Command Line Interface Guide
Page 73
show line Displays line parameters. show hosts Displays the default domain name, a list of name server hosts, the static and the cached list of host names and addresses. show qos map ...privilege level. port-channel load-balance Displays Port-channel information. show interfaces counters Displays traffic seen by the physical interface. login Changes a login username. show lacp ethernet Displays LACP information for all configured interfaces. show ip igmp snooping interface Displays IGMP snooping configuration. exit(EXEC) Closes an active...
show line Displays line parameters. show hosts Displays the default domain name, a list of name server hosts, the static and the cached list of host names and addresses. show qos map ...privilege level. port-channel load-balance Displays Port-channel information. show interfaces counters Displays traffic seen by the physical interface. login Changes a login username. show lacp ethernet Displays LACP information for all configured interfaces. show ip igmp snooping interface Displays IGMP snooping configuration. exit(EXEC) Closes an active...
Command Line Interface Guide
Page 85
...if the authentication method is checked. Character string used to the default configuration. This has the same effect as the default list of all RADIUS servers for authentication. Syntax • aaa authentication login {default | list-name} method1 [method2...] • no authentication....this command to return to name the list of all TACACS servers for authentication. local Uses the local username database for authentication. Default Configuration The local user database is not defined. AAA Commands 85 radius Uses the list of authentication methods...
...if the authentication method is checked. Character string used to the default configuration. This has the same effect as the default list of all RADIUS servers for authentication. Syntax • aaa authentication login {default | list-name} method1 [method2...] • no authentication....this command to return to name the list of all TACACS servers for authentication. local Uses the local username database for authentication. Default Configuration The local user database is not defined. AAA Commands 85 radius Uses the list of authentication methods...
Command Line Interface Guide
Page 86
...where x is the privilege level. Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. where x is the privilege level. 86 AAA Commands Uses username "$enabx$." Uses the listed authentication methods that follow this argument as the... tacacs Source or destination Uses the enable password for authentication. Character string used to the default configuration. Uses username "$enabx$." User Guidelines • The default and optional list names created with the aaa authentication login command are used only if the...
...where x is the privilege level. Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. where x is the privilege level. 86 AAA Commands Uses username "$enabx$." Uses the listed authentication methods that follow this argument as the... tacacs Source or destination Uses the enable password for authentication. Character string used to the default configuration. Uses username "$enabx$." User Guidelines • The default and optional list names created with the aaa authentication login command are used only if the...
Command Line Interface Guide
Page 87
To ensure that the authentication algorithm tries, in the command line. • All aaa authentication enable default requests sent by the device to a RADIUS or TACACS server include the username "$enab15$". Default Configuration Uses the default set with the enable authentication command. • Create a list by the authentication login command. If no password is set...
To ensure that the authentication algorithm tries, in the command line. • All aaa authentication enable default requests sent by the device to a RADIUS or TACACS server include the username "$enab15$". Default Configuration Uses the default set with the enable authentication command. • Create a list by the authentication login command. If no password is set...
Command Line Interface Guide
Page 89
...none as the command ip http authentication local. AAA Commands 89 Specify at least one from the following example configures the http authentication. Default Configuration The local user database is checked. To ensure that the authentication succeeds even if all RADIUS servers for authentication. Console (config...mode command specifies authentication methods for https servers. Use the no form of this command to return to the default. Syntax • ip http authentication method1 [method2...] • no authentication. radius Uses the list of this command to return to ...
...none as the command ip http authentication local. AAA Commands 89 Specify at least one from the following example configures the http authentication. Default Configuration The local user database is checked. To ensure that the authentication succeeds even if all RADIUS servers for authentication. Console (config...mode command specifies authentication methods for https servers. Use the no form of this command to return to the default. Syntax • ip http authentication method1 [method2...] • no authentication. radius Uses the list of this command to return to ...
Command Line Interface Guide
Page 90
...local. Syntax • ip https authentication method1 [method2...] • no default configuration. 90 AAA Commands Uses the list of authentication are used only if ...The authentication methods Privilege EXEC mode command displays information about the authentication methods. Default Configuration The local user database is checked. Uses no authentication. Console (config... authentication radius local Console (config)# ip https authentication tacacs local show authentication methods Default Configuration This command has no ip https authentication • method1 [method2...] - ...
...local. Syntax • ip https authentication method1 [method2...] • no default configuration. 90 AAA Commands Uses the list of authentication are used only if ...The authentication methods Privilege EXEC mode command displays information about the authentication methods. Default Configuration The local user database is checked. Uses no authentication. Console (config... authentication radius local Console (config)# ip https authentication tacacs local show authentication methods Default Configuration This command has no ip https authentication • method1 [method2...] - ...
Command Line Interface Guide
Page 93
... device configuration. User Guidelines • No password is defined. Console (config)# enable password level 15 secret username The username Global Configuration mode command establishes a username-based authentication system. The name of this command. The user level. (Range: 1 -15) •... encrypted - The authentication password for this command to remove a user name. Default Configuration No user is required. Console (config)# username bob password lee level 15 AAA Commands 93 Command Mode Global Configuration mode. Example The following example sets...
... device configuration. User Guidelines • No password is defined. Console (config)# enable password level 15 secret username The username Global Configuration mode command establishes a username-based authentication system. The name of this command. The user level. (Range: 1 -15) •... encrypted - The authentication password for this command to remove a user name. Default Configuration No user is required. Console (config)# username bob password lee level 15 AAA Commands 93 Command Mode Global Configuration mode. Example The following example sets...
Command Line Interface Guide
Page 94
Example The following example displays the local users configured with access to the system. Robert 15 -- -- -- 94 AAA Commands Command Mode Privileged EXEC mode. Console# show users accounts Privileged EXEC mode command displays information about the local user database. Syntax • show users accounts Default Configuration This command has no user guidelines for this command. show users accounts The show users accounts Username Privilege Password Aging Password Expiry Date Lockout Bob 15 -- -- -- User Guidelines • There are no default configuration.
Example The following example displays the local users configured with access to the system. Robert 15 -- -- -- 94 AAA Commands Command Mode Privileged EXEC mode. Console# show users accounts Privileged EXEC mode command displays information about the local user database. Syntax • show users accounts Default Configuration This command has no user guidelines for this command. show users accounts The show users accounts Username Privilege Password Aging Password Expiry Date Lockout Bob 15 -- -- -- User Guidelines • There are no default configuration.
Command Line Interface Guide
Page 336
...to which the user belongs. (Range: Up to remove a user. The HMAC-MD5-96 authentication level. The HMAC-MD5-96 authentication level. Default Configuration No group entry exists. User Guidelines • The Router context is translated to 30 characters) • groupname - The name of ...name of DES key for authentication and generation of the group to which the user belongs. Use the no snmp-server user username [remote engineid-string ] • username - The HMAC-SHA-96 authentication level. The user should enter password. • password - Specifies the engine ID of ...
...to which the user belongs. (Range: Up to remove a user. The HMAC-MD5-96 authentication level. The HMAC-MD5-96 authentication level. Default Configuration No group entry exists. User Guidelines • The Router context is translated to 30 characters) • groupname - The name of ...name of DES key for authentication and generation of the group to which the user belongs. Use the no snmp-server user username [remote engineid-string ] • username - The HMAC-SHA-96 authentication level. The user should enter password. • password - Specifies the engine ID of ...
Command Line Interface Guide
Page 338
...of retries is 162. (Range: 1-65535) • filtername - Indicates authentication of the host. (Range:1-158 characters) • username - The host IPv4 address (the targeted recipient). • ip6-address - Indicates that SNMP traps are sent to the usage guidelines...} username [traps | informs] {noauth | auth | priv} [udp-port port] [filter filtername] [timeout seconds] [retries retries] • no authentication of a packet. • auth - If unspecified, the default UDP port number is 3. (Range: 0 - 255) Default Setting This command has no default configuration...
...of retries is 162. (Range: 1-65535) • filtername - Indicates authentication of the host. (Range:1-158 characters) • username - The host IPv4 address (the targeted recipient). • ip6-address - Indicates that SNMP traps are sent to the usage guidelines...} username [traps | informs] {noauth | auth | priv} [udp-port port] [filter filtername] [timeout seconds] [retries retries] • no authentication of a packet. • auth - If unspecified, the default UDP port number is 3. (Range: 0 - 255) Default Setting This command has no default configuration...
Command Line Interface Guide
Page 342
... Filter name TO sec Retries Version 3 notifications Target Address Type Username Security UDP Port Filter Level name System Contact: TO sec Retries System Location: console# show snmp views The show snmp views [viewname] • viewname - Range: Up to 30 characters Default Configuration There is enabled. Example The following example displays the SNMP...
... Filter name TO sec Retries Version 3 notifications Target Address Type Username Security UDP Port Filter Level name System Contact: TO sec Retries System Location: console# show snmp views The show snmp views [viewname] • viewname - Range: Up to 30 characters Default Configuration There is enabled. Example The following example displays the SNMP...
Command Line Interface Guide
Page 345
... Commands 345 User Guidelines • There are no user guidelines for this command. Range: Up to 30 character Default Configuration There is no default configuration for this command. Command Modes Privileged EXEC mode. Console # show snmp filters Name OID Tree Type user-filter...• There are no user guidelines for this command. Default Configuration There is no default configuration for this command. Command Modes Privileged EXEC mode. The name of filters use the show snmp users [username] • usernam - Syntax • show snmp users Privileged EXEC command. ...
... Commands 345 User Guidelines • There are no user guidelines for this command. Range: Up to 30 character Default Configuration There is no default configuration for this command. Command Modes Privileged EXEC mode. Console # show snmp filters Name OID Tree Type user-filter...• There are no user guidelines for this command. Default Configuration There is no default configuration for this command. Command Modes Privileged EXEC mode. The name of filters use the show snmp users [username] • usernam - Syntax • show snmp users Privileged EXEC command. ...
Command Line Interface Guide
Page 381
Default Configuration By default, there are no user-key username • username - Console(config-pubkey-chain)# user-key bob rsa Console(config-pubkey-key)# key-string row key-string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl key-string The key-string SSH Public ... • row - UU-encoded DER format is the same format in authorized_keys file used by row • key-string - Default Configuration By default, the keys do not exist. Specifies the remote SSH client username, which can be manually configured for the SSH public key chain called "bob". Specify SSH public key row by...
Default Configuration By default, there are no user-key username • username - Console(config-pubkey-chain)# user-key bob rsa Console(config-pubkey-key)# key-string row key-string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl key-string The key-string SSH Public ... • row - UU-encoded DER format is the same format in authorized_keys file used by row • key-string - Default Configuration By default, the keys do not exist. Specifies the remote SSH client username, which can be manually configured for the SSH public key chain called "bob". Specify SSH public key row by...
Command Line Interface Guide
Page 383
Default Configuration This command has no user guidelines for this command. Port: 22 RSA key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP address SSH Version username Cipher 172.16.0.1 John Brown 2.0 3 DES Auth Code ---------HMAC-SH1 The...server configuration. Example The following table describes the significant fields shown in the display: Field Description IP address Client address SSH username User name Version SSH version number Cipher Encryption type (3DES, Blowfish, RC4) Auth Code Authentication Code (HMAC-MD5, ...
Default Configuration This command has no user guidelines for this command. Port: 22 RSA key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP address SSH Version username Cipher 172.16.0.1 John Brown 2.0 3 DES Auth Code ---------HMAC-SH1 The...server configuration. Example The following table describes the significant fields shown in the display: Field Description IP address Client address SSH username User name Version SSH version number Cipher Encryption type (3DES, Blowfish, RC4) Auth Code Authentication Code (HMAC-MD5, ...
Command Line Interface Guide
Page 385
... format. Fingerprint in Bubble Babble format. • hex - If fingerprint is unspecified, it defaults to Hex format. User Guidelines • There are no default configuration. Console# show crypto key pubkey-chain ssh [username username] [fingerprint bubble-babble | hex] • username - Specifies the remote SSH client username. • bubble-babble - Console# show crypto key pubkey-chain ssh...
... format. Fingerprint in Bubble Babble format. • hex - If fingerprint is unspecified, it defaults to Hex format. User Guidelines • There are no default configuration. Console# show crypto key pubkey-chain ssh [username username] [fingerprint bubble-babble | hex] • username - Specifies the remote SSH client username. • bubble-babble - Console# show crypto key pubkey-chain ssh...
Command Line Interface Guide
Page 412
..., press Cntrl-shift-t-X 3 Enter the command show session. User Guidelines 1 Open telnet session from PC 5400 is no default configuration for this command. Default Configuration There is displayed. 4 Enter the command resume [number of sessions opened from PC 5400 to the relevant telnet session.... 412 System Management Example Console> show users Username Bob John Robert Betty Protocol Serial SSH HTTP Telnet Location 172.16...
..., press Cntrl-shift-t-X 3 Enter the command show session. User Guidelines 1 Open telnet session from PC 5400 is no default configuration for this command. Default Configuration There is displayed. 4 Enter the command resume [number of sessions opened from PC 5400 to the relevant telnet session.... 412 System Management Example Console> show users Username Bob John Robert Betty Protocol Serial SSH HTTP Telnet Location 172.16...
Command Line Interface Guide
Page 424
The name of username passwords and enables passwords. Console (config-line)# password-aging 5 passwords aging The passwords aging Global ...passwords. Example The following example configures 5 days as the aging time of line passwords. Syntax • passwords aging username name days • no passwords aging username name • passwords aging enable-password level days • no password-aging • days - Command Mode ... password expiration time use the no form of days before a password change is forced. (Range: 1-365) Default Configuration Password aging is disabled.
The name of username passwords and enables passwords. Console (config-line)# password-aging 5 passwords aging The passwords aging Global ...passwords. Example The following example configures 5 days as the aging time of line passwords. Syntax • passwords aging username name days • no passwords aging username name • passwords aging enable-password level days • no password-aging • days - Command Mode ... password expiration time use the no form of days before a password change is forced. (Range: 1-365) Default Configuration Password aging is disabled.
Command Line Interface Guide
Page 425
Console (config)# passwords aging username 40 passwords history The passwords history Global Configuration mode command configures the number of global passwords. Default Configuration Passwords history is disabled. Command Mode Global Configuration mode. Example The following example ... • no form of passwords for another 3 times. • 10 days before a password can login for a user is generated. Default Configuration Password aging is disabled. User Guidelines • The setting is relevant to local users passwords, line passwords and enable passwords. •...
Console (config)# passwords aging username 40 passwords history The passwords history Global Configuration mode command configures the number of global passwords. Default Configuration Passwords history is disabled. Command Mode Global Configuration mode. Example The following example ... • no form of passwords for another 3 times. • 10 days before a password can login for a user is generated. Default Configuration Password aging is disabled. User Guidelines • The setting is relevant to local users passwords, line passwords and enable passwords. •...
Command Line Interface Guide
Page 427
...out for access from local console. • A user that has privilege level 15 can release accounts that are locked out by using the set username active, 'set enable-password active' and 'set line active' privileged EXEC commands. • Disabling lockout unlocks all users. • Re-enabling...Global Configuration mode. TIC Commands 427 The number of five failures. To disable writing to the file use the no aaa login-history file Default Configuration Enabled. User Guidelines • The setting is relevant to login history file. Example The following example enables lockout of a user ...
...out for access from local console. • A user that has privilege level 15 can release accounts that are locked out by using the set username active, 'set enable-password active' and 'set line active' privileged EXEC commands. • Disabling lockout unlocks all users. • Re-enabling...Global Configuration mode. TIC Commands 427 The number of five failures. To disable writing to the file use the no aaa login-history file Default Configuration Enabled. User Guidelines • The setting is relevant to login history file. Example The following example enables lockout of a user ...
Command Line Interface Guide
Page 428
... history is still kept in the device internal buffer. The user name. (Range 1 - 20 characters) Default Configuration This command has no default configuration. 428 TIC Commands Command Mode Privileged EXEC mode. Virtual terminal for secured remote console access (SSH). Virtual... terminal for remote console access (Telnet). • ssh - Example The following example reactivates a locked out user account for Bob. Syntax • set username...
... history is still kept in the device internal buffer. The user name. (Range 1 - 20 characters) Default Configuration This command has no default configuration. 428 TIC Commands Command Mode Privileged EXEC mode. Virtual terminal for secured remote console access (SSH). Virtual... terminal for remote console access (Telnet). • ssh - Example The following example reactivates a locked out user account for Bob. Syntax • set username...