Command Line Interface Guide
Page 36
... to the bridge table. Forbids a port from the forwarding database. Access Mode Interface (VLAN) Configuration Global Configuration Interface (VLAN) Configuration Interface (VLAN) Configuration Interface Configuration Interface (VLAN) Configuration Interface (VLAN) Configuration Global Configuration Privileged EXEC Interface Configuration Interface Configuration Interface Configuration 36 Command Groups Forbids adding a specific Multicast address to the group. Configures the maximum number of addresses that may be learned on the device. Sets the...
... to the bridge table. Forbids a port from the forwarding database. Access Mode Interface (VLAN) Configuration Global Configuration Interface (VLAN) Configuration Interface (VLAN) Configuration Interface Configuration Interface (VLAN) Configuration Interface (VLAN) Configuration Global Configuration Privileged EXEC Interface Configuration Interface Configuration Interface Configuration 36 Command Groups Forbids adding a specific Multicast address to the group. Configures the maximum number of addresses that may be learned on the device. Sets the...
Command Line Interface Guide
Page 57
... help terminal datadump show history show command without prompting. Access Mode Global Configuration VLAN Database Global Configuration Global Configuration Interface (VLAN) Configuration Interface Configuration Interface Configuration Command Groups 57 User Interface Commands Command Group enable disable login configure exit (Configuration) exit end help system. Returns to a VLAN. Ends the current configuration session and returns to the Privileged EXEC mode. Displays a brief description...
... help terminal datadump show history show command without prompting. Access Mode Global Configuration VLAN Database Global Configuration Global Configuration Interface (VLAN) Configuration Interface Configuration Interface Configuration Command Groups 57 User Interface Commands Command Group enable disable login configure exit (Configuration) exit end help system. Returns to a VLAN. Ends the current configuration session and returns to the Privileged EXEC mode. Displays a brief description...
Command Line Interface Guide
Page 58
... switchport protected map protocol protocols-group switchport general map protocols-group vlan ip internal-usage-vlan mac-to -VLAN database. Displays switchport configuration. Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration VLAN Configuration Interface Configuration Interface Configuration VLAN configuration Privileged EXEC Privileged EXEC Privileged EXEC Privileged EXEC Privileged EXEC 58 Command Groups Maps a protocol...
... switchport protected map protocol protocols-group switchport general map protocols-group vlan ip internal-usage-vlan mac-to -VLAN database. Displays switchport configuration. Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration VLAN Configuration Interface Configuration Interface Configuration VLAN configuration Privileged EXEC Privileged EXEC Privileged EXEC Privileged EXEC Privileged EXEC 58 Command Groups Maps a protocol...
Command Line Interface Guide
Page 59
... crypto certificate request crypto certificate import ip https certificate Description Enables the device to configure the device. Access Mode Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Generates and displays certificate requests for the voice VLAN. Displays the voice VLAN status. Enables automatic voice VLAN configuration for HTTPS. Sets the interval the system waits for HTTPS...
... crypto certificate request crypto certificate import ip https certificate Description Enables the device to configure the device. Access Mode Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Global Configuration Generates and displays certificate requests for the voice VLAN. Displays the voice VLAN status. Enables automatic voice VLAN configuration for HTTPS. Sets the interval the system waits for HTTPS...
Command Line Interface Guide
Page 61
... dot1x advanced Displays active 802.1x authenticated users. Privileged EXEC Privileged EXEC Interface (VLAN) Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Global Configuration Interface Configuration Privileged EXEC Command Groups 61 Allows multiple hosts (clients) on an 802.1xauthorized port that VLAN. Displays 802.1x advanced features for the device or for the specified interface. Enables user...
... dot1x advanced Displays active 802.1x authenticated users. Privileged EXEC Privileged EXEC Interface (VLAN) Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Interface Configuration Global Configuration Interface Configuration Privileged EXEC Command Groups 61 Allows multiple hosts (clients) on an 802.1xauthorized port that VLAN. Displays 802.1x advanced features for the device or for the specified interface. Enables user...
Command Line Interface Guide
Page 71
...client on an interface. spanning-tree portfast Enables PortFast mode. switchport access vlan Configures the VLAN ID when the interface is in access mode. switchport customer vlan Set the port's VLAN when the interface is in customer mode. frame-type tagged-only switchport ...(MST) calculations. switchport general ingressfiltering disable Disables port ingress filtering. switchport forbidden vlan Forbids adding specific VLANs to permit or deny. switchport general pvid Configures the PVID when the interface is in the interface. spanning-tree link-type Overrides...
...client on an interface. spanning-tree portfast Enables PortFast mode. switchport access vlan Configures the VLAN ID when the interface is in access mode. switchport customer vlan Set the port's VLAN when the interface is in customer mode. frame-type tagged-only switchport ...(MST) calculations. switchport general ingressfiltering disable Disables port ingress filtering. switchport forbidden vlan Forbids adding specific VLANs to permit or deny. switchport general pvid Configures the PVID when the interface is in the interface. spanning-tree link-type Overrides...
Command Line Interface Guide
Page 78
... take when traveling to another node on a specific VLAN. bridge multicast forbidden forward-all Forbids a port from becoming a forward-all Enables forwarding of the egress queues. ip igmp snooping host-time-out Configures the host-time-out. Lists the open Telnet sessions... version information. Enables dumping all Multicast frames on a port. Enables the command history function for the current terminal session. VC (VLAN Configuration) Mode Command Group Description bridge address Adds a static MAC-layer station source address to specific ports. ip igmp snooping (Interface) ...
... take when traveling to another node on a specific VLAN. bridge multicast forbidden forward-all Forbids a port from becoming a forward-all Enables forwarding of the egress queues. ip igmp snooping host-time-out Configures the host-time-out. Lists the open Telnet sessions... version information. Enables dumping all Multicast frames on a port. Enables the command history function for the current terminal session. VC (VLAN Configuration) Mode Command Group Description bridge address Adds a static MAC-layer station source address to specific ports. ip igmp snooping (Interface) ...
Command Line Interface Guide
Page 98
...any console(config-mac-al)# exit console(config)# interface ethernet e10 console(config-if)# service-acl input macA console(config-if)# 98 ACL Commands Default Configuration This command has no service-acl input • acl-name - Example The following example, binds (services) an ACL to create a MAC ACL...(config-mac-acl)# deny 66:66:66:66:66:66 Console(config-mac-acl)# exit Console(config)# service-acl The service-acl Interface (VLAN) Configuration mode command applies an ACL to the input interface. User Guidelines There are no form of this command. Use the no user guidelines for...
...any console(config-mac-al)# exit console(config)# interface ethernet e10 console(config-if)# service-acl input macA console(config-if)# 98 ACL Commands Default Configuration This command has no service-acl input • acl-name - Example The following example, binds (services) an ACL to create a MAC ACL...(config-mac-acl)# deny 66:66:66:66:66:66 Console(config-mac-acl)# exit Console(config)# service-acl The service-acl Interface (VLAN) Configuration mode command applies an ACL to the input interface. User Guidelines There are no form of this command. Use the no user guidelines for...
Command Line Interface Guide
Page 469
Console(config)# vlan database Console(config-vlan)# vlan The vlan VLAN Configuration mode command creates a VLAN. VLAN Commands 469 a hyphen designates a range of VLAN IDs to delete a VLAN. Command Mode Global Configuration mode. Use the no form of this command. Separate non-consecutive VLAN IDs with a comma and no vlan vlan-range • vlan-range - VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Example...
Console(config)# vlan database Console(config-vlan)# vlan The vlan VLAN Configuration mode command creates a VLAN. VLAN Commands 469 a hyphen designates a range of VLAN IDs to delete a VLAN. Command Mode Global Configuration mode. Use the no form of this command. Separate non-consecutive VLAN IDs with a comma and no vlan vlan-range • vlan-range - VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Example...
Command Line Interface Guide
Page 470
... Guidelines There are no default configuration. Default Configuration This command has no user guidelines for this command. User Guidelines There are no default configuration. Command Mode Global Configuration mode. Example The following example VLAN number 1972 is created. Command Mode VLAN Configuration mode. Example The following example enters Interface Configuration mode for VLAN 1. Default Configuration This command has no user...
... Guidelines There are no default configuration. Default Configuration This command has no user guidelines for this command. User Guidelines There are no default configuration. Command Mode Global Configuration mode. Example The following example VLAN number 1972 is created. Command Mode VLAN Configuration mode. Example The following example enters Interface Configuration mode for VLAN 1. Default Configuration This command has no user...
Command Line Interface Guide
Page 480
...packet is a 16 or 40 bits protocol number or one of the following values: ethernet or protocols-group. Command Mode VLAN Configuration mode. One of this command to override the FDB decision, and forward the packet to specified ethernet port. Protocol group number.... 2/g1 map protocol protocols-group The map protocol protocols-group VLAN Configuration mode command maps a protocol to delete a protocol from a group. Syntax • map protocol protocol [encapsulation] protocols-group group • no default configuration. FFFF). • encapsulation - If no form of the...
...packet is a 16 or 40 bits protocol number or one of the following values: ethernet or protocols-group. Command Mode VLAN Configuration mode. One of this command to override the FDB decision, and forward the packet to specified ethernet port. Protocol group number.... 2/g1 map protocol protocols-group The map protocol protocols-group VLAN Configuration mode command maps a protocol to delete a protocol from a group. Syntax • map protocol protocol [encapsulation] protocols-group group • no default configuration. FFFF). • encapsulation - If no form of the...
Command Line Interface Guide
Page 483
...to remove MAC addresses from the database. Command Mode VLAN Configuration mode. Specifies the VLAN ID. Syntax • mac-to-vlan mac-address vlan-id • no form of this command to -vlan is deprecated in the database. Default Configuration No MAC address entry in versions where DVA is ... only according to more than one VLAN. Console# config Console(config)# vlan database Console(config-if)# mac-to -VLAN database. mac-to-vlan The mac-to-vlan VLAN Configuration mode command adds MAC addresses to the MAC-to -vlan 0060.704c.73ff 123 VLAN Commands 483 If the same MAC ...
...to remove MAC addresses from the database. Command Mode VLAN Configuration mode. Specifies the VLAN ID. Syntax • mac-to-vlan mac-address vlan-id • no form of this command to -vlan is deprecated in the database. Default Configuration No MAC address entry in versions where DVA is ... only according to more than one VLAN. Console# config Console(config)# vlan database Console(config-if)# mac-to -VLAN database. mac-to-vlan The mac-to-vlan VLAN Configuration mode command adds MAC addresses to the MAC-to -vlan 0060.704c.73ff 123 VLAN Commands 483 If the same MAC ...
Command Line Interface Guide
Page 496
... this command to default. User Guidelines Aging starts after bridging aging is expired. Console (config)# voice vlan aging-timeout 2000 voice vlan enable The voice vlan enable Interface Configuration mode command enables automatic voice VLAN configuration for a port. Use the no voice vlan aging-timeout • minutes - Specify the aging timeout in minutes. (Range: 1 - 43200 minutes) Default...
... this command to default. User Guidelines Aging starts after bridging aging is expired. Console (config)# voice vlan aging-timeout 2000 voice vlan enable The voice vlan enable Interface Configuration mode command enables automatic voice VLAN configuration for a port. Use the no voice vlan aging-timeout • minutes - Specify the aging timeout in minutes. (Range: 1 - 43200 minutes) Default...
Command Line Interface Guide
Page 497
... a tagged port. Example The following example enables automatic voice VLAN configuration for a port console(config-if)# voice vlan enable voice vlan secure The voice vlan secure Interface Configuration mode command configures the secure mode for the voice VLAN. User Guidelines • Use this command to the voice VLAN with a telephony MAC address source MAC address (defined by the voice...
... a tagged port. Example The following example enables automatic voice VLAN configuration for a port console(config-if)# voice vlan enable voice vlan secure The voice vlan secure Interface Configuration mode command configures the secure mode for the voice VLAN. User Guidelines • Use this command to the voice VLAN with a telephony MAC address source MAC address (defined by the voice...
Command Line Interface Guide
Page 499
Example The following example displays the voice VLAN configuration. Console Switch# show voice vlan Aging timeout: 1440 minutes OUI table MAC Address-Prefix Description 00:E0:BB 3COM 00:03:6B Cisco 00:E0:75 Veritel 00:D0:1E Pingtel 00:01:E3 Simens 00:60:B9 NEC/Philips 00:0F:E2 Huawei-3COM . Voice VLAN VLAN ID: 8 CoS: 6 Interface Enabled Secure 1/e1 Yes Yes 1/e2 Yes Yes 1/e3 Yes Yes 1/e4 Yes Yes 1/e5 No No 1/e6 No No 1/e7 No No 1/e8 No No 1/e9 No No Activated Yes No Yes Yes Voice VLAN 499
Example The following example displays the voice VLAN configuration. Console Switch# show voice vlan Aging timeout: 1440 minutes OUI table MAC Address-Prefix Description 00:E0:BB 3COM 00:03:6B Cisco 00:E0:75 Veritel 00:D0:1E Pingtel 00:01:E3 Simens 00:60:B9 NEC/Philips 00:0F:E2 Huawei-3COM . Voice VLAN VLAN ID: 8 CoS: 6 Interface Enabled Secure 1/e1 Yes Yes 1/e2 Yes Yes 1/e3 Yes Yes 1/e4 Yes Yes 1/e5 No No 1/e6 No No 1/e7 No No 1/e8 No No 1/e9 No No Activated Yes No Yes Yes Voice VLAN 499
Command Line Interface Guide
Page 530
...of EAPOL frames that have been transmitted by this Authenticator. ADVANCED FEATURES dot1x auth-not-req The dot1x auth-not-req VLAN Configuration mode command enables unauthorized devices access to the VLAN. Syntax • dot1x auth-not-req • no form of EAPOL frames that have been received by this command... to disable access to the VLAN. The number of valid EAP Response frames (other than Resp/Id frames) that have been received by this Authenticator in which the frame ...
...of EAPOL frames that have been transmitted by this Authenticator. ADVANCED FEATURES dot1x auth-not-req The dot1x auth-not-req VLAN Configuration mode command enables unauthorized devices access to the VLAN. Syntax • dot1x auth-not-req • no form of EAPOL frames that have been received by this command... to disable access to the VLAN. The number of valid EAP Response frames (other than Resp/Id frames) that have been received by this Authenticator in which the frame ...
Command Line Interface Guide
Page 536
... config-if(Config)# dot1x traps mac-authentication failure dot1x radius-attributes vlan The dot1x radius-attributes vlan Interface Configuration mode command enables user-based VLAN assignment. Other static VLAN configuration is not applied on the port. • If the supplicant VLAN does not exist on the switch, the supplicant is rejected. • Packets to disable user-based...
... config-if(Config)# dot1x traps mac-authentication failure dot1x radius-attributes vlan The dot1x radius-attributes vlan Interface Configuration mode command enables user-based VLAN assignment. Other static VLAN configuration is not applied on the port. • If the supplicant VLAN does not exist on the switch, the supplicant is rejected. • Packets to disable user-based...
User's Guide
Page 133
...ip address [ip-address] Removes an IP address show ip interface [ethernet Displays the usability status of interfaces interface-number | vlan vlan- configured for setting fields displayed in the IPv4 Interfaces Parameters page. The selected IP address is deleted, and the device is updated. ...Defining IPv4 Interfaces Using CLI Commands The following table summarizes the equivalent CLI commands for IP. id | port-channel number] Configuring System Information 133 The Interface Parameters Table page opens. The parameters are modified, and the device is updated. IPv4 Interface ...
...ip address [ip-address] Removes an IP address show ip interface [ethernet Displays the usability status of interfaces interface-number | vlan vlan- configured for setting fields displayed in the IPv4 Interfaces Parameters page. The selected IP address is deleted, and the device is updated. ...Defining IPv4 Interfaces Using CLI Commands The following table summarizes the equivalent CLI commands for IP. id | port-channel number] Configuring System Information 133 The Interface Parameters Table page opens. The parameters are modified, and the device is updated. IPv4 Interface ...
User's Guide
Page 265
... amount of seconds that lapses before EAP request are added to this port. Authenticated ports remain unauthenticated VLAN and Guest VLAN members. Disables periodic port reauthentication. • Reauthentication Period (300-4294967295) - Disable - • Dynamic VLAN Assignment - Static VLAN configuration is automatically joined to the authentication server. If the Radius Accept Message doesn't contain the supplicant...
... amount of seconds that lapses before EAP request are added to this port. Authenticated ports remain unauthenticated VLAN and Guest VLAN members. Disables periodic port reauthentication. • Reauthentication Period (300-4294967295) - Disable - • Dynamic VLAN Assignment - Static VLAN configuration is automatically joined to the authentication server. If the Radius Accept Message doesn't contain the supplicant...
User's Guide
Page 355
... The following table summarizes the equivalent CLI commands for defining VLAN membership groups as displayed in access mode. VLAN Membership Group CLI Commands CLI Command vlan database vlan {vlan-range} name string Description Enters the VLAN configuration mode. Discards untagged frames at ingress. switchport access vlan vlan-id Configures the VLAN ID when the interface is an example of a port. Creates...
... The following table summarizes the equivalent CLI commands for defining VLAN membership groups as displayed in access mode. VLAN Membership Group CLI Commands CLI Command vlan database vlan {vlan-range} name string Description Enters the VLAN configuration mode. Discards untagged frames at ingress. switchport access vlan vlan-id Configures the VLAN ID when the interface is an example of a port. Creates...