Manuals / Enterasys Networks / Computer Equipment / Switch

Enterasys Networks 9034313-07 manual Clear multiauth session-timeout

Models: 9034313-07

1 872

Page 794

clear multiauth session-timeout

Use this command to reset the maximum number of consecutive seconds an authenticated session may last before termination of the session to its default value of 0.

Syntax

clear multiauth session-timeout [dot1x mac pwa]

Parameters

dot1x	(Optional) Specifies the IEEE 802.1X port‐based network access control
	authentication method for which to reset the timeout value to its
	default.

mac	(Optional) Specifies the Enterasys MAC authentication method for
	which to reset the timeout value to its default.

pwa	(Optional) Specifies the Enterasys Port Web Authentication method for
	which to reset the timeout value to its default.

Defaults

If no authentication method is specified, the session timeout value is reset to its default value of 0 for all authentication methods.

Mode

Switch mode, read‐write.

Example

This example resets the session timeout value for the IEEE 802.1X authentication method to 0 seconds.

C3(su)->clear multiauth session-timeout dot1x

Configuring User + IP Phone Authentication

User + IP phone authentication is a legacy feature that allows a user and their IP phone to both use a single port on the switch but to have separate policy roles. The user’s PC and their IP phone are daisy‐chained together with a single connection to the network.

This special application of multi‐user authentication was inherited from legacy platforms (such as the B2 and C2) that could not natively support multiple users per port. The SecureStack C3 can support multiple users per port so the User + IP phone application should only be used if you are integrating SecureStack C3s into a legacy deployment.

With ʺUser + IP Phoneʺ authentication, the policy role for the IP phone is statically mapped using a policy admin rule which assigns any packets received with a VLAN tag set to a specific VID (for example, Voice VLAN) to an specified policy role (for example, IP Phone policy role). Therefore, it is required that the IP phone be configured to send VLAN‐tagged packets tagged for the “Voice” VLAN. Refer to the Usage section for the command “set policy rule” on page 11‐10 for additional information about configuring a policy admin rule that maps a VLAN tag to a policy role.

Note that if the IP phone authenticates to the network, the RADIUS accept message must return null values for RFC 3580 tunnel attributes and the Filter‐ID.

26-48 Authentication and Authorization Configuration

Page 794

Image 794

Enterasys Networks 9034313-07 manual Clear multiauth session-timeout, Configuring User + IP Phone Authentication

Contents

Enterasys SecureStack C3 Page Page Enterasys Networks, Inc. Firmware License Agreement Iii Page Contents Page Activating Licensed Features Configuring System Power and PoE Discovery Protocol ConfigurationPort Configuration Show port broadcast Set port broadcast Clear port broadcast Snmp Configuration Spanning Tree Configuration Configuring Spanning Tree Port Parameters Purpose Commands 802.1Q Vlan Configuration Policy Classification Configuration Port Priority ConfigurationIgmp Configuration Logging and Network Management14-3 Rmon Configuration Dhcp Server Configuration Dhcp Snooping and Dynamic ARP Inspection Preparing for Router ModeIP Configuration IPv4 Routing Protocol Configuration 20-11 IPv6 Configuration IPv6 ManagementDHCPv6 Configuration IPv6 Proxy RoutingOSPFv3 Configuration Authentication and Authorization Configuration 26-37 TACACS+ Configuration Index SFlow ConfigurationAppendix a Policy and Authentication Capacities Tables10-4 22-26 Xxxii Structure of This Guide Using This GuideAbout This Guide Important NoticeStructure of This Guide SecureStack C3 Installation Guides Related DocumentsFollowing icons are used in this guide Conventions Used in This GuideFollowing conventions are used in the text of this document Getting Help Support@enterasys.comGetting Help Xxxviii About This Guide SecureStack C3 CLI Overview Switch Management MethodsIntroduction Factory Default Settings Default Settings for Basic Switch OperationFeature Default Setting Default Settings for Router Operation SntpDvmrp Starting a CLI Session Using the Command Line InterfaceConnecting Using the Console Port Using an Administratively Configured User Account Connecting Using TelnetUsing a Default User Account LoggingCLI Command Modes Navigating the Command Line InterfaceCLI Command Defaults Descriptions Getting Help with CLI SyntaxAbbreviating and Completing Commands Displaying Scrolling ScreensBasic Line Editing Commands Basic Line Editing CommandsConfiguring Switches in a Stack About SecureStack C3 Switch Operation in a StackInstalling a New Stackable System of Up to Eight Units Adding a New Unit to an Existing Stack Installing Previously-Configured Systems in a StackCreating a Virtual Switch Configuration SID Feature Support Considerations About Using Clear Config in a StackIssues Related to Mixed Type Stacks ConfigurationCommands Stacking Configuration and Management CommandsShow switch PurposeShow switch switchtype ExamplesShow switch stack-ports NoneExample Set switchSwitch command, read‐write Priority valueThis example shows how to assign priority 3 to switch Set switch copy-fwSet switch description This example shows how to renumber switch 5 to switchSet switch movemanagement Set switch memberClear switch member Use this command to remove a member entry from the stackRequired CLI Setup Commands Basic ConfigurationQuick Start Setup Commands Setting User Accounts and Passwords Optional CLI Setup CommandsParameters Show system loginShow system login Output Details Use this command to remove a local login user account Set system loginClear system login Super‐user read‐write read‐onlySwitch command, read‐write Switch command, super‐user Set passwordThis example shows how to remove the netops user account Set system password length Set system password agingShow system lockout Set system password historyDisable Attempts attempts Set system lockoutShow system lockout Output Details Time timeSetting Basic Switch Properties Show ip address Clear ip address Use this command to clear the system IP addressSet ip address Set ip protocol This example shows how to clear the system IP addressShow ip protocol This example shows how to display system information Show systemShow system hardware Show system Output DetailsShow system utilization Slot Hardware InformationThis example sets the CPU utilization threshold to 75% Default threshold value is 80%Set system utilization Clear system utilization Show system enhancedbuffermodeThis example shows how to enable enhanced buffer mode Set system temperatureEnable disable Enables or disables enhanced buffer mode Set system enhancedbuffermodeDisable Clear system temperatureSyslog enable Trap enable disableShow time Set timeShow summertime This example shows how to set the system clock to 750 a.mUse this command to display daylight savings time settings If a zone name is not specified, none will be applied Set summertimeSet summertime date If an offset is not specified, none will be appliedSet summertime recurring Clear summertime Use this command to modify the command promptThis example shows how to set the command prompt to Switch Set promptShow banner motd Set banner motdClear banner motd Show versionSet system name ‐5 provides an explanation of the command outputUse this command to configure a name for the system Show version Output DetailsSet system location Use this command to identify the location of the systemThis example shows how to set the system location string Set system contactSet width This example shows how to set the system contact stringThis example shows how to set the terminal columns to Set lengthShow logout This example shows how to set the terminal length toThis example shows how to display the CLI logout setting Set logoutUse this command to set the console port baud rate Use this command to display console settingsThis example shows how to display all console settings Show consoleDownloading from a Tftp Server This example shows how to set the console port baud rate toDownloading a Firmware Image Downloading via the Serial PortType 2. The following baud rate selection screen displays Reverting to a Previous Image Reboot the system using the reset command page 3‐50 Reviewing and Selecting a Boot Firmware ImageShow boot system Set boot system Compatibility platform specificUse this command to enable or disable Telnet on the switch Starting and Configuring TelnetThis example shows how to display Telnet status Show telnetInbound Enable disableTelnet Outbound allManaging Switch Configuration and Files Configuration Persistence ModeShow snmp persistmode Set snmp persistmodeAuto Save configDir ManualUse this command to display the contents of a file Show fileShow config Outfile ConfigureAll Systemimage CopyAppend Delete Show tftp settingsThis example shows how to download an image via Tftp This example shows the output of this command Set tftp timeoutClear tftp timeout This example sets the timeout period to 4 secondsThis example sets the retry count to Set tftp retryClear tftp retry Cls clear screen This example shows how to clear the CLI screenClearing and Closing the CLI To clear the CLI screen or to close your CLI sessionUse either of these commands to leave a CLI session Resetting the SwitchReset This example shows how to exit a CLI sessionThis example shows how to reset the system Clear configIf no unit ID is specified, the entire system will be reset This example shows how to reset unitShow webview Using and Configuring WebViewUse this command to display WebView status Set webview Show sslSet ssl This example shows how to display SSL statusThis example shows how to enable SSL Show support CommandGathering Technical Support Information To gather common technical support informationShow system hostprotect Configuring HostprotectHostprotect is enabled by default Set system hostprotectDefault state is enabled This feature is disabled by defaultThis example disables hostprotect Clear system hostprotectUsage License Key Field Descriptions Activating Licensed FeaturesLicensing Procedure in a Stack Environment Clearing, Showing, and Applying Licenses Adding a New Member to a Licensed StackSet license UsageShow license Use this command to clear the license key settingsFeatureID feature The name of the feature being cleared Clear licenseC3rw-clear license featureId advrouter Clear license Activating Licensed Features Show inlinepower Configuring System Power and PoECommands Use this command to display system power propertiesShow inlinepower Output Details Set inlinepower thresholdThis example shows how to display system power properties Sending of traps is disabled by default Set inlinepower trapSet inlinepower detectionmode Show port inlinepower IeeePriority critical Set port inlinepowerAdmin off auto High lowSet port inlinepower Configuring System Power and PoE Discovery Protocol Configuration Configuring CDPShow cdp Show cdp Output DetailsSet cdp state Auto disableEnable Set cdp interval Use this command to set a global CDP authentication codeSet cdp auth Set cdp hold-time Clear cdpShow neighbors Configuring Cisco Discovery Protocol Show ciscodpShow ciscodp port info ‐2 provides an explanation of the command output‐3 provides an explanation of the command output Show ciscodp Output DetailsSet ciscodp status Set ciscodp timerThis example shows how to globally enable CiscoDP Show ciscodp port info Output DetailsSet ciscodp holdtime Set ciscodp portUntagged VvidDot1p TrustedClear ciscodp Overview Configuring Link Layer Discovery Protocol and LLDP-MEDTo review and configure Llpd and LLPD‐MED Configuration Tasks Use this command to display Lldp configuration information Show lldpShow lldp port status Show lldp port trapShow lldp port tx‐tlv port‐string Show lldp port tx-tlvShow lldp port location-info Show lldp port local-info Show lldp port local-info Output Details 1000BASE-TFDECS Elin Show lldp port remote-info Show lldp port network-policy Voice‐signalingGuest‐voice‐signaling VoiceSoftphone‐voice Video‐signalingSet lldp tx-interval Video‐conferencingThis example sets the transmit interval to 20 seconds Set lldp hold-multiplierSet lldp trap-interval Set lldp med-fast-repeat Set lldp port status Tx‐enableRx‐enable Set lldp port trapElin Set lldp port med-trapSet lldp port location-info Set lldp port tx-tlv Poe GvrpMac‐phy Link‐aggrTag tagged untagged State enable disableSet lldp port network-policy Vid vlan‐id dot1pHold‐multiplier Clear lldpTx‐interval Trap‐intervalClear lldp port status Clear lldp port trapCleared Clear lldp port med-trapClear lldp port location-info Vid Clear lldp port network-policyTag DscpClear lldp port tx-tlv Disables the LLDP‐MED Location Identification TLV from being Disables the LLDP‐MED Extended Power via MDI TLV from beingPort String Syntax Used in the CLI Port ConfigurationPort Configuration Summary Port type.unitorslot number.port numberReviewing Port Status Port Slot/Unit Parameters Used in the CLIShow port Show port statusShow port status Output Details Switch mib2Show port counters Show port counters Output Details This example clears the port counters for ge.3.1 Clear port countersShow port cablestatus Show port cablestatus Output Details Disabling / Enabling and Naming PortsThis example shows the cable status for 1 GE port ge.1.31 This example shows how to disable ge.1.1 Set port disableSet port enable This example shows how to enable ge.1.3Set port alias Use this command to assign an alias name to a portShow port alias This example shows how to assign the alias Admin to ge.3.3 This example shows how to clear the alias for ge.3.3Setting Speed and Duplex Mode Show port speed10 100 Set port speedShow port duplex MbpsFull half This example shows how to set ge.1.17 to full duplexSet port duplex Enabling / Disabling Jumbo Frame Support Show port jumboClear port jumbo Enables or disables jumbo frame supportSet port jumbo Setting Auto-Negotiation and Advertised Ability Show port negotiationShow port advertise Enable disableSet port negotiation Set port advertise Clear port advertise Forced‐auto Show port mdixSet port mdix MdiOptional Specify the port or ports to configure Configure ports to use MDI mode onlyConfigure ports to use Mdix mode only Set flowcontrol Setting Flow ControlShow flowcontrol This example shows how to enable flow control Setting Port Link Traps and Link Flap Detection Show port trapShow linkflap Following example disables sending trap on ge.3.1Set port trap Parameters GlobalstatePortstate MetricsShow linkflap parameters Output Details Show linkflap metrics Output DetailsSet linkflap globalstate Disable enableDisables or enables the link flap detection function Set linkflap portstateSet linkflap interval Set linkflap actionSet linkflap threshold Use this command to set the link flap action trigger countClear linkflap action Set linkflap downtime Clear linkflap downParameter Clear linkflapAll stats Threshold intervalConfiguring Broadcast Suppression Show port broadcastSet port broadcast Clear port broadcastSyntax Used in the CLI on page 7‐1 Remote Port Mirroring Mirroring FeaturesPort Mirroring Overview Configuring Smon MIB Port MirroringProcedures To review and configure port mirroring on the device Show port mirroringSet port mirroring Create disableCan be configured per stack, if applicable Set mirror vlan Use this command to clear a port mirroring relationshipClear port mirroring Clear mirror vlan Link Aggregation Control Protocol Lacp Lacp OperationSecureStack C3 Usage Considerations ‐6 defines key terminology used in Lacp configurationLacp Terminology Lacp Terms and DefinitionsCommands ‐7 provides an explanation of the command output Show lacpSet lacp Disable enable Disables or enables LacpThis example shows how to disable Lacp Show lacp Output DetailsAsyspri Set lacp aadminkeySet lacp asyspri Set lacp static Disable enable Disables or enables static link aggregationClear lacp Clear lacp static Clear lacp singleportlag This example enables the formation of single port LAGsSet lacp singleportlag Summary Counters Show port lacpStatus detail Aadminkey Set port lacpPadminkey AadminstateLacptimeout PadminportClear port lacp C3su-clear port lacp port ge.3.16 Protected Port Operation Configuring Protected PortsSet port protected Read‐only Show port protectedClear port protected Set port protected name Show port protected nameUse this command to clear the name of a protected group Clear port protected nameClear port protected name Port Configuration Snmp Configuration Snmp Configuration SummaryAbout Snmp Security Models and Levels SNMPv1 and SNMPv2cSNMPv3 Reviewing Snmp Statistics Using Snmp Contexts to Access Specific MIBsConfiguration Considerations Snmp Security LevelsShow snmp engineid Output Details This example shows how to display Snmp engine propertiesShow snmp engineid Show snmp counters Use this command to display Snmp traffic counter valuesThis example shows how to display Snmp counter values Show snmp counters Output Details Engine or otherwise unavailable Configuring Snmp Users, Groups, and Communities Show snmp userUse this command to create a new SNMPv3 user This example shows how to display an Snmp user list‐4 provides an explanation of the command output Set snmp userVolatile AesSha NonvolatileRemote remote Clear snmp userShow snmp group Security‐model Set snmp groupUser user V2c usm VolatileV2c usm Clear snmp groupShow snmp community Securityname Use this command to configure an Snmp community groupSet snmp community Context contextThis example shows how to delete the community name vip Configuring Snmp Access RightsUse this command to delete an Snmp community name Clear snmp communityAuthentication Privacy Context context Show snmp accessNoauthentication Nonvolatile read‐ OnlyShow snmp access Output Details This example shows how to display Snmp access information‐6 provides an explanation of the command output Set snmp access Clear snmp access Configuring Snmp MIB ViewsShow snmp view Show snmp view Output Details Show snmp contextSet snmp view Clear snmp view Volatile nonvolatile Configuring Snmp Target ParametersShow snmp targetparams Read‐onlyShow snmp targetparams Output Details ‐8 provides an explanation of the command outputSet snmp targetparams Message‐Privacy AuthenticationClear snmp targetparams Protected from disclosureShow snmp targetaddr Configuring Snmp Target AddressesUse this command to display Snmp target address information Param param Timeout timeoutSet snmp targetaddr Udpport udpportTaglist taglist Use this command to delete an Snmp target address entryClear snmp targetaddr Tag 1 tagConfiguring Snmp Notification Parameters About Snmp Notify FiltersSet newaddrtrap By default, this function is disabled globally and per portShow newaddrtrap Show snmp notify 10 show snmp notify Output Details ‐10 provides an explanation of the command outputSet snmp notify Trap informShow snmp notifyfilter Use this command to clear an Snmp notify configurationClear snmp notify Set snmp notifyfilter Subtree oid‐or‐Clear snmp notifyfilter Targetparam Show snmp notifyprofileSet snmp notifyprofile Clear snmp notifyprofile Creating a Basic Snmp Trap ConfigurationThis example shows how to delete Snmp notify profile area51 11 Basic Snmp Trap Configuration ExampleShow snmp interface Configuring the Snmp Management InterfaceHow Snmp Will Use This Configuration Set snmp interface Loopback loop‐IDClear snmp interface Clear snmp interface Snmp Configuration Spanning Tree Configuration Spanning Tree Configuration SummarySpanning Tree Features Loop ProtectConfiguring Spanning Tree Bridge Parameters For information about Active Show spantree statsSid sid ‐1 shows a detailed explanation of command output Show spantree Output DetailsShow spantree version Disable enable Globally disables or enables Spanning TreeSet spantree Set spantree version Show spantree bpdu-forwarding This example shows how to reset the Spanning Tree versionClear spantree version This example shows how to enable Bpdu forwarding Disable enable Disables or enables Bpdu forwardingBy default Bpdu forwarding is disabled Set spantree bpdu-forwarding8021d Set spantree bridgeprioritymodeClear spantree bridgeprioritymode 8021tCreate delete Show spantree mstilistSet spantree msti Fid fid Clear spantree mstiShow spantree mstmap Set spantree mstmap This example shows how to map FID 3 to SIDUse this command to map a FID back to SID Clear spantree mstmapShow spantree mstcfgid This example shows how to map FID 2 back to SIDShow spantree vlanlist Clear spantree mstcfgid Cfgname name Specifies an MST configuration nameSet spantree mstcfgid Clear spantree priority Use this command to set the device’s Spanning Tree prioritySet spantree priority Clear spantree hello This example shows how to reset the bridge priority on SIDSet spantree hello Use this command to set the bridge maximum aging time Set spantree maxageClear spantree maxage Set spantree fwddelayUse this command to set the Spanning Tree forward delay Clear spantree fwddelay Show spantree backuprootSet spantree backuproot Clear spantree backuprootShow spantree tctrapsuppress Set spantree tctrapsuppressClear spantree tctrapsuppress Set spantree protomigrationSet spantree spanguard Enable disable Enables or disables the SpanGuard functionShow spantree spanguard This example shows how to enable the SpanGuard function Clear spantree spanguardShow spantree spanguardtimeout Set spantree spanguardtimeoutClear spantree spanguardtimeout Show spantree spanguardlockClear / set spantree spanguardlock Show spantree spanguardtrapenableThis example shows how to unlock port ge.1.16 Is enabled Set spantree spanguardtrapenableClear spantree spanguardtrapenable Show spantree legacypathcost Set spantree legacypathcostSet spantree autoedge Clear spantree legacypathcostShow spantree autoedge This example clears the legacy path cost to 802.1t valuesClear spantree autoedge Disable enable Configuring Spanning Tree Port ParametersSet spantree portadmin To display and set Spanning Tree port parametersThis example shows how to disable Spanning Tree on ge.1.5 Clear spantree portadminShow spantree portadmin Set spantree portpri Use this command to set a port’s Spanning Tree priorityShow spantree portpri Clear spantree portpri Show spantree adminpathcost Set spantree adminpathcostClear spantree adminpathcost Show spantree adminedgeThis example shows how to set ge.1.11 as an edge port Set spantree adminedgeClear spantree adminedge True falseThis example shows how to reset ge.1.11 as a non‐edge port Show spantree operedgeConfiguring Spanning Tree Loop Protect Parameters Show spantree lp This example shows how to enable Loop Protect on ge.2.3Set spantree lp If no SID is specified, SID 0 is assumedClear spantree lp Show spantree lplockClear spantree lplock SID LockedSet spantree lpcapablepartner Show spantree lpcapablepartnerSet spantree lpthreshold Use this command to set the Loop Protect event thresholdClear spantree lpcapablepartner Clear spantree lpthreshold None. The default event threshold isShow spantree lpthreshold Set spantree lpwindow Show spantree lpwindowClear spantree lpwindow Set spantree lptrapenableDisabled Show spantree lptrapenable Clear spantree lptrapenableSet spantree disputedbpduthreshold Show spantree disputedbpduthreshold Clear spantree disputedbpduthresholdShow spantree nonforwardingreason 802.1Q Vlan Configuration Vlan Configuration SummaryCommand Set for Creating a Secure Management Vlan Creating a Secure Management VlanStatic Viewing VLANsShow vlan PortinfoShow vlan Output Details Vlan Vlan ID NameCreating and Naming Static VLANs Create enable Creates, enables or disables VLANs. disableThis example shows how to create Vlan Set vlanClear vlan This example shows how to set the name for Vlan 7 to greenSet vlan name This example shows how to clear the name for Vlan Clear vlan nameAssigning Port Vlan IDs PVIDs and Ingress Filtering Show port vlanModify‐egress Set port vlanClear port vlan No‐modify‐egressShow port ingress filter Set port ingress filter Show port discardSet port discard Tagged untagged both noneConfiguring the Vlan Egress List Show port egressSet vlan forbidden Clear vlan egress Use this command to remove ports from a VLAN’s egress listSet vlan egress Untagged forbidden taggedShow vlan dynamicegress ForbiddenSet vlan dynamicegress Enable disable Enables or disables dynamic egressThis example shows how to enable dynamic egress on Vlan Set host vlan Setting the Host VlanShow host vlan This example shows how to set Vlan 7 as the host Vlan Clear host vlanHow It Works Enabling/Disabling Gvrp Garp Vlan Registration ProtocolAbout Garp Vlan Registration Protocol Gvrp Example of Vlan Propagation via Gvrp Show gvrp Show garp timerUse this command to display Gvrp configuration information Set gvrp Show gvrp configuration Output DetailsDisables or enables Gvrp on the device Clear gvrp Set garp timerThis example shows how to enable Gvrp on ge.1.3 Join Clear garp timerLeaveall timer‐ LeaveC3su-clear garp timer leave ge.1.1 Policy Classification Configuration Policy Classification Configuration SummaryShow policy profile Configuring Policy ProfilesUse this command to display policy profile information ‐verboseShow policy profile Output Details Set policy profile Clear policy profile Use this command to delete a policy profile entryThis example shows how to delete policy profile Show policy rule Configuring Classification RulesAll admin‐ profile profile‐ index Tcpsourceport Not‐in‐service Not‐ready Storage‐type non‐Admin‐pid UdpdestportShow policy capability Show policy rule Output DetailsVlan Vlantag data Admin‐profileSet policy rule Ipdestsocket EtherIpproto IpsourcesocketValid Values for Policy Classification Rules Data value Mask bitsRange from 1 to 4094 or 0xFFF Following parameters apply to deleting an admin ruleClear policy rule All‐pid‐entriesUse this command to remove all policy classification rules Clear policy all-rulesSet policy port Use this command to assign ports to a policy profileAssigning Ports to Policy Profiles To assign and unassign ports to policy profilesClear policy port Procedure 11-1 User-Defined CoS Configuration Configuring Policy Class of Service CoSAbout Policy-Based CoS Configurations Configuring Policy Class of Service CoS Procedure About CoS-Based Flood ControlUse this command to enable or disable Class of Service Set cos stateClear cos state This example shows how to enable Class of ServiceShow cos state Tos‐value tos‐value Set cos settingsPriority priority Irl‐referencePriority Clear cos settingsShow cos settings Tos‐valueSet cos port-config Show cos port-config Should be displayedName Clear cos port-configEntry PortsSet cos port-resource irl Unicast Set cos port-resource flood-ctrlGroup#.port‐type MulticastShow cos port-resource Group#.port‐typeRate Clear cos port-resource irlUnit TypeUnicast Clear cos port-resource flood-ctrlSet cos reference MulticastIRL reference number associated with this entry Specifies that an IRL reference is being configuredShow cos reference Rate‐limit irl‐indexClear cos reference Kbps Show cos unitPort‐typ e index PpsClear cos all-entries Show cos port-typeThis example shows flood control information for port type Port Priority Configuration Port Priority Configuration SummaryConfiguring Port Priority Show port prioritySet port priority Clear port priorityConfiguring Priority to Transmit Queue Mapping Show port priority-queueSet port priority-queue Clear port priority-queue Configuring Quality of Service QoS Show port txqSet port txq By default, transmit queues are defined as follows Clear port txqClear port txq Port Priority Configuration About IP Multicast Group Management Igmp ConfigurationIgmp Overview About Multicasting Configuring Igmp at LayerTo configure Igmp snooping from the switch CLI This example shows how to display Igmp snooping information Set igmpsnooping adminmodeUse this command to display Igmp snooping information Use this command to enable or disable Igmp on the systemThis example shows how to enable Igmp on port ge.1.10 This example shows how to enable Igmp on the systemEnable disable Enables or disables Igmp Set igmpsnooping interfacemodeSet igmpsnooping maxresponse Modify Set igmpsnooping mcrtrexpiretimeSet igmpsnooping add-static If no ports are specified, all ports are added to the entryIf modify is not specified, a new entry is created Set igmpsnooping remove-staticShow igmpsnooping static This example displays the static Igmp ports for Vlan Show igmpsnooping mfdbGroup group Stats Optional Displays Mfdb statisticsClear igmpsnooping Use this command to clear all Igmp snooping entriesThis example shows how to clear all Igmp snooping entries Global configuration C3su‐routerConfig# Configuring Igmp on Routing InterfacesTo configure Igmp on routing interfaces Ip igmpInterface configuration C3su‐routerConfig‐ifVlan 1# Ip igmp enableThis example shows how to enable Igmp on the router Ip igmp versionAny router mode Show ip igmp interfaceShow ip igmp groups Ip igmp query-intervalIp igmp query-max-response-time Ip igmp startup-query-intervalIp igmp startup-query-count Ip igmp last-member-query-intervalIp igmp last-member-query-count Ip igmp robustnessInterface configuration C3 su‐routerConfig‐ifVlan 1# Ip igmp robustness Igmp Configuration Configuring System Logging Logging and Network ManagementShow logging server Set logging server Show logging default Clear logging serverSet logging default Use this command to set logging default valuesFacility Clear logging defaultShow logging application SeveritySet logging application Show logging application Output DetailsLevel level If level is not specified, none will be appliedClear logging application Show logging localSet logging local Clear logging localShow logging interface This example shows how to clear local loggingShow logging buffer Set logging interface Clear logging interface Monitoring Network Events and Status HistoryShow history Use this command to set the size of the history bufferDefault Set historyThis example, the host at IP address is not responding PingShow users Console DisconnectShow netstat Show netstat Output Details Following example shows the output of this commandFollowing table describes the output of this command Show arp Managing Switch Network Addresses and RoutesUse this command to display the switch’s ARP table Show arp Output Details This example shows how to display the ARP tableSet arp Clear arp TracerouteType other learned Show macEach response Self mgmtShow mac agetime Show mac Output DetailsSet mac agetime This example shows how to display the MAC timeout periodThis example shows how to set the MAC timeout period Clear mac agetimeShow mac algorithm Default MAC algorithm is mac‐crc16‐upperbitsSet mac algorithm Clear mac algorithm Set mac multicastAppend clear Use this command to remove a multicast MAC addressClear mac address Show mac unreserved-flood Set mac unreserved-floodUse this command to display Sntp client settings Configuring Simple Network Time Protocol SntpThis example enables multicast flood protection Show sntpThis example shows how to display Sntp client settings Show sntp Output DetailsSet sntp client Clear sntp clientIf precedence is not specified, 1 will be applied Set sntp serverClear sntp server Set sntp poll-interval Clear sntp poll-intervalClear sntp poll-retry This example shows how to clear the Sntp poll intervalSet sntp poll-retry Use this command to clear the Sntp poll timeout Set sntp poll-timeoutClear sntp poll-timeout This example shows how to clear the Sntp poll timeoutSet timezone Show sntp interface Set sntp interfaceClear sntp interface C3rw-show sntp interface Vlan 100 C3rw-clear sntp interface Configuring Node Aliases Show nodealias configMaxentries maxentries Show nodealias config Output DetailsSet nodealias Clear nodealias config Rmon Monitoring Group Functions Rmon ConfigurationRmon Monitoring Group Functions and Commands Group What It Does What It Monitors CLI Commands Design ConsiderationsStatistics Group Commands To display, configure, and clear Rmon statisticsSet rmon stats Use this command to configure an Rmon statistics entryShow rmon stats Clear rmon stats To‐defaultsThis example shows how to delete Rmon statistics entry If owner is not specified, monitor will be appliedHistory Group Commands Show rmon historyBuckets buckets Set rmon historyClear rmon history Interval intervalThis example shows how to delete Rmon history entry This example shows how to display Rmon alarm entry Alarm Group CommandsShow rmon alarm Object object Set rmon alarm propertiesShow rmon alarm Output Details Type absoluteSet rmon alarm status This example shows how to enable Rmon alarm entry Clear rmon alarmEnable Use this command to delete an Rmon alarm entryThis example shows how to display Rmon event entry Event Group CommandsUse this command to display Rmon event entry properties Show rmon eventType none log Set rmon event propertiesDescription Trap bothClear rmon event This example shows how to enable Rmon event entrySet rmon event status This example shows how to clear Rmon event Filter Group Commands Show rmon channelAccept matched Use this command to configure an Rmon channel entrySet rmon channel FailedIndex index Clear rmon channelShow rmon filter Channel channelSet rmon filter Clear rmon filter Use this command to clear an Rmon filter entryThis example shows how to clear Rmon filter entry Nodata Packet Capture CommandsShow rmon capture Slice slice Set rmon captureAction lock Loadsize loadsizeClear rmon capture Use this command to clears an Rmon capture entryThis example shows how to clear Rmon capture entry Dhcp Relay Agent Dhcp Server ConfigurationDhcp Overview Dhcp ServerConfiguring a Dhcp Server Configuring General Dhcp Server Parameters Set dhcp Set dhcp bootpThis example enables Dhcp server functionality Set dhcp conflict logging This example enables address allocation for Bootp clientsThis example enables Dhcp conflict logging Show dhcp conflictClear dhcp conflict Logging Disables conflict loggingThis example disables Dhcp conflict logging Clears the conflict information for all IP addressesClear dhcp exclude 100, with the set dhcp exclude commandSet dhcp exclude This example sets the number of ping packets sent to Set dhcp pingClear dhcp ping Show dhcp binding Clear dhcp bindingShow dhcp server statistics Use this command to display Dhcp server statisticsUse this command to clear all Dhcp server counters Clear dhcp server statisticsThis example clears all Dhcp server counters Configuring IP Address Pools Manual Pool Configuration ConsiderationsSet dhcp pool This example creates an address pool named auto1Set dhcp pool network Use this command to delete a Dhcp server pool of addressesClear dhcp pool This example deletes the address pool named auto1Clear dhcp pool network Set dhcp pool hardware-addressIf no type is specified, Ethernet is assumed Clear dhcp pool hardware-addressSet dhcp pool host Clear dhcp pool host Set dhcp pool client-identifierClear dhcp pool client-identifier Set dhcp pool client-name Clear dhcp pool client-nameSet dhcp pool bootfile Clear dhcp pool bootfileSet dhcp pool next-server Clear dhcp pool next-serverInfinite Set dhcp pool leaseClear dhcp pool lease Set dhcp pool default-router Clear dhcp pool default-routerSet dhcp pool dns-server Clear dhcp pool dns-serverSet dhcp pool domain-name Clear dhcp pool domain-nameSet dhcp pool netbios-name-server Clear dhcp pool netbios-name-server‐node Set dhcp pool netbios-node-typeClear dhcp pool netbios-node-type Set dhcp pool option Ascii stringThis example removes option 19 from address pool auto1 Show dhcp pool configurationClear dhcp pool option Show dhcp pool configuration Dhcp Message Processing Dhcp Snooping Dynamic ARP InspectionDhcp Snooping Overview Building and Maintaining the Database Procedure 17-1 Basic Configuration for Dhcp Snooping Basic ConfigurationConfiguration Notes Rate LimitingSet dhcpsnooping Dhcp Snooping CommandsDisabled globally Set dhcpsnooping database write-delay Set dhcpsnooping vlanBy default, ports are untrusted Set dhcpsnooping trustSet dhcpsnooping verify This example configures port ge.1.1 as a trusted portSet dhcpsnooping binding Against the client hardware address Source MAC address verification is enabled by defaultSet dhcpsnooping log-invalid Rate pps Set dhcpsnooping limitNone Burst interval secsThis example configures rate limit parameters on port ge.1.1 Show dhcpsnooping database Show dhcpsnooping portEntry, either dynamic or static Show dhcpsnooping bindingDynamic static Show dhcpsnooping statistics Clear dhcpsnooping database Clear dhcpsnooping bindingClear dhcpsnooping statistics Clear dhcpsnooping limit Write‐delayDefault value of 300 seconds Dynamic ARP Inspection OverviewOptional ARP Packet Validation Functional DescriptionStatic Mappings Rate Limiting Logging Invalid PacketsPacket Forwarding Eligible InterfacesProcedure 17-2 Basic Dynamic ARP Inspection Configuration Step Task CommandsVlan Configuration Example ConfigurationRouter Configuration Dhcp Snooping Configuration Dynamic ARP Inspection CommandsSet arpinspection vlan Dynamic ARP Inspection ConfigurationBy default, all physical ports and LAGs are untrusted Set arpinspection trustLogging is disabled by default LoggingDst‐mac Set arpinspection validateSrc‐mac Set arpinspection limit Permit Set arpinspection filterShow arpinspection access-list Mac hostShow arpinspection ports This example displays the ARP configuration of lag.0.1Show arpinspection vlan Show arpinspection statisticsThis example removes all 3 additional validation conditions Clear arpinspection validateWith an invalid address Clear arpinspection vlan Clear arpinspection filter Clear arpinspection limit This example removes the ARP ACL named staticARP from VlanClear arpinspection statistics This example clears all DAI statistics from the switchPage Preparing for Router Mode Pre-Routing Configuration TasksRouter CLI Configuration Modes Enabling Router Configuration ModesEnabling the Switch for Routing Router CLI Configuration Modes Page IP Configuration Configuring Routing Interface SettingsShow interface Vlan vlan ‐idInterface Use this command to configure interfaces for IP routingRouter global configuration mode C3su‐routerConfig# Vlan vlan‐ idThis example shows how to enter configuration mode for Vlan Show ip interfaceShow ip interface Output Details Router interface configuration C3su‐routerConfig‐ifVlan 1#Ip address SecondaryShow running-config No shutdownThis example shows how to enable Vlan 1 for IP routing No ip routingInterface tunnel Configuring Tunnel InterfacesUse this command to configure a tunnel interface Tunnel source This example creates a configured tunnel interfaceRouter interface configuration C3su‐routerConfig‐ifTnnl 1# Ipv6ip Specifies that the tunnel mode is IPv6 over IPv4 Tunnel modeThis command specifies the mode of the tunnel interface No form of this command removes the mode of the tunnelThis example sets the tunnel mode to IPv6 over IPv4 Show interface tunnelReviewing and Configuring the ARP Table Show ip arpShow ip arp Output Details This example shows how to use the show ip arp commandArp This example shows how to enable proxy ARP on Vlan Ip proxy-arp14,400 seconds Arp timeoutClear arp-cache Privileged Exec C3su‐router#Ip directed-broadcast Configuring Broadcast SettingsInterface configuration C3su‐Router1Config‐ifVlan 1# Specifies UDP as the IP forwarding protocol Ip forward-protocolUdp Are forwardedIp helper-address Reviewing IP Traffic and Configuring Routes Show ip routeOSPF, IA Preference in route selection Ip routePing Traceroute This command is also available in switch modeThere is also a traceroute command available in switch mode Configuring Icmp Redirects Ip icmp redirect enableShow ip icmp redirect InterfaceIPv4 Routing Protocol Configuration Activating Advanced Routing FeaturesRIP Configuration Task List and Commands Configuring RIPRIP Configuration Task List and Commands Router ripDistance Ip rip enableThis example shows how to enable RIP Ip rip send version R1compatibleIp rip receive version Ip rip authentication-keySpecifies RIP version 1. This is the default setting Specifies RIP versionIp rip message-digest-key Md5No auto-summary Use this command to disable automatic route summarizationRouter configuration C3su‐routerConfig‐router# Split-horizon poisonPassive-interface Connected Receive-interfaceRedistribute OspfSubnets Command detailed in ip route on page 19‐21Protocol Subnetted will be redistributedOspf Configuration Task List and Commands Configuring OspfOspf Configuration Task List and Commands Advanced License RequiredRouter id Routes1583compatibility This example shows how to enable routing for Ospf processRouter ospf Ip ospf areaid Ip ospf enableThis example shows how to enable RFC 1583 compatibility Ip ospf cost Ip ospf priorityTimers spf Ip ospf transmit-delay Ip ospf retransmit-interval65535 Ip ospf hello-intervalIp ospf dead-interval Ip ospf authentication-key Ip ospf message digest key md5 Distance ospfArea intra‐area Area rangeExternal inter‐ Intra‐area routesAdvertise no‐ If not specified, advertise mode will be setArea stub AdvertiseArea default cost Area nssaArea virtual-link Default‐This example shows how to configure area 10 as an Nssa area Information‐Key key Authentication‐Transmit‐delay Dead‐intervalMetric‐type type Show ip ospfRip Show ip ospf database This example shows how to display Ospf informationUse this command to display the Ospf link state database Show ip ospf interface Show ip ospf database Output DetailsShow ip ospf interface Output Details Show ip ospf neighbor Show ip ospf neighbor Output DetailsShow ip ospf virtual links Output Details Show ip ospf virtual-linksClear ip ospf process This example shows how to reset Ospf process Configuring Dvmrp Enabling Dvmrp on an InterfaceThis example shows how to enable the Dvmrp process Ip dvmrp enableCommands to Enable Dvmrp on an Interface Ip dvmrpShow ip dvmrp Use this command to display Dvmrp routing informationIp dvmrp metric This example shows how to display Dvmrp status information Configuring Irdp Ip irdp enableIp irdp maxadvertinterval Ip irdp minadvertinterval9000 Ip irdp holdtimeIp irdp preference Show ip irdp Use this command to display Irdp informationIp irdp broadcast Configuration Tasks on page 18‐1 Configuring Vrrp Router vrrpThis example shows how enable Vrrp configuration mode CreateAddress Priority Advertise-intervalDescribed in Pre‐Routing Configuration Tasks on page 18‐1 PreemptEnable This example shows how to display Vrrp information Ip vrrp authentication-keyUse this command to display Vrrp routing information Show ip vrrpConfiguring PIM-SM Design ConsiderationsIp pimsm Global router configuration C3su‐routerConfig#This example shows how to globally enable and disable PIM Ip pimsm staticrpIp pimsm enable Show ip pimsm This example shows how to display PIM informationIp pimsm query-interval Show ip pimsm Output Details This example shows how to display PIM router informationShow ip pimsm componenttable Show ip pimsm componenettable Output Details This example shows how to display PIM interface informationShow ip pimsm interface StatsShow ip pimsm interface vlan Output Details This example shows how to display PIM interface statisticsShow ip pimsm neighbor 10 show ip pimsm interface stats Output Details11 show ip pimsm neighbor Output Details ‐11 provides an explanation of the command outputShow ip pimsm rp Candidate12 show ip pimsm rp Output Details ‐12 provides an explanation of the command outputShow ip pimsm rphash Display the PIM‐SM static Rendezvous Point information ‐13 provides an explanation of the command outputShow ip pimsm staticrp 13 show ip pimsm staticrp Output Details Use this command to display the IP multicast routing tableShow ip mroute 20-60 IPv4 Routing Protocol Configuration IPv6 Management Show ipv6 statusSet ipv6 By default, IPv6 management is disabledThis example shows how to enable IPv6 management Eui64 No global unicast IPv6 address is defined by defaultSet ipv6 address Clear ipv6 address Use this command to clear IPv6 global addressesShow ipv6 address Set ipv6 gateway Show ipv6 neighbors Use this command to clear an IPv6 gateway addressClear ipv6 gateway Show ipv6 netstat This example shows example output of this commandUse this command to display IPv6 netstat information Size num This command is also available in router modePing ipv6 Traceroute ipv6 Traceroute ipv6 21-10 IPv6 Management IPv6 Routing License Required IPv6 ConfigurationOverview Default Conditions Following table lists the default IPv6 conditionsIpv6 hop-limit General Configuration CommandsIpv6 forwarding Ipv6 route Default maximum number of IPv6 hops isThis command configures static IPv6 routes This example sets the hop limit toDefault preference or administrative distance is Ipv6 route distanceThis command sets the default distance value to Ipv6 unicast-routingPing ipv6 interface Link‐local‐addressRouter privileged exec C3 su‐router# 20010db8123455551 No IPv6 addresses are defined for any interface Interface Configuration CommandsIpv6 address Ipv6 enable IPv6 is disabledIpv6 mtu BytesThis example sets the MTU value to 1500 bytes This example clears all dynamically learned cache entries Neighbor Cache and Neighbor Discovery CommandsClear ipv6 neighbors Ipv6 nd ns-interval Duplicate address detection enabled, for 1 attemptIpv6 nd dad attempts Ipv6 nd reachable-time By default, a value of 0 is advertised in RA messagesRouter interface configurationC3su‐routerConfig‐ifVlan 1# This example sets the NS interval to 2 secondsRouter interface configuration C3su‐routerConfig‐if Vlan 1# Ipv6 nd other-config-flagFlag is set to false by default This example sets the reachable time to 60 secondsIpv6 nd ra-interval Ipv6 nd ra-lifetimeIpv6 nd suppress-ra Suppression disabledThis example disables router advertisement transmission Ipv6 nd prefixOff‐link No‐autoconfigRouter interface configurationC3su‐routerConfig‐if Vlan 1# Example Show ipv6 interface Query CommandsShow ipv6 Router privileged execution C3su‐router#This example displays information about IPv6 interface Vlan This command displays IPv6 Neighbor Cache information This example displays the neighbors in the cacheShow ipv6 neighbor Output Details This command displays the IPv6 routing tableShow ipv6 route Interface interfaceThis example displays all active IPv6 routes Show ipv6 route Output DetailsShow ipv6 route preferences Show ipv6 route preferences Output DetailsNon‐best routes This command displays the summary of the routing tableShow ipv6 route summary Show ipv6 summary Output Details Following example displays the output of this commandShow ipv6 traffic Show ipv6 traffic Output Details Options, etc Counter would include datagrams counted Send. Note that this counter includes all those counted by This example clears the statistics for Vlan Clear ipv6 statisticsRouter privileged executionC3su‐router# IPv6 Proxy Routing Preparing a Mixed Stack for IPv6 Proxy Routing LimitationsThis example enables IPv6 proxy routing IPv6 proxy routing is disabled by defaultRouter global configuration C2su‐routerConfig# Ipv6 proxy-routingAny routing mode DHCPv6 Configuration Following table lists the default DHCPv6 conditions Global Configuration CommandsIpv6 dhcp enable This command enables DHCPv6 on the routerIpv6 dhcp relay-agent-info-opt By default, DHCPv6 is disabledThis example enables DHCPv6 Ipv6 dhcp relay-agent-info-remote-id-subopt Ipv6 dhcp poolIpv6 dhcp pool Address Pool Configuration Commands Domain-nameDns-server Prefix-delegationSecs infinite Valid‐lifetime secsPreferred‐lifetime C3su-routerConfig-dhcp6s-pool# exit C3su-routerConfig# Rapid‐commit By default, DHCPv6 functionality is disabledIpv6 dhcp server Preference prefInterface intf Ipv6 dhcp relayDestination dest‐addr Remote‐id duid‐ifidExamples DHCPv6 Show Commands Show ipv6 dhcpShow ipv6 dhcp interface StatisticsOutput of show ipv6 dhcp interface Command This example displays the DHCPv6 statistics for VlanShow ipv6 dhcp statistics This example displays the output of this commandOutput of show ipv6 dhcp statistics Command Clear ipv6 dhcp statistics This example clears DHCPv6 statistics for VlanShow ipv6 dhcp binding This command displays information about DHCPv6 bindingsShow ipv6 dhcp pool If no IPv6 address is specified, all bindings are displayed Show ipv6 dhcp binding DHCPv6 Configuration OSPFv3 Configuration Following table lists the default OSPFv3 conditions Ipv6 router id Global OSPFv3 Configuration CommandsUse this command to configure the OSPFv3 router ID Always Default-information originateIpv6 router ospf Metric valueNo default metric is configured Default-metricRouter OSPFv3 configuration C3su‐routerConfig‐router# Router OSPFv3 configuration C3su-routerConfig-router#Inter Exit-overflow-intervalIntra Type1External-lsdb-limit This command configures the external Lsdb limit for OSPFv3Default value is ‐1 This example sets the exit overflow interval to 10 secondsTag tag Maximum-pathsConnected static Metric = unspecified Metric type = Type Tag = These commands are used to configure area parameters Area Configuration CommandsArea default-cost This example sets the default route cost to 50 for area This example shows how to configure area 20 as an NssaArea nssa no-redistribute Area nssa default-info-originateDefault metric value is ComparableArea nssa no-summary Area nssa translator role This command configures the translator role of the routerBy default, the translator role is disabled Area nssa translator-stab-intvSummarylink Default interval is 40 secondsArea address ranges are not configured by default NssaexternallinkThis command creates a stub area for the specified area ID This example creates a stub area with the ID Example disables the import of summary LSAs into stub areaArea stub no-summary Default dead interval is 40 seconds Area virtual-link dead-intervalArea virtual-link retransmit-interval Default hello interval is 10 secondsArea virtual-link hello-interval Default transmit delay is 1 second Area virtual-link transmit-delayDefault retransmit interval is 5 seconds Ipv6 ospf enable OSPFv3 is disabled by defaultIpv6 ospf areaid Ipv6 ospf costDefault dead interval value is 40 seconds Ipv6 ospf dead-intervalIpv6 ospf hello-interval Ipv6 ospf mtu-ignoreIpv6 ospf network By default, MTU mismatch detection is enabledDefault network type is broadcast Ipv6 ospf retransmit-interval Default priority value isIpv6 ospf priority Default value is 1 second Ipv6 ospf transmit-delayDefault value is 4 seconds Ipv6 ospf transmit-delay This example shows how to display OSPFv3 router information OSPFv3 Show CommandsThis command displays OSPFv3 router information Show ipv6 ospfShow ipv6 ospf Output Details Show ipv6 ospf area Show ipv6 ospf area Output DetailsShow ipv6 ospf abr Show ipv6 ospf abr Output DetailsShow ipv6 ospf asbr Show ipv6 ospf asbr Output DetailsShow ipv6 ospf database Adv Router Link Id Age Sequence Csum Options Rtr Opt Show ipv6 ospf database Output Details Show ipv6 ospf database database-summary Output Details Loopback loopid This command displays information about OSPFv3 interfacesShow ipv6 ospf interface Show ipv6 ospf interface Command Output Details This example shows how to display statistics for Vlan Show ipv6 ospf interface statsShow ipv6 ospf interface stats Output Details Specify the Vlan interface to display information about This command displays information about OSPFv3 neighborsShow ipv6 ospf neighbor Specify the tunnel interface to displayShow ipv6 ospf neighbor Output Details This example displays range information for area Show ipv6 ospf range10 show ipv6 ospf neighbor routerid Output Details This example displays the OSPFv3 stub table information Show ipv6 ospf stub table11 show ipv6 ospf range Output Details 12 show ipv6 ospf stub table Output DetailsShow ipv6 ospf virtual-link 13 show ipv6 ospf virtual-link Output DetailsShow ipv6 ospf virtual-link Show ipv6 ospf virtual-link OSPFv3 Configuration Authentication and Authorization Configuration Overview of Authentication and Authorization MethodsOverview of Authentication and Authorization Methods Filter-ID Attribute Formats Set authentication login Setting the Authentication Login MethodShow authentication login Use this command to set the authentication login methodLocal Clear authentication loginAny RadiusShow radius Configuring RadiusTimeout RetriesServer Optional Displays Radius server configuration informationSet radius Servers or a specific Radius server as defined by an indexServer index Timeout timeoutRealm management‐ access any network‐access Clear radius RealmRetries retries Show radius accountingSet radius accounting Clear radius accounting This example shows how to set Radius accounting retries toTimeout RetriesShow radius interface Set radius interfaceClear radius interface Example Auth‐diag Configuring 802.1X AuthenticationShow dot1x Auth‐statsThis example shows how to display 802.1X status Show dot1x auth-config True false Set dot1xInit reauth Set dot1x auth-config Clear dot1x auth-config Portcontrol MaxreqShow eapol Connecting state, via disconnected Show eapol Output DetailsAuth‐mode Set eapolClear eapol Forced‐authOptional Globally clears the Eapol authentication mode Configuring MAC Authentication Show macauthenticationShow macauthentication Output Details NopasswordShow macauthentication session Output Details Show macauthentication sessionThis example shows how to display MAC session information Use this command to set a MAC authentication password Set macauthenticationSet macauthentication password Use this command to clear the MAC authentication password Clear macauthentication passwordSet macauthentication port Enables or disables MAC authenticationSet macauthentication portinitialize Set macauthentication portquietperiodThis example resets the default quiet period on port Clear macauthentication portquietperiodSet macauthentication macinitialize Enables or disables MAC reauthentication Set macauthentication reauthenticationSet macauthentication portreauthenticate Set macauthentication macreauthenticate Set macauthentication reauthperiodClear macauthentication reauthperiod Set macauthentication significant-bits Clear macauthentication significant-bitsC3su-clear macauthentication significant-bits About Multi-User Authentication Configuring Multiple Authentication MethodsAbout Multiple Authentication Types Show multiauth Multi Set multiauth modeClear multiauth mode StrictClear multiauth precedence Default precedence order is dot1x, pwa, macSet multiauth precedence Show multiauth port Set multiauth portClear multiauth port Show multiauth station Show multiauth sessionShow multiauth idle-timeout Agent dot1x macWhich to set the timeout value Set multiauth idle-timeoutAuthentication method for which to set the timeout value Idle timeout value is provided by the authenticating serverDefault Clear multiauth idle-timeoutShow multiauth session-timeout Which to reset the timeout value to its defaultSet multiauth session-timeout Which to set the session timeout valueClear multiauth session-timeout Configuring User + IP Phone AuthenticationConfiguring Vlan Authorization RFC Tagged Set vlanauthorizationSet vlanauthorization egress By default, administrative egress is set to untagged Clear vlanauthorizationShow vlanauthorization Configuring Policy Maptable Response Show vlanauthorization Output DetailsWhen Policy Maptable Response is Both Operational DescriptionShow policy maptable When Policy Maptable Response is PolicyWhen Policy Maptable Response is Tunnel Both Set policy maptableResponse PolicyClear policy maptable Configuring MAC Locking To review, disable, enable, and configure MAC lockingShow maclock Firstarrival Show maclock stationsShow maclock Output Details Connected to MAC locked portsShow maclock stations Output Details Set maclock enableSet maclock enable port‐string This example shows how to disable MAC locking on ge.2.3 Set maclock disableThis example shows how to enable MAC locking on ge.2.3 Set maclockSpecified MAC address and port Clear maclockCreate Set maclock static Clear maclock staticSet maclock firstarrival Clear maclock firstarrival Set maclock agefirstarrivalClear maclock agefirstarrival This example enables first arrival aging on port ge.1.1This example disables first arrival aging on port ge.1.1 Set maclock moveSet maclock trap Configuring Port Web Authentication PWA About PWAShow pwa Show pwa Output DetailsSet pwa Enable disable Enables or disables port web authenticationThis example shows how to enable port web authentication Set pwa banner This example shows how to display the PWA login bannerShow pwa banner Set pwa displaylogo This example shows how to hide the Enterasys Networks logoClear pwa banner Display hideChap pap Set pwa ipaddressSet pwa protocol Set pwa guestname Use this command to clear the PWA guest user nameThis example shows how to clear the PWA guest user name Clear pwa guestnameAuthnone Set pwa guestpasswordSet pwa gueststatus AuthradiusSet pwa quietperiod This example shows how to initialize ports ge.1.5‐7Set pwa initialize Set pwa maxrequest Set pwa portcontrolThis example shows how to display PWA session information Enables or disables PWA on specified portsThis example shows how to enable PWA on ports 1‐22 Show pwa sessionSet pwa enhancedmode Enable disable Enables or disables PWA enhancedmodeThis example shows how to enable PWA enhancedmode Show ssh status Configuring Secure Shell SSHThis example shows how to display SSH status on the switch Set sshSet ssh hostkey This example shows how to disable SSHThis example shows how to regenerate SSH keys Show access‐lists number Configuring Access ListsShow access-lists Access-list standard Deny permitThis example moves entry 16 to the beginning of ACL Access-list extendedInsert replace Insert replace Filters inbound frames Ip access-groupInterface configuration C3su‐routerConfig‐ifVlan vlanid# Example Page TACACS+ Configuration Show tacacs Output Details Show tacacsState Optional Displays only the TACACS+ client status This example shows how to enable the TACACS+ client Use this command to enable or disable the TACACS+ clientEnable disable Enables or disables the Tacacs client Set tacacsTimeout seconds Set tacacs serverClear tacacs server Specifies one TACACS+ server to be affectedShow tacacs session This example removes TACACS+ serverSet tacacs session Read‐write ServiceClear tacacs session Super‐userShow tacacs command Set tacacs commandConnection Show tacacs singleconnectSet tacacs singleconnect Show tacacs interface Set tacacs interfaceClear tacacs interface Clear tacacs interface TACACS+ Configuration 27-14 Advantages of using sFlow include SFlow ConfigurationUsing sFlow in Your Network Sampling Mechanisms DefinitionsSFlow Agent Functionality SFlow DefinitionsUsage Notes Packet Flow SamplingCounter Sampling 28-5 This example displays the sFlow Receivers Table Contents of the sFlow Receivers Table is displayedShow sflow receivers Following table describes the output fields Show sflow receivers Output DescriptionsSet sflow receiver owner Set sflow receiver ipSet sflow receiver maxdatagram Default IP address isDefault maximum datagram size is 1400 bytes Maxdatagram bytesClear sflow receiver Default port value isSet sflow receiver port MaxdatagramPort port Set sflow port pollerOwner Show sflow pollers Interval Clear sflow port pollerSet sflow port sampler This example removes the poller instance on port ge.1.1Show sflow samplers Maxheadersize Clear sflow port samplerSet sflow interface RateShow sflow interface Clear sflow interface Show sflow agent 28-18 Table A-1 Policy Capacities Policy and Authentication CapacitiesPolicy Capacities Authentication Capacities Table A-2 Authentication CapacitiesIndex NumericsOspf 20-30Network Management Tftp Index