Powered by Accton
Page
Fast Ethernet Switch
ES3528M-SFP E122007-DG-R01 149100035500A
About This Guide
Installation Guide
Page
Contents
Page
Iii
Page
Contents
Command Line Interface
Vii
Viii
Contents
Page
Contents
Xii
Xiii
Xiv
Contents
Xvi
Appendix a Software Specifications
Appendix B Troubleshooting
Glossary Index
Xvii
Xviii
Xix
Tables
Page
Xxi
Xxii
Xxiii
Figures
Xxiv
Figures
Xxv
Xxvi
Key Features
Key Features
Feature Description
Introduction
Description of Software Features
Description of Software Features
Introduction
Description of Software Features
System Defaults
System Defaults
Function Parameter Default
Password super
Client Enabled
System Defaults Function Parameter
NTP
Clock Synchronization Disabled
Configuration Options
Connecting to the Switch
Required Connections
Initial Configuration
Basic Configuration
Remote Connections
Console Connection
Setting Passwords
Setting an IP Address
Manual Configuration
Dynamic Configuration
Enabling Snmp Management Access
Trap Receivers
152
154
Configuring Access for Snmp Version 3 Clients
Saving Configuration Settings
159
160
Managing System Files
Initial Configuration
Using the Web Interface
Configuring the Switch
Home
Navigating the Web Browser Interface
Panel Display
Configuration Options Action
Button
Revert Apply Help
Main Menu
Main Menu Description
System System Information
Radius Group Settings
TACACS+ Group Settings
Https Settings Configures secure Http settings
116
107
149
155
802.1Q Vlan 155
Current Table
159
164
176
Remote Port Information
Port on this switch Remote Trunk Information
187
190
217
Static Multicast Router Port
225
233
245 Configuration Enables Upnp and defines timeout values
Field Attributes
Displaying System Information
CLI Specify the hostname, location and contact information
Displaying Switch Hardware/Software Versions
Main Board
Management Software
Switch Information
Web Click System, Switch Information
Displaying Bridge Extension Capabilities
Bridge Extension Configuration
CLI Enter the following command
Setting the Switch’s IP Address
Command Attributes
239
166
309
310
311
Using DHCP/BOOTP
Managing Firmware
Enabling Jumbo Frames
Copy Firmware
Downloading System Software from a Server
11 Deleting Files
Saving or Restoring Configuration Settings
12 Downloading Configuration Settings for Startup
Downloading Configuration Settings from a Server
13 Setting the Startup Configuration Settings
Console Port Settings
14 Console Port Settings
Telnet Settings
15 Enabling Telnet
Basic Configuration
System Log Configuration
Configuring Event Logging
Displaying Log Messages
CLI This example shows the event message stored in RAM
Error resource exhausted
Logging Levels
Level Severity Name Description
Remote Log Configuration
18 Remote Logs
Simple Mail Transfer Protocol
19 Enabling and Configuring Smtp
20 Resetting the System
Resetting the System
Setting the System Clock
Setting the Time Manually
Configuring Sntp
21 Sntp Configuration
Configuring NTP
22 NTP Client Configuration
Setting the Time Zone
Simple Network Management Protocol
23 Setting the System Clock
SNMPv3 Security Models and Levels
Setting Community Access Strings
Level Group Read View Write View Notify View Security
User defined
Specifying Trap Managers and Trap Types
Access Mode
156
Enabling Snmp Agent Status
Configuring SNMPv3 Management Access
Setting the Local Engine ID
Web Click SNMP, Agent Status
Configuring SNMPv3 Users
Specifying a Remote Engine ID
Web Click SNMP, SNMPv3, Engine ID
Configuring the Switch
29 Configuring SNMPv3 Users
Configuring Remote SNMPv3 Users
30 Configuring Remote SNMPv3 Users
Configuring SNMPv3 Groups
Supported Notification Messages
Rmon Events
SwPowerStatus 6.1.4.1.259.8.1.4.2.1.0.1
Private Traps
ChangeTrap SwIpFilterRejectTrap 6.1.4.1.259.8.1.4.2.1.0.40
31 Configuring SNMPv3 Groups
Setting SNMPv3 Views
32 Configuring SNMPv3 Views
Configuring User Accounts
User Authentication
33 Access Levels
Command Usage
Configuring Local/Remote Logon Authentication
Tacacs Settings
Radius Settings
34 Authentication Settings
101
100
Configuring Encryption Keys
Command Attributes Radius Settings
TACACS+ Settings
AAA Authorization and Accounting
Configuring AAA TACACS+ Group Settings
Configuring AAA Radius Group Settings
102
103
37 AAA TACACS+ Group Settings
Configuring AAA Accounting
38 AAA Accounting Settings
AAA Accounting Update
AAA Accounting 802.1X Port Settings
106
107
AAA Accounting Exec Command Privileges
108
41 AAA Accounting Exec Command Privileges
AAA Accounting Summary
AAA Accounting Exec Settings
AAA Accounting Summary
AAA Accounting Statistics Summary
110
Web Click Security, AAA, Summary
44 AAA Authorization Settings
Authorization Settings
Authorization Exec Settings
Authorization Summary
109
Https System Support Web Browser Operating System
Configuring Https
47 Https Settings
Replacing the Default Secure-site Certificate
Address server ip-address
Configuring the Secure Shell
Command Usage
Authenticating SSH v2 Clients
Authenticating SSH v1.5 Clients
SSH server includes basic settings for authentication
Configuring the SSH Server
Generating the Host Key Pair
Importing User Public Keys
50 SSH Host-Key Settings
User Authentication
51 SSH User Public-Key Settings
END SSH2 Public KEY
Configuring Port Security
111
Configuring 802.1X Port Authentication
Configuring the Switch
Configuring 802.1X Global Settings
Displaying 802.1X Global Settings
802.1X protocol provides client authentication
CLI This example shows the default global setting for
Configuring Port Settings for
CLI This example enables 802.1X globally for the switch
113
55 802.1X Port Configuration
114
116
117
Displaying 802.1X Statistics
802.1X Statistics
Parameter Description
CLI This example displays the 802.1X statistics for port
Web Authentication
57 Web Authentication Configuration
Configuring Web Authentication
Configuring Web Authentication for Ports
137
Displaying Web Authentication Port Information
Web Click Security, Web Authentication, Port Information
Re-authenticating Web Authenticated Ports
136
Network Access MAC Address Authentication
Configuring MAC Authentication for Ports
Configuring the MAC Authentication Reauthentication Time
Web Click Security, Network Access, Configuration
Mode Enables MAC authentication on a port. Default None
62 Network Access Port Configuration
CLI This example configures MAC authentication for port
Configuring Port Link Detection
Displaying Secure MAC Address Information
63 Network Access Port Link Detection Configuration
Configuring MAC authentication parameters for ports
MAC Authentication
Port Indicates the port being configured
129
123
Access Control Lists
Setting the ACL Name and Type
Configuring Access Control Lists
Configuring a Standard IP ACL
CLI This example creates a standard IP ACL named david
140
141
Configuring an Extended IP ACL
103
68 Configuring Extended IP ACLs
Configuring a MAC ACL
146
Binding a Port to an Access Control List
143
Filtering IP Addresses for Management Access
108
71 Creating an IP Filter List
CLI This example allows Snmp access for a specific client
Port Configuration
Displaying Connection Status
Field Attributes Web
Field Attributes CLI
Configuration
Basic Information
Current Status
Configuring Interface Connections
CLI This example shows the connection status for Port
173
171
167
168
170
Creating Trunk Groups
74 Configuring Static Trunks
Statically Configuring a Trunk
181
Enabling Lacp on Selected Ports
75 Lacp Trunk Configuration
Configuring Lacp Parameters
Dynamically Creating a Port Channel
182
76 Lacp Port Configuration
You can display statistics for Lacp protocol messages
Displaying Lacp Port Counters
Lacp Port Counters
Field Description
CLI The following example displays Lacp counters
77 Lacp Port Counters Information
Lacp Internal Configuration Information
Displaying Lacp Settings and Status for the Local Side
78 Lacp Port Internal Information
79 Lacp Port Neighbors Information
Displaying Lacp Settings and Status for the Remote Side
Setting Broadcast Storm Thresholds
175
172
177
Configuring Port Mirroring
Configuring Rate Limits
Rate Limit Configuration
179
Showing Port Statistics
11 Port Statistics
Etherlike Statistics
Rmon Statistics
Formed Fragments
Formed Oversize Frames
83 Port Statistics
Setting Static Addresses
Address Table Settings
CLI This example shows statistics for port
174
190
Displaying the Address Table
191
85 Configuring a Dynamic Address Table
Changing the Aging Time
Spanning Tree Algorithm Configuration
CLI This example sets the aging time to 300 seconds
192
Designated Root Port Bridge
Displaying Global Settings
139
235
87 Displaying Spanning Tree Information
Configuring Global Settings
Global settings apply to the entire switch
Basic Configuration of Global Settings
Configuration Settings for Rstp
Root Device Configuration
88 Configuring Spanning Tree
Configuration Settings for Mstp
Displaying Interface Settings
AD B
89 Displaying Spanning Tree Port Information
CLI This example shows the STA attributes for port
Configuring Interface Settings
148
CLI This example sets STA attributes for port
Configuring Multiple Spanning Trees
223
225
224
MST Instance ID Instance identifier to configure. Default
Displaying Interface Settings for Mstp
92 Displaying Mstp Interface Settings
Configuring Interface Settings for Mstp
154
Vlan Configuration
Ieee 802.1Q VLANs
CLI This example sets the Mstp attributes for port
Assigning Ports to VLANs
Port-based Vlan
Enabling or Disabling Gvrp Global Setting
CLI This example enables Gvrp for the switch
Forwarding Tagged/Untagged Frames
Command Attributes Web
Displaying Basic Vlan Information
Displaying Current VLANs
96 Displaying Current VLANs Command Attributes CLI
250
Creating VLANs
CLI This example creates a new Vlan
Adding Static Members to VLANs Vlan Index
242
243
163
248
Adding Static Members to VLANs Port Index
Configuring Vlan Behavior for Interfaces
100 Configuring VLANs per Port
Configuring Ieee 802.1Q Tunneling
QinQ Tunneling
Layer 2 Flow for Packets Coming into a Tunnel Access Port
Layer 2 Flow for Packets Coming into a Tunnel Uplink Port
Enabling QinQ Tunneling on the Switch
Configuration Limitations for QinQ
General Configuration Guidelines for QinQ
101 802.1Q Tunnel Status and Ethernet Type
Adding an Interface to a QinQ Tunnel
CLI This example sets the switch to operate in QinQ mode
251
253
252
Private VLANs
Displaying Current Private VLANs
103 Private Vlan Information
Configuring Private VLANs
Associating VLANs
Each community Vlan must be associated with a primary Vlan
256
106 Private Vlan Port Information
Displaying Private Vlan Interface Information
259
Configuring Private Vlan Interfaces
Protocol VLANs
Protocol Vlan Group Configuration
257
258
261
Protocol Vlan System Configuration
Web Click VLAN, Protocol VLAN, System Configuration
Setting Lldp Timing Attributes
Link Layer Discovery Protocol
262
182
195
Configuring Lldp Interface Attributes
197
198
184
111 Lldp Port Configuration
Displaying Lldp Local Device Information
212
Displaying Lldp Remote Port Information
213
Displaying Lldp Remote Information Details
115 Lldp Device Statistics
Displaying Device Statistics
116 Lldp Device Statistics Details
Displaying Detailed Device Statistics
Class of Service Configuration
Layer 2 Queue Settings
Setting the Default Priority for Interfaces
CLI This example assigns a default priority of 5 to port
Port Priority Configuration
Mapping CoS Values to Egress Queues
265
13 CoS Priority Levels
12 Mapping CoS Values to Egress Queues
Priority Level Traffic Type
Background
Enabling CoS
267
269
Setting the Service Weight for Traffic Classes
Selecting the Queue Mode
Web Click Priority, Traffic Classes Status
268
Mapping Layer 3/4 Priorities to CoS Values
Layer 3/4 Priority Settings
Enabling IP Dscp Priority
Switch allows you to enable or disable the IP Dscp priority
14 Mapping Dscp Priority Values
Mapping Dscp Priority
IP Dscp Value CoS Value
10, 12, 14 18, 20, 22 26, 28, 30, 32, 34 38, 40
Quality of Service
270
271
Configuring a Class Map
Configuring Quality of Service Parameters
Class map is used for matching packets to a specified class
Class Map
Match Class Settings
Class Configuration
274
273
Policy Configuration
Creating QoS Policies
Policy Map
Policy Options
Policy Rule Settings Class Settings
125 Configuring Policy Maps
275
Attaching a Policy Map to Ingress Queues
276
277
Configuring VoIP Traffic
VoIP Traffic Configuration
Configuring VoIP Traffic Port
281
282
128 VoIP Traffic Port Configuration
283
Configuring Telephony OUI
284
285
129 Telephony OUI List
Layer 2 Igmp Snooping and Query
Multicast Filtering
Configuring Igmp Snooping and Query Parameters
214
Enabling Igmp Immediate Leave
290
Displaying Interfaces Attached to a Multicast Router
132 Displaying Multicast Router Port Information
Specifying Static Interfaces for a Multicast Router
133 Static Multicast Router Port Configuration
Displaying Port Members of Multicast Services
134 IP Multicast Registration Table
Assigning Ports to Multicast Services
291
Igmp Filtering and Throttling
136 Enabling Igmp Filtering and Throttling
Enabling Igmp Filtering and Throttling
Configuring Igmp Filter Profiles
298
302
Configuring Igmp Filtering and Throttling for Interfaces
Only one profile can be assigned to an interface
299
138 Igmp Filter and Throttling Port Configuration
300
Multicast Vlan Registration
301
303
General Configuration Guidelines for MVR
Configuring Global MVR Settings
304
Displaying MVR Interface Status
307
Displaying Port Members of Multicast Groups
Web Click MVR, Group IP Information
Configuring MVR Interface Status
142 MVR Port Configuration
305
Assigning Static Multicast Groups to Interfaces
Dhcp Snooping
Dhcp Snooping Vlan Configuration
Dhcp Snooping Configuration
Web Click Dhcp Snooping, Configuration
Enables Dhcp snooping on the specified Vlan
Web Click Dhcp Snooping, Vlan Configuration
Dhcp Snooping Information Option Configuration
CLI This example first enables Dhcp Snooping for Vlan
319
Dhcp Snooping Port Configuration
Web Click Dhcp Snooping, Information Option Configuration
322
Dhcp Snooping Binding Information
320
324
IP Source Guard
IP Source Guard Port Configuration
Static IP Source Guard Binding Configuration
313
316
Dynamic IP Source Guard Binding Information
Web Click IP Source Guard, Static Configuration
Web Click IP Source Guard, Dynamic Information
IP Clustering
152 Cluster Member Choice
Cluster Configuration
Web Click Cluster, Configuration
Cluster Member Configuration
Adds Candidate switches to the cluster as Members
325
Cluster Member Information
Displays current cluster Member switch information
Cluster Candidate Information
328
156 Cluster Candidate Information
Web Click Cluster, Candidate Information
UPnP
215
216
217
Accessing the CLI
Using the Command Line Interface
Telnet Connection
Command Completion
Entering Commands
Getting Help on Commands
Keywords and Arguments
Showing Commands
Lldp
Using Command History
Negating the Effect of Commands
Understanding Command Modes
Partial Keyword Lookup
Command Modes
Exec Commands
Configuration Modes Command Prompt
Configuration Commands
Consoleconfig-if# 166
Vlan database Consoleconfig-vlan 242
Consoleconfig#interface ethernet 1/5 Consoleconfig-if#exit
Command Line Processing
Command Line Processing
Keystroke Function
Command Groups Description
Command Groups
Line Commands Function Mode
Line Commands
Line
Login
Username 4-38 password
Password
Syntax Password 0 7 password no password
No password is specified
Exec-timeout
Timeout login response
Password-thresh
Syntax Exec-timeout seconds no exec-timeout
Syntax Password-thresh threshold no password-thresh
Silent-time
Databits
Syntax Silent-time seconds no silent-time
Parity
Syntax Databits 7 8 no databits
Syntax Parity none even odd no parity
Stopbits
Speed
Syntax Speed bps no speed
Syntax Stopbits 1
Show line
Disconnect
Syntax Disconnect session-id
Syntax Show line console vty
Enable
General Commands
General Commands Function Mode
Syntax Enable level
Disable Enable password
Disable
Enable
Level
Configure
Show history
End
Syntax Reload cancel
Reload cancel
Reload
Syntax Reload in hour hours minute minutes
This command returns to Privileged Exec mode
Syntax Show reload Default Setting
Show reload
End
This example shows how to quit a CLI session
This command exits the configuration program
Exit
Quit
System Management Commands
Device Designation Commands
Prompt
Banner
Banner Commands Function Mode
Hostname
Syntax Hostname name no hostname
Syntax Banner configure Default Setting
Banner configure
Name The name of the company. Maximum length 32 characters
Banner configure company
Banner configure department
Banner configure dc-power-info
Banner configure equipment-info
Banner configure ip-lan
Banner configure equipment-location
Lp-num- The LP number. Maximum length 32 characters
Banner configure lp-number
Banner configure manager-info
Banner configure mux
Syntax Banner configure mux muxinfo
No banner configure mux
Banner configure note
This command displays all banner information
Syntax Show banner Default Setting
Show banner
10 User Access Commands Function Mode
User Access Commands
11 Default Login Settings Username Access-level Password
Username
Default is level Default password is super
Enable password
IP Filter Commands
12 IP Filter Commands Function Mode
Management
Show management
Web Server Commands
Ip http port
Ip http server
Ip http secure-server
Syntax No ip http secure-server Default Setting
Ip http port
14 Https System Support Web Browser Operating System
Ip http secure-port4-44 Copy tftp https-certificate
Ip http secure-port
Portnumber The UDP port used for HTTPS. Range
Ip http secure-server4-43
Telnet Server Commands
Ip telnet port
Ip telnet server
16 SSH Commands Function Mode
Secure Shell Commands
Ip telnet port
Sets the SSH server key size Copy tftp public-key
System Management Commands
Syntax No ip ssh server Default Setting
Ip ssh server
Ip ssh crypto host-key generate 4-51 show ssh
Ip ssh authentication-retries
Ip ssh timeout
Syntax Ip ssh timeout seconds no ip ssh timeout
Exec-timeout4-15 show ip ssh
Ip ssh server-key size
Delete public-key
Syntax Delete public-key username dsa rsa
Ip ssh crypto zeroize
Ip ssh crypto host-key generate
Syntax Ip ssh crypto host-key generate dsa rsa
Syntax Ip ssh crypto zeroize dsa rsa
Ip ssh save host-key
Show ip ssh
Syntax Ip ssh save host-key dsa rsa
Show ssh
17 show ssh display description
Terminology
Syntax Show public-key user username host
Show public-key
Username Name of an SSH user. Range 1-8 characters
Shows all public keys
18 Event Logging Commands Function Mode
Event Logging Commands
Syntax No logging on Default Setting
Logging on
Flash errors level 3 RAM warnings level 6
Logging history
19 Logging Levels
Logging facility
Logging host
Syntax No logging host hostipaddress
Hostipaddress The IP address of a syslog server
Clear logging
Logging trap
Syntax Logging trap level no logging trap
Syntax Clear logging flash ram
Show logging
Syntax Show logging flash ram sendmail trap
20 show logging flash/ram display description
Logging trap command
Facility command
Syntax Show log flash ram login tail
Show log
22 Smtp Alert Commands Function Mode
Smtp Alert Commands
Logging sendmail host
Following example shows sample messages stored in RAM
Syntax Logging sendmail level level
Logging sendmail level
Logging sendmail destination-email
Logging sendmail source-email
Syntax No logging sendmail source-email email-address
This example will set the source email john@acme.com
Syntax No logging sendmail Default Setting
Logging sendmail
Show logging sendmail
23 Time Commands Function Mode
Time Commands
Syntax No sntp client Default Setting
Sntp client
Sntp server
Sntp server 4-66 sntp poll 4-67 show sntp
Syntax Sntp server ip1 ip2 ip3
Show sntp
Sntp poll
Sntp client 4-65 sntp poll 4-67 show sntp
Syntax Sntp poll seconds no sntp poll
Syntax No ntp client Default Setting
Ntp client
Sntp client 4-65 ntp poll 4-70 ntp server
Syntax
Ntp server
Version number
Ntp client 4-68 ntp poll 4-70 show ntp
Syntax No ntp authenticate Default Setting
Ntp authenticate
Ntp poll
Syntax Ntp poll seconds no ntp poll
Ntp authentication-key4-71
Ntp authentication-key
Show ntp
Clock timezone-predefined
GMT-Greenwich-Mean-Time-Dublin,Edinburgh,Lisbon,London
Clock timezone
No clock summer-time
Clock summer-time date
Australia
Clock summer-time predefined
235959, Sunday, Week 5 of March 60 min Europe
235959, Sunday, Week 3 of March 60 min
Clock summer-time recurring
Calendar set
This command displays the system clock
Show calendar
Calendar set hour min sec day month year month day year
System Status Commands
Show startup-config
25 System Status Commands Function Mode
Show running-config4-79
Show running-config
Command Line Interface
Show startup-config4-78
This command displays system information
Show system
Show users
Show version
26 Frame Size Commands Function Mode
Frame Size Commands
Jumbo frame Enables support for jumbo frames
Syntax No jumbo frame Default Setting
27 Flash/File Commands Function Mode
Flash/File Commands
Copy
Copy
None
Following example shows how to download a configuration file
Delete
This command deletes a file or image
Delete unit filename
Dir Delete public-key4-50
Dir
Syntax Dir unit boot-rom config opcode filename
28 File Directory Information
Column Heading Description
Boot system
Whichboot
Syntax whichboot unit
Syntax Boot system unit boot-romconfig opcode filename
Authentication Sequence
Authentication Commands
Dir 4-89 whichboot
29 Authentication Commands Command Group Function
Authentication login
Username for setting the local user names and passwords
Local
Enable password sets the password for changing command modes
Authentication enable
31 Radius Client Commands Function Mode
Show radius-server Shows the current Radius settings
Radius Client
Retransmit Command Mode
Default Setting Auth-port
Radius-server host
Radius-server acct-port
Radius-server auth-port
Radius-server key
Syntax Radius-server key keystring no radius-server key
Radius-server timeout
Radius-server retransmit
Show radius-server
Show tacacs-server Shows the current TACACS+ settings 101
32 Tacacs Commands Function Mode
TACACS+ Client
Tacacs-server host
Tacacs-server port
Default Setting Port
Tacacs-server key
Syntax Tacacs-server port portnumber no tacacs-server port
Tacacs-server timeout
Tacacs-server retransmit
Syntax Tacacs-server key keystring no tacacs-server key
Show tacacs-server
33 AAA Commands Function Mode
AAA Commands
Aaa group server
Syntax No aaa group server radius tacacs+ group-name
Server
Server Group Configuration
Aaa accounting dot1x
No server index ip-address
Accounting is not enabled No servers are specified
Command Usage Example
Aaa accounting exec
Aaa accounting commands
Minute
Syntax Accounting exec default list-nameno accounting exec
Interface Configuration
Accounting dot1x
Accounting exec
Aaa authorization exec
Accounting commands
Authorization is not enabled No servers are specified
Authorization exec
Interface
Show accounting
Ethernet unit/port
Unit Stack unit. Range Port Port number. Range
34 Port Security Commands Function Mode
Port Security Commands
Status Disabled Action None Maximum Addresses
Interface Configuration Ethernet
35 802.1X Port Authentication Command Function Mode
802.1X Port Authentication
Acquire a new client Dot1x timeout re-authperiod
Dot1x default
117 Be re-authenticated Dot1x timeout tx-period
Syntax No dotx system-auth-control Default Setting
Dot1x max-req
Default Command Mode
Dot1x port-control
Syntax Dot1x max-req count no dot1x max-req
Syntax Dot1x re-authenticate interface
Dot1x re-authenticate
Dot1x operation-mode
Single-host
Dot1x timeout quiet-period
Dot1x re-authentication
Syntax No dot1x re-authentication Command Mode
Seconds The number of seconds. Range
Dot1x timeout tx-period
Dot1x timeout re-authperiod
Show dot1x
Dot1x intrusion-action
Block-traffic
Syntax Show dot1x statistics interface interface
Backend State Machine
Authenticator State Machine
State Current state including initialize, reauthenticate
Reauthentication State Machine
36 Network Access Command Function Mode
Network-access mode
Max-mac-count Interface Mac-authentication
Syntax No network-access mode mac-authentication
Network-access max-mac-count
Mac-authentication max-mac-count
Mac-authentication intrusion-action
Interface Config
2048
Network-access dynamic-vlan
Network-access dynamic-qos
Syntax No network-access dynamic-qos Default Setting
Syntax No network-access dynamic-vlan Default Setting
Network-access link-detection
Network-access guest-vlan
Following example enables dynamic Vlan assignment on port
No network-access link-detection
Network-access link-detection link-up
Network-access link-detection link-down
Network-access link-detection link-up-down
Mac-authentication reauth-time
1800
Show network-access
Clear network-access
Syntax Show network-access interface interface
Unit This is unit Port Port number. Range
Show network-access mac-address-table
Displays the settings for all interfaces
Displays all filters
Login-success-page-url Successful web authentication
37 Web Authentication Command Function Mode
Web-auth login-attempts
Web-auth login-fail-page-url
Login attempts
Web-auth login-page-url
Web-auth login-success-page-url
Switch-generated login
Web-auth quiet-period
Web-auth session-timeout
Web-auth
Web-auth system-auth-control
No web-auth system-auth-control
No web-auth
This command displays global web authentication parameters
Show web-auth
Show web-auth interface
Web-auth re-authenticate IP
Web-auth re-authenticate Port
Show web-auth summary
Show web-auth summary
138
Access Control List Commands
Access Control Lists
38 Access Control Lists Command Groups Function
39 IP ACLs Command Function Mode
Access-list ip
Syntax No access-list ip standard extended aclname
IP ACLs
Access-list ip
Permit, deny Ip access-group4-143 show ip access-list4-143
Syntax No permit deny any source bitmask host source
Standard ACL
Any destination address-bitmask host destination
Source-port sport end destination-port dport end
Extended ACL
Ip access-group
Show ip access-list
Syntax Show ip access-list standard extended aclname
Syntax No ip access-group aclname
Show ip access-list4-143
Show ip access-group
This command shows the ports assigned to IP ACLs
40 MAC ACL Commands Function Mode
Access-list mac
Syntax No access-list mac aclname
Aclname Name of the ACL. Maximum length 16 characters
Permit, deny MAC ACL
This command displays the rules for configured MAC ACLs
Show mac access-list
Syntax Show mac access-list aclname
Permit, deny Mac access-group4-148
Show mac access-group
Mac access-group
Syntax Mac access-group aclname
Show mac access-list4-147
Show access-group
Show access-list
41 ACL Information Command Function Mode
ACL Information
42 Snmp Commands Function Mode
Snmp Commands
Syntax No snmp-server Default Setting
Snmp-server
Show snmp
Snmp-server community
Snmp-server location
Snmp-server contact
Syntax Snmp-server contact string no snmp-server contact
Syntax Snmp-server location text no snmp-server location
Host Address None Notification Type Traps
Snmp-server host
Snmp Version UDP Port
Snmp-server enable traps
Snmp-server enable traps
Issue authentication and link-up-down traps
Snmp-server engine-id
This command shows the Snmp engine ID
This example shows the default engine ID
Show snmp engine-id
Snmp-server view
Defaultview includes access to the entire MIB tree
Examples
This view includes MIB-2
Show snmp view
This command shows information on the Snmp views
Snmp-server group
44 show snmp view display description
Show snmp group
162
45 show snmp group display description
Snmp-server user
164
This command shows information on Snmp users
Show snmp user
46 show snmp user display description
47 Interface Commands Function Mode
Interface Commands
Interface
Port-channel channel-idRange
Description
Speed-duplex
Syntax Description string no description
Syntax No negotiation Default Setting
Negotiation
Negotiation 4-168 capabilities
Following example configures port 11 to use autonegotiation
Capabilities
Capabilities 4-169speed-duplex4-167
Syntax No flowcontrol Default Setting
Flowcontrol
Negotiation 4-168speed-duplex4-167 flowcontrol
Shutdown
Syntax No shutdown Default Setting
Port-channel channel-idRange Default Setting
Switchport packet-rate
Clear counters
Syntax Clear counters interface
Show interfaces status
This command displays the status for an interface
Following example clears statistics on port
Syntax Show interfaces status interface
Show interfaces counters
This command displays interface statistics
Syntax Show interfaces counters interface
Shows the counters for all interfaces
Show interfaces switchport
Syntax Show interfaces switchport interface
Shows all interfaces
48 Interfaces Switchport Statistics
49 Mirror Port Commands Function Mode
Mirror Port Commands
Port monitor
Interface ethernet unit/port source port
Following shows mirroring configured from port 6 to port
This command displays mirror information
Show port monitor
Syntax Show port monitor interface
50 Rate Limit Commands Function Mode
Rate Limit Commands
Rate-limit Configures the maximum input rate for a port 179
Rate-limit
51 Link Aggregation Commands
Link Aggregation Commands
185
173
Guidelines for Creating Trunks
Channel-group
General Guidelines
Dynamically Creating a Port Channel
Syntax No lacp Default Setting
Lacp
Following example creates trunk 1 and then adds port
32768
Lacp system-priority
Lacp admin-keyEthernet Interface
Interface Configuration Port Channel
Lacp admin-key Port Channel
This command displays Lacp information
Lacp port-priority
Show lacp
52 show lacp counters display description
Port Channel all
Type
LACPDUs Illegal Pkts
53 show lacp internal display description
55 show lacp sysid display description
54 show lacp neighbors display description
56 Address Table Commands Function Mode
Address Table Commands
Mac-address-table static
Action
Clear mac-address-table dynamic
Show mac-address-table
Mac-address- MAC address Mask Bits to match in the address
Sort Sort by address, vlan or interface
Mac-address-table aging-time
57 Lldp Commands Function Mode
Lldp Commands
Show mac-address-table aging-time
196
Vlan ID
Mac-phy Physical layer specifications Lldp dot3-tlv
Lldp
Syntax no lldp Default Setting
Lldp holdtime-multiplier
Holdtime multiplier TTL 4*30 = 120 seconds
Lldp notification-interval
Lldp medFastStartCount
Syntax Lldp medfaststartcount packets
Packets
Lldp refresh-interval
Syntax Lldp refresh-interval seconds no lldp refresh-delay
Lldp tx-delay
Lldp reinit-delay
Syntax Lldp reinit-delay seconds no lldp reinit-delay
Syntax Lldp tx-delay seconds no lldp tx-delay
Syntax No lldp notification Default Setting
Lldp admin-status
Lldp notification
Tx-rx
Lldp mednotification
Syntax No lldp mednotification Default Setting
Lldp basic-tlv port-description
Lldp basic-tlv management-ip-address
Syntax No lldp basic-tlv port-description Default Setting
Lldp basic-tlv system-capabilities
Lldp basic-tlv system-description
Syntax No lldp basic-tlv system-name Default Setting
Syntax No lldp basic-tlv system-description Default Setting
Lldp basic-tlv system-name
Lldp dot1-tlv proto-ident
No lldp dot1-tlv proto-ident
Syntax No lldp dot1-tlv proto-vid Default Setting
Lldp dot1-tlv proto-vid
Lldp dot1-tlv pvid
No lldp dot1-tlv vlan-name
Lldp dot1-tlv vlan-name
Lldp dot3-tlv link-agg
No lldp dot3-tlv link-agg
Lldp dot3-tlv mac-phy
Syntax No lldp dot3-tlv mac-phy Default Setting
Lldp dot3-tlv max-frame
Syntax No lldp dot3-tlv max-frame
Lldp dot3-tlv poe
Syntax No lldp dot3-tlv poe Default Setting
Lldp medtlv extpoe
Syntax No lldp medtlv extpoe
No lldp medtlv inventory
Lldp medtlv inventory
Lldp medtlv location
No lldp medtlv location
No lldp medtlv med-cap
Lldp medtlv med-cap
Lldp medtlv network-policy
No lldp medtlv network-policy
Syntax Show lldp config detail interface
Show lldp config
Detail Shows configuration summary
Port-channel channel-idRange Command Mode
211
Show lldp info local-device
Syntax Show lldp info local-device detail interface
Detail Shows detailed information
Show lldp info statistics
Show lldp info remote-device
Syntax Show lldp info remote-device detail interface
Syntax Show lldp info statistics detail interface
214
UPnP Commands Function Mode
UPnP Commands
Syntax No upnp device Default Setting
Upnp device
Upnp device advertise duration
Upnp device ttl
Syntax Upnp device ttl value
Following example, the TTL is set to
Spanning Tree Commands
58 Spanning Tree Commands Function Mode
Show upnp
Syntax No spanning-tree Default Setting
Spanning tree is enabled
Spanning-tree
Rstp
Spanning-tree mode
Spanning-tree forward-time
Spanning-tree max-age
Spanning-tree hello-time
Spanning-tree priority
Spanning-tree pathcost method
Syntax Spanning-tree pathcost method long short
Spanning-tree mst-configuration
Spanning-tree transmission-limit
No spanning-tree pathcost method
MST Configuration
Mst vlan
No mst instanceid vlan vlan-range
Name
Mst priority
Mst instanceid priority priority no mst instanceid priority
Syntax Name name
Max-hops
Revision
Syntax Revision number
Number Revision number of the spanning tree. Range
Syntax No spanning-tree spanning-disabled Default Setting
Spanning-tree spanning-disabled
This example disables the spanning tree algorithm for port
Spanning-tree cost
Priority The priority for a port. Range 0-240, in steps
Spanning-tree port-priority
Spanning-tree edge-port
Syntax No spanning-tree edge-port Default Setting
Syntax No spanning-tree portfast Default Setting
Spanning-tree portfast
Spanning-treeedge-port4-229
Spanning-tree link-type
Spanning-tree loopback-detection
Auto
Spanning-tree loopback-detection release-mode
Spanning-tree mst cost
Spanning-tree loopback-detection trap
Spanning-tree mst port-priority4-234
Spanning-tree mst port-priority
Show spanning-tree
Spanning-tree protocol-migration
Syntax Spanning-tree protocol-migration interface
Syntax Show spanning-tree interface mst instanceid
Mstp
Show spanning-tree mst configuration
Gvrp and Bridge Extension Commands
Vlan Commands
59 VLANs Command Groups Function
60 Gvrp and Bridge Extension Commands Function Mode
Syntax No bridge-ext gvrp Default Setting
Bridge-ext gvrp
Show bridge-ext
Show gvrp configuration
Switchport gvrp
Syntax No switchport gvrp Default Setting
Syntax Show gvrp configuration interface
Show garp timer
Garp timer
61 Editing Vlan Groups Command Function Mode
Syntax Show garp timer interface
Editing Vlan Groups
Vlan database
Vlan Database Configuration
By default only Vlan 1 exists and is active
Vlan
Show vlan
62 Configuring Vlan Interfaces Command Function Mode
Configuring Vlan Interfaces
Interface vlan
Interface vlan
Switchport mode
All ports are in hybrid mode with the Pvid set to Vlan
Switchport acceptable-frame-types4-246
Switchport ingress-filtering
Switchport acceptable-frame-types
Switchport mode
All frame types
Switchport native vlan
Switchport allowed vlan
No VLANs are included in the forbidden list
Switchport forbidden vlan
63 Show Vlan Commands Function Mode
Displaying Vlan Information
Show vlan
General Configuration Guidelines for QinQ
64 Ieee 802.1Q Tunneling Commands Function Mode
Dot1q-tunnel system-tunnel-control
Syntax No dot1q-tunnel system-tunnel-control
Show dot1q-tunnel4-253 Show interfaces switchport
Switchport dot1q-tunnel mode
This command displays information about QinQ tunnel ports
Switchport dot1q-tunnel tpid
Show dot1q-tunnel
0x8100
Switchport dot1q-tunnel mode
Configuring Private VLANs
65 Private Vlan Commands
Edit Private Vlan Groups Private-vlan
65 Private Vlan Commands Function Mode
Configure Private Vlan Interfaces
Display Private Vlan Information
Private vlan association
Private-vlan
Switchport mode private-vlan
No private-vlan primary-vlan-idassociation
Normal Vlan
Switchport private-vlan host-association
Switchport private-vlan isolated
Isolated-vlan-id- ID of isolated VLAN. Range
Show vlan private-vlan
Switchport private-vlan mapping
Syntax Show vlan private-vlan community isolated primary
66 Protocol-based Vlan Commands Function Mode
Protocol-vlan protocol-group Configuring Groups
Protocol-vlan protocol-group Configuring VLANs
No protocol groups are configured
No protocol groups are mapped to any VLANs
Show protocol-vlan protocol-group
Show protocol-vlan protocol-group-vid
Syntax Show protocol-vlan protocol-group group-id
Priority Commands Layer
Priority Commands
67 Priority Commands Command Groups Function
68 Priority Commands Layer Function Mode
Queue mode
Switchport priority default
Syntax Queue mode strict wrr no queue mode
Queue bandwidth weight1...weight4 no queue bandwidth
Weights 1, 2, 4, 8 are assigned to queues 0-3 respectively
Queue bandwidth
69 Default CoS Values to Egress Queues
Queue cos-map
Queue cos-mapqueueid cos1 ... cosn no queue cos-map
Following example shows how to change the CoS assignments
Show queue mode
This command shows the current queue mode
Show queue bandwidth
This command shows the class of service priority map
Priority Commands Layer 3
70 Priority Commands Layer 3 Function Mode
Show queue cos-map
Syntax No map ip dscp Default Setting
Map ip dscp dscp-value cos cos-value no map ip dscp
71 IP Dscp to CoS Vales IP Dscp Value CoS Value
This command shows the IP Dscp priority map
Show map ip dscp
Syntax Show map ip dscp interface
72 Quality of Service Commands Function Mode
Quality of Service Commands
Syntax No class-map class-map-namematch-any
Class-map
Class Map Configuration
Match
Show class map
No policy-mappolicy-map-name
Policy-map
Policy Map Configuration
Class
No class class-map-name
Set
Policy Map Class Configuration
Police
Syntax No police rate-kbpsburst-byteexceed-action drop set
Service-policy
Syntax No service-policy input policy-map-name
No policy map is attached to an interface
Show policy-map
Show class-map
Syntax Show class-map class-map-name
Show policy-mappolicy-map-name class class-map-name
73 Voice Vlan Commands Function Mode
Voice Vlan Commands
Show policy-map interface
Syntax Show policy-map interface interface input
Voice vlan voice-vlan-id no voice vlan
Voice vlan
Voice vlan mac-address
Voice vlan aging
Syntax Voice vlan aging minutes no voice vlan
Minutes
Switchport voice vlan
Following example sets port 1 to Voice Vlan auto mode
Following example adds a MAC OUI to the OUI Telephony list
Switchport voice vlan security
Switchport voice vlan rule
Syntax No switchport voice vlan rule oui lldp
OUI Enabled Lldp Disabled
Following example enables security filtering on port
Switchport voice vlan priority
Priority-value- The CoS priority value. Range
Following example sets the CoS priority to 5 on port
Syntax Show voice vlan oui status
Show voice vlan
Igmp Snooping Commands
Multicast Filtering Commands
74 Multicast Filtering Commands Command Groups Function
75 Igmp Snooping Commands Function Mode
Following example enables Igmp snooping
Syntax No ip igmp snooping Default Setting
Ip igmp snooping
Ip igmp snooping vlan static
Syntax No ip igmp snooping leave-proxy Default Setting
Following configures the switch to use Igmp Version
Ip igmp snooping version
Ip igmp snooping leave-proxy
Following shows how to enable immediate leave
Interface Configuration Vlan
Ip igmp snooping immediate-leave
Syntax No ip igmp snooping immediate-leave vlan-id
Following shows the current Igmp snooping configuration
This command shows the Igmp snooping configuration
This command shows known multicast addresses
Show ip igmp snooping
76 Igmp Query Commands Layer Function Mode
Igmp Query Commands Layer
Syntax No ip igmp snooping querier Default Setting
Ip igmp snooping querier
Ip igmp snooping query-count
Following shows how to configure the query count to
Ip igmp snooping query-interval
Times
Ip igmp snooping query-max-response-time
Seconds The report delay advertised in Igmp queries. Range
Static Multicast Routing Commands
77 Static Multicast Routing Commands Function Mode
Ip igmp snooping router-port-expire-time
Show ip igmp snooping mrouter
Ip igmp snooping vlan mrouter
Syntax No ip igmp snooping vlan vlan-idmrouter interface
Syntax Show ip igmp snooping mrouter vlan vlan-id
78 Igmp Filtering and Throttling Commands Function Mode
Igmp Filtering and Throttling Commands
Multicast router port types displayed include Static
299
Ip igmp profile
Syntax No ip igmp filter Default Setting
Syntax No ip igmp profile profile-number
Profile-number- An Igmp filter profile number. Range
Permit, deny
Syntax Permit deny Default Setting
Range
No range low-ip-address high-ip-address
Ip igmp max-groups
Syntax No ip igmp filter profile-number
Syntax Ip igmp max-groups number no ip igmp max-groups
Syntax Ip igmp max-groups action replace deny
Ip igmp max-groups action
Show ip igmp profile
Show ip igmp filter
Syntax Show ip igmp filter interface interface
Syntax Show ip igmp profile profile-number
Syntax Show ip igmp throttle interface interface
Show ip igmp throttle interface
79 Multicast Vlan Registration Commands Function Mode
Multicast Vlan Registration Commands
305
Multicast groups assigned to the MVR Vlan
Mvr Interface Configuration
306
Show mvr
Following shows the global MVR settings
Syntax Show mvr interface interface members ip-address
80 show mvr display description
82 show mvr members display description
81 show mvr interface display description
83 IP Interface Commands Function Mode
IP Interface Commands
Ip address
310
Syntax Ip default-gateway gateway no ip default-gateway
Ip default-gateway
Gateway IP address of the default gateway
Following example defines a default gateway for this device
This command displays the settings of an IP interface
This command submits a Bootp or Dhcp client request
Ip dhcp restart
Show ip interface
This command has no default for the host
Ip default-gateway4-310
Show ip redirects
Ping
84 IP Source Guard Commands Function Mode
IP Source Guard Commands
Ip source-guard
Syntax Ip source-guard sip sip-macno ip source-guard
314
No configured entries
This example enables IP source guard on port
Ip source-guard binding
No ip source-guard binding mac-addressvlan vlan-id
Show ip source-guard
This command shows the source guard binding table
Show ip source-guard binding
Ip source-guard4-313 ip dhcp snooping Ip dhcp snooping vlan
85 Dhcp Snooping Commands Function Mode
Dhcp Snooping Commands
Syntax No ip dhcp snooping Default Setting
Ip dhcp snooping
318
This example enables Dhcp snooping for Vlan
This example enables Dhcp snooping globally for the switch
Ip dhcp snooping vlan
Ip dhcp snooping vlan 4-319 ip dhcp snooping trust
Ip dhcp snooping trust
Syntax No ip dhcp snooping trust Default Setting
This example enables MAC address verification
Ip dhcp snooping verify mac-address
Ip dhcp snooping information option
This example enables the Dhcp Snooping Information Option
Ip dhcp snooping information policy
Replace
This command shows the Dhcp snooping configuration settings
Ip dhcp snooping database flash
Show ip dhcp snooping
86 Switch Cluster Commands Function Mode
IP Cluster Commands
Syntax No cluster Default Setting
Show ip dhcp snooping binding
Syntax No cluster commander Default Setting
Cluster commander
Cluster member
Cluster ip-pool
Syntax Cluster ip-pool ip-addressno cluster ip-pool
10.254.254.1
Syntax Rcommand id member-id
Rcommand
Member-id- The ID number of the Member switch. Range
This command shows the switch clustering configuration
This command shows the current switch cluster members
Show cluster members
Show cluster candidates
Software Features
Appendix a Software Specifications
Groups 1, 2, 3, 9 Statistics, History, Alarm, Event
Management Features
Standards
Igmp RFC 1112 IGMPv2 RFC
Management Information Bases a
Management Information Bases
Software Specifications
Symptom Action
Table B-1 Troubleshooting Chart
Using System Logs
Boot Protocol Bootp
Access Control List ACL
Class of Service CoS
Differentiated Services Code Point Service Dscp
Generic Attribute Registration Protocol Garp
Garp Vlan Registration Protocol Gvrp
Generic Multicast Registration Protocol Gmrp
Group Attribute Registration Protocol Garp
Igmp Query
Igmp Snooping
Internet Group Management Protocol Igmp
In-Band Management
Port Authentication
Multicast Switching
Remote Authentication Dial-in User Service Radius
Network Time Protocol NTP
Simple Network Management Protocol Snmp
Secure Shell SSH
Simple Network Time Protocol Sntp
Spanning Tree Algorithm STA
XModem
Virtual LAN Vlan
Numerics
Index
Index
Link Layer Discovery Protocol See
Index-4
Index-5
LLDP-MED TLV
Type Length Value See also
Page
ES3528M-SFP E122007-DG-R01 149100035500A
