Owner's manual
Table Of Contents
- About This Document
- Introduction
- Common Commands
- In this chapter
- Common commands
- show
- autoinstall
- banner
- commands
- crypto
- environment
- history
- interfaces
- ip
- ldap
- licenses
- logging
- mac
- mac-address-table
- management
- mobility
- ntp
- port-channel
- power
- privilege
- radius
- redundancy dynamic-ap-load-balance
- redundancy group
- redundancy history
- redundancy members
- rtls
- smtp-notification
- snmp
- snmp-server
- spanning-tree
- static-channel-group
- terminal
- timezone
- traffic-shape
- users
- version
- wireless
- (config-wireless) Executable Mode
- wlan-acl
- access-list
- aclstats
- alarm-log
- boot
- clock
- debugging
- dhcp
- file
- ftp
- password-encryption
- running-config
- securitymgr
- sessions
- startup-config
- upgrade-status
- mac-name
- firewall
- role
- virtual-IP
- wwan
- aap-wlan-acl
- aap-wlan-acl-stats
- protocol-list
- service-list
- User Exec Commands
- Privileged Exec Commands
- Global Configuration Commands
- In this chapter
- Global Configuration commands
- aaa
- access-list
- autoinstall
- banner
- boot
- bridge
- country-code
- crypto
- do
- end
- errdisable
- ftp
- hostname
- interface
- ip
- license
- line
- local
- logging
- mac
- mac-address-table
- mac-name
- management
- ntp
- prompt
- radius-server
- ratelimit
- redundancy
- role
- rtls
- service
- smtp-notification
- snmp-server
- spanning-tree
- timezone
- traffic-shape
- username
- vpn
- wireless
- wlan-acl
- network-element-id
- firewall
- virtual-ip
- wwan
- aap-wlan-acl
- arp
- power
- aap-ipfilter-list
- whitelist
- Crypto-isakmp Instance
- Crypto-group Instance
- Crypto-peer Instance
- Crypto-ipsec Instance
- Crypto-map Instance
- Crypto-trustpoint Instance
- Interface Instance
- Spanning tree-mst Instance
- Extended ACL Instance
- Standard ACL Instance
- Extended MAC ACL Instance
- DHCP Server Instance
- DHCP Class Instance
- Radius Server Instance
- Wireless Instance
- In this chapter
- Wireless configuration commands
- aap
- admission-control
- adopt-unconf-radio
- adoption-pref-id
- ap
- ap-containment
- ap-detection
- ap-image
- ap-ip
- ap-standby-attempts-threshold
- ap-timeout
- ap-udp-port
- auto-select-channels
- broadcast-tx-speed
- client
- clrscr
- cluster-master-support
- convert-ap
- country-code
- debug
- dhcp-one-portal-forward
- dhcp-sniff-state
- dot11-shared-key-auth
- end
- exit
- fix-broadcast-dhcp-rsp
- help
- hotspot
- load-balance
- mac-auth-local
- manual-wlan-mapping
- wireless-client
- mobility
- multicast-packet-limit
- multicast-throttle-watermark
- nas-id
- nas-port-id
- no
- proxy-arp
- qos-mapping
- radio
- rate-limit
- secure-wispe-default-secret
- self-heal
- sensor
- service
- show
- smart-rf
- smart-scan-channels
- wlan
- wlan-bw-allocation
- dot11k
- wips
- non-preferred-ap-attempts-threshold
- test
- RTLS Instance
- ESPI Instance
- RFID Instance
- SOLE Instance
- Smart RF Instance
- Role Instance
- AAP IP Filtering

256 Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
Global Configuration commands
5
route
[<IP-destination-prefix>
<IP-destination-prefix-mask
>|<IP-destination-prefix/Ma
sk>] <gateway-IP>
Adds a static route entry in the routing table.
• <IP-destination-prefix>– IP destination prefix
• <IP-destination-prefix-mask> – Mask for the
<IP-destination-prefix> IP
• <IP-destination-prefix/Mask> – IP destination prefix with
mask
• <gateway-IP> – IP address of the next hop used to
reach the destination
routing Turns on IP routing
ssh {[port <port>|rsa
keypair-name
<key-pair-name>]}
Sets up the Secured Shell (SSH) server
• port <port> – Optional. Defines the listening port (set
between 0-65536)
• rsa keypair-name <key-pair-name> – Optional. Sets the RSA
encryption key used for configuring RSA keypair
telnet {port <port>} Configures the Telnet server.
• port <port> – Optional. Defines the listening port ID (set
between 0-65535)
dos [ascend|
bcast-mcast-icmp|
chargen|enable|fraggle|
ftp-bounce|
invalid-protocol|
option-route|router-advt|
router-solicit|smurf|
snork|tcp-intercept|
tcp-max-incomplete|
twinge]
log [<0-8>|
alerts|
critical|
debugging| |emergencies|
errors|
informational|
none|
notifications|
warnings]
Configures the Denial of Service (DOS) attack parameters.
• ascend – Enables Ascend DoS checks
• bcast-mcast-icmp – Detects Broadcast/Multicast Icmp traffic
as attack
• chargen – Enables chargen DoS checks
• enable – Enables all DoS checks
• fraggle – Enables fraggle DoS checks
• ftp-bounce – Enables FTP bounce logs and sets the logging
levels
• invalid-protocol – Enables Invalid Protocol DoS attack check
and sets the logging levels for this attack
• option-route – Enables IP option route check
• router-advt – Enables ICMP router advertisement check
• router-solicit – Enables ICMP router solicit check
• smurf log – Enables smurf attack check
• snork – Enables check for packets
• tcp-intercept – Enables TCP intercept
• twinge – Enables twinge check
For all the above DoS attacks, the following log options can be set.
• <0-8> – Select one numerical log level. All messages
with and below this severity are logged
• emergencies – System is unusable (level 0)
• alerts – Immediate action needed (level 1)
• critical – Critical conditions (level 2)
• errors – Error conditions (level 3)
• warnings – Warning conditions (level 4)
• notifications – Normal but significant conditions
(level 5)
• informational – Informational messages (level 6)
• debugging – Debugging messages (level 7)
• none –Disable logging (level 8)