HP High-End Firewalls Getting Started Command Reference Part number: 5998-2636 Software version: F1000-E/Firewall module: R3166 F5000-A5: R3206 Document version: 6PW101-20120706
Legal and notice information © Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents Logging in to the firewall commands·························································································································· 1 Login management configuration commands ················································································································ 1 activation-key ···························································································································································· 1 auto-execute c
acsei server ···························································································································································· 36 acsei server enable ··············································································································································· 37 acsei timer clock-sync ············································································································································ 37 acsei
CLI configuration commands ····································································································································· 81 command-alias enable ·········································································································································· 81 command-alias mapping ······································································································································ 81 command-privilege level ·
Logging in to the firewall commands Login management configuration commands activation-key Syntax activation-key character undo activation-key View User interface view Default level 3: Manage level Parameters character: Shortcut key for starting a terminal session, a single character (or its corresponding ASCII code value that ranges from 0 to 127) or a string of 1 to 3 characters. However, only the first character functions as the shortcut key.
* Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** User interface con0 is available. Please press ENTER. • At this moment, pressing Enter does not start a session. To start the terminal session, enter s instead.
CAUTION: The auto-execute command command may disable you from configuring the system through the user interface to which the command is applied. Before configuring the command and saving the configuration (by using the save command), make sure that you can access the device through VTY, TTY, console, or AUX interfaces to remove the configuration when a problem occurs. Examples # Configure the device to automatically telnet to 192.168.1.41 after a user logs in to interface VTY 0.
Default level 3: Manage level Parameters none: Performs no authentication. password: Performs local password authentication. scheme: Performs AAA authentication. Description Use the authentication-mode command to set the authentication mode for the user interface. Use the undo authentication-mode command to restore the default. By default, the authentication mode for AUX user interfaces is password, that for VTY user interfaces is scheme, and that for console and user interfaces is none.
Default level 3: Manage level Parameters None Description Use the command accounting command to enable command accounting. Use the undo command accounting command to restore the default. By default, command accounting is disabled. The accounting server does not record the commands that users have executed. When command accounting is enabled and command authorization is not, every executed command is recorded on the HWTACACS server.
system-view [Sysname] user-interface vty 0 [Sysname-ui-vty0] command authorization databits Syntax databits { 5 | 6 | 7 | 8 } undo databits View User interface view Default level 2: System level Parameters 5: Sets 5 data bits for each character. 6: Sets 6 data bits for each character. 7: Sets 7 data bits for each character. 8: Sets 8 data bits for each character. Description Use the databits command to set data bits for each character. Use the undo databits command to restore the default.
Parameters None Description Use the display ip http command to display HTTP information. Examples # Display information about HTTP..
Basic ACL: 2222 Current connection: 0 Operation status: Running Table 2 Output description Field Description HTTPS port Port number used by the HTTPS service SSL server policy The SSL server policy associated with the HTTPS service Certificate access-control-policy The certificate attribute access control policy associated with the HTTPS service Basic ACL The basic ACL number associated with the HTTPS service Current connection Number of current connections Operation status, which takes the foll
View Any view Default level 1: Monitor level Parameters num1: Absolute number of a user interface. num2: Relative number of a user interface. summary: Displays summary about user interfaces. Description Use the display user-interface command to display information about the specified or all user interfaces.
Field Description Privi Indicates the command level of a user under that user interface Auth Authentication mode for the users, which can be A, P, L, and N. Int The physical port that corresponds to the user interface. (The detailed port information is available for TTY user interfaces. For user interfaces of console ports, AUX ports, and VTY interfaces, - is displayed.
display users Syntax display users [ all ] View Any view Default level 1: Monitor level Parameters all: Displays information about all user interfaces that the device supports. Description Use the display users command to display information about the user interfaces that are being used. Use the display users all command to display information about all user interfaces supported by the device. Examples # Display information about the user interfaces that are being used.
Field Description Location IP address of the user F The current user works in asynchronous mode escape-key Syntax escape-key { default | character } undo escape-key View User interface view Default level 3: Manage level Parameters character: Specifies the shortcut key for terminating a task, a single character (or its corresponding ASCII code value in the range 0 to 127) or a string of 1 to 3 characters. Only the first character of a string functions as the shortcut key.
# Ping the IP address of 192.168.1.49 and use the -c keyword to specify the number of ICMP echo packets to be sent as 20. ping -c 20 192.168.1.49 PING 192.168.1.49: 56 data bytes, press a to break Reply from 192.168.1.49: bytes=56 Sequence=1 ttl=255 time=3 ms Reply from 192.168.1.49: bytes=56 Sequence=2 ttl=255 time=3 ms # Enter a. The task terminates immediately and the system returns to system view. --- 192.168.1.49 ping statistics --2 packet(s) transmitted 2 packet(s) received 0.
free user-interface Syntax free user-interface { num1 | { aux | console | vty } num2 } View User view Default level 3: Manage level Parameters num1: Absolute number of a user interface and typically starts from 0. num2: Relative number of a user interface. Description Use the free user-interface command to release the connection(s) established on the specified user interface. This command cannot release the connection that you are using.
Default level 2: System level Parameters size-value: Specifies the maximum number of history commands that the buffer can store. The value ranges from 0 to 256. Description Use the history-command max-size command to set the size of the history command buffer of the current user interface. Use the undo history-command max-size command to restore the default. By default, the buffer saves 10 history commands.
NOTE: • The system automatically terminates the user’s connection(s) if there is no information interaction between the device and the users within the idle timeout time. • Setting idle-timeout to zero disables the timer. In this case, connections are maintained unless you terminate them. Examples # Set the idle-timeout timer to 1 minute and 30 seconds.
ip http enable Syntax ip http enable undo ip http enable View System view Default level 2: System level Parameters None Description Use the ip http enable command to enable the HTTP service. Use the undo ip http enable command to disable the HTTP service. The device can act as the HTTP server that can be accessed only after the HTTP service is enabled. Related commands: display ip http. Examples # Enable the HTTP service. system-view [Sysname] ip http enable # Disable the HTTP service.
Verify that the port number is not used by another service, because this command does not check for conflicts with configured port numbers. Related commands: display ip http. Examples # Configure the port number of the HTTP service as 8080. system-view [Sysname] ip http port 8080 ip https acl Syntax ip https acl acl-number undo ip https acl acl-number View System view Default level 3: Manage level Parameters acl-number: ACL number, which ranges from 2000 to 2999.
View System view Default level 3: Manage level Parameters policy-name: Name of the certificate attribute access control policy, a string of 1 to 16 characters. Description Use the ip https certificate access-control-policy command to associate the HTTPS service with a certificate attribute access control policy. Use the undo ip https certificate access-control-policy command to remove the association. By default, the HTTPS service is not associated with any certificate attribute access control policy.
• If no local certificate exists, the SSL negotiation triggers a certificate application process that often fails because it times out. If that happens, execute the ip https enable command multiple times to start the HTTPS service. Related commands: display ip https. Examples # Enable the HTTPS service.
Default level 3: Manage level Parameters policy-name: Name of an SSL server policy, which is a string of 1 to 16 characters. Description Use the ip https ssl-server-policy command to associate the HTTPS service with an SSL server-end policy. Use the undo ip https ssl-server-policy to remove the association. By default, the HTTPS service is not associated with any SSL server-end policy. The HTTPS service can be enabled only after this command is configured successfully.
Again: locked ! Password: parity Syntax parity { even | mark | none | odd | space } undo parity View User interface view Default level 2: System level Parameters even: Performs an even parity check. mark: Performs a mark parity check. none: Performs no parity check. odd: Performs an odd parity check. space: Performs a space parity check. Description Use the parity command to set a parity check method. Use the undo parity command to restore the default.
system-view [Sysname] user-interface aux 0 [Sysname-ui-aux0] parity odd protocol inbound Syntax protocol inbound { all | ssh | telnet } undo protocol inbound View VTY interface view Default level 3: Manage level Parameters all: Supports all the three protocols: Telnet, SSH. ssh: Supports SSH only. telnet: Supports Telnet only. Description Use the protocol inbound command to enable the current user interface to support either Telnet, PAD, SSH, or all of them.
View User interface view Default level 2: System level Parameters screen-length: Number of lines to be displayed on a screen, which ranges from 0 to 512. The value of 0 disables pausing between screens of output. Description Use the screen-length command to set the number of lines to be displayed on a screen. Use the undo screen-length command to restore the default. By default, a screen displays 24 lines. When screen output pauses, press the Space key to display the next screen.
send console 0 Enter message, end with CTRL+Z or Enter; abort with CTRL+C: hello abc^Z Send message? [Y/N]:y *** *** ***Message from con0 to con0 *** hello abc # Assume you are using VTY 0. Before you restart the device, to inform users that are accessing the device through other user interfaces, perform the following steps.
set authentication password Syntax set authentication password { cipher | simple } password undo set authentication password View User interface view Default level 3: Manage level Parameters cipher: Cipher text password. simple: Plain text password. password: A case sensitive string. If the password format is simple, the password argument must be in plain text, and the configuration file saves the password in plain text.
Default level 3: Manage level Parameters None Description Use the shell command to enable terminal services on the current user interface. Use the undo shell command to disable terminal services on the current user interface. • The console user interface does not support the undo shell command. • You cannot disable the terminal services on the user interface through which you are logged in. By default, terminal services are enabled on all user interfaces.
• 38400 bps • 57600 bps • 115200 bps The transmission rate varies with devices and configuration environment. Description Use the speed command to set the transmission rate on the user interface. Use the undo speed command to restore the default transmission rate. By default, the transmission rate is 9600 bps. NOTE: • The command is only applicable to asynchronous serial interfaces (including AUX and console ports).
NOTE: • The command is only applicable to asynchronous serial interfaces (including AUX and console ports). • The stop bits setting must be the identical for the user interfaces of the connecting ports on the device and the target device for communication. Examples # Set the stop bits on the user interface AUX 0 to 1.5. system-view [Sysname] user-interface aux 0 [Sysname-ui-aux0] stopbits 1.
telnet client source Syntax telnet client source { interface interface-type interface-number | ip ip-address } undo telnet client source View System view Default level 2: System level Parameters interface interface-type interface-number: Specifies the source interface. The source IPv4 address of the Telnet packets sent is the IPv4 address of the specified interface. interface-type interface-number represents the interface type and number.
Parameters remote-host: IP address or host name of a remote host, which is a case insensitive string of 1 to 46 characters. -i interface-type interface-number: Specifies the outbound interface for sending Telnet packets, where interface-type interface-number represents the interface type and number. If the destination address is a link-local address, provide the –i interface-type interface-number argument. port-number: TCP port number for the remote host to provide the Telnet service.
View User interface view Default level 2: System level Parameters ansi: Specifies the terminal display type as ANSI. vt100: Specifies the terminal display type as VT100. Description Use the terminal type command to configure the type of terminal display of the current user interface. Use the undo terminal type command to restore the default. By default, the terminal display type is ANSI. The device supports two types of terminal display: ANSI and VT100.
Use the undo user privilege level command to restore the default. By default, the default command level is 3 for the console user interface and 0 for other user interfaces. Examples # Set the command level for users logging in through VTY 0 to 0.
[Sysname] user-interface console 0 [Sysname-ui-console0] # Enter the user interface views of VTYs 0 to 4. system-view [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] OAP module configuration commands oap connect Syntax oap connect slot slot-number View User view Default level 1: Monitor level Parameters slot slot-number: Specifies the number of the slot where an OAP system resides. Description Use the oap connect command to redirect from the device to the OAP module.
Description Use the oap management-ip command to configure the management IP address of an OAP module on the network device. Use the undo oap management-ip command to restore the default. By default, the management IP address of an OAP module is not configured. When you use network management station (NMS) to manage an OAP module, you must first configure the management IP address of the OAP module. Examples # Configure the management IP address of the OAP module in slot 3 as 1.1.1.1.
Default level 2: System level Parameters client-id: ID of the ACSEI client to be closed. An ACSEI client ID is assigned by the ACSEI server, and ranges from 1 to 12. Description Use the acsei client close command to close the specified ACSEI client. Examples # Close ACSEI client 1.
Description Use the acsei server command to enter ACSEI server view. Examples # Enter ACSEI server view. system-view [Sysname] acsei server [Sysname-acsei-server] acsei server enable Syntax acsei server enable undo acsei server enable View System view Default level 2: System level Parameters None Description Use the acsei server enable command to enable ACSEI server. Use the undo acsei server enable command to disable ACSEI server. By default, ACSEI server is disabled.
Parameters minutes: Value of the synchronization timer that is used for clock synchronization from ACSEI server to ACSEI client. It ranges from 0 to 1440 (in minutes), where value 0 specifies to disable the clock synchronization from ACSEI server to ACSEI client. Description Use the acsei timer clock-sync command to set the synchronization timer that is used for clock synchronization from ACSEI server to ACSEI client. Use the undo acsei timer clock-sync command to restore the default.
View Any view Default level 1: Monitor level Parameters client-id: ID of an ACSEI client , which ranges from 1 to 12. Description Use the display acsei client info command to display the ACSEI client information. The client information is retrieved from the advertisement packet sent by the client, so that when there is no ACSEI client information, the command displays the information keywords only.
Harddisk: 40.0 GB Client ID: 2 Client Description: Hardware: System Software: Application Software: CPU: Intel(R) Pentium(R) M processor 1.40GHz PCB Version: 3.00 CPLD Version: 1.00 Bootrom Version: 1.12 CF card: 256 MB Memory: 512 MB Harddisk: 40.
Description Use the display acsei client summary command to display ACSEI client summary information. Summary information of multiple ACSEI clients is displayed in order of registration time. If executed without the client-id argument, the command displays summary information about all the ACSEI clients. Examples # Display the summary of ACSEI client 1.
ACSEI client configuration commands acsei-client enable Syntax acsei-client enable undo acsei-client enable View Interface view Default level 2: System level Parameters None Description Use the acsei-client enable command to enable ACSEI client. Use the undo acsei-client enable command to disable ACSEI client. By default, ACSEI client is disabled. A system can run only one ACSEI client, that is, ACSEI client can be enabled on only one interface at a time.
Examples # Display information about the current ACSEI client. display acsei-client information Client Description: Firewall Hardware: A.0 System Software: COMWAREV500R002B70D013 Application Software: V300R001B01D247SP02 CPU: RMI XLR732 1000MHz PCB Version: A.0 CPLD Version: 1.0 Bootrom Version: Basic BootRom Version:1.02,Extend BootRom Version:1.
Field Description Client-side Interface Interface enabled with ACSEI client Server-side interface: Unknown — 44
Device management commands clock datetime Syntax clock datetime time date View User view Default level 3: Manage level Parameters time: Configured time, in the hh:mm:ss format. The hh value ranges from 00 to 23, the mm value ranges from 00 to 59, and the ss value ranges from 00 to 59. Zeros can be omitted, unless you specify 00:00:00. date: Configured date, in the MM/DD/YYYY or YYYY/MM/DD format.
start-time: Start time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. start-date: Start date, in the MM/DD/YYYY or YYYY/MM/DD format. end-time: End time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. end-date: End date, in the MM/DD/YYYY or YYYY/MM/DD format. add-time: Time added to the standard time of the firewall, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00.
• Enter the year, month and date one by one, separated by spaces. The year ranges from 2000 to 2035; the month can be January, February, March, April, May, June, July, August, September, October, November or December; the start week can be the first, second, third, fourth, fifth or last week of the month; the start date is Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday. end-time: End time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00.
View System view Default level 3: Manage level Parameters zone-name: Time zone name, a case-sensitive string of 1 to 32 characters. add: Adds a specified offset to UTC time. minus: Subtracts a specified offset to UTC time. zone-offset: Offset to the UTC time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. Description Use the clock timezone command to set the local time zone. Use the undo clock timezone command to restore the local time zone to the default UTC time zone.
Use the undo configure-user count command to restore the default. Two users are allowed to configure in system view by default. Related commands: display configure-user. NOTE: • When multiple users enter system view to configure certain attribute, only the last configuration applies. • When the number of users has already reached the limit, other users can not enter system view. Examples # Configure the limit of users as 4.
**************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * **************************************************************************** User interface con0 is available. Please press ENTER. # Disable the display of copyright information.
09:41:23 UTC Thu 12/15/2010 display configure-user Syntax display configure-user View Any view Default level 1: Monitor level Parameters None Description Use the display configure-user command to display the users that have logged in to the firewall and are not in user view. Related commands: configure-user count. Examples # Display the users entering system view at the same time.
verbose: Displays detailed information of CPU usage statistics. If this keyword is provided, the system displays the average CPU usage statistics for each task in the specified period. If this keyword is not provided, the system displays the brief information of the CPU usage statistics. Description Use the display cpu-usage command to display the CPU usage statistics.
Field Description CPU usage info (no: idx:) Information of CPU usage records (no: The (no+1)th record is currently displayed. no numbers from 0, a smaller number equals a newer record. idx: index of the current record in the history record table). If only the information of the current record is displayed, no and idx are not displayed. CPU Usage Stat. Cycle CPU usage measurement interval, in seconds.
• A number sign (#) shows the CPU utilization rate at a time point. If more than one number sign exists at a time point, the highest one represents the CPU utilization rate of the time point. Examples # Display the CPU utilization rates of the whole system.
70%| 65%| 60%| 55%| 50%| 45%| 40%| 35%| 30%| 25%| 20%| 15%| 10%| 5%| # -----------------------------------------------------------10 20 30 40 50 60 (minutes) cpu-usage last 60 minutes(T03M) The output shows the CPU usage of task 6 (with the task name T03M) in the last 60 minutes: • 5%: 20 minutes ago • 2% or lower than 2%: other time display device Syntax display device [ cf-card | usb |verbose ] View Any view Default level 2: System level Parameters cf-card: Displays information about CF c
CPLD :1.0 SubCard Num :3 CFCard Num :2 Usb Num :2 Table 10 Output description Field Description Card status, including Status • Fault • Normal Type Card type Hardware Hardware version of the card Driver Driver version of the card CPLD CPLD version of the card display device manuinfo Syntax display device manuinfo View Any view Default level 3: Manage level Parameters None Description Use the display device manuinfo command to display electrical label information about the firewall.
Table 11 Output description Field Description DEVICE_NAME Device name DEVICE_SERIAL_NUMBER Device serial number MAC_ADDRESS MAC address of the firewall MANUFACTURING_DATE Manufacturing date of the firewall VENDOR_NAME Vendor name display diagnostic-information Syntax display diagnostic-information View Any view Default level 1: Monitor level Parameters None Description Use the display diagnostic-information command to display or save the statistics of the running status of multiple modules i
================================================= ===============display clock=============== ================================================= 08:54:16 UTC Fri 11/15/2008 =================================================== ===============display version=============== =================================================== ……Omitted…… display environment Syntax display environment [ cpu ] View Any view Default level 1: Monitor level Parameters cpu: Displays temperature information of the CPUs on the firew
display fan Syntax display fan [ fan-id ] View Any view Default level 1: Monitor level Parameters fan-id: Displays the operating state of the specified fan, where fan-id represents the built-in fan number. Description Use the display fan command to display the operating state of built-in fans. Examples # Display the operating state of all fans on the firewall.
Table 13 Output description Field Description Job name Name of the scheduled task Specified view View containing the commands in the task Time timeID Execution time of each command in the task Execute command Command string display memory Syntax display memory View Any view Default level 1: Monitor level Parameters None Description Use the display memory command to display the memory usage on the firewall. Examples # Display the memory usage on the firewall.
Default level 1: Monitor level Parameters power-id: Displays the information of the specified PSU, where power-id represents the PSU number. If this argument is not provided, this command displays information about all PSUs. Description Use the display power command to display information about PSUs on the firewall. Examples # Display information about PSUs on the firewall.
display rps Syntax display rps [ rps-id ] View Any view Default level 1: Monitor level Parameters rps-id: Displays the status of the specified RPS, where rps-id represents the RPS number. Description Use the display rps command to display status of the RPS. Examples # Display RPS status of the firewall. display rps RPS 2 State: Normal The output shows that RPS 2 works normally.
display system-failure Syntax display system-failure View Any view Default level 3: Manage level Parameters None Description Use the display system-failure command to display the exception handling method. Related commands: system-failure. Related commands: system-failure. Examples # Display the exception handling method.
RX loss of signal RX power low Table 16 Output description Field Description transceiver current alarm information Current alarm information of the transceiver RX loss of signal Incoming (RX) signal is lost. RX power low Incoming (RX) power level is low.
Field Description Voltage(V) Digital diagnosis parameter-voltage, in V, with the precision to 0.01 V. Bias(mA) Digital diagnosis parameter-bias current, in mA, with the precision to 0.01 mA. RX power(dBM) Digital diagnosis parameter-RX power, in dBM, with the precision to 0.01 dBM. TX power(dBM) Digital diagnosis parameter-TX power, in dBM, with the precision to 0.01 dBM.
Field Description Vendor Name Name of the vendor who customizes the transceiver, that is, HP. display version Syntax display version View Any view Default level 1: Monitor level Parameters None Description Use the display version command to view system version information. By viewing system version information, you can learn about the current software version, rack type and the information related to the main board and interface boards.
text: Banner message, which can be input in two formats. For more information, see Getting Started Guide. Description Use the header command to create a banner. Use the undo header command to clear a banner. Examples # Configure banners. system-view [Sysname] header incoming % Please input banner content, and quit with the character '%'. Welcome to incoming(header incoming)% [Sysname] header legal % Please input banner content, and quit with the character '%'.
job Syntax job job-name undo job job-name View System view Default level 3: Manage level Parameters job-name: Specifies name of the scheduled task, a string of 1 to 32 characters. Description Use the job command to create a scheduled task and enter job view, or enter this view directly if a task is ready. Use the undo job command to remove the task. By default, no scheduled task is created. After creating a scheduled task, you can configure the task in job view.
CAUTION: • Device reboot might result in the interruption of the ongoing services. Use these commands with caution. • If a main boot file fails or does not exist, the firewall cannot be rebooted with the reboot command. In this case, you can re-specify a main boot file to reboot the firewall, or you can power off the firewall, then power it on and the system automatically uses the backup boot file to restart the firewall.
Parameters hh:mm: Reboot time for the firewall, in the hh:mm format. The hh value ranges from 0 to 23, and the mm value ranges from 0 to 59. date: Reboot date for the firewall, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value ranges from 2000 to 2035, the MM value ranges from 1 to 12, and the DD value ranges from 1 to 31. Description Use the schedule reboot at command to enable the scheduled reboot function and specify a specific reboot time and date.
vty0(192.168.1.54): Set schedule reboot parameters at 11:43:11 06/06/2006, and system will reboot at 12:00 06/06/2006. schedule reboot delay Syntax schedule reboot delay { hh:mm | mm } undo schedule reboot View User view Default level 3: Manage level Parameters hh:mm: Reboot wait time, in the hh:mm format. The hh value ranges from 0 to 720, and the mm value ranges from 0 to 59. When the hh value is 720, the mm value cannot be more than 0. mm: Reboot wait time in minutes, which ranges from 0 to 43,200.
%Jun 6 11:48:44:860 2006 Sysname CMD/4/REBOOT: vty0(192.168.1.54): Set schedule reboot parameters at 11:48:44 06/06/2006, and system will reboot at 13:16 06/06/2006. sysname Syntax sysname sysname undo sysname View System view Default level 2: System level Parameters sysname: Name of the firewall, which is a string of 1 to 30 characters. Description Use the sysname command to set the name of the firewall. Use the undo sysname demand to restore the name to the default.
Description Use the system-failure command to configure the exception handling method. By default, the system adopts the reboot method to handle exceptions. Examples # Set the exception handling method to reboot. system-view [Sysname] system-failure reboot temperature-limit Syntax temperature-limit slot-number lower-value upper-value undo temperature-limit slot-number View System view Default level 2: System level Parameters lower-value: Lower temperature limit in Celsius degrees.
Default level 3: Manage level Parameters time timeid: Time setting entry, an integer that ranges from 1 to 10. one-off: Specifies that the command will be executed only once. repeating: Specifies that the command will be repeatedly executed. at time: Specifies the execution time, in the hh:mm format, where the hh value ranges from 0 to 23 and the mm value ranges from 0 to 59. date: Specifies the execution date, in the MM/DD/YYYY or YYYY/MM/DD format.
Related commands: job and view. NOTE: • The commands configured in a scheduled task must belong to the same view. • A scheduled task can be configured with up to 10 commands, each of which corresponds to a unique time ID. If you want more than 10 commands to be executed, configure them into different tasks. Examples # Schedule a task to save the configuration file a.cfg at 3:00 on May 18, 2009.
View Job view Default level 3: Manage level Parameters time timeid: Time setting entry, an integer that ranges from 1 to 10. one-off: Indicates that the command will be executed only once. repeating: Indicates that the command will be repeatedly executed. delay time: Specifies the delay time for executing the command, in the hh:mm format or mm format. • When the time argument is in the hh:mm format, the hh value ranges from 0 to 720, and the mm value ranges from 0 to 59.
view Syntax view view-name undo view View Job view Default level 3: Manage level Parameters view-name: specifies name of the view in which commands in the scheduled task are executed. A view name is a string of 1 to 90 characters. Description Use the view command to specify the view in which the commands contained in the scheduled task are automatically executed. Use the undo view command to remove the configuration. By default, no view is specified for the scheduled task.
User management commands acl Syntax • To use a basic or advanced ACL: acl [ ipv6 ] acl-number { inbound | outbound } undo acl [ ipv6 ] acl-number { inbound | outbound } • To use an Ethernet frame header ACL: acl acl-number inbound undo acl acl-number inbound View VTY user interface view Default level 2: System level Parameters ipv6: When this keyword is present, the command supports IPv6; otherwise, it supports IPv4. acl-number: Number of the access control list (ACL).
The system regards the basic/advanced ACL with the inbound keyword, the basic/advanced ACL with the outbound keyword, Ethernet frame header ACL as four different types of ACLs, which can coexist in one VTY user interface. The match order is basic/advanced ACL, Ethernet frame header ACL. At most one ACL of each type can be referenced in the same VTY user interface, and the last configured one takes effect. Examples # Allow only the user with the IP address of 192.168.1.
user-id: Web user ID, which is a hexadecimal number of eight digits. user-name: Web user name, which is a string of 1 to 80 characters. Description Use the free web-users command to log out web users. Related commands: display web users. Examples # Log out all web users.
CLI configuration commands command-alias enable Syntax command-alias enable undo command-alias enable View System view Default level 2: System level Parameters None Description Use the command-alias enable command to enable the command alias function. Use the undo command-alias enable command to disable the command alias function. By default, the command alias function is disabled. Examples # Enable the command alias function.
alias: Specifies the command alias, which cannot be the same as the first keyword of an existing command. Description Use the command-alias mapping command to configure command aliases. Use the undo command-alias mapping command to delete command aliases. By default, a command has no alias. Examples # Configure command aliases by specifying show as the replacement of the display keyword.
• The command specified in the command-privilege command must be complete, and has valid arguments. For example, the default level of the tftp server-address { get | put | sget } source-filename [ destination-filename ] [ source { interface interface-type interface-number | ip source-ip-address } ] command is 3. After the command-privilege level 0 view shell tftp 1.1.1.1 put a.
display clipboard ---------------- CLIPBOARD----------------display current-configuration display command-alias Syntax display command-alias View Any view Default level 1: Monitor level Parameters None Description Use the display command-alias command to display defined command aliases and the corresponding commands. Examples # Display the defined command aliases and the corresponding commands.
display history-command display history-command system-view vlan 2 quit display hotkey Syntax display hotkey View Any view Default level 1: Monitor level Parameters None Description Use the display hotkey command to display hotkey information. Examples # Display hotkey information.
CTRL_P Display the previous command from the history buffer. CTRL_R Redisplay the current line. CTRL_V Paste text from the clipboard. CTRL_W Delete the word left of the cursor. CTRL_X Delete all characters up to the cursor. CTRL_Y Delete all characters after the cursor. CTRL_Z Return to the User View. CTRL_] Kill incoming connection or redirect connection. ESC_B Move the cursor one word back. ESC_D Delete remainder of word. ESC_F Move the cursor forward one word.
Examples # Associate the hot key Ctrl+T to the display tcp status command. system-view [Sysname] hotkey ctrl_t display tcp status quit Syntax quit View Any view Default level 0: Visit level (in user view) 2: System level (in other views) Parameters None Description Use the quit command to return to a lower-level view. In user view, the quit command terminates the connection and reconnects to the switch.
Examples # Return to user view from GigabitEthernet 0/1 interface view. [Sysname- GigabitEthernet0/1] return screen-length disable Syntax screen-length disable undo screen-length disable View User view Default level 1: Monitor level Parameters None Description Use the screen-length disable command to disable the multiple-screen output function. Use the undo screen-length disable command to enable the multiple-screen output function.
If a level is not specified, the command switches the user privilege level to 3. Command levels include four privileges: visit (0), monitor (1), system (2), and manage (3). You can assign a privilege level according to the user’s need. When logging in to the switch, the user can access the assigned level and all levels below it. Related commands: super password. Examples # Switch to user privilege level 2 (The current user privilege level is 3.).
• Use the simple keyword to set a simple-text password. • Use the cipher keyword to set a cipher-text password. • A cipher-text password is recommended because a simple-text password easily gets cracked. • During authentication, you must input a simple-text password regardless of the password type you set. Examples # Set simple-text password abc for switching to user privilege level 3.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents a firewall chassis or a firewall module. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device.
Index ACDEFHIJLOPQRSTUVW display device manuinfo,56 A display diagnostic-information,57 acl,78 display environment,58 acsei client close,35 display fan,59 acsei client reboot,36 display history-command,84 acsei server,36 display hotkey,85 acsei server enable,37 display ip http,6 acsei timer clock-sync,37 display ip https,7 acsei timer monitor,38 display job,59 acsei-client enable,42 display memory,60 activation-key,1 display power,60 authentication-mode,3 display reboot-type,61 auto-e
ip http enable,17 screen-length disable,88 ip http port,17 send,24 ip https acl,18 set authentication password,26 ip https certificate access-control-policy,18 shell,26 ip https enable,19 speed,27 ip https port,20 stopbits,28 ip https ssl-server-policy,20 Subscription service,91 J super,88 super password,89 job,68 sysname,72 L system-failure,72 lock,21 system-view,90 O T oap connect,34 telnet,29 oap management-ip,34 telnet client source,30 oap reboot,35 telnet ipv6,30 P telnet
