Manual 18119194

Manual 18119194
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
CH A P T E R
2
Cisco Virtual Security Gateway Commands
This chapter provides information about Cisco Virtual Security Gateway (VSG) commands.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-1
Chapter 2
Cisco Virtual Security Gateway Commands
action
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
action
To specify the actions to be executed when traffic characteristics match with an associated rule, use the
action command. To remove the binding of the action with the given rule, use the no version of this
command.
action {drop | permit | log | inspection protocol-type}
Syntax Description
drop
Drops the incoming packets.
permit
Permits the incoming packets.
log
Logs the policy evaluation event.
inspection
Specifies the protocol be inspected.
protocol-type
Specific protocol type to be inspected. FTP, RSH, and TFTP are supported.
Command Default
None
Command Modes
Policy configuration (config-policy)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
Use the action command to specify the actions to be executed when traffic characteristics match with
the associated rule. The command can be entered multiple times until the upper bound limit is reached.
Examples
This example shows how to specify that the policy is to drop packets.
vsm(config-policy)# action drop
Related Commands
Command
Description
rule
Enters the rule configuration submode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-2
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
attach
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
attach
To access a module or the console of a module, use the attach command.
attach {console module module-number | module module-number}
Syntax Description
console module
Specifies the console.
module-number
Module number. The range is from 1 to 66.
module
Specifies a module.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to attach to a module:
VSG# attach module 1
Attaching to module 1 ...
To exit type 'exit', to abort type '$.'
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
vsg#
Related Commands
Command
Description
show terminal
Displays information about the terminal.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-3
Chapter 2
Cisco Virtual Security Gateway Commands
attribute
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
attribute
To specify the particular attribute characteristics of a policy that is to be tested, use the attribute
command.
attribute attr-seq-num attr-name value attr-value
Syntax Description
attr-seq-num
Attribute input sequence number.
attr-name
Name of a VM or network attribute (for example, src.vm.name).
value
Designates the use of the following attribute value.
attr-value
Value of a VM or network attribute (for example, engg).
Command Default
None
Command Modes
Test policy-engine (test-policy-engine)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Examples
This example shows how to specify an attribute for a policy.
vsg(test-policy-engine)# attribute 1 src.vm.name value engg
vsg(test-policy-engine)# attribute 2 src.net.ip-address value 10.10.10.1
vsg(test-policy-engine)# exit
Result: DROP, Policy: p1, Rule: r1
Related Commands
Command
Description
test policy-engine
Enters the test policy-engine submode.
simulate-pe-req policy
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-4
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
banner motd
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
banner motd
To configure a message of the day (MOTD) banner, use the banner motd command.
banner motd [delimiting-character message delimiting-character]
no banner motd [delimiting-character message delimiting-character]
Syntax Description
delimiting-character
(Optional) Character used to signal the beginning and end of the message
text. For example, in the following message, the delimiting character is #:
#Testing the MOTD#
message
(Optional) Banner message. Up to 40 lines with a maximum of 80
characters in each line.
Defaults
“User Access Verification” is the default message of the day.
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
The MOTD banner is displayed on the terminal before the login prompt whenever you log in.
The message is restricted to 40 lines and 80 characters per line.
To create a multiple-line MOTD banner, press Enter before typing the delimiting character to start a new
line. You can enter up to 40 lines of text.
Follow these guidelines when choosing your delimiting character:
Examples
•
Do not use the delimiting-character in the message string.
•
Do not use " and % as delimiters.
This example shows how to configure and then display a banner message with the text, “Testing the
MOTD:”
vsg# configure
vsg(config)# banner motd #Testing the MOTD#
vsg(config)# show banner motd
Testing the MOTD
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-5
Chapter 2
Cisco Virtual Security Gateway Commands
banner motd
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
This example shows how to configure and then display a multiple-line MOTD banner:
vsg(config)# banner motd #Welcome to authorized users.
> Unauthorized access prohibited.#
vsg(config)# show banner motd
Welcome to authorized users.
Unauthorized access prohibited.
This example shows how to revert to the default MOTD banner:
vsg# configure
vsg(config)# no banner motd
vsg(config)# show banner motd
User Access Verification
Related Commands
Command
Description
show banner motd
Displays the MOTD banner.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-6
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
boot
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
boot
To configure boot images, use the boot command. To revert to default settings, use the no form of this
command.
boot {asm-sfn | auto-copy | kickstart bootflash | ssi | system bootflash}
no boot {asm-sfn | auto-copy | kickstart bootflash | ssi | system bootflash}
Syntax Description
asm-sfn
Specifies a boot variable.
auto-copy
Enables or disables automatic copying of boot images to the standby Cisco
VSG.
kickstart bootflash
Specifies the boot variable URI for the kickstart image.
ssi
Specifies a boot variable.
system bootflash
Specifies the boot variable URI for the system image.
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to configure a boot variable:
vsg# configure
vsg(config)# boot asm-sfn bootflash module 6
Related Commands
Command
Description
show boot
Displays the current boot variables.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-7
Chapter 2
Cisco Virtual Security Gateway Commands
cd
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
cd
To change to a different directory, use the cd command.
cd {bootflash: | volatile:}
Syntax Description
bootflash:
Specifies the bootflash directory.
volatile:
Specifies the volatile directory.
Defaults
bootflash:
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Use the pwd command to verify the name of the directory you are currently working in.
Examples
This example shows how to change to the volatile directory:
vsg# cd volatile
vsg#
Related Commands
Command
Description
pwd
Displays the name of the directory you are currently working in.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-8
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
cdp
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
cdp
To configure the Cisco Discovery Protocol (CDP), use the cdp command. To remove the CDP
configuration, use the no form of this command.
cdp {advertise {v1 | v2} | enable | format device-id | holdtime seconds | timer seconds}
no cdp {advertise | enable | format device-id | holdtime seconds | timer seconds}
Syntax Description
advertise
Specifies the CDP version to advertise.
v1
CDP Version 1.
v2
CDP Version 2.
enable
Enables CDP globally on all interfaces and port channels.
format device-id
Specifies the device ID format for CDP.
holdtime seconds
Sets the maximum amount of time that CDP holds onto neighbor information
before discarding it. The range is from 10 to 255.
timer seconds
Sets the refresh time for CDP to send advertisements to neighbors. The range
is from 5 to 254.
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set CDP Version 1 as the version to advertise:
vsg(config)# cdp advertise v1
This example shows how to remove CDP Version 1 as the version to advertise:
vsg(config)# no cdp advertise v1
Related Commands
Command
Description
show cdp global
Displays the CDP configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-9
Chapter 2
Cisco Virtual Security Gateway Commands
clear ac-driver
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ac-driver
To clear Application Container (AC) driver statistics, use the clear ac-driver command.
clear ac-driver statistics
Syntax Description
statistics
Defaults
None
Command Modes
EXEC
Clears AC driver statistics.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear AC driver statistics:
vsg# clear ac-driver statistics
Related Commands
Command
Description
show ac-driver
statistics
Displays AC driver statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-10
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear accounting
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear accounting
To clear the accounting log, use the clear accounting command.
clear accounting log
Syntax Description
log
Defaults
None
Command Modes
EXEC
Clears the accounting log.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the accounting log:
vsg# clear accounting log
Related Commands
Command
Description
show accounting log
Displays the accounting log.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-11
Chapter 2
Cisco Virtual Security Gateway Commands
clear bootvar
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear bootvar
To clear the boot variables log, use the clear bootvar command.
clear bootvar log
Syntax Description
log
Defaults
None
Command Modes
EXEC
Clears the boot variables log.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the boot variables log:
vsg# clear bootvar log
Related Commands
Command
Description
show bootvar log
Displays the accounting log.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-12
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear cdp
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear cdp
To clear Cisco Discovery Protocol (CDP) information, use the clear cdp command.
clear cdp {counters [interface {ethernet slot-number / port-number [. subinterface-number]}] |
mgmt 0}] | table [interface {ethernet slot-number / port-number [. subinterface-number]}]}
Syntax Description
counters
Clears the CDP counters.
interface
(Optional) Clears interfaces.
ethernet
Clears ethernet interfaces.
slot
Slot. The range is from 1 to 66.
port-number
Port number. The range is from 1 to 128.
. sub-interface
(Optional) Sub-interface number. The range of values is from 1 to 4094.
mgmt 0
Clears the management 0 interface.
table
Clears the CDP statistics table.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear CDP counters on all interfaces:
vsg# clear cdp counters
Related Commands
Command
Description
show cdp all
Displays all interfaces that are CDP enabled.
show cdp entry
Displays CDP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-13
Chapter 2
Cisco Virtual Security Gateway Commands
clear cli
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear cli
To clear command line interface (CLI) command history, use the clear cli command.
clear cli history
Syntax
Description
history
Defaults
None
Command Modes
EXEC
Clears the CLI command history.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the CLI command history:
vsg# clear cli history
Related Commands
Command
Description
show cli history
Displays the CLI command history.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-14
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear cores
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear cores
To clear the core files, use the clear cores command.
clear cores [archive file file-name]
Syntax Description
archive file
(Optional) Clears the archived core files.
file-name
Core filename.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all core files:
vsg# clear cores
Related Commands
Command
Description
show cores
Displays the core filename.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-15
Chapter 2
Cisco Virtual Security Gateway Commands
clear counters
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear counters
To clear interface loopback counters, use the clear counters command.
clear counters [interface {all | data | ethernet slot / port [.{sub-interface}] | loopback
virtual-interface-number | mgmt 0 | port-channel port-channel-number}]
Syntax Description
interface
(Optional) Interface counters.
all
Clears all interface counters.
ethernet
Clears Ethernet interface counters.
slot
Slot. The range is 1 to 66.
port
Port. The range is from 1 to 128.
sub-interface
(Optional) Sub-interface number. The range of values is from 1 to 4094.
loopback
Clears loopback interface counters.
virtual-interface-number The range is 0 to 1023.
mgmt 0
Clears the management interface.
port-channel
Clears port-channel interfaces.
port-channel-number
The range is 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a counter on a specific Ethernet interface:
vsg# clear counters ethernet 2/1
Related Commands
Command
Description
show interface
counters
Displays the interface status, which includes the counters.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-16
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear debug-logfile
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear debug-logfile
To clear the contents of the debug log, use the clear debug-logfile command.
clear debug-logfile log-name
Syntax Description
log-name
Defaults
None
Command Modes
EXEC
Name of the debug log.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the debug log:
vsg# clear debug-logfile syslog_debug
Related Commands
Command
Description
show debug logfile
Displays the contents of the debug logfile.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-17
Chapter 2
Cisco Virtual Security Gateway Commands
clear frame
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear frame
To clear Layer 2 traffic statistics, use the clear frame command.
clear frame statistics
Syntax Description
statistics
Defaults
None
Command Modes
EXEC
Clears Layer 2 traffic statistics.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the Layer 2 traffic statistics:
vsg# clear frame traffic
Related Commands
Command
Description
show vlan
Displays VLAN information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-18
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear fs-daemon
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear fs-daemon
To clear the file sharing (FS) dameon log, use the clear fs-daemon command.
clear fs-daemon log
Syntax Description
log
Defaults
None
Command Modes
EXEC
Clears the FS daemon log.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the FS dameon log:
vsg# clear fs-daemon log
Related Commands
Command
Description
show logging
Displays the logging configuration and the contents of the log file.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-19
Chapter 2
Cisco Virtual Security Gateway Commands
clear inspect
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear inspect
To clear the File Transfer Protocol (FTP) inspection statistics, use the clear inspect command.
clear inspect ftp statistics [svs-domain-id domain-id module module-number]
Syntax Description
ftp statistics
Clears FTP statistics.
svs-domain-id
(Optional) Clears FTP statistics in the SVS domain.
domain-id
SVS domain ID.
module
(Optional) Clears FTP statistics on a specific module.
module-number
Module number.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the FTP inspection statistics:
vsg# clear inspect ftp statistics svs-domain-id 2 module 63
Related
Commands
Command
Description
show vsg
Displays Cisco VSG information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-20
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear install
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear install
To clear the installation log, use the clear install command.
clear install {all failed-standby | failure-reason | status}
Syntax Description
all failed-standby
Clears all the installation logs.
failure-reason
Clears the installation failure reason log.
status
Clear the installation status log.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all the installation logs:
vsg# clear install all failed-standby
Related
Commands
Command
Description
show install all status
Displays the status of the current or last installation.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-21
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip adjacency statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip adjacency statistics
To clear IP address adjacency statistics, use the clear ip adjacency statistics command.
clear ip adjacency statistics
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IP adjacency statistics:
vsg# clear ip adjacency statistics
Related
Commands
Command
Description
show ipv6 adjacency
Displays IP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-22
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp
To clear specific Address Resolution Protocol (ARP) IP address statistics, use the clear ip arp
command.
clear ip arp ip-address [vrf {vrf-name | all | default | management}]
Syntax Description
ip-address
IP address. The format is A.B.C.D.
vrf
Clears all Virtual Routing and Forwarding (VRF) ARP IP address statistics.
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all ARP IP address statistics.
default
Clears default VRF ARP IP address statistics.
management
Clears management VRF ARP IP address statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a specific ARP IP address in EXEC mode:
vsg# clear ip arp 209.165.200.229
This example shows how to clear a specific ARP IP address in configuration mode:
vsg# configure
vsg#(config) clear ip arp 209.165.200.229
Related
Commands
Command
Description
show ip arp
Displays IP ARP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-23
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp data
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp data
To clear Address Resolution Protocol (ARP) IP address statistics on the data 0 interface, use the clear
ip arp data command.
clear ip arp data 0 [vrf {vrf-name | all | default | management}]
Syntax
Description
0
Clears data 0 interface ARP IP address statistics.
vrf
(Optional) Clears Virtual Routing and Forwarding (VRF) ARP IP address
statistics.
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all ARP IP address statistics.
default
Clears default ARP IP address statistics.
management
Clears management interface ARP IP address statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all ARP IP address statistics on data 0 interface:
vsg# clear ip arp data 0 all
Related
Commands
Command
Description
show ip arp
Displays IP ARP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-24
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp ethernet
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp ethernet
To clear ARP IP address statistics on Ethernet interfaces, use the clear ip arp ethernet command.
clear ip arp ethernet slot-number / port-number [. | vrf vrf-name]
Syntax
Description
slot-number
Slot number.
port-number
Port number.
vrf
(Optional) Clears VRF ARP IP address statistics.
vrf-name
VRF name. The range is from 1 to 32.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ARP IP address statistics on an Ethernet interface:
vsg# clear ip arp ethernet 1 / 1
Related
Commands
Command
Description
show ip arp
Displays IP ARP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-25
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp loopback
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp loopback
To clear Address Resolution Protocol (ARP) IP address statistics on loopbacks, use the clear ip arp
loopback command.
clear ip arp loopback loopback-number [vrf vrf-name]
Syntax
Description
loopback-number
Loopback number.
vrf
(Optional) Clears VRF ARP IP address statistics.
vrf-name
VRF name. The range is from 1 to 32.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ARP IP address statistics on a loopback:
vsg# clear ip arp loopback 10
Related Commands
Command
Description
show ip arp
Displays ARP IP address information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-26
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp mgmt
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp mgmt
To clear Address Resolution Protocol (ARP) IP address statistics on the management interface, use the
clear ip arp mgmt command.
clear ip arp mgmt 0 [vrf {vrf-name} | all | default | management}]
Syntax
Description
0
Clears management 0 interface ARP IP address statistics.
vrf
(Optional) Clears Virtual Routing and Forwarding (VRF) ARP IP address
statistics.
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all ARP IP address statistics.
default
Clears default ARP IP address statistics.
management
Clears management interface ARP IP address statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ARP IP address statistics on the management interface:
vsg# clear ip arp mgmt all
Related
Commands
Command
Description
show ip arp
Displays IP ARP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-27
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp port-channel
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp port-channel
To clear Address Resolution Protocol (ARP) IP address statistics on port channels, use the clear ip arp
port-channel command.
clear ip arp port-channel port-channel-number [. sub-interface | vrf vrf-name]
Syntax
Description
port-channel-number
Port channel number.
sub-interface
(Optional) Sub-interface number.
vrf
(Optional) Clears Virtual Routing and Forwarding (VRF) ARP IP address
statistics.
vrf-name
VRF name. The range is from 1 to 32.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ARP IP address statistics on a port channel:
vsg# clear ip arp port-channel 2
Related Commands
Command
Description
show port-channel
Displays port-channel information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-28
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp statistics
To clear Address Resolution Protocol (ARP) IP address statistics, use the clear ip arp statistics
command.
clear ip arp statistics {data 0 | ethernet | loopback | mgmt | port-channel | vrf}
Syntax
Description
data 0
Clears the data 0 interface.
ethernet
Clears the Ethernet interface.
loopback
Clears the loopback interface.
mgmt
Clears the management interface.
port-channel
Clears the port channel interface.
vrf
Clears the Virtual Routing and Forwarding (VRF) interface.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ARP IP address statistics on data 0:
vsg# clear ip arp statistics data 0
Related Commands
Command
Description
show ip
Displays IP information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-29
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip arp vrf
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip arp vrf
To clear Address Resolution Protocol (ARP) Virtual Routing and Forwarding (VRF) IP address
statistics, use the clear ip arp vrf command.
clear ip arp vrf {vrf-name | all | default | management}
Syntax
Description
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all ARP IP address statistics.
default
Clears default ARP IP address statistics.
management
Clears management interface ARP IP address statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IP ARP VRF IP address statistics:
vsg# clear ip arp vrf vrf1
Related
Commands
Command
Description
show vrf
Displays VRF information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-30
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip igmp event-history
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip igmp event-history
To clear Internet Group Management Protocol (IGMP) IP address event history entries, use the clear ip
igmp event-history command.
clear ip igmp event-history {cli | debugs | events | ha | igmp-internal | mtrace | policy | vrf}
Syntax
Description
cli
Clears the command line interface (CLI) IGMP IP address event history
entries.
debugs
Clears debug IGMP IP address event history entries.
events
Clears events IGMP IP address event history entries.
ha
Clears high-availability (HA) IGMP IP address event history entries.
igmp-internal
Clears internal IGMP IP address event history entries.
mtrace
Clears Mtrace IGMP IP address event history entries.
policy
Clears policy IGMP IP address event history entries.
vrf
Clears virtual routing and forwarding (VRF) IGMP IP address event history
entries.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear HA IGMP IP address event history entries:
vsg# clear ip igmp event-history ha
Related
Commands
Command
Description
show ip igmp
Displays the IGMP status and the IGMP configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-31
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip igmp snooping
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip igmp snooping
To clear Internet Group Management Protocol (IGMP) IP address snooping entries, use the clear ip
igmp snooping command.
clear ip igmp snooping {event-history [VPC | igmp-snoop-internal | mfdm | mfdm-sum | vlan |
vlan-events] | explicit-tracking vlan vlan-id | statistics vlan [vlan-id | all]}
Syntax Description
event-history
Clears event history IGMP IP address snooping entries.
VPC
(Optional) Clears virtual port channel (vPC) IGMP IP address snooping
entries.
igmp-snoop-internal
(Optional) Clears internal IGMP IP address snooping entries.
mfdm
(Optional) Clears MFDM IGMP IP address snooping entries.
mfdm-sum
(Optional) Clears MFDM-sum IGMP IP address snooping entries.
vlan
(Optional) Clears VLAN IGMP IP address snooping entries.
vlan-events
(Optional) Clears VLAN event IGMP IP address snooping entries.
explicit-tracking
Clears explicit tracking IGMP IP address snooping entries.
statistics vlan
Clears VLAN statistical IGMP IP address snooping entries.
vlan-id
(Optional) VLAN identification number. The range is from 1 to 3967 or 4048
to 4093.
all
(Optional) Clears all IGMP IP address snooping entries.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IGMP IP address snooping entries:
vsg# clear ip igmp snooping all
Related Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-32
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip igmp snooping
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show ip igmp
Displays IGMP status and configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-33
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip interface
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip interface
To clear IP address statistics on interfaces, use the clear ip interface command.
clear ip interface statistics [data 0 | ethernet slot-number / port-number [. sub-interface-number]
| loopback loopback-number | mgmt | port-channel port-channel-number
[. sub-interface-number]]
Syntax Description
statistics
Clears IP address statistics on interfaces.
data 0
(Optional) Clears IP address statistics on the data 0 interface.
ethernet
(Optional) Clears IP address statistics on Ethernet interfaces.
slot-number
Slot number. The range is from 1 to 66.
port-number
Port number. The rang is from 1 to 128.
subinterface-number
Subinterface number. The range is 1 to 4094.
loopback
(Optional) Clears IP address statistics on the loopback interface.
loopback-number
Loopback number. The range is from 0 to 123.
mgmt 0
(Optional) Clears IP address statistics on the management 0 interface.
port-channel
(Optional) Clears IP address statistics on the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IP address statistics on an Ethernet interface:
vsg# clear ip interface statistics ethernet 1 / 2
Related
Commands
Command
Description
show ip interface
Displays IP interface information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-34
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip route
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip route
To clear IP routing information, use the clear ip route command.
clear ip route {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot / port | loopback loopback-number |
port-channel portchannel-number}] | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot / port |
loopback loopback-number | port-channel portchannel-number}] | vrf {vrf-name | default |
management 0}}
Syntax Description
*
Clears all IP routing information.
A.B.C.D
Clears IP routing information at a specific IP address.
data 0
Clears IP routing information on the management 0 interface.
ethernet slot / port
Clears IP routing information on a specific Ethernet interface.
loopback
Clears IP routing information on the loopback interface.
loopback-number
Loopback number. The range is from 0 to 1023.
port-channel
Clears IP routing information on the port channel.
portchannel-number
Port-channel number. The range is from 1 to 4096.
A.B.C.D/LEN
Clears IP routing information at a specific IP address.
vrf
Clears IP routing information for a VRF.
vrf-name
Virtual forwarding and routing (VRF) name. The range is from 1 to 32.
default
Clears default IP routing information.
management 0
ClearsIP routing information on the management 0 interface.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IP routing information:
vsg# clear ip route *
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-35
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip route
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related
Commands
Command
Description
show routing
Displays routes.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-36
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ip traffic
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ip traffic
To clear global IP statistics, use the clear ip traffic command.
clear ip traffic [vrf {vrf-name | default | management}]
Syntax Description
vrf
Clears Virtual Routing and Forwarding (VRF) global IP address statistics.
vrf-name
VRF name. The range is from 1 to 32.
default
Clears default global IP address statistics.
management
Clears management global IP address statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear global IP statistics:
vsg# clear ip traffic
Related
Commands
Command
Description
show ip traffic
Displays IP traffic information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-37
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 adjacency statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ipv6 adjacency statistics
To clear IPv6 address adjacency statistics, use the clear ipv6 adjacency statistics command.
clear ipv6 adjacency statistics
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IPv6 address adjacency statistics:
vsg# clear ipv6 adjacency statistics
Related
Commands
Command
Description
show ipv6 adjacency
Displays IPv6 statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-38
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 icmp interface statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ipv6 icmp interface statistics
To clear Internet Control Management Protocol (ICMP) IPv6 interface statistics, use the clear ipv6 icmp
interface statistics command.
clear ipv6 icmp interface statistics [data 0 | ethernet slot-number / port-number
[. sub-interface-number] | loopback virtual-interface-number | port-channel
port-channel-number [. sub-interface-number] ]
Syntax Description
data 0
(Optional) Clears the data 0 interface.
ethernet
(Optional) Clears the Ethernet interface.
slot-number
Ethernet slot number. The range is from 1 to 66.
/
Slot number port number separator.
port-number
Ethernet port number. The range is from 1 to 128.
.
Port number subinterface number separator.
sub-interface-number
(Optional) Subinterface number. The range is from 1 to 4094.
loopback
(Optional) Clears the loopback interface.
virtual-interface-number
Virtual interface number. The range is from 0 to 1023.
port-channel
(Optional) Clears the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear ICMP IPv6 Ethernet interface statistics:
vsg# clear ipv6 icmp interface statistics ethernet 1 / 2 . 3
Related
Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-39
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 icmp interface statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show ipv6 icmp
Displays ICMPv6 information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-40
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 icmp mld groups
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ipv6 icmp mld groups
To clear Internet Control Message Protocol (ICMP) Multitask Listener Discovery (MLD) group IPv6
statistics, use the clear ipv6 icmp mld groups command.
clear ipv6 icmp mld groups {* [vrf {vrf-name | all | default | management}] | A:B::C:D |
A:B::C:D/LEN}
Syntax Description
*
Clears all routes.
vrf
(Optional) Clears ICMP MLD virtual routing and forwarding (VRF) IPv6
routes.
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all routing information.
default
Clears default routing information.
management
Clears management routing information.
A:B::C:D
Clears a specific IPv6 address.
A:B::C:D/LEN
Clears a specific IPv6 address.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all ICMP MLD group IPv6 statistics:
vsg# clear ipv6 icmp mld groups *
Related
Commands
Command
Description
show ipv6 icmp
Displays ICMPv6 information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-41
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 icmp mld route
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ipv6 icmp mld route
To clear Internet Control Message Protocol (ICMP) Multitask Listener Discovery (MLD) routes, use the
clear ipv6 icmp mld route command.
clear ipv6 icmp mld route {* [vrf {vrf-name | all | default | management}] | A:B::C:D |
A:B::C:D/LEN}
Syntax Description
*
Clears all routes.
vrf
(Optional) Clears ICMP MLD virtual routing and forwarding (VRF) IPv6
routes.
vrf-name
VRF name. The range is from 1 to 32.
all
Clears all routing information.
default
Clears default routing information.
management
Clears management routing information.
A:B::C:D
Clears a specific ICMP MLD IPv6 route.
A:B::C:D/LEN
Clears a specific ICMP MLD IPv6 route.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IPv6 ICMP MLD routes:
vsg# clear ipv6 icmp mld route *
Related
Commands
Command
Description
show ipv6 icmp
Displays ICMPv6 information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-42
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 nd interface statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ipv6 nd interface statistics
To clear Neighbor Discovery (ND) IPv6 interface statistics, use the clear ipv6 nd interface statistics
command.
clear ipv6 nd interface statistics [data 0 | ethernet slot-number / port-number
[. sub-interface-number] | loopback virtual-interface-number | port-channel
port-channel-number [. sub-interface-number] ]
Syntax Description
data 0
(Optional) Clears the data 0 interface.
ethernet
(Optional) Clears the Ethernet interface.
slot-number
Ethernet slot number. The range is from 1 to 66.
/
Slot number port number separator.
port-number
Ethernet port number. The range is from 1 to 128.
.
Port number sub-interface number separator.
sub-interface-number
(Optional) Subinterface number. The range is from 1 to 4094.
loopback
(Optional) Clears the loopback interface.
virtual-interface-number
Virtual interface number. The range is from 0 to 1023.
port-channel
(Optional) Clears the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IPv6 ND interface statistics:
vsg# clear ipv6 nd interface statistics ethernet 2 / 3 . 4
Related
Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-43
Chapter 2
Cisco Virtual Security Gateway Commands
clear ipv6 nd interface statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show ipv6 nd
Displays Neighbor Discovery interface statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-44
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear pktmgr client
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear pktmgr client
To clear packet manager client counters, use the clear pktmgr client command.
clear pktmgr client [client-counter-uuid]
Syntax Description
client-counter-uuid
Defaults
None
Command Modes
EXEC
(Optional) Client counter user identification. The range is from 0 to
4294967295.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a packet manager client counter:
vsg# clear pktmgr client 100
Related
Commands
Command
Description
clear routing
Clears routing information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-45
Chapter 2
Cisco Virtual Security Gateway Commands
clear pktmgr interface
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear pktmgr interface
To clear packet manager interface information, use the clear pktmgr interface command.
clear pktmgr interface [data 0 | ethernet slot-number / port-number [. sub-interface-number] |
loopback virtual-interface-number | mgmt 0 | port-channel [. sub-interface-number]]
Syntax Description
data 0
(Optional) Clears the data 0 interface.
ethernet
(Optional) Clears the Ethernet interface.
slot-number
Ethernet slot number. The range is from 1 to 66.
/
Slot-number port-number separator.
port-number
Ethernet port number. The range is from 1 to 128.
.
Port-number subinterface number separator.
sub-interface-number
Subinterface number. The range is from 1 to 4094.
loopback
(Optional) Clears the loopback interface.
virtual-interface-number
Virtual interface number. The range is from 0 to 1023.
port-channel
(Optional) Clears the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear packet manager interface information:
vsg# clear pktmgr interface ethernet 10 / 11 . 12
Related
Commands
Command
Description
clear pktmgr client
Clears the packet manager client.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-46
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear line
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear line
To end a session on a specified Virtual Teletype (VTY), use the clear line command.
clear line vty-name
Syntax Description
vty-name
Defaults
None
Command Modes
EXEC
VTY name. The range is from 1 to 64.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to end a session on a specified VTY:
vsg# clear line VTY100
Related Commands
Command
Description
show users
Displays active user sessions.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-47
Chapter 2
Cisco Virtual Security Gateway Commands
clear logging
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear logging
To clear logfile messages and logging sessions, use the clear logging command.
clear logging {logfile | session}
Syntax
Description
logfile
Clears log file messages.
session
Clears logging sessions.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear messages from the logging file:
vsg# clear logging logfile
Related Commands
Command
Description
show logging logfile
Displays the contents of the log file.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-48
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ntp
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ntp
To clear the Network Time Protocol (NTP) sessions and statistics, use the clear ntp command.
clear ntp {session | statistics {all-peers | io | local | memory}}
Syntax Description
session
Clears NTP sessions.
statistics
Clears NTP statistics.
all-peers
Clears all statistics.
io
Clears IO statistics.
local
Clears local statistics.
memory
Clears memory statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all NTP statistics:
vsg# clear ntp statistics all-peers
Related Commands
Command
Description
show ntp peers
Displays information about NTP peers.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-49
Chapter 2
Cisco Virtual Security Gateway Commands
clear nvram
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear nvram
To clear the nonvolatile RAM (NVRAM), use the clear nvram command.
clear nvram
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the NVRAM:
vsg# clear nvram
Related Commands
Command
Description
show system resources Displays system resources.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-50
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear policy-engine
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear policy-engine
To clear policy engine statistics, use the clear policy-engine command.
clear policy-engine {policy-name stats | stats}
Syntax
Description
policy-name
Policy engine name.
stats
Clears policy engine statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear policy engine statistics:
vsg# clear policy-engine stats
Related Commands
Command
Description
show policy-engine
Displays the policy engine.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-51
Chapter 2
Cisco Virtual Security Gateway Commands
clear processes
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear processes
To clear process logs, use the clear processes command.
clear processes {log {all | archive [archive-name] | pid pid-number} | vdc vdc-name {all | pid
pid-number}}
Syntax Description
log
Clears process logs.
all
Clears all process logs.
archive
Clears archived process logs.
archive-name
(Optional) Archive name.
pid
Clears the process log for a specific process.
pid-number
PID number.
vdc
Clears process logs for a specific Cisco VSG.
vdc-name
VDC name.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all process logs:
vsg# clear processes log all
Related Commands
Command
Description
show processes
Displays all processes.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-52
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear rmon
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear rmon
To clear Remote Monitoring (RMON) logs, use the clear rmon command.
clear rmon {alarms | all-alarms | events | hcalarms}
Syntax Description
alarms
Clears RMON alarms.
all-alarms
Clears all RMON alarms.
events
Clears RMON events.
hcalarms
Clears HC RMON alarms.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear RMON alarms:
vsg# clear rmon alarms
Related Commands
Command
Description
show rmon
Displays RMON information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-53
Chapter 2
Cisco Virtual Security Gateway Commands
clear role
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear role
To clear role session information, use the clear role command.
clear role session
Syntax
Description
session
Defaults
None
Command Modes
EXEC
Clears the role session information.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear role session information:
vsg# clear role session
Related Commands
Command
Description
show role
Displays role information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-54
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing *
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing *
To clear all routes, use the clear routing * command.
clear routing *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all routes:
vsg# clear routing *
Clearing ALL routes
vsg#
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-55
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing A.B.C.D
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing A.B.C.D
To clear specific routes, use the clear routing A.B.C.D command.
clear routing ip-address [ip-address {data 0 | ethernet slot-number / port-number
[.{sub-interface-number}] | loopback virtual-interface-number | port-channel
port-channel-number}]
Syntax
Description
ip-address
IP address. The format is A.B.C.D.
data 0
(Optional) Clears routing on the data 0 interface.
ethernet
(Optional) Clears routing on Ethernet interfaces.
slot-number
Slot number. The range is from 1 to 66.
/
Slot and port number separator.
port-number
Port number. The range is from 1 to 128.
.
Subinterface separator.
subinterface-number
(Optional) Subinterface number. The range is from 1 to 4094.
loopback
(Optional) Clears routing on the loopback interface.
virtual-interface-number
Loopback number. The range is from 0 to 123.
port-channel
(Optional) Clears routing on the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear routes on the data 0 interface:
vsg# clear routing 209.165.200.228 data 0
Related Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-56
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing A.B.C.D
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-57
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing A.B.C.D/LEN
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing A.B.C.D/LEN
To clear specific routes, use the clear routing A.B.C.D command.
clear routing ip-address [ip-address {data 0 | ethernet slot-number / port-number
[.{sub-interface-number}] | loopback virtual-interface-number | port-channel
port-channel-number}]
Syntax
Description
ip-address
IP address. The format is A.B.C.D.
data 0
(Optional) Clears routing on the data 0 interface.
ethernet
(Optional) Clears routing on Ethernet interfaces.
slot-number
Slot number. The range is from 1 to 66.
/
Slot and port number separator.
port-number
Port number. The range is from 1 to 128.
.
Subinterface separator.
subinterface-number
(Optional) Subinterface number. The range is from 1 to 4094.
loopback
(Optional) Clears routing on the loopback interface.
virtual-interface-number
Loopback number. The range is from 0 to 123.
port-channel
(Optional) Clears routing on the port-channel interface.
port-channel-number
Port-channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear routes on the data 0 interface:
vsg# clear routing 209.165.200.228 data 0
Related Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-58
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing A.B.C.D/LEN
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-59
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing event-history
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing event-history
To clear routing event histories, use the clear routing event-history command.
clear routing event-history {add-route | cli | delete-route | errors | general | loop-detection |
modify-route | notifications | recursive-next-hop | summary | udfm | udfm-summary}
Syntax
Description
add-route
Clears the added routes event history.
cli
Clears the command line interface (CLI) routing event history.
delete-route
Clears the deleted routes event history.
errors
Clears the error routes event history.
general
Clears the general routes event history.
loop-detection
Clears the loop-detection routes event history.
modify-route
Clears the modified routes event history.
notifications
Clears the notification routes event history.
recursive-next-hop
Clears the recursive-next-hop routing event history.
summary
Clears the summary routing event history.
ufdm
Clears the UDFM routing event history.
ufdm-summary
Clears the UDFM summary routing event history.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the loop-detection routes event history:
vsg# clear routing event-history loop-detection
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-60
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ip *
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ip *
To clear all IP routes, use the clear routing ip * command.
clear routing ip *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IP routes:
vsg# clear routing ip *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-61
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ip A.B.C.D
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ip A.B.C.D
To clear IP routing statistics, use the clear routing ip command.
clear routing ip ip-address [data 0 | ethernet slot-number / port-number [. sub-interface-number]
| loopback virtual-interface-number | mgmt 0 | port-channel [. sub-interface-number]]
Syntax
Description
data 0
Clears the data 0 interface.
ethernet
Clears the Ethernet interface.
slot-number
Ethernet slot number. The range is from 1 to 66.
/
Slot number port number separator.
port-number
Ethernet port number. The range is from 1 to 128.
.
Port number sub-interface number separator.
sub-interface-number
Sub-interface number. The range is from 1 to 4094.
loopback
Clears the loopback interface.
virtual-interface-number
Virtual interface number. The range is from 0 to 1023.
port-channel
Clears the port channel interface.
port-channel-number
Port Channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IP routes on slot 2, port 3:
vsg# clear routing ip ethernet 2 / 3
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-62
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ip A.B.C.D/LEN
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ip A.B.C.D/LEN
To clear routing, use the clear routing ip A.B.C.D/LEN command.
clear routing ip ip-address [ip-address {data 0 | ethernet slot-number / port-number
[.{sub-interface-number}] | loopback virtual-interface-number | port-channel
port-channel-number}]
Syntax Description
data 0
Clears the data 0 interface.
ethernet
Clears the Ethernet interface.
slot-number
Ethernet slot number. The range is from 1 to 66.
/
Slot number port number separator.
port-number
Ethernet port number. The range is from 1 to 128.
.
Port number sub-interface number separator.
sub-interface-number
Sub-interface number. The range is from 1 to 4094.
loopback
Clears the loopback interface.
virtual-interface-number
Virtual interface number. The range is from 0 to 1023.
port-channel
Clears the port channel interface.
port-channel-number
Port Channel number. The range is from 1 to 4096.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear IP routes:
vsg# clear routing ip 209.165.200.228
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-63
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ip event-history
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ip event-history
To clear routing event histories, use the clear routing ip event-history command.
clear routing ip event-history {add-route | cli | delete-route | errors | general | loop-detection |
modify-route | notifications | recursive-next-hop | summary | udfm | udfm-summary}
Syntax
Description
add-route
Clears the added routes event history.
cli
Clears the command line interface (CLI) routing event history.
delete-route
Clears the deleted routes event history.
errors
Clears the error routes event history.
general
Clears the general routes event history.
loop-detection
Clears the loop-detection routes event history.
modify-route
Clears the modified routes event history.
notifications
Clears the notification routes event history.
recursive-next-hop
Clears the recursive-next-hop routing event history.
summary
Clears the summary routing event history.
udfm
Clears the UDFM routing event history.
udfm-summary
Clears the UDFM summary routing event history.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the notifications routes event history:
vsg# clear routing ip event-history notifications
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-64
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ip unicast
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ip unicast
To clear unicast routing entries, use the clear routing ip unicast command.
clear routing ip unicast {* | A.B.C.D | A.B.C.D/LEN | event-history}
Syntax
Description
*
Clears all IP unicast routes.
A.B.C.D
Clears a specific IP unicast route.
A.B.C.D/LEN
Clears a specific IP unicast route.
event-history
Clears the IP unicast event history.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IP unicast routes:
vsg# clear routing ip unicast *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-65
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ipv4
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ipv4
To clear IPv4 route entries, use the clear routing ipv4 command.
clear routing ipv4 {* | A.B.C.D | A.B.C.D/LEN | event-history | unicast}
Syntax
Description
*
Clears all IPv4 routes.
A.B.C.D
Clears a specific IPv4 route.
A.B.C.D/LEN
Clears a specific IPv4 route.
event-history
Clears the IPv4 routing event history.
unicast
Clears IPv4 unicast routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IPv4 routes:
vsg# clear routing ipv4 *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-66
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing ipv6
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing ipv6
To clear IPv6 route entries, use the clear routing ipv6 command.
clear routing ipv6 {* | A:B::C:D | A:B::C:D/LEN | event-history | unicast}
Syntax
Description
*
Clears all IPv6 routes.
A:B::C:D
Clears a specific IPv6 route.
A:B::C:D/LEN
Clears a specific IPv6 route.
event-history
Clears the IPv6 routing event history.
unicast
Clears IPv6 unicast routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all IPv6 routes:
vsg# clear routing ipv6 *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-67
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf
To clear virtual routing and forwarding (VRF) routes, use the clear routing vrf command.
clear routing vrf vrf-name
Syntax Description
vrf-name
Defaults
None
Command Modes
EXEC
VRF name. The range is from 1 to 32.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear VRF routes:
vsg# clear routing vrf vrfTest
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-68
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf default
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf default
To clear virtual routing and forwarding (VRF) routes, use the clear routing vrf default command.
clear routing vrf default {* | A.B.C.D | A.B.C.D/LEN | ip | ipv4 | ipv6 | unicast}
Syntax Description
*
Clears all VRF routes.
A.B.C.D
Clears a specific VRF route.
A.B.C.D/LEN
Clears a specific VRF route.
ip
Clears IP VRF routes.
ipv4
Clears IPv4 VRF routes.
ipv6
Clears IPv6 VRF routes.
unicast
Clears unicast VRF routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear VRF routes:
vsg# clear routing vrf default *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-69
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management *
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management *
To clear all virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management * command.
clear routing vrf management *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all VRF management routes:
vsg# clear routing vrf management *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-70
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management
To clear specific virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management command.
clear routing vrf managment ethernet-address [ethernet-address {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]}
Syntax Description
ethernet-address
Ethernet address.
data 0
Clears VRF management routes.
ethernet
Clears VRF management routes on Ethernet ports.
slot-number
Ethernet port slot number.
/
Slot and port separator.
port-number
Ethernet port number.
. sub-interface
(Optional) Ethernet subinterface.
loopback
Clears VRF management routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management routes on a port channel.
port-number
Port-channel number.
unicast
Clears unicast IP routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a specific set of Ethernet routes:
vsg# clear routing vrf management 209.165.200.226 209.165.200.236 ethernet 2 / 4
Related Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-71
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-72
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management
To clear specific virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management command.
clear routing vrf managment ethernet-address [ethernet-address {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]}
Syntax Description
ethernet-address
Ethernet address.
data 0
Clears VRF management routes.
ethernet
Clears VRF management routes on Ethernet ports.
slot-number
Ethernet port slot number.
port-number
Ethernet port number.
. sub-interface
Ethernet subinterface.
loopback
Clears VRF management routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management routes on a port channel.
port-number
Port-channel number.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a specific set of Ethernet routes:
vsg# clear routing vrf management 209.165.200.226 209.165.200.236 ethernet 2 / 4
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-73
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management ip
To clear virtual routing and forwarding (VRF) IP management routes, use the clear routing vrf
management ip command.
clear routing vrf managment ip {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [.
sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} |
unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback
loopback-number | port-channel port-number [. sub-interface]}}
Syntax Description
*
Clears all IP routes.
A.B.C.D
(Optional) Clears a specific VRF management IP route.
data 0
Clears VRF management IP routes.
ethernet
Clears VRF management IP routes on Ethernet ports.
slot-number
Ethernet port slot number.
/
Slot number and port number separator.
port-number
Ethernet port number.
.
Subinterface separator.
sub-interface
(Optional) Ethernet subinterface.
loopback
Clears VRF management IP routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management IP routes on a port channel.
port-number
Port-channel number.
unicast
Clears unicast IP routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-74
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Examples
This example shows how to clear all IP unicast routes:
vsg# clear routing vrf management ip unicast *
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-75
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ipv4
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management ipv4
To clear IPv4 virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management ipv6 command.
clear routing vrf managment ipv4 {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [.
sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} |
unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback
loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
*
Clears all IPv4 routes.
A.B.C.D
Clears a specific VRF management IPv4 route.
data 0
Clears VRF management IPv4 routes.
ethernet
Clears VRF management IPv4 routes on Ethernet ports.
slot-number
Ethernet port slot number.
/
Slot number and port number separator.
port-number
Ethernet port number.
.
Subinterface separator.
sub-interface
Ethernet subinterface.
loopback
Clears VRF management IPv4 routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management IPv4 routes on a port channel.
port-number
Port-channel number.
unicast
Clears unicast IP routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-76
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ipv4
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Examples
This example shows how to clear an IPv4 VRF management route:
vsg# clear routing vrf management ipv4 209:165::200:229
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-77
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ipv6
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management ipv6
To clear IPv6 virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management ipv6 command.
clear routing vrf managment ipv6 {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [.
sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} |
unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback
loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
*
Clears all IPv6 routes.
A.B.C.D
Clears a specific IPv6 route.
data 0
Clears VRF management IPv6 routes.
ethernet
Clears VRF management IPv6 routes on Ethernet ports.
slot-number
Ethernet port slot number.
/
Slot number and port number separator.
port-number
Ethernet port number.
.
Subinterface separator.
sub-interface
Ethernet subinterface.
loopback
Clears VRF management IPv6 routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management IPv6 routes on a port channel.
port-number
Port-channel number.
unicast
Clears unicast IP routes.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-78
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management ipv6
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Examples
This example shows how to clear an IPv6 VRF management route:
vsg# clear routing vrf management ipv6 209:165::200:225
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-79
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management unicast
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear routing vrf management unicast
To clear unicast virtual routing and forwarding (VRF) management routes, use the clear routing vrf
management unicast command.
clear routing vrf managment unicast {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number /
port-number [. sub-interface] | loopback loopback-number | port-channel port-number [.
sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [.
sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
*
Clears all unicast routes.
A.B.C.D
Clears a specific VRF management unicast route.
data 0
Clears VRF management unicast routes.
ethernet
Clears VRF management unicast routes on Ethernet ports.
slot-number
Ethernet port slot number.
/
Slot number and port number separator.
port-number
Ethernet port number.
.
Subinterface separator.
sub-interface
Ethernet subinterface.
loopback
Clears VRF management unicast routes on a loopback.
loopback-number
Loopback number.
port-channel
Clears VRF management unicast routes on a port channel.
port-number
Port-channel number.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a specific unicast route:
vsg# clear routing vrf management unicast 209.165.200.225
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-80
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear routing vrf management unicast
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
show routing
Displays the IP route table.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-81
Chapter 2
Cisco Virtual Security Gateway Commands
clear scheduler
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear scheduler
To clear the scheduler log, use the clear scheduler command.
clear scheduler logfile
Syntax
Description
logfile
Defaults
None
Command Modes
EXEC
Clears the scheduler log.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the scheduler log file:
vsg# clear scheduler logfile
Related Commands
Command
Description
show scheduler logfile
Displays the scheduler log file.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-82
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear screen
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear screen
To clear the screen, use the clear screen command.
clear screen
Syntax Description
This command has no key words or arguments.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the screen:
vsg# clear screen
Related Commands
Command
Description
show terminal
Displays terminal configuration parameters.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-83
Chapter 2
Cisco Virtual Security Gateway Commands
clear service-path
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear service-path
To clear service path information, use the clear service-path command.
clear service-path {connection | statistics [svs-domain-id id module module-number]}
Syntax
Description
connection
Clears all the connection entries in the flow table.
statistics
Clears service path statistics.
svs-domain-id
(Optional) Clears the SVS domain identification number.
id
DVS domain identification number.
module
(Optional) Clears module information.
module-number
Module number.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear service path statistics:
vsg# clear service-path statistics
Related Commands
Command
Description
show service-path statistics
Displays service path statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-84
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear snmp
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear snmp
To clear Simple Network Management Protocol (SNMP) information, use the clear snmp command.
clear snmp {counters | hostconfig}
Syntax
Description
counters
Clears the SNMP counters.
hostconfig
Clears the SNMP host list.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear SNMP counters:
vsg# clear snmp counters
Related Commands
Command
Description
show snmp community
Displays SNMP community strings.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-85
Chapter 2
Cisco Virtual Security Gateway Commands
clear sockets
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear sockets
To clear socket statistics, use the clear sockets command.
clear sockets {all | raw | raw6 | tcp | tcp6 | udp | udp6}
Syntax
Description
all
Clears all socket statistics.
raw
Clears RAW v4 statistics.
raw6
Clears RAW v6 statistics.
tcp
Clears TCP v4 statistics.
tcp6
Clears TCP v6 statistics.
udp
Clears UDP v4 statistics.
udp6
Clears UDP v6 statistics.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear socket statistics:
vsg# clear sockets all
Related Commands
Command
Description
show sockets statistics
Displays TCP socket statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-86
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear ssh
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear ssh
To clear the Secure Shell (SSH) host session, use the clear ssh command.
clear ssh hosts
Syntax
Description
hosts
Defaults
None
Command Modes
EXEC
Clears the SSH host session.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear all SSH host sessions:
vsg# clear ssh hosts
Related Commands
Command
Description
show ssh
Displays SSH information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-87
Chapter 2
Cisco Virtual Security Gateway Commands
clear system internal ac application
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear system internal ac application
To clear application containers, use the clear system internal ac application command.
clear system internal ac application application-name instance instance-number [fe fe-name]
Syntax Description
application-name
Application container name.
instance
Clears the application container instance.
instance-number
Application container instance number.
fe
(Optional) Clears the functional element.
fe-name
Functional element name.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear an application container:
vsg# clear system internal ac application core instance 1
Related Commands
Command
Description
show system internal ac
application
Displays application container information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-88
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clear system internal ac ipc-stats
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear system internal ac ipc-stats
To clear application container Instructions per Cycle (IPC) statistics, use the clear system internal ac
ipc-stats command.
clear system internal ac ipc-stats fe {attribute-manager | inspection-ftp | inspection-rsh |
inspection-tftp | service-path}
Syntax Description
fe
Clears the functional element.
attribute-manager Clears the attribute manager FE.
inspection-ftp
Clears the inspection FTP FE.
inspection-rsh
Clears the inspection RSH FE.
inspection-tftp
Clears the inspection TFTP FE.
service-path
Clears the service path FE.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear application container IPC statistics:
vsg# clear system internal ac ipc-stats
vsg#
Related Commands
Command
Description
show system internal ac
application
Displays application container information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-89
Chapter 2
Cisco Virtual Security Gateway Commands
clear user
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clear user
To clear a user session, use the clear user command.
clear user user-id
Syntax Description
user-id
Defaults
None
Command Modes
EXEC
User identification number.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear a user session:
vsg# clear user user1
Related Commands
Command
Description
show users
Displays user session information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-90
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
cli
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
cli
To define a command line interface (CLI) variable for a terminal session, use the cli command. To
remove the CLI variable, use the no form of this command.
cli var name variable-name variable-text
cli no var name variable-name
Syntax Description
variable-name
Variable name. The name is alphanumeric, case sensitive, and has a
maximum of 31 characters.
variable-text
Variable text. The text is alphanumeric, can contain spaces, and has a
maximum of 200 characters.
Defaults
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
You can reference a CLI variable using the following syntax:
$(variable-name)
Instances where you can use variables are as follows:
•
Command scripts
•
Filenames
You cannot reference a variable in the definition of another variable.
You can use the predefined variable, TIMESTAMP, to insert the time of day. You cannot change or
remove the TIMESTAMP CLI variable.
You must remove a CLI variable before you can change its definition.
Examples
This example shows how to define a CLI variable:
vsg# cli var name testinterface interface 2/3
vsg#
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-91
Chapter 2
Cisco Virtual Security Gateway Commands
cli
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
This example shows how to reference the TIMESTAMP variable:
vsg# copy running-config > bootflash:run-config-$(TIMESTAMP).cnfg
vsg#
This example shows how to remove a CLI variable:
vsg# cli no var name testinterface interface 2/3
vsg#
Related
Commands
Command
Description
show cli variables
Displays the CLI variables.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-92
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
clock set
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
clock set
To manually set the clock, use the clock set command.
clock set time day month year
Syntax Description
time
Time of the day. The format is HH:MM:SS.
day
Day of the month. The range is from 1 to 31.
month
Month of the year. The values are January, February, March, April, May,
June, July, August, September, October, November, and December.
year
Year. The range is from 2000 to 2030.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Use the clock set command when you cannot synchronize your device with an outside clock source, such
as a Network Time Protocol (NTP) server.
Examples
This example shows how to manually set the clock:
vsg# clock set 9:00:00 29 January 2011
vsg#
Related Commands
Command
Description
show clock
Displays the clock time.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-93
Chapter 2
Cisco Virtual Security Gateway Commands
condition
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
condition
To specify a condition statement used in a rule or zone, use the condition command. To remove the
condition statement for a rule or zone, use the no form of this command
condition attribute-name {eq | neq | gt | lt | prefix | contains | in-range | member-of | not-in-range
| not-member-of} attribute-value1 [attribute-value2]
Syntax Description
attribute-name
Name of the attribute for the rule object.
eq
Equal to a number or exactly matched with a string.
neq
Not equal to a number or not exactly matched with a string.
gt
Greater than.
lt
Less than.
prefix
Specifies a prefix of a string or an IP address.
contains
Contains a substring.
in-range
A range of two integers, dates, times, or IP addresses.
member-of
A member of an object-group.
not-in-range
Negation of the in-range operator.
not-member-of
Negation of the member.
attribute-value1
Value of an attribute (for example, 10.10.10.1) or name of an object-group
(for example, “ipaddr-group”).
attribute-value2
(Optional) Value of an attribute or the netmask of a network address.
Command Default
None
Command Modes
Policy configuration (config-policy)
Zone configuration (config-zone)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
Use the condition command to specify a condition statement that is used in a rule. Each condition
statement supports one of the virtual machine (VM), zone, network, or environment attributes. When
multiple condition statements are used in a rule, all conditions are considered to be AND’d during a
policy evaluation.
The following operators must have at least two attribute values:
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-94
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
condition
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
•
prefix—When applied against an IP address (for example, prefix 10.10.10.1 255.255.255.0)
•
in-range—For all types of attribute values (for example, range 10.10.10.1 10.10.10.200)
•
not-in-range—For all types of attribute values (for example, not-in-range 10.10.10.1
10.10.10.200)
Attribute values can be any of the following:
Note
Examples
•
Integer
•
Integer range
•
IP address and a netmask
•
IP address range
•
String
•
Name of an object-group
•
Attributes used in rule conditions are mostly directional attributes.
•
Attributes usd in zone conditions are all neutral atributes.
This example shows the command condition used to set up conditions for a web server zone:
VSG(config)# zone web_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.1 10.10.1.20
VSG(config-zone# exit
This example shows the command condition used to set up conditions for an app server zone:
VSG(config)# zone app_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.21 10.10.1.40
VSG(config-zone)# exit
This example shows the command condition used to set up conditions for a database server zone:
VSG(config)# zone db_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.41 10.10.1.60
VSG(config-zone)# exit
Related Commands
Command
Description
rule
Enters the rule configuration submode.
zone
Enters the zone configuration submode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-95
Chapter 2
Cisco Virtual Security Gateway Commands
configure
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
configure
To enter configuration mode, use the configure command.
configure
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
SupportedUserRoles
network-admin
netwotk operator
CommandHistory
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enter configuration mode:
vsg# configure
Enter configuration commands, one per line.
vsg(config)#
Related Commands
End with CNTL/Z.
Command
Description
interface data 0
Enters interface configuration mode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-96
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy bootflash:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy bootflash:
To copy files from the bootflash directory, use the copy bootflash: command.
copy bootflash://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy a file from a remote bottflash directory to a local bootflash directory:
vsg# copy bootflash://jsmith@209.193.10.10/ws/jsmith-sjc/vsg-dplug.bin bootflash:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-97
Chapter 2
Cisco Virtual Security Gateway Commands
copy bootflash:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
copy volatile:
Copies files from the volatile: directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-98
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy core:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy core:
To copy files from the core directory, use the copy core: command.
copy core: //file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
ftp:
•
scp:
•
sftp:
•
tftp:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
None
Examples
This example shows how to copy a file from a remote core directory to a local volatile directory:
vsg# copy core://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Related Commandsv
Command
Description
copy log:
Copies files from the log directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-99
Chapter 2
Cisco Virtual Security Gateway Commands
copy debug:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy debug:
To copy files from the debug directory, use the copy debug: command.
copy debug: //file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy a file from a remote debug directory to a local volatile directory:
vsg# copy debug://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-100
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy debug:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commandsv
Command
Description
copy bootflash:
Copies files from the bootflash directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-101
Chapter 2
Cisco Virtual Security Gateway Commands
copy ftp:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy ftp:
To copy files from the file transfer protocol (FTP) directory, use the copy ftp: command.
copy ftp://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
log:
•
modflash:
•
nvram:
•
system:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to transfer a file from a remote FTP directory to a local bootflash directory:
vsg# copy ftp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin bootflash:/
Related Commandsv
Command
Description
copy sftp:
Copies the files from the SFTP directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-102
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy log:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy log:
To copy files from the log directory, use the copy log: command.
copy log://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote log directory to a local volatile directory:
vsg# copy log://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-103
Chapter 2
Cisco Virtual Security Gateway Commands
copy log:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commandsv
Command
Description
copy debug:
Copies files from the debug directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-104
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy modflash:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy modflash:
To copy files from the modflash directory, use the copy modflash: command.
copy modflash: //file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote modflash directory to a local volatile directory:
vsg# copy modflash://user@209.193.10.10/ws/user-sjc/vsg-mod.bin volatile:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-105
Chapter 2
Cisco Virtual Security Gateway Commands
copy modflash:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commandsv
Command
Description
copy nvram:
Copies files from the NVRAM directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-106
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy nvram:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy nvram:
To copy files from the nonvolatile RAM (NVRAM) directory, use the copy nvram: command.
copy nvram://file-address destination-address
Syntax Description
//file-address
Address of the NVRAM files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote NVRAM directory to a local volatile directory:
vsg# copy nvram://user@209.193.10.10/ws/user-sjc/vsg-ram.bin volatile:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-107
Chapter 2
Cisco Virtual Security Gateway Commands
copy nvram:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related
Commands
Command
Description
copy modflash:
Copies files from a modflash directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-108
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy running-config
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy running-config
To copy the running configuration, use the copy running-config command.
copy running-config destination-address [all-vdc]
Syntax
Description
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
all-vdc
Defaults
None
Command Modes
EXEC
•
bootflash:
•
ftp:
•
nvram:
•
scp:
•
sftp:
•
tftp:
•
volatile:
(Optional) Copies to all virtual device contexts (VDC).
Global configuration
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to copy the running configuration to the bootflash directory:
vsg# copy running-config bootflash:
Related Commandsv
Command
Description
copy startup-config
Copies a startup configuration to a specified destination.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-109
Chapter 2
Cisco Virtual Security Gateway Commands
copy scp:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy scp:
To copy files from the Secure Control Protocol (SCP) directory, use the copy scp: command.
copy scp://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
log:
•
modflash:
•
nvram:
•
running-config
•
startup-config
•
system:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote SCP directory to a local volatile directory:
vsg# copy scp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin volatile:/
Related Commandsv
Command
Description
copy sftp:
Copies files from the SFTP directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-110
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy sftp:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy sftp:
To copy files from the Secure File Transfer Protocol (SFTP) directory, use the copy sftp: command.
copy sftp://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
log:
•
modflash:
•
nvram:
•
system:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to transfer a file from a remote SFTP directory to a local bootflash directory:
vsg# copy sftp://jjones@209.193.10.11/ps/jjones-rtg/vsg-dplug.bin bootflash:/
Related Commandsv
Command
Description
copy tftp:
Copies files from the Trivial File Transfer Protocol (TFTP) directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-111
Chapter 2
Cisco Virtual Security Gateway Commands
copy startup-config
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy startup-config
To copy the startup configuration, use the copy startup-config command.
copy startup-config destination-address [all-vdc]
Syntax
Description
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
all-vdc
Defaults
None
Command Modes
EXEC
•
bootflash:
•
ftp:
•
nvram:
•
scp:
•
sftp:
•
tftp:
•
volatile:
(Optional) Copies to all virtual device contexts (VDC).
Global configuration
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to copy the startup configuration to the bootflash directory:
vsg# copy startup-config bootflash:
Related Commandsv
Command
Description
copy running-config
Copies a running configuration to a specified destination.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-112
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy system:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy system:
To copy files from the file directory, use the copy system: command.
copy system: //file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
You use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote file directory to a local bootflash directory:
vsg# copy system://pkim@209.193.10.12/ps/pkim-rich/vsg-dplug.bin bootflash:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-113
Chapter 2
Cisco Virtual Security Gateway Commands
copy system:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
copy bootflash:
Copies files to the bootflash directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-114
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy tftp:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy tftp:
To copy files from the Trivial File Transfer Protocol (TFTP) directory, use the copy tftp: command.
copy tftp://file-address destination-address
Syntax Description
//file-address
Address of the files to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
log:
•
modflash:
•
nvram:
•
system:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote TFTP directory to a local bootflash directory:
vsg# copy tftp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin bootflash:/
Related Commandsv
Command
Description
copy sftp:
Copies files from the SFTP directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-115
Chapter 2
Cisco Virtual Security Gateway Commands
copy volatile:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
copy volatile:
To copy files from the volatile directory, use the copy volatile: command.
copy volatile: //file-address destination-address
Syntax Description
//file-address
Address of the file to copy.
destination-address
Address of the destination directory.
Use one of the following directories in the destination address:
Defaults
None
Command Modes
EXEC
•
bootflash:
•
debug:
•
ftp:
•
log:
•
modflash:
•
nvram:
•
scp:
•
sftp:
•
system:
•
tftp:
•
volatile:
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy files from a remote volatile directory to a local bootflash directory:
vsg# copy volatile://user@209.193.10.10/ws/user-sjc/vsg-dplug.bin bootflash:/
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-116
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
copy volatile:
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
copy bootflash:
Copies files from the bootflash directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-117
Chapter 2
Cisco Virtual Security Gateway Commands
debug logfile
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
debug logfile
To direct the output of the debug command to a specified file, use the debug logfile command. To revert
to the default, use the no form of the command.
debug logfile filename [size bytes]
no debug logfile filename [size bytes]
Syntax Description
Defaults
filename
Name of the file for debug command output. The filename is alphanumeric,
case sensitive, and has a maximum of 64 characters.
size
(Optional) Specifies the size of the logfile in bytes.
bytes
(Optional) Bytes. The range is from 4096 to 10485760.
Default filename: syslogd_debugs
Default file size: 10485760 bytes
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
The logfile is created in the log: file system root directory.
Use the dir log: command to display the log files.
Examples
This example shows how to specify a debug logfile:
vsg# debug logfile debug_log
This example shows how to revert to the default debug logfile:
vsg# no debug logfile debug_log
Related Commands
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-118
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
debug logfile
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command
Description
dir
Displays the contents of a directory.
show debug
Displays the debug configuration.
show debug logfile
Displays the debug logfile contents.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-119
Chapter 2
Cisco Virtual Security Gateway Commands
debug logging
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
debug logging
To enable debug command output logging, use the debug logging command. To disable debug logging,
use the no form of this command.
debug logging
no debug logging
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to enable the output logging for the debug command:
vsg# debug logging
This example shows how to disable the output logging for the debug command:
vsg# no debug logging
Related Commands
Command
Description
debug logfile
Configures the logfile for the debug command output.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-120
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
delete
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
delete
To delete the contents of a directory, use the delete command.
delete {bootflash: | debug: | log: | modflash: | volatile:}
Syntax Description
bootflash:
Specifies the bootflash directory.
debug:
Specifies the debug directory.
log:
Specifies the log directory.
modflash:
Specifies the modflash directory.
volatile:
Specifies the volatile directory.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
CommandHistory
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to delete the contents of the bootflash directory:
vsg# delete bootflash:
Related Commands
Command
Description
copy
Copies files to directories.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-121
Chapter 2
Cisco Virtual Security Gateway Commands
dir
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
dir
To display the contents of a directory or file, use the dir command.
dir [bootflash: | debug: | log: | modflash: | volatile:]
Syntax Description
bootflash:
(Optional) Specifies the directory or filename.
debug:
(Optional) Specifies the directory or filename on expansion flash.
log:
(Optional) Specifies the directory or filename on log flash.
modflash:
(Optional) Specifies the directory or filename on module flash.
volatile:
(Optional) Specifies the directory or filename on volatile flash.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Use the pwd command to identify the directory you are currently working in.
Use the cd command to change the directory you are currently working in.
Examples
This example shows how to display the contents of the bootflash: directory:
vsg# dir bootflash:
Related Commands
Command
Description
cd
Changes the current working directory.
pwd
Displays the current working directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-122
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
echo
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
echo
To echo an argument back to the terminal screen, use the echo command.
echo [backslash-interpret] [text]
Syntax Description
backslash-interpret
(Optional) Interprets any character following a backslash character (\) as a
formatting option.
text
(Optional) Text string to display. The text string is alphanumeric, case
sensitive, can contain spaces, and has a maximum length of 200 characters.
The text string can also contain references to CLI variables.
Defaults
Displays a blank line.
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
You can use this command in a command script to display information while the script is running.
Table 1 lists the formatting keywords that you can insert in the text when you include the
backslash-interpret keyword.
Table 1
Formatting Options for the echo Command
Formatting
Option
Description
\b
Specifies back spaces.
\c
Removes the new line character at the end of the text string.
\f
Inserts a form feed character.
\n
Inserts a new line character.
\r
Returns to the beginning of the text line.
\t
Inserts a horizontal tab character.
\v
Inserts a vertical tab character.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-123
Chapter 2
Cisco Virtual Security Gateway Commands
echo
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Table 1
Examples
Formatting Options for the echo Command (continued)
Formatting
Option
Description
\\
Displays a backslash character.
\nnn
Displays the corresponding ASCII octal character.
This example shows how to display a blank line at the command prompt:
vsg# echo
vsg#
This example shows how to display a line of text at the command prompt:
vsg# echo Script run at $(TIMESTAMP).
Script run at 2008-08-12-23.29.24.
vsg#
This example shows how to use a formatting option in the text string:
vsg# echo backslash-interpret This is line #1. \nThis is line #2.
This is line #1.
This is line #2.
vsg#
Related Commands
Command
Description
run-script
Runs command scripts.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-124
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
end
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
end
To return to EXEC mode from any lower-level mode, use the end command.
end
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
CommandHistory
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enter VNMC policy agent mode and then how to return to EXEC mode:
vsg# configure
VSG(config)# vnm-policy-agent
VSG(config-vnm-policy-agent)#
vsg(config-vnm-policy-agent)# end
vsg#
Related Commands
Command
Description
configure
Enters configuration mode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-125
Chapter 2
Cisco Virtual Security Gateway Commands
event
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
event
To clear the event counter, use the event command.
event manager clear counter counter-name
Syntax Description
event manager
Places you in the event manager.
clear counter
Clears the counter.
counter-name
Counter name. The text string is alphanumeric, case sensitive, can contain
spaces, and has a maximum length of 28 characters.
Defaults
Displays a blank line.
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to clear the event counter:
vsg# event manager clear counter default
Related Commands
Command
Description
show event
Displays event information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-126
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
event-log service-path
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
event-log service-path
To enable logging debugs for the service-path process, use the event-log service-path command. To
disable this feature, use the no form of this command..
event-log service-path {ac {error | info | inst-error | inst-info} | fm {debug | error | info} | sp
{error | info | pkt-detail | pkt-error | pkt-info | vptah-lib-error | vpath-lib-info |
vpath-lib-frag} [terminal]
no event-log service-path {ac {error | info | inst-error | inst-info} | fm {debug | error | info} | sp
{error | info | pkt-detail | pkt-error | pkt-info | vpath-lib-error | vpath-lib-info |
vpath-lib-frag} [terminal]
Syntax Description
ac
Enables event logging for the AC module.
fm
Enables event logging for the Flow Manager module.
sp
Enables event logging for the service path module.
error
Enables logging for error events.
info
Enables logging for informational events.
inst-error
Enables logging for installation errors.
inst-info
Enables logging for installation information.
debug
Enables debug information.
pkt-detail
Enables display of packet details events.
pkt-error
Enables display of packet errors events.
pkt-info
Enables display of packet information events.
vpath-lib-error
Enables logging of vPath library errors events.
vpath-lib-info
Enables logging of vPath library information events.
vpath-lib-frag
Enables logging of vPath library fragmentation events.
terminal
Enables logging to be displayed at the terminal.
Defaults
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was modified to include sp {vpath-lib-error |
vpath-lib-info | vpath-lib-frag}
4.2(1)VSG1(1)
This command was introduced.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-127
Chapter 2
Cisco Virtual Security Gateway Commands
event-log service-path
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Usage Guidelines
Event logs are written to the process buffer and can be viewed by the show system internal event-log
service-path command. When the terminal option is entered, the event logs are displayed on the
terminal.
Examples
This example shows how to diplay on the terminal the event logs for the service-path vPath library errors:
vsg# event-log service-path sp vpath-lib-error terminal
vsg#
Related Commands
Command
Description
show event-log all
This command displays all the event-log-s turned on in the system.
show system internal
event-log service-path
This command displays the debug logs logged as a result of using the
event-log service-path sp command.
event-log save
This command saves the event-log configuration across reboots.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-128
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
exit
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
exit
To exit the current mode, use the exit command.
exit
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
CommandHistory
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to exit the current mode:
vsg(config)# exit
vsg#
Related Commands
Command
Description
end
Places you in EXEC mode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-129
Chapter 2
Cisco Virtual Security Gateway Commands
find
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
find
To find file names that begin with a character string, use the find command.
find filename-prefix
Syntax Description
filename-prefix
Defaults
None
Command Modes
EXEC
First part or all of a filename. The filename prefix is case sensitive.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
The find command searches all subdirectories under the current working directory. You can use the cd
and pwd commands to navigate to the starting directory.
Examples
This example shows how to find a file name that has a prefix of “a”:
vsg# find a
Related Commands
Command
Description
pwd
Lists the directory you are currently in.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-130
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
gunzip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
gunzip
To uncompress a compressed file, use the gunzip command.
gunzip filename
Syntax Description
filename
Defaults
None
Command Modes
EXEC
Name of the file.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
The compressed filename must have the .gz extension.
You do not have to enter the .gz extension as part of the filename.
The Cisco NX-OS software uses Lempel-Ziv 1977 (LZ77) coding for compression.
Examples
This example shows how to uncompress a compressed file:
vsg# gunzip run_cnfg.cfg
Related Commands
Command
Description
dir
Displays the directory contents.
gzip
Compresses a file.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-131
Chapter 2
Cisco Virtual Security Gateway Commands
gzip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
gzip
To compress a file, use the gzip command.
gzip filename
Syntax Description
filename
Defaults
None
Command Modes
EXEC
File name.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Usage Guidelines
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
After you use this command, the file is replaced with the compressed filename that has the .gz extension.
The Cisco NX-OS software uses Lempel-Ziv 1977 (LZ77) coding for compression.
Examples
This example shows how to compress a file:
vsg# gzip run_cnfg.cfg
Related Commands
Command
Description
dir
Displays the directory contents.
gunzip
Uncompresses a compressed file.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-132
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
install
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
install
To install an image upgrade, use the install command.
install all {iso | kickstart}
Syntax Description
iso
Specifies an ISO image.
kickstart
Specifies a kickstart image.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to install an ISO image upgrade:
vsg# install all iso bootflash://smith@209.165.200.226/test
Related Commands
Command
Description
show install
Displays the software installation impact between two images.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-133
Chapter 2
Cisco Virtual Security Gateway Commands
interface
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
interface
To configure an interface on the Cisco VSG, use the interface command. To remove an interface, use
the no form of the command.
interface {data number | ethernet slot/port | loopback number | mgmt number | port-channel
channel-number}
no interface {data number | ethernet slot/port | loopback number | mgmt number | port-channel
channel-number}
Syntax Description
data
Specifies data interface number.
number
The number is 0.
ethernet
Specifies the slot and port number for the Ethernet interface.
slot/port
Slot and port number of the interface.
loopback
Specifies a virtual interface number.
number
The range is from 0 to 1023.
mgmt
Specifies the management interface number.
number
The number is 0.
port-channel
Specifies a port-channel interface number.
channel-number
The range is from 0 to 1023.
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to configure an interface:
vsg# interface data 0
This example shows how to remove an interface:
vsg# no interface data 0
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-134
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
interface
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related
Commands
Command
Description
show interface
Displays the interface and IP details, including Rx and Tx packets or bytes.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-135
Chapter 2
Cisco Virtual Security Gateway Commands
ip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
ip
To configure IP details, use the ip command. To revert to the detault settings, use the no form of this
command.
ip {access-list match-local-traffic | arp timeout seconds | domain-list name | domain-lookup |
host name | igmp | name-server | route | routing event-history | tcp | tftp
path-mtu-discovery}
no ip {access-list match-local-traffic | arp timeout seconds | domain-list name | domain-lookup
| host name | igmp | name-server | route | routing event-history | tcp | tftp
path-mtu-discovery}
Syntax Description
access-list
match-local-traffic
Specifies the access-list matching for locally generated traffic.
arp timeout seconds
Specifies the Address Resolution Protocol (ARP) timeout. The range is
from 60 to 28800.
domain-list name
Specifies an additional domain name. The name has a maximum of 64
characters.
domain-lookup
Enables or disables the domain name server (DNS).
host name
Specifies an entry to the IP hostname table.
igmp
Spccifies event-history buffers or snooping in Internet Gateway
Management Protocol (IGMP) global configuration mode.
name-server
Specifies the name-server address, IPv4 or IPv6.
route
Specifies the route IP prefix information.
routing event-history
Specifies the logs for routing events.
tcp
Configures global Transfer Control Protocol (TCP) parameters.
tftp
path-mtu-discovery
Enables or disables path-MTU discovery on Trivial File Transfer Protocol
(TFTP).
Defaults
1500
Command Modes
Global configuration
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-136
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
ip
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Examples
This example shows the ip command being used to configure IP details:
vsg# configure
vsg(config)# ip host testOne 209.165.200.231
Related
Commands
Command
Description
show ip
Displays IP details.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-137
Chapter 2
Cisco Virtual Security Gateway Commands
line
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
line
To specify the line configuration, use the line command.
line {com1 | console | vty}
Syntax Description
com1
Specifies the COM1 port and enters the COM1 port configuration mode.
console
Specifies the console port and enters the console port configuration mode.
vty
Specifies the virtual terminal and enters the line configuration mode.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enter the COM1 port configuration mode:
vsg(config)# line com1
vsg(config-com1)#
This example shows how to enter the console port configuration mode:
vsg(config)# line console
vsg(config-console)#
This example shows how to enter the line configuration mode:
vsg(config)# line vty
vsg(config-line)#
Related Commands
Command
Description
show line
Displays information about the COM1 port, console port configuration,
and the line configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-138
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
logging
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
logging
To configure logging, use the logging command.
logging {abort | commit | console severity-level | distribute | event | level | logfile name | module
severity-level | monitor severity-level | server | source-interface loopback number |
timestamp time-type}
Syntax
Description
abort
Discards the logging Cisco Fabric Services (CFS) distribution session in
progress without committing and then releases the lock.
commit
Applies the pending configuration pertaining to the logging CFS distribution
session in progress in the fabric and then releases the lock.
console
severity-level
Enables logging messages to the console session. To disable, use the no logging
console command. The range is from 0 to 7.
distribute
Enables fabric distribution using CFS distribution for logging. To disable, use the
no logging distribute command.
event
Logs interface events. To disable, use the no logging event command.
level
Enables logging of messages from a named facility at a specified severity level.
To disable, use the no logging level command.
logfile name
Configures the specified log file that stores system messages. To disable, use the
no logging logfile command.
module
severity-level
Starts logging of module messages to the log file. To disable, use the no logging
module command. The range is from 0 to 7.
monitor
severity-level
Enables the logging of messages to the monitor (terminal line). To disable, use
the no logging monitor command. The range is from 0 to 7.
server
Designates and configures a remote server for logging system messages.
Todisable, use the no logging server command.
source-interface
loopback number
Enables a source interface for the remote syslog server, To disable, use the no
logging source-interface command. The range is from 0 to 1023.
timestamp
time-type
Sets the unit of time used for the system messages timestamp, in microseconds,
milliseconds, or seconds. To disable, use the no logging timestamp command.
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-139
Chapter 2
Cisco Virtual Security Gateway Commands
logging
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to discard logging a CFS distribution session in progress:
vsg# configure
vsg(config)# logging abort
vsg(config)#
Related Commands
Command
Description
show logging
Displays logging information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-140
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
match
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
match
T o specify a condition used in an object-group, use the match command. To remove a condition in an
object group, use the no version of this command.
match {eq | gt | lt | prefix | contains | in-range | neq | not-in-range} attribute-value1
[attribute-value2]
Syntax Description
eq
Equal to a number or exactly matching a string.
gt
Greater than.
lt
Less than.
prefix
Specifies a prefix of a string or an IP address.
contains
Contains a substring.
in-range
A range of two integers, dates, times, or IP addresses.
neq
Not equal to a number or not exactly matched with a string.
not-in-range
Negates the in-range operator.
attribute-value1
The value of the attribute such as 10.10.10.10 or name of an object-group
such as “ipaddr-group.”
attribute-value2
(Optional) The value of an attribute or netmask of a network address.
Command Default
None
Command Modes
Policy configuration (config-policy)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
When multiple condition statements are used in an object-group, all conditions are considered to be
OR’d during policy evaluation. The following operators require at least two attribute values:
•
prefix—When applied agains a subnet mask (for example, prefix 10.10.10.1 255.255.255.0)
•
in-range—For all types of attribute values (for example, in-range 10.10.10.1 10.10.10.200)
•
not-in-range—For all types of attribute values (for example, not-in-range 10.10.10.1
10.10.10.200)
Attribute values can be any of the following:
•
Integer
•
Integer range
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-141
Chapter 2
Cisco Virtual Security Gateway Commands
match
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Examples
•
IP address, or a netmask
•
IP address range
•
String
This example shows how to set conditions to be used in an object group:
vsg(config-policy)# match 1 eq 80
vsg(config-policy)# match 2 eq 443
vsg(config-policy)# exit
vsg(config)#
Related Commands
Command
Description
object-group
Enters the object-group configuration submode.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-142
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
mkdir (VSG)
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
mkdir (VSG)
To create a new directory, use the mkdir command.
mkdir {bootflash: | debug: | modflash: | volatile:}
Syntax Description
bootflash:
Specifies bootflash: as the directory name.
debug:
Specifies debug: as the directory name.
modflash:
Specifies modflash: as the directory name.
volatile:
Specifies volatile: as the directory name.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
4.2(1)VSG1(1)
This command was introduced for the Cisco VSG.
Examples
This example shows how to create the bootflash: directory:
vsg# mkdir bootflash:
Related Commands
Command
Description
cd
Changes the current working directory.
dir
Displays the directory contents.
pwd
Displays the name of the current working directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-143
Chapter 2
Cisco Virtual Security Gateway Commands
ntp sync-retry (VSG)
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
ntp sync-retry (VSG)
To retry synchronization with configured servers, use the ntp sync-retry command. To stop this process,
use the no form of this command.
ntp sync-retry
no ntp sync-retry
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced for the Cisco VSG.
Examples
This example shows how to enable the Network Time Protocol (NTP) synchronization retry:
vsg# ntp sync-retry
This example shows how to disable the NTP synchronization retry:
vsg# no ntp sync-retry
Related
Commands
Command
Description
show clock
Displays the time and date.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-144
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
object-group
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
object-group
To reduce the number of rule configurations to accomodate the “or” conditions for the HTTP/HTTPS
ports, use the object-group command. To remove the given object group object and all the relevant
configurations, use the no form of this command.
object-group group-name attribute-name
Syntax Description
group-name
Name of the object group.
attribute-name
Attribute designated for the group. The attribute used in an object group
must be a neutral attribute.
Command Default
None
Command Modes
Cisco VSG global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
This command enters the object-group submode. This command can be used to build a group of attribute
values so the group can be used in a condition statement later on with the operator member.
Examples
This example shows how to use the object-group command:
vsg(config)# object-group http_ports net.port
vsg(config-object-group)#
Related Commands
Command
Description
match
Specifies a condition used in an object group.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-145
Chapter 2
Cisco Virtual Security Gateway Commands
password strength-check
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
password strength-check
To enable password strength checking, use the password strength-check command. To disable the
password strength checking, use the no form of this command.
password strength-check
no password strength-check
Syntax Description
This command has no arguments or keywords.
Defaults
This feature is enabled by default.
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enable the checking of the password strength:
vsg# config t
vsg(config)# password strength-check
vsg(config)#
This example shows how to disable the checking of the password strength:
vsg# config t
vsg(config)# no password strength-check
vsg(config)#
Related Commands
Command
Description
show password
strength-check
Displays the configuration for checking the password strength.
username
Creates a user account.
role name
Names a user role and places you in role configuration mode for that role.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-146
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
policy
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
policy
To enter the policy configuration submode for constructing a firewall policy on the Cisco VSG, use the
policy command. To remove the given policy object and all its bindings with other policy objects, use
the no form of this command.
policy policy-name
Syntax Description
policy-name
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
Policy-map object.
Use the policy command to enable the policy configuration subcommand mode when the variable
policy-name is used to specify the policy-map object.
The policy command configuration submode provides the following functions:
Examples
•
Binding rules to a given policy.
•
Creating rank or precedence among all the bound rules.
•
Binding zones to a given policy.
This example shows how to set a 3-tiered policy object:
vsg(config)# policy
vsg(config-policy)#
vsg(config-policy)#
vsg(config-policy)#
vsg(config-policy)#
vsg(config-policy)#
vsg(config-policy)#
vsg(config)#
3-tiered-policy
rule inet_web_rule order 10
rule office_app_ssh_rule order 20
rule web_app_rule order 40
rule app_db_rule order 50
rule default_deny_rule order 60
exit
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-147
Chapter 2
Cisco Virtual Security Gateway Commands
policy
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
rule
Configures the binding of the policy with a given rule.
zone
Configures the binding of the policy with a given zone.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-148
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
pwd
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
pwd
To view the current directory, use the pwd command.
pwd
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.0(4)SV1(1)
This command was introduced.
4.2(1)VSG1(1)
This command was introduced for the Cisco VSG.
This example shows how to view the current directory:
vsg# pwd
bootflash:
vsg#
Related
Commands
Command
Description
cd
Changes the current directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-149
Chapter 2
Cisco Virtual Security Gateway Commands
role
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
role
To configure a user role, use the role command. To delete a user role, use the no form of this command.
role {feature-group feature-group-name | name {name | network-observer}}
no role { feature-group name | [name name | network-observer] }
Syntax Description
feature-group name
Specifies a role for a feature group. The name can be any alphanumeric
string up to 32 characters.
name name
Specifies the role name. The name can be any alphanumeric string up to 16
characters.
network-observer
Specifies the user role.
Defaults
This feature is enabled by default.
Command Modes
Global configuration
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to configure a user role for a feature group:
vsg# configure
vsg(config)# role feature-group name abc
vsg(config-role-featuregrp)#
Related Commands
Command
Description
show role
Displays the role configuration.
role name
Names a user role and places you in role configuration mode for that role.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-150
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
reload
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
reload
To reboot both the primary and secondary Cisco VSG in a redundant pair, use the reload command.
reload
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.0(4)SV1(1)
This command was introduced.
4.2(1)VSG1(1)
This command was introduced for the Cisco VSG.
Usage Guidelines
To reboot only one of the Cisco VSGs in a redundant pair, use the reload module command instead.
Before reloading, use the copy running-configuration to startup-configuration command to preserve
any configuration changes made since the previous reboot or restart.
After reloading it, you must manually restart the Cisco VSG.
Examples
This example shows how to reload both the primary and secondary Cisco VSG:
vsg(config)# reload
!!!WARNING! there is unsaved configuration!!!
This command will reboot the system. (y/n)? [n] y
2010 Dec 20 11:33:35 bl-vsg %PLATFORM-2-PFM_SYSTEM_RESET: Manual system restart from
Command Line Interface
Related Commands
Command
Description
reload module
Reloads the specified Cisco VSG (1 or 2) in a redundant pair.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-151
Chapter 2
Cisco Virtual Security Gateway Commands
reload module
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
reload module
To reload one of the Cisco VSGs in a redundant pair, use the reload module command.
reload module module [force-dnld]
Syntax Description
module
The module number (use 1 for the primary Cisco VSG or 2 for the
secondary Cisco VSG).
force-dnld
(Optional) Reboots the specified module to force NetBoot and image
download.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Usage Guidelines
Modification
4.0(4)SV1(1)
This command was introduced.
4.2(1)VSG1(1)
This command was introduced for the Cisco VSG.
To reboot both the Cisco VSGs in a redundant pair, use the reload command instead.
Before reloading, use the copy running-configuration to startup-configuration command to preserve
any configuration changes made since the previous reboot or restart.
After reloading it, you must manually restart the Cisco VSG.
Examples
This example shows how to reload Cisco VSG 2, the secondary Cisco VSG in a redundant pair:
vsg# reload module 2
!!!WARNING! there is unsaved configuration!!!
This command will reboot the system. (y/n)? [n] y
2010 Dec 20 11:33:35 bl-vsg %PLATFORM-2-PFM_SYSTEM_RESET: Manual system restart from
Command Line Interface
Related Commands
Command
Description
show version
Displays information about the software version.
reload
Reboots both the primary and secondary Cisco VSG.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-152
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
restart
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
restart
To manually restart a component, use the restart command. To disable manual restart, use the no form
of this command.
restart
no restart
Syntax Description
This command has no arguments or keywords.
Command Default
Disabled
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Do not use this command unless you are absolutely certain that there is no one else using the system.
Examples
This example shows how to restart the Cisco VSG:
vsg# restart
Related
Commands
Command
Description
reload
Reboots the entire device.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-153
Chapter 2
Cisco Virtual Security Gateway Commands
rmdir (VSG)
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
rmdir (VSG)
To remove a directory, use the rmdir command.
rmdir {bootflash: | debug: | modflash: | volatile:}
Syntax Description
bootflash:
Deletes the bootflash: directory.
debug:
Deletes the debug: directory.
modflash:
Deletes the modflash: directory.
volatile:
Deletes the volatile: directory.
Defaults
Removes the directory from the current working directory.
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to remove the bootflash directory:
vsg# rmdir bootflash:
Related Commands
Command
Description
cd
Changes the current working directory.
dir
Displays the directory contents.
pwd
Displays the name of the current working directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-154
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
rule
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
rule
To enter the configuration submode to build a firewall rule that consists of multiple conditions and
actions, use the rule command. To remove the given rule object and all the relevant configurations, use
the no form of this command.
rule rule-name
Syntax Description
rule-name
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Specifies a rule object.
Usage Guidelines
Use the rule comandto enter the rule configuration submode. The rule-name variable is used to specify
the rule object that is to be configured.
Examples
This example shows how to build firewall rules on the Cisco VSG:
vsg(config)# rule
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
inet_web_rule
condition 1 dst.zone.name eq web_servers
condition 2 dst.net.port member_of http_ports
action permit
exit
vsg(config)# rule office_app_ssh_rule
vsg(config-rule)# condition 1 dst.zone.name eq app_servers
vsg(config-rule)# condition 2 src.net.ip-address prefix 192.10.1.0 \
255.255.255.0
vsg(config-rule)# condition 3 dst.net.port eq 22
vsg(config-rule)# action permit
vsg(config-rule)# exit
vsg(config)# rule
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
web_app_https_rule
condition 1 src.zone.name eq web_servers
condition 2 dst.zone.name eq app_servers
condition 3 dst.net.port member_of http_ports
action permit
exit
vsg(config)# rule app_db_rule
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-155
Chapter 2
Cisco Virtual Security Gateway Commands
rule
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
condition 1 src.zone.name eq app_servers
condition 2 dst.zone.name eq db_servers
action permit
exit
vsg(config)# rule
vsg(config-rule)#
vsg(config-rule)#
vsg(config-rule)#
default_deny_rule
action 1 deny
action 2 log
exit
Command
Description
condition
Specifies an condition statement used in a rule.
action
Specifies the actions to be executed when traffic characteristics match with
the associated rule.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-156
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
run-script (VSG)
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
run-script (VSG)
To run a command script that is saved in a file, use the run-script command.
run-script [bootflash: [> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | >> [bootflash: | ftp: |
scp: | sftp: | tftp: | volatile:] | | [cut | diff | egrep | grep | head | human | last | less | no-more |
sed | sort | sscp | tr | uniq | vsh | wc | xml | begin | count | end | exclude | include] | volatile:
[> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | >> [bootflash: | ftp: | scp: | sftp: | tftp: |
volatile:] | | [cut | diff | egrep | grep | head | human | last | less | no-more | sed | sort | sscp | tr
| uniq | vsh | wc | xml | begin | count | end | exclude | include] ] [filename]
Syntax Description
bootflash:
(Optional) Indicates that the file containing the command script is located in the
bootflash file system.
>
(Optional) Redirects the output to a file.
bootflash:
(Optional) Designates the destination filesystem path; in this case, the bootflash:
directory.
ftp:
(Optional) Designates the destination filesystem path; in this case, the ftp: directory.
scp:
(Optional) Designates the destination filesystem path; in this case, the scp: directory.
sftp:
(Optional) Designates the destination filesystem path; in this case, the sftp: directory.
tftp:
(Optional) Designates the destination filesystem path; in this case, the tftp: directory.
volatile:
(Optional) Indicates that the file containing the command script is located in the
volatile file system.
>>
(Optional) Redirects the output to a file in append mode.
|
(Optional) Pipes the command output to a filter.
volatile:
(Optional) Designates the destination filesystem path; in this case, the volatile:
directory.
cut
(Optional) Prints selected parts of lines.
diff
(Optional) Shows difference between current and previous invocation (creates temp
files— remove them with the diff-clean command and do not use it on commands
with big outputs, such as show tech)
egrep
(Optional) Prints lines matching a pattern.
grep
(Optional) Prints lines matching a pattern.
head
(Optional) Displays only the first lines.
human
(Optional) Provides command output in human readable format (if permanently set
to XML, otherwise it turns on XML for the next command.
last
(Optional) Displays only the last lines.
less
(Optional) Designates filter for paging.
no-more
(Optional) Turns off the pagination for command output.
sed
(Optional) Enables the stream editor (SED).
sort
(Optional) Enables the stream sorter.
sscp
(Optional) Enables the stream secure copy (SSCP).
tr
(Optional) Translates, squeezes, and/or deletes characters.
uniq
(Optional) Discards all but one of successive identical lines.
vsh
(Optional) Enables the shell that understands CLI commands.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-157
Chapter 2
Cisco Virtual Security Gateway Commands
run-script (VSG)
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
wc
(Optional) Enables word count, line count, and character count.
xml
(Optional) Enables output in XML format (according to .xsd definitions).
begin
(Optional) Begins with the line that matches the variable included after the command
keyword.
count
(Optional) Enables count of the number of lines.
end
(Optional) Ends display with the line that matches the string input after the command
keyword.
exclude
(Optional) Excludes the lines that match the string input after the command keyword.
include
(Optional) Includes the lines that match the string input after the command keyword.
filename
(Optional) The name of the file containing the command script. The name is case
sensitive.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to run a command script that is saved in a file called Sample:
vsg(config)# run-script volatile:Sample
Related Commands
Command
Description
cd
Changes the current working directory.
copy
Copies files.
dir
Displays the contents of the working directory.
pwd
Displays the name of the present working directory (pwd).
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-158
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
send
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
send
To send a message to an open session, use the send command.
send {message | session device message}
Syntax Description
message
Message.
session
Specifies a specific session.
device
Device type.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to send a message to an open session:
vsg# send session sessionOne testing
vsg#
Related Commands
Command
Description
show banner
Displays a banner.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-159
Chapter 2
Cisco Virtual Security Gateway Commands
setup
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
setup
To use the basic system configuration dialog for creating or modifying a configuration file, use the setup
command.
setup
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
The Basic System Configuration Dialog assumes the factory defaults.
All changes made to your configuration are summarized for you at the completion of the setup sequence
with an option to save the changes or not.
You can exit the setup sequence at any point by pressing Ctrl-C.
Examples
This example shows how to use the setup command to create or modify a basic system configuration:
vsg# setup
Enter the domain id<1-4095>: 400
Enter HA role[standalone/primary/secondary]: standalone
[########################################] 100%
---- Basic System Configuration Dialog ---This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
*Note: setup is mainly used for configuring the system initially,
when no configuration is present. So setup always assumes system
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-160
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
setup
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
defaults and not the current system configuration values.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
Would you like to enter the basic configuration dialog (yes/no): y
Create another login account (yes/no) [n]: n
Configure read-only SNMP community string (yes/no) [n]: n
Configure read-write SNMP community string (yes/no) [n]: n
Enter the vsg name : vsg
Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]:
Mgmt0 IPv4 address :
Configure the default gateway? (yes/no) [y]: n
Configure advanced IP options? (yes/no) [n]:
Enable the telnet service? (yes/no) [y]:
Enable the ssh service? (yes/no) [n]:
Configure the ntp server? (yes/no) [n]:
Configure vem feature level? (yes/no) [n]:
Configure svs domain parameters? (yes/no) [y]:
Enter SVS Control mode (L2 / L3) : l2
Invalid SVS Control Mode
Enter SVS Control mode (L2 / L3) : L2
Enter control vlan <1-3967, 4048-4093> : 400
Enter packet vlan <1-3967, 4048-4093> : 405
The following configuration will be applied:
vsgname vsg
telnet server enable
no ssh server enable
svs-domain
svs mode L2
control vlan 400
packet vlan 405
domain id 400
vlan 400
vlan 405
Would you like to edit the configuration? (yes/no) [n]:
Use this configuration and save it? (yes/no) [y]: n
vsgvsgvsg#
Related Commands
Command
Description
show running-config
Displays the running configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-161
Chapter 2
Cisco Virtual Security Gateway Commands
sleep
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
sleep
To set a sleep time, use the sleep command.
sleep time
Syntax Description
time
Defaults
Sleep time is not set.
Command Modes
EXEC
Sleep time, in seconds. The range is from 0 to 2147483647.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
When you set time to 0, sleep is disabled.
Examples
This example shows how to set a sleep time:
vsg# sleep 100
vsg#
This example shows how to disable sleep:
vsg# sleep 0
vsg#
Related Commands
Command
Description
reload
Reboots the Cisco VSG.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-162
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
snmp-server
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
snmp-server
To configure the Simple Network Management Protocol (SNMP) values, use the snmp-server
command. To revert to default, use the no form of this command.
snmp-server {aaa-user cache-timeout seconds | community word | contact | context word |
counter | enable traps | globalEnforcePriv | host | location name | mib community-map
name | protocol | source-interface | tcp-session auth | user name}
no snmp-server {aaa-user cache-timeout seconds | community word | contact | context word |
counter | enable traps | globalEnforcePriv | host | location name | mib community-map
name | protocol | source-interface | tcp-session auth | user name}
Syntax Description
aaa-user
cache-timeout
seconds
Configures an SNMP timeout value for synchronized AAA users. To revert to the
default, use no snmp-server aaa-user cache-timeout. The range is from 1 to
86400.
community word
Creates an SNMP community name and assigns access privileges for the
community. To remove the community or its access privileges, use the no
snmp-server community command. The maximum number of characters is 32.
contact
Configure the sysContact, which is the SNMP contact name. To remove or
modify the sysContact, use the no snmp-server contact command.
context word
Configures SNMP context name to logical network entity mapping. To remove
the context, use the no snmp-server context command. The maximum number
of characters is 32.
counter
Enables the SNMP cache counter and sets the timeout. To remove the counter,
use the no snmp-server counter command.
enable traps
Enables SNMP notifications for traps of module notifications. To disable, use the
no snmp-server enable traps command.
globalEnforcePriv Globally enforces privacy for all SNMP users. To disable, use the no
snmp-server globalEnforcePriv command.
host
Configures a host receiver for SNMPv1 or SNMPv2c traps. To remove the host,
use the no snmp-server host command.
location name
Configures the sysLocation, which is the SNMP location name. To remove the
sysLocation, use the no snmp-server location command. The maximum number
of characters is 32.
mib
community-map
name
Configures the SNMP MIB community-map. To remove, use the no
snmp-server mib community-map commandThe maximum number of
characters is 32.
protocol
Enables SNMP protocol operations. To disable, use the no snmp-server
protocol command.
source-interface
Configure the SNMP source interface through which notifications are sent. To
remove the notifications, use the no snmp-server source-interface command.
tcp-session auth
Enables a one-time authentication for SNMP over a TCP session. To disable
authentication, use the no snmp-server tcp-session auth command.
user name
Defines a user who can access the SNMP engine. To deny access, use the no
snmp-server user command. The maximum number of characters is 32.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-163
Chapter 2
Cisco Virtual Security Gateway Commands
snmp-server
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to configure the AAA user synchronization timeout value:
vsg# configure
vsg(config)# snmp-server aaa-user cache-timeout 6000
vsg(config)#
Related Commands
Command
Description
show snmp
Displays information about SNMP.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-164
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
ssh
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
ssh
To create a Secure Shell (SSH) session, use the ssh command.
ssh {hostrname| connect | name}
Syntax Description
hostname
Hostname or user@hostname for the SSH session. The hostname is
not case sensitive. The maximum number of characters is 64.
connect
Connects to a named remote host.
name
Specifies the name of the SSH connection.
Defaults
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Cisco NX-OS software supports SSH version 2.
Examples
This example shows how to start an SSH session:
vsg# ssh 10.10.1.1 vrf management
The authenticity of host '10.10.1.1 (10.10.1.1)' can't be established.
RSA key fingerprint is 9b:d9:09:97:f6:40:76:89:05:15:42:6b:12:48:0f:d6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.1.1' (RSA) to the list of known hosts.
User Access Verification
Password:
Related Commands
Command
Description
clear ssh session
Clears SSH sessions.
ssh server enable
Enables the SSH server.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-165
Chapter 2
Cisco Virtual Security Gateway Commands
ssh key
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
ssh key
To generate a secure-shell (SSH) session key with a specific security configuration, use the ssh key
command.
ssh key {dsa | rsa}
Syntax Description
dsa
Generates DSA security keys. There is an option to force the generation of keys,
even if the previous ones are present.
rsa number
Generates RSA security keys at a specified level of bits. The range is 768 to 2048.
Defaults
None
Command Modes
Global configuration
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Cisco NX-OS software supports SSH version 2.
Examples
This example shows how to generate an SSH session key:
vsg# configure
vsg(config)# ssh key rsa 770
Related Commands
Command
Description
clear ssh session
Clears SSH sessions.
ssh server enable
Enables the SSH server.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-166
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system clis
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system clis
To generate an event history, use the system clis command. To disable the event history, use the no form
of this command.
system clis event-history {client | errors | ha | nvdb | parser}
no system clis event-history {client | errors | ha | nvdb | parser}
Syntax Description
event-history
Generate event history logs for the command line interface (CLI).
client
Generates a client interaction event history log.
errors
Generates an error event history log.
ha
Generates a high-availability (HA) event history log.
nvdb
Generates an NVDB and PSS event history log.
parser
Generates a parser event history event log.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-administrator
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to generate an error event history log:
vsg# system clis event-history errors
Related Commands
Command
Description
show system clis
event-history
Displays the event history of the ClI servers.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-167
Chapter 2
Cisco Virtual Security Gateway Commands
system cores
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system cores
To copy cores to a destination, use the system cores command. To disable, use the no form of the
command.
system cores tftp: //server@ip-address
no system cores tftp: //server@ip-address
Syntax Description
tftp:
Specifies the Trivial File Transfer Protocol (TFTP) protocol.
server
Destination server.
ip-address
Destination IP address.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy cores to a destination:
vsg# system cores tftp://jjones@209.165.200.229
Related Commands
Command
Description
show system cores
Displays the core transfer option.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-168
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system default switchport
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system default switchport
To return to system-level default values, use the system default command. To disable the default
switchport feature, use the no form of this command.
system default switchport [shutdown]
no system default switchport [shutdown]
Syntax Description
shutdown
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
(Optional) Shuts down the admin state.
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to return to system-level default values:
vsg# system default switchport shutdown
Related Commands
Command
Description
show system resources Displays system resources.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-169
Chapter 2
Cisco Virtual Security Gateway Commands
system hap-reset
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system hap-reset
To reset local or remote supervisors after a high-availability (HA) failure, use the system hap-reset
command. To disable the hap-reset feature, use the no form of the command.
system hap-reset
system no hap-reset
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to switch over to the standby supervisor:
vsg# system hap-reset
Related Commands
Command
Description
show system
redundancy
Displays the system redundancy status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-170
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system health
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system health
To check the system health, use the system health command.
system health check bootflash
Syntax
Description
check
Runs a consistency check on the compact flash.
bootflash
Checks the internal bootflash.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to check the system health:
vsg# system health check bootflash
Related Commands
Command
Description
show system resources Displays system resources.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-171
Chapter 2
Cisco Virtual Security Gateway Commands
system heartbeat
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system heartbeat
To enable the system heartbeat, use the system heartbeat command. To disable the system heartbeat,
use the no form of the command.
system heartbeat
system no heartbeat
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enable the system heartbeat:
vsg# system heartbeat
Related Commands
Command
Description
system health
Checks the system health status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-172
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system internal
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system internal
To generate debug snapshots for services, use the system internal command.
system internal snapshot service service-name
Syntax Description
snapshot
Generates debug snapshots.
service
Generates a debug snapshot for a service.
service-name
Service name.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to generate debug snapshots for services:
vsg# system internal snapshot service
Related Commands
Command
Description
show system internal
Displays all internal commands.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-173
Chapter 2
Cisco Virtual Security Gateway Commands
system jumbomtu
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system jumbomtu
To set the maximum transmission units (MTU) to jumbo, use the system jumbomtu command.
system jumbomtu 9000
Syntax Description
9000
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
MTU size.
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the MTU size to jumbo:
vsg# system jumbomtu 9000
Related Commands
Command
Description
show system resources Displays the system resource details.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-174
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system memlog
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system memlog
To generate a memory log in bootflash, use the system memlog command.
system memlog
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to generate a memory log in bootflash:
vsg# system memlog
Related Commands
Command
Description
show system
memory-alerts-log
Displays a detailed log for memory alerts.
show system
memory-status
Displays memory status information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-175
Chapter 2
Cisco Virtual Security Gateway Commands
system memory-thresholds
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system memory-thresholds
To set system memory thresholds, use the system memory-thresholds command.
system memory-thresholds {minor minor-memory-threshold severe servere memory-threshold
critical critical-memory-threshold | threshold critical no-process-kill}
Syntax Description
minor
Sets the minor memory threshold.
minor-memory-threshold
Minor threshold as a percentage of memory. The range is from 50 to
100.
severe
Sets the severe memory threshold.
servere memory-threshold
Severe threshold as a percentage of memory. The range is from 50 to
100.
critical
Sets the critical memory threshold.
critical-memory-threshold
Critical threshold as a percentage of memory. The range is from 50 to
100.
threshold
Sets the threshold behavior.
critical
Sets the critical memory threshold.
no-process-kill
Enables do not kill processes when out of memory.
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the memory threshold:
vsg# system memory-thresholds minor 60
Related Commands
Command
Description
show system resources Displays the system resources.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-176
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system pss
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system pss
To shrink PSS files, use the system pss command.
system pss shrink
Syntax Description
shrink
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Shrinks the PSS files.
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to shrink PSS files:
vsg# system shrink pss
Related Commands
Command
Description
show system pss
Displays the PSS shrink status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-177
Chapter 2
Cisco Virtual Security Gateway Commands
system redundancy
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system redundancy
To set a system redundancy policy, use the system redundancy command.
system redundancy role {primary | secondary | standalone}
Syntax Description
role
Sets the redundancy role.
primary
Specifies the primary redundant Cisco VSG.
secondary
Specifies the secondary redundant Cisco VSG.
standalone
Specifies no redundant Cisco VSG.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the redundancy role:
vsg# system redundancy role primary
Related Commands
Command
Description
show system
redundancy
Displays the system redundancy status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-178
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system standby
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system standby
To enable a system standby manual boot, use the system standby command. To disable a system standby
manual boot, use the no form of this command.
system standby manual-boot
no system standby manual-boot
Syntax
Description
manual-boot
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
Performs manual boot.
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set a system standby manual boot:
vsg# system standby manual-boot
Related Commands
Command
Description
show system standby
Displays the system standby manual boot option.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-179
Chapter 2
Cisco Virtual Security Gateway Commands
system startup-config
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system startup-config
To initialize or unlock the system startup configuration, use the system startup-config command.
system startup-config {init | unlock lock id}
Syntax Description
init
Initializes the startup configuration.
unlock
Unlocks the startup configuration.
lock id
Lock identification number. The range is from 0 to 65536.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to unlock the system startup configuration:
vsg# system startup-config unlock 1324
Related Commands
Command
Description
show startup-config
Displays startup system information.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-180
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system statistics
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system statistics
To reset the system statistics, use the system statistics command.
system statistics reset
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to reset the system statistics:
vsg# system statistics reset
Related Commands
Command
Description
show system
redundancy
Displays the system redundancy status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-181
Chapter 2
Cisco Virtual Security Gateway Commands
system switchover
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system switchover
To switch over to the standby supervisor in EXEC mode, use the system switchover command.
system switchover
To configure a system switchover in configuration mode, use the system switchover command.
system switchover {ha | warm}
Syntax Description
ha
Enables high availability.
warm
Enables a warm switchover.
Command Default
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to switch over to the standby supervisor:
vsg# system switchover
Related Commands
Command
Description
show redundancy
Displays the system redundancy status.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-182
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
system trace
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system trace
To configure the system trace level, use the system trace command.
system trace {mask}
Syntax Description
mask
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
Mask name.
This example shows how to configure the system trace level:
vsg# system trace dc1
Related Commands
Command
Description
system default
Configures system-level default values.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-183
Chapter 2
Cisco Virtual Security Gateway Commands
system watchdog kdgb
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
system watchdog kdgb
To enable a system watchdog, use the system watchdog command. To disable a system watchdog, use
the no form of this command.
system watchdog kgdb
no system watchdog kgdb
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to enable watchdog:
vsg# system watchdog
Related Commands
Command
Description
system default
Configures system-level default values.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-184
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
tail
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
tail
To display the end of a file, use the tail command.
tail {bootflash: filename [number] | debug: filename [number] | modflash: filename [number] |
volatile: filename [number]}
Syntax Description
bootflash:
Specifies the bootflash directory.
filename
Name of the file.
number
(Optional) Number of lines to display.
debug:
Specifies the debug directory.
modflash:
Specifies the modflash directory.
volatile:
Specifies the volatile directory.
Defaults
10 lines
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to display the last 10 lines of a file:
vsg# tail bootflash:startup.cfg
ip arp inspection filter marp vlan 9
ip dhcp snooping vlan 13
ip arp inspection vlan 13
ip dhcp snooping
ip arp inspection validate src-mac dst-mac ip
ip source binding 10.3.2.2 0f00.60b3.2333 vlan 13 interface Ethernet2/46
ip source binding 10.2.2.2 0060.3454.4555 vlan 100 interface Ethernet2/10
logging level dhcp_snoop 6
logging level eth_port_channel 6
This example shows how to display the last 20 lines of a file:
vsg# tail bootflash:startup.cfg 20
area 99 virtual-link 1.2.3.4
router rip Enterprise
router rip foo
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-185
Chapter 2
Cisco Virtual Security Gateway Commands
tail
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
address-family ipv4 unicast
router bgp 33.33
event manager applet sdtest
monitor session 1
monitor session 2
ip dhcp snooping vlan 1
ip arp inspection vlan 1
ip arp inspection filter marp vlan 9
ip dhcp snooping vlan 13
ip arp inspection vlan 13
ip dhcp snooping
ip arp inspection validate src-mac dst-mac ip
ip source binding 10.3.2.2 0f00.60b3.2333 vlan 13 interface Ethernet2/46
ip source binding 10.2.2.2 0060.3454.4555 vlan 100 interface Ethernet2/10
logging level dhcp_snoop 6
logging level eth_port_channel 6
Related Commands
Command
Description
cd
Changes the current working directory.
copy
Copies files.
dir
Displays the directory contents.
pwd
Displays the name of the current working directory.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-186
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
telnet
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
telnet
To create a Telnet session, use the telnet command.
telnet {ipv4-address | hostname} [port-number | vrf vrf-name]
Syntax Description
Defaults
ipv4-address
IPv4 address of the remote device.
hostname
Hostname of the remote device. The name is alphanumeric, case
sensitive, and has a maximum of 64 characters.
port-number
(Optional) Port number for the Telnet session. The range is from 1
to 65535.
vrf vrf-name
(Optional) Specifies the virtual routing and forwarding (VRF) name
used for the Telnet session. The name is case sensitive.
Port 23
Default VRF
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to start a Telnet session:
vsg# telnet 10.10.1.1 vrf management
Related Commands
Command
Description
clear line
Clears Telnet sessions.
telnet server enable
Enables the Telnet server.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-187
Chapter 2
Cisco Virtual Security Gateway Commands
terminal alias
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal alias
To display a terminal alias, use the terminal alias command. To disable the terminal alias, use the no
form of this command.
terminal alias word persist
no terminal alias word persist
Syntax Description
word
Name of the alias.
persist
Alias configuration saved.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to displays an alias for engineering:
vsg# terminal alias engineering
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-188
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal color
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal color
To enable colorization of the command prompt, command line, and output, use the terminal color
command. To disable terminal color, use the no form of this command.
terminal color evening persist
no terminal color evening persist
Syntax Description
evening
Designator that sets the screen background to black.
persist
Designator that saves the configuration.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the colorization of the command line:
vsg# terminal color evening persist
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-189
Chapter 2
Cisco Virtual Security Gateway Commands
terminal dont-ask
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal dont-ask
To turn off the “Are you sure?” questions when a command is entered, use the terminal dont-ask
command. To disable the terminal don’t ask question, use the no form of this command.
terminal dont-ask persist
no terminal dont-ask persist
Syntax Description
persist
Defaults
None
Command Modes
EXEC
Designator that saves the configuration.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to turn off the “Are you sure?” question when a command is entered:
vsg# terminal dont-ask persist
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-190
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal edit-mode
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal edit-mode
To set the edit mode to vi, use the terminal edit-mode command. To return the edit mode to emacs, use
the no form of this command.
terminal edit-mode vi
no terminal edit-mode vi
Syntax Description
vi
Defaults
emacs
Command Modes
EXEC
Sets the edit mode to vi.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the command line edition keys:
vsg# terminal edit-mode vi
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-191
Chapter 2
Cisco Virtual Security Gateway Commands
terminal event-manager
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal event-manager
To bypass the CLI event manager, use the terminal event-manager command.
terminal event-manager bypass
Syntax Description
bypass
Defaults
None
Command Modes
EXEC
Bypasses the CLI event manager.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to bypass the CLI event manager:
vsg# terminal event-manager bypass
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-192
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal history
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal history
To disable the recall of EXEC mode commands when in configuration mode, use the terminal history
command. To enable recall, use the no form of this command.
terminal history no-exec-in-config
no terminal history no-exec-in-config
Syntax Description
no-exec-in-config Disables the recall of EXEC mode commands when in configuration mode.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set terminal history properties:
vsg# terminal history no-exec-in-config
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-193
Chapter 2
Cisco Virtual Security Gateway Commands
terminal length
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal length
To set the number of lines that appear on the terminal screen, use the terminal length command.
terminal length number
Syntax Description
number
Defaults
28 lines
Command Modes
EXEC
Number of lines. The range of valid values is 0 to 511.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Set number to 0 to disable pausing.
Examples
This example shows how to set the number of lines that appear on the screen:
vsg# terminal length 60
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-194
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal log-all
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal log-all
To log all commands including the show commands, use the terminal log-all command.
terminal log-all
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to log all commands:
vsg# terminal log-all
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-195
Chapter 2
Cisco Virtual Security Gateway Commands
terminal monitor
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal monitor
To copy syslog output to the current terminal line, use the terminal monitor command.
terminal monitor
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to copy syslog output to the current terminal line:
vsg# terminal monitor
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-196
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal output
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal output
To display show command output in XML, use the terminal output command. To display show
command output in text, use the no form of this command.
terminal output xml
no terminal output xml
Syntax Description
xml
Defaults
None
Command Modes
EXEC
Displays show command output in XML.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to display show command output in XML:
vsg# terminal output xml
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-197
Chapter 2
Cisco Virtual Security Gateway Commands
terminal redirection-mode
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal redirection-mode
To set the redirection mode, use the terminal redirection-mode command.
terminal redirection-mode {ascii | zipped}
Syntax Description
ascii
Sets the redirection mode to ASCII.
zipped
Sets the redirection mode to zipped.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the redirecton mode to ASCII:
vsg# terminal redirection-mode ascii
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-198
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal session-timeout
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal session-timeout
To set the terminal session timeout, use the terminal session-timeout command.
terminal session-timeout time
Syntax Description
time
Defaults
None
Command Modes
EXEC
Timeout time, in seconds. The range is from 0 to 525600.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Set time to 0 to disable terminal session timeout.
Examples
This example shows how to set the terminal session timeout:
vsg# terminal session-timeout 100
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-199
Chapter 2
Cisco Virtual Security Gateway Commands
terminal terminal-type
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal terminal-type
To specify the terminal type, use the terminal terminal-type command.
terminal terminal-type type
Syntax Description
type
Defaults
None
Command Modes
EXEC
Terminal type.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to specify the terminal type:
vsg# terminal terminal-type vt100
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-200
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal tree-update
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal tree-update
To update the main parse tree, use the terminal tree-update command.
terminal tree-update
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to update the main parse tree:
vsg# terminal tree-update
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-201
Chapter 2
Cisco Virtual Security Gateway Commands
terminal verify-only
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal verify-only
To verify commands, use the terminal verify-only command.
terminal verify-only username word
Syntax Description
username
Specifies the username for AAA authorization.
word
Username.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to verify commands:
vsg# terminal verify-only
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-202
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
terminal width
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
terminal width
To set the terminal width, use the terminal width command.
terminal width width
Syntax Description
width
Defaults
102 columns
Command Modes
EXEC
Sets the number of characters on a single line. The range is from 24 to 511.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to set the terminal width:
vsg# terminal width 60
Related Commands
Command
Description
show terminal
Displays the terminal configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-203
Chapter 2
Cisco Virtual Security Gateway Commands
test policy-engine
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
test policy-engine
To test the policy engine on a RADIUS server or in a server group, use the test policy-engine command.
test policy-engine {simulate-pe-req | simulate-zone-req}
Syntax Description
simulate-pe-req
Simulates the policy engine lookup.
simulate-zone-req
Simulates the policy engine zone.
Defaults
None
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to test the policy engine:
vsg# test policy-engine simulate-zone-req
Related Commands
Command
Description
show policy-engine
Displays policy-engine statistics.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-204
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
test-policy-engine simulate-pe-req policy
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
test-policy-engine simulate-pe-req policy
To enter the policy-engine configuration submode for unit testing or verification of a policy
configuration, use the test-policy-engine command is used .
test-policy-engine simulate-pe-req policy policy-name
Syntax Description
policy-name
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Examples
Policy to be tested or verified for configuration parameters.
This example shows how to test the ext-company policy.
vsm(config)# test policy-engine simulate-pe-req policy ext-company
Related Commands
Command
Description
attribute
Specifies the particular attribute to be tested in the policy configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-205
Chapter 2
Cisco Virtual Security Gateway Commands
traceroute
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
traceroute
To discover routes, use the traceroute command.
traceroute {A.B.C.D. | host-name} [source src-ipv4-addr | vrf vrf-name | show-mpls-hops]
Syntax Description
Defaults
A.B.C.D. | host-name
IPv4 address or hostname of the destination device. The name is case
sensitive.
vrf vrf-name
(Optional) Specifies the virtual routing and forwarding (VRF) instance to
use. The name is case sensitive.
show-mpls-hops
(Optional) Displays the Multiprotocol Label Switching (MPLS) hops.
source src-ipv4-addr
(Optional) Specifies a source IPv4 address. The format is A.B.C.D.
Uses the default VRF.
Does not show the MPLS hops.
Uses the management IPv4 address for the source address.
Command Modes
EXEC
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
Use the traceroute6 command to use IPv6 addressing for discovering the route to a device.
Examples
This example shows how to discover a route to a device:
vsg# traceroute 172.28.255.18 vrf management
traceroute to 172.28.255.18 (172.28.255.18), 30 hops max, 40 byte packets
1 172.28.230.1 (172.28.230.1) 0.746 ms 0.595 ms 0.479 ms
2 172.24.114.213 (172.24.114.213) 0.592 ms 0.51 ms 0.486 ms
3 172.20.147.50 (172.20.147.50) 0.701 ms 0.58 ms 0.486 ms
4 172.28.255.18 (172.28.255.18) 0.495 ms 0.43 ms 0.482 ms
Related Commands
Command
Description
traceroute6
Discovers the route to a device using IPv6 addressing.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-206
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
username name password
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
username name password
To set a password for the username, use the username name password command.
username name password {0 password | 5 password | password}
Syntax Description
0 password
Specifies a password. 0 denotes that the password that follows should be set
in clear text. The maximum size for password is 64 characters.
5 password
Specifies a password. 5 denotes that the password that follows should be
encrypted. The maximum size for password is 64 characters.
password
Specifies a password in clear text. The maximum size for password is 64
characters.
Defaults
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Examples
This example shows how to set a password for the username:
vsg# configure
vsg(config)# username admin password 5 q0w9e8R7
Usage Guidelines
The Cisco VSG does not support multiple user accounts. It supports only the default admin user account.
Related Commands
Command
Description
show users
Displays users.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-207
Chapter 2
Cisco Virtual Security Gateway Commands
where
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
where
To display your current context, use the where command.
where [detail]
Syntax Description
detail
Defaults
Displays summary context information.
Command Modes
EXEC
(Optional) Displays detailed context information.
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Examples
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
This example shows how to display summary context information:
vsg# where
admin@firewall
vsg#
Related Commands
Command
Description
pwd
Displays what directory you are in.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-208
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
write erase
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
write erase
To erase configurations in persistent memory areas, use the write erase command.
write erase [boot | debug]
Syntax Description
boot
(Optional) Erases the boot variable and management 0 interface
configurations.
debug
(Optional) Erases only the debug configuration.
Defaults
Erases all configuration in persistent memory except for the boot variable, mgmt0 interface, and debug
configuration.
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
network-operator
Command History
Release
Modification
4.2(1)VSG1(1)
This command was introduced.
Usage Guidelines
When information is corrupted or unusable, use the write erase command to erase the startup
configuration in the persistent memory . Entering this command returns the device to its initial state,
except for the boot variable, mgmt0 interface, and debug configurations. To erase those configurations,
specifically use the boot and debug options.
Examples
This example shows how to erase the startup configuration:
vsg(config)# write erase
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n) [n] y
This example shows how to erase the boot variable and mgmt0 interface configuration in the persistent
memory:
vsg(config)# write erase boot
This example shows how to erase the debug configuration in the persistent memory:
vsg(config)# write erase debug
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-209
Chapter 2
Cisco Virtual Security Gateway Commands
write erase
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Related Commands
Command
Description
copy running-config startup-config Copies the running configuration to the startup configuration.
show running-config
Displays the startup configuration.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-210
OL-25094-01
Chapter 2
Cisco Virtual Security Gateway Commands
zone
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
zone
To configure a zone definition that is used to build VM-to-zone mapping on the control plane, use the
zone command to enter the zone configuration submode. To disable this feature, use the no form of this
command.
zone zone-name
Syntax Description
zone-name
Command Default
None
Command Modes
Global configuration (config)
SupportedUserRoles
network-admin
Command History
Release
Modification
4.2(1)VSG1(2)
This command was introduced.
Usage Guidelines
Zone object that is to be configured.
Use the zone command to enter the zone configuration submode. The zone-name variable specifies a
zone object.
The no option removes the given zone object and all relevant configurations (for example, condition
statements).
Note
Examples
Attributes used in a zone condition are all neutral attributes.
This example shows how to enter the zone configuration submode:
vsg(config)# zone zone-name
vsg(config-zone)#
Related Commands
Command
Description
condition
Specifies the parameters and rules for the security zone.
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
OL-25094-01
2-211
Chapter 2
Cisco Virtual Security Gateway Commands
zone
Se n d d o c u m e n t c o m m e n t s t o v s g - d o c f e e d b a ck @ c i s c o . c o m .
Cisco Virtual Security Gateway for Nexus 1000V Series Switch Command Reference, Release 4.2(1)VSG1(2)
2-212
OL-25094-01
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising