User Interface Description English PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module
PRIMERGY BX600 Blade Server Systems Intelligent Blade Panel Module Edition March 2007
Comments… Suggestions… Corrections… The User Documentation Department would like to know your opinion on this manual. Your feedback helps us to optimize our documentation to suit your individual needs. Feel free to send us your comments by e-mail to: manuals@fujtsu-siemens.
Important Notes Introduction Networking Planning Making Network Connection Configuration the IBP Web Base Command Interface Command Reference Using SNMP System Defaulting Troubleshooting and Tips
CONTENTS 1 Important Notes ...........................................................................................................8 1.1 Information About Boards.....................................................................................8 1.2 Compliance Statements........................................................................................9 2 Introduction................................................................................................................12 2.1 2.
.2.4 7 Extended Configuration Menu .......................................................................92 Command Reference ..............................................................................................123 7.1 CLI Command Format ......................................................................................123 7.2 CLI Mode-based Topology................................................................................124 7.3 System Information and Statistics commands.........
.6.4 7.7 7.8 7.9 7.10 Configuration Commands............................................................................196 Script Management Commands .......................................................................201 7.7.1 script apply ..................................................................................................201 7.7.2 script delete .................................................................................................201 7.7.3 script list................
7.12.2 ip dhcp client-identifier.................................................................................259 8 Using SNMP ............................................................................................................260 8.2 Supported MIBs................................................................................................261 8.3 Accessing MIB Objects.....................................................................................263 8.4 Supported Traps ............
Information About Boards Important Notes 1 Important Notes Store this manual close to the device. If you pass the device on to third parties, you should pass this manual on with it. Be sure to read this page carefully and note the information before you open the device. You cannot access the IBP Module without first opening the device. How to dismantle and reassemble the device is described in the Operating Manual accompanying the device.
Compliance Statements Important Notes 1.2 Compliance Statements FCC Class A Compliance This equipment has been tested and found to comply with the limits for a “Class A” digital device, pursuant to Part 15 of the FCC rules and meets all requirements of the Canadian Interference-Causing Equipment Regulations. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Compliance Statements Important Notes Japan VCCI Class A CE Mark Declaration of Conformance for EMI and Safety (EEC) This information technology equipment complies with the requirements of the Council Directive 89/336/EEC on the Approximation of the laws of the Member States relating to Electromagnetic Compatibility and 73/23/EEC for electrical equipment used within certain voltage limits and the Amendment Directive 93/68/EEC.
Compliance Statements Taiwan BSMI Class A Australia AS/NZS 3548 (1995) - Class A Important Notes
Features of the Introduction 2 Introduction The PRIMERGY BX600 Blade Server system is a modular server system that can integrates up to 10 server modules, four IBP Modules (one IBP will be included in the base enclosure, the other three are optional) and two Management Modules (MMB). The IBP Module provides networking connectivity to PRIMERGY BX600 Blade Server. The Management Modules provides a single point of control for the PRIMERGY BX600 Blade Server.
Compliance Statements Important Notes Flow Control Support (IEEE 802.3X) Flow control enables lower speed devices to communicate with higher speed devices, by requesting that the higher speed device refrains from sending packets. Transmissions are temporarily halted to prevent buffer overflows. Back Pressure Support On half-duplex links, the receiving port prevents buffer overflows by occupying the link so that it is unavailable for additional traffic.
Features of the Introduction Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period are aged out. This prevents the Bridging Table from overflowing. Port Security Port security prevents unauthorized users from accessing your network. It allows each port to learn, or be assigned, a list of MAC addresses for devices authorized to access the network through that port.
Compliance Statements Important Notes Port Group Support Port group feature is supported on IBP. Port Groups combine several ports into a group. Up to 10 groups are available for IBP. Each Port Group should contain internal server ports and/or external ports. No network loops are allowed in the configuration. All external ports in the Port Group form a trunk group. Port Backup Support Port Backup feature is supported on IBP for redundant uplink ports.
Features and Benefits 2.1.3 Introduction IBP Module Management Features The Intelligent Blade Panel can either be managed through the console port (out-of-band management) or through the network (in-band management) with SNMP, TELNET or HTTP protocols.
Compliance Statements Important Notes running, without rebooting the system. This function is available for CLI only. SNMP Alarms and Trap Logs The system logs events with severity codes and timestamps. Events are sent as SNMP traps to a Trap Recipient List. SNMP Version 1,Version 2, and Version 3 Simple Network Management Protocol (SNMP) over the UDP/IP protocol.
Compliance Statements 2.1.4 Important Notes Security Feature SSL Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data through privacy, authentication, and data integrity. It relies upon certificates and public and private keys. SSL version 3 and TLS version 1 are currently supported. Port Based Authentication (802.1x) Port based authentication enables authenticating system users on a per-port basis via an external server.
Compliance Statements Important Notes 2.2 Description of Hardware IBP Module Port Configurations PRIMERGY BX600 Front Panel Port Description The PRIMERGY BX600 IBP Module contains 12 Gigabit Ethernet ports for connecting to the network and 30 Gigabit Ethernet ports for connecting PRIMERGY BX600 Blade Server management MMB modules. The 12 Gigabit Ethernet ports can operate at 10, 100 or 1000 Mbps. These ports support auto negotiation, duplex mode (Half or Full duplex), and flow control.
Compliance Statements Important Notes
Compliance Statements Important Notes PRIMERGY GbE Switch Blade 30/12 Internal Ports List PRIMERGY BX620 I/O Switch Internal S4 Nic No. Blade Module. Ports Mapping PRIMERGY BX620 I/O Switch Internal S4 Nic No. Blade Module.
Compliance Statements Important Notes 2.2.2 Status of LEDs The front panel contains light emitting diodes (LED) that indicate the status of links, and IBP diagnostics. Port LEDs Each of uplink port has two LED indicators.
Compliance Statements Important Notes l Auto-negotiation enables each port to automatically select the optimum speed (10, 100 or 1000 Mbps) and communication mode (half or full duplex) if this feature is supported by the attached device; otherwise the port can be configured manually l IEEE 802.3ab Gigabit Ethernet compliance ensures compatibility standards-based network cards and switches from any vendor 2.3.
Notational Conventions Introduction 2.4 Notational Conventions The meanings of the symbols and fonts used in this manual are as follows: CAUTION! ! Failure to observe this warning endangers your life, destroys th system, “Quotation marks” I 24 Pay particular attention to texts marked with this symbol. indicate names of chapters and terms that are being emphasized This symbol is followed by supplementary information, remarks and tips.
Target Group Introduction 2.5 Target Group This manual is intended for those responsible for installing and configuring network connections. This manual contains all the information required to configure the IBP.
Technical Data Introduction 2.6 Technical Data Electrical data Operating voltage +12 VDC @ 3 A max Maximum current 11 A max @ 3.3 VDC National and international standards Product safety IEC 60950 / EN 60950 / UL 1950, CSA 22.2 No.
Technical Data Introduction Environmental conditions Environment class 3K2 DIN IEC 721 part 3-3 Environment class 2K2 DIN IEC 721 part 3-2 Temperature: – Operating (3K2) 0 °C .... 50 °C – Transport (2K2) -40 °C .... 70 °C Humidity 10 ... 90% Condensation while operating must be avoided.
Introduction to IBP Network Planning 3 Network Planning 3.1 Introduction to IBP The Intelligent Blade Panel Module (IBP) provides a simple Ethernet interface option for connecting the PRIMERGY BX600 Blade Server systems to the network infrastructure. The administrative effort and network skills required to connect to the network are minimized.
Connecting to 1000BASE-T Devices Making Network Connections 4 Making Network Connections The IBP connects server boards installed inside the system to a common switch fabric, and i also provides three external ports for uplinking to external IEEE 802.3ab compliant devices. For most applications, the external ports on the IBP will be connected to other switches in the network backbone. 4.
1000BASE-T Cable Requirements Making Network Connections Do not plug a phone jack connector into any RJ-45 port. This may ! damage the IBP. Instead, use only twisted-pair cables with RJ-45 connectors that conform with FCC standards. For 1000 Mbps operation, all four wire pairs in the cable must be connected.
1000BASE-T Pin Assignments 4.2.2 Making Network Connections Adjusting Existing Category 5 Cabling for 1000BASE-T If your existing Category 5 installation does not meet one of the test parameters for 1000BASE-T, there are basically three measures that can be applied to try and correct the problem: 1. Replace any Category 5 patch cables with high-performance Category 5e cables. 2. Reduce the number of connectors used in the link. 3. Reconnect some of the connectors in the link. 4.
Overview Configuration the IBP Module 5 Configuration the IBP Module This section contains information about IBP unpacking, installation, and cable connections. 5.1 Overview The IBP Module is inserted in the PRIMERGY BX600 Blade Server which is a modular server system that can integrates up to 10 processor blades and four IBP Modules.
Connecting the IBP Module Configuration the IBP Module 5.2 Connecting the IBP Module Before configuring the IBP Module, PRIMERGY BX600 Blade Server console port must be connected to the IBP Module. To connect PRIMERGY BX600 Blade Server console port to the IBP Module, perform the following: 1. Mount the IBP Module. On the console monitor the MMB application displays a login screen. The IBP Module bootup screen is displayed. Welcome to Management Blade 1.
Connecting the IBP Module Configuration the IBP Module (5) Logout (6) Reboot Management Blade (7) System Information Dump Enter selection: 3 3. Select (3) Console Redirection. The Console Redirection Table is displayed.
Start up and Configuration the IBP Module Configuration the IBP Module 5.3 Start up and Configuration the IBP Module It’s important to understand the IBP Module architecture when configuring the IBP Module. The IBP Module has two types of ports. One type is for interfacing the IBP Module with PRIMERGY BX600 Blade Server, and the other type are regular Ethernet ports used for connecting PRIMERGY BX600 Blade Server to the network.
Configuring the Terminal Configuration the IBP Module 5.4 Configuring the Terminal To configure the device, the station must be running terminal emulation software. Ensure that switch module is correctly mounted and is connected to the chassis serial port. Ensure that the terminal emulation software is set as follows: Connect PRIMERGY BX600 Blade Server serial port to the IBP Module. NOTE: 1. The default data rate is 9600. No other data rate is required for initial configuration. 2.
Software Download Configuration the IBP Module 2. Power up the Chassis and observe booting information (if Chassis is running press few times to ensure that terminal connection is successful). 5.5 Booting Device • The device is delivered with a default configuration. • The device is not configured with a default user name and password.
Compliance Statements Important Notes the device. If it is not the latest version, download and install the latest version. For more information on downloading the latest version see the "Software Download" 5.6 Software Download 5.6.1 In BootROM Back Door CLI Software Download Using Xmodem Protocol The software download procedure is performed when a new version must be downloaded to replace the corrupted files, update or upgrade the system software (system and boot images).
Software Download Configuration the IBP Module 8. Enter the reset command. The following message is displayed: BootROM > reset Are you sure you want to reset the system (y/n)? y System Resetting... 9. Enter y. The device reboots. 5.6.2 In Operation Code CLI Software Download Through TFTP Server This section contains instructions for downloading device software through a TFTP server. The TFTP server must be configured before beginning to download the software.
Software Download Configuration the IBP Module file name file type startup size (byte) -------------------------------- -------------- ------- ----------PRIMERGY BX600-b-0.4.1214.biz Boot-Rom image default.cfg Config File Y Y 118206 17336 PRIMERGY BX600-r-c-0.5.0110.biz Operation Code Y 40666365 5. Enter (vty-0) # copy tftp://{tftp address}/{file name} image {file name} command to copy a new system image to the device. The following message is displayed: Mode...................................
Main Menu Web-Based Management Interface (vty-0) #reload Are you sure you would like to reset the system? (y/n) y System will now restart! 9. Enter y. The device reboots.
Compliance Statements Important Notes 6 Web-Based Management Interface 6.1 Overview The BX600 Network IBP module provides a built-in browser software interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer or Netscape Navigator. This software interface also allows for system monitoring and management of the IBP module.
Compliance Statements Important Notes 6.2 Main Menu 6.2.1 6.2.1.1 Groups Administration Managing Port Groups 6.2.1.1.1. Configuring Port Group Configuration Page The purpose of the port group configuration page is to create port groups, and to modify the existing port groups. Linkstate, port backup, and IGMP snooping of the port groups can be configured in this page. Selection Criteria Group Name – Use this pull-down menu to select one of the existing groups.
Compliance Statements Important Notes 6.2.1.1.2. Configuring Port Configuration Page The purpose of the port group configuration is to combine ports into a port group. All ports in the same port group could be communicate with each other. Ports could not communicated across port groups. (The members of Management VLAN reside in different port groups could communicate with each other.) When a port group is created, two link aggregation groups will also be created internally.
Compliance Statements Important Notes
Compliance Statements 6.2.1.1.3. Viewing Port Group Information Page This page displays the status of all currently configured port group. Non-Configurable Data Group Name – The group name of the port group. Internal Ports – List the internal port group members. External Active Ports – List the external active port group members. External Backup Ports – List the external backup port group members. Link State – The status of the link state of that port group.
Compliance Statements 6.2.1.2 Important Notes Management VLAN 6.2.1.2.1. Configuring Management VLAN Configuration Page Selection Criteria Management VLAN Name - You can use this screen to reconfigure an existing Management VLAN, or to create a new one. Use this pull down menu to select one of the existing Management VLANs, or select 'Create' to add a new one. Configurable Data Management VLAN Name – Specify the Management VLAN Name for the new Management VLAN.
Compliance Statements Important Notes
Compliance Statements Important Notes 6.2.1.2.2. Viewing Management VLAN Information Page This page displays the status of all currently configured Management VLANs. Management VLAN Name - The name of the Management VLAN. It is always named `Management`. VLAN ID - The Management VLAN Identifier (MVID) of the Management VLAN. The range of the VLAN ID is (1 to 4094). Slot/Port - The interface, member of that Management VLAN.
Compliance Statements 6.2.1.3 Important Notes Managing Port Backup 6.2.1.3.1. Configuring Port Backup Configuration Page Two link aggregation groups are associated with one port group as the port group is created. Two link aggregation groups are defined as active and backup port internally. One of two link aggregation groups will be activated at a time. For example, as active link aggregation group is link up, the backup aggregation group will be blocked (no traffic could be sent or received).
Compliance Statements Important Notes 6.2.1.3.2. Viewing Port Backup Status Page The page displays the status of all currently configured port-backup. Non-Configurable Data Name – The name of port group External Active Ports – The configured external active ports. External Backup Ports – The configured external backup ports. Port Backup – Current port backup setting for the port group. Failback time – Time delay to activate the active port if the link of active port is resumed.
Compliance Statements 6.2.2 Important Notes Panel Settings Menu 6.2.2.1 6.2.2.1.1 Configuring Management Session and Network Parameters Viewing Inventory Information Use this panel to display the IBP's Vital Product Data, stored in non-volatile memory at the factory. Non-Configurable Data System Description - The product name of this IBP module. Machine Type - The machine type of this IBP module. Machine Model - The model within the machine type.
Compliance Statements Important Notes
Compliance Statements 6.2.2.1.2 Important Notes Viewing Panel Description Page Configurable Data System Name - Enter the name you want to use to identify this IBP module. You may use up to 31 alpha-numeric characters. The factory default is blank. System Location - Enter the location of this IBP module. You may use up to 31 alpha-numeric characters. The factory default is blank. System Contact - Enter the contact person for this IBP module. You may use up to 31 alpha-numeric characters.
Compliance Statements 6.2.2.1.3 Important Notes Configuring Inband Administration Page The network interface is the logical interface used for in-band connectivity with the IBP module via any of the IBP's front panel ports. The configuration parameters associated with the IBP's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Compliance Statements Important Notes management access. By setting the interface to be granted, IBP will be allowed to access from this interface; on the other hand, if the interface is set to be denied, IBP will not be allowed to access from this interface. Non-Configurable Data Burned-in MAC Address - The burned-in MAC address used for in-band connectivity if you choose not to configure a locally administered address. Status – The status of the interface. Grant or Deny.
Compliance Statements Important Notes
Compliance Statements 6.2.2.1.4 Important Notes Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a telnet session before the session is logged off. You may enter any number from 1 to 160. The factory default is 5. Maximum Number of Telnet Sessions - Use the pulldown menu to select how many simultaneous telnet sessions will be allowed. The maximum is 5, which is also the factory default.
Main Menu 6.2.2.1.5 Web-Based Management Interface Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed. Default value is 5. Valid Range is (0 to 5). Session Timeout - Specifies the Outbound Telnet login inactivity timeout. Default value is 5. Valid Range is (1 to 160).
Main Menu 6.2.2.1.6 Web-Based Management Interface Configuring Serial Port Page Configurable Data Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port connection before the IBP closes the connection. Enter a number between 0 and 160: the factory default is 5. Entering 0 disables the timeout. Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu.
Main Menu 6.2.2.1.7 Web-Based Management Interface Defining User Accounts Page By default, two user accounts exist: admin, with 'Read/Write' privileges guest, with 'Read Only' privileges By default, the password for admin is “admin”, and password for guest is blank. The names are case insensitive.
Main Menu Web-Based Management Interface Command Buttons Submit - Update the IBP module with the values on this screen. If you want the IBP module to retain the new values across a power cycle, you must perform a save. Delete - Delete the currently selected user account. If you want the IBP module to retain the new values across a power cycle, you must perform a save. This button is only visible when you have selected a user account with 'Read Only' access. You cannot delete the 'Read/Write' user.
Main Menu 6.2.2.1.8 Web-Based Management Interface Defining DHCP Client Configuring DHCP Restart Page This command issues a BOOTP or DHCP client request for any IP interface that has been set to BOOTP or DHCP mode via the IP address command. DHCP requires the server to reassign the client's last address if available. If the BOOTP or DHCP server has been moved to a different domain, the network portion of the address provided to the client will be based on this new domain.
Main Menu 6.2.2.1.9 Web-Based Management Interface Defining SNMP Configuring SNMP Community Configuration Page By default, two SNMP Communities exist: private, with 'Read/Write' privileges and status set to enable public, with 'Read Only' privileges and status set to enable These are well-known communities, you can use this menu to change the defaults or to add other communities. Only the communities that you define using this menu will have access to the IBP using the SNMPv1 and SNMPv2c protocols.
Main Menu Web-Based Management Interface new values across a power cycle, you must perform a save. Configuring SNMP Trap Receiver Configuration Page This menu will display an entry for every active Trap Receiver. Configurable Data SNMP Community Name - Enter the community string for the SNMP trap packet to be sent to the trap manager. This may be up to 16 characters and is case sensitive.
Main Menu Web-Based Management Interface Viewing SNMP supported MIBs Page This is a list of all the MIBs supported by the IBP module. Non-configurable Data Name - The RFC number if applicable and the name of the MIB. Description - The RFC title or MIB description. Command Buttons Refresh - Update the data.
Main Menu Web-Based Management Interface
Main Menu Web-Based Management Interface 6.2.2.1.10 Configuring SNTP Configuring SNTP Global Configuration Page Configurable Data Client Mode - Specifies the mode of operation of SNTP Client. An SNTP client may operate in one of the following modes. • Disable- SNTP is not operational. No SNTP requests are sent from the client nor are any received SNTP messages processed. • Unicast- SNTP operates in a point to point fashion.
Main Menu Web-Based Management Interface Viewing SNTP Global Status Page Non-Configurable Data Version - Specifies the SNTP Version the client supports. Supported Mode - Specifies the SNTP modes the client supports. Multiple modes may be supported by a client. Last Update Time - Specifies the local date and time (UTC) the SNTP client last updated the system clock. Last Attempt Time - Specifies the local date and time (UTC) of the last SNTP request or receipt of an unsolicited message.
Main Menu Web-Based Management Interface Address Type - Specifies the address type of the SNTP Server address for the last received valid packet. Server Stratum - Specifies the claimed stratum of the server for the last received valid packet. Reference Clock Id - Specifies the reference clock identifier of the server for the last received valid packet. Server Mode - Specifies the mode of the server for the last received valid packet.
Main Menu Web-Based Management Interface Allowed types are : • • Unknown IPV4 Default value is Unknown Port - Specifies the port on the server to which SNTP requests are to be sent. Allowed range is (1 to 65535). Default value is 123. Priority - Specifies the priority of this server entry in determining the sequence of servers to which SNTP requests will be sent. The client continues sending requests to different servers until a successful response is received or all servers are exhausted.
Main Menu Web-Based Management Interface Last Attempt Time - Specifies the local date and time (UTC) that this SNTP server was last queried. Last Attempt Status - Specifies the status of the last SNTP request to this server. If no packet has been received from this server, a status of Other is displayed. • • Other None of the following enumeration values. Success The SNTP operation was successful and the system time was updated.
Main Menu Web-Based Management Interface 6.2.2.2 Configuring IBP Interface 6.2.2.2.1 Interface Configuration Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data Physical Mode - Use the pulldown menu to select the port's speed and duplex mode. If you select auto the duplex mode and speed will be set by the auto-negotiation process. Note that the port's maximum capability (full duplex and 100 Mbps) will be advertised.
Main Menu 6.2.2.2.2 Web-Based Management Interface Viewing Interface Configuration Page This screen displays the status for all ports in the box. Non-Configurable Port Status Data Slot/Port - Identifies the port Port Type - For normal ports this field will be blank. Otherwise the possible values are: Mon - this port is a monitoring port. Look at the Port Monitoring screens for more information. LAG - the port is a member of a Link Aggregation trunk. Look at the LAG screens for more information.
Main Menu Refresh – Refresh the configuration value again.
Main Menu Web-Based Management Interface 6.2.2.3 Managing System Utilities 6.2.2.3.1 Panel Reset Page Command Buttons Reset - Select this button to reboot the IBP. Any configuration changes you have made since the last time you issued a save will be lost. You will be shown a confirmation screen after you select the button. 6.2.2.3.2 Reset All Configuration to Defaults Page Command Buttons Reset - Clicking the Reset button will reset all of the system login passwords to their default values.
Overview 6.2.2.3.4 Web-Based Management Interface Downloading Specific Files to Panel Page Use this menu to download a file to the Panel. Configurable Data File Type - Specify what type of file you want to download: Script - specify configuration script when you want to update the IBP’s script file. CLI Banner - Specify the banner that you want to display before user login to the IBP. Code – Specify code when you want to upgrade the operational flash.
Overview 6.2.2.3.5 Web-Based Management Interface Uploading Specific Files from Panel Page Use this menu to upload a code, configuration, or log file from the IBP. Configurable Data File Type - Specify the type of file you want to upload. The available options are Script, Code, CLI Banner, Configuration, Error Log, Buffered Log, and Trap Log. The factory default is Error Log. TFTP Server IP Address - Enter the IP address of the TFTP server. The factory default is 0.0.0.
Overview 6.2.2.3.6 Web-Based Management Interface Defining Configuration and Runtime Startup File Page Specify the file used to start up the system. Configurable Data Configuration File - Configuration files. Runtime File - Run-time operation codes. Command Buttons Submit - Send the updated screen to the IBP and specify the file start-up. 6.2.2.3.7 Removing Specific File Page Delete files in flash. If the file type is used for system startup, then this file cannot be deleted.
Overview 6.2.2.3.8 Web-Based Management Interface Copying Running Configuration to Panel Page Use this menu to copy a start-up configuration file from the running configuration file on IBP. Configurable Data File Name - Enter the name you want to give the file being copied. You may enter up to 32 characters. The factory default is blank. Non-Configurable Data The last row of the table is used to display information about the progress of the file copy.
Overview Command Buttons Submit - This will initiate the ping.
Overview 6.2.3 Web-Based Management Interface Security Menu 6.2.3.1 Managing RADIUS 6.2.3.1.1 Configuring RADIUS Configuration Page Configurable Data Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted. The valid range is 1 - 15. Consideration to maximum delay time should be given when configuring RADIUS maxretransmit and RADIUS timeout.
Overview 6.2.3.1.2 Web-Based Management Interface Viewing Radius Statistics Page Non-Configurable Data Invalid Server Addresses - The number of RADIUS Access-Response packets received from unknown addresses. Command Buttons Refresh - Update the information on the page. 6.2.3.1.3 Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured. Select add to add a server.
Overview Web-Based Management Interface Non-Configurable Data Current - Indicates if this server is currently in use as the authentication server. Secret Configured - Indicates if the shared secret for this server has been configured. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. Remove - Remove the selected server from the configuration.
Overview Web-Based Management Interface malformed access-responses. Bad Authenticators - The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests - The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts - The number of authentication timeouts to this server.
Overview Web-Based Management Interface Secret - Specifies the shared secret to use with the specified accounting server. This field is only displayed if the user has READWRITE access. Apply - The Secret will only be applied if this box is checked. If the box is not checked, anything entered in the Secret field will have no affect and will not be retained. This field is only displayed if the user has READWRITE access.
Overview Web-Based Management Interface that contained invalid authenticators received from this accounting server. Pending Requests - Displays the number of RADIUS Accounting-Request packets sent to this server that have not yet timed out or received a response. Timeouts - Displays the number of accounting timeouts to this server. Unknown Types - Displays the number of RADIUS packets of unknown type that were received from this server on the accounting port.
Overview Web-Based Management Interface 6.2.3.2 Defining TACACS Configuration 6.2.3.2.1 Configuring TACACS Configuration Page Use this menu to configure the parameters for TACACS+, which is used to verify the login user's authentication. Note that only a user with Read/Write access privileges may change the data on this screen. Configurable Data Authen. State - TACACS+ administration mode which are Enable and Disable. Server ID - The TACACS+ server index which are 1, 2, and 3. Authen.
Overview Web-Based Management Interface 6.2.3.3 Defining Secure HTTP Configuration 6.2.3.3.1 Secure HTTP Configuration Page Configurable Data Admin Mode - This field is used to enable or disable the Administrative Mode of Secure HTTP. The currently configured value is shown when the web page is displayed. The default value is disabled. TLS Version 1 - This field is used to enable or disable Transport Layer Security Version 1.0. The currently configured value is shown when the web page is displayed.
Overview Web-Based Management Interface 6.2.3.4 Defining Secure Shell Configuration 6.2.3.4.1 Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH. The currently configured value is shown when the web page is displayed. The default value is Disable. SSH Version 1 - This select field is used to Enable or Disable Protocol Level 1 for SSH.
Overview Web-Based Management Interface
Overview 6.2.4 Web-Based Management Interface Extended Configuration Menu 6.2.4.1 Viewing System Logs 6.2.4.1.1 Viewing Buffered Log Configuration Page This log stores messages in memory based upon the settings for message component and severity. On stackable systems, this log exists only on the top of stack platform. Other platforms in the stack forward their messages to the top of stack log. Configurable Data Admin Status - A log that is "Disabled" shall not log messages.
Overview Web-Based Management Interface Aug 24 05:34:05 by line 318 of file mstp_api.c. This is the 237th message logged. Messages logged to a collector or relay via syslog have an identical format to the above message. Note for buffered log Number of log messages displayed: For the buffered log, only the latest 128 entries are displayed on the webpage Command Buttons Refresh - Refresh the page with the latest log entries. Clear Log - Clear all entries in the log. 6.2.4.1.
Overview 6.2.4.1.4 Web-Based Management Interface Configuring Console Log Page This allows logging to any serial device attached to the host. Configurable Data Admin Status -A log that is "Disabled" shall not log messages. A log that is "Enabled" shall log messages. Enable or Disable logging by selecting the corresponding line on the pulldown entry field. Severity Filter - A log records messages equal to or above a configured severity threshold.
Overview Web-Based Management Interface events. After the event is logged and the updated log is saved in FLASH memory, the IBP module will be reset. The log can hold at least 2,000 entries (the actual number depends on the platform and OS), and the oldest one will be erased when an attempt is made to add an entry after it is full. The event log is preserved across system resets. Non-Configurable Data Entry - The number of the entry within the event log. The most recent entry is first.
Overview Web-Based Management Interface -Error (3): error conditions -Warning (4): warning conditions -Notice(5): normal but significant conditions -Informational(6): informational messages -Debug(7): debug-level messages Command Buttons Submit - Update the IBP with the values you entered. Refresh - Refetch the database and display it again starting with the first entry in the table. Delete - Delete a configured host. 6.2.4.1.
Overview Web-Based Management Interface
Main Menu Web-Based Management Interface 6.2.4.1.8 Viewing Login Session Page Non-Configurable Data ID - Identifies the ID of this row. User Name - Shows the user name of user who made the session. Connection From - Shows the IP from which machine the user is connected. Idle Time - Shows the idle session time. Session Time - Shows the total session time. Session Type – Shows the type of session: telnet, serial or SSH. Command Buttons Refresh - Update the information on the page.
CLI Mode-based Topology Reference Command 6.2.4.2 Viewing Statistics 6.2.4.2.2 Viewing the Panel Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this IBP. Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets).
CLI Mode-based Topology Reference Command Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this IBP since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this IBP. Time Since Counters Last Cleared - The elapsed time, in days, hours, minutes, and seconds, since the statistics for this IBP were last cleared.
CLI Mode-based Topology Reference Command Packets Received with Errors - The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. Packets Transmitted Without Errors - The total number of packets transmitted out of the interface. Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested to be transmitted to the Broadcast address, including those that were discarded or not sent.
CLI Mode-based Topology Reference Command Packets RX and TX 64 Octets - The total number of packets (including bad packets) received or transmitted that were 64 octets in length (excluding framing bits but including FCS octets). Packets RX and TX 65-127 Octets - The total number of packets (including bad packets) received or transmitted that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
CLI Mode-based Topology Reference Command Packets Received 128-255 Octets - The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 256-511 Octets - The total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
Main Menu Web-Based Management Interface Rx FCS Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets Overruns - The total number of frames discarded as this port was overloaded with incoming packets, and could not keep up with the inflow.
Main Menu Web-Based Management Interface Total Packets Transmitted Successfully - The number of frames that have been transmitted by this port to its segment. Unicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
CLI Mode-based Topology Reference Command
CLI Mode-based Topology Reference Command
Main Menu 6.2.4.2.5 Web-Based Management Interface Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter. Total Packets Received without Errors - The total number of packets received that were without errors.
CLI Mode-based Topology Reference Command 6.2.4.3 Managing Access Control (802.1x) 6.2.1.1.2 Defining Access Control Page Configurable Data Administrative Mode - This selector lists the two options for administrative mode: enable and disable. The default value is disabled. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. 6.2.1.1.
CLI Mode-based Topology Reference Command EAP Request/Identity frame to the supplicant. The transmit period must be a number in the range of 1 to 65535. The default value is 30. Changing the value will not change the configuration until the Submit button is pressed. Supplicant Timeout - This input field allows the user to enter the supplicant timeout for the selected port.
CLI Mode-based Topology Reference 6.2.1.1.4 Command Viewing each Port Access Control Configuration Information Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data Control Mode - Displays the configured control mode for the specified port.
CLI Mode-based Topology Reference Command Server Timeout - This field displays the configured server timeout for the selected port. The server timeout is the value, in seconds, of the timer used by the authenticator on this port to timeout the authentication server. The server timeout is a value in the range of 1 to 65535. Maximum Requests - This field displays the configured maximum requests for the selected port.
CLI Mode-based Topology Reference Command "Timeout" "Initialize" "Idle" Command Buttons Refresh - Update the information on the page. 6.2.1.1.5 Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Control Mode - This field indicates the configured control mode for the port. Possible values are: Force Unauthorized: The authenticator port access entity (PAE) unconditionally sets the controlled port to unauthorized.
CLI Mode-based Topology Reference Command Reauthentication Enabled - This field shows whether reauthentication of the supplicant for the specified port is allowed. The possible values are 'true' and 'false'. If the value is 'true' reauthentication will occur. Otherwise, reauthentication will not be allowed. Port Status - This field shows the authorization status of the specified port. The possible values are 'Authorized' and 'Unauthorized'. Command Buttons Refresh - Update the information on the page.
CLI Mode-based Topology Reference 6.2.1.1.6 Command Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Non-Configurable Data EAPOL Frames Received - This displays the number of valid EAPOL frames of any type that have been received by this authenticator.
CLI Mode-based Topology Reference 6.2.1.1.7 Command Defining Access Control User Login Page Selection Criteria Users - Selects the user name that will use the selected login list for 802.1x port security. Configurable Data Login - Selects the login to apply to the specified user. All configured logins are displayed.
CLI Mode-based Topology Reference 6.2.1.1.8 Command Defining Each Port Access Privileges Page Selection Criteria Port - Selects the port to configure. Configurable Data Users - Selects the users that have access to the specified port or ports. Command Buttons Submit - Sends the updated screen to the IBP and causes the changes to take effect on the IBP but these changes will not be retained across a power cycle unless a save is performed. Refresh - Update the information on the page. 6.2.1.1.
CLI Mode-based Topology Reference Command
CLI Mode-based Topology Reference Command 6.2.1.2 Managing IP Filter 6.2.1.2.2 IP Filter Configuration Page Management IP filter designates stations that are allowed to make configuration changes to the IBP. Select up to five management stations used to manage the IBP.
CLI Mode-based Topology Reference Command 6.2.1.3 Managing Authentication Configuration 6.2.1.3.2 Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method(s) you want used to validate IBP or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.
CLI Mode-based Topology Reference Command perform a save. 6.2.1.3.3 Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this row. Method List - The ordered list of methods configured for this login list. Login Users - The users you assigned to this login list on the User Login Configuration screen. This list is used to authenticate the users for system login access. 802.
CLI Mode-based Topology Reference Command User Login Configuration screen. If you need to create a new login list for the user, you would do so on the Login Configuration screen. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete. All newly created users are also assigned to the defaultList until you specifically assign them to a different list.
CLI Mode-based Topology Reference 7 Command Command Reference The Command Line Interface (CLI) syntax, conventions, and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 7.1 CLI Command Format Commands are followed by values, parameters, or both. Example 1 ip address [] • Ip address is the command name. • are the required values for the command.
CLI Mode-based Topology 7.2 Command Reference CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes like this: "System Name with Spaces". Parameters may be mandatory values, optional values, choices, or a combination. – . The <> angle brackets indicate that a mandatory parameter must be entered in place of the brackets and text inside them.
CLI Mode-based Topology MacAddr Command Reference YY:YY:YY:YY:YY:YY hexidecimal digit pairs Double quotation marks such as "System Name with Spaces" set off user defined strings. If the operator wishes to use spaces as part of a name parameter then it must be enclosed in double quotation marks. Empty strings (““) are not valid user defined strings. Command completion finishes spelling the command when enough letters of a command are typed to uniquely identify the command word.
System Information and Statistics commands 7.3 7.3.1 Command Reference System Information and Statistics commands show arp This command displays connectivity between the IBP and other devices. The Address Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the IBP. Syntax show arp Default Setting None Command Mode Privileged Exec Display Message MAC Address: A unicast MAC address for which the IBP has forwarding and/or filtering information.
Management Commands Command Reference Privileged Exec Display Message Current Time displays system time 7.3.3 show eventlog This command displays the event log, which contains error messages from the system, in the Primary Management System . The event log is not cleared on a system reset. Syntax show eventlog Default Setting None Command Mode Privileged Exec Display Message File: The file in which the event originated. Line: The line number of the event. Task Id: The task ID of the event.
Management Commands Command Reference name extension of “.scr”, the output will be redirected to a script file. Syntax show running-config [all] [] [all] - enable the display/capture of all commands with settings/configurations that include values that are same as the default values. - redirect the output to the file . Default Setting None Command Mode Privileged Exec 7.3.5 show sysinfo This command displays IBP brief information and MIBs supported.
Management Commands 7.3.6 Command Reference show system This command displays IBP system information. Syntax show system Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to identify this IBP. System Object ID: The manufacturing ID System Information System Up Time: The time in days, hours and minutes since the last IBP reboot. System Name: Name used to identify the IBP. System Location: Text used to identify the location of the IBP.
Management Commands Command Reference Privileged Exec Display Message System Description: Text used to identify the product name of this IBP. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Product Data. Serial Number: The unique box serial number for this IBP. Label Revision Number: The label revision serial number of this IBP is used for manufacturing purposes. Part Number: Manufacturing part number.
Management Commands Command Reference running on the IBP. For example, if the major version was 2 and the minor version was 4, the format would be '2.4'. Operating Code Version: The release version maintenance number of the code currently running on the IBP. For example, if the major version was 2 and the minor version was 4, the format would be '2.4'. Boot Rom Version: The release version maintenance number of the boot rom code currently running on the IBP.
Management Commands 7.4 Command Reference Device Configuration Commands 7.4.1 Interface 7.4.1.1 show interface status This command displays the Port monitoring information for the system. Syntax show interface status { | all} - is the desired interface number. all - This parameter displays information for all interfaces. Default Setting None Command Mode Privileged Exec Display Message Intf: The physical slot and physical port.
Management Commands 7.4.1.2 Command Reference show interface This command displays the Port monitoring information for the system. Syntax show interface - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message Intf: The physical slot and physical port. Type: If not blank, this field indicates that this port is a special type of port. The possible values are: PC Mbr - This port is a member of a port-channel (LAG).
Management Commands Command Reference all - This command displays statistics information for all interfaces. Default Setting None Command Mode Privileged Exec Display Message The display parameters when the argument is '' are as follows: Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.
Management Commands Command Reference Syntax show interface counters detailed { | switchport} - is the desired interface number. switchport - This parameter specifies whole IBP or all interfaces.
Management Commands Command Reference received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets RX and TX 512-1023 Octets: The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).
Management Commands Command Reference Packets Transmitted 65-127 Octets: The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 128-255 Octets: The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
Management Commands Command Reference seconds since the statistics for this port were last cleared. The display parameters when the argument is ‘switchport’ are as follows: Total Packets Received (Octets): The total number of octets of data received by the processor (excluding framing bits but including FCS octets). Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor.
Management Commands 7.4.1.4 Command Reference show interface IBP This command displays a summary of statistics for all CPU traffic. Syntax show interface IBP Default Setting None Command Mode Privileged Exec Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor. Broadcast Packets Received: The total number of packets received that were directed to the broadcast address.
Management Commands 7.4.1.5 Command Reference interface This command is used to enter Interface configuration mode. Syntax interface - is the desired interface number. Default Setting None Command Mode Global Config 7.4.1.6 interface range This command is used to enter Interface range configuration mode. Syntax .
Management Commands 7.4.1.7 Command Reference speed-duplex This command is used to set the speed and duplex mode for the interface. Syntax speed-duplex {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full-duplex - Full duplex half-duplex - Half duplex Default Setting None Command Mode Interface Config This command is used to set the speed and duplex mode for all interfaces.
Management Commands 7.4.1.8 Command Reference negotiate This command enables automatic negotiation on a port. The default value is enabled. Syntax negotiate no negotiate no - This command disables automatic negotiation on a port. Default Setting Enable Command Mode Interface Config This command enables automatic negotiation on all interfaces. The default value is enabled. Syntax negotiate all no negotiate all all - This command represents all interfaces.
Management Commands 7.4.1.9 Command Reference capabilities This command is used to set the capabilities on specific interface. Syntax capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Full duplex half-duplex - Half duplex no - This command removes the advertised capability with using parameter.
Management Commands 7.4.1.10 Command Reference description This command is used to add a description for the interface. Syntax description - Up to 64 characters describing this interface. Default Setting None Command Mode Interface Config 7.4.1.11 storm-control flowcontrol This command enables 802.3x flow control for all interfaces on the IBP. Note: This command only applies to full-duplex mode ports.
Management Commands Command Reference Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disables 802.3x flow control for the specific interface. Default Setting Disabled Command Mode Interface Config 7.4.2 L2 MAC Address and Multicast Forwarding Database Tables 7.4.2.1 show mac-addr-table This command displays the forwarding database entries. If the command is entered with no parameter, the entire table is displayed.
Management Commands Command Reference information. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes. In an SVL system, the MAC address will be displayed as 6 bytes. Note: This software version only supports IVL systems. Interface: The port on which this L2 MAC address was learned. if Index: This object indicates the if Index of the interface table entry associated with this port.
Management Commands 7.4.2.3 Command Reference show mac-address-table multicast This command displays the MFDB information. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the all parameter. The user can display the table entry for one MAC Address by specifying the MAC address as an optional parameter.
Management Commands 7.4.2.4 Command Reference show mac-address-table stats This command displays the MFDB statistics. Syntax show mac-address-table stats Default Setting None Command Mode Privileged Exec Display Message Max MFDB Table Entries: This displays the total number of entries that can possibly be in the MFDB. Most MFDB Entries Since Last Reset: This displays the largest number of entries that have been present in the Multicast Forwarding Database table.
Management Commands 7.4.2.6 Command Reference mac-address-table aging-time This command configures the forwarding database address aging timeout in seconds. Syntax mac-address-table aging-time <10-1000000> no mac-address-table aging-time <10-1000000> <10-1000000> - aging-time (Range: 10-1000000) in seconds no - This command sets the forwarding database address aging timeout to 300 seconds. Default Setting 300 Command Mode Global Config 7.4.3 Management VLAN 7.4.3.
Management Commands Command Reference External ports: Indicates by slot id and port number which port belongs to this management VLAN. 7.4.3.2 Mgmt-vlan This command is used to create or delete an management VLAN Syntax mgmt-vlan no mgmt-vlan - A string associated with this Management VLAN as a convenience. It can be up to 32 alphanumeric characters, and can not be blank. - Management VLAN ID. VLAN ID range is from 1 to 4094.
Management Commands 7.4.4 Command Reference IGMP Snooping 7.4.4.1 Show Commands 7.4.4.1.1 show igmp snooping This command displays IGMP Snooping information. Syntax show igmpsnooping Default Setting None Command Mode Privileged Exec Display Message Name: This indicates the name of port group. IGMP Snooping: This displays the IGMP snooping is enabled or disabled. 7.4.4.2 Configuration Commands 7.4.4.2.1 igmpsnooping This command enables IGMP Snooping on a port group.
Management Commands 7.4.5 Command Reference Port Channel 7.4.5.1 lacp This command enables Link Aggregation Control Protocol (LACP) on a port group. Syntax lacp no lacp - The name of a port group which the LACP to be enabled or disabled. no - This command disables Link Aggregation Control Protocol (LACP) on a port. Default Setting Disable Command Mode Global Config 7.4.5.
Management Commands 7.4.6 Command Reference Port Group 7.4.6.1 Show Commands This command display the port group information. Syntax show port-group [] - The name of a port group which user want to display. Default Setting None Command Mode Privileged Exec Display Message Name: This indicates the name of port group. Internal Ports:. External Active Ports: External Backup Ports: Link State: Port Backup: IGMP snooping: 7.4.6.2 7.4.6.2.
Management Commands Command Reference None Command Mode Global Config This command is used to add or remove a port to/form a port group. Syntax port-group no port-group - A string associated with port group as a convenience. It can be up to 32 alphanumeric characters, and can not be blank. no - This command remove a port from a port group. Default Setting None Command Mode Interface Config 7.4.7 Port Backup 7.4.7.
Management Commands Command Reference Port Backup:. This indicates port-backup is enabled or disabled. External Active Ports: This indicates which ports are in active-port list. External Backup Ports: This indicates which ports are in backup-port list. 7.4.7.2 7.4.7.2.
Management Commands Command Reference This command is used to move a port from active-port list to backup-port list. Syntax port-backup no port-backup no - This command move the port to active-port list. Restriction: users are not allowed to move the last member of active port to backup port. Default Setting None Command Mode Interface Config 7.4.8 Link State 7.4.8.1 Show Commands This command display the linkstate information.
Management Commands 7.4.8.2 7.4.8.2.1 Command Reference Configuration Commands linkstate This command is used to enable or disable linkstate for a port group Syntax linkstate no linkstate - A string associated with port group as a convenience. It can be up to 32 alphanumeric characters, and can not be blank. no - This command disable linkstate for an existing port group.
Management Commands 7.5 7.5.1 Command Reference Management Commands Network Commands 7.5.1.1 show ip interface This command displays configuration settings associated with the IBP's network interface. The network interface is the logical interface used for in-band connectivity with the IBP via any of the IBP's front panel ports. The configuration parameters associated with the IBP's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.
Management Commands Command Reference Display Message IP default gateway: The default gateway for this IP interface. The factory default value is 0.0.0.0 7.5.1.3 show ip filter This command displays management IP filter status and all designated management stations. Syntax show ip filter Default Setting None Command Mode Privileged Exec Display Message Index: The index of stations. IP Address: The IP address of stations that are allowed to make configuration changes to the IBP. 7.5.1.
Management Commands Command Reference 1518 Command Mode Interface Config 7.5.1.5 ip address This command sets the IP Address, and subnet mask. The IP Address and the gateway must be on the same subnet. Syntax ip address [] no ip address - IP address - Subnet Mask - Inband Administration VLAN ID, range is from 1~4094. no - Restore the default IP address and Subnet Mask Default Setting IP address: 0.0.0.0 Subnet Mask: 0.0.0.
Management Commands Command Reference < gateway > - IP address of the default gateway no - Restore the default IP address of the default gateway Default Setting IP address: 0.0.0.0 Command Mode Global Config 7.5.1.7 ip address protocol This command specifies the network configuration protocol to be used. If you modify this value, the change is effective immediately. Syntax ip address protocol {{bootp | dhcp []} | none} - Obtains IP address from BOOTP.
Management Commands Syntax ip address mgmt-vlan - VLAN ID (Range: 1 – 4094). Default Setting VLAN ID: 1. Command Mode Global Config 7.5.1.9 ip filter This command is used to enable the IP filter function. Syntax ip filter no ip filter no – Disable ip filter. Default Setting Disabled Command Mode Global Config This command is used to set an IP address to be a filter.
Management Commands Command Reference Syntax ip filter no ip filter - Configure a IP address to be a filter. No - Remove this filter IP address. Default Setting None Command Mode Global Config 7.5.2 Serial Interface Commands 7.5.2.1 show line console This command displays serial communication settings for the IBP.
Management Commands Command Reference Control is always disabled. Stop Bits: The number of Stop bits per character. The number of Stop bits is always 1. Parity: The Parity Method used on the Serial Port. The Parity Method is always None. Password Threshold: When the logon attempt threshold is reached on the console port, the system interface becomes silent for a specified amount of time before allowing the next logon attempt. (Use the silent time command to set this interval.
Management Commands 7.5.2.4 Command Reference exec-timeout This command specifies the maximum connect time (in minutes) without console activity. A value of 0 indicates that a console can be connected indefinitely. The time range is 0 to 160. Syntax exec-timeout <0-160> <0-160> - max connect time (Range: 0 -160). no - This command sets the maximum connect time (in minutes) without console activity to 5. Default Setting 5 Command Mode Line Config 7.5.2.
Management Commands 7.5.2.6 Command Reference silent-time This command uses to set the amount of time the management console is inaccessible after the number of unsuccessful logon tries exceeds the threshold value. Syntax Silent-time <0-65535> <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default. Default Setting 0 Command Mode Line Config 7.5.3 Telnet Session Commands 7.5.3.
Management Commands Command Reference Default Setting None Command Mode Privileged Exec 7.5.3.2 show line vty This command displays telnet settings. Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout. May be specified as a number from 0 to 160.
Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely. The time is a decimal value from 0 to 160. Note: Changing the timeout value for active sessions does not become effective until the session is reaccessed.
Management Commands Command Reference password-threshold <0-120> no password-threshold - max threshold (Range: 0 - 120). no - This command sets the maximum value to the default. Default Setting 3 Command Mode Telnet Config 7.5.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be established. A value of 0 indicates that no remote connection can be established. The range is 0 to 5.
Management Commands Command Reference Syntax sessions no sessions no - This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established. Default Setting Enabled Command Mode Telnet Config 7.5.3.8 telnet sessions This command regulates new outbound telnet connections. If enabled, new outbound telnet sessions can be established until it reaches the maximum number of simultaneous outbound telnet sessions allowed.
Management Commands Command Reference This command specifies the maximum number of simultaneous outbound telnet sessions. A value of 0 indicates that no outbound telnet session can be established. Syntax telnet maxsessions <0-5> no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5. Default Setting 5 Command Mode Global Config 7.5.3.10 telnet exec-timeout This command sets the outbound telnet session timeout value in minute.
Management Commands Command Reference Global Config 7.5.3.11 show telnet This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode User Exec, Privileged Exec Display Message Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound telnet session is allowed to remain inactive before being logged off. A value of 0, which is the default, results in no timeout.
Management Commands Command Reference SNMP community parameters). Syntax show snmp Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entry grants access. A valid entry is a case-sensitive alphanumeric string of up to 16 characters. Each row of this table must contain a unique community name. Client IP Address: An IP address (or portion thereof) from which this device will accept SNMP packets with the associated community.
Management Commands Command Reference Command Mode Privileged Exec Display Message Authentication Flag: May be enabled or disabled. The factory default is enabled. Indicates whether authentication failure traps will be sent. Link Up/Down Flag: May be enabled or disabled. The factory default is enabled. Indicates whether link status traps will be sent. Multiple Users Flag: May be enabled or disabled. The factory default is enabled.
Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.4.5 snmp-server contact This command sets the organization responsible for the network. The range for contact is from 1 to 31 alphanumeric characters. Syntax snmp-server contact - Range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode Global Config 7.5.4.6 snmp-server community This command adds (and names) a new SNMP community.
Management Commands Command Reference - community name (up to 16 case-sensitive characters). no - This command removes this community name from the table. The name is the community name to be deleted. Default Setting Two default community names: public and private. You can replace these default community names with unique identifiers for each community. The default values for the remaining four community names are blank. Command Mode Global Config This command activates an SNMP community.
Management Commands Command Reference This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 255.255.255.255 will allow access from only one station, and will use that machine's IP address for the client IP Address. A value of 0.0.0.0 will allow access from any IP address.
Management Commands Command Reference Command Mode Global Config 7.5.4.7 snmp-server host This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 0.0.0.0 allows access from any IP address.
Management Commands Command Reference Default Setting Enabled Command Mode Global Config This command enables Link Up/Down traps for the entire IBP. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled (see ‘snmp trap link-status’ command). Syntax snmp-server enable traps linkmode no snmp-server enable traps linkmode no - This command disables Link Up/Down traps for the entire IBP.
Management Commands Command Reference Enabled Command Mode Global Config 7.5.5 SNMP Trap Commands 7.5.5.1 show snmptrap This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Network Manager. These messages alert the manager to events occurring within the IBP or on the network. Six trap receivers are simultaneously supported.
Management Commands 7.5.5.2 Command Reference snmp trap link-status This command enables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. See ‘snmpserver enable traps linkmode’ command. Syntax snmp trap link-status no snmp trap link-status no - This command disables link status traps by interface. Note: This command is valid only when the Link Up/Down Flag is enabled. (See ‘snmpserver enable traps linkmode’ command.
Management Commands Command Reference Default Setting Disabled Command Mode Global Config 7.5.5.3 snmptrap This command adds an SNMP trap name. The maximum length of the name is 16 case-sensitive alphanumeric characters. Syntax snmptrap no snmptrap - SNMP trap name (Range: up to 16 case-sensitive alphanumeric characters). - an IP address of the trap receiver. no - This command deletes trap receivers for a community.
Management Commands Command Reference snmptrap ipaddr - SNMP trap name. - an original IP address. - a new IP address. Default Setting None Command Mode Global Config 7.5.5.5 snmptrap mode This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps).
Management Commands Command Reference This command displays the http settings for the IBP. Syntax show ip http Default Setting None Command Mode Privileged Exec Display Message HTTP Mode (Unsecure): This field indicates whether the HTTP mode is enabled or disabled. HTTP Port: This field specifies the port configured for HTTP. HTTP Mode (Secure): This field indicates whether the administrative mode of secure HTTP is enabled or disabled. Secure Port: This field specifies the port configured for SSLT.
Management Commands 7.5.6.3 Command Reference ip http port This command is used to set the http port where port can be 1-65535 and the default is port 80. Syntax ip http port <1-65535> no ip http port <1-65535> - HTTP Port value. no - This command is used to reset the http port to the default value. Default Setting 80 Command Mode Global Config 7.5.6.4 ip http server This command enables access to the IBP through the Web interface.
Management Commands Command Reference Command Mode Global Config 7.5.6.5 ip http secure-port This command is used to set the SSLT port where port can be 1-65535 and the default is port 443. Syntax ip http secure-port no ip http secure-port - SSLT Port value. no - This command is used to reset the SSLT port to the default value. Default Setting 443 Command Mode Global Config 7.5.6.6 ip http secure-server This command is used to enable the secure socket layer for secure HTTP.
Management Commands Command Reference Global Config 7.5.6.7 ip http secure-protocol This command is used to set protocol levels (versions). The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3. Syntax ip http secure-protocol [protocollevel2] no ip http secure-protocol [protocollevel2] - The protocol level can be set to TLS1, SSL3 or to both TLS1 and SSL3.
Management Commands Command Reference Display Message Administrative Mode: This field indicates whether the administrative mode of SSH is enabled or disabled. Protocol Levels: The protocol level may have the values of version 1, version 2, or both versions. SSH Sessions Currently Active: This field specifies the current number of SSH connections. Max SSH Sessions Allowed: The maximum number of inbound SSH sessions allowed on the IBP.
Management Commands Command Reference Default Setting SSH1 and SSH2 Command Mode Global Config 7.5.7.4 ip ssh maxsessions This command specifies the maximum number of SSH connection sessions that can be established. A value of 0 indicates that no ssh connection can be established. The range is 0 to 5. Syntax ip ssh maxsessions <0-5> no ip ssh maxsessions <0-5> - maximum number of sessions.
Management Commands Command Reference Syntax ip ssh timeout <1-160> no ip ssh timeout <1-160> - timeout interval in seconds. no - This command sets the SSH connection session timeout value, in minutes, to the default. Changing the timeout value for active sessions does not become effective until the session is reaccessed. Any keystroke will also activate the new timeout duration. Default Setting 5 Command Mode Global Config 7.5.8 DHCP Client Commands 7.5.8.
Management Commands Syntax ip dhcp client-identifier {text | hex } no ip dhcp client-identifier - A text string. (Range: 1-15 characters). - The hexadecimal value (00:00:00:00:00:00). no - This command is used to restore to default value.
Management Commands 7.5.9 Command Reference LOCK Commands 7.5.9.1 lock This command locks the http access to the IBP and registers the passed “lock_identifier” with this lock. When the lock is set, the Web-GUI presents a message that access to this IBP is currently not possible, bcause it is managed by another application. Use the no form to restore to default value. Syntax lock [EXCLUSIVE] no lock {|ALL} < lock_identifier > - A alphanumeric string.
Management Commands Command Reference If you want to remove this lock, this Blade server must not be managed by any Virtual IO Manager. In order to release the lock without using the Virtual IO Manager issue the command "no lock " for each lock identifier that is registered.” Command Mode Global Config 7.5.9.3 lock_reset This command resets the IBP to unlock status, and restore all lock configuration. Syntax lock_reset Default Setting None Command Mode Global Config 7.5.9.
SNTP (Simple Network Time Protocol) Commands 7.6 System Log Management Commands 7.6.1 Show Commands Command Reference 7.6.1.1 show logging This command displays logging. Syntax Show logging Default Setting None Command Mode Privileged Exec Display Message Logging Client Local Port The port on the collector/relay to which syslog messages are sent CLI Command Logging The mode for CLI command logging. Console Logging The mode for console logging.
SNTP (Simple Network Time Protocol) Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Message: The message that has been logged. Note: Message log information is not retained across a system reset. 7.6.3 show logging traplog This command displays the trap log maintained by the IBP. The trap log contains a maximum of 256 entries that wrap.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax show logging hosts Default Setting None Command Mode Privileged Exec Display Message Index (used for deleting) IP Address IP Address of the configured server. Severity The minimum severity to log to the specified address. Port Server Port Number.This is the port on the local host from which syslog messages are sent. Status The state of logging to configured syslog hosts. If the status is disable, no logging occurs. 7.6.
SNTP (Simple Network Time Protocol) Commands Command Reference This command enables wrapping of in-memory logging when full capacity reached. Otherwise when full capacity is reached, logging stops. Syntax logging buffered wrap no logging buffered wrap no - This command disables wrapping of in-memory logging when full capacity reached. Default Setting None Command Mode Privileged Exec 7.6.4.2 logging console This command enables logging to the console.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.6.4.3 logging host This command enables logging to a host where up to eight hosts can be configured. Syntax logging host [ ] [[ | <0-7>]] - IP address of the log server. - Port number.
SNTP (Simple Network Time Protocol) Commands Command Reference This command reconfigures the IP address of the log server. Syntax logging host reconfigure < hostindex > - Index of the log server. - New IP address of the log server. Default Setting None Command Mode Privileged Exec 7.6.4.4 logging syslog This command enables syslog logging. Syntax logging syslog no logging syslog no - Disables syslog logging.
SNTP (Simple Network Time Protocol) Commands Syntax logging syslog port no logging syslog port no - Resets the local logging port to the default. Default Setting None Command Mode Privileged Exec 7.6.4.5 clear logging buffered This command clears all in-memory log.
SNTP (Simple Network Time Protocol) Commands 7.7 Script Management Commands 7.7.1 script apply Command Reference This command applies the commands in the configuration script to the IBP. The apply command backs up the running configuration and then starts applying the commands in the script file. Application of the commands stops at the first failure of a command. Syntax script apply - The name of the script to be applied.
SNTP (Simple Network Time Protocol) Commands 7.7.3 Command Reference script list This command lists all scripts present on the IBP as well as the total number of files present. Syntax script list Default Setting None Command Mode Privileged Exec 7.7.4 script show This command displays the content of a script file. Syntax script show - Name of the script file.
SNTP (Simple Network Time Protocol) Commands 7.8 User Account Management Commands 7.8.1 Show Commands Command Reference 7.8.1.1 show users This command displays the configured user names and their settings. This command is only available for users with readwrite privileges. The SNMPv3 fields will only be displayed if SNMP is available on the system.
SNTP (Simple Network Time Protocol) Commands Command Reference This command adds a new user (account) if space permits. The account can be up to eight characters in length. The name may be comprised of alphanumeric characters as well as the dash (‘-’) and underscore (‘_’). The is not case-sensitive. Six user names can be defined. This command changes the password of an existing operator. User password should not be more than eight characters in length.
SNTP (Simple Network Time Protocol) Commands Command Reference - is the login user name. md5 - md5 authentication method. sha - sha authentication method. none - no use authentication method. no - This command sets the authentication protocol to be used for the specified login user to none. The is the login user name for which the specified authentication protocol will be used. Default Setting No authentication Command Mode Global Config 7.8.2.
SNTP (Simple Network Time Protocol) Commands 7.9 Security Commands 7.9.1 Show Commands Command Reference 7.9.1.1 show users authentication This command displays all users and all authentication login information. It also displays the authentication login list assigned to the default user. Syntax show users authentication Default Setting None Command Mode Privileged Exec Display Message User: This field lists every user that has an authentication login list assigned.
SNTP (Simple Network Time Protocol) Commands Command Reference Authentication Login List: This displays the authentication login listname. Method 1: This displays the first method in the specified authentication login list, if any. Method 2: This displays the second method in the specified authentication login list, if any. Method 3: This displays the third method in the specified authentication login list, if any. 7.9.1.
SNTP (Simple Network Time Protocol) Commands Command Reference Privileged Exec Display Message Administrative mode: Indicates whether authentication control on the IBP is enabled or disabled. 7.9.1.5 show dot1x detail This command is used to show a summary of the global dot1x configuration and the detailed dot1x configuration for a specified port. Syntax show dot1x detail - is the desired interface number.
SNTP (Simple Network Time Protocol) Commands Command Reference this port will retransmit an EAPOL EAP Request/Identity before timing out the supplicant. The value will be in the range of 1 to 10. Reauthentication Period: The timer used by the authenticator state machine on this port to determine when reauthentication of the supplicant takes place. The value is expressed in seconds and will be in the range of 1 to 65535. Reauthentication Enabled: Indicates if reauthentication is enabled on this port.
SNTP (Simple Network Time Protocol) Commands Command Reference EAP Response Frames Received: The number of valid EAP response frames (other than resp/id frames) that have been received by this authenticator. EAP Request/Id Frames Transmitted: The number of EAP request/identity frames that have been transmitted by this authenticator. EAP Request Frames Transmitted: The number of EAP request frames (other than request/identity frames) that have been transmitted by this authenticator.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax show dot1x users - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message User: Users configured locally to have access to the specified port. 7.9.1.9 show radius-servers This command is used to display items of the configured RADIUS servers.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax show radius Default Setting None Command Mode Privileged Exec Display Message Current Server IP Address: Indicates the configured server currently in use for authentication Number of configured servers: The configured IP address of the authentication server Number of retransmits: The configured value of the maximum number of times a request packet is retransmitted Timeout Duration: The configured timeout value, in seconds, for request
SNTP (Simple Network Time Protocol) Commands Command Reference Secret Configured: Yes or No If the optional token 'statistics ' is included, the statistics for the configured RADIUS accounting server are displayed. The IP address parameter must match that of a previously configured RADIUS accounting server. The following information regarding the statistics of the RADIUS accounting server is displayed.
SNTP (Simple Network Time Protocol) Commands Command Reference Privileged Exec Display Message If an IP address is not specified then only the Invalid Server Addresses field is displayed. Otherwise, the other listed fields are displayed. Invalid Server Addresses: The number of RADIUS Access-Response packets received from unknown addresses. Server IP Address: The IP address of radius server.
SNTP (Simple Network Time Protocol) Commands Command Reference Privileged Exec Display Message Admin Mode: Displays TACACS administration mode.
SNTP (Simple Network Time Protocol) Commands Command Reference Privileged Exec Display Message Port Security Administration Mode: Port lock mode for the entire system. This command shows the port-security settings for a particular interface or all interfaces. Syntax show port-security { | all } Default Setting None Command Mode Privileged Exec Display Message Intf Interface Number. Interface Admin Mode Port Locking mode for the Interface.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax show port-security static Default Setting None Command Mode Privileged Exec Display Message MAC address Statically locked MAC address. This command displays the source MAC address of the last packet that was discarded on a locked port. Syntax show port-security violation Default Setting None Command Mode Privileged Exec Display Message MAC address MAC address of discarded packet on locked ports. 7.9.
SNTP (Simple Network Time Protocol) Commands Command Reference list of methods are set in the authentication login list. If the authentication login list does not exist, a new authentication login list is first created and then the authentication methods are set in the authentication login list. The maximum number of authentication login methods is three. The possible method values are local, radius, reject, and tacacs.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax username defaultlogin - an authentication login list. Default Setting None Command Mode Global Config 7.9.2.3 username login This command assigns the specified authentication login list to the specified user for system login. The must be a configured and the must be a configured login list.
SNTP (Simple Network Time Protocol) Commands 7.9.3 Command Reference Dot1x Configuration Commands 7.9.3.1 dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is 'auto'. If the control mode is not 'auto' an error will be returned. Syntax dot1x initialize - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.9.3.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.3.3 dot1x login This command assigns the specified authentication login list to the specified user for 802.1x port security. The parameter must be a configured user and the parameter must be a configured authentication login list. Syntax dot1x login - is the login user name. - an authentication login list. Default Setting None Command Mode Global Config 7.9.3.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.3.5 dot1x user This command adds the specified user to the list of users with access to the specified port or all ports. The parameter must be a configured user. Syntax dot1x user { | all} no dot1x user { | all} - Is the login user name. - Is the desired interface number. all - All interfaces.
SNTP (Simple Network Time Protocol) Commands Command Reference no - This command sets the authentication mode to be used on all ports to 'auto'. Default Setting auto Command Mode Global Config This command sets the authentication mode to be used on the specified port. The control mode may be one of the following. force-unauthorized: The authenticator PAE unconditionally sets the controlled port to unauthorized.
SNTP (Simple Network Time Protocol) Commands Command Reference dot1x max-req <1-10> no dot1x max-req <1-10> - maximum number of times (Range: 1 – 10). no - This command sets the maximum number of times the authenticator state machine on this port will transmit an EAPOL EAP Request/Identity frame before timing out the supplicant to the default value, that is, 2. Default Setting 2 Command Mode Interface Config 7.9.3.
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax dot1x re-authenticate - is the desired interface number. Default Setting None Command Mode Privileged Exec 7.9.3.10 dot1x timeout This command sets the value, in seconds, of the timer used by the authenticator state machine on this port. Depending on the token used and the value (in seconds) passed; various timeout configurable parameters are set. The following tokens are supported.
SNTP (Simple Network Time Protocol) Commands Command Reference no dot1x timeout {quiet-period | reauth-period | server-timeout | supp-timeout | tx-period} - Value in the range 0 – 65535. no - This command sets the value, in seconds, of the timer used by the authenticator state machine on this port to the default values. Depending on the token used, the corresponding default values are set.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.4.2 radius-server host This command is used to configure the RADIUS authentication and accounting server. If the 'auth' token is used, the command configures the IP address to use to connect to a RADIUS authentication server. Up to 3 servers can be configured per RADIUS client. If the maximum number of configured servers is reached, the command will fail until one of the servers is removed by executing the no form of the command.
SNTP (Simple Network Time Protocol) Commands Command Reference This command is used to configure the shared secret between the RADIUS client and the RADIUS accounting / authentication server. Depending on whether the 'auth' or 'acct' token is used, the shared secret will be configured for the RADIUS authentication or RADIUS accounting server. The IP address provided must match a previously configured server. When this command is executed, the secret will be prompted.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.4.5 radius-server timeout This command sets the timeout value (in seconds) after which a request must be retransmitted to the RADIUS server if no response is received. The timeout value is an integer in the range of 1 to 30. Syntax radius-server timeout no radius-server timeout - the maximum timeout (Range: 1 - 30).
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.4.7 radius-server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client. The primary server is the one that is used by default for handling RADIUS requests. The remaining configured servers are only used if the primary server cannot be reached. A maximum of three servers can be configured on each client. Only one of these servers can be configured as the primary.
SNTP (Simple Network Time Protocol) Commands Command Reference Disabled Command Mode Global Config 7.9.5.2 tacacs mode This command is used to enable/select/disable the TACACS server administrative mode Syntax tacacs mode <1-3> {master | slave} no tacacs mode <1-3> <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to disable it. Default Setting Disabled Command Mode Global Config 7.9.5.3 tacacs server-ip This command is used to configure the TACACS server IP address.
SNTP (Simple Network Time Protocol) Commands Default Setting IP 0.0.0.0 Command Mode Global Config 7.9.5.4 tacacs port This command is used to configure the TACACS server’s service port. Syntax tacacs port <1-3> <1-65535> no tacacs port <1-3> <1-65535> - service port (Range: 1 to 65535). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset port-id to the default value. Default Setting 49 Command Mode Global Config 7.9.5.
SNTP (Simple Network Time Protocol) Commands Command Reference no - This command is used to remove the TACACS server secret key. Default Setting None Command Mode Global Config 7.9.5.6 tacacs retry This command is used to configure the TACACS packet retransmit times. Syntax tacacs retry <1-3> <1-9> no tacacs retry <1-3> <1-9> - retry times (Range: 1 to 9). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset retry value to the default value.
SNTP (Simple Network Time Protocol) Commands Command Reference <1-255> - max timeout (Range: 1 to 255). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset the timeout value to the default value. Default Setting 3 Command Mode Global Config 7.9.6 Port Security Configuration Commands 7.9.6.1 port-security This command enables port locking at the system level (Global Config) or port level (Interface Config).
SNTP (Simple Network Time Protocol) Commands Command Reference Syntax port-security max-dynamic [<0-600>] no port-security max-dynamic no - This command resets the maximum of dynamically locked MAC addresses allowed on a specific port to its default value. Default Setting 600 Command Mode Interface Config 7.9.6.3 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a specific port.
SNTP (Simple Network Time Protocol) Commands Command Reference 7.9.6.4 port-security mac-address This command adds a MAC address to the list of statically locked MAC addresses. Syntax port-security mac-address <1-3965> no port-security mac-address <1-3965> <1-3965> VLAN ID no - This command removes a MAC address from the list of statically locked MAC addresses. Default Setting None Command Mode Interface Config 7.9.6.
SNTP (Simple Network Time Protocol) Commands 7.10 SNTP (Simple Network Time Protocol) Commands 7.10.1 Show Commands Command Reference 7.10.1.1 show sntp This command displays the current time and configuration settings for the SNTP client, and indicates whether the local time has been properly updated. Syntax show sntp Default Setting None Command Mode Privileged Exec Display Message Last Update Time Time of last clock update. Last Unicast Attempt Time Time of last transmit query (in unicast mode).
SNTP (Simple Network Time Protocol) Commands Command Reference SNTP Version The highest SNTP version the client supports. Port SNTP Client Port Client Mode: Configured SNTP Client Mode. Unicast Poll Interval Poll interval value for SNTP clients in seconds as a power of two. Poll Timeout (Seconds) Poll timeout value in seconds for SNTP clients. Poll Retry Poll retry value for SNTP clients. This command displays configured SNTP servers and SNTP server settings.
SNTP (Simple Network Time Protocol) Commands Command Reference This command will set the poll interval for SNTP broadcast clients in seconds as a power of two where can be a value from 6 to 16. Syntax sntp broadcast client poll-interval <6-10> no sntp broadcast client poll-interval <6-10> - The range is 6 to 16. no - This command will reset the poll interval for SNTP broadcast client back to its default value. Default Setting 6 Command Mode Global Config 7.10.2.
SNTP (Simple Network Time Protocol) Commands Command Reference Global Config 7.10.2.3 sntp client port This command will set the SNTP client port id and polling interval in seconds. Syntax sntp client port [<6-10>] no sntp client port - SNTP client port id. <6-10> - Polling interval. It's 2^(value) seconds where value is 6 to 10. no - Resets the SNTP client port id. Default Setting The default portid is 123. Command Mode Global Config 7.10.2.
SNTP (Simple Network Time Protocol) Commands Command Reference Default Setting The default value is 6. Command Mode Global Config 7.10.2.5 sntp unicast client poll-timeout This command will set the poll timeout for SNTP unicast clients in seconds. Syntax sntp unicast client poll-timeout no sntp unicast client poll-timeout < poll-timeout > - Polling timeout in seconds. The range is 1 to 30. no - This command will reset the poll timeout for SNTP unicast clients to its default value.
SNTP (Simple Network Time Protocol) Commands Command Reference Default Setting The default value is 1. Command Mode Global Config 7.10.2.7 sntp server This command configures an SNTP server (with a maximum of three) where the server address can be an ip address or a domain name and the address type either ipv4 or dns. The optional priority can be a value of 1-3, the version is a value of 1-4, and the port id is a value of 1-65535.
錯誤! 找不到參照來源。 Command Reference 7.10.2.9 This command sets the time zone for the IBP’s internal clock. Syntax sntp clock timezone <0-12> <0-59> {before-utc | after-utc} - Name of the time zone, usually an acronym. (Range: 1-15 characters) <0-12> - Number of hours before/after UTC. (Range: 0-12 hours) <0-59> - Number of minutes before/after UTC. (Range: 0-59 minutes) before-utc - Sets the local time zone before (east) of UTC. after-utc - Sets the local time zone after (west) of UTC.
錯誤! 找不到參照來源。 Command Reference Command Mode Privileged Exec 7.11.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.11.1.3 clear eventlog This command is used to clear the event log, which contains error messages from the system. Syntax clear eventlog Default Setting None Command Mode Privileged Exec 7.11.1.4 clear logging buffered This command is used to clear the message log maintained by the IBP.
錯誤! 找不到參照來源。 Command Reference Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.11.1.5 clear config This command resets the configuration to the factory defaults without powering off the IBP. The IBP is automatically reset when this command is processed. You are prompted to confirm that the reset should proceed. Syntax clear config Default Setting None Command Mode Privileged Exec 7.11.1.
錯誤! 找不到參照來源。 Command Reference Default Setting None Command Mode Privileged Exec 7.11.1.7 clear mac address table This command clear all dynamic mac address from the mac address table of IBP. Syntax clear mac-addr-table dynamic Default Setting None Command Mode Privileged Exec 7.11.1.8 clear counters This command clears the stats for a specified or for all the ports or for the entire IBP based upon the argument.
錯誤! 找不到參照來源。 Command Reference 7.11.1.9 clear port-group This command resets port group configuration parameters and management VLAN parameters to the factory defaults. Syntax clear port-group Default Setting None Command Mode Privileged Exec 7.11.1.10 enable passwd This command changes Privileged EXEC password. Syntax enable passwd Default Setting None Command Mode Global Config. 7.11.1.
錯誤! 找不到參照來源。 Command Reference Command Mode Privileged Exec 7.11.1.12 clear ip filter This command is used to clear all ip filter entries. Syntax clear ip filter Default Setting None Command Mode Privileged Exec 7.11.1.13 clear dot1x statistics This command resets the 802.1x statistics for the specified port or for all ports. Syntax clear dot1x statistics {all | } - is the desired interface number. all - All interfaces.
錯誤! 找不到參照來源。 Command Reference 7.11.1.14 clear radius statistics This command is used to clear all RADIUS statistics. Syntax clear radius statistics Default Setting None Command Mode Privileged Exec 7.11.1.15 clear tacacs This command is used to clear TACACS configuration. Syntax clear tacacs Default Setting None Command Mode Privileged Exec 7.11.2 copy This command uploads and downloads to/from the IBP. Local URLs can be specified using tftp or xmodem.
錯誤! 找不到參照來源。 Command Reference The command can also be used to download ssh key files as sshkey-rsa, sshkey-rsa2, and sshkey-dsa and http secure-server certificates as sslpem-root, sslpem- server, sslpem-dhweak, and sslpem-dhstrong. Files upload to PC Syntax copy startup-config copy {errorlog | log | traplog} copy script where ={xmodem | tftp://ipaddr/path/file} - The filename of a configuration file or a script file.
錯誤! 找不到參照來源。 Command Reference - name of the image file or the script file. - xmodem or tftp://ipaddr/path/file. sshkey-rsa1 - SSH RSA1 Key file. sshkey-rsa2 - SSH RSA2 Key file. sshkey-dsa - SSH DSA Key file. sslpem-root - Secure Root PEM file. sslpem-server - Secure Server PEM file. sslpem-dhweak - Secure DH Weak PEM file. sslpem-dhstrong - Secure DH Strong PEM file.
錯誤! 找不到參照來源。 Command Reference This command upload or download the pre-login banner file Syntax copy clibanner copy clibanner no clibanner - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner. Default Setting None Command Mode Privileged Exec 7.11.3 delete This command is used to delete a configuration or image file. Syntax delete - name of the configuration or image file. Default Setting None Command Mode Privileged Exec 7.11.
Command Reference 錯誤! 找不到參照來源。 Syntax dir [boot-rom | config | opcode [] ] - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec Display Message Column Heading date file name file type startup size 7.11.5 Description The date that the file was created. The name of the file. File types: Boot-Rom, Operation Code, and Config file.
錯誤! 找不到參照來源。 Command Reference This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} - name of the configuration or image file. boot-rom - bootrom. config - configuration file. opcode - run time operation code. Default Setting None Command Mode Privileged Exec 7.11.7 ping This command checks if another computer is on the network and listens for connections.
錯誤! 找不到參照來源。 Command Reference Ping on changing parameter value Syntax ping count <0-20000000> [size <32-512>] ping size <32-512> [count <0-20000000>] - an IP address. <0-20000000> - number of pings (Range: 0 - 20000000). Note that 0 means infinite. - packet size (Range: 32 - 512). Default Setting Count = 5 Size = 32 Command Mode Privileged Exec 7.11.
錯誤! 找不到參照來源。 Command Reference Privileged Exec 7.11.9 logging cli-command This command enables the CLI command Logging feature. The Command Logging component enables the IBP to log all Command Line Interface (CLI) commands issued on the system. Syntax Logging cli-command Default Setting None Command Mode Global Config 7.11.10 calendar set This command is used to set the system clock.
錯誤! 找不到參照來源。 Command Reference 7.11.11 reload This command resets the IBP without powering it off. Reset means that all network connections are terminated and the boot code executes. The IBP uses the stored configuration to initialize the system. You are prompted to confirm that the reset should proceed. A successful reset is indicated by the LEDs on the IBP. Syntax reload Default Setting None Command Mode Privileged Exec 7.11.
錯誤! 找不到參照來源。 Command Reference <0-11> - telnet session ID. all - all telnet sessions. Default Setting None Command Mode Privileged Exec 7.11.14 hostname This command is used to set the prompt string. Syntax hostname < prompt_string > - Prompt string. Default Setting vty-0 Command Mode Global Config 7.11.15 quit This command is used to exit a CLI session.
錯誤! 找不到參照來源。 7.12 Command Reference DHCP Commands 7.12.1 ip dhcp restart Submit a DHCP client request. Syntax ip dhcp restart Default Setting None Command Mode Global Config 7.12.2 ip dhcp client-identifier This commands specifies the DHCP client identifier for the IBP. Syntax ip dhcp client-identifier {text | hex } - A text string which length is 1 to 15. - A hex string which format is XX:XX:XX:XX:XX:XX (X is 0-9, A-F).
Using SNMP 8 Using SNMP SNMP (Simple Network Management Protocol) is a communication protocol designed specifically for managing devices or other elements on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
Supported MIBs 8.2 Using SNMP Supported MIBs The standard MIBs are listed in the following table. Public MIB NAME MIB FIles IEEE 802.1x IEEE8021-PAE-MIB dot1x.my IEEE 802.3ad LAG-MIB dot3ad.my RFC 1213 RFC1213-MIB mib-2.my Specifications RFC 2011 IP-MIB RFC2011 ip-icmp.my RFC 1493 BRIDGE-MIB bridge.my RFC 1643 ETHERLIKE-MIB etherlike.my RFC 1907 SNMPv2-MIB v2-mib.my RFC 2233 IF-MIB if.my RFC 2571 SNMP-FRAMEWORK-MIB v3-arch.my RFC 2572 SNMP-MPD-MIB v3-mpd.
Supported MIBs Using SNMP RFC 3814 MPLS-FTN-MIB mpls_ftn.my RFC 2932 IPMROUTE-STD-MIB ipmroute.my RFC 1354 IP-FORWARD-MIB ipforward.my RFC 2213 INTEGRATED-SERVICES-MIB intserv.my RFC 3291 INET-ADDRESS-MIB inetaddress.my RFC 2933 and RFC 3019 MGMD-STD-MIB igmp.my RFC 1573 IANAifType-MIB iftype.my RFC 2677 IANA-ADDRESS-FAMILY-NUMBERS-MIB ianaaddr.my The private enterprise MIB is listed below. Private MIB names MIB files FSC-SWITCH-MIB lvl7ref.my KEYING-PRIVATE-MIB fastpath_keying.
Supported Traps 8.3 Using SNMP Accessing MIB Objects MIB objects represent features of the IBP that an SNMP application can control and manage. One example is the RFC-2233 IF-MIB group which you can use to get or set the port configuration by reading or writing to different variables in this MIB group. The variables supported by this group are listed in the following table.
Supported MIBs Using SNMP ifOutOctets Yes RO ifOutUcastPkts Yes RO ifOutNUcastPkts Yes RO ifOutDiscards NO RO ifOutErrors Yes RO ifOutQLen NO RO ifSpecific NO RO ifXTable Index: ifIndex ifName Yes RO ifInMulticastPkts Yes RO ifInBroadcastPkts Yes RO ifOutMulticastPkts Yes RO ifOutBroadcastPkts Yes RO ifHCInOctets Yes RO ifHCInUcastPkts Yes RO ifHCInMulticastPkts Yes RO ifHCInBroadcastPkts Yes RO ifHCOutOctets Yes RO ifHCOutUcastPkts Yes RO ifHCOutMu
Supported MIBs ifStackTable Using SNMP Indicies: ifStackHigherLayer ifStackLowerLayer ifStackStatus No RC ifRcvAddressTable Indicies: ifIndex ifRcvAddressAddress ifRcvAddressStatus No RC ifRcvAddressType No RC ifTestTable Index: ifTestId ifTestStatus No RW ifTestType No RW ifTestResult No RW ifTestCode No RO ifTestOwner No RW
Supported MIBs 8.4 Using SNMP Supported Traps SNMP traps supported include the following items: RFC No.
Default Settings 9 Default Settings 9.1 The overview system default settings The default settings for the system module are shown in the following table. Management CLI serial port / telnet / ssh HTTP Java Applet / SSL3.0 , TLS 1.0 SNMP v1/v2c/v3 Enterprise MIBs / Standard MIBs / RMON Management VLAN VLAN 1 WEB Management HTTP Mode (Unsecure): Enabled HTTP Port: 80 Traps Authentication Flag............................ Enable Link Up/Down Flag..............................
Supported MIBs Using SNMP SSL HTTP Mode (Secure): Disabled Secure Port: 443 Secure Protocol Level(s): TLS1 SSL3 802.1X Port Authent. disable RADIUS Client disable IGMP Snooping disable 802.3ad enable SNTP Client disable TACACS disable StormControl enable Link State disable Port-Backup disable SNMP 9.2 The default settings for all the configuration commands The default settings for all the configuration commands are shown in the following table.
Supported MIBs Using SNMP username username defaultlogin defaultList dot1x no dot1x system-auth-control dot1x default-login defaultList Radius no radius accounting mode radius-server retransmit 4 radius-server timeout 5 telnet telnet sessions telnet exec-timeout 5 telnet maxsessions 5 snmp-server snmp-server host 0.0.0.0 public snmp-server community ipmask 0.0.0.0 public snmp-server community ro public snmp-server host 0.0.0.0 private snmp-server community ipmask 0.0.0.
Supported MIBs Using SNMP line console mode line console exec-timeout 5 baudrate 9600 password-threshold 3 silent-time 0 line vty sessions exec-timeout 5 maxsessions 5 password-threshold 3 router rip enable distance rip 15 split-horizon simple no auto-summary hostroutesaccept no default-information originate no redistribute connected no redistribute static no redistribute ospf negotiate negotiate lacp no lacp dot1x dot1x port-control auto no dot1x re-authentication dot1x timeout quiet-period 60
Supported MIBs Using SNMP SSL Secure DH Strong PEM Secure DH Weak PEM Secure Root PEM Secure Server PEM
Accessing the Management Interface 10 Troubleshooting and Tips Troubleshooting and Tips If you are having problems connecting to the network, check your network cabling to ensure that the device in question is properly connected to the network. Then refer to verify that the corresponding port on the IBP is functioning properly. If you are having problems connecting to the management interface, refer to the troubleshooting chart. 10.
Supported MIBs Using SNMP 10.2 Accessing the Management Interface You can access the management interface for the IBP from anywhere within the attached network using Telnet, a Web browser, or any SNMP-based network management software. If you are having trouble accessing the management interface, then refer to the troubleshooting information displayed in the following table.