Guide for System Administrators of Intel Server Products
Disclaimer
Wichtige Sicherheitshinweise
Important Safety Instructions
Consignes de sécurité
Instrucciones de seguridad importantes
Page
Manual Organization
About this Manual
Page
Contents
ACL Commands
Gvrp Commands
Line Commands 141
QoS Commands
Radius Commands 215
Spanning-Tree Commands
System Management Commands 321
Vlan Commands
Appendix a Getting Help 405
Overview
Using CLI
Command in the Global Configuration mode
Privileged Exec Mode
Interface Configuration and Specific Configuration Modes
Starting the CLI
Negating the Effect of Commands
Nomenclature
CLI Command Conventions
Using CLI
AAA Commands
Aaa authentication login
Global Configuration mode
Following example configures the authentication login
Aaa authentication enable
Consoleconfig# aaa authentication enable default enable
Login authentication
Enable authentication
Line Configuration mode
Consoleconfig-line#login authentication default
Ip http authentication
There are no user guidelines for this command
Consoleconfig-line#enable authentication default
Following example configures the Http authentication
Ip https authentication
Show authentication methods
Following example configures Https authentication
Show authentication methods
This command has no default configuration
Password
Privileged Exec mode
Following example displays the authentication configuration
No password is defined
Enable password
Consoleconfig# enable password secret level
No enable password is defined
Username
No user is defined
User account can be created without a password
AAA Commands
Interface Configuration Vlan mode
Address Table Commands Bridge address
Consoleconfig# bridge multicast filtering
Folowing example, bridge multicast filtering is enabled
Bridge multicast filtering
Bridge multicast filtering No bridge multicast filtering
No multicast addresses are defined
Bridge multicast address
Bridge multicast forbidden address
Following example registers the MAC address
No forbidden addresses are defined
Bridge multicast forward-all
This setting is disabled Command Mode
This setting is disabled
Bridge multicast forbidden forward-all
This example, all multicast packets on port 1 are forwarded
Bridge aging-time
Default setting is 300 seconds
Bridge aging-time seconds No bridge aging-time
Seconds Time in seconds. Range 10-630 seconds
Port security
Clear bridge
Clear bridge
Following example, the bridge tables are cleared
Interface Configuration Ethernet, port-channel mode
Port security mode
Port security mode lock mac-addresses No port security mode
Consoleconfig-if#port security forward trap
Consoleconfig-if#port security mode mac-addresses
Port security routed secure-address
Mac-address a valid MAC address
No addresses are defined
Show bridge address-table
Console# show bridge address-table
Show bridge address-table static
Show bridge address-table count
Vlan Specifies a valid VLAN, such as Vlan
Console# show bridge address-table static
Console# show bridge address-table count
Show bridge multicast address-table
Console# show bridge multicast address-table
Show bridge multicast filtering
Show bridge multicast filtering vlan-id
Console# show bridge multicast address-table format ip
Console# show bridge multicast filtering
Show ports security
Show ports security addresses
Following table describes the fields shown above
Console# show ports security
Console# show ports security addresses
Address Table Commands
ACL Commands
Ip access-list
Ip access-list name No ip access-list name
IP Protocol Abbreviated Name Protocol Number
Permit ip
ACL Commands
Deny IP
IP-Access List Configuration mode
No IPv4 ACL is defined
Deny-icmp Deny-igmp
Deny-tcp deny-udp
Mac access-list
Default for all ACLs is deny all
Mac access-list name No mac access-list name
Following example shows how to create a MAC ACL
Permit MAC
MAC-Access List Configuration mode
Deny MAC
No MAC ACL is defined
This command has no default configuration
Show access-lists
Service-acl
Service-acl input acl-name No service-acl input
Show access-lists name
Following example displays access lists defined on a device
Show interfaces access-lists
Console# show access-lists
Name The name of the ACL
Console# show interfaces access-lists
Clock set
Clock Commands
Clock timezone
Clock source
Sntp Sntp servers
No external clock source
Clock summer-time
No clock timezone
Clock set to UTC
No clock summer-time recurring
No authentication key is defined
Sntp authentication-key
Sntp authenticate no sntp authenticate
Sntp authenticate
Following example authenticates key
Sntp client poll timer
Sntp trusted-key
Sntp trusted-key key-number No sntp trusted-key key-number
Sntp client poll timer seconds No sntp client poll timer
Sntp broadcast client enable
Sntp broadcast client is disabled
Seconds Polling interval in seconds. Range
Following example enables the Sntp broadcast clients
Sntp anycast client enable
Sntp anycast client enable No sntp anycast client enable
Sntp anycast client is disabled
Following example enables Sntp anycast clients
Sntp client enable Interface
Sntp client is disabled on an interface
Interface Configuration Ethernet, port-channel, Vlan mode
Sntp unicast client enable No sntp unicast client enable
Sntp unicast client enable
Sntp unicast client is disabled
Sntp unicast client poll
Consoleconfig# sntp unicast client poll
Polling is disabled
Sntp server
No sntp server host
Detail Shows timezone and summertime configuration
Show clock
Show clock detail
Show sntp configuration
Show sntp configuration
Console# show clock
Console# show sntp configuration
Show sntp status
Show sntp status
Console# show sntp status
Following example shows the status of the Sntp
Copy
Configuration and Image File Commands
Copying an Image File from a Server to Flash Memory
Copying a Boot File from a Server to Flash Memory
Storing the Running or Startup Configuration on a Server
Delete
Delete url
Boot system
Boot system image-1 image-2
Sys, *.prv, image-1 and image-2 files cannot be deleted
Show running-config
Show running-config
Console# boot system image-1
Show startup-config
Show startup-config
Console# show running-config
Show backup-config
Show backup-config
Console# show startup-config
Show bootvar
Show bootvar
Console# show backup-config
Console# show bootvar
Configuration and Image File Commands
Interface ethernet
Ethernet Configuration Commands
Interface range ethernet
Interface ethernet interface
Shutdown
Interface range ethernet port-listall
Shutdown No shutdown
Description string No description
Description
Following example adds a description to Ethernet port
Speed
Speed 10 100 No speed
Maximum port capability
Duplex
Interface Configuration Ethernet mode
Duplex half full No duplex
Interface is set to full duplex
Consoleconfig# interface ethernet ext.1
Negotiation
No negotiation
Flowcontrol auto on off No flowcontrol
Flowcontrol
Following example, automatic crossover is enabled on port
Default setting is on
Mdix
Mdix on auto No mdix
Port jumbo-frame
Back-pressure
Back-pressure No back-pressure
Port jumbo-frame No port jumbo-frame
Global Configuration
Jumbo frames are disabled on the device
Following example, jumbo frames are enabled on the device
Clear counters
Following example, the counters for interface 1 are cleared
Set interface active
Following example reactivates interface
Console# clear counters ethernet ext.2
Show interfaces advertise
Following example displays auto-negotiation information
Console# show interfaces advertise
Console# show interfaces configuration
Show interfaces configuration
Show interfaces status
Show interfaces description
Show interfaces counters
Interface a valid Ethernet port. Full syntax unit/port
Console# show interfaces description
Console# show interfaces counters
Following example displays counters for Ethernet port
Following table describes the fields shown in the display
Console# show interfaces counters ethernet ext.1
Show ports jumbo-frame
This command is relevant to Giga devices only
Show ports jumbo-frame
Console# show port jumbo-frame
Port storm-control include-multicast GC
Following example enables counting multicast packets
Port storm-control include-multicast IC
Multicast packets are not counted
Broadcast storm control is disabled
Port storm-control broadcast enable
Port storm-control broadcast rate
Default storm control broadcast rate is 3500 Kbits/Sec
Show ports storm-control
Following example displays the storm control configuration
Show ports storm-control interface
Console# show ports storm-control
Disabled 3500 Broadcast
Gvrp enable Global
Gvrp Commands
Gvrp enable Interface
Gvrp enable No gvrp enable
Gvrp is disabled on all interfaces
Garp timer
Following example enables Gvrp on Ethernet port
Garp timer join leave leaveall timervalue No garp timer
Consoleconfig# interface ethernet ext.6
Gvrp vlan-creation-forbid
Gvrp vlan-creation-forbid No gvrp vlan-creation-forbid
Gvrp registration-forbid
Dynamic Vlan creation or modification is enabled
Gvrp registration-forbid No gvrp registration-forbid
Dynamic registration of VLANs on the port is allowed
Console# clear gvrp statistics ethernet ext.1
Clear gvrp statistics
Privieged Exec mode
Show gvrp configuration
Following example displays Gvrp configuration information
Console# show gvrp configuration
Show gvrp statistics
Following example shows Gvrp statistical information
Console# show gvrp statistics
Show gvrp error-statistics
Console# show gvrp error-statistics
Following example displays Gvrp statistical information
Ip igmp snooping Global
Igmp Snooping Commands
Ip igmp snooping Interface
Ip igmp snooping No ip igmp snooping
Following example enables Igmp snooping on Vlan
Automatic learning of multicast device ports is enabled
Ip igmp snooping mrouter learn-pim-dvmrp
Default host-time-out is 260 seconds
Time-out- Specifies the host timeout in seconds. Range
Consoleconfig-if#ip igmp snooping mrouter learn-pim-dvmrp
Ip igmp snooping host-time-out
Default value is 300 seconds
Consoleconfig-if#ip igmp snooping host-time-out
Ip igmp snooping mrouter-time-out
Default leave-time-out configuration is 10 seconds
Consoleconfig-if#ip igmp snooping mrouter-time-out
Ip igmp snooping leave-time-out
Show ip igmp snooping mrouter
Consoleconfig-if#ip igmp snooping leave-time-out
Show ip igmp snooping mrouter interface vlan-id
Vlan-id Specifies the Vlan number
Show ip igmp snooping interface vlan-id
Show ip igmp snooping interface
Console# show ip igmp snooping interface
Show ip igmp snooping groups
Console# show ip igmp snooping groups
Igmp Snooping Commands
Interface Configuration Ethernet, VLAN, port-channel mode
IP Address Commands
Ip address
Ip address ip-address mask prefix-length
Ip address dhcp hostname host-name No ip address dhcp
Ip address dhcp
Ip default-gateway
Ip default-gateway ip-address No ip default-gateway
No default gateway is defined
This command is only operational in Switch mode
Following example defines default gateway
Show ip interface
Console# show ip interface
Arp
Arp timeout
Arp timeout seconds No arp timeout
Default timeout is 60000 seconds
Show arp
Clear arp-cache
Clear arp-cache
Console# clear arp-cache
Show arp
Ip domain-lookup
Following example displays entries in the ARP table
Ip domain-lookup No ip domain-lookup
Default domain name is not defined
Ip domain-name
Ip domain-name name No ip domain-name
Server-address- Specifies IP addresses of the name server
Ip name-server
No name server addresses are specified
Following example sets the available name server
Clear host
Ip host
No ip host name
No host is defined
Clear host dhcp
Clear host dhcp name
Console# clear host
Show hosts name
Show hosts
Name Specifies the host name. Range 1-158 characters
Console# clear host dhcp
Console# show hosts
Following example displays host information
Lacp system-priority
Lacp Commands
Lacp port-priority
Lacp system-priority value No lacp system-priority
Lacp timeout
Lacp timeout long short no lacp timeout
Lacp port-priority value No lacp port-priority
Short Specifies the short timeout value
Default port timeout value is long
Show lacp ethernet
Console# show lacp ethernet ext.1
Following example display Lacp information for Ethernet port
Show lacp port-channel
Show lacp port-channel portchannelnumber
Portchannelnumber Valid port-channel number
Console# show lacp port-channel
This command has no user guidelines
Line Commands
Line
Show line
Show line telnet ssh
Exec mode
Line Commands
Line Commands
Management access-list
Management ACL Commands
Management access-list name No management access-list name
Name Access list name. Range 1-32 characters
Consoleconfig# management access-class mlist
Consoleconfig# management access-list mlist
Management Access-list Configuration mode
If no permit rule is defined, the default is set to deny
Deny Management
Management access-class
Following example displays the mlist management access list
Show management access-list name
Console# show management access-class
Show management access-class
Management ACL Commands
Test copper-port tdr
PHY Diagnostics Commands
Test copper-port tdr interface
Console# test copper-port tdr ext.3
Show copper-ports tdr
User Exec mode
Show copper-ports tdr interface
Maximum length of the cable for the TDR test is 120 meters
Show copper-ports cable-length
Port must be active and working in 100M or 1000M mode
Show copper-ports cable-length interface
Console show copper-ports cable-length
PHY Diagnostics Commands
Consoleconfig# interface port-channel
Port Channel Commands
Interface port-channel
Interface port-channel port-channel-number
Interface range port-channel
Consoleconfig# interface range port-channel 1-2,6
Channel-group
Interface range port-channel port-channel-rangeall
Show interfaces port-channel
Port is not assigned to a port-channel
Show interfaces port-channel port-channel-number
Console# show interfaces port-channel
Following example displays information on all port-channels
Monitors both received and transmitted packets
Port Monitor Commands
Port monitor vlan-tagging
Console config-if#port monitor vlan-tagging
Port monitor vlan-tagging No port monitor vlan-tagging
Ingress mirrored packets are transmitted untagged
Show ports monitor
Show ports monitor
Console show ports monitor
Port Monitor Commands
Qos basic advanced service No qos
QoS Commands
QoS basic mode is enabled
Following example enables QoS on the device
Show qos
Trust mode is displayed if QoS is enabled in basic mode
Show qos aggregate-policer
Show qos
Show qos interface
There are no user guidelines
Console# show qos aggregate-policer policer1
Console# show qos interface ethernet 1 buffers
There is no default configuration for this command
Show qos map
Show qos map User Exec mode command displays all QoS maps
Show qos map dscp-queue
Dscp-queue- Indicates the Dscp to queue map
Following example displays the Dscp port-queue map
Class-map
Class-map class-map-namematch-all match-any
Console show qos map
By default, the match-allparameter is selected
Show class-map
Show class-map class-map-name
Match
Match access-group acl-name No match access-group acl-name
Following example shows the class map for class1
Acl-name- Specifies the name of an IP or MAC ACL
Class-map Configuration mode
Policy-map
Policy-map-name- Specifies the name of the policy map
No policy map is defined
Class
Policy-map Configuration mode
Show policy-mapUser Exec command displays the policy maps
Show policy-map
Trust cos-dscp
Policy-map Class Configuration mode
Following example displays all policy maps
Trust cos-dscp No trust cos-dscp
No set
Set
No police
Police
Service-policy input policy-map-name No service-policy input
Service-policy
Qos aggregate-policer
No qos aggregate-policer
No aggregate policer is define
Exceed-action drop
Console show qos aggregate-policer policer1
Police aggregate
No wrr-queue cos-map queue-id
Wrr-queue cos-map
Wrr-queue bandwidth
Following example maps CoS 7 to queue
No wrr-queue bandwidth
Priority-queue out num-of-queues number-of-queues
Priority-queue out num-of-queues
Traffic-shape
Consoleconfig# priority-queue out num-of-queues
No priority-queue out num-of-queues
All queues are expedite queues
No shape is defined
Ethernet Notify Q depth Qid Size 125
Qos wrr-queue threshold
Qos map policed-dscp
Console config# qos wrr-queue threshold gigabitethernet 1
No qos wrr-queue threshold tengigabitethernet queue-id
Percent for all thresholds
Consoleconfig# qos map policed-dscp 3 to
Qos map dscp-queue
Dscp values 3,11,19… cannot be remapped to other values
Qos trust Global
Following table describes the default map
Following example maps Dscp values 33, 40 and 41 to queue
Qos trust cos dscp no qos trust
CoS is the default trust mode
Qos trust Interface
Qos trust No qos trust
Default CoS value of a port is
Qos cos
No qos cos
Following example configures port 15 default CoS value to
Qos dscp-mutation
Qos dscp-mutation No qos dscp-mutation
Qos map dscp-mutation
QoS Commands
QoS Commands
Rmon Commands
Show rmon statistics
Console# show rmon statistics ethernet ext.1
Rmon Commands
Rmon collection history
Show rmon collection history
Cannot be configured for a range of interfaces Range context
Console# show rmon collection history
Show rmon history
Console# show rmon history 1 throughput
Console# show rmon history 1 errors
Console# show rmon history 1 other
No rmon alarm index
Rmon alarm
Type is absolute Startup direction is rising-falling
Show rmon alarm-table
Show rmon alarm-table
Following example displays the alarms table
Console# show rmon alarm-table
Show rmon alarm number
Show rmon alarm
Number Specifies the alarm index. Range
Following example displays Rmon 1 alarms
Last Sample Value
Rmon event
Show rmon events
Show rmon events
Following example displays the Rmon event table
Show rmon log
Show rmon log event
Event Specifies the event index. Range
Console# show rmon log
Following example displays the Rmon log table
Consoleconfig# rmon table-size history
Rmon table-size
History table size is Log table size is
Radius-server host
Radius Commands
No radius-server host ip-addresshostname
No Radius server host is specified
Radius-server key key-string No radius-server key
Radius-server key
Radius-server retransmit
Key-string is an empty string
Software searches the list of Radius server hosts 3 times
Consoleconfig# radius-server retransmit
Radius-server source-ip
Source Specifies a valid source IP address
Radius-server timeout
Timeout value is 3 seconds
Consoleconfig# radius-server timeout
Consoleconfig# radius-server deadtime
Deadtime setting is
Radius-server deadtime
Show radius-servers
Following example displays Radius server settings
Show radius-servers
Console# show radius-servers
Radius Commands
Ip http server
Web Server Commands
Ip http port
Ip http server No ip http server
Ip http exec-timeout
No ip http port
Ip http exec-timout minutes seconds no ip http exec-timout
Disabled
Default timout is 10 minutes
Ip https server
Ip https server No ip https server
Following example configures the https port number to
Ip https exec-timeout
Ip https port
Ip https port port-number No ip https port
No ip https exec-timout
Crypto certificate generate
Consoleconfig# crypto certificate 1 generate key-generate
Crypto certificate request
Following example regenerates an Https certificate
There is no default configuration for this command
Crypto certificate number import
Crypto certificate import
Number Specifies the certificate number. Range
Console# crypto certificate 1 request
Consoleconfig# crypto certificate 1 import
Ip https certificate
Ip https certificate number No ip https certificate
Show crypto certificate mycertificate
Consoleconfig# ip https certificate
Certificate number
Show crypto certificate mycertificate number
Following example displays the certificate
Show ip http
Show ip http
Console# show crypto certificate mycertificate
Show ip https
Following example displays the Http server configuration
Show ip https
Console# show ip http
Web Server Commands
Web Server Commands
Snmp Commands
Snmp-server community
No communities are defined
Snmp-server view
No view entry exists
Snmp-server group
No group entry exists
No snmp-server group groupname v1 v2 v3 noauth auth priv
No snmp-server user username remote engineid-string
Snmp-server user
Snmp-server engineID local
Parameters
Snmp-server enable traps No snmp-server enable traps
Snmp-server enable traps
Snmp traps are enabled
Following example enables Snmp traps
No filter entry exists
Snmp-server filter
Snmp-server host
Snmp-server v3-host
Snmp-server trap authentication
Following example configures an SNMPv3 host
Snmp-server trap authentication
Snmp failed authentication traps are enabled
No snmp-server trap authentication
Following example enables Snmp failed authentication traps
Snmp-server contact
Snmp-server location
IntelTechnicalSupport
Snmp-server location text No snmp-server location
Following example defines the device location as NewYork
Snmp-server set
Show snmp
Show snmp
Following example displays the Snmp communications status
Show snmp engineID
Show snmp engineid
Following example displays the Snmp engine ID
Show snmp views
Show snmp views viewname
Viewname Specifies the name of the view. Range
Show snmp groups
Following example displays the configuration of views
Show snmp groups groupname
Groupname-Specifies the name of the group. Range
Following table describes significant fields shown above
Show snmp filters
Show snmp filters filtername
Filtername-Specifies the name of the filter. Range
Show snmp users
Following example displays the configuration of filters
Show snmp users username
Username-Specifies the name of the user. Range
Console# show snmp users
Spanning-tree mode
Spanning-Tree Commands
Spanning-tree mode stp rstpmstp
Spanning-tree
STP is enabled
No spanning-tree mode
Consoleconfig# spanning-tree mode rstp
Spanning-tree forward-time
Seconds Time in seconds. Range
Consoleconfig# spanning-tree forward-time
Consoleconfig# spanning-tree hello-time
Spanning-tree max-age
Spanning-tree max-age seconds No spanning-tree max-age
Spanning-tree priority
Following example configures spanning tree priority to
Forward-Time 1 = Max-Age Max-Age = 2*Hello-Time +
Spanning-tree priority priority No spanning-tree priority
Spanning-tree disable No spanning-tree disable
Spanning-tree disable
Spanning-tree cost
Spanning-tree cost cost No spanning-tree cost
Cost Path cost of the port Range 1-200,000,000
Spanning-tree port-priority
PortFast mode is disabled
Default port priority for Ieee Spanning TreeProtocol STP is
Consoleconfig-if#spanning-tree port-priority
Spanning-tree portfast
Following example enables PortFast on Ethernet port
Consoleconfig-if#spanning-tree portfast
Spanning-tree link-type
Consoleconfig-if#spanning-tree link-type shared
Spanning-tree pathcost method
Short path cost method
Default setting is flooding
Following example sets the default path cost method to long
Spanning-tree bpdu
Spanning-tree bpdu filtering flooding No spanning-tree bpdu
Clear spanning-tree detected-protocols
Spanning-tree mst priority
Spanning-tree mst instance-idpriority priority
Console config # spanning-tree mst 1 priority
Spanning-tree mst max-hops
No spanning-tree mst instance-idpriority
Default number of hops is
Console config # spanning-tree mst max-hops
Spanning-tree mst port-priority
Spanning-tree mst cost
Consoleconfig-if#spanning-tree mst 1 port-priority
Spanning-tree mst configuration
Spanning-tree mst configuration
Following example configures an MST region
Consoleconfig# spanning-tree mst configuration
Instance mst
MST Configuration mode
Instance instance-idadd remove vlan vlan-range
Following example maps VLANs 10-20 to MST instance
Following example defines the configuration name as region1
Default name is a radlanguest
Name mst
Revision mst
Default configuration revision number is
Value Configuration revision number Range
Following example sets the configuration revision to
Show mst
Exit
Exit mst
Abort mst
Spanning-tree guard root
Abort
Show spanning-tree
Root guard is disabled
Spanning-tree guard root No spanning-tree guard root
Interface -number- a valid Ethernet port
Console# show spanning-tree
Following example displays spanning-tree information
FWD
Console# show spanning-tree active
Console# show spanning-tree blockedports
Console# show spanning-tree detail
Port 3 disabled State N/A Role N/A Port id
Console# show spanning-tree ethernet ext.1
Console# show spanning-tree mst-configuration
Rstp
Times hold 1, topology change 35, notification
Designated port id Designated path cost
Port Enabled State Forwarding Role Boundary Port id
This switch is root for CST and IST master
Hello Time 2 sec Max Age 20 sec
Spanning-Tree Commands
Ip ssh port
SSH Commands
Ip ssh server
Ip ssh port port-number No ip ssh port
Device configuration from a SSH server is disabled
Crypto key generate dsa
DSA key pairs do not exist
Crypto key generate rsa
Consoleconfig# crypto key generate dsa
Following example generates DSA key pairs
Crypto key generate rsa
Ip ssh pubkey-auth
AAA authentication is independent
Following example generates RSA key pairs
Ip ssh pubkey-auth No ip ssh pubkey-auth
No keys are specified
Crypto key pubkey-chain ssh
Consoleconfig# crypt\o key pubkey-chain ssh
SSH Public Key-string Configuration mode
User-key
No SSH public keys exist
Key-string
Consoleconfig# crypto key pubkey-chain ssh
Show ip ssh
Show ip ssh
Show crypto key mypubkey
Following example displays the SSH server configuration
Show crypto key mypubkey rsa dsa
Rsa Indicates the RSA key Dsa Indicates the DSA key
Console# show crypto key mypubkey rsa
Show crypto key pubkey-chain ssh
Console# show crypto key pubkey-chain ssh username bob
Console# show crypto key pubkey-chain ssh
SSH Commands
Logging is enabled
Syslog Commands
Following example enables logging error messages
Logging on
Logging
Consoleconfig# logging buffered debugging
Default severity level is informational
Logging buffered
Logging buffered level No logging buffered
This command takes effect only after Reset
Default number of messages is
Consoleconfig# logging buffered size
Logging buffered size
Logging file
Default severity level is errors
Clear logging
Logging file level No logging file
Clear logging file
Consoleconfig# logging file alerts
Clear logging file
Following example clears messages from the logging file
Aaa logging
Aaa logging login no aaa logging login
File-system logging
File-system logging copy
Consoleconfig# file-system logging copy
Logging file system events is enabled
Management logging
Management logging deny No management logging deny
Consoleconfig# management logging deny
Logging management ACL events is enabled
Show logging
Show logging
AAA
Console# show logging
Show logging file
Show logging file
Console# show logging file
Show syslog-servers
Show syslog-servers
Console# show syslog-servers
Syslog Commands
Ping
System Management Commands
Following example displays pinging results
Traceroute
Syntax
Probe timed out
Telnet
Default port is the Telnet port decimal23 on the host
Keywords Table
Special Telnet Sequences
Ports Table
Resume
Following command switches to open Telnet session number
Reload
Connection The connection number. Range 1-4 connections
Reload
Hostname
Following example reloads the operating system
Hostname name No hostname
Following example specifies the device host name
Show users
Show users
Console show users
Show sessions
Show sessions
Following example lists open Telnet sessions
Console show sessions
Show system
Show system
Console# show system
Show system id
Privilaged Exec mode
Show system id unit unit
Unit unit Unit number
Show system flowcontrol
Show system flowcontrol
Console show system id
Show system mode
Show system mode
Priviledged Exec mode
Following example displays information on features control
Service cpu-utilization No service cpu-utilization
Service cpu-utilization
Show version
Console show version
Consoleconfig# service cpu-utilization
This example enables measuring CPU utilization
Show cpu utilization
Show cpu utilization
Console# show cpu utilization
TACACS+ Commands
Tacacs-server host
No tacacs-server host ip-addresshostname
Following example specifies a TACACS+ host
Tacacs-server key
Tacacs-server key key-string No tacacs-server key
Empty string
Following example sets the authentication encryption key
Tacacs-server timeout
Following example sets the timeout value to
Consoleconfig# tacacs-server timeout
Show tacacs
Tacacs-server source-ip
Source Specifies the source IP address
Following example specifies the source IP address
Console# show tacacs
Ip-address Name or IP address of the TACACS+ server
TACACS+ Commands
User Interface Commands
Enable
Disable
Following example return to Users Exec mode
Login
Login User Exec mode command changes a login username
Login
Configure
Configure
Following example enters Global Configuration mode
Exit Configuration
All configuration modes
Exit
Privileged and User Exec modes
End
Following example closes an active terminal session
End
Help
All command modes
Terminal datadump
Help
Show history
Dumping is disabled
Terminal datadump No terminal datadump
Show history
Show privilege
Show privilege
Console# show version
Console# show history
Console# show privilege
Command The command to be executed
Console Config# do show vlan
Following example enters the Vlan database mode
Vlan Commands
Vlan database
Vlan
Interface vlan
Vlan Configuration mode
Following example Vlan number 1972 is created
Interface vlan vlan-id
Interface range vlan
Interface range vlan vlan-rangeall
All All existing static VLANs
No name
Name
No name is defined
Following example gives Vlan number 19 the name Marketing
Switchport protected
Switchport protected is disabled
Consoleconfig-if#switchport protected ethernet ext.1
Switchport mode
Switchport access vlan
Switchport mode access trunk general No switchport mode
Switchport trunk allowed vlan
Switchport trunk allowed vlan add vlan-listremove vlan-list
All ports belong to Vlan
Vlan-id- Specifies the ID of the native Vlan
Switchport trunk native vlan
VID=1
Switchport general allowed vlan
Vlan-id- Specifies the Pvid Port Vlan ID
Switchport general pvid
Ingress filtering is enabled
Switchport general ingress-filtering disable
Switchport forbidden vlan
Switchport general acceptable-frame-type tagged-only
Switchport forbidden vlan add vlan-listremove vlan-list
All frame types are accepted at ingress
All VLANs are allowed
Ip internal-usage-vlan
Ip internal-usage-vlan vlan-id No ip internal-usage-vlan
Vlan-id- Specifies the ID of the internal usage Vlan
Show vlan
Consoleconfig-if#ip internal-usage-vlan
Show vlan id vlan-idname vlan-name
Vlan-id- specifies a Vlan ID
Show vlan internal usage
Following example displays all Vlan information
Show vlan internal usage
Console# show vlan internal usage
Show interfaces switchport
VLAN011
Console# show interface switchport ethernet ext.1
Pvid
Map protocol protocol encapsulation protocols-group group
Map protocol protocols-group
Vlan Database mode
Switchport general map protocols-group vlan
Following protocol names are reserved
Following example maps protocol ip-arp to the group named
Map mac macs-group
Console config-if#switchport general map macs-group 1 vlan
Switchport general map macs-group vlan
Map subnet subnets-group
Switchport general map subnets-group vlan
Show vlan protocols-groups
Console# show vlan protocols-groups
Show vlan macs-groups
Show vlan subnets-groups
Following example shows subnets-groups information
Vlan Commands
Aaa authentication dot1x
29 802.1x Commands
No authentication method is defined
Method1 method2... At least one from the following table
Following example enables 802.1x globally
802.1x is disabled globally
Dot1x system-auth-control
Dot1x port-control
Interface Configuration Ethernet
Consoleconfig-if#dot1x port-control auto
Port is in the force-authorized state
Dot1x timeout re-authperiod
Dot1x re-authentication
Dot1x re-authentication No dot1x re-authentication
Periodic re-authentication is disabled
Re-authentication period is 3600 seconds
Dot1x re-authenticate
Dot1x re-authenticate ethernet interface
Consoleconfig-if#dot1x timeout re-authperiod
Dot1x timeout quiet-period
Console# dot1x re-authenticate ethernet ext.16
Quiet period is 60 seconds
Dot1x timeout tx-period seconds No dot1x timeout tx-period
Dot1x timeout tx-period
Timeout period is 30 seconds
Consoleconfig-if#dot1x timeout quiet-period
Default number of times is
Dot1x max-req
Dot1x max-req count No dot1x max-req
Default timeout period is 30 seconds
Dot1x timeout supp-timeout
Dot1x timeout server-timeout
Consoleconfig-if# dot1x timeout supp-timeout
Consoleconfig-if#dot1x timeout server-timeout
Show dot1x
Show dot1x ethernet interface
Console# show dot1x
Console# show dot1x ethernet ext.3
Show dot1x users
Show dot1x users username username
Username Supplicant username Range 1-160 characters
Following example displays 802.1x users
Console# show dot1x users
Console# show dot1x users username Bob
Show dot1x statistics
Show dot1x statistics ethernet interface
Console# show dot1x statistics ethernet ext.1
Dot1x auth-not-req No dot1x auth-not-req
Dot1x auth-not-req
Multiple hosts are disabled
Access is enabled
Consoleconfig-if# dot1x auth-not-req
Dot1x multiple-hosts
Dot1x single-host-violation
Dot1x guest-vlan
Consoleconfig-if#dot1x single-host-violation forward trap
No traps are sent
Dot1x guest-vlan No dot1x guest-vlan
Following example defines Vlan 2 as a guest Vlan
Dot1x guest-vlan enable
Show dot1x advanced
Consoleconfig-if#dot1x guest-vlan enable
Show dot1x advanced ethernet interface
Console# show dot1x advanced
Console# show dot1x advanced ethernet ext.1
World Wide Web Telephone
Appendix a Getting Help
Finland
Holland
Cambodia
Australia
Myanmar
New Zealand 0800 444
Ecuador
Panama
Uruguay