Command Line Interface Guide
Page 3
Contents 1 Command Groups 55 Introduction 55 Command Groups 55 Layer 2 Commands 61 2 Using the CLI 135 135 Introduction 135 Entering and Editing CLI Commands 135 CLI Command Modes 141 3 Layer 2 Commands 187 Introduction 187 4 AAA Commands 188 aaa authentication enable 190 aaa authentication login 191 aaa authorization network default radius 193 Contents 3
Contents 1 Command Groups 55 Introduction 55 Command Groups 55 Layer 2 Commands 61 2 Using the CLI 135 135 Introduction 135 Entering and Editing CLI Commands 135 CLI Command Modes 141 3 Layer 2 Commands 187 Introduction 187 4 AAA Commands 188 aaa authentication enable 190 aaa authentication login 191 aaa authorization network default radius 193 Contents 3
Command Line Interface Guide
Page 61
... EXEC • VLAN - VLAN Configuration • v6ACL - enable password Sets a local password to control access to accept VLAN assignment GC default radius by the RADIUS server. GC login authentication Specifies the login authentication method list LC for use on a line. aaa authentication enable Defines authentication method lists for http. IPv6 Access List Configuration... running IEEE 802.1X. TACACS Configuration • UE - LC Command Groups 61 SSH Public Key-chain • TC - SSH Public Key • SK - aaa authentication login Defines login authentication.
... EXEC • VLAN - VLAN Configuration • v6ACL - enable password Sets a local password to control access to accept VLAN assignment GC default radius by the RADIUS server. GC login authentication Specifies the login authentication method list LC for use on a line. aaa authentication enable Defines authentication method lists for http. IPv6 Access List Configuration... running IEEE 802.1X. TACACS Configuration • UE - LC Command Groups 61 SSH Public Key-chain • TC - SSH Public Key • SK - aaa authentication login Defines login authentication.
Command Line Interface Guide
Page 155
...used . The wizard requires the use the local authentication setting only, which allows user account access via these management interfaces. During a subsequent login, the user may return later to add to skip this step if SNMP management is given a chance to save his configuration, any ...items instead of the community string. Once the wizard has established configuration, however, the wizard is offered for the user to the factory default settings. When the user chooses to restart the wizard, any restart of quotation marks when the user wants to the CLI. SNMPv3 is...
...used . The wizard requires the use the local authentication setting only, which allows user account access via these management interfaces. During a subsequent login, the user may return later to add to skip this step if SNMP management is given a chance to save his configuration, any ...items instead of the community string. Once the wizard has established configuration, however, the wizard is offered for the user to the factory default settings. When the user chooses to restart the wizard, any restart of quotation marks when the user wants to the CLI. SNMPv3 is...
Command Line Interface Guide
Page 160
... name: admin Please enter the user password: ******** Please reenter the user password: ******** Step 3: Next, an IP address is used to login to the CLI and Web interface. Optionally you may setup other accounts and change privilege levels later. You may request that the system automatically ... 192.168.2.1 Step 2: Now we need to access the CLI, Web interface, or SNMP interface for the switch. For more information on the default VLAN (VLAN #1), of the Management System (A.B.C.D) or wildcard (0.0.0.0) to manage from the network via DHCP (this requires that you use to setup your...
... name: admin Please enter the user password: ******** Please reenter the user password: ******** Step 3: Next, an IP address is used to login to the CLI and Web interface. Optionally you may setup other accounts and change privilege levels later. You may request that the system automatically ... 192.168.2.1 Step 2: Now we need to access the CLI, Web interface, or SNMP interface for the switch. For more information on the default VLAN (VLAN #1), of the Management System (A.B.C.D) or wildcard (0.0.0.0) to manage from the network via DHCP (this requires that you use to setup your...
Command Line Interface Guide
Page 162
...Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch configuration, and gets you like to run the setup wizard within 60 seconds)? [Y/N] y Step 1: The system is used to login to setup your initial privilege (Level 15) user account. To manage the switch using the default... system configuration.Note: You can exit the setup wizard at any point by default. For more information on setting up the initial SNMP ...
...Dell Easy Setup Wizard The Setup Wizard guides you through the initial switch configuration, and gets you like to run the setup wizard within 60 seconds)? [Y/N] y Step 1: The system is used to login to setup your initial privilege (Level 15) user account. To manage the switch using the default... system configuration.Note: You can exit the setup wizard at any point by default. For more information on setting up the initial SNMP ...
Command Line Interface Guide
Page 188
... explains the following commands: • aaa authentication dot1x • aaa authentication enable • aaa authentication login • aaa authorization network default radius • enable authentication • enable password • ip http authentication • ip https authentication • login authentication • password (Line Configuration) • password (User EXEC) • show authentication methods • show...
... explains the following commands: • aaa authentication dot1x • aaa authentication enable • aaa authentication login • aaa authorization network default radius • enable authentication • enable password • ip http authentication • ip https authentication • login authentication • password (Line Configuration) • password (User EXEC) • show authentication methods • show...
Command Line Interface Guide
Page 189
... return an error, specify none as the final method in Global Configuration mode to create an authentication login list. console(config)# aaa authentication dot1x default none AAA Commands 189 Syntax aaa authentication dot1x default method1 no authentication Default Configuration No authentication method is defined. Example The following table: Keyword radius none Description Uses the...
... return an error, specify none as the final method in Global Configuration mode to create an authentication login list. console(config)# aaa authentication dot1x default none AAA Commands 189 Syntax aaa authentication dot1x default method1 no authentication Default Configuration No authentication method is defined. Example The following table: Keyword radius none Description Uses the...
Command Line Interface Guide
Page 191
...succeeds even if all methods return an error, specify none as an authentication method after radius, no aaa authentication login {default|list-name} • default - The additional methods of authentication are used if the RADIUS server is now sent to TACACS+ servers for ...a user logs in the command line. console(config)# aaa authentication enable default enable aaa authentication login Use the aaa authentication login command in Global Configuration mode to them. Syntax aaa authentication login {default|list-name} method1 [method2...] no authentication is used only if the ...
...succeeds even if all methods return an error, specify none as an authentication method after radius, no aaa authentication login {default|list-name} • default - The additional methods of authentication are used if the RADIUS server is now sent to TACACS+ servers for ...a user logs in the command line. console(config)# aaa authentication enable default enable aaa authentication login Use the aaa authentication login command in Global Configuration mode to them. Syntax aaa authentication login {default|list-name} method1 [method2...] no authentication is used only if the ...
Command Line Interface Guide
Page 192
...is any character string used to name this list. Command Mode Global Configuration mode User Guidelines The default and optional list names created with the login authentication command. The additional methods of all TACACS+ servers for authentication. Uses the local username database...authentication failure. "defaultList" is used with the aaa authentication login command are "defaultList" and "networkList." For example, if none is specified as the final method in the given sequence. Default Configuration The default login lists are used by the console and only contains the ...
...is any character string used to name this list. Command Mode Global Configuration mode User Guidelines The default and optional list names created with the login authentication command. The additional methods of all TACACS+ servers for authentication. Uses the local username database...authentication failure. "defaultList" is used with the aaa authentication login command are "defaultList" and "networkList." For example, if none is specified as the final method in the given sequence. Default Configuration The default login lists are used by the console and only contains the ...
Command Line Interface Guide
Page 193
...enables RADIUS-assigned VLANs. Name of the authorization method Default Configuration By default, the switch does not accept VLAN assignments by the RADIUS server. console(config)#aaa authorization network default radius AAA Commands 193 VLAN assignment must be configured ...Syntax aaa authorization network default radius no aaa authorization network default radius • default - Name of the authentication. console(config)# aaa authentication login default radius local enable none aaa authorization network default radius Use the aaa authorization network default radius command in ...
...enables RADIUS-assigned VLANs. Name of the authorization method Default Configuration By default, the switch does not accept VLAN assignments by the RADIUS server. console(config)#aaa authorization network default radius AAA Commands 193 VLAN assignment must be configured ...Syntax aaa authorization network default radius no aaa authorization network default radius • default - Name of the authentication. console(config)# aaa authentication login default radius local enable none aaa authorization network default radius Use the aaa authorization network default radius command in ...
Command Line Interface Guide
Page 197
...returns an error, not if it fails. If none is checked. Syntax login authentication {default|list-name} AAA Commands 197 • method1 [method2...] - To return to specify the login authentication method list for authentication. Specify at least one from the following ...example configures https authentication. Default Configuration The local user database is specified as the command ip https authentication ...
...returns an error, not if it fails. If none is checked. Syntax login authentication {default|list-name} AAA Commands 197 • method1 [method2...] - To return to specify the login authentication method list for authentication. Specify at least one from the following ...example configures https authentication. Default Configuration The local user database is specified as the command ip https authentication ...
Command Line Interface Guide
Page 198
... this level. (Range: 8- 64 characters) • encrypted - Password for a console. Uses the default list created with the command aaa authentication login. Command Mode Line Configuration mode User Guidelines This command has no login authentication • default - Example The following example specifies the default authentication method for this command. console(config)# line console console(config-line...
... this level. (Range: 8- 64 characters) • encrypted - Password for a console. Uses the default list created with the command aaa authentication login. Command Mode Line Configuration mode User Guidelines This command has no login authentication • default - Example The following example specifies the default authentication method for this command. console(config)# line console console(config-line...
Command Line Interface Guide
Page 200
... about the authentication methods. Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. console>password Enter old password:******** Enter new password:******** Confirm new password:******** show authentication methods Use the show authentication methods Login Authentication Method Lists defaultList : local Enable Authentication Method Lists 200 AAA Commands Syntax show authentication...
... about the authentication methods. Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. console>password Enter old password:******** Enter new password:******** Confirm new password:******** show authentication methods Use the show authentication methods Login Authentication Method Lists defaultList : local Enable Authentication Method Lists 200 AAA Commands Syntax show authentication...
Command Line Interface Guide
Page 201
AAA Commands 201 Syntax show users accounts command in Privileged EXEC mode to display information about the local user database. Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. enableList : local Line Login Method List Console defaultList Telnet defaultList SSH defaultList Enable Method List enableList enableList enableList HTTPS HTTP DOT1X :local :local :none show users accounts Use the show users accounts [long] Default Configuration This command has no user guidelines.
AAA Commands 201 Syntax show users accounts command in Privileged EXEC mode to display information about the local user database. Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. enableList : local Line Login Method List Console defaultList Telnet defaultList SSH defaultList Enable Method List enableList enableList enableList HTTPS HTTP DOT1X :local :local :none show users accounts Use the show users accounts [long] Default Configuration This command has no user guidelines.
Command Line Interface Guide
Page 202
... information about the login history of user. (Range: 1-20 characters) Default Configuration This command has no user guidelines. console#show users login-history command in Global Configuration mode to display information about the local user database. False show users login-history Use the ...show users accounts UserName Lockout Privilege Password Password Aging Expiry date admin 15 --- --- Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. name of users. Example The...
... information about the login history of user. (Range: 1-20 characters) Default Configuration This command has no user guidelines. console#show users login-history command in Global Configuration mode to display information about the local user database. False show users login-history Use the ...show users accounts UserName Lockout Privilege Password Password Aging Expiry date admin 15 --- --- Command Mode Privileged EXEC mode User Guidelines This command has no default configuration. name of users. Example The...
Command Line Interface Guide
Page 203
... for the user. (Range: 8-64 characters. The user level. Default Configuration No user name is 1. The default privilege level is defined. Level 0 can be assigned by a level 15 user to another switch configuration. The name of this command. console#show users login-history Login Time Username Protocol Location Jan 19 2005 08:23:48...
... for the user. (Range: 8-64 characters. The user level. Default Configuration No user name is 1. The default privilege level is defined. Level 0 can be assigned by a level 15 user to another switch configuration. The name of this command. console#show users login-history Login Time Username Protocol Location Jan 19 2005 08:23:48...
Command Line Interface Guide
Page 520
Default Configuration The default variable setting is all . console(config)#radius-server host 192.143.120.123 console(config-radius)#usage login 520 RADIUS Commands Example The following example specifies the timeout setting for the designated Radius Server. Variable can be one of the server.... • type - Command Mode Radius mode User Guidelines User must enter the mode corresponding to specify the usage type of the following values: login, 802.1x or all . console(config)#radius-server host 192.143.120.123 console(config-radius)#timeout 20 usage Use the usage command in ...
Default Configuration The default variable setting is all . console(config)#radius-server host 192.143.120.123 console(config-radius)#usage login 520 RADIUS Commands Example The following example specifies the timeout setting for the designated Radius Server. Variable can be one of the server.... • type - Command Mode Radius mode User Guidelines User must enter the mode corresponding to specify the usage type of the following values: login, 802.1x or all . console(config)#radius-server host 192.143.120.123 console(config-radius)#timeout 20 usage Use the usage command in ...
Command Line Interface Guide
Page 1202
... the display of debug trace commands 1202 Serviceability Tracing Packet Commands Syntax debug clear Default Configuration There is executed. Debug console display must be enabled in which it is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are ...no usage guidelines for this command. The output of "debug" trace output on the login session in order to disable all debug traces....
... the display of debug trace commands 1202 Serviceability Tracing Packet Commands Syntax debug clear Default Configuration There is executed. Debug console display must be enabled in which it is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are ...no usage guidelines for this command. The output of "debug" trace output on the login session in order to disable all debug traces....
Command Line Interface Guide
Page 1203
...the debug dot1x command to disable dot1x packet tracing. Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ] Default Configuration Display of this command to enable dot1x packet tracing. User Guidelines There are no " form of dot1x traces is disabled by... default. The configuration of this command remains in effect for the life of this command is not persistent across resets. The effect of the login session. Command Mode Privileged EXEC mode. Use the "no usage guidelines ...
...the debug dot1x command to disable dot1x packet tracing. Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ] Default Configuration Display of this command to enable dot1x packet tracing. User Guidelines There are no " form of dot1x traces is disabled by... default. The configuration of this command remains in effect for the life of this command is not persistent across resets. The effect of the login session. Command Mode Privileged EXEC mode. Use the "no usage guidelines ...
Configuration Guide
Page 106
...+) 802.1x Network Access Control Examples This section contains examples of the CLI commands used for communicating with the 802.1x default login. 802.1x port based access control is enabled for Authentication This example configures a single RADIUS server used to configure 802....server and protected network resources are located. 106 Device Security Additionally, there exists a third role: • Authentication server - The PowerConnect 6200 Series switch supports the authenticator role only, in order to restrict access to publicly accessible bridge ports or departmental LANs. The...
...+) 802.1x Network Access Control Examples This section contains examples of the CLI commands used for communicating with the 802.1x default login. 802.1x port based access control is enabled for Authentication This example configures a single RADIUS server used to configure 802....server and protected network resources are located. 106 Device Security Additionally, there exists a third role: • Authentication server - The PowerConnect 6200 Series switch supports the authenticator role only, in order to restrict access to publicly accessible bridge ports or departmental LANs. The...