Manuals / Enterasys Networks / Computer Equipment / Switch

Enterasys Networks 9034313-07 manual Clear tacacs interface, Usage

Models: 9034313-07

1 872

Download 872 pages 24.54 Kb

Page 846

TACACS+ Configuration		clear tacacs interface

	vlan vlan‐ID	Specifies the VLAN interface to be used. The value of vlan‐ID can range
		from 1 to 4093.

Defaults
	None.
Mode

Switch command, read‐write.

Usage

This command allows you to configure the source IP address used by the TACACS+ application on the switch when generating packets for management purposes. Any of the management interfaces, including VLAN routing interfaces, can be configured as the source IP address used in packets generated by the TACACS+ client.

An interface must have an IP address assigned to it before it can be set by this command.

If no interface is specified, then the IP address of the Host interface will be used.

If a non‐loopback interface is configured with this command, application packet egress is restricted to that interface if the server can be reached from that interface. Otherwise, the packets are transmitted over the first available route. Packets from the application server are received on the configured interface.

If a loopback interface is configured, and there are multiple paths to the application server, the outgoing interface (gateway) is determined based on the best route lookup. Packets from the application server are then received on the sending interface. If route redundancy is required, therefore, a loopback interface should be configured.

Example

This example configures an IP address on VLAN interface 100 and then sets that interface as the TACACS+ client source IP address.

C3(rw)->router(Config-if(Vlan 100))#ip address 192.168.10.1 255.255.255.0 C3(rw)->router(Config-if(Vlan 100))#exit C3(rw)->router(Config)#exit

C3(rw)->router#exit

C3(rw)->router>exit

C3(rw)->set tacacs interface vlan 100

C3(rw)->show tacacs interface vlan 100 192.168.10.1

clear tacacs interface

Use this command to clear the interface used for the source IP address of the TACACS+ client back to the default of the Host interface.

Syntax

clear tacacs interface

Parameters

27-12

Image 846

Enterasys Networks 9034313-07 manual Clear tacacs interface, Usage

Contents

Enterasys SecureStack C3 Page Page Enterasys Networks, Inc. Firmware License Agreement Iii Page Contents Page Activating Licensed Features Configuring System Power and PoE Discovery Protocol Configuration Port Configuration Show port broadcast Set port broadcast Clear port broadcast Snmp Configuration Spanning Tree Configuration Configuring Spanning Tree Port Parameters Purpose Commands 802.1Q Vlan Configuration Policy Classification Configuration Port Priority Configuration Igmp Configuration Logging and Network Management 14-3 Rmon Configuration Dhcp Server Configuration Preparing for Router Mode IP ConfigurationDhcp Snooping and Dynamic ARP Inspection IPv4 Routing Protocol Configuration 20-11 IPv6 Configuration IPv6 Management DHCPv6 Configuration IPv6 Proxy Routing OSPFv3 Configuration Authentication and Authorization Configuration 26-37 TACACS+ Configuration Index SFlow ConfigurationAppendix a Policy and Authentication Capacities Tables 10-4 22-26 Xxxii Structure of This Guide Using This GuideAbout This Guide Important Notice Structure of This Guide SecureStack C3 Installation Guides Related Documents Conventions Used in This Guide Following conventions are used in the text of this documentFollowing icons are used in this guide Getting Help Support@enterasys.com Getting Help Xxxviii About This Guide Switch Management Methods IntroductionSecureStack C3 CLI Overview Factory Default Settings Default Settings for Basic Switch Operation Feature Default Setting Default Settings for Router Operation Sntp Dvmrp Using the Command Line Interface Connecting Using the Console PortStarting a CLI Session Using an Administratively Configured User Account Connecting Using TelnetUsing a Default User Account Logging CLI Command Modes Navigating the Command Line InterfaceCLI Command Defaults Descriptions Getting Help with CLI Syntax Abbreviating and Completing Commands Displaying Scrolling Screens Basic Line Editing Commands Basic Line Editing Commands Configuring Switches in a Stack About SecureStack C3 Switch Operation in a Stack Installing a New Stackable System of Up to Eight Units Installing Previously-Configured Systems in a Stack Creating a Virtual Switch ConfigurationAdding a New Unit to an Existing Stack SID Feature Support Considerations About Using Clear Config in a StackIssues Related to Mixed Type Stacks Configuration Commands Stacking Configuration and Management CommandsShow switch Purpose Show switch switchtype Examples Show switch stack-ports None Example Set switchSwitch command, read‐write Priority value This example shows how to assign priority 3 to switch Set switch copy-fwSet switch description This example shows how to renumber switch 5 to switch Set switch movemanagement Set switch member Clear switch member Use this command to remove a member entry from the stack Basic Configuration Quick Start Setup CommandsRequired CLI Setup Commands Setting User Accounts and Passwords Optional CLI Setup Commands Show system login Show system login Output DetailsParameters Use this command to remove a local login user account Set system loginClear system login Super‐user read‐write read‐only Set password This example shows how to remove the netops user accountSwitch command, read‐write Switch command, super‐user Set system password length Set system password aging Set system password history DisableShow system lockout Attempts attempts Set system lockoutShow system lockout Output Details Time time Setting Basic Switch Properties Show ip address Use this command to clear the system IP address Set ip addressClear ip address This example shows how to clear the system IP address Show ip protocolSet ip protocol This example shows how to display system information Show system Show system hardware Show system Output Details Show system utilization Slot Hardware Information Default threshold value is 80% Set system utilizationThis example sets the CPU utilization threshold to 75% Clear system utilization Show system enhancedbuffermode This example shows how to enable enhanced buffer mode Set system temperatureEnable disable Enables or disables enhanced buffer mode Set system enhancedbuffermode Disable Clear system temperatureSyslog enable Trap enable disable Show time Set time This example shows how to set the system clock to 750 a.m Use this command to display daylight savings time settingsShow summertime If a zone name is not specified, none will be applied Set summertimeSet summertime date If an offset is not specified, none will be applied Set summertime recurring Clear summertime Use this command to modify the command promptThis example shows how to set the command prompt to Switch Set prompt Show banner motd Set banner motd Clear banner motd Show version Set system name ‐5 provides an explanation of the command outputUse this command to configure a name for the system Show version Output Details Set system location Use this command to identify the location of the systemThis example shows how to set the system location string Set system contact Set width This example shows how to set the system contact stringThis example shows how to set the terminal columns to Set length Show logout This example shows how to set the terminal length toThis example shows how to display the CLI logout setting Set logout Use this command to set the console port baud rate Use this command to display console settingsThis example shows how to display all console settings Show console Downloading from a Tftp Server This example shows how to set the console port baud rate toDownloading a Firmware Image Downloading via the Serial Port Type 2. The following baud rate selection screen displays Reverting to a Previous Image Reviewing and Selecting a Boot Firmware Image Show boot systemReboot the system using the reset command page 3‐50 Set boot system Compatibility platform specific Use this command to enable or disable Telnet on the switch Starting and Configuring TelnetThis example shows how to display Telnet status Show telnet Inbound Enable disableTelnet Outbound all Managing Switch Configuration and Files Configuration Persistence Mode Show snmp persistmode Set snmp persistmode Auto Save configDir Manual Use this command to display the contents of a file Show file Show config Configure AllOutfile Copy AppendSystemimage Show tftp settings This example shows how to download an image via TftpDelete This example shows the output of this command Set tftp timeoutClear tftp timeout This example sets the timeout period to 4 seconds Set tftp retry Clear tftp retryThis example sets the retry count to Cls clear screen This example shows how to clear the CLI screenClearing and Closing the CLI To clear the CLI screen or to close your CLI session Use either of these commands to leave a CLI session Resetting the SwitchReset This example shows how to exit a CLI session This example shows how to reset the system Clear configIf no unit ID is specified, the entire system will be reset This example shows how to reset unit Using and Configuring WebView Use this command to display WebView statusShow webview Set webview Show ssl This example shows how to display SSL status This example shows how to enable SSLSet ssl Show support CommandGathering Technical Support Information To gather common technical support information Show system hostprotect Configuring HostprotectHostprotect is enabled by default Set system hostprotect Default state is enabled This feature is disabled by defaultThis example disables hostprotect Clear system hostprotect Usage Activating Licensed Features Licensing Procedure in a Stack EnvironmentLicense Key Field Descriptions Clearing, Showing, and Applying Licenses Adding a New Member to a Licensed Stack Set license Usage Show license Use this command to clear the license key settingsFeatureID feature The name of the feature being cleared Clear license C3rw-clear license featureId advrouter Clear license Activating Licensed Features Show inlinepower Configuring System Power and PoECommands Use this command to display system power properties Set inlinepower threshold This example shows how to display system power propertiesShow inlinepower Output Details Set inlinepower trap Set inlinepower detectionmodeSending of traps is disabled by default Show port inlinepower Ieee Priority critical Set port inlinepowerAdmin off auto High low Set port inlinepower Configuring System Power and PoE Discovery Protocol Configuration Configuring CDP Show cdp Show cdp Output Details Auto disable EnableSet cdp state Use this command to set a global CDP authentication code Set cdp authSet cdp interval Set cdp hold-time Clear cdp Show neighbors Configuring Cisco Discovery Protocol Show ciscodp Show ciscodp port info ‐2 provides an explanation of the command output‐3 provides an explanation of the command output Show ciscodp Output Details Set ciscodp status Set ciscodp timerThis example shows how to globally enable CiscoDP Show ciscodp port info Output Details Set ciscodp holdtime Set ciscodp port Untagged VvidDot1p Trusted Clear ciscodp Configuring Link Layer Discovery Protocol and LLDP-MED To review and configure Llpd and LLPD‐MEDOverview Configuration Tasks Use this command to display Lldp configuration information Show lldp Show lldp port status Show lldp port trap Show lldp port tx-tlv Show lldp port location-infoShow lldp port tx‐tlv port‐string Show lldp port local-info Show lldp port local-info Output Details 1000BASE-TFD ECS Elin Show lldp port remote-info Show lldp port network-policy Voice‐signalingGuest‐voice‐signaling Voice Softphone‐voice Video‐signalingSet lldp tx-interval Video‐conferencing Set lldp hold-multiplier Set lldp trap-intervalThis example sets the transmit interval to 20 seconds Set lldp med-fast-repeat Set lldp port status Tx‐enableRx‐enable Set lldp port trap Set lldp port med-trap Set lldp port location-infoElin Set lldp port tx-tlv Poe GvrpMac‐phy Link‐aggr Tag tagged untagged State enable disableSet lldp port network-policy Vid vlan‐id dot1p Hold‐multiplier Clear lldpTx‐interval Trap‐interval Clear lldp port status Clear lldp port trap Clear lldp port med-trap Clear lldp port location-infoCleared Vid Clear lldp port network-policyTag Dscp Clear lldp port tx-tlv Disables the LLDP‐MED Location Identification TLV from being Disables the LLDP‐MED Extended Power via MDI TLV from being Port String Syntax Used in the CLI Port ConfigurationPort Configuration Summary Port type.unitorslot number.port number Reviewing Port Status Port Slot/Unit Parameters Used in the CLI Show port Show port status Switch mib2 Show port countersShow port status Output Details Show port counters Output Details Clear port counters Show port cablestatusThis example clears the port counters for ge.3.1 Disabling / Enabling and Naming Ports This example shows the cable status for 1 GE port ge.1.31Show port cablestatus Output Details This example shows how to disable ge.1.1 Set port disableSet port enable This example shows how to enable ge.1.3 Use this command to assign an alias name to a port Show port aliasSet port alias This example shows how to assign the alias Admin to ge.3.3 This example shows how to clear the alias for ge.3.3 Setting Speed and Duplex Mode Show port speed 10 100 Set port speedShow port duplex Mbps This example shows how to set ge.1.17 to full duplex Set port duplexFull half Enabling / Disabling Jumbo Frame Support Show port jumbo Enables or disables jumbo frame support Set port jumboClear port jumbo Setting Auto-Negotiation and Advertised Ability Show port negotiation Enable disable Set port negotiationShow port advertise Set port advertise Clear port advertise Forced‐auto Show port mdixSet port mdix Mdi Configure ports to use MDI mode only Configure ports to use Mdix mode onlyOptional Specify the port or ports to configure Setting Flow Control Show flowcontrolSet flowcontrol This example shows how to enable flow control Setting Port Link Traps and Link Flap Detection Show port trap Following example disables sending trap on ge.3.1 Set port trapShow linkflap Parameters GlobalstatePortstate Metrics Show linkflap parameters Output Details Show linkflap metrics Output Details Set linkflap globalstate Disable enableDisables or enables the link flap detection function Set linkflap portstate Set linkflap interval Set linkflap action Use this command to set the link flap action trigger count Clear linkflap actionSet linkflap threshold Set linkflap downtime Clear linkflap down Parameter Clear linkflapAll stats Threshold interval Configuring Broadcast Suppression Show port broadcast Set port broadcast Clear port broadcast Syntax Used in the CLI on page 7‐1 Mirroring Features Port MirroringRemote Port Mirroring Configuring Smon MIB Port Mirroring ProceduresOverview To review and configure port mirroring on the device Show port mirroring Create disable Can be configured per stack, if applicableSet port mirroring Use this command to clear a port mirroring relationship Clear port mirroringSet mirror vlan Clear mirror vlan Link Aggregation Control Protocol Lacp Lacp Operation SecureStack C3 Usage Considerations ‐6 defines key terminology used in Lacp configurationLacp Terminology Lacp Terms and Definitions Commands ‐7 provides an explanation of the command output Show lacp Set lacp Disable enable Disables or enables LacpThis example shows how to disable Lacp Show lacp Output Details Set lacp aadminkey Set lacp asyspriAsyspri Disable enable Disables or enables static link aggregation Clear lacpSet lacp static Clear lacp static This example enables the formation of single port LAGs Set lacp singleportlagClear lacp singleportlag Show port lacp Status detailSummary Counters Aadminkey Set port lacp Padminkey AadminstateLacptimeout Padminport Clear port lacp C3su-clear port lacp port ge.3.16 Configuring Protected Ports Set port protectedProtected Port Operation Show port protected Clear port protectedRead‐only Set port protected name Show port protected name Use this command to clear the name of a protected group Clear port protected name Clear port protected name Port Configuration Snmp Configuration Snmp Configuration Summary SNMPv1 and SNMPv2c SNMPv3About Snmp Security Models and Levels Reviewing Snmp Statistics Using Snmp Contexts to Access Specific MIBsConfiguration Considerations Snmp Security Levels This example shows how to display Snmp engine properties Show snmp engineidShow snmp engineid Output Details Use this command to display Snmp traffic counter values This example shows how to display Snmp counter valuesShow snmp counters Show snmp counters Output Details Engine or otherwise unavailable Configuring Snmp Users, Groups, and Communities Show snmp user Use this command to create a new SNMPv3 user This example shows how to display an Snmp user list‐4 provides an explanation of the command output Set snmp user Volatile AesSha Nonvolatile Clear snmp user Show snmp groupRemote remote Security‐model Set snmp groupUser user V2c usm Volatile Clear snmp group Show snmp communityV2c usm Securityname Use this command to configure an Snmp community groupSet snmp community Context context This example shows how to delete the community name vip Configuring Snmp Access RightsUse this command to delete an Snmp community name Clear snmp community Authentication Privacy Context context Show snmp accessNoauthentication Nonvolatile read‐ Only This example shows how to display Snmp access information ‐6 provides an explanation of the command outputShow snmp access Output Details Set snmp access Clear snmp access Configuring Snmp MIB Views Show snmp view Show snmp context Set snmp viewShow snmp view Output Details Clear snmp view Volatile nonvolatile Configuring Snmp Target ParametersShow snmp targetparams Read‐only Show snmp targetparams Output Details ‐8 provides an explanation of the command outputSet snmp targetparams Message‐ Privacy AuthenticationClear snmp targetparams Protected from disclosure Configuring Snmp Target Addresses Use this command to display Snmp target address informationShow snmp targetaddr Param param Timeout timeoutSet snmp targetaddr Udpport udpport Taglist taglist Use this command to delete an Snmp target address entryClear snmp targetaddr Tag 1 tag Configuring Snmp Notification Parameters About Snmp Notify Filters By default, this function is disabled globally and per port Show newaddrtrapSet newaddrtrap Show snmp notify 10 show snmp notify Output Details ‐10 provides an explanation of the command outputSet snmp notify Trap inform Use this command to clear an Snmp notify configuration Clear snmp notifyShow snmp notifyfilter Set snmp notifyfilter Subtree oid‐or‐ Clear snmp notifyfilter Show snmp notifyprofile Set snmp notifyprofileTargetparam Creating a Basic Snmp Trap Configuration This example shows how to delete Snmp notify profile area51Clear snmp notifyprofile 11 Basic Snmp Trap Configuration Example Configuring the Snmp Management Interface How Snmp Will Use This ConfigurationShow snmp interface Set snmp interface Loopback loop‐ID Clear snmp interface Clear snmp interface Snmp Configuration Spanning Tree Configuration Spanning Tree Configuration Summary Spanning Tree Features Loop Protect Configuring Spanning Tree Bridge Parameters For information about Show spantree stats Sid sidActive ‐1 shows a detailed explanation of command output Show spantree Output Details Disable enable Globally disables or enables Spanning Tree Set spantreeShow spantree version Set spantree version This example shows how to reset the Spanning Tree version Clear spantree versionShow spantree bpdu-forwarding This example shows how to enable Bpdu forwarding Disable enable Disables or enables Bpdu forwardingBy default Bpdu forwarding is disabled Set spantree bpdu-forwarding 8021d Set spantree bridgeprioritymodeClear spantree bridgeprioritymode 8021t Show spantree mstilist Set spantree mstiCreate delete Clear spantree msti Show spantree mstmapFid fid Set spantree mstmap This example shows how to map FID 3 to SIDUse this command to map a FID back to SID Clear spantree mstmap This example shows how to map FID 2 back to SID Show spantree vlanlistShow spantree mstcfgid Cfgname name Specifies an MST configuration name Set spantree mstcfgidClear spantree mstcfgid Use this command to set the device’s Spanning Tree priority Set spantree priorityClear spantree priority This example shows how to reset the bridge priority on SID Set spantree helloClear spantree hello Use this command to set the bridge maximum aging time Set spantree maxage Set spantree fwddelay Use this command to set the Spanning Tree forward delayClear spantree maxage Clear spantree fwddelay Show spantree backuproot Set spantree backuproot Clear spantree backuproot Show spantree tctrapsuppress Set spantree tctrapsuppress Clear spantree tctrapsuppress Set spantree protomigration Enable disable Enables or disables the SpanGuard function Show spantree spanguardSet spantree spanguard This example shows how to enable the SpanGuard function Clear spantree spanguard Show spantree spanguardtimeout Set spantree spanguardtimeout Clear spantree spanguardtimeout Show spantree spanguardlock Show spantree spanguardtrapenable This example shows how to unlock port ge.1.16Clear / set spantree spanguardlock Set spantree spanguardtrapenable Clear spantree spanguardtrapenableIs enabled Show spantree legacypathcost Set spantree legacypathcost Set spantree autoedge Clear spantree legacypathcostShow spantree autoedge This example clears the legacy path cost to 802.1t values Clear spantree autoedge Disable enable Configuring Spanning Tree Port ParametersSet spantree portadmin To display and set Spanning Tree port parameters Clear spantree portadmin Show spantree portadminThis example shows how to disable Spanning Tree on ge.1.5 Use this command to set a port’s Spanning Tree priority Show spantree portpriSet spantree portpri Clear spantree portpri Show spantree adminpathcost Set spantree adminpathcost Clear spantree adminpathcost Show spantree adminedge This example shows how to set ge.1.11 as an edge port Set spantree adminedgeClear spantree adminedge True false This example shows how to reset ge.1.11 as a non‐edge port Show spantree operedge Configuring Spanning Tree Loop Protect Parameters Show spantree lp This example shows how to enable Loop Protect on ge.2.3Set spantree lp If no SID is specified, SID 0 is assumed Clear spantree lp Show spantree lplock Clear spantree lplock SID Locked Set spantree lpcapablepartner Show spantree lpcapablepartner Use this command to set the Loop Protect event threshold Clear spantree lpcapablepartnerSet spantree lpthreshold None. The default event threshold is Show spantree lpthresholdClear spantree lpthreshold Set spantree lpwindow Show spantree lpwindow Set spantree lptrapenable DisabledClear spantree lpwindow Show spantree lptrapenable Clear spantree lptrapenable Set spantree disputedbpduthreshold Show spantree disputedbpduthreshold Clear spantree disputedbpduthreshold Show spantree nonforwardingreason 802.1Q Vlan Configuration Vlan Configuration Summary Command Set for Creating a Secure Management Vlan Creating a Secure Management Vlan Static Viewing VLANsShow vlan Portinfo Show vlan Output Details Vlan Vlan ID Name Creating and Naming Static VLANs Create enable Creates, enables or disables VLANs. disableThis example shows how to create Vlan Set vlan This example shows how to set the name for Vlan 7 to green Set vlan nameClear vlan This example shows how to clear the name for Vlan Clear vlan name Assigning Port Vlan IDs PVIDs and Ingress Filtering Show port vlan Modify‐egress Set port vlanClear port vlan No‐modify‐egress Show port ingress filter Set port ingress filter Show port discard Set port discard Tagged untagged both none Configuring the Vlan Egress List Show port egress Set vlan forbidden Clear vlan egress Use this command to remove ports from a VLAN’s egress listSet vlan egress Untagged forbidden tagged Show vlan dynamicegress Forbidden Enable disable Enables or disables dynamic egress This example shows how to enable dynamic egress on VlanSet vlan dynamicegress Setting the Host Vlan Show host vlanSet host vlan This example shows how to set Vlan 7 as the host Vlan Clear host vlan Enabling/Disabling Gvrp Garp Vlan Registration Protocol About Garp Vlan Registration Protocol GvrpHow It Works Example of Vlan Propagation via Gvrp Show garp timer Use this command to display Gvrp configuration informationShow gvrp Show gvrp configuration Output Details Disables or enables Gvrp on the deviceSet gvrp Set garp timer This example shows how to enable Gvrp on ge.1.3Clear gvrp Join Clear garp timerLeaveall timer‐ Leave C3su-clear garp timer leave ge.1.1 Policy Classification Configuration Policy Classification Configuration Summary Show policy profile Configuring Policy ProfilesUse this command to display policy profile information ‐verbose Show policy profile Output Details Set policy profile Use this command to delete a policy profile entry This example shows how to delete policy profileClear policy profile Configuring Classification Rules All admin‐ profile profile‐ indexShow policy rule Tcpsourceport Not‐in‐service Not‐ready Storage‐type non‐Admin‐pid Udpdestport Show policy capability Show policy rule Output Details Vlan Admin‐profile Set policy ruleVlantag data Ipdestsocket EtherIpproto Ipsourcesocket Valid Values for Policy Classification Rules Data value Mask bits Range from 1 to 4094 or 0xFFF Following parameters apply to deleting an admin ruleClear policy rule All‐pid‐entries Use this command to remove all policy classification rules Clear policy all-rules Set policy port Use this command to assign ports to a policy profileAssigning Ports to Policy Profiles To assign and unassign ports to policy profiles Clear policy port Configuring Policy Class of Service CoS About Policy-Based CoS ConfigurationsProcedure 11-1 User-Defined CoS Configuration Configuring Policy Class of Service CoS Procedure About CoS-Based Flood Control Use this command to enable or disable Class of Service Set cos state This example shows how to enable Class of Service Show cos stateClear cos state Tos‐value tos‐value Set cos settingsPriority priority Irl‐reference Priority Clear cos settingsShow cos settings Tos‐value Set cos port-config Show cos port-config Should be displayed Name Clear cos port-configEntry Ports Set cos port-resource irl Unicast Set cos port-resource flood-ctrlGroup#.port‐type Multicast Show cos port-resource Group#.port‐type Rate Clear cos port-resource irlUnit Type Unicast Clear cos port-resource flood-ctrlSet cos reference Multicast IRL reference number associated with this entry Specifies that an IRL reference is being configuredShow cos reference Rate‐limit irl‐index Clear cos reference Kbps Show cos unitPort‐typ e index Pps Clear cos all-entries Show cos port-type This example shows flood control information for port type Port Priority Configuration Port Priority Configuration Summary Configuring Port Priority Show port priority Set port priority Clear port priority Configuring Priority to Transmit Queue Mapping Show port priority-queue Set port priority-queue Clear port priority-queue Configuring Quality of Service QoS Show port txq Set port txq By default, transmit queues are defined as follows Clear port txq Clear port txq Port Priority Configuration Igmp Configuration Igmp OverviewAbout IP Multicast Group Management Configuring Igmp at Layer To configure Igmp snooping from the switch CLIAbout Multicasting This example shows how to display Igmp snooping information Set igmpsnooping adminmodeUse this command to display Igmp snooping information Use this command to enable or disable Igmp on the system This example shows how to enable Igmp on port ge.1.10 This example shows how to enable Igmp on the systemEnable disable Enables or disables Igmp Set igmpsnooping interfacemode Set igmpsnooping maxresponse Modify Set igmpsnooping mcrtrexpiretimeSet igmpsnooping add-static If no ports are specified, all ports are added to the entry Set igmpsnooping remove-static Show igmpsnooping staticIf modify is not specified, a new entry is created This example displays the static Igmp ports for Vlan Show igmpsnooping mfdbGroup group Stats Optional Displays Mfdb statistics Use this command to clear all Igmp snooping entries This example shows how to clear all Igmp snooping entriesClear igmpsnooping Global configuration C3su‐routerConfig# Configuring Igmp on Routing InterfacesTo configure Igmp on routing interfaces Ip igmp Interface configuration C3su‐routerConfig‐ifVlan 1# Ip igmp enableThis example shows how to enable Igmp on the router Ip igmp version Any router mode Show ip igmp interface Show ip igmp groups Ip igmp query-interval Ip igmp query-max-response-time Ip igmp startup-query-interval Ip igmp startup-query-count Ip igmp last-member-query-interval Ip igmp last-member-query-count Ip igmp robustness Interface configuration C3 su‐routerConfig‐ifVlan 1# Ip igmp robustness Igmp Configuration Configuring System Logging Logging and Network Management Show logging server Set logging server Show logging default Clear logging server Set logging default Use this command to set logging default values Facility Clear logging defaultShow logging application Severity Set logging application Show logging application Output Details Level level If level is not specified, none will be applied Clear logging application Show logging local Set logging local Clear logging local This example shows how to clear local logging Show logging bufferShow logging interface Set logging interface Clear logging interface Monitoring Network Events and Status History Show history Use this command to set the size of the history bufferDefault Set history Ping Show usersThis example, the host at IP address is not responding Disconnect Show netstatConsole Following example shows the output of this command Following table describes the output of this commandShow netstat Output Details Managing Switch Network Addresses and Routes Use this command to display the switch’s ARP tableShow arp This example shows how to display the ARP table Set arpShow arp Output Details Clear arp Traceroute Type other learned Show macEach response Self mgmt Show mac agetime Show mac Output Details Set mac agetime This example shows how to display the MAC timeout periodThis example shows how to set the MAC timeout period Clear mac agetime Default MAC algorithm is mac‐crc16‐upperbits Set mac algorithmShow mac algorithm Clear mac algorithm Set mac multicast Use this command to remove a multicast MAC address Clear mac addressAppend clear Show mac unreserved-flood Set mac unreserved-flood Use this command to display Sntp client settings Configuring Simple Network Time Protocol SntpThis example enables multicast flood protection Show sntp This example shows how to display Sntp client settings Show sntp Output Details Set sntp client Clear sntp client Set sntp server Clear sntp serverIf precedence is not specified, 1 will be applied Set sntp poll-interval Clear sntp poll-interval This example shows how to clear the Sntp poll interval Set sntp poll-retryClear sntp poll-retry Use this command to clear the Sntp poll timeout Set sntp poll-timeoutClear sntp poll-timeout This example shows how to clear the Sntp poll timeout Set timezone Show sntp interface Set sntp interface Clear sntp interface C3rw-show sntp interface Vlan 100 C3rw-clear sntp interface Configuring Node Aliases Show nodealias config Show nodealias config Output Details Set nodealiasMaxentries maxentries Clear nodealias config Rmon Configuration Rmon Monitoring Group Functions and CommandsRmon Monitoring Group Functions Group What It Does What It Monitors CLI Commands Design Considerations Statistics Group Commands To display, configure, and clear Rmon statistics Use this command to configure an Rmon statistics entry Show rmon statsSet rmon stats Clear rmon stats To‐defaultsThis example shows how to delete Rmon statistics entry If owner is not specified, monitor will be applied History Group Commands Show rmon history Buckets buckets Set rmon historyClear rmon history Interval interval This example shows how to delete Rmon history entry Alarm Group Commands Show rmon alarmThis example shows how to display Rmon alarm entry Object object Set rmon alarm propertiesShow rmon alarm Output Details Type absolute Set rmon alarm status This example shows how to enable Rmon alarm entry Clear rmon alarmEnable Use this command to delete an Rmon alarm entry This example shows how to display Rmon event entry Event Group CommandsUse this command to display Rmon event entry properties Show rmon event Type none log Set rmon event propertiesDescription Trap both This example shows how to enable Rmon event entry Set rmon event statusClear rmon event This example shows how to clear Rmon event Filter Group Commands Show rmon channel Accept matched Use this command to configure an Rmon channel entrySet rmon channel Failed Index index Clear rmon channelShow rmon filter Channel channel Set rmon filter Use this command to clear an Rmon filter entry This example shows how to clear Rmon filter entryClear rmon filter Packet Capture Commands Show rmon captureNodata Slice slice Set rmon captureAction lock Loadsize loadsize Use this command to clears an Rmon capture entry This example shows how to clear Rmon capture entryClear rmon capture Dhcp Relay Agent Dhcp Server ConfigurationDhcp Overview Dhcp Server Configuring a Dhcp Server Configuring General Dhcp Server Parameters Set dhcp bootp This example enables Dhcp server functionalitySet dhcp Set dhcp conflict logging This example enables address allocation for Bootp clientsThis example enables Dhcp conflict logging Show dhcp conflict Clear dhcp conflict Logging Disables conflict loggingThis example disables Dhcp conflict logging Clears the conflict information for all IP addresses 100, with the set dhcp exclude command Set dhcp excludeClear dhcp exclude Set dhcp ping Clear dhcp pingThis example sets the number of ping packets sent to Show dhcp binding Clear dhcp binding Show dhcp server statistics Use this command to display Dhcp server statisticsUse this command to clear all Dhcp server counters Clear dhcp server statistics This example clears all Dhcp server counters Configuring IP Address Pools Manual Pool Configuration Considerations Set dhcp pool This example creates an address pool named auto1 Set dhcp pool network Use this command to delete a Dhcp server pool of addressesClear dhcp pool This example deletes the address pool named auto1 Clear dhcp pool network Set dhcp pool hardware-address Clear dhcp pool hardware-address Set dhcp pool hostIf no type is specified, Ethernet is assumed Clear dhcp pool host Set dhcp pool client-identifier Clear dhcp pool client-identifier Set dhcp pool client-name Clear dhcp pool client-name Set dhcp pool bootfile Clear dhcp pool bootfile Set dhcp pool next-server Clear dhcp pool next-server Set dhcp pool lease Clear dhcp pool leaseInfinite Set dhcp pool default-router Clear dhcp pool default-router Set dhcp pool dns-server Clear dhcp pool dns-server Set dhcp pool domain-name Clear dhcp pool domain-name Set dhcp pool netbios-name-server Clear dhcp pool netbios-name-server Set dhcp pool netbios-node-type Clear dhcp pool netbios-node-type‐node Set dhcp pool option Ascii string Show dhcp pool configuration Clear dhcp pool optionThis example removes option 19 from address pool auto1 Show dhcp pool configuration Dhcp Snooping Dynamic ARP Inspection Dhcp Snooping OverviewDhcp Message Processing Building and Maintaining the Database Procedure 17-1 Basic Configuration for Dhcp Snooping Basic ConfigurationConfiguration Notes Rate Limiting Dhcp Snooping Commands Disabled globallySet dhcpsnooping Set dhcpsnooping database write-delay Set dhcpsnooping vlan By default, ports are untrusted Set dhcpsnooping trust This example configures port ge.1.1 as a trusted port Set dhcpsnooping bindingSet dhcpsnooping verify Source MAC address verification is enabled by default Set dhcpsnooping log-invalidAgainst the client hardware address Rate pps Set dhcpsnooping limitNone Burst interval secs This example configures rate limit parameters on port ge.1.1 Show dhcpsnooping database Show dhcpsnooping port Show dhcpsnooping binding Dynamic staticEntry, either dynamic or static Show dhcpsnooping statistics Clear dhcpsnooping binding Clear dhcpsnooping statisticsClear dhcpsnooping database Clear dhcpsnooping limit Write‐delayDefault value of 300 seconds Dynamic ARP Inspection Overview Functional Description Static MappingsOptional ARP Packet Validation Rate Limiting Logging Invalid PacketsPacket Forwarding Eligible Interfaces Procedure 17-2 Basic Dynamic ARP Inspection Configuration Step Task Commands Example Configuration Router ConfigurationVlan Configuration Dhcp Snooping Configuration Dynamic ARP Inspection CommandsSet arpinspection vlan Dynamic ARP Inspection Configuration By default, all physical ports and LAGs are untrusted Set arpinspection trustLogging is disabled by default Logging Set arpinspection validate Src‐macDst‐mac Set arpinspection limit Permit Set arpinspection filterShow arpinspection access-list Mac host Show arpinspection ports This example displays the ARP configuration of lag.0.1 Show arpinspection vlan Show arpinspection statistics Clear arpinspection validate With an invalid addressThis example removes all 3 additional validation conditions Clear arpinspection vlan Clear arpinspection filter Clear arpinspection limit This example removes the ARP ACL named staticARP from Vlan Clear arpinspection statistics This example clears all DAI statistics from the switchPage Preparing for Router Mode Pre-Routing Configuration Tasks Enabling Router Configuration Modes Enabling the Switch for RoutingRouter CLI Configuration Modes Router CLI Configuration Modes Page IP Configuration Configuring Routing Interface Settings Show interface Vlan vlan ‐id Interface Use this command to configure interfaces for IP routingRouter global configuration mode C3su‐routerConfig# Vlan vlan‐ id This example shows how to enter configuration mode for Vlan Show ip interface Show ip interface Output Details Router interface configuration C3su‐routerConfig‐ifVlan 1#Ip address Secondary Show running-config No shutdown This example shows how to enable Vlan 1 for IP routing No ip routing Configuring Tunnel Interfaces Use this command to configure a tunnel interfaceInterface tunnel This example creates a configured tunnel interface Router interface configuration C3su‐routerConfig‐ifTnnl 1#Tunnel source Ipv6ip Specifies that the tunnel mode is IPv6 over IPv4 Tunnel modeThis command specifies the mode of the tunnel interface No form of this command removes the mode of the tunnel This example sets the tunnel mode to IPv6 over IPv4 Show interface tunnel Reviewing and Configuring the ARP Table Show ip arp This example shows how to use the show ip arp command ArpShow ip arp Output Details This example shows how to enable proxy ARP on Vlan Ip proxy-arp 14,400 seconds Arp timeoutClear arp-cache Privileged Exec C3su‐router# Configuring Broadcast Settings Interface configuration C3su‐Router1Config‐ifVlan 1#Ip directed-broadcast Specifies UDP as the IP forwarding protocol Ip forward-protocolUdp Are forwarded Ip helper-address Reviewing IP Traffic and Configuring Routes Show ip route OSPF, IA Ip route PingPreference in route selection This command is also available in switch mode There is also a traceroute command available in switch modeTraceroute Configuring Icmp Redirects Ip icmp redirect enable Show ip icmp redirect Interface IPv4 Routing Protocol Configuration Activating Advanced Routing Features RIP Configuration Task List and Commands Configuring RIPRIP Configuration Task List and Commands Router rip Ip rip enable This example shows how to enable RIPDistance Ip rip send version R1compatible Ip rip receive version Ip rip authentication-keySpecifies RIP version 1. This is the default setting Specifies RIP version Ip rip message-digest-key Md5 No auto-summary Use this command to disable automatic route summarizationRouter configuration C3su‐routerConfig‐router# Split-horizon poison Passive-interface Connected Receive-interfaceRedistribute Ospf Subnets Command detailed in ip route on page 19‐21Protocol Subnetted will be redistributed Ospf Configuration Task List and Commands Configuring OspfOspf Configuration Task List and Commands Advanced License Required Router id Routes This example shows how to enable routing for Ospf process Router ospf1583compatibility Ip ospf enable This example shows how to enable RFC 1583 compatibilityIp ospf areaid Ip ospf cost Ip ospf priority Timers spf Ip ospf transmit-delay Ip ospf retransmit-interval Ip ospf hello-interval Ip ospf dead-interval65535 Ip ospf authentication-key Ip ospf message digest key md5 Distance ospf Area intra‐area Area rangeExternal inter‐ Intra‐area routes Advertise no‐ If not specified, advertise mode will be setArea stub Advertise Area default cost Area nssa Area virtual-link Default‐This example shows how to configure area 10 as an Nssa area Information‐ Key key Authentication‐Transmit‐delay Dead‐interval Show ip ospf RipMetric‐type type This example shows how to display Ospf information Use this command to display the Ospf link state databaseShow ip ospf database Show ip ospf interface Show ip ospf database Output Details Show ip ospf interface Output Details Show ip ospf neighbor Show ip ospf neighbor Output Details Show ip ospf virtual-links Clear ip ospf processShow ip ospf virtual links Output Details This example shows how to reset Ospf process Configuring Dvmrp Enabling Dvmrp on an Interface This example shows how to enable the Dvmrp process Ip dvmrp enableCommands to Enable Dvmrp on an Interface Ip dvmrp Use this command to display Dvmrp routing information Ip dvmrp metricShow ip dvmrp This example shows how to display Dvmrp status information Configuring Irdp Ip irdp enable Ip irdp maxadvertinterval Ip irdp minadvertinterval Ip irdp holdtime Ip irdp preference9000 Use this command to display Irdp information Ip irdp broadcastShow ip irdp Configuration Tasks on page 18‐1 Configuring Vrrp Router vrrp This example shows how enable Vrrp configuration mode Create Address Priority Advertise-interval Described in Pre‐Routing Configuration Tasks on page 18‐1 Preempt Enable This example shows how to display Vrrp information Ip vrrp authentication-keyUse this command to display Vrrp routing information Show ip vrrp Configuring PIM-SM Design Considerations Ip pimsm Global router configuration C3su‐routerConfig#This example shows how to globally enable and disable PIM Ip pimsm staticrp Ip pimsm enable This example shows how to display PIM information Ip pimsm query-intervalShow ip pimsm This example shows how to display PIM router information Show ip pimsm componenttableShow ip pimsm Output Details Show ip pimsm componenettable Output Details This example shows how to display PIM interface informationShow ip pimsm interface Stats Show ip pimsm interface vlan Output Details This example shows how to display PIM interface statisticsShow ip pimsm neighbor 10 show ip pimsm interface stats Output Details 11 show ip pimsm neighbor Output Details ‐11 provides an explanation of the command outputShow ip pimsm rp Candidate ‐12 provides an explanation of the command output Show ip pimsm rphash12 show ip pimsm rp Output Details ‐13 provides an explanation of the command output Show ip pimsm staticrpDisplay the PIM‐SM static Rendezvous Point information Use this command to display the IP multicast routing table Show ip mroute13 show ip pimsm staticrp Output Details 20-60 IPv4 Routing Protocol Configuration IPv6 Management Show ipv6 status By default, IPv6 management is disabled This example shows how to enable IPv6 managementSet ipv6 No global unicast IPv6 address is defined by default Set ipv6 addressEui64 Use this command to clear IPv6 global addresses Show ipv6 addressClear ipv6 address Set ipv6 gateway Use this command to clear an IPv6 gateway address Clear ipv6 gatewayShow ipv6 neighbors This example shows example output of this command Use this command to display IPv6 netstat informationShow ipv6 netstat This command is also available in router mode Ping ipv6Size num Traceroute ipv6 Traceroute ipv6 21-10 IPv6 Management IPv6 Configuration OverviewIPv6 Routing License Required Default Conditions Following table lists the default IPv6 conditions General Configuration Commands Ipv6 forwardingIpv6 hop-limit Ipv6 route Default maximum number of IPv6 hops isThis command configures static IPv6 routes This example sets the hop limit to Default preference or administrative distance is Ipv6 route distance This command sets the default distance value to Ipv6 unicast-routing Ping ipv6 interface Link‐local‐address Router privileged exec C3 su‐router# 20010db8123455551 Interface Configuration Commands Ipv6 addressNo IPv6 addresses are defined for any interface Ipv6 enable IPv6 is disabled Ipv6 mtu Bytes This example sets the MTU value to 1500 bytes Neighbor Cache and Neighbor Discovery Commands Clear ipv6 neighborsThis example clears all dynamically learned cache entries Duplicate address detection enabled, for 1 attempt Ipv6 nd dad attemptsIpv6 nd ns-interval Ipv6 nd reachable-time By default, a value of 0 is advertised in RA messagesRouter interface configurationC3su‐routerConfig‐ifVlan 1# This example sets the NS interval to 2 seconds Router interface configuration C3su‐routerConfig‐if Vlan 1# Ipv6 nd other-config-flagFlag is set to false by default This example sets the reachable time to 60 seconds Ipv6 nd ra-interval Ipv6 nd ra-lifetime Ipv6 nd suppress-ra Suppression disabledThis example disables router advertisement transmission Ipv6 nd prefix No‐autoconfig Router interface configurationC3su‐routerConfig‐if Vlan 1#Off‐link Example Show ipv6 interface Query CommandsShow ipv6 Router privileged execution C3su‐router# This example displays information about IPv6 interface Vlan This command displays IPv6 Neighbor Cache information This example displays the neighbors in the cache Show ipv6 neighbor Output Details This command displays the IPv6 routing tableShow ipv6 route Interface interface This example displays all active IPv6 routes Show ipv6 route Output Details Show ipv6 route preferences Show ipv6 route preferences Output Details This command displays the summary of the routing table Show ipv6 route summaryNon‐best routes Following example displays the output of this command Show ipv6 trafficShow ipv6 summary Output Details Show ipv6 traffic Output Details Options, etc Counter would include datagrams counted Send. Note that this counter includes all those counted by Clear ipv6 statistics Router privileged executionC3su‐router#This example clears the statistics for Vlan IPv6 Proxy Routing Preparing a Mixed Stack for IPv6 Proxy Routing Limitations This example enables IPv6 proxy routing IPv6 proxy routing is disabled by defaultRouter global configuration C2su‐routerConfig# Ipv6 proxy-routing Any routing mode DHCPv6 Configuration Following table lists the default DHCPv6 conditions Global Configuration CommandsIpv6 dhcp enable This command enables DHCPv6 on the router By default, DHCPv6 is disabled This example enables DHCPv6Ipv6 dhcp relay-agent-info-opt Ipv6 dhcp relay-agent-info-remote-id-subopt Ipv6 dhcp pool Ipv6 dhcp pool Address Pool Configuration Commands Domain-name Dns-server Prefix-delegation Valid‐lifetime secs Preferred‐lifetimeSecs infinite C3su-routerConfig-dhcp6s-pool# exit C3su-routerConfig# Rapid‐commit By default, DHCPv6 functionality is disabledIpv6 dhcp server Preference pref Interface intf Ipv6 dhcp relayDestination dest‐addr Remote‐id duid‐ifid Examples DHCPv6 Show Commands Show ipv6 dhcp Show ipv6 dhcp interface Statistics Output of show ipv6 dhcp interface Command This example displays the DHCPv6 statistics for Vlan This example displays the output of this command Output of show ipv6 dhcp statistics CommandShow ipv6 dhcp statistics Clear ipv6 dhcp statistics This example clears DHCPv6 statistics for Vlan This command displays information about DHCPv6 bindings Show ipv6 dhcp poolShow ipv6 dhcp binding If no IPv6 address is specified, all bindings are displayed Show ipv6 dhcp binding DHCPv6 Configuration OSPFv3 Configuration Following table lists the default OSPFv3 conditions Global OSPFv3 Configuration Commands Use this command to configure the OSPFv3 router IDIpv6 router id Always Default-information originateIpv6 router ospf Metric value No default metric is configured Default-metricRouter OSPFv3 configuration C3su‐routerConfig‐router# Router OSPFv3 configuration C3su-routerConfig-router# Inter Exit-overflow-intervalIntra Type1 External-lsdb-limit This command configures the external Lsdb limit for OSPFv3Default value is ‐1 This example sets the exit overflow interval to 10 seconds Maximum-paths Connected staticTag tag Metric = unspecified Metric type = Type Tag = Area Configuration Commands Area default-costThese commands are used to configure area parameters This example sets the default route cost to 50 for area This example shows how to configure area 20 as an Nssa Area nssa no-redistribute Area nssa default-info-originateDefault metric value is Comparable Area nssa no-summary Area nssa translator role This command configures the translator role of the routerBy default, the translator role is disabled Area nssa translator-stab-intv Summarylink Default interval is 40 secondsArea address ranges are not configured by default Nssaexternallink This command creates a stub area for the specified area ID Example disables the import of summary LSAs into stub area Area stub no-summaryThis example creates a stub area with the ID Default dead interval is 40 seconds Area virtual-link dead-interval Default hello interval is 10 seconds Area virtual-link hello-intervalArea virtual-link retransmit-interval Area virtual-link transmit-delay Default retransmit interval is 5 secondsDefault transmit delay is 1 second Ipv6 ospf enable OSPFv3 is disabled by default Ipv6 ospf areaid Ipv6 ospf cost Default dead interval value is 40 seconds Ipv6 ospf dead-interval Ipv6 ospf hello-interval Ipv6 ospf mtu-ignore By default, MTU mismatch detection is enabled Default network type is broadcastIpv6 ospf network Default priority value is Ipv6 ospf priorityIpv6 ospf retransmit-interval Ipv6 ospf transmit-delay Default value is 4 secondsDefault value is 1 second Ipv6 ospf transmit-delay This example shows how to display OSPFv3 router information OSPFv3 Show CommandsThis command displays OSPFv3 router information Show ipv6 ospf Show ipv6 ospf Output Details Show ipv6 ospf area Show ipv6 ospf area Output Details Show ipv6 ospf abr Show ipv6 ospf abr Output Details Show ipv6 ospf asbr Show ipv6 ospf asbr Output Details Show ipv6 ospf database Adv Router Link Id Age Sequence Csum Options Rtr Opt Show ipv6 ospf database Output Details Show ipv6 ospf database database-summary Output Details This command displays information about OSPFv3 interfaces Show ipv6 ospf interfaceLoopback loopid Show ipv6 ospf interface Command Output Details This example shows how to display statistics for Vlan Show ipv6 ospf interface stats Show ipv6 ospf interface stats Output Details Specify the Vlan interface to display information about This command displays information about OSPFv3 neighborsShow ipv6 ospf neighbor Specify the tunnel interface to display Show ipv6 ospf neighbor Output Details Show ipv6 ospf range 10 show ipv6 ospf neighbor routerid Output DetailsThis example displays range information for area This example displays the OSPFv3 stub table information Show ipv6 ospf stub table11 show ipv6 ospf range Output Details 12 show ipv6 ospf stub table Output Details Show ipv6 ospf virtual-link 13 show ipv6 ospf virtual-link Output Details Show ipv6 ospf virtual-link Show ipv6 ospf virtual-link OSPFv3 Configuration Authentication and Authorization Configuration Overview of Authentication and Authorization Methods Overview of Authentication and Authorization Methods Filter-ID Attribute Formats Set authentication login Setting the Authentication Login MethodShow authentication login Use this command to set the authentication login method Local Clear authentication loginAny Radius Show radius Configuring RadiusTimeout Retries Server Optional Displays Radius server configuration informationSet radius Servers or a specific Radius server as defined by an index Timeout timeout Realm management‐ access any network‐accessServer index Clear radius Realm Show radius accounting Set radius accountingRetries retries Clear radius accounting This example shows how to set Radius accounting retries toTimeout Retries Show radius interface Set radius interface Clear radius interface Example Auth‐diag Configuring 802.1X AuthenticationShow dot1x Auth‐stats This example shows how to display 802.1X status Show dot1x auth-config Set dot1x Init reauthTrue false Set dot1x auth-config Clear dot1x auth-config Portcontrol Maxreq Show eapol Connecting state, via disconnected Show eapol Output Details Auth‐mode Set eapolClear eapol Forced‐auth Optional Globally clears the Eapol authentication mode Configuring MAC Authentication Show macauthentication Show macauthentication Output Details Nopassword Show macauthentication session This example shows how to display MAC session informationShow macauthentication session Output Details Set macauthentication Set macauthentication passwordUse this command to set a MAC authentication password Use this command to clear the MAC authentication password Clear macauthentication passwordSet macauthentication port Enables or disables MAC authentication Set macauthentication portinitialize Set macauthentication portquietperiod Clear macauthentication portquietperiod Set macauthentication macinitializeThis example resets the default quiet period on port Set macauthentication reauthentication Set macauthentication portreauthenticateEnables or disables MAC reauthentication Set macauthentication macreauthenticate Set macauthentication reauthperiod Clear macauthentication reauthperiod Set macauthentication significant-bits Clear macauthentication significant-bits C3su-clear macauthentication significant-bits Configuring Multiple Authentication Methods About Multiple Authentication TypesAbout Multi-User Authentication Show multiauth Multi Set multiauth modeClear multiauth mode Strict Default precedence order is dot1x, pwa, mac Set multiauth precedenceClear multiauth precedence Show multiauth port Set multiauth port Clear multiauth port Show multiauth station Show multiauth session Show multiauth idle-timeout Agent dot1x mac Which to set the timeout value Set multiauth idle-timeoutAuthentication method for which to set the timeout value Idle timeout value is provided by the authenticating server Default Clear multiauth idle-timeoutShow multiauth session-timeout Which to reset the timeout value to its default Set multiauth session-timeout Which to set the session timeout value Clear multiauth session-timeout Configuring User + IP Phone Authentication Configuring Vlan Authorization RFC Set vlanauthorization Set vlanauthorization egressTagged Clear vlanauthorization Show vlanauthorizationBy default, administrative egress is set to untagged Configuring Policy Maptable Response Show vlanauthorization Output Details When Policy Maptable Response is Both Operational Description When Policy Maptable Response is Policy When Policy Maptable Response is TunnelShow policy maptable Both Set policy maptableResponse Policy Clear policy maptable Configuring MAC Locking To review, disable, enable, and configure MAC locking Show maclock Firstarrival Show maclock stationsShow maclock Output Details Connected to MAC locked ports Set maclock enable Set maclock enable port‐stringShow maclock stations Output Details This example shows how to disable MAC locking on ge.2.3 Set maclock disableThis example shows how to enable MAC locking on ge.2.3 Set maclock Clear maclock CreateSpecified MAC address and port Set maclock static Clear maclock static Set maclock firstarrival Clear maclock firstarrival Set maclock agefirstarrival Clear maclock agefirstarrival This example enables first arrival aging on port ge.1.1This example disables first arrival aging on port ge.1.1 Set maclock move Set maclock trap Configuring Port Web Authentication PWA About PWA Show pwa Show pwa Output Details Enable disable Enables or disables port web authentication This example shows how to enable port web authenticationSet pwa This example shows how to display the PWA login banner Show pwa bannerSet pwa banner Set pwa displaylogo This example shows how to hide the Enterasys Networks logoClear pwa banner Display hide Set pwa ipaddress Set pwa protocolChap pap Set pwa guestname Use this command to clear the PWA guest user nameThis example shows how to clear the PWA guest user name Clear pwa guestname Authnone Set pwa guestpasswordSet pwa gueststatus Authradius This example shows how to initialize ports ge.1.5‐7 Set pwa initializeSet pwa quietperiod Set pwa maxrequest Set pwa portcontrol This example shows how to display PWA session information Enables or disables PWA on specified portsThis example shows how to enable PWA on ports 1‐22 Show pwa session Enable disable Enables or disables PWA enhancedmode This example shows how to enable PWA enhancedmodeSet pwa enhancedmode Show ssh status Configuring Secure Shell SSHThis example shows how to display SSH status on the switch Set ssh This example shows how to disable SSH This example shows how to regenerate SSH keysSet ssh hostkey Configuring Access Lists Show access-listsShow access‐lists number Access-list standard Deny permit Access-list extended Insert replaceThis example moves entry 16 to the beginning of ACL Insert replace Ip access-group Interface configuration C3su‐routerConfig‐ifVlan vlanid#Filters inbound frames Example Page TACACS+ Configuration Show tacacs State Optional Displays only the TACACS+ client statusShow tacacs Output Details This example shows how to enable the TACACS+ client Use this command to enable or disable the TACACS+ clientEnable disable Enables or disables the Tacacs client Set tacacs Timeout seconds Set tacacs server Clear tacacs server Specifies one TACACS+ server to be affected Show tacacs session This example removes TACACS+ server Set tacacs session Read‐write ServiceClear tacacs session Super‐user Show tacacs command Set tacacs command Show tacacs singleconnect Set tacacs singleconnectConnection Show tacacs interface Set tacacs interface Clear tacacs interface Clear tacacs interface TACACS+ Configuration 27-14 SFlow Configuration Using sFlow in Your NetworkAdvantages of using sFlow include Sampling Mechanisms DefinitionsSFlow Agent Functionality SFlow Definitions Packet Flow Sampling Counter SamplingUsage Notes 28-5 Contents of the sFlow Receivers Table is displayed Show sflow receiversThis example displays the sFlow Receivers Table Following table describes the output fields Show sflow receivers Output Descriptions Set sflow receiver owner Set sflow receiver ip Set sflow receiver maxdatagram Default IP address isDefault maximum datagram size is 1400 bytes Maxdatagram bytes Clear sflow receiver Default port value isSet sflow receiver port Maxdatagram Set sflow port poller OwnerPort port Show sflow pollers Interval Clear sflow port pollerSet sflow port sampler This example removes the poller instance on port ge.1.1 Show sflow samplers Maxheadersize Clear sflow port samplerSet sflow interface Rate Show sflow interface Clear sflow interface Show sflow agent 28-18 Policy and Authentication Capacities Policy CapacitiesTable A-1 Policy Capacities Authentication Capacities Table A-2 Authentication Capacities Index Numerics Ospf 20-30Network Management Tftp Index