KeeNetic EXTRA KN-1710 Command Reference Manual Download

Page: 47 / 354

3.12 crypto ike policy

Description

Access to a group of commands to configure selected

IKE

policy. If

IKE

policy

is not found, the command tries to create it.

Command with no prefix removes

IKE

policy. At the same time references to

this

IKE

policy are automatically deleted from all

IPsec

profiles.

Prefix no

Yes

Change settings

Yes

Multiple input

Yes

Group entry

(config-ike-policy)

Synopsis

(config)>

crypto ike policy

‹

name

›

(config)>

no crypto ike policy

‹

name

›

Arguments

Description

Value

Argument

IKE

policy name. Latin letters,

numbers, dots, hyphens and

underscores are acceptable.

String

name

Example

(config)> crypto ike policy test
IpSec::Manager: Crypto ike policy "test" successfully created.

History

Version

Description
The crypto ike policy command has been introduced.

2.06

3.12.1 crypto ike policy lifetime

Description

Set lifetime of

IPsec IKE

association. By default, the value

86400

is used.

Command with no prefix resets setting to default.

Prefix no

Yes

Change settings

Yes

Multiple input

Synopsis

(config-ike-policy)>

lifetime

‹

lifetime

›

(config-ike-policy)>

no lifetime

Keenetic Extra (KN-1710) — Command Reference Guide

Chapter 3 Command Reference

Summary of Contents for EXTRA KN-1710

Page 1: ...Smart Wi Fi Router with Power Amplifiers Managed Switch and Multifunction USB Port Command Reference Guide Model Keenetic Extra KN 1710 OS Version 2 10 Edition 1 17 18 01 2018 help keenetic net Keene...

Page 2: ......

Page 3: ...is manual covers the following topics Introduction to the CLI Describes how to use the Keenetic Extra Command Line Interface CLI its hierarchical structure authorization levels and its help features C...

Page 4: ...is context has no meaning for the command Interfaces used in the system and the relationships between them are shown in the diagrams below List of arguments if they exists and explanations to them Arg...

Page 5: ...Product Overview 19 Introduction to the CLI 21 Command Reference 27 Glossary 323 Interface Hierarchy 333 HTTP API 335 SNMP MIB 343 IPsec Encryption Levels 349 Keenetic Extra KN 1710 Command Reference...

Page 6: ...Command Reference Guide Keenetic Extra KN 1710 6 Contents Overview...

Page 7: ...no 23 2 4 Multiple input 24 2 5 Saving to startup settings 24 2 6 Delayed restart 25 Chapter 3 Command Reference 27 3 1 Core commands 27 3 1 1 copy 27 3 1 2 erase 27 3 1 3 exit 28 3 1 4 ls 28 3 1 5 m...

Page 8: ...ipsec transform set cypher 53 3 14 2 crypto ipsec transform set dh group 54 3 14 3 crypto ipsec transform set hmac 55 3 14 4 crypto ipsec transform set lifetime 56 3 15 crypto ipsec profile 56 3 15 1...

Page 9: ...79 3 19 dyndns profile 80 3 19 1 dyndns profile domain 81 3 19 2 dyndns profile password 81 3 19 3 dyndns profile send address 82 3 19 4 dyndns profile type 82 3 19 5 dyndns profile update interval 83...

Page 10: ...erface hide ssid 105 3 20 35 interface igmp downstream 106 3 20 36 interface igmp fork 106 3 20 37 interface igmp upstream 107 3 20 38 interface include 107 3 20 39 interface inherit 108 3 20 40 inter...

Page 11: ...20 75 interface lcp echo 131 3 20 76 interface lcp pfc 132 3 20 77 interface ldpc 133 3 20 78 interface led wan 133 3 20 79 interface mac access list address 134 3 20 80 interface mac access list typ...

Page 12: ...erface wmm 160 3 20 117 interface wps 160 3 20 118 interface wps auto self pin 161 3 20 119 interface wps button 161 3 20 120 interface wps peer 162 3 20 121 interface wps self pin 162 3 21 ip arp 163...

Page 13: ...2 ip http proxy domain 188 3 33 3 ip http proxy domain ndns 188 3 33 4 ip http proxy upstream 189 3 34 ip http security level 190 3 35 ip http ssl enable 190 3 36 ip name server 191 3 37 ip nat 192 3...

Page 14: ...2 ping check profile max fails 221 3 61 3 ping check profile min success 222 3 61 4 ping check profile mode 223 3 61 5 ping check profile port 223 3 61 6 ping check profile power cycle 224 3 61 7 ping...

Page 15: ...k date 245 3 84 5 show clock timezone list 245 3 84 6 show crypto ike key 246 3 84 7 show crypto map 247 3 84 8 show dlna 249 3 84 9 show dot1x 249 3 84 10 show drivers 250 3 84 11 show interface 251...

Page 16: ...upnp redirect 280 3 84 46 show usb 281 3 84 47 show version 281 3 84 48 show vpn server 282 3 85 snmp community 283 3 86 snmp contact 284 3 87 snmp location 284 3 88 system 285 3 88 1 system button 28...

Page 17: ...8 3 91 6 udpxy timeout 308 3 92 upnp forward 309 3 93 upnp lan 310 3 94 upnp redirect 310 3 95 user 311 3 95 1 user password 312 3 95 2 user tag 313 3 96 vpn server 314 3 96 1 vpn server interface 314...

Page 18: ...st 341 B 2 3 Request Packet 341 Appendix C SNMP MIB 343 C 1 SNMPv2 MIB 343 C 2 IF MIB 343 C 3 IP MIB 345 C 4 UDP MIB 346 C 5 HOST RESOURCES MIB 346 C 6 UCD SNMP MIB 346 Appendix D IPsec Encryption Lev...

Page 19: ...32Mb SPI Ethernet Notes Chipset Ports Integrated 5 Notes Speed Label WAN port 100 Mbps 0 100 Mbps 1 100 Mbps 2 100 Mbps 3 100 Mbps 4 USB Notes Speed Label USB 2 0 1 Wi Fi Notes Chipset Band 802 11bgn...

Page 20: ...Command Reference Guide Keenetic Extra KN 1710 20 Chapter 1 Product Overview...

Page 21: ...factory default settings of Keenetic Extra RESET button is used to reset startup configuration to the factory default Files startup config and running config can be edited manually without participati...

Page 22: ...o completion To make the configuring process as comfortable as possible the CLI provides auto completion of commands and parameters hinting the operator which commands are available at the current lev...

Page 23: ...evel authentication configure authentication ip set interface IP parameters igmp set interface IGMP parameters up enable interface down disable interface config interface FastEthernet1 2 3 Prefix no P...

Page 24: ...utingTable Added static route 1 1 2 0 24 via PPTP0 config ip route 1 1 3 0 24 PPTP1 Network RoutingTable Added static route 1 1 3 0 24 via PPTP1 config show running config ip route 1 1 1 0 255 255 255...

Page 25: ...to reboot and return to the saved settings The system reboot command lets you set a delayed restart timer perform risky settings then turn off the timer and save the changes If connection to the devic...

Page 26: ...Command Reference Guide Keenetic Extra KN 1710 26 Chapter 2 Introduction to the CLI...

Page 27: ...file to be copied in file system path format Filename source Full path to the directory for the new file Filename destination Example Current settings can be saved as follows config copy running confi...

Page 28: ...2 00 3 1 3 exit Description Leave the command node Prefix no No Change settings No Multiple input No Synopsis config exit Example config dyndns exit config History Version Description The exit command...

Page 29: ...ntry type D name db entry type D name dhcp6c entry type R name TZ size 6 entry type R name passwd size 128 entry type D name dnscache entry type D name mnt entry type D name tmp entry type D name ppp...

Page 30: ...efix no Yes Change settings Yes Multiple input Yes Synopsis config access directory user mode recursive config no access directory user recursive Arguments Description Value Argument Name of directory...

Page 31: ...Command with no prefix removes the list of rules Prefix no Yes Change settings Yes Multiple input Yes Group entry config acl Synopsis config access list name config no access list name Arguments Descr...

Page 32: ...source source mask destination destination mask Arguments Description Value Argument TCP protocol Keyword tcp UDP protocol Keyword udp ICMP protocol Keyword icmp ESP protocol Keyword esp GRE protocol...

Page 33: ...h for example 24 Destination port in the TCP or UDP header Integer destination port The end of the destination range of ports Integer destination end port dst port operator Operator less to compare th...

Page 34: ...e port range source port source end port destination destination mask port dst port operator destination port range destination port destination end port config acl no permit icmp esp gre ipip ip sour...

Page 35: ...ss in the header IP mask destination mask of IP packet before comparison with destination There are two ways to enter the mask in the canonical form for example 255 255 255 0 and in the form of prefix...

Page 36: ...cifs Synopsis config cifs History Version Description The cifs command has been introduced 2 00 3 4 1 cifs automount Description Enable automounting of USB storages to access via CIFS Command with no...

Page 37: ...has been introduced 2 00 3 4 3 cifs share Description Share directory on USB storage Command with no prefix removes share If you use no argument the entire list of shares will be removed Prefix no Ye...

Page 38: ...length does not exceed 64 UTF 8 character String name TBD String mag The component of the open RSA key of client Its size should be in the range 1024 Integer modulus 1536 bit If not specified the enc...

Page 39: ...exceed 64 UTF 8 character String name Example config cloud control client a78d 30ab name New Client CloudControl Agent A client name changed History Version Description The cloud control client name c...

Page 40: ...sion Description The cloud control client session timeout command has been introduced 2 05 3 8 components Description Access to a group of commands to manage firmware components Prefix no No Change se...

Page 41: ...omponents list command Example config comp install ntfs Component is queued for installation ntfs History Version Description The components install command has been introduced 2 00 3 8 3 components l...

Page 42: ...ts list should be used in favour of components sync 2 06 A 6 3 8 4 components preset Description Select a predefined set of components Installation of preset is carried out with components commit comm...

Page 43: ...00 3 8 5 components preview Description Show size of firmware as current set of components selected with components install command Prefix no No Change settings Yes Multiple input No Synopsis config...

Page 44: ...e the command components list will be automalically executed to get actual list of components from update server Command with no prefix resets period to default By default value 1800 is used Prefix no...

Page 45: ...tware IpSec CryptoEngineManager IPsec crypto engine set to software History Version Description The crypto engine command has been introduced 2 06 3 10 crypto ike key Description Add IKE key with remo...

Page 46: ...et the timeout between keepalive packets in case of NAT between the client and server IPsec By default 90 value is set Command with no prefix resets setting to default Prefix no Yes Change settings Ye...

Page 47: ...ption Value Argument IKE policy name Latin letters numbers dots hyphens and underscores are acceptable String name Example config crypto ike policy test IpSec Manager Crypto ike policy test successful...

Page 48: ...x resets setting to default Prefix no Yes Change settings Yes Multiple input No Synopsis config ike policy mode mode config ike policy no mode Arguments Description Value Argument mode Protocol versio...

Page 49: ...aggressive History Version Description The crypto ike policy negotiation mode command has been introduced 2 06 3 12 4 crypto ike policy proposal Description Add reference on existing IKE proposal to I...

Page 50: ...nput Yes Group entry config ike proposal Synopsis config crypto ike proposal name config no crypto ike proposal name Arguments Description Value Argument IKE proposal name Latin letters numbers dots h...

Page 51: ...story Version Description The crypto ike proposal dh group command has been introduced 2 06 3 13 2 crypto ike proposal encryption Description Add the selected type of encryption to IKE proposal The or...

Page 52: ...orithm to IKE proposal The order of adding has a value for data exchange on the IKE protocol Command with no prefix removes the selected algorithm Prefix no Yes Change settings Yes Multiple input Yes...

Page 53: ...ipsec transform set name config no crypto ipsec transform set name Arguments Description Value Argument IPsec transformation name Latin letters numbers dots hyphens and underscores are acceptable Str...

Page 54: ...ipsec transform set cypher command has been introduced 2 06 3 14 2 crypto ipsec transform set dh group Description Add the selected DH group to IPsec transformation to work in the PFS mode The order o...

Page 55: ...r of adding has a value for data exchange on the IKE protocol Command with no prefix removes the selected algorithm Prefix no Yes Change settings Yes Multiple input Yes Synopsis config ipsec transform...

Page 56: ...s Can take values from 60 to 2147483647 Integer lifetime Example config ipsec transform lifetime 8640 IpSec Manager Crypto ipsec transform set test lifetime set to 8640 s History Version Description T...

Page 57: ...uthentication type for local host By default value pre share is used Command with no prefix resets setting to default Prefix no Yes Change settings Yes Multiple input No Synopsis config ipsec profile...

Page 58: ...le authentication remote pre share IpSec Manager Crypto ipsec profile test authentication remote type pre share is set History Version Description The crypto ipsec profile authentication remote comman...

Page 59: ...crypto ipsec profile identity local Description Set a local identifier of IPsec profile Command with no prefix removes the local identifier Prefix no Yes Change settings Yes Multiple input No Synopsi...

Page 60: ...address ID type is full domain name fqdn ID type is domain name dn ID type is e mail address email Remote host ID value String id Allow usage of any remote host Keyword any Example config ipsec profil...

Page 61: ...profile mode command has been introduced 2 06 3 15 7 crypto ipsec profile policy Description Set the reference to existing IKE policy see crypto ike policy command Command with no prefix removes the r...

Page 62: ...value String preshare key Example config ipsec profile preshared key testkey IpSec Manager Crypto ipsec profile test preshared key was set History Version Description The crypto ipsec profile preshare...

Page 63: ...Yes Multiple input No Synopsis config ipsec profile xauth identity identity config ipsec profile no xauth identity Arguments Description Value Argument Login for XAuth client mode String identity Exa...

Page 64: ...2 06 3 16 crypto map Description Access to a group of commands to configure selected IPsec crypto map If crypto map is not found the command tries to create it Command with no prefix removes crypto ma...

Page 65: ...o Yes Change settings Yes Multiple input No Synopsis config crypto map connect config crypto map no connect Example config crypto map connect IpSec Manager Crypto map test autoconnect enabled History...

Page 66: ...nts Description Value Argument Period of checking in seconds Can take values from 60 to 86400 Integer interval value Example config crypto map fallback check interval 120 IpSec Manager Crypto map test...

Page 67: ...ence Prefix no Yes Change settings Yes Multiple input No Synopsis config crypto map match address access list config crypto map no match address Arguments Description Value Argument Packet filtering r...

Page 68: ...r IPsec connection Command with no prefix removes the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config crypto map set peer remote ip config crypto map no set peer Arguments...

Page 69: ...name of remote host String remote ip Example config crypto map set peer fallback test com IpSec Manager Crypto map test fallback remote peer is set to test com History Version Description The crypto m...

Page 70: ...r of SYN packets exceeds the specified limit command changes it Path MTU Discovery mode allows automatically identifiy MSS limit Command with no prefix removes all limits from MSS Prefix no Yes Change...

Page 71: ...set transformations with help of transform set command Example config crypto map set transform test IpSec Manager Crypto map test ipsec transform set is set to test History Version Description The cry...

Page 72: ...he corresponding access list will be ignored By default the setting is disabled Command with no prefix disables the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config crypto m...

Page 73: ...o clients in Virtual IP server mode Command with no prefix removes the range Prefix no Yes Change settings Yes Multiple input No Synopsis config crypto map virtual ip range begin end size config crypt...

Page 74: ...scription Specify the directory with database of multimedia content Command with no prefix removes the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config dlna db directory dir...

Page 75: ...ple config dlna directory TEST_FAT transmission Core Configurator done History Version Description The dlna directory command has been introduced 2 00 Parameter media type was added 2 06 3 17 3 dlna i...

Page 76: ...ic Command with no prefix resets port to default By default value 8200 is used Prefix no Yes Change settings Yes Multiple input No Synopsis config dlna port port config dlna no port Arguments Descript...

Page 77: ...e dlna rescan command has been introduced 2 00 3 18 dns proxy Description Access to a group of commands to manage DNS proxy service Prefix no No Change settings No Multiple input No Group entry config...

Page 78: ...een introduced 2 04 3 18 2 dns proxy max ttl Description Set maximum TTL for DNS proxy cached entries Command with no prefix removes maximum TTL value Prefix no Yes Change settings Yes Multiple input...

Page 79: ...e of DNS proxy proceed in milliseconds Can take values from 1 to 50000 Integer proceed Example config dnspx proceed 600 Dns Proxy Dns proxy set 600 msec proceed config dnspx no proceed Dns Proxy Dns p...

Page 80: ...file Description Access to a group of commands to configure DynDns profile If the profile is not found the command tries to create it You can enter up to 32 profiles Command with no prefix removes Dyn...

Page 81: ...e Argument The domain name Maximum domain name length is 254 characters String domain Example config dyndns domain systems DynDns Profile test domain saved History Version Description The dyndns profi...

Page 82: ...in DynDns request Command with no prefix removes the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config dyndns send address config dyndns no send address Example config dyndn...

Page 83: ...n Description The dyndns profile type command has been introduced 2 00 3 19 5 dyndns profile update interval Description Set the address update interval for DynDns Command with no prefix cancels the a...

Page 84: ...e input Yes Synopsis config dyndns url url config dyndns no url Arguments Description Value Argument Custom URL of DNS service String url Example config dyndns url http members dyndns org nic update D...

Page 85: ...ies its class that inherits certain properties see the diagrams in the Appendix The commands work in relation to classes The corresponding interface class is specified in the command description Comma...

Page 86: ...entication chap command has been introduced 2 00 3 20 2 interface authentication eap md5 Description Enable EAP MD5 authentication support Command with no prefix disables EAP MD5 Prefix no Yes Change...

Page 87: ...en introduced 2 00 3 20 4 interface authentication identity Description Specify user name for device authentication on the remote system Equally often used on PPTP PPPoE and L2TP connections Command w...

Page 88: ...authentication mschap MSCHAP authentication enabled History Version Description The interface authentication mschap command has been introduced 2 00 3 20 6 interface authentication mschap v2 Descript...

Page 89: ...cation pap PAP authentication enabled History Version Description The interface authentication pap command has been introduced 2 00 3 20 8 interface authentication password Description Specify passwor...

Page 90: ...settings Yes Multiple input No Interface type WiFi Synopsis config if authentication shared config if no authentication shared Example config if authentication shared Shared authentication enabled His...

Page 91: ...thentication wpa psk command has been introduced 2 00 3 20 11 interface band steering Description Enable Band Steering for AP 5 GHz By default the setting is enabled For correct Band Steering operatio...

Page 92: ...ting to default Prefix no Yes Change settings Yes Multiple input No Interface type WiFiMaster Synopsis config if band steering preference band config if no band steering preference Arguments Descripti...

Page 93: ...ment The value of the tariff speed in Kbps Integer limit Example config if bandwidth limit 50000 Ntce BandwidthLimits Set bandwidth limit 50000 Kbps to ISP History Version Description The interface ba...

Page 94: ...Yes Multiple input No Interface type Radio Synopsis config if channel channel config if no channel Arguments Description Value Argument channel Number of radio channel number Radio channel number is d...

Page 95: ...en introduced 2 07 3 20 17 interface channel width Description Set the bandwidth for a specified channel By default 40 below value is used Command with no prefix resets to default Prefix no Yes Change...

Page 96: ...ill be able to deal with the 802 11n compatible devices via radio channel The set of admissible compatibility lines is defined by the hardware capabilities of a particular adapter and provisions of th...

Page 97: ...datory Interface name via Example config if connect via UsbModem3 PPP connection enabled History Version Description The interface connect command has been introduced 2 00 3 20 20 interface country co...

Page 98: ...Change settings Yes Multiple input No Interface type PPP Synopsis config if debug config if no debug Example config if debug Debug enabled History Version Description The interface debug command has b...

Page 99: ...enables the network interface and deletes down from settings Prefix no Yes Change settings Yes Multiple input No Synopsis config if down config if no down Example config if down Interface disabled His...

Page 100: ...profile to the interface Profile must be created and customized with dyndns profile commands before execution Command with no prefix unbinds the profile Prefix no Yes Change settings Yes Multiple inpu...

Page 101: ...e rate recommended by service provider Keyword force Example config if dyndns update DynDns Profile test update started History Version Description The interface dyndns update command has been introdu...

Page 102: ...rface encryption key Description Specify the WEP encryption keys Depending on the bit the key can be standard 64 bit WEP uses a 40 bit key also known as WEP 40 or 128 bit WEP uses a 26 hexadecimal cha...

Page 103: ...encryption Prefix no Yes Change settings Yes Multiple input No Interface type PPTP Synopsis config if encryption mppe config if no encryption mppe Example config if encryption mppe MPPE enabled Histor...

Page 104: ...ms on the wireless interface Wireless interface can support the joint use of WPA and WPA2 but supporting WEP automatically disables when any of the WPA is enabled Command with no prefix disables WPA2...

Page 105: ...nfig if no flowcontrol send Network Interface Ethernet GigabitEthernet0 0 flow control send disabled History Version Description The interface flowcontrol command has been introduced 2 08 3 20 34 inte...

Page 106: ...efix disables the mode Prefix no Yes Change settings Yes Multiple input No Interface type IP Synopsis config if igmp downstream config if no igmp downstream Example config if igmp downstream added dow...

Page 107: ...eam interface is allowed Command with no prefix disables the mode Prefix no Yes Change settings Yes Multiple input No Interface type IP Synopsis config if igmp upstream config if no igmp upstream Exam...

Page 108: ...and inherit command transfers some settings of the interface being added to the bridge such as IP address mask and IP aliases On removing either the bridge itself or the bridge interface these setting...

Page 109: ...d to a single interface Command with no prefix disables the ACL for the specified interface and traffic direction Prefix no Yes Change settings Yes Multiple input Yes Interface type IP Synopsis config...

Page 110: ...ace mask There are two ways to specify the mask the canonical IP mask mask form for example 255 255 255 0 and the prefix with bit length for example 24 Example The network address defined by the IP ad...

Page 111: ...ernet Synopsis config if ip address dhcp hostname hostname config if no ip address dhcp Arguments Description Value Argument Name of the host to be placed in the DHCP option 12 field This name need no...

Page 112: ...ger value Example config if ip adjust ttl inc 10 Network Interface IP TTL adjustment enabled History Version Description The interface ip adjust ttl command has been introduced 2 00 Keyword set was ad...

Page 113: ...tire list of aliases will be removed Prefix no Yes Change settings Yes Multiple input Yes Interface type IP Ethernet Synopsis config if ip alias address mask config if no ip alias address mask Argumen...

Page 114: ...client vendor class is set to Keenetic Extra History Version Description The interface ip dhcp client class id command has been introduced 2 02 3 20 47 interface ip dhcp client debug Description Enab...

Page 115: ...ernet Synopsis config if ip dhcp client displace interface config if no ip dhcp client displace interface Arguments Description Value Argument Name or alias of the interface whose static address will...

Page 116: ...rors Command with no prefix cancels setting and sets 0 0 0 0 address Prefix no Yes Change settings Yes Multiple input No Interface type Ethernet Synopsis config if ip dhcp client fallback type config...

Page 117: ...HostName Dhcp Client Home DHCP client hostname is set to HostName History Version Description The interface ip dhcp client hostname command has been introduced 2 00 3 20 52 interface ip dhcp client na...

Page 118: ...ltiple input No Interface type Ethernet Synopsis config if ip dhcp client release config if no ip dhcp client release Example config if ip dhcp client release Dhcp Client IP address released History V...

Page 119: ...outes are enabled History Version Description The interface ip dhcp client routes command has been introduced 2 05 3 20 56 interface ip global Description Set property global with a parameter to the i...

Page 120: ...ip global command has been introduced 2 00 3 20 57 interface ip mru Description Set the value of MRU to be transmitted to a remote node during establishing the PPP IPCP connection By default 1460 val...

Page 121: ...nd Prefix no Yes Change settings Yes Multiple input No Interface type IP Synopsis config if ip mtu mtu config if no ip mtu Arguments Description Value Argument MTU value Can take values from 64 to 655...

Page 122: ...mmand is applied to the interface and affects all outgoing TCP SYN packets Command with no prefix removes all limits from MSS Prefix no Yes Change settings Yes Multiple input No Interface type IP Syno...

Page 123: ...ute Using peer as a default gateway History Version Description The interface ipcp default route command has been introduced 2 00 3 20 62 interface ipcp dns routes Description Use routes which are rec...

Page 124: ...g if ipcp name servers config if no ipcp name servers Example config if ipcp name servers Using remote name servers History Version Description The interface ipcp name servers command has been introdu...

Page 125: ...to default Prefix no Yes Change settings Yes Multiple input No Interface type Secure Synopsis config if ipsec encryption level level config if no ipsec encryption level Arguments Description Value Arg...

Page 126: ...rvice for the interface Command with no prefix cancels the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config if ipsec ignore config if no ipsec ignore Example config if ipsec...

Page 127: ...2 10 3 20 68 interface ipsec preshared key Description Set PSK key for IPSec connection that is automatically associated with the tunnel Command also enables IPSec for this tunnel Command with no pref...

Page 128: ...input Yes Synopsis config if ipv6 address address auto config if no ipv6 address address auto Arguments Description Value Argument Name server address IPv6 address address Enable stateless autoconfigu...

Page 129: ...removes the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config if ipv6 name servers auto config if no ipv6 name servers auto Arguments Description Value Argument Enable name...

Page 130: ...prefix added History Version Description The interface ipv6 prefix command has been introduced 2 00 3 20 73 interface ipv6cp Description Enable IPv6CP support during establishing connection Command w...

Page 131: ...Enable compression of Connection ID into headers Keyword cid Example config if lcp acfc cid ACFC compression enabled Network Interface PPP done History Version Description The interface lcp acfc comm...

Page 132: ...t echo request was sent Keyword adaptive Example config if lcp echo 5 3 LCP echo parameters updated History Version Description The interface lcp echo command has been introduced 2 00 The adaptive key...

Page 133: ...ifiMaster Synopsis config if ldpc config if no ldpc Example config if ldpc Network Interface Rtx WifiMaster LDPC enabled History Version Description The interface ldpc command has been introduced 2 07...

Page 134: ...cess Point Synopsis config if mac access list address address config if no mac access list address address Arguments Description Value Argument A MAC address to be added to the ACL MAC address address...

Page 135: ...erface Address is specified in hexadecimal format 00 00 00 00 00 00 The command allows one to assign arbitrary address but warns the user if the new address multicast bit is set or OUI enforced bit is...

Page 136: ...the interface lan WAN MAC address will be assigned to the interface wan WLAN5 MAC address will be assigned to the interface wlan5 Example config if mac address factory lan Core System UConfig done His...

Page 137: ...pe UsbModem Synopsis config if modem connect dial phone string config if no modem connect Arguments Description Value Argument The phone number for dialing String phone An arbitrary command String str...

Page 138: ...ed 2 00 3 20 86 interface modem timeout Description Set modem connection timeout Setting is used for slow modems connections Command with no prefix removes the setting Prefix no Yes Change settings Ye...

Page 139: ...fix no Yes Change settings Yes Multiple input No Interface type PPP Synopsis config if peer peer config if no peer Arguments Description Value Argument Remote connection point ID String peer Example c...

Page 140: ...wer of the transmitter relative to its maximum power such as to decrease potential interference with other devices in this range band Prefix no No Change settings Yes Multiple input No Interface type...

Page 141: ...cription The interface pppoe service command has been introduced 2 05 3 20 91 interface preamble short Description Use short preamble Prefix no Yes Change settings Yes Multiple input No Interface type...

Page 142: ...config if rekey interval 3600 Network Interface Rtx WifiMaster Rekey interval is 3600 sec History Version Description The interface rekey interval command has been introduced 2 06 3 20 93 interface r...

Page 143: ...to 1FE Hexadecimal number offset Value to be set Can take values from 0 to FFFF Hexadecimal number value Example config if rf e2p set 1f6 0 Network Interface Rtx WifiMaster EEPROM 0x01F6 0000 set His...

Page 144: ...ory Version Description The interface role command has been introduced 2 06 3 20 96 interface schedule Description Assign a schedule to the interface Schedule must be created and customized with sched...

Page 145: ...HCP and DNS services to the protected segments Note By default to all newly created interfaces public security level assigned Access lists access list have higher priority than the security levels so...

Page 146: ...tected parameter was added 2 06 3 20 98 interface speed Description Configure the speed of the Ethernet interface By default auto value is set Command with no prefix resets setting to default Prefix n...

Page 147: ...interface ssid Description Specify the wireless network name SSID for interfaces wireless station and access point Depending on the type of interface SSID value is processed differently For the acces...

Page 148: ...e VLAN marker from the transferred frames Command with no prefix removes the setting Prefix no Yes Change settings Yes Multiple input No Interface type Port Synopsis config if switchport access vlan v...

Page 149: ...t friend vlan Arguments Description Value Argument Friend VLAN ID Can take values from 1 to 4094 inclusively Integer vid Example config if switchport friend vlan 2 Network Interface Switch FastEtherne...

Page 150: ...nk command Enable double tagging Keyword q in q Example config if switchport mode access Network Interface Switch FastEthernet0 1 access mode enabled History Version Description The interface switchpo...

Page 151: ...erface in both directions By default speed is not limited Command with no prefix removes the setting Prefix no Yes Change settings Yes Multiple input No Synopsis config if traffic shape rate rate conf...

Page 152: ...een introduced 2 00 3 20 106 1 interface tsp password Description Configure password to connect via TSP Command with no prefix clears password Prefix no Yes Change settings Yes Multiple input No Inter...

Page 153: ...8 56 or 64 Integer length History Version Description The interface tsp prefix length command has been introduced 2 00 3 20 106 3 interface tsp server Description Server IPv4 address which is received...

Page 154: ...ing user History Version Description The interface tsp user command has been introduced 2 00 3 20 107 interface tunnel destination Description Set the remote end of tunnel If it is used in conjunction...

Page 155: ...ription Set identifier of EoIP tunnel Command with no prefix resets the setting Prefix no Yes Change settings Yes Multiple input No Interface type Eoip Synopsis config if tunnel eoip id id config if n...

Page 156: ...interface Keyword auto Full interface name or an alias Interface name interface Local IP adress of the tunnel IP address address Example config if tunnel source auto Network Interface Tunnel Gre0 sou...

Page 157: ...nput No Synopsis config if tx queue length config if no tx queue Arguments Description Value Argument Queue length can take values from 0 to 65536 Integer length Example config if tx queue 255 Tx queu...

Page 158: ...ting Prefix no Yes Change settings Yes Multiple input No Interface type Usb Synopsis config if usb apn apn config if no usb apn Arguments Description Value Argument Access point name String apn Exampl...

Page 159: ...fo String model Example config if usb device id 12d1 1001 Device ID saved History Version Description The interface usb device id command has been introduced 2 00 3 20 115 interface usb power cycle De...

Page 160: ...ype Access Point Synopsis config if wmm config if no wmm Example config if wmm WMM extensions enabled History Version Description The interface wmm command has been introduced 2 00 3 20 117 interface...

Page 161: ...Network Interface Rtx Wps an auto self PIN mode enabled History Version Description The interface wps auto self pin command has been introduced 2 04 3 20 119 interface wps button Description Start WP...

Page 162: ...nts Description Value Argument direction Send WiFi configuration send Receive WiFi configuration from Keenetic Extra receive PIN code of the remote peer String pin Example config if wps peer receive 9...

Page 163: ...t do not support dynamic ARP Command with no prefix removes entry from ARP table If you use no arguments the whole list of ARP entrys will be removed Prefix no Yes Change settings Yes Multiple input Y...

Page 164: ...ig no ip dhcp class class Arguments Description Value Argument The vendor class name String class Example config ip dhcp class STB One Dhcp Server Vendor class STB One has been created History Version...

Page 165: ...ws one to change the MAC address leaving the old value IP address and vice versa to change the IP address leaving the old MAC address value intact Command with no prefix removes the host Prefix no Yes...

Page 166: ...characters Note In the current version of the system no more than one pool per interface is supported For DHCP server to function correctly it is required that the range of IP addresses set by range...

Page 167: ...Version Description The ip dhcp pool bind command has been introduced 2 00 3 24 2 ip dhcp pool class Description Access to a group of commands to configure DHCP vendor class for selected pool If speci...

Page 168: ...ple input Yes Synopsis config dhcp pool class option number type data config dhcp pool class no option number Arguments Description Value Argument number 6 option DNS server 6 42 option NTP server 42...

Page 169: ...pecified the address of the Ethernet interface determined automatically for a given range range will be used Command with no prefix cancels the setting Prefix no Yes Change settings Yes Multiple input...

Page 170: ...DNS server IP address address1 Address of secondary DNS server IP address address2 Example config dhcp pool dns server 192 168 1 88 pool test_pool name server list has been saved History Version Desc...

Page 171: ...s Yes Multiple input No Synopsis config dhcp pool enable config dhcp pool no enable Example config dhcp pool enable Dhcp Server pool 111 is enabled History Version Description The ip dhcp pool enable...

Page 172: ...e chosen interface is used as the default gateway and DNS server if other addresses are not specified using commands ip dhcp pool default router and ip dhcp pool dns server Command with no prefix remo...

Page 173: ...S update has been enabled History Version Description The ip dhcp pool update dns command has been introduced 2 06 3 24 11 ip dhcp pool wpad Description Configure DHCP option 252 WPAD protocol By defa...

Page 174: ...Multiple input Yes Synopsis config ip dhcp relay lan interface config no ip dhcp relay lan interface Arguments Description Value Argument Full name or an alias of Ethernet interface through which DHCP...

Page 175: ...If exact address of the server is not specified see ip dhcp relay server the requests will be broadcasted It is recommended to specify server address Command with no prefix removes the setting Prefix...

Page 176: ...to the FTP server for all users without authentication Command with no prefix denies access Prefix no Yes Change settings Yes Multiple input No Synopsis config ftp permissive config ftp no permissive...

Page 177: ...e config ftp security level protected Ftp Manager Security level changed to protected History Version Description The ip ftp security level command has been introduced 2 08 3 28 3 ip ftp user Descript...

Page 178: ...ument Specifies the name of user whose home directory is configured String name Path to the home directory String directory Example config ftp user admin root E Ftp Server a admin user root directory...

Page 179: ...0 ip hotspot Description Enter the Hotspot configuration command group Prefix no No Change settings No Multiple input No Group entry config hotspot Synopsis config ip hotspot History Version Descripti...

Page 180: ...as been introduced 2 08 3 30 2 ip hotspot auto scan interval Description Set interval for probes of online hosts Command with no prefix resets setting to default Prefix no Yes Change settings Yes Mult...

Page 181: ...t the value 3 is used Integer rate Example config hotspot auto scan passive 5 hps Hotspot Discovery Manager Auto scan rate is set to 5 hps config hotspot auto scan no passive Hotspot Discovery Manager...

Page 182: ...e ip hotspot auto scan timeout command has been introduced 2 08 3 30 5 ip hotspot default policy Description Define the Hotspot policy for all interfaces Policy applies to all interfaces that have no...

Page 183: ...ge settings Yes Multiple input Yes Interface type IP Synopsis config hotspot host mac access schedule schedule Arguments Description Value Argument Host MAC address Host must be registered via known h...

Page 184: ...figured access rule Section 3 30 6 on page 183 Default policy permit Command with no prefix resets policy to default Prefix no Yes Change settings Yes Multiple input Yes Interface type IP Synopsis con...

Page 185: ...ot wake mac Arguments Description Value Argument Host MAC address MAC address mac History Version Description The ip hotspot wake command has been introduced 2 08 3 31 ip http lockout policy Descripti...

Page 186: ...ger Bruteforce detection is reconfigured History Version Description The ip http lockout policy command has been introduced 2 08 3 32 ip http port Description Assign HTTP port for Web interface of Kee...

Page 187: ...ttp proxy name Arguments Description Value Argument HTTP proxy name String name Example config ip http proxy TEST Http Manager Proxy TEST successfully created History Version Description The ip http p...

Page 188: ...Multiple input No Synopsis config http proxy domain static domain config http proxy no domain Arguments Description Value Argument A domain name String domain Example config http proxy domain static...

Page 189: ...refix no Yes Change settings Yes Multiple input No Synopsis config http proxy upstream http address type port config http proxy no upstream Arguments Description Value Argument address type HTTP serve...

Page 190: ...aces Keyword private Access to the HTTP server is allowed for private and protected interfaces Keyword protected Example config ip http security level protected Http Manager Security level changed to...

Page 191: ...me server command can be entered multiple times if several DNS server addresses need to be setup Moreover each entered address can be associated with one or more domain names for working with specific...

Page 192: ...Change settings Yes Multiple input Yes Interface type IP Synopsis config ip nat interface address mask config no ip nat interface address mask Arguments Description Value Argument Source interface na...

Page 193: ...outing table to describe a rule of IP packets transmission through a particular gateway or network interface As the destination network one can specify default keyword In this case a default route wil...

Page 194: ...nly if there is no other higher priority route with the same address IP address of the router in a directly connected network Can be specified along IP address gateway with the interface name if it is...

Page 195: ...number is always treated as the destination port If network corresponds to a single address and this address is equal to to address then this rule will prohibit the translation of the specified addre...

Page 196: ...ter translation If one is not specified the destination port remains the same Integer to port Example Let there be a router between the local network 172 16 1 0 24 secutity levelprivate and global net...

Page 197: ...IP Synopsis config ip telnet lockout policy threshold duration observation window config no ip telnet lockout policy Arguments Description Value Argument The number of failed attempts to log in By de...

Page 198: ...Port number Can take values from 1 to 65535 inclusively Integer number History Version Description The ip telnet port command has been introduced 2 08 3 42 3 ip telnet security level Description Set T...

Page 199: ...mber of simultaneous sessions for telnet connection By default 4 is used Command with no prefix resets count to default Prefix no Yes Change settings Yes Multiple input No Synopsis config telnet sessi...

Page 200: ...meout Example config telnet session timeout 6 Telnet Server a session timeout value set to 6 seconds History Version Description The ip telnet session timeout command has been introduced 2 08 3 43 ip...

Page 201: ...ntroduced 2 05 The schedule argument was added 2 08 3 44 ipv6 firewall Description Enable IPv6 firewall By default the setting is disabled Command with no prefix removes the setting Prefix no Yes Chan...

Page 202: ...tic as opposite to dynamic as registered by PPP or DHCP services ipv6 name server command can be entered multiple times if several DNS server addresses need to be setup Command with no prefix removes...

Page 203: ...sis config ipv6 route prefix default interface config no ipv6 route prefix default interface Arguments Description Value Argument IPv6 prefix Prefix prefix Uses the default prefix Keyword default Full...

Page 204: ...g subnet no bind interface Arguments Description Value Argument Full interface name or an alias Interface name interface Example config subnet bind WifiMaster0 AccessPoint1 Interface bound History Ver...

Page 205: ...mode command has been introduced 2 00 3 48 3 ipv6 subnet number Description Assign the subnet ID which will determine the advertised prefix for the segment Must be unique across subnets Prefix no No...

Page 206: ...solate private Description Prohibit data transfer between any interfaces with security level private Command with no prefix cancels the command allowing data transfer between private interfaces Prefix...

Page 207: ...Description Access to a group of commands to manage KeenDNS service Prefix no No Change settings No Multiple input No Group entry ndns Synopsis config ndns History Version Description The ndns command...

Page 208: ...device The length is 32 symbols Hexadecimal number transfer code Example ndns book name testname mykeenetic kz done title NDSS ndns bookName Public DNS Hostname Booking code 200 icon tick hl true lay...

Page 209: ...mxiO dst 91 218 112 165 16047 MsgCack quorumLeft 0 t 444 item hl false o lock reply d Success prepare NDSS key Binary IZdU2Bj5ZBsxsTGD alt Binary L7Wc5lMdYcfDtANq dst 91 218 112 118 17047 MsgCack quor...

Page 210: ...tname list item name testname domain mykeenetic by available no item name testname domain mykeenetic kz available yes item name testname domain mykeenetic ru available yes item name testname domain my...

Page 211: ...d o title Operation column id d title Detail column id t title Time variant period scale 1 item hl false o start d TaskDropName name testname domain mykeenetic net license 243992935221479 t 0 item hl...

Page 212: ...7 MsgCack quorumLeft 0 t 231 item hl false o commit reply d Success finalize NDSS key Binary SyptNue2bys mxiO alt Binary yPrQwfa 4yn676wk dst 148 251 129 152 17047 MsgCack t 235 item hl false o commit...

Page 213: ...d name updated title Updated type date variant date field name access title Access Mode default unknown field name transfer title Transfer name testname domain mykeenetic com address 41 189 34 56 upda...

Page 214: ...Z standalone false menu src index __auth force __role context menu ref 2fndns 2fupdateBooking fields field name name title Public Name field name domain title Domain Name field name address title IP A...

Page 215: ...ynopsis config ntce shaping config no ntce shaping Example config ntce shaping Ntce Manager Shaping enabled History Version Description The ntce shaping command has been introduced Previous command na...

Page 216: ...server 2 ru pool ntp org server 2 ru pool ntp org has been added History Version Description The ntp server command has been introduced 2 00 3 55 ntp sync period Description Set a period for time sinc...

Page 217: ...config no opkg chroot Opkg Manager Chroot disabled History Version Description The opkg chroot command has been introduced 2 05 C 3 3 57 opkg disk Description Configure partition for opkg software Thi...

Page 218: ...ription Disable DNS proxy when opkg disk is mounted DNS override allows to replace embedded DNS proxy with a custom service such as BIND or Dnsmasq Command with no prefix disables DNS override Prefix...

Page 219: ...gured init script opt etc init d rc unslung config no opkg initrc Opkg Manager Init script reset to default opt etc initrc History Version Description The opkg initrc command has been introduced 2 05...

Page 220: ...ig opkg timezone UTC Opkg Manager Enabled timezone UTC config no opkg timezone Opkg Manager Timezone reset to undefined History Version Description The opkg timezone command has been introduced 2 05 C...

Page 221: ...address of remote host Host name hostname Example config pchk host 8 8 8 8 PingCheck Profile profile TEST uses host 8 8 8 8 for testing History Version Description The ping check profile host command...

Page 222: ...by obtaining of which the Internet at the interface considered present By default value 1 is used Command with no prefix resets to default Prefix no Yes Change settings Yes Multiple input No Synopsis...

Page 223: ...by TCP connection establishing to specified port connect Example config pchk mode connect PingCheck Profile profile TEST uses connect mode History Version Description The ping check profile mode comm...

Page 224: ...config pchk power cycle PingCheck Profile profile 123 enable usb power cycle History Version Description The ping check profile power cycle command has been introduced 2 04 3 61 7 ping check profile r...

Page 225: ...hk no timeout Arguments Description Value Argument Response time in seconds Can take values from 1 to 10 inclusively Integer time Example config pchk timeout 4 PingCheck Profile profile TEST timeout i...

Page 226: ...th no prefix disables specified accelerator Prefix no Yes Change settings Yes Multiple input No Synopsis config ppe engine config no ppe engine Arguments Description Value Argument engine Software acc...

Page 227: ...enabled History Version Description The pppoe pass command has been introduced 2 00 3 64 printer Description Access to a group of commands to configure the printer If the printer is not found the com...

Page 228: ...ectional mode enabled History Version Description The printer bidirectional command has been introduced 2 04 3 64 2 printer debug Description Enable debug mode for printer If you use no argument debug...

Page 229: ...alue Argument Path to firmware file String firmware Example config printer firmware storage sihp1018 dl Printer Manager A printer firmware set History Version Description The printer firmware command...

Page 230: ...ption Value Argument Printer port Integer port Example config printer port 2012 Port changed History Version Description The printer port command has been introduced 2 00 3 64 6 printer type Descripti...

Page 231: ...config sched Synopsis config schedule name config no schedule name Arguments Description Value Argument A schedule name String name History Version Description The schedule command has been introduced...

Page 232: ...le description Description Set description for the selected schedule Command with no prefix deletes the description Prefix no Yes Change settings No Multiple input No Synopsis config sched description...

Page 233: ...ion LED shows the beginning of the scheduled event start LED shows the end of the scheduled event stop Example config sched led start Core Schedule Led Selected schedule 111 History Version Descriptio...

Page 234: ...nt The cloud control service enabled History Version Description The service cloud control command has been introduced 2 05 3 68 service dhcp Description Enable DHCP server If there is not enough sett...

Page 235: ...ce dhcp relay config no service dhcp relay Example config service dhcp relay service enabled History Version Description The service dhcp relay command has been introduced 2 00 3 70 service dlna Descr...

Page 236: ...ersion Description The service dns proxy command has been introduced 2 00 3 72 service ftp Description Enable FTP server that provides the user with access to connected USB drives configuration files...

Page 237: ...For the service functioning it is necessary to have one upstream interface and at least one downstream interface If there are not enough settings to run the service the service will not function As s...

Page 238: ...The service ipsec command has been introduced 2 06 3 76 service ntce Description Enable NTCE service By default it is disabled Command with no prefix stops the service Prefix no Yes Change settings Y...

Page 239: ...introduced 2 00 3 78 service snmp Description Enable SNMP service By default the service is disabled Command with no prefix stops the service Prefix no Yes Change settings Yes Multiple input No Synop...

Page 240: ...rvice telnet command has been introduced 2 00 3 80 service torrent Description Enable BitTorrent client that provides the user with peer to peer sharing of very large files such as entire movies and T...

Page 241: ...ervice udpxy command has been introduced 2 03 3 82 service upnp Description Enable UPnP service Command with no prefix stops the service Prefix no Yes Change settings Yes Multiple input No Synopsis co...

Page 242: ...s to display various diagnostic information about system All commands of this group do not change system settings Prefix no No Change settings No Multiple input No Group entry show Synopsis config sho...

Page 243: ...access point If you use no argument the entire list of wireless stations will be displayed Prefix no No Change settings No Multiple input No Interface type Access Point Synopsis show associations name...

Page 244: ...1 mcs 15 History Version Description The show associations command has been introduced 2 00 3 84 3 show cifs Description Show CIFS server status Prefix no No Change settings No Multiple input No Synop...

Page 245: ...ple show clock date weekday 4 day 18 month 1 year 2018 hour 8 min 46 sec 2 msec 660 dst inactive tz locality GMT stdoffset 0 dstoffset 0 usesdst no rule GMT0 custom no History Version Description The...

Page 246: ...set 3600 dstoffset 7200 tz locality Anadyr stdoffset 43200 dstoffset 1 History Version Description The show clock timezone list command has been introduced 2 00 3 84 6 show crypto ike key Description...

Page 247: ...IPsec crypto map If you use no argument the entire list of IPsec crypto maps will be displayed Prefix no No Change settings No Multiple input No Synopsis show crypto map map name Arguments Descriptio...

Page 248: ...se2_sa_list phase2_sa index 0 unique_id 304 request_id 185 sa_state INSTALLED mode TUNNEL protocol ESP encapsulation yes local_spi ca59bfcf remote_spi cde23d83 ipsec_cypher esp aes 256 ipsec_hmac esp...

Page 249: ...nterface authentication must be configured with interface authentication group of commands Prefix no No Change settings No Interface type Ethernet Multiple input No Synopsis show dot1x interface Argum...

Page 250: ...Example show drivers module name rt2860v2_sta size 546736 used 0 subs module name rt2860v2_ap size 554192 used 2 subs module name rndis_host size 5024 used 0 subs module name dwc_otg size 68416 used...

Page 251: ...e status of switch ports The command show interface displays different information depending on the interface type In particular for FastEthernet0 Vlan1 switch it shows current state of physical ports...

Page 252: ...alue Argument Full name or an alias of the interface to display Interface name name Output Value Element Root node members Interface name interface Link state of interface link Attribute of inheritanc...

Page 253: ...nels Record number in the list channel index Channel number number Ability to expand channel above ext 40 above Ability to expand channel below ext 40 below Ability to expand channel up to 80 MHz vhc...

Page 254: ...channel index 7 number 8 ext 40 above yes ext 40 below yes vht 80 yes History Version Description The show interface channels command has been introduced 2 03 3 84 14 show interface country codes Des...

Page 255: ...code AL country Albania country code code DZ country Algeria country code code AR country Argentina country code code AM country Armenia country code code AU country Australia History Version Descrip...

Page 256: ...6 0 00 30 48 93 91 a7 6 0 f0 c1 f1 95 c3 fb 5 0 b8 ca 3a 8a c7 43 6 0 ec 43 f6 da 78 79 5 0 10 7b ef 59 7b 61 2 0 ec 43 f6 ff f8 8b 6 0 58 8b f3 65 8c 91 5 0 ec 43 f6 cf 0e ef 2 0 00 ee bd a1 18 51 6...

Page 257: ...20 FFFF 0x0022 FFC1 0x0024 9201 0x0026 FFFF 0x0028 43EC 0x002A 04F6 0x002C 052B 0x002E FFFF 0x0030 758E 0x0032 4301 0x0034 FF22 0x0036 0025 0x0038 FFFF 0x003A 012D 0x003C FFFF 0x003E FAD9 0x0040 88CC...

Page 258: ...t0 stat rxpackets 137033 rxbytes 23915722 rxerrors 0 rxdropped 0 txpackets 847802 txbytes 1192583473 txerrors 0 txdropped 0 timestamp 11754 721178 History Version Description The show interface stat c...

Page 259: ...ce wps status Description Show the access point WPS status Prefix no No Change settings No Multiple input No Interface type WiFi Synopsis show interface name wps status Arguments Description Value Arg...

Page 260: ...splay the contents of the ARP cache Prefix no No Change settings No Multiple input No Synopsis show ip arp Example show ip arp IP MAC Interface 192 168 75 209 9c b7 0d 91 e7 31 Home 82 135 72 150 00 0...

Page 261: ...show ip dhcp bindings pool Arguments Description Value Argument The pool name String pool Example show ip dhcp bindings _WEBADMIN lease ip 192 168 15 211 mac 00 26 c7 4a e0 16 expires 289 hostname le...

Page 262: ...default yes 0 0 0 0 lease default yes 25200 state down debug no History Version Description The show ip dhcp pool command has been introduced 2 03 3 84 23 show ip ftp Description Show home directories...

Page 263: ...p hotspot host mac 24 92 0e 92 e5 44 via 24 92 0e 92 e5 44 ip 192 168 1 41 hostname android 41d997d510af8ff9 name interface id Bridge0 name Home description Home network Wired and wireless hosts expir...

Page 264: ...4 link up ssid Bewilderbeast ap WifiMaster0 AccessPoint0 authenticated yes txrate 130 ht 20 mode 11n gi 800 rssi 37 mcs 15 History Version Description The show ip hotspot command has been introduced 2...

Page 265: ...tings No Multiple input No Synopsis show ip nat tcp Arguments Description Value Argument Only the records with TCP type will be displayed Keyword tcp Example show ip nat Type In Source Port Destinatio...

Page 266: ...ing table records are sorted in ascending order ascending Routing table records are sorted in descending order descending criteria Sorting criteria is the interface name interface Sorting criteria is...

Page 267: ...addresses 192 168 1 1 10 10 10 15 Connections test any ipsec example org IKEv2 dpddelay 10s test local ipsec example org uses pre shared key authentication test remote ipsec example com uses pre shar...

Page 268: ...lifetime infinite address address 2001 db8 ce5d 4eff fe4f aab2 interface Home valid lifetime infinite address address fd3c 4268 1559 0 ce5d 4eff fe4f aab2 interface Home valid lifetime infinite addre...

Page 269: ...nite preferred lifetime infinite History Version Description The show ipv6 prefixes command has been introduced 2 00 3 84 31 show ipv6 routes Description Show a list of current IPv6 routes Prefix no N...

Page 270: ...n Description The show last change command has been introduced 2 00 3 84 33 show log Description Show system log contents records that are present in a circular buffer The command executes in the back...

Page 271: ...e I Jul 12 12 08 41 radvd 228 resuming normal operation I Jul 12 12 08 44 wmond WifiMaster0 AccessPoint0 STA d8 b3 77 36 05 c1 pairwise key handshaking timeout I Jul 12 12 08 44 wmond WifiMaster0 Acce...

Page 272: ...w netfilter History Version Description The show netfilter command has been introduced 2 00 3 84 36 show ntce hosts Description Show list of hosts which NTCE service has found their operating systems...

Page 273: ...Time is set by the user manually Prefix no No Change settings No Multiple input No Synopsis show ntp status Example show ntp status status elapsed 435146 server 1 pool ntp org accurate yes synchronize...

Page 274: ...0 status pass pingcheck profile TEST1 mode icmp pingcheck profile TEST2 mode icmp History Version Description The show ping check command has been introduced 2 04 3 84 39 show printers Description Sho...

Page 275: ...p_conntrack_tcp_timeout_established 1200 set net ipv4 netfilter ip_conntrack_udp_timeout 60 set net ipv4 tcp_fin_timeout 30 set net ipv4 tcp_keepalive_time 120 set net ipv6 conf all forwarding 1 hostn...

Page 276: ...up interface PPTP0 description Office VPN peer crypton zydata ru lcp echo 30 3 ipcp default route ipcp name servers ccp security level public authentication identity 00441 authentication password 123...

Page 277: ...24ba6e5c1fec3957e587a21535b tag cli tag cifs tag http tag ftp user test password md5 baadfb946f5d516379cfd75e31e409d9 tag readonly service dhcp service dns proxy service ftp service cifs service http...

Page 278: ...ple input No Interface type Radio Synopsis show site survey name Arguments Description Value Argument Full name or an alias of the interface You can see the list of available interfaces with help of s...

Page 279: ...ow system Example config show system hostname Undefined domainname WORKGROUP cpuload 0 memory 13984 28976 swap 0 0 uptime 153787 History Version Description The show system command has been introduced...

Page 280: ...will be displayed tcp Rules with UDP protocol will be displayed udp Rules with specified interface name will be displayed Interface name interface Rules with specified port will be displayed Integer...

Page 281: ...system storage device name 4FCC A585 label FAT32 subsystem storage device name 226F114C088FC43D label NTFS subsystem storage History Version Description The show usb command has been introduced 2 00 3...

Page 282: ...pingcheck ppp pptp pppoe ydns manufacturer Keenetic Ltd vendor Keenetic series KN model Start KN 1110 hw_version 10118000 hw_id KN 1110 device Start class Internet Center History Version Description T...

Page 283: ...Command with no prefix resets setting to default Prefix no Yes Change settings Yes Multiple input No Synopsis config snmp community community config no snmp community Arguments Description Value Argum...

Page 284: ...contact info set to Cont_test config no snmp contact Snmp Manager SNMP community info reset History Version Description The snmp contact command has been introduced 2 08 3 87 snmp location Description...

Page 285: ...s config system History Version Description The system command has been introduced 2 00 3 88 1 system button Description Configure device buttons to handle specific actions Available handlers depend o...

Page 286: ...t all disks UnmountAll Search for new files DlnaDirectoryRescan Full rescan DlnaDirectoryFullRescan Alternative speed on off component Transmission BitTorrent client required TorrentAltSpeedToggle Swi...

Page 287: ...ion Description The system clock date command has been introduced 2 00 3 88 3 system clock timezone Description Set the system timezone Command with no prefix resets timezone to default GMT Prefix no...

Page 288: ...the system configuration reset to factory defaults History Version Description The system configuration factory reset command has been introduced 2 00 3 88 5 system configuration save Description Save...

Page 289: ...en introduced 2 03 3 88 7 system domainname Description Assign domain name for the system Command with no prefix removes domain name Prefix no Yes Change settings Yes Multiple input No Synopsis system...

Page 290: ...e host String hostname Example system hostname odysseus Hostname saved History Version Description The system hostname command has been introduced 2 00 3 88 9 system led Description Configure general...

Page 291: ...ed command has been introduced 2 08 3 88 10 system led shutdown Description Shutdown the LEDs on the device Command with no prefix turns LEDs on Prefix no Yes Change settings Yes Multiple input No Syn...

Page 292: ...m log clear command has been introduced 2 00 3 88 12 system log reduction Description Enable repeated message reduction By default the setting is enabled Command with no prefix disables the feature Pr...

Page 293: ...0 Syslog server 192 168 1 1 8080 added History Version Description The system log server command has been introduced 2 00 3 88 14 system log suppress Description Add message suppression rule Prefix no...

Page 294: ...d Wi Fi network using a wireless connection repeater Access point mode to extend Wi Fi network using a wired Ethernet connection ap Example system mode repeater Core Mode The system switched to repeat...

Page 295: ...eboot is convenient in the case when the device is under remote control and the user doesn t understand the effect of the commands he she is trying The user can turn on a scheduled reboot for fear of...

Page 296: ...ring value Example config system system set net ipv4 ip_forward 1 system set net ipv4 tcp_fin_timeout 30 system set net ipv4 tcp_keepalive_time 120 system set net ipv4 netfilter ip_conntrack_tcp_timeo...

Page 297: ...Value Argument Swap file name String area Swap file size in kBytes Integer size Example system swap 9430B54530B52EDC swaparea 200 swap is being initialized in background enabled swap area 9430B54530B...

Page 298: ...liseconds Integer wait time Example tools arping 192 168 15 51 source interface Home count 4 wait time 3000 Starting the ARP ping to 192 168 15 51 ARPING 192 168 15 51 from 192 168 15 1 br0 Unicast re...

Page 299: ...8 1 33 PING 192 168 1 33 192 168 1 33 72 100 bytes of data 100 bytes from 192 168 1 33 icmp_req 1 ttl 128 time 2 35 ms 100 bytes from 192 168 1 33 icmp_req 2 ttl 128 time 1 07 ms 100 bytes from 192 16...

Page 300: ...size 100 Sending ICMPv6 ECHO request to fd4b f12b 5d59 0 1108 4407 b772 20cd PING fd4b f12b 5d59 0 1108 4407 b772 20cd fd4b f12b 5d59 0 1108 4407 b772 20cd 52 60 bytes of data 60 bytes from fd4b f12b...

Page 301: ...time 9 Discovering PPPoE access concentrators on eth2 2 AC name accel ppp HW address aa 09 a0 11 64 44 Service AC name accel ppp HW address de 06 21 02 b3 e2 Service process terminated History Versio...

Page 302: ...e to live value traceroute will Integer max ttl probe Default value 30 Value must be in the range 1 255 Destination port Integer port For tcp type default port is 80 For udp type default port is 33434...

Page 303: ...2 ae15 yndx net 87 250 239 24 2 990 ms 19 063 ms 10 www yandex ru 213 180 193 3 2 017 ms process terminated History Version Description The tools traceroute command has been introduced 2 00 3 90 torre...

Page 304: ...troduced 2 00 3 90 2 torrent peer port Description Set peer port By default 51413 value is used Prefix no No Change settings Yes Multiple input No Synopsis config torrent peer port port Arguments Desc...

Page 305: ...tion The torrent rpc port command has been introduced 2 00 3 91 udpxy Description Access to a group of commands to configure udpxy parameters Prefix no No Change settings No Multiple input No Group en...

Page 306: ...t to hold data in the buffer By default 1 value is used Command with no prefix resets timeout to default Prefix no Yes Change settings Yes Multiple input No Synopsis udpxy buffer timeout timeout udpxy...

Page 307: ...lp of interface command Interface name interface Example udpxy interface ISP Udpxy Manager bound to FastEthernet1 History Version Description The udpxy interface command has been introduced 2 02 3 91...

Page 308: ...val renew interval udpxy no renew interval Arguments Description Value Argument Renew interval of subscription in seconds Can take values from 0 to 3600 Integer renew interval Example udpxy renew inte...

Page 309: ...ltiple input Yes Interface type IP Synopsis config upnp forward protocol interface address port config no upnp forward index protocol address port Arguments Description Value Argument protocol Rule fo...

Page 310: ...s of the interface You can see the list of available interfaces with help of upnp lan command Interface name interface Example config upnp lan PPTP0 using LAN interface PPTP0 History Version Descripti...

Page 311: ...port Lists of forwarding and redirecting rules will be cleared Keyword and forward Rule with specified number in the list will be removed Integer index History Version Description The upnp redirect c...

Page 312: ...ets the password so that the user loses access to the device For the admin user prefix no resets the password to the factory settings 1234 Prefix no Yes Change settings Yes Multiple input No Synopsis...

Page 313: ...e tagged readonly or untagged cli Prefix no Yes Change settings Yes Multiple input Yes Synopsis config user tag tag config user no tag tag Arguments Description Value Argument tag Access to command li...

Page 314: ...h no prefix unbinds the interface Prefix no Yes Change settings Yes Multiple input No Synopsis vpn server interface interface vpn server no interface Arguments Description Value Argument Full name or...

Page 315: ...e number of consecutive requests LCP echo sent for which no response LCP reply Integer count was received If count of LCP echo requests goes unanswered the connection is terminated Pppd will send LCP...

Page 316: ...able MPPE encryption Command with no prefix disables encryption Prefix no Yes Change settings Yes Multiple input No Synopsis vpn server mppe optional vpn server no mppe optional Example vpn server mpp...

Page 317: ...cription Set MTU value to be transmitted to PPTP server By default 1350 value is used Command with no prefix resets value to default Prefix no Yes Change settings Yes Multiple input No Synopsis vpn se...

Page 318: ...in command has been introduced 2 04 3 96 8 vpn server pool range Description Assign a pool of addresses for the clients that connect to the VPN server Command with no prefix removes a pool Prefix no Y...

Page 319: ...static ip name Arguments Description Value Argument Username String name IP address to bind IP address address Example vpn server static ip admin 192 168 1 22 Core Configurator done History Version De...

Page 320: ...Host to which type of filtering is applied If not specified the type is applied to all hosts MAC address host type No filtering used default Protection against malicious and phishing websites safe Acc...

Page 321: ...andex DNS service Command with no prefix disables the service Prefix no Yes Change settings Yes Multiple input No Synopsis yandexdns enable yandexdns no enable Example yandexdns enable YandexDns Clien...

Page 322: ...Command Reference Guide Keenetic Extra KN 1710 322 Chapter 3 Command Reference...

Page 323: ...rect information about user password CHAP provides better security than Password Authentication Protocol Command Line Interface is a user interface to a computer s operating system or an application i...

Page 324: ...manually filled in perhaps by a network administrator Only requesting clients with a MAC address listed in this table will be allocated an IP address This feature which is not supported by all DHCP se...

Page 325: ...th of the HMAC depends upon the cryptographic strength of the underlying hash function the size of its hash output and on the size and quality of the key Idempotence is the property of certain operati...

Page 326: ...will use security services to communicate securely Each IPsec connection can provide encryption integrity authenticity or all three When the security service is determined the two IPsec peers must de...

Page 327: ...an receive in a single TCP segment It does not count the TCP header or the IP header Maximum Transmission Unit is the largest size packet or frame specified in octets eight bit bytes that can be sent...

Page 328: ...PFS protects past sessions against future compromises of secret keys or passwords Ping Check performs ICMP and TCP based tests to verify if the internet connection is working fine Test results may be...

Page 329: ...network when multiple independent networks operate in the same physical area Shared key is a mode by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy proto...

Page 330: ...WME is a subset of the 802 11e wireless LAN WLAN specification that enhances quality of service QoS on a network by prioritizing data packets according to four access categories AC Ranging from highe...

Page 331: ...Extended Authentication or XAUTH provides an additional level of authentication by allowing the IPsec gateway to request extended authentication from remote users thus forcing remote users to respond...

Page 332: ...Command Reference Guide Keenetic Extra KN 1710 332 Glossary...

Page 333: ...Peer Ppp Vlan Secure Ethernet OpenVpn Pvc FastEthernet GigabitEthernet Pppoe PppTunnel Pptp L2tp Figure A 2 Tunnel interfaces Ethernet Secure IP SecureIPTunnel Peer Tunnel6to4 Tunnel6 Tunnel6in4 Tunne...

Page 334: ...et Ppp Usb UsbModem YotaOne UsbEthernet UsbLte CdcEthernet Figure A 4 Wi Fi interfaces Wireless WiFi Radio Ethernet WiFiMaster WiFiStation AccessPoint Command Reference Guide Keenetic Extra KN 1710 33...

Page 335: ...ces and their parameters The words command and resource are used interchangeably in this manual Parameters are listed in the Arguments table of each command They can be passed as part of the request u...

Page 336: ...quests must be submitted in a free form JSON 1 that is interpreted as a batch of parameters and nested settings depending on the data type Conversely HTTP GET returns JSON data that was previously POS...

Page 337: ...resource apply to all nested resources within the nearest surrounding scope Example B 2 Create and enable a PPP interface Call interface to create a new PPPoE connection as described in Section 3 20...

Page 338: ...ype application json version interface name Home Response is an array of two elements in accordance with the request version release 2 12 A 1 0 1 arch mips ndm exact 0 cbf8590 cdate 15 Jan 2018 bsp ex...

Page 339: ...to factory defaults authentication is not required Example B 4 XML API call Execute the show interface command for the WAN interface named ISP This interface exists by default in Keenetic Extra POST...

Page 340: ...t is always sent from the user agent to the device The device always responds with a response The id attribute can be used to establish one to one correspondence between them Figure B 1 Request Elemen...

Page 341: ...3 on page 23 B 2 2 Configuration Request Configuration request can be used to get configured parameters Web interface uses this kind of request to fill out the HTML forms Figure B 4 Configuration Req...

Page 342: ...Figure B 6 Response Packet packet response id 1 response content response response id 2 no response for id 2 packet Command Reference Guide Keenetic Extra KN 1710 342 Appendix B HTTP API...

Page 343: ...sysUpTime SNMPv2 MIB sysContact SNMPv2 MIB sysName SNMPv2 MIB sysLocation SNMPv2 MIB sysServices C 2 IF MIB OID 1 3 6 1 2 1 2 and 1 3 6 1 2 1 31 The following data elements are supported Basical OID 1...

Page 344: ...ts IF MIB ifInBroadcastPkts IF MIB ifOutMulticastPkts IF MIB ifOutBroadcastPkts IF MIB ifHCInOctets IF MIB ifHCInUcastPkts IF MIB ifHCInMulticastPkts IF MIB ifHCInBroadcastPkts IF MIB ifHCOutOctets IF...

Page 345: ...st Keenetic Lite III counter overflow event time set in IF MIB ifCounterDiscontinuityTime Keenetic Omni Keenetic Omni II 16 bit per port packet counters only Last counter Keenetic Start II Keenetic Li...

Page 346: ...udpInErrors UDP MIB udpOutDatagrams UDP MIB udpHCInDatagrams UDP MIB udpHCOutDatagrams C 5 HOST RESOURCES MIB OID 1 3 6 1 2 1 25 The following data elements are supported HOST RESOURCES MIB hrSystemU...

Page 347: ...MP MIB dskPercentNode System load info UCD SNMP MIB laIndex UCD SNMP MIB laNames UCD SNMP MIB laLoad UCD SNMP MIB laConfig UCD SNMP MIB laLoadInt UCD SNMP MIB ssCpuRawUser UCD SNMP MIB ssCpuRawNice UC...

Page 348: ...Command Reference Guide Keenetic Extra KN 1710 348 Appendix C SNMP MIB...

Page 349: ...list of algorithms is indicated encryption with key length hash function for HMAC forming PFS mode NO if disabled D 1 weak AES128 SHA1 MODP1024 IKE AES128 SHA1 MODP768 AES128 MD5 MODP1024 AES128 MD5 M...

Page 350: ...ODP1536 AES128 SHA1 MODP1024 3DES SHA1 MODP1536 3DES SHA1 MODP1024 AES128 SHA1 NO IPsec SA AES256 SHA1 NO 3DES SHA1 NO encryption aes cbc 256 Proposal encryption aes cbc 128 encryption 3des integrity...

Page 351: ...roup 2 D 4 strong AES256 SHA1 MODP2048 IKE AES256 SHA1 MODP1536 AES128 SHA1 MODP2048 AES128 SHA1 MODP1536 AES256 SHA1 MODP1536 IPsec SA AES256 SHA1 MODP2048 AES256 SHA1 MODP2048 AES256 SHA1 MODP1536 e...

Page 352: ...SHA1 NO 3DES SHA1 NO DES SHA1 NO AES128 MD5 NO 3DES MD5 NO AES128 SHA1 MODP1024 3DES SHA1 MODP1024 DES SHA1 MODP1024 AES128 SHA1 MODP768 3DES SHA1 MODP768 DES SHA1 MODP768 AES128 MD5 MODP1024 3DES MD...

Page 353: ...1 MODP1024 IPsec SA AES128 SHA1 NO AES256 SHA1 NO 3DES SHA1 NO AES256 SHA1 MODP1536 AES128 SHA1 MODP1536 3DES SHA1 MODP1536 AES256 SHA1 MODP1024 3DES SHA1 MODP1024 encryption aes cbc 256 Proposal encr...

Page 354: ...SHA1 NO AES256 SHA1 NO AES128 SHA1 NO AES256 SHA1 MODP1536 AES128 SHA1 MODP1536 3DES SHA1 MODP1536 AES256 SHA1 MODP1024 3DES SHA1 MODP1024 encryption aes cbc 256 Proposal encryption aes cbc 128 encry...

Search results

Summary of Contents for EXTRA KN-1710

Reviews:

Related manuals for EXTRA KN-1710

Brands by name

Popular brands

KeeNetic EXTRA KN-1710, Command Reference Manual

Search results

Summary of Contents for EXTRA KN-1710

Reviews:

Related manuals for EXTRA KN-1710

Brands by name

Popular brands