Kentrox AI296 - page 267

AI296 Version 9.8x User’s Guide

AI296 Commands: aaa

9-9

profile Associates a custom profile with a privilege level or range of privilege

levels. The following rules apply:

zTACACS+ privilege levels range from 0 to 15.

zCustom profiles can be associated with privilege levels 2 through

14.

zPrivilege levels 2 through 14 default to the management system

profile.

zPrivilege levels 0, 1, and 15 are reserved for the Status,

Management, and Supervisor system profiles (respectively).



Note: For information on creating custom profiles, refer to command

profile on page 9-76.

Privilege levels are used only if the authorization method is set to

priv-lvl. The only exception to this occurs under all of the following

conditions:

1. The authentication server returns a privilege level.

2. The authorization server cannot be reached.

3. The authorization is set to per-command and fallback is enabled.



Note: For information on configuring the authorization method, refer

to command aaa author.

The following parameters are accepted:

zdefault—Removes the association between a range of privilege

levels and a profile.

z

priv_range

—Defines the range of privilege levels that will be

associated with the profile. Individual values are separated by

commas (,) and hyphens (-). For example, 1,4-6 specifies privilege

levels 1, 4, 5, and 6.

z

profile_name

—Specifies the name of an existing profile.

retry Configures the number of consecutive connection attempts that are

made to a TACACS+ server before the attempt fails. Consecutive

attempts are only made if the TACACS+ server responds but refuses a

connection. If no response is received from a TACACS+ server before

the configured timeout period, then no further connection attempts are

made. For information on configuring the timeout period, refer to

command aaa on page 9-6.

The following parameters are accepted:

z

retry_count

—Defines the number of consecutive connection

attempts that are made. Valid values are 1 to 100.

zdefault—Resets the number of connection attempts to the default

value.

Contents

Main Page About this Document Document Conventions Page Cautions and Warnings Electrostatic Discharge Caution Ground Caution Proper Cooling Caution FCC Warning Customer Assistance Web Site Support Email Support Phone Support Kentrox Product Documentation Table of Contents Chapter 1: Product Description ..............................................................1-1 Chapter 2: Using the AI198TM Menu System ........................................2-1 Chapter 3: AI296 Local Menu System ....................................................3-1 Chapter 4: System Configuration ...........................................................4-1 Chapter 5: IP Over X.25 Subnet Configuration ......................................5-1 Chapter 6: Link Configuration ................................................................6-1 Page Chapter 8: Alias and Call Routing Configuration ....................................8-1 Chapter 9: AI296 Commands .................................................................9-1 Appendix A: AI296 System Codes ........................................................ A-1 Appendix B: Standalone Mode and Switch Mode ................................. B-1 Appendix C: Commands for AI296 TACACS+ Server Enhancements .. C-1 Product Description Features Page System Diagnostics TID Multiplexing AI296 Hardware Components Front Panel Components Technical Specifications Individual Port Access CAB257 Cable DP196 Distribution Panel DB-25 Connectors RJ45 10BaseT Connectors Pin 1 Pin 8 Typical Applications Asynchronous to TCP/IP Application IP Over X.25 Networks Page AI296 Version 9.8x Users Guide Product Description: Typical Applications Mixed Asynchronous and X.25 Networks IRB Figure 1-7 Mixed Asynchronous and X.25 Network Page X.25 to TCP/IP Application Product Description: Typical Applications X.25 Trunking Figure 1-9 illustrates a common X.25 trunking application. Figure 1-9 X.25 Trunking Page Using the AI198TM Menu System Using the AI198TM Menu System: Accessing the Menu System Accessing the Menu System Navigating the Menu System Menu Numbering Structure Types of Menu Items Submenus Toggles Data Functions Page AI296 Local Menu System Identifying AI296 Menu System Security Options Multilevel User Name and Password Security RADIUS Authentication TACACS+ Authentication PPP Authentication Protocols (PAP and CHAP) Logging Into AI296 Using a Telnet Connection for Login Using an Asynchronous Port for Login Page Accessing the Local Menu System Navigating the Local Menu System Identifying Types of Menu Items Data Entry Items Toggle Items Accessing the Help Menu Exiting the Local Menu System System Configuration General System Properties Configuration Destination Menu Break Sequence Format Page Ethernet Port Settings FTP Port IP Settings Page Passive Link Settings Page System Prompt TCP Settings Telnet Port System Configuration: General System Properties Configuration This example displays Telnet Port set to 55. RADIUS Configuration Server Settings Page Shell/FTP Options System Configuration: RADIUS Configuration This example displays the shell RAS option set to RADIUS/Fallback. TACACS+ Configuration Server Settings Shell/FTP Options System Configuration: TACACS+ Configuration 2. For 09*Shell/FTP TACACS Option , enter 9 to select ENABLED, DISABLED , or This example displays 09*Shell/FTP TACACS Option set to LOCAL FALLBACK. SNMP Configuration Authentication Traps Community Names Page Contact Persons Node Information SNMP Manager Page Static Route Configuration IP Address Settings TID to Modem Mux Configuration Inactivity Timeout Initialization String Port Bit Settings TID to Route Page Time Configuration Daylight Savings Time SNTP Settings Page Time Zone Page Configuration Overview Before Configuration Local Settings Local IP Address for this Subnet Local IP Subnet Mask Local X.25 Link Number Remote Settings Remote IP Address for this Subnet Remote X.121 Address Page Link Configuration AI296 Link Types Asynchronous Asynchronous PPP HDLC-Bridge MLT Synchronous PPP X.25 BX.25 Configuration BX.25 Configuration Values Usage BX.25 Modulo BX.25 Support BX.25 Timer Settings Link Configuration: BX.25 Configuration This example displays 05 Connect Timer ST2 set to 33 and 06 Send Timer ST3 set to 45. Connect Options Configuration Alias Call Retry Interval Connect String Page Connection Settings Page Link Application Page Disconnect Options Configuration Disconnect Inactivity Timer Settings Page Disconnect Settings Disconnect String Link Configuration: Disconnect Options Configuration This example displays 07 Disconnect string set to <b>newString<33><p 15><b>. General Link Properties Configuration Auto Disable Error Limit Flow Control Hardware Interface (Interface Type) Page Page Link Description Link Mode Link Number Link State Link Type Passive Link with Clocking Port Data Bits Port Parity Port Speed Page Port Stop Bits Link Configuration: General Link Properties Configuration Sync Port Encoding This menu item sets the binary encoding on a port. Toggle MLT Xon Repeat Interval Link Configuration: General Link Properties Configuration This example displays 10 Xon Repeat interval set to 30. General PPP Properties Configuration IPCP Address Settings Page Maximum Unit Settings Network Control Protocol Page LAPB Parameters Configuration Frame Settings Page LAPB Timer Settings N2 Retry Counter Page Modem Option Configuration Modem String Dialing Time-out Interval Number of Dial Attempts Link Configuration: Modem Option Configuration This example displays Number of dial attempts set to 15. PPP Authentication Configuration Local Authentication Settings Page RAS Option Page Remote Authentication Settings Page Quick X.25 Configuration Frame Settings Page Number of PVCs Packet Settings Passive Link Settings Port Speed SVC Settings X.121 Local Address Link Configuration: Quick X.25 Configuration This example displays X121 Local Address set to 59274. RTS/DTR Lead Control Configuration DTR State Configuration RTS State Configuration Page Link Configuration: RTS/DTR Lead Control Configuration This example displays RTS connect state set to FlowControl and RTS disconnect state set to Toggle. X.25 Parameters Configuration Maximum Packet Size Packet Window Size Link Configuration: X.25 Parameters Configuration This example displays Packet Window Size set to 6. Protocol Version This menu item defines the protocol version (year) for the current link. Toggle X.25 X.25 Counter Settings Page X.25 Facilities Negotiation X.25 Timer Settings Page Page X.121 Local Address Virtual Circuit Configuration Number of PVCs PVC Configuration Settings Page Page Page SVC Configuration Settings Page Page Page Overview Page TID Multiplexing Configuration Configuring the Parent Alias Page Page Configuring the Children Aliases Page Page Example Configurations Page This example displays the parent alias configuration in the AI296 menu system. Note: To configure aliases in the AI296 local menu system, AI296 must be in standalone mode. These examples display two of the child alias configurations in the AI198 menu system. These examples display two of the child alias configurations in the AI296 menu system. Note: To configure aliases in the AI296 local menu system, AI296 must be in standalone mode. TID Multiplexing Troubleshooting RTRV-HDR Format Normal Response Format Normal Response Example Error Response Format Error Response Example Diagnostics for TID Multiplexing Page Page Overview Page Alias and Call Routing Configuration: Overview This is an example configuration in the AI198 menu system for AI296 B: Call Routing Configuring an Alias in the AI198 Menu System Page Configuring an Alias in the AI296 Menu System Page Arranging Aliases in the Alias Table Configuring an Alias with X.25 Keep-Alive Page Source/Destination Protocol Tables Source/Destination Protocol Tables for the AI198 Menu System Page Page Page Page Page Page Page Source/Destination Protocol Tables for the AI296 Menu System Page Page Page Page Page Page Page Page Protocol Processing Modules Module Types AEP AEPN AEPX ASY BX25NM BX25S ETER XXX PAD PKT RBP TL1 Page TN Module Properties Module Arguments Page Alias Macros Alias Macro Components Start Symbols Comments Constants Varia bles Wildcard Symbols Operators Functions Page Alias Macro Configuration Configuration Examples Page Alias Configuration Examples SVC to SVC Connection This example displays the menu items used to configure the SVC to SVC connection: SVC to PVC Connection Figure 8-3 SVC to PVC Connection Diagram This example displays the menu items used to configure an SVC to PVC connection: PVC to SVC Connection Figure 8-4 PVC to SVC Connection Diagram This example displays the menu items used to configure a PVC to SVC connection. MLT Route Figure 8-5 MLT Call Routing Example Page Link-to-Link Call Routing Page Page Commands Overview Shell Commands Shell Connections Establishing a Local Shell Connection Establishing a Remote Shell Connection winslc Commands Displaying winslc Command Logging Using winslc Commands Log/Alarm Message Header Page aaa Page Page Page Command Defaults AI296 Commands: aaa This example displays a summary of all authentication, authorization, and accounting settings. This example displays all AAA specific counters and statistics. This example displays a successful password change on a TACACS+ server. alarm Page AI296 Commands: alarm This example displays all system alarms in group links. This example displays alarms for links 5-8 in group links. This example displays all alarms by severity level. AI296 Commands: alarm This example displays all alarms that have a severity level between 4 and 7. arp Page Page break Page AI296 Commands: bridge bridge This command dumps a list of all the addresses in the bridge table or clears the bridge table. This example displays the dumping of the bridge table. bridge { dump | clear } dump Dumps a list of all the addresses in the bridge table. clear Clears the bridge table. creset date debug AI296 Commands: debug This example displays the enabling of all debug data logging. delete diag-conn Page diag-eth Page Page Page This example displays Ethernet diagnostic help information. This example displays the help associated with the Ethernet diagnostic filter command. This example displays the diagnostic Ethernet display when the following parameters are entered: This example displays the diagnostic Ethernet display when the following is entered: zfilter add src 00:40:72:00:d2:d9 to configure a filter with source MAC address 00:40:72:00:d2:d9 zfilter add dst 00:40:72:00:d2:d9 to configure a filter with destination MAC address 00:40:72:00:d2:d9 This example displays the diagnostic Ethernet display when the following is entered: Page diag-info Page Page Page Page Page Page Page Page diag-line Page Page diag-tconn dir exit AI296 Commands: head head This command displays the first few lines of a file. This example displays the first 30 lines of file core.txt. ] head [ -n help AI296 Commands: help This example displays help information for command show. id ip ip init AI296 Commands: ip init This example displays the configuration of all the IP settings available with this command: link AI296 Commands: link linkstat AI296 Commands: linkstat This example displays the link statistic information for AI296. AI296 Commands: linkstat This example displays link statistic information for the device at baseport 64. log logout ls menu AI296 Commands: more more This command prints the content of a file to the current shell session one page at a time. more This example displays the contents of file log.txt one page at a time. pad Page panic passwd ping pppstatus Page profile Page pvcedit Page pvclist Page reset rz selcnf AI296 Commands: sholog sholog This example displays the contents of an AI296 log file one page at a time. Note: This command has the same functionality as command show log. sholog -p -p Displays the content of the file one page at a time. show This command displays various types of information for AI296. baseport link_range Page AI296 Commands: show This example displays the link numbers, link types, and descriptions for ports 13-16. staeia Page standalone staslc Page syncflash sz tacacs Page Page tacacs server Page Command Defaults Page AI296 Commands: tail tail This command displays the last few lines of a file. This example displays the last 10 lines of file userlog.txt. tail [ -n ] tcpoutconn tftp Page Page tftpboot AI296 Commands: tftpboot This example displays the result of a card booting when no BOOTP or TFTP server is on the net. This example displays the result of a reboot with a successful BOOTP/TFTP session: timezone Page trace Page traceroute AI296 Commands: type type This command displays the text of any file other than a code image or configuration file. This example displays the first page of contents for file log.txt. type [ -p ] Note: This command has the same functionality as command cat. update uptime useradd Page userdel users who xvc Page Page X.25 Cause Codes and Diagnostic Codes Standard Reset Indication Cause Codes Kentrox-Specific Reset Indication Cause Codes Standard Clear Indication Cause Codes Standard ISO Diagnostic Codes CCITT Diagnostic Codes Page Page Kentrox-Specific Diagnostic Codes Crash Codes Common Crash Codes AI296 Crash Codes System Failure Crash Reports Kentrox Technical Support Page Page Standalone Mode Downloading Software for a Standalone AI296 Configuring BOOTP/TFTP Switch Mode Downloading Software for AI296 in Switch Mode Page Page C AI296 Commands The following keyword lets users access destinations: names can be used as arguments. For example, { AI296 Menu Aliases