User's Manual
Table Of Contents
- Reference for the Business Policy Switch 2000 Command Line Interface
- Contents
- Figures
- Tables
- Preface
- Chapter 1: CLI Basics
- Stacking compatibility
- Software version 2.0 compatibility with BayStack 450 switches
- New features
- CLI command modes
- Port numbering
- IP notation
- Accessing the CLI
- Setting the CLI password
- Getting help
- Basic navigation
- Managing basic system information
- Managing MAC address forwarding database table
- Displaying and setting stack operational mode
- Chapter 2: General CLI commands
- Setting the terminal
- Pinging
- Automatically loading configuration file
- Assigning and clearing IP addresses
- Assigning and clearing IP addresses for specific units
- Setting Telnet access
- Setting server for Web-based management
- Setting boot parameters
- Setting TFTP parameters
- Upgrading software
- Displaying interfaces
- Setting SNMP parameters
- Setting the system event log
- Displaying port statistics
- Enabling or disabling a port
- Naming ports
- Setting port speed
- Enabling Autopology
- Enabling flow control
- Enabling rate-limiting
- Chapter 3: Security
- Using the IP manager list
- Using MAC address security
- show mac-security command
- show mac-security mac-da-filter command
- mac-security command
- mac-security mac-address-table address command
- mac-security security-list command
- no mac-security command
- no mac-security mac-address-table command
- no mac-security security-list command
- mac-security command for specific ports
- mac-security mac-da-filter command
- Using EAPOL-based security
- Using RADIUS authentication
- Chapter 4: Spanning Tree, MLT, and Port-Mirroring
- Using spanning tree
- show spanning-tree command
- spanning-tree stp create command by STG
- spanning-tree stp delete command by STG
- spanning-tree stp enable command by STG
- spanning-tree stp disable command by STG
- spanning-tree command by STG
- default spanning-tree command by STG
- spanning-tree add-vlan command
- spanning-tree remove-vlan command
- spanning-tree command by port
- default spanning-tree command by port
- no spanning-tree command by port
- Using MLT
- Using port-mirroring
- Using spanning tree
- Chapter 5: VLANs and IGMP
- Increased VLAN support
- Configuring and displaying VLANs
- show vlan interface info command
- show vlan interface vids command
- vlan mgmt command
- default vlan mgmt command
- vlan create command
- vlan delete command
- no vlan command
- vlan name command
- auto-pvid command
- no auto-pvid command
- vlan ports command
- vlan members command
- show vlan mac-address command
- vlan mac-address command
- no vlan mac-address command
- Displaying multicast membership
- Using IGMP snooping
- Chapter 6: Policy-enabled networks and QoS
- Displaying QoS parameters
- Resetting
- Configuring COPS
- Configuring QoS interface groups
- Configuring DSCP and 802.1p and queue associations
- Configuring QoS filters and filter groups
- Configuring QoS actions
- Configuring QoS meters
- Configuring QoS shapers
- Gathering QoS statistics
- Configuring QoS policies
- Reordering packets
- Appendix A: Command List
- Index
115
Reference for the Business Policy Switch 2000 Command Line Interface
Chapter 3
Security
This chapter describes the security commands available with the CLI. There are
four types of security available on the BPS 2000:
• “Using the IP manager list,” next
• “Using MAC address security” on page 120
• “Using EAPOL-based security” on page 128
• “Using RADIUS authentication” on page 131
Refer to Using the Business Policy Switch 2000 Software Version 2.0 for more
information on these security features, as well as using the console interface (CI)
menus. Refer to Using Web-based Management for the Business Policy Switch
2000 Software Version 2.0 for information on configuring these features using the
Web-based management system, and refer to Reference for the Business Policy
Switch 2000 Management Software Version 2.0 for information on configuring
with the DM.
Using the IP manager list
When enabled, the IP manager list determines which source IP addresses are
allowed access to the BPS 2000. No other source IP addresses have access to the
switch. You configure the IP manager list using the following commands:
• “show ipmgr command,” next
• “ipmgr command for management system” on page 117
• “no ipmgr command for management system” on page 118
• “ipmgr command for source IP address” on page 119
• “no ipmgr command for source IP address” on page 119