Command Line Interface Guide
Page 65
.... Controls error messages logging. Modifies the DSCP to -address mapping in the host name cache. ip ssh server ipv6 default-gateway ipv6 host ipv6 icmp error-interval ipv6 neighbor lacp system-priority line logging logging buffered logging buffered size logging console The...packets. Defines which management Access-List is used. Improves RADIUS response times when servers are unavailable. Defines an IPv6 default gateway. Specifies the login authentication method list for all RADIUS communications between the router and the RADIUS daemon. Configure the system to be expedite...
.... Controls error messages logging. Modifies the DSCP to -address mapping in the host name cache. ip ssh server ipv6 default-gateway ipv6 host ipv6 icmp error-interval ipv6 neighbor lacp system-priority line logging logging buffered logging buffered size logging console The...packets. Defines which management Access-List is used. Improves RADIUS response times when servers are unavailable. Defines an IPv6 default gateway. Specifies the login authentication method list for all RADIUS communications between the router and the RADIUS daemon. Configure the system to be expedite...
Command Line Interface Guide
Page 73
...) Mode Command Description clear counters Clears statistics on an interface. login Changes a login username. show line Displays line parameters. show history Lists the commands... entered in the current session. show ip igmp snooping mrouter Displays information on the network. enable Enters the privileged EXEC mode. show interfaces status Displays the status for all the maps for all configured interfaces. show hosts Displays the default...
...) Mode Command Description clear counters Clears statistics on an interface. login Changes a login username. show line Displays line parameters. show history Lists the commands... entered in the current session. show ip igmp snooping mrouter Displays information on the network. enable Enters the privileged EXEC mode. show interfaces status Displays the status for all the maps for all configured interfaces. show hosts Displays the default...
Command Line Interface Guide
Page 85
...in . • method1 [method2...] - This has the same effect as the default list of this argument as the command aaa authentication login list-name local. AAA Commands 85 line Uses the line password for authentication. Character.... AAA Commands aaa authentication login The aaa authentication login Global Configuration mode commands defines login authentication. Syntax • aaa authentication login {default | list-name} method1 [method2...] • no aaa authentication login {default | list-name} • default - Default Configuration The local user database...
...in . • method1 [method2...] - This has the same effect as the default list of this argument as the command aaa authentication login list-name local. AAA Commands 85 line Uses the line password for authentication. Character.... AAA Commands aaa authentication login The aaa authentication login Global Configuration mode commands defines login authentication. Syntax • aaa authentication login {default | list-name} method1 [method2...] • no aaa authentication login {default | list-name} • default - Default Configuration The local user database...
Command Line Interface Guide
Page 86
...the authentication succeeds even if all methods return an error, specify none as the default list of this list. Specify at least one from the following example configures authentication login. Use the no form of methods, when using access higher privilege levels. •...; method1 [method2...] - Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. ...
...the authentication succeeds even if all methods return an error, specify none as the default list of this list. Specify at least one from the following example configures authentication login. Use the no form of methods, when using access higher privilege levels. •...; method1 [method2...] - Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. ...
Command Line Interface Guide
Page 87
... the username "$enab15$". AAA Commands 87 Uses the indicated list created with the authentication login command. • list-name - If no login authentication • default - Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet, SSH or console. This has the same...
... the username "$enab15$". AAA Commands 87 Uses the indicated list created with the authentication login command. • list-name - If no login authentication • default - Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet, SSH or console. This has the same...
Command Line Interface Guide
Page 88
... method when accessing a higher privilege level from a console. Uses the default list created with the authentication enable command. Default Configuration Uses the default set with the command authentication enable. Use the no enable authentication • default - Console (config)# line console Console (config-line)# login authentication default enable authentication The enable authentication Line Configuration mode command specifies...
... method when accessing a higher privilege level from a console. Uses the default list created with the authentication enable command. Default Configuration Uses the default set with the command authentication enable. Use the no enable authentication • default - Console (config)# line console Console (config-line)# login authentication default enable authentication The enable authentication Line Configuration mode command specifies...
Command Line Interface Guide
Page 91
Example The following example displays the authentication configuration. Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local : Tacacs Local : AAA Commands 91 User Guidelines • There are no user guidelines for this command. Command Mode Privileged EXEC mode.
Example The following example displays the authentication configuration. Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local : Tacacs Local : AAA Commands 91 User Guidelines • There are no user guidelines for this command. Command Mode Privileged EXEC mode.
Command Line Interface Guide
Page 115
...-of text, terminating the message with the corresponding configuration variable. The message must start in ). Login Banner banner exec The banner exec Global Configuration mode command specifies and enables a message to be displayed...line message. Syntax • banner exec d message d • no EXEC banner is displayed). Login Banner 115 Command Mode Global Configuration mode. Tokens in the form $(token) in to delete the existing...(MOTD) banner appears first, followed by the login banner and prompts. User Guidelines • Follow this command to the device, the EXEC banner...
...-of text, terminating the message with the corresponding configuration variable. The message must start in ). Login Banner banner exec The banner exec Global Configuration mode command specifies and enables a message to be displayed...line message. Syntax • banner exec d message d • no EXEC banner is displayed). Login Banner 115 Command Mode Global Configuration mode. Tokens in the form $(token) in to delete the existing...(MOTD) banner appears first, followed by the login banner and prompts. User Guidelines • Follow this command to the device, the EXEC banner...
Command Line Interface Guide
Page 117
...system contact string. Displays the base MAC address of text, terminating the message with the corresponding configuration variable. Syntax • banner login d message d • no exec-banner line configuration command. Command Mode Global Configuration mode. Tokens in the form $(token) ...in the usage guidelines. Indicates that the next text is an inverse text. Default Configuration Disabled (no Login banner is displayed. • To customize the banner, use the no banner login • d - Login Banner 117 A delimiting character cannot be used in to a device, the...
...system contact string. Displays the base MAC address of text, terminating the message with the corresponding configuration variable. Syntax • banner login d message d • no exec-banner line configuration command. Command Mode Global Configuration mode. Tokens in the form $(token) ...in the usage guidelines. Indicates that the next text is an inverse text. Default Configuration Disabled (no Login banner is displayed. • To customize the banner, use the no banner login • d - Login Banner 117 A delimiting character cannot be used in to a device, the...
Command Line Interface Guide
Page 118
...character. After the user logs in a new line and can be a multi-line message. Notice that uses tokens. Console (config)# banner login % Enter TEXT message. End with the second occurrence of the delimiting character. • When a user connects to the device, the ...MOTD) banner appears first, followed by the corresponding configuration variable. Tokens in the form $(token) in the banner message. • message - Default Configuration Disabled (no banner motd • d - Command Mode Global Configuration mode. Then enter one or more lines of text, terminating the message...
...character. After the user logs in a new line and can be a multi-line message. Notice that uses tokens. Console (config)# banner login % Enter TEXT message. End with the second occurrence of the delimiting character. • When a user connects to the device, the ...MOTD) banner appears first, followed by the corresponding configuration variable. Tokens in the form $(token) in the banner message. • message - Default Configuration Disabled (no banner motd • d - Command Mode Global Configuration mode. Then enter one or more lines of text, terminating the message...
Command Line Interface Guide
Page 120
... • There are no form of this command to disable the display of login banners. Example The following example enables the display of exec banners. Default Configuration Enabled Command Mode Line Configuration mode User Guidelines • There are no login-banner Default Configuration Enabled. Use the no user guidelines for this command. Example The...
... • There are no form of this command to disable the display of login banners. Example The following example enables the display of exec banners. Default Configuration Enabled Command Mode Line Configuration mode User Guidelines • There are no login-banner Default Configuration Enabled. Use the no user guidelines for this command. Example The...
Command Line Interface Guide
Page 121
... -the-day banners. Syntax • show banner motd • show banner login • show banner Privileged EXEC mode command displays the banners configuration. Syntax • motd-banner • no default configuration. motd-banner The motd-banner Line Configuration mode command enables the display of... message-of -the-day banners. User Guidelines • There are no form of this command. Login Banner 121 Use the no user guidelines ...
... -the-day banners. Syntax • show banner motd • show banner login • show banner Privileged EXEC mode command displays the banners configuration. Syntax • motd-banner • no default configuration. motd-banner The motd-banner Line Configuration mode command enables the display of... message-of -the-day banners. User Guidelines • There are no form of this command. Login Banner 121 Use the no user guidelines ...
Command Line Interface Guide
Page 236
...snooping. • Maximum of 16 TCP ports can be configured either bound to 16 TCP ports can be defined in the system in the first login request of the command and then add it wishes to a specific IP address, the address field must be obtained from iSCSI or from sendTargets ... iSCSI ports 3260/860), it to specify the target IP address as any sanity check) with the relevant IP. • Target names are configured as default but can be present. • targetname - tcp-port-8] [address ip-address] • tcp-port - The initiator MUST present both its iSCSI Initiator Name and ...
...snooping. • Maximum of 16 TCP ports can be configured either bound to 16 TCP ports can be defined in the system in the first login request of the command and then add it wishes to a specific IP address, the address field must be obtained from iSCSI or from sendTargets ... iSCSI ports 3260/860), it to specify the target IP address as any sanity check) with the relevant IP. • Target names are configured as default but can be present. • targetname - tcp-port-8] [address ip-address] • tcp-port - The initiator MUST present both its iSCSI Initiator Name and ...
Command Line Interface Guide
Page 301
... authentication and encryption key for authentication requests. Can be one of the RADIUS server host. • hostname - IP address of the following values: login, 802.1x or all . Length of the outgoing IP interface. • priority - Specifies the usage type of the RADIUS server host. (Range...If no retransmit value is specified, the global value is used , where 0 is interpreted as request to 0. If unspecified, the port number defaults to all . Specifies the source IP address to use for authentication if set to use the IP address of time, in seconds. If unspecified...
... authentication and encryption key for authentication requests. Can be one of the RADIUS server host. • hostname - IP address of the following values: login, 802.1x or all . Length of the outgoing IP interface. • priority - Specifies the usage type of the RADIUS server host. (Range...If no retransmit value is specified, the global value is used , where 0 is interpreted as request to 0. If unspecified, the port number defaults to all . Specifies the source IP address to use for authentication if set to use the IP address of time, in seconds. If unspecified...
Command Line Interface Guide
Page 392
...from the logging file. Syntax • aaa logging login • no user guidelines for this command. Default Configuration The logging of the command. User Guidelines • There are no aaa logging login • login - Log messages related to the logging file based on... Example The following example limits syslog messages sent to successful login events, unsuccessful login events and other login related events. To disable logging use the no default configuration. Syntax • clear logging file Default Configuration This command has no form of AAA events is enabled...
...from the logging file. Syntax • aaa logging login • no user guidelines for this command. Default Configuration The logging of the command. User Guidelines • There are no aaa logging login • login - Log messages related to the logging file based on... Example The following example limits syslog messages sent to successful login events, unsuccessful login events and other login related events. To disable logging use the no default configuration. Syntax • clear logging file Default Configuration This command has no form of AAA events is enabled...
Command Line Interface Guide
Page 393
... of AAA events are no user guidelines for this command. Command Mode Global Configuration mode. Console(config)# aaa logging login file-system logging The file-system logging Global Configuration mode command controls logging file system events. To disable logging use... - Example The following example enables logging messages related to file copy operations. Default Configuration Logging file system events enabled. User Guidelines • There are not subject to AAA login events. Example The following examplee nables logging messages related to this command. Console...
... of AAA events are no user guidelines for this command. Command Mode Global Configuration mode. Console(config)# aaa logging login file-system logging The file-system logging Global Configuration mode command controls logging file system events. To disable logging use... - Example The following example enables logging messages related to file copy operations. Default Configuration Logging file system events enabled. User Guidelines • There are not subject to AAA login events. Example The following examplee nables logging messages related to this command. Console...
Command Line Interface Guide
Page 423
...passwords in the local database to 6 characters. Command Mode Global Configuration mode. Syntax • passwords min-length length • no form of this command to login. • Note that if a password is defined only require being checked when the user logs in. User Guidelines • The setting is relevant to local...gets checked when the user logs in an unencrypted format, or when a user tries to remove a requirement. Use the no passwords min-length • length - Default Configuration This command has no default configuration. The minimal length required for passwords.
...passwords in the local database to 6 characters. Command Mode Global Configuration mode. Syntax • passwords min-length length • no form of this command to login. • Note that if a password is defined only require being checked when the user logs in. User Guidelines • The setting is relevant to local...gets checked when the user logs in an unencrypted format, or when a user tries to remove a requirement. Use the no passwords min-length • length - Default Configuration This command has no default configuration. The minimal length required for passwords.
Command Line Interface Guide
Page 424
...Range: 1 - 20 characteres) • level - The level for another 3 times. • 10 days before a password change is forced. (Range: 1-365) Default Configuration Password aging is forced. (Range: 1 - 365) 424 TIC Commands Syntax • password-aging days • no passwords aging enable-password level • ...calculated from the day the password is defined (not from the day the aging is defined). • After a password expires a user can login for which the password applies. (Range: 1 - 15) • days - The number of this command. password-aging The password-aging ...
...Range: 1 - 20 characteres) • level - The level for another 3 times. • 10 days before a password change is forced. (Range: 1-365) Default Configuration Password aging is forced. (Range: 1 - 365) 424 TIC Commands Syntax • password-aging days • no passwords aging enable-password level • ...calculated from the day the password is defined (not from the day the aging is defined). • After a password expires a user can login for which the password applies. (Range: 1 - 15) • days - The number of this command. password-aging The password-aging ...
Command Line Interface Guide
Page 425
... history number • no form of passwords for another 3 times. • 10 days before a password can be reused. (Range: 1-10). Default Configuration Passwords history is disabled. User Guidelines • The setting is relevant to local users passwords, line passwords and enable passwords. • Password history...the day the password was defined, and not from the day the aging was defined. • After a password expires a user can login for a user is kept as long as the aging time of password changes before expiration a syslog message is defined. The number of ...
... history number • no form of passwords for another 3 times. • 10 days before a password can be reused. (Range: 1-10). Default Configuration Passwords history is disabled. User Guidelines • The setting is relevant to local users passwords, line passwords and enable passwords. • Password history...the day the password was defined, and not from the day the aging was defined. • After a password expires a user can login for a user is kept as long as the aging time of password changes before expiration a syslog message is defined. The number of ...
Command Line Interface Guide
Page 427
... lockout number • no aaa login-history file Default Configuration Enabled. Command Mode Global Configuration mode. Example The following example enables lockout of a user account after a series of this command. Command Mode Global Configuration mode. Default Configuration Lockout is locked-out. ...; Changing the authentication failures threshold does not reset the counters. Console (config)# passwords lockout 5 aaa login-history file The aaa login-history file Global Configuration mode command enables writing to local users passwords, line passwords and enable passwords. ...
... lockout number • no aaa login-history file Default Configuration Enabled. Command Mode Global Configuration mode. Example The following example enables lockout of a user account after a series of this command. Command Mode Global Configuration mode. Default Configuration Lockout is locked-out. ...; Changing the authentication failures threshold does not reset the counters. Console (config)# passwords lockout 5 aaa login-history file The aaa login-history file Global Configuration mode command enables writing to local users passwords, line passwords and enable passwords. ...