Mistral Lan Router ISDN with 4 Fast Ethernet ports + Broadband Interface Console Commands A02-RI_ME02(September 2003)
COPYRIGHT The Atlantis Land logo is a registered trademark of Atlants Land SpA. All other names mentioned mat be trademarks or registered trademarks of their respective owners. Subject to change without notice. No liability for technical errors and/or omissions. Copyright 2002 by this company.
Console Commands General Guidelines When the router is powered up, the user can connect a terminal (or the PC running terminal emulation software) to the auxiliary (console) port to perform configuration and management functions. Alternatively, the Command Line Interface may be accessed via a standard telnet application.
• If a keyword is expected when the user types “ ?”, all valid keywords will be displayed, then the command typed so far will be re-displayed, with the cursor sitting at the end (waiting for the user to continue). • If the user had previously typed part of the keyword but did not finish it, and if the characters typed so far uniquely identify the keyword, if the user types a tab (or a space) character, and the system will complete the keyword automatically.
Conventions Note that the meaning of “port n” may differ depending upon the model being managed. Examples using the terminology are model-specific. The following notations will be used: 1. lan means the LAN port; 2. <> specifies the arguments of the command, <1-4> means a number between 1 to 4; 3.
System This summary is followed by examples in subsequent sections. Examples will be given in the following format: Command Syntax Description: the description of the command is given here. Example: Router> command (with parameters) Output … Command List Note that commands may apply either to a specific router model or with a particular Feature Key enabled.
DHCP Commands ⊕add dhcp entry add dns delete dhcp entry delete dns disable dhcp enable dhcp ⊕set dhcp ⊕set range show dhcp show dhcp table show range Diagnostic Commands connect profile disable trace disconnect profile enable trace ping [integer greater than 0][packet length, greater than or equal to 56] set log level <1-10> test isdn <64k/56k> Dial-in User Commands ⊕add user
show user [profile name] Filtering Commands ⊕add filter <1-8> delete filter <1-8> ⊕set filter default show filter show filter <1-8> IP Commands add ip route add ip route ⊕add pat entry ⊕add pat entry default delete ip default route delete ip route delete ip delete pat entry delete pat entry default disable spoofing
set ip private set ip rip set ip rip [Interface Name] set ip set ip show arp table show icmp statistics show ip show ip show ip routing table show ip statistics show pat show tcp statistics show udp statistics Port Commands clear port statistics [port name] disable port enable port ⊕set port
Profile Commands ⊕add profile clear profile statistics [Profile Name] connect profile delete profile disable profile disconnect profile enable profile show profile show profile show profile statistics show profile statistics Security Command set ip private SNMP Commands clear trap manager <1-5> disable trap enable trap set community string read
Statistics Commands clear compression statistics [Interface Name] clear port statistics [port name] clear profile statistics [Profile Name] show compression statistics show icmp statistics show ip statistics show port statistics show profile statistics [Profile Name] show snmp statistics show tcp statistics show udp statistics show statistics System Commands change password clear config disable remote-mgt enable remote-mgt disconnect telnet session <1-5> download
reset system save config set console baud set console timeout set date set daylight time ⊕set internet access time set log level <1-10> set prompt set system contact set system location set system name set time set timezone <-12:00 - +12:00> show config show connection log show interfac
Command Detail Bridging Commands Although routing is preferred over bridging for transmitting data across wide area connections, occasionally bridging is required. For example, when the data packets to be transmitted are neither IP nor IPX (such as NetBEUI, SNA or AppleTalk), or when the other end of the WAN connection only supports bridging.
show learning Description: This command displays MAC addresses learned from all bridging-enabled interfaces.
disable compression Description: This command disables compression over the specified interface. enable compression Description: This command enables compression over the specified interface. show compression statistics Description: This command displays compression related statistics for the specified interface.
255 ≥ xx ≥ 0 255 ≥ xx ≥ 0 Once configured, the DHCP server will assign private addresses from within the defined private address range with the highest available address being assigned first. This address range may be modified using the “set range” command. Statically assigned addresses must be within this range as well. Up to 20 static DHCP assignments may be configured and saved.
enable dhcp Description: This command enables the Dynamic Host Control Protocol server functionality within the router. When enabled, the router will service a client request for IP address and net mask assignment, as well as assignments of default gateway, DNS server addresses, WINS server addresses and NetBIOS Node Type. The pool of addresses from which the router selects is defined in the table above.. The default is 192.168.168.
enter upper bound address (192.168.168.254): enter lower bound address (192.168.168.1): show dhcp Description: This command displays the current status of the Dynamic Host Control Protocol server. Example: Router> show dhcp Admin Status: Enable Default Lease: Network address: 192.168.168.0 Netmask: 10 hours 255.255.255.0 Default gateway: 192.168.168.230 Primary DNS: 199.191.129.139 Primary WINS: 63.221.98.5 Node Type IP-Address Secondary DNS: 199.191.144.75 Secondary WINS:63.221.98.
Diagnostic Commands connect profile Description: For switched profiles, this command activates the profile as if a trigger occurred. This command has no effect on leased line profiles. disable trace Description: This command disables the debug trace messages. disconnect profile Description: For active switched profiles, this command terminates the connection as if an idle timeout occurred. This command has no effect on leased line profiles.
test isdn <64k/56k> Description: This command causes a modem call to the specified telephone number. The call is cleared immediately after a connection is established. This command is only valid when the ISDN port has been configured and enabled. Please refer to “Set Port” and “Enable Port” commands for details. Dial-in User Commands Dial-in user profiles are used by stand-alone remote workstations connecting via a switched connection through an ISDN line.
Add the following Single Workstation dialing into the router using the CLI Advanced Mode Router>>> add user u2 Add new user profile "u2" ...
Caller ID: None Auth Method: Either Encryption: No Compression: None No Idle Timeout: Enable IP: IP Address: Callback #: Yes 300 IP RIP: Disable Dynamic Bridging: No Filtering Commands ⊕add filter <1-8> Description: This command adds or modifies the nth IP filter rule in the system Packet Filtering allows each IP packet exiting a router interface to be examined for a match with a configured set of rules.
planning. For a more detailed description of Filtering, please refer to the User Guide for your particular model.
Interface Name: ppp2 Src. IP: IP Protocol: 212.54.104.1 Dest. IP: any Src. Port: 136 any Dest. Port: any show filter <1-8 > Description: This command displays the definition of the nth rule. Example: Router> show filter 1 Filter 1: Filter Name: Rule1 Interface Name: ppp2 IP Protocol: Src. IP: Dest. IP: 212.54.104.1 any any Src. Port: 136 Dest.
Example 1: IP packets received with the public IP address of the router and a destination port number of 123 will be translated to port 234 with a destination private IP address of 10.0.1.120. Here, it is assumed that the private IP network is 10.0.1.0 with a subnet mask of 255.255.255.0. Router> add pat entry 123 Enter Private IP Address (unspecified): 10.0.1.
Since dial-up connection (e.g. ISDN calls) charges are based on the connection time, a technique called IP spoofing is often used to limit or prevent unnecessary connection time. This is done by (1) allowing control packets to be sent only when the connection is already up transmitting user data, or (2) allowing control packets to be spoofed (faked) so that they don’t add load to the WAN traffic. IP RIP broadcasts are sent only when the connection is up.
Note that the router may also communicate with devices in a “public” IP network, as defined in the command “set ip lan ”. When you modify the private IP network, related routes in the IP Routing Table and all entries in the Static DHCP table and the Network Address Translation table which conflict with the new address space will be deleted. You will receive a warning message asking if you would like this to be done. Example: Router> set ip private 10.0.1.168 255.255.255.
This example assigns IP addresses to the two sides of the PPP connection ppp2 204.71.220.153 is for the local side of ppp2, while 204.71.220.151 is for the remote side; both use the same network mask, 255.255.255.0. Router> set ip ppp2 204.71.220.153 255.255.255.0 204.71.220.151 Example 2: This command activates IP routing over the ISDN connection profile isdnprofile1. When a connection is set up using profile isdnprofile1, unnumbered IP routing will be turned on.
show ip Description: This command displays all interfaces on which IP routing has been enabled. Example: Router> show ip IfName Admin. Oper. Destination/ State State IP Address Netmask Broadcast Addr ------------------------------------------------------------------ppp2 Enabled Up 20.0.0.1 lan Enabled Up 110.0.0.1 255.0.0.0 110.255.255.255 255.0.0.0 dlci16 Enabled Up 10.0.0.1 dlci17 Enabled Up (Unnumbered) 255.0.0.0 20.0.0.2 10.0.0.
Example: Router> show ip routing table Destination Netmask Gateway Hop IfName Flags 0 lan 0 lan ------------------------------------------------------------------40.0.0.0 192.168.168.0 255.255.255.0 C 10.0.0.1 0 lo H 20.0.0.1 0 lo H 20.0.0.2 0 ppp2 H 110.0.0.0 255.0.0.0 40.0.0.5 5 lan G S 120.0.0.0 255.0.0.0 40.0.0.5 1 lan G S show ip statistics Description: This csommand displays IP routing related statistics.
Example: Router> show pat Public Port Private IP Number Address Private Port Number -------------------------------------------------------Default 192.168.168.121 123 192.168.168.120 26 234 192.168.168.
disable port enable port Description: These two commands is used to disable or enable a port. ⊕set port The set port command is used to initialize or modify the characteristics of a hardware port on your router. Hardware ports are identified by port name and are model-specific. The name “ISDN” means the ISDN BRI interface. πThe name “ewan” stands for Ethernet-based WAN port which is connected to broadband modem.
Directory#1: 5551111 Sub-addr Req: No Switch Type: Europe (ETSI) Directory#2: 5552222 Currency: Unspecified Advice of Charge Unit price: Unspecified πPort Name : ewan πAdmin State : Enabled Port Type : Data Link Type: EWAN Ethernet show port Description: This command displays the configuration of a WAN interface port.
Total Octets: 2316 375 Total Packets: 46 10 Total Error: 0 0 Total Octets: 0 0 Total Packets: 0 0 Total Error: 0 0 B2-Channel πExample 2: Router> show port statistics ewan interface: e1 ---------------------------------------------------------------Received Transmitted ---------------------------------------------------------------Total packets 0 368 Total octets 0 217120 Multicast packets 0 0 Error on interface 0 0 CSMA collisions 0 Packets dropped Packets with unsupporte
Existing profiles are edited also using the “add profile” command. In this case, the defaults shown are the existing configured values. πThis router only support one profile over EWAN interface. When an ewan profile is configured, the following new added profile(s) will select ISDN automatically. User can modify the ewan profile by using “add profile” command or “delete profile”, then “add profile” again.
enable IP routing (Yes, yes/no): Set this profile as IP default route (No, yes/no): enter remote network IP address (Unspecified): 192.168.167.0 enter remote network IP netmask (Unspecified): 255.255.255.0 Router> πExample 3 – Internet Access through EWAN port: Router> add profile wilson The system is currently in Advanced Mode, press Ctrl-E to switch to Express Mode. Add new connection profile “wilson” ...
enable profile The state of the specified profile is set to “enabled”. Only enabled profiles are available for use. A profile’s state is set by default to enabled when it is created. show profile This command displays a summary of all configured static profiles.
show profile statistics Example: Router> show profile statistics Prof Oper.
disable trap enable trap Description: This command is used to enable or disable trap message generation. When trap generation is disabled, no SNMP trap messages will be generated. When it is enabled, any SNMP traps will be sent to each of the trap managers that have been defined. set community string read <"password"> Description: This command sets the community string used for authenticating SNMP get and getnext requests. The default for the read community string is “public”.
show trap manager [1-5] Description: This command displays the trap managers that are currently defined. If a trap number is used, only that trap manager is displayed. Example: Router> show trap manager No Trap Manager IP-Address -----------------------------------------1 11.22.33.44 2 55.66.77.88 Statistics Commands clear compression statistics Description: Refer to this command under Compression Commands.
show snmp statistics Description: Refer to this command under SNMP Commands. show tcp statistics Description: Refer to this command under IP Commands. show udp statistics Description: Refer to this command under IP Commands. show statistics Description: This command displays statistical information associated with the specified profile or the LAN.
clear config Description: This command is used to clear the configuration data in the flash memory. After clearing, the system will reboot. All user-configured data are lost. The configuration will return to the factory default settings. disable remote-mgt enable remote-mgt Description: This command allows the administrator to lock out or enable both HTTP and telnet management connections. Only a direct console connection is supported if remote management is disabled.
(1) Bridging (2) Compression (4) Filtering (5) IP (6) Port (8) Security (9) SNMP (7) Profile (10) Statistics (3) Diagnostics (11) System Please enter a selection number [1..11] for more detail information: 1 disable bridging disable learning enable bridging enable learning show bridging show learning show learning Please enter a selection number [1..11] for more detail information: logout Description: This command logs the user out of the system.
Example: Router> set console timeout 20 set date Description: This command sets the current date in the router. Example: Router> set date 4-12-01 set daylight time Description: This command sets the setting for Daylight Savings Time. This is only used for display purposes and has no effect on the System Time. Normally this parameter would be learned from a managing browser session.
Router> set prompt "Yes, Master" Yes, Master> set system contact <”name”> Description: This command sets the system contact information. The maximum number of characters allowed is 60. This information is displayed in the “show system” command, as well as in the “System Information” screen in the HTTP browser screen. Example: Router> set system contact "John Doe, pager: (408) 731-4567" set system location <”location information”> Description: This command sets the system location.
show config Description: A concise summary of the router configuration is displayed. Example: Router> show config IP Addr: 192.168.168.230 NetMask: 255.255.255.0 Port 1: ISDN ENABLED Europe (ETSI) PPP Ewan : EWAN IP RIP: D ENABLED Speed = 10 Mb show connection log Description: The connection log is displayed by the system. Up to 128 entries are maintained by the router in wraparound fashion. For a complete description of these entries, refer the User Guide for your system.
Example: Router> show system System Name: Router Up Time: 0 months 1 days 21:21:05 ---------------------------------------------------------------------system description: IP Brouter Over ISDN Line system contact: Unknown system location: Unknown community string (read): public Trap generation: Disabled Total Serial Ports: 1 S/W Version: MAC Address: 00-60-20-10-00-70 Console Baud Rate : 19200 Console Timeout: 10(min) Learning State: Remote Management State: Enabled DHCP State: Enabl
show telnet session Description: This command is used to display all existing telnet sessions. Example: Session Id Remote IP Remote Port ----------------------------------------------------1 204.71.212.38 2052 2 204.71.212.39 2564 show time Description: This command shows the time zone, daylight savings time setting, date and time of the day. For router systems, the time is only correct after an HTTP session has accessed this system or the time has been manually set using the “set time” command.
