Allied Telesis management software layer 2+ fast ethernet switches manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones Allied Telesis management software layer 2+ fast ethernet switches. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica Allied Telesis management software layer 2+ fast ethernet switches o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual Allied Telesis management software layer 2+ fast ethernet switches se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales Allied Telesis management software layer 2+ fast ethernet switches, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones Allied Telesis management software layer 2+ fast ethernet switches debe contener:
- información acerca de las especificaciones técnicas del dispositivo Allied Telesis management software layer 2+ fast ethernet switches
- nombre de fabricante y año de fabricación del dispositivo Allied Telesis management software layer 2+ fast ethernet switches
- condiciones de uso, configuración y mantenimiento del dispositivo Allied Telesis management software layer 2+ fast ethernet switches
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de Allied Telesis management software layer 2+ fast ethernet switches no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de Allied Telesis management software layer 2+ fast ethernet switches y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico Allied Telesis en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de Allied Telesis management software layer 2+ fast ethernet switches, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo Allied Telesis management software layer 2+ fast ethernet switches, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual Allied Telesis management software layer 2+ fast ethernet switches. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    Management Software AT-S62 ◆ Command Line User’s Guide AT-8516F/SC, AT-8524M, AT-8524POE, AT-8550GB and AT-8550SP LAYER 2+ FAST ETHERNET SWITCHES VERSION 1.3.0 ® PN 613-50486-00 Rev E[...]

  • Página 2

    Copyright © 2005 Allied Telesyn, Inc. All rights reserved. No part of this publication may be reproduc ed without prior written permission from Allied Telesyn, Inc. Microsoft is a registered trademark of Microsoft Corpo ration, Netscape Naviga tor is a registered tr ademark of Netscape Communications Corporation. All other prod uct names, company [...]

  • Página 3

    3 Ta b l e o f C o n t e n t s Preface .......... ........ ........ ........... ........ .......... ......... ........ .......... ......... .......... ........ ......... ......... ....... ........... ........ .......... ......... ........ .......... ........ ......... .....1 2 Document Conventi ons ................. ........... ........ .......... [...]

  • Página 4

    Table of Contents 4 ENABLE DHCP ........ .......... ........... ........ .......... ......... .......... ........ ........... ........ .......... ......... ... ... .......... ......... ........ .......... ......... ........ .......... ........ ......... 4 2 ENABLE IP REM OTEASSIGN ...... ........ ........... .......... ........ ........... ........[...]

  • Página 5

    AT-S62 Command Line User’s Guide 5 CLEAR SNMPV3 ACCESS ........... .......... ........... .......... ........ ........... .......... ........ ........... .......... ....... ........ ........ .......... ......... .......... ........ ......... ........ 103 CLEAR SNMPV3 COMMU NITY ..... ........ ........... .......... ........ ........... ..........[...]

  • Página 6

    Table of Contents 6 RESET SWITCH FDB ............... .......... ........ ........... ........ .......... ......... .......... .......... ......... .......... .... ........ ......... .......... ........ ........... ........ ........ ........... 181 SET SWITCH AG INGTIMER|AGEIN GTIMER .................. ........... .......... .......... ........... .[...]

  • Página 7

    AT-S62 Command Line User’s Guide 7 SET CONFIG ............ ......... .......... ........ ........ ........... ........ .......... ......... .......... ........ ........... .. .... ........ ......... .......... ........ ........... ........ ........ ........... ........ 23 2 SHOW FILE ...... .......... ......... .......... ........ ......... .....[...]

  • Página 8

    Table of Contents 8 DELETE QOS T RAFFICCLASS ........ .......... ......... .......... ........ ........... .......... ........ ........... .......... ........ .. ........... ........ ........ ........... ........ .......... ......... 32 6 DESTROY QOS F LOWGRO UP ..... ........ ........... .......... ........ ........... .......... ........ ........[...]

  • Página 9

    AT-S62 Command Line User’s Guide 9 SET SWITCH M ULTICASTMODE .... ........... .......... ........ ........... .......... .......... ......... .......... .......... ......... ........ ........ ........... ........ ........ ........... ........ 38 9 SHOW STP ..... ........ ........... ........ .......... ........ ........... ........ .......... ...[...]

  • Página 10

    Table of Contents 10 Chapter 30 Protected Ports VLAN Commands ....... ........ .......... ........ ......... .......... ........ ........... ........ ........ ........... ........ ........ ........... .. ...... ........ ........... .. 462 ADD VLAN GR OUP ............ .......... ........ ........... ........ .......... ........ ........... ........ [...]

  • Página 11

    AT-S62 Command Line User’s Guide 11 Chapter 36 Secure Sockets Layer (SSL) Commands ........ .......... ......... .......... ........ ......... .......... ........ ......... .......... ........ ........... ........ ........ . ........ ........ 531 SET SSL ............. .......... ........... ........ .......... ......... .......... ........ ......[...]

  • Página 12

    12 Preface This guide describes how to config ure an AT -8500 Se ries switch using the AT-S62 command line interfac e. The commands are groupe d by topic into the following chapters: ❑ Chapter 1: Starting a Command Line Management Session on page 16 ❑ Chapter 2: Basic Command Li ne Commands on page 20 ❑ Chapter 3: Enhanced Stac king Commands [...]

  • Página 13

    AT-S62 Command Li ne User’s Guide 13 ❑ Chapter 16: File Download and Upload Commands on page 235 ❑ Chapter 17: Event Log and Syslog Server Commands on page 258 ❑ Chapter 18: Classifier Commands on page 286 ❑ Chapter 19: ACL Comma nds on page 298 ❑ Chapter 20: Quality of Servic e (QoS) Commands on page 306 ❑ Chapter 21: Class of Servic[...]

  • Página 14

    Preface 14 A list of the commands ap pear on the first page of each chapter. The commands are described in alphabetical order. Caution The software described in this documentation contains certain cryptographic functionalit y and its export is restr icted by U.S. law. As of this writing, it has been submitted fo r review as a “retail encryption i[...]

  • Página 15

    AT-S62 Command Li ne User’s Guide 15 Contacting Allied Telesyn This section provides Allied Telesyn contact informat ion for technical support as well as sales or corporate information. Online Support You can request technical support onlin e by accessing the Allied Telesyn Knowledge Base from the following web site: www.alliedtelesyn.com/kb . Yo[...]

  • Página 16

    16 Chapter 1 Starting a Command Line Management Session This chapter contains the following topics: ❑ Starting a Management Session on page 17 ❑ Command Line Interface Features on page 18 ❑ Command Formatting on page 19[...]

  • Página 17

    AT-S62 Command Li ne User’s Guide 17 Starting a Management Session In order to manage an AT-8500 Series switch using command line commands, you must first start a local or Telnet management session. For instructions, refer to the AT-S62 Management S oftware Menus Interface User’s Guide . The default management interface is the command line. The[...]

  • Página 18

    Chapter 1: Starti ng a Comman d Line Man agement Sessi on 18 Command Line Interface Features The following features ar e supported in the c ommand line interface: ❑ Command history - Use the up and down arrow keys. ❑ Context-specific help - Press the que stion mark key at any time to see a list of legal next parameters. ❑ Keyword abbreviation[...]

  • Página 19

    AT-S62 Command Li ne User’s Guide 19 Command Formatting The following formatting conven tions are used in this manual: ❑ screen text font - This font illustra tes the format of a command and command examples. ❑ screen text font - Italicized screen text indicates a variable for you to enter. ❑ [ ] - Brackets indicate optional parameters. ❑[...]

  • Página 20

    20 Chapter 2 Basic Command Line Commands This chapter contains the following commands: ❑ CLEAR SCREEN on page 21 ❑ EXIT on page 22 ❑ HELP on page 23 ❑ LOGOFF, LOGOUT, and QUIT on page 24 ❑ MENU on page 25 ❑ SAVE CONFIG URATION on page 26 ❑ SET PROMPT on page 27 ❑ SET SWITCH CONSOLEMODE on page 28 ❑ SHOW USER on page 29 Note Rememb[...]

  • Página 21

    AT-S62 Command Li ne User’s Guide 21 CLEAR SCREEN Syntax clear screen Parameters None. Description This command clears the screen. Example The following command clears the screen: clear screen[...]

  • Página 22

    Chapter 2: Basic Command Line Commands 22 EXIT Syntax exit Parameters None. Description This command displays the AT-S62 Main Menu. It performs the same function as the MENU command. For instructions on how to use the management menus, refer to the AT-S62 Management Softwa re Menus Interface U ser’s Guide. Example The following command dis plays [...]

  • Página 23

    AT-S62 Command Li ne User’s Guide 23 HELP Syntax help Parameters None. Description This command displays a list of the CL I keywords with a brief description for each keyword. Example The following command displays the CLI keywords: help[...]

  • Página 24

    Chapter 2: Basic Command Line Commands 24 LOGOFF, LOGOUT, and QUIT Syntax logoff logout quit Parameters None. Description These three commands perform th e same function: they end a management session. If you are mana ging a slave switch, the commands return you to the master switc h from which you started the management session. Example The follow[...]

  • Página 25

    AT-S62 Command Li ne User’s Guide 25 MENU Syntax menu Parameters None. Description This command displays the AT-S62 Ma in Menu. This command performs the same function as the EXIT c ommand. For instructions on how to use the management men us, refer to the AT-S62 Management Software Menus Interface User’s Guide . Example The following command d[...]

  • Página 26

    Chapter 2: Basic Command Line Commands 26 SAVE CONFIGURATION Syntax save configuration Parameters None. Description This command saves your change s to the switch’s active boot configuration file fo r permanent storage. Whenever you make a chan ge to an operating pa rameter of the switch, such as enter a new IP address or create a new VLAN, t he [...]

  • Página 27

    AT-S62 Command Li ne User’s Guide 27 SET PROMPT Syntax set prompt=” prompt ” Parameter prompt Specifies the command li ne prompt. Th e prompt can be from one to 12 alphan umeric characters. Spaces and special characters are allowed. The prompt must be enclosed in double quotes. Description This command changes the comman d line prompt. Assign[...]

  • Página 28

    Chapter 2: Basic Command Line Commands 28 SET SWITCH CONSOLEMODE Syntax set switch consolemode=menu|cli Parameter consolemode Specifies the mode you want management sessions to start in. Options are: menu Specifies the AT-S62 Main Menu. cli Specifies the command line prompt. This is the default. Description You use this command to specify whether y[...]

  • Página 29

    AT-S62 Command Li ne User’s Guide 29 SHOW USER Syntax show user Parameter None. Description Displays the user account you used to log on to manage the switch. Example show user[...]

  • Página 30

    30 Chapter 3 Enhanced Stacking Commands This chapter contains the following commands: ❑ ACCESS SWITCH on page 31 ❑ SET SWITCH STACKMODE on page 33 ❑ SHOW REMOTELIST on page 35 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface User’s Guide for background infor[...]

  • Página 31

    AT-S62 Command Li ne User’s Guide 31 ACCESS SWITCH Syntax access switch number= number |macaddress= macaddress Parameters number Specifies the number of the switch in an enhanced stack that you want to manage. You view this number using the SHOW REMOTELIST command. macaddress Specifies the MAC addr ess of the switch you want to manage. This can a[...]

  • Página 32

    Chapter 3: Enhanced Stacking Comma nds 32 Examples The following command starts a management session on switch number 12: access switch number=12 The following command starts a mana gement session on a switch with the MAC address 00 :30:84:52:02:11 access switch macaddress=003084520211[...]

  • Página 33

    AT-S62 Command Li ne User’s Guide 33 SET SWITCH STACKMODE Syntax set switch stackmode=master|slave|unavailable Parameter stackmode Specifies the enhanced stacking mode of the switch. Possible settings are: master Specifies the switch’s stacking mode as master. A master switch must be assigned an IP address and subnet mask. slave Specifies the s[...]

  • Página 34

    Chapter 3: Enhanced Stacking Comma nds 34 Example The following command sets the swi tch’s stacking status to master: set switch stackmode=master[...]

  • Página 35

    AT-S62 Command Li ne User’s Guide 35 SHOW REMOTELIST Syntax show remotelist [sorted by= macaddress | name ] Parameter sorted Sorts the list either by MAC address or by name. The default is by MAC address. Description This command displays a list of the swi tches in an enhanced stack. This command can only be performed fr om a management session o[...]

  • Página 36

    36 Chapter 4 Basic Switch Commands This chapter contains the following commands: ❑ DISABLE DHCPBOOTP on page 38 ❑ DISABLE IP REMOTEAS SIGN on page 39 ❑ DISABLE TELNET on page 40 ❑ ENABLE BOOTP on page 41 ❑ ENABLE DHCP on page 42 ❑ ENABLE IP REMOTEA SSIGN on page 43 ❑ ENABLE TELNET on page 44 ❑ FORMAT DEVICE on page 45 ❑ PING on pa[...]

  • Página 37

    AT-S62 Command Li ne User’s Guide 37 ❑ SET PASSWORD OPERAT OR on page 59 ❑ SET SWITCH CONSOLET IMER on page 60 ❑ SET SYSTEM on page 61 ❑ SET USER PASSWORD on page 62 ❑ SHOW ASYN on page 63 ❑ SHOW CONFIG on page 64 ❑ SHOW DHCPBOOTP on page 65 ❑ SHOW IP INTERFACE on page 66 ❑ SHOW IP ROUTE on page 67 ❑ SHOW SWITCH on page 68 ❑[...]

  • Página 38

    Chapter 4: Basic Switch Commands 38 DISABLE DHCPBOOTP Syntax disable dhcpbootp Parameters None. Description This command deactivates the DHCP and BOOTP clie nt software on the switch. This command is equivalent to DISABLE IP RE MOTEASSIGN on page 39. The default setting for th e client software is disabled. To activate the DHCP and BOOTP client sof[...]

  • Página 39

    AT-S62 Command Li ne User’s Guide 39 DISABLE IP REMOTEASSIGN Syntax disable ip remoteassign Parameters None. Description This command deactivates the DHCP and BOOTP client software on the switch. This command is equivalent to DISABLE DHCPBOOTP on page 38. The default setting for the client software is disabled. To activate the DHCP and BOOTP clie[...]

  • Página 40

    Chapter 4: Basic Switch Commands 40 DISABLE TELNET Syntax disable telnet Parameters None. Description This command disables the Telnet ser ver software on the switch. You might disable the server software if you do not want anyone to manage the switch using the Telnet applicatio n protocol or if you plan to use the Secure Shell pr otocol. The defau[...]

  • Página 41

    AT-S62 Command Li ne User’s Guide 41 ENABLE BOOTP Syntax enable bootp Parameters None. Description This command activates th e BOOTP client software on the switch. This command is equivalent to SET IP INTERFACE on page 55. The default setting for the BOOTP client software is disabled. Note When you activate BOOTP, the swi tch immediately begins t[...]

  • Página 42

    Chapter 4: Basic Switch Commands 42 ENABLE DHCP Syntax enable dhcp Parameters None. Description This command activates th e DHCP client software on the switch. This command is equivalent to ENABLE IP REMOTEASSIGN on page 43 and the SET IP INTERFACE command. The default setting for the DHCP client software is disabled. Note When you activate DHCP, t[...]

  • Página 43

    AT-S62 Command Li ne User’s Guide 43 ENABLE IP REMOTEASSIGN Syntax enable ip remoteassign Parameters None. Description This command activates the DHCP clie nt software on the switch. This command is equivalent to ENABLE DH CP on page 42. The default setting for the DHCP client software is disabled. Note When you activate DHCP, the switc h immedia[...]

  • Página 44

    Chapter 4: Basic Switch Commands 44 ENABLE TELNET Syntax enable telnet Parameters None. Description This command activates the Telnet server on the switch. With the server activated, you can manage the swi tch using the Telnet application protocol from any management wo rkstation on your network. To disable the server, refer to DISABLE TELNET on pa[...]

  • Página 45

    AT-S62 Command Li ne User’s Guide 45 FORMAT DEVICE Syntax format drive=flash Parameter drive Specifies the memory device to format. The AT-8500 Series switc h supports only one memory device, flash memory. Description This command formats the switch’s flas h memory. It deletes all files in a switch’s file system, inclu ding configuration file[...]

  • Página 46

    Chapter 4: Basic Switch Commands 46 A confirmation prompt is displayed. Enter Y for yes to format the flash memory or N for no to canc el the command.[...]

  • Página 47

    AT-S62 Command Li ne User’s Guide 47 PING Syntax ping ipaddress Parameter ipaddress Specifies the IP address of an end node you want the switch to ping. Description This command instructs the switch to pi ng an end node. You can use thi s command to determine whether a valid link exi sts between the switch and another device. Note The switch must[...]

  • Página 48

    Chapter 4: Basic Switch Commands 48 PURGE IP Syntax purge ip [ipaddress] [netmask] [route] Parameters ipaddress Returns the switch’s IP address to the default setting 0.0.0.0. netmask Returns the subnet ma sk to the default setting 0.0.0.0. route Returns the gateway addr ess to the default setting 0.0.0.0. Description This command returns the swi[...]

  • Página 49

    AT-S62 Command Li ne User’s Guide 49 RESET SWITCH Syntax reset switch Parameters None. Description This command does all of the following: ❑ Performs a soft reset on all por ts. The reset takes less than a second to complete. The ports re tain their current operating parameter settings. To perform this function on individual ports, refer to RES[...]

  • Página 50

    Chapter 4: Basic Switch Commands 50 RESET SYSTEM Syntax reset system [name] [contact] [location] Parameters name Deletes the switch’s name. contact Deletes the switch’s contact. location Deletes the switch’s location. Description This command delete’s the sw itch’s name, the name of the network administrator responsible for managing the u[...]

  • Página 51

    AT-S62 Command Li ne User’s Guide 51 RESTART REBOOT Syntax restart reboot Parameters None. Description This command resets the sw itch. The switch runs i ts internal diagnostics, loads the AT-S62 management software, and configur es its parameter settings using the current boot config uration file. The reset will takes approximately 20 to 30 seco[...]

  • Página 52

    Chapter 4: Basic Switch Commands 52 RESTART SWITCH Syntax restart switch config=none| filename .cfg Parameters config Specifies a configuration file. The file must already exist on the switch. The value NONE returns the switch to its default values. Description This command loads a different conf iguration file on the switch or returns the switch?[...]

  • Página 53

    AT-S62 Command Li ne User’s Guide 53 Note For a list of the defau lt values, refer to Appendix A in the AT-S62 Management Software Menu s Interface Us er’s Guide . Note The switch will not forward traffi c during the r eset process, which takes 20 to 30 secon ds. Some network t raffic may be lost. Your local or remote ma nagement sess ion with [...]

  • Página 54

    Chapter 4: Basic Switch Commands 54 SET ASYN Syntax set asyn speed=1200|2400|4800|9600|19200|38400| 57600|115200 [prompt=” prompt ” ] Parameter speed Sets the speed of the RS -232 terminal port on the switch. The default is 9600 bps. prompt Specifies the command line prompt. The prompt can be from one to 12 alphanumeric characters. Spaces and s[...]

  • Página 55

    AT-S62 Command Li ne User’s Guide 55 SET IP INTERFACE Syntax set ip interface=eth0 ipaddress= ipaddress |dhcp|bootp mask|netmask= subnetmask Parameters interface Specifies the interface number. This value is always “eth0”. ipaddress Specifies an IP address for the sw itch or activates the DHCP or BOOTP client software. Options are: ipaddress [...]

  • Página 56

    Chapter 4: Basic Switch Commands 56 Note You cannot manually assign an IP address to the switch if the DHCP or BOOTP client software is activate d. To disable the client software, refer to the DISAB LE DHCPBOOTP command. To display the current IP address an d subnet mask, refe r to SHOW IP INTERFACE on page 66. To return the IP addre ss and subnet [...]

  • Página 57

    AT-S62 Command Li ne User’s Guide 57 SET IP ROUTE Syntax set ip route ipaddress= ipaddress Parameter ipaddress Specifies th e IP address of the default gateway for the switch. Description This command specifies the IP addr ess of the defaul t gateway for the switch. This IP address is required if you intend to remotely manage the device from a re[...]

  • Página 58

    Chapter 4: Basic Switch Commands 58 SET PASSWORD MANAGER Syntax set password manager Parameters None. Description This command sets the manager’s pa ssword. Logging in as manager allows you to view and change all switch parameters. The default password is “friend”. A password ca n be from 1 to 16 alphanumeric characters. Allied Telesyn recomm[...]

  • Página 59

    AT-S62 Command Li ne User’s Guide 59 SET PASSWORD OPERATOR Syntax set password operator Parameters None. Description This command sets the operator’s pa ssword. Logging in as operator allows you to only view the switch pa rameters. The default password is “operator”. The password can be from 1 to 16 alphanumeric characters. Allied Telesyn r[...]

  • Página 60

    Chapter 4: Basic Switch Commands 60 SET SWITCH CONSOLETIMER Syntax set switch consoletimer= value Parameter consoletimer Specifies the console t imer in minutes. The range is 1 to 60 minutes. The defau lt is 10 minutes. Description This command sets the console timer, which is used by the management software to end inacti ve management sessions. If[...]

  • Página 61

    AT-S62 Command Li ne User’s Guide 61 SET SYSTEM Syntax set system [name=” name ”] [contact=” contact ”] [location= ”location ”] Parameters name Specifies the name of the switc h. The name can be from 1 to 39 alphanumeric characters in length and must be enclosed in double quotes (“ “) . Spaces are allowed. contact Specifies the na[...]

  • Página 62

    Chapter 4: Basic Switch Commands 62 SET USER PASSWORD Syntax show user manager|operator password= password Parameter password Specifies the new mana ger or operator password. Description This command changes the password s for the manager and operator accounts. The default pa ssword for the manager ac count is “friend.” The default for the oper[...]

  • Página 63

    AT-S62 Command Li ne User’s Guide 63 SHOW ASYN Syntax show asyn Parameters None. Description This command displays the settings for the RS-232 Termin al Port on the switch. To adjust the baud rate, which is the only setting on the port you can change, refer to SE T ASYN on page 54. Example The following command displays the RS-232 Te rminal Port [...]

  • Página 64

    Chapter 4: Basic Switch Commands 64 SHOW CONFIG Syntax show config [dynamic] [info] Parameters dynamic Displays the settings fo r all the switch and port parameters in their eq uivalent command line commands. info Displays all switch settings. Description This command, when used witho ut any parameter, displays two pieces of information. The firs t[...]

  • Página 65

    AT-S62 Command Li ne User’s Guide 65 SHOW DHCPBOOTP Syntax show dhcpbootp Parameters None. Description This command displays the status of the DHCP and BOOTP client software on the switch. If neither is activated , the status will be “disabled.” The default setting is disabled. To enable the DHCP and BOOTP clie nt software, refe r to ENABLE B[...]

  • Página 66

    Chapter 4: Basic Switch Commands 66 SHOW IP INTERFACE Syntax show ip interface=eth0 Parameters interface Specifies the switch’s in terface number. This value is always “eth0”. Description This command displays the curren t values for the following switch parameters: ❑ IP address ❑ Subnet mask ❑ Default gateway To manually set the IP add[...]

  • Página 67

    AT-S62 Command Li ne User’s Guide 67 SHOW IP ROUTE Syntax show ip route Parameters None. Description This command displays the switch’s default gateway address. You can also display the gateway address using SHOW IP IN TERFACE on page 66. To manually set the default gateway a ddress, refer to SET IP ROUTE on page 57. Example The following comma[...]

  • Página 68

    Chapter 4: Basic Switch Commands 68 SHOW SWITCH Syntax show switch Parameters None. Description This command displays the following switch parameters: ❑ Application software version ❑ Application software build date ❑ Bootloader version ❑ Bootloader build date ❑ MAC address ❑ Switch VLAN mode ❑ Management VLAN ❑ Ingress filtering ?[...]

  • Página 69

    AT-S62 Command Li ne User’s Guide 69 SHOW SYSTEM Syntax show system Parameters None. Description This command displays the following information: ❑ MAC address ❑ Model name ❑ Serial number ❑ IP address ❑ Subnet mask ❑ Gateway address ❑ System operating time ❑ Application software version and build date ❑ Bootloader version and b[...]

  • Página 70

    70 Chapter 5 Simple Network Time Protocol (SNTP) Commands This chapter contains the following commands: ❑ ADD SNTPSERVER PEER|IPADDRESS on page 71 ❑ DELETE SNTPSERVER PEER |IPADDRESS on pa ge 72 ❑ DISABLE SNTP on page 73 ❑ ENABLE SNTP on page 74 ❑ PURGE SNTP on page 75 ❑ SET DATE TIME on page 76 ❑ SET SNTP on page 77 ❑ SHOW SNTP on [...]

  • Página 71

    AT-S62 Command Li ne User’s Guide 71 ADD SNTPSERVER PEER|IPADDRESS Syntax add sntpserver peer|ipaddress= ipaddress Parameter peer Specifies the IP address of an SNTP server. These ipaddress parameters are equivalent. Description This command adds the IP address of an SNTP server to the SNTP client software on the switch. The switc h uses the SNTP[...]

  • Página 72

    Chapter 5: Simple Networ k Time Protocol (SNTP) Commands 72 DELETE SNTPSERVER PEER|IPADDRESS Syntax delete sntpserver peer|ipaddress= ipaddress Parameter peer Specifies the IP addr ess of an SNTP server. The ipaddress parameters are equivalent. Description This command deletes the IP addr ess of the SNTP server from the SNTP client software on the [...]

  • Página 73

    AT-S62 Command Li ne User’s Guide 73 DISABLE SNTP Syntax disable sntp Parameters None. Description This command disables the SNTP clie nt software on the switch. The default setting for SN TP is disabled. Example The following command disa bles SNTP on the switch: disable sntp[...]

  • Página 74

    Chapter 5: Simple Networ k Time Protocol (SNTP) Commands 74 ENABLE SNTP Syntax enable sntp Parameters None. Description This command enables the SNTP clie nt software on the switch. The default setting for SNTP is disabled. Once enabled, the switch will obtain its date and time from an SNTP se rver, assuming that you have specified a server IP addr[...]

  • Página 75

    AT-S62 Command Li ne User’s Guide 75 PURGE SNTP Syntax purge sntp Parameters None. Description This command disables the SNTP client software and returns its parameters to the default values. Example The following command resets SNTP: purge sntp[...]

  • Página 76

    Chapter 5: Simple Networ k Time Protocol (SNTP) Commands 76 SET DATE TIME Syntax set date= dd-mm-yyyy time= hh:mm:ss Parameter date Specifies the date for th e switch in day-month-year format. time Specifies the hour, minute, and second for the switch’s time in 24-hour format. Description This command sets the date and time on the switch. You can[...]

  • Página 77

    AT-S62 Command Li ne User’s Guide 77 SET SNTP Syntax set sntp [dst=enabled|disabled] [pollinterval= value ] [utcoffset= value ] Parameters dst Enables or disables da ylight savings time. pollinterval Specifies the time in terval between two successive queries to the SNTP server. The range is 60 to 1200 seconds. The default is 600 seconds. utcoffs[...]

  • Página 78

    Chapter 5: Simple Networ k Time Protocol (SNTP) Commands 78 SHOW SNTP Syntax show sntp Parameters None. Description This command displays the following information: ❑ Status of the SNTP client software ❑ SNTP server IP address ❑ UTC Offset ❑ Daylight Savings Time (DST ) - enabled or disabled ❑ Poll interval ❑ Last Delta - The last adjus[...]

  • Página 79

    AT-S62 Command Li ne User’s Guide 79 SHOW TIME Syntax show time Parameters None. Description This command shows the switc h’s current da te and time. Example The following command shows the system’s date and time. show time[...]

  • Página 80

    80 Chapter 6 SNMPv1 and SNMPv2 Community Strings and Trap Commands This chapter contains the following commands: ❑ ADD SNMP COMMUNITY on page 81 ❑ CREATE SNMP COMMU NITY on page 83 ❑ DELETE SNMP COMMU NITY on page 86 ❑ DESTROY SNMP COMMU NITY on page 88 ❑ DISABLE SNMP on page 89 ❑ DISABLE SNMP AUTHENTICA TETRAP on page 90 ❑ DISABLE SN[...]

  • Página 81

    AT-S62 Command Li ne User’s Guide 81 ADD SNMP COMMUNITY Syntax add snmp community=” community ” [traphost= ipaddress ] [manager= ipaddress ] Parameters community Specifies an existing SNMP community string on the switch. This parameter is case sensitive. The name must be enclosed in double quotes if it contains a space or special character, s[...]

  • Página 82

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 82 The following command ad ds the IP address 149. 212.10.11 as a trap receiver to the “public” community string: add snmp community=public traphost=149.212.10.11[...]

  • Página 83

    AT-S62 Command Li ne User’s Guide 83 CREATE SNMP COMMUNITY Syntax create snmp community=” community ” [access=read|write] [open=yes|no|on|off|true|false] [traphost= ipaddress ] [manager= ipaddress ] Parameters community Specifies a new comm unity string. The maximum length of a community strin g is 15 characters. Spaces are allowed. The name [...]

  • Página 84

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 84 manager S pecifies the IP address of a management station that can use the community strin g to access the switch. This option applies if yo u specify the status of the community string as closed . A community string can have up to eight IP addresses of management workstations, b[...]

  • Página 85

    AT-S62 Command Li ne User’s Guide 85 Examples The following command creates the new community string “serv12” with read access level an d an access status of open: create snmp community=serv12 access=read open=yes The following command creates the new community string “wind11” with read and write access level. To limit the use of the stri[...]

  • Página 86

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 86 DELETE SNMP COMMUNITY Syntax delete snmp community=” community ” traphost= ipaddress manager= ipaddress Parameters community Specifies the SNMP co mmunity string on the switch to be modified. The community string must already exist on the switch. This parameter is case sensit[...]

  • Página 87

    AT-S62 Command Li ne User’s Guide 87 The following command deletes the IP address 149.212. 44.45 of a trap receiver from the community string “public.” delete snmp community=public traphost=149.212.44.45[...]

  • Página 88

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 88 DESTROY SNMP COMMUNITY Syntax destroy snmp community=” community ” Parameter community Specifies an SNMP co mmunity string to delete from the switch. This parameter is case sensitiv e. The name must be enclosed in double quotes if it contains a space or special character, suc[...]

  • Página 89

    AT-S62 Command Li ne User’s Guide 89 DISABLE SNMP Syntax disable snmp Parameters None. Description This command disables SNMP on t h e switch. You cannot manage the unit from an SNMP management sta tion when SNMP is disabled. The default setting for SNMP is disabled. Example The following command dis ables SNMP on the switch: disable snmp[...]

  • Página 90

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 90 DISABLE SNMP AUTHENTICATETRAP Syntax disable snmp authenticatetrap|authenticate_trap Parameters None. Description This command stops the switch from sending authentication failure traps to trap receivers. However, the switch will co ntinue to send other system traps, such as alar[...]

  • Página 91

    AT-S62 Command Li ne User’s Guide 91 DISABLE SNMP COMMUNITY Syntax disable snmp community=” community ” Parameter community Specifies an SNMP co mmunity string to disable on the switch. This parameter is case sensitive. The string must be enclosed in double quotes if it contains a space or spec ial character, such as an exclamation point. Oth[...]

  • Página 92

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 92 ENABLE SNMP Syntax enable snmp Parameters None. Description This command activates SNMP on th e switch. Once activated, you can remotely manage the unit with an SNMP application program from a management station on your network . The default settin g for SNMP on the switch is dis[...]

  • Página 93

    AT-S62 Command Li ne User’s Guide 93 ENABLE SNMP AUTHENTICATETRAP Syntax enable snmp authenticatetrap|authenticate_trap Parameters None. Description This command configures the switch to send authenticat ion failure traps to trap receivers. The switch sends an authentica tion failure trap whenever a SNMP management stati on attempts to access the[...]

  • Página 94

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 94 ENABLE SNMP COMMUNITY Syntax enable snmp community=” community ” Parameters community Specifies an SNMP community string. This parameter is case sensiti ve. The name must be enclosed in double quotes if it contains a space or special character, such as an exclamation point. O[...]

  • Página 95

    AT-S62 Command Li ne User’s Guide 95 SET SNMP COMMUNITY Syntax set snmp community=” community ” [access=read|write] [open=yes|no] Parameters community Specifies the SNMP community string whose access level or access status is to be changed. This community string must alread y exist on the switch. This parameter is case sensi tive. The name mu[...]

  • Página 96

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 96 The following command changes the access level for the SNMP community string “serv12” to read and write with open access: set snmp community=serv12 access=write open=yes[...]

  • Página 97

    AT-S62 Command Li ne User’s Guide 97 SHOW SNMP Syntax show snmp [community=” community ”] Parameter community Specifies a community string on the switch. This parameter is case sensiti ve. The name must be enclosed in double quotes if it contains a space or special character, such as an exclamation point. Otherwise, the quotes are optional. D[...]

  • Página 98

    Chapter 6: SNMPv1 and SNMPv2 Co mmunity Strings and Trap Comman ds 98 ❑ Management station IP addresses - These are the IP addresses of management stations that can access the switch through a community string that has a cl osed access status. (Management station IP addresses are displayed only when yo u specify a specific community string usi ng[...]

  • Página 99

    99 Chapter 7 SNMPv3 Commands This chapter contains the following commands: ❑ ADD SNMPV3 USER on p age 101 ❑ CLEAR SNMPV3 ACCESS on page 103 ❑ CLEAR SNMPV3 COMMUNITY on page 105 ❑ CLEAR SNMPV3 NOTIFY on page 106 ❑ CLEAR SNMPV3 TARGETADDR on page 107 ❑ CLEAR SNMPV3 VIEW on page 108 ❑ CREATE SNMPV3 ACCE SS on page 109 ❑ CREATE SNMPV3 C[...]

  • Página 100

    Chapter 7: SNMPv3 Commands 100 ❑ DESTROY SNMPv3 TARGETADDR on page 130 ❑ DESTROY SNMPv3 TARGETPARMS on page 131 ❑ DESTROY SNMPV3 VIEW on page 132 ❑ SET SNMPV3 ACCESS on page 133 ❑ SET SNMPV3 COMMUNITY on page 135 ❑ SET SNMPV3 GRO UP on page 1 37 ❑ SET SNMPV3 NOTIFY on page 139 ❑ SET SNMPV3 TARG ETA DDR on page 141 ❑ SET SNMPV3 TA [...]

  • Página 101

    AT-S62 Command Li ne User’s Guide 101 ADD SNMPV3 USER Syntax add snmpv3 user= user [authentication=md5|sha] authpassword =password privpassword =password [storagetype=volatile|nonvolatile] Parameters user Specifies the name of an SNMPv3 user, up to 32 alphanumeric characters. authentication Specifies the authenti cation protocol that is used to a[...]

  • Página 102

    Chapter 7: SNMPv3 Commands 102 volatile Does not allow you to save the table entry to the configuration file on the switch. This is the default. nonvolatile Allows you to save the table entry to the configuration fi le on the switch. Description This command creates an SN MPv3 User Table entry. Examples The following command creates an SNMPv3 user [...]

  • Página 103

    AT-S62 Command Li ne User’s Guide 103 CLEAR SNMPV3 ACCESS Syntax clear snmpv3 access= access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] readview writeview notifyview Parameters access Specifies the name of th e security group, up to 32 alphanumeric characters. securitymodel Specifies the securi ty model. Th[...]

  • Página 104

    Chapter 7: SNMPv3 Commands 104 notifyview Specifies a Notify Vi ew Name that allows the users assigned to this securit y group to send traps permitted in the specified Vi ew. This is an optional parameter. Description This command clears the specified fields in an SNMPv3 Access Table entry. Examples The follow command clears the read view parameter[...]

  • Página 105

    AT-S62 Command Li ne User’s Guide 105 CLEAR SNMPV3 COMMUNITY Syntax clear snmpv3 community index= index transporttag Parameters index Specifies the name of an existing SNMPv3 Community Table entry, up to 32 alphanumeric characters. transporttag Specifies the transpor t tag, up to 32 alphanumeric characters. Description This command clears the tra[...]

  • Página 106

    Chapter 7: SNMPv3 Commands 106 CLEAR SNMPV3 NOTIFY Syntax clear snmpv3 notify= notify tag Parameters notify Specifies the name of an SNMPv3 Notify Table entry, up to 32 alphanumeric characters. tag Specifies the notify tag name, up to 32 alphanumeric characters. Description This command clears the value of the tag parameter in an SNMPv3 Notify Tabl[...]

  • Página 107

    AT-S62 Command Li ne User’s Guide 107 CLEAR SNMPV3 TARGETADDR Syntax clear snmpv3 targetaddr= targetaddr taglist Parameters targetaddr Specifies the name of the SNMPv3 Target Address Table entry, up to 32 alphanumeric characters. taglist Specifies a tag or list of tags, up to 256 alphanumeric characters. Description This command clea rs the value[...]

  • Página 108

    Chapter 7: SNMPv3 Commands 108 CLEAR SNMPV3 VIEW Syntax clear snmpv3 view= view [subtree=OID|text] mask Parameters view Specifies the name of th e SNMPv3 view, up to 32 alphanumeric characters. subtree Specifies the view of the MIB Tree. Options are: OID A numeric value in hexadecimal format. text Text name of the view. mask Specifies the subtree m[...]

  • Página 109

    AT-S62 Command Li ne User’s Guide 109 CREATE SNMPV3 ACCESS Syntax create snmpv3 access= access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] readview= readview writeview= writeview notifyview= notifyview [storagetype=volatile|nonvolatile] Parameters access Specifies the name of th e security group, up to 32 al[...]

  • Página 110

    Chapter 7: SNMPv3 Commands 110 writeview Specifies a Write View Name that allows the users assigned to this Security Gr oup to write, or modify, the information in the specified View Table. This is an optional parameter. If you do not assign a value to this parameter, then the writeview parameter defaults to none. notifyview Specifies a Notify Vi e[...]

  • Página 111

    AT-S62 Command Li ne User’s Guide 111 In the following command, a secu rity group is created called “hwengineering” with a security model of SNMPv3 and a security level of noauthentication. In addition, the security group has a read view named “internet.” create snmpv3 access=hwengineering securitymodel=v3 securitylevel=authentication rea[...]

  • Página 112

    Chapter 7: SNMPv3 Commands 112 CREATE SNMPV3 COMMUNITY Syntax create snmpv3 community index= index communityname= communityname securityname= securityname transporttag= transporttag [storagetype=volatile|nonvolatile] Parameters index Specifies the name of this SNMPv3 Community Table entry, up to 32 al phanumeric characters. communityname Specifies [...]

  • Página 113

    AT-S62 Command Li ne User’s Guide 113 The following command creates an SN MP community with an index of 95 and a community name of “12sac ramento49.” The user is “regina” and the transport tag “trainingtag.” The storage type for this community is nonvolatile storage. create snmpv3 community index=95 communityname=12sacramento49 securi[...]

  • Página 114

    Chapter 7: SNMPv3 Commands 114 CREATE SNMPV3 GROUP Syntax create snmpv3 group username= username [securitymodel=v1|v2c|v3] groupname= groupnam e [storagetype=volatile|nonvolatile] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the a bove user name. The options are: v1 Asso[...]

  • Página 115

    AT-S62 Command Li ne User’s Guide 115 Example The following command creates the SNMPv3 SecurityToGroup Table entry for a user named Na ncy. The security model is set to the SNMPv3 protocol. The group name, or security gr oup, for this user is the “admin” group. The storage type is set to nonvolatile storage. create snmpv3 group username=Nancy[...]

  • Página 116

    Chapter 7: SNMPv3 Commands 116 CREATE SNMPV3 NOTIFY Syntax create snmpv3 notify= notify tag= tag [type=trap|inform] [storagetype=volatile|nonvolatile] Parameters notify Specifies the name of an SNMPv3 Notify Table entry, up to 32 alphanumeric characters. tag Specifies the notify tag name, up to 32 alphanumeric characters. This is an optional parame[...]

  • Página 117

    AT-S62 Command Li ne User’s Guide 117 Examples In the following command, the SNMPv3 Notify Table entry is called “testengtrap1” and the noti fy tag is “teste ngtag1.” The m essage type is defined as a trap message and th e storage type for this entry is nonvolatile storage. create snmpv3 notify=testengtrap1 tag=testengtag1 type=trap stora[...]

  • Página 118

    Chapter 7: SNMPv3 Commands 118 CREATE SNMPV3 TARGETADDR Syntax create snmpv3 targetaddr= targetaddr params= params ipaddress= ipaddress udpport= udpport timeout= timeout retries= retries taglist= taglist [storagetype=volatile|nonvolatile] Parameters targetaddr Specifies the name of th e SN MP manager, or host, that manages the SNMP activity on the [...]

  • Página 119

    AT-S62 Command Li ne User’s Guide 119 Examples In the following command, the name of the Target Ad dress Table entry is “snmphost1.” In addition, the params parameter is assigned to “snmpv3manager” and the IP address is 198.1.1.1. The tag list consists of “swengtag,” “hwengtag,” and “testengtag.” The st orage type for this tab[...]

  • Página 120

    Chapter 7: SNMPv3 Commands 120 CREATE SNMPV3 TARGETPARAMS Syntax create snmpv3 targetparams= targetparams username= username [securitymodel=v1|v2c|v3] [messageprocessing=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] [storagetype=volatile|nonvolatile] Parameters targetparams Specifies the na me of the SNMPv3 Target Parameters T[...]

  • Página 121

    AT-S62 Command Li ne User’s Guide 121 securitylevel Specifies the secu rity level. The options are: noauthentication This option provides no authentication protocol and no privacy protocol. authentication This option provides an authentication protocol, but no privacy protocol. privacy T his option provides an authentication protocol and the priv[...]

  • Página 122

    Chapter 7: SNMPv3 Commands 122 CREATE SNMPV3 VIEW Syntax create snmpv3 view= view [subtree=OID|text] mask= mask [type=included|excluded] [storagetype=volatile|nonvolatile] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view of th e MIB Tree. The options are: OID A numeric value in hexadecimal[...]

  • Página 123

    AT-S62 Command Li ne User’s Guide 123 Examples The following command creates an SNMPv3 View Table entry called “internet1” with a subtree value of the Internet MIBs and a view type of included. The storage type for this table entry is nonvolatile storage. create snmpv3 view=internet1 subtree=internet type=included storagetype=nonvolatile The [...]

  • Página 124

    Chapter 7: SNMPv3 Commands 124 DELETE SNMPV3 USER Syntax delete snmpv3 user= user Parameters user Specifies the name of an SNMPv3 user to delete from the switch. Description This command deletes an SNMPv3 User Table entr y. After you delete an SNMPv3 user from the switc h, you cannot recover it. Examples The following command deletes the user named[...]

  • Página 125

    AT-S62 Command Li ne User’s Guide 125 DESTROY SNMPv3 ACCESS Syntax destroy snmpv3 access= access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] Parameter access Specifies an SNMP v3 Access Table entry. securitymodel Specifies the secur ity model of the user name specified above. The options are: v1 Associates t[...]

  • Página 126

    Chapter 7: SNMPv3 Commands 126 Examples The following command deletes the SN MPv3 Access Tabl e entry called “swengineering” with a security mode l of the SNMPv3 protocol and a security level of authentication. destroy snmpv3 access=swengineering securitymodel=v3 securitylevel=authentication The following command deletes the SN MPv3 Access Tabl[...]

  • Página 127

    AT-S62 Command Li ne User’s Guide 127 DESTROY SNMPv3 COMMUNITY Syntax destroy snmpv3 community index= index Parameter index Specifies the name of this SNMPv3 Community Table entry, up to 32 al phanumeric characters. Description This command delet es an SNMPv3 Community Table en try. After you delete an SNMPv3 Community Table entry, you cannot rec[...]

  • Página 128

    Chapter 7: SNMPv3 Commands 128 DESTROY SNMPv3 GROUP Syntax destroy snmpv3 group username= username [securitymodel=v1|v2c|v3] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the a bove user name. The options are: v1 Associates the Sec urity Name , or User Name, with the SNMP[...]

  • Página 129

    AT-S62 Command Li ne User’s Guide 129 DESTROY SNMPv3 NOTIFY Syntax destroy snmpv3 notify= notify Parameter notify Specifies an SNMP v3 Notify Table entry. Description This command delet es an SNMPv3 No tify Table entry. After you delete an SNMPv3 Notify Table entry, you cannot recover it. Examples The following command deletes an SN MPv3 Notify T[...]

  • Página 130

    Chapter 7: SNMPv3 Commands 130 DESTROY SNMPv3 TARGETADDR Syntax destroy snmpv3 targetaddr= target Parameter targetaddr Specifies an SNMP v3 Target Address table entry. Description This command deletes an SNMPv3 T arget Address Table entry. After you delete an SNMPv3 Target Address Tabl e entry, you cannot recover it. Examples The following command [...]

  • Página 131

    AT-S62 Command Li ne User’s Guide 131 DESTROY SNMPv3 TARGETPARMS Syntax destroy snmpv3 targetparams= targetparams Parameter targetparams Specifies an SNMPv3 Target Parameters table entry. Description This command deletes an SNMPv3 Target Parameters Tabl e entry. After you delete an SNMPv3 Tar get Parameters Table entry, you cannot recover it. Exa[...]

  • Página 132

    Chapter 7: SNMPv3 Commands 132 DESTROY SNMPV3 VIEW Syntax destroy snmpv3 view= view [subtree=OID|text] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view subtr ee view. The options are: OID A numeric value in hexadecimal format. text Text name of the view. Description This command deletes an[...]

  • Página 133

    AT-S62 Command Li ne User’s Guide 133 SET SNMPV3 ACCESS set snmpv3 access= access [securitymodel=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] readview= readview writeview= writeview notifyview= notifyview [storagetype=volatile|nonvolatile] Parameters access Specifies the name of the group, up to 32 alphanumeric characters. [...]

  • Página 134

    Chapter 7: SNMPv3 Commands 134 storagetype Specifies the storage type of this table entry. This is an optional parameter. The options a re: volatile Does not allow you to save the table entry to the configuration file on the switch. This is the default. nonvolatile Allows you to save the table entry to the configuration fi le on the switch. Descrip[...]

  • Página 135

    AT-S62 Command Li ne User’s Guide 135 SET SNMPV3 COMMU NITY Syntax set snmpv3 community index= index communityname= communityname securityname= securityname transporttag= transporttag [storagetype=volatile|nonvolatile] Parameters index Specifies the name of this SNMPv3 Community Table entry, up to 32 al phanumeric characters. communityname Specif[...]

  • Página 136

    Chapter 7: SNMPv3 Commands 136 The following command modifies the community table entry with an index of 52. The community has a password of “ oldmiss71” and a security name of “jjhuser234.” The transport tag is set to “testtag40.” set snmpv3 community index=52 communityname=oldmiss71 securityname=jjhuser234 transporttag=testtag40[...]

  • Página 137

    AT-S62 Command Li ne User’s Guide 137 SET SNMPV3 GROUP Syntax set snmpv3 group username= username [securitymodel=v1|v2c|v3] groupname= groupnam e [storagetype=volatile|nonvolatile] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 As[...]

  • Página 138

    Chapter 7: SNMPv3 Commands 138 Examples The following command modifies the Se curityToGroup Table entry with a user name of “nancy28.” The secur ity model is the SNMPv3 protocol. and the group name is set to engineering. set snmpv3 group username=nancy28 securitymodel=v3 groupname=engineering The following command modifies the Se curityToGroup [...]

  • Página 139

    AT-S62 Command Li ne User’s Guide 139 SET SNMPV3 NOTIFY Syntax set snmpv3 notify= notify tag= tag [type=trap|inform] [storagetype=volatile|nonvolatile] Parameters notify Specifies the name a ssociated with the trap message, up to 32 a lphanumeric characters. tag Specifies the notify tag name, up to 32 alphanumeric characters. type Specifies the m[...]

  • Página 140

    Chapter 7: SNMPv3 Commands 140 The following command mod ifies an SNMPv3 Notif y Table entry called “systemtestinform5.” The no tify tag is “systemte stinform5tag” and the message type is an inform message. set snmpv3 notify=systemtestinform5 tag=systemtestinform5tag type=inform[...]

  • Página 141

    AT-S62 Command Li ne User’s Guide 141 SET SNMPV3 TARGETADDR Syntax set snmpv3 targetaddr= targetaddr params= params ipaddress= ipaddress udpport= udpport timeout= timeout retries= retries taglist= taglist [storagetype=volatile|nonvolatile] Parameters targetaddr Specifies the name of the SNMP entity (NMS or manager) that manages th e SNMP activity[...]

  • Página 142

    Chapter 7: SNMPv3 Commands 142 Description This command modifies an SNMP v3 Target Address Table entry. Examples The following command mod ifies the Target Addre ss Table entry with a value of “snmphost.” The params param eter is set to “t argetparameter7” and the IP address is 19 8.1.1.1. The taglist is set to “systemtesttraptag” and ?[...]

  • Página 143

    AT-S62 Command Li ne User’s Guide 143 SET SNMPV3 TARGETPARAMS Syntax set snmpv3 targetparams= targetparams username= username [securitymodel=v1|v2c|v3] [messageprocessing=v1|v2c|v3] [securitylevel=noauthentication|authentication| privacy] [storagetype=volatile|nonvolatile] Parameters targetparams Specifies the target parameters name, up to 32 alp[...]

  • Página 144

    Chapter 7: SNMPv3 Commands 144 securitylevel Specifies the secur ity level. The options are: noauthentication This option provides no authentication protocol and no privacy protocol. authentication This option provides an authentication protocol, but no privacy protocol. privacy T his option provides an authentication protocol and the privacy proto[...]

  • Página 145

    AT-S62 Command Li ne User’s Guide 145 SET SNMPV3 USER Syntax set snmpv3 user= user [authentication=md5|sha] authpassword =password privpassword =password [storagetype=volatile|nonvolatile] Parameters user Specifies the name of an SNMPv3 user, up to 32 alphanumeric characters. authentication Specifies the authenti cation protocol that is used to a[...]

  • Página 146

    Chapter 7: SNMPv3 Commands 146 Examples The following command modifies a User Table entry called “atiuser104”. The authentication protocol is set to the MD5 protocol and the authentication password is “atlanta 45denver.” The DES privacy protocol is on and the privacy passwo rd is “denve rtoatlanta3.” set snmpv3 user=atiuser104 authentic[...]

  • Página 147

    AT-S62 Command Li ne User’s Guide 147 SET SNMPV3 VIEW Syntax set snmpv3 view= view [subtree=OID|text] mask= mask [type=included|excluded] [storagetype=volatile|nonvolatile] Parameters view Specifies the name of the view, up to 32 alphanumeric characters. subtree Specifies the view sub tree view. Options are: OID A numeric value in hexadecimal for[...]

  • Página 148

    Chapter 7: SNMPv3 Commands 148 Examples The following command modifies the view called “internet1.” The subtree is set to the Internet MIB s and the view type is included. set snmpv3 view=internet1 subtree=internet type=included The following command modifies the view called system. The subtree is set to 1.3.6.1.2. 1 (System MIBs) an d the view[...]

  • Página 149

    AT-S62 Command Li ne User’s Guide 149 SHOW SNMPV3 ACCESS Syntax show snmpv3 access= access Parameter access Specifies an SNMP v3 Access Table entry. Description This command displays the SNMPv3 Ac cess Table. You can display one or all of the table entries. Examples The following command displays the SNMPv3 Ac cess Table entry called “productio[...]

  • Página 150

    Chapter 7: SNMPv3 Commands 150 SHOW SNMPV3 COMMUNITY Syntax show snmpv3 community index= index Parameter index Specifies the name of this SNMPv3 Community Table entry, up to 32 al phanumeric characters. Description This command displays the SNMPv3 Community Table. Yo u can display one or all of the SNMPv3 Community Table entries. Examples The follo[...]

  • Página 151

    AT-S62 Command Li ne User’s Guide 151 SHOW SNMPv3 GROUP Syntax show snmpv3 group username= username [securitymodel=v1|v2c|v3] Parameter username Specifies a user name configured in the SNMPv3 User Table. securitymodel Specifies the security model of the above user name. The options are: v1 Associates the Securi ty Name, or User Name, with the SNM[...]

  • Página 152

    Chapter 7: SNMPv3 Commands 152 SHOW SNMPV3 NOTIFY Syntax show snmpv3 notify= notify Parameter notify Specifies an SNMP v3 Notify Table entry. Description This command displays SNMPv3 Notify Table entri es. You can display one or all of the table entries. Examples The following command dis plays the SNMPv3 Notify Table entry called “testengtrap1?[...]

  • Página 153

    AT-S62 Command Li ne User’s Guide 153 SHOW SNMPV3 TARGETADDR Syntax show snmpv3 targetaddr= targetaddr Parameter targetaddr Specifies an SNMP v3 Target Address Table entry. Description This command displays SNMPv3 Target Address Ta ble entries. You can display one or all of the table entries. Examples The following command displays the SNMPv3 Tar[...]

  • Página 154

    Chapter 7: SNMPv3 Commands 154 SHOW SNMPV3 TARGETPARAMS Syntax show snmpv3 targetparams= targetparams Parameter targetparams Specifies an SNMPv3 Target Parameters Table entry. Description This command displays SNMPv3 Ta rget Parameters Tabl e entries. You can display one or all of the table entries. Examples The following command displays the SNMPv[...]

  • Página 155

    AT-S62 Command Li ne User’s Guide 155 SHOW SNMPV3 USER Syntax show snmpv3 user= user Parameters user Specifies the name of an SNMPv3 user, up to 32 alphanumeric characters. Description This command displays SN MPv3 User Table entries. You can display one or all of the table entries. Examples The following example di splays the SNMPv3 User Table e[...]

  • Página 156

    Chapter 7: SNMPv3 Commands 156 SHOW SNMPV3 VIEW Syntax show snmpv3 view= view [subtree=OID|text] Parameter view Specifies an SNMPv3 View Table entry. subtree Specifies the view sub tree view. Options are: OID A numeric value in hexadecimal format. text Text name of the view. Description This command displays the SNMPv3 Vi ew Table entries. You can [...]

  • Página 157

    157 Chapter 8 Port Parameter Commands This chapter contains the following commands: ❑ ACTIVATE SWITCH PORT on page 158 ❑ DISABLE INTERFACE LINKTRAP on page 159 ❑ DISABLE SWITCH PORT on page 160 ❑ DISABLE SWITCH PORT FLOW on page 161 ❑ ENABLE INTERFACE LINK TRAP on page 162 ❑ ENABLE SWITCH PORT on page 163 ❑ ENABLE SWITCH PORT FLOW on [...]

  • Página 158

    Chapter 8: Port Parameter Commands 158 ACTIVATE SWITCH PORT Syntax activate switch port= port autonegotiate Parameter port Specifies a port. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,5,14-22). Description If a port is using A[...]

  • Página 159

    AT-S62 Command Li ne User’s Guide 159 DISABLE INTERFACE LINKTRAP Syntax disable interface= port linktrap Parameter port Specifies the port where you want to disable SNMP link traps. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,[...]

  • Página 160

    Chapter 8: Port Parameter Commands 160 DISABLE SWITCH PORT Syntax disable switch port= port Parameter port Specifies the port to di sable. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (f or example, 1,5,14-22). Description This command disables a[...]

  • Página 161

    AT-S62 Command Li ne User’s Guide 161 DISABLE SWITCH PORT FLOW Syntax disable switch port= port flow=pause Parameter port Specifies the port where yo u want to deactivate flow control. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for exa mple, 18-23), or both (for example,[...]

  • Página 162

    Chapter 8: Port Parameter Commands 162 ENABLE INTERFACE LINKTRAP Syntax enable interface= port linktrap Parameter port Specifies the port on whic h you want to enable SNMP link traps. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,[...]

  • Página 163

    AT-S62 Command Li ne User’s Guide 163 ENABLE SWITCH PORT Syntax enable switch port= port Parameter port Specifies the port to enable. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (f or example, 1,5,14-22). Description This command enables a por[...]

  • Página 164

    Chapter 8: Port Parameter Commands 164 ENABLE SWITCH PORT FLOW Syntax enable switch port= port flow=pause Parameter port Specifies the port where you want to activate flow control. You can specify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for exa mple, 18-23), or both (for example, 1,5,1[...]

  • Página 165

    AT-S62 Command Li ne User’s Guide 165 RESET SWITCH PORT Syntax reset switch port= port Parameter port Specifies the port to res et. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (f or example, 1,5,14-22). Description This command resets a port. The reset takes less that a second to complete[...]

  • Página 166

    Chapter 8: Port Parameter Commands 166 SET SWITCH PORT Syntax set switch port= port [description=” description ”] [status=enabled|disabled] [speed=autonegotiate|10mhalf|10mfull|10mhauto|10m fauto|100mhalf|100mfull|100mhauto|100mfauto|1000m full|1000mfauto] [mdimode=mdi|mdix|auto] [flowcontrol=disable|enable|auto] [fctrllimit=auto| value ] [back[...]

  • Página 167

    AT-S62 Command Li ne User’s Guide 167 speed Sets the speed and du plex mode of the port. Settings for this parameter are: autonegotiate The port Auto-Negotiates both speed and duplex mode.This is the default setting. 10mhalf 10 Mbps and half-duplex mode. 10mfull 10 Mbps an d full-dup lex mode. 10mhauto 10 Mbps and ha lf-duplex mode with Auto-Nego[...]

  • Página 168

    Chapter 8: Port Parameter Commands 168 When flow control is acti vated, a port sends out a PAUSE packet whenever it wants the end node to stop sending packets. Possible values are: disabled No flow control. enabled Flow cont rol is activated. auto The switch sets flow control to match flow control on the end node connected to the port. If the end n[...]

  • Página 169

    AT-S62 Command Li ne User’s Guide 169 renegotiation Prompts the port to renegotiate its speed and duplex mode with the end node. This parameter only works when the port is using Auto-Negotiation. The only value is: auto Renegotiates with the end node speed and duplex mode. softreset Resets the port. This parameter does not change any of a port’[...]

  • Página 170

    Chapter 8: Port Parameter Commands 170 Description This command sets a port’s operating parameters. You can set more than one parameter at a time. For an explanation of the port parameters, refer to the AT-S62 Management Software Me nus Interface User’s Guide. To configure the fiber optic port on a GB IC or SFP module in Port 49 or 50 of an AT-[...]

  • Página 171

    AT-S62 Command Li ne User’s Guide 171 SET SWITCH PORT RATELIMIT Syntax set switch port=all [rate= value ] [bcastratelimiting=yes|no|on|off|true|false| enabled|disabled] [mcastratelimiting=yes|no|on|off|true|false| enabled|disabled] [unkucastratelimiting=yes|no|on|off|true|false| enabled|disabled] Parameters port Specifies all ports on the switch.[...]

  • Página 172

    Chapter 8: Port Parameter Commands 172 table. Settings for this parameter are: yes, on, true, enabled Activates unknown unicast packet rate limit on the port. The values are equivalent. no, off, false, disable d Deactivates unknown unicast packet rate limit on the port. The values are equivalent. Description This command sets the maximum nu mber of[...]

  • Página 173

    AT-S62 Command Li ne User’s Guide 173 This command changes the ra te limit to 15,000 packets: set switch port=all rate=15000 The following command deactivates un icast rate filterin g on all ports: set switch port=all unkucastratelimiting=disabled[...]

  • Página 174

    Chapter 8: Port Parameter Commands 174 SHOW INTERFACE Syntax show interface= port Parameter port Specifies the port whose interface information you want to display. Yo u can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,5,14-22). Descrip[...]

  • Página 175

    AT-S62 Command Li ne User’s Guide 175 ❑ ifLinkUpDownTrapEnable - Whethe r or not link traps have been enabled for the port, one of the following: enabled - Link traps are enabled. The switch sends an SNMP link trap whenever there is a change to the status of the link on the port. To disable link traps, see DISABLE INTERFACE LINKTRAP on page 159[...]

  • Página 176

    Chapter 8: Port Parameter Commands 176 SHOW SWITCH PORT Syntax show switch port[= port ] Parameter port Specifies the port whose parameter settings you want to view. You can specif y more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a rang e (for example, 18-23), or both (for example, 1,5,14 -22). All p[...]

  • Página 177

    177 Chapter 9 MAC Address Table Commands This chapter contains the following commands: ❑ ADD SWITCH FDB|FILTER on page 178 ❑ DELETE SWITCH FD B on page 180 ❑ RESET SWITCH FDB on page 181 ❑ SET SWITCH AGINGTIMER|AG EINGTIMER on page 182 ❑ SHOW SWITCH AGINGTIMER|A GEINGTIMER on page 183 ❑ SHOW SWITCH FD B on page 184 Note Remember to save[...]

  • Página 178

    Chapter 9: MAC Address Table Commands 178 ADD SWITCH FDB|FILTER Syntax add switch fdb|filter destaddress|macaddress= macaddress port= port vlan= name | vid Note The FDB and FILTER keyw ords are equivalent. Parameters destaddress Specifies the static unicast or multicast address to be macaddress added to the switc h’s MAC address table. The parame[...]

  • Página 179

    AT-S62 Command Li ne User’s Guide 179 Examples The following command adds the st atic MAC address 00:A0:D2:18:1A:11 to port 7. It assumes the port where the MAC address is to be assigned is a member of the Default_VLAN: add switch fdb macaddress=00A0D2181A11 port=7 vlan=default_vlan The following command adds the mult icast MAC address 01:00:51:0[...]

  • Página 180

    Chapter 9: MAC Address Table Commands 180 DELETE SWITCH FDB Syntax delete switch fdb macaddress= macaddress vlan= name | vid Parameters macaddress Specifies the dynamic or static unicast or multicast MAC address to delete from th e MAC address table. The address can be entered in either of the following formats: xxxxxxxxxxxx or xx:xx:xx:xx:xx:xx vl[...]

  • Página 181

    AT-S62 Command Li ne User’s Guide 181 RESET SWITCH FDB Syntax reset switch fdb port= port Parameters port Specifies the port whos e dynamic MAC addresses you want to delete from the MA C address table. You can specify more than on e port at a time. Description This command delet es the dyna mic MAC addresses learned on a specified port. Once a po[...]

  • Página 182

    Chapter 9: MAC Address Table Commands 182 SET SWITCH AGINGTIMER|AGEINGTIMER Syntax set switch agingtimer|ageingtimer= value Parameter agingtimer Specifies the aging timer for the MAC address table. ageingtimer The value is in secon ds . The range is 0 to 1048575 seconds. The default is 300 seconds (5 minutes). Entering the value 0 (zero) disables t[...]

  • Página 183

    AT-S62 Command Li ne User’s Guide 183 SHOW SWITCH AGINGTIMER|AGEINGTIMER Syntax show switch agingtimer|ageingtimer Parameters None. Description This command displays the current setting for the aging timer. The switch uses the aging timer to del ete inactive dynamic MAC addresses from the MAC address table. To set the aging timer, refer to SET SW[...]

  • Página 184

    Chapter 9: MAC Address Table Commands 184 SHOW SWITCH FDB Syntax show switch fdb [address= macaddress ] [port= port ] [status=static|dynamic|multicast] [vlan= name ] Parameters address Specifies a MAC address. U se this parameter to determine the port on the switch on wh ich a particular MAC address was learned (dynamic) or assign ed (static). The [...]

  • Página 185

    AT-S62 Command Li ne User’s Guide 185 The following command displays the static an d dynamic multicast addresses: show switch fdb status=multicast The following command displays the port on wh ich the MAC address 00:A0:D2:18:1A:11 was learned (dynamic) or ad ded (static): show switch fdb address=00A0D2181A11 The following command displays the MAC[...]

  • Página 186

    186 Chapter 10 Port Trunking Commands This chapter contains the following commands: ❑ ADD SWITCH TRUNK on page 187 ❑ CREATE SWITCH TR UNK on page 188 ❑ DELETE SWITCH TR UNK on page 190 ❑ DESTROY SWITCH TR UNK on page 191 ❑ SET SWITCH TRUN K on page 19 2 ❑ SHOW SWITCH TRUNK on page 193 Note Remember to save your changes with the SAVE CON[...]

  • Página 187

    AT-S62 Command Li ne User’s Guide 187 ADD SWITCH TRUNK Syntax add switch trunk= name port= port Parameters trunk Specifies the name of the port trunk to be modified. port Specifies the port to be added to the po rt trunk. You can add more than one port at a time. Yo u can specify the ports individually (for example, 5,7,22), as a range (for examp[...]

  • Página 188

    Chapter 10: Port Trunking Com mands 188 CREATE SWITCH TRUNK Syntax create switch trunk= name port= ports [select=macsrc|macdest|macboth|ipsrc|ipdest| ipboth] Parameters trunk Specifies the name of the trunk. The name can be up to 16 alphanumeric charac ters. No spaces or special characters are allowed. port Specifies the ports to be added to the po[...]

  • Página 189

    AT-S62 Command Li ne User’s Guide 189 Note Before creating a port trunk, ex amine the speed, duplex mode, and flow control settings of the lowest numbered port to be in the trunk. Check to be sure that the settings are correct for the end node to which the trunk will be connected . When you create the trunk, the AT-S62 management so ftware copies[...]

  • Página 190

    Chapter 10: Port Trunking Com mands 190 DELETE SWITCH TRUNK Syntax delete switch trunk= name port= port Parameters trunk Specifies the name of the trunk to be modified. port Specifies the port to be removed from the existing port trunk. You can specify more th an one port at a time. Description This command removes ports from a por t trunk. To view[...]

  • Página 191

    AT-S62 Command Li ne User’s Guide 191 DESTROY SWITCH TRUNK Syntax destroy switch trunk= name Parameter trunk Specifies the name of the trunk to be deleted. Description This command delet es a port trunk fr om a switch. Once a port trunk has been deleted, the ports that made up the trunk can be connected to different end nodes. Caution Disconnect [...]

  • Página 192

    Chapter 10: Port Trunking Com mands 192 SET SWITCH TRUNK Syntax set switch trunk= name select=[macsrc|macdest|macboth|ipsrc|ipdest| ipboth] Parameters trunk Specifies the name of the port trunk. select Specifies the load dist ribution meth od. Options are: macsrc Source MAC address. macdest Destination MAC address. macboth Source address/destinatio[...]

  • Página 193

    AT-S62 Command Li ne User’s Guide 193 SHOW SWITCH TRUNK Syntax show switch trunk Parameters None. Description This command displays the names, ports, and load distribution methods of the port trunks on th e switch. Example The following command displa ys port trunking information: show switch trunk[...]

  • Página 194

    194 Chapter 11 Networking Stack Commands This chapter contains the following commands:  DELETE IP ARP on page 1 95  DELETE TCP on page 196  RESET IP ARP on p age 197  SET IP ARP on page 198  SHOW IP ARP on p age 199  SHOW IP ROUTE on p age 200  SHOW TCP on p age 201 Note Remember to save your changes with the SAVE CONFIGURATION[...]

  • Página 195

    AT-S62 Command Li ne User’s Guide 195 DELETE IP ARP Syntax delete ip arp [ ipaddress |all] Parameter ipaddress Specifies the IP address of the ARP entr y you want to delete from the ARP table. all Specifies the deletion of all non-system ARP entries in the table. Description This command delet es specific or all ARP entries fr om the ARP table. E[...]

  • Página 196

    Chapter 11: Networking Stack Commands 196 DELETE TCP Syntax delete tcp indexnumber Parameter indexnumber Specifies the internal socket ID number assigned to the connection. Enter the in dex number of the TCP connection you want to de lete. The range is 0 to 65535 with a default of 0. To display the index number, refer to SHOW TCP on page 201. Descr[...]

  • Página 197

    AT-S62 Command Li ne User’s Guide 197 RESET IP ARP Syntax reset ip arp Parameter None Description This command delet es all of the tem porary entries in the ARP table. Example The following command deletes all no n-system entries in the ARP table: reset ip arp[...]

  • Página 198

    Chapter 11: Networking Stack Commands 198 SET IP ARP Syntax set ip arp [timeout=integer] Parameter timeout The range is 1 to 26 0000 seconds. The default setting is 400 seconds. Description This command prevents the table from becoming full with inactive entries. It allows you to set the timer for removing temporary entries in the ARP table. Inacti[...]

  • Página 199

    AT-S62 Command Li ne User’s Guide 199 SHOW IP ARP Syntax show ip arp Parameters None Description This command displays the IP addres ses in the ARP table . It includes the following fields: Interface The network interface of a table entry. The switch has two network interfaces. The “loopbac k” designation represents the interface used by the [...]

  • Página 200

    Chapter 11: Networking Stack Commands 200 SHOW IP ROUTE Syntax show ip route Parameter None Description This command displays th e IP route table. It incl udes the following fields: Destination The IP address of a destination network, sub network, or end node. Mask A filter used to designate the acti ve part of the destination IP address. A binary [...]

  • Página 201

    AT-S62 Command Li ne User’s Guide 201 SHOW TCP Syntax show tcp Parameter None Description This command displays the TCP connections and the TCP global information which is MIB variables defined in TCP group. It includes the following fields: RTO min (ms) a nd RTO max (min) Retransmit time algorithm pa rameters. Max connections The maximum number [...]

  • Página 202

    Chapter 11: Networking Stack Commands 202 Out Segs with RST The number of segme nts transmitted with the RST bit set. Total Number of TCP Listening sockets The number of active listening so ckets. There can be a maximum of three listening sockets. One is for the Telnet server, another for SSH, and the last for the web browser server. If a server is[...]

  • Página 203

    AT-S62 Command Li ne User’s Guide 203 Example The following command displays the TCP connections and the TCP global information: show tcp[...]

  • Página 204

    204 Chapter 12 LACP Commands This chapter contains the following commands:  ADD LACP PORT on page 205  CREA TE LACP A GGREGA T OR on page 207  DELETE LACP PORT on page 209  DESTRO Y LACP A GGREGA T OR on page 210  DISABLE LACP on page 211  ENABLE LACP on page 212  SET LACP A GGREGA TOR on page 213  SET LACP PORT on page 214 [...]

  • Página 205

    AT-S62 Command Li ne User’s Guide 205 ADD LACP PORT Syntax add lacp port= port aggregator= name |adminkey= key priority= priority Parameters port Specifies the port to be added to the aggregator. You can add more than one port at a time. Yo u can specify the ports individually (for example, 5,7,22), as a range (for example, 18-20), or bot h (for [...]

  • Página 206

    Chapter 12: LACP Commands 206 Example The following command ad ds ports 8 and 22 to an aggregator named “agg_1”: add lacp port=8,22 aggregator=agg_1 The following command adds port 6 to an aggreg ator with an adminkey number of 1A and assigns th e port a prior ity of 0x10: add lacp port=6 adminkey=0x1a priority=0x10[...]

  • Página 207

    AT-S62 Command Li ne User’s Guide 207 CREATE LACP AGGREGATOR Syntax create lacp aggregator= name adminkey= key port= port [distribution=macsrc|macdest|macboth|ipsrc|ipdest| ipboth] Parameters aggregator Specifies the name of the new aggregator. The name can be up to 20 alphanumer ic characters. No spaces or special character s are allowed. admink[...]

  • Página 208

    Chapter 12: LACP Commands 208 Description This command creates an LACP aggregator. Caution Do not connect the cables to the ports of the aggr egator on th e switch until after you have config ured the aggregator with the management software and ena bled LACP. Connecting the cables before configuring the software and activating the protocol will cre[...]

  • Página 209

    AT-S62 Command Li ne User’s Guide 209 DELETE LACP PORT Syntax delete lacp port= port [aggregator= name ] Parameters port Specifies the port to de lete from an aggregator. You can delete more than one port at a time. You can specify the ports in dividually (for exam ple, 5,7,22), as a range (for example, 18-20), or both (for example, 1,14- 16). ag[...]

  • Página 210

    Chapter 12: LACP Commands 210 DESTROY LACP AGGREGATOR Syntax destroy lacp aggregator= name |adminkey= key Parameter aggregator Specifies the name of the aggregator. The name is case- sensitive. adminkey Specifies the adminkey number of the aggregator. This is a hexadecimal numb er between 0x1 and 0xffff. Description This command deletes an LACP ag [...]

  • Página 211

    AT-S62 Command Li ne User’s Guide 211 DISABLE LACP Syntax disable lacp Parameters None. Description This command disables LACP on the sw itch. The default is disabled. This command is equivalent to SET LACP STATE on page 217. Caution Do not disable LACP if there are defined aggregator s without first disconnecting all cables connec ted to the agg[...]

  • Página 212

    Chapter 12: LACP Commands 212 ENABLE LACP Syntax enable lacp Parameters None. Description This command enables LACP. The defau lt is disabled. This command is equivalent to SET LACP STATE on page 217. Example The following command enables LACP: enable lacp[...]

  • Página 213

    AT-S62 Command Li ne User’s Guide 213 SET LACP AGGREGATOR Syntax set lacp aggregator= name [distribution=macsrc|macdest|macboth|ipsrc|ipdest| ipboth] [adminkey= key ] Parameters aggregator Specifies the name of the aggregator. The name is case-sensitive. distribution Specifies one of the following load distribution methods: macsrc Source MAC addr[...]

  • Página 214

    Chapter 12: LACP Commands 214 SET LACP PORT Syntax set lacp port= port aggregator= name |adminkey= key priority= priority Parameters port Specifies the port to modify. You can modify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for example, 18-20), or both (f or example, 1,14-16). aggregato[...]

  • Página 215

    AT-S62 Command Li ne User’s Guide 215 Note Before adding a port to an aggregat or, verify that the port’s speed is set to Auto-Negotiation or 100 Mb ps, full-duplex. Ag gregate trunks do not support ha lf-duplex mode. Examples The following command ad ds ports 2 and 5 to an aggregator named “switch_trunk”: set lacp port=2,5 aggregator=switc[...]

  • Página 216

    Chapter 12: LACP Commands 216 SET LACP PRIORITY Syntax set lacp priority= priority Parameters priority Specifies the LACP system priority value for a switch. This is a hexadecimal val ue from 0x1 to 0xffff. The lower the number, the higher the priority. The default is 0x0080 Description This command sets the LACP priori ty of the switch. LACP uses [...]

  • Página 217

    AT-S62 Command Li ne User’s Guide 217 SET LACP STATE Syntax set lacp state=enable|disable Parameters state Specifies the sta te of LACP on the swi tch. The options are: enable Enables LACP. This op tion performs the same function as ENABLE LACP on page 212. disable D isables LACP. This is the default. This option performs the same func tion as DI[...]

  • Página 218

    Chapter 12: LACP Commands 218 SHOW LACP Syntax show lacp [port= port |all] [aggregator =name ] [machine= port |all] Parameter port Specifies the port(s) to display. You can specify the ports individually (for exampl e, 5,7,22), as a range (for example, 18-20), or both (f or example, 1,14-16). aggregator Specifies the name of the aggregator. The nam[...]

  • Página 219

    219 Chapter 13 Port Mirroring Commands This chapter contains the following commands: ❑ SET SWITCH MIRROR on page 220 ❑ SET SWITCH PORT MIR ROR on page 221 ❑ SHOW SWITCH MIRROR on page 222 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface User’s Guide for back[...]

  • Página 220

    Chapter 13: Po rt Mirrorin g Commands 220 SET SWITCH MIRROR Syntax set switch mirror= port Parameter mirror Specifies the destination port for the port mirror. This is the port where the traffic from the source ports will be copied. You can specify only one port as the destination port. Specifying “0” (zero) di sables port mirroring. Descriptio[...]

  • Página 221

    AT-S62 Command Li ne User’s Guide 221 SET SWITCH PORT MIRROR Syntax set switch port= port mirror=none|rx|tx|both Parameters port Specifies the source por ts of a port mirror. You can specify more than one port. You can specify the ports individually (for example, 5, 7, 22), as a range (for example, 18-23), or both (f or example, 1, 5, 14-22). mir[...]

  • Página 222

    Chapter 13: Po rt Mirrorin g Commands 222 SHOW SWITCH MIRROR Syntax show switch mirror Parameters None. Description This command displays the source an d destination ports of a port mirror on the switch. Example The following command displays the ports of a port mirror: show switch mirror[...]

  • Página 223

    223 Chapter 14 Statistics Commands This chapter contains the following commands: ❑ RESET SWITCH PORT CO UNTER on page 224 ❑ SHOW SWITCH COUN TER on page 2 25 ❑ SHOW SWITCH PORT CO UNTER on page 226 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface User’s Guid[...]

  • Página 224

    Chapter 14: Statistics Commands 224 RESET SWITCH PORT COUNTER Syntax reset switch port= port counter Parameter port Specifies the port whose statistics counters you want to return to zero. You can sp ecify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a rang e (for example, 18-23), or both (for exam[...]

  • Página 225

    AT-S62 Command Li ne User’s Guide 225 SHOW SWITCH COUNTER Syntax show switch counter Parameters None. Description This command displays operating st atistics, such as t he number of packets received and transmitted, and the number of CRC errors, for the entire switch. For a list of and definitions for the statistics, refer to the AT-S62 Managemen[...]

  • Página 226

    Chapter 14: Statistics Commands 226 SHOW SWITCH PORT COUNTER Syntax show switch port= port counter Parameter port Specifies the port whose statistics you want to view. You can specify more than one port at a time. To view all ports, do not specify a port. Description This command displays the operating statistics for a port on the switch. Examples [...]

  • Página 227

    227 Chapter 15 File System Commands This chapter contains the following commands: ❑ COPY on page 228 ❑ CREATE CONFIG on page 229 ❑ DELETE FILE on page 230 ❑ RENAME on page 231 ❑ SET CONFIG on page 232 ❑ SHOW FILE on page 234 Note Refer to the AT-S62 Management Software Menus Interface User’s Guide for background information on the swi[...]

  • Página 228

    Chapter 15: File System Commands 228 COPY Syntax copy “ filename1.ext ” “ filename2.ext ” Parameters filename1.ext Specifies the name of the file to be copied. If the name contains spaces, it must be enclosed in double quotes. Otherwise, the quotes are optional. filename2.ext Specifies the name of the copy. If the name contains spaces, it m[...]

  • Página 229

    AT-S62 Command Li ne User’s Guide 229 CREATE CONFIG Syntax create config=” filename .cfg” Parameter config Specifies the name of a new configuration file. If the filename contains spaces, it must be enclosed in double quotes. Otherwise, the quotes are optional. Description This command creates a new configuration fi le containing the commands[...]

  • Página 230

    Chapter 15: File System Commands 230 DELETE FILE Syntax delete file=” filename ” Parameter file Specifies the name of the file to be deleted. A name with spaces must be enclosed in double quotes. Otherwise, the quotes are optional. You cannot use wildcards. Description This command deletes a file from the f ile system. To list the files in the [...]

  • Página 231

    AT-S62 Command Li ne User’s Guide 231 RENAME Syntax rename “ filename1.ext ” “ filename2.ext ” Parameters filename1.ext Specifies the name of the file to be renamed. If the name contains spaces, enclose it in double quotes. Otherwise, the quotes are optional. filename2.ext Specifies the n ew name for the file. The filename can be from 1 t[...]

  • Página 232

    Chapter 15: File System Commands 232 SET CONFIG Syntax set config=” filename .cfg” Parameter config Specifies the name of the configuration file to act as the active configuration file for the switch. The name can be from 1 to 16 alph anumeric characters, not including the extension “.cfg”. If the filename contains spaces, it mu st be enc l[...]

  • Página 233

    AT-S62 Command Li ne User’s Guide 233 Example The following command sets the ac tive boot configuration file to switch22.cfg: set config=switch22.cfg The switch uses the switch22.cfg conf iguration file to configure its settings the next time the unit is reset.[...]

  • Página 234

    Chapter 15: File System Commands 234 SHOW FILE Syntax show file=” filename ” Parameter file Specifies the name of the file to be displayed. Use double quotes to enclose the name if it contains spaces. Otherwise, th e quotes are optional. Description This command displays a li st of the files in the sw itch’s file system. You can use the wildc[...]

  • Página 235

    235 Chapter 16 File Download and Upload Commands This chapter contains the following commands: ❑ LOAD METHOD=LOCAL on page 236 ❑ LOAD METHOD=TFT P on page 238 ❑ LOAD METHOD=XMODEM on page 242 ❑ UPLOAD METHOD=LOCAL on page 246 ❑ UPLOAD METHOD=REMOTES WITCH on page 248 ❑ UPLOAD METHOD=TFTP on page 253 ❑ UPLOAD METHOD=XMODEM on page 256 [...]

  • Página 236

    Chapter 16: File Downlo ad and Uplo ad Commands 236 LOAD METHOD=LOCAL Syntax load method=local destfile=appblock srcfile|file= filename Parameters method Specifies a local download. destfile Specifies the applicat ion block (APPBLOCK) of the switch’s flash memory. This is the area of memory reserved for the switch’s active AT-S62 image file. sr[...]

  • Página 237

    AT-S62 Command Li ne User’s Guide 237 ❑ Once you have downloaded an image file from the file system to the application block, you can de lete the image file from the file system to free up sp ace for other files. Example This command downloads an AT-S62 image file already stored in the switch’s file system into th e application block, whic h [...]

  • Página 238

    Chapter 16: File Downlo ad and Uplo ad Commands 238 LOAD METHOD=TFTP Syntax load method=tftp destfile=appblock| filename server= ipaddress srcfile|file= filename Parameters method Specifies a TFTP download. destfile Specifies the destination file name for the file. This is the name given to the file when it is stored in the switch’s file system. [...]

  • Página 239

    AT-S62 Command Li ne User’s Guide 239 Note In previous versions of the AT-S6 2 management software this command also performed switch to switch file transfers for copying files from a master switch to other switches in an enhanced stack. That function is now part of UPLOAD METHOD=REMOTESWITCH on page 248 The DESTFILE parameter specifies a name fo[...]

  • Página 240

    Chapter 16: File Downlo ad and Uplo ad Commands 240 ❑ There must be a node on your n etwork that cont ains TFTP server software and the file to be downloaded must be stored on the server. ❑ You should start the T FTP server software be fore you perform the download command. ❑ The switch where you are downloa ding the file must have an IP addr[...]

  • Página 241

    AT-S62 Command Li ne User’s Guide 241 Examples The following command downloads a new configuration file into the switch’s file system using TFTP. The configuration file is stored as “sw 111.cfg” on the TFTP server and is given the name “sw56a.cfg” when stored in the switch ’s file system. The TFTP se rver has the IP address 149.55.55.[...]

  • Página 242

    Chapter 16: File Downlo ad and Uplo ad Commands 242 LOAD METHOD=XMODEM Syntax load method=xmodem destfile=appblock| filename Parameters method Specifies an Xmodem download. destfile Specifies the destination file name for the file. This is the name given to the file when it is stored in the switch’s file system. The name can be from 1 to 15 alpha[...]

  • Página 243

    AT-S62 Command Li ne User’s Guide 243 The APPBLOCK option of the DESTFILE parameter refers to the switch’s application block, which is the portion of flash memory reserved for the active AT-S62 image. This option downl oads a new version of the AT-S62 image file into the appli cation block, making it the active image file on the switch. Note Th[...]

  • Página 244

    Chapter 16: File Downlo ad and Uplo ad Commands 244 Note Downloading an AT-S62 image file in to a switch’s file system rather than into the applicatio n block should be perfor m with care. The file will take up most of the 2 megabytes of spac e in the file system, leaving little room for other files, such as configuration files and SSL certificat[...]

  • Página 245

    AT-S62 Command Li ne User’s Guide 245 The following command downloads a new version of the AT-S62 image file to the switch’s f ile system instead of the a pplication block. It does this by replacing the APPBLOCK optio n with a filename, in this case “ats62v1_3_0.img”. The image file is stored in the swit ch’s file system with this name: l[...]

  • Página 246

    Chapter 16: File Downlo ad and Uplo ad Commands 246 UPLOAD METHOD=LOCAL Syntax upload method=local destfile= filename srcfile|file=appblock Parameters method Specifies a local upload. destfile Specifies a filename for the AT-S62 image file. If the name contains spaces, enc lose the name in quotes. srcfile or file Specifies the application block (AP[...]

  • Página 247

    AT-S62 Command Li ne User’s Guide 247 Example The following command uploads th e active AT-S62 image from the switch’s application block to the f ile system and assigns it the name “sw12 s62 image.img”: upload method=local destfile=”sw12 s62 image.img” src=appblock[...]

  • Página 248

    Chapter 16: File Downlo ad and Uplo ad Commands 248 UPLOAD METHOD=REMOTESWITCH Syntax upload method=remoteswitch srcfile|file=appblock|switchcfg| filename switchlist= switches [verbose=yes|no|on|off|true|false] Parameters method Specifies a switch to switch upload. srcfile or file Specifies the file to be uploaded from the master switch. Options ar[...]

  • Página 249

    AT-S62 Command Li ne User’s Guide 249 This command offers a simply means fo r updating multiple switches in a stack. For instance, to up date switches with a new version of the AT-S62 image file, you ca n update the master switch fi rst and then use a switch to switch upload to update the other switches in the stack. You can also have a ma ster s[...]

  • Página 250

    Chapter 16: File Downlo ad and Uplo ad Commands 250 system. To select the switch’s curr ent configuration file, use the SWITCHCFG option of the SRCFILE or FILE parameter. To upload another configuration file, om it the SWITCHCFG option and instead specify the file’s name. ❑ If you use the SWITCHCFG option to upload the switch’s current boot[...]

  • Página 251

    AT-S62 Command Li ne User’s Guide 251 Examples The following command uploads the active AT-S62 image file on a master switch to switch 2 in an en hanced stack. (Swi tch numbers are displayed with SHOW RE MOTELIST on page 35.) upload method=remoteswitch srcfile=appblock switchlist=2 The active AT-S62 image fi le on the master switch is indicated w[...]

  • Página 252

    Chapter 16: File Downlo ad and Uplo ad Commands 252 The following command uploads the configuration file “sales_switches.cfg” from a master switch to switch 4: upload method=remoteswitch srcfile=sales_switches.cfg switchlist=4 After the switch receives the file, it marks the fi le as its active boot configuration file and a utomatically resets [...]

  • Página 253

    AT-S62 Command Li ne User’s Guide 253 UPLOAD METHOD=TFTP Syntax upload method=tftp destfile= filename server= ipaddress srcfile|file=switchcfg| filename |appblock Parameters method Specifies a TFTP upload. destfile Specifies a filename for th e uploaded file . This is the name given the file when it is stored on the TFTP server. If the name conta[...]

  • Página 254

    Chapter 16: File Downlo ad and Uplo ad Commands 254 ❑ Start the TFTP server software before you perform the command. ❑ The switch from where you are uplo ading the file must have an IP address and subnet ma sk, such as a master swi tch of an enhanced stack. To upload a file from a sw itch that does not have an IP address, such as a slave switch[...]

  • Página 255

    AT-S62 Command Li ne User’s Guide 255 The following command uses TFTP to upload the switch’s active configuration file from the file syst em to a TFTP serve r with the IP address 149.11.11.11. The active boot file is sign ified with the SWITCHCFG option rather than by its filename. Th is option is useful in situations where you do not know the [...]

  • Página 256

    Chapter 16: File Downlo ad and Uplo ad Commands 256 UPLOAD METHOD=XMODEM Syntax upload method=xmodem srcfile|file=switchcfg| filename |appblock Parameters method Specifies an Xmodem upload. srcfile or file Specifies the file to be uploaded. Options are: switchcfg Uploads the switch’s active boot configuration file. filename Specifies the name of [...]

  • Página 257

    AT-S62 Command Li ne User’s Guide 257 ❑ filename - Uploads a file fr om the switch’s file system. This differs from the SWITCHCFG parameter in that the latter uploads just the active boot configuration file, while this parameter can upload any file in the swi tch’s file system. ❑ APPBLOCK - Uploads the switch’s active AT-S62 image file.[...]

  • Página 258

    258 Chapter 17 Event Log and Syslog Server Commands This chapter contains the following commands: ❑ ADD LOG OUTPUT on page 259 ❑ CREATE LOG OUTP UT on page 2 62 ❑ DESTROY LOG OUTPU T on page 266 ❑ DISABLE LOG on page 267 ❑ DISABLE LOG OUTPU T on page 2 68 ❑ ENABLE LOG on page 269 ❑ ENABLE LOG OUTPUT on page 270 ❑ PURGE LOG on page 2[...]

  • Página 259

    AT-S62 Command Li ne User’s Guide 259 ADD LOG OUTPUT Syntax add log output= id_number module=all| module severity=all| severity Parameters output Specifies the ID number of a syslog server definition. module Specifies the AT-S62 modules whose events are to be sent to the syslog ser ver. The available options are: all Sends events from all modules[...]

  • Página 260

    Chapter 17: Event Log and Syslog Server Commands 260 The second step is to c ustomize the definition by specifying which event messages generated by the switch are to be sent to syslog server. This is accomplished with this command. You can c ustomize the definition so that the switch sends all of its event messages to th e server or limit it to ju[...]

  • Página 261

    AT-S62 Command Li ne User’s Guide 261 The following command configures sys log server definit ion 5 to send warning and error event messages from the spanning tr ee protocol and VLAN modules to the syslog server: add log output=4 module=stp,vlan severity=e,w[...]

  • Página 262

    Chapter 17: Event Log and Syslog Server Commands 262 CREATE LOG OUTPUT Syntax create log output= id_number destination=syslog server= ipaddress [facility=default|local1|local2|local3|local4|loc al5|local6|local7] [syslogformat=extended|normal] Parameters output Specifies an ID numbe r for the new syslog server definition. The range is 2 to 20. Each[...]

  • Página 263

    AT-S62 Command Li ne User’s Guide 263 Description This command creates a new syslog server definition. The switch uses the definition to send event messa ges to a syslog server on your network. You can create up to nineteen syslog server definitions. After you create a new s yslog server definition with this command, you must customize it by defi[...]

  • Página 264

    Chapter 17: Event Log and Syslog Server Commands 264 For example, the setting of DEFAULT assigns port mirroring events a code of 22 and encryption key events a code of 4. Table 2 Applicable RFC 3164 Numerica l Code and AT-S62 Module Mappings Numerical Code RFC 3164 Facility AT-S62 Module 4 Security and authorization messages Security modules: - PSE[...]

  • Página 265

    AT-S62 Command Li ne User’s Guide 265 Another option is to as sign all events from a swi tch the same numerical code using the LOCAL1 to LOCAL2 options. Each option represents a predefined RFC 3164 numerical code . The code mappings are listed in Table 3. For example, selecting LOCAL2 as the facility level assigns the numerical code of 18 to all [...]

  • Página 266

    Chapter 17: Event Log and Syslog Server Commands 266 DESTROY LOG OUTPUT Syntax destroy log output= id_number Parameters output Specifies the ID nu mber of the syslog server definition to be deleted . The range is 2 to 20. Description This command deletes a syslog server definition. You can delete only one definition at a time. To disable the defini[...]

  • Página 267

    AT-S62 Command Li ne User’s Guide 267 DISABLE LOG Syntax disable log Parameters None. Description This command disables th e event log module. When the log is disabled, the AT-S62 management software stops storin g events in the log and sending events to the syslog servers. The default setting for the event log is enabled. Note The event log, eve[...]

  • Página 268

    Chapter 17: Event Log and Syslog Server Commands 268 DISABLE LOG OUTPUT Syntax disable log output[= id_number ] Parameters output Specifies the ID nu mber of the syslog server definition to disable. The range is 2 to 20. You can specify only one ID number at a time. Omitting an ID number disables all s yslog server definitions. Description This com[...]

  • Página 269

    AT-S62 Command Li ne User’s Guide 269 ENABLE LOG Syntax enable log Parameters None. Description This command activates the event log. The switch begins to add events in the log and send events to define d syslog servers. The default setting for the event log is enabled. Example The following command activates the event log module on the switch: e[...]

  • Página 270

    Chapter 17: Event Log and Syslog Server Commands 270 ENABLE LOG OUTPUT Syntax enable log output[= id_number ] Parameters output Specifies the ID nu mber of the syslog server definition you want to ena ble. The range is 2 to 20. You can specify only one ID number at a time. Omitting an ID number en ables all syslog server definitions. Description Th[...]

  • Página 271

    AT-S62 Command Li ne User’s Guide 271 PURGE LOG Syntax purge log=temporary Parameter log Specifies the location of the event log. There is only one option: temporary Specifies tem porary memory. Deletes all events stored in the event log in temporary memory. The log has a storage capacity of 4,000 events. Description This command deletes all entr[...]

  • Página 272

    Chapter 17: Event Log and Syslog Server Commands 272 SAVE LOG Syntax save log=temporary filename=” filename .log” [full] [module= module ] [reverse] [severity= severity ] [overwrite] Parameters log Specifies the location of the event log whose messages you want to sa ve. There is only one option: temporary Specifies tempo rary memory . The log [...]

  • Página 273

    AT-S62 Command Li ne User’s Guide 273 overwrite Overwrites the file if it already exists. Without this option, the command displays an error if a file with the same name already exists in the file system. Description This command saves the current entri es in the event log to a file in the switch’s file system. The parameter s in the comman d a[...]

  • Página 274

    Chapter 17: Event Log and Syslog Server Commands 274 SET LOG FULLACTION Syntax set log fullaction temporary=halt|wrap Parameter temporary Specifies the action of the event log when it reaches maximum capacity. The possible actions are: halt Stops stor ing new events. wrap Deletes the oldest entries when adding new ones. This is the default. Descrip[...]

  • Página 275

    AT-S62 Command Li ne User’s Guide 275 SET LOG OUTPUT Syntax set log output= id_number [destination=syslog} [server= ipaddress ] [facility=default|local1|local2|local3|local4| local5|local6|local7] [syslogformat=extended|normal] [module= all | module ] [severity=all| severity-list ] Parameters output Specifies the ID nu mber of the syslog server d[...]

  • Página 276

    Chapter 17: Event Log and Syslog Server Commands 276 syslogformat Specifies the format of the event messages. The options are: extended Sends the severity, module, and description, date, ti me, and switch’s IP address for each even t. This is the default. normal Sends only the severity, module, and description. module Specifies the AT-S62 modules[...]

  • Página 277

    AT-S62 Command Li ne User’s Guide 277 Examples The following command changes th e IP address for syslog server definition 3 to 198.45.12.1: set log output=3 server=198.45.12.1 The following command changes the facility level and message format for syslog server definition 4. The facility level is changed to LOCAL1 (numerical code 17) and the form[...]

  • Página 278

    Chapter 17: Event Log and Syslog Server Commands 278 SHOW LOG Syntax show log=temporary [full] [module= module ] [reverse] [severity= severity ] Parameters log Specifies the location of the event log. The only option is: temporary Displays the events stored in temporary memory which can contain up to 4,000 events. full Controls the format of the ev[...]

  • Página 279

    AT-S62 Command Li ne User’s Guide 279 Description This command displays the entri es stored in the switch’s event log. An event log can display entries in two modes: normal and full. In the normal mode, a log dis plays the time, module, sev erity, and description for each entry. In the fu ll mode, a log al so displays the filename, line number,[...]

  • Página 280

    Chapter 17: Event Log and Syslog Server Commands 280 The log can display its entries in chronological order (oldest to newest), or reverse chronological order (newest to old est). The default is chronological order. To reverse the order, u se the REVERSE parameter. MGMTACL Management acces s control list PACCESS 802.1x port-bas ed access control PC[...]

  • Página 281

    AT-S62 Command Li ne User’s Guide 281 The SEVERITY parameter displays entri es of a particular severity. Table 5 defines the different sever ity levels. You can sp ecify more than one severity level at a time. Th e default is error, warn ing, and informational messages. Table 5 Event Log Severity Levels An example of the event log is sho w n in F[...]

  • Página 282

    Chapter 17: Event Log and Syslog Server Commands 282 The columns in the lo g are described below: ❑ S (Severity) - Th e event’s severity. Table 5 on page 281 defines the different severity levels. ❑ Date/Time - The date and time the event occurred. ❑ Event - The module within the AT -S62 soft ware that generated the event followed by a brie[...]

  • Página 283

    AT-S62 Command Li ne User’s Guide 283 SHOW LOG OUTPUT Syntax show log output[= id_number ] [full] Parameters output Specifies the ID number of the event log or a syslog server definition. If an output ID number is not specified, all output defini tions currently configured on the switch are displayed. full Displays the details of the syslog serve[...]

  • Página 284

    Chapter 17: Event Log and Syslog Server Commands 284 Examples The following command lists all the output definitions on the switch: show log output The following command displays information abo ut the event log: show log output=1 full The following command displays complete information about syslog server definition 5: show log output=5 full[...]

  • Página 285

    AT-S62 Command Li ne User’s Guide 285 SHOW LOG STATUS Syntax show log status Parameter None. Description This command displays information about the event log feature. Following is an example of what is displayed with this command: Event Log Confi guration: Event Logging .......... ......... . Enabled Number of Outpu t Definitio ns ..... 4 The Ev[...]

  • Página 286

    286 Chapter 18 Classifier Commands This chapter contains the following commands: ❑ CREATE CLASSIFIER on page 287 ❑ DESTROY CLASSIFIER on page 291 ❑ PURGE CLASSIFIER on page 292 ❑ SET CLASSIFIER on page 293 ❑ SHOW CLASSIFIER on page 297 Note Remember to use the SAVE CO NFIGURATION co mmand to save your changes on the switch. Note Refer to [...]

  • Página 287

    AT-S62 Command Li ne User’s Guide 287 CREATE CLASSIFIER Syntax create classifier= idnumber [description=” string ”] [macdaddr= macaddress |any] [macsaddr= macaddress |any] [ethformat=ethii-untagged|ethii-tagged|802.2- untagged|802.2-tagged|any] [priority= integer |any] [vlan= name |1..4094|any] [protocol=ip|arp|rarp| number |any] [iptos= inte[...]

  • Página 288

    Chapter 18: Classifier Commands 288 priority Specifies the user priori ty level in a tagged Ethernet frame. The value can be 0 to 7. vlan Specifies a tagged or port-based VLAN by its name or VID number. protocol Specifies a Layer 2 protocol. Options are: ❑ IP ❑ ARP ❑ RARP You can specify other Layer 2 protocols by entering the protocol number[...]

  • Página 289

    AT-S62 Command Li ne User’s Guide 289 ipsaddr S pecifies a source IP ad dress. The address can be of a specific node or a subnet. If the latter, a mask must be included to indicate the subnet portion of the address. For an explanation of the mask, refer to the IPDADDR parameter. tcpsport Specifies a source TCP port. tcpdport Specifies a d estinat[...]

  • Página 290

    Chapter 18: Classifier Commands 290 Examples This command creates a clas sifier for all IP traffic: create classifier=4 description=”IP flow” protocol=ip This command creates a classifier for all traffic or iginating from the subnet 149.22.22.0 dest ined to the device with the IP address 149.44.44.11: create classifier=4 description=”subnet f[...]

  • Página 291

    AT-S62 Command Li ne User’s Guide 291 DESTROY CLASSIFIER Syntax destroy classifier= idnumber Parameters classifier Specifies the ID number of the classifier to be deleted. The number can be from 1 to 9999. You can delete more than one classifier at a time. You ca n specify the classifiers individually (e.g., 2,5,7) as a range (e.g., 11- 14), or b[...]

  • Página 292

    Chapter 18: Classifier Commands 292 PURGE CLASSIFIER Syntax purge classifier Parameters None. Description This command deletes all classifiers from the switch. You cannot delete a classifier if it belongs to an ACL or QoS policy that has already been assigned to a port. You must first remove the port assignments from the ACL or policy before you ca[...]

  • Página 293

    AT-S62 Command Li ne User’s Guide 293 SET CLASSIFIER Syntax set classifier= idnumber [description=” string ”] [macdaddr= macaddress |any] [macsaddr= macaddress |any] [priority= integer ] [vlan= name |1..4094|any] [protocol=ip|arp|rarp| number |any] [iptos= integer |any] [ipdscp= integer |any] [ipprotocol= protocol | number |any] [ipdaddr= ipa[...]

  • Página 294

    Chapter 18: Classifier Commands 294 protocol Specifies a Layer 2 protocol. Options are: ❑ IP ❑ ARP ❑ RARP You can specify a dditional Layer 2 protocols by entering the protocol numbe r in either decimal or hexadecimal format. For the latter, precede the number with “0x”. iptos Specifies a Type of Servic e value. The range is 0 to 7. ipdsc[...]

  • Página 295

    AT-S62 Command Li ne User’s Guide 295 tcpsport Specifies a source TCP port. tcpdport Specifies a d estination TCP port. udpsport Specifies a source UDP port. udpdport Specifies a destination UDP port. tcpflags Specifies a TC P flag. Options are ❑ URG - Urgent ❑ ACK - Acknowledgement ❑ RST - Reset ❑ PSH - Push ❑ SYN - Synchronization ❑[...]

  • Página 296

    Chapter 18: Classifier Commands 296 This command removes the current setting for the UDP destination port variable from classifier ID 5 without assigning a new value: set classifier=5 udpdport=any[...]

  • Página 297

    AT-S62 Command Li ne User’s Guide 297 SHOW CLASSIFIER Syntax show classifier[= idnumber ] Parameters classifier Specifies the ID of the classifier you want to view. You can specify more than one cl assifier at a time. Description This command displays the classifiers on a switch. Examples This command displays a ll of the classifiers: show classi[...]

  • Página 298

    298 Chapter 19 ACL Commands This chapter contains the following commands: ❑ CREATE ACL on page 299 ❑ DESTROY ACL on page 301 ❑ PURGE ACL on page 302 ❑ SET ACL on page 303 ❑ SHOW ACL on page 305 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface User’s Guid[...]

  • Página 299

    AT-S62 Command Li ne User’s Guide 299 CREATE ACL Syntax create acl= integer [description=” string ”] [action=deny|permit] classifierlist= integer [portlist= ports ] Parameters acl Specifies an ID number for the ACL. The number can be from 0 to 255. Each AC L must have a unique ID number. description Specifies a descriptio n for the ACL. A des[...]

  • Página 300

    Chapter 19: ACL Commands 300 Example The following command creates an AC L that discards the ingress traffic flow specified in classifier ID 18 and applies the ACL to port 4: create acl=12 description=”IP flow deny” action=deny classifierlist=18 portlist=4 The following command creates an AC L that discards the ingress traffic flows specified i[...]

  • Página 301

    AT-S62 Command Li ne User’s Guide 301 DESTROY ACL Syntax destroy acl= integer Parameters acl Specifies ID number of th e ACL you want to delete. You can delete more th an ACL at a time. Description This command delet es an ACL from the switch. Example The following command del etes ACL IDs 14 and 17: destroy acl=14,17[...]

  • Página 302

    Chapter 19: ACL Commands 302 PURGE ACL Syntax purge acl Parameters None. Description This command deletes all ACLs on the s witch. Example This command deletes all ACLs on the s witch: purge acl[...]

  • Página 303

    AT-S62 Command Li ne User’s Guide 303 SET ACL Syntax set acl= integer [description= string ] [action=deny|permit] [classifierlist= integer ] [portlist= ports |none] Parameters acl Specifies the ID number of the ACL you want to modify. The number can be from 0 to 255. You can modify only one ACL at a time. description Specifies a new descript ion [...]

  • Página 304

    Chapter 19: ACL Commands 304 Description This command modifies an ACL. Yo u can use the command to change the description, action, classi fiers, and ports of an ACL. Example This command changes the description of ACL ID 4: set acl=4 description=”ARP flow” This command changes the action of AC L ID 6 to permit and reassigns it to ports 4 to 7: [...]

  • Página 305

    AT-S62 Command Li ne User’s Guide 305 SHOW ACL Syntax show acl[= integer ] Parameters acl Specifies the ID of the ACL yo u want to view. You can specify more than one ACL at a time. Description This command displays th e ACLs on the switch. Example This command displays all of the ACLs: show acl This command displays ACL ID 22: show acl=22[...]

  • Página 306

    306 Chapter 20 Quality of Service (QoS) Commands This chapter contains the following commands: ❑ ADD QOS FLOWGROUP on page 308 ❑ ADD QOS POLICY on page 309 ❑ ADD QOS TRAFFICCL ASS on page 310 ❑ CREATE QOS FLOWGROU P on page 3 11 ❑ CREATE QOS POLICY on page 314 ❑ CREATE QOS TRAFFICCL ASS on page 320 ❑ DELETE QOS FLOWGRO UP on page 324 [...]

  • Página 307

    AT-S62 Command Li ne User’s Guide 307 ❑ SHOW QOS POLICY on page 342 ❑ SHOW QOS TRAFFICCLASS on page 343 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface User’s Guide for background info rmation on Quality of Service.[...]

  • Página 308

    Chapter 20: Quality of Service (QoS) Commands 308 ADD QOS FLOWGROUP Syntax add qos flowgroup= integer classifierlist= integers Parameter flowgroup Specifies the ID number of the flow group you want to modify. You can modify on ly one flow group at a time. classifierlist Specifies the new clas sifiers for the flow group. The new classifiers are adde[...]

  • Página 309

    AT-S62 Command Li ne User’s Guide 309 ADD QOS POLICY Syntax add qos policy= integer trafficclasslist= integers Parameter policy Specifies the ID number of the policy you want to modify. You can modify only one policy at a time. trafficclasslist Specifies the new traffic classes of the policy. Traffic classes already assigned to the policy are ret[...]

  • Página 310

    Chapter 20: Quality of Service (QoS) Commands 310 ADD QOS TRAFFICCLASS Syntax add qos trafficclass= integer flowgrouplist= integers Parameter trafficclass Specifies th e ID number of the tr affic class you want to modify. You can modify on ly one traffic class at a time. flowgrouplist Specifies the new flow groups of the traffic class. The new flow[...]

  • Página 311

    AT-S62 Command Li ne User’s Guide 311 CREATE QOS FLOWGROUP Syntax create qos flowgroup= integer [description=” string ”] [markvalue= integer |none] [priority= integer |none] [remarkpriority=yes|no|on|off|true|false] [classifierlist= integers |none] Parameters flowgroup Specifies an ID number for the flow group. E ach flow group on the switch [...]

  • Página 312

    Chapter 20: Quality of Service (QoS) Commands 312 remarkpriority Replaces th e user priority value in the packets with the new value specified with the PRIORITY parameter. This parameter is ignored if the PRIORITY parameter is omitted or set to NONE. Options are: yes, on, true Replaces the use r priority value in the packets with the new value spec[...]

  • Página 313

    AT-S62 Command Li ne User’s Guide 313 This command creates a flow group wh ose DSCP value is changed to 59. The MARKVALUE para meter overwrites the current DSCP value in the packets, meaning the packets leave th e switch with the new value. The classifiers of the flow group are 3, 14, and 24: create qos flowgroup=10 description=”DSCP 59 flow”[...]

  • Página 314

    Chapter 20: Quality of Service (QoS) Commands 314 CREATE QOS POLICY Syntax create qos policy= integer [description=” string ”] [indscpoverwrite= integer |none] [remarkindscp=all|none] [trafficclasslist= integers |none] [ingressport= port |all|none] [egressport= port |none] Parameters policy Specifies an ID number for the policy. Each policy on [...]

  • Página 315

    AT-S62 Command Li ne User’s Guide 315 ingressport Specifies the ingress por ts to which the policy is to be assigned. Ports can be identified individually (e.g., 5,7,22), as a range (e .g., 18-23), or both (e.g., 1,5,14-22). A port can be an ingress po rt of only one policy at a time. If a port is already an ingress port of a policy, you must rem[...]

  • Página 316

    Chapter 20: Quality of Service (QoS) Commands 316 QoS Command Sequence Examples Creating a QoS policy involves a comm and sequence that creates one or more classifiers, a flow group, a traffic class, an d finally the policy. The following sections contain examples of the command sequences for different types of policies. Example 1: Voice Applicatio[...]

  • Página 317

    AT-S62 Command Li ne User’s Guide 317 of a policy concerning packets c oming from the application. The classifier for Policy 11 specif ies the address as a destination address since this classifier is pa rt of a policy co ncerning packets going to the application. ❑ Flow Groups - Specify the new prior ity level of 7 fo r the packets. It should [...]

  • Página 318

    Chapter 20: Quality of Service (QoS) Commands 318 create qos policy=17 description=”video flow” trafficclasslist=19 ingressport=1 Policy 32 Commands: create classifier=42 description=”video flow” ipdadddr=149.44.44.44 create qos flowgroup=36 description=”video flow” priority=4 classifierlist=42 create qos trafficclass=21 description=”[...]

  • Página 319

    AT-S62 Command Li ne User’s Guide 319 Policy 15 Commands: create classifier=42 description=database ipsadddr=149.44.44.44 create qos flowgroup=36 description=database classifierlist=42 create qos trafficclass=21 description=database maxbandwidth=50 flowgrouplist=36 create qos policy=15 description=database trafficclasslist=21 ingressport=1 Policy[...]

  • Página 320

    Chapter 20: Quality of Service (QoS) Commands 320 CREATE QOS TRAFFICCLASS Syntax create qos trafficclass= integer [description=” string ”] [exceedaction=drop|remark] [exceedremarkvalue= integer |none] [markvalue= integer |none] [maxbandwidth= integer |none] [burstsize= integer |none] [priority= integer |none] [remarkpriority=yes|no|on|off|true|[...]

  • Página 321

    AT-S62 Command Li ne User’s Guide 321 A new DSCP value can be set at all three levels: flow group, traffic class, and policy. A DSCP value specified in a flow grou p overrides a DSCP value specified at th e traffic class or policy level. A DSCP value specified at th e traffic cla ss level is used only if no value ha s been specified at the flow g[...]

  • Página 322

    Chapter 20: Quality of Service (QoS) Commands 322 the traffic. However, no unused tokens will accumulate in the buck et. If the traffic increases, the excess traf fic will be discarded since no tokens are available for handling the increase. If the traffic is below the maximum bandwidth, unused toke ns will accumulate in the bucket since the ac tua[...]

  • Página 323

    AT-S62 Command Li ne User’s Guide 323 yes, on, true Replaces the u ser priority value in the packets with the new value specified with the PRIORITY parameter. no, off, false Does not re place the user priority value in the packets with the new value specified in with the PRIORITY parameter. This is the default. flowgrouplist Specifies the flow gr[...]

  • Página 324

    Chapter 20: Quality of Service (QoS) Commands 324 DELETE QOS FLOWGROUP Syntax delete qos flowgroup= integer classifierlist= integers Parameter flowgroup Specifies the ID number of the flow group you want to modify. You can modify on ly one flow group at a time. classifierlist Specifies the classifi ers you want to remove from the flow group. Separa[...]

  • Página 325

    AT-S62 Command Li ne User’s Guide 325 DELETE QOS POLICY Syntax delete qos policy= integer trafficclasslist= integers Parameter policy Specifies the ID number of the policy you want to modify. You can modify only one policy at a time. trafficclasslist Specifies the IDs of the traffi c classes you want to remove from the policy. Se parate multiple [...]

  • Página 326

    Chapter 20: Quality of Service (QoS) Commands 326 DELETE QOS TRAFFICCLASS Syntax delete qos trafficclass= integer flowgrouplist= integers Parameter flowgroup Specifies the ID number of the traffic class you want to modify. You can modify on ly one traffic class at a time. flowgrouplist Specifies the IDs of the flow groups you want to remove from th[...]

  • Página 327

    AT-S62 Command Li ne User’s Guide 327 DESTROY QOS FLOWGROUP Syntax destroy qos flowgroup= integer Parameter flowgroup Specifies the ID number of the flow group you want to delete. You can delete more than one flow group at a time. You can specify the flow groups individually, as a range, or both. Description This command delet es flow groups. Exa[...]

  • Página 328

    Chapter 20: Quality of Service (QoS) Commands 328 DESTROY QOS POLICY Syntax destroy qos policy= integer Parameter flowgroup Specifies the ID number of the policy you want to delete. You can delete mo re than one policy at a time. You can specify the flow groups individually, as a range, or both. Description This command deletes QoS policies. Exampl[...]

  • Página 329

    AT-S62 Command Li ne User’s Guide 329 DESTROY QOS TRAFFICCLASS Syntax destroy qos trafficclass= integer Parameter trafficclass Specifies th e ID number of the tr affic class you want to delete. You can delete mor e than one traffic class at a time. You can specify the flow groups individually, as a range, or both. Description This command de let [...]

  • Página 330

    Chapter 20: Quality of Service (QoS) Commands 330 SET QOS FLOWGROUP Syntax set qos flowgroup= integer [description= string ] [markvalue= integer |none] [priority= integer |NONE] [remarkpriority=yes|no|on|off|true|false] [classifierlist= integers |none] Parameters flowgroup Specifies the ID numbe r of the flow group you want to modify. The rang e is[...]

  • Página 331

    AT-S62 Command Li ne User’s Guide 331 yes, on, true Replaces the use r priority value in the packets with the n ew value specified with the PRIORITY parameter. no, off, false Does not re place the user priority value in the packets with the new value specif ied in with the PRIORITY parameter. This is the default. classifierlist Specifies the clas[...]

  • Página 332

    Chapter 20: Quality of Service (QoS) Commands 332 This command returns th e MARKVALUE setting in fl ow group 41 back to the default setting of NONE. At this setting, the flow group will not overwrite the ToS setting in the packets: set qos flowgroup=41 markvalue=none[...]

  • Página 333

    AT-S62 Command Li ne User’s Guide 333 SET QOS POLICY Syntax set qos policy= integer [description= string ] [indscpoverwrite= integer |none] [remarkindscp=[all|none]] [trafficclasslist= integers |none] [ingressport= port |all|none] [egressport= port |none] Parameters policy Specifies an ID number for the policy. Each policy on the switch must be a[...]

  • Página 334

    Chapter 20: Quality of Service (QoS) Commands 334 ingressport Specifies the ingress por ts to which the policy is to be assigned. Ports can be identified individually (e.g., 5,7,22), as a range (e .g., 18-23), or both (e.g., 1,5,14-22). The NONE option removes the policy from all ingress ports to which it has been assigned. The ALL option adds it t[...]

  • Página 335

    AT-S62 Command Li ne User’s Guide 335 When modifying a policy, note the following: ❑ You cannot change a policy’s ID number. ❑ Specifying an invalid value for a parameter that already has a value causes the parameter to revert to its default value. Examples This command changes the ingres s port for policy 8 to port 23: set qos policy=8 ing[...]

  • Página 336

    Chapter 20: Quality of Service (QoS) Commands 336 SET QOS PORT Syntax set qos port= integer type=ingress|egress policy= integer |none Parameter port Specifies the port to wh ich the policy is to be assigned or removed. You can specify more than one port at a time if the port is an ingress port of the traffic flow. Ports can be identified individual[...]

  • Página 337

    AT-S62 Command Li ne User’s Guide 337 SET QOS TRAFFICCLASS Syntax set qos trafficclass= integer [description=” string ”] [exceedaction=drop|remark] [exceedremarkvalue= integer |none] [markvalue= integer |none] [maxbandwidth= integer |none] [burstsize= integer |none] [priority= integer |none] [remarkpriority=yes|no|on|off|true|false] [flowgrou[...]

  • Página 338

    Chapter 20: Quality of Service (QoS) Commands 338 A new DSCP value can be set at all three levels: flow group, traffic class, and policy. A DSCP value specified in a flow grou p overrides a DSCP value specified at th e traffic class or policy level. A DSCP value specified at th e traffic cla ss level is used only if no value ha s been specified at [...]

  • Página 339

    AT-S62 Command Li ne User’s Guide 339 the traffic. However, no unused tokens will accumulate in the buck et. If the traffic increases, the excess traf fic will be discarded since no tokens are available for handling the increase. If the traffic is below the maximum bandwidth, unused toke ns will accumulate in the bucket since the ac tual bandwidt[...]

  • Página 340

    Chapter 20: Quality of Service (QoS) Commands 340 flowgrouplist Specifies the flow gr oups to be assigned to the traffic class. Any flow gr oups already assigned to the traffic class are repla ced. The specif ied flow groups must already exist. Separate multiple IDs with commas (e.g., 4,11,13). Description This command modifies an existing tr affic[...]

  • Página 341

    AT-S62 Command Li ne User’s Guide 341 SHOW QOS FLOWGROUP Syntax show qos flowgroup[= idnumber ] Parameters flowgroup Specifies the ID of the f low group you want to view. You can specify more than one classifier at a time. Description This command displays the fl ow groups on a switch. Examples This command displays a ll of the flow groups: show [...]

  • Página 342

    Chapter 20: Quality of Service (QoS) Commands 342 SHOW QOS POLICY Syntax show qos policy[= idnumber ] Parameter policy Specifies the ID of the p olicy you want to view. You can specify more than one p olicy at a time. Separate multiple policies with commas (e.g., 4,5,10). Description This command displays the policies on a switch. Examples This com[...]

  • Página 343

    AT-S62 Command Li ne User’s Guide 343 SHOW QOS TRAFFICCLASS Syntax show qos trafficclass[= idnumber ] Parameter trafficclass Specifies the ID of the traffic class you wa nt to view. You can specify more than one traffic class at a time. Separate multiple traffic classes with commas (for example, 4,5,10). Description This command displays the t ra[...]

  • Página 344

    344 Chapter 21 Class of Service (CoS) Commands This chapter contains the following commands: ❑ MAP QOS COSP on page 345 ❑ SET QOS COSP on page 347 ❑ SET QOS SCHEDULING on page 348 ❑ SHOW QOS CONFIG on page 349 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Refer to the AT-S62 Management Software Menus Interface[...]

  • Página 345

    AT-S62 Command Li ne User’s Guide 345 MAP QOS COSP Syntax map qos cosp= priority-number qid= queue-number Parameters cosp Specifies the Class of Se rvice (CoS) priority level. The CoS priority levels are 0 th rough 7, with 0 as the lowest priority and 7 as th e highest. You can assign more than one priori ty to an egress queue. qid Specifies the [...]

  • Página 346

    Chapter 21: Class of Service (CoS) Commands 346 Example The following command ma ps priorities 4 and 5, to egress queue 3: map qos cosp=4,5 qid=3[...]

  • Página 347

    AT-S62 Command Li ne User’s Guide 347 SET QOS COSP Syntax set qos cosp= priority-number qid= queue-number Parameters cosp Specifies the Class of Se rvice (CoS) priority level. The CoS priority levels are 0 th rough 7, with 0 as the lowest priority and 7 as th e highest. You can assign more than one priori ty to an egress queue. qid Specifies the [...]

  • Página 348

    Chapter 21: Class of Service (CoS) Commands 348 SET QOS SCHEDULING Syntax set qos scheduling=strict|wrr weights= weights Parameters scheduling Specifies the type of scheduling. The options are: strict Strict priority. A po rt transmits all packets out of the higher prior ity queues before it transmits any from the low priority queues. This is the d[...]

  • Página 349

    AT-S62 Command Li ne User’s Guide 349 SHOW QOS CONFIG Syntax show qos config Parameters None. Description Displays the QoS priority queues and scheduling. Example show qos config[...]

  • Página 350

    350 Chapter 22 Power Over Ethernet Commands This chapter contains the following commands: ❑ DISABLE POE PORT on page 351 ❑ ENABLE POE PORT on page 352 ❑ SET POE PORT on page 353 ❑ SET POE THRESHOL D on page 355 ❑ SHOW POE CONFIG on page 356 ❑ SHOW POE STATUS on page 357 Note Remember to save your changes with the SAVE CONFIGURATION comm[...]

  • Página 351

    AT-S62 Command Li ne User’s Guide 351 DISABLE POE PORT Syntax disable poe port= port Parameters port Specifies a port. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,5,14-22). Description This command disables PoE on a port. The[...]

  • Página 352

    Chapter 22: Power Over Ethe rnet Commands 352 ENABLE POE PORT Syntax enable poe port= port Parameters port Specifies a port. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,5,14-22). Description This command activates PoE on a port[...]

  • Página 353

    AT-S62 Command Li ne User’s Guide 353 SET POE PORT Syntax set poe port= port [poefunction=enable|disable] [priority=low|high|critical] [powerlimit= value ] Parameters port Specifies a port. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exa[...]

  • Página 354

    Chapter 22: Power Over Ethe rnet Commands 354 Examples The following command disa bles PoE on ports 4 and 5: set poe port=4-5 poefunction=disable This command sets the priority on port 6 and 11 to high: set poe port=6,11 priority=high This commands sets the maximum po wer on port 14 to 12,500 mW: set poe port=14 powerlimit=12500[...]

  • Página 355

    AT-S62 Command Li ne User’s Guide 355 SET POE THRESHOLD Syntax set poe threshold= value Parameters threshold Specifies the threshold as a percentage of the total amount of PoE available. The range is 1 to 100. Description The PoE threshold sends an SNMP trap to your management workstation and enters an event in the event log when the total power [...]

  • Página 356

    Chapter 22: Power Over Ethe rnet Commands 356 SHOW POE CONFIG Syntax show poe config [port= port ] Parameter port Specifies a port. You can specify more than one port at a time. You can specify the ports individually (e.g., 5,7,22), as a range (e.g., 18 -23), or both ( e.g., 1,5,14-22). Description Entering this command without specif ying a port d[...]

  • Página 357

    AT-S62 Command Li ne User’s Guide 357 SHOW POE STATUS Syntax show poe status [port= port ] Parameter port Specifies a port. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for exampl e, 1,5,14-22). Description Entering this command without speci[...]

  • Página 358

    Chapter 22: Power Over Ethe rnet Commands 358 Specifying a port in the comma nd displays the following PoE information about the port: ❑ PoE Function - Whether PoE is en abled or disabled on the port. The default setting is enabled. To enable or disable PoE on a port, refer to ENABLE POE PORT on page 352 and DISABLE POE PORT on page 351. ❑ Powe[...]

  • Página 359

    359 Chapter 23 IGMP Snooping Commands This chapter contains the following commands: ❑ DISABLE IGMPSNOOPING on page 360 ❑ ENABLE IGMPSNOOPING on page 361 ❑ SET IP IGMP on page 362 ❑ SHOW IGMPSNOOPING on page 364 ❑ SHOW IP IGMP on page 365 Note Remember to use the SAVE CO NFIGURATION co mmand to save your changes on the switch. Note Refer t[...]

  • Página 360

    Chapter 23: IGMP Snoop ing Commands 360 DISABLE IGMPSNOOPING Syntax disable igmpsnooping Parameters None. Description This command deactivates IGMP snoopi ng on the switch. This command performs the same function as the SNOOPINGSTATUS op tion in SET IP IGMP on page 362. Th e default setting for IGMP snooping is disabled. Example This command deacti[...]

  • Página 361

    AT-S62 Command Li ne User’s Guide 361 ENABLE IGMPSNOOPING Syntax enable igmpsnooping Parameters None. Description This command activates IGMP snooping on the switch. This command performs the same function as th e SNOOPINGSTATUS option in the command SET IP IGMP on page 362. The defa ult setting for IGMP snooping is disabled. Example This command[...]

  • Página 362

    Chapter 23: IGMP Snoop ing Commands 362 SET IP IGMP Syntax set ip igmp [snoopingstatus=enabled|disabled] [hoststatus=singlehost|multihost] [timeout= value ] [numbermulticastgroups= value ] [routerport= port |all|none|auto] Parameters snoopingstatus Activates and deactivates IGMP snooping on the switch. Possible settings are: enabled Activates IGMP [...]

  • Página 363

    AT-S62 Command Li ne User’s Guide 363 numbermulticastgroups Specifi es the maximum number of multicast addresses the switch learns. This parameter is useful with networks that contain a large number of multicast groups. You can use the parameter to prevent the switch’ s MAC address table from filling up with multicast address es, leaving no roo[...]

  • Página 364

    Chapter 23: IGMP Snoop ing Commands 364 SHOW IGMPSNOOPING Syntax show igmpsnooping Parameters None. Description This command displays the following IGMP parameters: ❑ IGMP snooping status ❑ Multicast host topology ❑ Host/router timeout interval ❑ Maximum multicast groups ❑ Multicast router ports Note To set the IGMP parameters, refe r to [...]

  • Página 365

    AT-S62 Command Li ne User’s Guide 365 SHOW IP IGMP Syntax show ip igmp [hostlist] [routerlist] Parameters hostlist Displays a list of the multic ast gr oups learned by the switch, as well as the ports on the switch that are connected to host n odes. This parameter displays information only there are active host nodes. routerlist Displays the port[...]

  • Página 366

    Chapter 23: IGMP Snoop ing Commands 366 The following command displays a list of ac tive multicast routers: show ip igmp routerlist[...]

  • Página 367

    367 Chapter 24 Denial of Service (DoS) Defense Commands This chapter contains the following commands: ❑ SET DOS on page 368 ❑ SET DOS IPOPTION on page 369 ❑ SET DOS LAND on page 370 ❑ SET DOS PINGOFDEATH on page 371 ❑ SET DOS SMURF on page 373 ❑ SET DOS SYNFLOOD on page 374 ❑ SET DOS TEARDROP on page 375 ❑ SHOW DOS on page 377 Note [...]

  • Página 368

    Chapter 24: Denial of Servic e (DoS) Commands 368 SET DOS Syntax set dos ipaddress= ipaddress subnet= mask uplinkport= port Parameters ipaddress Specifies the IP addr ess of one of the devices connected to the switch, preferably the lowest IP address. subnet Specifies the subnet mask of the LAN. A binary “1” indicates the switch should filter o[...]

  • Página 369

    AT-S62 Command Li ne User’s Guide 369 SET DOS IPOPTION Syntax set dos ipoption port= port state=enable|disable [mirrorport= port ] Parameters port Specifies the switch port on which you wa nt to enable or disable the IP Option defense. You can specify more than one port at a time. state Specifies the state of th e IP Option defense. The options a[...]

  • Página 370

    Chapter 24: Denial of Servic e (DoS) Commands 370 SET DOS LAND Syntax set dos land port= port state=enable|disable [mirrorport= port ] Parameters port Specifies the switch port on which you wa nt to enable or disable the Land defe nse. You can specify more than one port at a time. state Specifies the state of th e Land defense. The options are: ena[...]

  • Página 371

    AT-S62 Command Li ne User’s Guide 371 SET DOS PINGOFDEATH Syntax set dos pingofdeath port= port state=enable|disable [mirrorport= port ] Parameters port Specifies the switch por ts on which to enable or disable the Ping of Death defense. You can specify more than one port at a time. state Specifies the state of th e IP Option defense. The options[...]

  • Página 372

    Chapter 24: Denial of Servic e (DoS) Commands 372 Note This defense mechanism requires so me involvement by the switch’s CPU, though not as much as the Teardrop defense. This will not impact the forwarding of traffic be tween the switch ports, but it can affect the handling of CPU events, such as the processing of IGMP packets and spanning tree B[...]

  • Página 373

    AT-S62 Command Li ne User’s Guide 373 SET DOS SMURF Syntax set dos smurf port= port state=enable|disable Parameters port Specifies the switch por ts on which you want to enable or disable SMURF defense. You can select more than one port at a time. state Specifies the state of the SMURF defense. The options are: enable Activates the defense. disab[...]

  • Página 374

    Chapter 24: Denial of Servic e (DoS) Commands 374 SET DOS SYNFLOOD Syntax set dos synflood port= port state=enable|disable Parameters port Specifies the switch por ts on which you want to enable or disable this Do S defense. You can select more than one port at a time. state Specifies the state of th e DoS defense. The options are: enable Activates[...]

  • Página 375

    AT-S62 Command Li ne User’s Guide 375 SET DOS TEARDROP Syntax set dos teardrop port= port state=enable|disable [mirrorport=auto| port ] Parameters port Specifies the switch por ts on which you want to enable or disable this Do S defense. You can select more than one port at a time. state Specifies the state of th e DoS defense. The options are: e[...]

  • Página 376

    Chapter 24: Denial of Servic e (DoS) Commands 376 Caution This defense is extremely CPU in tensive and should be used with caution. Unrestricted use can cause a switch to halt operations should the CPU become overwhelme d with IP traff ic. To prevent this, Allied Telesyn recommends activa ting this defense on only the uplink port and one othe r swi[...]

  • Página 377

    AT-S62 Command Li ne User’s Guide 377 SHOW DOS Syntax 1 show dos [ipaddress] [subnet] [uplinkport] Syntax 2 show dos defense port= port Parameters ipaddress Displays the IP address of the LAN. subnet Displays the subnet mask. uplinkport Displa ys the uplink port for the Land defense. defense Displays the status of a specified defense for a partic[...]

  • Página 378

    Chapter 24: Denial of Servic e (DoS) Commands 378 This command displays the status of the SMURF defense on port 4: show dos smurf port=4[...]

  • Página 379

    379 Chapter 25 STP Commands This chapter contains the following commands: ❑ ACTIVATE STP on page 380 ❑ DISABLE STP on page 381 ❑ ENABLE STP on page 382 ❑ PURGE STP on page 383 ❑ SET STP on page 384 ❑ SET STP PORT on page 387 ❑ SET SWITCH MULTICASTMODE on page 389 ❑ SHOW STP on page 391 Note Remember to save your changes with the SAV[...]

  • Página 380

    Chapter 25: STP Commands 380 ACTIVATE STP Syntax activate stp Parameters None. Description Use this command to designate STP as the active spanning tree on the switch. You cannot enable STP or configure its parameters until you have designated it as the active spanning tree with this command. Only one spanning tree protocol, ST P, RSTP or MSTP, can[...]

  • Página 381

    AT-S62 Command Li ne User’s Guide 381 DISABLE STP Syntax disable stp Parameters None. Description This command disables the Spanning Tree Protocol on the switch. The default setting for ST P is disabled. To view the current status of STP, refer to SHOW STP on page 391. Example The following comma nd disables STP: disable stp[...]

  • Página 382

    Chapter 25: STP Commands 382 ENABLE STP Syntax enable stp Parameters None. Description This command enables the Spanning Tree Protocol on the switch. The default setting for ST P is disabled. To view the current status of STP, refer to SHOW STP on page 391. Note You cannot enable STP until after you have activa ted it with ACTIVATE STP on page 380.[...]

  • Página 383

    AT-S62 Command Li ne User’s Guide 383 PURGE STP Syntax purge stp Parameters None. Description This command returns al l STP bridge and port parameters to the default settings. STP must be disabled in or der for you to use this command. To disable STP, refer to DI SABLE STP on page 381. Example The following command resets the STP parameter settin[...]

  • Página 384

    Chapter 25: STP Commands 384 SET STP Syntax set stp [default] [priority= priority ] [hellotime= hellotime ] [forwarddelay= forwarddelay ] [maxage= maxage ] Parameters default Disables STP and returns all bridge and port STP settings to the default valu es. This parameter cannot be used with any other command parameter and can only be used when STP [...]

  • Página 385

    AT-S62 Command Li ne User’s Guide 385 hellotime Specifies the time in terval between generating and sending configuration messa ges by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. forwarddelay Specifies the waiting period before a bridge changes to a new state, for example , becomes the new root bridge after t[...]

  • Página 386

    Chapter 25: STP Commands 386 Examples The following command sets the switch’ s bridge priority value to 45,056 (increment 11): set stp priority=11 The following command sets the he llo time to 7 seconds and the forwarding delay to 25 seconds: set stp hellotime=7 forwarddelay=25 The following command returns all STP parameters on the switch to the[...]

  • Página 387

    AT-S62 Command Li ne User’s Guide 387 SET STP PORT Syntax set stp port= port [pathcost|portcost=auto| portcost ] [portpriority= portpriority ] Parameters port Specifies the port you wa nt to configure. You can configure more than one port at a time. You can specify the ports individually (f or example, 5, 7, 22), as a range (for example, 18-23), [...]

  • Página 388

    Chapter 25: STP Commands 388 portpriority Specifies the port’s priori ty. This parameter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge. The range is 0 to 240 in increments of 16. Th ere are sixteen increments. The increments are listed in Table 4. You specify the increment of the desired va [...]

  • Página 389

    AT-S62 Command Li ne User’s Guide 389 SET SWITCH MULTICASTMODE Syntax set switch multicastmode=a|b|c|d Parameter multicastmode Specifies one of the following: a Discards all ingress sp anning tree BPDU and 802.1x EAPOL packets on all ports. b Forwards ingress spa nning tree BPDU and 802.1x EAPOL packets across all VLANs and ports. c Forwards ingr[...]

  • Página 390

    Chapter 25: STP Commands 390 There are four possible states: A, B, C, and D. The states are described here: A - Discards all ingress spanning tree BPDU and 802.1x EAPOL packets on all ports. The switch behaves as follows: ❑ If STP, RSTP, and MSTP are di sabled, all ingress BPDUs are discarded. ❑ If 802.1x port-based access control is disable d,[...]

  • Página 391

    AT-S62 Command Li ne User’s Guide 391 SHOW STP Syntax show stp [port= port ] Parameter port Specifies the port whose STP parameters you want to view. You can view mor e than one port at a time.You can specify the ports individually (for example, 5, 7, 22), as a ra nge (for example, 18-23), or both (for example , 1, 5, 14-22). Description This com[...]

  • Página 392

    392 Chapter 26 RSTP Commands This chapter contains the following commands: ❑ ACTIVATE RSTP on page 393 ❑ DISABLE RSTP on page 394 ❑ ENABLE RSTP on page 395 ❑ PURGE RSTP on page 396 ❑ SET RSTP on page 397 ❑ SET RSTP PORT on page 401 ❑ SHOW RSTP on page 404 Note Remember to save your changes with the SAVE CONFIGURATION command. Note Ref[...]

  • Página 393

    AT-S62 Command Li ne User’s Guide 393 ACTIVATE RSTP Syntax activate rstp Parameters None. Description Use this command to designate RSTP as the active spa nning tree on the switch. Once you have selec ted RSTP, you ca n enable or disable it using the ENABLE RSTP and DI SABLE RSTP commands. RSTP is active on a switch only after you have designated[...]

  • Página 394

    Chapter 26: RSTP Commands 394 DISABLE RSTP Syntax disable rstp Parameters None. Description This command disables the Rapid Spanning Tree Protocol on the switch. To view the current sta tus of RSTP, use SHOW RSTP on page 404. Example The following command disables RSTP: disable rstp[...]

  • Página 395

    AT-S62 Command Li ne User’s Guide 395 ENABLE RSTP Syntax enable rstp Parameters None. Description This command enables the Rapid Spanning Tree Protocol on the switch. The default setting for RSTP is disa bled. To view the current status of RSTP, use SHOW RSTP on page 404. You cannot enable RSTP until you ha ve activated it with the ACTIVATE RSTP [...]

  • Página 396

    Chapter 26: RSTP Commands 396 PURGE RSTP Syntax purge rstp Parameters None. Description This command returns all RSTP br idge and port parameters to the default settings. RSTP must be disabled before you can use this command. To disa ble RSPT, refer to DISA BLE RSTP on page 394. Example The following command resets RSTP: purge rstp[...]

  • Página 397

    AT-S62 Command Li ne User’s Guide 397 SET RSTP Syntax set rstp [default] [priority= priority ] [hellotime= hellotime ] [forwarddelay= forwarddelay ] [maxage= maxage ] [rstptype|forceversion=stpcompatible| forcestpcompatible|normalrstp] Parameters default Returns all bridge and port RSTP settings to the default values. This param eter cannot be us[...]

  • Página 398

    Chapter 26: RSTP Commands 398 hellotime Specifies the time in terval between generating and sending configuration messa ges by the bridge. This parameter can be from 1 to 10 seconds. The default is 2 seconds. forwarddelay Specifies the waiting period before a bridge changes to a new state, for example , becomes the new root bridge after the topolog[...]

  • Página 399

    AT-S62 Command Li ne User’s Guide 399 forcestpcompatible Th e bridge uses the RSTP parameter settings, but transmits only STP BPDU packets from the ports. This option is equivalent to the STPCOMPATIBLE option. normalrspt The bridge uses RSTP. It transmits RSTP BPDU packets, except on ports connected to bridges running STP. This is the default set[...]

  • Página 400

    Chapter 26: RSTP Commands 400 The following command returns all RSTP parameter settings to their default values: set rstp default[...]

  • Página 401

    AT-S62 Command Li ne User’s Guide 401 SET RSTP PORT Syntax set rstp port= port [pathcost|portcost= cost |auto] [portpriority= portpriority ] [edgeport=yes|no|on|off|true|false] [ptp|pointtopoint=yes|no|on|off|true|false| autoupdate] [migrationcheck=yes|no|on|off|true|false] Parameters port Specifies the port you wa nt to configure. You can specif[...]

  • Página 402

    Chapter 26: RSTP Commands 402 Table 7 lists the RS TP port costs with Auto-Detect when the port is part of a port trunk. portpriority Specifies the port’s pr iority. This param eter is used as a tie breaker when two or more ports are determined to have equal costs to the root bridge. The range is 0 to 240 in increments of 16. Th ere are sixteen i[...]

  • Página 403

    AT-S62 Command Li ne User’s Guide 403 no, off, false The port is not an edge port. The values are equivalent. ptp Defines whether the port is functioning as a point- pointtopoint to-point port. The pa rameters are equivalent. This type of port is connected to a device operating at full-duplex mode. Values are: yes, on, true The port is an point-t[...]

  • Página 404

    Chapter 26: RSTP Commands 404 SHOW RSTP Syntax show rstp [portconfig= port |portstate= port ] Parameters portconfig Displays th e RSTP port settings. You can specify more than one port at a time. portstate Displays the RSTP port status. You can specify more than one port at a time. Description You can use this comman d to display the RSTP parameter[...]

  • Página 405

    AT-S62 Command Li ne User’s Guide 405 The following command displa ys RSTP port sta tus for port 15: show rstp portstate=15[...]

  • Página 406

    406 Chapter 27 MSTP Commands This chapter contains the following commands: ❑ ACTIVATE MSTP on page 408 ❑ ADD MSTP on page 409 ❑ CREATE MSTP on page 410 ❑ DELETE MSTP on pa ge 411 ❑ DESTROY MSTP MSTIID on page 412 ❑ DISABLE MSTP on page 413 ❑ ENABLE MSTP on page 414 ❑ PURGE MSTP on page 415 ❑ SET MSTP on page 416 ❑ SET MSTP CIST [...]

  • Página 407

    AT-S62 Command Li ne User’s Guide 407 Note Refer to the AT-S62 Management Software Menus Interface User’s Guide for background info rmation on the Mult iple Spanning Tree Protocol.[...]

  • Página 408

    Chapter 27: MSTP Commands 408 ACTIVATE MSTP Syntax activate mstp Parameters None. Description This command designates MSTP as th e active spanning tree on the switch. You cannot enable MSTP or configure its parameters until after you have designated it as the active spanning tree with this command. Only one spanning tree protocol can be active on t[...]

  • Página 409

    AT-S62 Command Li ne User’s Guide 409 ADD MSTP Syntax add mstp mstiid= mstiid mstivlanassoc= vids Parameters mstiid Specifies the ID of the multiple spanning tree instance (MSTI) to which you want to associate VLANs. You can specify only one MSTI ID at a time. The range is 1 to 15. mstivlanassoc Specifies the VID of the VLAN you want to associate[...]

  • Página 410

    Chapter 27: MSTP Commands 410 CREATE MSTP Syntax create mstp mstiid= mstiid [mstivlanassoc= vids ] Parameters mstiid Specifies the MSTI ID of the spanning tree instance you want to create. You can specify only one MSTI ID at a time. The range is 1 to 15. mstivlanassoc Specifies the VID of the VLAN you want to associate with the MSTI ID. You can spe[...]

  • Página 411

    AT-S62 Command Li ne User’s Guide 411 DELETE MSTP Syntax delete mstp mstiid= mstiid mstivlanassoc= vids Parameters mstiid Specifies the MSTI ID of the spanning tree instance where you want to remove VLANs. You can specify only one MSTI ID at a ti me. The range is 1 to 15. mstivlanassoc Specifies the VID of the VLAN you want to remove from the spa[...]

  • Página 412

    Chapter 27: MSTP Commands 412 DESTROY MSTP MSTIID Syntax destroy mstp mstiid= mstiid Parameter mstiid Specifies the MSTI ID of the spanning tree instance you want to delete. You can specify only one MSTI ID at a time. The range is 1 to 15. Description This command deletes a spanning tr ee instance. VLANs associated with a deleted MSTI are returned [...]

  • Página 413

    AT-S62 Command Li ne User’s Guide 413 DISABLE MSTP Syntax disable mstp Parameters None. Description This command disables the Multiple Spanning Tree Pr otocol on the switch. To view the curre nt status of MSTP, refer to SHOW MSTP on page 429. Example The following command disables MSTP: disable mstp[...]

  • Página 414

    Chapter 27: MSTP Commands 414 ENABLE MSTP Syntax enable mstp Parameters None. Description This command enables Multiple Span ning Tree Protocol on the switch. To view the current statu s of MSTP, refer to SH OW MSTP on page 429. You must select MSTP as the active sp anning tree on the switch before you can enable it with this comma nd. To activate [...]

  • Página 415

    AT-S62 Command Li ne User’s Guide 415 PURGE MSTP Syntax purge mstp Parameters None. Description This command returns all MSTP br idge and port parameters settings to their default values. This command also deletes all multiple spanning tree instances and VLAN associations. In order for you to use this command , MSTP must be the active spanning tr[...]

  • Página 416

    Chapter 27: MSTP Commands 416 SET MSTP Syntax set mstp [default] [forceversion=stpcompatible|forcestpcompatible| normalmstp] [hellotime= hellotime ] [forwarddelay= forwarddelay ] [maxage= maxage ] [maxhops= maxhops ] [configname=” name ”] [revisionlevel= number ] Parameters default Disables MSTP and returns all bridge and port MSTP settings to [...]

  • Página 417

    AT-S62 Command Li ne User’s Guide 417 normalmspt The bridge uses MSTP. The bridge sends out MSTP BPDU packets from all ports except for those ports connected to bridges running STP. This is the default setting. hellotime Specifies the time in terval between generating and sending configuration messa ges by the bridge. This parameter can be from 1[...]

  • Página 418

    Chapter 27: MSTP Commands 418 revisionlevel Specifies the revision level of an MS TP region. The range is 0 (zero) to 255. Th is is an arbitrary number that you assign to a region. The revision level must be the same on all bridg es in a region. Different regions can have the same revision level without conflict. Description This command configures[...]

  • Página 419

    AT-S62 Command Li ne User’s Guide 419 SET MSTP CIST Syntax set mstp cist priority= priority Parameter priority Specifies the CIST priori ty number for the switch. The range is 0 to 61,440 in in crements of 4,096. The range is divided into sixteen increments, as shown in the following table. You specify the increment that represents the desired br[...]

  • Página 420

    Chapter 27: MSTP Commands 420 Example The following command sets the CIST priority value to 45,056, which is increment 11 : set mstp cist priority=11[...]

  • Página 421

    AT-S62 Command Li ne User’s Guide 421 SET MSTP MSTI Syntax set mstp msti mstiid= mstiid priority= priority Parameters mstiid Specifies a MSTI ID. You can specify only one MSTI ID at a time. The range is 1 to 15. priority Specifies the MSTI prior ity value for the switch. The range is 0 to 61,440 in incr ements of 4,096. The range is divided into [...]

  • Página 422

    Chapter 27: MSTP Commands 422 The PRIORITY parameter specifies the n ew MSTI priority value. The range is 0 (zero) to 61 ,440 in increments of 4,096, with 0 being the highest priority. Examples This command changes the MSTI prior ity value to 45,056 (increment 11) for the MSTI ID 4: set mstp msti mstiid=4 priority=11 This command changes the MS TI [...]

  • Página 423

    AT-S62 Command Li ne User’s Guide 423 SET MSTP MSTIVLANASSOC Syntax set mstp mstivlanassoc mstiid= mstiid vlanlist= vids Parameters mstiid Specifies the ID of th e spanning tree instance where you want to associate VLANs. You can specify only one MSTI ID at a time. The range is 1 to 15. vlanlist Specifies the VID of the VLAN you want to associate[...]

  • Página 424

    Chapter 27: MSTP Commands 424 SET MSTP PORT Syntax 1 set mstp port= port |all [extportcost= portcost ] [edgeport=yes|no|no|on|off|true|false] [ptp|pointtopoint=yes|no|on|off|true|false| autoupdate] [migrationcheck=yes|no|on|off|true|false] Syntax 2 set mstp port= port |all [intportcost=auto| portcost ] [portpriority= priority ] [stpid= msti_id ] Pa[...]

  • Página 425

    AT-S62 Command Li ne User’s Guide 425 edgeport Defines whether the port is functioning as an edge port. An edge port is connected to a device operating at half-du plex mode and is not connected to any device running STP or MSTP. Selections are: yes, on, true The port is an edge port. These values are equivalent. This is the default. no, off, fals[...]

  • Página 426

    Chapter 27: MSTP Commands 426 Note Each time a MSTP port is reset by receiving STP BPDUs, set the migrationcheck parameter to yes, allowing the port to send MSTP BPDUs. intportcost Specifies the cost of a port connected to a bridge that is part of the same MSTP regio n. This is referred to as an internal port cost. The ra nge is 0 to 200,000, 000. [...]

  • Página 427

    AT-S62 Command Li ne User’s Guide 427 untagged and tagged por ts whose VLANs belong to more than one MSTI. You can specify more than one MSTI at a time (e.g., 4 ,6,11 ). If the VLANs of a port belong to just one MSTI, you can omit this parameter. Description This command sets a port’s MSTP setti ngs. The command is illustrated in two syntaxes t[...]

  • Página 428

    Chapter 27: MSTP Commands 428 Syntax 2 Examples The following command sets the interna l port cost to 500 for Ports 7 and 10. If the ports ar e members of more than one VLAN and the VLANs are assigned to more than one MSTI, th e new internal port cost is assigned to all of their MSTI assignment s: set mstp port=7,10 intportcost=500 This example ill[...]

  • Página 429

    AT-S62 Command Li ne User’s Guide 429 SHOW MSTP Syntax show mstp [portconfig= ports ] [portstate= ports ] [stpid= msti_id ] [mstistate] [cist] [mstivlanassoc] Parameters portconfig Displays the MSTP setti ngs of a port. You can specify more than one port at a time. For a list of the MSTP information displayed by this parameter, refer to Descripti[...]

  • Página 430

    Chapter 27: MSTP Commands 430 Entering SHOW MSTP wi thout any parameters displays the following MSTP settings: ❑ MSTP status ❑ Force version ❑ Hello time ❑ Forwarding delay ❑ Maximum age ❑ Maximum hops ❑ Configuration name ❑ Reversion level ❑ Bridge identifier The PORTCONFIG parameter displ ays the following MSTP port parameter se[...]

  • Página 431

    AT-S62 Command Li ne User’s Guide 431 ❑ Path cost ❑ Associated VLANs The CIST parameter displays th e following CIST information: ❑ CIST priority value ❑ Root ID ❑ Root path cots ❑ Regional root ID ❑ Regional root path cost ❑ Associated VLANs The MSTIVLANASSOC param eter displays the VLAN to MSTI associations. Examples This comman[...]

  • Página 432

    432 Chapter 28 VLANs and Multiple VLAN Mode Commands This chapter contains the following commands: ❑ ADD VLAN on page 433 ❑ CREATE VLAN on page 435 ❑ DELETE VLAN on page 439 ❑ DESTROY VLAN on page 442 ❑ SET SWITCH INFILTER ING on page 443 ❑ SET SWITCH MANAGEMENT VLAN on page 44 4 ❑ SET SWITCH VLANMO DE on page 445 ❑ SET VLAN on page[...]

  • Página 433

    AT-S62 Command Li ne User’s Guide 433 ADD VLAN Syntax 1 add vlan= name [vid= vid ] port= ports |all frame=untagged|tagged Syntax 2 add vlan= name [vid= vid ] taggedports= ports |all untaggedports= ports |all Parameters vlan Specifies the name of th e VLAN you want to modify. vid S pecifies the VID of the V LAN you want to modify. This parameter i[...]

  • Página 434

    Chapter 28: VLANs and Mu ltiple VL AN Commands 434 This command has two syntaxes. Yo u can use either command to add ports to a VLAN. The difference between the two is that Syntax 1 can add only one type of port, tagged or unta gged, at a time to a VLAN, while Syntax 2 can add both in the same command. This is illustrated in Examples below. When yo[...]

  • Página 435

    AT-S62 Command Li ne User’s Guide 435 CREATE VLAN Syntax 1 create vlan= name vid= vid port= ports |all frame=untagged|tagged Syntax 2 create vlan= name vid= vid taggedports= ports |all untaggedports= ports |all Parameters vlan Specifies the name of the VLAN. You must assign a name to a VLAN. The name can be from 1 to 20 characters in length and s[...]

  • Página 436

    Chapter 28: VLANs and Mu ltiple VL AN Commands 436 port Specifies the ports on the switch that are either tagged or untagged members of the new VLAN. You can specify the ports individually (for example, 5, 7, 22), as a range (for exampl e, 18-23), or both (for example, 1, 5, 14 -22). To specify all ports on the switch, use ALL. This pa rameter must[...]

  • Página 437

    AT-S62 Command Li ne User’s Guide 437 Tagged ports of the new VLAN re main as tagged and untagged members of their current VLAN assign ments. No change is made to a tagged port’s current VLAN assignment s, other than its addition to the new VLAN. This is because a tagged port can belong to more than one VLAN at a time. For exampl e, if you add [...]

  • Página 438

    Chapter 28: VLANs and Mu ltiple VL AN Commands 438 Syntax 2 allows you to create a VLAN of both ta gged and untagged ports all in one command. Here is th e command that would create our example: create vlan=Service vid=16 untaggedports=1,4,5-7 taggedports=11-12 That’s the advantage of Syntax 2 o ver Syntax 1. You can create VLANs containing both [...]

  • Página 439

    AT-S62 Command Li ne User’s Guide 439 DELETE VLAN Syntax 1 delete vlan= name [vid= vid ] port= ports frame=untagged|tagged Syntax 2 delete vlan= name [vid= vid ] taggedports= ports untaggedports= ports Parameters vlan Specifies the name of the VLAN to be modified. vid Specifies the VID of the VLAN to be modified. This parameter is optional. port [...]

  • Página 440

    Chapter 28: VLANs and Mu ltiple VL AN Commands 440 Note You cannot change a VLAN’s name or VID. When you remove an untagged po rt from a VLAN, the following happens: ❑ The port is returned to the Def ault_VLAN as an untagged port. ❑ If the port is also a tagged memb er of other VLANS, those VLAN assignments are not changed. The port remains a[...]

  • Página 441

    AT-S62 Command Li ne User’s Guide 441 To delete both tagged an d untagged ports from a VLAN using Syntax 1 takes two commands. For example, if you had a VLAN called Service and you wanted to delete fr om the VLAN tagged port 2 and untagged ports 6 to 8, the commands would be: delete vlan=Service port=2 frame=tagged delete vlan=Service port=6-8 fr[...]

  • Página 442

    Chapter 28: VLANs and Mu ltiple VL AN Commands 442 DESTROY VLAN Syntax destroy vlan vlan= name |all [vid= vid ] Parameters vlan Specifies the name of th e VLAN to be deleted. To delete all VLANs, use the ALL option. vid Specifies the VID of the VLAN to be deleted. This parameter is optional. Description You can use this command, when the switch is [...]

  • Página 443

    AT-S62 Command Li ne User’s Guide 443 SET SWITCH INFILTERING Syntax set switch infiltering=yes|no|on|off|true|false Parameters infiltering Specifies the operating status of ingress filtering. The options are: yes, on, true Activates in gress filtering. The values are equivalent. This is the default. no, off, false Deactivates ingress filtering. T[...]

  • Página 444

    Chapter 28: VLANs and Mu ltiple VL AN Commands 444 SET SWITCH MANAGEMENTVLAN Syntax set switch managementvlan= name | VID Parameter managementvlan Specifies the mana gement VLAN. Yo u can specify the VLAN by name or by its VID. You can specify only one management VLAN. The default management VLAN is Default_VLAN (VID 1). Description This command se[...]

  • Página 445

    AT-S62 Command Li ne User’s Guide 445 SET SWITCH VLANMODE Syntax set switch vlanmode=userconfig|dotqmultiple| multiple [uplinkport= port ] Parameters vlanmode Controls the switch’s VLAN mode. Options are: userconfig This mode allo ws you to create your own port-based and tagged VLANs. This is the default setting. dotqmultiple This option config[...]

  • Página 446

    Chapter 28: VLANs and Mu ltiple VL AN Commands 446 The following command sets the switch so that yo u can create your own port-based and tagged VLANs: set switch vlanmode=userconfig[...]

  • Página 447

    AT-S62 Command Li ne User’s Guide 447 SET VLAN Syntax set vlan= name [vid= vid ] type=portbased Parameter vlan Specifies the name of the dynamic GVRP VLAN you want to convert into a st atic VLAN. To view VLAN names, refer to SHOW VLAN on page 448. vid Specifies the VID of the dynamic VLAN. To view VIDs, refer to SHOW VLAN on page 448. This parame[...]

  • Página 448

    Chapter 28: VLANs and Mu ltiple VL AN Commands 448 SHOW VLAN Syntax show vlan[= name | vid ] Parameter vlan Specifies the name or VID of a VLAN. Description This command displays the following information: ❑ VLAN mode ❑ VLAN name ❑ Untagged port(s) ❑ Tagged port(s) Examples The following command displays all the VLANs on the switch: show vl[...]

  • Página 449

    449 Chapter 29 GARP VLAN Registration Protocol Commands This chapter contains the following commands: ❑ DISABLE GARP on page 450 ❑ ENABLE GARP on page 451 ❑ PURGE GARP on page 452 ❑ SET GARP PORT on page 453 ❑ SET GARP TIMER on page 454 ❑ SHOW GARP on page 456 ❑ SHOW GARP COUNTE R on page 457 ❑ SHOW GARP DATABASE on page 459 ❑ SHO[...]

  • Página 450

    Chapter 29: GARP VL AN Registration Protocol Comm ands 450 DISABLE GARP Syntax disable garp=gvrp [gip] Parameters garp Specifies the GARP applic ation you want to disable. The only GARP applicatio n supported by AT-S62 management software is GVRP. gip Disables GARP Inform ation Propagation (GIP). Note The online help for this comman d contains an S[...]

  • Página 451

    AT-S62 Command Li ne User’s Guide 451 ENABLE GARP Syntax enable garp=gvrp [gip] Parameters garp Specifies the GARP applic ation you want to enable. The only GARP applicatio n supported by AT-S62 management software is GVRP. gip Enables GARP Information Propagation (GIP). Note The online help for this comman d contains an STP optio n. The option i[...]

  • Página 452

    Chapter 29: GARP VL AN Registration Protocol Comm ands 452 PURGE GARP Syntax purge garp=gvrp Parameter garp Specifies the GARP app lication you want to reset. The only GARP applicatio n supported by AT-S62 management software is GVRP. Note The online help for this comman d contains an STP optio n. The option is no t supported. Description This comm[...]

  • Página 453

    AT-S62 Command Li ne User’s Guide 453 SET GARP PORT Syntax set garp=gvrp port= port mode=normal|none Parameters garp Specifies the GARP ap plication you want to configure. The only GARP application supported by AT-S62 management software is GVRP. port Specifies the port you want to configure on the switch. You can specify mo re than one port at a[...]

  • Página 454

    Chapter 29: GARP VL AN Registration Protocol Comm ands 454 SET GARP TIMER Syntax set garp=gvrp timer [default] [jointime= integer ] [leavetime= integer ] [leavealltime= integer ] Parameters garp Specifies the GARP ap plication you want to configure. The only GARP application supported by AT-S62 management software is GVRP. default Returns the GARP [...]

  • Página 455

    AT-S62 Command Li ne User’s Guide 455 Examples The following command sets the Join Period timer to 0.1 second, Leave Period timer to 0.35 seconds, an d the LeaveAllPeriod timer to 11 seconds for all GVRP applications: set garp=gvrp timer jointime=10 leavetime=35 leavealltime=1100 The following command sets the t imers to their default values: set[...]

  • Página 456

    Chapter 29: GARP VL AN Registration Protocol Comm ands 456 SHOW GARP Syntax show garp=gvrp Parameter garp Specifies the GARP applic ation you want to display. The only GARP applicatio n supported by AT-S62 management software is GVRP. Note The online help for this comman d contains an STP optio n. The option is no t supported. Description This comm[...]

  • Página 457

    AT-S62 Command Li ne User’s Guide 457 SHOW GARP COUNTER Syntax show garp=gvrp counter Parameter garp Specifies the GARP applic ation you want to display. The only GARP applicatio n supported by AT-S62 management software is GVRP. Description This command displays the current va lues for the following GARP packet and message counters: ❑ GARP app[...]

  • Página 458

    Chapter 29: GARP VL AN Registration Protocol Comm ands 458 ❑ Transmit GARP M essages: LeaveEmpty ❑ Receive GARP Messages: LeaveIn ❑ Transmit GARP Messages: LeaveIn ❑ Receive GARP Messages: Empty ❑ Transmit GARP Messages: Empty ❑ Receive GARP Messages: Bad Message ❑ Receive GARP Messag es: Bad Attribute Example The following command di[...]

  • Página 459

    AT-S62 Command Li ne User’s Guide 459 SHOW GARP DATABASE Syntax show garp=gvrp database Parameters garp Specifies the GARP applic ation you want to display. The only GARP applicatio n supported by AT-S62 management software is GVRP. Description This command displays the follow ing parameters fo r the internal database for the GARP app lication. E[...]

  • Página 460

    Chapter 29: GARP VL AN Registration Protocol Comm ands 460 SHOW GARP GIP Syntax show garp=gvrp gip Parameter garp Specifies the GARP applic ation you want to display. The only GARP applicatio n supported by AT-S62 management software is GVRP. Description This command displays the followin g parameters for th e GIP-connected ring for the GARP applic[...]

  • Página 461

    AT-S62 Command Li ne User’s Guide 461 SHOW GARP MACHINE Syntax show garp=gvrp machine Parameter garp Specifies the GARP applic ation you want to display. The only GARP applicatio n supported by AT-S62 management software is GVRP. Description This command displays the follow ing parameters for the GID state machines for the GARP application. Th e [...]

  • Página 462

    462 Chapter 30 Protected Ports VLAN Commands This chapter contains the following commands: ❑ ADD VLAN GROUP on page 463 ❑ CREATE VLAN PORTPROT ECTED on page 466 ❑ DELETE VLAN on page 467 ❑ DESTROY VLAN on page 469 ❑ SET VLAN on page 470 ❑ SHOW VLAN on page 471 Note Remember to save your changes with the SAVE CONFIGURATION command. Note [...]

  • Página 463

    AT-S62 Command Li ne User’s Guide 463 ADD VLAN GROUP Syntax 1 add vlan= name | vid ports= ports frame=tagged|untagged group=uplink|1..256 Syntax 2 add vlan= name | vid [taggedports= ports ] [untaggedports= ports ] group=uplink|1..256 Parameters vlan Specifies the name or VID of the pr otected ports VLAN where ports are to be added. You can identi[...]

  • Página 464

    Chapter 30: IGMP Snoop ing Commands 464 Note the following before using this command: ❑ You must first create the protected ports VLAN by giving it a name and a VID before you can add ports. Creating a VLAN is accomplished with CREATE VLAN PORTPROTECTED on page 466. ❑ Both command syntaxes perform the same function. The difference is that with [...]

  • Página 465

    AT-S62 Command Li ne User’s Guide 465 The following command does th e same thing using syntax 2: add vlan=InternetGroups untaggedports=5,6 group=4[...]

  • Página 466

    Chapter 30: IGMP Snoop ing Commands 466 CREATE VLAN PORTPROTECTED Syntax create vlan= name vid= vid portprotected Parameters vlan Specifies the name of the new protected ports VLAN. The name can be from one to fifteen alphanumeric characters in length. The name should reflect the function of the n odes that will be a part of the protected ports VLA[...]

  • Página 467

    AT-S62 Command Li ne User’s Guide 467 DELETE VLAN Syntax 1 delete vlan= name | vid ports= ports frame=tagged|untagged Syntax 2 delete vlan= name | vid [taggedports= ports ] [untaggedports= ports ] Parameters vlan Specifies the name or VID of the VLAN to be modified. You can specify th e VLAN by its name or VID. port Specifies the port to be remov[...]

  • Página 468

    Chapter 30: IGMP Snoop ing Commands 468 ❑ Deleted untagged ports are return ed to the Default_VLAN as untagged. ❑ You can delete ports from on ly one group at a time. Examples The following command us es syntax 1 to delete untagged port 12 from the InternetGroups VLAN: delete vlan=InternetGroups port=12 frame=untagged The following command acco[...]

  • Página 469

    AT-S62 Command Li ne User’s Guide 469 DESTROY VLAN Syntax destroy vlan= name | vid |all Parameters vlan Specifies the name or VID of the VLAN to be destroyed. To delete all tagged, port-based, and protected ports VLANs on the switch, use the ALL option. Description This command deletes VLANs fr om the switch. You can use this command to delete ta[...]

  • Página 470

    Chapter 30: IGMP Snoop ing Commands 470 SET VLAN Syntax set vlan= name | vid port= ports frame=tagged|untagged Parameters vlan Specifies the name or VID of the VLAN to be modified. ports Specifies the p ort wh ose VLAN type is to be changed. You can specify more than one port at a time. You can specify th e ports individually (for example, 5, 7, 22[...]

  • Página 471

    AT-S62 Command Li ne User’s Guide 471 SHOW VLAN Syntax show vlan[= name | vid ] Parameter vlan Specifies the name or VI D of the VLAN you want to view. Omitting this displays all VLANs. Description This command displays information ab out the VLANs on the switch. The information includes the names and VIDs of the VLANs, and the tagged and untagge[...]

  • Página 472

    472 Chapter 31 MAC Address Security Commands This chapter contains the following commands: ❑ SET SWITCH PORT INTRUS IONACTION on page 473 ❑ SET SWITCH PORT SECU RITYMODE on page 474 ❑ SHOW SWITCH PORT IN TRUSION on page 477 ❑ SHOW SWITCH PORT SE CU RITYMODE on page 478 Note Remember to save your changes with the SAVE CONFIGURATION command. [...]

  • Página 473

    AT-S62 Command Li ne User’s Guide 473 SET SWITCH PORT INTRUSIONACTION Syntax set switch port= port intrusionaction=discard|trap|disable Parameters port Specifies the port wher e you want to change the intrusion action. You can sp ecify more than one port at a time. You can specify the ports individually (for example, 5,7,22), as a range (for exam[...]

  • Página 474

    Chapter 31: Port Security Commands 474 SET SWITCH PORT SECURITYMODE Syntax set switch port= port [securitymode=automatic|limited|secured|locked] [intrusionaction=discard|trap|disable] [learn= integer ] [participate=yes|no|on|off|true|false] Parameters port Specifies the port wher e you want to set security. You can specify more than one port at a t[...]

  • Página 475

    AT-S62 Command Li ne User’s Guide 475 intrusionaction Specifies the action taken by the port in the event port security is violated. Th is parameter applies only to the Limited security m ode. Intrusion actions are: discard Discards invalid frames. This is the default setting. trap Discards invalid frames and sends a SNMP trap. disable Discards i[...]

  • Página 476

    Chapter 31: Port Security Commands 476 Examples This command sets the security level fo r port 8 to the Limited mode and specifies a limit of 5 dynamic MAC ad dresses. Since no intrusion action is specified, the disc ard action is assigned by default: set switch port=8 securitymode=limited learn=5 This command sets the security level for ports 9 an[...]

  • Página 477

    AT-S62 Command Li ne User’s Guide 477 SHOW SWITCH PORT INTRUSION Syntax show switch port= port intrusion Parameters port Specifies the port wh ere you want to view the number of intrusions that have occurred. You can specify more than one port at a time. Description This command displays th e number of times a port has detected an intrusion viola[...]

  • Página 478

    Chapter 31: Port Security Commands 478 SHOW SWITCH PORT SECURITYMODE Syntax show switch port= port securitymode Parameters port Specifies the port who se security mode settings you want to view. You can specify more than one port at a time. You can specify th e ports individually (for example, 5,7,22), as a range (for example, 18-23), or both (for [...]

  • Página 479

    479 Chapter 32 802.1x Port-based Access Control Commands This chapter contains the following commands: ❑ DISABLE PORTACCESS|POR TAUTH on page 480 ❑ DISABLE RADIUSACCOUN TING on page 481 ❑ ENABLE PORTACCESS|POR TAUTH on page 482 ❑ ENABLE RADIUSACCOUNTING on page 483 ❑ SET PORTACCESS|PORTAUTH PORT ROLE=AUTHENTICATOR on page 484 ❑ SET PORT[...]

  • Página 480

    Chapter 32: 802.1x Port-b ased Access Control Commands 480 DISABLE PORTACCESS|PORTAUTH Syntax disable portaccess|portauth Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters None. Description This command disab les 802.1x Po rt -based Access Control on your switch. This is the default setting. Example The following command disables[...]

  • Página 481

    AT-S62 Command Li ne User’s Guide 481 DISABLE RADIUSACCOUNTING Syntax disable radiusaccounting Parameters None Description This command disables RA DIUS ac counting on the switch. This command is equivalent to the SET RADIUSACCOUNTING STATUS=DISABLED command. Example The following command disa bles RADIUS accounting: disable radiusaccounting[...]

  • Página 482

    Chapter 32: 802.1x Port-b ased Access Control Commands 482 ENABLE PORTACCESS|PORTAUTH Syntax enable portaccess|portauth Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters None. Description This command activates 802.1x Port-b ased Access Control on the switch. The default setting for this feature is disabled. Note You should activ[...]

  • Página 483

    AT-S62 Command Li ne User’s Guide 483 ENABLE RADIUSACCOUNTING Syntax enable radiusaccounting Parameters None Description This command enables RADIUS ac counting on the switch. This command is equivalent to the SET RADIUSACCOUNTING STATUS=ENABLED command. Example The following command disa bles RADIUS accounting: enable radiusaccounting[...]

  • Página 484

    Chapter 32: 802.1x Port-b ased Access Control Commands 484 SET PORTACCESS|PORTAUTH PORT ROLE=AUTHENTICATOR Syntax set portaccess|portauth port= port type|role=authenticator|none [control=auto|authorised|forceauthenticate| unauthorised|forceunauthenticate] [quietperiod= value ] [txperiod= value ] [reauthenabled=enabled|disabled} [reauthperiod= value[...]

  • Página 485

    AT-S62 Command Li ne User’s Guide 485 authentication messages between the client and the authentication server. Each client that attempts to access the network is uniquely identified by the switch by using the client's MAC address. This is the default setting. authorised Disables 802.1X port-based forceauthenticate authentication and causes [...]

  • Página 486

    Chapter 32: 802.1x Port-b ased Access Control Commands 486 disabled Specifies that reauthentication by the client is not required after the initial authentication. Reauthentication is only required if there is a change to the status of the link between the supplicant and the switch or the switch is reset or power cycled. txperiod Sets the number of[...]

  • Página 487

    AT-S62 Command Li ne User’s Guide 487 You can use this selection to control how an Authenticator port will hand le egress broadcast and multicast traffic when in the unauthorized state. You can instruct the port to forw ard this traffic to the client, even though the clie nt has not logged on, or you can have the port discard th e traffic. The tw[...]

  • Página 488

    Chapter 32: 802.1x Port-b ased Access Control Commands 488 Examples This command sets ports 4 to 6 to the Authenticator role: set portaccess port=4-6 role=authenticator The following command se ts port 7 to the Authenticator role. It sets the quiet period on the port to 30 secon ds and the server timeout parameter to 200 seconds: set portaccess por[...]

  • Página 489

    AT-S62 Command Li ne User’s Guide 489 SET PORTACCESS|PORTAUTH PORT ROLE=SUPPLICANT Syntax set portaccess|portauth port= port type|role=supplicant|none [authperiod= value ] [heldperiod= value ] [maxstart= value ] [startperiod= value ] [username|name= name ] [password= password ] Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters [...]

  • Página 490

    Chapter 32: 802.1x Port-b ased Access Control Commands 490 startperiod Specifies the time period in seconds between successive attempts by the supplicant to establish contact with an authenti cator when there is no reply. The range is 1 to 60. The default is 30. username Specifies the username for the switch port. The name parameters are equivale n[...]

  • Página 491

    AT-S62 Command Li ne User’s Guide 491 SET RADIUSACCOUNTING Syntax set radiusaccounting [status=enabled|disabled] [serverport= value ] [type=network] [trigger=start_stop|stop_only] [updateenable=enabled|disabled] [interval= value ] Parameters status Activates and deactivate RADIUS accounting on the switch. Options are: enabled Activates RADIUS acc[...]

  • Página 492

    Chapter 32: 802.1x Port-b ased Access Control Commands 492 interval Specifies the intervals at which the switch is to send interim accounting updates to the RADIUS server. The range is 30 to 300 sec onds. The default is 60 seconds. Description RADIUS accounting is sup ported on those switch ports operating in the Authenticator role. The accounting [...]

  • Página 493

    AT-S62 Command Li ne User’s Guide 493 SHOW PORTACCESS|PORTAUTH Syntax show portaccess|portauth config|status Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters config Displays whether port-b ase d access control is enabled or disabled on the switch. status Displays the role and status of each port. Description Use this command t[...]

  • Página 494

    Chapter 32: 802.1x Port-b ased Access Control Commands 494 SHOW PORTACCESS|PORAUTH PORT Syntax show portaccess|portauth port= port authenticator|supplicant config|status Note The PORTACCESS and PORTAUTH keywords are equivalent. Parameters port Specifies the port whos e port-based access control settings you want to vi ew. You can specify more than [...]

  • Página 495

    AT-S62 Command Li ne User’s Guide 495 SHOW RADIUSACCOUNTING Syntax show radiusaccounting Parameters None. Description Use this command to display the cu rrent parameter setti ngs for RADIUS accounting. For an explanation of the parameters, refer to SET RADIUSACCOUNTING o n page 491. Examples The following command displays the current pa rameter s[...]

  • Página 496

    496 Chapter 33 Web Server Commands This chapter contains the following commands: ❑ DISABLE HTTP SERVER on page 497 ❑ ENABLE HTTP SERVER on page 498 ❑ PURGE HTTP SERVER on page 499 ❑ SET HTTP SERVER on page 500 ❑ SHOW HTTP SERVER on page 506 Note Remember to use the SAVE CO NFIGURATION co mmand to save your changes. Note Refer to the AT-S6[...]

  • Página 497

    AT-S62 Command Li ne User’s Guide 497 DISABLE HTTP SERVER Syntax disable http server Parameters None. Description This command disables th e web server on the swit ch. When the server is disabled, you cannot mana ge the switch from a web browser. To view the current status of the web serve r, see SHOW HTTP SERVER on page 506. The default setting [...]

  • Página 498

    Chapter 33: Web Server Commands 498 ENABLE HTTP SERVER Syntax enable http server Parameters None. Description This command activates the web server on the switch. Activating the server allows you to ma nage the unit from a web browser. To view the current status of the web server, see SHOW HTTP SERVER on page 506. The default setting for the web se[...]

  • Página 499

    AT-S62 Command Li ne User’s Guide 499 PURGE HTTP SERVER Syntax purge http server Parameters None. Description This command resets the web server to its default values. Refer to the AT-S62 Management Software Me nus Interface User’s Guide for the web server default values. To view the current web server setti ngs, refer to SHOW HTTP SERVER on pa[...]

  • Página 500

    Chapter 33: Web Server Commands 500 SET HTTP SERVER Syntax set http server [security=enabled|disabled] [sslkeyid= key-id ] [port= port ] Parameters security S pecifies the security mode of the web server. Possible settings are: enabled Specifies that the web server is to function in the secure HTTPS mode. disabled Specifies that the web server is t[...]

  • Página 501

    AT-S62 Command Li ne User’s Guide 501 Examples The following command configures the web server for the non-secure HTTP mode. Since no port is specified, th e default HTTP po rt 80 is used: set http server security=disabled The following command configures the web serve r for the secure HTTPS mode. It specifies the key pair ID as 5. Since no port [...]

  • Página 502

    Chapter 33: Web Server Commands 502 The certificate is assigned the f ilename “Sw12cert.cer. (The “.cer” extension is not included in the command because the management software adds it au tomatically.) The certificate is assigned the serial number 0 and a distinguished name of 149.11.11.11, which is the IP address of a master switch: create [...]

  • Página 503

    AT-S62 Command Li ne User’s Guide 503 8. Add the CA certificat es to the certificate database using ADD PKI CERTIFICATE on page 516. 9. Disable the switch’s web server using the command DISABLE HTTP SERVER on page 497. 10. Configure the web server using SET HTTP SERVER on page 500.[...]

  • Página 504

    Chapter 33: Web Server Commands 504 11. Activate the web server using EN ABLE HTTP SERVER on page 498 The following is an ex ample of the command seq uence for configuring the web server for a CA certifica te. It explains how to create an encryption key pair and enrollment request, and how to download the CA certificates on the switch. (The example[...]

  • Página 505

    AT-S62 Command Li ne User’s Guide 505 8. This command configures the web server. It activates HTTPS and specifies the key created in step 1: set http server security=enabled sslkeyid=8 9. This command enables the web server: enable http server[...]

  • Página 506

    Chapter 33: Web Server Commands 506 SHOW HTTP SERVER Syntax show http server Parameters None. Description This command displays the followin g information about the web server on the switch: ❑ Status ❑ SSL security ❑ SSL key ID ❑ Listen port Example The following command displa ys the status of the web server: show http server[...]

  • Página 507

    507 Chapter 34 Encryption Key Commands This chapter contains the following commands: ❑ CREATE ENCO KEY on page 508 ❑ DESTROY ENCO KEY on page 512 ❑ SET ENCO KEY on page 513 ❑ SHOW ENCO on page 514 Note Remember to save your changes with the SAVE CONFIGURATION command. Note The feature is not available in all versions of the AT-S62 managemen[...]

  • Página 508

    Chapter 34: Encrypti on Key Commands 508 CREATE ENCO KEY Syntax 1 create enco key= key-id type=rsa length= value [description=” description ”] Syntax 2 create enco key= key-id type=rsa [description= ”description” ] [file= filename .key] [format=hex|ssh|ssh2] Parameters key Specifies a key ID. The range is 0 to 65,535. The default is 0. When[...]

  • Página 509

    AT-S62 Command Li ne User’s Guide 509 hex Specifies a hexadecimal format used to transfer a key between devices other than switches. This is the default. ssh Specifies a format for Secure Shell version 1 users. ssh2 Specifies a format for Secure Shell version 2 users. Description This command serves two fu nctions. One is to cr eate encryption ke[...]

  • Página 510

    Chapter 34: Encrypti on Key Commands 510 server key is 768 bits and the re commended length for the host key is 1024 bits. The DESCRIPTION parameter is opt ional. You can use it to add a description to the key. This can help you identify the different keys on the switch. The description can be up to forty alphanum eric characters. It must be enclos[...]

  • Página 511

    AT-S62 Command Li ne User’s Guide 511 If you are exporting a public key from the key database to the file system, the KEY parameter should specify the ID of the key that you want to export. Only the public k ey of a key pair is expo rted to the file system. You cannot export a private key. The TYPE parameter specifies the type of key to be import[...]

  • Página 512

    Chapter 34: Encrypti on Key Commands 512 DESTROY ENCO KEY Syntax destroy enco key= key-id Parameter key Specifies the ID number of the key pair to be deleted from the key database. Description This command deletes an encryption key pair from the key database. This command also deletes a key’s corr esponding ”.UKF” file from the file system. O[...]

  • Página 513

    AT-S62 Command Li ne User’s Guide 513 SET ENCO KEY Syntax set enco key= key-id description=” description ” Parameters key Specifies the ID numbe r of the key pair whose description you want to change. description Specifies the new description of the key. The description can contain up to 25 alphanumeric characters. Spaces are allo wed. The de[...]

  • Página 514

    Chapter 34: Encrypti on Key Commands 514 SHOW ENCO Syntax show enco key= key-id Parameters key Specifies the ID of a key whose information you want to display. Description This command displays information a bout encryption key pairs stored in the key database. This command displays the following information about each key: ❑ ID ❑ Algorithm ❑[...]

  • Página 515

    515 Chapter 35 Public Key Infrastructure (PKI) Certificate Commands This chapter contains the following commands: ❑ ADD PKI CERTIFICATE on page 516 ❑ CREATE PKI CERTIFIC ATE on page 518 ❑ CREATE PKI ENROLLMENT REQUEST on page 521 ❑ DELETE PKI CERTIFIC ATE on page 523 ❑ PURGE PKI on page 524 ❑ SET PKI CERTIFICA TE on page 525 ❑ SET PKI[...]

  • Página 516

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 516 ADD PKI CERTIFICATE Syntax add pki certificate=” name” location=” filename .cer” [trusted=yes|no|on|off|true|false] [type=ca|ee|self] Parameters certificate Specifies a name for th e ce rtificate. Th is is the name for the certificate as it w ill appear in the certifica[...]

  • Página 517

    AT-S62 Command Li ne User’s Guide 517 Description This command adds a certificate to the certificate database from the AT-S62 file system. To view the certificate files in the file system, refer to SHOW FI LE on page 234 . To view the certificates already in the database, refer to SHOW PKI CERT IFICATE on page 530. The CERTIFICATE parameter assig[...]

  • Página 518

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 518 CREATE PKI CERTIFICATE Syntax create pki certificate= name keypair= key-id serialnumber= value [format=der|pem] subject=” distinguished-name ” Parameters certificate Specifies a name for the self-signed certificate. The name can be from one to eight alphanumeric characters.[...]

  • Página 519

    AT-S62 Command Li ne User’s Guide 519 Once you have created a new self-signed certifica te, you need to load it into the certificate database. The switch cannot use the certificate for encrypted web browser ma nagement systems until it is loaded into the database. For instructions, refer to ADD PKI CERTIFICATE on page 516. Note For a review of th[...]

  • Página 520

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 520 Examples The following command creates a self-s igned certificate. It assigns the certificate the filename “sw12.ce r”. (The management software automatically adds the “.cer” extension.) The command uses the key pair with the ID 12 to create the certif icate. The format[...]

  • Página 521

    AT-S62 Command Li ne User’s Guide 521 CREATE PKI ENROLLMENTREQUEST Syntax create pki enrollmentrequest=” name ” keypair= key- id [format=der|pem] [type=pkcs10] Parameters enrollmentrequest Specifies a filena me for the enrollment request. The filename can be from 1 to 8 alphanumeric characters. If the name cont ains spaces, it must be enclose[...]

  • Página 522

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 522 Note For a review of all the steps to configuring th e web server for a CA certificate, refer to SET HTTP SERVER on page 500. The ENROLLMENTREQUEST parameter specifies a filename for the request. The filename can contain from 1 to 8 alphanumeric characters. If spaces are used, [...]

  • Página 523

    AT-S62 Command Li ne User’s Guide 523 DELETE PKI CERTIFICATE Syntax delete pki certificate=” name ” Parameter certificate Specifies the name of the certificate you want to delete from the certificat e database. The name is case sensitive. If the name contains spaces, it must be enclosed in double quotes . Wildcards are not allowed. Descriptio[...]

  • Página 524

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 524 PURGE PKI Syntax purge pki Parameters None. Description This command deletes al l certificates from the ce rtificate database and resets the certificate database st orage limit to th e default. This command does not delete the certifica tes from the file system. To delete files[...]

  • Página 525

    AT-S62 Command Li ne User’s Guide 525 SET PKI CERTIFICATE Syntax set pki certificate=” name ” [trusted=yes|no|on|off|true|false] [type=ca|ee|self] Parameters certificate Specifies the certificate name whose trust or type you want to change. The name is case sen sitive. If the name contains spaces, it must be en closed in quotes. trusted Speci[...]

  • Página 526

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 526 The TYPE parameter specifi es the certificate type. If CA is specified, the switch tags this certificate as a CA certificate. If ENDENTITY or EE is specified, the switch tags the certificate to indicate that it belongs to an end entity. If SELF is specified, the switch tags the[...]

  • Página 527

    AT-S62 Command Li ne User’s Guide 527 SET PKI CERTSTORELIMIT Syntax set pki certstorelimit= value Parameter certstorelimit Specifies the maximu m number of certificates that can be stored in the cert ificate database. The range is 12 and 256; the default is 256. Description This command sets the ma ximum number of cert ificates that can be stored[...]

  • Página 528

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 528 SET SYSTEM DISTINGUISHEDNAME Syntax set system distinguishedname=” name ” Parameter distinguishedname Specifies the disti nguished name for the switch. The name must be enclosed in quotes. Description This command sets the distinguish ed name for the switch. The distinguish[...]

  • Página 529

    AT-S62 Command Li ne User’s Guide 529 SHOW PKI Syntax show pki Parameters None. Description This command displays the current setting for the maximum number of certificates the switch wi ll allow you to store in the certificate database. To change this value, refer to S ET PKI CERTSTORELIMIT on page 527. Example show pki[...]

  • Página 530

    Chapter 35: Public Key Infrastru cture (P KI) Certificat e Commands 530 SHOW PKI CERTIFICATE Syntax show pki certificate[=” name ”] Parameter certificate Specifies the name of the certificate whose information you want to vi ew. If the name contains spaces, it mu st be enclo sed in double quotes . This parameter is case sensi tive. Wildcards ar[...]

  • Página 531

    531 Chapter 36 Secure Sockets Layer (SSL) Commands This chapter contains the following command: ❑ SET SSL on page 532 ❑ SHOW SSL on page 533 Note Remember to save your changes with the SAVE CONFIGURATION command. Note The feature is not available in all versions of the AT-S62 management software . Contact your Alli ed Telesyn sales representati[...]

  • Página 532

    Chapter 36: Secure Sockets La yer (SSL) Commands 532 SET SSL Syntax set ssl [cachetimeout= value ] [maxsessions= value ] Parameters cachetimeout Specifies the maxi mum time in seconds that a session will be retained in th e cache The range is 1 to 600 seconds. The default is 300 second. maxsessions Specifies the maximum number of sessions that will[...]

  • Página 533

    AT-S62 Command Li ne User’s Guide 533 SHOW SSL Syntax show ssl Parameters None. Description This command displays the current setti ngs for the follow ing SSL values: ❑ Version ❑ Available ciphers ❑ Maximum number of sessions ❑ Cache timeout Example show ssl[...]

  • Página 534

    534 Chapter 37 Secure Shell (SSH) Commands This chapter contains the following commands: ❑ DISABLE SSH SERVER on page 535 ❑ ENABLE SSH SERVER on page 536 ❑ SET SSH SERVER on page 539 ❑ SHOW SSH on page 541 Note Remember to save your changes with the SAVE CONFIGURATION command. Note The feature is not available in all versions of the AT-S62 [...]

  • Página 535

    AT-S62 Command Li ne User’s Guide 535 DISABLE SSH SERVER Syntax disable ssh server Parameters None. Description This command disables the Secure Sh ell server. When the Secure Shell server is disabled , connections from S ecure Shell clients are not accepted. By default, the Secure Sh ell server is disabled. Example The following command disabl e[...]

  • Página 536

    Chapter 37: Secure Shell (SSH) Commands 536 ENABLE SSH SERVER Syntax enable ssh server hostkey= key-id serverkey= key-id [expirytime= hours ] [logintimeout= seconds ] Parameters hostkey Specifies the ID number of the encryption key pair to function as the host key. serverkey Specifies the ID number of the encryption key pair to function as the serv[...]

  • Página 537

    AT-S62 Command Li ne User’s Guide 537 Note Before you enable SS H, disable the Telnet management session. Otherwise, the security provided by SSH is no t active. See DISABLE TELNET on page 40. Example The following command activates the Secure Shell server and specifies encryption key pair 0 as the host ke y and key pair 1 as the server key: enab[...]

  • Página 538

    Chapter 37: Secure Shell (SSH) Commands 538 Example The following is an ex ample of the command seq uence to configuring the SSH software on the server: 1. The first step is to create the two encryption key pairs. Each key must be created separately and the key lengths must be at least one increment (256 bits) apart. Th e following two commands cre[...]

  • Página 539

    AT-S62 Command Li ne User’s Guide 539 SET SSH SERVER Syntax set ssh server hostkey= key-id serverkey= key-id [expirytime= hours ] [logintimeout= seconds ] Parameters hostkey Specifies the ID number of the encryption key pair to function as the host key. serverkey Specifies the ID number of the encryption key pair to function as the server key. ex[...]

  • Página 540

    Chapter 37: Secure Shell (SSH) Commands 540 Example The following command sets the Secure Shell server key ex piry time to 1 hour: set ssh server expirytime=1[...]

  • Página 541

    AT-S62 Command Li ne User’s Guide 541 SHOW SSH Syntax show ssh Parameters None. Description This command displays the curr ent values for the following SSH parameters: ❑ Versions supported ❑ Server Status ❑ Server Port ❑ Host Key ID ❑ Host Key Bits (size of host key in bits) ❑ Server Key ID ❑ Server Key Bits (size of server key in b[...]

  • Página 542

    542 Chapter 38 TACACS+ and RADIUS Commands This chapter contains the following commands: ❑ ADD RADIUSSERVER on page 543 ❑ ADD TACACSSERVER on pa ge 545 ❑ DELETE RADIUSSERV ER on page 546 ❑ DELETE TACACSSERV ER on page 547 ❑ DISABLE AUTHENTICAT ION on page 548 ❑ ENABLE AUTHENTICATION on page 549 ❑ PURGE AUTHENTICATIO N on page 550 ❑ [...]

  • Página 543

    AT-S62 Command Li ne User’s Guide 543 ADD RADIUSSERVER Syntax add radiusserver server|ipaddress= ipaddress order= value [secret= string ] [port= value ] [accport= value ] Parameters server Specifies an IP address of a RADIUS server. The parameters ipaddress are equivalent. order Specifies the order that the RADIUS servers are queried by the switc[...]

  • Página 544

    Chapter 38: TACACS+ and RADIUS Commands 544 The following command ad ds the RADIUS server with the IP address 149.245.22.22. It specif ies the order as 2 and the encryption key as tiger74. add radiusserver ipaddress=149.245.22.22 order=2 secret=tiger74 port=1812[...]

  • Página 545

    AT-S62 Command Li ne User’s Guide 545 ADD TACACSSERVER Syntax add tacacsserver server|ipaddress= ipaddress order= value [secret= string ] Parameters server Specifies an IP addre ss of a TACACS+ server. The ipaddress parameters are equivalent. order Specifies the order that yo ur TACACS+ servers are queried by the switch. You can assign or der to [...]

  • Página 546

    Chapter 38: TACACS+ and RADIUS Commands 546 DELETE RADIUSSERVER Syntax delete radiusserver server|ipaddress= ipaddress Parameter server Specifies the IP address of a RADIUS server to be deleted ipaddress from the management software. The parameters are equivalent. Description Use this command to delete the IP address of a RA DIUS from your switch. [...]

  • Página 547

    AT-S62 Command Li ne User’s Guide 547 DELETE TACACSSERVER Syntax delete tacacsserver server|ipaddress= ipaddress Parameter server Specifies the IP address of a TACACS+ server to be deleted ipaddress from the management software. The parameters are equivalent. Description Use this command to delete the IP address of a TACACS+ server from your swit[...]

  • Página 548

    Chapter 38: TACACS+ and RADIUS Commands 548 DISABLE AUTHENTICATION Syntax disable authentication Parameters None. Description Use this command to disable TACA CS+ and RADIUS manager account authentica tion on your swi tch. Wh en you disable authentication you retain your current authen tication parameter settings. Note This command applies only to [...]

  • Página 549

    AT-S62 Command Li ne User’s Guide 549 ENABLE AUTHENTICATION Syntax enable authentication Parameters None. Description Use this command to activate TACAC S+ or RADIUS manager account authentication on your switch. Once the feature is enabled, you can use the manager accounts you created on the authentication server to log on and manage the switch.[...]

  • Página 550

    Chapter 38: TACACS+ and RADIUS Commands 550 PURGE AUTHENTICATION Syntax purge authentication Parameters None. Description This command disables authentication, returns the authentication method to TACACS+, deletes any gl obal secret, and returns the timeout value to its default setting of 10 seconds. This command does not delete the IP address or s[...]

  • Página 551

    AT-S62 Command Li ne User’s Guide 551 SET AUTHENTICATION Syntax set authentication method=tacacs|radius [secret= string ] [timeout= value ] Parameters method Specifies which authenti cator protocol, TACACS+ or RADIUS, is to be the acti ve protocol on the switch. secret Specifies the global encryp tion key that is used by the TACACS+ or RADIUS ser[...]

  • Página 552

    Chapter 38: TACACS+ and RADIUS Commands 552 The following command se lects RADIUS as the a uthentication protocol with a global encryption key of leopard09 and a timeout of 15 seconds: set authentication method=radius secret=leopard09 timeout=15[...]

  • Página 553

    AT-S62 Command Li ne User’s Guide 553 SHOW AUTHENTICATION Syntax show authentication[=tacacs|radius] Parameters None. Description This command displays the fo llowing information about the authenticated protocols on the switch: ❑ Status - The status of the authenticated protocol: enabled or disabled . The defa ult is disabled. ❑ Authenticati [...]

  • Página 554

    554 Chapter 39 Management ACL Commands This chapter contains the following commands: ❑ ADD MGMTACL on page 555 ❑ DELETE MGMTACL on page 557 ❑ DISABLE MGMTACL on page 558 ❑ ENABLE MGMTACL on page 559 ❑ SET MGMTACL on page 560 ❑ SET MGMTACL STATE on page 562 ❑ SHOW MGMTACL on page 563 Note Remember to save your changes with the SAVE CON[...]

  • Página 555

    AT-S62 Command Li ne User’s Guide 555 ADD MGMTACL Syntax add mgmtacl ipddress= ipaddress mask= string protocol=tcp interface=telnet|web|all Parameters ipaddress Specifies th e IP address of a sp ecific management workstation or a subnet. mask Specifies the mask used by the switch to filter the IP address. A binary “1” indica tes the switch sh[...]

  • Página 556

    Chapter 39: Management ACL Commands 556 If you are filtering on a specific IP address, use the mask 255. 255.255.255. For a subnet, the mask will depend on the subnet. For ex ample, to allow all management workstations in the subnet 149.11.11. 0 to manage the switch, you would enter the mask 255.255.255.0. The PROTOCOL parameter has only the one se[...]

  • Página 557

    AT-S62 Command Li ne User’s Guide 557 DELETE MGMTACL Syntax delete mgmtacl ipaddress= ipaddress mask= string protocol=tcp interface=telnet|web|all Parameters ipaddress Specifies th e IP address of the ACE to be deleted. mask Specifies the ACE’s mask. protocol Specifies the ACE’s prot ocol. There is only one option: tcp Transmission control pr[...]

  • Página 558

    Chapter 39: Management ACL Commands 558 DISABLE MGMTACL Syntax disable mgmtacl Parameters None Description This command disables the Manage ment ACL. This command is equivalent to the SET MG MTACL STATE=DISA BLE command. Example The following command disables the Management ACL. disable mgmtacl[...]

  • Página 559

    AT-S62 Command Li ne User’s Guide 559 ENABLE MGMTACL Syntax enable mgmtacl Parameters None Description This command enables the Manage ment ACL. This command is equivalent to the SET MG MTACL STATE=ENABLE command. Note Activating the Management AC L without entering any access control entries (ACEs) prohibits you from remotely managing the switch[...]

  • Página 560

    Chapter 39: Management ACL Commands 560 SET MGMTACL Syntax set mgmtacl ipaddress= ipaddress mask= string protocol=tcp interface=telnet|web|all Parameters ipaddress Specifies the IP addr ess of the ACE to be modified. mask Specifies the ACE’s mask. protocol Specifies the ACE’s management protocol. This parameter supports on ly one option: tcp Tr[...]

  • Página 561

    AT-S62 Command Li ne User’s Guide 561 Example The following command changes an ex isting access control entry with an IP address of 169.25 4.134.247 and a subnet ma sk of 255. 255.255.255 to permit web browser management only: set mgmtacl ipaddress=169.254.134.247 mask=255.255.255.255 protocol=tcp interface=web[...]

  • Página 562

    Chapter 39: Management ACL Commands 562 SET MGMTACL STATE Syntax set mgmtacl state=disable|enable Parameters state Sets the state of the Manage ment ACL. The options are: enable Enables the Management ACL. disable Disables the Management ACL. This is the default setting. Description This command enables or disables the Management ACL. This command [...]

  • Página 563

    AT-S62 Command Li ne User’s Guide 563 SHOW MGMTACL Syntax show mgmtacl state|entries Parameters state Displays the status of the Mana gement ACL as either enabled or disabled. entries Lists the entries in the Management ACL. Description This command shows the state of an d entries in the Management ACL. You can specify only on e parameter at a ti[...]

  • Página 564

    564 Index Numerics 802.1Q multiple VLAN mode 445 802.1x port-based access control authentica tor port configuring 484 displaying 493 disabling 480 displaying 493, 494, 495 enabling 482 RADIUS accounting 491 supplicant port configuring 489 displaying 493 A access control authentica tor port displaying 493 supplicant port displaying 493 access contro[...]

  • Página 565

    AT-S62 Command Li ne User’s Guide 565 AT-S62 software image downloading 236, 238, 242 uploading 246, 248, 253, 256 AT-S62 software updates downloading 15 obtaining 15 AT-S62 software, re setting to factory defaults 51 authentication disabling 548, 550 displaying 553 enabling 549 protocol, selecting 551 resetting 550 authentication failure traps d[...]

  • Página 566

    Index 566 DELETE IP ARP command 195 DELETE LACP PORT command 209 DELETE MGMTACL command 557 DELETE MSTP command 411 DELETE PKI CERTIFICATE command 523 DELETE QOS FLOWGR OUP comma nd 324 DELETE QOS POLICY command 325 DELETE QOS TRAFFICCLAS command 326 DELETE RADIUSSERVER command 546 DELETE SNMP COMMU NITY command 86 DELETE SNMPV3 US ER command 124 D[...]

  • Página 567

    AT-S62 Command Li ne User’s Guide 567 ENABLE PORTACCESS|PORTAUTH command 482 ENABLE RADIUSACCOUNTING command 483 ENABLE RSTP command 395 ENABLE SNMP AUTHE NTICATETRAP command 93 ENABLE SNMP command 92 ENABLE SNMP COMMUNITY command 94 ENABLE SNTP command 74 ENABLE SSH SERVER command 536 ENABLE STP command 382 ENABLE SWITCH PORT command 163 ENABLE [...]

  • Página 568

    Index 568 ingress filtering 443 internal port cost 424 intrusion action 171, 474 IP address displaying 66 resetting to default 48 setting 55 IPOPTION denial of service prevention 369 K keyword abbreviations 18 L LACP disabling 211, 217 displaying status 218 enabling 212, 217 LACP aggregator adding ports 205 changing adminkey 213 changing load distr[...]

  • Página 569

    AT-S62 Command Li ne User’s Guide 569 creating 518 deleting 523 displaying 530 downloading 238, 242 number of certificates 529 uploading 253, 256 PKI module information 529 point-to-point port 401, 424 policy creating 314 deleting 328 displaying 342 modifying 309, 325, 333, 336 port configuring 166 cost 387 disabling 160 displaying parameters 176[...]

  • Página 570

    Index 570 RESTART REBOOT comman d 51 RESTART SWITCH comman d 52 round robin QoS scheduling 348 RSTP activating 393 disabling 394 displaying 404 enabling 395 port, setting 401 resetting 396 setting 397 S SAVE CONFIGURATION command 26 SAVE LOG command 272 Secure Shell (SSH) configuration overview 537 serial port, speed displaying 63 setting 54 SET AC[...]

  • Página 571

    AT-S62 Command Li ne User’s Guide 571 SET SWITCH PORT command 166 SET SWITCH PORT IN TRUSION command 473 SET SWITCH PORT MIRROR command 221 SET SWITCH PORT R ATELIMIT command 171 SET SWITCH PORT SECURITYMODE command 474 SET SWITCH STACKMODE command 33 SET SWITCH TRUNK command 192 SET SWITCH VLANMODE command 445 SET SYSTEM command 61 SET SYSTEM DI[...]

  • Página 572

    Index 572 destroying 88 disabling 91 enabling 92, 94 modifying 95 SNMPv3 Access Table entry clearing 103 creating 109 deleting 125 modifying 133 SNMPv3 Community Table entry clearing 105 creating 112 deleting 127 modifying 135 SNMPv3 Notify Table entry clearing 106 creating 116 deleting 129 modifying 139 SNMPv3 SecurityToGroup Table entry creating [...]

  • Página 573

    AT-S62 Command Li ne User’s Guide 573 system files downloading 238, 242 uploading 248, 253, 256 system name, configuring 50, 61 system time displaying 79 T TACACS+ server adding 545 deleting 547 tagged port adding 463 adding to VLAN 433 deleting 439, 467 specifying 435 TEARDROP denial of ser vice prevention 375 Telnet server disabling 40 enabling[...]