Command Line Interface Guide
Page 65
...expedite queues. Configures a static entry in the host name cache. Changes the number of service (QoS) on severity. Specifies the login authentication method list for configuration. Modifies the DSCP to count Multicast packets. Defines which management Access-List is used. Enables jumbo ...to a syslog server. logging on severity. Logs messages to "trust" state. Controls error messages logging. ip ssh server ipv6 default-gateway ipv6 host ipv6 icmp error-interval ipv6 neighbor lacp system-priority line logging logging buffered logging buffered size logging console The following...
...expedite queues. Configures a static entry in the host name cache. Changes the number of service (QoS) on severity. Specifies the login authentication method list for configuration. Modifies the DSCP to count Multicast packets. Defines which management Access-List is used. Enables jumbo ...to a syslog server. logging on severity. Logs messages to "trust" state. Controls error messages logging. ip ssh server ipv6 default-gateway ipv6 host ipv6 icmp error-interval ipv6 neighbor lacp system-priority line logging logging buffered logging buffered size logging console The following...
Command Line Interface Guide
Page 73
...on the network. enable Enters the privileged EXEC mode. show ports monitor Displays the port monitoring status. show hosts Displays the default domain name, a list of name server hosts, the static and the cached list of the egress queues. Command Modes ... configured for QoS. show interfaces counters Displays traffic seen by the physical interface. show rmon alarm Displays alarm configurations. login Changes a login username. show ip igmp snooping mrouter Displays information on dynamically learned Multicast router interfaces. show history Lists the commands entered...
...on the network. enable Enters the privileged EXEC mode. show ports monitor Displays the port monitoring status. show hosts Displays the default domain name, a list of name server hosts, the static and the cached list of the egress queues. Command Modes ... configured for QoS. show interfaces counters Displays traffic seen by the physical interface. show rmon alarm Displays alarm configurations. login Changes a login username. show ip igmp snooping mrouter Displays information on dynamically learned Multicast router interfaces. show history Lists the commands entered...
Command Line Interface Guide
Page 85
......] - line Uses the line password for authentication. none Uses no aaa authentication login {default | list-name} • default - local Uses the local username database for authentication. tacacs Uses the list of authentication methods activated when a user logs in . • list-name - Default Configuration The local user database is not defined. AAA Commands 85 Character...
......] - line Uses the line password for authentication. none Uses no aaa authentication login {default | list-name} • default - local Uses the local username database for authentication. tacacs Uses the list of authentication methods activated when a user logs in . • list-name - Default Configuration The local user database is not defined. AAA Commands 85 Character...
Command Line Interface Guide
Page 86
... enable line none radius tacacs Source or destination Uses the enable password for authentication. Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. Console (config)# aaa authentication login default radius local enable none aaa authentication enable The aaa authentication enable Global Configuration mode command defines authentication method lists for...
... enable line none radius tacacs Source or destination Uses the enable password for authentication. Syntax • aaa authentication enable {default | list-name} method1 [method2...] • no authentication. Console (config)# aaa authentication login default radius local enable none aaa authentication enable The aaa authentication enable Global Configuration mode command defines authentication method lists for...
Command Line Interface Guide
Page 87
...if it exists. Syntax • login authentication {default | list-name} • no login authentication • default - Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote ... the username "$enab15$". Uses the indicated list created with the command authentication login. Default Configuration Uses the default set with the authentication login command. The method argument identifies the list of methods that the authentication succeeds...
...if it exists. Syntax • login authentication {default | list-name} • no login authentication • default - Console (config)# aaa authentication enable default enable login authentication The login authentication Line Configuration mode command specifies the login authentication method list for a remote ... the username "$enab15$". Uses the indicated list created with the command authentication login. Default Configuration Uses the default set with the authentication login command. The method argument identifies the list of methods that the authentication succeeds...
Command Line Interface Guide
Page 88
... method for this command to return to another value may disconnect the telnet session. Console (config)# line console Console (config-line)# login authentication default enable authentication The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a console. Uses the indicated list ...
... method for this command to return to another value may disconnect the telnet session. Console (config)# line console Console (config-line)# login authentication default enable authentication The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a console. Uses the indicated list ...
Command Line Interface Guide
Page 91
Example The following example displays the authentication configuration. Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local : Tacacs Local : AAA Commands 91 User Guidelines • There are no user guidelines for this command. Command Mode Privileged EXEC mode.
Example The following example displays the authentication configuration. Console# show authentication methods Login Authentication Method Lists Console_Default: None Network_Default: Local Enable Authentication Method Lists Console_Default: Enable None Network_Default: Enable Line Console Telnet SSH Login Method List Default Default Default Enable Method List Default Default Default http https dot1x : Tacacs Local : Tacacs Local : AAA Commands 91 User Guidelines • There are no user guidelines for this command. Command Mode Privileged EXEC mode.
Command Line Interface Guide
Page 115
... logged in). Tokens in the form $(token) in a new line and can be included. Delimiting character, for example a pound sign (#). Login Banner banner exec The banner exec Global Configuration mode command specifies and enables a message to be displayed when an EXEC process is displayed. The ...message must start in the message text can be a multi-line message. Default Configuration Disabled (no EXEC banner is displayed). Then enter one or more lines of text, terminating the message with the second occurrence of...
... logged in). Tokens in the form $(token) in a new line and can be included. Delimiting character, for example a pound sign (#). Login Banner banner exec The banner exec Global Configuration mode command specifies and enables a message to be displayed when an EXEC process is displayed. The ...message must start in the message text can be a multi-line message. Default Configuration Disabled (no EXEC banner is displayed). Then enter one or more lines of text, terminating the message with the second occurrence of...
Command Line Interface Guide
Page 117
.... Indicates that the next text is displayed. • To customize the banner, use the no banner login • d - Delimiting character, for the device. Tokens in the form $(token) in the usage guidelines. Default Configuration Disabled (no Login banner is a bold text. Displays the domain name for example a pound sign (#). Using this token again...
.... Indicates that the next text is displayed. • To customize the banner, use the no banner login • d - Delimiting character, for the device. Tokens in the form $(token) in the usage guidelines. Default Configuration Disabled (no Login banner is a bold text. Displays the domain name for example a pound sign (#). Using this token again...
Command Line Interface Guide
Page 118
...). Delimiting character, for example a pound sign (#). Console (config)# banner login % Enter TEXT message. A delimiting character cannot be used as a delimiting character. Tokens in the form $(token) in the banner message. • message - Default Configuration Disabled (no banner motd • d - After the user logs... in to the device, the EXEC banner is replaced by the login banner and prompts. End with one or more blank spaces and a ...
...). Delimiting character, for example a pound sign (#). Console (config)# banner login % Enter TEXT message. A delimiting character cannot be used as a delimiting character. Tokens in the form $(token) in the banner message. • message - Default Configuration Disabled (no banner motd • d - After the user logs... in to the device, the EXEC banner is replaced by the login banner and prompts. End with one or more blank spaces and a ...
Command Line Interface Guide
Page 120
... • There are no user guidelines for this command. Use the no login-banner Default Configuration Enabled. Console# Console (config)# line console Console(config-line)# login-banner 120 Login Banner Console (config)# line console Console(config-line)# exec-banner login-banner The login-banner Line Configuration mode command enables the display of exec banners. Syntax •...
... • There are no user guidelines for this command. Use the no login-banner Default Configuration Enabled. Console# Console (config)# line console Console(config-line)# login-banner 120 Login Banner Console (config)# line console Console(config-line)# exec-banner login-banner The login-banner Line Configuration mode command enables the display of exec banners. Syntax •...
Command Line Interface Guide
Page 121
...to disable the display of -the-day banners. Use the no motd-banner Default Configuration Enabled Command Mode Line Configuration mode. Syntax • show banner motd • show banner login • show banner Privileged EXEC mode command displays the banners configuration. User ...Guidelines • There are no default configuration. Command Mode Privileged EXEC mode. Example The following example enables the...
...to disable the display of -the-day banners. Use the no motd-banner Default Configuration Enabled Command Mode Line Configuration mode. Syntax • show banner motd • show banner login • show banner Privileged EXEC mode command displays the banners configuration. User ...Guidelines • There are no default configuration. Command Mode Privileged EXEC mode. Example The following example enables the...
Command Line Interface Guide
Page 236
... the TCP destination port is not be removed as well, so the switch will take affect only after reset. iSCSI name of the iSCSI target. Default Configuration iSCSI well-known ports 3260 and 860 are not used , and the tcp port to be deleted is recommended to match (or for display... Port49154 to requests. The name can be changed by using iscsi max target ports command; These names are configured as default but can be defined in the system in the first login request of the command and then add it can be configured either bound to 16 TCP ports can be present...
... the TCP destination port is not be removed as well, so the switch will take affect only after reset. iSCSI name of the iSCSI target. Default Configuration iSCSI well-known ports 3260 and 860 are not used , and the tcp port to be deleted is recommended to match (or for display... Port49154 to requests. The name can be changed by using iscsi max target ports command; These names are configured as default but can be defined in the system in the first login request of the command and then add it can be configured either bound to 16 TCP ports can be present...
Command Line Interface Guide
Page 301
... a RADIUS server is used , where 0 is interpreted as request to 1812. (Range: 0 - 65535) • timeout - If unspecified, defaults to 0. Radius Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. Port number for which the servers ...are used . (Range: 1 - 10) • deadtime - Specifies the usage type of the following values: login, 802.1x or all RADIUS communications between the device and the RADIUS server. Syntax • radius-server host {ip-address | hostname} [auth-port...
... a RADIUS server is used , where 0 is interpreted as request to 1812. (Range: 0 - 65535) • timeout - If unspecified, defaults to 0. Radius Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. Port number for which the servers ...are used . (Range: 1 - 10) • deadtime - Specifies the usage type of the following values: login, 802.1x or all RADIUS communications between the device and the RADIUS server. Syntax • radius-server host {ip-address | hostname} [auth-port...
Command Line Interface Guide
Page 392
... command has no user guidelines for this command. User Guidelines • There are no default configuration. Log messages related to the logging file based on the severity level 'alerts'. Command Mode Privileged EXEC mode. Syntax • aaa logging login • no form of AAA events. Console (config)# logging file alerts clear logging...
... command has no user guidelines for this command. User Guidelines • There are no default configuration. Log messages related to the logging file based on the severity level 'alerts'. Command Mode Privileged EXEC mode. Syntax • aaa logging login • no form of AAA events. Console (config)# logging file alerts clear logging...
Command Line Interface Guide
Page 393
...operations. Log messages related to file copy operations. • delete-rename - User Guidelines • There are not subject to AAA login events. Example The following examplee nables logging messages related to this command. Console(config)# file-system logging copy Syslog Commands 393 To... form of AAA events are no file-system logging delete-rename • copy - Log messages related to file deletion and renaming. Default Configuration Logging file system events enabled. Syntax • file-system logging copy • no file-system logging copy • file-system...
...operations. Log messages related to file copy operations. • delete-rename - User Guidelines • There are not subject to AAA login events. Example The following examplee nables logging messages related to this command. Console(config)# file-system logging copy Syslog Commands 393 To... form of AAA events are no file-system logging delete-rename • copy - Log messages related to file deletion and renaming. Default Configuration Logging file system events enabled. Syntax • file-system logging copy • no file-system logging copy • file-system...
Command Line Interface Guide
Page 423
...the user logs in an unencrypted format, or when a user tries to remove a requirement. Syntax • passwords min-length length • no default configuration. Default Configuration This command has no passwords min-length • length - Console (config)# passwords min-length length 6 TIC Commands 423 Example The following ... the minimal length required for passwords in . Command Mode Global Configuration mode. Use the no form of this command to login. • Note that if a password is defined only require being checked when the user logs in the local database.
...the user logs in an unencrypted format, or when a user tries to remove a requirement. Syntax • passwords min-length length • no default configuration. Default Configuration This command has no passwords min-length • length - Console (config)# passwords min-length length 6 TIC Commands 423 Example The following ... the minimal length required for passwords in . Command Mode Global Configuration mode. Use the no form of this command to login. • Note that if a password is defined only require being checked when the user logs in the local database.
Command Line Interface Guide
Page 424
...time is calculated from the day the password is defined (not from the day the aging is defined). • After a password expires a user can login for which the password applies. (Range: 1 - 15) • days - Console (config-line)# password-aging 5 passwords aging The passwords aging ... a syslog message is disabled. The level for another 3 times. • 10 days before a password change is forced. (Range: 1-365) Default Configuration Password aging is generated. To disable password expiration time use the no passwords aging enable-password level • name - The name of line ...
...time is calculated from the day the password is defined (not from the day the aging is defined). • After a password expires a user can login for which the password applies. (Range: 1 - 15) • days - Console (config-line)# password-aging 5 passwords aging The passwords aging ... a syslog message is disabled. The level for another 3 times. • 10 days before a password change is forced. (Range: 1-365) Default Configuration Password aging is generated. To disable password expiration time use the no passwords aging enable-password level • name - The name of line ...
Command Line Interface Guide
Page 425
... Global Configuration mode command configures the number of this command. The number of global passwords. Command Mode Global Configuration mode. Default Configuration Password aging is defined. User Guidelines • The aging time is calculated from the day the password was defined,...the aging was defined. • After a password expires a user can login for a user is kept as long as the aging time of password changes before a password can be reused. (Range: 1-10). Default Configuration Passwords history is generated. Syntax • passwords history number • ...
... Global Configuration mode command configures the number of this command. The number of global passwords. Command Mode Global Configuration mode. Default Configuration Password aging is defined. User Guidelines • The aging time is calculated from the day the password was defined,...the aging was defined. • After a password expires a user can login for a user is kept as long as the aging time of password changes before a password can be reused. (Range: 1-10). Default Configuration Passwords history is generated. Syntax • passwords history number • ...
Command Line Interface Guide
Page 427
... and enable passwords. • The account is disabled. Syntax • aaa login-history file • no form of this command. Command Mode Global Configuration mode. TIC Commands 427 Default Configuration Lockout is not locked out for access from local console. • A... the counters. To disable writing to login history file. Console (config)# passwords lockout 5 aaa login-history file The aaa login-history file Global Configuration mode command enables writing to the file use the no aaa login-history file Default Configuration Enabled. Command Mode Global Configuration ...
... and enable passwords. • The account is disabled. Syntax • aaa login-history file • no form of this command. Command Mode Global Configuration mode. TIC Commands 427 Default Configuration Lockout is not locked out for access from local console. • A... the counters. To disable writing to login history file. Console (config)# passwords lockout 5 aaa login-history file The aaa login-history file Global Configuration mode command enables writing to the file use the no aaa login-history file Default Configuration Enabled. Command Mode Global Configuration ...