Ericsson HM4x0 Скачать руководство пользователя | Manualshive

Страница: 230 / 702

background image

Firewall CLI Commands

230

2/1553-ZAT 759 94 Uen B – December 2005

Option Description

Default

value

policyname

A name that identifies a firewall policy.
To display policy names, use the

firewall list policies

command.

N/A

protocol

The number of a non-TCP or non-UDP
protocol.

N/A

startport

The start of the port range for a TCP
or UDP protocol.

N/A

endport

The end of the port range for a TCP or
UDP protocol.

N/A

inbound

Allows transport of packets of the
specified protocol, application or
service from an outside interface to an
inside interface. Outbound transport of
the packets is not allowed.

N/A

outbound

Allows transport of packets of the
specified protocol, application or
service from an inside interface to an
outside interface. Inbound transport of
the packets is not allowed.

N/A

both

Allows inbound and outbound
transport of packets of the specified
protocol, application or service
between inside and outside interfaces.

N/A

10.7.4 Example

Example one – specifying a protocol <number>

The following example allows IGMP (Internet Group Management Protocol)
packets inbound from the external interface to the DMZ interface. IGMP is
protocol number 1.

-->

firewall add portfilter pf1 ext-dmz protocol 2

inbound

Example two – specifying a TCP/UDP protocol

The following example allows DNS (Domain Name Service) outbound packets
from the internal interface to the external interface. DNS uses UDP port 53.

«
...
228
229
230
231
232
...
»

Содержание HM4x0

Страница 1: ...HM4x0 CLI Reference Guide ...

Страница 2: ...roduced in any form without the written permission of the copyright owner The contents of this document are subject to revision without notice due to continued progress in methodology design and manufacturing Ericsson shall have no liability for any error or damages of any kind resulting from the use of this document Abstract This document is a reference guide describing the Command Line Interface...

Страница 3: ...ent CLI Commands 29 3 1 Summary 29 3 2 agent get 30 3 3 agent methods 31 4 Bridge CLI Commands 32 4 1 Summary 32 4 2 bridge add interface 34 4 3 bridge clear interfaces 35 4 4 bridge delete interface 36 4 5 bridge list interfaces 37 4 6 bridge clear interface stats 38 4 7 bridge list interface stats 39 4 8 bridge show interfacestats 40 4 9 bridge set filterage 42 4 10 bridge set interface filterty...

Страница 4: ...29 bridge delete vlaninterface 69 4 30 bridge list fdbs 70 4 31 bridge show fdb 71 4 32 bridge set interface ingressfiltering 72 4 33 bridge set interface pvid 73 4 34 bridge set interface defaultuserpriority 74 4 35 bridge set interface regenpriority 75 4 36 bridge show interface regenpriority 77 4 37 bridge set interface numtrafficclasses 78 4 38 bridge set interface trafficclassmap 79 4 39 brid...

Страница 5: ...dunreginterface shared 102 4 61 bridge delete fwdunreginterface shared 103 4 62 bridge clear fwdunreginterfaces shared 105 4 63 bridge list fwdunreg shared 106 4 64 bridge list static fwdall shared 107 4 65 bridge list static fwdunreg shared 108 5 DHCP Client CLI Commands 109 5 1 Summary 109 5 2 dhcpclient add interfaceconfig 111 5 3 dhcpclient clear interfaceconfigs 112 5 4 dhcpclient delete inte...

Страница 6: ... interfaceconfig givednstoclient enabled disabled 139 5 24 dhcpclient set interfaceconfig givednstorelay enabled disabled 140 5 25 dhcpclient set interfaceconfig interface 141 5 26 dhcpclient set interfaceconfig noclientid 142 5 27 dhcpclient set interfaceconfig requestedleasetime 143 5 28 dhcpclient set interfaceconfig server 144 5 29 dhcpclient set reboot 145 5 30 dhcpclient set retry 146 5 31 d...

Страница 7: ...signautodomain 174 6 25 dhcpserver set subnet defaultleasetime 175 6 26 dhcpserver set subnet hostisdefaultgateway 176 6 27 dhcpserver set subnet hostisdnsserver 177 6 28 dhcpserver set subnet maxleasetime 178 6 29 dhcpserver set subnet subnet 179 6 30 dhcpserver show 180 6 31 dhcpserver show subnet 181 6 32 dhcpserver subnet add iprange 182 6 33 dhcpserver subnet add option 183 6 34 dhcpserver su...

Страница 8: ...servers 203 8 4 dnsrelay delete server 204 8 5 dnsrelay enable disable 205 8 6 dnsrelay show 206 8 7 dnsrelay list servers 207 8 8 dnsrelay set hostname 208 8 9 dnsrelay set landomainname 209 8 10 dnsrelay show landomainname 210 9 Ethernet CLI Commands 211 9 1 Summary 211 9 2 ethernet add transport 212 9 3 ethernet clear transports 213 9 4 ethernet delete transport 214 9 5 ethernet list ports 215 ...

Страница 9: ...238 10 13 firewall delete validator 240 10 14 firewall list validators 241 10 15 firewall show validator 242 11 IGMP CLI Commands 243 11 1 Summary 243 11 2 igmp set forwardall 244 11 3 igmp set upstreaminterface 245 11 4 igmp show upstreaminterface 246 11 5 igmp show forwardall 247 11 6 igmp show status 248 12 IP CLI Commands 249 12 1 Summary 249 12 2 ip add interface 251 12 3 ip attach 253 12 4 i...

Страница 10: ... 277 12 24 ip clear riproutes 278 12 25 ip list riproutes 279 12 26 ip set interface rip accept 280 12 27 ip set interface rip multicast 282 12 28 ip set interface rip send 284 12 29 ip set rip advertisedefault 286 12 30 ip set rip authentication 287 12 31 ip set rip defaultroutecost 288 12 32 ip set rip hostroutes 289 12 33 ip set rip password 290 12 34 ip set rip poison 291 12 35 ip add defaultr...

Страница 11: ... interface add staticarpentry 317 12 56 ip interface clear staticarpentries 319 12 57 ip interface delete staticarpentry 320 12 58 ip interface list staticarpentries 321 12 59 ip interface add secondaryipaddress 323 12 60 ip interface clear secondaryipaddresses 325 12 61 ip interface delete secondaryipaddress 326 12 62 ip interface list secondaryipaddresses 327 12 63 ip interface attachbridgevlan ...

Страница 12: ... nat add resvmap interfacename tcp udp 355 14 13 nat add resvmap interfacename 357 14 14 nat clear resvmaps 359 14 15 nat delete resvmap 360 14 16 nat list resvmaps 361 14 17 nat show resvmap 363 14 18 nat status 364 15 Port CLI Commands 365 15 1 Summary 365 15 2 port 366 15 3 port list 367 15 4 port set 368 15 5 port a1 set 369 15 6 port wireless set 374 15 7 port show 380 15 8 port status 381 16...

Страница 13: ...lay enabled disabled 404 16 18 pppoa set transport headers hdlc 405 16 19 pppoa set transport headers llc 406 16 20 pppoa set transport idletimeout 407 16 21 pppoa set transport interface 408 16 22 pppoa set transport ipv6cp 409 16 23 pppoa set transport lcpechoevery 410 16 24 pppoa set transport lcpmaxconf 411 16 25 pppoa set transport lcpmaxfail 412 16 26 pppoa set transport lcpmaxterm 413 16 27...

Страница 14: ...2 pppoe add transport dialout pvc 450 17 3 pppoe add transport dialout eth 452 17 4 pppoe clear transports 454 17 5 pppoe delete transport 455 17 6 pppoe list transports 456 17 7 pppoe set transport accessconcentrator 457 17 8 pppoe set transport autoconnect 459 17 9 pppoe set transport autoconnect filter 460 17 10 pppoe set transport bt 462 17 11 pppoe set transport createroute 463 17 12 pppoe se...

Страница 15: ...t transport password 485 17 33 pppoe set transport pcr 487 17 34 pppoe set transport prilevels 488 17 35 pppoe set transport pvc 489 17 36 pppoe set transport qosclass 491 17 37 pppoe set transport remotedns 493 17 38 pppoe set transport remoteip 495 17 39 pppoe set transport routemask 496 17 40 pppoe set transport scr 497 17 41 pppoe set transport servicename 498 17 42 pppoe set transport specifi...

Страница 16: ...0 18 15 rfc1483 set transport rxvpi 531 18 16 rfc1483 set transport scr 532 18 17 rfc1483 set transport txvci 533 18 18 rfc1483 set transport txvpi 534 18 19 rfc1483 set transport vci 535 18 20 rfc1483 set transport vpi 536 18 21 rfc1483 show transport 537 19 Security CLI Commands 539 19 1 Summary 539 19 2 security enable disable 542 19 3 security status 543 19 4 security enable disable blockinglo...

Страница 17: ... 25 security set trigger endport 568 19 26 security set trigger startport 569 19 27 security set trigger secondaryendport 570 19 28 security set trigger secondarystartport 571 19 29 security set trigger sessionchaining 572 19 30 security set trigger UDPsessionchaining 573 19 31 security show trigger 575 19 32 security enable disable IDS 577 19 33 security enable disable IDS blacklist 578 19 34 sec...

Страница 18: ...curity application clear internalhost 601 19 56 security application add port 602 19 57 security application delete port 604 19 58 security application list ports 605 20 SNMP CLI Commands 607 20 1 Summary 607 20 2 snmp add communityname 608 20 3 snmp delete communityname 610 20 4 snmp set communityname 611 20 5 snmp list communitynames 612 20 6 snmp add trapdestination 613 20 7 snmp delete trapdes...

Страница 19: ...1 11 sntpclient set retries 637 21 12 sntpclient show status 638 21 13 sntpclient set clock 639 22 System CLI Commands 640 22 1 Summary 640 22 2 system add user 641 22 3 system add login 642 22 4 system config backup 644 22 5 system config clear 645 22 6 system config restore 646 22 7 system config save 648 22 8 system config save factory 649 22 9 system delete login 650 22 10 system delete user 6...

Страница 20: ...22 27 system set user password 670 23 Transports CLI Commands 671 23 1 Summary 671 23 2 transports clear 672 23 3 transports delete 673 23 4 transports list 674 23 5 transports show 675 24 User CLI Commands 676 24 1 Summary 676 24 2 user logout 677 24 3 user password 678 24 4 user change 679 25 Web Server CLI Commands 680 25 1 Summary 680 25 2 websersver clear stats 681 25 3 webserver enable disab...

Страница 21: ... B December 2005 21 25 9 webserver set secclasses 688 25 10 webserver set telnetport 690 25 11 webserver set telnetsecclasses 691 25 12 webserver show info 693 25 13 webserver show memory 694 25 14 webserver show stats 695 Index 696 ...

Страница 22: ...2 Typographic Conventions Throughout this guide the following typographical conventions are used to denote important information 1 2 1 Text Conventions The following text conventions are used Convention Example System printouts appear in Courier attachbridge Commands given to the CLI appear in Courier bold system add user Angle brackets mean that this part should be replaced with what is indicated...

Страница 23: ...address for the HM4x0 is 192 168 1 1 and the connected PC must be on the same subnet for example the IP address set to 192 168 1 2 The Command Line is displayed If your Telnet application is GUI based you may be able to configure your Telnet terminal preferences to allow VT 100 compatibility in order to have scrolling and cursor arrow navigation If your Telnet application is CLI based you should h...

Страница 24: ...dmin user enter system list users The following information is returned Users May May Access ID Name Conf Dialin Level Comment 1 admin ENABLED disabled superuser Administrator 2 3 Logout of the System To logout of the system enter the command user logout The system logs out the current user and closes the telnet connection Logging out Connection to host lost 2 4 Save Configuration Changes Whenever...

Страница 25: ...re numbered entries in a list For example if you have created more than one IP interface the following command ip list interfaces produces a list of numbered interface objects Object numbers are displayed in the first column under the heading ID 2 5 1 Attach a Transport to an Interface To attach a transport to a bridge or router you need to 1 Create a transport In the following command an Ethernet...

Страница 26: ...as displayed using the list command ethernet delete transport name number clear The clear command deletes ALL named entities that belong to an object for example the following command firewall clear policies Deletes all of the policy objects that belong to the Firewall You should use the clear command with caution the above example also deletes all validators and portfilters that belong to the pol...

Страница 27: ...ransport Note The tab completion facility works with fixed CLI keywords It does not work with any CLI objects that you create or edit such as transport names Command Syntax Options If you type a command keyword and want to find out what the next syntax options are type Spacebar For example ethernet Displays a list of valid keywords that you can use after ethernet add Create ethernet transport clea...

Страница 28: ...ame or number You assign a name when you create the interface or transport tunnel etc using the add interface command Once created the CLI adds this interface to a list of IP interfaces which you can display using the ip list interfaces command Interfaces are given identification numbers that appear under the first column under the heading ID ip list interfaces IP Interfaces ID Name IP Address DHC...

Страница 29: ...ommands 2 1553 ZAT 759 94 Uen B December 2005 29 3 Agent CLI Commands This chapter describes the Agent CLI commands 3 1 Summary The table below lists the Agent commands provided by the CLI agent get agent methods ...

Страница 30: ...e to the file system 3 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value source Specify source URL e g http somehost somefile N A Dest Specify destination e g isfs out txt N A 3 2 4 Example agent get http somehost somfile isfs out txt ...

Страница 31: ... 31 3 3 agent methods 3 3 1 Syntax agent methods 3 3 2 Description This command displays the available methods for downloading a file 3 3 3 Example agent methods http Hyper Text Transfer Protocol tftp Trivial File Transfer Protocol ftp File Transfer Protocol ...

Страница 32: ...ge attach bridge detach bridge flush bridge show bridge list ucastentries Q Bridge CLI Commands bridge add vlan bridge clear vlans bridge delete vlan bridge list vlans bridge list static vlans bridge show vlan bridge clear interfacevlanstats bridge list interfacevlanstats bridge show interfacevlanstats bridge add vlaninterface bridge clear vlaninterfaces bridge delete vlaninterface bridge list fdb...

Страница 33: ...l independent bridge add fwdunreginterface independent bridge delete fwdunreginterface independent bridge clear fwdunreginterfaces independent bridge list fwdunreg independent bridge list static fwdall independent bridge list static fwdunreg independent Hybrid VLAN Learning Mechanism HVM commands bridge add fwdallinterface shared bridge delete fwdallinterface shared bridge clear fwdallinterfaces s...

Страница 34: ... 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the interface It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A 4 2 4 Example bridge add interface LanInterface ...

Страница 35: ...s command deletes all bridge interfaces previously created using the bridge add interface command If you have included support for source and or destination MAC address forwarding all source destination MAC address based unicast filtering entries associated with the interfaces are also deleted by this command 4 3 3 Example bridge clear interfaces ...

Страница 36: ...es 4 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface name...

Страница 37: ...ce command 4 5 3 Example bridge list interfaces ID 1 Name LanInterface Filter PVID Accept Ingress User Transport Type FrameType Filtering Prio All 1 ALL disabled 0 LanTransport ID 2 Name WlanInterface Filter PVID Accept Ingress User Transport Type FrameType Filtering Prio All 1 ALL disabled 0 WlanTransport ID 3 Name DslInterface Filter PVID Accept Ingress User Transport Type FrameType Filtering Pr...

Страница 38: ...owing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an already added and attached bridge interface See bridge add interface and bridge attach commands to add a bridge interface and attach it to a transport respectively N A number A number that identifies an existing bridge...

Страница 39: ...out bridge interfaces Number of frames received on the interface Number of frames transmitted from the interface Number of frames discarded due to transit delay Number of frames discarded due to buffer overflow 4 7 3 Example bridge list interface stats Bridge Interfaces ID Name Rx Frames Tx Frames Tx Delay Unknown VLAN Discards Discards Buffer O F Ingress Frame Type Discards Discards Discards 1 La...

Страница 40: ...iscarded due to buffer overflow 4 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an already added and attached bridge interface See bridge add interface and bridge attach commands to add a bridge interface and attach it to a transport respectively ...

Страница 41: ...Bridge CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 41 Rx Frames Tx Frames Transmit Unknown VLAN Delay Discards Discards Buffer O F Ingress Frame Type Discards Discards Discards 0 0 0 0 0 0 0 ...

Страница 42: ...layed by the bridge show command 4 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value filterage The filter age is the time in seconds after which MAC addresses are removed from the filter table when there has been no activity The time may be an integer value between 10...

Страница 43: ... if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface names use the bridge list interfaces command The number appears in the first column under the heading ID N A all Allows all types of ehternet p...

Страница 44: ...a unicast packet is received by an interface with a portfilter set to all the portfilter rule is ignored The unicast packet is still only sent to one port Note If the bridge itself is attached to the router the bridge itself will always forward to all ports and will always be forwarded to by all ports Note Port Filter is not restored by the system config save command 4 11 3 Options The following t...

Страница 45: ...at you want packets received on a specified bridge interface to be forwarded to To display port names use the bridge list interfaces command all Forwards packets received on a specified bridge interface to all existing bridge ports all 4 11 4 Example bridge set interface LanInterface portfilter all ...

Страница 46: ...ing attached 4 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display int...

Страница 47: ...that you want to detach are deleted by this command 4 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an e...

Страница 48: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command ...

Страница 49: ...s of association with a shared filtering database FDB3 Multicast Learning setting which is configurable and can be set to HVM Hybrid VLAN Multicast Learning or IVM Independent VLAN Multicast Learning In case of HVM if two VLANs are associated with the same FDB the filtering information for a multicast MAC address in the other VLAN too However in case of IVM filtering information for a multicast MA...

Страница 50: ...version number that this device supports which is 1 The maximum VLAN Id for a VLAN in the bridge The maximum number of VLANs supported in the bridge The number of VLANs that currently exist in the bridge 4 15 3 Example bridge show Global bridge configuration MAC Address 0 80 37 85 c5 c2 Number of Interfaces 3 Type TRANSPARENT Filter Age 1000 seconds Unicast Learning HYBRID Multicast Learning HVM I...

Страница 51: ...iority Note This command does not show the current contents of the bridge s filter table See the command bridge list ucastentries or the console command filter 4 16 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interfac...

Страница 52: ...n B December 2005 4 16 4 Example bridge show interface LanInterface Bridge Interface LanInterface Name LanInterface Filter Type Ip Port Filter all PVID 1 Acceptable Frame Type ALL Ingress Filtering disabled User Priority 0 Transport Not attached ...

Страница 53: ...ce MAC address based destination MAC address based statically configured destination MAC address based dynamically learnt special Entry destination MAC address based statically configured and dynamically learnt Ethernet MAC address associated with the entry Receive interface for source MAC address based entries See the bridge add ucastentry src command for more information Egress interface list 4 ...

Страница 54: ...arded To add a VLAN you must enter this command with the following values set name DefaultVlan vlanid 1 fdb DefaultFdb By default all of the bridge interfaces are added to the untagged port list of the default VLAN 4 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ...

Страница 55: ...th which the user wants the VLAN to be associated If the FDB already exists the VLAN becomes associated with that FDB If the FDB does not exist it is created and the VLAN becomes associated with it See the bridge list fdbs command to display all the existing filtering databases configured in the bridge and their corresponding statistics Set to DefaultFdb to add the default VLAN N A 4 18 4 Example ...

Страница 56: ... VLANs from the bridge The egress interfaces and multicast filtering entries for an IVM configuration associated with the VLANs are also deleted by this command If a VLAN is the last VLAN associated with its FDB the FDB along with the unicast and multicast filtering entries and forward all unregistered group entries are also deleted from the bridge 4 19 3 Example bridge clear vlans ...

Страница 57: ...ntries are also deleted from the bridge 4 20 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans command To display the list of all the static ...

Страница 58: ... the VLANs the command displays all of the statically added egress interfaces See the bridge add vlaninterface command to add an interface to the named VLAN The following VLAN information is displayed User configured VLAN name VLAN ID Filtering database associated with the VLAN Tagged egress interface list Untagged egress interface list 4 21 3 Example bridge list static vlans VLANs ID VLAN ID VLAN...

Страница 59: ...ically learnt egress interfaces See the bridge add vlaninterface command to statically add an interface to a named VLAN The following VLAN information is displayed VLAN ID VLAN name for statically configured VLANs Filtering database name associated with the VLAN The type field indicating whether the VLAN is statically configured or dynamically learnt Tagged egress interface list Untagged egress in...

Страница 60: ...d egress interface list Untagged egress interface list 4 23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans command To display the list of ...

Страница 61: ...mmands 2 1553 ZAT 759 94 Uen B December 2005 61 column under the heading ID 4 23 4 Example bridge show vlan VLAN_1 VLAN VLAN_1 VLAN Id 2 Filtering Database FDB_1 Tagged Interfaces bridge1 Untagged Interfaces bridge2 ...

Страница 62: ...ro 4 24 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically configured VLANs use the br...

Страница 63: ...erface for the named VLAN 4 25 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically conf...

Страница 64: ...nsmitted from the interface for the named VLAN 4 26 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the li...

Страница 65: ...ete the interfaces from the default VLAN Note A bridge interface can exist either as a tagged interface or an untagged interface in a VLAN 4 27 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing VLAN To display the list of statical...

Страница 66: ...fault value untagged To add an interface in the untagged interface list of the named VLAN N A interfacename The name of an already added and attached bridge interface See the bridge add interface and bridge attach commands 4 27 4 Example bridge add vlaninterface VLAN_1 tagged bridge1 ...

Страница 67: ...ach option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans command To display the list of all the static and dynamic VLANs in the bridge use the bridge list vlans command This command also displays the egress in...

Страница 68: ...ed option is given in this command all the egress interfaces are removed from the VLAN N A untagged Removes all the untagged interfaces from the egress interface list of the VLAN If no tagged untagged option is given in this command all the egress ports are removed from the VLAN N A 4 28 4 Example bridge clear vlaninterfaces bridge clear vlaninterfaces tagged bridge clear vlaninterfaces untagged ...

Страница 69: ...ption Default value name A name that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans command To display the list of all the static and dynamic VLANs in the bridge use the bridge list vlans command N A number A number that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans co...

Страница 70: ...ng database ID FID Number of dynamic unicast entries within it Number of VLANs associated with it Number of frames discarded due to filtering database overflow Type indicating whether the filtering database is statically configured or dynamically created by default FDBs are created statically using the bridge add vlan command 4 30 3 Example bridge list fdbs Filtering Databases Statistics ID FDB Na...

Страница 71: ...iscarded due to filtering database overflow 4 31 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name that identifies an existing Filtering Database See the bridge add vlan command to configure a new filtering database N A fdbnumber A number that identifies ...

Страница 72: ...d a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the first column under the heading ID N A disable Accepts...

Страница 73: ...ach option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the...

Страница 74: ...ption which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the firs...

Страница 75: ...ping 4 35 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface n...

Страница 76: ...The regenerated user priority to which the user priority with value 4 in the incoming frame should be mapped 4 pri5 The regenerated user priority to which the user priority with value 5 in the incoming frame should be mapped 5 pri6 The regenerated user priority to which the user priority with value 6 in the incoming frame should be mapped 6 pri7 The regenerated user priority to which the user prio...

Страница 77: ...n be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the first column under...

Страница 78: ...value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the first column under the heading ID N A numtraffic classes A value that specifies the number of traffic classes su...

Страница 79: ...lt value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the first column under the heading ID N A pri0 The traffic class t...

Страница 80: ...4 should be mapped 4 pri5 The traffic class to which the regenerated priority with value 5 should be mapped 5 pri6 The traffic class to which the regenerated priority with value 6 should be mapped 6 pri7 The traffic class to which the regenerated priority with value 7 should be mapped 7 4 38 4 Example bridge set interface bridge1 trafficclassmap 7 6 5 4 3 2 1 0 ...

Страница 81: ...he following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable Enable the mapping of regenerated priority to its traffic class disable Disable the mapping of regenerated priority to its traffic class prioritybased Traffic class mapping would happen only if traffic class has not been alr...

Страница 82: ...n which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces command The number appears in the first co...

Страница 83: ...s the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing bridge interface To display interface names use the bridge list interfaces command N A number A number that identifies an existing bridge interface To display interface numbers use the bridge list interfaces comman...

Страница 84: ...ace 4 42 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value transport An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A vlanid A number that identifies an e...

Страница 85: ... transport previously added using the bridgevlan add transport command 4 43 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value transport The name of an existing bridgevlan transport See the bridgevlan list transports command N A 4 43 4 Example bridgevlan delete transport...

Страница 86: ...ber 2005 4 44 bridgevlan clear transports 4 44 1 Syntax bridgevlan clear transports 4 44 2 Description This command removes all bridgevlan transports previously created using the bridgevlan add transport command 4 44 3 Example bridgevlan clear transports ...

Страница 87: ...ansports that have been created using the bridgevlan add transport command It displays the transport identification number and name the VLAN ID and the IP interface it is attached to The ip interface attachbridgevlan command is used to attach a vlan transport to an IP interface 4 45 3 Example bridgevlan list transports The VLAN transports are ID Name VLAN ID IP Interface 1 vtrans 2 ...

Страница 88: ...f values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlans command The number appears in th...

Страница 89: ... following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically configured VLANs use the bridge list static vlan...

Страница 90: ... multicast frames would be forwarded 4 48 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of static...

Страница 91: ...l the multicast frames would be forwarded 4 49 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of s...

Страница 92: ...0 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically configured VLANs use the bridge l...

Страница 93: ...orwarding information available 4 51 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname The name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of staticall...

Страница 94: ...rwarded whose destination MAC address have no other forwarding information available 4 52 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifie...

Страница 95: ...be forwarded whose destination MAC address have no other forwarding information available 4 53 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that iden...

Страница 96: ...ded to 4 54 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the list of statically configured VLANs use the ...

Страница 97: ...ss have no other forwarding information available 4 55 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value vlanname A name of an existing VLAN See the bridge add vlan command to configure a new VLAN N A vlannumber A number that identifies an existing VLAN To display the l...

Страница 98: ...r each option which can be specified with this command and a default value if applicable Option Description Default value fdbname The name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Database To display the list of statically configured FDBs use the bridge list fdbs command The ...

Страница 99: ...le gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname The name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Database To display the list of statically configured FDBs use th...

Страница 100: ...frames would be forwarded 4 58 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Database ...

Страница 101: ...cast frames would be forwarded 4 59 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Data...

Страница 102: ... The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname The name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Database To display the list of statically conf...

Страница 103: ...ress have no other forwarding information available 4 61 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname The name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an ...

Страница 104: ...Bridge CLI Commands 104 2 1553 ZAT 759 94 Uen B December 2005 4 61 4 Example bridge delete fwdunreginterface shared FDB_1 bridge1 ...

Страница 105: ...se destination MAC address have no other forwarding information available 4 62 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number...

Страница 106: ...d whose destination MAC address have no other forwarding information available 4 63 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A n...

Страница 107: ... 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filtering Database To display the list of statica...

Страница 108: ...other forwarding information available 4 65 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value fdbname A name of an existing Filtering Database See the bridge add vlan command to configure a new Filtering Database N A fdbnumber A number that identifies an existing Filter...

Страница 109: ...fig delete sent option dhcpclient interfaceconfig list requested options dhcpclient interfaceconfig list sent options dhcpclient list interfaceconfigs dhcpclient set backoff dhcpclient set interfaceconfig autoip dhcpclient set interfaceconfig clientid dhcpclient set interfaceconfig defaultroute enabled disabled dhcpclient set interfaceconfig dhcpinform enabled disabled dhcpclient set interfaceconf...

Страница 110: ...s By default received DNS server addresses are passed on to the DNS relay and not passed to DNS client To change these default settings use the commands dhcpclient set interfaceconfig givednstoclient enabled disabled and dhcpclient set interfaceconfig givednstorelay enabled disabled DHCP server default gateway information By default DHCP client makes use of default gateway information To change th...

Страница 111: ...ollowing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the client interface It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A ipinterface An IP address or a name that identifies an exi...

Страница 112: ... 94 Uen B December 2005 5 3 dhcpclient clear interfaceconfigs 5 3 1 Syntax dhcpclient clear interfaceconfigs 5 3 2 Description This command deletes all existing DHCP client interface configurations 5 3 3 Example dhcpclient clear interfaceconfigs ...

Страница 113: ...ge of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use the dhcp...

Страница 114: ...tailed in RFC 2132 5 5 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP...

Страница 115: ...ed in RFC 2132 5 6 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP cli...

Страница 116: ...ult value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use the dhcpclient list interfaceconfigs command N A option A text string that identifies a ...

Страница 117: ...n B December 2005 117 with string type values associated with them the option value must be in double quotes Also the entire string including the double quotes must be inside single quotes to ensure that the CLI treats the double quotes literally ...

Страница 118: ...8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To ...

Страница 119: ...ommand 5 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client inte...

Страница 120: ... be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use the dhcpclient list interfaceconfigs command N...

Страница 121: ...ied with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use the dhcpclient list interfaceconfigs command N A option ...

Страница 122: ...true for options that were added using the dhcpclient interfaceconfig add required option command false for options added using the dhcpclient interfaceconfig add requested option command Options and their values are detailed in RFC 2132 5 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Des...

Страница 123: ... 1553 ZAT 759 94 Uen B December 2005 123 5 12 4 Example dhcpclient interfaceconfig cconfig1 list requested options DHCP client requested options for config1 ID Identifier Is option required 1 irc server false 2 domain name true ...

Страница 124: ...Suggested value Options and their values are detailed in RFC 2132 5 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A ...

Страница 125: ...DHCP Client CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 125 ID Identifier Suggested Value 1 host name Vancouver ...

Страница 126: ... about existing DHCP client interfaces Interface identification number Interface name IP interface configured by the client interface Requested lease time in seconds Client identifier if set Status of IP address auto configuration true or false 5 14 3 Example dhcpclient list interfaceconfigs DHCP Client Declarations Requested ID Name Interface Lease Time Client ID AutoIP DHCPINFORM 1 config1 LAN 8...

Страница 127: ...vidual DHCP requests This prevents many clients trying to configure themselves at the same time and sending too many requests at once 5 15 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value backofftime The maximum number of seconds that the DHCP client can pause for betw...

Страница 128: ...RP probe for that IP address Once an IP address has been automatically configured the DHCP client continues to check whether or not it can contact a DHCP server If the client can contact a DHCP server and obtain a legitimate lease the legitimate lease will supersede the auto configured IP address Note Even if you have enabled Auto IP using this command you will not be able to use IP address auto c...

Страница 129: ...hat identifies an existing DHCP client interface To display client interface numbers use the dhcpclient list interfaceconfigs command N A enabled Enables Auto IP on a specified DHCP client disabled Disables Auto IP on a specified DHCP client enabled 5 16 4 Example dhcpclient set interfaceconfig config1 autoip enabled ...

Страница 130: ...alue name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use the dhcpclient list interfaceconfigs command N A clientid A unique identifier that DHCP server can use to identify the client For Microsoft ...

Страница 131: ...from DHCP server 5 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP ...

Страница 132: ...DHCP Client CLI Commands 132 2 1553 ZAT 759 94 Uen B December 2005 5 18 4 Example dhcpclient set interfaceconfig config1 defaultroute disabled ...

Страница 133: ... parameters such as DNS servers or default gateway from a DHCP server 5 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command ...

Страница 134: ...DHCP Client CLI Commands 134 2 1553 ZAT 759 94 Uen B December 2005 5 19 4 Example dhcpclient set interfaceconfig config1 dhcpinform enabled ...

Страница 135: ...ult gateway address as its LAN IP address 5 20 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that ide...

Страница 136: ...DHCP Client CLI Commands 136 2 1553 ZAT 759 94 Uen B December 2005 5 20 4 Example dhcpclient set interfaceconfig config1 dhcpserverpoolsize 5 ...

Страница 137: ...rface that it finds 5 21 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DH...

Страница 138: ...rs from the DHCP server 5 22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existin...

Страница 139: ...The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display clie...

Страница 140: ...e following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client...

Страница 141: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use t...

Страница 142: ...rver configuration or its lease database 5 26 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that iden...

Страница 143: ...7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To ...

Страница 144: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing DHCP client interface To display client interface names use the dhcpclient list interfaceconfigs command N A number A number that identifies an existing DHCP client interface To display client interface numbers use t...

Страница 145: ...ient trying to reacquire its last address and giving up and then trying to discover a new address 5 29 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value reboottime The time in seconds after a client tries to reacquire the last IP address it had and before the client giv...

Страница 146: ...erver is present before it tries again to contact a DHCP server 5 30 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value retrytime The time in seconds that must pass after the client has determined that no DHCP server is present before it tries again to contact a DHCP ser...

Страница 147: ...lient show 5 31 1 Syntax dhcpclient show 5 31 2 Description This command displays global configuration information about DHCP client 5 31 3 Example dhcpclient show Global DHCP Client Configuration Reboot time 10 Retry time 300 Max backoff time 120 Initial interval 10 Timeout 60 ...

Страница 148: ...ber 2005 5 32 dhcpclient update 5 32 1 Syntax dhcpclient update 5 32 2 Description This command updates the DHCP client configuration Changes made to the client configuration are not updated until this command has been entered 5 32 3 Example dhcpclient update ...

Страница 149: ...ptions dhcpserver list subnets dhcpserver set allowunknownclients dhcpserver set bootp dhcpserver set defaultleasetime dhcpserver set fixedhost ipaddress dhcpserver set fixedhost macaddress dhcpserver set fixedhost maxleasetime dhcpserver set maxleasetime dhcpserver set subnet assignatuodomain dhcpserver set subnet defaultleasetime dhcpserver set subnet hostisdefaultgateway dhcpserver set subnet h...

Страница 150: ...g DHCP relay to operate on other interfaces you can simultaneously use DHCP server and relay in your configuration 6 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ipinterface The name of the existing interface that you want DHCP server to operate on To display int...

Страница 151: ...Syntax dhcpserver clear interfaces 6 3 2 Description This command deletes all DHCP server IP interface previously defined using the dhcpserver add interface command Note This command does not delete the IP interfaces from the router See ip clear interfaces command 6 3 3 Example dhcpserver clear interfaces ...

Страница 152: ... This command does not delete the IP interface from the router See ip clear interfaces command 6 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ipinterface The name of an existing IP interface that DHCP server is set to operate on To display interface names use the...

Страница 153: ...r list interfaces 6 5 1 Syntax dhcpserver list interfaces 6 5 2 Description This command lists the existing DHCP server IP interfaces previously defined using the dhcpserver add interface command 6 5 3 Example dhcpserver list interfaces DHCP Server Interfaces ID Name 1 IpInterface ...

Страница 154: ... for fixed host mapping to work Note If you create a fixed host mapping with an IP address that is already present inside a configured dynamic IP range the fixed host IP address will override the address in the dynamic range 6 6 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Defau...

Страница 155: ... host mapping dhcpserver add fixedhost myhost 192 168 219 1 00 20 2b 01 02 03 The example below creates a suitable subnet for the above fixed host mapping Note that the IP address above is not present in the following IP range dhcpserver add subnet mysubnet 192 168 219 0 255 255 255 0 192 168 219 10 192 168 219 20 ...

Страница 156: ...ble Option Description Default value name An arbitrary name that identifies the subnet It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A ipaddress The IP address of the subnet displayed in the following format 192 168 102 3 N A netmask The netmask address of the subnet for example 255 255 255 0 N A startaddr The first IP address in...

Страница 157: ...mber 2005 157 6 8 dhcpserver clear fixedhosts 6 8 1 Syntax dhcpserver clear fixedhosts 6 8 2 Description This command deletes all DHCP server fixedhosts that were created using the dhcpserver add fixedhost command 6 8 3 Example dhcpserver clear fixedhosts ...

Страница 158: ... Uen B December 2005 6 9 dhcpserver clear subnets 6 9 1 Syntax dhcpserver clear subnets 6 9 2 Description This command deletes all DHCP server subnets that were created using the dhcpserver add subnet command 6 9 3 Example dhcpserver clear subnets ...

Страница 159: ... server that was created using the dhcpserver add fixedhost command 6 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing fixed host To display fixed host name use the dhcpserver list fixedhosts command N A 6 10 4 Example dhcpser...

Страница 160: ...ted 6 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver ...

Страница 161: ...ces for the server and relay to bind to You cannot bind the same interface to both server and relay you must use different interfaces for each If you have set DHCP server to operate on an existing IP interface and you want to make configuration changes to that IP interface you must first disable DHCP server then re enable it once your IP configuration is complete 6 12 3 Options The following table...

Страница 162: ...nt is on one of the subnets the DHCP server has been configured to serve The client must also be configured to accept DHCPFORCERENEW messages using the dhcpclient set interfaceconfig forcerenew enabled command 6 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ipadd...

Страница 163: ...14 2 Description This command lists the following information about existing DHCP fixed host mappings Fixed host ID number Fixed host name IP address MAC address Max lease time 6 14 3 Example dhcpserver list fixedhosts DHCP server fixed host mappings ID Name IP address MAC address Max Lease Time 1 myhost 192 168 219 0 00 20 2b 01 02 03 86400 ...

Страница 164: ...assembly default ip ttl path mtu aging timeout path mtu plateau table interface mtu all subnets local broadcast address perform mask discovery mask supplier router discovery router solicitation address static routes trailer encapsulation arp cache timeout ieee802 3 encapsulation default tcp ttl tcp keepalive interval tcp keepalive garbage nis domain nis servers ntp servers vendor encapsulated opti...

Страница 165: ...83 option 84 nds servers nds tree name nds context option 88 option 89 option 90 option 91 option 92 option 93 option 94 option 95 option 96 option 97 option 98 option 99 option 100 option 101 option 102 option 103 option 104 option 105 option 106 option 107 option 108 option 109 option 110 option 111 option 112 option 113 option 114 option 115 auto configure option 117 option 118 option 119 sip s...

Страница 166: ...g information about existing DHCP subnets Subnet number Subnet IP address Subnet netmask address Default lease time in seconds Maximum lease time in seconds Whether the host is a DNS server true or false 6 16 3 Example dhcpserver list fixedhosts DHCP Server subnets Default Max Host is ID IP Address Netmask Lease time Lease time DNS svr 1 192 168 102 0 255 255 255 0 43200 86400 false ...

Страница 167: ...nt of addresses to unknown clients 6 17 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Allows IP addresses to be dynamically assigned to unknown clients disabled Does not allow IP addresses to be dynamically assigned to unknown clients enabled 6 17 4 Example ...

Страница 168: ...ther or not DHCP server can respond to BOOTP requests 6 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled DHCP server responds to BOOTP queries disabled DHCP server does not respond to BOOTP queries enabled 6 18 4 Example dhcpserver set bootp disabled ...

Страница 169: ...lt lease time for DHCP server 6 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value defaultlease time The default time in seconds that is assigned to a lease if the client requesting the lease does not ask for a specific expiry time 43200 6 19 4 Example dhcpserver set ...

Страница 170: ...not add addresses into a dynamic IP range that are already configured as fixed host addresses The CLI will display a warning if you attempt to do this 6 20 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value host name A name that identifies an existing fixedhost To displa...

Страница 171: ...mapping 6 21 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value host name A name that identifies an existing fixedhost To display fixedhost names use the dhcpserver list fixedhosts command N A mac address A MAC address displayed in the following format N A 6 21 4 Example...

Страница 172: ...time for an existing fixed host mapping 6 22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value maxlease time The maximum time in seconds that is assigned to a lease if the client requesting the lease does not ask for a specific expiry time 86400 6 22 4 Example dhcpserve...

Страница 173: ... lease time for DHCP server 6 23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value maxlease time The maximum time in seconds that is assigned to a lease if the client requesting the lease does not ask for a specific expiry time 86400 6 23 4 Example dhcpserver set maxlea...

Страница 174: ...s for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A enabled DHCP server passes the local d...

Страница 175: ...ives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A defaultlease ti...

Страница 176: ... each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A enabled Allows DHCP server to give out its ...

Страница 177: ... each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A enabled Allows DHCP server to give out its ...

Страница 178: ...es the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A maxlease time The...

Страница 179: ...e specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A ip address The new IP address for the subnet displayed in the follo...

Страница 180: ...nformation about the DHCP server Status of the server enabled disabled Global default lease time Global maximum lease time bootp requests setting true or false Allow unknown clients setting true or false 6 30 3 Example dhcpserver show Global DHCP Server Configuration Status ENABLED Default lease time 43200 seconds Max lease time 86400 seconds Allow BOOTP requests true Allow unknown clients true ...

Страница 181: ... gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A 6 31 4 Exampl...

Страница 182: ...is command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A startaddr The first IP address in the pool of addresses The IP address is displayed in...

Страница 183: ... unwilling or unable to supply an IP address lease In this case if this option is set to 1 then the DHCP server will not intervene to prevent clients from u sing auto configuration to determine an IP address If this option is set to 0 the use of IP address auto configuration on the network will be explicitly forbidden by the DHCP server If this option is not explicitly configured then it will be a...

Страница 184: ...Server CLI Commands 184 2 1553 ZAT 759 94 Uen B December 2005 Option Description Default value value The value associated with the option N A 6 33 4 Example dhcpserver subnet sub1 add option auto configure 1 ...

Страница 185: ...ions The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets c...

Страница 186: ...The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets comman...

Страница 187: ...ch can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A range id A number that identifies an IP range To list the e...

Страница 188: ...lowing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A o...

Страница 189: ...le gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A 6 38 4 Exam...

Страница 190: ...gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing subnet To display subnet names use the dhcpserver list subnets command N A number A number that identifies an existing subnet To display subnet numbers use the dhcpserver list subnets command N A 6 39 4 Example...

Страница 191: ...05 191 6 40 dhcpserver update 6 40 1 Syntax dhcpserver update 6 40 2 Description This command updates the DHCP server configuration Changes made to the server configuration will not take effect until this command has been entered 6 40 3 Example dhcpserver update ...

Страница 192: ...s the DNS Client CLI commands 7 1 Summary The table below lists the DNS Client commands provided by the CLI dnsclient add searchdomain dnsclient add server dnsclient clear searchdomains dnsclient clear servers dnsclient delete searchdomain dnsclient delete server dnsclient list searchdomains dnsclient list servers ...

Страница 193: ...name The search string specified replaces any previous search strings added previously using this command 7 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value searchstring A search string used to find the IP address for an incomplete domain name You can have a maximum ...

Страница 194: ...for a given IP address 7 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ipaddress The IP address of the server that has an unknown domain name You can add a maximum of 3 addresses to the server list The IP address is displayed in the following format 192 168 102 3 ...

Страница 195: ... 759 94 Uen B December 2005 195 7 4 dnsclient clear searchdomains 7 4 1 Syntax dnsclient clear searchdomains 7 4 2 Description This command deletes all domain names from the domain search list 7 4 3 Example dnsclient clear searchdomains ...

Страница 196: ... 2 1553 ZAT 759 94 Uen B December 2005 7 5 dnsclient clear servers 7 5 1 Syntax dnsclient clear servers 7 5 2 Description This command deletes all the server IP addresses from the server list 7 5 3 Example dnsclient clear servers ...

Страница 197: ...rch list 7 6 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value searchstring A search string that identifies a search string used to find the IP address for an incomplete domain name To list domain search strings use the dnsclient list searchdomains command N A 7 6 4 Exa...

Страница 198: ... the server list 7 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value number The server number that identifies an IP address of the server that has an unknown domain name To display server numbers use the dnsclient list servers command N A 7 7 4 Example dnsclient delet...

Страница 199: ...ains 7 8 2 Description This command lists the domain search strings that you have added to DNS client using the dnsclient add searchdomain command DNS client uses this list when a user asks for the IP address list for an incomplete domain name 7 8 3 Example dnsclient list searchdomains DNS Client Search Domains ID Domain 1 ericsson com ...

Страница 200: ...ient list servers 7 9 2 Description This command lists the server IP addresses that you have added to DNS client using the dnsclient add server command DNS client uses this list to retrieve a domain name for a given IP address 7 9 3 Example dnsclient list servers DNS Client Servers ID IP Address 1 192 168 120 35 ...

Страница 201: ...bes the DNS Relay CLI commands 8 1 Summary The table below lists the DNS Relay commands provided by the CLI dnsrelay add server dnsrelay clear servers dnsrelay delete server dnsrelay enable disable dnsrelay show dnsrelay list servers dnsrelay set hostname dnsrelay set landomainname dnsrelay show landomainname ...

Страница 202: ...NS relay s list of server addresses 8 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ipaddress The IP address of a DNS server that DNS relay can use The IP address is displayed in the following format 192 168 102 3 0 0 0 0 8 2 4 Example dnsrelay add server 239 252 ...

Страница 203: ... Uen B December 2005 203 8 3 dnsrelay clear servers 8 3 1 Syntax dnsrelay clear servers 8 3 2 Description This command deletes all IP DNS server addresses stored in DNS relay s list of server IP addresses 8 3 3 Example dnsrelay clear servers ...

Страница 204: ...ist of server IP addresses 8 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value number A number that identifies the DNS server in the DNS relay list To display server numbers use the dnsrelay list servers commands The numbers are displayed in the ID column N A 8 4 4 Ex...

Страница 205: ...nfiguration If you try configuring DNS relay before you have entered the dnsrelay enable command the CLI issues a warning message To display the current state of DNS relay use the dnsrelay show command 8 5 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable Enables...

Страница 206: ...AT 759 94 Uen B December 2005 8 6 dnsrelay show 8 6 1 Syntax dnsrelay show 8 6 2 Description This command indicates the status of DNS relay enabled or disabled 8 6 3 Example dnsrelay showhost Global DNS Relay Configuration Status ENABLED ...

Страница 207: ... dnsrelay list servers 8 7 1 Syntax dnsrelay list servers 8 7 2 Description This command displays the DNS relay s list of IP DNS server addresses and their unique identification numbers 8 7 3 Example dnsrelay list servers DNS Relay Servers ID IP Address 1 239 252 197 0 ...

Страница 208: ...2 Description This command sets the host name of your device 8 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The hostname that identifies your device N A 8 8 4 Example dnsrelay set hostname myhost ...

Страница 209: ...n name of your device DHCP server can then be configured to give out this address to DHCP clients 8 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The LAN domain name that identifies your device N A 8 9 4 Example dnsrelay set landomainname ericsson com ...

Страница 210: ...lay show landomainname 8 10 1 Syntax dnsrelay show landomainname 8 10 2 Description This command displays the domain name used by the DNS relay to determine if a host name request is for the local database 8 10 3 Example dnsrelay show landomainname LAN Domain Name ericsson com ...

Страница 211: ...r describes the Ethernet transport CLI commands 9 1 Summary The table below lists the CLI commands for manipulating Ethernet channels ethernet add transport ethernet clear transports ethernet delete transport ethernet list transports ethernet list ports ethernet set transport ethernet show transport ...

Страница 212: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A port The system port that is used to transport ethernet data You cannot use the same p...

Страница 213: ...December 2005 213 9 3 ethernet clear transports 9 3 1 Syntax ethernet clear transports 9 3 2 Description This command deletes all ethernet transports that were created using the ethernet add transport command 9 3 3 Example ethernet clear transports ...

Страница 214: ...ange of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing Ethernet transport To display transport names use the ethernet list transports command N A number A number that identifies an existing Ethernet transport To display transport numbers use the ethernet list transports comma...

Страница 215: ...rts 9 5 2 Description This command lists the valid ports that can be used to transport ethernet data 9 5 3 Example ethernet list ports Valid ethernet port names eth_lan eth_wan wireless q1 pppoe wlan_filtered wireless0 wireless1 wireless2 wireless3 wireless4 wireless5 wireless6 wireless7 wireless8 wireless9 wireless10 ...

Страница 216: ...d lists all ethernet transports that have been created using the ethernet add transport command It displays the transport identification number and name and the name of the port that it uses to transport ethernet data 9 6 3 Example ethernet list transports Ethernet transports ID Name Port 1 LanTransport eth_lan 2 WanTransport eth_wan 3 WlanTransport wireless0 ...

Страница 217: ...ified with this command and a default value if applicable Option Description Default value name A name that identifies an existing Ethernet transport To display transport names use the ethernet list transports command N A number A number that identifies an existing Ethernet transport To display transport numbers use the ethernet list transports command N A port The system port that is used to tran...

Страница 218: ...ch option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing Ethernet transport To display transport names use the ethernet list transports command N A number A number that identifies an existing Ethernet transport To display transport numbers use the ethernet list transports command N A 9 8 4 Example ...

Страница 219: ...s the firewall commands provided by the CLI firewall enable disable firewall set securitylevel firewall status firewall list policies firewall show policy firewall add portfilter firewall clear portfilters firewall delete portfilter firewall list portfilters firewall show portfilter firewall add validator firewall delete validator firewall list validators firewall show validator ...

Страница 220: ... during a session any configuration changes made when the Firewall was enabled remain in the Firewall so that you can re enable them later in the session If you need to reboot your system but want to save the Firewall configuration between sessions use the system config save command 10 2 3 Options The following table gives the range of values for each option which can be specified with this comman...

Страница 221: ...anually configured portfilters are stored in the im conf file Explicitly setting the security level to none sets a security level that does not contain any policies or portfilters Note that if you create portfilters and store them in the im conf file then select none or any other security level all of your manually configured portfilters will be deleted and replaced with this level The user define...

Страница 222: ...hether a certain service can be received in or allowed out by a specific policy Y yes N no HIGH SECURITY LEVEL External Internal External DMZ DMZ Internal Service Port In Out In Out In Out http 80 N Y Y Y Y Y dns 53 N Y N Y N Y telnet 23 N N N N N N smtp 25 N Y Y Y Y Y pop3 110 N Y Y Y Y Y nntp 119 N N N N N N real audio video 7070 N N N N N N icmp N A N Y N Y N Y H 323 1720 N N N N N N T 120 1503...

Страница 223: ...l External DMZ DMZ Internal Service Port In Out In Out In Out http 80 N Y Y Y Y Y dns 53 N Y Y Y Y Y telnet 23 N Y N Y N Y smtp 25 N Y Y Y Y Y pop3 110 N Y Y Y Y Y nntp 119 N Y Y Y Y Y real audio video 7070 Y N N Y N Y icmp N A N Y N Y N Y H 323 1720 N Y N Y N Y T 120 1503 N Y N Y N Y SSH 22 N Y N Y N Y ...

Страница 224: ...External DMZ DMZ Internal Service Port In Out In Out In Out http 80 N Y Y Y Y Y dns 53 Y Y Y Y Y Y telnet 23 N Y Y Y Y Y smtp 25 N Y Y Y Y Y pop3 110 N Y Y Y Y Y nntp 119 N Y Y Y Y Y real audio video 7070 Y N Y Y Y Y icmp N A N Y Y Y Y Y H 323 1720 Y Y Y Y Y Y T 120 1503 Y Y Y Y Y Y SSH 22 Y Y Y Y Y Y ...

Страница 225: ...y portfilters high Your system uses the high firewall security level providing a high level of firewall security between interfaces medium Your system uses the medium firewall security level providing a medium level of firewall security between interfaces low Your system uses the low firewall security level providing a low level of firewall security between interfaces userdefined Your system uses ...

Страница 226: ...isplays the following information about the Firewall Firewall status enabled or disabled Security level setting none high low or medium Firewall logging status session logging enabled or disabled blocking logging enabled or disabled intrusion logging enabled or disabled 10 4 3 Example firewall status Firewall enabled Firewall security level medium ...

Страница 227: ...rface Type 2 the two interface types between a policy exists external internal external dmz or internal dmz Validator Allow Only status False only traffic based on the direction and the IP address es specified by Firewall validators is blocked All other traffic is allowed 10 5 3 Example firewall list policies Firewall Policies ID Name Type 1 Type 2 Validator Allow Only 1 ext int external internal ...

Страница 228: ... the IP address es specified in the firewall add validator command is blocked All other traffic is allowed 10 6 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies a firewall policy To display policy names use the firewall list policies command...

Страница 229: ...can add a portfilter depending on the type of protocol that you want to feature in the portfilter Specify the number of a non TCP or non UDP protocol Specify TCP or UDP protocol together with an application s start end port numbers Specify one of the listed protocols applications or services These are provided by the Firewall as popular examples that you can use You do not need to specify the port...

Страница 230: ...A outbound Allows transport of packets of the specified protocol application or service from an inside interface to an outside interface Inbound transport of the packets is not allowed N A both Allows inbound and outbound transport of packets of the specified protocol application or service between inside and outside interfaces N A 10 7 4 Example Example one specifying a protocol number The follow...

Страница 231: ...Protocol packets inbound and outbound between the internal interface to the DMZ interface This is a popular protocol that is provided by the Firewall You do not need to specify the portnumber the Firewall does this for you Then we can add the portfilter to it firewall add portfilter pf3 dmz int smtp both 10 7 5 See also See the Well Known Port Numbers section of RFC 1700 for a list of port numbers...

Страница 232: ...ed to a firewall policy using the firewall add portfilter command 10 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value policyname A name that identifies a firewall policy To display policy names use the firewall list policies command N A 10 8 4 Example firewall clear ...

Страница 233: ...mand 10 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing portfilter To display portfilter names use the firewall list portfilters command N A policyname A name that identifies a firewall policy To display policy names use the f...

Страница 234: ...is set to 0 0 In displays the inbound permission setting true or false Out displays the outbound permission setting true or false Raw displays whether or not the portfilter uses a non TCP UDP protocol true or false TCP displays whether or not the portfilter uses a TCP protocol true or false UDP displays whether or not the portfilter uses a UDP protocol true or false 10 10 3 Options The following t...

Страница 235: ...Port 1 pf1 0 0 0 0 0 0 0 0 2 0 0 0 0 firewall list portfilters ext int Firewall Port Filters ID Name Src Address Dst Address Prot Src Port Dst Port 1 pf2 0 0 0 0 0 0 0 0 UDP 0 65535 53 53 firewall list portfilters dmz int Firewall Port Filters ID Name Src Address Dst Address Prot Src Port Dst Port 1 pf3 0 0 0 0 0 0 0 0 TCP 0 65535 25 25 ...

Страница 236: ...on true or false Outbound permission true or false Raw IP whether the portfilter uses a non TCP UDP protocol true or false TCP permission whether the portfilter uses a TCP protocol true or false UDP permission whether the portfilter uses a UDP protocol true or false 10 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default ...

Страница 237: ...nt Firewall Port Filter pf2 Source IP address 0 0 0 0 Source mask 0 0 0 0 Destination IP address 0 0 0 0 Destination mask 0 0 0 0 IP protocol UDP Source port number start 0 Source port number end 65535 Destination port number start 53 Destination port number end 53 Inbound permission false Outbound permission true ...

Страница 238: ...tion of traffic that you want to block Once you have added a validator to a policy specifying the IP address and direction values you can reuse these values by adding the validator to other policies 10 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitra...

Страница 239: ...ress The IP address that you want to carry out IP address validation on The IP address is displayed in the following format 192 168 102 3 N A hostipmask The IP mask address If you want to filter a range of addresses you can specify the mask e g 255 255 255 0 If you want to filter a single IP address you can use the specific IP mask address e g 255 255 255 255 N A 10 12 4 Example firewall add valid...

Страница 240: ...llowing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing validator To display validator names use the firewall list validators command N A policyname A name that identifies a firewall policy To display policy names use the firewall list policies command...

Страница 241: ... outbound or both Host IP address Host mask address 10 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value policyname A name that identifies a firewall policy To display policy names use the firewall list policies command N A 10 14 4 Example firewall list validators ex...

Страница 242: ... both Host IP address Host mask address 10 15 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing validator To display validator names use the firewall list validators command N A policyname A name that identifies a firewall policy ...

Страница 243: ...Commands This chapter describes the Internet Group Management Protocol IGMP CLI commands 11 1 Summary The table below lists the IGMP commands provided by the CLI igmp set forwardall igmp set upstreaminterface igmp show upstreaminterface igmp show forwardall igmp show status ...

Страница 244: ...s an alternative to IGMP Proxy If you set forwardall enabled it unsets the upstream interface and disables IGMP proxy 11 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Your router forwards multicast traffic to all interfaces This sets the upstream interface...

Страница 245: ...on of the IGMP protocol and the downstream interfaces implement the Router portion of the IGMP protocol The IGMP Proxy may be disabled by setting upstream interface to none Enabling this command disables the igmp set forwardall command 11 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Descr...

Страница 246: ...ow upstreaminterface 11 4 2 Description This command displays the status of the upstream interface If an upstream interface has been set using the igmp set upstreaminterface command this command displays the current setting 11 4 3 Example igmp show upstreaminterface IGMP Proxy configuration Upstream If IpInterface ...

Страница 247: ...Syntax igmp show forwardall 11 5 2 Description This command displays status information about the igmp set forwardall command setting It tells you whether or not the router is set to forward multicast traffic to all interfaces 11 5 3 Example igmp show forwardall IGMP Forwarder Forward All false ...

Страница 248: ...escription This command displays the following information about the status of IGMP IGMP Proxy group membership per interface details interface name and querier status group address 11 6 3 Example igmp show status Multicast group membership Interface querier Group address eth_lan yes 239 255 255 250 r1483 yes 224 0 1 101 ...

Страница 249: ... dhcp ip set interface icmprouteradvertise ip set interface ipaddress ip set interface mtu ip set interface netmask ip set interface sourceaddrvalidation ip set interface tcpmssclamp ip set ttl ip show ip show debuginfo ip show interface ip show stats IP RIP commands ip clear riproutes ip list riproutes ip set interface rip accept ip set interface rip multicast ip set interface rip send ip set rip...

Страница 250: ...xyarpexclusion ip interface delete staticarpentries ip interface list proxyarpentries ip interface list static arpentries ip list arpentries Secondary IP address commands ip interface add secondaryipaddress ip interface clear secondaryipaddress ip interface delete secondaryipaddress ip interface list secondaryipaddresses AppService IP commands ip list appservices ip set appservice ip show appservi...

Страница 251: ...using the ip set interface dhcp enabled command By default DHCP is disabled This interface can obtain its IP configuration via PPP IPCP Internet Protocol Control Protocol negotiation See PPPoA CLI commands and PPPoE CLI commands The IP stack automatically creates a loopback interface for address 127 0 0 1 subnet mask 255 0 0 0 This interface is not displayed by the ip list interfaces command 12 2 ...

Страница 252: ...e router id should be the same as the IP address of one of the router s numbered interfaces 0 0 0 0 netmask The netmask address of the interface displayed in the following format 255 255 255 0 The special value 255 255 255 255 is used to indicate an unnumbered interface An unnumbered interface is configured by setting the IP address to the interface s router id value and setting netmask to 255 255...

Страница 253: ...option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under ...

Страница 254: ... values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the fi...

Страница 255: ...ge of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface that will be used as a virtual interface The IP interface should not have a transport attached to it To display interface names use the ip list interfaces command N A real_inter face A name that identifies an e...

Страница 256: ... 759 94 Uen B December 2005 12 6 ip clear interfaces 12 6 1 Syntax ip clear interfaces 12 6 2 Description This command clears all IP interfaces that were created using the ip add interface command 12 6 3 Example ip clear interfaces ...

Страница 257: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appea...

Страница 258: ...ch option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column und...

Страница 259: ...column means that the socket is bound to a specific interface using the SO BINDTODEVICE socket option with the specified IFIndex The IFIndex is displayed by the ip show debuginfo command A number in square brackets in the Remote address column means that the socket is bound to interfaces of a specific security class or classes using the SO_BINDTOSECCLASS socket option The number displayed is forme...

Страница 260: ... CLI Commands 260 2 1553 ZAT 759 94 Uen B December 2005 udp 68 2 dhcpclient udp 50001 snmpr udp 161 snmpr udp 50000 dnsrelay udp 53 dnsrelay udp 520 rip udp 55001 tftp udp 55000 tftp udp 123 sntp key iked ...

Страница 261: ...rface names IP address if previously specified DHCP status Whether a transport is attached to the interface and if so the name of the transport Whether a virtual interface is attached to a real interface The name of the attached virtual interface is displayed in the Transport column in square brackets for example ip2 12 10 3 Example ip list interfaces IP Interfaces ID Name IP Address DHCP Transpor...

Страница 262: ...le gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value destination Enter the IP address or host name if you are using DNS client of the destination machine that you want to ping N A ifname A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A...

Страница 263: ... and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A enabled The interface obtain...

Страница 264: ...ceived 12 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers us...

Страница 265: ...nterface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A ip address The IP address of the interface displayed in the following format 192 168 102 3 If the IP address is set to the special value 0 0 0 0 the interface is...

Страница 266: ...5 255 255 0 The special value 255 255 255 255 is used to indicate an unnumbered interface An unnumbered interface is configured by setting the IP address to the interface s router id value and setting netmask to 255 255 255 255 If no IP address is supplied the natural mask of the IP address is used 12 14 4 Example ip set interface ip4 ipaddress 192 168 102 3 255 255 255 0 ...

Страница 267: ...n existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A mtu Maximum Transmission Unit maximum packet size in bytes that an interface can handle The MTU should be set to a value appr...

Страница 268: ... existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A netmask The netmask address of the interface displayed in the following format 255 255 255 0 The special value 255 255 255 255...

Страница 269: ...h option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column unde...

Страница 270: ...mum Transmission Unit the MSS option will be rewritten in order to allow TCP traffic to pass through the interface without requiring fragmentation 12 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display int...

Страница 271: ... generated IP packet To display the current state of ttl use the ip show command 12 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ttl A number that specifies the time to live ttl value for the IP header of all transmitted packets N A 12 19 4 Example ip set ttl 60...

Страница 272: ...w 12 20 2 Description This command shows current IP configuration and any other information global to the router 12 20 3 Example ip show Global IP configuration Host routes false Poison reverse false Authentication false Auth password Advertise default false Default Route Cost 1 Default TTL 128 ...

Страница 273: ...ne ICMP Advertise no CheckSrcAddr no Multicast mode none IfType ETHER MAC 00 80 37 85 c5 c2 Virtual No Device bridge VID 2 IfIndex 2 Name WanIpInterface Addr 0 0 0 0 Mask 255 0 0 0 All addresses 0 0 0 0 255 0 0 0 IGMP membership DHCP Yes MSS Clamp no IfSecClass 0 IP Filter none ICMP Advertise no CheckSrcAddr no Multicast mode none IfType ETHER MAC 00 80 37 85 c5 c2 Virtual No Device bun port eth_w...

Страница 274: ...168 1 0 24 Gw 0 0 0 0 If 1 Cost 1 Dst 127 0 0 0 8 Gw 0 0 0 0 If 16 Cost 1 IGMP Proxy multicast forwarder Upstream interface none Group address Interfaces Compile time configuration IPv6 support not present Tunnel support not present IPIP Tunnel support present IPSEC support present ...

Страница 275: ... Status of Source Address Validation Status of ICMP router advertisement Status of RIP send and RIP accept versions one and two Status of RIP multicast 12 22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To displa...

Страница 276: ...le ip show interface IpInterface IP Interface IpInterface Ipaddr 192 168 1 1 Mask 255 255 255 0 MTU 1500 Dhcp false TCP MSS Clamp false Source Addr Validation false Icmp Router Advertise false Accept V1 false Send V1 false Accept V2 false Send V2 false Send Multicast false ...

Страница 277: ... taken from the IP group of SNMP statistics and the definition of each of the counters can be found in RFC 2011 12 23 3 Example ip show stats IP Statistics Counter name Value ipInReceives 1873 ipInHdrErrors 0 ipInAddrErrors 1569 ipForwDatagrams 1569 ipInUnknownProtos 0 ipInDiscards 0 ipInDelivers 304 ipOutRequests 304 ipOutDiscards 0 ipOutNoRoutes 0 ipReasmReqs 0 ipReasmOKs 0 ipReasmFails 0 ipFrag...

Страница 278: ...4 ip clear riproutes 12 24 1 Syntax ip clear riproutes 12 24 2 Description This command deletes all the existing dynamic routes that have been obtained from RIP It does not delete the static routes see the ip clear routes command 12 24 3 Example ip clear riproutes ...

Страница 279: ...Destination IP address Destination netmask address Gateway address Cost The number of hops counted as the cost of the route Timeout the number of seconds that this RIP route will remain in the routing table unless updated by RIP Source interface the name of the existing interface that this route uses 12 25 3 Example ip list riproutes IP RIP routes Destination Mask Gateway Cost Time Source 192 168 ...

Страница 280: ...resses received 12 26 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface n...

Страница 281: ...IP CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 281 all The interface accepts RIP version 1 RFC 1058 and RIP version 2 RFC 1723 messages 12 26 4 Example ip set interface ip3 rip accept all ...

Страница 282: ...u need to set RIP to send v2 messages using the ip set interface rip send command in order for the ip set interface rip multicast enabled command to send version 2 messages via multicast 12 27 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies...

Страница 283: ... 2 1553 ZAT 759 94 Uen B December 2005 283 disabled Disables RIP version 2 messages being sent via multicast Messages are sent via broadcast instead disabled 12 27 4 Example ip set interface ip1 rip multicast enabled ...

Страница 284: ... fact be to a subnet and treating it as a route to the whole network may be the best way to make use of the information 12 28 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip lis...

Страница 285: ...IP CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 285 all The interface sends RIP version 1 RFC 1058 and RIP version 2 RFC 1723 messages 12 28 4 Example ip set interface ip1 rip send v1 ...

Страница 286: ...rotocol The cost associated with the route is the value set using the ip set rip defaultroutecost command Note You must enable default advertising before you create the default route 12 29 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Enables RIP to advertis...

Страница 287: ...ackets with no authentication or the wrong password will be rejected To set an authentication password use the ip set rip password command 12 30 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Accepts RIP v2 packets that contain an authentication entry with th...

Страница 288: ...s the cost of a default route advertised via RIP 12 31 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value cost The number of hops counted as the cost of the default route The cost value can be any positive integer between 1 and 15 1 12 31 4 Example ip set rip defaultrout...

Страница 289: ...ork may be the best way to make use of the information To display the current state of rip hostroutes use the ip show command 12 32 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Sets the hostroutes flag to on The interface accepts RIP routes to specific rout...

Страница 290: ...s if ip set rip authentication is enabled 12 33 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value password An authentication password used by RIP v2 packets if ip set rip authentication is enabled The password is a string of 0 to 16 characters N A 12 33 4 Example ip set...

Страница 291: ...RFC 1058 To display the current state of the poisoned reverse flag use the ip show command 12 34 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Sets the poisoned reverse flag to on ATMOS TCP IP performs poisoned reverse as defined in RFC 1058 disabled Sets th...

Страница 292: ...e already created a default route using the ip add route command or the ip add defaultroute interface command If you want RIP to advertise a default route with a default cost metric see the ip set rip advertisedefault and ip set rip defaultroutecost commands 12 35 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if...

Страница 293: ... add route command or the ip add defaultroute interface command If you want RIP to advertise a default route with a default cost metric see the ip set rip advertisedefault and ip set rip defaultroutecost commands Routes via an interface can only be used on interfaces that provide point to point links 12 36 3 Options The following table gives the range of values for each option which can be specifi...

Страница 294: ...with a mask to indicate what range of addresses the network covers and a next hop gateway address or interface If there is a choice of routes for a destination the route with the most specific mask is chosen Routes are used when sending datagrams as well as forwarding them so they are not relevant only to routers However a system with a single interface is likely to have a single route as a defaul...

Страница 295: ...he destination network displayed in the following format 192 168 102 3 N A netmask The destination netmask address displayed in the following format 255 255 255 0 N A gateway_ip The IP address of the gateway that this route will use displayed in the following format 192 168 102 3 N A interface The name of an existing interface that this route will use To display interface names use the ip list int...

Страница 296: ...53 ZAT 759 94 Uen B December 2005 12 38 ip clear routes 12 38 1 Syntax ip clear routes 12 38 2 Description This command clears all static routes that were created using the ip add route command 12 38 3 Example ip clear routes ...

Страница 297: ... gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command The number appears in the first column ...

Страница 298: ...ng information Route ID numbers Route names Destination IP address if previously specified Destination netmask address if previously specified Either the gateway address of the name of the destination interface whichever is set 12 40 3 Example ip list routes IP routes ID Name Destination Netmask Gateway Interface 2 route2 192 168 102 3 255 255 255 0 ip1 1 route1 192 168 50 50 255 255 255 0 192 168...

Страница 299: ...then it controls the advertising of the route and uses the cost set by the ip set defaultroutecost command if the ip set rip advertisedefault command is disabled then the ip set route advertise command controls the advertising of the route and uses the cost set by the ip set route cost command as described above 12 41 3 Options The following table gives the range of values for each option which ca...

Страница 300: ...3 ZAT 759 94 Uen B December 2005 Option Description Default value enabled Enables RIP to advertise a static route disabled Disables advertisement of a static route disabled 12 41 4 Example ip set route myroute advertise enabled ...

Страница 301: ...lue if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command The number appears in the first column under the heading ID N A cost The number of hops counted as the cost of the route This may affect th...

Страница 302: ...nd a default value if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command The number appears in the first column under the heading ID N A dest network The IP address of the destination network displ...

Страница 303: ...ified with this command and a default value if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command The number appears in the first column under the heading ID N A gateway The IP address of the gatew...

Страница 304: ... command and a default value if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command The number appears in the first column under the heading ID N A interface The name of the existing interface that ...

Страница 305: ...12 46 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing route To display route names use the ip list routes command N A number A number that identifies an existing route To display route numbers use the ip list routes command N A ...

Страница 306: ...s 306 2 1553 ZAT 759 94 Uen B December 2005 12 47 ip clear arpentries 12 47 1 Syntax ip clear arpentries 12 47 2 Description This command clears all ARP entries in the IP ARP table 12 47 3 Example ip clear arpentries ...

Страница 307: ...IP addresses and corresponding MAC addresses obtained by ARP IP interface on which the host is connected Static status no for dynamically generated ARP entries yes for static entries added by the user 12 48 3 Example ip list arpentries IP ARP table entries IP address MAC address Interface Static 10 10 10 10 00 20 2b e0 03 87 iplan no 20 20 20 20 00 20 2b 03 0a 72 ipwan no 30 30 30 30 00 20 2b 03 0...

Страница 308: ... not respond to proxy ARP using the ip interface add proxyarpexclusion command 12 49 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number ...

Страница 309: ... 759 94 Uen B December 2005 309 in the following format 255 255 255 0 12 49 4 Example The following command adds proxy ARP support to the entire subnet 192 168 100 0 ip interface ip1 add proxyarpentry 192 168 100 0 255 255 255 0 ...

Страница 310: ...50 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip l...

Страница 311: ... 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing proxy ARP entry To display proxy ARP entry numbers use t...

Страница 312: ...sk of proxy ARP entries and exclusions Exclusion status true for exclusions false for inclusions 12 52 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N ...

Страница 313: ...IP CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 313 Proxy ARP entries for interface ip1 ID IP Address Netmask Exclude 1 192 168 100 0 255 255 255 0 false 2 192 168 100 8 255 255 255 254 true ...

Страница 314: ...for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first colu...

Страница 315: ...00 0 The second command adds proxy ARP exclusion support to 192 168 100 10 255 255 255 254 ip interface ip1 add proxyarpentry 192 168 100 0 255 255 255 0 ip interface ip1 add proxyarpexclusion 192 168 100 10 255 255 255 254 This means that the entire 192 168 100 0 subnet supports proxy ARP EXCEPT for addresses 192 168 100 10 and 192 168 100 11 ...

Страница 316: ...gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing proxy ARP exclusion entry To display proxy ARP exclusion numbers use the ip interface l...

Страница 317: ...d and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A ipaddress The IP address or...

Страница 318: ...IP CLI Commands 318 2 1553 ZAT 759 94 Uen B December 2005 12 55 4 Example ip interface ip1 add staticarpentry 192 168 1 1 00 20 2b e0 03 87 ...

Страница 319: ...wing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command...

Страница 320: ...Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing static ARP entry To display static ARP entry numbers use th...

Страница 321: ...ARP entries MAC address of static ARP entries 12 58 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP in...

Страница 322: ...IP CLI Commands 322 2 1553 ZAT 759 94 Uen B December 2005 Static ARP entries for interface ip1 ID IP Address MAC Address 1 192 168 100 0 00 20 2b e0 03 87 2 192 168 100 8 00 20 2b 03 0a 72 ...

Страница 323: ...dress and the interface is Ethernet or a transport using a bridged encapsulation you must specify the subnet mask The IP stack will listen on the new address for connections to local services e g for management purposes and will also route packets to the new subnet If a secondary address is on a different subnet to the primary address and the interface is a point to point interface specifying a ne...

Страница 324: ...st interfaces command The number appears in the first column under the heading ID N A ipaddress A secondary IP address that you want to add to the main IP interface You can add any number of secondary IP addresses The IP address is displayed in the following format 192 168 102 3 To display the secondary IP addresses use the ip interface list secondaryipaddresses command N A netmask The netmask of ...

Страница 325: ... 60 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip ...

Страница 326: ...ault value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under the heading ID N A secondary ipaddress number The number ...

Страница 327: ... for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first col...

Страница 328: ... option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A number A number that identifies an existing IP interface To display interface numbers use the ip list interfaces command The number appears in the first column under...

Страница 329: ... command lists the AppServices that are available and have configurable security classes It displays the following information AppService ID numbers AppService names The Security Class es configured on a specific AppService 12 64 3 Example ip list appservices ID AppService Security Classes 1 ftp all 2 http all 3 telnet all 4 snmp all 5 ssh all ...

Страница 330: ...ains the application s configuration attribute Name of the VMI attribute that contains the application s SecClasses configuration 12 65 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing AppService To display AppService names use t...

Страница 331: ...ppService will be provided 12 66 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing AppService To display AppService names use the ip list appservices command N A secClasses Supported secClasses values are as follows all allows acc...

Страница 332: ...internal external or separated by a space and enclosed in double quotation marks for example internal external To specify all three internal external and dmz secClasses use the all value 12 66 4 Example ip set appservice telnet secclasses internal external ip set appservice ftp secclasses all ip set appservice snmp secclasses internal external ip set appservice tftp secclasses external dmz ip set ...

Страница 333: ...94 Uen B December 2005 333 13 Logger CLI Commands This chapter describes the Logger CLI commands 13 1 Summary The table below lists the Logger commands provided by the CLI logger set facility logger set host logger set ident logger show ...

Страница 334: ...cility code 0 represents kernel messages facility code 1 represents user level messages and so on The facility codes comply with those documented in RFC 3164 13 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value facility A numerically coded facility value as defined in...

Страница 335: ...address to which syslog messages should be sent 13 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value host The IP address of the host to which syslog messages should be sent 0 0 0 0 unconfigured 13 3 4 Example logger set host 192 168 10 2 ...

Страница 336: ...nd creates a string that will be used to identify syslog calls 13 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value ident An arbitrary name that identifies all syslog calls N A 13 4 4 Example logger set ident homerouter ...

Страница 337: ... 5 1 Syntax logger show 13 5 2 Description This command displays the following information about the syslog configuration Syslog version number Host IP address Syslog call identifier Facility code 13 5 3 Example logger show version 1 00 host 192 168 10 2 ident homerouter facility 5 ...

Страница 338: ...e NAT commands provided by the CLI nat enable nat disable nat add globalpool nat clear globalpools nat delete globalpool nat iketranslation nat list globalpools nat show globalpool nat add resvmap globalip tcp udp nat add resvmap globalip nat add resvmap interfacename tcp udp nat add resvmap interfacename nat clear resvmaps nat delete resvmap nat list resvmaps nat show resvmap nat status ...

Страница 339: ...able NAT between two different interface types For example if interfacename is an external interface type you can enable NAT between the interfacename and the internal or the DMZ interface type but not the external interface type The following interface combinations are the only ones that you can use External outside and internal inside External outside and DMZ inside DMZ outside and internal insi...

Страница 340: ...ace external or DMZ that was added to the Security package using the security add interface command To display security interfaces use the security list interfaces command N A internal Allows NAT to be enabled disabled between the interfacename and all interfaces that belong to the internal interface type N A dmz Allows NAT to be enabled disabled between the interfacename and all interfaces that b...

Страница 341: ... between the security interface and all the interfaces that belong to the chosen interface type 14 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing NAT object created between a security interface and an interface type using the nat enable...

Страница 342: ...s to an inside interface that is your mail server This command creates a pool of outside network addresses A network address pool is a range of IP addresses that is visible outside your network NAT translates packets between the outside addresses and the inside interfaces that each address is mapped to There are two ways to specify a range of IP addresses 1 Specify the interfacename IP address and...

Страница 343: ...and N A internal Maps the IP addresses to the internal interface type inside the network N A dmz Maps the global addresses to the DMZ interface type inside the network N A ipaddress The IP address of the interfacename that is visible outside the network N A mask The subnet mask of the network IP address N A endaddress The last IP address in the range of addresses that make up the global address po...

Страница 344: ... a network address pool that allows NAT to translate packets between the external interface and the internal interface type First NAT is enabled between the external interface and the DMZ interface type nat enable n2 extinterface internal Then the IP address and subnet mask is created nat add globalpool gp2 extinterface internal 192 168 103 2 endaddress 192 168 103 50 ...

Страница 345: ...and 14 5 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value interfacename The name of an existing security interface external or DMZ created and connected to an inside interface DMZ or internal using the nat enable command To display security interfaces use the security ...

Страница 346: ...s for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses use the nat list globalpools command N A interfacename The name of an existing security interface external or DMZ created and connected to an inside interface DMZ or internal using the ...

Страница 347: ...efore any IPSec traffic can be passed each router firewall host must verify the identity of its peer This can be done by manually entering pre shared keys into both hosts or by a CA service 14 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value cookies Source port will ...

Страница 348: ...e range of network pool addresses Mask End Address the outside subnet mask of the outside network IP address or the last address in the range of network pool addresses 14 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value interfacename The name of an existing security ...

Страница 349: ...s Subnet Mask or End Address the subnet mask of the outside network IP address or the last address in the range of addresses 14 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses u...

Страница 350: ...ansport information TCP or UDP given in this command You can define reserved mappings for a range of ports and or translating port numbers 14 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global...

Страница 351: ...he first port number in the range of ports N A 2ndportno The second TCP or UDP port number in the range that started with the port specified in portno N A localportno Either a single internal TCP or UDP port number or the first port number in the range of external ports N A 2ndlocal portno The second internal TCP or UDP port number in the range of external ports to be used if you have specified a ...

Страница 352: ... on the transport information given in this command 14 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses use the nat list globalpools command N A interfacename The name of an exi...

Страница 353: ...NAT CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 353 inside the network internal or DMZ ...

Страница 354: ... transport services N A egp Exterior Gateway Protocol EGP Protocol for exchanging routing information between autonomous systems N A rsvp Resource Reservation Protocol RSVP is set as the transport type Supports the reservation of resources across an IP network N A ospf Open Shortest Path First OSPF is set as the transport type A link state routing protocol N A ipip IP within IP Encapsulation Proto...

Страница 355: ...ven in this command A range of external ports can be translated to a single local port if required You can define reserved mappings for a range of ports and or translating port numbers 14 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies a...

Страница 356: ...ied in portno N A localportno Either a single internal TCP or UDP port number or the first port number in the range of external ports N A 2ndlocal portno The second internal TCP or UDP port number in the range of external ports to be used if you have specified a localportno N A 14 12 4 Example The example below forwards TCP port 80 to 90 requests on the WAN interface to 10 10 10 10 ports 8080 to 8...

Страница 357: ...ress and the individual host based on the transport information given in this command 14 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses use the nat list globalpools command N ...

Страница 358: ...Protocol for exchanging routing information between autonomous systems N A rsvp Resource Reservation Protocol RSVP is set as the transport type Supports the reservation of resources across an IP network N A ospf Open Shortest Path First OSPF is set as the transport type A link state routing protocol N A ipip IP within IP Encapsulation Protocol Encapsulates an IP datagram within a datagram N A all ...

Страница 359: ...mands 14 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value interfacename The name of an existing security interface external or DMZ created and connected to an inside interface DMZ or internal using the nat enable command To display security interfaces use the securi...

Страница 360: ...values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses use the nat list resvmaps command N A interfacename The name of an existing security interface external or DMZ created and connected to an inside interface DMZ or internal using th...

Страница 361: ...tside security interface IP address is mapped to Transport type IGMP IPIP etc Port TCP or UDP port used by the transport type If a non TCP UDP protocol is used the port is set to 0 14 16 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value interfacename The name of an exis...

Страница 362: ...NAT CLI Commands 362 2 1553 ZAT 759 94 Uen B December 2005 ID Name Global Address Internal Address Type Port 1 rm2 192 168 103 2 10 10 10 10 tcp 25 2 rm1 192 168 103 15 20 20 20 20 udp 21 ...

Страница 363: ...ommand and a default value if applicable Option Description Default value name A name that identifies an existing global IP address To display global IP addresses use the nat list resvmaps command N A interfacename The name of an existing security interface external or DMZ created and connected to an inside interface DMZ or internal using the nat enable command To display security interfaces use t...

Страница 364: ...s the outside security interfaces and inside interface types that NAT is currently enabled between It displays the following information NAT object identification number NAT object name Outside security interface name Inside interface type 14 18 3 Example nat status NAT enabled on ID Name Interface Type 1 n2 ip2 internal 2 n1 if1 internal ...

Страница 365: ...ds 2 1553 ZAT 759 94 Uen B December 2005 365 15 Port CLI Commands This chapter describes the Port CLI commands 15 1 Summary The table below lists the Port commands provided by the CLI port port list port set port show ...

Страница 366: ...4 Uen B December 2005 15 2 port 15 2 1 Syntax port 15 2 2 Description This command lists the ports that are currently available 15 2 3 Example port a1 Port name eth_lan Port name eth_wan Port name list List ports by type wireless Port name ...

Страница 367: ...at belong to a specific class if that class is available in your system 15 3 3 Example port list 802 11 Port class 802 1x Port class all Port class atm Port class ethernet Port class The last line of the port list command output displays the first part of the port list port class command port list ethernet Valid port names in class ethernet eth_lan eth_wan wireless q1 pppoe wlan_filtered If you ty...

Страница 368: ...ified the attribute that you want to modify you can specify the new value that you want to set it to 15 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value portname The name of a port that is configured in your system To display available ports use the port command N A ...

Страница 369: ... portname set For example port a1 set 15 5 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value attribute A single attribute of a specified port An attribute has a value attached to it which you can modify N A value A value attached to an attribute The value could be a num...

Страница 370: ...rt AutoSRA Enable Disable AutoSRADnShift Period value AutoSRAMaxTime CRC value AutoSRAMaxTime FEC value AutoSRAUpShift Period value AutoStart False True BitSwap Disable Enable Disables enables the adjustment of the number of bits assigned to a subcarrier without interrupting data flow Enable BitSwapUp Disable Enable Disable CabinetMode Enable Disable Capability This parameter controls whether the ...

Страница 371: ...EC enables Echo Cancellation This setting is necessary if your device is connected to a high speed CO FDM enables Frequency Division Multiplexing FDM FastRetrain Enable Disable FramerType Type0 Type1 Type2 Type3 Type3ET To enable DataBoost set FramerType to Type3ET Type3 HostControl Disable Enable Disable terminates any host API interaction with the DSP for testing purposes Enable enables host API...

Страница 372: ...le the bin settings configured as the RxStartBin RxEndBin parameters are used Enable DSP automatically adjust the bin selection for receive signal Disable RxEndBin value A value that indicates the highest bin number allowed for receive signal 255 RxStartBin value A value that indicates the lowest bin number allowed for receive signal 32 ShowtimeLed 0 1 2 3 4 None 2 Standard Indicates the preferred...

Страница 373: ...6DB Bis_37DB Bis_38DB Bis_39DB Bis_3DB Bis_40DB Bis_4DB Bis_5DB Bis_6DB Bis_7DB Bis_8DB Bis_9DB Dmt_0 1DB Dmt_0 2DB Dmt_0 3DB Dmt_0 4DB Dmt_0 5DB Dmt_0 6DB Dmt_0 7DB Dmt_0 8DB Dmt_0 9DB Dmt_0DB Dmt_10DB Dmt_11DB Dmt_12DB Dmt_1DB Dmt_2DB Dmt_3DB Dmt_4DB Dmt_5DB Dmt_6DB Dmt_7DB Dmt_8DB Dmt_9DB Bis_0DB TxEndBin value A value that indicates the highest bin number allowed for transmit signal 31 TxStart...

Страница 374: ...t portname set For example port wireless set 15 6 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value attribute A single attribute of a specified port An attribute has a value attached to it which you can modify N A value A value attached to an attribute The value could b...

Страница 375: ...T BE DK FI DE GR IE IS IT CH LI LU NO NL PT SE GB HU PL CurrentCountry can be selected to simplify the configuration of allowed channels There are 14 channels available but in most country only 13 channels are allowed and some other have even less By selecting CurrentCountry all forbidden channels will be disabled and cannot be configured to be used by mistake See the HM4x0 Quick Installation Guid...

Страница 376: ...rue MacAddressAuth Blacklist Whitelist disabled The MAC addresses entered in the MacAddressList can be either Blacklisted or Whitelisted If they are Blacklisted all MAC addresses that is entered in the MacAddressList will be blocked by the AP If Whitelisted is selected only the MAC addresses in the MacAddressList will be allowed all other will be blocked disabled MacAddressList index 0 31 value ma...

Страница 377: ...OT11_OID_RATES 1 2 5 5 and 11 Mbps 6 9 12 18 24 36 48 and 54 Mbps DOT11_OID_PREAMBLESETTING_DYNAMIC DOT11_OID_CWMIN 15 DOT11_OID_NONERPPROTECTION_DYNAMIC DOT11_OID_SLOTSETTINGS_DYNAMIC MIXED_G_WIFI DOT11_OID_RATES 1 2 5 5 and 11 Mbps 6 9 12 18 24 36 48 and 54 Mbps DOT11_OID_PREAMBLESETTING_DYNAMIC DOT11_OID_CWMIN 15 DOT11_OID_NONERPPROTECTION_DYNAMIC DOT11_OID_SLOTSETTINGS_DYNAMIC MIXED_LONG DOT11...

Страница 378: ... are sent the quicker the system can recover from interference or collisions as would be the case in a heavily loaded network or a wireless network with much electromagnetic interference 2347 WPA false true Enables WPA to be enabled or disabled false WPAEnableEAP false true Enables WPA to use EAP for authentication of wireless clients This also implicitly requires a RADIUS server that can handle t...

Страница 379: ... CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 379 Attribute Description Default value resetDefaults false true Setting this to true will reset the wireless card and restore it to default values false ...

Страница 380: ...ort 15 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value portname The name of a port that is configured in your system To display available ports use the port command N A 15 7 4 Example port eth_lan show resetDefaults false portSnmpIfIndex 2 portSnmpIfType 6 ...

Страница 381: ...atus of a port 15 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value portname The name of a port that is configured in your system To display available ports use the port command N A 15 8 4 Example port eth_lan status resetDefaults false ...

Страница 382: ...abled pppoa set transport eventlevel pppoa set transport givedns client pppoa set transport givedns relay pppoa set transport headers hdlc pppoa set transport headers llc pppoa set transport interface pppoa set transport ipv6cp pppoa set transport lcpechoevery pppoa set transport lcpmaxconf pppoa set transport icpmaxfail pppoa set transport lcpmaxterm pppoa set transport localip pppoa set transpor...

Страница 383: ...59 94 Uen B December 2005 383 pppoa set transport username pppoa set transport vci pppoa set transport vpi pppoa set transport welogin pppoa show transport pppoa show transport debuginfo channel pppoa show transport debuginfo config ...

Страница 384: ...irtual Circuit Identifier The port VPI VCI combination must be unique for each transport 16 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and ...

Страница 385: ...e VPI is used to identify the virtual path that a circuit belongs to The VPI can be any value between 0 and 4095 N A vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 16 2 4 Example pppoa add transport pppoa1 dialin pvc 1 a1 0 800 ...

Страница 386: ...al Circuit Identifier The port VPI VCI combination must be unique for each transport 16 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and digi...

Страница 387: ...e VPI is used to identify the virtual path that a circuit belongs to The VPI can be any value between 0 and 4095 N A vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 16 3 4 Example pppoa add transport pppoa1 dialout pvc 1 a1 0 800 ...

Страница 388: ... Uen B December 2005 16 4 pppoa clear transports 16 4 1 Syntax pppoa clear transports 16 4 2 Description This command deletes all PPPoA transports that were created using the pppoa add transport commands 16 4 3 Example pppoa clear transports ...

Страница 389: ...ns The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa...

Страница 390: ... been created using the pppoa add transport commands It displays the following information about the transports Transport identification number Transport name ATM port used if applicable Virtual Circuit Identifier VCI used if applicable Virtual Path Identifier VPI used if applicable 16 6 3 Example pppoa list transports PPPoA transports ID Name Port Vci Vpi 1 p2 N A N A N A 2 p1 a1 800 0 ...

Страница 391: ... 16 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers ...

Страница 392: ...wing table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transp...

Страница 393: ...To display the createroute settings use the pppoa show transport command The route is removed when the PPP link is disconnected 16 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use ...

Страница 394: ...the following information The ATM port that will transport data VPI Virtual Path Identifier VCI Virtual Circuit Identifier The port VPI VCI combination must be unique for each transport 16 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies ...

Страница 395: ...he VPI is used to identify the virtual path that a circuit belongs to The VPI can be any value between 0 and 4095 N A vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 16 10 4 Example pppoa set transport pppoa2 dialin pvc a1 0 800 ...

Страница 396: ...following information The ATM port that will transport data VPI Virtual Path Identifier VCI Virtual Circuit Identifier The port VPI VCI combination must be unique for each transport 16 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an e...

Страница 397: ...e VPI is used to identify the virtual path that a circuit belongs to The VPI can be any value between 0 and 4095 N A vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 16 11 4 Example pppoa set transport pppoa2 dialout pvc a1 0 800 ...

Страница 398: ...setting for the pppoa set transport givedns commands is also enabled 16 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that...

Страница 399: ...setting for the pppoa set transport givedns commands is also enabled 16 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that...

Страница 400: ...eded for testing purposes the transport must be enabled explicitly 16 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that i...

Страница 401: ...ported 4 Every packet and significant state change is reported 5 Every packet sent received is disassembled and hex dumped 6 Levels 1 5 plus assignment of the IP addresses to the interface and extra authentication information CHAP PAP reported 7 Levels 1 6 plus tunneling reported 8 Levels 1 7 plus minor phase changes reported 9 Levels 1 8 plus all timer information reported 16 15 3 Options The fol...

Страница 402: ... A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A pppevent level A numerically coded debugging tracing event level value The value can be any numerical value between 1 9 1 16 15 4 Example pppoa set transport pppoa3 eventlevel 4 ...

Страница 403: ...hed 16 16 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numb...

Страница 404: ...shed 16 17 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport num...

Страница 405: ...e to transmit receive packets by learning the format information from incoming packets 16 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A nu...

Страница 406: ...e to transmit receive packets by learning the format information from incoming packets 16 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A nu...

Страница 407: ...s for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A idletimeout The le...

Страница 408: ...his command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A interface The PPP interface to a channel that transports PPPoA da...

Страница 409: ...22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use...

Страница 410: ...ify zero 0 in the interval attribute 16 23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA tr...

Страница 411: ...s command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A lcp max configure Link Control Protocol the maximum number of confi...

Страница 412: ...plicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A lcp max fail Link Control Protocol the maximum number of consecutive negative acknowledgements indicat...

Страница 413: ...mmand and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A lcp max term Link Control Protocol the maximum number of consecutive Te...

Страница 414: ... that the interface is attached to 16 27 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA tran...

Страница 415: ... table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports...

Страница 416: ... gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports comma...

Страница 417: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A ...

Страница 418: ...PPPoA CLI Commands 418 2 1553 ZAT 759 94 Uen B December 2005 16 30 4 Example pppoa set transport pppoa1 password mercury pppoa set transport pppoa1 username jsmith password mercury ...

Страница 419: ... with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A peak cell rate Determines the maximum rate at which ATM ce...

Страница 420: ...ique for each transport 16 32 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To di...

Страница 421: ...st effort and high priority traffic are prioritized on the same ATM VC 16 33 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number th...

Страница 422: ... VCI combination must be unique for each transport 16 34 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an exi...

Страница 423: ...mber 2005 423 Option Description Default value vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 16 34 4 Example pppoa set transport pppoa2 pvc a1 0 800 ...

Страница 424: ...escription Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A ubr Unspecified Bit Rate non constant and unpredictable data transport rate PCR Peak Cell Rate is the average and maxim...

Страница 425: ...a transport rate that uses Real Time RT You can specify the PCR SCR BT and MBS for VBRRT traffic abr Available Bit Rate non constant and unpredictable data transport rate that provides ATM layer feedback and flow control qfc QFC ATM flow control protocol that supports ABR 16 35 4 Example pppoa set transport pppoa3 qosclass abr ...

Страница 426: ...0 0 0 16 36 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport nu...

Страница 427: ...e setting a primary address pppoa set transport pppoa1 remotedns 192 168 102 3 Example two setting primary and secondary addresses pppoa set transport pppoa1 remotedns 192 168 102 3 192 168 105 1 Example three deleting an address pppoa set transport pppoa1 remotedns 192 168 102 3 0 0 0 0 ...

Страница 428: ...e range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A ip...

Страница 429: ...Protocol Control Protocol negotiation 16 38 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA t...

Страница 430: ... of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A sustainab...

Страница 431: ...tained during IPCP negotiation The mask for the route is calculated from the class of the remote subnet unless an alternative has been specified using the pppoa set transport routemask command If specificroute is set to disabled a default route to the subnet at the remote end of the PPP link is created 16 40 3 Options The following table gives the range of values for each option which can be speci...

Страница 432: ...A CLI Commands 432 2 1553 ZAT 759 94 Uen B December 2005 disabled A default route to the subnet at the remote end of the PPP link is crated 16 40 4 Example pppoa set transport pppoa1 specificroute disabled ...

Страница 433: ...tion 16 41 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport num...

Страница 434: ...em set login maydialin command 16 42 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transpor...

Страница 435: ...35 chap Challenge Handshake Authentication Protocol the server sends an authentication request to the remote users dialing in CHAP passes the encrypted username and password and identifies the remote end 16 42 4 Example pppoa set transport pppoa2 theylogin pap ...

Страница 436: ...ues for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A username A name ...

Страница 437: ...PPPoA CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 437 16 43 4 Example pppoa set transport pppoa2 username jsmith pppoa set transport pppoa2 username jsmith password mercury ...

Страница 438: ...h option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A vci Part of the ATM header ...

Страница 439: ...option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A vpi A field in the ATM header...

Страница 440: ...e if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A none No authentication method is used auto The authentication protocol used by the remote PPP s...

Страница 441: ...441 chap Challenge Handshake Authentication Protocol the server sends an authentication request to the remote user dialing in CHAP passes the encrypted username and password and identifies the remote end 16 46 4 Example pppoa set transport pppoa2 welogin pap ...

Страница 442: ...nnection state Server dialin status Headers the data format that the transport can accept or receive SVC status true or false Local IP address Subnet mask Remote IP address Remote DNS Give DNS to Client status Give DNS to Relay status Create Route status Specific Route status Route mask Dialout Username Dialout Password Dialout Authentication method Dialin Authentication method LCP Max Configure L...

Страница 443: ...setting 16 47 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport ...

Страница 444: ...Relay false Create Route true Specific Route false Route Mask 0 0 0 0 Dialout Username Dialout Password Dialout Auth none Dialin Auth none Lcp Max Configure 10 Lcp Max Failure 5 Lcp Max Terminate 2 Lcp Echo Every 10 Auto Connect false Idle Timeout 0 ATM Port a1 Tx VPI 0 Rx VPI 0 Tx VCI 800 Rx VCI 800 ATM Traffic Class UBR Peak Cell Rate 2500 Burst Tolerance N A Sustainable Cell Rate N A Max Burst ...

Страница 445: ... be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports command N A 16 48 4 Example pppoa show transport PppoaUp ...

Страница 446: ... 0 ppp 95795 1 PPP 1 ECHO every 10 seconds ppp 95795 1 PPP 1 IPCP state Starting ppp 95795 1 PPP 1 IPCP local options IP address 0 0 0 0 ppp 95795 1 PPP 1 IPCP local options primary DNS server discovery disabled ppp 95795 1 PPP 1 IPCP local options IP subnet mask discovery disabled ppp 95795 1 PPP 1 IPCP remote options IP address 0 0 0 0 ppp 95795 1 PPP 1 Transmitted 0 bytes 0 packets ppp 95795 1 ...

Страница 447: ...ble gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoA transport To display transport names use the pppoa list transports command N A number A number that identifies an existing PPPoA transport To display transport numbers use the pppoa list transports co...

Страница 448: ... set transport discoverdns primary pppoe set transport discoverdns secondary pppoe set transport eth pppoe set transport enabled disabled pppoe set transport eventlevel pppoe set transport givedns client pppoe sets transport givedns relay pppoe set transport headers hdlc pppoe set transport headers llc pppoe set transport interface pppoe set transport ipv6cp pppoe set transport idletimeout pppoe s...

Страница 449: ...set transport scr pppoe set transport specificroute pppoe set transport subnetmask pppoe set transport servicename pppoe set transport theylogin pppoe set transport username pppoe set transport welogin pppoe show transport pppoe show transport debuginfo channel pppoe show transport debuginfo config ...

Страница 450: ...erface to the channel that the PVC will use The ATM port that will transport data VPI Virtual Path Identifier VCI Virtual Circuit Identifier Access concentrator optional Service name optional The port VPI VCI combination must be unique for each transport 17 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if appl...

Страница 451: ...e between 1 and 65535 N A concen trator A PPPoE tag that identifies a remote access concentrator or PPPoE server PPPoE will only connect to the named access concentrator If no concentrator tag is set PPPoE connects to the first access concentrator that responds The tag name number is determined by your ISP N A service name A PPPoE tag that identifies a specific service that is acceptable to the PP...

Страница 452: ... optional Service name optional 17 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A interface The...

Страница 453: ...e tag name number is determined by your ISP N A service name A PPPoE tag that identifies a specific service that is acceptable to the PPPoE client If set the PPPoE transport will connect to the first access concentrator it finds that uses this service If an access concentrator is also set the PPPoE transport will connect to the specified service on the named concentrator The service name is determ...

Страница 454: ... Uen B December 2005 17 4 pppoe clear transports 17 4 1 Syntax pppoe clear transports 17 4 2 Description This command deletes all PPPoE transports that were created using the pppoe add transport commands 17 4 3 Example pppoe clear transports ...

Страница 455: ... the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A...

Страница 456: ...using the pppoe add transport commands It displays the following information about the transports Transport identification number Transport name Name of port used Virtual Circuit Identifier VCI used PVC transports only Virtual Path Identifier VPI used PVC transports only 17 6 3 Example pppoe list transports PPPoE transports ID Name Port Vci Vpi 1 p3 realtek N A N A 2 p2 a1 800 0 3 p1 ethernet0 N A...

Страница 457: ... range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A interface A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A ...

Страница 458: ...LI Commands 458 2 1553 ZAT 759 94 Uen B December 2005 17 7 4 Example pppoe set transport pppoe1 accessconcentrator server5 17 7 5 See also For more information about PPPoE and access concentrators see RFC 2516 ...

Страница 459: ... 17 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers ...

Страница 460: ... to clear an existing autoconnect filter Note This command is only effective if you have already enabled PPP autoconnection using the pppoe set transport autoconnect command 17 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing P...

Страница 461: ...The TCP port that you want to set the autoconnect filter on N A udpportadd The UDP port that you want to set the autoconnect filter on N A 17 9 4 Example This example creates a filter to prevent TCP SNMPTRAP packets from starting PPP autoconnect pppoe set transport pppoe1 autoconnect filter add tcpport 162 ...

Страница 462: ...each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A burst tolerance Controls...

Страница 463: ... To display the createroute settings use the pppoe show transport command The route is removed when the PPP link is disconnected 17 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names us...

Страница 464: ...terface that was specified when the transport was created 17 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies...

Страница 465: ...setting for the pppoe set transport givedns commands is also enabled 17 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that...

Страница 466: ...setting for the pppoe set transport givedns commands is also enabled 17 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that...

Страница 467: ...which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A port The system port that is used to...

Страница 468: ...eded for testing purposes the transport must be enabled explicitly 17 16 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that i...

Страница 469: ...eported 4 Every packet and significant state change is reported 5 Every packet sent received is disassembled and hex dumped 6 Levels 1 5 plus assignment of the IP addresses to the interface and extra authentication information CHAP PAP reported 7 Levels 1 6 plus tunneling reported 8 Levels 1 7 plus minor phase changes reported 9 Levels 1 8 plus all timer information reported 17 17 3 Options The fo...

Страница 470: ... A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A pppevent level A numerically coded debugging tracing event level value The value can be any numerical value between 1 9 1 17 17 4 Example pppoe set transport pppoe3 eventlevel 4 ...

Страница 471: ...hed 17 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numb...

Страница 472: ...shed 17 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport num...

Страница 473: ...e to transmit receive packets by learning the format information from incoming packets 17 20 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A nu...

Страница 474: ...e to transmit receive packets by learning the format information from incoming packets 17 21 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A nu...

Страница 475: ...s for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A idletimeout The le...

Страница 476: ...23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use...

Страница 477: ...his command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A interface The PPP interface to a channel that transports PPPoE da...

Страница 478: ...ify zero 0 in the interval attribute 17 25 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE tr...

Страница 479: ...s command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A lcp max configure Link Control Protocol the maximum number of confi...

Страница 480: ...plicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A lcp max fail Link Control Protocol the maximum number of consecutive negative acknowledgements indicat...

Страница 481: ...mmand and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A lcp max term Link Control Protocol the maximum number of consecutive Te...

Страница 482: ... following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list ...

Страница 483: ...ange of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A maxim...

Страница 484: ... for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A min cell rate Deter...

Страница 485: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A ...

Страница 486: ...PPPoE CLI Commands 486 2 1553 ZAT 759 94 Uen B December 2005 17 32 4 Example pppoe set transport pppoe1 password mercury pppoe set transport pppoa1 username jsmith password mercury ...

Страница 487: ...efault value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A peak cell rate Determines the maximum rate at which ATM cells are allowed to be sent...

Страница 488: ...st effort and high priority traffic are prioritized on the same ATM VC 17 34 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number th...

Страница 489: ... VCI combination must be unique for each transport 17 35 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an exi...

Страница 490: ...December 2005 Option Description Default value vci Part of the ATM header The VCI is a tag that identifies which channel a cell will travel over The VCI can be any value between 1 and 65535 N A 17 35 4 Example pppoe set transport pppoe2 pvc a1 0 800 ...

Страница 491: ...value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A ubr Unspecified Bit Rate non constant and unpredictable data transport rate PCR Peak Cell Rate is the average and maximum speed of transmi...

Страница 492: ...a transport rate that uses Real Time RT You can specify the PCR SCR BT and MBS for VBRRT traffic abr Available Bit Rate non constant and unpredictable data transport rate that provides ATM layer feedback and flow control qfc QFC ATM flow control protocol that supports ABR 17 36 4 Example pppoe set transport pppoe3 qosclass abr ...

Страница 493: ...0 0 0 17 37 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport nu...

Страница 494: ...e setting a primary address pppoe set transport pppoe1 remotedns 192 168 102 3 Example two setting primary and secondary addresses pppoe set transport pppoe1 remotedns 192 168 102 3 192 168 105 1 Example three deleting an address pppoe set transport pppoe1 remotedns 192 168 102 3 0 0 0 0 ...

Страница 495: ...e range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A ip...

Страница 496: ...Protocol Control Protocol negotiation 17 39 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE t...

Страница 497: ... of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A sustainab...

Страница 498: ...an be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A service name A PPPoE tag that identifies a ...

Страница 499: ...PPPoE CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 499 17 41 4 Example pppoe set transport pppoe1 servicename jupiter ...

Страница 500: ...ote end of the PPP link The address of this subnet is obtained during IPCP negotiation The mask for the route is calculated from the class of the remote subnet unless an alternative has been specified using the pppoe set transport routemask command If specificroute is set to disabled a default route to the subnet at the remote end of the PPP link is created 17 42 3 Options The following table give...

Страница 501: ...ion Default value enabled Allows the created route to apply to packets for the subnet at the remote end of the PPP link disabled A default route to the subnet at the remote end of the PPP link is crated disabled 17 42 4 Example pppoe set transport pppoe1 specificroute disabled ...

Страница 502: ...tion 17 43 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport num...

Страница 503: ...em set login maydialin command 17 44 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transpor...

Страница 504: ...05 chap Challenge Handshake Authentication Protocol the server sends an authentication request to the remote users dialing in CHAP passes the encrypted username and password and identifies the remote end 17 44 4 Example pppoe set transport pppoe2 theylogin pap ...

Страница 505: ...alues for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A username A nam...

Страница 506: ...PPPoE CLI Commands 506 2 1553 ZAT 759 94 Uen B December 2005 17 45 4 Example pppoe set transport pppoe2 username jsmith pppoe set transport pppoe2 username jsmith password mercury ...

Страница 507: ...e if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A none No authentication method is used auto The authentication protocol used by the remote PPP s...

Страница 508: ...005 chap Challenge Handshake Authentication Protocol the server sends an authentication request to the remote user dialing in CHAP passes the encrypted username and password and identifies the remote end 17 46 4 Example pppoe set transport pppoe2 welogin pap ...

Страница 509: ...r Server dialin status Headers the data format that the transport can accept or receive SVC status false Local IP address Subnet mask Remote IP address Remote DNS Propagate DNS to Client true or false Propagate DNS to Relay true or false Create Route true or false Specific Route true or false Route netmask Dialout Username Dialout Password Dialout Authentication method Dialin Authentication method...

Страница 510: ...imum Cell Rate MCR PVC transports only Packet Priority Levels setting 17 47 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number tha...

Страница 511: ... true To relay true Create route true Specific route false Route netmask 0 0 0 0 Dialout username Dialout password Dialout auth none Dialin auth none LCP Max Conf 10 LCP Max Failure 5 LCP Max Terminate 2 LCP Echo Every 10 Autoconnect false User Idle Timeout 0 Access Concentrator server32 Service Name mercury ATM Port a1 Tx VPI 2 Rx VPI 2 Tx VCI 400 Rx VCI 400 ATM Traffic Class UBR Peak Cell Rate 2...

Страница 512: ...command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A 17 48 4 Example pppoe show transport PppoeUp debuginfo channel ppp 96...

Страница 513: ...y 10 seconds ppp 96964 1 PPP 2 IPCP state Starting ppp 96964 1 PPP 2 IPCP local options IP address 0 0 0 0 ppp 96964 1 PPP 2 IPCP local options primary DNS server 0 0 0 0 ppp 96964 1 PPP 2 IPCP local options secondary DNS server 0 0 0 0 ppp 96964 1 PPP 2 IPCP local options IP subnet mask discovery disabled ppp 96964 1 PPP 2 IPCP remote options IP address 0 0 0 0 ppp 96964 1 PPP 2 Transmitted 0 byt...

Страница 514: ...n be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing PPPoE transport To display transport names use the pppoe list transports command N A number A number that identifies an existing PPPoE transport To display transport numbers use the pppoe list transports command N A 17 49 4 Example pppoe show transport PppoeUp...

Страница 515: ...ete transport rfc1483 list transports rfc1483 set transport bt rfc1483 set transport mbs rfc1483 set transport mcr rfc1483 set transport mode rfc1483 set transport pcr rfc1483 set transport port rfc1483 set transport prilevels rfc1483 set transport qosclass rfc1483 set transport rxvci rfc1483 set transport rxvpi rfc1483 set transport scr rfc1483 set transport txvci rfc1483 set transport txvpi rfc1...

Страница 516: ...optional The port VPI VCI combination must be unique for each transport 18 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the transport It can be made up of one or more letters or a combination of letters and digits but it can...

Страница 517: ...el a cell will travel over The VCI can be any value between 1 and 65535 N A llc Logical Link Control encapsulation method vcmux VC Multiplexing encapsulation method llc bridged Traffic type that is going to be transmitted received routed Traffic type that is going to be transmitted received bridged 18 2 4 Example rfc1483 add transport my1483 myport 0 700 vcmux routed ...

Страница 518: ...n B December 2005 18 3 rfc1483 clear transports 18 3 1 Syntax rfc1483 clear transports 18 3 2 Description This command deletes all RFC1483 transports that were created using the rfc1483 add transport command 18 3 3 Example rfc1483 clear transports ...

Страница 519: ...the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports comm...

Страница 520: ...ave been created using the rfc1483 add transport command It displays the following information about the transports Transport identification number Transport name Name of the ATM port used to transport RFC1483 data Transmit and receive VCI numbers Transmit and receive VPI numbers 18 5 3 Example rfc1483 list transports RFC1483 transports ID Name Port TxVci RxVci TxVpi RxVpi 1 my1483 a1 700 700 0 0 ...

Страница 521: ...ach option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A burst tolerance C...

Страница 522: ...nge of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N ...

Страница 523: ...ich can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A min cell rate Determines the m...

Страница 524: ...ch option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A llc Logical Link C...

Страница 525: ...licable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A peak cell rate Determines the maximum rate at which ATM cells are allowed to be transported int...

Страница 526: ...tion which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A atm port The system por...

Страница 527: ... effort and high priority traffic are prioritized on the same ATM VC 18 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number ...

Страница 528: ... identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A ubr Unspecified Bit Rate non constant and unpredictable data transport rate PCR Peak Cell Rate is the average and maximum speed of transmission cbr Cons...

Страница 529: ...a transport rate that uses Real Time RT You can specify the PCR SCR BT and MBS for VBRRT traffic abr Available Bit Rate non constant and unpredictable data transport rate that provides ATM layer feedback and flow control qfc QFC ATM flow control protocol that supports ABR 18 13 4 Example rfc1483 set transport my1483 qosclass abr ...

Страница 530: ... each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A rxvci Part of t...

Страница 531: ...h can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A rxvpi A field in the ATM header ...

Страница 532: ...specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A sustainable cell rate Sustainable Cell Ra...

Страница 533: ...each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A txvci Part of th...

Страница 534: ...h can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A txvpi A field in the ATM header ...

Страница 535: ... be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A vci Part of the ATM header The VCI is...

Страница 536: ...pecified with this command and a default value if applicable Option Description Default value name A name that identifies an existing RFC1483 transport To display transport names use the rfc1483 list transports command N A number A number that identifies an existing RFC1483 transport To display transport numbers use the rfc1483 list transports command N A vpi A field in the ATM header The VPI is u...

Страница 537: ...Virtual Path Identifier TX VCI transmit Virtual Circuit Identifier RX VCI receive Virtual Circuit Identifier ATM Traffic class PCR Peak Cell Rate BT Burst Tolerance SCR Sustainable Cell Rate MBS Maximum Burst Size MCR Minimum Cell Rate Packet Priority Levels 18 21 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if...

Страница 538: ...lay transport numbers use the rfc1483 list transports command N A 18 21 4 Example rfc1483 show transport my1483 RFC1483 Transport my1483 Description Default LAN port Encapsulation LlcBridged ATM port a1 Tx VPI 0 Rx VPI 0 Tx VCI 800 Rx VCI 800 ATM Traffic class UBR Peak Cell Rate 0 Burst Tolerance N A Sustainable Cell Rate 800 Max Burst Size N A Max Cell Rate N A Packety Priority Levels 2 ...

Страница 539: ...rity interfaces that are used to configure the NAT and Firewall child modules set triggers to allow applications to open secondary port sessions set IDSs Intrusion Detection Settings configure security applications The NAT module is a child module in the Security Package The NAT commands allow you to implement NAT based on the security interfaces added to the Security package by the parent Securit...

Страница 540: ...ity clear interfaces security delete interface security list interfaces security show interface security add management station range security delete management station security list management station security set management station security add trigger tcp udp security add trigger netmeeting security clear triggers security delete trigger security list triggers security set trigger addressreplac...

Страница 541: ...IDS portfloodthreshold security set IDS scanperiod security set IDS scanthreshold security set IDS victimprotection security show IDS security add application security clear application security list applications security application add dependency security application delete dependency security set application internalhost security application clear internalhost security application add port secu...

Страница 542: ...s made to the Security NAT or Firewall modules when the package was enabled remain in the system so that you can re enable them later in the session If you need to reboot your system but want to save the security configuration between sessions use the system config save command 19 2 3 Options The following table gives the range of values for each option which can be specified with this command and...

Страница 543: ...isabled Firewall security level setting none high low or medium Firewall session logging enabled or disabled Firewall blocking logging enabled or disabled Firewall intrusion logging enabled or disabled NAT status enabled or disabled 19 3 3 Example security status Security enabled Firewall disabled Firewall security level none NAT disabled Intrusion detection is disabled Security logging is enabled...

Страница 544: ...nables disables logging of Blocking activity Intrusion activity Session events 19 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable Logging is enabled disable Logging is disabled disabled blockinglog Details of blocking activity are logged enabled intrusionlog ...

Страница 545: ...g table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable The specified logging activity is displayed at the console disable The specified logging activity is sent to the event log disabled blockinglog Specifies where blocking activity is displayed intrusionlog Specifies where intrusion activ...

Страница 546: ...ble gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value blockinglog Configures blocking logging N A intrusionlog Configures intrusion logging N A sessionlog Configures session event logging N A level The level of logging reported at the event log or the console You can choose from the following levels...

Страница 547: ... can use them in the NAT and or Firewall configurations 19 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing IP interface To display interface names use the ip list interfaces command N A external An interface that connects to t...

Страница 548: ...2005 19 8 security clear interfaces 19 8 1 Syntax security clear interfaces 19 8 2 Description This command removes all security interfaces that were added to the Security package using the security add interface command 19 8 3 Example security clear interfaces ...

Страница 549: ...to the Security package using the security add interface command 19 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing security interface To display interface names use the security list interfaces command N A 19 9 4 Example secu...

Страница 550: ...scription This command lists the following information about security interfaces that were added to the Security package using the security add interface command Interface ID number Interface name Interface type external internal or DMZ 19 10 3 Example security list interfaces Security Interfaces ID Name Type 1 i1 internal 2 i2 external 3 i3 dmz ...

Страница 551: ... following interface information is displayed Interface name Interface type external internal or DMZ 19 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing security interface To display interface names use the security list inter...

Страница 552: ...t and port number The Management Station is not enabled until you enable it using the security set mgmt station command or enable Remote Access using EmWeb The idle timeout setting configured here is overruled by the idle timeout setting configured using the EmWeb System Remote Access page 19 12 3 Options The following table gives the range of values for each option which can be specified with thi...

Страница 553: ...umber used This is only effective if the transport_type is set to 6 TCP or 17 UDP The wildcard is 65535 N A idle_timeout The idle time in minutes If no sessions are created by the Management Station within this setting the Station is disabled If a session is created that session uses the idle time set and the Station is not disabled until the session expires 0 no timeout 19 12 4 Example security a...

Страница 554: ... Description This command deletes a single Management Station that was added to the Security module using the security add mgmt station command 19 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing Management Station To display ...

Страница 555: ... The enable disable setting configured here is overruled by the enable disable setting configured using the EmWeb System Remote Access page 19 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing Management Station To display Mana...

Страница 556: ...ere added to the Security module using the security add mgmt station command It displays the following information about Management Stations Management Station ID number Management Station name Subnet status true or false IP address of subnet or first address in range Subnet mask or last address of range Transport number Port number Idle timeout in minutes Enabled status true or false 19 15 3 Exam...

Страница 557: ...ity set IDS SCANattackblock until the portfilters were deleted A trigger opens a secondary port dynamically and allows you to specify the length of time that it can remain inactive before it is closed 19 16 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbit...

Страница 558: ...rval Sets the maximum interval time in milliseconds between the use of secondary port sessions If a secondary port opened by a trigger has not been used for the specified time it is closed 3000 19 16 4 Example The following example creates a Netmeeting H323 trigger security add trigger t1 tcp 1720 1720 30000 ...

Страница 559: ...on opens a secondary port session You do not have to set the port range or maxactinterval for a Netmeeting trigger the CLI automatically sets this for you 19 17 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the trigger It can b...

Страница 560: ...cember 2005 19 18 security clear triggers 19 18 1 Syntax security clear triggers 19 18 2 Description This command deletes all triggers that were added to the Security module using the security add trigger commands 19 18 3 Example security clear triggers ...

Страница 561: ...ed to the Security module using the security add trigger commands 19 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A 19 19 4 Example security delete ...

Страница 562: ...s that were added to the Security module using the security add trigger command It displays the following information about triggers Trigger ID number Trigger name Trigger transport type TCP or UDP Port range Secondary port range Interval 19 20 3 Example security list triggers Security Triggers ID Name Type Port Range Sec Port Range Interval 1 t1 tcp 1720 1720 1024 65535 30000 ...

Страница 563: ...inside host IP address and NAT translates the packets to the correct destination You can specify whether you want to carry out address replacement on TCP packets on UDP packets or on both TCP and UDP packets 19 21 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A...

Страница 564: ...Security CLI Commands 564 2 1553 ZAT 759 94 Uen B December 2005 19 21 4 Example security set trigger t2 addressreplacement tcp ...

Страница 565: ...trigger 19 22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A enable A secondary session can be initiated to from different remote hosts disable A secon...

Страница 566: ...mmand security set trigger addressreplacement 19 23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A enable Enables the use of binary address replacement...

Страница 567: ...table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A interval Sets the maximum interval time in milliseconds between the use of secondary port sessions If a secondary port opened by...

Страница 568: ... for an existing trigger 19 25 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A portnumber Sets the end of the trigger port range N A 19 25 4 Example sec...

Страница 569: ...e for an existing trigger 19 26 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A portnumber Sets the start of the trigger port range N A 19 26 4 Example ...

Страница 570: ...ct the ports that a trigger will open however this is not usually necessary 19 27 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A portnumber Sets the en...

Страница 571: ...t the ports that a trigger will open however this is not usually necessary 19 28 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A portnumber Sets the sta...

Страница 572: ...ssion which allows multi level session triggering 19 29 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names use the security list triggers command N A enable Enables TCP sessionchaining on an existin...

Страница 573: ...he syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 30 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trigger To display trigger names...

Страница 574: ...Security CLI Commands 574 2 1553 ZAT 759 94 Uen B December 2005 19 30 4 Example security set trigger t3 UDPsessionchaining enable ...

Страница 575: ...ple host permission true or false Maximum activity interval in milliseconds Session chaining permission true or false Session chaining on UDP permission true or false Binary address replacement permission true or false Address translation type UDP TCP none or both 19 31 3 Options The following table gives the range of values for each option which can be specified with this command and a default va...

Страница 576: ...ecember 2005 Transport Type tcp Starting port number 1720 Ending port number 1720 Allow multiple hosts false Max activity interval 30000 Session chaining false Session chaining on UDP false Binary address replacement false Address translation type none ...

Страница 577: ... changes made when IDS was enabled are not deleted you can re enable them later in the session Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 32 3 Options The following table gives the range of valu...

Страница 578: ...ensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 33 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value...

Страница 579: ...s to the system if IDS has detected an intrusion from that host Access to the network is denied for ten minutes unless this command is used before this duration expires Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax...

Страница 580: ...tack are blocked for a specified duration 600 minutes by default Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 35 3 Options The following table gives the range of values for each option which can b...

Страница 581: ...lock time limit Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 36 3 Options The following table gives the range of values for each option which can be specified with this command and a default value...

Страница 582: ...ou to specify the duration of the block time limit Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 37 3 Options The following table gives the range of values for each option which can be specified wi...

Страница 583: ...er of ICMP packets per second is reached an attempted ICMP Flood is detected Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 38 3 Options The following table gives the range of values for each option...

Страница 584: ...timate users Once the maximum number of pings per second is reached an attempted DOS attack is detected Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 39 3 Options The following table gives the rang...

Страница 585: ...et the server sends the SYN ACK packets to the unreachable addresses and keeps resending them This creates a backlog queue of unacknowledged SYN ACK packets Once the queue is full the system will ignore all incoming SYN requests and no legitimate TCP connections can be established Once the maximum number of unfinished TCP handshaking sessions is reached an attempted DOS attack is detected The susp...

Страница 586: ...4 Uen B December 2005 Option Description Default value max The maximum number per second of unfinished TCP handshaking sessions that are allowed before a SYN Flood attempt is detected 100 19 40 4 Example security set IDS MaxTCPopenhandshake 150 ...

Страница 587: ...the duration of the block time limit Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 41 3 Options The following table gives the range of values for each option which can be specified with this comman...

Страница 588: ... attacker is blocked for the time limit specified in the command security set IDS DOSattackblock Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 42 3 Options The following table gives the range of va...

Страница 589: ...attackblock For example using the default settings if more than 20 SYN packets are received per second for a 10 second duration the attacker is blocked Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19...

Страница 590: ...IDS DOSattackblock For example using the default settings if more than 10 SYN packets are received per second for a 10 second duration the attacker is blocked Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error mes...

Страница 591: ...cted attacker is blocked for the time limit specified in the command security set IDS SCANattackblock Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 45 3 Options The following table gives the range ...

Страница 592: ...CANattackblock For example using the default setting if more than 5 scanning packets are received per second for a 60 second duration the attacker is blocked Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error mess...

Страница 593: ... open handshaking count allowed per second Maximum ping count allowed per second Maximum ICMP count allowed per second Note This CLI command is case sensitive You must type the command attributes exactly as they appear in the syntax section of this page If you do not use the same case sensitive syntax the command fails and the CLI displays a syntax error message 19 47 3 Example security show IDS F...

Страница 594: ...tch between the CLI and Web interfaces you must use the short and long names respectively to configure the security application 19 48 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value shortname An arbitrary name that identifies an application via the CLI interface N A l...

Страница 595: ...ication using the security set application internalhost command 19 49 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that identifies an existing security application To display security application names use the security list applications co...

Страница 596: ...the Security module using the security add application command 19 50 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing application To display application names use the security list applications command N A 19 50 4 Example securit...

Страница 597: ...ions previously added using the security add application command Security application ID number Security application short name CLI identifier Name of internal hosts configured to receive packets from specified applications Name of dependencies that certain applications are configured to use 19 51 3 Example security list applications Available security applications ID Short name Internal host Depe...

Страница 598: ...DAP and Databeam T 120 A dependency must be created as a security application using the security add application command before you can add it as a dependency to another application 19 52 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that i...

Страница 599: ...ng the security application add dependency command It does not delete the dependency application 19 53 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that identifies an existing security application To display security application names use ...

Страница 600: ...he security add application command 19 54 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that identifies an existing security application To display security application names use the security list applications command N A internalhost The n...

Страница 601: ...nalhost command Note that this does not delete the internal host 19 55 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that identifies an existing security application To display security application names use the security list applications c...

Страница 602: ... You cannot create a new port configuration if it overlaps with an existing port configuration range To check existing port configurations use the security application list ports commands 19 56 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname ...

Страница 603: ... A 19 56 4 Example Note that in the following example TCP and UDP is enclosed in double quotation marks because the values contain a space security application quake2 add port 27910 27910 TCP and UDP true TCP and UDP Note that in the following example the command fails because the port clashes with an existing configuration This would occur when running an image containing the dsl gateway system f...

Страница 604: ...d 19 57 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value application The shortname that identifies an existing security application To display security application names use the security list applications command N A number The port ID number for the existing port conf...

Страница 605: ...er address translation type Note If you image contains the dsl gateway system file common port configurations will already exist for default security applications These ports are not displayed by the security application list ports command 19 58 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option ...

Страница 606: ...Security CLI Commands 606 2 1553 ZAT 759 94 Uen B December 2005 ID Start End Protocol Needs trigger Translation Type 1 27910 27910 TCP and UDP true TCP and UDP ...

Страница 607: ...me snmp list communitynames snmp add trapdestination snmp delete trapdestination snmp set trapdestination snmp list trapdestinations snmp set config syscontact snmp set config sysdescr snmp set config syslocation snmp set config sysname snmp set config authentraps snmp set config snmpautosave snmp show config snmp disable enable disable trap snmp list disabledtraps snmp send trap snmp set coldstar...

Страница 608: ...for SNMP requests issued from that IP address The same community name can be configured several times with different IP addresses allowing access with the same community name from a number of different machines 20 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name...

Страница 609: ...lue ipAddress The IP address of the manager from which requests are restricted by this entry This should be an IPv4 address in the range 0 0 0 0 255 255 255 255 0 0 0 0 means no restriction on source address 0 0 0 0 20 2 4 Example snmp add communityname tonyget tony read read 192 168 88 110 ...

Страница 610: ... created using the snmp add communityname command 20 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing community To display community names use the snmp list communitynames command N A 20 3 4 Example snmp delete communityname to...

Страница 611: ...ptions The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing community name To display community names use the snmp list communitynames command N A community The community name of an existing community To display community names use the snmp li...

Страница 612: ...sly created using the snmp add communityname command It displays the following information about community names Name ID Name or password assigned to a community Default SNMP community name Access set read or write IP address of SNMP Manager 0 0 0 0 means none set Temporarily Permanently 20 5 3 Example snmp list communitynames ID Name Community Name Access Manager Temp Perm 1 tonyget tony read rea...

Страница 613: ... Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name An arbitrary name that identifies the SNMP trap destination It can be made up of one or more letters or a combination of letters and digits but it cannot start with a digit N A community The SNMP name of a community ...

Страница 614: ...ed using the snmp add trapdestination command 20 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing SNMP trap destination To display trap destination names use the snmp list trapdestinations command N A 20 7 4 Example snmp delete...

Страница 615: ...h can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing trap destination To display trap destination names use the snmp list trapdestinations command N A community The trap community name of an existing community To display community names use the snmp list communitynames command N A destination The IP address ...

Страница 616: ...SNMP CLI Commands 616 2 1553 ZAT 759 94 Uen B December 2005 20 8 4 Example snmp set trapdestination tonyv1 destination 192 168 45 2 ...

Страница 617: ...created using the snmp add trapdestination command It displays the following information about trap destinations ID Trap name SNMP trap community name IP address of the destination machine SNMP version supported v1 or v2c Port used to send SNMP trap messages Temporarily Permanently 20 9 3 Example snmp list trapdestinations ID Name SNMP Trap Community Destination Ver Port Temp Perm 1 tonyv1 tony tr...

Страница 618: ...ails set by this command are returned 20 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value contact details Contact details e g telephone number email address for the person responsible for maintaining the SNMP agent system The details are represented by a string of u...

Страница 619: ...is command is returned 20 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value system Description A description of the SNMP agent system The description is represented by a string of up to 255 characters no spaces If you wish to add spaces enclose the description in dou...

Страница 620: ...d is returned 20 12 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value system Location A name that identifies the location of the SNMP agent system The location is represented by a string of up to 255 characters no spaces If you wish to add spaces enclose the description...

Страница 621: ...d is returned 20 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value system Name The name that identifies the system that the SNMP agent is running on The name is a string of up to 255 characters no spaces If you wish to add spaces enclose the description in double quo...

Страница 622: ...anager with an invalid community name 20 14 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled A trap is generated when an SNMP request with an unrecognized community name is received disabled A trap is not generated when an SNMP request with an unrecognized comm...

Страница 623: ...d disabled 20 15 2 Description This command allows you to configure the 20 15 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enabled Sets disabled Sets enabled 20 15 4 Example snmp set config snmpautosave disabled ...

Страница 624: ...LI commands 21 1 Summary The table below lists the SNTP Client commands provided by the CLI sntpclient add server sntpclient clear servers sntpclient delete server sntpclient list servers sntpclient set timezone sntpclient set mode sntpclient set poll interval sntpclient sync sntpclient set timeout sntpclient set retries sntpclient show status sntpclient set clock ...

Страница 625: ...ng the IP address or the hostname 21 2 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value sntp ipaddress The IP address of the dedicated unicast server that SNTP can use to synchronize its time N A sntp hostname The hostname of the dedicated unicast server that SNTP can ...

Страница 626: ...ZAT 759 94 Uen B December 2005 21 3 sntpclient clear servers 21 3 1 Syntax sntpclient clear servers 21 3 2 Description This command deletes the servers added using the sntpclient add server command 21 3 3 Example sntpclient clear servers ...

Страница 627: ...letes a single server previously added using the sntpclient add server command 21 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value serverid The server ID displayed by the sntpclient list servers command N A 21 4 4 Example sntpclient delete server 1 ...

Страница 628: ...ber 2005 21 5 sntpclient list servers 21 5 1 Syntax sntpclient list servers 21 5 2 Description This command lists the servers added using the sntpclient add server command 21 5 3 Example sntpclient list servers SNTPClient Servers ID IP Address 1 239 252 197 0 ...

Страница 629: ...table below gives the 64 time zone abbreviations that you can use in this command to set the timezone difference for the timer The table also contains the difference in time in hours and minutes from the UTC and a description of the area of the world from west to east where the time difference is calculated from Time Zone UTC World Area of Time Zone IDLW 1200 International Date Line West NT 1100 N...

Страница 630: ...0 Newfoundland Daylight AT 0200 Azores WAT 0100 West Africa GMT 0000 Greenwich Mean UTC 0000 Universal Coordinated WET 0000 Western European CET 0100 Central European FWT 0100 French Winter MET 0100 Middle European MEWT 0100 Middle European Winter SWT 0100 Swedish Winter BST 0100 British Summer EET 0200 Eastern Europe FST 0200 French Summer MEST 0200 Middle European Summer SST 0200 Swedish Summer ...

Страница 631: ...orean Standard KST 0900 Korean Standard JST 0900 Japan Standard CAST 0930 Central Australian Standard KDT 1000 Korean Daylight EAST 1000 Eastern Australian Standard GST 1000 Guam Standard CADT 1030 Central Australian Daylight EADT 1100 Eastern Australian Daylight IDLE 1200 International Date Line East NZST 1200 New Zealand Standard NZT 1200 New Zealand NZDT 1300 New Zealand Daylight 21 6 4 Example...

Страница 632: ... association list Broadcast mode Enable allows the SNTP client to accept time synchronization broadcast packets from an SNTP server located on the network and updated the local system time accordingly Disable stops synchronization via broadcast mode Anycast mode Enable the SNTP client sends time synchronized broadcast packets to the network and subsequently expects a reply from a valid timeserver ...

Страница 633: ...scription Default value Unicast Sets the time synchronous access mode to use the unicast server N A broadcast Sets the time synchronous access mode to use the broadcast server N A anycast Sets the time synchronous access mode to use the anycast server N A Enable Enables the selected time synchronous access mode N A Disable Disables the selected time synchronous access mode N A 21 7 4 Example sntpc...

Страница 634: ... network at a specific interval If the poll interval is set to 0 the polling mechanism will be disabled 21 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value pollintv Sets the polling interval in minutes that SNTP client will sync with a designated server This can be a...

Страница 635: ...c 21 9 1 Syntax sntpclient sync 21 9 2 Description This command forces the SNTP client to immediately synchronize the local time with the server located in the association list if unicast or if anycast is enabled initiate an anycast sequence to the network 21 9 3 Example sntpclient sync ...

Страница 636: ...nc request initiation After timeout if the sntpclient retry command value is set an attempt will be retried 21 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value timeout Sets the received packet response timeout value in seconds This can be any value between 0 and 30 ...

Страница 637: ...ed from a timeserver The SNTP client will send another packet for synchronization after a timeout 21 11 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value Retries Sets the number between 0 and 10 of packet retry attempts made when no response is received from a timeserve...

Страница 638: ...NT STATUS Clock Synchronized FALSE SNTP Standard Version Number 4 SNTP Mode s Configured None Configured Local Time Tue 13 Jan 1970 22 40 57 Local Timezone UTC Universal Coordinated Time Time Difference UTC 0 00 Server Stratum 0 Precision 1 second Root Delay 0 0 second s Dispersion 0 0 second s Server Reference ID Round Trip Delay 0 second s Local Clock Offset 0 second s Resync Poll Interval 0 min...

Страница 639: ...zing the local system clock via internal or external timeservers 21 13 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value sntpclock Sets the time and date of the system clock in the following format yyyy mm dd hh mm ss N A 21 13 4 Example The following example set the sy...

Страница 640: ...ystem config download system config restore system config save system config save factory system delete login system delete user system info system legal system list errors system list openfiles system list users system list logins system log system log enable disable system log list system restart system set login access system set login mayconfigure system set login maydialin system set user acc...

Страница 641: ... to a new account added using the system add login command Option Default setting dialin to the system enabled login to the system disabled configuration permissions disabled access permissions default user 22 2 4 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value Name A u...

Страница 642: ...lts are applied to a new account added using the system add user command Option Default setting dialin to the system disabled login to the system enabled configuration permissions enabled access permissions default user 22 3 4 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default v...

Страница 643: ...System CLI Commands 2 1553 ZAT 759 94 Uen B December 2005 643 22 3 5 Example system add login john temporarily ...

Страница 644: ...o prevent a user from overwriting the system with their own configuration only a Super user can use this command 22 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value filename The name of an existing file that you want to save your configuration in The filename MUST be...

Страница 645: ...ystem This command has the same effect as entering the system config restore minimal command Once you have entered this command you need to save your configuration and restart your device using the system config save and system restart commands If you do not save and restart any subsequent changes you make to the configuration will not be saved 22 5 3 Example system config clear Restoring backup c...

Страница 646: ... stored in followed by a filename value Super users can restore the factory defaults from isfs im conf factory Super users can clear their current configuration by restoring the isfs im conf minimal Attributes are set to their defaults and all interfaces and transports are deleted The default admin user is not affected so you can still login to the system 22 6 3 Options The following table gives t...

Страница 647: ...ration from the isfs im conf factory file Only Super users can use this command N A minimal Clears the current configuration by resetting attributes to their defaults and deleting interfaces and transports Only Super users can use this command N A 22 6 4 Example system config restorebackup Restoring backup configuration isfs im conf backup ...

Страница 648: ...ve 22 7 2 Description This command saves the system configuration in the im conf file in FlashFS This allows all users to create their own backup files Default Engineer and Super users can use this command 22 7 3 Example system config save Wait for configuration saved message Saving configuration Configuration saved ...

Страница 649: ...e partition will destroy the saved factory configuration on that image partition 22 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value image The image partition where the factory default configuration file is to be stored current the current image partition used for th...

Страница 650: ...r that has been added to the system using the system add login command Only a Super user can use this command 22 9 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A 22 9 4 Example system delete login john ...

Страница 651: ...er that has been added to the system using the system add user command Only a Super user can use this command 22 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A 22 10 4 Example system delete user fred ...

Страница 652: ... MAC address and hardware and software version details of your system 22 11 3 Example system info Global System Configuration Vendor Ericsson AB URL http www ericsson com MAC address 00 80 37 85 C5 C2 Hardware ver null He5x0 He400 CSP v1 0 ISOS 9 0 Serial number B370001858 Software ver R2B01 Build date 22 March 2005 Build type RELEASE Compiler gcc 2 95 3 20010315 release ...

Страница 653: ...9 94 Uen B December 2005 653 22 12 system legal 22 12 1 Syntax system legal 22 12 2 Description This command displays copyright information about the software that you are using 22 12 3 Example system legal Copyright c 2004 Ericsson AB ...

Страница 654: ... 00 0b cd 5c 30 37 associated 517733 i802_1x 00 0b cd 5c 30 37 disassociated 517737 i802_1x 00 0b cd 5c 30 37 associated 518168 i802_1x 00 0b cd 5c 30 37 disassociated 518217 i802_1x 00 0b cd 5c 30 37 associated 518461 i802_1x 00 0b cd 5c 30 37 disassociated 523335 i802_1x 00 0b cd 5a b2 08 associated 523767 i802_1x 00 0b cd 5a b2 08 disassociated 523772 i802_1x 00 0b cd 5a b2 08 associated 523820...

Страница 655: ...3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of a file which has open file handless associated with it N A 22 14 4 Example system list openfiles bun qid devuse appuse colour flags lasterrno console 0000004b 00000000 00400000 3 0 console 00000027 00000...

Страница 656: ...t logins command The list contains the following information User ID number User name Configuration permissions enabled or disabled Dialin permissions enabled or disabled Access level default engineer or super user Comment any comments that were included when the user was added to the system 22 15 3 Example system list users Users May May Access ID Name Conf Dialin Level Comment 1 admin ENABLED di...

Страница 657: ...st users command The list contains the following information User ID number User name Configuration permissions enabled or disabled Dial in permissions enabled or disabled Access level default engineer or super user Comment any comments that were included when the user was added to the system 22 16 3 Example system list logins Users May May Access ID Name Conf Dialin Level Comment 1 admin ENABLED ...

Страница 658: ...mand and a default value if applicable Option Description Default value nothing No extra output is displayed N A warnings Non fatal errors are displayed N A info Certain program messages are displayed Also displays the values for the warnings option N A trace Detailed trace output is displayed Also displays the values for info and warnings options N A entryexit A message is displayed every time a ...

Страница 659: ... info system log enable disable sshd debug debug1 debug2 debug3 error fatal info verbose system log enable disable upload get info preserve system log enable disable webserver access file system log enable disable wpa errors states gtk events 22 18 2 Description This command enables disables the tracing support output that is displayed by the CLI for a specific module and module category The comma...

Страница 660: ... does not affect ip udp and so on To display a list of modules and categories and their enable disable status see the system log list command 22 18 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable Enables tracing support output for a specified specific module an...

Страница 661: ...re using For example if you do not have IPoA included in your image build the IPoA options are not listed in the output for this command 22 19 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value module The name of a module that exists in your current image build This can ...

Страница 662: ...ed ipsec pfkey disabled ipsec seltbl_dt disabled ipsec seltbl_nm disabled rip errors disabled rip rx disabled rip tx disabled scanpvc error ENABLED scanpvc results ENABLED scanpvc info disabled sshd fatal ENABLED sshd error ENABLED sshd info disabled sshd verbose disabled sshd debug disabled sshd debug1 disabled sshd debug2 disabled sshd debug3 disabled upload info disabled upload preserve disable...

Страница 663: ...759 94 Uen B December 2005 663 22 20 system restart 22 20 1 Syntax system restart 22 20 2 Description This command restarts your system It has the same effect as pressing the Reset button on your HM4x0 22 20 3 Example system restart ...

Страница 664: ...ptions The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A default Access permissions for a user engineer Access permissions for a user superuser Access permissions for a user default 22 21 4 Example system set login john access engineer 22 21 ...

Страница 665: ...dd system login or the add system user command Only a Super user can use this command 22 22 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A enables Enables configuration permissions for a user disabled Disables configuration permi...

Страница 666: ...tem using the system add login command Only a Super user can use this command 22 23 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A enabled Enables dial in permissions for a user disabled Disables dial in permissions for a user di...

Страница 667: ...tions The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A default Access permissions for a user engineer Access permissions for a user superuser Access permissions for a user default 22 24 4 Example system set user fred access engineer 22 24 5 ...

Страница 668: ... using the add system user command Only a Super user can use this command 22 25 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A enables Enables configuration permissions for a user disabled Disables configuration permissions for a...

Страница 669: ...tem using the system add user command Only a Super user can use this command 22 26 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A enabled Enables dial in permissions for a user disabled Disables dial in permissions for a user ena...

Страница 670: ...mand Only a Super user can use this command 22 27 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name The name of an existing user N A password A unique password made up of more than one character that identifies an individual user and lets the user access PPP servic...

Страница 671: ...n B December 2005 671 23 Transports CLI Commands This chapter describes the Transports CLI commands 23 1 Summary The table below lists the Transports commands provided by the CLI transports clear transports delete transports list transports show ...

Страница 672: ...ZAT 759 94 Uen B December 2005 23 2 transports clear 23 2 1 Syntax transports clear 23 2 2 Description This command deletes all transports that were created using the transport_module add transport command 23 2 3 Example transports clear ...

Страница 673: ...and 23 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A name that identifies an existing transport To display transport names use the transport list command N A number A number that identifies an existing transport To display transport numbers use the transpor...

Страница 674: ...owing information about the transports Transport identification number Transport name Transport type RFC1483 PPP or Ethernet Number of transmitted received packets for each transport VPI VCI setting RFC1483 and PPP transports only 23 4 3 Example transports list Services ID Name Type 1 wantrans Ethernet TxPkts 659 0 RxPkts 0 0 2 lantrans Ethernet TxPkts 0 0 RxPkts 0 0 3 wlan_filtered Ethernet TxPkt...

Страница 675: ...efault value if applicable Option Description Default value name A name that identifies an existing transport To display transport names use the transport list command N A number A number that identifies an existing transport To display transport numbers use the transport list command N A 23 5 4 Example transports show LanTransport Ethernet Status Service Creator CLI Description LanTransport Atm P...

Страница 676: ...6 2 1553 ZAT 759 94 Uen B December 2005 24 User CLI Commands This chapter describes the User CLI commands 24 1 Summary The table below lists the User commands provided by the CLI user logout user password user change name ...

Страница 677: ... 94 Uen B December 2005 677 24 2 user logout 24 2 1 Syntax user logout 24 2 2 Description This command logs you out of the system Default Engineer and Super users can use this command 24 2 3 Example user logout Logging out HM4x0 Login ...

Страница 678: ...ecember 2005 24 3 user password 24 3 1 Syntax user password 24 3 2 Description This command allows you to change your user password Default Engineer and Super users can use this command 24 3 3 Example user password Enter new password Again to verify ...

Страница 679: ... permissions you loose your Super user privileges and inherit the access permissions of either the Default or Engineer user 24 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value name A unique login name made up of more than one character that identifies an individual u...

Страница 680: ...lists the Web Server commands provided by the CLI webserver clear stats webserver enable disable webserver load webserver set archive webserver set interface webserver set managementip webserver set port webserver set secclass webserver set telnetport webserver set telnetsecclasses webserver set upnpport webserver set upnpsecclasses webserver show info webserver show stats ...

Страница 681: ... 2 1553 ZAT 759 94 Uen B December 2005 681 25 2 websersver clear stats 25 2 1 Syntax webserver clear stats 25 2 2 Description This command sets all of the Web Server process counters to 0 25 2 3 Example webserver clear stats ...

Страница 682: ...e Web Server process By default the Web Server process is enabled 25 3 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value enable Enables the Web Server process disable Disables the Web Server process enable 25 3 4 Example websesrver disable Webserver is disabled ...

Страница 683: ... 25 4 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value archive_ name The name of an existing file that is used for static web page content Setting this option to none means that the derived archive file is not loaded at startup expand isfs derived_data dat 25 4 4 Examp...

Страница 684: ...aded when the webserver process starts 25 5 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value archive_ name The name of an existing file that is used for static web page content Setting this option to none means that the derived archive file is not loaded at startup exp...

Страница 685: ...ion Once you have set the UPnP interface the IGD monitors the interface The IGD can handle changes to the interface definition for example if the IP address changes through a DHCP update the IGD will use the newly assigned address You must save your configuration see the system config save command and restart your system see the system restart command to activate the Web Server settings 25 6 3 Opt...

Страница 686: ...tity or from any IP address by setting the IP address to 0 0 0 0 25 7 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value Ip address The only IP address that the Web Server will allow connection requests from The IP address is displayed in the following format 192 168 102...

Страница 687: ...ets the HTTP port number that the Web Server process will use to transfer data 25 8 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value port A valid port number that must be between 0 and 65535 80 25 8 4 Example webserver set port 100 ...

Страница 688: ... This has the same effect as entering the command ip set appservice http secclasses secclasses Supported secclasses values are as follows all allows access to the HTTP AppService via all existing security interfaces none prevents access to the HTTP AppService via any existing security interface internal allows access to the HTTP AppService via the existing internal security interface external allo...

Страница 689: ...ription Default value secclasses all none internal external or dmz To allow access to the HTTP AppService via two security interface types type the secclass values separated by a comma for example internal external or separated by a space and enclosed in double quotation marks for example internal external To specify all three internal external and dmz secclasses use the all value N A 25 9 4 Examp...

Страница 690: ...ication You must save your configuration see the system config save command and restart your system see the system restart command to activate the Web Server settings 25 10 3 Options The following table gives the range of values for each option which can be specified with this command and a default value if applicable Option Description Default value port A valid port number that must be between 0...

Страница 691: ...ice This has the same effect as entering the command ip set appservice telnet secclasses secclasses Supported secclasses values are as follows all allows access to the Telnet AppService via all existing security interfaces none prevents access to the Telnet AppService via any existing security interface internal allows access to the Telnet AppService via the existing internal security interface ex...

Страница 692: ...ault value secclasses all none internal external or dmz To allow access to the Telnet AppService via two security interface types type the secclass values separated by a comma for example internal external or separated by a space and enclosed in double quotation marks for example internal external To specify all three internal external and dmz secclasses use the all value N A 25 11 4 Example webse...

Страница 693: ...nabled status true or false Archive file set Interface set HTTP port set Telnet port set Auxiliary HTTP port setting Management IP address 25 12 3 Example webserver show info Web server configuration EmWeb release R6_1_0 Enabled true Archive expand isfs derived_data dat Interface wan_ip HTTP port 80 Telnet port 23 Auxiliary HTTP port 8008 Permitted HTTP security classes all Permitted UPnP security...

Страница 694: ...web server Note The memory shown is the memory that can be accessed and used by the web server i e not the total amount memory available for all processes 25 13 3 Example webserver show memory Variable allocation pool total pool size 149968 free 86464 allocated 63504 mean alloc chunk 79 max free chunk 86448 Buffer pool total pool size 25568 free 21216 allocated 4352 mean alloc chunk 197 max free c...

Страница 695: ...webserver show stats 25 14 1 Syntax webserver show stats 25 14 2 Description This command tells you how many bytes have been transmitted and received by the Web Server 25 14 3 Example webserver show stats Web Server statistics new Bytes transmitted 3306135 Bytes received 0 ...

Страница 696: ...userpriority 75 bridge set interface filtertype 44 bridge set interface ingressfiltering 73 bridge set interface numtrafficclasses 79 bridge set interface portfilter 45 bridge set interface pvid 74 bridge set interface regenpriority 76 bridge set interface trafficclassmap 80 bridge set trafficclassstatus 82 bridge show 50 bridge show fdb 72 bridge show interface 52 bridge show interface regenprior...

Страница 697: ...bnet hostisdnsserver 178 dhcpserver set subnet maxleasetime 179 dhcpserver set subnet subnet 180 dhcpserver show 181 dhcpserver show subnet 182 dhcpserver subnet add iprange 183 dhcpserver subnet add option 184 dhcpserver subnet clear ipranges 186 dhcpserver subnet clear options 187 dhcpserver subnet delete iprange 188 dhcpserver subnet delete option 189 dhcpserver subnet list ipranges 190 dhcpser...

Страница 698: ...set interface ipaddress 266 ip set interface mtu 268 ip set interface netmask 269 ip set interface rip accept 281 ip set interface rip multicast 283 ip set interface rip send 285 ip set interface sourceaddrvalidation 270 ip set interface tcpmssclamp 271 ip set rip advertisedefault 287 ip set rip authentication 288 ip set rip defaultroutecost 289 ip set rip hostroutes 290 ip set rip password 291 ip...

Страница 699: ...ort dialout pvc 451 pppoe clear transports 455 pppoe delete transport 456 pppoe list transports 457 pppoe set transport accessconcentrator 458 pppoe set transport autoconnect 460 pppoe set transport autoconnect filter 461 pppoe set transport bt 463 pppoe set transport createroute 464 pppoe set transport dialout 465 pppoe set transport discoverdns primary 466 pppoe set transport discoverdns seconda...

Страница 700: ...ockinglog intrusionlog sessionlog level 547 security set IDS DOSattackblock 583 security set IDS floodperiod 589 security set IDS floodthreshold 590 security set IDS MaxICMP 584 security set IDS MaxPING 585 security set IDS MaxTCPopenhandshake 586 security set IDS portfloodthreshold 591 security set IDS SCANattackblock 588 security set IDS scanperiod 592 security set IDS scanthreshold 593 security...

Страница 701: ...mayconfigure 666 system set login maydialin 667 system set user access 668 system set user mayconfigure 669 system set user maydialin 670 system set user password 671 T transports clear 673 transports delete 674 transports list 675 transports show 676 U user change 680 user logout 678 user password 679 W websersver clear stats 682 webserver enable disable 683 webserver load 684 webserver set archi...

Страница 702: ...Ericsson AB Ericsson AB 2005 All Rights Reserved www ericsson com 2 1553 ZAT 759 94 Uen B December 2005 ...

Отзывы:

Нет отзывов

Похожие инструкции для HM4x0

Бренд: Harmonic Страницы: 56

Бренд: Lanner Страницы: 2

Бренд: Wintech Страницы: 21

Бренд: Patton electronics Страницы: 12

Бренд: MC Страницы: 21

ConnectX-3 Pro MCX349A-XCCN

Бренд: Mellanox Technologies Страницы: 35

PXI PXITM -1000

Бренд: National Instruments Страницы: 55

LinkStation 500

Бренд: Buffalo Страницы: 139

AH10EN-5A Series

Бренд: Delta Страницы: 132

Бренд: Freescale Semiconductor Страницы: 124

Бренд: Thecus Страницы: 148

mPCIE-ADIO16-8F Series

Бренд: Acces I/O products Страницы: 13

Бренд: M86 Security Страницы: 540

PXI Express PXIe-1085 Series

Бренд: National Instruments Страницы: 89

Бренд: NETGEAR Страницы: 3

Бренд: LevelOne Страницы: 17

Бренд: Alphacool Страницы: 3

Бренд: VALKYRIE Страницы: 26

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды