CLI Reference Guide
Page 4
3 Layer 2 Switching Commands 243 4 AAA Commands 245 TACACS+ Accounting 246 Commands in this Chapter 247 aaa authentication dot1x default 248 aaa authentication enable 249 aaa authentication login 251 aaa authorization 252 aaa authorization network default radius 255 aaa ias-user username 255 aaa new-model 256 clear (IAS 257 authorization 258 enable authentication 259 enable password 260 ip http authentication 261 ip https authentication 262 login authentication 263 password (aaa IAS User Configuration 264 password (Line Configuration 265 Contents 4
3 Layer 2 Switching Commands 243 4 AAA Commands 245 TACACS+ Accounting 246 Commands in this Chapter 247 aaa authentication dot1x default 248 aaa authentication enable 249 aaa authentication login 251 aaa authorization 252 aaa authorization network default radius 255 aaa ias-user username 255 aaa new-model 256 clear (IAS 257 authorization 258 enable authentication 259 enable password 260 ip http authentication 261 ip https authentication 262 login authentication 263 password (aaa IAS User Configuration 264 password (Line Configuration 265 Contents 4
CLI Reference Guide
Page 72
show nsf 1670 show power-usage-history 1671 show process cpu 1673 show sessions 1675 show slot 1676 show supported cardtype 1677 show supported switchtype 1679 show switch 1681 show system 1689 show system fan 1691 show system id 1692 show system power 1693 show system temperature 1694 show tech-support 1695 show users 1697 show version 1699 stack 1699 stack-port 1700 standby 1701 switch renumber 1702 telnet 1703 Contents 72
show nsf 1670 show power-usage-history 1671 show process cpu 1673 show sessions 1675 show slot 1676 show supported cardtype 1677 show supported switchtype 1679 show switch 1681 show system 1689 show system fan 1691 show system id 1692 show system power 1693 show system temperature 1694 show tech-support 1695 show users 1697 show version 1699 stack 1699 stack-port 1700 standby 1701 switch renumber 1702 telnet 1703 Contents 72
CLI Reference Guide
Page 73
traceroute 1706 82 Telnet Server Commands 1709 Telnet Client Behaviors 1709 Commands in this Chapter 1712 ip telnet server disable 1712 ip telnet port 1713 show ip telnet 1713 83 Terminal Length Commands 1715 terminal length 1715 84 Time Ranges Commands 1717 time-range 1717 absolute 1718 periodic 1719 show time-range 1721 85 USB Flash Drive Commands 1725 Validation of Files Downloaded/Uploaded from USB Device 1725 Validation for Files Uploaded from Switch to USB Flash Drive 1726 Downloading and Uploading of Files 1726 Contents 73
traceroute 1706 82 Telnet Server Commands 1709 Telnet Client Behaviors 1709 Commands in this Chapter 1712 ip telnet server disable 1712 ip telnet port 1713 show ip telnet 1713 83 Terminal Length Commands 1715 terminal length 1715 84 Time Ranges Commands 1717 time-range 1717 absolute 1718 periodic 1719 show time-range 1721 85 USB Flash Drive Commands 1725 Validation of Files Downloaded/Uploaded from USB Device 1725 Validation for Files Uploaded from Switch to USB Flash Drive 1726 Downloading and Uploading of Files 1726 Contents 73
CLI Reference Guide
Page 77
1 Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through a Telnet/SSH session. The CLI is described in the User's Guide and must be accessed from the CLI, which is structured, ... the CLI is based solely on textual input and output with commands being entered by entering commands from a console terminal connected to a user upon authentication. A switch can be configured and maintained by a terminal keyboard and the output displayed as text via a terminal monitor. Command Groups The system commands can be broken...
1 Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through a Telnet/SSH session. The CLI is described in the User's Guide and must be accessed from the CLI, which is structured, ... the CLI is based solely on textual input and output with commands being entered by entering commands from a console terminal connected to a user upon authentication. A switch can be configured and maintained by a terminal keyboard and the output displayed as text via a terminal monitor. Command Groups The system commands can be broken...
CLI Reference Guide
Page 78
LLDP Configures and displays LLDP information. Port Monitor Monitors activity on a switch. Command Groups 78 DHCP Management Interface Configures DHCP snooping and whether an interface is trusted for IPv6. Ethernet ...displays IPv6 Snooping Querier information. CDP Interoperability Configures Cisco® Discovery Protocol (CDP). IP Addressing Configures and manages IP addresses on the switch. iSCSI Optimization Configures special QoS treatment for rejection of invalid and malicious ARP packets. Table 1-1. Address Table Configures bridging address tables. ...
LLDP Configures and displays LLDP information. Port Monitor Monitors activity on a switch. Command Groups 78 DHCP Management Interface Configures DHCP snooping and whether an interface is trusted for IPv6. Ethernet ...displays IPv6 Snooping Querier information. CDP Interoperability Configures Cisco® Discovery Protocol (CDP). IP Addressing Configures and manages IP addresses on the switch. iSCSI Optimization Configures special QoS treatment for rejection of invalid and malicious ARP packets. Table 1-1. Address Table Configures bridging address tables. ...
CLI Reference Guide
Page 80
... management access-list information. Configures sFlow monitoring. Configures SNMP communities, traps and displays SNMP information. Blocks clients from accessing network until user verification is not found. Configures the console, SSH, and remote Telnet connection. Command Groups 80 Provides password.... Configures PoE and displays PoE information. Controls virtual LAN routing. Automatically configures switch when a configuration file is established. Configures the system clock. Manages the switch configuration files. Diagnoses and displays the interface status.
... management access-list information. Configures sFlow monitoring. Configures SNMP communities, traps and displays SNMP information. Blocks clients from accessing network until user verification is not found. Configures the console, SSH, and remote Telnet connection. Command Groups 80 Provides password.... Configures PoE and displays PoE information. Controls virtual LAN routing. Automatically configures switch when a configuration file is established. Configures the system clock. Manages the switch configuration files. Diagnoses and displays the interface status.
CLI Reference Guide
Page 81
...• CC - Captive Portal Instance • CMC - Interface Range • KC - Line Configuration • LD - Configures web-based access to the switch. Class-Map Configuration • DP - Key Chain • KE - Link Dependency Command Groups 81 Table 1-1. Administrative Profile Configuration • ARPA - Crypto... service on the following pages use these abbreviations for entering CLI commands. Key • L - Configures the switch clock, name and authorized users. IAS User Configuration • APC - Global Configuration • IC - Mode Types The tables on the...
...• CC - Captive Portal Instance • CMC - Interface Range • KC - Line Configuration • LD - Configures web-based access to the switch. Class-Map Configuration • DP - Key Chain • KE - Link Dependency Command Groups 81 Table 1-1. Administrative Profile Configuration • ARPA - Crypto... service on the following pages use these abbreviations for entering CLI commands. Key • L - Configures the switch clock, name and authorized users. IAS User Configuration • APC - Global Configuration • IC - Mode Types The tables on the...
CLI Reference Guide
Page 83
GC Enables the switch to aa user config mode. Also GC changes the mode to accept VLAN assignment GC by the RADIUS server. Specifies authentication methods for a remote telnet ... higher privilege levels. Defines authentication method lists for a user. Layer 2 Commands AAA Command aaa authentication dot1x default aaa authentication enable aaa authentication login aaa authorization network default radius aaa ias-user username clear (IAS) aaa ias-users enable authentication enable password ip http authentication ip https authentication login authentication password (aaa...
GC Enables the switch to aa user config mode. Also GC changes the mode to accept VLAN assignment GC by the RADIUS server. Specifies authentication methods for a remote telnet ... higher privilege levels. Defines authentication method lists for a user. Layer 2 Commands AAA Command aaa authentication dot1x default aaa authentication enable aaa authentication login aaa authorization network default radius aaa ias-user username clear (IAS) aaa ias-users enable authentication enable password ip http authentication ip https authentication login authentication password (aaa...
CLI Reference Guide
Page 84
... user. APC show which profiles are active for a local user. show admin-profiles brief Lists the names of the administrative PE profiles defined on the switch. APC Profile Config) rule Adds a rule to know the passwords. Displays information about the local user PE database. GC description (Administrative Adds a description to show...
... user. APC show which profiles are active for a local user. show admin-profiles brief Lists the names of the administrative PE profiles defined on the switch. APC Profile Config) rule Adds a rule to know the passwords. Displays information about the local user PE database. GC description (Administrative Adds a description to show...
CLI Reference Guide
Page 87
... packets GC from the device. PE Displays ISDP statistics. Auto-VoIP Command Description Modea switchport voice detect auto Enables the VoIP Profile on the switch. PE Clears entries in the ISDP table. PE Enables the sending of neighboring devices. Sets period of each Mode abbreviation, see Mode Types... on page 81. For the meaning of GC or the switch. For the meaning of time between sending new ISDP GC packets. PE a. PE Displays ISDP settings for ISDP packets that GC the...
... packets GC from the device. PE Displays ISDP statistics. Auto-VoIP Command Description Modea switchport voice detect auto Enables the VoIP Profile on the switch. PE Clears entries in the ISDP table. PE Enables the sending of neighboring devices. Sets period of each Mode abbreviation, see Mode Types... on page 81. For the meaning of GC or the switch. For the meaning of time between sending new ISDP GC packets. PE a. PE Displays ISDP settings for ISDP packets that GC the...
CLI Reference Guide
Page 92
...configured UE interfaces. show storm-control Displays the storm control configuration. show interfaces configuration Displays the configuration for the entire switch. Ethernet Configuration Command Description Modea clear counters Clears statistics on a given interface. PE description Adds a description to execute...Enters the interface configuration mode to an interface. UE show interfaces description Displays the description for the entire PE switch. PE Command Groups 92 For the meaning of a IC given Ethernet interface when not using autonegotiation. UE ...
...configured UE interfaces. show storm-control Displays the storm control configuration. show interfaces configuration Displays the configuration for the entire switch. Ethernet Configuration Command Description Modea clear counters Clears statistics on a given interface. PE description Adds a description to execute...Enters the interface configuration mode to an interface. UE show interfaces description Displays the description for the entire PE switch. PE Command Groups 92 For the meaning of a IC given Ethernet interface when not using autonegotiation. UE ...
CLI Reference Guide
Page 93
... with Broadcast packets. Enables Unicast storm control. MDC Initiates sending continuity checks (CCMs) at GC the specified interval and level on page 81. Enables the switch to Protected mode. Modea IC IC IC IC IC IC GC PE a. Command Groups 93 Configures a name for an existing domain. For the meaning of...
... with Broadcast packets. Enables Unicast storm control. MDC Initiates sending continuity checks (CCMs) at GC the specified interval and level on page 81. Enables the switch to Protected mode. Modea IC IC IC IC IC IC GC PE a. Command Groups 93 Configures a name for an existing domain. For the meaning of...
CLI Reference Guide
Page 97
...participate in VC the Querier Election process when it discovers the presence of -band interface. Sets an IP address for IPv4 addresses on the switch. Command Groups 97 Configures static host name-to -address PE cache. Acquires an IP address on page 81. GC Enables IP DNS-... IGMP Snooping Querier information. Sets the IGMP Querier Query Interval time. GC Sets the IGMP version of the query that the GC snooping switch is going to run ip address dhcp (Interface Config) ip default-gateway ip domain-lookup ip domain-name ip host Description Modea Deletes ...
...participate in VC the Querier Election process when it discovers the presence of -band interface. Sets an IP address for IPv4 addresses on the switch. Command Groups 97 Configures static host name-to -address PE cache. Acquires an IP address on page 81. GC Enables IP DNS-... IGMP Snooping Querier information. Sets the IGMP Querier Query Interval time. GC Sets the IGMP version of the query that the GC snooping switch is going to run ip address dhcp (Interface Config) ip default-gateway ip domain-lookup ip domain-name ip host Description Modea Deletes ...
CLI Reference Guide
Page 105
....1p priority to be dropped at ingress. IC Maps an IP DSCP value to an internal traffic GC class. Specifies the minimum transmission bandwidth for a switch. QoS Command assign-queue class class-map class-map rename classofservice dot1pmapping classofservice ip-dscpmapping classofservice trust conform-color cos-queue min-bandwidth cos-queue...
....1p priority to be dropped at ingress. IC Maps an IP DSCP value to an internal traffic GC class. Specifies the minimum transmission bandwidth for a switch. QoS Command assign-queue class class-map class-map rename classofservice dot1pmapping classofservice ip-dscpmapping classofservice trust conform-color cos-queue min-bandwidth cos-queue...
CLI Reference Guide
Page 109
... a RADIUS server. Assigns a name to a line LC config. Command Groups 109 a. Enables the message authenticator attribute to be R used for all R RADIUS communications between the switch and the RADIUS daemon. Improves Radius response times when a server is R unavailable by causing the unavailable server to R be the R primary server in which have...
... a RADIUS server. Assigns a name to a line LC config. Command Groups 109 a. Enables the message authenticator attribute to be R used for all R RADIUS communications between the switch and the RADIUS daemon. Improves Radius response times when a server is R unavailable by causing the unavailable server to R be the R primary server in which have...
CLI Reference Guide
Page 110
...ip radius-server timeout retransmit show aaa servers show accounting methods show radius statistics source-ip timeout usage Description Modea Sets the network access server (NAS) IP address GC for an authentication or accounting server. Specifies the source IP address used for GC ...R searches the list of the RADIUS client. Improves RADIUS response times when servers GC are unavailable. Sets the interval for which a switch waits for the R designated radius server. Specifies a RADIUS server host. Specifies the number of times the software GC searches the list ...
...ip radius-server timeout retransmit show aaa servers show accounting methods show radius statistics source-ip timeout usage Description Modea Sets the network access server (NAS) IP address GC for an authentication or accounting server. Specifies the source IP address used for GC ...R searches the list of the RADIUS client. Improves RADIUS response times when servers GC are unavailable. Sets the interval for which a switch waits for the R designated radius server. Specifies a RADIUS server host. Specifies the number of times the software GC searches the list ...
CLI Reference Guide
Page 111
...changes. instance (mst) Maps VLANs to auto portfast mode. GC protection spanning-tree cost Configures the spanning tree path cost for the switch. spanning-tree max-hops Sets the MSTP Max Hops parameter to all other non- spanning-tree bpdu- IC spanning-tree forward-time ...parameters PE for a IC port. spanning-tree Enables spanning-tree functionality. IC spanning-tree bpdu flooding Allows flooding of BPDUs received on a switch. Enables BPDU protection on GC nonspanning-tree ports to a new GC value for the common and internal spanning tree. GC spanning-tree max...
...changes. instance (mst) Maps VLANs to auto portfast mode. GC protection spanning-tree cost Configures the spanning tree path cost for the switch. spanning-tree max-hops Sets the MSTP Max Hops parameter to all other non- spanning-tree bpdu- IC spanning-tree forward-time ...parameters PE for a IC port. spanning-tree Enables spanning-tree functionality. IC spanning-tree bpdu flooding Allows flooding of BPDUs received on a switch. Enables BPDU protection on GC nonspanning-tree ports to a new GC value for the common and internal spanning tree. GC spanning-tree max...
CLI Reference Guide
Page 112
... Modea Specifies the authentication and encryption key TC for all ports. TC Specifies the order in portfast mode. TC Command Groups 112 IC Configures the switch priority for multiple spanning IC tree (MST) calculations. GC default spanning-tree port-priority Configures port priority. Specifies a server port number. Enables PortFast mode. Set...
... Modea Specifies the authentication and encryption key TC for all ports. TC Specifies the order in portfast mode. TC Command Groups 112 IC Configures the switch priority for multiple spanning IC tree (MST) calculations. GC default spanning-tree port-priority Configures port priority. Specifies a server port number. Enables PortFast mode. Set...
CLI Reference Guide
Page 113
.../slot/port interface to the protocol-based VLAN VC identified by groupid. Specifies the timeout value in seconds. IC Defines a private VLAN association between the switch and the TACACS+ daemon. Attaches a vlanid to the IC protocol-based VLAN identified by groupid. Displays all show tacacs tacacs-server host tacacs-server key... server host to the GC protocol-based VLAN identified by groupid. GC Enters the interface configuration mode to a VLAN. Sets the interval for which the switch waits for GC all physical unit/slot/port interfaces to reply.
.../slot/port interface to the protocol-based VLAN VC identified by groupid. Specifies the timeout value in seconds. IC Defines a private VLAN association between the switch and the TACACS+ daemon. Attaches a vlanid to the IC protocol-based VLAN identified by groupid. Displays all show tacacs tacacs-server host tacacs-server key... server host to the GC protocol-based VLAN identified by groupid. GC Enters the interface configuration mode to a VLAN. Sets the interval for which the switch waits for GC all physical unit/slot/port interfaces to reply.
CLI Reference Guide
Page 115
... protocol group name Adds a group name to the GC system. voice vlan data priority Trusts or not trusts the data traffic arriving on the GG switch. VC vlan (Global Config) Configures a VLAN. GC vlan association mac Associates a MAC address to the protocol-based VLAN GC identified by groupid. a. voice vlan (Interface...
... protocol group name Adds a group name to the GC system. voice vlan data priority Trusts or not trusts the data traffic arriving on the GG switch. VC vlan (Global Config) Configures a VLAN. GC vlan association mac Associates a MAC address to the protocol-based VLAN GC identified by groupid. a. voice vlan (Interface...