Manuals
/
Brands
/
Computer Equipment
/
Network Card
/
ADTRAN
/
Computer Equipment
/
Network Card
ADTRAN
1000R Series manual
1
1
1373
1373
Download
1373 pages, 7.78 Mb
ADTRAN OPERATING SYSTEM (AOS)
Command Reference Guide
AOS V
ersion 1
1.1
NetV
ant
a 1000R Series Product
s
November 2005
61200510L1-35E
Contents
Main
Trademarks
To the Holder of this Manual
Software Licensing Agreement
Conventions
Warranty and Customer Service
Product Registration
Product Support Information
Pre-Sales Inquiries and Applications Support
Post-Sales Support
Training
Export Statement
Table of Contents
Page
REFERENCE GUIDE INTRODUCTION
CLI INTRODUCTION
Accessing the CLI from your PC
Understanding Command Security Levels
Understanding Configuration Modes
Using CLI Shortcuts
Shortcut Description
Mode Access by... Sample Prompt With this mode you can...
Shortcut Description
Performing Common CLI Functions
The following table contains descriptions of common CLI commands. Command Description
Enable Mode Command Set on page 36
Understanding CLI Error Messages
COMMAND DESCRIPTIONS
Page
BASIC MODE COMMAND SET
enable
logout
ping <address>
Page
show clock
show snmp
show version
telnet <address>
traceroute <address>
COMMON COMMANDS
alias <text>
cross-connect <#> <from interface> <slot/port> <tdm-group#> <to interface> <slot/port>
Page
Page
description <text>
do
end
exit
shutdown
ENABLE MODE COMMAND SET
Page
clear access-list <listname>
clear arp-cache
clear arp-entry <address>
clear bridge <group#>
clear buffers max-used
clear counters [<interface> <interface id>]
clear counters port-channel <interface id>
clear counters vlan <vlan id>
clear crypto ike sa <policy priority>
clear crypto ipsec sa
Page
clear dump-core
clear event-history
clear gvrp statistics [all | interface <interface>]
clear host [ * | <hostname>]
clear ip bgp [* | <as-number> | <ip address>] [in | out | soft]
Use the clear ip bgp command to clear BGP neighbors as specified.
Page
clear ip cache
clear ip dhcp-server binding [* | <ip address>]
clear ip igmp group [<group-address> | <interface>]
Page
clear ip ospf [process | redistribution]
clear ip policy-sessions
Page
clear ip policy-stats <classname> entry <policy class #>
clear ip prefix-list <listname>
clear ip route [** | <ip address> <subnet mask>]
clear lldp counters
clear lldp counters interface <interface>
clear lldp neighbors
clear mac address-table dynamic [address <mac address> | <interface id>]
clear port-security
clear port-security violation-count <interface id>
clear pppoe <interface id>
clear processes cpu max
clear qos map
Page
clear route-map counters <map>
clear spanning-tree counters [interface <interface id>]
clear spanning-tree detected-protocols [interface <interface id>]
clear tacacs+ statistics
clear user [console <user number> | ssh <user number> | telnet <user number>]
clock auto-correct-dst
clock no-auto-correct-dst
clock set <time> <day> <month> <year>
clock timezone <text>
Page
Page
configure [memory | network | overwrite-network | terminal]
copy <source> <destination>
copy console <filename>
copy flash <destination>
copy <filename> in terface <interface> <slot/port>
copy tftp <destination>
copy xmodem <destination>
debug aaa
debug access-list <listname>
debug atm events
debug atm oam <vcd> loopback [end-to-end | segment] <LLID>
debug atm packet
debug auto-config
debug bridge
debug chat-interfaces <chat interface>
Page
debug data-call
debug demand-routing
debug dial-backup
debug dialup-interfaces
debug dynamic-dns [verbose]
debug firewall
debug frame-relay [events | llc2 | lmi]
debug frame-relay multilink <interface>
debug gvrp bpdus
debug gvrp interface <interface> [bpdus | vlans]
debug gvrp vlans <vlan number>
debug hdlc [errors | verbose]
debug interface <interface>
debug interface adsl events
debug ip bgp [events | in | out | keepalives | updates | updates quiet]
debug ip dhcp-client
debug ip dhcp-server
debug ip dns-client
debug ip dns-proxy
debug ip http [verbose]
debug ip icmp [send | recv]
debug ip igmp <group-address>
debug ip mrouting
debug ip ospf
Page
debug ip rip [events]
debug ip tcp [events]
Page
debug ip tcp md5
debug ip udp
Page
debug lldp [rx | tx] verbose
debug port-auth [general | packet [both | rx | tx] | auth -sm | bkend-sm | reauth-sm | supp-sm]
debug port security
debug ppp [authentication | errors | negotiation | verbose]
debug pppoe client
debug radius
debug sntp
debug spanning-tree bpdu [receive | transmit | all]
debug spanning-tree [config | events | general | root]
debug stack [SW_API | verbose]
debug system
debug tacacs+ packets
debug tftp [client | server] packets
dir
dir [<input> | flash | flash <input>]
disable
enable
erase [<filename> | startup-config]
events
exception report generate
logout
ping <address>
Page
ping stack-member
reload [cancel | in <delay>]
show access-lists <listname>
show arp [realtime]
show atm [pvc | traffic] interface atm <interface>
show auto-config
show bridge <interface> <slot/port> <bridge group #>
show buffers [realtime]
show buffers users [realtime]
Page
show channel-group
show clock [detail]
show configuration
Page
show connections
show crypto ca [certificates | crls | profiles]
show crypto ike
Page
show crypto ipsec
show crypto map
Use the show crypto map command to display information regarding crypto map settings.
Usage Examples
show debugging
show demand
Page
Page
show dial-backup interfaces
Page
show dialin interfaces
show dynamic-dns
show event-history
show flash
show frame-relay fragment [frame-relay <port.sublink>]
show frame-relay
Page
show frame-relay multilink <interface> detailed
show garp timer
show gvrp configuration
show gvrp statistics interface <interface>
show hosts [verbose]
show interfaces <interface>
318
Page
Page
show interfaces adsl <slot/port> information [atuc | atur | bit-allocation]
show interfaces shdsl <slot/port>
Page
Page
Page
show interfaces switchport [vlans]
show ip access-lists <listname>
show ip arp [realtime]
show ip as-path-list [<listname>]
Page
Page
show ip bgp community-list <community-list-name> [exact]
Page
show ip bgp [regexp <expression> | summary]
Page
Page
Page
show ip bgp <network ip> [</length> | <network-mask>]
show ip bgp neighbors <ip address>
Page
Page
show ip community-list [<community-list-name>]
show ip dhcp-client lease <interface>
show ip dhcp-server binding <client ip address>
show ip igmp groups <group-address>
show ip igmp interface <interface>
show ip interfaces [<interface> | brief]
show ip mroute [<group-address> | <interface>] [summary | all]
Use the show ip mroute command to display IP multicasting routing table information.
Page
show ip ospf
show ip ospf database
network <ip address> <wildcard> area <area id> on page 1309
Page
show ip ospf interface <interface>
show ip ospf neighbor <interface> <neighbor id> [detail]
show ip ospf summary-address
show ip policy-class <policyname>
show ip policy-sessions <policyname> [all]
Page
show ip policy-stats <policyname>
show ip prefix-list [detail | summary] <listname>
show ip protocols
Page
Page
show ip traffic [realtime]
show lldp
show lldp device <system name>
show lldp interface <interface>
show lldp neighbors [interface <interface> l <interface type> | detail | realtime]
Page
show lldp neighbors statistics
show mac address-table
Page
show mac address-table address
Page
show mac address-table aging-time
show mac address-table count
show mac address-table dynamic
Page
show mac address-table interface [<interface type> <interface id> | vlan <vlan id>]
show mac address-table static
Page
show memory [heap | realtime | uncached-heap]
Page
show modules [verbose]
show monitor session [<session-number> | all]
show output-startup
show port-auth [detailed | statistics | summary] [interface <interface id>]
Page
show port-security [address | interface <interface id> | port-expiration] detailed
show power inline <slot/port> [realtime]
Page
show pppoe
show processes [cpu | cpu realtime | history | queue | stack]
Page
show qos [cos-map | dscp-cos | interface <interface id> | queuing]
Page
show qos map
Page
Page
Page
show queue <interface>
show queuing [fair]
show radius statistics
show route-map [<name>]
Page
Page
show running-config
Page
show snmp
show sntp
show spanning-tree <bridgegroup#>
Use the show spanning-tree command to display the status of the spanning-tree protocol.
show spanning-tree active [detail]
show spanning-tree blockedports
show spanning-tree detail [active]
Page
Page
Page
show spanning-tree pathcost method
show spanning-tree realtime
Page
Page
show spanning-tree summary
show stack [candidates | candidates realtime | realtime | topology | topology realtime]
Page
Page
show startup-config
Page
show startup-config checksum
show system
show tacacs+ statistics
show tcp info [realtime] <control block>
Page
show thresholds
show users [realtime]
Page
show version
show vlan [brief | brief realtime | id <vlan id> | name <vlan name> | realtime]
Page
telnet <address>
telnet stack-member <unit id>
terminal length <text>
traceroute <address> source <address>
undebug all
vlan database
wall <message>
write [dynvoice-config | erase | memory | network | terminal]
GLOBAL CONFIGURATION MODE COMMAND SET
Page
Page
Page
aaa accounting [suppress null-username]
aaa accounting update [newinfo | periodic <minutes>]
aaa authentication [banner | fail-message | password-prompt | username-prompt]
Page
Page
Page
Page
aaa authentication port-auth default [group <groupname> | group radius | local | none]
Page
aaa authorization [config-command | console]
aaa group server [radius | tacacs+] <listname>
Page
aaa on
Page
aaa processes <threads>
arp <ip address> <mac address> arpa
auto-config [filename <name> | restart | retry-count <number>| server <name or address>]
Page
banner [exec | login | motd] <character> <message> <character>
boot config [cflash | flash] <filename> [cflash | flash] <backup filename>
boot system flash <filename> [no-backup | <backup filename>]
bridge <group#> protocol ieee
clock [auto-correct-dst | no-auto-correct-dst]
clock set <time> <day> <month> <year>
clock timezone <text>
Page
Page
cross-connect <#> <from interface> <slot/port> <tdm-group#> <to interface> <slot/port>
Page
Page
crypto ca authenticate <name>
Page
crypto ca certificate chain <name>
crypto ca enroll <name>
Page
crypto ca import <name> certificate
Page
crypto ca import <name> crl
crypto ca profile <name>
crypto ike
Page
Page
Page
crypto ike remote-id
Page
Page
crypto ipsec transform-set <setname> <p arameters>
Page
crypto map
Page
data-call [authentication protocol | sent authentication protocol] [chap | pap]
data-call [mtu <number> | multilink]
enable password [md5] <password>
Page
event-history on
event-history priority [error | fatal | info | notice | warning]
Page
exception report [filename <filename>]
Use the exception report command to specify the output filename for the exception report.
ftp authentication <listname>
garp timer [join | leave | leaveall] <timer value>
gvrp
hostname <name>
interface <interface> [<slot/port> | <interface id>] [point-to-point]
interface range <interface type> <slot/port> - <slot/port>
ip access-list extended <listname>
Page
Page
Page
Page
Page
ip access-list standard <listname> [permit | deny] <ip address>
Page
Page
Page
ip classless
ip crypto
ip default-gateway <ip address>
ip dhcp-server database local
ip dhcp-server excluded-address <start ip> <end ip>
ip dhcp-server ping packets <#packets>
ip dhcp-server ping timeout <milliseconds>
ip dhcp-server pool <name>
ip domain-lookup
ip domain-name <name>
ip domain-proxy
ip firewall
Page
Case 1: Packets from interfaces with a configured policy class to any other interface
Case 2: Packets that travel in and out a single interface with a configured policy class
Case 3: Packets from interfaces without a configured policy class to interfaces with one
Attack Protection:
Invalid Traffic Pattern Manually Enabled? AOS Firewall Response Common
Attacks
Invalid Traffic Pattern Manually Enabled? AOS Firewall Response Common
Attacks
Application Specific Processing:
www.adtran.com.
ip firewall alg [ftp | h323 | pptp]
ip firewall attack-log threshold <value>
ip firewall check reflexive-traffic
ip firewall check syn-flood
ip firewall check winnuke
ip firewall policy-log threshold <value>
ip forward-protocol udp <port number>
Page
ip ftp access-class <policyname> in
ip ftp agent
ip ftp source-interface <interface>
ip host <name> <address1>
Page
ip igmp join <group-address>
ip load-sharing [per-destination | per-packet]
ip mcast-stub helper-address <ip address>
ip multicast-routing
ip name-server <server-address1-6>
ip policy-class <policyname> max-sessions <number>
Page
Page
Page
ip policy-timeout <protocol> <range> <port> <seconds>
Syntax Description (Continued)
Page
ip prefix-list <listname> description <text>
Page
Page
ip radius source-interface <interface>
ip route <ip address> <subnet mask> <interface or ip address> <administrative distance>
ip routing
ip scp server
ip snmp agent
ip sntp source-interface <interface>
ip [ssh-server <port> | telnet-server <port>]
ip subnet-zero
ip tftp source-interface <interface>
line [console | telnet | ssh] <line-number> <ending number>
Page
Page
Page
logging console
logging email address-list <email address> ; <email address>
logging email exception-report address-list <email address>; <email address>
logging email on
logging email priority-level [error | fatal | info | notice | warning]
logging email receiver-ip <ip address>
logging email sender
logging email source-interface <interface>
logging facility <facility type>
Page
logging forwarding on
logging forwarding priority-level [error | fatal | info | notice | warning]
logging forwarding receiver-ip <ip address>
logging forwarding source-interface <interface>
mac address-table aging-time <aging time>
mac address-table static <mac address> bridge <bridge id> interface <interface>
mac address-table static <mac address> vlan <vlan id> interface <interface>
modem countrycode [<countrycode>]
Use the modem countrycode command to specify the modem configuration for the applicable country.
Page
Page
Page
port-auth default
port-auth max-req <number>
port-auth re-authentication
port-auth timeout [quiet-period <seconds> | re-authperiod <seconds> | tx-period <seconds>]
port-channel load-balance [dst-mac | src-mac]
qos cos-map <cos queue id> <cos value 0> <cos value 1>...<cos val 7>
qos dscp-cos [<dscp-list> to <cos-priority-list> | default]
qos map <mapname> <sequence number>
Page
qos queue-type strict-priority
qos queue-type wrr <weight1> <weight2> <weight3> [ <weight4> | expedite]
radius-server
Page
radius-server host
route-map <map-name> [ permit | deny ] <sequence number>
router bgp
router ospf
router rip
Page
service password-encryption
snmp-server chassis-id <id string>
snmp-server community <community> view <viewname> [ro | rw] <listname>
snmp-server contact [email | pager | phone] <number>
snmp-server contact <string>
snmp-server enable traps <trap type> [snmp]
snmp-server host <address> traps <community> <trap type> [snmp]
snmp-server host <address> traps version <version> <community> <trap type> [snmp]
snmp-server location <string>
snmp-server management-url <URL>
snmp-server management-url-label <label>
snmp-server source-interface <interface>
snmp-server view <viewname> <oidtree> [excluded | included]
sntp retry-timeout <time>
sntp server <address or hostname> version <1-3>
sntp wait-time <time>
spanning-tree edgeport bpdufilter default
spanning-tree edgeport bpduguard default
spanning-tree edgeport default
spanning-tree forward-time <seconds>
spanning-tree hello-time <seconds>
spanning-tree max-age <seconds>
spanning-tree mode [rstp | stp]
spanning-tree pathcost method [short | long]
spanning-tree priority <value>
stack [master | member | vlan] <master> <member> <vlan>
Page
tacacs-server
Threshold settings are applied to ALL DS1s.
Page
Page
vlan <vlan id>
LINE (CONSOLE) INTERFACE CONFIG COMMAND SET
Page
Page
databits [7 | 8]
flowcontrol [none | software in]
Page
Page
Page
Page
parity [even | mark | none | odd | space]
password [md5] <password>
speed <rate>
stopbits [1 | 2]
LINE (SSH) INTERFACE CONFIG COMMAND SET
access-class <listname> in
Page
Page
Page
Page
Page
Page
LINE (TELNET) INTERFACE CONFIG COMMAND SET
access-class <listname> in
Page
Page
Page
Page
Page
Page
password [md5] <password>
ADSL INTERFACE CONFIG COMMAND SET
retrain
snr-margin [showtime monitor | training monitor] <margin>
training-mode [G.DMT | G.LITE | Multi-Mode | T1.413]
BRI INTERFACE CONFIGURATION COMMAND SET
bonding txadd-timer <seconds>
bonding txcid-timer <seconds>
bonding txdeq-timer <seconds>
bonding txfa-timer <seconds>
bonding txinit-timer <seconds>
bonding txnull-timer <seconds>
caller-id override [always <number> | if-no-cid <number>]
isdn spid1 <spid> <ldn>
isdn spid2 <spid> <ldn>
isdn switch-type [basic-5ess | basic-dms | basic-net3 | basic-ni]
resource pool-member <pool-name> [<cost>]
DDS INTERFACE CONFIGURATION COMMAND SET
clock rate [auto | bps56k | bps64k]
clock source [line | internal]
data-coding scrambled
loopback [dte | line | remote]
Page
Page
Page
DSX-1 INTERFACE CONFIGURATION COMMAND SET
coding [ami | b8zs]
framing [d4 | esf]
line-length <value>
Page
loopback remote line [inband]
Page
signaling-mode [message-oriented | none | robbed-bit]
Page
test-pattern [ones | zeros]
E1 INTERFACE CONFIGURATION COMMAND SET
clock source [internal | line | through]
coding [ami | hdb3]
framing [crc4]
loop-alarm-detect
Page
loopback remote v54
remote-alarm [rai | ais]
Page
sa4tx-bit [0 | 1]
show test-pattern
snmp trap line-status
Page
snmp trap threshold-reached
tdm-group <group number> timeslots <1-31> speed [56 | 64]
test-pattern [clear | insert | ones| p215 | p220 | p511 | qrss | zeros]
ts16
ETHERNET INTERFACE CONFIGURATION COMMAND SET
Page
Page
Page
Page
channel-group <group#> mode on
Page
Page
Page
Page
full-duplex
Page
half-duplex
Page
Page
Page
mac-address <address>
port-auth auth-mode [mac-based | port-based]
port-auth control-direction [both | in]
port-auth multiple-hosts
port-auth port-control [auto | force-authorized | force-unauthorized]
power inline [auto | legacy | never]
qos [trust cos | default-cos <cos value>]
Page
Page
Page
Page
spanning-tree cost <cost value>
Page
Page
spanning-tree pathcost method [short | long]
spanning-tree port-priority <priority level>
speed [10 | 100 | auto | nonegotiate]
storm-control [broadcast level | multicast level | unicast level] <rising level> <falling level>]
Page
storm-control action [shutdown]
switchport access vlan <vlan id>
switchport gvrp
switchport mode [access | stack | trunk]
switchport protected
switchport port-security
switchport port-security aging [static | time <time> | type absolute]
switchport port-security expire [time <time> l type absolute]
switchport port-security mac-address
switchport port-security maximum <max value>
switchport port-security violation [protect l restrict l shutdown]
switchport trunk allowed vlan [add | all | none | except | remove] <vlan id list> [all]
switchport trunk fixed vlan [add l all l except l none l remove] <vlan id>
Page
switchport trunk native vlan <vlan id>
traffic-shape rate <rate> <burstrate>
G.703 INTERFACE CONFIGURATION COMMAND SET
coding [ami | hdb3]
framing [crc4]
Page
Page
test-pattern [ones | zeros]
ts16
MODEM INTERFACE CONFIGURATION COMMAND SET
caller-id override [always <number> | if-no-cid <number>]
dialin
init-string <string>
resource pool-member <pool-name> [<cost>]
SERIAL INTERFACE CONFIGURATION COMMAND SET
et-clock-source [rxclock | txclock]
ignore dcd
invert etclock
invert rxclock
invert txclock
serial-mode [eia530 | v35 | x21]
Page
Page
SHDSL INTERFACE C ONFIGURATION COMMAND SET
alarm-threshold [loop-attenuation | snr-margin] <value>
boot alternate-image
equipment-type [co | cpe]
inband-detection
inband-protocol [pn127 | v54]
linerate <value>
loopback network
loopback remote
loopback remote inband
outage-retrain
test-pattern [clear | insert | 2^15 | show]
T1 INTERFACE CONFIGURATION COMMAND SET
clock source [internal | line | through | through <interface id>]
coding [ami | b8zs]
fdl [ansi | att | none]
framing [d4 | esf]
lbo [long <-22.5, -15, -7.5, 0> | short <0-655>]
Page
loopback remote line [fdl | inband]
loopback remote payload
remote-alarm [rai]
Page
show test-pattern
snmp trap line-status
Page
snmp trap threshold-reached
tdm-group <group number> timeslots <1-24> speed [56 | 64]
test-pattern [clear | insert | ones | p215 | p220 | p511 | qrss | zeros]
ATM INTERFACE CONFIG COMMAND SET
Page
Page
ATM SUB-INTERFACE CONFIG COMMAND SET
Page
Page
Page
atm routed-bridged ip
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
dial-backup number
<digits>
[analog | digital-56k | digital 64k]
Page
Page
Page
Page
Page
Page
Page
Page
encapsulation [aal5mux | aal5snap]
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
ip route-cache <address>
Page
Page
Page
oam retry <up-count> <down-count> <retry-frequency>
oam-pvc managed <frequency>
pvc <VPI/VCI>
Page
Page
Page
Page
Page
Page
spanning-tree path-cost <value>
spanning-tree port-priority <value>
DEMAND INTERFACE CONFIGURATION COMMAND SET
Page
Page
Page
Page
Page
called-number <DNIS number>
caller-number <CLID number>
connect-mode [answer | originate | either]
connect-order [last-successful | round-robin | sequential]
connect-sequence
Page
connect-sequence attempts <value>
connect-sequence interface-recovery [retry-interval <seconds> | max-retries <value>]
Page
Page
demand-hold-queue <packets> timeout <seconds>
Page
Page
Page
fast-idle <seconds>
Page
idle-timeout <seconds>
Page
ip address negotiated [no-default]
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
ip policy route-map <mapname>
Page
Page
Page
Page
Page
Page
Page
Page
Page
match-interesting [list <acl name> | reverse list <acl name>] [in | out]
Page
peer default ip address <address>
ppp authentication [chap | eap | pap]
Page
Both ends must have identical passwords.
Page
ppp chap hostname <hostname>
ppp chap password <password>
ppp multilink [fragmentation | interleave]
ppp pap sent-username <username> password <password>
Page
resource pool <pool name>
Page
Page
FRAME RELAY INTERFACE CONFIG COMMAND SET
Page
encapsulation frame-relay ietf
Page
frame-relay intf-type [dce | dte | nni]
frame-relay lmi-n391dce <polls>
frame-relay lmi-n391dte <polls>
frame-relay lmi-n392dce <threshold>
frame-relay lmi-n392dte <threshold>
frame-relay lmi-n393dce <counter>
frame-relay lmi-n393dte <counter>
frame-relay lmi-t391dte <seconds>
frame-relay lmi-t392dce <seconds>
frame-relay lmi-type [ansi | auto | cisco | none | q933a]
Page
Page
Page
Page
Page
Page
Page
Page
F RAME R ELAY S UB -I NTERFACE C ONFIG C
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
frame-relay bc <committed burst value>
frame-relay be <excessive burst value>
frame-relay fragment <threshold>
frame-relay interface-dlci <dlci>
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
ip route-cache <address>
Page
Page
Page
Page
Page
Page
Page
Page
Page
spanning-tree path-cost <value>
spanning-tree priority <value>
HDLC COMMAND SET
Page
Page
Page
Page
alias link<text>
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
LOOPBACK INTERFACE CONFIGURATION COMMAND SET
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
PORT CHANNEL INTERFACE CONFIG COMMAND SET
Page
Page
Page
Page
qos [trust cos | default-cos <cos value>]
Page
Page
Page
Page
spanning-tree cost <cost value>
Page
Page
spanning-tree port-priority <priority level>
storm-control [broadcast level | multicast level | unicast level] <rising level> <falling level>
Page
storm-control action [shutdown]
switchport access vlan <vlan id>
switchport gvrp
switchport mode [access | trunk]
switchport trunk allowed vlan [add | except | remove] <vlan id list> [all]
switchport trunk fixed vlan [add l all l except l none l remove] <vlan id list>
Page
switchport trunk native vlan <vlan id>
PPP INTERFACE CONFIGURATION COMMAND SET
Page
Page
Page
Page
alias link<text>
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
ip address negotiated [no-default]
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
peer default ip address <address>
ppp authentication [chap | pap]
Page
Page
Both ends must have identical passwords.
Notice this example has both ends using different sets of passwords.
ppp chap hostname <hostname>
ppp chap password <password>
ppp multilink [fragmentation | interleave]
ppp pap sent-username <username> password <password>
pppoe ac-name <name>
pppoe service-name <name>
Page
Page
Page
Page
T
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
keepalive <period> <retries>
Page
Page
Page
Page
tunnel checksum
tunnel destination <ip address>
tunnel key <value>
tunnel mode gre
tunnel sequence-datagrams
tunnel source [<ip address> | <interface>]
Page
VLAN CONFIGURATION COMMAND SET
media [ethernet]
name <vlan name>
state [active | suspend]
VLAN D
abort
apply
reset
show [changes <vlan id> | current | proposed]
vlan <vlan id>
vlan <vlan id> media [ethernet]
vlan <vlan id> name <vlan name>
vlan <vlan id> state [active | suspend]
VLAN INTERFACE CONFIG COMMAND SET
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
ip mtu <mtu size>
Page
Page
Page
Page
Page
Page
Page
Page
Page
mac-address <address>
Page
Page
Page
traffic-shape rate <rate> [<burst>]
CA PROFILE CONFIGURATION COMMAND SET
crl optional
email address <email address>
enrollment retry [count | period]
enrollment terminal
enrollment url <url>
fqdn <fqdn>
ip-address <address>
password <password>
serial-number
subject-name <name>
CERTIFICATE CONFIGURATION COMMAND SET
certificate <serial-number>
certificate ca <serial-number>
crl
CRYPTO MAP IKE COMMAND SET
antireplay
ike-policy <policy number>
match address <listname>
Page
set peer <address>
set pfs [group1 | group2]
set security-association lifetime [kilobytes | seconds] <value>
set transform-set <setname1 - setname6>
CRYPTO MAP MANUAL COMMAND SET
antireplay
ike-policy <policy number>
match address <listname>
Page
set peer <address>
set session-key [inbound | outbound]
Page
Page
Page
set transform-set <setname>
IKE CLIENT COMMAND SET
dns-server <address1> <address2>
ip-range <start ip> <end ip>
netbios-name-server <address1> <address2>
IKE POLICY ATTRIBUTES COMMAND SET
authentication [dss-sig | pre-share | rsa-sig]
encryption [aes-xxx-cbc | des | 3des]
group [1 | 2]
hash [md5| sha]
lifetime <seconds>
IKE POLICY COMMAND SET
attribute <policynumber>
client authentication host
client authentication host xauth-type [generic | otp | radius]
client authentication server list <listname>
client configuration pool <poolname>
initiate [main | aggressive]
local-id [address | asn1-dn | fqdn | user-fqdn] <ipaddress or name>
Page
nat-traversal <version> [allow | disable | force]
peer [<ip address> | any]
Page
respond [main | aggressive | anymode]
AS PATH LIST COMMAND SET
deny
permit
BGP CONFIGURATION COMMAND SET
bgp fast-external-fallover
bgp log-neighbor-changes
bgp router-id <ip address>
distance bgp <external> <internal> <local>
hold-timer <hold time>
BGP NEIGHBOR CONFIGURATION COMMAND SET
access-list <listname> [in | out]
advertisement-interval <seconds>
as-path-list <listname> [in | out]
ebgp-multihop <hop count>
hold-timer <hold time>
local-as <as-number>
Page
next-hop-self
password <password>
prefix-list <listname> [in | out]
remote-as <as-number>
route-map <map-name> [in | out]
send-community standard
soft-reconfiguration inbound
update-source <interface>
COMMUNITY LIST COMMAND SET
deny
permit
ROUTER (OSPF) CONFIGURATION COMMAND SET
area <area id> default-cost <value>
area <area id> range <ip address> <network mask> [advertise | not-advertise]
area <area id> stub [no-summary]
auto-cost reference-bandwidth <rate>
default-information-originate [always | metric <value> | metric-type <type>]
default-metric <value>
maximum paths <number>
network <ip address> <wildcard> area <area id>
redistribute connected [metric <value> | metric-type <type> | subnets]
redistribute rip [metric <value> | metric-type <type> | subnets]
redistribute static [metric <value> | metric-type <type> | subnets]
summary-address <address> <mask | prefix mask> not-advertise
timers lsa-group-pacing <seconds>
timers spf <delay> <hold>
ROUTER (RIP) CONFIGURATION COMMAND SET
auto-summary
default-metric <value>
network <address> <subnet mask>
passive-interface <interface>
redistribute connected [metric <value>]
redistribute ospf [metric <value>]
redistribute static [metric <value>]
timeout-timer <seconds>
update-timer <seconds>
version [1 | 2]
DHCP POOL COMMAND SET
client-identifier <identifier>
Page
client-name <name>
default-router <address> <secondary>
dns-server <address> <secondary>
domain-name <domain>
hardware-address <hardware-address> <type>
Page
host <address> [<subnet mask> or <prefix length>]
lease <days> <hours> <minutes>
netbios-name-server <address> <secondary>
netbios-node-type <type>
network <address> [<subnet mask> or <prefix length>]
ntp-server <ip address>
option <option value> [ascii | hex | ip] <value>
tftp-server <server>
timezone-offset <offset>
QUALITY OF SERVICE (QOS) MAP COMMANDS
bandwidth [percent | remaining | <value> ]
match
priority
set dscp <0-63>
set precedence <0-7>
RADIUS GROUP COMMAND SET
server [acct-port <port number>| auth-port <port number>]
ROUTE MAP COMMAND SET
match as-path <name>
match community <name> [exact-match]
match ip address <access list name>
match ip address prefix-list <prefix-list name>
match metric <value>
set as-path prepend [<number> | last-as <number>]
set comm-list <name> delete
set local-preference <value>
set metric <value>
TACACS+ GROUP CONFIGURATION COMMAND SET
server <host>
Index