User Manual
Table Of Contents
- Contents
- Introduction
- How to read the command reference
- How to use the commands
- Configuration
- Maintenance and operation functions
- 4.1 Passwords
- 4.2 User account maintenance
- 4.3 Configuration management
- 4.4 Manage boot information
- 4.5 Show unit information
- 4.6 Time management
- 4.7 Terminal settings
- 4.8 Management
- 4.9 SYSLOG
- 4.10 SNMP
- 4.10.1 Set host that receives SNMP notifications
- 4.10.2 Set notification type to transmit
- 4.10.3 Set system contact
- 4.10.4 Set system location
- 4.10.5 Set SNMP community
- 4.10.6 Set SNMP view
- 4.10.7 Set SNMP group
- 4.10.8 Set SNMP user
- 4.10.9 Show SNMP community information
- 4.10.10 Show SNMP view settings
- 4.10.11 Show SNMP group settings
- 4.10.12 Show SNMP user settings
- 4.11 RMON
- 4.11.1 Set RMON function
- 4.11.2 Set RMON Ethernet statistical information group
- 4.11.3 Set RMON history group
- 4.11.4 Set RMON event group
- 4.11.5 Set RMON alarm group
- 4.11.6 Show RMON function status
- 4.11.7 Show RMON Ethernet statistical information group status
- 4.11.8 Show RMON history group status
- 4.11.9 Show RMON event group status
- 4.11.10 Show RMON alarm group status
- 4.11.11 Clear counters of the RMON Ethernet statistical information group
- 4.12 Telnet server
- 4.13 Telnet client
- 4.14 TFTP server
- 4.15 HTTP server
- 4.15.1 Start HTTP server and change listening port number
- 4.15.2 Start secure HTTP server and change listening port number
- 4.15.3 Show HTTP server settings
- 4.15.4 Set hosts that can access the HTTP server
- 4.15.5 Restrict access to the HTTP server according to the IP address of the client
- 4.15.6 Web GUI display language
- 4.15.7 Set log-in timeout time for HTTP server
- 4.16 SSH server
- 4.16.1 Start SSH server and change listening port number
- 4.16.2 Show SSH server settings
- 4.16.3 Set host that can access the SSH server
- 4.16.4 Set client that can access the SSH server
- 4.16.5 Generate SSH server host key
- 4.16.6 Clear SSH server host key
- 4.16.7 Show SSH server public key
- 4.16.8 Set SSH client alive checking
- 4.17 SSH client
- 4.18 E-mail notification
- 4.18.1 SMTP e-mail server settings
- 4.18.2 SMTP e-mail server name settings
- 4.18.3 E-mail notification trigger settings
- 4.18.4 E-mail transmission template settings mode
- 4.18.5 E-mail transmission server ID settings
- 4.18.6 E-mail transmission source address setting
- 4.18.7 Destination e-mail address setting for e-mail transmission
- 4.18.8 Setting for subject used when sending e-mails
- 4.18.9 Wait time settings for e-mail transmission
- 4.18.10 E-mail settings when sending certificates
- 4.18.11 E-mail settings for certificate notification
- 4.18.12 Notification timing settings for expired certificates
- 4.18.13 Show e-mail transmission information
- 4.19 LLDP
- 4.19.1 Enable LLDP function
- 4.19.2 Set system description
- 4.19.3 Set system name
- 4.19.4 Create LLDP agent
- 4.19.5 Set automatic setting function by LLDP
- 4.19.6 Set LLDP transmission/reception mode
- 4.19.7 Set type of management address
- 4.19.8 Set basic management TLVs
- 4.19.9 Set IEEE-802.1 TLV
- 4.19.10 Set IEEE-802.3 TLV
- 4.19.11 Set LLDP-MED TLV
- 4.19.12 Set LLDP frame transmission interval
- 4.19.13 Set LLDP frame transmission interval for high speed transmission period
- 4.19.14 Set time from LLDP frame transmission stop until re-initialization
- 4.19.15 Set multiplier for calculating time to live (TTL) of device information
- 4.19.16 Set number of LLDP frames transmitted during the high speed transmission period
- 4.19.17 Set maximum number of connected devices manageable by a port
- 4.19.18 Global interface setting for LLDP function
- 4.19.19 Show interface status
- 4.19.20 Show information for connected devices of all interfaces
- 4.19.21 Clear LLDP frame counters
- 4.20 L2MS (Layer 2 management service) settings
- 4.21 Snapshot
- 4.22 Firmware update
- 4.23 Schedule
- 4.24 General maintenance and operation functions
- Interface control
- 5.1 Interface basic settings
- 5.1.1 Set description
- 5.1.2 Shutdown
- 5.1.3 Set speed and duplex mode
- 5.1.4 Set MRU
- 5.1.5 Set cross/straight automatic detection
- 5.1.6 Set EEE
- 5.1.7 Show EEE capabilities
- 5.1.8 Show EEE status
- 5.1.9 Set port mirroring
- 5.1.10 Show port mirroring status
- 5.1.11 Show interface status
- 5.1.12 Show brief interface status
- 5.1.13 Resetting an interface
- 5.1.14 Show frame counter
- 5.1.15 Clear frame counters
- 5.1.16 Show SFP+ module status
- 5.1.17 Set SFP+ module optical reception level monitoring
- 5.2 Link aggregation
- 5.2.1 Set static logical interface
- 5.2.2 Show static logical interface status
- 5.2.3 Set LACP logical interface
- 5.2.4 Show LACP logical interface status
- 5.2.5 Set LACP system priority order
- 5.2.6 Show LACP system priority
- 5.2.7 LACP different-speed link aggregation settings
- 5.2.8 Set LACP timeout
- 5.2.9 Clear LACP frame counters
- 5.2.10 Show LACP frame counter
- 5.2.11 Set load balance function rules
- 5.2.12 Show protocol status of LACP logical interface
- 5.2.13 Set LACP port priority order
- 5.3 Port authentication
- 5.3.1 Configuring the IEEE 802.1X authentication function for the entire system
- 5.3.2 Configuring the MAC authentication function for the entire system
- 5.3.3 Configuring the Web authentication function for the entire system
- 5.3.4 Set operation mode for the IEEE 802.1X authentication function
- 5.3.5 Set for forwarding control on an unauthenticated port for IEEE 802.1X authentication
- 5.3.6 Set the EAPOL packet transmission count
- 5.3.7 Set the MAC authentication function
- 5.3.8 Set MAC address format during MAC authentication
- 5.3.9 Set the Web authentication function
- 5.3.10 Set host mode
- 5.3.11 Set re-authentication
- 5.3.12 Set dynamic VLAN
- 5.3.13 Set the guest VLAN
- 5.3.14 Suppression period settings following failed authentication
- 5.3.15 Set reauthentication interval
- 5.3.16 Set the reply wait time for the RADIUS server overall
- 5.3.17 Set supplicant reply wait time
- 5.3.18 Set RADIUS server host
- 5.3.19 Set the reply wait time for each RADIUS server
- 5.3.20 Set number of times to resend requests to RADIUS server
- 5.3.21 Set RADIUS server shared password
- 5.3.22 Set time of RADIUS server usage prevention
- 5.3.23 Set NAS-Identifier attribute sent to RADIUS server
- 5.3.24 Show port authentication information
- 5.3.25 Show supplicant information
- 5.3.26 Show statistical information
- 5.3.27 Clear statistical information
- 5.3.28 Show RADIUS server setting information
- 5.3.29 Settings for redirect destination URL following successful Web authentication
- 5.3.30 Clear the authentication state
- 5.3.31 Setting the time for clearing the authentication state (system)
- 5.3.32 Setting the time for clearing the authentication state (interface)
- 5.3.33 Set EAP pass through
- 5.4 Port security
- 5.5 Error detection function
- 5.1 Interface basic settings
- Layer 2 functions
- 6.1 FDB (Forwarding Data Base)
- 6.2 VLAN
- 6.2.1 Move to VLAN mode
- 6.2.2 Set VLAN interface
- 6.2.3 Set private VLAN
- 6.2.4 Set secondary VLAN for primary VLAN
- 6.2.5 Set access port (untagged port)
- 6.2.6 Set associated VLAN of an access port (untagged port)
- 6.2.7 Set trunk port (tagged port)
- 6.2.8 Set associated VLAN for trunk port (tagged port)
- 6.2.9 Set native VLAN for trunk port (tagged port)
- 6.2.10 Set private VLAN port type
- 6.2.11 Set private VLAN host port
- 6.2.12 Set promiscuous port for private VLAN
- 6.2.13 Set voice VLAN
- 6.2.14 Set CoS value for voice VLAN
- 6.2.15 Set DSCP value for voice VLAN
- 6.2.16 Set multiple VALN group
- 6.2.17 Set name of multiple VLAN group
- 6.2.18 Show VLAN information
- 6.2.19 Show private VLAN information
- 6.2.20 Show multiple VLAN group setting information
- 6.3 STP (Spanning Tree Protocol)
- 6.3.1 Set spanning tree for the system
- 6.3.2 Set forward delay time
- 6.3.3 Set maximum aging time
- 6.3.4 Set bridge priority
- 6.3.5 Set spanning tree for an interface
- 6.3.6 Set spanning tree link type
- 6.3.7 Set interface BPDU filtering
- 6.3.8 Set interface BPDU guard
- 6.3.9 Set interface path cost
- 6.3.10 Set interface priority
- 6.3.11 Set edge port for interface
- 6.3.12 Show spanning tree status
- 6.3.13 Show spanning tree BPDU statistics
- 6.3.14 Clear protocol compatibility mode
- 6.3.15 Move to MST mode
- 6.3.16 Generate MST instance
- 6.3.17 Set VLAN for MST instance
- 6.3.18 Set priority of MST instance
- 6.3.19 Set MST region name
- 6.3.20 Set revision number of MST region
- 6.3.21 Set MST instance for interface
- 6.3.22 Set interface priority for MST instance
- 6.3.23 Set interface path cost for MST instance
- 6.3.24 Show MST region information
- 6.3.25 Show MSTP information
- 6.3.26 Show MST instance information
- 6.4 Loop detection
- Layer 3 functions
- IP multicast control
- 8.1 IP multicast basic settings
- 8.2 IGMP snooping
- 8.2.1 Set enable/disable IGMP snooping
- 8.2.2 Set IGMP snooping fast-leave
- 8.2.3 Set multicast router connection destination
- 8.2.4 Set query transmission function
- 8.2.5 Set IGMP query transmission interval
- 8.2.6 Set TTL value verification function for IGMP packets
- 8.2.7 Set IGMP version
- 8.2.8 Show multicast router connection port information
- 8.2.9 Show IGMP group membership information
- 8.2.10 Show an interface's IGMP-related information
- 8.2.11 Clear IGMP group membership entries
- 8.3 MLD snooping
- 8.3.1 Enable/disable MLD snooping
- 8.3.2 Set MLD snooping fast-leave
- 8.3.3 Set multicast router connection destination
- 8.3.4 Set query transmission function
- 8.3.5 Set MLD query transmission interval
- 8.3.6 Set MLD version
- 8.3.7 Show multicast router connection port information
- 8.3.8 Show MLD group membership information
- 8.3.9 Show an interface's MLD-related information
- 8.3.10 Clear MLD group membership entries
- Traffic control
- 9.1 ACL
- 9.1.1 Generate IPv4 access list
- 9.1.2 Add comment to IPv4 access list
- 9.1.3 Apply IPv4 access list
- 9.1.4 Generate IPv6 access list
- 9.1.5 Add comment to IPv6 access list
- 9.1.6 Apply IPv6 access list
- 9.1.7 Generate MAC access list
- 9.1.8 Add comment to MAC access list
- 9.1.9 Apply MAC access list
- 9.1.10 Show generated access list
- 9.1.11 Clear counters
- 9.1.12 Show access list applied to interface
- 9.1.13 Set VLAN access map and move to VLAN access map mode
- 9.1.14 Set access list for VLAN access map
- 9.1.15 Set VLAN access map filter
- 9.1.16 Show VLAN access map
- 9.1.17 Show VLAN access map filter
- 9.2 QoS (Quality of Service)
- 9.2.1 Enable/disable QoS
- 9.2.2 Set default CoS
- 9.2.3 Set trust mode
- 9.2.4 Show status of QoS function setting
- 9.2.5 Show QoS information for interface
- 9.2.6 Show egress queue usage ratio
- 9.2.7 Set CoS - egress queue ID conversion table
- 9.2.8 Set DSCP - egress queue ID conversion tabl
- 9.2.9 Set port priority order
- 9.2.10 Specify egress queue of frames transmitted from the switch itself
- 9.2.11 Generate class map (traffic category conditions)
- 9.2.12 Associate class map
- 9.2.13 Set traffic classification conditions (access-list)
- 9.2.14 Set traffic classification conditions (CoS)
- 9.2.15 Set traffic classification conditions (TOS precedence)
- 9.2.16 Set traffic classification conditions (DSCP)
- 9.2.17 Set traffic classification conditions (Ethernet Type)
- 9.2.18 13.2.22 Set traffic classification conditions (VLAN ID)
- 9.2.19 Set traffic classification conditions (VLAN ID range)
- 9.2.20 Show class map information
- 9.2.21 Generate policy map for received frames
- 9.2.22 Apply policy map for received frames
- 9.2.23 Set pre-marking (CoS)
- 9.2.24 Set pre-marking (TOS precedence)
- 9.2.25 Set pre-marking (DSCP)
- 9.2.26 Set individual policers (single rate)
- 9.2.27 Set individual policers (twin rate)
- 9.2.28 Set remarking of individual policers
- 9.2.29 Generate aggregate policer
- 9.2.30 Set aggregate policer (single rate)
- 9.2.31 Set aggregate policer (twin rate)
- 9.2.32 Set remarking of aggregate policers
- 9.2.33 Show aggregate policers
- 9.2.34 Apply aggregate policer
- 9.2.35 Show metering counters
- 9.2.36 Clear metering counters
- 9.2.37 Set egress queue (CoS-Queue)
- 9.2.38 Set egress queue (DSCP-Queue)
- 9.2.39 Show policy map information
- 9.2.40 Show map status
- 9.2.41 Set egress queue scheduling
- 9.2.42 Set traffic shaping (individual port)
- 9.2.43 Set traffic-shaping (queue units)
- 9.3 Flow control
- 9.4 Storm control
- 9.1 ACL
- Application
- 10.1 Local RADIUS server
- 10.1.1 Local RADIUS server function settings
- 10.1.2 Set access interface
- 10.1.3 Generate a route certificate authority
- 10.1.4 RADIUS configuration mode
- 10.1.5 Authentication method settings
- 10.1.6 RADIUS client (NAS) settings
- 10.1.7 Authenticated user settings
- 10.1.8 Reauthentication interval setting
- 10.1.9 Apply setting data to local RADIUS server
- 10.1.10 Issuing a client certificate
- 10.1.11 Aborting the issue of a client certificate
- 10.1.12 Revoking client certificates
- 10.1.13 Exporting of client certificates (sending via e-mail)
- 10.1.14 Show RADIUS client (NAS) status
- 10.1.15 Show authenticated user information
- 10.1.16 Client certificate issuance status display
- 10.1.17 Client certificate list display
- 10.1.18 Revoked client certificate list display
- 10.1 Local RADIUS server
- Index
5.3.17 Set supplicant reply wait time
[Syntax]
auth timeout supp-timeout time
no auth timeout supp-timeout
[Parameter]
time : <1-65535>
Supplicant reply wait time (seconds)
[Initial value]
auth timeout supp-timeout 30
[Input mode]
interface mode
[Description]
Sets the reply wait time from the supplicant during port authentication for the applicable interface.
If this command is executed with the "no" syntax, the setting returns to the default.
[Note]
This command can be specified only for both LAN/SFP+ port and logical interface.
To use this command, you must enable the port authentication function for the applicable interface. (dot1x port-control
command, auth-mac enable command, auth-web enable command)
[Example]
Set the reply wait time from the supplicant of LAN port #1 to 180 seconds.
SWP2(config)#interface port1.1
SWP2(config-if)#auth timeout supp-timeout 180
5.3.18 Set RADIUS server host
[Syntax]
radius-server host host [auth-port port] [timeout time] [retransmit count] [key secret]
no radius-server host
[Keyword]
auth-port : Sets the UDP port number used for authenticating the RADIUS server
timeout : Sets the reply standby time for requests sent to the RADIUS server
retransmit : Sets the number of times to resend the request to the RADIUS server
key : Sets the password used for communicating with the RADIUS server
[Parameter]
host : IPv4 address (A.B.C.D) or IPv6 address (X:X::X:X)
When specifying an IPv6 link local address, the transmitting interface also needs to be specified
(fe80::X%vlanN format).
port : <0-65535>
UDP port number used for authentication (the default value of 1812 is used when this is omitted)
time : <1-1000>
Reply standby time (in seconds; the settings for the radius-server timeout command--5 sec. at default
are used if this is omitted)
count : <0-100>
Number of times to resend (the settings for the radius-server retransmit command--3 times. at default
are used if this is omitted)
secret : Single-byte alphanumeric characters, and single-byte symbols other than the characters '?' and spaces
(128 characters or less)
146 | Command Reference | Interface control