPTER 4: A DDRESS T ABLE C OMMA NDS Default Configuration No multicast addr esses are def ined. Command Mode Interface Configur ation (VLAN) mo de User Guidelines If the command is executed without add or re mo v e , the command only registers the gr o up in the bridge database.
bridge multicast forward-all 59 Parameters ■ add — Adds ports to the group. ■ rem o ve — Removes ports from the group. ■ mac-multicast-address — A valid MA C multicast address.
60 C HAPTER 4: A DDRESS T ABLE C OMMA NDS Syntax bridge multicast forward-all { add | remo v e } { ether net int erface-list | port-channel port-cha nnel-numbe r -list } no bridge multicast f orward-all Parameters ■ add — Force forwar ding all multicast packets.
bridge multicast forbidden fo rward-all 61 Syntax bridge multicast forbidden forward-all { add | re m ov e } { ether net interface-list | port-channel port-channel-number -list } no bridge multicast f orbidden forward-all Parameters ■ add — Forbids forwarding all multicast packets.
62 C HAPTER 4: A DDRESS T ABLE C OMMA NDS bridge aging-time The bridge aging-time Global Configuration mode command sets the address table aging time. T o restor e the default configuration, use the no form of this comma nd. Syntax bridge aging-time seconds no bridge aging-time Parameters ■ seconds — Time in second s.
port security 63 Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example In the following example, the bridge tables are cleared. port security The port security Interface Configuration mode command locks the port to block unknown traffic and pr event the port from learning new addresses.
64 C HAPTER 4: A DDRESS T ABLE C OMMA NDS Default Configuration This setting is disabled. Command Mode Interface Configuration (Eth ernet, port-chan nel) mode User Guidelines There ar e no user guideline s for this command.
port security routed secure-addr ess 65 Command Mode Interface Configuration (Eth ernet, port -channel) mode User Guidelines There ar e no user guideline s for this command. Example In this example, port security mode is set to dynamic for Ether net interface g7.
66 C HAPTER 4: A DDRESS T ABLE C OMMA NDS The command enable s adding secure MAC addr esses to a r outed port in port security mode. The command is available when the port is a routed port and in port security mode. The addr ess is deleted if the port exits the security mo de or is not a r outed port.
show bridge address-table static 67 User Guidelines Internal usage VLANs (VLANs that are automatically allocated on ports with a defined Layer 3 interface) ar e presented in the VLAN co lumn by a port number and not by a VLAN ID.
68 C HAPTER 4: A DDRESS T ABLE C OMMA NDS Parameters ■ vlan — Specifies a valid VLAN, such as VLAN 1. ■ interface — A valid Ethernet po rt. ■ port-channel-number — A valid port-channel number . Default Configuration This command has no default configurat ion.
show bridge address-table count 69 Syntax show bridge address-table count [ vlan vlan ] [ ether net interface-number | port-channel port- channel-number ] Parameters ■ vlan — Specifi es a valid VLAN, such as VLAN 1. ■ interface — A valid Ethernet po rt.
70 C HAPTER 4: A DDRESS T ABLE C OMMA NDS show bridge multicast address-table The show bridge multicast address-table Privileged EXEC mode command displays multicast MAC address or IP address table information.
show bridge multicast address-table 71 A multicast MAC address m aps to multipl e IP addr esses as shown above . 19 01:00:5e:02:02 :08 static g1-8 19 00:00:5e:02:02 :08 dynamic g9-11 Forbidden ports f.
72 C HAPTER 4: A DDRESS T ABLE C OMMA NDS show bridge multicast filtering The show bridge multicast filtering Privileged EXEC mode c o mmand displays the multicast filtering configuration. Syntax show bridge multicas t filtering vlan-id Parameters ■ vlan-id — Indicates the VLAN ID.
show ports security 73 show ports security The show ports security Privileged EXEC mode co mmand displ ays the port-lock status. Syntax show ports secu rity [ ethernet interface | port-channel port-channel-number ] Parameters ■ interface — A valid Ethernet po rt.
74 C HAPTER 4: A DDRESS T ABLE C OMMA NDS The following table describes the f ields shown above. show ports security addresses The show ports security addresses Privileged EXEC mode command displays the current dynamic addr esses in locked ports.
show ports security addresses 75 User Guidelines There ar e no user guideline s for this command. Example This example displays dynamic addresses in all currently locked ports.
76 C HAPTER 4: A DDRESS T ABLE C OMMA NDS.
5 E THER NET C ONFIGURATION C OMMANDS interface ether net The interface ether net Global Configuration mode command enter s the interface configu ration mode to configure an Ethernet t ype interface. Syntax interface ethernet interface Parameters ■ interface — V alid Ether net port.
78 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Parameters ■ port-list — List of valid ports. Where more than one port is listed, separate the nonco nsecutive ports with a comma and no spaces, use a hyphen to designate a range of po rts and group a list separated by commas in brackets.
description 79 Command Mode Interface Configuration (Eth ernet, port -channel) mode User Guidelines There ar e no user guideline s for this command. Example The following example disables Ether net port g5 operations. The following example restarts the disabled Ether net port.
80 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Example The following example adds a description to Ethernet port g5. speed The speed Inter face Configuration (Ether net, port-ch annel) mode command configures the speed of a given Ether net interface when not using auto-negotiation.
duplex 81 duplex The duplex Interface Conf iguration (Ether net) mode command configures the full/half duplex opera tion of a given Ethernet interface when not using auto-negotiation. T o restore the default configuration, use the no form of this command.
82 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Syntax negotiation [ capability1 [cap ability2…capability5 ]] no negotiation Parameters ■ capability — Specifies the ca pa bilities to advertise. (Possible values: 10h, 10f, 100h,100f, 1000f ) Default Configuration Auto-negotiation is enabled.
mdix 83 Parameters ■ auto — Indicates auto-negotiation ■ on — Enables flow control. ■ off — Disables flow control. Default Configuration Flow contr ol is off. Command Mode Interface Configuration (Eth ernet, port -channel) mode User Guidelines Negotiation should be enabled for flow control auto.
84 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS User Guidelines Auto : All possibilities to connect a PC with cross or normal cables ar e supported and are automatically detected. On : It is possible to connect to a PC only with a normal cable and to connect to another device only with a cross cable.
set interface active 85 Example In the following example, the counters for interface 1 are clear ed. set interface active The set interface active Privileged EXEC mode command reactiva tes an interface that was shutdown.
86 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Syntax show interfaces advertise [ ethe rnet interface | port-channel port-channel-number ] Parameters ■ interface — V alid Ether net port.Elana ■ port-channel-number — V alid port-channel number .
show interfaces con figuration 87 show interfaces configuration The show interfaces configuration Privileged EXEC mode command displays the configuration for all configured interfaces. Syntax show interfaces configuration [ ethernet interface | port-channel port-channel-number ] Parameters ■ interface — V alid Ether net port.
88 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS show interfaces status The s how interfaces status Privileged EXEC mode command displays the status of all configured interfaces.
show interfaces status 89 Syntax show interfaces status [ ether net interface | port-channe l port-channel-number |] Parameters ■ interface — A valid Ethernet po rt. Elana ■ port-channel-number — A valid port-channel numb er . Default Configuration This command has no default configurat ion.
90 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS show interfaces description The show interfaces description Privileged EXEC mode command displays the description for all configured interfaces. Syntax show interfaces description [ ethernet interface | port-channel port-channel-number ] Parameters ■ interface — V alid Ether net port.
show interfaces counters 91 Default Configuration This command has no default configurat ion. Command Modes Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays descri ptions of configured interfaces.
92 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Default Configuration This command has no default configurat ion. Command Modes Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following ex ample displays traffi c seen by the phys ical interface.
show interfaces counters 93 The following table describes the fields shown in the display . The following table describes the fields shown in the display .
94 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS port storm-control include-multicast (GC) The port storm-control include-multicast Interface Configuration mode command enables counting multicast packets in the port storm-control br oadcast rate command.
port storm-control in clude-multicast (IC) 95 User Guidelines T o control multicasts storms, use the port storm-control br oadcast enable and port storm-control broadcast rate commands. Example The following example enab les counting multica st packets.
96 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Example The following example e nables counti ng broadcast and multicast packets on Ethernet port 2. port storm-control broadcast enable The port storm-control b roadcast enable Interface Configuration (Ethern et) mode command enables br o adcast storm control.
port storm-control broadcast rate 97 port storm-control broadcast rate The port storm-control br oadcast rate Interface Conf iguration (Ethern et) mode command configures the maximum br oadcast rate. T o restor e the default co nfiguration, use the no form of this command.
98 C HAPTER 5: E THE RNET C ONFIGURA TION C OMMANDS Default Configuration This command has no default configurat ion. Command Modes Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays the sto rm control configuration.
6 L INE C OMMANDS line The line Global Configu ration mode command identifies a specific line for configuration and enters the Line Configuration command mode. Syntax line { console | telnet | ssh } Parameters ■ console — Console terminal line. ■ telnet — Virtual terminal for remo te console access (T elnet).
100 C HAPTER 6: L IN E C OMMANDS Syntax speed bps Parameters ■ bps — Baud rate in bits per second (bps). Possible values are 2400, 4800, 9600, 19200, 3 8400, 57600 and 11 5200. Default Configuration The default speed is 19200 bps. Command Mode Line Configuration (console) mode User Guidelines This command is available only on the line console.
exec-timeout 101 User Guidelines This command is available only on the line console. T o start communication using Autobaud , pr ess < Enter > twice. This configuration applies only to the current session. Example The following example enables autoba ud.
102 C HAPTER 6: L IN E C OMMANDS Example The following example configures the interval that the system waits until user input is detected to 20 minutes. history The history Line Configuration mode command enables the command history function. T o disable the command history function, use the no form of this comma nd.
terminal history 103 Syntax history size number -of-commands no history size Parameters ■ number -of-commands —Number of commands that the system recor ds in its history buffer . (Range: 10-20 0) Default Configuration The default history buffer size is 10.
104 C HAPTER 6: L IN E C OMMANDS Command Mode User EXEC mode User Guidelines There ar e no user guideline s for this command. Example The following example disables the command history function for the current terminal session.
show line 105 Example The following example configures the command history buffer size to 20 commands for the current terminal session. show line The show line Privileged EXEC mode command displays line parameters. Syntax show line [console | telnet | ssh] Parameters ■ console — Console terminal line.
106 C HAPTER 6: L IN E C OMMANDS Parity: none Stopbits: 1 Telnet configuration: Interactive timeout: 10 minutes 10 seconds History: 10 SSH configuration: Interactive timeout: 10 minutes 10 seconds His.
7 PHY D IAGNOSTICS C OMMANDS test copper -port tdr The test copper -port tdr Privileged EXEC mode command uses T ime Domain Reflectometry (T DR) technology to diagno se the quality and characteristics of a copper cable attached to a port. Syntax test copper -port tdr interface Parameters ■ interface — A valid Ethernet po rt.
108 C HAPTER 7: PHY D IA GNOSTICS C OMMANDS Example The following example results in a report on the cable attached to port g3. show copper -ports tdr The show copper -ports tdr Privileg ed EXEC mode command displays information on the last T ime Domain Reflectometry (TDR) test performed on copper ports.
show copper-ports cable-length 109 show copper -ports cable-length The show copper -ports cable-length Privileged EXEC mode command displays the estimated copper cable length at tached to a port. Syntax show copper -ports cable-length [ interface ] Parameters ■ interface — A valid Ethernet po rt.
110 C HAPTER 7: PHY D IA GNOSTICS C OMMANDS Example The following example displays th e estimated coppe r cable length attached to all ports. show fiber -ports optical-transceiver The show fiber -ports optical-transceiver Privileged EXEC mode command displays the optica l t ransceiver diagnostics.
show fiber-ports optical-transceiver 111 Example The following ex ample displays the optical transce iver diagnosti cs results. Console# show fiber-ports optical-transceive r 21 Curre nt Output Port T.
112 C HAPTER 7: PHY D IA GNOSTICS C OMMANDS Console# show fiber-ports optical-transceive r 21 detailed Current Output Port Temp Voltage Power Power Input LOS [C] [Volt] [mA] [mWatt] [mWatt] ---- ---- ------- ------- ------ ----- ------- 21 34 3.35 8.4 3 2.
8 P ORT C HANNEL C OMMANDS interface port-channel The interface port-channel Global Configuration mode command enters the Global Configu ration mode to configure a specific port-channel. Syntax i nterface port-channel port-channel-number Parameters ■ port-channel-numbe r — A valid port-channel nu mber .
114 C HAPTER 8: P ORT C HANNEL C OMMANDS Syntax interface range port-channel { port-channel-range | all } Parameters ■ port-channel-range — List of v alid port-c hannels to add. Sepa rate nonconsecutive port-channels with a comma and no spaces. A hyphen designates a range of port-channels.
show interfac es port-channel 115 ■ auto — Allows the port to join a ch annel as a r esult of an LACP operation. Default Configuration The port is not assigned to a port-channel. Command Mode Interface Configuration (Ether net) mode User Guidelines There ar e no user guideline s for this command.
116 C HAPTER 8: P ORT C HANNEL C OMMANDS The following example displays inf ormation on all port-channels. Console# show interfaces port-channel Channel Ports ------- ------------------- ------------ .
9 Q O S C OMMANDS qos The qos Global Configur ation mode comma nd enables quality of service (QoS) on the device. T o disa ble QoS on the device, use the no form of this command. Syntax qos [basic | advanced ] no qos Parameters ■ basic — QoS basic mode.
118 C HAPTER 9: Q O S C OMMANDS show qos The show qos Privileged EXEC mode command displays the quality of service (QoS) mode for the device. Syntax show qos Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines T rust mode is displayed if QoS is enabled in basic mode.
class-map 119 ■ match-any — Checks that the packet matches one or more classification criteria in the class map match statement. Default Configuration By default, the match-all parameter is selected.
120 C HAPTER 9: Q O S C OMMANDS show class-map The show class-map Privileged EXEC mode comm and displays all class maps. Syntax show class-map [ class-map-name ] Parameters ■ class-map-name — Specifies the name of the class map to be displayed. Default Configuration This command has no default configurat ion.
policy-map 121 Default Configuration No match criterion is suppor ted. Command Mode Class-map Configuration mo de. User Guidelines There ar e no user guideline s for this command. Example The following example defines the mat ch criterion for class ifying traffic as an access group called ‘enterprise’ in a class map called ‘class1’.
122 C HAPTER 9: Q O S C OMMANDS Configuration and match Class-map Configuration commands to def ine the match criteria of a class. Only one policy map per interface pe r direction is supported. A policy map can be applied to multiple interfaces and directions.
show policy-map 123 Use the service-policy (Ethernet, Port-channel) Interface Configuration mode command to attach a policy ma p to an interface. Use an existing class map to attach classification crit eria to the specified policy map and use the access-group parameter to modify the cl assification criteria of the class map.
124 C HAPTER 9: Q O S C OMMANDS Example The following example displays all policy maps. trust cos-dscp The trust co s-dscp Policy- map Class Configuration mode command configures the trust state. The trust state determines the source of the internal DSCP value used by Qualit y of Service (QoS).
set 125 Example The following example con figures the trust state for a class called ‘class1’ in a policy map called ‘policy1’. set The set Policy-map Class Configuration mo de command sets new values in the IP packet.
126 C HAPTER 9: Q O S C OMMANDS T o r eturn to the Policy-map Configuration mode, use the exit command. T o return to the Privileged EXEC mode, use the end command. Example The following example sets the DS CP value in the packet to 56 for classes in policy map called ‘policy1’.
service-polic y 127 User Guidelines Policing uses a token bucket algorit hm. CIR repr esents the speed with which the token is removed from the bucket. CBS r ep resents the depth of the bucket. Example The following example defines a policer for classif ied traffic.
128 C HAPTER 9: Q O S C OMMANDS Example The following example attaches a polic y map called ‘poli cy1’ to the input interface. qos aggregate-policer The qos aggregate-policer Global Configuration mo de command defines the policer parameters that can be applied to multiple traf fic classes within the same policy map.
show qos aggregate- policer 129 Define an aggregate policer if the polic er is shared with multiple classes. Policers in one port cannot be shared with other policers in another device; traffic fr om two differ ent ports can b e aggregated for policing purposes.
130 C HAPTER 9: Q O S C OMMANDS User Guidelines There are no user guideline s. Example The following ex ample displays the pa rameters of the aggregate policer called ‘policer1’. police aggregate The police aggregate Policy-map Class Configuration mode command applies an aggregate policer to mult iple classes within the same policy map.
wrr-queue cos-map 131 Example The following exam ple applies the aggregate policer called ‘policer’1 to a class called ‘class1’ in po licy map call ed ‘policy1’. wrr -queue cos-map The wrr -queue cos-map Global Configurat ion mode command maps Class of Service (CoS) va lues to a specific egr ess queue.
132 C HAPTER 9: Q O S C OMMANDS User Guidelines This command can be used to distribute traffic into d iffer ent qu eues, where each queue is configur ed with differ ent Weighted Round Rob in (WRR) and Weighted Random Early Det ection (WRED) parameters.
priority-queue out num-of-queues 133 User Guidelines Use the priority-queue out num-of-queues Global Config uration mode command to configure a queue as WRR or Strict Priority . Use this command to define a W RR weight per interface. The weight ratio for each queue is defined by the queue weight divided by the sum of all queue weights (i.
134 C HAPTER 9: Q O S C OMMANDS Command Mode Global Configurat ion mode User Guidelines Configuring the number of expedite queues affects the Weighted Round Robin (WRR) weight ratio because fe wer queues participate in the WRR. Example The following example configures th e number of expedite queues as 0.
rate-limit interface con figurat ion 135 T o activat e the shaper on an egress port, enter the Interface Configuration mode and specify th e por t number .
136 C HAPTER 9: Q O S C OMMANDS Examples The following example limits the rate of the incoming tr affic to 62. show qos interface The show qos interface Privileged EXEC mode command displays Quality of Service (QoS) in format ion on the interface.
show qos interface 137 Example The following example disp lays the buffer settings for queues on Ether net port 1. Console# show qos interface ether- net g1 buffers Ethernet g1 Notify Q depth qi d Si .
138 C HAPTER 9: Q O S C OMMANDS qos map policed-dscp The qos map policed-dscp Global Configurat ion mode command modifies the policed-DSCP map for remarking purposes.
qos map dscp-queue 139 Parameters ■ dscp- list — Specifies up to 8 DSCP va lues separated by a space. (Range: 0-63) ■ dscp-mark-down — Specifies the DS CP value to mark down. (Range: 0-63) Default Configuration The default map is the Null map, whic h means that each incoming DSCP value is mapped to the same DS CP value.
140 C HAPTER 9: Q O S C OMMANDS Default Configuration The following table describes the d efault map. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command. Example The following ex ample maps DSCP values 33, 40 and 41 to queue 1.
qos trust (Interface) 141 Command Mode Global Configurat ion mode User Guidelines Packets entering a quality of service (QoS) domain are classified at the edge of the QoS domain.
142 C HAPTER 9: Q O S C OMMANDS User Guidelines There ar e no user guideline s for this command. Example The following example configures Et hern et port 15 to the default trust state. qos cos The qos cos Interface Configu ration (Eth er net, port-channel) mode command defines the default CoS value of a port.
qos dscp-mutation 143 qos dscp-mutation The qos dscp-mutation Global Config uration mode command ap plies the DSCP Mutation map to a system DSCP trusted port.
144 C HAPTER 9: Q O S C OMMANDS Syntax qos map dscp-mutation in-dscp to out -dscp no qos map dscp-mutation Parameters ■ in-dscp — Specifies up to 8 DSCP va lues separated by spa ces. (Range: 0-63) ■ out-dscp — Specifies up to 8 DSCP values separate d by spaces.
security-suite dos protect 14 5 Parameters ■ global-rules-only — Specifies that all the se curity suites commands would be only global commands. This setting saves space in the T er nary Conten t Addressable Memory (TCAM). Default Configuration No protection is configur ed.
146 C HAPTER 9: Q O S C OMMANDS Command Mode Global Configurat ion mode User Guidelines The following table describes a list of Do S attacks and the protection type: Example The following example protects the system from the Invasor T rojan.
security-suite deny martian-addresses 147 ■ res e rv e d — Specify to discard packets with source address or destination address in the block of the reserved IP addr esses. See the usage guidelines for a list of r eserved addresses. Default Configuration Martian addresses ar e allowed.
148 C HAPTER 9: Q O S C OMMANDS Example The following example discard all packets with a source addr ess or a destination address in the block of the reserved IP addresses. 192.168.0.0/16 Privat e-Use Networks. 198.18.0.0/15 This block has been allocated for use in benchmark tests of network interconnect devices.
10 C LOCK C OMMANDS clock set The clock se t Privileged EXEC mode command manually sets the system clock. Syntax clock set hh:mm:ss day month year or clock set hh:mm:ss month day year Parameters ■ hh:mm:ss — Current time in hours (mil itary format), minutes, and seconds.
150 C HAPTER 10: C LOCK C OMMANDS Example The following example sets the system time to 13:32:00 on March 7th, 2005. clock source The clock source Global Configuration mode command configures an external time source for the system clock. Use no form of this command to disable external time source.
clock summer-time 151 Syntax clock timezone hours-offset [ minutes minu tes-offset] [ zone acronym ] no clock timezone Parameters ■ hours-offset — Hours difference fr om UTC. (Ran ge: –12 hours to +13 hours) ■ minutes-offset — Minutes differ ence from UTC.
152 C HAPTER 10: C LOCK C OMMANDS clock summer -time date month date year hh:mm month date year hh:mm [ offset offset ] [ zone acronym ] no clock summer -time recurring Parameters ■ recurring — Indicates that su mmer time should start and end on the corresponding specified days every year .
sntp authentication-key 153 User Guidelines In both the date and recurring forms of the command, the first part of the command specifies when sum m er time begins, and the second part specifies when it ends. All times ar e relative to the local t ime zone.
154 C HAPTER 10: C LOCK C OMMANDS ■ value — Key value (Range: 1-8 characters) Default Configuration No authentication key is defined. Command Mode Global Configurat ion mode User Guidelines Multiple keys can be generated. Example The following example defines th e auth entication key for SNTP .
sntp trusted-key 155 Example The following example defines the auth entication key for SNTP and grants authentication. sntp trusted-key The sntp trusted-key Global Configuration mo de command authenticates the identity of a syst em to which Sim ple Network Time Protocol (SNTP) will synchronize.
156 C HAPTER 10: C LOCK C OMMANDS Example The following example authenticates key 8. sntp client poll timer The sntp client poll timer Global Configuration mode command sets the polling time for the Simple Networ k Time Protocol (SNTP) client. T o restor eT o restoreT o restor e default configuration, use the no form of this command.
sntp anycast client enable 157 sntp anycast client enable The sntp anycast client enable Global Configuration mod e command enables SNTP anycast client. T o disa ble the SNTP anycast c lient, use the no form of this command. Syntax sntp anycast client enable no sntp anycast client enable Default Configuration The SNTP anycast client is disabled.
158 C HAPTER 10: C LOCK C OMMANDS Default Configuration The SNTP client is disabled on an interface. Command Mode Interface Configuration (Ether net, port-channel, VLAN) mode User Guidelines Use the sntp anycast client enable Global Configuration mode command to enable anycast clients globally .
sntp unicast client poll 159 Example The following example enables the device to use the Simple Network T ime Protocol (SNTP) to re quest and accept SNTP tr affic fr om servers.
160 C HAPTER 10: C LOCK C OMMANDS Syntax sntp server { ip-address | hostname }[ poll ] [ key keyid ] no sntp server host Parameters ■ ip-address — IP addr ess of the server . ■ hostname — Hostname of the server . (Range: 1-158 characters) ■ poll — Enable polling.
show clock 161 Syntax show clock [detail] Parameters ■ detail — Shows timezone and summertime configuration. Default Configuration This command has no default configurat ion.
162 C HAPTER 10: C LOCK C OMMANDS show sntp configuration The show sntp configuration Privileged EXEC mode command shows the configuration of the Simple Netwo rk T ime Pr otocol (SNTP). Syntax show sntp configuration Default Configuration This command has no default configurat ion.
show sntp status 163 show sntp status The show sntp status Privileged EXEC mode command shows the status of the Simple Network T ime Protocol (SNTP). Syntax show sntp status Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
164 C HAPTER 10: C LOCK C OMMANDS Example The following example shows the status of the SNTP . Console# show sntp status Clock is synchronized, stra tum 4, reference is 176.
show sntp status 165 g13 0.0.0.0 00:00:00.0 Feb 19 2005 vlan 1 16.1.1.2 00 15:15:16 .0 LLBG Feb 19 2006.
166 C HAPTER 10: C LOCK C OMMANDS.
11 RMON C OMMANDS show rmon statistics The show rmon statistics Privileged EXEC mode command displays RMON Ethernet statistics. Syntax show rmon statistics { ethernet interface numbe r | port-channe l port-channel-number } Parameters ■ interface number — V alid Eth ernet port.
168 C HAPTER 11: RMON C OMMAND S The following table describes the significant fields shown in the display . Console# show rmon statisti cs ethernet 1 Port: 1 Octets: 878128 Packets: 978 Broadcast: 7 .
rmon collection history 169 rmon collection history The rmon collection history Interface Configuration (Ether net, port-channel) mode command enable s a Remote Monito ring (RMON) MIB history statisti cs group on an inte rface. T o remove a specified RMON history statistics group, use the no form of this co mmand.
170 C HAPTER 11: RMON C OMMAND S Parameters ■ index — Specifies the statistics group index . (Range: 1-65535) ■ ownername — Specifies the RMON statistics gro up owner na me. (Range: 0-160 characters) ■ bucket-number — Number of buckets specified for the RMON collection history group of statisti cs.
show rmon collection history 171 Parameters ■ interface — V alid Ether net port. Elana ■ port-channel-number — V alid port-channel number . Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
172 C HAPTER 11: RMON C OMMAND S show rmon history The show rmon history Pr ivileged EXEC mode command displays RMON Ethernet history statistics. Syntax show rmon history index { throu ghput | errors | other } [ period seconds ] Parameters ■ index — Specifies the requested set of samples.
show rmon history 173 Time Octets Packets Broadcas t Multicas t Util -------- -------- ---- -------- - ------- -------- -- -------- - ----- Jan 18 2005 21:57:00 30359596 2 357568 3289 7287 19% Jan 18 .
174 C HAPTER 11: RMON C OMMAND S The following tabl e describes signifi cant fields shown in the examp le: Sample Set: 1 Owner: Me Interface: g1 Interval: 1800 Requested samples: 50 Granted samples: 5.
rmon alarm 175 rmon alarm The rmon alarm Global Configuration mode command configures alarm conditions. T o remove an alarm, use the no form o f this command .
176 C HAPTER 11: RMON C OMMAND S ■ rthreshold — Specifies the rising threshold. (Range: 0-214748364 7) ■ fthreshold — Specifies the falling threshold. (Range: 0-2147483647) ■ revent — Specifies the event ind ex used when a rising threshold is crossed.
show rmon alarm-table 177 ■ Sample interval — 360000 seconds ■ Rising threshold — 1000000 ■ Falling threshold — 1000000 ■ Rising threshold event index — 10 ■ Falling thr eshold event index — 20 show rmon alarm-table The show rmon alarm-table Privileged EXEC mode command displays the alarms table.
178 C HAPTER 11: RMON C OMMAND S The following tabl e describes signifi cant fields shown in the examp le: show rmon alarm The show rmon alarm Privileged EXEC mode command displays alarm configuration. Syntax show rmon alarm number Parameters ■ number — Specifies the alarm index.
show rmon alarm 179 The following table describes the significant fields shown in the display: Console# show rmon alarm 1 Alarm 1 ------- OID: 1.3.6.1.
180 C HAPTER 11: RMON C OMMAND S rmon event The rmon event Global Configuration mode command co nfigures an event. T o remove an event, use the no form of this command. Syntax rmon event index type [ community text ] [ description text ] [ owner name ] no rmon event index Parameters ■ index — Specifies the event index.
show rmon events 181 User Guidelines If log is specified as the notification type, an entry is made in the log table for each event. If trap is specified, an SNMP trap is sent to one or more management stations.
182 C HAPTER 11: RMON C OMMAND S The following tabl e describes signifi cant fields shown in the examp le: show rmon log The show rmon log Privileged EXEC mode comm and displays the RMON log table. Syntax show rmon log [ event ] Parameters ■ event — Specifies the event index.
rmon table-size 183 Example The following example displays the RM ON log table. The following table describes the significant fields shown in the display: rmon table-size Th e rmon table-size Global Configurat ion mode command configures the maximum size of RMON tabl es.
184 C HAPTER 11: RMON C OMMAND S ■ history entries — Maximum number of history table ent ries. (Range: 20 -32767) ■ log entries — Maximum number of lo g table entries. (Range: 20-32767) Default Configuration History table size is 270. Log table size is 200.
12 IGMP S NOOPING C OMMANDS ip igmp snooping (Global) The ip igmp snooping Global Configuration mode command enables Internet Group Management Protocol (IGMP) snooping. T o disable IGMP snooping, use the no form of this command. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled.
186 C HAPTER 12: IGMP S NOOPING C OMMANDS specific VLAN. T o disable IGMP snooping on a VLAN interface, use the no form of this comma nd. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled . Command Mode Interface Configurat ion (VLAN) mo de User Guidelines IGMP snooping can only be enabled on static VLANs.
ip igmp snooping host-time-out 187 User Guidelines Multicast device ports can be configured statically using the bridge multicast forwar d-all Interface Conf iguration (VLAN) mode command. Example The following example enables au tomatic lear ning of multicast device ports on VLAN 2.
188 C HAPTER 12: IGMP S NOOPING C OMMANDS Example The following example configures the host timeou t to 300 seconds. ip igmp snooping mrouter -time-out The ip igmp snooping mrouter -time-out Interface Configuratio n (VLAN) mode comma nd configur es the mrouter -time-out.
ip igmp snooping leave-time-out 189 ip igmp snooping leave-time-out The ip igmp snooping leave-time-out Interface Configuration (VLAN) mode command configures the leave-time-out.
190 C HAPTER 12: IGMP S NOOPING C OMMANDS Syntax show ip igmp snooping mr outer [ interface vlan-id ] Parameters ■ vlan-id — Specifies the VLAN number . Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
show ip igmp snooping groups 191 Parameters ■ vlan-id — Specifies the VLAN number . Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
192 C HAPTER 12: IGMP S NOOPING C OMMANDS Command Mode Privileged EX EC mode User Guidelines T o see the full multicast address table (including static addr esses) use the show bridge multic ast address-table Pri vileged EXEC comma nd. Example The following example shows IGMP snooping infor mation on multicast groups.
13 LACP C OMMANDS lacp system-priority The lacp system-priority Global Configu ration mode command configures the system priority . T o restor e the default configur ation, use the no form of t his command. Syntax lacp system-priority value no lacp system-priority Parameters ■ value — Specifies system priori ty value.
194 C HAPTER 13: LACP C OMMANDS Syntax lacp port-priority value no lacp port-priority Parameters ■ value — Specifies port priority . (R ange: 1-65535) Default Configuration The default port prio rity is 1. Command Mode Interface Configurat ion (Ether net) mode User Guidelines There ar e no user guideline s for this command.
show lacp ethernet 195 Command Mode Interface Configuration (Ether net) mode User Guidelines There ar e no user guideline s for this command. Example The following example assigns a long administrative LACP timeout to Ethernet port g6 .
196 C HAPTER 13: LACP C OMMANDS Console# show lacp ethernet g1 1 LACP parameters: Actor system priority: 1 system mac addr: 00:00:12:34:56 :78 port Admin key: 30 port Oper key: 30 port Oper number: 21.
show lacp ethernet 197 port Oper key: 0 port Oper number: 0 port Admin priority: 0 port Oper priority: 0 port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronizatio n: FALS.
198 C HAPTER 13: LACP C OMMANDS show lacp port-channel The show lacp port-channel Privileged EXEC mode command displ a ys LACP information for a port-ch annel. Syntax show lacp port-channel [ port_channel_number ] Parameters ■ port_channel_number — V alid port-channel num ber .
show lacp port-channel 199 Port Type Gigabit Ethernet Attached Lag id: Actor System Priority: 1 MAC Address: 00:02:85:0E:1C :00 Admin Key: 1000 Oper Key: 1000 Partner System Priority: 0 MAC Address: 0.
200 C HAPTER 13: LACP C OMMANDS.
14 P OWER OVER E THER NET COMMANDS power inline The power inline Interface Configurat ion mode command configures the administrative mode of the inline power on an interface. Syntax power inline {auto | never} Parameters ■ auto — T ur ns on the device discov ery protocol and applies power to the device.
202 C HAPTER 14: P OWER OVER E THERNET COMMANDS power inline powered-device The power inline powered-device Interf ace Configura tion mode command adds a description of the powered device type. Use the no form of this command to remove the description.
power inline usage-threshold 203 Parameters ■ critical — The operation of the powered device is critical. ■ high — The operation of the powered device is in high priority .
204 C HAPTER 14: P OWER OVER E THERNET COMMANDS Global Configurat ion mode User Guidelines There are no user guidelines for this command. Example The following example co nfigures the threshold for initiating inline power usage alarms to 90 percent.
show power inline 20 5 Syntax show power inline [ ethernet interface ] Parameters ■ interface — V alid Ether net port. Elana Default Configuration There is no default configuration for this command. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
206 C HAPTER 14: P OWER OVER E THERNET COMMANDS The following table describes the f ields shown in the display: 1 Auto Search ing low class0 2 Auto Search ing low class0 3 Auto Search ing low class0 C.
show power inline 20 7 Usage Threshold The usage threshold expressed in percents for comparing the measured power and initiating an alarm if threshold is exceeded. Traps Indicates if inline power traps are enabled. Port The Ethernet port number. Powered device A description of the powered device type.
208 C HAPTER 14: P OWER OVER E THERNET COMMANDS.
15 S PANNING -T RE E C OMMANDS spanning-tree The spanning-tr ee Global Configuration mode command enables spanning-tree functionality . T o disabl e the spannin g-tree functionality , use the no form of t his command. Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled.
210 C HAPTER 15: S PANNING -T REE C OMMANDS no spanning-tree mode Parameters ■ stp — Indicates that the Spanning T ree Pr otocol (STP) is enabled. ■ rstp — Indicates that the Rapid Spanning T ree Pr oto col (RSTP) is enabled. ■ mstp — Indicates that the Multiple Sp anning T ree Protocol (RSTP) is enabled.
spanning-tree hello-time 211 Default Configuration The default forwarding time for the IE EE Spanning T ree Protocol (STP) is 15 seconds. Command Modes Global Configurat ion mode User Guidelines When .
212 C HAPTER 15: S PANNING -T REE C OMMANDS When configuring the hello time, the following relationship should be kept: Max-Age >= 2*(Hello-T ime + 1) Example The following example configures span ning tree bridge hello time to 5 seconds.
spanning-tree priority 213 Example The following example configures the spanning tree bridge maximum-age to 10 seconds. spanning-tree priority The spanning-tree priority Global Configuration mode command configures the spanning tree p riority of the device.
214 C HAPTER 15: S PANNING -T REE C OMMANDS Syntax spanning-tree disable no spanning-tree disable Default Configuration Spanning tree is enabled on all ports. Command Modes Interface Configuration (Eth ernet, port-chan nel) mode User Guidelines There ar e no user guideline s for this command.
spanning-tree port-priority 215 Command Modes Interface Configuration (Eth ernet, port -channel) mode User Guidelines The path cost method is configured using the spanning-tree pathcost method Global Configuration mode command. Example The following example configures the spanning-tree cost on Ether net port g15 to 35000.
216 C HAPTER 15: S PANNING -T REE C OMMANDS Example The following example configures the spanning priority on Ethernet port g15 to 96. spanning-tree portfast The spanning-tree portfas t Interface Configuration mode command enables PortFast mode .
spanning-tree link-type 217 spanning-tree link-type The spanning-tree link-type Interface Configurat ion mode command overrides the def ault link-type setti ng determined by the duplex mode of the port and enables Rapid Spanning T r ee Pr otocol (RSTP) transitions to the forwarding state.
218 C HAPTER 15: S PANNING -T REE C OMMANDS Syntax spanning-tree pathcost method {long | short} no spanning-tree pathcost method Parameters ■ long — Specifies port path costs with a range of 1-200 ,000,000 . ■ short — Specifies port path costs with a range of 0- 65,535.
clear spanning-tree detected-protocols 219 ■ flooding — Flood BPDU packets when the spanning tree is disabled on an interface. Default Configuration The default setting is flooding. Command Modes Global Configurat ion mode User Guidelines There ar e no user guideline s for this command.
220 C HAPTER 15: S PANNING -T REE C OMMANDS Example The following example restarts the protocol migration process on Ether net port g11. spanning-tree mst priority The spanning-tree mst priority Global Configuration mode command configures the device priority for th e specified spanning-t ree instance.
spanning-tree mst port-priority 221 discarded and the port information is aged out. T o restore the default configuration, use the no form of this command. Syntax spanning-tree mst max-hops hop-count no spanning-tree mst max-hops Parameters ■ hop-count —Number o f hops in an MST region before the BDPU is discarded .
222 C HAPTER 15: S PANNING -T REE C OMMANDS Default Configuration The default port priority for IEEE Mu ltiple Spanning T ree Pr otocol (MSTP) is 128. Command Modes Interface Configuration (Eth ernet, port-chan nel) mode User Guidelines There ar e no user guideline s for this command.
spanning-tree mst configuration 223 Command Modes Interface Configuration (Eth ernet, port -channel) mode User Guidelines There ar e no user guideline s for this command. Example The following example configures the MSTP instance 1 path cost for Ethernet port 9 t o 4.
224 C HAPTER 15: S PANNING -T REE C OMMANDS instance (mst) The instance MST Configuration mode co mmand maps VLANS to an MST instance. Syntax instance instance-id { add | re m ov e } vlan vlan-range Parameters ■ instance-ID —ID of the MST instance (Range: 1-15).
revision (mst) 225 Syntax name string Parameters ■ string — MST configuration name. The na me is case-sen sitive. (Range : 1-32 characters) Default Configuration The default name is the MAC address. Command Mode MST Configuration mode User Guidelines There ar e no user guideline s for this command.
226 C HAPTER 15: S PANNING -T REE C OMMANDS User Guidelines There ar e no user guideline s for this command. Example The following example sets the configuration revision to 1. show (mst) The show MST Configuration mo de command displays the current or pending MST region configuration.
exit (mst) 227 exit (mst) The exit MST Configuration mode command exits the MST Configuration mode, and applies all configuratio n changes. Syntax exit Default Configuration This command has no default configurat ion. Command Mode MST Configuration mode User Guidelines There ar e no user guideline s for this command.
228 C HAPTER 15: S PANNING -T REE C OMMANDS Command Mode MST Configuration mode User Guidelines There ar e no user guideline s for this command. Example The following example exits th e MST Configuration mode wit hout saving changes.
show spanning-tree 229 Example The following example prevents Ethernet port g1 from being the root port of the device. show spanning-tree Th e show spanning-tree Privileged EXEC mode command displays spanning-tree configuration.
230 C HAPTER 15: S PANNING -T REE C OMMANDS Example The following example displays spanni ng-tree information. Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: s h.
show spanning-tree 231 g2 Enabl ed 128.2 20000 FWD Desg No Share d (STP) g3 Disab led 128.3 20000 ---- g4 Enabl ed 128.4 20000 BLK ALTN No Share d (STP) g5 Enabl ed 128.
232 C HAPTER 15: S PANNING -T REE C OMMANDS g3 Disab led 128.3 20000 ---- g4 Enabl ed 128.4 20000 FWD Desg No Share d (STP) g5 Enabl ed 128.5 20000 DIS - - - Console# show spanning-tree Spanning tree .
show spanning-tree 233 g1 Enabl ed 128.1 20000 ---- g2 Enabl ed 128.2 20000 ---- g3 Disab led 128.3 20000 ---- g4 Enabl ed 128.4 20000 ---- g5 Enabl ed 128.
234 C HAPTER 15: S PANNING -T REE C OMMANDS Name State Prio. Nbr Cost Sts Role PortF ast Type ---- ----- -- ----- --- ----- --- ---- ----- --- ----- ----- g1 Enabl ed 128.1 20000 FWD Root No P2p (RSTP ) g2 Enabl ed 128.2 20000 FWD Desg No Share d (STP) g4 Enabl ed 128.
show spanning-tree 235 Interfaces Name State Prio. Nbr Cost Sts Role PortF ast Type ---- ----- -- ----- --- ----- --- ---- ----- --- ----- ----- g4 Enabl ed 128.
236 C HAPTER 15: S PANNING -T REE C OMMANDS Times : hold 1, topology change 35, notification 2 hello 2, max age 20, forward delay 15 Port 1 (1) enabled State: Forwarding Role: Root Port id: 128.
show spanning-tree 237 Number of transitions to fo rwarding state: N/A BPDU: sent N/A, received N/ A Port 4 (4) enabled State: Blocking Role: Alternate Port id: 128.4 Port cost: 20000 Type: Shared (configured:au to) STP Port Fast: No (configured:no) Designated bridge Priority: 28672 Address: 00:30:94:41: 62:c8 Designated port id: 128.
238 C HAPTER 15: S PANNING -T REE C OMMANDS Console# show spanning-tree ethernet 1 Port 1 (1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto ) RSTP Port Fast: No (config ured:no) Designated bridge Priority: 32768 Address: 00:01:42:97: e0:00 Designated port id: 128.
show spanning-tree 239 Addre ss 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio. Nbr Cost Sts Role PortF ast Type ---- ----- -- ----- --- ----- --- ---- ----- --- ----- ----- g1 Enabl ed 128.
240 C HAPTER 15: S PANNING -T REE C OMMANDS Rem hops 19 Bridge ID Prior ity 32768 Addre ss 00:02:4b:29:7a :00 Interfaces Name State Prio. Nbr Cost Sts Role PortF ast Type ---- ----- -- ----- --- ----- --- ---- ----- --- ----- ----- g1 Enabl ed 128.1 20000 FWD Boun No P2p Bound (RSTP ) g2 Enabl ed 128.
show spanning-tree 241 Path Cost 20000 Root Port 1 (g1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Port 1 (g1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto ) Boundary RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.
242 C HAPTER 15: S PANNING -T REE C OMMANDS Port 3 (g3) enabled State: Forwarding Role: Designated Port id: 128.3 Port cost: 20000 Type: Shared (configured: aut o) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
show spanning-tree 243 Bridge ID Prior ity 32768 Addre ss 00:02:4b:29:7a:00 Number of topology changes 2 last change occurred 1d9h ago Times: hold 1, topology c hange 2, notification 2 hello 2, max age 20, forward delay 15 Port 1 (g1) enabled State: Forwarding Role: Boundary Port id: 128.
244 C HAPTER 15: S PANNING -T REE C OMMANDS Port 3 (g3) disabled State: Blocking Role: Alternate Port id: 128.3 Port cost: 20000 Type: Shared (configured: aut o) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:1a:19 Designated port id: 128.
show spanning-tree 245 Path Cost 20000 Root Port 1 (g1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridg e ID Prior ity 32768 Addre ss 00:02:4b:29:7a :00 Hello Time 2 sec Max Age 20 sec Forw.
246 C HAPTER 15: S PANNING -T REE C OMMANDS Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: s hort CST Root ID Prior ity 32768 Addre ss 00:01:42:97:e0:00 Path Cos.
show spanning-tree 247 g4 Enabl ed 128.4 20000 BLK ALTN No Share d (STP) g5 Enabl ed 128.5 20000 DIS - - - Console# s how spanning-tree Spanning tree enabled mode RSTP Default port cost method: l ong Root ID Prior ity 36864 Addre ss 00:02:4b:29:7a:00 This switch is the root.
248 C HAPTER 15: S PANNING -T REE C OMMANDS g5 Enabl ed 128.5 20000 DIS - - - Console# show spanning-tree Spanning tree disabled (BPD U filtering) mode RSTP Default port cost method: l ong Root ID Pri.
show spanning-tree 249 g3 Disab led 128.3 20000 ---- g4 Enabl ed 128.4 20000 ---- g5 Enabl ed 128.5 20000 ---- Console# show spanning-tree active Spanning tree enabled mode RSTP Default port cost meth.
250 C HAPTER 15: S PANNING -T REE C OMMANDS g1 Enabl ed 128.1 20000 FWD Root No P2p (RSTP ) g2 Enabl ed 128.2 20000 FWD Desg No Share d (STP) g4 Enabl ed 128.
show spanning-tree 251 ---- ----- -- ----- --- ----- --- ---- ----- --- ----- ----- 4 Enabl ed 128.4 20000 BLK ALTN No Share d (STP) Console# show spanning-tree detail Spanning tree enabled mode RSTP .
252 C HAPTER 15: S PANNING -T REE C OMMANDS State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto ) RSTP Port Fast: No (config ured:no) Designated bridge Priority: 32768 Address: 00:01:42:97: e0:00 Designated port id: 128.
show spanning-tree 253 Port id: 128.4 Port cost: 20000 Type: Shared (configured:au to) STP Port Fast: No (configured:no) Designated bridge Priority: 28672 Address: 00:30:94:41: 62:c8 Designated port id: 128.
254 C HAPTER 15: S PANNING -T REE C OMMANDS Console# show spanning-tree mst-configuratio n Name: Region1 Revision: 1 Instance Vlans mapped State -------- ------------ ----- -- g0 1-9, 21-4094 Enabl ed.
show spanning-tree 255 g1 Enabl ed 128.1 20000 FWD Root No P2p Bound (RSTP ) g2 Enabl ed 128.2 20000 FWD Desg No Share d Bound (STP) g3 Enabl ed 128.3 20000 FWD Desg No P2p g4 Enabl ed 128.
256 C HAPTER 15: S PANNING -T REE C OMMANDS g1 Enabl ed 128.1 20000 FWD Boun No P2p Bound (RSTP ) g2 Enabl ed 128.2 20000 FWD Boun No Share d Bound (STP) g3 Enabl ed 128.
show spanning-tree 257 Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.25 Designated path cost: 0 Number of transitions to fo rwarding state: 1 BPDU: sent 2, received 1206 38 Port 2 (g2) enabled State: Forwarding Role: Designated Port id: 128.
258 C HAPTER 15: S PANNING -T REE C OMMANDS Type: Shared (configured: aut o) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
show spanning-tree 259 Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.1 Designated path cost: 20000 Number of transitions to fo rwarding state: 1 BPDU: sent 2, received 1206 38 Port 2 (g2) enabled State: Forwarding Role: Designated Port id: 128.
260 C HAPTER 15: S PANNING -T REE C OMMANDS Type: Shared (configured: aut o) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
show spanning-tree 261 Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: l ong ###### MST 0 Vlans Mapped: 1-9, 21-4094 CST Root ID Prior ity 32768 Addre ss 00:01:42.
262 C HAPTER 15: S PANNING -T REE C OMMANDS.
16 C ONFIGURATION AND I MAGE F ILE C OMMANDS copy The copy Privileged EXEC mode command copies files from a sour ce to a destination. Syntax copy source-url destination-ur l Parameters ■ source-url — The source file location URL or reserved keyword of the source file to be copied .
264 C HAPTER 16: C ONFIGURATION AND I MAGE F ILE C OMMANDS Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines The location of a file system dictates the format of the source or destination URL.
copy 265 Copying an Image File from a Server to Flash Memory T o copy an image file fr om a server to flash memory , use the copy source-url im age command. Copying a Boot File from a Server to Flash Memory T o copy a boot file from a server to flash memory , enter the copy source-url boot command.
266 C HAPTER 16: C ONFIGURATION AND I MAGE F ILE C OMMANDS Example The following example copies system image file1 fr om the TF TP server 172.16.101.101 to a non-active imag e file. delete The delete Privileged EXEC mode c ommand deletes a file fr om a flas h memory device.
boot system 26 7 User Guidelines *.sys, *.prv , image- 1 and im age-2 files cannot be deleted. Example The following examp le deletes the file called ‘t est’ from the flash memory . boot system The boot system Privileged EXEC mode command specifies the system image that the dev ice loads at startup.
268 C HAPTER 16: C ONFIGURATION AND I MAGE F ILE C OMMANDS show running-config The show running-config Privilege d EXEC mode command displays the contents of the currently running configuration file. Syntax show running-conf ig Default Configuration This command has no default configurat ion.
show bootvar 269 Syntax show startup-config Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example d isplays the contents of the running configuration file.
270 C HAPTER 16: C ONFIGURATION AND I MAGE F ILE C OMMANDS Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays the active system image file that is loaded by the device at startup.
17 RADIUS C OMMAND radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server h ost. T o delete the specified RADIUS ho st, use the no form of this comma nd.
272 C HAPTER 17: RADIUS C OMMA ND ■ source — Specifies the source IP address to use for communication. 0.0.0.0 is interpreted as re quest to use the IP address of the outgoing IP interface. ■ priority — Determines the order in which servers ar e used, where 0 has the highest priority .
radius-server retransmit 273 Syntax radius-server key [ key-string ] no radius-server key Parameters ■ key-string — Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server . This key must match the encrypti o n used on the RADIUS da emon.
274 C HAPTER 17: RADIUS C OMMA ND Default Configuration The software searches the list of RADIUS server hosts 3 times. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command. Example The following example configures th e number of times the software searches all RADIUS server hosts to 5 times.
radius-server timeout 275 Example The following example configures the source IP addr ess used for communication with all RA DIUS servers to 10.1.1.1. radius-server timeout The radius-server timeout Global Configu ration mode command sets the interval during which the device waits for a server hos t to reply .
276 C HAPTER 17: RADIUS C OMMA ND Syntax radius-server deadtime deadtime no radius-server deadtime Parameters ■ deadtime — Length of time in minute s during which a RADIUS server is skipped over by transaction requests. (Range: 0-2000) Default Configuration The deadtime se tting is 0.
show radius-servers 277 Example The following example displays RADIUS server settings. Console# show radius-servers IP addre ss Port Auth TimeO ut Retra nsmit DeadT ime Sourc e IP Prior ity Usage ----- ---- ---- ----- -- ----- ----- ----- - ----- --- ----- --- ----- 172.
278 C HAPTER 17: RADIUS C OMMA ND.
18 P ORT M ONITOR C OMMANDS port monitor The port monitor Interface Configu ration mode command starts a port monitoring session. T o stop a port monitoring session, use the no form of this command. Syntax port monitor src-interface [ rx | tx ] no port monitor src-interface Parameters ■ src-interface — V alid Ether net port.
280 C HAPTER 18: P ORT M ONITOR C OMMANDS GVRP is not enabled on the port. The port is not a member of a VLAN, except for the default VLAN (will automatically be removed from the default VLAN). The f ollowing restrictio ns apply to ports configured to be source po rts: The port cannot be already conf igured as a destination port.
show ports monito r 28 1 ---------- - ---------- ------ ----- ------- g1 8 RX,TX Act ive g2 8 RX,TX Act ive g18 8 RX Act ive.
282 C HAPTER 18: P ORT M ONITOR C OMMANDS.
19 SNMP C OMMANDS snmp-server community The snmp-server community Global Configuration mode command configures the community access string to permit access to the SNMP protocol. T o remove the specified community string, use the no form of this command.
284 C HAPTER 19: SNMP C OMMANDS Default Configuration No communitie s are de fined. Command Mode Global Configurat ion mode User Guidelines The view-name parameter cannot be specified for su, which has access to the whole MIB. The view-name parameter can be used to restrict the access rights of a community string.
snmp-ser ver view 285 Syntax snmp-server view view-name oid-tree { included | excluded } no snmp-server view view-name [ oid-tree ] Parameters ■ view-name — Specifies the label for the view recor d that is being created or updated. The name is used to reference the r ecord.
286 C HAPTER 19: SNMP C OMMANDS snmp-server group The snmp-server group Global Configuration mode command configures a new Simple Management Pr otocol (SNMP) group or a table that maps SNMP users to SNMP views. T o remove a specified S NMP group, use the no form o f this command.
snmp-server use r 287 Default Configuration No group entry exists. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command.
288 C HAPTER 19: SNMP C OMMANDS ■ auth-md5 password — Indicates the HMAC-MD5-96 authentication level. The user should enter a password for authentication an d generation of a DES key for privacy . (Range: 1-32 ch aracters) ■ auth-sha password —Indicates the HMAC-SHA -96 authentication level.
snmp-server engine ID local 289 The remote engineid designate s the remote management statio n and should be defined to enable the device to r e ceive informs. Example The following example config ures an SNMPv3 user John in a group called user -group.
290 C HAPTER 19: SNMP C OMMANDS User Guidelines T o use SNMPv3, you have to specif y an engine ID for the device. Y ou can specify your own ID or use a default string that is generated using the MAC address of the device. If the SNMPv3 engine ID is deleted or the configuration file is erased, SNMPv3 cannot be used.
snmp-server enable traps 291 snmp-server enable traps The snmp-server enable traps Global Configurat ion mode command enables the device to send SNMP traps. T o disabl e SNMP traps, use the no form of the command. Syntax snmp-server enable traps no snmp-server enable traps Default Configuration SNMP traps ar e enabled.
292 C HAPTER 19: SNMP C OMMANDS text string consisting of numbers, such as 1.3.6.2.4, or a wo rd, such as system. Replace a single subidentifier with the asterisk (*) wildcard to specify a subtr ee family; for example, 1.3.*. 4. ■ included — Indicates that the filter type is included.
snmp-server host 293 Parameters ■ ip-address — Specifies the IP addr ess of the host (targeted recipient) . ■ hostname — Specif ies the name of the host. (Range:1-158 characters) ■ community-string — Specifies a password-like community string sent with the notification operation .
294 C HAPTER 19: SNMP C OMMANDS User Guidelines When config uring an SNMPv1 or SNMPv2 notif ication r ecipient, a notificatio n view for that r ecipient is automaticall y generated for all the MIB. When configuring an SNMPv1 notifica tio n recipient, the Inform option cannot be selected.
snmp-server trap authentication 295 ■ priv — Indicates authentication of a pack et with encryption. ■ port — Specifies the UDP port of the ho st to use. If unspecified, the default UDP port number is 162. (Range: 1-65535) ■ filtername —Specifies a string that defines the filter for this host.
296 C HAPTER 19: SNMP C OMMANDS Default Configuration SNMP failed authentica tion traps are enabled. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command. Example The following example enables SNMP failed authentica tion traps.
snmp-server locat ion 297 The following example configures the system contact point called 3Com_T echnical_Support . snmp-server location The snmp-server location Global Config uration mode command configures the system location string. T o remove the location string, use the no form of t his command.
298 C HAPTER 19: SNMP C OMMANDS Parameters ■ variable-name — MIB variable name (Range 1-160 characters). ■ name value — List of name and value pairs. In the case of scalar MIBs, only a single pair of name values. In th e case of an entry in a table, at least one pair of name and value followed by one or more fields (Range 1-160 characters).
show snmp 299 User Guidelines There ar e no user guideline s for this command. Example The following example displays the S NMP communications statu s. Console# show snmp Commu nity- Stri ng Community-Ac cess View name IP addre ss ----- ----- ---------- ----- ---- ----- --- publi c read only user- view All priva te read write Defau lt 172.
300 C HAPTER 19: SNMP C OMMANDS The following table describes the significant fields shown in the display . show snmp engineid The show snmp engineID Privileged EXEC mode command displays the ID of the local Simple Network Management Protocol (SNMP) engine.
show snmp views 301 Syntax show snmp engineID Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following ex ample displays the SNMP engine ID.
302 C HAPTER 19: SNMP C OMMANDS Example The following example displays the config uration of views. show snmp groups The show snmp groups Privileged EXEC mode command displays the configuration of groups. Syntax s how snmp gr oups [ groupname ] Parameters ■ groupname —Specifies the name of the group.
show snmp filters 30 3 The following table describes significant fields shown above. show snmp filters The show snmp filters Privileged EXEC mode command displays the configuration of filters. Syntax show snmp filters [ filtername ] Parameters ■ filtername —Specifies the name of the filter .
304 C HAPTER 19: SNMP C OMMANDS Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays t he configuration of filters. show snmp users The show snmp users Privileged EXEC mode command displays the configuration of users.
show snmp users 305 Example The following example displays t he configuration of users. Console# show snmp users Name Group name Auth Method Remote ------ ------------ --------- -------------- -------.
306 C HAPTER 19: SNMP C OMMANDS.
20 IP A DDR ESS C OMMANDS ip address The ip address Interface Configuration (default VLAN) mode command sets an IP address. T o remove an IP address, use the no form of this command. Syntax ip addr ess ip-address { mask | prefix-length } no ip address ip-address Parameters ■ ip-address — Specifies the valid IP addr ess.
308 C HAPTER 20: IP A DDRESS C OMMA NDS Example The following example configures VL AN 1 with IP address 131.108.1.27 and subnet mask 255.255.255.0. ip address dhcp The ip address dhcp Interface Configuration (defau lt VLAN) mode command acquires an IP address for an Ethernet interf ace from the Dynamic Host Configuration Protocol (DHCP) server .
ip default-gateway 309 If the device is configured to obtain its IP address fr om a DHCP server , it sends a DHCPDISCOVER me ssage to pr ovide info rm ation about itself to the DHCP server on the network.
310 C HAPTER 20: IP A DDRESS C OMMA NDS This command is only operational in Swit ch mode. Example The following example define s def ault gateway 192.168.1.1. show ip interface The show ip interface Privileged EXEC mode command displays the usability status of conf igured IP interfaces.
arp 311 arp The arp Global Configuration mode comman d adds a permanent entry in the Addr ess Resolution Prot ocol (ARP) cache. T o remove an entry fr om the ARP cache, use the no form of this command. Syntax arp ip_addr hw_addr { ether net interface-number | vlan vlan-id | port-channel port-channel number .
312 C HAPTER 20: IP A DDRESS C OMMA NDS Example The following example adds IP address 198.133.219.232 and MAC address 00:00:0c:40:0f:bc to the ARP table. arp timeout The arp timeout Global Configuration mode command conf igures how long an entry r emains in the AR P cach e.
show arp 313 clear arp-cache Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example deletes all dy namic entries from the ARP cache.
314 C HAPTER 20: IP A DDRESS C OMMA NDS ip domain-name The ip domain-name Global Configuration mode command defines a default domain name used by the software to complete unqualified host names (names without a dotted-decima l domain name). T o remove the default doma in name, use the no form of this co mmand.
ip name-server 315 ip name-server The ip name-s erver Global Configuration mode command defines the available name serv ers. T o remove a na me server , use the no form of this command.
316 C HAPTER 20: IP A DDRESS C OMMA NDS.
21 M ANAGEMENT ACL C OMMANDS management access-list The management access-list Global Configuration mode command configur es a management access li st and enters the Management Access-list Configuration co mmand mo de. T o delete an access list, use the no form of t his command.
318 C HAPTER 21: M ANAGEMENT ACL C OMMANDS Management ACL requires a valid mana gement interface, which is a port, VLAN, or port-chann nel with an IP add ress or console interface. Management ACL only r estricts access to the device for management configuration or viewing.
deny (Management) 319 ■ vlan-id — A valid VLAN number . ■ port-channel-number — A valid port channel index. ■ ip-address — A valid source IP address. ■ mask — A valid network mask of the sour ce IP ad dress. ■ prefix-length — Number of bits that comp rise the source IP addr ess prefix.
320 C HAPTER 21: M ANAGEMENT ACL C OMMANDS Parameters ■ interface -number — A valid Ether net port number . ■ vlan-id — A valid VLAN number . ■ port-channel-number — A valid port-channel number . ■ ip-address — A valid source IP address.
show management access-list 321 Parameters ■ console-only — Indicates that the device can be managed only from the console. ■ name — Specifies the name o f the access list to b e used. (Range: 1-32 characters) Default Configuration If no access list is specified, an empty access list is used.
322 C HAPTER 21: M ANAGEMENT ACL C OMMANDS There ar e no user guideline s for this command. Example The following example displays th e ‘mlist’ management access list. show management access-class The show manageme nt access-class Privileged EXE C mode command displays the active management access list.
22 W IR ELESS R OGUE AP C OMMANDS rogue-detect enable (Radio) The rogue-detect enable AP Interface Radi o Configuratio n mode command enables detection of ro gue APs. T o disable rouge APs detection, use the no form of this command. Syntax rogue-detect enable no rogue-detect enable Parameters This command has no keywords or arguments.
324 C HAPTER 22: W IRELESS R OGUE AP C OMMANDS Example The following example enables the detection of rogue APs. rogue-detect rogue-scan-interval The rogue-detect r ogue-scan-interval AP Interface Radio Configuration mode command defines the scanning interval for rogue APs.
wlan rogue-detect rogue-ap 32 5 The following example defines the scanning interval for rogue APs at 150 seconds. wlan rogue-detect rogue-ap The wlan rogue-detect r ogue-ap Global Co nfiguration mode command sets the status of rouge APs. T o restore defaults, use the no form of this comma nd.
326 C HAPTER 22: W IRELESS R OGUE AP C OMMANDS clear wlan r ogue-ap The clear wlan rogue-ap Privileged EXEC mode command delete s a rogue AP fr om the rogue APs list. Syntax clear wlan rogue-ap mac-address Parameters ■ mac-address — The rogue AP MAC addr ess.
show wlan rogue-aps list 327 ■ name — Specify the AP name. (Range: 1-32 characters) ■ mac-address — Specify the AP MAC address. Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
328 C HAPTER 22: W IRELESS R OGUE AP C OMMANDS Parameters ■ mac-address — The rogue AP MAC addr ess. Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines The show wlan rogue-aps list command displays each rogue at one entry , even if it was discover ed by mor e than one Radio.
show wlan rogue-aps neighborhood 32 9 Parameters ■ mac-address — The AP MAC address detecting r ogue APs. Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
330 C HAPTER 22: W IRELESS R OGUE AP C OMMANDS.
23 W IR ELESS ESS C OMMANDS wlan ess create The wlan ess create Global Configuration mode command creates an ESS. T o remove the ESS, use the no form of this command. Syntax wlan ess create index ssid no wlan ess create index Parameters ■ index — The ESS index.
332 C HAPTER 23: W IRELESS ESS C OMMAND S Syntax wlan ess configure { id index | ssid ssid } Parameters ■ index — The ESS index. (Range: 1-65535) ■ ssid — The ESS SS ID string. (Range: 1-32 characte rs) Default Configuration This command has no default configurat ion.
open vlan 333 User Guidelines The SSID string must be a uniqu e string in the system. The command f ails if there alr e ady exists an SSID with the same name.
334 C HAPTER 23: W IRELESS ESS C OMMAND S qos The qos ESS Configuration mode command enables QoS in an ESS. T o disable QoS, use the no form of this command. Syntax qos { wmm | svp } no qos Parameters ■ wmm — W i-Fi WMM mode. ■ ssid — The ESS SS ID string.
mac-filtering action 335 no load-balancing Parameters ■ association — Load balancing calculations are performed when a station attempts to associa te with an AP in the ESS. The associating station can be moved to an adjacent AP in the ESS pr ior to association.
336 C HAPTER 23: W IRELESS ESS C OMMAND S ■ deny — Deny stations where their MAC address is in the MAC-address-filtering list. ■ ssid — The ESS SS ID string.
security s u it e create 337 Default Configuration Empty list. Command Mode ESS Configuration mode User Guidelines Use the mac-filter ing action ESS con figuration command t o enable the MAC-address-filtering list and to de fine the MAC-address-filtering list type.
338 C HAPTER 23: W IRELESS ESS C OMMAND S ■ 802.1x — 802.1x auth entication with WEP . ■ wpa — W i-Fi Protected Access (WP A and WP A2) are systems to secure wireless (W i-Fi) networks. WP A implements the majority of the IEEE 802.1 1i standard, and was intended as an intermediate measure to take the pla ce of WEP while 802.
security suite configure 339 ■ WP A2 security s uite and WP A2-PSK security suite cannot exist simultaneously . ■ At one time, only one securi ty-suit e per ESS can exist. ■ Open-WEP security suite and WE P security suite cannot exist simultaneously .
340 C HAPTER 23: W IRELESS ESS C OMMAND S ■ wpa — W i-Fi Protected Access (WP A and WP A2) are systems to secure wireless (W i-Fi) networks. WP A implements the majority of the IEEE 802.1 1i standard, and was intended as an intermediate measure to take the pla ce of WEP while 802.
timer (Security-Suite ESS) 341 Default Configuration VLAN #1 Command Mode Security-Suite ESS Configuration mode User Guidelines There ar e no user guideline s for this command. Example The following example configures the policy VLAN for a security-suite to VLAN ID 5.
342 C HAPTER 23: W IRELESS ESS C OMMAND S ■ reauth-time seconds — Re-authentication ti meout period. (Range: 1-4294967295) ■ idle-time seconds — DLE timeout period. (Range: 1-9676800) ■ never — There is an unlimited r ekeying timeout period.
wpa2 pre-authentication 34 3 No key is de fined. Command Mode Security-Suite ESS Configuration mode User Guidelines There ar e no user guideline s for this command. Example The following example defines that a gr oup key should be updated after a station leaves the A P .
344 C HAPTER 23: W IRELESS ESS C OMMAND S Example The following example enables WP A2 pre-authenti cation in an ESS. show wlan ess The show wlan Priv ileged EXEC mode command displays information on the ESS configu ration.
show wlan ess 345 Example The following example configures the display of the WLAN ESS configuration. The following example configures the display of the defined ESS configurations. console # show wlan ess con figuration Index SSID Securit y Suite Load Bal.
346 C HAPTER 23: W IRELESS ESS C OMMAND S Console # show wlan ess con figuration 1 Index: 1 SSID: Enterprise Load Balancing: Association QoS: WMM Mac Filter: Disabled WPA2 Preauthentication: Ena bled .
show wlan ess mac-filtering lists 347 The following example configures the display of WLAN ESS rad ios’ configuration. show wlan ess mac-filtering lists The show wlan Privileged EXEC mode command displays the ESS MAC filtering lists. Syntax show wlan ess mac-filtering lists { id index | ssi d ssid } Parameters ■ index — The ESS index.
348 C HAPTER 23: W IRELESS ESS C OMMAND S show wlan ess counters The show wlan ess counters Pr ivileged EXEC mode command displays the number of stations at each ESS. Syntax show wlan ess counters [ index | ssid ] Parameters ■ index — The ESS index.
show wlan ess counters 34 9 The following example displays station numbe rs at ESS ‘enterprise’. Console# show wlan ess coun ters Index SSID Stations ----- ---- ------- 1 Enterprise 182 2 Guest 3 .
350 C HAPTER 23: W IRELESS ESS C OMMAND S.
24 W IR ELESS AP G ENERAL C OMMANDS clear wlan ap The clea r wlan ap Privileged EXEC mode command deactivates an AP . Syntax clear wlan ap { name | mac-addres s} Parameters ■ name — The AP name. (Range: 1-32 characters) ■ mac-address — The AP MAC addre ss.
352 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS wlan ap active The wlan ap active Global Configuration mode command activates an AP . Syntax wlan ap active mac-address [ template temp late-name ] Parameters ■ mac-address — MAC address of the AP to be activated.
wlan ap config 353 ■ mac-address — The AP MAC addre ss. ■ hex hex-number — The secur e key in hexadecimal format. 32 hexadecimal characters must be entered. ■ ascii string — The secure key in hexa d ecimal format. From 1-16 characters can be entered.
354 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS Command Mode Global Configurat ion mode User Guidelines Only active APs can be placed in AP Configuration mode. Example The following example sets the de vice in AP Configuration mode. name The name AP Configuration mod e command configures a wireless AP name.
tunnel priority 355 tunnel priority The tunnel priority AP Configuration mode command configures a wireless AP priority for VLAN tunneling. T o restore default settings, use the no form of t his command. Syntax tunnel priority priori ty no priority Parameters ■ priority — The relative priority of the wireless AP as a source for VLANs.
356 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS Syntax wan enable no wan enable Parameters This command has no keywords or arguments. Default Configuration Disabled Command Mode AP Configuration mode User Guidelines There ar e no user guideline s for this command.
vlan allowed 357 User Guidelines There ar e no user guideline s for this command. Example The following example enters th e Interface Conf iguration mode. vlan allowed The vlan allowed AP interface Ether net Conf ig uration mode command adds or removes VLANs to the Ethernet port of a wireless AP .
358 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS The following ex ample adds VLANs 1,2, 3 and 4 to the Ether net port of a wireless AP . vlan native Th e vlan native AP interface Ethernet Configuration mode command sets the native VLAN of the Ethernet port of a wireless AP .
set wlan copy 35 9 Syntax wlan template ap conf igure name Parameters ■ name — The name of the AP te mplate. (Range: 1-32 characters) Default Configuration This command has no default configurat ion.
360 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS Default Configuration This command has no default configurat ion. Command Mode Wireless AP template configuration mode User Guidelines Copying the template to an AP overri des the entire AP configuration with the template configuration.
show wlan aps 361 ■ name ■ ssid Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example displays information on active APs.
362 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS The following example displays detaile d information on a specific active AP: The following example displays impo rtant radio information on all the active APs. Console # show wlan aps AP1 Name: AP1 MAC Address: 00-9E-92-4C-73 -FC Type: a, g State: Enabled Status: Disabled 802.
show wlan aps 363 The following ex ample displays the SSIDs that are associated with each active AP . The following example displays: 1) Station VLANs: List all the VLANs r equired for the stations that are associated with that A P . 2) Ethernet VLANs: The VLANs c onfigured on the AP Ethernet port.
364 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS The following example displays th e AP model, serial number and software versions. show wlan ap interface radio The show wlan ap interface radio Privileged EXEC mode command displays information on an AP radio interface.
show wlan ap interface ethernet 365 Example The following example displays info rmation on an AP radio interface. show wlan ap interface ether net The s how wlan ap interface ether net Privileged EXEC mode command displays information on an AP radio interface.
366 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS Example The following example displays info rmation on an AP radio interface. show wlan aps counters The show wlan aps counters Privileged EXEC mode command displays information on the AP tr affic.
show wlan aps counters 367 The following example displays in formation on the AP traffic. Console# show wlan aps coun ters Name Stations Name Stations ------ ----------- -- ------ ----------- -- AP1 1.
368 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS show wlan aps discovered The show wlan aps discovered Privileged EXEC mode command displays wireless APs that wer e discovered bu t not activated . Syntax show wlan aps discover ed [ mac-address ] Parameters ■ mac-address — MAC addr ess of the AP .
show wlan template aps 369 The following example displays wire less APs that were discover ed but were not activated. show wlan template aps The show wlan template aps Privileged EXEC mode command displays the template AP configuration. Syntax s how wlan template aps [ name ] Parameters ■ name — Specify the AP name.
370 C HAPTER 24: W IRELESS AP G ENERAL C OMMANDS Console # show wlan templat e aps Name Radio a Radio g ------- -------- -------- default Enabled Enabled indoor Enabled Enabled outdoor Enabled Enabled Console # show wlan aps indoor NAME: vivi MAC Address: 00:f0:00:00:06 :25 802.
25 SSH C OMMANDS ip ssh port The ip ssh port Gl obal Configuration mode command specifies the port to be used by the SSH se rver . T o restore the default configuration, use the no form of this command. Syntax ip ssh port port-number no ip ssh port Parameters ■ port-number — Port number for use by t he SSH server (Ra nge: 1-65535).
372 C HAPTER 25: SSH C OMMANDS ip ssh server Th e ip ssh server Global Configuration mode command enables the device to be configured fr o m a SSH server . T o disable th is function, use the no form of t his command. Syntax ip ssh server no ip ssh server Default Configuration Device configuration from a SSH server is disabled.
crypto key generate rsa 373 User Guidelines DSA keys are generated in pairs: one public DSA key and one private DSA key . If the device alr eady has DSA keys, a warning and prompt to r eplace the existing keys with new keys ar e displayed.
374 C HAPTER 25: SSH C OMMANDS Example The following example generates RSA key pairs. ip ssh pubkey-auth The ip ssh pubkey-auth Global Configuration mode command enab les public key authentication for incoming SSH sessions. T o disable this functi on, use the no form of this command.
user-key 375 Default Configuration No keys are specified. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command. Example The following example enters the SS H Public Key-chain Co nfiguration mode and manually configures the RS A key pair for SSH public key-chain bob .
376 C HAPTER 25: SSH C OMMANDS Parameters ■ username — Specifies the user name of the remote SSH client. (Range: 1-48 characters) ■ rsa — Indicates the RSA key pair . ■ dsa — Indicates the DSA key pair . Default Configuration No SSH public keys exist.
key-string 377 Default Configuration No keys exist. Command Mode SSH Public Key-string Configuration mod e User Guidelines Use the key-string SSH Public Key- string Configuration mode command to specify which SSH public key is to be interactively configur ed next .
378 C HAPTER 25: SSH C OMMANDS show ip ssh The show ip ssh Privileged EXEC mode command displays the SSH server configuration. Syntax show ip ssh Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
show crypto key mypubkey 379 show crypto key mypubkey The show crypto key mypubkey Privileged EXEC mode command displays the SSH public keys on the device. Syntax show crypto key mypubkey [ rsa | dsa ] Parameters ■ rsa — Indicates the RSA key . ■ dsa — Indicates the DSA key .
380 C HAPTER 25: SSH C OMMANDS show crypto key pubkey-chain ssh The show crypto key pubkey-chain ssh Privileged EXEC mode command displays SSH public keys stored on the device. Syntax show crypto key pubkey-chain ssh [ username username ] [ fingerprint { bubble-babble | hex }] Parameters ■ username — Specifies the remote SSH client use rname.
show crypto key pubkey-chain ssh 381 Key: 005C300D 06092A86 4886 F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 Fingerprint: 9A:CC:01:C5:78 :39:27:86:79:CC:23:C5.
382 C HAPTER 25: SSH C OMMANDS.
26 W EB S ERVER C OMMANDS ip http server The ip http server Global Configu ration mode command enables configuring the device from a browser . T o disable this function, use the no form of this command. Syntax ip http server no ip http server Default Configuration HTTP server is enabled.
384 C HAPTER 26: W EB S ERVER C OMMANDS no ip http port Parameters ■ port-number — Port number for use by the HTTP server . (Range: 1-65535) Default Configuration The default port number is 80. Command Mode Global Configurat ion mode User Guidelines Specifying 0 as the port number effectively disables HTTP access to the device.
ip https server 385 Command Mode Global Configurat ion mode User Guidelines This command also configu res the exec-timeout for HTTPS in case th e HTTPS timeout was not set.
386 C HAPTER 26: W EB S ERVER C OMMANDS Syntax i p https port port-number no ip https port Parameters ■ port-number — Port number to be used by the HTTP server .
crypto certifi cat e gener ate 387 ■ common- name — Specifies the fully qualified URL or IP address of the device. (Range: 1-64) ■ organization — Specifies the organization name. (Range: 1-64) ■ organization-unit — Specifies the organization-unit or department name.
388 C HAPTER 26: W EB S ERVER C OMMANDS crypto certificate re quest The crypto certificate request Privileged EXEC mode command generates and displays certificate requests for HTTPS.
crypto certificat e import 389 Example The following example generates and displays a certificate request for HTTPS. crypto certificate import The crypto certificate import Global Configuration mod e command imports a certificate signed by th e Certification Auth ority for HTTPS.
390 C HAPTER 26: W EB S ERVER C OMMANDS The imported certif icate must be base d on a cer tificate request cr eated by the crypto certificate r equest Privileged EXEC m ode command. If the public key found in the certif icate does not match the device's SSL RSA key , the command fails.
show crypto certificat e myc ertificate 39 1 Parameters ■ number — Specifies the certificate number . (Range: 1-2) Default Configuration There is no default configuration for this command. Command Mode Global Configurat ion mode User Guidelines The crypto certif icate generat e comm and should be used to generate HTTPS certificates.
392 C HAPTER 26: W EB S ERVER C OMMANDS The following example displays the cert ificate. show ip http The show ip http Privileged EXEC mode command displays the HTTP server configuration. Syntax show ip http Default Configuration This command has no default configurat ion.
show ip https 39 3 Example The following example displays the HTT P server configuration. show ip https The show ip https Pr ivileged EXEC mode command displays the HTTPS server configuration. Syntax show ip https Default Configuration This command has no default configurat ion.
394 C HAPTER 26: W EB S ERVER C OMMANDS Console# show ip https HTTPS server enabled. Port: 443 Certificate 1 is not active . Issued by : C= , ST= , L= , CN=10.6.41.138, O= , OU= Valid From: Apr 30 20:51:5 4 2003 GMT Valid to: Apr 29 20:51:54 2004 GMT Subject: C= , ST= , L= , CN=10.
27 T ACACS+ C OMMANDS tacacs-server host Th e tacacs-server host Global Configuration mode command specifies a T ACACS+ host. T o delete the spec ified name or address, use the no form of this command.
396 C HAPTER 27: TACACS+ C OMMAND S ■ source — Specifies the source IP address to use for the communication. 0.0.0.0 indicates a request to use the IP address of the outgoing IP interface. ■ priority — Determines the order in which the T ACACS+ servers are used, where 0 is the highest priority .
tacacs-server t imeout 397 server . This key must match the encrypt ion used on the T ACACS+ daemon. (Range: 0-128 charact ers) Default Configuration Empty string. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command.
398 C HAPTER 27: TACACS+ C OMMAND S Example The following example sets the timeout value to 30 for all T ACACS+ servers. tacacs-server source-ip The tacacs-server sour ce-ip Global Configu ration mode command configures the source IP address to be used for communication with T ACACS+ servers.
show tacacs 399 show tacacs The show tacacs Privileged EXEC mode comm and displays configuration and statistical information about a T ACACS+ ser ver . Synt ax show tacacs [ ip-address ] Parameters ■ ip-address — Name or IP address of the T ACACS+ server .
400 C HAPTER 27: TACACS+ C OMMAND S Global values ------------- TimeOut: 3.
28 S YSLOG C OMMANDS logging on The logging on Global Configuration mode command controls err or message logging. This command se nds debug or error messages to a logging process, which logs messages to designated locations asynchronously to the process that generated the messages.
402 C HAPTER 28: S YSLOG C OMMANDS logging The logging Global Configuration mode command lo gs messages to a syslog server . T o delete the syslog se rver with the spe cified ad dress from the list of syslogs, use the no form of this command.
logging console 403 Example The following example limits logged me ssages sent to the syslog server with IP address 10.1.1 .1 to seve rity level critical . logging console The logging console Glob al Configuratio n mode command limits messages logged to the console based on severity .
404 C HAPTER 28: S YSLOG C OMMANDS Syntax l ogging buf fered level no logging buffered Parameters ■ level — Specifies the severity le vel of messages logged in the buf fer . The possible values are: emergencies , alerts , critic al , errors , warnings , notifications , informational , debugging .
clear loggin g 405 Default Configuration The defaul t number of messages is 200. Command Mode Global Configurat ion mode User Guidelines This comman d takes ef fect only after Reset. Example The following example chang es the number of syslog messages stored in the internal buffer to 300.
406 C HAPTER 28: S YSLOG C OMMANDS logging file The logging file Global Configuration mode command limits syslog messages sent to the logging file based on severity .
aaa logging 40 7 Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command. Example The following example clears me ssages from the logging file. aaa logging The aaa logging Global Co nfiguration mode command enables loggin g AAA login events.
408 C HAPTER 28: S YSLOG C OMMANDS file-system logging The file-system logging Global Conf iguration mode command enables logging file system events. T o disable logging file system events, use the no form of this command.
show logging 40 9 no management logging deny Parameters ■ deny — Indicates logging mess ages related to deny actions of management ACLs. Default Configuration Logging management ACL events is en abled. Command Mode Global Configurat ion mode User Guidelines Other types of management ACL events are not subject to this command.
410 C HAPTER 28: S YSLOG C OMMANDS The following example displays the state of logging and the syslog messages stored in the internal buffer . Console# show logging Logging is enabled. Console logging: level debu gging. Console Messages: 0 Dropp ed (severity).
show logging file 411 show logging file The show logging file Privileged EXEC mode command displays the state of logging and the syslog messages stored in the log ging file. Syntax show logging file Default Configuration This command has no default configurat ion.
412 C HAPTER 28: S YSLOG C OMMANDS Example The following example disp lays the logging state and the syslog messa ges stored in the logging file. Console# show logging file Logging is enabled. Console logging: level debu gging. Console Messages: 0 Dropp ed (severity).
show syslog-servers 413 show syslog-servers The show syslog-servers Privileged EXEC mode command displays the settings of the syslog servers. Syntax s how syslog-servers Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
414 C HAPTER 28: S YSLOG C OMMANDS IP address Port Severity Facility Description ----------- - ---- ----------- -- -------- ----------- 192.180.2.2 7 514 Information al local7 192.
29 W IR ELESS AP BSS C OMMANDS bss The bss Interface Radio Config uration mode command adds or removes ESS to/from a radio interf ace. Syntax bss { add { ess-index | ssid } | rem o ve { ess-index | ssid }} Parameters ■ ess-index — The ESS index. (Range: 1-65535) ■ ssid — The SSID string of the ESS.
416 C HAPTER 29: W IRELESS AP BSS C OMMA NDS Syntax bss enable { index | ssid } Parameters ■ index — The ESS index. (Range: 1-65535) ■ ssid — The SSID string of the ESS. (Range: 1-32 characters) Default Configuration This command has no default configurat ion.
data-rates 417 Command Mode BSS Configuration mode User Guidelines There ar e no user guideline s for this command. Example The following example advertises the BSS SSID. data-rates The data-rates BSS Configurat ion mode command configures the data rates used in a BSS.
418 C HAPTER 29: W IRELESS AP BSS C OMMA NDS User Guidelines There ar e no user guideline s for this command. Example The following example co nfigures the data rates us ed in a BSS to 2 while complying with 802.
30 S YSTEM M ANAGEMENT C OMMANDS ping The ping User EXEC mode command send s ICMP echo request packets to another node on the network. Syntax ping { ip-address | hostname }[ size packet_size ] [ count packet_count ] [ timeout time_out ] Parameters ■ ip-address — IP addr ess to ping.
420 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS Following are examples of unsuccessful pinging: Destination does not respond. If the host does n ot respond, a “no answer from host” appears in ten seconds. Destination un reac hable. The gat eway for this destinatio n indicates that the destinat ion is unreachable.
traceroute 421 traceroute The tracer oute User EXEC mode command discovers routes that packets actually take w hen traveling t o their destin ation. Syntax traceroute { ip-address | hostname }[ si ze .
422 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS User Guidelines The traceroute command takesadvantage of the error messa ges generated by the devices when a data gram exceeds its time- to-live (TTL) value. The traceroute command starts by sending probe datagrams with a TTL value of one.
traceroute 423 Example The following example discovers the rout es that packets will actually tak e when traveling to their destination. The following table describes significant fields shown above. Console> traceroute umaxp1.physics.lsa.umich .edu Type Esc to abort.
424 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS The following tab le describes chara cters that may appear in t he tracer oute command out put. telnet The telnet User EXEC mode command enables logging on to a host that supports T elnet. Syntax telnet { ip-address | hostname } [ port ] [ keyword1.
telnet 425 User Guidelines T elnet software supports special T eln et commands in the form of T elnet sequences that map generic terminal co ntrol functions to operating system-specific functions. T o enter a T e lnet sequence, pr ess the escape sequence keys (Ctrl-shift-6) followe d by a T elnet command character .
426 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS Keywords T able Ports T able Options Descr iption /echo Enables local ech o. /quiet Prevents onscreen display of all messages from the software. /source-interface Specifies the source interface. /stream Turns on stream processing, which enables a raw TCP stream with no Telnet control sequences.
resume 427 This command lists concurrent telnet connections to remote hosts that were opened by the current telnet session to the local device. It does not list telnet connections to remote hosts that wer e opened by other telnet sessions. Example The following example displays conn ecting to 176.
428 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS Default Configuration The default connection number is that of the most recent connection. Command Mode User EXEC mode User Guidelines There ar e no user guideline s for this command. Example The following command switches to open T elnet session number 1.
hostname 429 hostname The hostname Global Configuration mode command specifies or modifies the device host name. T o remove the existing host name, use the no form of t he command. Syntax hostname name no hostname Parameters ■ name — The host name.
430 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS User Guidelines There ar e no user guideline s for this command. Example The following example displays info rmation about the active users. show sessions The show sessions Privileged EXEC mode command lists open T e lnet sessions.
show system 431 The following table describes significant fields shown above. show system The show system Privileged EXEC mode command displays system information. Syntax show system Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
432 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS show version Th e show version Privileg ed EXEC mode command displays system version information. Syntax show version [ unit unit ] Parameters ■ unit — Specifies the number of the unit. (Ran ge: 1-8) Default Configuration This command has no default configurat ion.
service cpu-utilization 433 Example The following example displays syst em version information (only for demonstration purp oses). service cpu-utilization The service cpu-utilization Global Configuration mo de command enables measuring CPU utiliza tion.
434 C HAPTER 30: S YSTEM M ANAGEMENT C OMMANDS show cpu utilization The show cpu utilization Privileged EXEC mode comma nd displays information about CPU utilization. Syntax show cpu utilization Default Configuration This command has no default configurat ion.
31 U SER I NTERFACE C OMMANDS enable The enable Privileged EXEC mode comma nd enter s the Privileged EX EC mode. Syntax enable [ privilege-level ] Parameters ■ privilege-level — Privilege level to enter the system. (Range: 1-15) Default Configuration The default privilege level is 15.
436 C HAPTER 31: U SER I N TERFACE C OMMANDS disable The disable Privileged EXEC mode command r etur ns to the User EXEC mode. Syntax disable [ privilege-level] Parameters ■ privilege-level — Privilege level to enter the system. (Range: 1-15) Default Configuration The default privilege level is 1.
configure 437 User EXEC mode User Guidelines There ar e no user guideline s for this command. Example The following example enters Privileged EXEC mode and logs in with username admin . configure The configur e Privileged EXEC mode command enters the Glob al Configuration mode.
438 C HAPTER 31: U SER I N TERFACE C OMMANDS exit (Configuration) The exit command exits any config urati on mode to the next highest mode in the CLI mode hierarchy . Syntax exit Default Configuration This command has no default configurat ion. Command Mode All configuration modes User Guidelines There ar e no user guideline s for this command.
end 439 User Guidelines There ar e no user guideline s for this command. Example The following example closes an active terminal session . end The end command ends the current config uration session and returns to the Privileged EXEC mode. Syntax end Default Configuration This command has no default configurat ion.
440 C HAPTER 31: U SER I N TERFACE C OMMANDS Syntax help Default Configuration This command has no default configurat ion. Command Mode All command modes User Guidelines There ar e no user guideline s for this command. Example The following example describes the help system.
debug-mode 441 no terminal data-dump Default Configuration Dumping is disabled. Command Mode User EXEC mode User Guidelines By default, a More prompt is displayed when the output contains more lines than ca n be displaye d on the scr een. Pressing the Enter key displays the next line; pressing the Spacebar displays the next screen of output.
442 C HAPTER 31: U SER I N TERFACE C OMMANDS User Guidelines There ar e no user guideline s for this command. show history The show history Privileged EXEC mode co mmand lists the commands entered in the curr en t session. Syntax show history Default Configuration This command has no default configurat ion.
show privilege 443 show privilege The show privilege Privileged/User EXEC mode command displays the current privilege level. Syntax show privilege Default Configuration This command has no default configurat ion. Command Mode Privileged and User EXEC modes User Guidelines There ar e no user guideline s for this command.
444 C HAPTER 31: U SER I N TERFACE C OMMANDS.
32 GVRP C OMMANDS gvrp enable (Global) GARP VLAN Registration Protocol (GVRP) is an industry-standard pr otocol designed to propagate VLAN informat ion fr om device to device. W ith GVRP , a single device is manually configured with all desir ed VLANs for the network, and all other devices on the network lear n these VLANs dynamically .
446 C HAPTER 32: GVRP C OMMAND S gvrp enable (Interface) The gvrp enable Interface Conf iguration (Ethernet, port-cha nnel) mode command enables GVRP on an in terface. T o disable GVRP on an interface, use the no form of this command. Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces.
garp timer 447 Syntax garp timer {join | leave | leaveall } timer_value no garp timer Parameters ■ { join | leave | leaveall } — Indicates the type of timer .
448 C HAPTER 32: GVRP C OMMAND S gvrp vlan-cr eation-forbid The gvrp vlan-creation-forbid Interface Configuration (Ethernet, port-channel) mode command disabl es dynamic VLAN creation or modification. T o enable dynamic VLAN creation or modification, use the no form of this command.
clear gvrp stati stics 449 Default Configuration Dynamic registration of VLANs on the port is allowed. Command Mode Interface Configuration (Eth ernet, port -channel) mode User Guidelines There ar e no user guideline s for this command. Example The following example forbids dynamic registration of VLANs on Ethernet port g1.
450 C HAPTER 32: GVRP C OMMAND S Example The following e xample clears all GV RP statistical information on Ethernet port g1. show gvrp configuration The show gvrp configuration Privieged EXEC mode co.
show gvrp statistics 451 show gvrp statistics The show gvrp statistics Privieged EXEC mode command displays GVRP statistics. Syntax show gvrp statistics [ ethernet interface | port-channel port-channel-number ] Parameters ■ interface — A valid Ethernet po rt.
452 C HAPTER 32: GVRP C OMMAND S show gvrp error -statistics The show gvrp error -statistics Privieged EXEC mode command d isplays GVRP error statistics. Syntax show gvrp err or -statistics [ ether net interface | port-channel port-channel-number ] Parameters ■ interface — A valid Ethernet po rt.
show gvrp error-statistics 453 Example The following example displays GVRP statistical information. Console# show gvrp error-statistics GVRP Error Statistics: Legend: INVPROT : Invalid Protocol Id INV.
454 C HAPTER 32: GVRP C OMMAND S.
33 VLAN C OMMANDS vlan database The vlan da tabase Global Configuratio n mode command enters the VLAN Configuratio n mode. Syntax vlan database Default Configuration This command has no default configurat ion. Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command.
456 C HAPTER 33: VLAN C OMMANDS Parameters ■ vlan-range — Specifie s a list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces; a hyphen designates a range of IDs. (Range: 2-4094) Default Configuration This command has no default configurat ion.
interface range vlan 457 Example The following example configures VL AN 1 with IP a ddress 131.108.1.27. interface range vlan The interface range vlan Global Configuration mode command enables simultaneously config uring multiple VLANs.
458 C HAPTER 33: VLAN C OMMANDS name The name Interface Configuration mod e command adds a name to a VLAN. T o remove the VLAN name, use the no form of this command. Syntax name string no name Parameters ■ string — Unique name to be as sociated with this VLAN.
switchport trunk allowed vlan 45 9 Parameters ■ vlan-id — Specifies the ID of the VLAN to which the port is co nfigured. Default Configuration All ports belong to VLAN 1.
460 C HAPTER 33: VLAN C OMMANDS Command Mode Interface Configuration (Eth ernet, port-chan nel) mode User Guidelines There ar e no user guideline s for this command. Example The following example add s VLANs 1, 2, 5 to 6 to the allowed list of the 1 Ethernet port 1.
switchport general allowed vlan 46 1 The command adds the po rt as a member in native VLAN 2. If the port is already configur ed as a na tive VLAN 3 it will automa tically change the last entry (VLAN 2). Only one native VLAN can be configured to the port.
462 C HAPTER 33: VLAN C OMMANDS User Guidelines This command enables changing th e egress rule (for example fr om tagged to untagged) without first re moving the VLAN from the list. Example The following example adds VLANs 2, 5, and 6 to the allowed list of Ethernet port 1.
switchport general ingr ess-filtering disable 46 3 Example The following example config ures the PVID for Ethernet por t 1, when the interface is in general mode. switchport general ingress-filtering disable The switchport general ingress-filtering disable Interface Configuration mode command disables port ingress filtering.
464 C HAPTER 33: VLAN C OMMANDS Syntax switchport general accept able-frame-typ e tagged-only no switchport general accept able-frame-type tagged-o nly Default Configuration All frame types ar e accepted at ingress. Command Mode Interface Configuration (Eth ernet, port-chan nel) mode User Guidelines There ar e no user guideline s for this command.
show vlan 465 All VLANs ar e allowed. Command Mode Interface Configuration (Eth ernet, port -channel) mode User Guidelines This command can be used to prevent GVRP fr om au tomatically making the specified VLANs active on the selected ports. Example The following example forbids adding VLAN IDs 234 to 256 to Ether net port 1.
466 C HAPTER 33: VLAN C OMMANDS Example The following ex ample displa ys all VLAN information. show vlan internal usage The show vlan inte rnal usage Privileged EXEC mode command d isplays a list of VLANs used internally by the device. Syntax show vlan inter nal usage Default Configuration This command has no default configurat ion.
show interfaces switchport 467 Example The following example displ ays VLANs used internally by the device. show interfaces switchport The show interfaces switchport Privileged EXEC mode command displays the switchport configurat ion.
468 C HAPTER 33: VLAN C OMMANDS Example The following example displays the switchport configu ration for Ether net port. Console# show interfaces sw itchport ethernet g5 Port: g5 Port Mode: General Gv.
34 802.1 X C OMMANDS aaa authentication dot1x The aaa authentication dot1x Global Configuration mode co mmand specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 80 2.1x. T o re store the default configuration, use the no form of this command.
470 C HAPTER 34: 802.1 X C OMMA NDS Example The following example uses the aaa authentication dot1x default command with no authen tication. dot1x system-auth-contro l The dot1x system-auth-control Global Configuration mo de command enables 802.1x globally .
dot1x re-authentication 47 1 Parameters ■ auto — Enables 802.1x authentication on the interface and causes the port to transition to the authorized or unaut horized state based on the 802.1x authenticat ion exchange between the por t and the client.
472 C HAPTER 34: 802.1 X C OMMA NDS Syntax dot1x re-authentication no dot1x re-authentication Default Configuration Periodic re-authentication is disabled. Command Mode Interface Configurat ion (Ether net) mode User Guidelines There ar e no user guideline s for this command.
dot1x re-authenticate 473 User Guidelines There ar e no user guideline s for this command. Example The following example sets the number of seconds betw een re-authentication attempts, to 300. dot1x re-authenticate The dot1x re-authenticate Privileged EXEC mode command manually initiates a re-authentication of all 802.
474 C HAPTER 34: 802.1 X C OMMA NDS quiet state following a failed aut hentication exchange (for example , the client provided an invalid passwor d). T o restore the default configuration, use the no form of this command.
dot1x timeout tx-period 475 dot1x timeout tx-period The dot1x timeout tx-period Interface Configuration mo de command sets the number of seconds that th e device waits for a response to an Extensible Authentication Protocol (E AP)-request/identity frame fr om the client before r esending the request.
476 C HAPTER 34: 802.1 X C OMMA NDS process. T o restor e the default configuration, use th e no form of this command. Syntax dot1x max-req count no dot1x max-req Parameters ■ count — Number of times that the device sends an EAP-request/identity frame before r estarting the authentication process.
dot1x timeout server-timeout 477 Parameters ■ seconds — T ime in seconds that the device waits for a response to an EAP-request frame from the client before r esending the request. (Range: 1-65535 seconds) Default Configuration Default timeout period is 30 seconds.
478 C HAPTER 34: 802.1 X C OMMA NDS The timeout period is 30 seconds. Command Mode Interface Configurat ion (Ether net) mode User Guidelines The actual timeout can be determined by comparing the dot1x.
show dot1x 479 The following example displays the st atus of 802.1x-enabled Ether net ports. Console# show dot1x 802.1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username ---- .
480 C HAPTER 34: 802.1 X C OMMA NDS fThe following table describes the sig n ificant fields shown in the display . Quiet period: 60 Seconds Tx period:30 Seconds Max req: 2 Supplicant timeout: 30 Seco .
show dot1x users 481 show dot1x users Th e show dot1x users Privileged EXEC mode command displays active 802.1x authenticated users for the device. Syntax Quiet period The number of seconds that the devi ce remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password).
482 C HAPTER 34: 802.1 X C OMMA NDS show dot1x users [ usern ame username ] Parameters ■ username — Supplicant user name (Range: 1-160 characters) Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
show dot1x statistics 483 The following table describes the significant fields shown in the displa y . show dot1x statistics The show dot1x statistics Privileged EXEC mode command displays 802.1x statistics for the specified inter face. Syntax show dot1x statistics ether net interfac e Parameters ■ interface — V alid Ether net port.
484 C HAPTER 34: 802.1 X C OMMA NDS The following table describes the significant fields shown in the display . Console# show dot1x statist ics ethernet 1 EapolFramesRx: 11 EapolFramesTx: 12 EapolStar.
dot1x auth-not-req 485 dot1x auth-not-req The dot1x auth-not-req Interface Configuration (VLAN) mode command enables unauthorized device s access to the VLAN. T o disable access to the VLAN, use the no form of this command. Syntax dot1x auth-not-req no dot1x auth-not-req Default Configuration Access is enabled.
486 C HAPTER 34: 802.1 X C OMMA NDS Example The following example enables access to the VLAN to una uthorized devices. dot1x multiple-hosts The dot1x multiple-hosts Interface Configuratio n mode command enables multiple hosts (clients) on an 802.1x-authorized port, where the authorization state of the port is set to auto .
dot1x single-host-violation 487 dot1x single-host-violatio n The dot1x single-host-violation Interface Configuration mode command configures the action to be taken, when a station whose MAC address is not the supplicant MAC addr ess, attempts to access the interface.
488 C HAPTER 34: 802.1 X C OMMA NDS Example The following example forwards frame s with source addr esses that are not the supplicant address and sends co nsecutive traps at intervals of 10 0 seconds. dot1x guest-vlan The dot1x guest-vlan Interface Configuration (VLAN) mode command defines a guest VLAN.
dot1x guest-vlan enable 48 9 Example The following example defines VLAN 2 as a guest VLAN. dot1x guest-vla n enable The dot1x vlans guest-vlan enable Interface Config uration mode command enables unauthorized user s on the interface access to the Guest VLAN.
490 C HAPTER 34: 802.1 X C OMMA NDS show dot1x advanced The show dot1x advanced Privileged EXEC mode command displays 802.1x advanced features for the device or specified interface. Syntax show dot1x advanced [ ethernet interface ] Parameters ■ interface — V alid Ether net port.
show dot1x advanced 491 Interface Multiple Hosts Guest VLAN --------- -------------- ---------- g1 Disabled Enabled Single host parameters Violation action: Discard Trap: Enabled Trap frequency: 100 S.
492 C HAPTER 34: 802.1 X C OMMA NDS.
35 W IR ELESS AP R ADIO C OMMANDS interface radio The interface radio AP Configuration mode co mmand places the device in Radio Configuration mode. Syntax interface radio { 802.11a | 802.11g } Parameters ■ 802.11a — In accordance with 802.11a protocol.
494 C HAPTER 35: W IRELESS AP R ADIO C OMMAND S enable (ap radio) The enable AP Interface Radio Conf iguration mode command administratively enables the ra dio. T o administratively disable the radio, use the no form of this command. Syntax enable no enable Parameters This command has no keywords or arguments.
channel 495 Syntax channel { number | frequ ency | least-congested } no channel Parameters ■ number — Specifies a channel number . The ranges are as follows: ■ 802.1 1 g — 1 – 14. ■ 802.1 1a — 34, 36, 3 8, 40 , 42, 44, 46, 4 8, 52 , 56, 60, 6 4, 14 9, 153, 157, 161.
496 C HAPTER 35: W IRELESS AP R ADIO C OMMAND S power The power AP Interface Radio Configurat ion mode command configures the power level. T o restore the default configuration, use the no form of this command. Syntax power { max | half | quarter | eighth | min } no power Parameters ■ max — Maximum power .
allow traffic 497 allow traffic The allow traffic AP Interface Radio Conf iguration mode command allows users traffic. T o disallow users traffic, use the no form of this command. Syntax allow traffic no allow tr af fic Parameters This command has no keywords or arguments.
498 C HAPTER 35: W IRELESS AP R ADIO C OMMAND S Parameters ■ long — The AP supports long and short preambles. ■ short — The AP supports short preambles. Command Mode AP Interface Ra dio configuration mode User Guidelines This command is only relevant for 802.
antenna 499 Command Mode AP Interface Ra dio Configuration mode User Guidelines There ar e no user guideline s for this command. Example The following example configures the RTS th reshold to 2300 bytes. antenna The antenna AP Interface Radio Configur ation mode command configures an antenna for the transce iver .
500 C HAPTER 35: W IRELESS AP R ADIO C OMMAND S Example The following example configures antenna 1 for the transceiver . beacon period The beacon period AP Interface Radio Configuration mod e command configures the beacon period. T o restore defaults, use the no form of this command.
36 W IR ELESS WLAN C OMMANDS wlan tx-power off The wlan tx-power off Global Configuration mo de command tur ns off all APs transmitters. T o enable transmi t Power , use the no form of this command. Syntax wlan tx-power off no wlan tx-power off Parameters This command has no keywords or arguments.
502 C HAPTER 36: W IRELESS WLAN C OMMAND S wlan country-code The wlan country-code G lobal Configurat ion mode co mmand configures the country code in wh ich the device is lo cated and the physical location of AP connected to the device. T o restor e defau lts, use the no form of t his command.
wlan country-code 503 Belarus BY Iran IR Russian Federation RU Belgium BE Ireland IE San Marino SM Belize BZ Israel IL Saudi Arabia SA Bolivia BO Italy IT Serbia and Monteneg ro CS Bosnia and Herzogov.
504 C HAPTER 36: W IRELESS WLAN C OMMAND S Example The following example configures the co untr y code in which the device is located, as the US. wlan tx-power auto enable The wlan tx-power auto enable Global Configuration mode command enables Auto T ransmit Power .
wlan tx-power auto interval 505 User Guidelines The Auto T r ansmit Power al gorithm adjusts the transmit power of APs, so the signal str e ngth heard at the second-closest access point is as close as possible to the target signal-strength configured by the wlan tx-power auto signal-strengt h Global Configuration command.
506 C HAPTER 36: W IRELESS WLAN C OMMAND S wlan tx-power auto signal-strength The wlan tx-power auto signal-strength Global Configuration mode command configures the target signal stre ngth heard at the second-closest AP . T o restor e defaults, use the no form of this command.
wlan station idle-timeout 50 7 Parameters ■ db — Specifies the signal loss, in dB. (Range: 20-80 dB) Default Configuration The default minimum signal loss difference is 60 dB.
508 C HAPTER 36: W IRELESS WLAN C OMMAND S Command Mode Global Configurat ion mode User Guidelines There ar e no user guideline s for this command. Example The following example configures the length of time befor e an idle station is removed fr om the sys tem and requir ed to login, to 10 min utes.
show wlan 509 show wlan The show wlan Privileged EXEC mode displa ys information on the WLAN configuration. Syntax show wlan Parameters This command has no arguments or keywords. Default Configuration This command has no default configurat ion. Command Mode Privileged EX EC mode User Guidelines There ar e no user guideline s for this command.
510 C HAPTER 36: W IRELESS WLAN C OMMAND S Example The following example specifies th e WLAN in formation for user called ‘Device’. show wlan auto-tx-power The show wlan auto-tx-power Privileged EXEC mode command displays information on the WL AN automatic power transmission configuration.
show wlan logging configuration 511 User Guidelines There ar e no user guideline s for this command. Example The following example displays in formation on the WLAN automatic power transmission configuration .
512 C HAPTER 36: W IRELESS WLAN C OMMAND S Example The following example displays information on the WLAN logging configuration. show wlan stations The show wlan stations Privileged EXEC mode command displa ys information on WLAN stations.
show wlan stations counters 513 Example The following example displays information on WLANs. show wlan stations counters The show wlan stations counters Privileged EXEC mode command displays information on WLAN stations traffic. Syntax show wlan stations counters [ mac mac-addres s] Parameters ■ mac mac-address — The station’ s MAC address.
514 C HAPTER 36: W IRELESS WLAN C OMMAND S Example The following example displays information on WLAN stations. Console# show wlan stations counters Number of stations: 2 MAC Address InPkts OutPkts MI.
37 T R OUBLESHOOTING This section describes problems that may arise when installing the device and how to resolve these issues. This section includes the following topics: ■ Problem Managemen t — Pr ovides informatio n about problem management with the devices.
516 C HAPTER 37: T RO UBLESHOOTI NG ■ No connec tion and the port L ED is off ■ Add and Edit pages do n ot open. ■ Lost password Problem Possible Ca use Soluti on Cannot connect to management us.
Troubleshooting Solutions 517 Software settings Reconfigure the emulation software connection settings. Response from the terminal emulations software is not readable. Faulty serial cable Replace the serial cable. Software settings Reconfigure the emulation software connection settings.
518 C HAPTER 37: T RO UBLESHOOTI NG No connection and the port LED is off Incorrect ethernet cable, e.g., crossed rather than straight cable, or vice versa, split pair (incorrect twisting of pairs). Check pinout and replace if necessary. Fiber optical cable connection is reversed.
Troubleshooting Solutions 519 Add and Edit pages do not open. A pop-up blocker is enabled. Disable pop-up blockers. Problem Possible Ca use Soluti on.
520 C HAPTER 37: T RO UBLESHOOTI NG Lost password The Passwor d Recovery Procedure enables the user to override the current password configuration, and disables the need for a password to access the console. The password recovery is effective until the device is reset.
Troubleshooting Solutions 521.
522 C HAPTER 37: T RO UBLESHOOTI NG.
Een belangrijk punt na aankoop van elk apparaat 3Com 3CRUS2475 (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen 3Com 3CRUS2475 heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens 3Com 3CRUS2475 vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding 3Com 3CRUS2475 leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over 3Com 3CRUS2475 krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van 3Com 3CRUS2475 bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de 3Com 3CRUS2475 kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met 3Com 3CRUS2475 . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.