Command Line Interface Guide
Page 4
enable authentication 194 enable password 194 ip http authentication 195 ip https authentication 196 login authentication 197 password (Line Configuration 198 password (User EXEC 199 show authentication methods 200 show users accounts 201 show users login-history 202 username 203 5 ACL Commands 205 deny | permit 207 ip access-group 209 no ip access-group 209 mac access-group 210 mac access-list extended 211 mac access-list extended rename 212 show ip access-lists 213 show mac access-list 214 4 Contents
enable authentication 194 enable password 194 ip http authentication 195 ip https authentication 196 login authentication 197 password (Line Configuration 198 password (User EXEC 199 show authentication methods 200 show users accounts 201 show users login-history 202 username 203 5 ACL Commands 205 deny | permit 207 ip access-group 209 no ip access-group 209 mac access-group 210 mac access-list extended 211 mac access-list extended rename 212 show ip access-lists 213 show mac access-list 214 4 Contents
Command Line Interface Guide
Page 62
... interface or a group of each Mode abbreviation, see "Mode Types" on page 60. Displays an Access Control List (ACL) and all PE of PE users username Establishes a username-based authentication GC system. IC Creates the MAC Access Control List (ACL) GC identified by the parameter accesslistnumber.
... interface or a group of each Mode abbreviation, see "Mode Types" on page 60. Displays an Access Control List (ACL) and all PE of PE users username Establishes a username-based authentication GC system. IC Creates the MAC Access Control List (ACL) GC identified by the parameter accesslistnumber.
Command Line Interface Guide
Page 188
... • login authentication • password (Line Configuration) • password (User EXEC) • show authentication methods • show users accounts • show users login-history • username 188 AAA Commands
... • login authentication • password (Line Configuration) • password (User EXEC) • show authentication methods • show users accounts • show users login-history • username 188 AAA Commands
Command Line Interface Guide
Page 191
..., not if it fails. To ensure that follow this command. A level one user if no form of authentication are used to a RADIUS server include the username "$enabx$", where x is down. The additional methods of this argument as the default list of authentication methods activated when a user logs in the command line...
..., not if it fails. To ensure that follow this command. A level one user if no form of authentication are used to a RADIUS server include the username "$enabx$", where x is down. The additional methods of this argument as the default list of authentication methods activated when a user logs in the command line...
Command Line Interface Guide
Page 192
...." • method1 [method2...] - Command Mode Global Configuration mode User Guidelines The default and optional list names created with the login authentication command. Uses the local username database for authentication. Uses the list of methods that the authentication succeeds even if all methods return an error, specify none as an authentication method...
...." • method1 [method2...] - Command Mode Global Configuration mode User Guidelines The default and optional list names created with the login authentication command. Uses the local username database for authentication. Uses the list of methods that the authentication succeeds even if all methods return an error, specify none as an authentication method...
Command Line Interface Guide
Page 196
... The additional methods of this command. Uses no ip https authentication 196 AAA Commands Keyword local none radius tacacs Source or destination Uses the local username database for authentication.
... The additional methods of this command. Uses no ip https authentication 196 AAA Commands Keyword local none radius tacacs Source or destination Uses the local username database for authentication.
Command Line Interface Guide
Page 197
... the login authentication method list for authentication. • method1 [method2...] - Example The following table: Keyword local none radius tacacs Source or destination Uses the local username database for authentication. Uses the list of all TACACS+ servers for a line (console, telnet, or SSH). console(config)# ip https authentication radius local login authentication...
... the login authentication method list for authentication. • method1 [method2...] - Example The following table: Keyword local none radius tacacs Source or destination Uses the local username database for authentication. Uses the list of all TACACS+ servers for a line (console, telnet, or SSH). console(config)# ip https authentication radius local login authentication...
Command Line Interface Guide
Page 202
console#show users login-history [long] • name - Syntax show users accounts UserName Lockout Privilege Password Password Aging Expiry date admin 15 --- --- False show users login-history Use the show user login history outputs. 202 AAA Commands Command ...
console#show users login-history [long] • name - Syntax show users accounts UserName Lockout Privilege Password Password Aging Expiry date admin 15 --- --- False show users login-history Use the show user login history outputs. 202 AAA Commands Command ...
Command Line Interface Guide
Page 203
... to suspend that user's access. (Range: 0-15) • encrypted - The authentication password for the user. (Range: 8-64 characters. AAA Commands 203 Syntax username name password password [level level] [encrypted] no form of the user. (Range: 1-20 characters) • password - Default Configuration No user name is 1.... user to the local users database. The user level. The default privilege level is defined. console#show users login-history Login Time Username Protocol Location Jan 19 2005 08:23:48 Bob Serial Jan 19 2005 08:29:29 Robert HTTP 172.16.0.8 Jan 19 2005...
... to suspend that user's access. (Range: 0-15) • encrypted - The authentication password for the user. (Range: 8-64 characters. AAA Commands 203 Syntax username name password password [level level] [encrypted] no form of the user. (Range: 1-20 characters) • password - Default Configuration No user name is 1.... user to the local users database. The user level. The default privilege level is defined. console#show users login-history Login Time Username Protocol Location Jan 19 2005 08:23:48 Bob Serial Jan 19 2005 08:29:29 Robert HTTP 172.16.0.8 Jan 19 2005...
Command Line Interface Guide
Page 204
Command Mode Global Configuration mode User Guidelines This command can be used to unlock a locked user account for an already existing user. console(config)# username bob password xxxyyymmmm level 15 204 AAA Commands Example The following example configures user "bob" with password "xxxyyymmmm" and user level 15.
Command Mode Global Configuration mode User Guidelines This command can be used to unlock a locked user account for an already existing user. console(config)# username bob password xxxyyymmmm level 15 204 AAA Commands Example The following example configures user "bob" with password "xxxyyymmmm" and user level 15.
Command Line Interface Guide
Page 632
...of the current user. Field Port Admin mode Oper mode Reauth Control Reauth Period Username Quiet period Transmit period Maximum Requests Max Users VLAN Assigned Description The port number. The username representing the identity of times that the switch sends an Extensible Authentication Protocol (...invalid password). If the port is blank. 632 802.1x Commands The maximum number of the Supplicant. This field shows the username when the port control is received) to an Extensible Authentication Protocol (EAP)-request/identity frame from the client before restarting the ...
...of the current user. Field Port Admin mode Oper mode Reauth Control Reauth Period Username Quiet period Transmit period Maximum Requests Max Users VLAN Assigned Description The port number. The username representing the identity of times that the switch sends an Extensible Authentication Protocol (...invalid password). If the port is blank. 632 802.1x Commands The maximum number of the Supplicant. This field shows the username when the port control is received) to an Extensible Authentication Protocol (EAP)-request/identity frame from the client before restarting the ...
Command Line Interface Guide
Page 635
...and client. to accept a VLAN name as an alternative to 0. Specifies a valid interface number. The full syntax is unauthorized it shows the username of MAC Authentication Bypass. If the port is unit/port 802.1x Commands 635 Syntax show the status of the current user. When VLAN ... dot1x ethernet The show dot1x ethernet command has been modified to the client by the radius server. The username representing the identity of time, in the display: Field Interface Username Supp MAC Address Session Time Filter-ID VLAN Assigned Description The port number. The MAC-address of the ...
...and client. to accept a VLAN name as an alternative to 0. Specifies a valid interface number. The full syntax is unauthorized it shows the username of MAC Authentication Bypass. If the port is unit/port 802.1x Commands 635 Syntax show the status of the current user. When VLAN ... dot1x ethernet The show dot1x ethernet command has been modified to the client by the radius server. The username representing the identity of time, in the display: Field Interface Username Supp MAC Address Session Time Filter-ID VLAN Assigned Description The port number. The MAC-address of the ...
Command Line Interface Guide
Page 639
The source MAC address carried in the most recently received EAPOL frame. Supplicant username (Range: 1-160 characters) Default Configuration This command has no user guidelines. Example The following example displays 802.1x users. Field ...LastEapolFrameSource Description The protocol version number carried in the most recently received EAPOL frame. show dot1x users Use the show dot1x users [username username] • username - Syntax show dot1x users command in Privileged EXEC mode to display 802.1x authenticated users for the switch. console#show dot1x users ...
The source MAC address carried in the most recently received EAPOL frame. Supplicant username (Range: 1-160 characters) Default Configuration This command has no user guidelines. Example The following example displays 802.1x users. Field ...LastEapolFrameSource Description The protocol version number carried in the most recently received EAPOL frame. show dot1x users Use the show dot1x users [username username] • username - Syntax show dot1x users command in Privileged EXEC mode to display 802.1x authenticated users for the switch. console#show dot1x users ...
Command Line Interface Guide
Page 640
... Configure the guest VLAN before using . 802.1x Advanced Features dot1x guest-vlan Use the dot1x guest-vlan command in the display: Field Username Port Description The username representing the identity of a valid VLAN to use as the guest VLAN (Range: 0- 4093). The port that the user is disabled... on the interface by default. The ID of the Supplicant. The no dot1x guest-vlan • vlan-id - Port Username 1/g1 Bob The following table describes the significant fields shown in Interface Configuration mode to set the guest VLAN on a port. The VLAN must...
... Configure the guest VLAN before using . 802.1x Advanced Features dot1x guest-vlan Use the dot1x guest-vlan command in the display: Field Username Port Description The username representing the identity of a valid VLAN to use as the guest VLAN (Range: 0- 4093). The port that the user is disabled... on the interface by default. The ID of the Supplicant. The no dot1x guest-vlan • vlan-id - Port Username 1/g1 Bob The following table describes the significant fields shown in Interface Configuration mode to set the guest VLAN on a port. The VLAN must...
Command Line Interface Guide
Page 1113
...; filepath - console#clear config copy Use the copy command in Privileged EXEC mode to copy files from a source to the file on the server. • username - The URL or reserved keyword of the destination file. (Range: 1-160 characters.) • ipaddr - The path to a destination. Example The following table... following example restores the switch to its default configuration. Syntax copy source-url destination-url {xmodem | tftp://ipaddr/filepath/filename | sftp|scp://username@ipaddr/filepath/filename | hostname | copy ftp ftp://ipaddr/filepath/filename image} • source-url -
...; filepath - console#clear config copy Use the copy command in Privileged EXEC mode to copy files from a source to the file on the server. • username - The URL or reserved keyword of the destination file. (Range: 1-160 characters.) • ipaddr - The path to a destination. Example The following table... following example restores the switch to its default configuration. Syntax copy source-url destination-url {xmodem | tftp://ipaddr/filepath/filename | sftp|scp://username@ipaddr/filepath/filename | hostname | copy ftp ftp://ipaddr/filepath/filename image} • source-url -
Command Line Interface Guide
Page 1128
11 : exit 12 : ip address dhcp 13 : ip address vlan 1001 14 : interface vlan 3 15 : routing 16 : exit 17 : username "lvl7" password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 : ! 19 : interface ethernet 1/g17 20 : switchport mode general 21 : switchport general pvid 1001 22 : no switchport general acceptable-...
11 : exit 12 : ip address dhcp 13 : ip address vlan 1001 14 : interface vlan 3 15 : routing 16 : exit 17 : username "lvl7" password fb3604df5a109405b2d79ecb06c47ab5 level 15 encrypted 18 : ! 19 : interface ethernet 1/g17 20 : switchport mode general 21 : switchport general pvid 1001 22 : no switchport general acceptable-...
Command Line Interface Guide
Page 1235
... name Sec 192.122.173.42 Trap public 2 162 filt1 15 3 192.122.173.42 Inform public 2 162 filt2 15 3 Version 3 notifications Target Address Type Username Security UDP Filter TO Retries Level Port name Sec 192.122.173.42 Inform Bob 3 Priv 162 filt31 15 System Contact: Robert System Location: Marketing...
... name Sec 192.122.173.42 Trap public 2 162 filt1 15 3 192.122.173.42 Inform public 2 162 filt2 15 3 Version 3 notifications Target Address Type Username Security UDP Filter TO Retries Level Port name Sec 192.122.173.42 Inform Bob 3 Priv 162 filt31 15 System Contact: Robert System Location: Marketing...
Command Line Interface Guide
Page 1239
show snmp users Use the show snmp users [username] • username - Syntax show snmp users Privileged EXEC command to display the configuration of users. user-group "" V3 Auth-Priv Default "" The following table contains field descriptions. ...
show snmp users Use the show snmp users [username] • username - Syntax show snmp users Privileged EXEC command to display the configuration of users. user-group "" V3 Auth-Priv Default "" The following table contains field descriptions. ...
Command Line Interface Guide
Page 1257
To delete a user, use the no snmp-server user username • username - Syntax snmp-server user username groupname [remote engineid-string] [ { authmd5 password | auth-sha password | auth-md5-key md5-key | auth-sha-key sha-key } [priv-des password | priv-des-key ...
To delete a user, use the no snmp-server user username • username - Syntax snmp-server user username groupname [remote engineid-string] [ { authmd5 password | auth-sha password | auth-md5-key md5-key | auth-sha-key sha-key } [priv-des password | priv-des-key ...
Command Line Interface Guide
Page 1260
... it • priv - This is not allowed for this command. Specifies the IPv4 address of the host. (Range: 1-158 characters.) • username - Indicates that is not allowed for hosts configured to this host. • noauth - If unspecified, does not filter anything. (Range: 1-30 ...the filter that SNMP traps are sent to send traps. To remove the specified host, use . Syntax snmp-server v3-host {ip-address | hostname} username {traps | informs} [noauth | auth | priv] [timeout seconds] [retries retries] [udpport port] [filter filtername] no form of Simple Network Management...
... it • priv - This is not allowed for this command. Specifies the IPv4 address of the host. (Range: 1-158 characters.) • username - Indicates that is not allowed for hosts configured to this host. • noauth - If unspecified, does not filter anything. (Range: 1-30 ...the filter that SNMP traps are sent to send traps. To remove the specified host, use . Syntax snmp-server v3-host {ip-address | hostname} username {traps | informs} [noauth | auth | priv] [timeout seconds] [retries retries] [udpport port] [filter filtername] no form of Simple Network Management...