- Computers & electronics
- Networking
- Perle
- CLI
- Reference guide
- 277 Pages
Perle CLI IOLAN SCR1618 RDAC Console Server Reference Guide
Perle CLI is a command-line interface that provides a comprehensive set of commands for configuring and managing your Perle device. With Perle CLI, you can perform a wide range of tasks, including:
- Managing users and groups
- Configuring network settings
- Monitoring system status
- Troubleshooting and diagnostics
Perle CLI is a powerful tool that can help you to get the most out of your Perle device.
advertisement
Assistant Bot
Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.
Perle IOLAN SCR CLI
Command Reference Guide
Modified: May 2020
Version 05.06.2020
Document Part# 5500464
Copyright Statement
This document must not be reproduced in any way whatsoever, either printed or electronically, without the consent of:
Perle Systems Limited,
60 Renfrew Drive
Markham, ON
Canada
L3R 0E1
Perle reserves the right to make changes without further notice, to any products to improve reliability, function, or design.
Table of Contents
Preface ...............................................................................13
About This Book ........................................................................ 13
Intended Audience..................................................................... 13
Typeface Conventions............................................................... 13
Chapter 1 Using the Command-Line Interface ...............14
Command Modes.................................................................................... 14
Command Shortcuts .............................................................................. 15
Command Options ................................................................................. 15
Chapter 2 User Exec Mode...............................................19
renew dhcp | dhcpv6 ................................................................. 22
show alarm ................................................................................. 23
show arp ..................................................................................... 24
show dot1x ................................................................................. 25
show eap..................................................................................... 26
show environment ..................................................................... 27
show hosts ................................................................................. 29
show ip ssh ................................................................................ 33
show ipv6.................................................................................... 34
show ntp ..................................................................................... 36
show nvram ................................................................................ 37
show terminal............................................................................. 40
show users ................................................................................. 40
show version.............................................................................. 41
Chapter 3 Privileged EXEC mode ....................................45
archive ........................................................................................ 45
clear ip ........................................................................................ 51
configure..................................................................................... 55
copy............................................................................................. 56
debug .......................................................................................... 57
dot1x ........................................................................................... 61
reload .......................................................................................... 68
show archive .............................................................................. 73
show arp ..................................................................................... 74
show bgp .................................................................................... 75
show bridge................................................................................ 76
show clock.................................................................................. 77
show crypto................................................................................ 77
show dot1x ................................................................................. 79
show eap..................................................................................... 80
show eee..................................................................................... 81
show ip arp ................................................................................. 89
show ip dns ................................................................................ 92
show ip health ............................................................................ 94
show ip ospf............................................................................... 97
show ip prefix-list ...................................................................... 98
show ip route-policy ................................................................ 100
show line................................................................................... 103
show logging............................................................................ 105
show mab ................................................................................. 106
show ntp ................................................................................... 108
show radius...............................................................................110
show reload ...............................................................................111
show route-map ........................................................................111
show running-config ................................................................113
show serial ................................................................................115
show snmp ................................................................................116
show ssh....................................................................................117
show startup-config................................................................. 118
show system .............................................................................119
show users ............................................................................... 123
Chapter 4 Global Configuration Mode...........................130
aaa............................................................................................. 130
alarm ......................................................................................... 131
(config-alarm-profile) .......................................................... 131
archive ...................................................................................... 132
(config-archive) ................................................................... 132
crypto ........................................................................................ 137
(config-client)....................................................................... 139
(config-connection)............................................................. 140
(config-esp)#........................................................................ 144
(config-ike)#......................................................................... 145
(config-12tp)#....................................................................... 147
dot1x ......................................................................................... 148
enable........................................................................................ 151
(config-if)# bvi...................................................................... 154
(config-if)# dialer ................................................................. 157
(config-if) ethernet............................................................... 159
(config-if)# openvpn-tunnel................................................ 163
(config-if)#tunnel................................................................. 165
(config-if)#range .................................................................. 167
(config-std-nacl)# ................................................................ 177
(config-dhcp)# ..................................................................... 177
(config-pbr)# ........................................................................ 179
(config-pbr-rules)# .............................................................. 179
ipv6............................................................................................ 181
(config--ipv6-acl)# ............................................................... 183
(dhcpv6-config)# ................................................................. 184
(config-fw6)#........................................................................ 185
(config-fw6-rules)# .............................................................. 186
key............................................................................................. 188
(config-key)#........................................................................ 188
(config-keychain-key)# ....................................................... 189
logging...................................................................................... 190
login .......................................................................................... 192
management-access................................................................ 193
(management-access-LAN)# .............................................. 193
(management-access-WAN)#............................................. 194
nat66.......................................................................................... 195
power-supply............................................................................ 199
radius ........................................................................................ 200
(config-radius-server)# ....................................................... 200
(config-route-map)# ............................................................ 202
router......................................................................................... 203
(config-router)#.................................................................... 204
(config-router)#.................................................................... 207
(config-router)#.................................................................... 209
router-map.................................................................................211
(config-route-map)# .............................................................211
service....................................................................................... 215
snmp-server ............................................................................. 216
tacacs........................................................................................ 217
username.................................................................................. 219
(config-user-serial)#............................................................ 219
Chapter 5 Interface configuration .................................230
Interface .................................................................................... 230
(config-if)# bvi...................................................................... 231
(config-if)# dialer ................................................................. 234
(config-if) ethernet............................................................... 236
(config-if-range)#................................................................. 242
(config-if)# openvpn-tunnel................................................ 245
(config-if)# tunnel................................................................ 247
Chapter 6 Interface line mode........................................252
(config-line)#console .......................................................... 252
(config-line)#tty ................................................................... 254
(config-line)#vty................................................................... 276
Preface
About This Book
This guide provides the information you need to:
configure the IOLAN using the Command Line Interface (CLI)
Intended Audience
This guide is for administrators who will be configuring the Perle IOLAN SCR1618
RDAC hereafter knows as the IOLAN.
Some prerequisite knowledge is needed to understand the concepts and examples in this guide:
If you are using an external authentication application(s), working knowledge of the authentication application(s).
Knowledge of the transfer protocols the IOLAN uses.
Typeface Conventions
Most text is presented in the typeface used in this paragraph. Other typefaces are used to help you identify certain types of information.
The other typefaces are:
Typeface Example clear
{[
ip dhcp binding
]}
<name-of-tacacs-server>
[
15 nopassword
] | [
secret 0
password>
]
| 5
] | [
privilege 1
<cleartext-
<hidden-user-
] |
secret>
|
<cleartext-password>
]
Usage
Commands are in bold blue text and keywords for those command use bold green text.
Arguments in which you supply the values are in purple italics.
Square brackets means optional elements, but not required to complete the command. Such as command username does not require nopassword, privilege or secret for completion.
Vertical bars within this example separate alternative choices and can be viewed as an or between parameters.
Curly braces surround the entire command.
snmp-server
{[
contact
<contact-name>
]}
IOLAN User’s Guide
see
About This Book
for more information.
This typeface indicates a book or document title.
This indicates a cross-reference to another chapter or section that you can click on to jump to that section.
IOLAN SCR Command Line Reference Guide
13
1
Using the Command-Line Interface
Chapter 1
This book provides the command line interface (CLI) options available for the Perle
IOLAN SCR1618 RDAC. This chapter describes how to use the command-line interface (CLI) to configure software features. Commands are grouped by Command modes.
Command Modes
Command Mode
User EXEC mode
Privileged EXEC mode
Prompt
PerleSCR>
PerleSCR#
Global configuration mode PerleSCR#
Interface configuration mode
Line configuration mode
PerleSCR(config-if)#
PerleSCR(config-if-range)#
PerleSCR(config-line)#
Exit Mode logout
command
disable end
or command
exit
command
Access Next
Mode enable
command
configure
command
interface
command
end
command
interface
command, interface type, interface number
end
command
interface
command, interface type, interface number
Each command is broken down into several categories:
Description
—Provides a brief explanation of how the command is used.
Syntax
—Shows the actual command line options. The options can be typed in any order on the command line. The syntax explanation will use the following command to break down the command syntax:
For example: telnet 172.16.4.92
This command will open a telnet session to the host with the IP address of 172.16.4.92. If you use a name rather than an IP address, you can use the /ipv4 option to force the connection to use an IPv4 format for the network address.
For example: sdm [default|dual-ipv4-and-ipv6]
This command sdm has an option of either default or dual ipv4 and ipv6. You can specify either option but not both.
Braces ({}) group required choices and vertical bars (|) separate the alternative choices. Square brackets ([]) show the options that are available for the command.
You can type a command with each option individually, or string options together in any order you want. Brace and vertical bars within square brackets {[]} means requires a choice within and optional element. The pipe (|) within a square bracket means a choice between the elements.
IOLAN SCR Command Line Reference Guide
14
Using the Command-Line Interface
Command Shortcuts
When you type a command, you can specify the shortest unique version of that command or you can press the
TAB
key to complete the command. For example, the following command:
PerleSCR(config)#service dhcp<cr> can be typed as:
PerleSCR(config)#se d <cr> or, you can use the
TAB
key to complete the lines as you go along: se<
TAB
>d<
TAB
><cr> where the
TAB
key was pressed to complete the option as it was typed.
Command Options
When you are typing commands on the command line (while connected to the
IOLAN, you can view the options by typing a question mark (
?
), after any part of the command to see what options are available/valid. For example:
IOLAN# terminal?
help history length monitor no width
Common Commands default
For example, valid values for (config)#ip standard the same time.
]}
{
community-list
[
expanded
|
. Valid values are expanded or standard but you cannot select both at
Options
—Provides an explanation of each of the options for a command and the default value if there is one. Some commands do not have any options, so this category is absent.
UP arrow
—show a history of the previous commands entered.
Use the default command to set a command back to it’s defaults.
disable
Use the disable command to de-elevate from Privilege EXEC mode to User
Exec mode.
IOLAN SCR Command Line Reference Guide
15
Using the Command-Line Interface
do-exec
Run exec commands while in config mode.
enable
Use the enable command to elevate to Privilege EXEC mode from User Exec mode.
exit
The exit command in User EXEC mode logs you out of the IOLAN . In command mode it takes you to down one level of authority.
help
The help command gives you full help or partial help depending on your needs.
Usage Guidelines
Help may be requested at any point in a command by entering a question mark '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows available options.
Two styles of help are provided:
1. Full help is available when you are ready to enter a
command argument (e.g. show?.)
2. Partial help is provided when an abbreviated argument
and you want to know what arguments match the input
(e.g. 'show pr?'.) login
login
Log into the IOLAN . Default user name is admin and password is perle1.
logout no
Log out of the IOLAN.
Use the no command to negate a command.
IOLAN SCR Command Line Reference Guide
16
Using the Command-Line Interface
PerleSCR>? (User EXEC mode)
Exec commands: clear Reset functions enable Switch to privilege mode exit exit from EXEC help Description of the interactive help logout Logout of current user ping Send echo messages release Release a resource renew Renew a resource show Display internal settings ssh Open a secure shell client connection telnet Open a telnet connection terminal Set terminal characteristics traceroute Trace route to destination
PerleSCR>clear ? (User EXEC mode)
clear ip dhcp binding *
PerleSCR#? (Privilege EXEC mode) archive Manage archive files boot Modify system boot parameters cd Change current directory clear Reset functions clock Manage system clock configure Switch to (config)# copy Copy from one file to another debug Debugging functions (see also ’undebug’) delete Delete a file dir List files on a file system disable Leave privileged mode disconnect Disconnect an existing network connection dot1x IEEE 802.1X Exec commands exit Exit from the EXEC help Description of interactive help kill Reset the serial line attach-line Attach to a configured terminal line logout Logout of current user mkdir Create a new directory more Display the contents of a file
IOLAN SCR Command Line Reference Guide
17
Using the Command-Line Interface
no Negate a command or set its defaults
ping Send echo messages
pwd Display present working directory
release Release a resource
reload Reboot the IOLAN
rename Rename a file
renew Renew a Resource
reset Reset commands
rmdir Remove a directoy
serialt Take a serial trace
show Display internal settings ssh Open a secure shell client connection
telnet Open a telnet connection
terminal Set terminal characteristics
traceroute Trace route to destination
undebug Disable debugging function (see also ’debug’
PerleSCR#configure <cr>
Configuring from terminal <cr>
PerleSCR(config)# ((config)#)
PerleSCR(config)#interface eth 1<cr>
PerleSCR(config-if)#(Config interface mode)
IOLAN SCR Command Line Reference Guide
18
2
User Exec Mode
Chapter 2
Once you have accessed the IOLAN, you are automatically in User Exec mode. The following commands are valid in User EXEC mode.
clear ip dhcp binding clear ip dhcp binding
{[
*
|
A.B.C.D
]}
Syntax Description clear ip dhcp binding
[
*
|
A.B.C.D
]}
Type
*
to clear all automatic bindings.
Type the ip address of the specific binding to clear.
Command Modes
PerleSCR>
Usage Guidelines
You can clear all DHCP client bindings using the * parameter or clear only the binding for a specific IP address by entering in the IP address to clear.
Examples
This example show how to clear all DHCP client bindings.
PerleSCR clear ip dhcp binding * <cr>
This example shows you how to clear DHCP bindings for a specified IP address.
PerleSCR> clear ip dhcp binding 172.16.113.44 <cr>
Related Commands
enable
Syntax Description
Command Modes enable
PerleSCR>enable<cr>
Usage Guidelines
Takes the user from user exec level to privileged level.
Examples
This example show how to go from user level to privileged level.
PerleSCR> enable <cr>
Password:perle
PerleSCR>
Related Commands
IOLAN SCR Command Line Reference Guide
19
User Exec Mode
line-attach
{[
tty
<1-16>
]}
Syntax Description
{[
tty
<1-16> <WORD>
]}
line-attach
Displays available serial ports configured for ssh or telnet protocol.
If the user logs in, line access privileges will be based on this authentication not the original authentication request.
<WORD>
SSH user name is optional. If it is not entered, the username which logged into the
IOLAN main session will be used.
PerleSCR#line-attach
Command Modes
Usage Guidelines
The line-attach feature allows you to connect to serial ports configured as Console
Management ports. The available ports for both Telnet and SSH will be displayed.
Examples
This example allows a user to connect to serial port 16 using the SSH protocol and ssh user sshlyn.
PerleSCR#line-attach tty 16 sshlyn<cr>
Related Command
logout
Syntax Description logout
Command Modes logout
Logout of the IOLAN.
PerleSCR>>
Usage Guidelines
Logs out of the IOLAN.
Examples
This example shows you how to logout of the IOLAN.
PerleSCR> logout
IOLAN SCR Command Line Reference Guide
20
User Exec Mode
ping ping
18024>
{[
<WORD>
data
<HEX DIGITS>
| repeat
<1–2147483647>
| size
<36–
]}
Syntax Description ping
{[
<WORD>
data
<HEX
DIGITS>
| repeat
<1–
2147483647>
| size
<36–18024>
]}
Type the destination.
IPv4 address or IPv6 address
Host name (pre-configured in your
IOLAN host table or a DNS server needs to be reachable
Data - input in hex data to repeat
Repeat - how many time to run the ping command
Size - specify the size of the packet to ping with
Command Default
Command Modes
56 (84) bytes of data
10 times
PerleSCR>
Usage Guidelines
Host name must be predefined in your host table or you need to use DNS lookup.
This example shows you how to ping a host with an ip address of 172.16.113.44 and repeat the ping 10 times.
PerleSCR> ping 172.16.113.44 repeat 10<cr>
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=2.91 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.17 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=2.93 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.666 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=0.921 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.05 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.118 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.00 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=1.50 ms
64 bytes from 172.16.4.90: icmp_seq=1 ttl=64 time=0.897 ms
Related Commands
release dhcp | dhcpv6 release dhcp | dhcpv6
{[
bvi
<1–9999>
] |
IOLAN SCR Command Line Reference Guide
21
User Exec Mode
[
ethernet <-1-18> .
<1–4000>
]}
[
[
Syntax Description bvi
<1–9999>
] |
ethernet <1-18> .
<1–4000>
]}
release dhcp | dhcpv6
Type the bridge number (and sub interface) that you want to release the IP address. Values: bvi is 1–9999
Type the Ethernet interface that you want to release the DHCP IP address.
Values
<1-18>
sub-interfaces 1–4000
PerleSCR>
Command Modes
Usage Guidelines
This command will release the DHCP/DHCPV6 IP address that has been given to the IOLAN by a DHCP/DHCPV6 server. To obtain a new DHCP/DHCPV6 IP address lease, use the renew command.
Examples
This example shows how to release the DHCP IP address for Ethernet interface 3.
PerleSCR> release dhcp ethernet 3<cr>
Related Commands
renew dhcp | dhcpv6 renew dhcp | dhcpv6
{[
bvi
<1–9999>
] |
[
ethernet <1-18>
.
<1–4000>
]}
Syntax Description renew dhcp
[
bvi
<1–9999>
] |
Type the bridge number that you want to renew the DHCP IP address.
Values: bvi –1–9999
[
ethernet <1-18>
.<1–4000>
] }
Command Modes
Type the Ethernet interface (and sub interface) that you want to renew the
DHCP IP address.
Values
1-18
, sub interface 1– 4000
PerleSCR>
Usage Guidelines
This command will renew the DHCP IP address lease for your IOLAN from a DHCP server.
IOLAN SCR Command Line Reference Guide
22
User Exec Mode
Examples
This example shows how to renew the DHCP lP address lease on ethernet 1.
PerleSCR> renew dhcp eth 1<cr>
Related Commands
show alarm show alarm
{[
description port
] |
[
profile
<WORD>
] |
[
settings enabled
]}
Syntax Description
{[
description port
] |
show alarm
1 – Link has failed
2 – Port not operating
Enter the alarm profile name to view.
[
profile
<WORD>
] |
[
settings enabled
]}
Command Modes
Show setting only for enabled alarms.
PerleSCR>
Usage Guidelines
Shows you alarm descriptions, profile and alarms enabled.
Examples
To show alarm descriptions.
PerleSCR> show alarms descriptions <cr>
1 Link Fault
2 Port Not Operating
PerleSCR> show alarms profiles<cr>
DefaultPort:
Interfaces eth1, eth2.eth3, eth4,eth5, eth6, eth7, eth8, eth9, eth10, eth11, eth12, eth13, eth14, eth15, eth16,eth17, eth18
Alarms link fault, not operating
Syslog link fault, not operating
Notifies link fault, not operating
Related Commands
IOLAN SCR Command Line Reference Guide
23
User Exec Mode
show arp show arp
{[
<A.B.C.D>
]}
Syntax Description
{[
<A.B.C.D>
]}
Command Modes show arp
Show arp entry in arp table.
PerleSCR>
Usage Guidelines
Shows you the arp table.
Examples
To show arp table.
IOLAN> show arp <cr>
Address HWtype HWaddress Flag Mask Iface
172.16.113.216 ether 87:2b:cb:a5:b4:0c C eth1
Related Commands
show clock show clock
Syntax Description
Command Modes
Usage Guidelines
Shows you current clock information.
Examples
To show clock, type
PerleSCR show clock <cr>
Thu Nov 22 3:18:17:17 UTC 2019
Related Commands
show clock
PerleSCR>
show crypto show crypto
{[
[ipsec client
<WORD>
<WORD>
| [ipsec.conf] | 12tp | status
] |
] | [esp-group
<WORD>
] | [ike-group
[
openvpn ca
<NAME>
| cert
<NAME>
| connection
<WORD>
| dh
<WORD>
| key
<NAME>
| secret
<NAME>
| status | template
<NAME>
] |
[
pki client [trustpoint] | [openvpn ca
<NAME>
cert | key] | server trustpoints
<WORD>
| status
] |
IOLAN SCR Command Line Reference Guide
24
User Exec Mode
[
ssl
]}
Syntax Description
{[
[ipsec client
<WORD>
] | [espgroup
<WORD>
] | [ike-group
<WORD>
| [ipsec.conf] | 12tp | status
] |
[
openvpn ca
<NAME>
| cert
<NAME>
| connection
<WORD>
| dh
<WORD>
| key
<NAME>
| secret
<NAME>
| status | template
<NAME>
] |
[
pki client [trustpoint] | [openvpn ca
<NAME>
cert | key] | server trustpoints
<WORD>
| status
] |
[
ssl
]}
show crypto
IPsec client (peer) – typically @leftside or a hostname.
Show details for esp-group, ike-group and ipsec.conf.
Show l2tp details
Show status.
Shows details about ca name, connection etc.
Shows details for pki client trustpoints and openvpn.
Show ssl information.
Command Modes
PerleSCR>
Usage Guidelines
This command is used to show sessions information for services that use encryption.
Examples
To show the version of ssl installed on the IOLAN.
PerleSCR# show crypto ssl
SSL cipher suite: TLS v1.2
Related Commands
show dot1x show dot1x
{
[
all
|
details
|
statistics
] |
[
credential
<WORD>
]
|
[
interface ethernet <1-18> details | statistics
] |
[
radius statistics interface ethernet <1-18>
]
}
Syntax Description show dot1x
[
all | details | statistics
] |
Type all for details for all dot1x connections. Select all statistics to view statistics for each dot1x connection.
IOLAN SCR Command Line Reference Guide
25
User Exec Mode
[
credential
<WORD>
]
|
[
interface ethernet <1-18> details | statistics
] |
[
radius statistics interface ethernet
<1-18>
]
}
Command Modes
Type credential to show the credential profile for the user.
Type Ethernet interface to show connections authenticated with dot1x.
Type radius to show radius statistics for authenticator mode.
PerleSCR>
Usage Guidelines
Shows the connection information for suppliant and authenticator dot1x connections.
Examples
This example shows all dot1x devices.
PerleSCR>show dot1x all
Sysauthcontrol Enabled
Dot1x Protocol Version 3
Dot1x Info for Ethernet9
====================================
PAE = AUTHENTICATOR
QuietPeriod = 60
SuppTimeout = 30
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
PerleSCR>show dot1x credential
Dot1x Credential Profile: lfelton
--------------------------------------------
Username: lfelton
Password:*******
Related Commands
show eap show eap
{[
profile
<WORD>
] |
[
registration
]}
Syntax Description
[
profile
<WORD>
]
|
show eap
Shows details for pre-defined eap profiles.
IOLAN SCR Command Line Reference Guide
26
User Exec Mode
registrations
]}
Command Modes
Shows registered EAP methods.
PerleSCR>
Usage Guidelines
Shows configured methods and pki-trustpoints for eap configured profiles. EAP profiles are configured using the eap profile <name> command. The registration show command shows the EAP methods supported by your IOLAN.
Examples
This example shows eap registrations.
PerleSCR>show eap registrations <cr>
Registered EAP Methods:
=======================
Method Type Name
4 Auth and Peer MD5
6 Auth and Peer GTC
13 Auth and Peer TLS
21 Auth and Peer TTLS
25 Auth and Peer PEAP
26 Auth and Peer MSCHAPV2
..........
PerleSCR>show eap profile <cr>
EAP Profile: md5chap
----------------------------------------
PKI-Trustpoint: None
Allowed Phase 1 methods:
-----------------------------------------
MD5
MSCHAPV2
Related Commands
show environment show environment
{[
all
] |
[
power status]
}
[
temperature status
]}
Syntax Description
[
all
]
|
[
power status]
}
show environment
Show all environment status.
Shows status of power supplies in dual power supply units.
IOLAN SCR Command Line Reference Guide
27
User Exec Mode
Command Modes
PerleSCR>
Usage Guidelines
Show PerleSCR’s environment.
Examples
This example shows the IOLAN environment.
PerleSCR>show environment all <cr>
POWER SUPPLY 1 is DC Not Present
Power sensor value: Not currently valid
POWER SUPPLY 2 is DC OK
Power sensor value: 5.00 Volts
Related Commands
show facility-alarm show facility-alarm
[
status
]}
|
Syntax Description status
]}
Command Modes show facility-alarm
Show the source and severity of alarm.
PerleSCR>
Usage Guidelines
Shows alarm statuses.
Examples
This example shows facility alarm status.
#show facility-alarm status<cr>
Source Severity Description Actions Time
----------------- -------- -------------------------------------- ----------------- -------------------
-
PerleSCR MAJOR Redundant Power missing or failed LOG May
1 2020 14:07
show flash: show flash:
Syntax Description
Command Modes show flash:
PerleSCR>
IOLAN SCR Command Line Reference Guide
28
User Exec Mode
Usage Guidelines
Show files on the internal flash drive.
Examples
PerleSCR> show flash:
83 drwx 4096 Sep 27 2019 10:39 -04:00 testcd
57 -rw- 2504 Jan 2 2019 20:58 -04:00 test-Jan-02-20-58-34-113
78 -rw- 3332 Sep 16 2019 11:58 -04:00 test-Sep-16-11-58-38-8462
37 -rw- 2124 Jan 2 2019 00:28 -04:00 test-Jan-02-00-28-14-37
49 -rw- 2124 Jan 2 2019 01:21 -04:00 test-Jan-02-01-21-17-23
70 -rw- 2513 Jan 3 2019 00:33 -04:00 test-Jan-03-00-33-56-69
39 -rw- 2124 Jan 2 2019 00:30 -04:00 test-Jan-02-00-30-16-39
74 -rw- 3509 Sep 10 2019 13:29 -04:00 test-Sep-10-13-29-21-5469
64 -rw- 2515 Jan 2 2019 23:16 -04:00 test-Jan-02-23-16-52-42
61 -rw- 2504 Jan 2 2019 22:27 -04:00 test-Jan-02-22-27-57-83
71 -rw- 3509 Sep 10 2019 13:26 -04:00 test-Sep-10-13-26-19-5466
43 -rw- 2124 Jan 2 2019 00:51 -04:00 test-Jan-02-00-51-17-17
68 -rw- 2513 Jan 3 2019 00:36 -04:00 test-Jan-03-00-36-58-72
Related Commands
show hosts show hosts
Syntax Description
Command Modes show hosts
PerleSCR>
Usage Guidelines
Shows hosts that were added to the host table.
Examples
This example shows all configured hosts.
PerleSCR>show hosts<cr>
Default domain name is Perle
DNS lookup is enabled
Name servers are not configured
Host Table: accounting-host 172.16.77.99
banking-host 172.16.88.99
test-host 172.16.55.44
IOLAN SCR Command Line Reference Guide
29
User Exec Mode
Related Commands
show ip arp show ip arp
Syntax Description
Command Modes
Usage Guidelines
Shows arp entries.
Related Commands
show ip arp
PerleSCR>
show ip ddns show ip ddns
{[
service interfaces bvi [
<1–9999>
] | [dialer
<0–15>
] | [ethernet
<1-18> ] | [openvpn-tunnel
<0–999
] | [tunnel
<0–999
]
] |
[
use-web interfaces bvi [
<1–9999>
] | [dialer
<0–15>
] | [ethernet <1-18>] |
[openvpn-tunnel
<0–999
] | [tunnel
<0–999
]
]}
Syntax Description show ip ddns
{[
service interfaces bvi [
<1–
9999>
] | [dialer
<0–15>
] |
[ethernet <1-18> | [openvpntunnel
<0–999
] | [tunnel
<0–999
]
]
|
Show interfaces with DDNS service enabled.
[
use-web interfaces bvi [
<1–
9999>
] | [dialer
<0–15>
] |
[ethernet <1-18> | [openvpntunnel
<0–999
] | [tunnel
<0–
999
]
]}
Web check used for obtaining the external
IP address.
Command Modes
PerleSCR>
Usage Guidelines
Display information for DDNS.
Related Commands
IOLAN SCR Command Line Reference Guide
30
User Exec Mode
Examples
This example shows the DDNS service configured on ethernet port 18.
PerleSCR> show ip ddns service ethernet 18<cr>
Service dyndns
Login testddns
Password ********
show ip dhcp show ip dhcp pool
]}
{[
bindings
|
Syntax Description
{[
bindings
|
|
pool
]}
show dhcp
Shows current bindings.
Command Modes
Shows current DHCP configured pools.
PerleSCR>
Usage Guidelines
Shows DHCP information.
Examples
This example will show all information about configured DHCP pools.
PerleSCR> show dhcp pool <cr>
Pool pooltest :
Total addresses: 11
Leased addresses : 2
Exluded addresses: 0
IP address Range: 172.16.113.60 - 172.16.113.70
Related Commands
show ip host-group show ip host-group
{[
<WORD>
]}
Syntax Description show ip host-list
{[
<WORD>
]} Show IP host group.
PerleSCR>
Command Modes
Usage Guidelines
Shows the IP Host Group.
IOLAN SCR Command Line Reference Guide
31
User Exec Mode
Examples
This example shows how to display all IP host groups.
PerleSCR> show ip host-group <cr>
Host list: PerleSCR
172.16.66.99
radius
Rad2
Related Commands
show ip http show ip http
{[
server status
]}
Syntax Description
{[
server status
]}
show ip http
Show configured parameters for http server.
PerleSCR>
Command Modes
Usage Guidelines
Shows the status of the HTTP server
Examples
This example displays the parameters for http server.
PerleSCR> show ip http server status <cr>
HTTP server status: Enabled
HTTP server port:80
User session idle timeout: 1440 seconds
HTTP secure server status: Enabled
HTTP secure server port: 443
Related Commands
show ip interface show ip interface
Syntax Description
Command Modes
Usage Guidelines
Shows all interfaces on the IOLAN.
show ip interface
PerleSCR>
IOLAN SCR Command Line Reference Guide
32
User Exec Mode
Examples
This example displays all interfaces on the IOLAN.
PerleSCR> show ip interfaces <cr>
Interface IP Address Mask Admin Status Link Status Description
--------- ----------------- ----------------- ------------ ----------- ----------lo 127.0.0.1 255.0.0.0 up up eth1 172.16.28.1 255.255.0.0 up up eth2 - - up down eth3 - - up down eth4 - - up down eth5 - - up down eth6 - - up down eth7 - - up down eth8 - - up down eth9 - - up down eth10 - - up down eth11- - up up eth12- - up down eth13 - - up up eth14 - - up down eth15 - - up up eth16 - - up down eth17 - - up down eth18 - - up down br1 192.168.0.1 255.255.255.0 up up
Related Commands
show ip ssh show ip ssh
Syntax Description
Command Modes
Usage Guidelines
Shows ip ssh information.
show ip ssh
PerleSCR>
IOLAN SCR Command Line Reference Guide
33
User Exec Mode
Examples
This example shows you ssh information.
PerleSCR>show ip ssh <cr>
SSH version: 2
SSH server: Enabled
Authentication timeout: 120 seconds
Authentication retries: 3
SSH public key: ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCgAtvWaaM0CeMWoZV1H00sni2J8TY alvSyysQGyBDIOAydaaKv1+s1Imj00FL2Boi3ke/SoKhvuLJQ+bMVFXD7kXw2fk71M o8f8Dd/rOuuF4kE6hKV+LLl44kJKwCUC2w2m4L1lH8Zn8HuX89Qcv2oqPUdkBfO1 nelU3gc6gN4v1ckC069Tgg9hrhghCiBECCCYxmAJUhIy4dQcPwO1DQ6Acp2p3lW2
RYdgUvRAlr8oLiVdrEvT7zZECpYgCMYWmfsTtUhvv8yZpvNAhV9nRm5E93Yl0V2J
15qlmIlSGKn0iiLRW42xjQ4MT5XmWdlXj+NpuMlQRtFzyYPkR2HMf+9
Related Commands
show ipv6 show ipv6 neighbors
]
{[
dhcp bindings | [interface client-mode] | pool
]
interface
] | |
Syntax Description show ipv6
{[
dhcp bindings | interface client-mode | pool
] |
Show IPV6 DHCP information
interface
] |
neighbors
]}
Shows ipv6 interface details.
Shows ipv6 neighbors.
Examples
This example shows you configured IPv6 DHCP pools.
PerleSCR>show ipv6 dhcp pool <cr>
DHCPV6 pool: ipv6pool
Address allocation prefix: 1:2:3:4:5::6/16
Related Commands
IOLAN SCR Command Line Reference Guide
34
User Exec Mode
show line show line
{[
console
<0–0>
]}
Syntax Description
{[
console
<0–0>
]}
show line
Show whether the console is using the
USB or serial port for console mode.
PerleSCR>
Command Modes
Usage Guidelines
Shows what mode the console is in.
Examples
Shows the parameters of the console. (results may be different depending on the model)
PerleRouter# show console 0 <cr>
Console in use: USB
Console in use: Serial
Baud rate (TX/RX) is 9600/9600, parity none, 1 stop bit, 8 data bit
Related Commands
show mab show mab
{[
all details | statistics
]
|
[
interface ethernet <1-18> details | statistics
]
|
[
radius statistics interface ethernet <1-18>
]}
Syntax Description show mab
{[
all details | statistics
] |
Specify all, interface or radius to view
MAB information.
[
interface ethernet <1-18> details | statistics
] |
[
radius statistics interface ethernet <1-18>
]}
Specify interface MAB details.
Specify Radius MAB details.
Command Modes
PerleSCR>
Usage Guidelines
Show MAB (Mac Authentication Bypass) for the Ethernet interfaces or RADIUS.
IOLAN SCR Command Line Reference Guide
35
User Exec Mode
Examples:
Shows the mab interface details for ethernet 3.
PerleSCR>show mab interface ethernet 3 details <cr>
Interface Mac-Auth-Bypass
------------------------------------
Ethernet3 Enabled
MAC Auth Bypass Client List
---------------------------
Supplicant = 00:16:d3:2f:62:bb
EAP Method = None
Port Control State = Auto
Auth SM State = AUTHENTICATED
Auth BkEnd SM State = IDLE
Session ID = B8B01A9D-00000001
Session Time = 855
Identity = 0016d32f62bb
Eapol Frame Counters:
Frames Rx = 2
Frames Tx = 0
Start Frames Rx = 2
Logoff Frames Rx = 0
RespId Frames Rx = 0
Resp Frames Rx = 0
ReqId Frames Tx = 0
Req Frames Tx = 0
Invalid Frames Rx = 0
Length Error Rx = 0
Last Frame Version = 1
Last Frame Source = 00:16:d3:2f 62:bb
Related Commands
show ntp show
{[
ntp associations
] |
[
status
]}
Syntax Description
{[
ntp associations
] |
[
status
]}
Command Modes show ntp
Shows where the IOLAN is getting clock from.
Show the status of NTP.
PerleSCR>
IOLAN SCR Command Line Reference Guide
36
User Exec Mode
Usage Guidelines
Shows ntp associations and status.
Examples
PerleSCR>show ntp associations>
remote refid st t when poll reach delay offset jitter
===============================================================
===============
172.16.55.77 .INIT. 16 u - 1024 0 0.000 0.000 0.000
172.16.113.55 .INIT. 16 s - 32 0 0.000 0.000 0.000
PerleSCR>show ntp status<cr>
Clock is not synchronized, stratum 16, no reference clock
Precision is 2**-18 s
Reference time is 00000000.00000000 (Thu, Feb 7 2036 2:28:16.000)
Clock offset is 0.000000 msec, root delay is 0.000 msec
Root dispersion is 1265.970 msec
System poll interval is 8 s
Related Commands
show nvram show
{[
nvram
]}
Syntax Description
{[
nvram
] |
Command Modes
Usage Guidelines
Shows the contents of nvram.
show nvram
Shows nvram file system.
PerleSCR>
IOLAN SCR Command Line Reference Guide
37
Examples
PerleSCR>show nvram <cr>
Directory of nvram:
50 -rw- 5225 Feb 18 2020 14:40
-05:00 startup-config.log.2
18 -rw- 285 Jan 8 2020 18:06
-05:00 no-default-config
21 -rw- 5848 Mar 3 2020 17:45
-05:00 startup-config
31 -rw- 5902 Feb 20 2020 14:03
-05:00 startup-config.log.1
43 -rw- 5902 Feb 26 2020 10:53
-05:00 startup-config.log
16 -rw- 636 Jan 8 2020 18:06
-05:00 default-config
1372160 KBytes total (1032192 KBytes free)
show radius show
{[
statistics details
]}
Syntax Description
{[
statistics details
]}
Command Modes show radius
Shows radius server statistics.
Usage Guidelines
Show radius details.
Examples
Shows the radius statistics.
PerleSCR# show radius statistics <cr>
All:
Auth. Acct.
Requests 3 3
Responses 3 3
Access Requests 3
Related Commands
PerleSCR>
show snmp show snmp
[
location
]}
{[
contact
] |
Syntax Description show snmp
IOLAN SCR Command Line Reference Guide
User Exec Mode
38
User Exec Mode
[
{[
contact location
]
]}
|
Show the contact information for your
IOLAN.
Shows the location information for your
IOLAN.
PerleSCR>
Command Modes
Usage Guidelines
Shows mib object sysContact and mib object sysLocation.
Examples
PerleSCR>show snmp contact<cr>
Perle-lyn
PerleSCR>show location<cr>
60 Renrew Dr.
Related Commands
show ssh show ssh
Syntax
Description
Command Modes show ssh
IOLAN>
Usage Guidelines
Show users connected via ssh.
Examples
This example show which users are connected.
PerleSCR> show ssh<cr>
Line User Host Idle Location
1 vty 1 admin idle 00:28:26 172.16.113.31
Related Commands
show tacacs show tacacs
{[
statistics details
]}
Syntax Description show tacacs
{[
statistics details
]}
Shows statistics for TACACS+ server.
Command Modes
PerleSCR>
IOLAN SCR Command Line Reference Guide
39
User Exec Mode
Usage Guidelines
Show details about your TACACS server.
Examples
Shows the tacacs statistics.
PerleSCR# show tacacs statistics <cr>
All:
Auth. Acct.
Requests 3 3
Responses 3 3
Access Requests 3
Related Commands
show terminal show terminal
Syntax Description
Command Modes show terminal
PerleSCR>
Usage Guidelines
Shows the terminal parameters of length, width, history enabled, history size and logging monitor.
Examples
This examples displays the parameter for terminal.
PerleSCR> show terminal<cr>
Terminal length = 24
Terminal width = 79
Terminal history is enabled
Terminal history size = 11
Terminal logging monitor is OFF
Related Commands
show users show users
{[
all
] |
[
console
] |
[
vty
] |
[
web
]}
Syntax Description show users
IOLAN SCR Command Line Reference Guide
40
User Exec Mode
{[
all
|
[
console
] |
[
vty
] |
[
web
]}
Command Modes
All users.
Users connected to the console.
Users connected via ssh or telnet.
Show web users for HTTP and connections.
PerleSCR>
Usage Guidelines
Shows the active users on the IOLAN
Examples
This examples displays all attached web users.
PerleSCR>show users web<cr>
User IP Address Idle
Lyn 172.16.113.215 00:11:59
Related Commands
show version show
{[
backup
] |
[
flash:
] |
[
startup
] |
verbose
]}
Syntax Description
{[
backup
] |
[
flash:
|
[
startup
|
[
verbose
]}
show version
Backup version of software.
Version of software in on flash:
Version of software used for startup.
Command Modes
Details about software running on your
IOLAN.
PerleSCR>
Usage Guidelines
Shows information about versions of software running on your IOLAN.
Examples
This example shows the startup version of software.
PerleSCR>show version<cr>
IOLAN SCR Series Console Server, Version 4.2,
IOLAN SCR Command Line Reference Guide
41
User Exec Mode
ssh ssh
{[
-c | -h | -l | -p
<A.B.C.D>
|
<X:X:X:X::X>
]}
Syntax Description ssh
{[
-c | -h | -l | -p |
<A.B.C.D>
|
<X:X:X:X::X>
]}
-c select the encryption method)
-h select HMAC algorithm
-l log in using this user name)
-p connect to this port
<A.B.C.D> <X:X:X:X::X>
IPv4 or IPv6 address or hostname to connect to
Command Modes
PerleSCR>
Usage Guidelines
SSH from your IOLAN to a host supporting the SSH protocol.
Examples
This example shows how to connect to host (172.16.4.90) using lyn as the user.
PerleSCR> ssh -l lyn 172.16.4.90<cr>
Related Commands
telnet telnet
{[
<A.B.C.D>
|
<X:X:X:X::X>
]}
Syntax Description telnet
{[
<A.B.C.D>
|
<X:X:X:X::X>
]}
IP address or hostname to connect to.
Command Modes
PerleSCR>
Usage Guidelines
Telnet from your IOLAN into a host that supports the telnet protocol.
Examples
This example shows how to connect to host (172.16.4.90) using lyn as the user.
PerleSCR> ssh -l lyn 172.16.4.90<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
42
User Exec Mode
terminal terminal
{[
history size
<0–256>
] |
[
length
<0–512>
] |
[
monitor
<0–512>
] |
[
width
<0–512>
]}
Syntax Description terminal
{[
history size
<0–256>
] |
Specify size of the history buffer.
[
length
<0–512>
] |
[
monitor
<0–512>
] |
Specify length of the screen
Copy debugging logging output to the current terminal line.
[
width
<0–512>
]}
Specify width of the screen
Command Default
Command Modes
length – 24 width – 132
PerleSCR>
Usage Guidelines
Configure parameters for your terminal session.
Examples
PerleSCR show terminal
Terminal length = 24
Terminal width = 132
Terminal history is enabled
Terminal history size =20
Terminal logging monitor is Off
traceroute traceroute
{[
<A.B.C.D>
]}
Syntax Description
{[
<A.B.C.D>
]}
traceroute
Destination hostname or address.
Command Modes
PerleSCR>
Usage Guidelines
Traceroute will list all the routers it passes through until it reaches its destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop' from router to router takes.
IOLAN SCR Command Line Reference Guide
43
User Exec Mode
Examples
This example shows the hops it takes from router to router to reach its destination of host 172.16.4.90.
PerleSCR#traceroute 172.16.4.90<cr.> (172.16.4.90), 30 hop max, 60 bytes packets
1 172.16.4.90 (172.16.4.90) 2.094ms 1.113 ms 0.826 ms
Related Commands
IOLAN SCR Command Line Reference Guide
44
3
Privileged EXEC mode
Chapter 3
This chapter contains the CLI commands for Privileged EXEC mode. Some commands may be omitted or changed depending on the IRG5000 model.
archive archive
{[
config
] |
[
download-sw [/force-reload] | [/no-version-check] | [/reload]
]
[flash:
perle-imagename.img
] | [ftp://
/[[username:password]@location]/directory]/perle-image-name.img
] |
[http:/ /
[[username:password]@][hostname | host-ip] [directory] /perle-image-name.img
]
|
[https:/
/
[[username:password]@][hostname | host-ip] [directory] /perle-imagename.img
]
[scp://
[[username@location]/directory]/perle-image-name.img
] |
[sftp://
[[//username:password]@location]/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-image-name.img
]
] |
[upload-sw /force-reload]
name.img
] |
|
[/reload
|
check
] | [
upload-sw
]
[flash:
image-file
] | [ftp:
[[//username[:password]@location]/directory]/perle-image-
|
[http:/
/
[[username:password]@][hostname | host-ip] [directory]/perle-image-name.img
]
[https:/
/
[[username:password]@][hostname name.img
] |
|
host-ip] [directory] /perle-image-
[scp://
[[username:password@location]/directory]/perle-image-name.img
] |
[sftp:
[[//username[:password]@location]/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-image-name.img
]
] |
[flash:
perle-image-name.img
] |
[ftp://
/[[username:password]@location]/directory]/perle-image-name.img
] |
[http:/
/
[[username:password]@][hostname
|
host-ip [directory] /perle-image-name.img
] |
[https:/
/
[[username:password]@][hostname
|
host-ip [directory] /perle-image-name.img
]
[scp://
[[username:password@location]/directory]/perle-image-name.img
] |
[sftp://
[[//username:password]@location]/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-image-name.img
]
] |
[
[upload-sw flash:
image-file
] | [ftp:
[[//username[:password]@location]/directory]/perleimage-name.img
] |
[http:/
/
[[username:password]@][hostname
] |
|
host-ip [directory] /perle-image-name.img
|
[https:/
/
[[username:password]@][hostname
|
host-ip [directory] /perle-image-name.img
[scp:
[[username@location]/directory]/perle-image-name.img
] |
]
[sftp:
[[//username[:password]@location]/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-image-name.img
]
]}
Syntax Description archive
IOLAN SCR Command Line Reference Guide
45
{[
config
] |
[
download-sw |
[flash:
perle-image-name.img
] |
[ftp://
/[[username:password]@location]/d irectory]/perle-image-name.img
] |
[http:/
/
[[username:password]@][hostnam e
|
host-ip [directory] /perle-imagename.img
] |
[https:/
/
[[username:password]@][hostna me
|
host-ip [directory] /perle-imagename.img
]
[scp://
[[username:password@location]/di rectory]/perle-image-name.img
] |
[sftp://
[[//username:password]@location]
/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-imagename.img
]
] |
[
download-sw |
[flash:
perle-image-name.img
] |
[ftp://
/[[username:password]@location]/d irectory]/perle-image-name.img
] |
[http:/
/
[[username:password]@][hostnam e
|
host-ip [directory] /perle-imagename.img
] |
[https:/
/
[[username:password]@][hostna me
|
host-ip [directory] /perle-imagename.img
]
[scp://
[[username:password@location]/di rectory]/perle-image-name.img
] |
[sftp://
[[//username:password]@location]
/directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-imagename.img
]
]
|
Privileged EXEC mode
Archive the running configuration. This configuration will be saved to a predefined location as specified in the archive
set up the path to where the config will be stored.
Download firmware to your
IOLAN.
/force-reload –
unconditionally forces a system reload after successfully downloading the software image.
/reload –
reloads the system (if no unsaved configuration changes have been made) after a successful upgrade.
/no-version-check –
download the software without verifying it’s version compatibility with the image that is running.
Download firmware to your
IOLAN.
/force-reload –
unconditionally forces a system reload after successfully downloading the software image.
/reload –
reloads the system (if no unsaved configuration changes have been made) after a successful upgrade.
/no-version-check –
download the software without verifying it’s version compatibility with the image that is running.
IOLAN SCR Command Line Reference Guide
46
Privileged EXEC mode
[
[upload-sw flash:
image-file
] |
[ftp:
[[//username[:password]@location]/d irectory]/perle-image-name.img
] |
[http:/
/
[[username:password]@][hostnam e
|
host-ip [directory] name.img
] |
[https:/
/
[[username:password]@][hostna me
|
name.img
] |
/perle-image-
host-ip [directory] /perle-image-
[scp:
[[username@location]/directory]/per le-image-name.img
] |
[sftp:
[[//username[:password]@location]/ directory]/perle-image-name.img
] |
[tftp:
[[//location]/directory]/perle-imagename.img
]
]}
Command Modes
Upload the firmware on the
IOLAN to a server.
PerleSCR#archive
Usage Guidelines
Where a username or password is required it can be specified in the IOLAN configuration using the "scp| ftp |sftp |http" command to configure the username and password to use instead of specifying it on the archive command.
The syntax for the local flash file system for downloads and uploads:
flash:
image-file
The syntax for FTP:
[ftp://
/[[username:password]@location]/directory]/perle-image-name.img
] |
The syntax for an HTTP server:
http:/
/
[[username:password]@][hostname | host-ip] [directory]/perle-imagename.img
The syntax for an HTTPS server:
https:/
/
[[username:password]@][hostname | host-ip [directory]/perle-imagename.img
The syntax for an SCP server:
[scp://
[[username:password@location]/directory]/perle-image-name.img
] |
The syntax for an SFTP server:
[sftp://
[[//username:password]@location]/directory]/perle-image-name.img
] |
The syntax for an TFTP server:
[tftp:
[[//location]/directory]/perle-image-name.img
]
|
IOLAN SCR Command Line Reference Guide
47
Privileged EXEC mode
Examples
This example shows you how to download software from a server with an IP address of 172.16.4.182 to your IOLAN using secure HTTP (https) and certificate named apache.crt
Step 1)
You need to download a secure certificate to the IOLAN.
PerleSCR#crypto pki import server apache pem url tftp://172.16.4.182/apach.crt
Step 2)
Configure the IOLAN to use the certificate you just downloaded.
PerleSCR#ip http client secure-trustpoint apache
Step 3)
Set validation off if you do not want to valid the certificate. (You must have created the certificate with validation if you want to valid the certificate)
PerleSCR# archive download-sw https://172.16.4.182/public/IOLAN-software.fit<cr>
The software will now download using secure https.
This example shows you how to upload software from a server with an IP address of
172.16.4.92 using scp.
PerleSCR#archive upload-sw scp://lyn:[email protected]/public/IOLAN.img
Related Commands
boot boot
{[
system backup
]}
Syntax Description
{[
system backup
]}
boot
Copies backup software to startup software. Next reload will use backup software as startup software.
PerleSCR#boot
Command Modes
Usage Guidelines
This command allows you to go back to older saved software. Software can be stored as backup software using the archive command.
Examples
This example shows you how to make boot your IOLAN using the backup software.
<cr>
PerleSCR#boot system backup<cr>
IOLAN SCR Command Line Reference Guide
48
Privileged EXEC mode
cd cd
{[
flash: | nvram:
]}
Syntax Description
{[
flash:
|
nvram:
]}
cd
Command Default
Command Modes
Change directory on flash: or nvram:
None
PerlePerleSCR#cd
Usage Guidelines
The change directory (cd) command is part of the file management system commands.
The cd command is used to change directories within the flash or nvram file systems.
Examples
This example shows you how to make a directory under the flash file system then change directory to that new directory.
PerleSCR#mkdir flash:testdir <cr>
Created directory name testdir.
PerleSCR#cd flash:/testdir <cr>
Related Commands
clear aaa clear
{[
aaa local user fail-attempts all | username
<WORD>
| lockout all
]
|
[
username
<WORD>
]}
Syntax Description clear aaa
{[
aaa local user fail-attempts all | username
<WORD>
| lockout all
]
|
Reset a locked out user.
Reset this locked out user.
Reset all locked out users.
[
username
<WORD>
]}
Rests this user by username.
Command Modes
PerleSCR#clear aaa
Usage Guidelines
This command allows you to reset locked out users.
IOLAN SCR Command Line Reference Guide
49
Privileged EXEC mode
Examples
This example will reset user Marie that is currently locked out from the IOLAN.
PerleSCR#clear aaa local user lockout username Marie<cr>
Related Commands
clear arp-cache clear arp-cache
{[
<A.B.C.D>
| bvi
<0-999>
| dialer
<1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
<0-15>
]}
| ethernet<1-18>
.
Syntax Description clear arp-cache
{[
<A.B.C.D>
| bvi
<0-999>
| dialer
<0-
15>
| ethernet<1-18>
. <1-4000>
| openvpn-tunnel
<0-999>
|tunnel
<0-
999>
]}
Clear arp cache on IP address or interface.
Command Modes
PerleSCR#clear arp-cache
Usage Guidelines
Clears arp entries from the arp table.
Examples
This example shows you how to clear all arps from the arp table for Ethernet interface 1.
PerleSCR#clear arp-cache ethernet 1 <cr>
Related Commands
clear counters clear counters
{[
bvi <1-9999> | ethernet <1-18> | loopback | openvpn-tunnel
<0-999>
| tunnel
<0-999>
]}
Syntax Description clear counters
{[
bvi <1-9999> | ethernet <1-18> | loopback | openvpn-tunnel
<0-999>
| tunnel
<0-999>
]}
Clear counters on specified interface.
Command Modes
PerleSCR#clear counters
Usage Guidelines
Clears counters back to zero on specified interface.
IOLAN SCR Command Line Reference Guide
50
Privileged EXEC mode
Examples
This example shows you how to clear all counters for Ethernet interface 1.
PerleSCR#clear counters ethernet 1<cr>
Clear "show interface" counters on this interface [confirm]
clear ip clear ip
{[
alg connections
]
|
[
bgp *(all) | [
<1-4294967295>
] |
<A.B.C.D>
| [
<X:X:X:X::X:X>
] | [ external in | out | soft
]
|
[
dhcp binding
<*
|
<A.B.C.D>
]
|
[
firewall
<WORD>
]
|
[
route-policy name
<WORD>
counters | rule
<1-9998>
counters
]}
Syntax Description clear ip
[
alg connections
]
|
Clear alg connections
[
bgp * |
<1-4294967295>
|
<A.B.C.D>
|
<X:X:X:X::X:X>
| external in | out | soft
]
|
Type
*
to clear all bgp sessions or connections.
Type the connection number, ipv4, or ipv6 address of the session or connection you want to reset.
Specify whether it is an inbound or outbound session. No in/out parameters clears both in and outbound.
[
dhcp binding
<*
|
<A.B.C.D>
]
|
Type
*
to clear all automatic client bindings
Type the ip address of the client you want to clear the dhcp binding.
[
firewall
<WORD>
]
|
Clear the specified firewall statistics.
[
route-policy name
<WORD>
counters | rule
<1-9998>
counters
]}
Clear counters for route policies.
Command Modes
PerleSCR#clear ip
Usage Guidelines
Use this command to clear all bgp or alg sessions or connections.
You can clear all DHCP bindings using the * parameter or clear only the binding for a specific IP address by entering in the IP address to clear.
IOLAN SCR Command Line Reference Guide
51
Privileged EXEC mode
Examples
This example shows you how to clear all dhcp ip bindings from your IOLAN table.
PerleSCR#clear ip dhcp bindings * <cr>
This example shows you how to clear all BGP connections.
PerleSCR#clear ip bgp * <cr>
clear ipv6 ipv6
{[
firewall
] |
[
neighbors
] |
[
route-policy
<NAME>
]}
Syntax Description
{[
firewall
] |
[
neighbors
] |
[
route-policy
<NAME>
]}
Command Modes clear ipv6
Clear ipv6 firewalls.
Clear ipv6 neighbors.
Clear route policies.
PerleSCR#
Usage Guidelines
Clear commands for the IPv6 protocol.
Examples
This example clears route policy warehouse.
PerleSCR#clear ipv6 route-policy warehouse<cr>
Related Commands
clear line clear line
{[
console
0-0
|
vty
<1-2>
|
tty
<1-16>
]}
Syntax Description clear line
{[
console
0-0
|
vty
<1-2>
|
tty
<1-16>
]}
Select console or line to clear.
Command Modes
PerleSCR#clear line
Usage Guidelines
The vty session will be disconnected. Clear statistics on the serial ports.
IOLAN SCR Command Line Reference Guide
52
Privileged EXEC mode
Examples
This example clears vty line 1.
PerleSCR#clear line vty 1<cr>
[confirm]
[Dec 9 16:14:20 %REQHANDLE-6: Cleared VTY1 session
OK]
Related Commands
clear logging clear
{[
logging
]}
Syntax Description
{[
logging
]}
clear logging
Clears the logging buffer on your
IOLAN.
None
Command Default
Command Modes
PerleSCR#clear logging
Usage Guidelines
Logging buffer size can be from 4096-32768.
Examples
This example clears the logging buffer on the PerleSCR.
PerleSCR# clear logging <cr>
Clear logging buffer[confirm]<cr>
Related Commands
clear radius clear
{[
radius statistics
]}
Syntax Description
{[
radius statistics
]}
Command Modes
Usage Guidelines
Clears radius information.
clear radius
Clears radius information on your
IOLAN.
PerleSCR#
IOLAN SCR Command Line Reference Guide
53
Examples
This example clears radius statistics information on your IOLAN.
PerleSCR#clear radius statistics<cr>
Related Commands
Privileged EXEC mode
clear tacacs clear
{[
tacacs statistics
]}
Syntax Description
{[
tacacs statistics
]}
clear tacacs
Clears tacacs information on your
PerleSCR.
PerleSCR#
Command Modes
Usage Guidelines
Clears tacacs statistical information.
Examples
This example clears tacacs statistics information your IOLAN.
PerleSCR#clear tacacs<cr>
Related Commands
clock clock
{[
set hh:mm:ss 1-3 month year 2001-2037
] |
summer-time
<name-of-timezone >
date <
1-31> <month-to-start > <hh:mm> <1-
31> <month-to-end > < hh:mm > <1-1440-in-minutes>
| recurring <
1-4 >
<
first week> <last week>
] |
[
timezone <
name-of-time-zone> <-23 - 23 > <0-59>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description clock
{[
set hh:mm:ss 1-3 month year 2001-
2037
] |
Set the current time and date.
Month is January, February, March,
April, May, June, July, August,
September, November or December
IOLAN SCR Command Line Reference Guide
54
Privileged EXEC mode
[
[
summer-time date <
1-31> <month-to-start >
<hh:mm> <1-31> <month-to-end > < hh:mm > <1-1440-in-minutes>
| recurring <
1-4 >
<
first week> <last week>
]
|
timezone <
name-of-time-zone> <-23
- 23 > <0-59>
]}
<name-of-timezone >
Command Default
Command Modes
Usage Guidelines
Sets the clock.
Examples
This example sets the clock 5 hours off from UTC.
PerleSCR#clock timezone ont-time-zone -5 <cr>
Name of the summer time zone followed by start/end dates
-numeric value for the day of the month to start summer timezone 1-31, name of the month to start January, February,
March, April, May, June, July, August,
September, October, November,
December.
,
time to start in hours (24) and minutes
,
numeric value for the day of the month to end summer timezone
1-31, name of the month to end
(January, February, March, April, May,
June, July, August, September,
October, November, December), time to end in hours(24), offset in minutes
1-1440
Name of the timezone
-
Hours/minutes offset are going to be hours/minutes offset from utc
(universal time clock).
clock timezone EST 5 clock summer-time EDT recurring 2
Sun Mar 2:00 1 Sun Nov 2:00 60
PerleSCR#clock
Related Commands
configure configure
{[
confirm
] | [
revert now | timer
<1-120
>
| idle
<
1-120>
] | [
terminal lock | revert timer
<
1-120>
| idle
<
1-120>
]}
Syntax Description configure
{[
confirm
] |
Cancels revert timer.
IOLAN SCR Command Line Reference Guide
55
Privileged EXEC mode
[
revert now
<
1-120>
] |
| timer
<1-120
>
| idle
Parameters for reverting this config using the rollback feature. Time to wait for confirmation
[
terminal lock | revert timer
<
1-120>
| idle
<
1-120>
]}
Command Modes
Allows you to lock configuration mode.
PerleSCR#configure
Usage Guidelines
Configuration mode on your IOLAN.
Examples
This example show you how to configure your IOLAN using your terminal connection.
PerleSCR#configure<cr>
Configuring from terminal, memory, or network [terminal]?
<cr>
PerleSCR(config)#
Related Commands
copy copy
{[
flash:
:
filename
| [
filename
http: config
filename
] | [
filename
]
ftp flash: | nvram: | running-config | startup-config
| [
https:
filename
] | [
nvram:
filename
] | [
running-
[
tftp:
filename
]}
] | [
scp:
filename
] | [
sftp:
filename
] | [
startup-config
filename
] |
Syntax Description copy
{[
flash:
filename
]
|
Copies a file to flash.
[
ftp flash: | nvram: | running-config | startup-config :
filename
] |
Copies a file using ftp.
[
http:
filename
] |
[
https:
filename
] |
[
nvram:
filename
] |
[
running-config
filename
] |
[
scp:
filename
] |
[
sftp:
filename
] |
Copies a file using http.
Copies a file using https.
Copies a file from nvram.
Copies running config to another file.
Copies a file using scp.
Copies a file using sftp.
IOLAN SCR Command Line Reference Guide
56
Privileged EXEC mode
[
startup-config
filename
[
tftp:
filename
]}
Command Modes
] |
Copies startup-config to another filename.
Copies a file using tftp.
PerleSCR#copy
Usage Guidelines
The copy command (copy) is part of the file management system commands.
Copy a file from one location to another.
Examples
This example shows how to copy a file from the flash: directory to a tftp server with an ipv4 address of 172.16.4.90.
PerleSCR#copy flash:running-config-save tftp:<cr>
Address or name of remote host[ ]?172.16.4.90<cr>
Destination filename [ ]?backup-running-config<cr>
4922 bytes copied in 0.013 seconds
Related Commands
debug debug
{[
alarmmgr
] | [
all
] | [
bgp
] | [
clpd
] | [
dialer
] | [
dot1x-authenticator
] |
[
dot1x-supplicant
] | [
drmgrd
] | [
] | [
init
] | [
[ip dhcp client | relay-agent | server]
|rib]
] | [
|
[ospf events | ism | lsa | nsm | nssa | packets | rib] | [rip events | packets ip-sec
] | [
kernel
] | [
logging
[
wan-highavail
] | [
wanifmgr
]}
] | [
ntp
] | [
snmp
] |
Use the no form of this command to negate enable secret.
[
trapmgr
] | [
tty
] | [
vty
] |
Syntax Description debug
{[
alarmmgr
] |
Add alarm manager messages to logging
[
all
] |
Sets all debugging messages to the log on. Setting all debug on will seriously effect the speed of your
IOLAN.
[
bgp
] |
[
clpd
] |
Start debug for bgp.
Start debug for clpd.
IOLAN SCR Command Line Reference Guide
57
Privileged EXEC mode
[
[
[
[
dialer
]
dot1x-authenticator dot1x-supplicant drmgrd
|
] |
] |
] |
Start debug for Dial on Demand feature.
Start debug for dot1x authenticator mode.
Start debug for dot1x suppliant mode.
Device Remote manager daemon debugging.
Start debug for email.
[
] |
[
init
] |
[
[ip dhcp client | relay-agent | server]
|
[ospf events | ism | lsa | nsm | nssa | packets | rib] | [rip events | packets | rib]
] |
[
ip-sec
] |
[
kernel
] |
[
logging
] |
[
ntp
] |
[
snmp
] |
[
trapmgr
] |
[
tty
] |
[
vty
] |
Start debug for init.
Start debug for dhcp client, relay agent and server.
Start debug for ospf.
Start debug for rip.
Starts debug for ipsec.
Start debug for kernel.
Start debug for logging.
NTP logging
Start debug for smnp.
Start debug for trapmgr.
Start debug for tty.
[
[
wan-highavail wanifmgr
]}
] |
Start debug for vty devices ssh and telnet.
Start debug for wan high available connections.
Start debug for our internal wan manager.
All debug off
Command Default
Command Modes
PerleSCR#debug <cr>
Usage Guidelines
You can set debug on for features or functions within your IOLAN. Setting debug on for all features will seriously impact system performance on your IOLAN.
IOLAN SCR Command Line Reference Guide
58
Privileged EXEC mode
Examples
This example shows you how to set debug on for ntp.
PerleSCR#debug ntp <cr>
This example shows you how to set debug on for dhcp server.
PerleSCR#debug ip dhcp server <cr>
Related Commands
delete delete
{[
flash:
<filename>
] | [
nvram:
<filename
]}
Syntax Description
{[
flash:
<filename>
]
|
delete
Select the filename to delete.
[
nvram:
<filename>
]}
Select the filename to delete.
Command Modes
PerleSCR#delete
Usage Guidelines
The delete command is part of the file management system commands.
Deletes a file on flash or nvram.
Examples
This example shows how to delete a file on flash.
PerleSCR#delete flash:backup.config<cr>
Related Commands
dir dir
{[
flash:
|
nvram:
]}
Syntax Description
[
flash:
|
nvram:
]}
dir
Shows the contents of flash.
Shows the contents of nvram.
IOLAN SCR Command Line Reference Guide
59
Privileged EXEC mode
Command Default
Command Modes
None
PerleSCR#dir
Usage Guidelines
The dir command is part of the file management system commands.
Shows the contents of a file system on flash or nvram.
Examples
PerleSCR#dir <cr>
34 -rw- 1992 Mar 25 2019 17:39 -04:00 running-config
33 -rw- 368555308 Mar 25 2019 13:38 -04:00 perle.img
39 -rw- 2016 Mar 27 2019 12:35 -04:00 -Mar-27-12-35-22-0
24 -rw- 896 Jan 4 2001 16:46 -04:00 backup.config
42 -rw- 2068 Mar 28 2019 15:33 -04:00 -Mar-28-15-33-44-3
41 -rw- 2047 Mar 27 2019 16:24 -04:00 -Mar-27-16-24-31-2
40 -rw- 2047 Mar 27 2019 16:24 -04:00 -Mar-27-16-24-26-1
Related Commands
disable disable
Syntax Description
Command Modes disable
PerleSCR#disable
Usage Guidelines
Disables leave privileged mode.
Examples
This example show how to go from privileged level to user level.
PerleSCR#disable <cr>
Related Commands
disconnect disconnect
{[
ssh vty
<0-15>
]}
Syntax Description disconnect
IOLAN SCR Command Line Reference Guide
60
Privileged EXEC mode
Command Modes
PerleSCR#disconnect
Usage Guidelines
Disconnects an active ssh session.
Examples
This example disconnects active ssh session vty 1.
PerleSCR#disconnect ssh vty 1<cr>
[confirm]
[OK]
Related Commands
dot1x dot1x
{[
initialize interface ethernet <1-18> ethernet <1-18>
] [
]
|
[
re-authenticate interface test interface ethernet <1-18>
]}
Syntax Description dot1x
[
initialize interface ethernet <1-18>
]
|
Devices connected on this Ethernet interface will be forced to authenticate.
The connection is secured.
[
re-authenticate interface ethernet
<1-18>
]
|
Devices connected on this Ethernet interface will be forced to reauthenticate.
[
test interface ethernet <1-18>
]}
Run a 802.1x readiness test to detect any 802.1x clients that are EAPoL capable.
Command Modes
PerleSCR#dot1x
Usage Guidelines
Dot1x commands to initialize, re-authenticate and test connected dot1x devices.
IOLAN SCR Command Line Reference Guide
61
Privileged EXEC mode
Examples
This example will force devices on ethernet interface 9 to re-authenticate.
PerleSCR>enable
PerleSCR# dot1x re-authenticate interface eth 9<cr>
This example will test for EAPol capable devices.
PerleSCR> enable
PerleSCR# interface eth 9
PerleSCR(config-if)# dot1x pae authenticator
PerleSCR(config-if)#exit
PerleSCRPerleSCR# dot1x test eapol-capable interface eth cr>
PerleSCR# show logging <cr>
*Oct 18 02:41:15 %PORT-AUTH-6: eth2: STA 00:13:20:92:29:82 IEEE 802.1X:
INFO_EAPOL_PING_RESPONSE: The interface Ethernet1 has an 802.1x capable client with MAC (00.13.20.92.29.82)
*Oct 18 01 02:41:15 %PORT-AUTH-6: eth2: STA 00:16:d3:2f:62:bb IEEE 802.1X:
INFO_EAPOL_PING_RESPONSE: The interface Ethernet1 has an 802.1x capable client with MAC (00.16.d3.2f.62.bb)
Related Commands
exit exit
Syntax Description
Command Modes
Usage Guidelines
Exit from EXEC mode.
Related Commands
exit
PerleSCRexit
kill
{[
line tty
<1-16>
]}
Syntax Description
{[
line tty
<1-16>
]
}
Command Modes kill
Resets the line.
PerleSCR#kill line tty
IOLAN SCR Command Line Reference Guide
62
Privileged EXEC mode
Usage Guidelines
Killing a line will reset that serial line, then reload any new parameters you have configured for that line.
Examples
This example will reset (kill) the line for tty 10. Any users connected will be disconnected.
PerleSCR#kill line tty 10<cr>
Related Commands
line-attach
{[
tty
<1-16>
|
<WORD>
]}
Syntax Description
[
tty
<1-16>
|
<WORD>
]}
line-attach
Displays available serial ports configured for ssh or telnet protocol.
If the user logs in, line access privileges will be based on this authentication not the original authentication request.
<WORD>
SSH user name is optional. If it is not entered, the username which logged into the
IOLAN main session will be used.
PerleSCR#line-attach
Command Modes
Usage Guidelines
The line-attach feature allows you to connect to serial ports configured as Console
Management ports. The available ports for both Telnet and SSH will be displayed.
Examples
This example allows a user to connect to serial port 16 using the SSH protocol and ssh user sshlyn.
PerleSCR#line-attach tty 16 sshlyn<cr>
Related Command
logout
{[
logout
]}
Syntax Description logout
IOLAN SCR Command Line Reference Guide
63
Privileged EXEC mode
{[
logout
]}
Command Modes
Usage Guidelines
Logs you out of your IOLAN.
Logs out of the IOLAN.
PerleSCR#logout
mkdir mkdir
{
[
flash:
]
}
Syntax Description
{
[
flash:
]
}
Command Modes mkdir
Make a directory on the flash.
PerleSCR#mkdir
Usage Guidelines
The make directory (mkdir) command is part of the file management system commands.
Makes a new directory on flash.
Examples
This example shows you how to make a directory under the file system flash:
PerleSCR>enable<cr>
PerleSCR#mkdir flash:testing<cr>
PerleSCR#dir
Directory of flash:
130307 drwx 4096 Jan 2 2019 19:58 -05:00 testdir
130306 -rw- 1508 Jan 2 2019 17:46 -05:00 test-config
130308 drwx 4096 Jan 3 2019 18:49 -05:00 testing
Related Commands
more more
{[
/ascii
] |
[
/binary
] |
[
flash:
] |
[
nvram:
] |
[
running-config
] |
IOLAN SCR Command Line Reference Guide
64
Privileged EXEC mode
[
startup-config
]}
Syntax Description
{[
/ascii
] |
[
/binary
] |
[
flash:
] |
more
Forces the file type to ascii.
Force the filetype to binary.
[
[
nvram:
]
|
running-config
] |
Displays the content of a file within flash.
Displays the content of a file within nvram. system.
Merge running config with current system configuration.
Displays startup configuration.
[
startup-config
]}
Command Modes
PerleSCR#more
Usage Guidelines
The more command show you a file contents. You can specify whether to show the contents in ascii or binary format.
Examples
The example shows you how to view the file contents of nvram.
PerleSCR#more nvram:no-default-config<cr>
IOLAN SCR Command Line Reference Guide
65
Privileged EXEC mode interface BVI1
ip address 192.168.0.1 255.255.255.0
interface ethernet 2
ip address dhcp interface ethernet 25
no ip address
bridge-group 1 interface ethernet 26
no ip address
bridge-group 1 no ip address
bridge-group 1 interface ethernet 13
no ip address
bridge-group 1 interface ethernet 14
no ip address
bridge-group 1 interface ethernet 15
no ip address
bridge-group 1 interface ethernet 16
no ip address
bridge-group 1 no ip http server no ip http secure-server ip dns listen-address 192.168.0.1
ip dhcp pool default-pool
network 192.168.0.0 255.255.255.0 start 192.168.0.100 stop 192.168.0.200
authoritative enable
default-router 192.168.0.1
dns-server 192.168.0.1
ping ping
18024>
{[
<WORD>
data
<HEX DIGITS>
repeat
<1-2147483647>
size
<36-
]}
Syntax Description ping
Host name must be predefined in a host table. Data hex pattern is from
1 to 32 hex characters. Repeat count can be from 1-2147483647.
Datagram size can be from 36-
18024.
Command Modes
PerleSCR#ping
Usage Guidelines
Ping a host.
IOLAN SCR Command Line Reference Guide
66
Privileged EXEC mode
Examples
This example shows you how to ping a host with an ip address of 172.16.113.44 repeating the ping request 10 times.
PerleSCR ping 172.16.113.44 repeat 10 <cr>
This example show you how to ping a host with an ip address of 172.16.113.44 with hex data pattern of f1f1f1f1f1.
PerleSCR ping perlehost data f1f1f1f1f1<cr>
This example shows you how to ping a host with an ip address of 172.16.113.44 with a data packet size of 4o bytes.
PerleSCR ping perlehost size 40<cr>
Related Commands
pwd pwd
Syntax Description
Command Modes pwd
PerleSCR#pwd
Usage Guidelines
The pwd command is part of the file management system commands.
Shows your current file system.
Examples
This command will show you what file system you are in.
PerleSCR#cd nvram:<cr>
PerleSCR#pwd<cr> nvram:
Related Commands
release dhcp | dhcpv6
release dhcp | dhcpv6
{[
bvi
<1–9999>
] |
IOLAN SCR Command Line Reference Guide
67
Privileged EXEC mode
[
ethernet<1-18> .
<1–4000>
]}
[
Syntax Description
{[
bvi
<1–9999>
]
ethernet <1-18>
|
.
<1–4000>
]}
release
Release the dhcp address for the specified bridge interface.
Release the dhcp address for the specified ethernet interface.
PerleSCR#release
Command Modes
Usage Guidelines
Release the IPv4/IPv6 address from the specified interface. The IPv4/IPv6 address will be added back to the DHCP pool.
Examples
This example will release the ipv4 address from eth10.
PerleSCR# release dhcp eth10<cr>
Related Commands
reload reload
{[
at
hh:mm
] | [
cancel
] | [
in
mmm
|
hh:mm
]}
Syntax Description reload
{[
at
hh:mm
]
|
at
– specify the time in hours and minutes when to reload the firmware on the IOLAN.
[
cancel
]
|
cancel
– cancel any pending reload commands.
[
in
mmm
| [
hh:mm
]}
in
– specify in minutes 1-999 or hours minutes when to reload the firmware on the IOLAN
Command Modes
PerleSCR#reload
Usage Guidelines
Reload the IOLAN firmware. The IOLAN will power off and then reboot. Any configuration not copied from running-config to startup-config will be lost.
IOLAN SCR Command Line Reference Guide
68
Privileged EXEC mode
Examples
Reloads the firmware on the IOLAN in 10 hours and 20 mins.
PerleSCR#reload 10:20 <cr>
Cancels the previous reload command.
PerleSCR#reload cancel <cr>
*****
***** ----SHUTDOWN ABORTED ---
******
Related Commands
Note:
Before reloading the IOLAN copy running config to startup config to save any changes that you want to save permanently.
rename rename
{[
flash:
<WORD>
] | [
nvram:
<WORD>
]}
Syntax Description rename
{[
flash:
<WORD>
]
|
[
nvram:
<WORD>
]}
Rename the file.
Command Modes
PerleSCR#rename
Usage Guidelines
The rename command is part of the file management system commands.
Rename a file on flash or nvram.
Examples
This example renames a file on flash from testdir to newdir.
PerleSCR#rename flash:testdir flash:backup<cr>
Destination file name[backup]?
Related Commands
renew renew dhcp | dhcpv6
{[
bvi
<1–9999>
] |
IOLAN SCR Command Line Reference Guide
69
Privileged EXEC mode
[
ethernet <1-18>
]}
[
Syntax Description
{[
bvi
<1–9999>
ethernet<1-18>
] |
]}
renew
Renew the dhcp address for the specified bridge interface.
Renew the dhcp address for the specified Ethernet interface.
PerleSCR#renew
Command Modes
Usage Guidelines
Renew the IPv4/IPv6 address for specified interface. An IPv4/IPv6 address with be allocated from the DHCP pool.
Examples
This example will renew the DHCP IPv4 address for eth10.
PerleSCR# renew dhcp eth10<cr>
Related Commands
reset reset
{[
factory
]}
Syntax Description
{[
factory
]}
reset
Resets the IOLAN to factory default, removing all configuration files, certificates and keys.
PerleSCR#reset
Command Modes
Usage Guidelines
Sets the IOLAN to factory defaults,
Related Commands
IOLAN SCR Command Line Reference Guide
70
Privileged EXEC mode
rmdir rmdir
{[
flash:
<WORD>
]}
Syntax Description
{[
flash:
<WORD>
]}
Command Modes
Usage Guidelines
Remove a file on flash.
Examples
This example removes a file on flash.
PerleSCR# remove flash:testit <cr>
Remove Directory name [testit]?
Related Commands
rename
Remove the directory on flash.
PerleSCR#rmdir
serialt serialt
{[
#[mask] [...] [-full] [-size=# [-show]
]}
Syntax Description serialt
{[
#[mask] [...] [-full] [-size=# [-show]
]} Takes serial line trace.
Usage Guidelines
Captures data on serial line.
Examples
This example will capture all data on serial port 1 and display it on the screen.
PerleSCR# serialt 1 -show<cr>
SERIAL TRACE V1.00
To start a serial trace:
IOLAN SCR Command Line Reference Guide
71
Privileged EXEC mode serialt #[=mask] [...] [-full] [-size=#] [-show]
| | | | | |
| | | | | then show the trace file
| | | | size in kilobytes (2-1024)
| | | stop when trace file full else wrap
| | another port/mask to simultaneously trace
| optional trace mask any combination of:
| rx+tx+signals+special+ioctl or use: normal,all,same
port number 1->max
Serial trace file utilities: serialt [-show] [-remove]
| |
| remove the trace file
show the trace file
Related Commands
show aaa show aaa
{[
local user lockout
]}
Syntax Description
{[
local user lockout
]}
show aaa
Shows users that are locked out of the
IOLAN.
PerleSCR#show aaa
Command Modes
Usage Guidelines
This command will show you the current locked out users on the IOLAN.
Examples
This example will show you the current locked out users on the IOLAN.
PerleSCR#show aaa local user lockout<cr>
Locked-out users: Lyn
Related Commands
show alarm show alarm
{[
description port
] |
[
profile
] |
[
settings
]}
Syntax Description show alarm
IOLAN SCR Command Line Reference Guide
72
Privileged EXEC mode
{[
description port
] |
[
profile
] |
[
settings
]}
Command Modes
Show description.
Show profile.
Show settings.
#show alarm
Usage Guidelines
Shows you alarm descriptions, profile and settings.
Examples
To show alarm descriptions.
PerleSCR>show alarm profile<cr> defaultPort:
Interfaces eth1, eth2, eth3, eth4, eth5, eth6, eth7, eth8, eth9, eth10, eth11, eth12, eth13, eth14, eth15, eth16, eth17, eth18
Alarms not-operating
Syslog not-operating
Notifies not-operating
Related Commands
show archive show
{[
archive config | rollback | timer
] |
[
update
]}
Syntax Description show archive
{[
archive config | rollback | timer
] |
Shows information for configuration rollback and timer.
[
update
]}
Shows whether the Check Software update is enabled.
Command Modes
PerleSCR#show archive
Usage Guidelines
Shows config rollback and update feature.
IOLAN SCR Command Line Reference Guide
73
Privileged EXEC mode
Examples
This example will show the config for the rollback feature.
PerleSCR#show archive<cr>
The maximum archive configurations allowed is 14.
There are currently 9 archive configurations saved.
The next archive file will be named flash:-<timestamp>-9
Archive # Name
1 flash:-May-19-14-14-16-0
2 flash:-May-19-14-17-50-1
3 flash:-May-1914-19-00-2
4 flash:-May-19-14-19-14-3
5 flash:-May-19-14-20-55-4
6 flash:-May-19-14-24-31-5
7 flash:-May-19-15-05-37-6
8 flash:-May-19-03-37-55-7
9 flash:-May-19-03-38-10-8 <- Most Recent
10
11
12
13
14
Related Commands
show arp show
{[
arp
A.B.C.D
]}
Syntax Description
{[
arp
A.B.C.D
]}
Command Default show arp
Show arp table.
None
Command Modes
PerleSCR#show arp
Usage Guidelines
Use this command to show entries in the arp table.
Enter an ipv4 address to display the entry for this ip address in the arp table.
Examples
This example show you how to view the arp table.
PerleSCR#show arp<cr>
Address HWtype HWaddress Flags Mask Iface
172.16.113.20 ether 78:2b:cb:a5:b4:0c C eth1
172.16.23.122 ether 70:f3:95:18:7a:a3 C eth1
IOLAN SCR Command Line Reference Guide
74
Privileged EXEC mode
Related Commands
show bgp show
{[
bgp community
]
|
[
community-list
<1-500 >
exact-match
| <list-name>
]
|
[
filter-list
<access-list name>
]
|
[
memory
]
|
[
neighbors
<A.B.C.D> | <X:X::X:X>
]
|
[
prefix-list
<word>
]
|
[
regexp
<line>
]
|
[
route-map
<line>
]}
Syntax Description show bgp
{[
bgp community
] |
Show routes matching the communities.
[
community-list
<1-500 >
exact-match |
<list-name>
] |
[
filter-list
<access-list name>
] |
Show routes matching the community list.
Show routes conforming to the filter list.
[
memory
]
|
[
neighbors
<A.B.C.D> | <X:X::X:X>
]
|
Global BGP memory statistics.
Detailed list for TCP and BGP neighbor connections.
[
prefix-list
<word>
] |
Display routes matching the prefixlist.
[
regexp
<line>
]
|
Display routes matching the AS path regular expression.
[
route-map
<line>
]}
Display routes matching the routemap
Command Modes
PerleSCR#show bgp
Usage Guidelines
Show BGP information.
IOLAN SCR Command Line Reference Guide
75
Privileged EXEC mode
Examples
This example shows bgp neighbors.
PerleSCR# show bgp neighbors<cr>
BGP neighbor is 172.16.39.2, remote AS 65537, local AS 65536, external link
BGP version 4, remote router ID 172.16.39.2
BGP state = Established, up for 00:14:28
Last read 05:39:27, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Message statistics:
Inq depth is 0
Outq depth is 0
Opens:
Notifications:
Sent Rcvd
1
Updates:
Keepalives:
Route Refresh:
Capability:
Total:
0
0 0
1
16
0
0
18
1
15
0
0
16
Minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
1 accepted prefixes
Connections established 1; dropped 0
Last reset never
Local host: 172.16.39.1, Local port: 179
Foreign host: 172.16.39.2, Foreign port: 38216
Nexthop: 172.16.39.1
Nexthop global: 2011::2
Nexthop local: fe80::251:82ff:fe11:2201
BGP connection: non shared network
Read thread: on Write thread: off
Related Commands
show bridge show
{[
bridge
]}
Syntax Description
{[
bridge
]}
show bridge
Show list of bridges
IOLAN SCR Command Line Reference Guide
76
Privileged EXEC mode
Command Default
Command Modes
None
PerleSCR#show bridge
Usage Guidelines
Use this command to list bridge information.
Examples
This example show you how to view bridge information.
PerleSCR#show bridge<cr>
Bridge Name Bridge ID br1 8000.00400298993b no eth10, eth11, eth12, eth13, eth14, eth15, eth16, eth25, eth26, eth27, eth28, eth29, eth30, eth31, eth32, eth9
Related Commands
show clock show
{[
clock
]}
Syntax Description
{[
clock
]}
Command Modes
Usage Guidelines
Shows current date and clock.
Examples
To show clock, type
PerleSCR# show clock <cr>
Thu Nov 22 3:18:17:17 UTC 2018
Related Commands
show clock
Shows current date and clock.
PerleSCR#show clock
show crypto show
{[
crypto ipsec client |esp-group
<WORD>
| ike-group
<WORD>
| status
] |
[
openvpn | pki | ssl
]}
Syntax Description show crypto
|
{[
crypto ipsec client |esp-group
<WORD>
| ike-group
<WORD>
| status
]
Shows IPsec information.
IOLAN SCR Command Line Reference Guide
77
[
openvpn
] |
[
pki
] |
[
ssl
]}
Command Modes
Usage Guidelines
Show crypto information.
Examples
To show ipsec status, type
PerleSCR# show ipsec status <cr>
IPsec is enabled
IPsec is running
No connections active
Related Commands
Privileged EXEC mode
Show OpenVPN information.
Shows pki information.
Shows ssl information,
PerleSCR#show crypto
show debugging show
{[
debugging
]}
Syntax Description
{[
debugging
]}
show debugging
Shows which processes are in debugging mode.
PerleSCR#show debugging
Command Modes
Usage Guidelines
Shows which functions or commands have debug enabled.
Examples
This example shows the output of the debug command.
PerleSCR# show debugging<cr>
BGP events debugging is on
NTP debugging is on
show dhcp show dhcp
{[
lease
]}
Syntax Description show dhcp
IOLAN SCR Command Line Reference Guide
78
Privileged EXEC mode
{[
lease
]}
Command Modes
Shows current devices with leases.
PerleSCR#show dhcp
Usage Guidelines
Shows all client dhcp leases with configured options.
Examples
This example will show all the dhcp leases.
PerleSCR# show dhcp lease<cr> dhcp-assigned-address 172.17.121.182
option subnet mask 255.255.0.0
option dhcp-lease time 86400 seconds option dhcp-server-identifier 172.17.3.13
renew Mon Jan 01 08:44:00 EST 2021 rebind Mon Jan 01 19:02:16 EST 2021 expire Mon Jan 01 22:02:16 EST 2021
Related Commands
show dot1x
{
[
all
|
details
|
statistics
] |
[
credential
<WORD>
]
|
[
interface ethernet <1-18> | details | statistics
] |
[
radius statistics interface ethernet <1-18>
]
}
show dot1x
Syntax Description show dot1x
[
all | details | statistics
] |
Type all for details for all dot1x connections. Select all statistics to view statistics for each dot1x connection.
[
credential
<WORD>
]
|
Type credential to show the credential profile for the user.
[
interface ethernet <1-18> details | statistics
] |
Type Ethernet interface to show connections authenticated with dot1x.
[
radius statistics interface ethernet <1-
18>
]
}
Type radius to show radius statistics for authenticator mode.
Command Modes
PerleSCR#show dot1x
IOLAN SCR Command Line Reference Guide
79
Privileged EXEC mode
Usage Guidelines
Shows the connection information for suppliant and authenticator dot1x connections.
Examples
This example shows the interfaces with dot1x enabled.
PerleSCR#show dot1x all
Sysauthcontrol Enabled
Dot1x Protocol Version 3
Dot1x Info for Ethernet2
====================================
PAE = AUTHENTICATOR
QuietPeriod = 60
SuppTimeout = 30
ReAuthMax = 2
MaxReq = 2
TxPeriod = 30
Dot1x Info for Ethernet3
====================================
PAE = SUPPLICANT
StartPeriod = 30 (fixed)
AuthPeriod = 30 (fixed)
HeldPeriod = 60 (fixed)
MaxStart = 3 (fixed)
Credentials profile = lfelton
EAP profile = md5chap
This example shows dot1x credentials.
PerleSCR#show dot1x credential
Dot1x Credential Profile: lfelton
--------------------------------------------
Username: lfelton
Password:*******
Related Commands
show eap show eap
{[
profile
<WORD>
] |
[
registrations
]}
[
Syntax Description profile
<WORD>
]
|
show eap
Shows details for pre-defined eap
IOLAN SCR Command Line Reference Guide
80
Privileged EXEC mode
[
registrations
]}
Command Modes
Shows supported EAP.
PerleSCR>show eap
Usage Guidelines
Shows configured methods and pki-trustpoints for EAP configured profiles. EAP profiles are configured using the eap profile <name> command. The registration show command shows the EAP methods supported by your IOLAN.
Examples
This example shows eap registrations.
PerleSCR#show eap registrations <cr>
Registered EAP Methods:
=======================
Method Type Name
4 Auth and Peer MD5
6 Auth and Peer GTC
13 Auth and Peer TLS
21 Auth and Peer TTLS
25 Auth and Peer PEAP
26 Auth and Peer MSCHAPV2
..........
This example shows all eap profiles.
PerleSCR>show eap profiles<cr>
EAP Profile: md5chap
----------------------------------------
PKI-Trustpoint: None
Allowed Phase 1 methods:
-----------------------------------------
MD5
MSCHAPV2
Related Commands
show eee show eee
{[
capabilities interface ethernet <1-18>
]
[
status
]}
|
Syntax Description show eee
|
{[
capabilities interface ethernet <1-18>
] Shows whether the remote Ethernet interface is capable of Energy
Efficient Ethernet.
IOLAN SCR Command Line Reference Guide
81
[
status
]}
Command Modes
Usage Guidelines
Shows eee capabilities for Ethernet ports.
Examples
This example shows eee capabilities on the Ethernet ports.
PerleSCR# show eee capabilites.<cr>
Ethernet1
EEE: no
Ethernet2
EEE: no
Ethernet9
EEE: yes
Ethernet10
EEE: yes
Ethernet11
EEE: yes
Ethernet12
EEE: yes
Ethernet13
EEE:yes
Ethernet14
EEE:yes
Ethernet15
EEE:yes
Ethernet16
EEE:yes
Privileged EXEC mode
Shows the current status
Disagree – the remote interface cannot negotiate eee.
Link down – the remote interface is not connected.
Operational – both sides have agreed on eee capabilities.
Disabled – eee is disabled on this
Ethernet interface.
PerleSCR#show eee
IOLAN SCR Command Line Reference Guide
82
Privileged EXEC mode
Ethernet25
EEE:yes
Ethernet26
EEE:yes
Ethernet27
EEE:yes
Ethernet28
EEE:yes
Ethernet28
EEE:yes
Ethernet29
EEE:yes
Ethernet30
EEE:yes
Ethernet31
EEE:yes
Ethernet32
EEE:yes
show email show email
Syntax Description
Command Modes
Usage Guidelines
Shows configured email parameters.
Examples
This example shows email configuration.
PerleSCR# show email <cr>
Email: Disabled
SMTP Server: testsnmp from:
Encryption: none
Username: lyn
Password: test
Validate Certificate: Disabled
Related Commands
show email
PerleSC#show email
show environment show
{[
environment
[
all
]
|
[
power status
]
|
}
|
Syntax Description show environment
IOLAN SCR Command Line Reference Guide
83
Privileged EXEC mode
[
all
]
|
[
power status
]
|
[
temperature
]}
Show all environment status.
Shows status of power supplies.
Show temperature status.
Command Modes
PerleSCR#show environment
Usage Guidelines
Shows power supply statuses.
This example shows the IOLAN internal environment.
PerleSCR# show environment all<cr>
POWER SUPPLY 1 is DC Not Present
Power sensor value: Not currently valid
POWER SUPPLY 2 is DC OK
Power sensor value: 5.00 Volts
show facility-alarm show
{[
facility-alarm
]
|
[
status
]}
Syntax Description
{[
facility-alarm
] | [
status
]}
Command Modes show facility-alarms
Shows facility alarms by status
PerleSCR#show facility-alarm
Usage Guidelines
Shows facility alarms.
Examples
This example shows facility alarm statuses.
#show facility-alarm status<cr>
Source Severity Description Actions Time
-
----------------- -------- -------------------------------------- ----------------- -------------------
PerleSCR MAJOR Redundant Power missing or failed LOG May
1 2020 14:07
show flash: show flash:
Syntax Description
Command Modes
Usage Guidelines
Shows the contents of flash:.
show flash:
PerleSCR#flash:
IOLAN SCR Command Line Reference Guide
84
Examples
This example shows contents of the flash file system.
PerleSCR# show flash:<cr>
Directory of flash:
57 -rw- 2504 Jan 2 2019 20:58
-04:00 test-Jan-02-20-58-34-113
78 -rw- 3332 Sep 16 2019 11:58
-04:00 test-Sep-16-11-58-38-8462
37 -rw- 2124 Jan 2 2019 00:28
-04:00 test-Jan-02-00-28-14-37
49 -rw- 2124 Jan 2 2019 01:21
57 -rw- 2504 Jan 2 2019 20:58
-04:00 test-Jan-02-20-58-34-113
78 -rw- 3332 Sep 16 2019 11:58
-04:00 test-Sep-16-11-58-38-8462
37 -rw- 2124 Jan 2 2019 00:28
-04:00 test-Jan-02-00-28-14-37
49 -rw- 2124 Jan 2 2019 01:21
-04:00 test-Jan-02-01-21-17-23
70 -rw- 2513 Jan 3 2019 00:33
-04:00 test-Jan-03-00-33-56-69
39 -rw- 2124 Jan 2 2019 00:30
-04:00 test-Jan-02-00-30-16-39
74 -rw- 3509 Sep 10 2019 13:29
-04:00 test-Sep-10-13-29-21-5469
64 -rw- 2515 Jan 2 2019 23:16
-04:00 test-Jan-02-23-16-52-42
61 -rw- 2504 Jan 2 2019 22:27
-04:00 test-Jan-02-22-27-57-83
71 -rw- 3509 Sep 10 2019 13:26
-04:00 test-Sep-10-13-26-19-5466
43 -rw- 2124 Jan 2 2019 00:51
-04:00 test-Jan-02-00-51-17-17
20 -rw- 0 Dec 31 2018 22:13 -04:00 gnss.txt
Related Commands
Privileged EXEC mode
IOLAN SCR Command Line Reference Guide
85
Privileged EXEC mode
show hosts show
{[
hosts
]}
Syntax Description
{[
hosts
]}
Command Modes
Usage Guidelines
Show a list of hosts listed in the host table.
Examples
This example shows the host table.
PerleSCR#show hosts<cr>
Default domain name is not set
DNS lookup is enabled
Name Servers are not configured
Host table:
PerleName 172.16.113.77
RADIUS_SERVER 172.16.55.88
TACACS_SERVER 172.16.55.99
Related Commands
show hosts
Configured hosts in the host table.
PerleSCR# show hosts
show interfaces show interfaces
{[
interfaces bvi [
<1-9999>
] |
[
dialer
<0-15>
] |
[
ethernet<1-18>
] |
[
loopback counters | description | stats | summary
] |
[
openvpn-tunnel
<0-999
] |
[
tunnel
<0-999
] |
[
counters
] |
[
description
] |
[
stats
] |
[
summary
]}
Syntax Description show interfaces
{[
interfaces bvi [
<1-9999>
] |
Show Bridge-Group Virtual interfaces.
[
dialer
<0-15>
] |
[
ethernet<1-18>
] |
Show Dialer interfaces.
Show Ethernet interfaces.
IOLAN SCR Command Line Reference Guide
86
Privileged EXEC mode
[
loopback counters | description | stats | summary
] |
[
openvpn-tunnel
<0-999
] |
[
tunnel
<0-999
] |
[
counters
] |
[
description
] |
Show loopback interface.
Show OpenVPN interfaces.
Show tunnels.
Show counters for all interfaces.
[
stats
] |
[
summary
]}
Command Modes
Show descriptions for all interfaces.
Show stats for all interfaces.
Show summary for all interfaces.
PerleSCR#show interfaces
Usage Guidelines
Shows interface details, including admin status and link statuses.
Examples
This example shows the host table.
PerleSCR#show interfaces description<cr>
Interface Admin Status Link Status Description
--------- ------------ ----------- ----------lo up up eth1 up up eth2 up down eth9 up down eth10 up down eth11 up down eth12 up down eth13 up down eth14 up down eth15 up down eth16 up down eth25 up down eth26 up down eth27 up down eth28 up down eth29 up down eth30 up down eth31 up down eth32 up down br1 up down
IOLAN SCR Command Line Reference Guide
87
Privileged EXEC mode
Related Commands
show ip access-lists show ip access-lists
{[
extended
<100-199> <2000-2699>
|
[
standard
<1-99> <2000-2699>
]}
Syntax Description
|
{[
extended
<100-199> <2000-2699>
]
show ip access-lists
Extended IP access lists.
[
standard
<1-99> <2000-2699>
]}
Standard IP access lists.
Command Modes
PerleSCR#show ip access-lists
Usage Guidelines
Shows configured access lists.
Examples
PerleSCR#show ip access-lists
Extended IP access list 100
10 permit any any
Related Commands
show ip alg show ip alg
{[
table
]}
Syntax Description
{[
table
]}
Command Modes
Usage Guidelines
Shows Application Level Gateway (ALG).
show ip alg table
Extended IP access lists.
PerleSCR#show ip alg table
IOLAN SCR Command Line Reference Guide
88
Privileged EXEC mode
Examples
This example shows ip alg table information.
PerleSCR#show ip alg table<cr>
CONN-ID Source Destination Protocol Timeout State
470387840 127.0.0.1:54322 127.0.0.1:199 tcp [6] 429781
ESTABLISHED
445100032 127.0.0.1:54326 127.0.0.1:199 tcp [6] 429781
ESTABLISHED
1030624192 127.0.0.1:41776 127.0.0.1:13514 tcp [6] 100
TIME_WAIT
470388160 127.0.0.1:54324 127.0.0.1:199 tcp [6] 429781
ESTABLISHED
445101312 172.16.113.216:50077 172.16.113.215:80 tcp [6] 424575
ESTABLISHED
470386240 127.0.0.1:41778 127.0.0.1:13514 tcp [6] 431999
ESTABLISHED
show ip arp show ip arp
{[
<A.B.C.D>
]}
Syntax Description
{[
<A.B.C.D>
]}
show ip arp
Show the arp entry for the specified ipv4 address.
None
Command Default
Command Modes
PerleSCR#show ip arp
Usage Guidelines
Show arp table details.
Examples
PerleSCR#show ip arp<cr>
Address HWtype HWaddress Flags Mask Iface
172.16.113.20 ether 78:2B:cb:a5:b4:0c CM eth1
IOLAN SCR Command Line Reference Guide
89
Privileged EXEC mode
show ip bgp
Syntax Description
Command Modes show ip bgp
PerleSCR#show ip bgp
Usage Guidelines
Shows BGP information.
Examples
This example shows how to display bgp information.
PerleSCR#show ip bgp<cr>
BGP table version is 0, local router ID is 172.16.113.215
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.0.0 0.0.0.0 1 32768 i
Total number of prefixes 1
Related Commands
show ip community-list
Syntax Description
Command Modes show ip community-list
PerleSCR#show ip communitylist
Usage Guidelines
Shows IP community list information.
Examples
This example shows how to display community lists.
PerleSCR#show ip community-list<cr>
Community ( expanded) access list 100 permit 50
Related Commands
IOLAN SCR Command Line Reference Guide
90
Privileged EXEC mode
show ip ddns ip ddns
{[
service
|
use-web
]}
Syntax Description
{[
service use-web
]}
|
show ip ddns
Show the service being used for
DDNS.
Web check used for obtaining the external address.
PerleSCR#show ip ddns<cr>
Command Modes
Usage Guidelines
Show all DDNS settings.
Examples
This example shows DDNS service configured on ethernet port 18.
PerleSCR>show ip ddns service ethernet 18<cr>
Service dyndns
Login testddns
Password ********
Related Commands
show ip dhcp ip dhcp
{[
binding
] |
[
pool
<WORD>
]}[
Syntax Description
[
{[
binding pool
] |
<WORD>
]}
Command Modes show ip dhcp
Type bindings to show all automatic DHCP IP bindings
Type the name of the DHCP IP pool to show the client leases or bindings. Also shows you
Fixed/Reserved leases.
PerleSCR#show ip dhcp bindings<cr>
Usage Guidelines
Show all DHCP IP bindings. Type in the name of the pool you want to see DHCP ip bindings for.
IOLAN SCR Command Line Reference Guide
91
Privileged EXEC mode
Examples
This example shows how to display all DHCP IP bindings.
PerleSCR#show ip dhcp pool testpool <cr> lease 172.16.0.4
lease expires Sun Jan 12 19:50:45 2019
hardware ethernet 78:2b:cb:a5:b4:0c;
client-hostname "DESKTOP-N5PC2JQ";
state: active
Fixed Reserved leases
IP address Client-ID/Hardware address
172.16.113.200 17:17:23:34:56:77
Related Commands
show ip dns show ip dns
Syntax Description
Command Modes show ip dns
PerleSCR#show ip dns
Usage Guidelines
Shows IP DNS configuration and information.
Examples
This example shows how to display all DNS settings.
PerleSCR# show ip dns <cr>
IP DNS
======
DNS Lookup Enabled
Listen Addresses:
192.168.0.1
Cache Size 10000
Ignore Host File Off
Negative TTL 3600
No Name Servers Configured
Related Commands
IOLAN SCR Command Line Reference Guide
92
Privileged EXEC mode
show ip extcommunity-list show ip extcommunity-list
Syntax Description
Command Modes show ip extcommunity-list
PerleSCR#show ip extcommunity-list
Usage Guidelines
Shows configured ip extcommunity lists.
Examples
This example shows how to display community lists.
PerleSCR#show ip extcommunity-list<cr>
Extended community standard list 99 denyso0:0:1:30
Related Commands
show ip firewall show ip firewall
{[
<NAME>
]}
Syntax Description
{[
<NAME>
]}
Command Modes show ip firewall
The name of the firewall.
PerleSCR#show ip firewall
Usage Guidelines
Shows ip firewall configuration.
Examples
This example shows how to display active firewalls.
PerleSCR#show ip firewall<cr>
Active on
Rule Packets Bytes Action Proto Source Destination Rule Specs
----- ------- ------- ------- ------- ----------- ----------------- ---------------
10 0 0 accept ip 0.0.0.0/0 0.0.0.0/0
/* firewall1-10 */
10000 0 0 drop ip 0.0.0.0/0 0.0.0.0/0
/* firewall1-10000 default-action drop */
Related Commands
IOLAN SCR Command Line Reference Guide
93
Privileged EXEC mode
show ip health show ip health
{[
interfaces | profiles | status
]}
Syntax Description show ip health
{[
interfaces | profiles | status
]}
Show health profile and statuses for interfaces.
Command Modes
PerleSCR# show ip health
Usage Guidelines
Show health status for interfaces.
Examples
This example shows how to display all health information for all configured interfaces.
PerleSCR# show ip health <cr>
IP Health Profiles and Tests Configuration:
===========================================
Profile Name : testHealth
Failure-count: 10
Success-count: 10
Test 1: Type: PING Response Timeout: 1 Target: 192.168.0.98
IP Interface Health-Profile Configuration:
==========================================
Ethernet1 testHealth
Ethernet2 testHealth
Ethernet3 testHealth
Ethernet4 testHealth
Ethernet5 testHealth
Ethernet6 testHealth
Ethernet7 testHealth
Ethernet8 testHealth
Ethernet9 testHealth
Ethernet10 testHealth
Ethernet11 testHealth
.................
IOLAN SCR Command Line Reference Guide
94
Privileged EXEC mode
Related Commands
show ip host-group show ip host-group
{[
<WORD>
]}
Syntax Description
{[
<WORD>
]}
show ip host-group
Show ip host groups registered for
DDNS service.
PerleSCR#show ip host-group
Command Modes
Usage Guidelines
Show ip host groups registered for DDNS service.
Examples
This example shows how to display the host group tables.
PerleSCR# show ip host-group test<cr>
Host list:
172.16.77.88
1:2:3:4::5
Related Commands
show ip http show http
{[
server status
]}
Syntax Description
{[
server status
]}
Command Modes
Usage Guidelines
Shows status of HTTP server.
show ip http
Show HTTP server status.
PerleSCR#show ip http
IOLAN SCR Command Line Reference Guide
95
Privileged EXEC mode
Examples
Shows status of HTTP server.
PerleSCR# show ip http <cr>
Http server status: Enabled
HTTP server port : 80
User session idle timeout: 1440 seconds
HTTP secure server status: Enabled
HTTP secure server port: 443
Related Commands
show ip interface show ip interface
Syntax Description
Command Modes show ip interface
#show ip interfaces
Usage Guidelines
Shows interface statuses.
Examples
This example shows how to display all ip interfaces.
PerleSCR#show ip interface <cr>
Interface IP Address Mask Admin Status Link Status Description
--------- ----------------- ----------------- ------------ ----------- ----------- lo 127.0.0.1 255.0.0.0 up up eth1 - - admin down down eth2 - - up down wlm0 25.109.1.55 255.255.255.240 up up wlan0 - - up down br1 192.168.0.1 255.255.255.0 up up wlan1 - - up up
Related Commands
show ip nat show ip nat
{[
statistics
|
translations
]}
Syntax Description show ip nat
IOLAN SCR Command Line Reference Guide
96
Privileged EXEC mode
{[
statistics
|
translations
}
Shows the NAT source statistics table.
Shows the pre-nat and post-nat translations. table.
#show ip nat
Command Modes
Usage Guidelines
Shows the IOLAN’s Network Address Translation Table (NAT) statistics and translations.
Example
This example shows ip nat translations.
PerleSCR#show ip nat translations<cr>
NAT Source Translations
Pre-NAT Post-NAT Prot Timeout
172.16.0.4 25.111.129.244 tcp 339052
NAT Destination Translations
Pre-Nat Post-NAT Port-Timeout
Related Commands
show ip ospf show ip ospf translations
]}
{[
statistics
|
Syntax Description
{[
statistics
|
translations
]}
show ip ospf
Command Modes
PerleSCR#show ip ospf
Usage Guidelines
Shows the IOLAN’s Network Address Translation Table (NAT) statistics and translations.
IOLAN SCR Command Line Reference Guide
97
Privileged EXEC mode
Examples
PerleSCR#show ip ospf
OSPF Routing Process, Router ID: 172.16.39.2
Supports only single TOS (TOS0) routes
This implementation conforms to RFC2328
RFC1583Compatibility flag is disabled
OpaqueCapability flag is disabled
Initial SPF scheduling delay 200 millisec(s)
Minimum hold time between consecutive SPFs 1000 millisec(s)
Maximum hold time between consecutive SPFs 10000 millisec(s)
Hold time multiplier is currently 1
SPF algorithm last executed 7m53s ago
SPF timer is inactive
Refresh timer 10 secs
Number of external LSA 0. Checksum Sum 0x00000000
Number of opaque AS LSA 0. Checksum Sum 0x00000000
Number of areas attached to this router: 1
Area ID: 0.0.0.0 (Backbone)
Number of interfaces in this area: Total: 1, Active: 1
Number of fully adjacent neighbors in this area: 0
Area has no authentication
SPF algorithm executed 1 times
Number of LSA 1
Number of router LSA 1. Checksum Sum 0x00001e7a
Number of network LSA 0. Checksum Sum 0x00000000
Number of summary LSA 0. Checksum Sum 0x00000000
Number of ASBR summary LSA 0. Checksum Sum 0x00000000
Number of NSSA LSA 0. Checksum Sum 0x00000000
Number of opaque link LSA 0. Checksum Sum 0x00000000
Number of opaque area LSA 0. Checksum Sum 0x00000000
Related Commands
show ip prefix-list show ip prefix-list
{[
WORD
]}
Syntax Description
{[
WORD
]}
Command Modes
Usage Guidelines
Shows prefix list table.
show ip prefix-list
PerleSCR#show ip prefix-list<cr>
IOLAN SCR Command Line Reference Guide
98
Privileged EXEC mode
Examples
Shows ip prefix list.
PerleSCR# show ip prefix-list<cr> ip prefix-list pefix-lab ( for lab users) seq 10 permit 172.17.0.0/16
Related Commands
show ip rip show ip rip
{[
status
]}
Syntax Description
{[
status
]}
Command Modes show ip rip status
Show rip information.
PerleSCR# show ip rip status <cr>
Usage Guidelines
Shows ip routing table.
Examples
Shows rip routing table.
PerleSCR# show ip rip<cr>
Routing Protocol is "rip"
Sending updates every 30 seconds with +/-50%, next due in 30 seconds
Timeout after 180 seconds, garbage collect after 120 seconds
Outgoing update filter list for all interface is not set
Incoming update filter list for all interface is not set
Default redistribution metric is 1
Redistributing:
Default version control: send version 2, receive any version
Interface Send Recv Key-chain
Routing for Networks:
Routing Information Sources:
Gateway BadPackets BadRoutes Distance Last Update
Distance: (default is 120)
Related Commands
show ip route show ip route
{[
table
<1-200>
]}
Syntax Description show ip route
IOLAN SCR Command Line Reference Guide
99
{[
table
<1-200>
]}
Command Default
Command Modes
Usage Guidelines
Shows configured tables for ip routing.
Examples
Shows rip route table entries.
PerleSCR# show ip route<cr> table:200
Related Commands
Privileged EXEC mode
Show ip routes or route table.
Tables must be pre-defined by the user.
None
PerleSCR#show ip route
show ip route-policy show ip route-policy
{[
table
<1-200>
]}
Syntax Description show ip route-policy
{[
table
<1-200>
]}
Show ip routes or route table. Tables must be pre-defined by the user.
Command Modes
PerleSCR#show ip route-policy
Usage Guidelines
Show configured routing policies.
Examples
Shows ip route policies table.
PerleSCR#show ip route-policy
IPv4 Route-policy route1
Active on
Rule Packets Bytes Action Proto Source Destination Rule
Specs
----- ------- ------- ------- ------- -------------- -------------- ---------------
20 0 0 rtable-254 ip 0.0.0.0/0 0.0.0.0/0
/* route1-9999 */
10000 0 0 accept ip 0.0.0.0/0 0.0.0.0/0
/* route1-10000 default-action accept */
IOLAN SCR Command Line Reference Guide
100
Privileged EXEC mode
show ip ssh show ip ssh
Syntax Description
Command Modes show ip ssh
PerleSCR#show ip ssh
Usage Guidelines
Shows configuration for ssh.
Examples
This example shows ip ssh configuration.
PerleSCR#show ip ssh<cr>
SSH version: 2
SSH server: Enabled
Authentication timeout: 120 seconds
Authentication retries: 3
SSH public key: ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCgAtvWaaM0CeMWoZV1H00sni2J8TY alvSyysQGyBDIOAydaaKv1+s1Imj00FL2Boi3ke/SoKhvuLJQ+bMVFXD7kXw2fk71
Mo8f8Dd/rOuuF4kE6hKV+LLl44kJKwCUC2w2m4L1lH8Zn8HuX89Qcv2oqPUdkBfO
1nelU3gc6gN4v1ckC069Tgg9hrhghCiBECCCYxmAJUhIy4dQcPwO1DQ6Acp2p3l
W2RYdgUvRAlr8oLiVdrEvT7zZECpYgCMYWmfsTtUhvv8yZpvNAhV9nRm5E93Yl0
V2J15qlmIlSGKn0iiLRW42xjQ4MT5XmWdlXj+NpuMlQRtFzyYPkR2HMf+9
Related Commands
show ipv6 show ipv6
{[
access-lists
<WORD>
] |
[
bgp
<X:X:X:X::X> | <X:X:X:X::X/M>
] |
[
dhcp binding | interface client-mode | pool
] |
[
firewall
<WORD>
] |
[
interface
] |
[
neighbours bvi
<0-999>
| ethernet <1-18> | tunnel
<0-999>
] |
[
ospf area | border-routers | database | interface | linkstate | neighbor | redistribution | route
] |
[
prefix-list
<WORD>
] |
[
rip status
] |
[
route table
<1-200>
] |
[
route-policy
<WORD>
]}
Syntax Description show ipv6
{[
access-lists
<WORD>
] |
List all access lists.
IOLAN SCR Command Line Reference Guide
101
bgp
<X:X:X:X::X> | <X:X:X:X::X/M>
] |
[
dhcp binding | interface client-mode | pool
] |
[
firewall
<WORD>
] |
[
interface
] |
[
neighbors bvi
<0-999>
| ethernet<1-
18> | tunnel
<0-999>
] |
[
ospf area | border-routers | database | interface | linkstate | neighbor | redistribution | route
] |
[
prefix-list
<WORD>
] |
[
rip status
] |
[
route table
<1-200>
] |
[
route-policy
<WORD>
]}
Command Modes
Usage Guidelines
Show IPv6 information.
Privileged EXEC mode
Show BGP information.
Show DHCP parameters.
Show firewall information.
Show interface configuration and status.
Show neighbors cache entries.
Show OSPF information.
List IP prefix lists.
Show RIP status.
Show IP routing table.
Show route-policy information.
PerleSCR#show ipv6
IOLAN SCR Command Line Reference Guide
102
Examples
Shows rip routing table.
PerleSCR# show ipv6 interface<cr>
Interface IPv6 Address Admin Status Link
Status Description
--------- ---------------------------------- ------------
----------- ----------- lo ::1/128 up up eth1 - up up eth2 - up down eth9 - up down eth10 - up down eth11 - up down eth12 - up down eth13 - up down eth14 - up down eth15 - up down eth16 - up down eth17 - up up eth18 - up down br1 - up down
Related Commands
Privileged EXEC mode
show line show line
{[
console
<0-0>
] |
[
tty
<1-16>
[modbus statistics master-tcp | master-udp | slave-tcp | slave-udp] | multihost | packet-forwarding | ppp | rlogin-client | settings | slip | ssh-client | ssl | statistics | telnet-client | udp | vmodem
]}
Syntax Description show line
{[
console
<0-0>
] |
Show configured console parameters.
Show statistics for tty lines.
tty
<1-16>
[modbus statistics master-tcp
| master-udp | slave-tcp | slave-udp] | multihost | packet-forwarding | ppp | rlogin-client | settings | slip | ssh-client | ssl | statistics | telnet-client | udp | vmodem
]}
Command Modes
PerleSCR#show line
Usage Guidelines
Show line configuration for serial ports.
IOLAN SCR Command Line Reference Guide
103
Examples
Show line parameters for tty1.
PerleSCR#show line tty 1<cr>
TTY 1
Service reverse raw
Port 10001
Multihost none
Break off
Break Delay 0
Break Length 0
Connection Method direct-connect
Data Logging Off
Dial Retries 0
Dial Timeout 0
Discard Characters 0
Received With Errors Off
Echo Suppression Off
Hotkey Prefix 0
Idle Timer 0
Interface eia-232
Initiate Connection any
Initiate Char 0 address is 0
Internet Address ::
Keepalive Off
Line Name
Line Termination On
Lock Off
Map CR to CRLF Off
Internet Address ::
Keepalive Off
Line Name
Line Termination On
Lock Off
Map CR to CRLF Off
Privileged EXEC mode
IOLAN SCR Command Line Reference Guide
104
Privileged EXEC mode
Microsoft SAC Support Off
Mode Disabled
Modem Init String
Monitor DCD Off
Monitor DSR Off
Monitor DTR Off
MOTD Off
Multisessions 0
Pages 0
Phone Number
Reset Off
Rev Sess Security Off
RTS Toggle Off
RTS Toggle Initial Delay 0
Session Strings
Initiate
Terminate
Delay 0
Terminal vt100
TX Driver Control auto
Session Timer 0
show logging show logging
Syntax Description
Command Modes show logging
PerleSCR#show logging
Usage Guidelines
Shows logging buffer.
Examples
This example shows the logging buffer.
PerleSCR>show logging<cr>
Syslog logging: enabled (764643 messages processed, 0 messages rate-limited, 0 overruns)
Console logging: level debugging, 71 messages logged
Monitor logging: level debugging, 71 messages logged
Logging to:
Buffer logging: level debugging, 1344 messages logged
File logging: disabled
Trap logging: level informational
Logging Source-Interface:
Log Buffer (16384 bytes):
Sep 26 20:51:57 %REQHANDLERD-6: CONSOLE: initializing usb serial console mode
Sep 26 20:52:02 %IPSEC_STARTER-6: Starting strongSwan 5.6.2 IPsec [starter]...
Sep 26 20:52:02 %IPSEC_STARTER-6: charon is already running
(/var/run/charon.pid exists) -- skipping daemon start
IOLAN SCR Command Line Reference Guide
105
Privileged EXEC mode
Related Commands
show mab show mab
{[
all
] |
[
interface ethernet <1-18>
] |
[
radius statistics interface ethernet <1-18>
]}
Syntax Description show mab
{[
all
] |
Show all MAB (MAC authentication Bypass) devices.
[
interface ethernet <1-18>
] |
Show all MAB devices on specified Ethernet interface.
[
radius statistics interface ethernet <1-
18>
]}
Shows MAB radius information.
Command Default
#default aaa authentication dot1x default group
#default aaa authentication login default
#no aaa accounting dot1x default start-stop group
Command Modes
PerleSCR>
PerleSCR#show mab
Usage Guidelines
The devices configured for MAB will not need to be authenticated using DOT1x protocol.
Examples
This example shows the status of MAB.
PerleSCR>show mab<cr>
Sysauthcontrol disabled
Interface Mac-Auth-Bypass
----------------------------------------------
Ethernet 2 Enabled
Related Commands
IOLAN SCR Command Line Reference Guide
106
Privileged EXEC mode
show management-access show management-access
Syntax Description
Command Modes show management-access
PerleSCR>#show managementaccess
Usage Guidelines
Shows whether management access is enabled and access restrictions from the LAN and WAN side.
Examples
This example shows management access methods for LAN/WAN and TRUSTED interfaces.
PerleSCR#show management-access<cr>
Management Access is enable
LAN: eth1 eth2 eth9 eth10 eth11 eth12 eth13 eth14 eth15 eth16 eth25 eth26 eth27 eth28 eth29 eth30 eth31 eth32 br1
HTTP HTTPS TELNET SSH SNMP
ENABLE ENABLE ENABLE ENABLE ENABLE
WAN:
HTTP HTTPS TELNET SSH SNMP
DISABLE DISABLE DISABLE DISABLE DISABLE
TRUSTED:
Related Commands
show nat66 show nat66
{[
prefix
|
statistics
]}
Syntax Description
{[
prefix
|
statistics
]}
statistics
]}
Command Modes show nat66
Show NAT66 prefixes.
Usage Guidelines
Show Network address translations for IPv6 networks.
Show NAT66 statistics.
PerleSCR#show nat66
IOLAN SCR Command Line Reference Guide
107
Privileged EXEC mode
Examples
This example shows NAT66 statistics.
PerleSCR>show nat66 statistics<cr>
Global Stats:
ID:0
Packets translated In -> Out
1290003
Packets translate Out -> In
1290003
Related Commands
show ntp show
{[
ntp associations
] |
[
status
]}
Syntax Description
{[
ntp associations
]
|
status
]}
Command Modes show ntp
Associations made with NTP.
Current status of NTP.
PerleSCR#show ntp
Usage Guidelines
Shows NTP associations and status.
Examples
PerleSCR#show ntp associations<cr>
remote refid st t when poll reach delay offset jitter
===============================================================
===============
172.16.55.77 .INIT. 16 u - 1024 0 0.000 0.000 0.000
172.16.113.55 .INIT. 16 s - 32 0 0.000 0.000 0.000
PerleSCR#show ntp status
Clock is not synchronized, stratum 16, no reference clock
Precision is 2**-18 s
Reference time is 00000000.00000000 (Thu, Feb 7 2036 2:28:16.000)
Clock offset is 0.000000 msec, root delay is 0.000 msec
Root dispersion is 1265.970 msec
System poll interval is 8 s
Related Commands
IOLAN SCR Command Line Reference Guide
108
Privileged EXEC mode
show nvram: show nvram
:
Syntax Description
Command Modes
Usage Guidelines
Shows files stored on nvram.
Examples
PerleSCR#show nvram: <cr>
Directory of nvram:
show nvram:
PerleSCR#show nvram:
84 -rw- 1824 Sep 25 2019 14:16 -04:00 startup-config.log.2
18 -rw- 227 Sep 16 2019 12:21 -04:00 no-default-config
33 -rw- 3509 Sep 10 2019 13:29 -04:00 startup-config-safemode
25 -rw- 2601 Sep 27 2019 16:36 -04:00 startup-config
69 -rw- 1727 Sep 26 2019 09:52 -04:00 startup-config.log.1
42 -rw- 2203 Jan 2 2019 19:01 -04:00 startup-config-rollback
36 -rw- 2124 Jan 2 2019 00:31 -04:00 startup-config-replace
82 -rw- 3063 Sep 26 2019 16:51 -04:00 startup-config.log
16 -rw- 581 Sep 16 2019 12:21 -04:00 default-config
1372160 KBytes total (1032192 KBytes free)
Related Commands
show processes show processes
Syntax Description
Command Modes
Usage Guidelines
Shows processes running on your IOLAN.
show processes
PerleSCR#show processes
IOLAN SCR Command Line Reference Guide
109
Privileged EXEC mode
Examples
PerleSCR#show processes <cr>
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.4 88468 5032 ? Ss 10:36 0:12 /sbin/init root 2 0.0 0.0 0 0 ? S 10:36 0:00 [kthreadd] root 4 0.0 0.0 0 0 ? I< 10:36 0:00 [kworker/0:0H] root 6 0.0 0.0 0 0 ? I< 10:36 0:00 [mm_percpu_wq] root 7 0.2 0.0 0 0 ? S 10:36 0:44 [ksoftirqd/0] root 8 0.1 0.0 0 0 ? I 10:36 0:39 [rcu_preempt] root 9 0.0 0.0 0 0 ? I 10:36 0:00 [rcu_sched] root 10 0.0 0.0 0 0 ? I 10:36 0:00 [rcu_bh] root 11 0.0 0.0 0 0 ? S 10:36 0:00 [migration/0] root 12 0.0 0.0 0 0 ? S 10:36 0:00 [cpuhp/0] root 13 0.0 0.0 0 0 ? S 10:36 0:00 [cpuhp/1] root 14 0.0 0.0 0 0 ? S 10:36 0:00 [migration/1] root 15 0.0 0.0 0 0 ? S 10:36 0:00 [ksoftirqd/1] root 17 0.0 0.0 0 0 ? I< 10:36 0:00 [kworker/1:0H] root 18 0.0 0.0 0 0 ? S 10:36 0:00 [kdevtmpfs] root 19 0.0 0.0 0 0 ? I< 10:36 0:00 [netns] root 22 0.0 0.0 0 0 ? S 10:36 0:00 [khungtaskd] root 23 0.0 0.0 0 0 ? S 10:36 0:00 [oom_reaper] root 24 0.0 0.0 0 0 ? I< 10:36 0:00 [writeback] root 25 0.0 0.0 0 0 ? S 10:36 0:00 [kcompactd0] root 26 0.0 0.0 0 0 ? SN 10:36 0:00 [ksmd] root 27 0.0 0.0 0 0 ? SN 10:36 0:00 [khugepaged] root 28 0.0 0.0 0 0 ? I< 10:36 0:00 [crypto] root 29 0.0 0.0 0 0 ? I< 10:36 0:00 [kintegrityd] root 30 0.0 0.0 0 0 ? I< 10:36 0:00 [kblockd]
show radius show radius
{[
statistics details
]}
Syntax Description
{[
statistics details
]}
Command Modes
Usage Guidelines
Shows Radius statistics details.
Examples
Shows the radius statistics.
PerleSCR#show radius statistics <cr>
All:
Auth. Acct.
Requests 3 3
Responses 3 3
Access Rejects 3
show radius
Show radius statistics details.
PerleSCR#show radius
IOLAN SCR Command Line Reference Guide
110
Related Commands
show reload show reload
Syntax Description
Command Modes show reload
#show reload
Usage Guidelines
Shows scheduled reloads or reboots for the IOLAN.
Examples
This example show configured reloads.
PerleSCR#show reload<cr>
Reload scheduled for 18:00:00 EDT Oct 17 2019 (in 59 minutes)
Related Commands
Privileged EXEC mode
show route-map show route-map
{[
<WORD>
]}
Syntax Description
{[
<WORD>
]}
Command Modes
Usage Guidelines
Show route map information.
show route-map
Shows specified route map.
PerleSCR#show route-map
IOLAN SCR Command Line Reference Guide
111
Example
Shows route map details.
PerleSCR#show route-map route1
RIB: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
RIP: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
RIPV6: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
OSPF: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
OSPF6: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
BGP: route-map route1, permit, sequence 2
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
IOLAN SCR Command Line Reference Guide
Privileged EXEC mode
112
Privileged EXEC mode
Related Commands
show running-config show running-config
{[
all
]}
Syntax Description
{[
all
]}
Command Modes show running-config
Show all config including defaults.
PerleSCR#show running-config
Usage Guidelines
Shows the current configuration running on your IOLAN. To make this configuration permanent you must copy this configuration to the startup configuration.
Examples
This example shows running configuration.
PerleSCR#show running config<cr>
!
!
PerleSCR
Building running-config . . . version 4.1.A4
!
!
sdm prefer dual-ipv4-and-ipv6 default
!
!
service timestamps log datetime localtime show-timezone
!
no service dhcp server
IOLAN SCR Command Line Reference Guide
113
Privileged EXEC mode tty 1 mode line tty 2 mode line tty 3 mode line tty 4 mode line tty 5 mode line tty 6 mode line tty 7 mode line tty 8 mode line tty 9 mode line tty 10 mode line tty 11 mode line tty 12 mode line tty 13 mode line tty 14 mode line tty 15 mode line tty 16 mode line
!
hostname PerleSCR username admin privilege 15 secret 5 $1$8Vd1$vr7ikQKonK0V7m/yuNVKJ0 username admin serial
line-access readin 1 2 3 4 5 6 7 8 17 18 19 20 21 22 23 24 line-access readout 1 2 3 4 5 6 7 8 17 18 19 20 21 22 23 24 username barry secret 5 $1$0FI/$M5gVMUOAKkTn8.qtVH5v3.
username barry serial username testuser aaa authentication login default local tacacs radius server raddhk
address ipv4 172.16.28.108
key 7 G8QJeZ5s61FV acacs server tacdhk
address ipv4 172.16.4.90
key 7 G8QYaIl9QlY=
!
Related Commands
show sdm
{[
prefer
]}
Syntax Description
{[
prefer
]}
Command Default
Command Modes show sdm
Shows value of sdm.
Both IPv4 and IPv6
PerleSCR#show sdm
IOLAN SCR Command Line Reference Guide
114
Privileged EXEC mode
Usage Guidelines
Displays whether your IOLAN is running IPv4 or IPv6 or both protocols.
Examples
This example shows the current value for sdm.
PerleSCR#show sdm prefer<cr>
The current template is ‘dual-ipv4-and-ipv6 default template
Related Command
show serial show serial
{[
serial advanced
]
|
[
modbus
]
|
[
port-buffering
]
|
[
trueport
]
|
[
username
]
|
[
vmodem-phone
]}
Syntax Description
{[
serial advanced
] |
[
modbus
] |
[
port-buffering
|
[
trueport
] |
[
username
] |
show serial
Shows advanced configuration.
Shows modbus configuration.
Shows port buffering information.
Shows Trueport configuration
[
vmodem-phone
]}
Command Modes
Shows user configuration for serial port.
Show virtual modem phone number.
PerleSCR# show serial
Usage Guidelines
Use this command to view serial configuration.
IOLAN SCR Command Line Reference Guide
115
Privileged EXEC mode
Examples
This example shows the advanced configuration for serial.
PerleSCR#show serial advanced<cr>
Process Break Signals off
Flush on Close off
Single Telnet off
Data Logging Buffer Size 4K
Monitor Connection Interval 180 Seconds
Monitor Connection Number of Retries 5
Monitor Connection Retry Timeout 5 Seconds
Related Command
show snmp show snmp
{[
community
] |
[
contact
] |
[
engine-id
] |
[
group
] |
[
host
] |
[
location
] |
[
mib
] |
[
user
] |
[
view
]}
Syntax Description
{[
community
] |
[
contact
] |
[
engine-id
] |
[
group
] |
[
host
] |
[
location
] |
[
mib
] |
[
user
] |
[
view
]}
Command Modes
IOLAN SCR Command Line Reference Guide show snmp
Shows community name.
Shows contact information
Show SNMP engine-id.
Shows snmp groups.
Shows host information
Shows location information.
Shows SNMP ifmib information.
Shows snmp users.
Shows snmp views.
PerleSCR#show snmp
116
Usage Guidelines
Shows configured options for SNMP.
Examples
This example show the configured options for SNMP.
PerleSCR#show snmp view<cr>
View name: IOLAN-view
include: iso, exclude
Related Commands
show ssh
Syntax Description
Command Modes show ssh
PerleSCR>show ssh
Usage Guidelines
Show users connected via ssh.
Examples
This example show which users are connected.
PerleSCR> show ssh<cr>
Line User Host Idle Location
1 vty 0 admin idle 00:28:26 172.16.113.31
2 vty 1 lyn idle 00:00:03 172.16.113.30
Related Commands
Privileged EXEC mode
IOLAN SCR Command Line Reference Guide
117
Privileged EXEC mode
show startup-config
Syntax Description
Command Modes show startup-config
PerleSCR#show startup-config
Usage Guidelines
This will be the configuration that the IOLAN uses when it boots up.
PerleSCR#show startup-config
!
! version 4.1.S15
! sdm prefer dual-ipv4-and-ipv6 default
!
service timestamps log datetime localtime
!
tty 2 mode line
!
hostname PerleSCR
!
enable secret 5
!
$1$aUfI$pN.R.tXeyhL4R9GkmXo5l0
username lyn privilege 15 secret 5
$1$LrWp$K1Ug0Y6FHfjHdqcKRHA24/
!
aaa authentication login newlist none clock timezone EST -5 clock summer-time EDT recurring archive
update-sw check
!
path flash: alarm profile defaultPort
alarm not-operating
syslog not-operating
notifies not-operating
IOLAN SCR Command Line Reference Guide
118
Privileged EXEC mode alarm profile test
alarm not-operating
!
alarm contact A description AUX-IO: Digital
Input A alarm contact B description AUX-IO: Digital
Input B alarm contact 1 description DC-POWER:
IGN alarm contact 2 description DC-POWER:
Related Commands
show system show system
{[
hardware
] |
[
statuses
] |
[
uptime
] |
[
versions
]}
Syntax Description
{[
hardware
] |
[
statuses
] |
[
uptime
] |
[
versions
]}
Command Modes
Usage Guidelines
Shows system information about your IOLAN
show system
Show details about hardware.
Show system statuses for alarms, memory, flash etc:
Shows how long your IOLAN has been up.
Show versions of software running on your IOLAN.
PerleSCR# show system
IOLAN SCR Command Line Reference Guide
119
This example shows information about your IOLAN.
PerleSCR#show system statuses
System Statuses:
System Up Time................................ 7 hours 26 minutes 4 seconds
System Date and Time (local time zone)........ 2019-12-10 18:02:18
Startup-Configuration state................... In
Sync with
Running-configuration
Power Supply P1, State........................
Good
Power Supply P2, State........................
Absent
Last Alarm .................................... Link
Fault
This example shows information about your IOLAN.
PerleSCR#show system statuses
System Statuses:
System Up Time................................ 7 hours 26 minutes 4 seconds
System Date and Time (local time zone)........ 2019-12-10 18:02:18
Startup-Configuration state................... In Sync with
Running-configuration
Power Supply P1, State........................ Good
Power Supply P2, State........................ Absent
Last Alarm .................................... Link Fault
CPU Utilization............................... 4.55
Memory (kBytes free).......................... 55420
Flashdisk (Mbytes free)....................... 1008
IOLAN SCR Command Line Reference Guide
Privileged EXEC mode
120
Privileged EXEC mode
show tacacs show tacacs
{[
statistics details
]}
Syntax Description
{[
statistics details
]}
Command Modes
Usage Guidelines
Shows TACACS statistics details.
Examples
PerleSCR# show tacacs statistics <cr>
All:
Auth. Acct.
Requests 3 3
Responses 3 3
Access Rejects 0
Related Commands
show tacacs
Shows TACACS statistics.
PerleSCR# show tacacs
show task-status show task-status
Syntax Description
Command Modes
Usage Guidelines
Shows system tasks running on the IOLAN.
Examples
PerleSCR# show task-status <cr> top - 18:20:32 up 7:44, 1 user, load average: 0.05, 0.16, 0.17
Tasks: 143 total, 1 running, 86 sleeping,
0 stopped, 0 zombie
%Cpu(s): 5.2 us, 4.7 sy, 0.0 ni, 89.7 id,
0.1 wa, 0.0 hi, 0.3 si, 0.0 st
KiB Mem: 1016508 total, 962032 used,
54476 free, 194928 buffers
KiB Swap: 0 total, 0 used, 0 free. 135468 cached Mem
show task-status
PerleSCR# show task-status
IOLAN SCR Command Line Reference Guide
121
Privileged EXEC mode
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
3332 root 20 0 6576 3112 2664 S 6.0 0.3 4:44.89 hostapd
26266 root 20 0 5268 2476 2104 R 6.0 0.2 0:00.07 top
1 root 20 0 88468 5032 2840 S 0.0 0.5 0:13.22 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.02 kthreadd
4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:+
6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mm_percpu_+
7 root 20 0 0 0 0 S 0.0 0.0 1:02.08 ksoftirqd/0
8 root 20 0 0 0 0 I 0.0 0.0 0:51.57 rcu_preempt
9 root 20 0 0 0 0 I 0.0 0.0 0:00.01 rcu_sched
10 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_bh
11 root rt 0 0 0 0 S 0.0 0.0 0:00.49 migration/0
12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/0
13 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/1
14 root rt 0 0 0 0 S 0.0 0.0 0:00.48 migration/1
15 root 20 0 0 0 0 S 0.0 0.0 0:00.86 ksoftirqd/1
show tech-support show tech-support
Syntax Description
Command Modes show tech-support
PerleSCR>show tech-support
Usage Guidelines
Captures internal IOLAN information for you to send to Perle Technical Support if you need help.
Related Commands
show terminal show terminal
Syntax Description
Command Modes
Usage Guidelines
Shows current terminal information.
show terminal
PerleSCR>
IOLAN SCR Command Line Reference Guide
122
Privileged EXEC mode
Examples
This example shows terminal configuration.
PerleSCR> show terminal <cr>
Terminal length = 24
Terminal width = 132
Terminal history is enabled
Terminal history size = 20
Terminal logging monitor is Off
Related Commands
show users show users
{[
all
] |
[
console
] |
[
vty
] |
[
web
]}
Syntax Description
{[
all
] |
[
console
] |
[
vty
] |
[
web
]}
Command Modes show users
Show all users connected to the IOLAN.
Show only console user.
Show all vty users.
Show all web users.
PerleSCR#show users
Usage Guidelines
Shows current users logged into the IOLAN.
Examples
PerleSC#show users all <cr>
Line User Host Idle Protocol Location
*0 con 0 idle 00:00:00
vty 0 lyn idle 01:04:42 Telnet 172.16.113.216
vty 1 lyn idle 01:04:42 SSH 172.16.113.216
Web Sessions:
User IP Address Idle lyn 172.16.113.216 00:24:53
IOLAN SCR Command Line Reference Guide
123
Privileged EXEC mode
Related Commands
show version show version
{[
backup
]
|
[
flash:
]
|
[
startup
]
|
[
verbose
]}
Syntax Description
{[
backup
] |
[
flash:
] |
[
startup
] |
show version
Show backup version of firmware.
Specify a firmware in flash to show.
[
verbose
]}
Show firmware that the IOLAN is going to startup with.
Show more version details.
Command Modes
PerleSCR>
PerleSCR#show version
Usage Guidelines
Shows information about versions of firmware on your IOLAN
Examples
This example show versions of firmware on the IOLAN.
PerleSCR#show version backup <cr>
Name: LTE Wireless Router
Version: 4.1.S12
Date created: Tue Sep 24 03:54:24 EDT 2019
Source: IOLAN software update
Downloaded: Tue Sep 24 09:39:27 EDT 2019
Size: 332652768 bytes
Related Commands
show wan show wan
{[
failover source-interface | status |wan-interface
]
[
high-availability
]
|
[
load-sharing rules | status
]}
|
Syntax Description show wan
IOLAN SCR Command Line Reference Guide
124
Privileged EXEC mode
{[
failover source-interface | status |waninterface
]
|
[
high-availability
]
|
[
load-sharing rules | status
]}
Show WAN source interface configuration and status.
Display WAN management.
Command Modes
Display load sharing configuration and status.
PerleSCR#show wan
Usage Guidelines
Show wan configured features for fail over, high-availability and load sharing.
Examples
This example displays WAN management.
PerleSCR#show wan high-availablity<cr>
WAN High Availability
=====================
Mode: DISABLED
WAN Failover Primary Active Interface:
======================================
DISABLED
WAN Load Failover Interfaces Health Status:
===========================================
DISABLED
WAN Load Share Global Settings:
===============================
Include Local Traffic: enabled
Source IP NAT: disabled
Track inbound Connections: enabled
Flush Connections on Failure: enabled
WAN Load Sharing Interfaces Health Status:
==========================================
DISABLED
WAN Load Share Global Settings:
===============================
Include Local Traffic: enabled
Source IP NAT: disabled
Track inbound Connections: enabled
Flush Connections on Failure: enabled
WAN Load Sharing Interfaces Health Status:
==========================================
DISABLED
IOLAN SCR Command Line Reference Guide
125
Privileged EXEC mode
Related Commands
show zone-policy show zone-policy
{[
zone
<WORD>
]}
Syntax Description show zone-policy
{[
zone
<WORD>
]}
Show zone policy for specified zone.
Command Modes
PerleSCR#show zone-policy
Usage Guidelines
Use this command to show zone policy for the specified zone.
Related Commands
ssh ssh
{[
-c | -h | -l | -p
<A.B.C.D>
|
<X:X:X:X::X>
]}
Syntax Description ssh
{[
-c | -h | -l | -p |
<A.B.C.D>
|
<X:X:X:X::X>
]}
-c select the encryption method)
-h select HMAC algorithm
-l log in using this user name)
-p connect to this port
<A.B.C.D> <X:X:X:X::X>
IPv4 or IPv6 address or hostname to connect to
Command Modes
PerleSCR#ssh
Usage Guidelines
SSH from your IOLAN to a host supporting the ssh protocol.
Examples
This example shows how to connect to host (172.16.4.90) using lyn as the user.
PerleSCR#ssh -l lyn 172.16.4.90<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
126
Privileged EXEC mode
telnet telnet
{[
<A.B.C.D>
|
<X:X:X:X::X>
]}
Syntax Description telnet
{[
<A.B.C.D>
|
<X:X:X:X::X>
]}
IP address or hostname to connect to
Command Modes
PerleSCR
Usage Guidelines
Telnet from your IOLAN into a host that supports the telnet protocol.
Examples
This example shows how to connect to host (172.16.4.90) using lyn as the user.
PerleSCR#telnet 172.16.4.90<cr>
Related Commands
terminal terminal
{[
history size
<0-256>
] |
[
length
<0-512>
] |
[
monitor
<0-512>
] |
[
width
<0-512>
]}
Syntax Description terminal
{[
history size
<0-256>
] |
Specify size of the history buffer.
[
length
<0-512>
] |
[
monitor
<0-512>
] |
[
width
<0-512>
]}
Specify length of the screen
Set monitor on tty to on.
Specify width of the screen
Command Default
Command Modes
length – 24 width – 132
PerleSCR#terminal
Usage Guidelines
Configure terminal (tty) parameters.
Examples
Set terminal width to 140.
PerleSCR#terminal width 140
IOLAN SCR Command Line Reference Guide
127
Privileged EXEC mode
Related Commands
traceroute traceroute
{[
<A.B.C.D>
]}
Syntax Description
{[
<A.B.C.D>
]}
traceroute
Destination hostname or address.
Command Modes
PerleSCR>
Usage Guidelines
Traceroute will list all the routers it passes through until it reaches its destination, or fails to and is discarded. In addition to this, it will tell you how long each 'hop' from router to router it takes.
Examples
This example shows the hops it takes from router to router to reach its destination of host 172.16.4.90.
PerleSCR#traceroute 172.16.4.90<cr.> (172.16.4.90), 30 hop max, 60 bytes packets
1 172.16.4.90 (172.16.4.90) 2.094ms 1.113 ms 0.826 ms
Related Commands
undebug undebug
{[
alarmgr | all | bgp | clpd | dialer | | dot1x-authenticator | dot11supplicant | drmgrd | email | init | ip | | ipsec | | kernel | logging | ntp | snmp | trapmgr | tty | vty | wan-highavail | wanifmgr
]}
Syntax Description undebug
{[
alarmgr | all | bgp | clpd | dialer | dot1x-authenticator | dot11-supplicant | drmgrd | email | init | ip | | ipsec | | kernel | logging | ntp | snmp | trapmgr | tty | vty | wanhighavail | wanifmgr
]}
Turn off the debug feature for a running application.
Command Modes
PerleSCR# undebug
Usage Guidelines
Use this command to turn off debugging for an application in debug mode.
IOLAN SCR Command Line Reference Guide
128
Examples
This example shows how to turn off debugging for alarmmgr.
PerleSCR#undebug alarmmgr <cr>
Alarm Manager debugging is off
Related Commands
Privileged EXEC mode
IOLAN SCR Command Line Reference Guide
129
aaa
4
Global Configuration Mode
This chapter defines all the CLI commands in Global Configuration Mode.
Chapter 4
aaa
{[
accounting dot1x default start-stop group
<WORD>
radius | tacacs
] |
[
authentication attempts login
<1-25>
| [dot1x default group
<WORD>
| radius] |
[login
<WORD>
| default group | local | none | radius | tacacs] | [login
<WORD>
| default group | local | none | radius | tacacs | [two-factor pin-attempts
<1-10>
| pinsize
<4-6>
| pi n-tries
<1-10>
]
] |
[
authorization console | exec
<WORD>
| group | if-authenticated | local | none | radius
| tacacs
] |
[
group server radius
<WORD>
| tacacs
<WORD>
] |
[
local authentication attempts max-fail
<1-65535>
] |
[
password restriction min-group
<1-4>
| min-len
<1-64>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description aaa
{[
accounting dot1x default start-stop group
<WORD>
radius | tacacs
] |
Records when users access the router to manage it and also when the router is rebooted. If using groups a predefined group must have been previously created.
[
authentication attempts login
<1-25>
| [dot1x default group
<WORD>
| radius] | [login
<WORD>
| default group | local | none | radius | tacacs] |
[login
<WORD>
| default group | local
| none | radius | tacacs | [two-factor pin-attempts
<1-10>
| pin-size
<4-6>
| pin-tries
<1-10>
]
] |
[
authorization console | exec
<WORD>
| group | if-authenticated | local | none | radius | tacacs
] |
[
group server radius
<WORD>
| tacacs
<WORD>
] |
[
local authentication attempts max-fail
<1-65535>
] |
[
password restriction min-group
<1-
4>
| min-len
<1-64>
]}
Specify the authentication parameters.
Specify the authorization parameters.
Specify a group server for Radius or
TACACS if applicable.
Specify how many times a local user can attempt to authenticate.
Specify password restrictions.
Command Modes
PerleSCR(config)#aaa
Usage Guidelines
Set up Authentication, Authorization and Accounting.
130
Global Configuration Mode
Examples
This example shows you how to set authentication attempts to 10.
PerleSCR(config-archive)#aaa authentication attempts 10<cr>
Related Commands
alarm alarm facility[power-supply rps disable | notifies | syslog]
| [
profile
<WORD>
Use the no form of this command to negate a command or set its defaults.
]}
Syntax Description alarm
[
facility rps disable | notifies | syslog
Redundant power supply settings
[
profile
<WORD>
]}
See
for configuring parameters.
Command Modes
PerleSCR(config)#alarm
Usage Guidelines
Set up environmental facilities.
Examples
This example enables syslog logger for redundant power supply messages.
PerleSCR(config)#alarm facility power-supply rps syslog<cr>
Related Commands
(config-alarm-profile)
{[
alarm link-fault | not operating
] |
[
notifies link-fault | not operating
] |
[
relay minor | not operating
] | [
syslog link-fault | not operating
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-alarm-profile)#
{[
alarm link-fault | not operating
]
|
Specify the type of alarm to monitor for.
IOLAN SCR Command Line Reference Guide
131
Global Configuration Mode
[
[
[
notifies relay-major link-fault | syslog link-fault link-fault
| not operating not operating
]}
] |
not operating
]
|
Sends a trap/notification to the configured SNMP host trap receivers on the triggering and clearing of the alarm.
Energizes/de-energizes relay on the triggering and clearing of an alarm
System messages will be logged to the configured logging destinations on the triggering and clearing of the alarm.
PerleSCR(config-alarm-profile)#
Command Modes
Usage Guidelines
Sets alarm profile parameters.
Examples
This example shows you how to configure alarm profile to monitor for link fault and send a syslog message tot the configured server.
PerleSCR(config))#alarm profile test-alarm<cr>
PerleSCR(config-alarm-profile)#alarm link-fault:<cr>
PerleSCR(config-alarm-profile)#syslog link-fault<cr>
Related Commands
archive
(config-archive)
{[
maximum
1-14
] |
[
path flash: | ftp: | http: | https: | scp: | sftp | tftp:
] |
[
time-period
0-525600
] |
[
update-sw check
] |
[
write memory
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-archive)#
{[
maximum
1-14
]
|
Number of archives copies of the configurations to be keep in the archive list. Archive list can contain between 1-14 configurations.
IOLAN SCR Command Line Reference Guide
132
Global Configuration Mode
[
[
[
[
path flash: | ftp: | http: | https: | scp: | sftp | tftp:
] |
time-period
0-525600
update-sw check write memory
]}
Command Default
Command Modes
] |
] |
Path must exist. Default path is the same as the no form of the command.
Time period is the time in minutes to automatically save the running configuration to a archive file.
Check weekly for any software updates
Write memory enables the saving of the configuration to an archive file every time you copy runningconfig to start-up config no path maximum 10 no time-period no write-memory
PerleSCR#archive <cr>
PerleSCR(config-archive)#
Usage Guidelines
This is the full path to where the archive configuration files will be kept.
flash:
perle-image-name.img
ftp:
[[//username[:password]@location]/directory]/perle-image-name.img
http:/
/
[[username:password]@][hostname name.img
|
host-ip [directory] /perle-image-
https:/
/
[[username:password]@][hostname name.img
|
scp:
|
host-ip [directory] /perle-image-
[[username@location]/directory]/perle-image-name.img
|
sftp:
[[//username[:password]@location]/directory]/perle-image-name.img
tftp:
[[//location]/directory]/perle-image-name.img
|
IOLAN SCR Command Line Reference Guide
133
Global Configuration Mode
Examples
This example shows you how to set up a archive path to be used with the writememory command.
PerleSCR(config-archive)#path flash:<cr>
PerleSCR(config-archive)#exit<cr>
PerleSCR(config)#exit
PerleSCR#copy running-config startup-config
Destination filename[startup-config]?<cr>
5643 bytes copied
Copy in progress...
5643 bytes copied
If no file name is supplied by you, then your running config will be named with the current date and time. See below.
PerleSCR#dir flash:
Directory of flash:
130322 -rw- 5643 May 12 2016 14:17 -04:00 -May-12-14-17-50-1
130321 -rw- 5643 May 12 2016 14:14 -04:00 -May-12-14-14-16-0
Related Commands
arp arp
{
<A.B.C.D> <H.H.H>
}
Use the no form of this command to negate a command or set its defaults.
Syntax Description arp
{
<A.B.C.D> <H.H.H>
}
Adds static arp entry to the arp table.
Command Modes
PerleSCR(config)#arp
Usage Guidelines
Adds arp entry to arp table.
Examples
Add this arp to the arp table.
PerleSCR(config)#arp 172.16.44.55 1234.1234.1234 <cr>
Related Commands
IOLAN SCR Command Line Reference Guide
134
Global Configuration Mode
banner banner
{[
<LINE>
]
|
|
[
login
<LINE>
]
|
[
motd
<LINE>
]
|
[
prompt-timeout
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description banner
{[
<LINE>
] | c banner-text c (c is used as the delimiting character).
[
login
<LINE>
]
|
Configure the prompt to be displayed before the login prompt.
[
motd
<LINE>
] |
Specify message of the day (motd) for your users to see on login.
[
prompt-time
<LINE>
]}
|
This message will be displayed if the user does not login in based on time parameter under users.
Command Modes
PerleRouter(config)#banner
Usage Guidelines
Banner applies to all consoles and vty sessions.
Examples
Display a message of the day at login.
PerleSCR(config)#banner motd line<cr>
Enter text message. End with the character ’l’ l
Good morning crew
Enter configuration commands, one per line. End with CNTL/Z
Related Commands
bridge bridge
{[
<1-9999>
protocol ieee
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description bridge
{[
<1-9999>
protocol ieee
]}
Set bridge to use protocol IEEE
802.3 for routing.
Command Modes
PerleSCR(config)#bridge
IOLAN SCR Command Line Reference Guide
135
Global Configuration Mode
Usage Guidelines
Set the bridge to use ieee protocol.
Examples
Set bridge 1 to use protocol ieee.
PerleSCR(config)#bridge 1 protocol ieee<cr>
boot boot
{[
host dhcp | retry timeout
<600-65535>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description boot
{[
host dhcp | retry timeout
<600-
65535>
]} host dhcp – enables ZTP (Zero
Touch provisioning). Download configuration via DHCP.
host retry timeout – sets the time in seconds to wait for ZTP to complete
(including time to download config or software) no boot host retry timeout – waits indefinitely for ZTP to complete
Command Modes
PerleSCR(config)#boot
Usage Guidelines
Use this command to enable ZTP. This command allows you to download your config and firmware via your DHCP server.
Examples
This example sets ZTP so that configuration and firmware files will be downloaded from your DHCP server.
PerleSCR(config)#boot host dhcp<cr>
clock clock
{[
summer-time
<name-of-timezone >
] |
date <
1-31> <month-to-start >
<hh:mm> <1-31> <month-to-end > < hh:mm > <1-1440-in-minutes>
| recurring
<
1-4 >
<
first week> <last week>
[
timezone <
name-of-time-zone> <-23 - 23 > <0-59>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description clock
IOLAN SCR Command Line Reference Guide
136
Global Configuration Mode
[
[
summer-time date <
1-31> <month-to-start >
<hh:mm> <1-31> <month-to-end > < hh:mm > <1-1440-in-minutes>
| recurring <
1-4 >
<
first week> <last week>
]
|
timezone <
23 > <0-59> name-of-time-zone> <-23 -
]}
<name-of-timezone >
Command Default
Name of the summer time zone followed by start/end dates
numeric value for the day of the month to start summer timezone 1-
31, name of the month to start
January, February, March, April,
May, June, July, August, September,
October, November, December.
,
time to start in hours (24) and minutes
,
numeric value for the day of the month to end summer timezone 1-31, name of the month to end (January, February, March,
April, May, June, July, August,
September, October, November,
December), time to end in hours(24), offset in minutes 1-1440
Name of the timezone
-
Hours/minutes offset are going to be hours/minutes offset from utc
(universal time clock).
clock timezone EST 5 clock summer-time EDT recurring 2
Sun Mar 2:00 1 Sun Nov 2:00 60
PerleSCR(config)#
Command Modes
Usage Guidelines
Configure time of day clock.
Examples
This example sets the clock 5 hours off from UTC.
PerleSCR(config)#clock timezone ont-time-zone -5 <cr>
Related Commands
crypto crypto
{[
[ipsec client
<WORD>
|enable | esp-group
<WORD>
| ike-group
<WORD>
| import ipsec.conf terminal | url flash: | ftp: | https: | https: | scp: | sftp: | tftp:] | l2tp | nat-network
<A.B.C.D/16>
| nat-traversal
] |
[
key export rsa public | terminal | des
<WORD>
| url flash: | ftp: | http: | https: | scp: | sftp: | tftp:] | [generate rsa modulus
<1024-4096>
] | [import client rsa pem
| pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | ssh-host rsa terminal
<LINE>
| [zeroize rsa]
] |
IOLAN SCR Command Line Reference Guide
137
Global Configuration Mode
[
[openvpn connection
<WORD>
] | [enable] | [generate secret
<NAME>
] | [import ca
<NAME>
| cert
<NAME>
| dh
<WORD>
| key
<NAME>
| secret
<NAME>
| template
<NAME> |
terminal | url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | zeroize ca
<NAME>
| cert
<NAME>
key
<NAME>
] | [cert
<NAME>
terminal | url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | [dh
<WORD>
] | [key
<NAME>
terminal | url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | secret
<NAME>
] |
[template
<NAME>
]
] |
[
pki import client pem | pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | https pem | pkcs12 terminal password
<LINE>
url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | https pem | pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | [https pem
| pkcs12 terminal password
<LINE>
url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | openvpn ca
<NAME>
| cert
<NAME>
| key
<NAME>
] | server pem | pkcs12 erminal password
<LINE>
url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | [zeroize https openvpn ca
<NAME>
cert
<NAME>
key
<NAME>
] |
[
ssl algorithm encryption suite-b-tls | tls-1.2
]}
Use the no form of this command to negate a command or set its defaults
Syntax Description crypto
[
[ipsec client
<WORD>
|enable | esp-group
<WORD>
| ike-group
<WORD>
| import ipsec.conf terminal | url flash: | ftp: | https: | https: | scp: | sftp: | tftp:] | l2tp | nat-network
<A.B.C.D/16>
| nat-traversal
] |
Configure IPSEC client.
[
key export rsa public | terminal | url flash: | ftp: | http: | https: | scp: | sftp: | tftp:] |
[generate rsa modulus
<1024-4096>
] | [import client rsa pem | pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp: |ssh-host rsa terminal | url | flash: | ftp: | http: | https | scp: | sftp: | tftp:] | [zeroize rsa]
] |
[
[openvpn connection
<WORD>
] | [enable] |
[generate secret
<NAME>
] | [import ca
<NAME>
| cert
<NAME>
| dh
<WORD>
| key
<NAME>
| secret
<NAME>
| template
<NAME> |
terminal | url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | zeroize ca
<NAME>
| cert
<NAME>
key
<NAME>
] |
Key and Certificates.
OpenVPN configuration.
IOLAN SCR Command Line Reference Guide
138
[
pki import client pem | pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | https pem | pkcs12 terminal password
<LINE>
url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | https pem | pkcs12 terminal password
<LINE>
| url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | [https pem | pkcs12 terminal password
<LINE>
url flash: | ftp: | http: | https | scp: | sftp: | tftp:] | openvpn ca
<NAME>
| cert
<NAME>
| key
<NAME>
] | server pem | pkcs12 erminal password
<LINE>
url flash: | ftp: | http: | https
| scp: | sftp: | tftp:] | [zeroize https openvpn ca
<NAME>
cert
<NAME>
key
<NAME>
| server
<WORD>
] |
[
ssl algorithm encryption suite-b-tls | tls-1.2
]}
Command Modes
Usage Guidelines
Set encryption parameters.
Examples
This example sets ipsec to enable.
PerleSCR(config)# crypto ipsec enable<cr>
Related Commands
Global Configuration Mode
Keys and Certifications.
Set SSL encryption method.
PerleSCRconfig)#crypto
(config-client)
{[
authentication identify
<WORD>
| pre-shared-key
<WORD>
| remote-identity
<WORD>
| x509
<LINE>
| trustpoint <
CA-FILE>
] |
[
connection-type disable | initiate | respond
] |
[
ike-group
<WORD>
] |
[
local-address
<A.B.C.D>
|
<X:X:X:X::X:X>
| any
] |
[
tunnel
<1-429467295>
] |
esp-group
<WORD>
|
local-address
<A.B.C.D/N | X:X:X:X::X/N>
| remoteaddress
<A.B.C.D/N | X:X:X:X::X/N>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-client)
IOLAN SCR Command Line Reference Guide
139
Global Configuration Mode
{[
authentication identify
<WORD>
| preshared-key
<WORD>
| remote-identity
<WORD>
| x509
<LINE>
| trustpoint <
CA-
FILE>
] |
Sets the local authentication identity.
[
connection-type disable | initiate | respond
] |
Set connection type:
initiate respond disable
[
ike-group
<WORD>
] |
[
local-address
<A.B.C.D>
|
<X:X:X:X::X:X>
| any
] |
[
tunnel
<1-429467295>
|
esp-group
<WORD>
|
local-address
<A.B.C.D/N | X:X:X:X::X/N>
| remote-address
<A.B.C.D/N |
X:X:X:X::X/N>
]}
Sets IPSEC IKE configuration.
Sets local IPSEC interface.
Sets client tunnel definitions.
Command Modes
PerleSCR(config-client)#
Usage Guidelines
Configure IPSEC.
Examples
This example sets IPSEC client type to initiate.
PerleSCR(config-client)# connection-type initiate <cr>
Related Commands
(config-connection)
{[
ca
<WORD>
] |
[
cert
<NAME>
] |
[
cipher aes-128-cbc | aes-128-gcm | aes-192-cbc | aes-192-gcm | aes-256-cbc | aes-
256-gcm | bf-cbc | camellia-128-cbc | camellia-192-cbc | camellia-256-cbc | cast5-cbc | des-cbc | des-ede-cbc | des-ede3cbc | des-cbc | rc2-40-cbc | rc2-64-cbc | rc2-cbc | seed-cbc
[
client
] |
[
comp-lzo adaptive | no | yes
] |
] |
[
dev
<0-999>
] | [
dh
<WORD>
] |
[
dh
<WORD>
] |
[
ifconfig
<A.B.C.D> <WORD> <A.B.C.D><WORD>
] |
IOLAN SCR Command Line Reference Guide
140
Global Configuration Mode
[
keepalive
<1-65535> <1-65535>
] |
[
key
<WORD>
] |
[
lport
<1-65535>
] | [
persist-tun
] | [
port
<1-65535>
] |
[
pull
] |
[
remote
<A.B.C.D> <WORD> <X:X:X:X::X> <1-65535>
| tcp | udp
] |
[
remote-cert-tls client | server
] |
[
rport
<1-65535>
] |
[
secret
<NAME>
] |
[
server
<A.B.C.D> <A.B.C.D>
no pool
] |
[
server-ipv6
<X:X:X:X::X>
] |
[
template
<WORD>
] |
[
tls-client
] |
[
tls-server
] |
[
user-pass
<WORD> <WORD>
0 | 7
] |
[
verb
<0-11>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-connection)
{[
ca
<WORD>
] |
[
cert
<NAME>
] |
Sets PKI CA trustpoint.
Sets PKI certificate.
Set cipher to use in this connection.
[
cipher aes-128-cbc | aes-128-gcm | aes-
192-cbc | aes-192-gcm | aes-256-cbc | aes-
256-gcm | bf-cbc | camellia-128-cbc | camellia-192-cbc | camellia-256-cbc | cast5-cbc | des-cbc | des-ede-cbc | desede3-cbc | des-cbc | rc2-40-cbc | rc2-64cbc | rc2-cbc | seed-cbc
] |
[
client
] | Enable client mode if TCP mode is used with the remote command or if you receive the OpenVPN message "Options error: --proto tcp is ambiguous in this context.
Please specify --proto tcp-server or --proto tcp-client
IOLAN SCR Command Line Reference Guide
141
Global Configuration Mode
[
[
[
[
[
[
[
[
[
comp-lzo adaptive | no | yes dev dh keepalive key pull
<0-999>
<WORD>
lport
] |
[
ifconfig
<A.B.C.D> <WORD> <A.B.C.D>
<WORD>
] |
<WORD>
<1-65535>
persist-tun port
] |
] |
] |
]
<1-65535>
|
]
]
|
|
] |
<1-65535> <1-65535>
] |
Compression is *not* recommended for security reasons.
In cases where the OpenVPN server pushes the request "complzo no" to connecting clients, the client side will break with repeated "write to TUN/TAP :
Invalid argument (code=22)" errors unless it too has already specified "comp-lzo no. If you are a client and are using `pull` to get settings from the server, the connection may fail with that same message. To overcome this issue `comp-lzo no` must be defined in your connection.
Note:
the "no comp-lzo" (the default) turns off the entire compression subsystem which is required for connections not using compression.
Set the OpenVPN interface number.
Sets Diffie-Hellman parameters.
Configure the local and the remote IP addresses for each side of the connection. Reverse the ip addresses when configuring "the other end".
Sets the keepalive interval (in seconds) and the keepalive timeout (in seconds).
Sets PKI private key.
Set the port to use on the local side.
default is 1194
Keep tun device between restarts.
Sets the port to use on both sides of the connection.
Pull the configuration from the server.
IOLAN SCR Command Line Reference Guide
142
Global Configuration Mode
[
[
[
remote
<A.B.C.D> <WORD>
<X:X:X:X::X> <1-65535>
| tcp | udp
] |
remote-cert-tls client | server rport
<1-65535>
] |
] |
Set the remote host for connection.
Sets peer certificate checking as client or server.
When this is used with a TLS connection, the peer's certificate credentials are validated using the CA certificate referred to by the "ca" command.
This is recommended to mitigate man-in-the-middle attacks but can be left off if the signing CA certificate is not currently available.
Sets the port to use on the remote side.
Set the Pre-Shared secret key.
[
[
[
secret
<NAME>
] |
server
<A.B.C.D> <A.B.C.D>
server-ipv6
<X:X:X:X::X>
] |
no pool
] |
Sets OpenVPN IPv4 server parameters.
Sets OpenVPN IPv6 server parameters.
Set connection template.
[
template
<WORD>
] |
[
tls-client
] |
[
tls-server
] |
[
user-pass
<WORD> <WORD>
0 | 7
] |
Set to act as a TLS client.
Set to act as a TLS server.
Set authentication parameters for the client (your IOLAN to login
OpenVpn servers.
Sets verbosity level. (debug)
[
verb
<0-11>
]}
Command Modes
PerleRoute(config-connection)#
Usage Guidelines
Configure IPSEC parameters.
Examples
Set cipher for IPSEC connection.
PerleSCRr(config-connection)# cipher aes-128-cbc<cr>
IOLAN SCR Command Line Reference Guide
143
Global Configuration Mode
Related Commands
(config-esp)#
{[
compression
] |
[
lifetime
<30-86400>
] |
[
mode transport | tunnel
] |
[
pfs
] |
[
proposal
<1-65535>
[encryption 3des | aes128 | aes128gcm182 | aes256 | aes256gcm128 | chacha20poly1305] | [hash md5 | sha1 | sha256 | sha384 | sha512]
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-esp)#
{[
compression
] |
Sets compression for IPsec connection.
[
lifetime
<30-86400>
] |
The tunnel will expires after no activity.
Range is 30 – 86400
Default is 1800 seconds
[
mode transport | tunnel
] |
Sets the tunnel mode.
Transport mode – payload encrypted; headers clear
Transport mode – both headers and payload encrypted.
[
pfs
] |
PFS on will improve security forcing a new key exchange for each new session. Both sides of the VPN tunnel must be able to support this option.
Enabling PFS by renewing keys more often will have a little performance impact but provide further security.
[
proposal
<1-65535>
[encryption 3des
| aes128 | aes128gcm182 | aes256 | aes256gcm128 | chacha20poly1305] |
[hash md5 | sha1 | sha256 | sha384 | sha512]
]}
Sets IKE/ESP proposal.
Command Modes
PerleSCR(config-esp)#
Usage Guidelines
Sets IPsec configuration.
IOLAN SCR Command Line Reference Guide
144
Global Configuration Mode
Examples
Set esp group mode to transport.
PerleSCR(config-esp)# mode transport <cr>
Related Commands
(config-ike)#
{[
aggressive-mode
] |
[
dpd action clear | hold | restart
] |
[
dpd action clear | hold | restart
|
interval
<2-86400>
| timeout
<10-86400>
] |
[
ike-version ike | ikev1 | ikev2
] | [
lifetime
<30-86400>
] | [
proposal [dh-group 2 | 5
| 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26] | [encryption 3des | aes128 | aes128gcm128 | aes256 | aes256gcm256 | chacha20poly1305] | [hash md5 | sha1 | sha256 | sha384 | sha512]
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-ike)#
{[
aggressive-mode
] |
Aggressive mode takes part in fewer packet exchanges.
Aggressive mode does not give identity protection of the two IKE peers, unless digital certificates are used. This means VPN peers exchange their identities without encryption (clear text). It is not as secure as main mode, but the advantage to aggressive mode is that it is faster than Main mode.
You must use aggressive mode if one or both peers have dynamic external IP addresses or if you need to use Network Address
Translation Traversal (NAT-T)
Default is off
IOLAN SCR Command Line Reference Guide
145
Global Configuration Mode
[
[
[
dpd action clear | hold | restart ike-version ike | ikev1 | ikev2 lifetime
<30-86400>
] |
] |
] |
[
proposal [dh-group 2 | 5 | 14 | 15 | 16 | 17
| 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26] |
[encryption 3des | aes128 | aes128gcm128 | aes256 | aes256gcm256 | chacha20poly1305] | [hash md5 | sha1 | sha256 | sha384 | sha512]
]}
Command Modes
DPD is a method of detecting a dead Internet Key Exchange
(IKE) peer. This method uses
IPsec traffic patterns to minimize the number of messages required to confirm the availability of a peer. DPD is used to reclaim the lost resources in case a peer is found dead.
Clear –terminate the VPN connection over the detection timeout. You must manually re-initiate the VPN connection.
We recommend that you use
Clear when the remote peer uses dynamic IP address.
Hold –traffic from your local network to the remote network can trigger the router to reinitiate the VPN connection over the detection timeout. We recommend that you use Hold when the remote peer uses a static IP address
Restart –re-initiate the VPN connection for three times over the detection timeout.
Default Action is Hold
Interval is 30 seconds
Timeout is 120 seconds
Select IKE version to use. IKE will use IKEv2 but switch to
IKEv1 depending on the peer.
Default is IKEv2
Time to keep connection alive.
Range is 30-86400
Default is 3600 seconds
Sets IKE/ESP proposal.
Dh-default is 2
Encryption default is aes256
Hash default is SHA1
PerleSCR(config-ike)#
IOLAN SCR Command Line Reference Guide
146
Global Configuration Mode
Usage Guidelines
Sets IKE configuration.
Examples
Set dead peer detection to restart.
PerleSCR(config-ike)# dpd action restart <cr>
Related Commands
(config-12tp)#
{[
client-ip-pool
<A.B.C.D> <A.B.C.D>
] |
[
dns-server
<1-2> <A.B.C.D>
] |
[
outside-address
<A.B.C.D>
] |
[
pre-shared-key
<WORD>
] |
[
username
<WORD>
password
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-l2tp)#
{[
client-ip-pool
<A.B.C.D> <A.B.C.D>
] |
Sets L2TP client ip pool addresses to be used by the clients.
[
dns-server
<1-2> <A.B.C.D>
] |
[
outside-address
<A.B.C.D>
] |
Sets L2TP DNS servers.
Sets the L2TP server remote address.
[
pre-shared-key
<WORD>
] |
Use the given pre-shared secret.
[
username
<WORD>
password
<WORD>
]}
Configure L2TP user name and password for this connection.
Command Modes
PerleSCR(config-l2tp)#
Usage Guidelines
Use these commands to setup parameters for L2TP connections.
L2TP connections.
Examples
Set username and password for L2TP connection.
PerleSCR(config-l2tp)# username lyn password test <cr>
IOLAN SCR Command Line Reference Guide
147
Global Configuration Mode
Related Commands
dot1x dot1x
{[
credential
<profile-name>
] |
[
logging
] |
[
system-auth-control
] |
[
test timeout
<1-65535>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description dot1x
{[
credential
<profile-name>
] |
Create a dot1x credential profile.
[
logging
] |
[
system-auth-control
] |
Log dot1x messages
You must enable dot1x systemauth-control if you want to use
802.1x access controls on any port on the router. You can then use the port control command on each specific port on which you want
802.1x access controls to be used.
[
test timeout
<1-65535>
]}
The readiness check is typically used before 802.1x is enabled on the router. Set the timeout for
EAPOL devices that don’t respond in the specified time frame.
Command Modes
PerleSCR(config)#
Usage Guidelines
The 802.1x readiness check monitors 802.1x activity on all the IOLAN serial ports and displays information about the devices connected to the ports that support
802.1x. You can use this feature to determine if the devices connected to the IOLAN serial ports are 802.1x-capable
Examples:
This example will create a credential profile called testcrd, then you need to set dotx1 authentication on Ethernet interfaces in order to multihost.
Note: You must enable system -auth-control if you want to authenticate dot1x devices.
PerleSCR(config)#dot1x credential testcred<cr>
PerleSCR(config)#interface ethernet 1 <cr>
PerleSCR(config-if)#authentication mult-auth <cr>
IOLAN SCR Command Line Reference Guide
148
Global Configuration Mode
Related Commands
(config-dot1x-creden)#
{[
password
< 0 > <LINE> | <7 > <LINE>
] |
[
username
<name>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-dot1x-creden)#
{[
password
< 0 > <LINE> | <7>
<LINE> | hex-string>
] |
0 - specifies that an unencrypted password will follow.
7- specifies that an hidden password will follow.
[
username
<name>
]
}
Specify a username.
Command Modes
PerlesCR(config)#dot1x credential your-name
PerleSCR(config-dot1x-creden)#
Usage Guidelines
Sets dot1x credentials.
Examples
This example will set the set the password for profile name testing to an encrypted password.
PerleSCR(config)#dot1x credential testing<cr>
PerleSCR(config-dot1x-creden)# password 7 DB0UeI1lynwOKW/j1 <cr>
Related Commands
eap eap
{[
profile
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description eap
{[
profile
<WORD>
]}
Configure EAP profiles.
Command Modes
PerleSCRconfig)#
Usage Guidelines
Use this command to create EAP profiles.
IOLAN SCR Command Line Reference Guide
149
Global Configuration Mode
Related Commands
(config-eap-profile)#
{[
method gtc | leap | md5 | mschapv2 | peap | tls | [ttls chap |eap-gtc |eap-md5 | eap-mschapv2 | mschap | mschapv2 | pap]
] | [
pki-trustpoint
<WORD>
Use the no form of this command to negate a command or set its defaults.
]}
Syntax Description (config-eap-profile)#
|
{[
method gtc | leap | md5 | mschapv2 | peap | tls | [ttls chap |eap-gtc |eap-md5 | eap-mschapv2 | mschap | mschapv2 | pap]
]
Select the method of encapsulating sensitive information such as passwords to be authenticated from the
IOLAN
[
pki-trustpoint
<WORD>
]}
The certificate authority you trust. This is a self-signed certificate that you create here
Command Modes
PerleSCR(config)#
Usage Guidelines
EAP is simply an authentication framework that defines the transport and usage of identity credentials. EAP encapsulates the usernames, passwords, certificates, and tokens, etc. that a client is sending for purposes of authentication.
A trustpoint is basically a certificate authority who you trust, and it is called a trustpoint because you implicitly trust this authority. The idea is that by trusting a given self-signed certificate, then your PKI system will automatically trust any other certificates signed with that trusted certificate
You need to create an eap profile before you can set these parameters.
Examples
This example shows you how to set the method to gtc.
PerleSCR(config)#method gtc<cr>
Related Commands
email email
{[
enabled
] |
[
encryption
<none | ssl | tls>
] |
[
from
<WORD>
] |
IOLAN SCR Command Line Reference Guide
150
Global Configuration Mode
[
recipient
<WORD>
] |
[
smtp-server
<WORD> | <A.B.C.D> | <X:X:X:X::X:X>
] |
[
username certificate
]}
<WORD>
| password
<0 LINE> | 7 <WORD> | LINE>
] | [
Use the no form of this command to negate a command or set its defaults.
validate-
Syntax Description email
{[
enabled
] |
Enable the email feature.
{[
encryption
<none | ssl | tls>
] |
[
from
<WORD>
] |
Use selected encryption.
Format is [email protected]
[
recipient
<WORD>
] |
Format is [email protected]
[
smtp-server
<WORD> | <A.B.C.D> |
<X:X:X:X::X:X>
] |
[
username
<WORD>
| password
<0
<LINE> | 7 <WORD>
|
LINE>
] | [
password
<0 <LINE> | 7 <WORD> |
LINE>
] |
[
validate-certificate
]}
SMNP server to use for mail requests.
Username for server authentication.
Password for server authentication.
Valid email certificate.
Command Modes
PerleSCR(config)#
Usage Guidelines
Sets email notification parameters.
Examples
This example shows how enable the email feature and to specify the smnp server for email requests.
PerleSCR(config)#email enabled <cr>
PerleSCR(config)#email snmp-server 172.16.55.77 <cr>
Related Commands
enable enable
{[
secret
<0 | 5 | LINE>
]}
Use the no form of this command to negate enable secret.
Syntax Description enable
IOLAN SCR Command Line Reference Guide
151
Global Configuration Mode
{[
secret
<0 | 5 | LINE>
]}
Command Modes
Usage Guidelines
This is the password to be used to enable privilege mode.
Examples
This example shows how to set a password for enable mode.
PerleSCR(config)#enable secret testsecret<cr>
0 – Specifies an unencrypted password to follow
5 – Specifies a encrypted password to follow
LINE – the unencrypted
(cleartext) secret
PerleRouter(config)#enable
Related Commands
hostname hostname
{[<
WORD
>]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
{[<
WORD
>]}
hostname
Type in the name you want to call your router.
Command Modes
PerleSCR(config)#hostname
Usage Guidelines
Set the hostname on the IOLAN.
Examples
This example will set the hostname to TestHost.
PerleSCR(config)#hostname TestHost<cr>
TestHost#
Related Commands
interface interface
{[
bvi
<1-9999>
] |
[
dialer
<0-15>
] |
IOLAN SCR Command Line Reference Guide
152
Global Configuration Mode
[
ethernet
<1-18>
] |
[
loopback
] |
[
openvpn-tunnel
<0-999>
tap | tun
] |
[
tunnel
<0-999>
] |
[
range ethernet
<1-18> , <1-18>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description interface
{[
bvi
<1-9999>
]
|
Specify the bridge interface you want to configure.
[
dialer
<0-15>
] |
Specify the dialer interface you want to configure.
[
ethernet
<1-18>
]
|
Specify the Ethernet interface you want to configure.
[
[
[
loopback
] |
openvpn-tunnel
[tunnel
<0-999>
range ethernet
] |
<0-999>
tap | tun
<1-18> , <1-18>
Command Modes
]
] |
Specify the loopback interface you want to configure.
Specify a openvpn tunnel you want to configure.
Specify the tunnel you want to configure.
Specify a Ethernet range you want to configure.
PerleSCR(config)#interface ethernet 1
PerleSCR(config-if)#
Usage Guidelines
Set interface command.
Examples
This example will allow you to config parameters for Ethernet interface 1.
PerleSCR(config)# interface ethernet 1<cr>
IOLAN SCR Command Line Reference Guide
153
Global Configuration Mode
Related Commands
(config-if)# bvi
{[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[
description
<LINE>
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp client [class-id
<LINE>
| auto] |
[client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | hostname
<WORD>
| ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] |
[
ipv6 address
<X:X:X:X::X/<0-128>
|
dhcp | firewall in | out | local
<WORD>
|
[nd dad attempt
<0-500>
| managed config-flag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
|
[hop-limit <1-255> | unspecified] | [interval
<4-1800> <3-1350>
| lifetime
<0> |
<4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-
3600000>
| router-preference high | low |medium] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<68-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
role lan |trusted | wan
] |
IOLAN SCR Command Line Reference Guide
154
Global Configuration Mode
[
shutdown
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-if)# bvi
{[
arp disable-arp-filter | enable-arpaccept | enable-arp-announce | enablearp-ignore | timeout
<1-2147483>
] |
[
description
<LINE>
] |
Customize arp messages for this interface.
Type in a description for this interface.
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp client [class-id
<LINE>
| auto] | [client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | hostname
<WORD>
| ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp |
[firewall in | local | out
<WORD>
] |
[health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
|
[message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmitdelay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] | [
ipsec restrict
] |
[
ipsec restrict
] |
Specify an IP parameters.
Do not allow ipsec to run on this interface.
IOLAN SCR Command Line Reference Guide
155
Global Configuration Mode
[
ipv6 address
<X:X:X:X::X/<0-128>
|
dhcp | firewall in | out | local
<WORD>
|
[nd dad attempt
<0-500>
| managed config-flag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
|
[hop-limit <1-255> | unspecified] |
[interval
<4-1800> <3-1350>
| lifetime
0 |
<4-9000>
| suppress] | reachable time
<0-
3600000>
| retransmission-time
<0-
3600000>
| router-preference high | low
|medium] | [ospf authentication messagedigest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmitdelay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<68-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
role lan |trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Command Modes
Usage Guidelines
Sets option parameters for bridge.
Enable IPv6 on this interface.
Specify the mtu (maximum transmit unit) for this interface.
Configure for this interface.
Select the role for this interface.
Shutdown this interface.
This interface belongs to zone security name.
PerleSCR(config)#interface
PerleSCR(config-if)#
IOLAN SCR Command Line Reference Guide
156
Global Configuration Mode
Examples
This example configures an IP address on bvi 10.
PerleSCR>enable<cr>
PerleSCR#config<cr>
PerleSCR#interface bvi 10<cr>
PerleSCR(config-if)#ip address 172.16.113.45 255.255.0.0<cr>
Related Commands
(config-if)# dialer
{[
dialer description
<LINE>
] |
[
encapsulation ppp
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp | firewall in | out | local
<WORD>
|
[health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
|
[message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] | [
[ipv6 firewall in | out | local
<WORD>
| [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<64-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
<LINE>
| 7
<WORD>
|
<LINE>
| timeout idle
<1-4294967>
[
role lan | trusted | wan
] |
[
shutdown
] |
] |
] |
[
ppp access-concentrator
<LINE>
| chap hostname
<WORD>
| password 0
IOLAN SCR Command Line Reference Guide
157
Global Configuration Mode
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# dialer
{[
dialer description
<LINE>
] |
Specify a name for this interface.
[
encapsulation ppp
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp | firewall in | out | local
<WORD>
| [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authenticationkey
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-
65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-topoint | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] |
Set encapsulation type.
Sets IP configuration parameters for this interface.
Enable or disable IPv6.
[
ipv6 firewall in | out | local
<WORD>
|
[ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-
65535>
| hello-interval
<1-65535>
|
[message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-topoint | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<64-1500>
] |
Set IPv6 sub commands.
Sets Maximum transmission unit size.
IOLAN SCR Command Line Reference Guide
158
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
ppp access-concentrator
<LINE>
| chap hostname
<WORD>
| password 0
<LINE>
| 7
<WORD>
|
<LINE>
| timeout idle
<1-4294967>
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Configure NTP (Network Time
Protocol).
Configure Point to Point protocol.
Select the role for this interface.
Shutdown this interface.
Command Modes
This interface is a member of zone security.
PerleSCR(config-if)#
Usage Guidelines
Sets parameters for dialer interface.
Examples
This example will set the role for the dialer interface.
PerleSCR(config-if)role wan<cr>
Related Commands
(config-if)# bvi(config-if)# dialer
(config-if) ethernet
{[
alarm profile
<WORD>
] |
[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multi-auth] | [multi-host] | single-host] | [periodic]
| [port-control [auto] | [forced-authorized] | force-unauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] | [
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
IOLAN SCR Command Line Reference Guide
159
Global Configuration Mode
[
dot1x credential
<WORD>
| max-auth-req
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] |
[timeout quiet-period
<1-65535>
| supp-period
<1-65535>
| tx-period
<1-65535>
]
|
[
duplex auto | half | full
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| [dhcp client [class-id
<LINE>
| auto] |
[client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | hostname
<WORD>
| ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
]
| dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication messagedigest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-
65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] | [
ipv6 address
<X:X:X:X::X/<0-128>
| autoconfig | dhcp] enable
| firewall in | out | local
<WORD>
| [nd dad attempt
<0-500>
| managed configflag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite |
[ra dns server
<X:X:X:X::X>
| [hop-limit <1-255> | unspecified] | [interval
<4-
1800> <3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-3600000>
| router-preference high | low |medium]
] |
[
mab eap
] | [
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> <X:X:X:X::X:X>
| client
< A.B.C.D> < X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
power efficient-ethernet auto
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
speed 10 |100 |1000 |auto
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-if) ethernet
{[
alarm profile
<WORD>
] |
Use this alarm profile for this interface.
[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arp-ignore | timeout
<1-2147483>
] |
Customize arp messages for this interface.
IOLAN SCR Command Line Reference Guide
160
[
[
authentication [host-mode] | [multi-auth] |
[multi-host] | single-host] | [periodic] | [portcontrol [auto] | [forced-authorized] | forceunauthorized] | [timer reauthenticate
<1-
65535>
| restart
<1-65535>
] |
[
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
[
dot1x credential
<WORD>
| max-auth-req
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] | [timeout quiet-period
<1-65535>
| supp-period
<1-
65535>
| tx-period
<1-65535>
] |
duplex auto | half | full
] |
Global Configuration Mode
Select authentication mode to use on this interface when using Dot1x devices.
Add this interface to the specified bridge-group.
Description for this interface.
Sets the Port Access Entity
(PAE) type.
Supplicant
—The interface acts only as a supplicant and does not respond to messages that are meant for an authenticator.
Authenticator
—The interface acts only as an authenticator and does not respond to any messages meant for a supplicant.
Both
—The interface behaves both as a supplicant and as an authenticator and thus does respond to all dot1x messages.
Select duplex for this interface. In most cases this parameter should be left at auto.
IOLAN SCR Command Line Reference Guide
161
Global Configuration Mode
[
ip address
<A.B.C.D> <A.B.C.D>
| [dhcp client [class-id
<LINE>
| auto] | [client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
]
| [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication messagedigest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore |
[network broadcast | non-broadcast | pointto-point | point-to-multipoint] | priority
<0-
255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip authentication keychain | mode
<WORD>
] |
[
ipsec restrict
] |
Setup parameters for IP communications on this interface.
[
ipv6 address
X:X:X:X::X:X/<0-128>
| autoconfig | dhcp | enable | firewall in | out | local
<WORD>
| [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-
65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mab eap
] |
No ipsec allow on this interface.
If using IPv6, then setup
IPv6 communication parameters.
[
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D>
<X:X:X:X::X:X>
| client
< A.B.C.D> <
X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
IOLAN SCR Command Line Reference Guide
Sets MAC authentication bypass interface commands.
Sets maximum transmission unit.
Configure NTP (Network
Time Protocol).
162
Global Configuration Mode
[
[
power efficient-ethernet auto role lan |trusted | wan
] |
] |
Configure interface power settings.
Set the role for this interface.
Shutdown this interface.
[
[
[
shutdown
] |
speed 10 |100 |1000 |auto zone-member security
]}
<WORD>
]}
Command Modes
Usage Guidelines
Set up Ethernet parameters for this interface.
Examples
This example will set the speed for this interface to 100.
PerleSCR(config-if)# speed 100<cr>
Set the speed for this interface.
This interface is a member of zone security.
PerleSCR(config-if)#
Related Commands
(config-if)# openvpn-tunnel
{[
bridge-group
<1-9999>
] | [
description
<LINE>
] |
[
ip ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] |
[[firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [ospf authentication message-digest | null] | authenticationkey
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-
65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point] | point-to-multipoint] | priority
<0-
255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[
ipv6 | enable | firewall in | local |out | nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| [ospf | cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| instance-id
<0-
255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] | [policy route-policy
<WORD>
] | [rip authentication key-chain | mode
<WORD>
| split-horizon disabled | poisoned-reverse
] |
IOLAN SCR Command Line Reference Guide
163
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
role lan | trusted | wan
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# openvpn-tunnel
{[
bridge-group
<1-9999>
] |
Sets transparent bridging interface parameters.
[
description
<LINE>
] |
[
ip ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | [[firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point] | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[
ipsec restrict
] |
Description for this interface.
Specify IP parameters.
Do not allow ipsec to run on this interface.
[
ipv6 | enable | firewall in | local |out | nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtuignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| [ospf | cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[policy route-policy
<WORD>
] | [rip authentication key-chain | mode
<WORD>
| split-horizon disabled | poisoned-reverse
] |
Set IPv6 configuration parameters.
IOLAN SCR Command Line Reference Guide
164
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-
4>
] |
[
role lan | trusted | wan
] |
[
zone-member security
<WORD>
]}
Configure NTP (Network Time
Protocol).
Set the role for this interface.
Command Modes
This interface is a member of zone security.
PerleSCR(config-if)#
Usage Guidelines
Set configuration parameters for OPEN-VPN tunnel.
Examples
This example will set no authentication when using ospf.
PerleSCR(config-if)# ip ospf authentication null<cr>
Related Commands
(config-if)#tunnel
{[
arp disable-arp-filter | enable-arp-accept-enable-arp-announce | enable-arpignore
] |
[
description
<LINE>
] |
[
ip address
<A.B.C.D> <A.B.C.D>
] |
[
ipsec restrict
] |
[
ipv6 address<x:x:x:x::x | [firewall in | out | local] | [nd dad attempts
<0-600>
|
[managed-config-flag | other-config | [prefix
<X:X:X:X::X>
] | [ra dns server
<X:X:X:X::X>] | [hop-limit
<1-255>
| unspecified] | [interval
<4-1800> <3-135>
]
| [lifetime
<0 | <4-9000>
] | suppress] | reachable-time
<0-3600000>
| retransmission-time
<0-3600000>
| [router-preference high | low | medium] |
[ospf cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| [policy route-policy
<WORD>
] | [rip enable | split-horizon disable | poisoned-reverse]
] |
[
mtu
<64-1500>
] |
IOLAN SCR Command Line Reference Guide
165
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<4-17>
| disable | multicast
<A.B.C.D> <X:X:X:X::X>
| client <a.b.c.d>
<x:x:x:x::x| key
<1-65534>
| minpoll
<4-17>
| version
<4-17>
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
tunnel destination
<A.B.C.D>
| multicast | source
<A.B.C.D>
| ethernet
<1-18>
| tos
<0-99>
| ttl
<1-255>
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# tunnel
[arp disable-arp-filter | enable-arp-acceptenable-arp-announce | enable-arp-ignore] |
Set arp options for this interface.
[
description
<LINE>
] |
[
ip address
<A.B.C.D> <A.B.C.D>
] |
Interface description.
[
ipsec restrict
] |
Set an ip address for this interface.
Restrict or permit ipsec on this interface.
[
ipv6 address <x:x:x:x::x | [firewall in | out
| local] | [nd dad attempts
<0-600>
|
[managed-config-flag | other-config |
[prefix
<X:X:X:X::X>
] | [ra dns server
<X:X:X:X::X>] | [hop-limit
<1-255>
| unspecified] | [interval
<4-1800> <3-135>
] |
[lifetime
<0 | <4-9000>
] | suppress] | reachable-time
<0-3600000>
| retransmission-time
<0-3600000>
| [routerpreference high | low | medium] | [ospf cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
]
| [
policy route-policy
<WORD>
] | [
rip enable | split-horizon disable | poisonedreverse
] |
[
mtu
<64-1500>
] |
Set IPv6 parameters.
Set mtu sze.
IOLAN SCR Command Line Reference Guide
166
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<4-17>
| disable | multicast
<A.B.C.D> <X:X:X:X::X>
| client <a.b.c.d>
<x:x:x:x::x| key
<1-65534>
| minpoll
<4-
17>
| version
<4-17>
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
tunnel destination
<A.B.C.D>
| multicast | source
<A.B.C.D>
| ethernet
<1-18>
| tos
<0-99>
| ttl
<1-255>
] |
[
zone-member security
<WORD>
]}
Command Modes
Set NTP parameters.
Set the role.
Shutdown this interface.
Specify tunnel parameters.
Specify zone member.
PerleSCR(config-if)#
Usage Guidelines
Sets parameters for tunnel interface.
Examples
This example will enable arp accepts on this interface.
PerleSCR(config-if)# arp enable-arp-accept<cr>
Related Commands
(config-if)#range
{[
range ethernet
, -
|
<1-18> , - <1-18>
] |
[
alarm profile
<WORD>
] | [
arp disable-arp-filter | enable-arp-accept | enablearp-announce | enable-arp-ignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multi-auth] | [multi-host] | single-host] | [periodic]
| [port-control [auto] | [forced-authorized] | force-unauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] | [
bridge-group
<1-9999>
] |
[
description
<LINE>
] | [
dot1x credential
<WORD>
| max-auth-req
<1-10>
| max-req
<1-10>
|
IOLAN SCR Command Line Reference Guide
167
Global Configuration Mode
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] |
[timeout quiet-period
<1-65535>
| supp-period
<1-65535>
| tx-period
<1-65535>
]
| [
duplex auto | half | full
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| [dhcp client [class-id
<LINE>
| auto] |
[client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp] |
[ipsec restrict] | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] | [
ipv6 address
<X:X:X:X::X/<0-128>
| autoconfig | dhcp] | enable | firewall in | out | local
<WORD>
| [nd dad attempt
<0-500>
| managed config-flag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
| [hop-limit <1-255> | unspecified] |
[interval
<4-1800> <3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-3600000>
| router-preference high | low
|medium]
] |
[
mab eap
] |
[
mtu
<64-9000>
] | [
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
< A.B.C.D>
<X:X:X:X::X:X>
| client
< A.B.C.D> < X:X:X:X::X:X>
| key
<1-65534>
| minpoll
| version
<1-4>
] | [
power efficient-ethernet auto
] |
[
role lan | trusted | wan
] |
[
shutdown
] | [
speed 10 |100 |1000 |auto
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-if)#range
{[
range ethernet
, -
|
<1-18> , - <1-
18>
] |
{[
alarm profile
<WORD>
] |
Specify the from to range.
Use this alarm profile for this interface.
[
arp disable-arp-filter | enable-arpaccept | enable-arp-announce | enablearp-ignore | timeout
<1-2147483>
] |
Customize arp messages for this interface.
IOLAN SCR Command Line Reference Guide
168
[
[
authentication [host-mode] | [multiauth] | [multi-host] | single-host] |
[periodic] | [port-control [auto] |
[forced-authorized] | forceunauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] |
[
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
[
dot1x credential
<WORD>
| maxauth-req
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] | [timeout quiet-period
<1-
65535>
| supp-period
<1-65535>
| txperiod
<1-65535>
] |
duplex auto | half | full
] |
Global Configuration Mode
Select authentication mode to use on this interface when using Dot1x devices.
Add this interface to the specified bridge-group.
Description for this interface.
Sets the Port Access Entity (PAE) type.
Supplicant
—The interface acts only as a supplicant and does not respond to messages that are meant for an authenticator.
Authenticator
—The interface acts only as an authenticator and does not respond to any messages meant for a supplicant.
Both
—The interface behaves both as a supplicant and as an authenticator and thus does respond to all dot1x messages.
Select duplex for this interface. In most cases this parameter should be left at auto.
IOLAN SCR Command Line Reference Guide
169
[
ip address
<A.B.C.D> <A.B.C.D>
|
[dhcp client [class-id
<LINE>
| auto] |
[client-id ethernet
<1-18>
| ascii
<WORD>
| auto | hex
<hex-string>
] | ddns service dyndns | update
<WORD>
| use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helperaddress
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] |
[
ipv6 address
X:X:X:X::X:X/<0-128>
| autoconfig | dhcp | enable | firewall in | out | local
<WORD>
| [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mab eap
] |
[
mtu
<64-9000>
] |
Global Configuration Mode
Setup parameters for IP communications on this interface.
No ipsec allow on this interface.
If using IPv6, then setup IPv6 communication parameters.
Sets MAC authentication bypass interface commands.
Sets maximum transmission unit.
IOLAN SCR Command Line Reference Guide
170
ip
Global Configuration Mode
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D>
<X:X:X:X::X:X>
| client
< A.B.C.D> <
X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
power efficient-ethernet auto
] |
[
role lan |trusted | wan
] |
[
shutdown
] |
[
speed 10 |100 |1000 |auto
]}
[
zone-member security
<WORD>
]}
Configure NTP (Network Time
Protocol).
Configure interface power settings.
Set the role for this interface.
Shutdown this interface.
Set the speed for this interface.
Command Modes
This interface is a member of zone security.
PerleSCR(config-if)#
Usage Guidelines
Set up a range to configure Ethernet parameters for this interface.
Examples
This example disables ipv6 on this range of ethernet interfaces.
PerleSCR(config)#interface range ethernet 10 , 15<cr>
PerleSCR(config-if-range)# ipsec restrict<cr>
Related Commands
ip
{[
access-list extended
<100-199> <2000-2699>
| [resequence extended
<100-
199> <2000-2699> <1-2147483647> <1-2147483647>
| standard
<1-99> <1300-
1999> <1-2147483647> <1-2147483647>
] | standard
<1-99> <1300-1999>
expanded | standard
<100-500> <1-65535
] |
[
alg modules ftp | gre | h323 | nfs | pptp | sip | sqlnet | tftp disable
] |
[
as-path access-list
<WORD>
<1-65535> deny | permit
<LINE>
] |
] | [
aspath access-list
<WORD> <1-65535>
deny | permit
<LINE>
] | [
community-list
IOLAN SCR Command Line Reference Guide
171
Global Configuration Mode
[
community-list expanded
<100-500> <1-65535>
deny
<TEST>
| permit
<LINE>
| standard
<1-99> <1-65535>
deny
<1-4294967295>
| internet | local-as
|no-advertise | no-export | permit
<1-4294967295>
| internet | local-as | noadvertise | no-export | permit
<LINE>
] |
[
default-gateway
<A.B.C.D>
] |
[
dhcp excluded-address
<A.B.C.D>
| pool
<name>
| relay information hop-count
<1-255>
| packet-size
<64-1400>
| policy
drop | encapsulate | keep | replace
| port
<1-655535>
] |
[
dns cache-size
<1-1000>
| domain
<NAME>
server
<A.B.C.D> <X:X:X:X::X>
| ignore-hosts-file | listen-address
<A.B.C.D> <X:X:X:X::X>
| negative-ttl
<0-
7200>
] |
[
domain lookup
] |
[
domain-name
<WORD>
] |
[
extcommunity-list expanded
<100-500> <1-65535>
deny
<TEST>
| permit
<LINE>
| standard
<1-99> <1-65535>
deny rt | soo
<asn:nn>
] |
[
firewall
<NAME>
| all-ping enable | broadcast-ping enable | config-trap enable | ip-src-route enable | ipv6-receive-redirects enable | ipv6-src-route | log-martians enable | receive-redirects enable | send-redirects enable | [source-validation disable | loose | strict] | [state-policy established accept | drop | reject] | [invalid accept | drop | reject] |
[
related action accept | drop | reject] | syn-cookies enable | twa-hazards-protection enable
] |
[
ftp passive | password 0
<LINE>
| 7
<WORD>
|
<LINE>
| username
<WORD>
]
|
[
health profile
<WORD>
] |
[
host
<WORD> <A.B.C.D>
] |
[
host-group
<WORD>
] |
[
http [accounting exec
<WORD>
| default] | authentication aaa loginauthentication
<WORD>
| default] | [client password 0
<LINE>
| 7
<WORD>
|
<LINE>
proxy-server
<WORD>
proxy-port
<1-65535>
secure-trust-point
<WORD>
| username
<WORD>
| verify-server] | [secure-port
<1024-65535>
] |
[server] | [session-idle-timeout
<1-1440>
] |
[
name-server
<A.B.C.D>
] |
[
nat inside source [any interface bvi
<1-9999>
| ethernet
<1-18>
over load
| pool
<WORD> <A.B.C.D> <A.B.C.D> <A.B.C.D>
| list
<1-2699>
| static tcp
< A.B.C.D> <0-65535>
| inbound-interface bvi
<1-
9999>
| | ethernet
<1-18>
|
< 0-65535>
| udp
< A.B.C.D> <0-65535>
inbound- interface bvi
<1-9999>
| | ethernet
<1-4>
|
<0-65535>
] |
[
passthrough enable
|
interface ethernet address
<A.B.C.D>
| hardware-address
<H.H.H>
] |
[
prefix-list
<WORD>
deny
<A.B.C.D> </n | A.B.C.D>
ge | le
<1-32>
| description
<LINE>
| permit
<A.B.C.D> </n | A.B.C.D>
ge | le
<1-32>
| seq <1-65535> deny
IOLAN SCR Command Line Reference Guide
172
Global Configuration Mode
<A.B.C.D> </n | A.B.C.D>
ge | le
<1-32>
| permit
<A.B.C.D> </n | A.B.C.D>
ge | le
<1-32>
] |
[
radius source-interface bvi
<0-9999>
| | dialer
<0-15>
| | ethernet
<1-4 . <1-
4000
> | openvpn-tunnel
<1-999>
| tunnel
<1-999>
] |
[
route
< A.B.C.D> <A.B.C.D> < A.B.C.D> <1-255>
| bvi
<1-9999>
| | ethernet
<1-4> <1-255>
dhcp | null
<1-255>
| table
<1-200> <A.B.C.D> <A.B.C.D> <
A.B.C.D>
| bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18>
null | openvpn
<0-
999>
| tunnel
<0-999>
|
<1-255>
| dhcp
] |
[
route-policy
<WORD
] |
[
scp password 0
<LINE>
| 7
<WORD>
|
<LINE>
| username
<WORD>
] |
[
sftp username <word> | password <0 | 7 | LINE>
] |
[
ssh authentication-retries
<0-5>
| client algorithms mac hmac hmac-sha1 | [email protected] | hmac-sha2-256 | [email protected] | hmac-sha2-512 | hmac-sha2-512 [email protected] | umac-
[email protected] | [email protected] | [email protected] | [email protected]
]}
] |
[
tacacs source-interface bvi
<0-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-
4000
> | openvpn-tunnel
<1-999>
| tunnel
<1-999>
] |
[
telnet server
Use the no form of this command to negate a command or set its defaults.
Syntax Description ip
{[
access-list extended
<100-199> <2000-
2699>
| [resequence extended
<100-199>
<2000-2699> <1-2147483647> <1-
2147483647>
| standard
<1-99> <1300-
1999> <1-2147483647> <1-2147483647>
]
| standard
<1-99> <1300-1999>
] |
ACL standard type: allows you to filter based on source IP address of a packet.
ACL extended type: allows you to filtering on source addresses, but also on destination addresses, protocols, and even applications, based on their port number.
[
alg modules ftp | gre | h323 | nfs | pptp | sip | sqlnet | tftp disable
] |
By default all alg modules are enabled. Use the disable command to disable modules.
[
as-path access-list
<WORD>
<1-65535> deny | permit
<LINE>
] |
Use this command to configure an access-list filter for Border
Gateway Protocol (BGP) autonomous system (AS) numbers.
IOLAN SCR Command Line Reference Guide
173
[
extcommunity-list expanded
<100-500>
<1-65535>
deny
<TEST>
| permit
<LINE>
| standard
<1-99> <1-65535>
deny
<1-4294967295>
| internet |local-as
|no-advertise | no-export | permit
<1-
4294967295>
| internet |local-as |noadvertise | no-export | permit
<LINE>
] |
[
default-gateway
<A.B.C.D>
] |
[
dhcp excluded-address
<A.B.C.D>
| pool
<name>
| relay information hop-count
<1-255>
| packet-size
<64-1400>
| policy
drop | encapsulate | keep | replace
| port
<1-655535>
] |
[
dns cache-size
<1-1000>
| domain
<NAME>
server
<A.B.C.D>
<X:X:X:X::X>
| ignore-hosts-file | listenaddress
<A.B.C.D> <X:X:X:X::X>
| negative-ttl
<0-7200>
] |
[
domain lookup
] |
[
domain-name
<WORD>
] |
[
extcommunity-list expanded
<100-500>
<1-65535>
deny
<TEST>
| permit
<LINE>
| standard
<1-99> <1-65535>
deny rt | soo
<asn:nn>
] |
[
firewall
<name>
| all-ping enable | broadcast-ping enable | config-trap enable | ip-src-route enable | ipv6receive-redirects enable | ipv6-src-route | log-martians enable | receive-redirects enable | send-redirects enable | [sourcevalidation disable | loose | strict] | [statepolicy established accept | drop | reject] |
[invalid accept | drop | reject] |
[
related action accept | drop | reject] | syn-cookies enable | twa-hazards-protection enable
] |
Global Configuration Mode
Add an extended community list entry.
Specify a default gateway.
Exclude an address range or configure dhcp pools.
Set values for DNS server.
Enables IP Domain Name System hostname translation.
Default domain name.
Set extcommnity parameters.
rt – Route Target extended community soo – Site of Origin extended community
Configure parameters associated with the firewall.
IOLAN SCR Command Line Reference Guide
174
Global Configuration Mode
[
ftp passive | password 0
<LINE>
<WORD>
|
<LINE>
| username
<WORD>
] |
| 7
[
health profile
<WORD>
] |
[
host
<WORD> <A.B.C.D>
] |
[
host-group
<WORD>
] |
|
[
http [accounting exec
<WORD>
| default] | authentication aaa loginauthentication
<WORD>
| default] |
[client password 0
<LINE>
| 7
<WORD>
|
<LINE>
proxy-server
<WORD>
proxyport
<1-65535>
secure-trust-point
<WORD>
| username
<WORD>
| verifyserver] | [secure-port
<1024- 65535>
] |
[server] | [session-idle-timeout
<1-1440>
]
[
name-server
<A.B.C.D>
] |
[
nat inside source [any interface bvi
<1-
9999>
| | | ethernet
<1-18>
over load
| pool
<WORD> <A.B.C.D> <A.B.C.D>
<A.B.C.D>
| list
<1-2699>
| static tcp
< A.B.C.D> <0-
65535>
| inbound interface bvi
<1-9999>
|
| dot11radio | ethernet
<1-18>
|
< 0-
65535>
| udp
< A.B.C.D> <0-65535>
inbound- interface bvi
<1-9999>
| | | ethernet
<1-
18>
|
<0-65535>
] |
[
prefix-list
<WORD>
deny
<A.B.C.D>
</n | A.B.C.D>
ge | le
<1-32>
| description
<LINE>
| permit
<A.B.C.D> </n |
A.B.C.D>
ge | le
<1-32>
| seq <1-65535> deny
<A.B.C.D> </n | A.B.C.D>
ge | le
<1-
32>
| permit
<A.B.C.D> </n | A.B.C.D>
ge
| le
<1-32>
] |
Configure ftp parameters.
Passive - indicates to the server that the client will be opening the file transfer session. This option would be used if the client was behind a firewall.
Configure IP health profile.
Add a host to the host table.
Name of host list.
Provide the parameters for HTTP client connections.
Specify the address of the name server to use.
Network Address Translation.
Network address translation is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
Use NAT when your IOLAN is on a private network and your internal PCs want to browse the internet.
Add pre-list filter.
IOLAN SCR Command Line Reference Guide
175
[
route
< A.B.C.D> <A.B.C.D> < A.B.C.D>
<1-255>
| bvi
<1-9999>
| | | ethernet
<1-
5> <1-255>
dhcp | null
<1-255>
] |
[
radius source-interface bvi
<0-9999>
| cellular
<0-0>
| dialer
<0-15>
| | ethernet
<1-4 . <1-4000
> | openvpn-tunnel
<1-999>
| tunnel
<1-999>
] |
[
route
< A.B.C.D> <A.B.C.D> < A.B.C.D>
<1-255>
| bvi
<1-9999>
| | ethernet
<1-
18> <1-255>
dhcp | null
<1-255>
| table
<1-200> <A.B.C.D> <A.B.C.D> <
A.B.C.D>
| bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-4>
null | openvpn
<0-999>
| tunnel
<0-999>
|
<1-255>
| dhcp
] |
[
route-policy
<WORD
]}
[
scp password 0
<LINE>
| 7
<WORD>
|
<LINE>
| username
<WORD>
] |
[
sftp username <word> | password <0 | 7
| LINE>
] |
[
ssh authentication-retries
<0-5>
| client algorithms mac hmac hmac-sha1 | [email protected] | hmac-sha2-256
| [email protected] | hmac-sha2-512 | hmac-sha2-512 [email protected] | [email protected] | umac-
[email protected] | [email protected] | umac-
] |
[
tacacs source-interface bvi
<0-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-
4000
> | openvpn-tunnel
<1-999>
| tunnel
<1-999>
] |
[
telnet server
]}
Command Modes
Usage Guidelines
Enable and configure IP parameters.
Global Configuration Mode
Establish static routes.
Configure the source interface for
RADIUS requests.
Establish static routes.
The routing table is used with policy-routing. In policy-routing rules you can define the routing table is to used. Then policyrouting can be applied to any interface.
Route policy.
SCP configuration commands.
SFTP configuration commands.
Configure SSH options.
Configure the source interface for
TACACS requests.
Configure telnet server options.
PerleSCR(config)#ip
IOLAN SCR Command Line Reference Guide
176
Global Configuration Mode
Examples
This example sets ftp servers to use ftp passive mode when connecting to our
IOLAN.
PerleSCR(config)#ip ftp passive<cr>
Related Commands
(config-std-nacl)#
{[
<1-65535>
deny | permit
<A.B.C.D>/hostname> <A.B.C.D>/hostname>
| any | host
<A.B.C.D>/hostname>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-std-nacl)#
{[
<1-2147483647>
deny | permit
<A.B.C.D>/hostname>
<A.B.C.D>/hostname>
| any | host
<A.B.C.D>/hostname>
]}
Configure access lists.
Command Modes
PerleRouter(config-std-nacl)#
Usage Guidelines
When specifying IP address use notation as eg; 172.16.113.66
Examples
This example will specify a default domain name of TestUnit.
PerleSCR(config-std-nacl)#ip domain-name TestUnit<cr>
(config-dhcp)#
{[
address
<A.B.C.D>
hardware-address
<H.H.H>
] |
[
authoritative enable
] |
[
bootfile
<WORD>
] |
[
default-router
<A.B.C.D>/hostname
] |
[
description
<LINE>
] |
[
dns-server
<A.B.C.D>/hostname
] |
[
domain-name
<WORD>
] |
[
enable
] |
[
lease
<0-365> <0-23> <0-59>
| infinite
] |
[
network
</nn | A.B.C.D>
start
<A.B.C.D>
stop
<A.B.C.D>
] |
[
option
<1-254>
ascii
<LINE>
| hex
<hex-string>
| ip
<A.B.C.D>/hostname
] |
[
static-route
<A.B.C.D> <A.B.C.D> <A.B.C.D>
]}
IOLAN SCR Command Line Reference Guide
177
Global Configuration Mode
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-dhcp)#
{[
address
<A.B.C.D>
hardwareaddress
<H.H.H>
] |
Specify the IP address that you want to reserve for the client. This IP address will only be assigned to the client with this hardware address.
[
authoritative enable
] |
Set authoritative to enabled if this is the only DHCP server on your network. This will allow roaming clients to get a new DHCP address even if their lease has been assigned from another network and is still valid
(lease has not expired) This will prevent a client lock out situation.
[
bootfile
<filename>
] |
For the DHCP server to support client auto-configuration, you must specify the IP address or name of a TFTP server and the bootfile name.
[
default-router
<A.B.C.D>
] |
Specify the default router to use after a
DHCP client has booted. The IP address of the default router should be on the same subnet as the client.
[
description
<pool-name>
] |
Provide a description for the DHCP pool.
[
dns-server
<A.B.C.D>
] |
Specify a DNS server to use for clients using this DHCP pool. A DNS server needs to be specified if you want to browse the internet.
[
domain-name
<A.B.C.D>
] |
[
enable
] |
[
lease
<0-365> <0-23> <0-59>
| infinite
] |
If needed. specify a domain name.
Enable this dhcp pool.
Specify a lease time for client connecting using this DHCP pool.
Typically 24 lease times are suitable, however if your situation is a public hotspot then shorter time be warranted.
[
network
</nn | A.B.C.D>
start
<A.B.C.D>
stop
<A.B.C.D>
] |
[
option ascii
<string>
| hex
<hexstring>
| ip
<A.B.C.D>
] |
Specify the network, start and stop IP addresses for DHCP lease ranges.
If needed, specify DHCP options to be sent to the client. NVT ascii strig
IOLAN SCR Command Line Reference Guide
178
Global Configuration Mode
[
static-route
<A.B.C.D> <A.B.C.D>
<A.B.C.D>
]}
Command Modes
If needed, specify a static route.
PerleSCR(config)#
Usage Guidelines
When specifying IP address use notation as eg; 172.16.113.66
Examples
This example will set authoritative mode to enable.
PerleSCR(config-dhcp)#ip authoritative enable<cr>
Related Commands
(config-pbr)#
{[
description
<LINE>
| enable-default-log | rule
<1-9998>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-pbr)#
{[
description
<LINE>
| enable-defaultlog | rule
<1-9998>
]}
Configure a policy rule.
Command Modes
PerleRouter(config-pbr)#
Usage Guidelines
Use this command to create a policy rule.
Examples
This example will specify rule number 10, then enter sub menu mode.
PerleSCR(config-pbr)#rule 10<cr>
PerleSCR(config-pbr-rules)#
(config-pbr-rules)#
{[
description
<LINE>
] | [
log-enable
] | [
match [destination address
<A.B.C.D>
<A.B.C.D>
| not
<A.B.C.D> <A.B.C.D>
| start
<A.B.C.D>
stop
<A.B.C.D>
] |
[port
<1-65535>
| not
<1-65535>
| start
<1-65535>
stop
<1-65535>
] | [fragment | fragment | non-fragment] | [icmp type
<0-255>
code
<0-255>
] | [ipsec ipsec |nonipsec] | [protocol <0-255> ah | dccp | dsr | egp | eigrp | encap | esp | esp | etherip | ggp | gre | hmp | icmp | idpr | igmp | igp | ip | ipip | ipv6 | ipv6-frag | ipc6-icmp | ipv6-nonxt | ipv6-opts | ipv6-route | isis | l2tp | manet | mpls-in-ip | narp | not | osfp | pim | rdp | rohc | rsvp | sctp | sdrp | shim6 | skip | tcp | udp | udplite | vrrp | xns-idp] | [recent count
<1-255>
| time
<1-4294967295>
] | [source address
<A.B.C.D> <A.B.C.D>
| not
<A.B.C.D>
| start
<A.B.C.D>
stop
<A.B.C.D>
| mac-
IOLAN SCR Command Line Reference Guide
179
Global Configuration Mode
address
<H.H.H>
| not
<A.B.C.D>
| [state established disable | enable] | [invalid disable | enable] | [new disable | enable] | related tcp-flags ack | all | fin | psh | rst
| syn | urg | not
] | [
set action drop | dscp
<0-63>
| mark
<1-2147483647>
[routing-table
<1-200>
| main] | tcp-mss
<500-1460>
| pmtu
] | [
|
[time monthdays
<1-31>
| not
<1-31>
] | startdate month
<WORD> <1-31> <2001-2037>
|
[starttime
<hh:mm:ss>
] | stopdate month
<WORD> <1-31> <2001-2037>
| stoptime
<hh:mm:ss>
| utc | weekedays
<DAY>
| not
<DAY>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-pbr-rules)#
{[
description
<LINE>
] |
Provide a description for this policy rule.
[
log-enable
] |
[
match [destination address
<A.B.C.D>
<A.B.C.D>
| not
<A.B.C.D> <A.B.C.D>
| start
<A.B.C.D>
stop
<A.B.C.D>
] |
[port
<1-65535>
| not
<1-65535>
| start
<1-65535>
stop
<1-65535>
] | [fragment | fragment | non-fragment] | [icmp type
<0-255>
code
<0-255>
] | [ipsec ipsec
|non-ipsec] | [protocol <0-255> ah | dccp
| dsr | egp | eigrp | encap | esp | esp | etherip | ggp | gre | hmp | icmp | idpr | igmp | igp | ip | ipip | ipv6 | ipv6-frag | ipc6-icmp | ipv6-nonxt | ipv6-opts | ipv6-route | isis | l2tp | manet | mpls-inip | narp | not | osfp | pim | rdp | rohc | rsvp | sctp | sdrp | shim6 | skip | tcp | udp | udplite | vrrp | xns-idp] | [recent count
<1-255>
| time
<1-4294967295>
] |
[source address
<A.B.C.D> <A.B.C.D>
| not
<A.B.C.D>
| start
<A.B.C.D>
stop
<A.B.C.D>
| mac-address
<H.H.H>
| not
<A.B.C.D>
| [state established disable | enable] | [invalid disable | enable] | [new disable | enable] | related tcp-flags ack | all | fin | psh | rst | syn | urg | not
] |
[
set action drop | dscp
<0-63>
| mark
<1-2147483647>
| [routing-table
<1-
200>
| main] | tcp-mss
<500-1460>
| pmtu
]}
Log packet matching the rule.
Match values as define to the routing table.
Set action for policy rules.
IOLAN SCR Command Line Reference Guide
180
Global Configuration Mode
[
[time monthdays
<1-31>
| not
<1-31>
] | startdate month
<WORD> <1-31>
<2001-2037>
| [starttime
<hh:mm:ss>
] | stopdate month
<WORD> <1-31>
<2001-2037>
| stoptime
<hh:mm:ss>
| utc | weekedays
<DAY>
| not
<DAY>
]}
Command Modes
Set the time to match the rules.
PerleSCR(config-pbr-rules)#
Usage Guidelines
Use these commands to set policy rules.
Examples
This example sets the action for the packets that match this defined rule.
PerleSCR(config-prb-rules)# set action drop<cr>
This example uses policy-based routing to route all HTTP traffic protocol tcp, destination port 80 through a policy route called http-firewall.
PerleSCR(config)# ip route 0.0.0.0 0.0.0.0 10.10.200.9
PerleSCR(config)#i p route table 2 0.0.0.0 0.0.0.0 172.16.0.8
PerleSCR(config-prb)# ip route-policy http-firewall<cr>
PerleSCR(config-prb))# rule 2<cr>
PerleSCR(config-prb-rules)# set routing-table 2 <cr>
PerleSCR(config-prb-rules)# match protocol tcp <cr>
PerleSCR(config-prb-rules)# match destination port 80<cr>
PerleSCR(config)# interface ethernet 2 <cr>
PerleSCR(config)# ip address 192.168.2.1 255.255.255.0<cr>
PerleSCR(config)# ip policy route-policy http-firewall<cr>
ipv6
IPv6
{
[
access-list
<WORD>
] |
[
dhcp pool
<WORD>
] |
[
dns domain
<WORD>
server
<X:X:X:X::X>
| listen-address
<X:X:X:X::X>
] |
[
firewall
<WORD>
| ipv6-receive-redirects enable | ipv6-src-route enable | statepolicy [established action accept | drop | reject] | [invalid action accept | drop | reject] | [related accept | drop | reject]
] |
[
host
<WORD>
|
<X:X:X:X::X>
] |
[
name-server
<X:X:X:X::X>
] |
[
prefix-list
<WORD>
] |
[
radius source-interface bvi
<1-9999>
| | dialer
<0-15>
| ethernet
<1-18>
.
<1-
4000>
openvpn-tunnel
<0-999>
tunnel
<0-999>
]
|
[
route
<A.B.C.D> <A.B.C.D>
| bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-
18>
.
<1-4000>
| open-vpn-tunnel
<0-999>
| tunnel
<0-999> <X:X:x:X::X <1-
255>
] |
IOLAN SCR Command Line Reference Guide
181
Global Configuration Mode
[
route-policy
<WORD>
] |
[
router osfp | rip
] |
[
tacacs source-interface bvi
<1-9999>
| | dialer
<0-15>
| ethernet
<1-18>
.
<1-
4000>
openvpn-tunnel
<0-999>
tunnel
<0-999>
] |
[
unicast-routing
]}
Syntax Description ipv6
{[
access-list
<WORD>
]
|
Set the access list to use.
[
dhcp pool
<WORD>
]
|
[
dns domain
<WORD>
server
<X:X:X:X::X>
| listen-address
<X:X:X:X::X>
] |
Set the dhcp pool to use.
Set DNS domain parameters.
[
firewall
<WORD>
| ipv6-receive-redirects enable | ipv6-src-route enable | statepolicy [established action accept | drop | reject] | [invalid action accept | drop | reject] | [related accept | drop | reject]
]
|
[
host
<WORD>
|
<X:X:X:X::X>
]
|
[
name-server
<X:X:X:X::X>
]
|
Firewall options.
Configure static host names
Specify the address of the name server to use.
[
prefix-list
<WORD>
] |
[
radius source-interface bvi
<1-9999>
| | dialer
<0-15>
| ethernet
<1-18>
.
<1-
4000>
openvpn-tunnel
<0-999>
tunnel
<0-
999>
]
|
[
route
<A.B.C.D> <A.B.C.D>
| bvi
<1-
9999>
| | dialer
<0-15>
| | ethernet
<1-
18>
.
<1-4000>
| open-vpn-tunnel
<0-999>
| tunnel
<0-999> <X:X:x:X::X <1-255>
] |
[
route
<A.B.C.D> <A.B.C.D>
| bvi
<1-
9999>
| | dialer
<0-15>
| | ethernet
<1-
18>
.
<1-4000>
| open-vpn-tunnel
<0-999>
| tunnel
<0-999> <X:X:x:X::X <1-255>
] |
[
route-policy
<WORD>
] |
[
router osfp | rip
] |
IP prefix-list filter.
RADIUS configuration parameters.
Establish static routes.
IPV6 route policy.
Enable a IPV6 routing process.
IOLAN SCR Command Line Reference Guide
182
Global Configuration Mode
[
tacacs source-interface bvi
<1-9999>
| | dialer
<0-15>
| ethernet
<1-18>
.
<1-
4000>
openvpn-tunnel
<0-999>
tunnel
<0-
999>
] |
[
unicast-routing
]}
Usage Guidelines
Set IPv6 parameters.
Examples
This example sets the DHCP to pool name.
PerleSCR(config)# ipv6 dhcp pool ipv6pool1<cr>
TACACS configuration parameters.
Enable unicast routing.
Related Commands
(config--ipv6-acl)#
<1-65535>
] |
[
deny
| <X:X:X:X::X/0-128 |any>
] |
[
permit
<X:X:X:X::X/0-128 | any>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config--ipv6-acl)#
<1-65535>
] |
[
deny
<X:X:X:X::X/0-128 | any>
exactmatch
] |
[
permit
<X:X:X:X::X/0-128 | any>
exactmatch
] |
Command Modes
Specify the sequence number.
Deny specified packets.
Deny specified packets.
PerleRouter(config-ipv6-acl)#
Usage Guidelines
Configure network packets to deny or permit using Access Control List.
Examples
This example will deny packets from this network.
PerleSCR(config-ipv6-acl# deny 172.16.0.0/16 exact-match<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
183
Global Configuration Mode
(dhcpv6-config)#
{[
address prefix
<X:X:X:X::X/0-128>
] |
[
dns-server
<X:X:X:X::X>
|
[
domain-name
<WORD>
] |
[
host
<WORD>
] |
[
lifetime default
<0-4294967294>
maximum
<0-4294967294>
minimum
<0-
4294967294>
] |
[
nis address
<X:X:X:X::X>
| domain-name
<WORD>
] |
[
nisp address
<X:X:X:X::X>
| domain-name
<WORD>
] |
[
sip address
<X:X:X:X::X>
| domain-name
<WORD>
] |
[
sntp address
<X:X:X:X::X>
] |
[
subnet
<X:X:X:X::X/<1-128>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(dhcpv6-config)#
{[
address prefix
<X:X:X:X::X/0-128
] |
Specify the IPv6 address prefix.
[
dns-server
<X:X:X:X::X>
|
Specify a DNS server to use for clients using this DHCP pool. A
DNS server needs to be specified if you want to browse the internet.
If needed. specify a domain name.
[
domain-name
<WORD>
] |
[
host
<WORD>
] |
[
lifetime default
<0-4294967294>
maximum
<0-4294967294>
minimum
<0-
4294967294>
]
[
nis address
<X:X:X:X::X>
| domain-name
<WORD>
] |
Configure lifetime prefixes.
Configure the address and domain name of your nis server.
[
nisp address
<X:X:X:X::X>
| domainname
<WORD>
] |
[
sip address
<X:X:X:X::X>
| domain-name
<WORD>
] |
[
sntp address
<X:X:X:X::X>
] |
Configure the address and domain name of your nisp server.
Configure the address and domain name of your sip server.
Configure the address of your
SNTP server.
IOLAN SCR Command Line Reference Guide
184
Global Configuration Mode
[
subnet
<X:X:X:X::X/<1-128>
]}
Command Modes
PerleSCR(config)#
Usage Guidelines
Configure IPv6 DHCP paramters.
Examples
This example will set the dns-server address to 1:2:3:4:5::6.
PerleSCR(dhcpv6-config)#dns-server 1:2:3:4:5::6<cr>
Related Commands
(config-fw6)#
{[
default-action accept | drop | reject
] |
[
description
<LINE>
] |
[
enable-default-logfile
] |
[
rule
<1-9999>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-fw6)#
{[
default-action accept | drop | reject
] |
[
description
<LINE>
] |
[
enable-default-logfile
] |
Default action for firewall rules.
Description for the firewall rules.
Log packets matching default action.
[
rule
<1-9999>
]}
Create rules, go into submenu.
Command Modes
PerleSCR(config-fw6)#
Usage Guidelines
Configure IPv6 firewall options.
Examples
This example will set default action for firewall rules.
PerleSCR(config-fw6)# default-action drop<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
185
Global Configuration Mode
(config-fw6-rules)#
{[
description
<WORD>
] |
[
disable
] |
[
log-enable
] |
[
match destination [address
<X:X:X::X/0-128>
| not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | port <1-65535> not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | [fragment fragment | non-fragment] | icmp type
<0-255>
code
<0-255>
| typenane address-unreachable | bad-header | communication-prohibited | destination-unreachable | echo-reply | echo-request
| neighbour-advertisement | neighbour-solicitation | no-route | packet-too-big | parameter-problem | port-unreachable | route-advertisement | routersolicitation | time-exceeded | ttl-zero-during-reassembly | ttl-zero-during-transit | unknown-header-type | unknown-option] | ipsec ipsec | non-ipsec | [protocol <0-
255> | ah |dccp |dsr | egp | eigrp | encap | esp | etherip | ggp | gre | hmp | icmp |
[
idpr | igmp | igp | p | ipip | ipv6 | ipv6-frag | ipv6-icmp | ipv6-nonxt | ipv6-opts | ipv6-route | isis | l2tp | manet | mpls-in-ip | narp | not | ospf pim | rdp | roho |rvsp
| sctp | sdrp | shim6 | skip | tcp | udp | udplite |vrrp | xnc-idp] | [recent count
<1-
255>
| time
<1-4294967295>
] |
source
address
<X:X:X::X/0-128>
| not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | [mac-address
<H.H.H>
not
<H.H.H>
] | [port
<1-65535>
| not
<1-65535>
| start
<1-65535>
|
stop <1-
65535>
] | state [established disable | enable] | [invalid disable | enable] | [new enable | disable] | [related disable | enable] | tcp-flags ack | all | fin | psh | rst | syn
|urg | not ack | all | fin | psh | rst | syn | urg]
[ set action drop | dscp
<0-63>
| mark
] |
<1-2147483647>
| routing table
<1-200>
| main | tcp-mss
<500-1460>
| pmtu
] |
[
time monthdays
<1-31>
| not
<1-31>
] | startdate
<MONTH> <1-31> <2001-
2037>
| stopdate
<MONTH> <1-31> <2001-2037>
| starttime stoptime
<hh:mm:ss>
| utc | weekdays
<DAY>
| not
<DAY>
]
<hh:mm:ss>
]}
Use the no form of this command to negate a command or set its defaults.
|
Syntax Description
(config-fw6-rules)#
{[
description
<WORD>
] |
Configure a description for the policy rule.
[
disable
] |
[
log-enable
] |
Disable the policy rule.
Log packet matching the rule.
IOLAN SCR Command Line Reference Guide
186
Global Configuration Mode
[
match destination [address
<X:X:X::X/0-
128>
| not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | port <1-
65535> not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | [fragment fragment | non-fragment] | icmp type
<0-
255>
code
<0-255>
| typenane addressunreachable | bad-header | communicationprohibited | destination-unreachable | echoreply | echo-request | neighbouradvertisement | neighbour-solicitation | noroute | packet-too-big | parameter-problem
| port-unreachable | route-advertisement | router-solicitation | time-exceeded | ttl-zeroduring-reassembly | ttl-zero-during-transit
| unknown-header-type | unknown-option] | ipsec ipsec | non-ipsec | [protocol <0-255> | ah |dccp |dsr | egp | eigrp | encap | esp | etherip | ggp | gre | hmp | icmp | idpr | igmp | igp | p | ipip | ipv6 | ipv6-frag | ipv6icmp | ipv6-nonxt | ipv6-opts | ipv6-route | isis | l2tp | manet | mpls-in-ip | narp | not | ospf pim | rdp | roho |rvsp | sctp | sdrp |
| shim6 | skip | tcp | udp | udplite | | xnc-idp]
[recent count
<1-255>
| time
<1-
4294967295>
] |
source
address
<X:X:X::X/0-128>
| not
<X:X:X::X/0-128>
| start
<X:X:X::X>
stop
<X:X:X::X>
] | [macaddress
<H.H.H>
not
<H.H.H>
] | [port
<1-
65535>
| not
<1-65535>
| start
<1-65535>
|
stop <1-65535>
] | state [established disable | enable] | [invalid disable | enable] | [new enable | disable] | [related disable | enable] | tcp-flags ack | all | fin | psh | rst | syn |urg | not ack | all | fin | psh | rst | syn | urg]
] |
[
[ set action drop | dscp
<0-63>
| mark
<1-
2147483647>
| routing table
<1-200>
| main
| tcp-mss
<500-1460>
| pmtu
] |
[
time monthdays
<1-31>
| not
<1-31>
] | startdate
<MONTH> <1-31> <2001-2037>
| stopdate
<MONTH> <1-31> <2001-2037>
| starttime
<hh:mm:ss>
| stoptime
<hh:mm:ss>
| utc | weekdays
<DAY>
| not
<DAY>
]
]}
Match the values from the routing table.
Packet modifications.
Time parameters.
IOLAN SCR Command Line Reference Guide
187
Global Configuration Mode
Command Modes
Usage Guidelines
Set up firewall rules for IPv6.
Examples
This example will set the action for matched packets.
PerleSCR(config-fw6-rules)# set action accept<cr>
PerleSCR(config-fw6-rules)#
Related Commands
key
{[
chain
< WORD
]}
Syntax Description
{[
chain
< WORD
]}
Command Default
Command Modes key
Key-chain management.
PerleSCR#(config)# key
Usage Guidelines
A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each message, and plain text is vulnerable to snooping.
Examples
This example create key chain 1, then go into sub menu key.
PerleSCR(config)#key chain key1<cr>
Related Commands
(config-key)#
{[
key
<1-2147483647
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-key)#
{[
key
<1-2147483647
]}
Specify a number for this key.
Command Modes
PerleSCR#(config-key)# key
IOLAN SCR Command Line Reference Guide
188
Global Configuration Mode
Usage Guidelines
This command is used in conjunction with (config-keychain-key) to set a key string.
Examples
Specify a key number.
PerleSCR(config-key)# key 250<cr>
Related Commands
(config-keychain-key)#
{[
string
<0 | 7 | WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-keychain-key)#
{[
string
<0 | 7 | WORD>
]}
Sets key string
0 – specifies an unencrypted password
7 – specifies a hidden password with follow
WORD - the unencrypted
(cleartext) user password.
Command Modes
PerleSCR(config-keychain-key)
#string
Usage Guidelines
Specify a password for keychain.
Examples
Specify a password for key chain.
PerleSCR(config-keychain-key)# string password123<cr>
Related Commands
l ine line
{[
console
<0-0 >
|
tty
< 1-2>
|
vty
<0-15>
]}
Syntax Description line
Command Modes
PerleSCR#(config)#line
IOLAN SCR Command Line Reference Guide
189
Global Configuration Mode
Usage Guidelines
Use this command to change to line mode.
Examples
Configure line parameters.
Related Commands
logging logging
{[
<hostname> | <A.B.C.D>
] |
[
[
alarm
<2-3>
buffered
| major | minor
<0-7>
|
] |
<4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
|
[
console
<0-7>
|
<4096-32768>
| alert | critical] | debugging | emergencies | errors
| informational | notifications | warnings
] |
[
delimiter tcp
] |
[
facility auth | cron | daemon | kern | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | lpr | mail | news | sys10 | sys11 | sys12 | sys13 | sys14 | sys9
| syslog | user | ucp
] |
[
file flash:
<filename> <0-7>
|
<4096-32768>
| alert | critical | debugging | emergencies | errors | informational | notifications | warnings
] |
[
host
<A.B.C.D>
transport tcp port
<1-65535>
| udp port
<1-65535>
] |
[
monitor
<0-7> | <4096-32768>
| alert | critical] | debugging | emergencies |
] |
errors | informational | notifications | warnings
[
on
] |
[
origin-id hostname | ip | ipv6 | string
] |
[
rate-limit
<1-10000>
except
<0-7> | <4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
] |
[
source interface bvi
<1-9999>
| | ethernet
<1-18>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
] |
[
trap
<0-7> | <4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description logging
{[
<hostname> | <A.B.C.D>
] |
Specify the address of the logging host.
IOLAN SCR Command Line Reference Guide
190
Global Configuration Mode
[
alarm
<2-3>
| major | minor
] |
[
buffered
<0-7>
|
<4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
] |
[
console
<0-7> | <4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
] |
[
delimiter tcp
] |
[
facility auth | cron | daemon | kern | local0 | local1 | local2 | local3 | local4 | local5 | local6
| local7 | lpr | mail | news | sys10 | sys11 | sys12 | sys13 | sys14 | sys9 | syslog | user | ucp
] |
[
file flash:
<filename> <0-7>
|
<4096-32768>
| alert | critical | debugging | emergencies | errors | informational | notifications | warnings
] |
[
host
<A.B.C.D>
transport tcp port
<
1-
65535>
| udp port
<
1-65535>
] |
[
monitor
<0-7> | <4096-32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
] |
[
on
] |
[
origin-id hostname | ip | ipv6 | string
] |
[
rate-limit
<1-10000>
except
<0-7>
|
<4096-
32768>
| alert | critical] | debugging | emergencies | errors | informational | notifications | warnings
] |
[
source interface bvi
<1-9999>
| | ethernet
<1-18>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
] |
Set severity alarm level.
major – immediate action needed (severity 2) minor – minor warning conditions (severity 3)
Set buffered logging parameters.
Set console logging parameters.
Append delimiter to syslog messages.
Set facility parameter for syslog messages.
Set file logging parameters.
Set the syslog server IP address and parameters.
Set terminal line (monitor) logging parameters.
Enable logging to all enabled destinations.
Add origin ID to syslog messages.
Set message per second limit.
Set the interface for source address in logging transactions.
IOLAN SCR Command Line Reference Guide
191
Global Configuration Mode
[
trap
<0-7>
|
<4096-32768>
| alert | critical]
| debugging | emergencies | errors | informational | notifications | warnings
]}
Command Default
Set syslog server logging level.
Command Modes
Usage Guidelines
Enable logging setting.
Examples
This example will enable logging to the host 172.16.55.88.
PerleSCR(config)#logging 172.16.55.88<cr> logging buffered 4096 debugging logging console debugging logging monitor debugging
PerleSCRconfig)#logging
Related Commands
login login
[
on-failure every
<1-65535>
| log every
<1-65535>
| trap every
<1-65535>
]
|
on-success every
<1-65535>
| log every
<1-65535>
| trap every
<1-65535>
]}
Syntax Description login
[
on-failure every
<1-65535>
| log every
<1-
65535>
| trap every
<1-65535>
] |
Set options for failed login attempt.
[
on-success every
<1-65535>
| log every
<1-65535>
| trap every
<1-65535>
]}
Set options for successful login attempt.
Command Modes
PerleRouter(config)#login
Usage Guidelines
Set parameters for users login in attempts.
Examples
This example will log failed login attempts.
PerleSCR(config)#login on-failure<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
192
Global Configuration Mode
management-access management-access
{[
enable
] | [
from-lan
] | [
from-wan
]}
Syntax Description management-access
{[
enable
] |
Enable management access.
[
from-lan
] |
Allow management access from
LAN devices.
[
from-wan
]}
Allow management access from
WAN devices.
Command Default
Command Modes
All management access methods are enabled for LAN by default.
All management access methods are disabled for WAN by default.
PerleSCR(config)#managementaccess<cr>
Usage Guidelines
This command allows you to set per interface the management access methods for that interface.
Management Methods are:
Enable – all management Access methods for this interface
HTTP – Enable HTTP (Web) management Access for this interface
HTTPS – Enable HTTPS (Web) management access for this interface
Telnet – Enable Telnet management access for this interface
SSH – Enable SSH management access for this interface
SNMP – Enable SNMP management access for this interface
Examples
This example sets management access HTTPS off for interface Ethernet 1.
PerleSCR>enable<cr>
PerleSCR#config<cr>
PerleSCR#management-access from-LAN<cr>
Related Commands
(management-access-LAN)#
{[
http enable
] | [
https enable
] | [
snmp enable
] | [
ssh enable
] | [
telnet enable
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(management-access-LAN)#
IOLAN SCR Command Line Reference Guide
193
Global Configuration Mode
[
[
[
[
http enable https enable snmp enable ssh enable
] |
|
]
] |
|
Enable devices connected from the
LAN side with Role set to LAN to use HTTP to connect to the router.
Enable devices connected from the
LAN side with Role set to LAN to use HTTPS to connect to the router.
Enable devices connected from the
LAN side with Role set to LAN to use HTTPS to connect to the router.
Enable devices connected from the
LAN side with Role set to LAN to use ssh to connect to the router.
[
telnet enable
]}
Command Default
Enable devices connected from the
LAN side with Role set to LAN to use telnet to connect to the router.
All methods are enabled on the
LAN side. All methods are disabled on the WAN side.
Command Modes
PerleSCR#management-accesslan<cr>
Usage Guidelines
Set protocols to allow entry from the LAN side to manage the IOLAN.
Examples
This example sets management access telnet for LAN devices.
PerleSCR(config)#management-access--lan<cr>
PerleSCR(management-access-lan)#telnet enable<cr>
Related Commands
(management-access-WAN)#
{[
http enable
] | [
https enable
] | [
snmp enable
] | [
ssh enable
] | [
telnet enable
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(management-access-WAN)#
{[
http enable
|
Enable devices connected from the
WAN side with Role set to WAN to use HTTP to connect to the router.
IOLAN SCR Command Line Reference Guide
194
Global Configuration Mode
[
[
[
[
https enable snmp enable ssh enable
]
telnet enable
|
]
]
]}
|
|
Enable devices connected from the
WAN side with Role set to WAN to use HTTPS to connect to the router.
Enable devices connected from the
WAN side with Role set to WAN to use SNMP to connect to the router.
Enable devices connected from the
WAN side with Role set to WAN to use ssh to connect to the router.
Enable devices connected from the
WAN side with Role set to WAN to use telnet to connect to the router.
All protocols are disabled.
Command Default
Command Modes
PerleSCR>enable <cr>
PerleRouter#config <cr>
PerleRouter(config)#managementaccessfrom-lan<cr>
Usage Guide
Set protocols to allow entry from the LAN side to manage the IOLAN.
Examples
Specify management access for wan devices using ssh.
PerleSCR(config)# management-access from-wan<cr>
PerleSCR(config-management-access-WAN)# ssh enable<cr>
Related Commands
nat66 nat66
{[
prefix outside
]}
<X:X:X:X::X:X>
/
<0-128>
inside
<X:X:X:X::X:X>
999>
| tunnel
<0-999>
Use the no form of this command to negate a command or set its defaults.
/
<0-
128>
outside-interface bvi
<0-9999>
| | ethernet
<1-18>
| openvpn-tunnel
<0-
Syntax Description nat66
IOLAN SCR Command Line Reference Guide
195
Global Configuration Mode
{[
prefix outside
<X:X:X:X::X:X>
/
<0-128>
inside
<X:X:X:X::X:X>
/
<0-128>
outsideinterface bvi
<0-9999>
| | ethernet
<1-18>
| openvpn-tunnel
<0-999>
| tunnel
<0-
999>
]}
Set parameters for NAT66.
Command Modes
PerleSCR(config)# nat66
Usage Guidelines
NAR66 is used to map one IPv6 address prefix to another IPv6 address prefix as each
IPv6 packets transits the entry from the
IOLAN.
Use NAT when your
IOLAN is on a private network and your internal PCs want to browse the Internet
.
Related Commands
ntp ntp
{[
authentication
] |
[
authentication-key
<1-65534>
md5
<WORD> <0 | 7>
] |
[
broadcastdelay
<1-999999>
] |
[
logging
] |
[
master
<1-15>
] | [
peer
<A.B.C.D> <WORD> <X:X:X:X::X>
ip
<
hostname-ofpeer>
ipv6
<
hostname-of-peer>
| key
<1-65534>
| maxpoll
<4-17>
| minpoll
<4-
17>
| prefer | version
<1-4>
] |
[
server
<A.B.C.D> <WORD> <X:X:X:X::X>
ip
<
hostname-of-peer>
ipv6
<
hostname-of-peer>
| key
<1-65534>
| maxpoll
<4-17>
| minpoll
<4-17>
| prefer | version
<1-4>
] |
[
trusted-key
1-65534
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description ntp
[
authentication
] |
The time sources must authenticate with each other before synchronizing clock time.
[
authentication-key
<1-65534>
md5
<WORD> <0 | 7>
] |
When authentication is enabled, the configured authentication key must be exchanged between time sources before clock synchronizing can begin.
0 – unencrypted key
7 – encrypted key
IOLAN SCR Command Line Reference Guide
196
[
[
[
broadcastdelay logging master
] |
<1-15>
] |
<1-999999>
] |
[
peer
<A.B.C.D> <WORD> <X:X:X:X::X>
ip
<WORD>
ipv6
<WORD>>
| key
<1-
65534>
| maxpoll
<4-17>
| minpoll
<4-17>
| prefer | version
<1-4>
] |
Global Configuration Mode
By default, the router will set broadcast delay to Autonegotiate. Select the autonegotiate broadcast delay off if you wish to set your own broadcast delay time in microseconds. Broadcast delay time is the estimated round-trip delay between the broadcast
NTP server and the router.
Log NTP messages to the router’s internal log.
Select this router as the master source clock. The stratum defines how far away the clock is away from the Authoritative
Time Source.
The highest stratum is 1. It is reserved for atomic clocks, GPS clocks or radio clock which generates a very accurate time.
This type of time source is defined as the “Authoritative time source”. The stratum defines how many hops a node is from the “authoritative time source”. Stratum x nodes are synchronized to stratum x‐1 nodes.
Stratum numbers range from 1 to
15.
Configure the IPv4/IPv6 address or hostname of the NTP peer that you will be getting the clock from. Select prefer to use this
NTP source over another. A preferred peer's responses are discarded only if they vary greatly from the other time sources. Otherwise, the preferred peer is used for synchronization without consideration of the other time sources.
IOLAN SCR Command Line Reference Guide
197
Global Configuration Mode
[
[
server
<A.B.C.D> <WORD>
<X:X:X:X::X>
ip
<WORD>
ipv6
<WORD>>
| key
<1-65534>
| maxpoll
<4-
17>
| minpoll
<4-17>
| prefer | version
<1-
4>
] |
trusted-key
1-65534
Command Modes
]}
Configure the IPv4/IPv6 address or hostname of the NTP peer that you will be getting the clock from. Select prefer to use this
NTP source over another. A preferred server’s responses are discarded only if they vary greatly from the other time sources. Otherwise, the preferred server is used for synchronization without consideration of the other time sources.
Changes to the polling interval is not recommended and is discouraged. NTP dynamically selects the optimal poll interval between the values of minpoll and maxpoll, which defaults to
64 and 1024 seconds respectively and are correct for most environments.
Shorter values are used to correct large errors and larger values are to refine accuracy.
Default is Minimum poll 64.
Versions 1-4 are supported
Configure a trusted key to be used for trusted time sources.
PerleSCR>enable <cr>
PerleSCR#config t<cr> erleSCR(config)#ntp
Usage Guidelines
Network Time Protocol (NTP) is used as a method of distributing and maintaining synchronization of time information between nodes in a network. NTP server uses
UTC (Universal Coordinated Time). When initially launched, it can take NTP as much as 5 minutes to obtain an accurate time.This is due to the algorithm used to determine what NTP master(s) the IOLAN should synchronize with. NTP will not synchronize with nodes whose time is significantly off even if its stratum is lower.
During this “settling” period, the router may not have the correct time. NTP can usually achieve time synchronization between two systems in the order of a few milliseconds. This can be achieved with a time transmission rate of as little as one packet per minute.
IOLAN SCR Command Line Reference Guide
198
Global Configuration Mode
Examples
PerleSCR(config)# ntp server 172.16.4.181<cr>
23:40:31: %NTPD-5: ntpd [email protected] Wed May 18 14:33:49 UTC 2016
(10): Starting
23:40:31: %NTPD-6: Command line: ntpd -n -g
23:40:31: %RSYSLOGD-6:LOGGINGHOST_STARTSTOP: Logging to UDP host
172.16.55.88 port 514 started
23:40:31: %NTPD-6: proto: precision = 3.840 usec (-18)
23:40:31: %NTPD-6: Listen and drop on 0 v6wildcard [::]:123
23:40:31: %NTPD-6: Listen and drop on 1 v4wildcard 0.0.0.0:123
23:40:31: %NTPD-6: Listen normally on 2 lo 127.0.0.1:123
23:40:31: %NTPD-6: Listen normally on 3 Vl1 172.16.113.77:123
23:40:31: %NTPD-6: Listen normally on 4 lo [::1]:123
23:40:31: %NTPD-6: Listen normally on 5 Gi2 [fe80::6ac9:bff:fec1:58da%4]:123
23:40:31: %NTPD-6: Listen normally on 6 Gi1 [fe80::6ac9:bff:fec1:58d9%3]:123
23:40:31: %NTPD-6: Listen normally on 7 eth0 [fe80::6ac9:bff:fec1:58d8%2]:123
23:40:31: %NTPD-6: Listening on routing socket on fd #38 for interface updates
23:40:31: %NTPD-3: Unable to listen for broadcasts, no broadcast interfaces available
23:40:31: %NTPD-6: 0.0.0.0 c01d 0d kern kernel time sync enabled
23:40:31: %NTPD-6: 0.0.0.0 c012 02 freq_set kernel 0.000 PPM
23:40:31: %NTPD-6: 0.0.0.0 c011 01 freq_not_set
23:40:31: %NTPD-6: 0.0.0.0 c016 06 restart
Examples
PerleSCR(config)# ntp status <cr>
Clock is synchronized, stratum 12, reference is 172.16.4.180
Precision is 2**-18 s
Reference time is dae84dc5.33013328 (Thu, May 19 2016 10:35:49.199)
Clock offset is 7.595002 msec, root delay is 0.439 msec
Root dispersion is 7956.293 msec
Related Commands
Feature Details / Application Notes
power-supply
{[
dual
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description power-supply
{[
dual
]} |
Enable monitoring of dual power supplies
Command Modes
PerleSCR(config)#power-supply
IOLAN SCR Command Line Reference Guide
199
Global Configuration Mode
Examples
To enable monitoring of both power supplies.
PerleSCR(config)# power-supply dual<cr>
radius radius
{[
server
<radius-server-name>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description radius server
{[
server
<radius-server-name>
]}
Specify the name of the Radius server
Command Modes
PerleSCR(config)#radius
Examples
This example shows you set the radius server name.
PerleSCR(config)# radius server testrad<cr>
Related Commands
(config-radius-server)#
{[
address ipv4
<A.B.C.D>
acct-port
<0-65536> |
auth-port
<0-65536>
] | [
key 0 |
7 |
<word>
] | [
retransmit
<1-100>
] | [
timeout
<1-1000>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-radius-server)#
{[
address ipv4
<A.B.C.D>
acct-port
<0-
65536> |
auth-port
<0-65536>
] |
[
key 0 | 7 |
<word>
] |
Specify the Radius server address.
Specify an encryption key to be shared with the Radius servers.
retransmit
<1-100>
]
Specify the number of retries to the active server
[
timeout
<1-1000>
]}
Specify the time to wait for
Radius server to reply.
Command Modes
PerleSCR(config)#
IOLAN SCR Command Line Reference Guide
200
IOLAN SCR Command Line Reference Guide
Global Configuration Mode
Examples
This example sets the timeout to 5 minutes for a predefined Radius server.
PerleSCR(config-radius-server)# timeout 5<cr>
Related Commands
radius-server radius-server
100>
] |
timeout
{[
deadtime <1-1440>
<1-1000>
]}
] | [
key 0 | 7 |
<word>
] | [
retransmit
Use the no form of this command to negate a command or set its defaults.
<1-
Syntax Description radius-server
{[
deadtime <1-1440>
] |
Specify a time to stop using a server that doesn’t respond.
[
key 0 | 7 |
<word>
] |
Specify the encryption key to be shared with the Radius servers.
[
retransmit
<1-100>
] |
Number of times to try to connect the radius server.
Default is 3.
timeout
<1-1000>
]}
Wait time for the radius server to respond. Default is 5 seconds.
Command Modes
PerleSCR(config)#
Usage Guidelines
These are the global parameters for Radius. You can set some of these parameter for each Radius server separately.
Examples
This example shows you how to set deadtime of 5 minutes.
PerleSCR(config)#radius-server deadtime 5<cr>
Related Commands
router-map router-map
{[<
WORD> <1-65535>
deny
<1-65535>
| permit
<1-65535>
]}
201
Global Configuration Mode
Use the no form of this command to negate a command or set its defaults.
Syntax Description router-map
{[
WORD> <1-65535>
deny | permit
]}
Insert, delete, deny or permit from existing route map table.
Command Modes
PerleRouter(config)#router-map
Usage Guidelines
Create route maps or enter route map command mode.
Examples
This example creates a route map called test-route.
PerleSCR(config)#route-map test-route<cr>
Related Commands
(config-route-map)#
{
[
call
<WORD>
] |
[
continue
<1-65535>
[
description
<LINE>
] |
] |
[
match | as-path
<WORD>
| community
<1-500>
| extcommunity
<1-500>
| interface bvi
<1-9999>
| dialer
<0-15>
| ethernet
<1-18> . <1-4000>
| openvpntunnel
<0-999>
| tunnel
<0-999>
| [ip address
<1-199>
|
<1300-2699>
| prefix-list]
| [ipv6
<WORD>
| prefix-list] | metric
<1-4294967295>
| [origin egp | igp | unknown] | peer
<A.B.C.D>
| tag
<1-65535>
] |
[
on-match goto <1-65535> | next
] |
[
set aggregator as
<1-4294967295> <A.B.C.D>
| as-path exclude
<1-4294967295>
| prepend
<1-4294967295>
| atomic -aggregate | comm-list
<1-500>
delete |
[community
<1-4294967295> | <AA:NN>
| internet | local-as | no-advertise | no export] | extended-community rt
<AA:NN>
| soo
<AA:NN>
| ip nexthop
<A.B.C.D>
| [ipv6 nexthop global
<X:X:X:X::X>
| local
<X:X:X:X::X>
] | localpreference
<0-4294967295>
| metric
<1-4294967295>
| [metric-type
type-1 | type-
2
] | [origin epg | igp | unknown] | originator-id
<A.B.C.D>
| src
<A.B.C.D>
| tag
<1-65535>
| weight
<0-4294967295>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-route-map)#
{
[
call
<WORD>
] |
Jump to another route-map after match-set
IOLAN SCR Command Line Reference Guide
202
Global Configuration Mode
[
continue
<1-65535>
] |
[
match | as-path
<WORD>
| community
<1-500>
| extcommunity
<1-500>
| interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpntunnel
<0-999>
| tunnel
<0-999>
| [ip address
<1-199>
|
<1300-2699>
| prefixlist] | [ipv6
<WORD>
| prefix-list] | metric
<1-4294967295>
| [origin egp | igp | unknown] | peer
<A.B.C.D>
| tag
<1-
65535>
] |
[
on-match goto <1-65535> | next
] |
[
set aggregator as
<1-4294967295>
<A.B.C.D>
| as-path exclude
<1-
4294967295>
| prepend
<1-4294967295>
| atomic -aggregate | comm-list
<1-500>
delete | [community
<1-4294967295> |
<AA:NN>
| internet | local-as | noadvertise | no export] | extendedcommunity rt
<AA:NN>
| soo
<AA:NN>
| ip nexthop
<A.B.C.D>
| [ipv6 nexthop global
<X:X:X:X::X>
| local
<X:X:X:X::X>
] | local-preference
<0-
4294967295>
| metric
<1-4294967295>
|
[metric-type
type-1 | type-2
] | [origin epg | igp | unknown] | originator-id
<A.B.C.D>
| src
<A.B.C.D>
| tag
<1-65535>
| weight
<0-
4294967295>
]}
Command Modes
Continue on a different entry within the route-map.
Match values from routing table.
Exit policy on matches.
Set values in destination routing protocol.
PerleSCR(config-route-map)#
Usage Guidelines
Set up route map configuration parameters.
Examples
This rule defines a match rule for community list BGP 50.
PerleSCR(config-route-map)#match community 50 <cr>
Related Commands
router router
{[
bgp
<1-4294967295>
|
ospf
|
rip
]}
IOLAN SCR Command Line Reference Guide
203
Global Configuration Mode
Use the no form of this command to negate a command or set its defaults.
Syntax Description router
{[
bgp
<1-4294967295>
|
Broader Gateway Protocol (BGP) is an independent routing protocol that is used exclusively for the internet. If using your router to connect to the internet, bgp should be enabled.
[
ospf
|
Open Shortest Path First (ospf) is a protocol used to find the best paths for packets as they pass through a set of connected networks. OSFP was designed to replace the RIP protocol as it optimizes the updating up of the routing table. OSPF should be enabled on your IOLAN.
rip
]}
Routing Information Protocol
(rip). Older protocol for finding the shortest path for routing information using a routing metric/hop count algorithm. RIP should be enabled on your
IOLAN if there are older routers on your network that need to use
RIP.
Command Modes
PerleSCR(config)#
Usage Guidelines
Select the routing protocol for your IOLAN.
Examples
This example sets the routing protocol to BGP.
PerleSCR(config)# router bgp 10<cr>
Related Commands
(config-router)#
{
[
bgp [address-family ipv4 | ipv6 unicast]
] |
[
aggregate address
<A.B.C.D>
<A.B.C.D>
as-set | summary-only]
] |
[
bgp always-compare-med
|
[bestpath as-
IOLAN SCR Command Line Reference Guide
204
Global Configuration Mode
path | confed | ignore] | compare-router-id | med confed | missing-as-worst]
|
[client-to-client reflection] | cluster-id
<1-4294967295>
| confederation identifier
<1-4294967295>
|
peers
<1-4294967295> <1-4294967295>
| dampening
<1-45>
|
<1-20000>
|
<1-20000>
|
<1-255>
| deterministic-med | enforce-first-as | fastexternal-failover | graceful-restart stalepath-time
<1-3600>
| log-neighborchanges | network import-check | router-id
<A.B.C.D>
| scan-time
<5-60>
] |
[
distance
<1-255>
bgp distance
<1-255> <1-255> <1-255>
] |
[
maximum-paths <1-255> ibgp
] |
[
neighbour
<A.B.C.D> <X:X:X:X::X>
advertisement-interval
<0-600>
| allowasin
<1-10>
| asoverride | [attribute-unchanged as-path | med | next-hop] |
[capability dynamic | orf prefix-list both | receive | send] | default originate route-map
<NAME>
| description
<LINE>
| [disable-connected-check | distributed-list
<1-99>
in | out
<1300-2699>
in | out] | dont’t-capabilitynegotiate | ebgp-multihop
<1-255>
| filter-list
<WORD>
| local-as
<1-
4294967295>
no-prepend | maximum-prefix
<1-4294967295>
| next-hop-self | override-capability | passive | password
<LINE>
| port
<1-65535>
| prefix-list
<WORD>
| remote-as
<1-4294967295>
| remove-private-as | [route-map
<WORD>
in | out] | route-reflector -client | route-server-client | [sendcommunity both | extended | standard] | shutdown | soft-reconfiguration | strictcapability-match | timers connect | ttl-security | unsuppress-map | update-source
| weight
]
|
[
passive-interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
]}
] |
[
network
<A.B.C.D> <A.B.C.D>
| backdoor | route-map
<WORD>
] |
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
| route-map
<WORD>
] |
[
timers bgp
<0-65535> <0-65335>
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-router)#
{
[
bgp [address-family ipv4 | ipv6 unicast]
] |
Enter address family mode.
aggregate address
<A.B.C.D> <A.B.C.D>
asset | summary-only]
] |
Configure BGP aggregate entries.
IOLAN SCR Command Line Reference Guide
205
Global Configuration Mode
[
bgp always-compare-med
|
[bestpath aspath | confed | ignore] | compare-router-id | med confed | missing-as-worst]
|
[client-toclient reflection] | cluster-id
<1-4294967295>
| confederation identifier
<1-4294967295>
|
peers
<1-4294967295> <1-4294967295>
| dampening
<1-45>
|
<1-20000>
|
<1-20000>
|
<1-255>
| deterministic-med | enforce-first-as
| fast-external-failover | graceful-restart stalepath-time
<1-3600>
| log-neighborchanges | network import-check | router-id
<A.B.C.D>
| scan-time
<5-60>
] |
[
distance
<1-255>
bgp distance
<1-255> <1-
255> <1-255>
] |
[
maximum-paths <1-255> ibgp
] |
[
neighbour
<A.B.C.D> <X:X:X:X::X>
advertisement-interval
<0-600>
| allowas-in
<1-10>
| asoverride | [attribute-unchanged as-path | med | next-hop] | [capability dynamic | orf prefix-list both | receive | send] | default originate route-map
<NAME>
| description
<LINE>
| [disable-connectedcheck | distributed-list
<1-99>
in | out
<1300-
2699>
in | out] | dont’t-capability-negotiate | ebgp-multihop
<1-255>
| filter-list
<WORD>
| local-as
<1-4294967295>
no-prepend | maximum-prefix
<1-4294967295>
| next-hopself | override-capability | passive | password
<LINE>
| port
<1-65535>
| prefix-list
<WORD>
| remote-as
<1-4294967295>
| remove-private-as | [route-map
<WORD>
in | out] | route-reflector -client | route-serverclient | [send-community both | extended | standard] | shutdown | soft-reconfiguration | strict-capability-match | timers connect | ttlsecurity | unsuppress-map | update-source | weight
]
|
[
network
<A.B.C.D> <A.B.C.D>
| backdoor | route-map
<WORD>
] |
[
passive-interface bvi
<1-9999>
| | dialer
<0-
15>
| | ethernet
<1-18> . <1-4000>
| openvpntunnel
<0-999>
| tunnel
<0-999>
] |
Set parameters for BGP.
Define administrative distances.
Forward packets over multiple paths.
Set neighbor configuration parameters.
Specify a network to announce via BGP.
Suppress routing updates on an interface.
IOLAN SCR Command Line Reference Guide
206
Global Configuration Mode
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
| route-map
<WORD>
] |
[
timers bgp
<0-65535> <0-65335>
]}
Command Modes
Redistribute information from another routing protocol.
Adjust routing timers.
PerleSCR(config-router)#
Usage Guidelines
Set up parameters for BGP protocol.
Examples
This example sets BGP timers keepalive to 10 and hold time to 20 seconds.
PerleSCR(config)#<cr>timers bgp 10 20 <cr>
Related Commands
(config-router)#
{
[
ospf area
<0-4294967295>
|
<A.B.C.D>
authentication message-digest | default-cost
<1-6777215>
| nssa no-summary | translate |-always | translatecandidate | translate-never | range
<A.B.C.D> <A.B.C.D>
advertise | notadvertise cost
<0-16777215>
| substitute
<A.B.C.D> <A.B.C.D>
cost
<0-
16777215>
| [shortcut enable | disable | default] | stub no-summary | [virtual-link
<A.B.C.D>
authentication-key
<WORD>
| message-digest message-digest-key
<1-255>
md5
<LINE>
| null] | dead-interval
<1-65535>
| hello-interval
<1-65535>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[
auto-cost reference-bandwidth
<1-4294967>
] |
[
capability opaque
] |
[
compatibility rfc1583
] |
[
default-information originate always | metric
<0-16777214>
| metric-type
<1-2>
| route-map
<WORD>
] |
[
default-metric
<0-16777214>
] |
[
max-metric router-lsa administrative | on-shutdown
<5-86400>
| on-startup
<5-
86400>
] |
[
neighbor poll-interval
<1-65535>
| priority
<0-255>
[
network
<A.B.C.D> <A.B.C.D>
area
<0-4294967295>
[
passive-interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
route-map
<WORD>
] |
[
refresh timer
<5-1800>
] |
] |
] |
] |
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
|
IOLAN SCR Command Line Reference Guide
207
Global Configuration Mode
[
router-id
<A.B.C.D>
] |
[
timers throttle spf
<1-600000> <1-600000><1-600000>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-router)#
{
[
ospf area
<1-4294967295>
|
<A.B.C.D>
authentication message-digest | defaultcost
<1-6777215>
| nssa no-summary | translate |-always | translate-candidate | translate-never | range
<A.B.C.D>
<A.B.C.D>
advertise | not-advertise cost
<0-16777215>
| substitute
<A.B.C.D>
<A.B.C.D>
cost
<0-16777215>
| [shortcut enable | disable | default] | stub nosummary | [virtual-link
<A.B.C.D>
authentication-key
<WORD>
| messagedigest message-digest-key
<1-255>
md5
<LINE>
| null] | dead-interval
<1-65535>
| hello-interval
<1-65535>
| retransmitinterval
<1-65535>
| transmit-delay
<1-
65535>
] |
[
auto-cost reference-bandwidth
<1-
4294967>
] |
[
capability opaque
] |
[
compatibility rfc1583
] |
Specify OSPF area parameters.
Calculate OSPF interface cost according to bandwidth.
Enable opaque feature.
OSPF compatibly list.
[
default-information originate always | metric
<0-16777214>
| metric-type
<1-2>
| route-map
<WORD>
] |
[
default-metric
<0-16777214>
] |
Control distribution of default information.
Set metric of redistributed routes.
Define administrative distance.
[
max-metric router-lsa administrative | onshutdown
<5-86400>
| on-startup
<5-
86400>
] |
[
neighbor poll-interval
<1-65535>
| priority
<0-255>
] |
[
network
<A.B.C.D> <A.B.C.D>
area
<0-
4294967295>
]
Specify a neighbor router.
Specify a network to enable IP routing.
[
passive-interface bvi <1-9999> | | dialer
<0-15>
| | ethernet
< <1-18> . <1-4000>
| tunnel
<0-999>
] |
Suppress routing updates on an interface.
IOLAN SCR Command Line Reference Guide
208
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
| route-map
<WORD>
] |
[
refresh timer
<5-1800>
] |
[
router-id
<A.B.C.D>
] |
[
timers throttle spf
<1-600000> <1-
600000><1-600000>
]}
Command Modes
Usage Guidelines
Set up parameters for OSPF protocol.
Examples
This example sets opaque feature for OSPF.
PerleSCR(config)#capability opaque<cr>
Related Commands
Global Configuration Mode
Redistribute information from other routing protocol.
Adjust refresh timers.
Router ID for this OSPF process.
Adjust routing timers.
PerleSCR(config-router)#
(config-router)#
{
[
rip default-information originate
] |
[
default-metric
<1-16>
[
distance
<1-255>
] |
] |
[
distribution-list
<1-99>
in | out bvi <1-9999> | | dialer
<0-15>
| | ethernet
<1-
18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
|
<1300-2699>
in | out bvi <1-9999> | | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
prefix
<WORD>
in | out bvi <1-9999> | | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
[
neighbor
<A.B.C.D>
] |
] |
[
network
<A.B.C.D> <A.B.C.D>
] |
[
passive-interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
] |
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
| route-map
<WORD>
] |
[
timers basic
<5-2147483>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-router)#
IOLAN SCR Command Line Reference Guide
209
Global Configuration Mode
[
rip default-information originate
[
default-metric
<1-16>
] |
] |
Control distribution of default information.
Set the metric for redistributed routes.
Set the administrative distance.
[
distance
<1-255>
] |
[
distribution-list
<1-99>
in | out bvi <1-
9999> | | dialer
<0-15>
| | ethernet
<1-18>
. <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
|
<1300-2699>
in | out bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-
18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
| prefix
<WORD>
in | out bvi <1-9999> | | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-
999>
| tunnel
<0-999>
] |
[
neighbor
<A.B.C.D>
] |
[
network
<A.B.C.D> <A.B.C.D>
] |
Filter networks in routing updates.
Specify a neighbor router.
|
[
passive-interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
]
[
redistribute connected | kernel | ospf | rip | static | metric
<1-4294967295>
| route-map
<WORD>
] |
[
timers basic
<5-2147483>
]}
Enable routing on a IP network.
Suppress routing updates on an interface.
Redistribute information from other routing protocol.
Command Modes
Interval between updates for
RIP.
PerleSCR(config-router)#
Usage Guidelines
Set parameters for RIP protocol.
Examples
This example sets timer for RIP updates to every 5 minutes.
PerleSCR(config)#timers basic 5 <cr>
Related Commands
IOLAN SCR Command Line Reference Guide
210
Global Configuration Mode
router-map router-map
{[<
WORD> <1-65535>
deny
<1-65535>
| permit
<1-65535>
Use the no form of this command to negate a command or set its defaults.
]}
Syntax Description router-map
{[
WORD> <1-65535>
deny | permit
]}
Insert, delete, deny or permit from existing route map table.
Command Modes
PerleRouter(config)#router-map
Usage Guidelines
Create route maps or enter route map command mode.
Examples
This example creates a route map called test-route.
PerleSCR(config)#route-map test-route<cr>
Related Commands
(config-route-map)#
{
[
call
<WORD>
] |
[
continue
<1-65535>
[
description
<LINE>
] |
] |
[
match | as-path
<WORD>
| community
<1-500>
| extcommunity
<1-500>
| interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpn-tunnel
<0-999>
| tunnel
<0-999>
| [ip address
<1-199>
|
<1300-2699>
| prefix-list] | [ipv6
<WORD>
| prefix-list] | metric
<1-4294967295>
| [origin egp | igp | unknown] | peer
<A.B.C.D>
| tag
<1-65535>
] |
[
on-match goto <1-65535> | next
] |
[
set aggregator as
<1-4294967295> <A.B.C.D>
| as-path exclude
<1-4294967295>
| prepend
<1-4294967295>
| atomic -aggregate | comm-list
<1-500>
delete |
[community
<1-4294967295> | <AA:NN>
| internet | local-as | no-advertise | no export] | extended-community rt
<AA:NN>
| soo
<AA:NN>
| ip nexthop
<A.B.C.D>
| [ipv6 nexthop global
<X:X:X:X::X>
| local
<X:X:X:X::X>
] | localpreference
<0-4294967295>
| metric
<1-4294967295>
| [metric-type
type-1 | type-
2
] | [origin epg | igp | unknown] | originator-id
<A.B.C.D>
| src
<A.B.C.D>
| tag
<1-65535>
| weight
<0-4294967295>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-route-map)#
IOLAN SCR Command Line Reference Guide
211
Global Configuration Mode
{
[
call
<WORD>
] |
[
continue
<1-65535>
] |
[
match | as-path
<WORD>
| community
<1-500>
| extcommunity
<1-500>
| interface bvi
<1-9999>
| | dialer
<0-15>
| | ethernet
<1-18> . <1-4000>
| openvpntunnel
<0-999>
| tunnel
<0-999>
| [ip address
<1-199>
|
<1300-2699>
| prefixlist] | [ipv6
<WORD>
| prefix-list] | metric
<1-4294967295>
| [origin egp | igp | unknown] | peer
<A.B.C.D>
| tag
<1-
65535>
] |
[
on-match goto <1-65535> | next
] |
[
set aggregator as
<1-4294967295>
<A.B.C.D>
| as-path exclude
<1-
4294967295>
| prepend
<1-4294967295>
| atomic -aggregate | comm-list
<1-500>
delete | [community
<1-4294967295> |
<AA:NN>
| internet | local-as | noadvertise | no export] | extendedcommunity rt
<AA:NN>
| soo
<AA:NN>
| ip nexthop
<A.B.C.D>
| [ipv6 nexthop global
<X:X:X:X::X>
| local
<X:X:X:X::X>
] | local-preference
<0-
4294967295>
| metric
<1-4294967295>
|
[metric-type
<type-1> | <type-2>
] | [origin epg | igp | unknown] | originator-id
<A.B.C.D>
| src
<A.B.C.D>
| tag
<1-
65535>
| weight
<0-4294967295>
]}
Command Modes
Jump to another route-map after match-set
Continue on a different entry within the route-map.
Match values from routing table.
Exit policy on matches.
Set values in destination routing protocol.
PerleRouter(config-route-map)#
Usage Guidelines
Set up route map configuration parameters.
Examples
This rule defines a match rule for community list BGP 50.
PerleSCR(config-route-map)#match community 50 <cr>
Related Commands
IOLAN SCR Command Line Reference Guide
212
Global Configuration Mode
sdm sdm
{[
prefer default | dual-ipv4-and-ipv6 default
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description sdm
{[
prefer default | dual-ipv4-and-ipv6 default
]}
The sdm command is used to set IP protocols on your router.
Command Default
Command Modes
sdm perfer dual-ipv4-and-ipv6
(both IPV4 and IPV6 enabled)
PerleRouter(config)#sdm
Usage Guidelines
By default the IOLAN is set to enable both IPv4 and IPV6.
Examples
This example shows you how to set your IOLAN to IPV4 only.
PerleRouter(config)# sdm prefer default<cr>
Related Commands
serial serial
{[
accounting
<WORD>
| default
] |
[
advanced [break off | on] | data_logging_buffer_size
<1-2000>
| [flush-on-close off | on] | [line-menu-string
<WORD>
] |[monitor-connection-every
<1-32767>
] | monitor-connection-number
<1-32767>
] | monitor-connection-timeout
<1-
32767>
| single-telnet off | on]
] |
[
authentication aaa login-authentication
<WORD>
| default
] |
[
authorization exec
<WORD>
| default
] |
[
modbus gateway addr-mod embedded | re-mapped] | [broadcast on | off] | chartimeout
<10-10000>
| [exceptions off | on] | [idle-timer
<0-300>
] | [ip-aliasing off
| on] | mess-timeout
<10-10000>
| next-req-delay
<0-1000>
| port
<1-65535>
| remapped-id
<1-247>
| [req- off | on]
|
[ssl on | off]
|
[
port buffering key-stroke-buffering on | off] | mode both | local | off | remote | nsf-directory
<WORD>
| nfs-encryption off | on | [nfs-host
<A.B.C.D> <WORD>
<X:X:X:X::X>
] | syslog [level alert | critical | emergency | error | info | notice | warning] | off | on] | [time-stamp off | on] | view-port-buffer-string
<WORD>
] |
IOLAN SCR Command Line Reference Guide
213
Global Configuration Mode
[
trueport [remap 110 | 1200 | 134 | 150 | 1800 | 19200 | 200 | 2400 | 300 | 38400 |
4800 | 50 | 600 | 75 | 9600]
|
[|115200 | 1200 | 1800 | 19200 | 23400 | 2400 | 38400 |
4800 | 57600 | 600 | 9600 | custom
] |
[
vmodem-phone entry
<1-8>
phone-number
<phone -number>
| host
<A.B.C.D>
<WORD> <X:X:X:X::X> <tcp-port>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description serial
{[
accounting
<WORD>
| default
] |
Accounting parameters.
[
advanced [break off | on] | data_logging_buffer_size
<1-2000>
| [flushon-close off | on] | [line-menu-string
<WORD>
] | [monitor-connection-every
<1-
32767>
] | monitor-connection-number
<1-
32767>
] | monitor-connection-timeout
<1-
32767>
| single-telnet off | on]
] |
[
authentication aaa login-authentication
<WORD>
| default
] |
[
authorization exec
<WORD>
| default
] |
Sets advanced features for serial devices.
Default for line-menu-string is
~menu
Authentication parameters.
Authorization parameters.
[
modbus gateway addr-mod embedded | remapped] | [broadcast on | off] | char-timeout
<10-10000>
| [exceptions off | on] | [idle-timer
<0-300>
] | [ip-aliasing off | on] | mess-timeout
<10-10000>
| next-req-delay
<0-1000>
| port
<1-65535>
| remapped-id
<1-247>
| [req- off | on]
|
[ssl on | off]
] |
[
port buffering key-stroke-buffering on | off] | mode both | local | off | remote | nsf-directory
<WORD>
| nfs-encryption off | on | [nfs-host
<A.B.C.D> <WORD> <X:X:X:X::X>
] | syslog
[level alert | critical | emergency | error | info | notice | warning] | off | on] | [time-stamp off | on] | view-port-buffer-string
<WORD>
] |
[
trueport [remap 110 | 1200 | 134 | 150 | 1800 |
19200 | 200 | 2400 | 300 | 38400 | 4800 | 50 | 600
| 75 | 9600] | 115200 | 1200 | 1800 | 19200 |
23400 | 2400 | 38400 | 4800 | 57600 | 600 | 9600
| custom
] |
Sets modbus gateway parameters.
Set port buffering parameters.
Sets remap baud rates for
Trueport devices.
IOLAN SCR Command Line Reference Guide
214
Global Configuration Mode
[
vmodem-phone entry
<1-8>
phone-number
<phone -number>
| host
<A.B.C.D> <WORD>
<X:X:X:X::X> <tcp-port>
]}
Command Modes
Sets parameters for virtual modem.
PerleRouter(config)#serial
Usage Guidelines
Serial advanced feature settings
Examples
This example will set the vmodem phone number to 416-666-9900 for host
172.16.77.88.
PerleSCR(config)#serial vmodem entry 1 phone-number 416-666-9900 host
172.16.77.88.
Related Commands
service service
{[
dhcp relay-agent | server
] | [
sequence-numbers datetime | localtime | msec | showtime-zone | year
] |
uptime
] |
]}
[
timestamps log
Use the no form of this command to negate a command or set its defaults.
Syntax Description service
{[
dhcp relay-agent | server
] |
Enable dhcp server or relay agent.
[
sequence-numbers
] |
[
timestamps log datetime | localtime | msec | showtime-zone | year
]
| uptime
]}
Command Modes
Stamp the logger messages with a sequence number.
Timestamp with date and time.
Timestamp with system uptime.
PerleRouter(config)#service
Usage Guidelines
Set parameters for DHCP relay-agent or server.
Examples
This example shows you how to add date, time and year to log messages.
PerleSCR(config)# service timestamp log datetime localtime year<cr>
IOLAN SCR Command Line Reference Guide
215
Global Configuration Mode
Related Commands
snmp-server
[
smnp-server ro
|
rw
]
contact
{[
community
<WORD>
[
ip-access
<A.B.C.D> | <X:X:X:X::X:X> |
| [network [
<LINE>
<A.B.C.D> | <A.B.C.D>
]
|
[
<X:X:X:X::X:X>
]
]
|
[
enable traps | [alarms
<2 | 3>
| major | minor] | authentication | bgp | entity | envon | ipsec | openvpn | ospf | snmp
]
|
[
engine-id local
<TEXT>
]
|
[
group
<WORD>
]
|
[
[host
<A.B.C.D> <X:X:X:X::X:X> <WORD>
| udp-port
<0-65535>
] | [version 2c udp-port
<0-65535>
] | [3 auth | informs | noauth | prv | traps]
]
|
[
location
<WORD>
]
|
[
listen-address
<A.B.C.D> <X:X:X:X::X:X>
udp-port
<0-65535>
]
|
[
user
<WORD> <WORD>
v3 [auth md5 | sha
<WORD>
priv aes | des
<WORD>
]
[encrypted auth md5
<WORD>
priv aes
<WORD>
| sha
<WORD>
]
|
[
view
<WORD>
excluded
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description snmp-server
{[
community
<WORD>
[
ip-access
<A.B.C.D> | <X:X:X:X::X:X> |
ro
|
rw
[network [
<A.B.C.D> | <A.B.C.D>
]
|
[
<X:X:X:X::X:X>
]
]
|
]
|
Set community strings and access privileges.
Maximum value is 64 bytes
[
contact
<LINE>
]
|
Type in the contact name. (mib object sysContact).
[
enable traps | [alarms
<2 | 3>
| major | minor] | authentication | bgp | cellular-gnss
| cellular-lte | dot11 | entity | envon | ipsec | openvpn | ospf | snmp
]
|
[
engine-id
<text>
]
|
Enables trap messages to go to your snmp server.
Engine ID of the local or remote SNMPv3 agent.
[
group
<WORD>
] |
Define a SNMPv3 user security model.
[
[host
<A.B.C.D> <X:X:X:X::X:X>
<WORD>
udp-port
<0-65535>
] | [version
2c
<WORD>
udp-port
<0-65535>
] | [3 auth
| informs | noauth | prv | traps]
] |
Specify hosts to receive SNMP notifications
IOLAN SCR Command Line Reference Guide
216
Global Configuration Mode
[
location
<LINE>
] |
[
listen-address
<A.B.C.D> <X:X:X:X::X:X>
udp-port
<0-65535>
] |
[
user
<WORD> <WORD>
v3 [auth md5 | sha
<WORD>
priv aes | des
<WORD>
]
[encrypted auth md5
<WORD>
priv aes
<WORD>
| sha
<WORD>
]
|
[
view
<WORD>
excluded
<WORD>
]}
Type text for MIB object sysLocation
Address to listen on for incoming requests.
Configure options for SNMP
V3 user.
Define an SNMPv3 MIB family view,
Exclude this family MIB from the view.
PerleSCR(config)#snmp-server
Command Modes
Examples
This example will set community name to public and contact person to admin, then enable trap messages for authentication.
PerleSCR(config)#community public<cr>
PerleSCR(config)#snamp-server contact admin<cr>
PerleSCR( config)#snmp-server enable traps authentication<cr>
Related Commands
tacacs tacacs
{[
server
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description tacacs
{[
server
<WORD>
]}
Specify the name of the TACACS server.
Command Modes
PerleSCR(config)#tacacs
Examples
This example specifies the name of the TACACS server as TACTEST.
PerleSCR(config)#tacacs server TACTEST<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
217
tty
Global Configuration Mode
(config-tacacs-server)#
{[
address ipv4 <
hostname
|
<A.B.C.D>
| ipv6
<hostname
|
X:X:X:X::X> < key 0 |
7 | WORD>
| [
timeout
<1-1000>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-tacacs-server)#
{[
address ipv4 <
hostname
|
<A.B.C.D>
| ipv6
<hostname
|
X:X:X:X::X> < key 0 | 7 |
WORD>
|
[
key 0 | 7 |
<WORD>
] |
Set the IPv4 or IPv6 address for your TACACS server.
Set the encryption key to be shared with the TACACS server.
[
timeout
<1-1000>
]}
Set the timeout if the TACACS server doesn’t respond,
Command Modes
PerleRouter(config-tacacsserver)#
Usage Guidelines
Set up parameters for your TACACS server.
Examples
This example shows you how to set the IPv4 address for your TACACS server.
PerleRouter(config-tacacs-server)# address ipv4 172.17.88.99<cr>
Related Commands
tty
{[
<1-16> ,<1-16>
mode disable | line
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description tty
{[
<1-16> ,<1-16>
mode disable | line
]}
Select the mode for the serial port.
Command Default
Console
PerleSCR(config)#tty
Command Modes
Usage Guidelines
Changed the mode of the tty port.
IOLAN SCR Command Line Reference Guide
218
Global Configuration Mode
Examples
This example set tty port 1 to line mode.
PerleSCR(config)#tty 1 mode line<cr>
username username factor
]}
{[
<WORD>
nopassword | privilege
1
|
15
| secret | serial | two-
Use the no form of this command to negate a command or set its defaults.
Syntax Description username
{[
<WORD>
nopassword | privilege
1
|
15
| secret | serial | two-factor
]}
Add local user names and passwords
Command Modes
PerleSCR(config)#username
Usage Guidelines
Command Options
Privilege level
1 specifies user privilege level (user exec)
15 specifies privilege exec level (privilege exec)
Secret
0 - Specifies that an UNENCRYPTED password will follow.
7 Specifies an ENCRYPTED password will follow
LINE - the UNENCRYPTED (cleartxt) password.
Examples
This example creates a user with user exec privileges and a clear text password.
PerleSCR(config)#username lyn privilege 1 secret password123<cr>
Related Commands
(config-user-serial)#
{[
callback off | on
] | [
framed-compression off | on
] |
[
framed-interface-id
<ipv6 interfac id>
] |
[
framed-ip
<A.B.C.D>
] |
[
framed-mtu
<64-1500>
] |
[
host-ip
<Hostname>
|
<A.B.C.D>
|
<X:X:X:X::X>
] |
[
hotkey-prefix
<1-ff>
] |
[
idle-timer
<0-4294967>
] |
[
line-access readin
<1-8> <17-24>
| readout
<1-8> <17-24>
| readwrite
<1-8>
<17-24>
] |
IOLAN SCR Command Line Reference Guide
219
Global Configuration Mode
[
netmask
<A.B.C.D>
] |
[
phone-number
<phone-number> <A.B.C.D>
] |
[
port ssh
<1-65535>
| ssl_raw
<1-65535>
| tcp-clear
<1-65535>
| telnet
<1-
65535>
] |
[
routing listen | none | send | send-and-listen
] |
[
service dsprompt | ppp | rlogin | slip | ssh | ssl-raw | tcp-clear | telnet
] | [
sesstimer
<0-4294967>
] |
[
session
<1-4>
[auto off | on] | [rlogin-options host
<hostname> | <A.B.C.D> |
<X:X:X:X::X>
| termtype
<WORD>
] | ssh-options | telnet-options echo
<0-0x7f>
| eof
<0-0x7f>
| erase
<0-0x7f>
| escape
<0-0x7f>
| host
<hostname> | <A.B.C.D> |
<X:X:X:X::X>
| intr
<0-0x7f>
| [line-mode off | on] | [local-echo off | on] | [mapcr-crlf on | off] | port
<1-65535>
| quit
<0-0x7f>
| termtype
<WORD>
] |
type [off | rlogin | ssh | telnet]
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-user-serial)#
{[
callback off | on
] |
Set the port for callback mode.
[
framed-compression off | on
] |
When enabled, Van
Jacobson Compression is used on this port.
[
framed-interface-id
<ipv6 interface id>
] |
IPv6 interface identifier.
The second part of an IPv6 unicast or anycast address is typically a 64-bit interface identifier used to identify a host's network interface.
For example, if the MAC address of a nework card is
00:BB:CC:DD:11:22 the interface ID would be
02BBCCFFFEDD1122
[
framed-ip
<A.B.C.D>
] |
[
framed-mtu
<64-1500>
] |
IPv4 address
Specify Maximum
Transmission Unit size.
Default is 1500
Values are 64 -1500
[
host-ip
<Hostname> | <A.B.C.D> |
<X:X:X:X::X>
] |
Specify a hostname, IPv4 or IPv6 address.
IOLAN SCR Command Line Reference Guide
220
[
hotkey-prefix
<1-ff>
] |
Global Configuration Mode
The prefix that a user types to control the current session.
Data Options:
IOLAN SCR Command Line Reference Guide
221
Global Configuration Mode
^a number – To switch from one session to another, press ^a (Ctrla) and then the required session number. For example, ^2 would switch you to session 2.
Pressing ^a 0 will return you to the router Menu.
^a n –Display the next session. The current session will remain active. The lowest numbered active session will be displayed.
^a p – Display the previous session. The current session will remain active. The highest numbered active session will be displayed.
^a m – To exit a session and return to the router.
You will be returned to the menu. The session will be left running.
^a l – (Lowercase L)
Locks the serial port until the user unlocks it.
The user is prompted for a password (any password, excluding spaces) and the serial port is locked. The user must retype the password to unlock the serial port.
^r – When you switch from a session back to the Menu, the screen may not be redrawn correctly. If this happens, use this command to redraw it properly. This is always
Ctrl R, regardless of the
Hotkey Prefix.
IOLAN SCR Command Line Reference Guide
222
[
idle-timer
<0-4294967>
] |
[
line-access readin
<1-8> <17-24>
| readout
<1-8> <17-24>
| readwrite
<1-8>
<17-24>
] |
[
netmask
<A.B.C.D>
] |
[
phone-number
<phone-number>
<A.B.C.D>
] |
[
port ssh
<1-65535>
| ssl_raw
<1-65535>
| tcp-clear
<1-65535>
| telnet
<1-65535>
] |
Global Configuration Mode
The User Hotkey Prefix value overrides the Serial
Port Hotkey Prefix value.
You can use the Hotkey
Prefix keys to lock a serial port only when the serial port’s Allow Port locking parameter is enabled.
Default is Hex 01 (Ctrl -a or ^a)
Specify a session inactivity timer in seconds.
Default is 0 seconds so the port will never timeout.
Values are 0-4294967 seconds
Specify the access for the serial lines.
IPv4 netmask
Enter the call back phone number.
Specify the service to be used for outbound sessions on this port.
ssh
ssl-raw tcp-clear telnet
IOLAN SCR Command Line Reference Guide
223
Global Configuration Mode
[
[
[
routing listen | none | send | send-andlisten
]
service
|
dsprompt | ppp | rlogin | slip | ssh
| ssl-raw | tcp-clear | telnet sess-timer
<0-4294967>
]
]
|
|
[
session
<1-4>
[auto off | on] | [rloginoptions host
<hostname> | <A.B.C.D> |
<X:X:X:X::X>
| termtype
<WORD>
] | sshoptions | telnet-options echo
<0-0x7f>
| eof
<0-0x7f>
| erase
<0-0x7f>
| escape
<0-
0x7f>
| host
<hostname> | <A.B.C.D> |
<X:X:X:X::X>
| intr
<0-0x7f>
| [line-mode off | on] | [local-echo off | on] | [map-cr-crlf on | off] | port
<1-65535>
| quit
<0-0x7f>
| termtype
<WORD>
| type [off | rlogin | ssh
| telnet]
]
}
IOLAN SCR Command Line Reference Guide
Set the routing mode (RIP,
Routing Information
Protocol) used on the
PPP/SLIP interface.
listen – enable
PPP/SLIP receiving of
RIP none – disable
PPP/SLIP sending and receiving of RIP send – enable PPP/SLIP sending and receivng of
RIP send-and-listen – enable
PP/SLIP sending and receiving of RIP
Set service for outbound sessions.
dsprompt ppp
rlogin slip ssh ssl-raw tc-clear telnet
Enter maximum session time in seconds.
Default is 0 seconds so the port will never timeout.
Values are 0-4294967 seconds
Configure parameters for user sessions.
224
Global Configuration Mode
Command Modes
PerleRouter(config-userserial)#
Usage Guidelines
Sets serial parameters for the user.
Examples
This example shows you how to set outbound telnet session for user fred.
PerleRouter(config)#username lyn serial
PerleRouter(config-user-serial)# service telnet<cr>
(config-user-2factor)#
{[
<WORD>
] | [
method email
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-user-2factor)#
{[
<WORD>
] |
Specific an email address to receive the 2factor authentication request.
[
method email
]}
Select to send 2factor authentication by email.
Command
PerleRouter(config-user-
2factor)#
Usage Guidelines
Set up 2factor authentication for a user.
Examples
This example shows you how to set email authentication for 2factor authentication for user fred
PerleRouter(config)#username fred serial two-factor<cr>
PerleRouter(config-user-2factor)# email [email protected]<cr>
Related Commands
wan wan
{[
failover | [high-availability disable | failover | load-sharing] | loadsharing flush-connections | local traffic | rule | source-nat | sticky-inbound
Use the no form of this command to negate a command or set its defaults.
]}
Syntax Description wan
IOLAN SCR Command Line Reference Guide
225
{[
failover | [high-availability disable | failover | load-sharing] | load-sharing flush-connections | local traffic | rule | source-nat | sticky-inbound
]}
Global Configuration Mode
Failover is defined as a mode where 2 or more
WANinterfaces are configured, but only 1 interface is active at a time.
Once IP HEALTH has detected that a WAN interface no longer has internet connectivity, it will
"failover" to the next active
(via IP HEALTH status)
WAN interface.
Note:
IP HEALTH profile(s) (ie. Ping or traceroute tests) and IP-
HEALTH on EACH of the
WAN interfaces, must be configured when using
WAN HIGH-
AVAILABILITY. The IP
HEALTH feature is used to determine whether an WAN interface has internet connectivity (one or more of the ping or traceroute tests MUST pass)
Load Sharing is defined as a mode where you define how routed traffic can be sent over one or more defined active WAN interfaces. Unlike failover mode where ALL routed traffic is cut over to the next highest priority active WAN interface, this mode defines how specific or all traffic is to be shared or divided over multiple active WAN interfaces.
IOLAN SCR Command Line Reference Guide
226
Global Configuration Mode
This is accomplished by defining one or more loadsharing rules.
Flush-connections – enable flushing to flush data on WAN interface outage.
Local traffic – enable all local traffic in the rule.
Rule – configures a load– sharing rule.
Rule – Configures a loadsharing rule.
Source-nat enables/disables source address translation on this rule.
sticky-inbound – enables/disables inbound connection tracking.
PerleSCR(config)#wan
Command Modes
Usage Guidelines
Use Wan commands to configure high availability, failover and load-sharing features.
Related Commands
zone
{[
security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description zone
{[
security
<WORD>
]}
Add firewall with zoning.
Command Modes
PerleSCR(config)#zone
Usage Guidelines
Use this command to set zoning options.
Examples
This example creates a zone with the name zonetest.
PerleSCR(config)#zone security zonetest<cr>
IOLAN SCR Command Line Reference Guide
227
Global Configuration Mode
Related Commands
(config-sec-zone)#
{[
[default-action drop | reject] | description
<WORD>
| local-zone
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-sec-zone)#
{[
[default-action drop | reject]
|description
<WORD>
| localzone
]}
Specify the default action for traffic coming into this zone.
Drop will silently drop the packets
Reject will drop and notify the source
Enter a zone description.
Zone to be local-zoned.
Command Modes
PerleSCR(config-sec-zone)#
Usage Guidelines
Use this command to setup firewall zoning.
Examples
This example will show you how to reject all incoming packets to this zone.
PerleSCR(config)# default-action reject<cr>
Related Commands
zone-pair zone-pair
{[
from
<WORD>
to
<WORD>
firewall
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description zone-pair
{[
from
<WORD>
to
<WORD>
firewall
<WORD>
]}
Specify options for zone pairing.
Command Modes
PerleSCR(config)#zone-pair
Usage Guidelines
Filter traffic from this zone.
IOLAN SCR Command Line Reference Guide
228
Related Commands
zone
Global Configuration Mode
IOLAN SCR Command Line Reference Guide
229
5
Interface configuration
Chapter 5
Interface interface
{[
bvi
<1-9999>
] |
[
dialer
<0-15>
] |
[
ethernet <1-18>
] |
[
loopback
] |
[
openvpn-tunnel
<0-999>
| tap | tun
] |
[
tunnel
<0-999>
] |
[
range ethernet <1-18> , <1-18>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description interface
{[
bvi
<1-9999>
]
|
Specify the bridge interface you want to configure.
[
dialer
<0-15>
] |
Specify the dialer interface you want to configure.
[
ethernet <1-18>
]
|
Specify the Ethernet interface you want to configure.
[
loopback
] |
Specify the loopback interface you want to configure.
[
openvpn-tunnel
<0-999>
tap | tun
] |
Specify a openvpn tunnel you want to configure.
[tunnel
<0-999>
] |
Specify the tunnel you want to configure.
[
range ethernet <1-18> , <1-18>
]}
Specify a Ethernet range you want to configure.
Command Modes
PerleSCR(config))#interface ethernet 1
PerleSCR(config-if)#
Usage Guidelines
Set interface command.
Examples
This example will allow you to config parameters for Ethernet interface 1.
PerleSCR# interface ethernet 1<cr>
IOLAN SCR User’s Guide
230
Interface configuration
Related Commands
(config-if)# bvi
{[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[
description
<LINE>
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp [client class-id
<LINE>
auto] | [clientid ethernet <1-18>
|
ascii
<WORD>
| auto | hex
<hex-string>
] | client-id hostname
<WORD>
] |
[
ipsec restrict
] |
]
| ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication messagedigest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-
65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
[
ipv6 address
<X:X:X:X::X/<0-128>
|
dhcp | firewall in | out | local
<WORD>
|
[nd dad attempt
<0-500>
| managed config-flag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
|
[hop-limit <1-255> | unspecified] | [interval
<4-1800> <3-1350>
| lifetime
<0> |
<4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-
3600000>
| router-preference high | low |medium] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<68-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
role lan |trusted | wan
] |
[
shutdown
] |
IOLAN SCR User’s Guide
231
Interface configuration
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-if)# bvi
{[
arp disable-arp-filter | enable-arpaccept | enable-arp-announce | enablearp-ignore | timeout
<1-2147483>
] |
[
description
<LINE>
] |
Customize arp messages for this interface.
Type in a description for this interface.
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp [client class-id
<LINE>
auto] |
[client-id ethernet <1-18>
|
ascii
<WORD>
| auto | hex
<hex-string>
] | client-id hostname
<WORD>
] |
]
| ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] |
[helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
[
ipsec restrict
] |
Specify IP parameters.
Do not allow ipsec to run on this interface.
IOLAN SCR User’s Guide
232
[
ipv6 address
<X:X:X:X::X/<0-128>
|
dhcp | firewall in | out | local
<WORD>
|
[nd dad attempt
<0-500>
| managed config-flag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294>
|
infinite | [ra dns server
<X:X:X:X::X>
| [hop-limit <1-255> | unspecified] |
[interval
<4-1800> <3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-
3600000>
| router-preference high | low
|medium] | [ospf authentication message-digest | null] | authenticationkey
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-
65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-topoint | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<68-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-
4>
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Command Modes
Usage Guidelines
Sets option parameters for bridge.
Interface configuration
Enable IPv6 on this interface.
Specify the mtu (maximum transmit unit) for this interface.
Configure for this interface.
Select the role for this interface.
Shutdown this interface.
This interface belongs to zone security name.
PerleSCR(config-if)#
IOLAN SCR User’s Guide
233
Examples
This example enables an IP address on bvi 10.
PerleSCR>enable<cr>
PerleSCR#config<cr>
PerleSCR#interface bvi 10<cr>
PerleRouter(config-if)#ip address 172.16.113.45 255.255.0.0<cr>
Related Commands
Interface configuration
(config-if)# dialer
{[
dialer description
<LINE>
] |
[
encapsulation ppp
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | firewall in | out | local
<WORD>
| [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] | [
[ipv6 firewall in | out | local
<WORD>
| [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point
| point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<64-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
] |
[
ppp access-concentrator
<LINE>
| chap hostname
<WORD>
| password 0
<LINE>
| 7
<WORD>
|
<LINE>
| timeout idle
<1-4294967>
[
role lan | trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# dialer
{[
dialer description
<LINE>
] |
Specify a name for this interface.
IOLAN SCR User’s Guide
234
Interface configuration
[
encapsulation ppp
] |
|
[
ip address
<A.B.C.D> <A.B.C.D>
| ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | firewall in | out | local
<WORD>
| [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helperaddress
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
|
[message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast
| non-broadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmitinterval
<1-65535>
| transmit-delay
<1-
65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
]
[
ipsec restrict
] |
[
ipv6 firewall in | out | local
<WORD>
|
[ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hellointerval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore |
[network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
mtu
<64-1500>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534>
|
minpoll
<4-17>
| version
<1-4>
] |
[
ppp access-concentrator
<LINE>
| chap hostname
<WORD>
| password 0
<LINE>
| 7
<WORD>
|
<LINE>
| timeout idle
<1-
4294967>
] |
IOLAN SCR User’s Guide
Set sencapsulation type.
Sets Ip configuration parameters for this interface.
Enable or disable IPv6.
Set IPv6 sub commands.
Sets Maximum transmission unit size.
Configure NTP (Network Time
Protocol).
Configure Point to Point protocol.
235
Interface configuration
[
role lan | trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Command Modes
Usage Guidelines
Sets parameters for dailer interface.
Examples
This example will set the role for this interface.
PerleSCR(config-if)role wan<cr>
Related Commands
Select the role for this interface.
Shutdown this interface.
This interface is a member of zone security.
PerleSCR(config-if)#
(config-if) ethernet
{[
alarm profile
<WORD>
] |
[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multi-auth] | [multi-host] | single-host] | [periodic]
| [port-control [auto] | [forced-authorized] | force-unauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] | [
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
[
dot1x credential
<WORD>
| max-auth-req
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] |
[timeout quiet-period
<1-65535>
| supp-period
<1-65535>
| tx-period
<1-65535>
]
|
[
duplex auto | half | full
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp | ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[
ipsec restrict
] | [
ipv6 address
<X:X:X:X::X/<0-128>
| autoconfig | dhcp] enable
| firewall in | out | local
<WORD>
| [nd dad attempt
<0-500>
| managed configflag | other-config-flag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite |
IOLAN SCR User’s Guide
236
Interface configuration
[ra dns server
<X:X:X:X::X>
| [hop-limit <1-255> | unspecified] | [interval
<4-
1800> <3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-3600000>
| router-preference high | low |medium]
] |
[
mab eap
] | [
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> <X:X:X:X::X:X>
| client
< A.B.C.D> < X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
power efficient-ethernet auto
] |
[
role lan | trusted | wan
] |
[
sgmii
] |
[
shutdown
] |
[
speed 10 |100 |1000 |auto | 2500
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.ip
Syntax Description
(config-if) ethernet
{[
alarm profile
<WORD>
] |
Use this alarm profile for this interface.
[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arp-ignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multi-auth] |
[multi-host] | single-host] | [periodic] | [portcontrol [auto] | [forced-authorized] | forceunauthorized] | [timer reauthenticate
<1-
65535>
| restart
<1-65535>
] |
[
bridge-group
<1-9999>
] |
Customize arp messages for this interface.
Select authentication mode to use on this interface when using Dot1x devices.
Add this interface to the specified bridge-group.
[
description
<LINE>
] |
Description for this interface.
IOLAN SCR User’s Guide
237
[
dot1x
<1-10>
| credential max-req
<WORD>
<1-10>
|
[
| max-auth-req
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] | [timeout quiet-period
<1-65535>
| supp-period
<1-
65535>
| tx-period
<1-65535>
] |
[
duplex auto | half | full
] |
[
ip address
<A.B.C.D> <A.B.C.D>
| dhcp | ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication messagedigest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore |
[network broadcast | non-broadcast | pointto-point | point-to-multipoint] | priority
<0-
255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip authentication keychain | mode
<WORD>
] |
[
ipsec restrict
] |
Interface configuration
Sets the Port Access Entity
(PAE) type.
Supplicant
—The interface acts only as a supplicant and does not respond to messages that are meant for an authenticator.
Authenticator
—The interface acts only as an authenticator and does not respond to any messages meant for a supplicant.
Both
—The interface behaves both as a supplicant and as an authenticator and thus does respond to all dot1x messages.
Select duplex for this interface. In most cases this parameter should be left at auto.
Setup parameters for IP communications on this interface.
No ipsec allow on this interface.
IOLAN SCR User’s Guide
238
[
ipv6 address
X:X:X:X::X:X/<0-128>
| autoconfig | dhcp | enable | firewall in | out | local
<WORD>
| [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-
65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip authentication keychain | mode
<WORD>
] |
[
mab eap
] |
[
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-
4>
|
disable
|
multicast
< A.B.C.D>
<X:X:X:X::X:X>
| client
< A.B.C.D> <
X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
power efficient-ethernet auto
] |
[
role lan |trusted | wan
] |
[
sgmii
] |
Interface configuration
If using IPv6, then setup
IPv6 communication parameters.
Sets MAC authentication bypass interface commands.
Sets maximum transmission unit.
Configure NTP (Network
Time Protocol).
[
[
shutdown
] |
speed 10 |100 |1000 |auto | 2500
]}
[
zone-member security
<WORD>
]}
IOLAN SCR User’s Guide
Configure interface power settings.
Set the role for this interface.
Set SFP interface for
SGMII mode,
SGMII mode only pallies to interface SFP 1 and 2.
Shutdown this interface.
Set speed of 1000 or 2500 for Ethernet SFP ports 17 and 18.
Set speed of 10, 100, 1000 or auto for Ethernet ports
1-18
This interface is a member of zone security.
239
Interface configuration
Command Modes
Usage Guidelines
Set up Ethernet parameters for this interface.
Examples
This example will set the speed for this interface to 100.
PerleSCR(config-if)# speed 100<cr>
PerleSCR#
Related Commands
{[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | enable-proxy-arp | timeout
<1-2147483>
[
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
[
encapsulation dot1q
<1-4000>
] |
] |
[
ip address
<A.B.C.D> < A.B.C.D>
| dhcp] | firewall in | local | out
<WORD>
| policy route-policy
<WORD>
| [rip authentication key-chain
<WORD>
] | [mode md5 | text string
<LINE>
] | [split-horizon disable | poison-reverse]
] |
[
ipsec restrict
] |
[
ipv6
<X:X:X:X::X:X> <A.B.C.D>
| enable | nd prefix
<X:X:X:X::X:X/0-128>
| ra
] |
dns server
<X:X:X::X:X>
[
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> < X:X:X:X::X>
| client
<A.B.C.D>
< X:X:X:X::X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-subif)#
{[
arp disable-arp-filter | enable-arpaccept | enable-arp-announce | enablearp-ignore | enable-proxy-arp | timeout
<1-2147483>
] |
Configure arp parameters.
[
bridge-group
<1-9999>
] |
Add this interface to the specified bridge group.
[
description
] |
Type in a description for this sub interface.
IOLAN SCR User’s Guide
240
Interface configuration
[
[
[
[
encapsulation dot1q
<1-4000>
] |
[
ip address
<A.B.C.D> <ip_mask
A.B.C.D>
| dhcp | firewall in | local | out
<WORD>
] |
[
ipsec restrict
] |
[
ipv6
<X:X:X:X::X:X> <A.B.C.D>
| enable | nd prefix
<X:X:X:X::X:X/0-128>
| ra dns server
<X:X:X::X:X>
] |
[
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> < X:X:X:X::X>
| client
<A.B.C.D> < X:X:X:X::X>
| key
<1-65534>
| minpoll | version
<1-4>
]
| }
role lan | trusted | wan shutdown
] |
zone-member security
Command Modes
] |
<WORD>
]}
Usage Guidelines
Set parameters on more then one Ethernet port.
Examples
This sub interface is configured to encapsulation data on the specified vlan 1-4000.
Set IP parameters for this interface.
Rrestict IPsec for this sub interface.
Configure IPv6 parameters.
Specify the mtu (maximum transmit unit).
Set time parameters if using
Network Time Protocol.
Select the role for this interface.
Shutdown this interface.
Set interface to be a member of this security zone.
PerleSCR(config)#interface ethernet 1 . 10 <cr>
PerleSCR(config-subif)#
Related Commands
IOLAN SCR User’s Guide
241
Interface configuration
(config-if-range)#
{[
alarm profile
<WORD>
] |
[
address
<A.B.C.D>
| dhcp
] |
[
arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multi-auth] | [multi-host] | single-host] | [periodic]
| [port-control [auto] | [forced-authorized] | force-unauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] |
[
bridge-group
<1-9999>
] |
[
description
<LINE>
] |
[
dot1x credential
<WORD>
| max-auth-req
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] |
[timeout quiet-period
<1-65535>
| supp-period
<1-65535>
| tx-period
<1-65535>
]
|
[
duplex auto | half | full
] |
[
ip address
<A.B.C.D>
| dhcp | ddns service dyndns | use-web skip | url
<WORD>
] | dhcp-relay | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | non-broadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] | policy route-policy
<WORD>
| rip authentication key-chain
<WORD>
| mode md5 | text string
<0 | 7 | WORD>
| [split-horizon disable | poisoned-reverse]
] |
[
ipsec restrict
] |
[
ipv6 address
<X:X:X:X::X/<0-128>
| autoconfig | dhcp] enable | firewall in | out
| local
<WORD>
| [nd dad attempt
<0-500>
| managed config-flag | other-configflag | prefix
<X:X:X:X::X/<0-128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
| [hop-limit <1-255> | unspecified] | [interval
<4-1800> <3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmissiontime
<0-3600000>
| router-preference high | low |medium]
] | [
mab eap
] |
[
mab eap
] | |
[
mtu
<64-9000>
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> <X:X:X:X::X:X>
| client
< A.B.C.D> < X:X:X:X::X:X>
| key
<1-65534>
| minpoll | version
<1-4>
] |
[
power efficient-ethernet auto
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
speed 10 | 100 | 1000 | auto
] |
[
zone-member security
<WORD>
]}
IOLAN SCR User’s Guide
242
Interface configuration
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if-range)#
{[
alarm profile
<WORD>
] |
Use this alarm profile for this interface.
[
arp disable-arp-filter | enable-arpaccept | enable-arp-announce | enablearp-ignore | timeout
<1-2147483>
] |
[
authentication [host-mode] | [multiauth] | [multi-host] | single-host] |
[periodic] | [port-control [auto] |
[forced-authorized] | forceunauthorized] | [timer reauthenticate
<1-65535>
| restart
<1-65535>
] |
[
bridge-group
<1-9999>
] |
Customize arp messages for this interface.
Select authentication mode to use on this interface when using Dot1x devices.
Add this interface to the specified bridge-group.
[
description
<LINE>
] |
[
dot1x credential
<WORD>
| max-authreq
<1-10>
| max-req
<1-10>
|
[
[pae authenticator | suppliant] | eap profile
<WORD>
[pae profile
<WORD>
] |
[timeout quiet-period
<1-65535>
| suppperiod
<1-65535>
| tx-period
<1-
65535>
] |
Description for this interface.
Sets the Port Access Entity (PAE) type.
Supplicant
—The interface acts only as a supplicant and does not respond to messages that are meant for an authenticator.
Authenticator
—The interface acts only as an authenticator and does not respond to any messages meant for a supplicant.
Both
—The interface behaves both as a supplicant and as an authenticator and thus does respond to all dot1x messages.
[
duplex auto | half | full
] |
Select duplex for this interface. In most cases this parameter should be left at auto.
IOLAN SCR User’s Guide
243
Interface configuration
[
ip address
<A.B.C.D>
| dhcp | ddns service dyndns | use-web skip | url
<WORD>
] | dhcp-relay | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] |
[ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] | policy route-policy
<WORD>
| rip authentication key-chain
<WORD>
| mode md5 | text string
<0 | 7 | WORD>
|
[split-horizon disable | poisonedreverse]
] |
[
ipsec restrict
] |
|
[
ipv6 address
<X:X:X:X::X/<0-128>
| autoconfig | dhcp] enable | firewall in | out | local
<WORD>
| [nd dad attempt
<0-500>
| managed config-flag | otherconfig-flag | prefix
<X:X:X:X::X/<0-
128> <0-4294967294> |
infinite | [ra dns server
<X:X:X:X::X>
| [hop-limit <1-
255> | unspecified] | [interval
<4-1800>
<3-1350>
| lifetime
0 | <4-9000>
| suppress] | reachable time
<0-3600000>
| retransmission-time
<0-3600000>
| router-preference high | low |medium]
]
[
mab eap
] | |
Setup parameters for IP communications on this interface.
No ipsec allow on these interfaces.
If using IPv6, then setup IPv6 communication parameters.
[
mtu
<64-9000>
] |
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
|
disable
|
multicast
< A.B.C.D> <X:X:X:X::X:X>
| client
< A.B.C.D> < X:X:X:X::X:X>
| key
<1-
65534>
| minpoll | version
<1-4>
] |
IOLAN SCR User’s Guide
Sets MAC authentication bypass interface commands.
Sets maximum transmission unit.
Configure NTP (Network Time
Protocol).
244
Interface configuration
[
power efficient-ethernet auto
] |
[
role lan | trusted | wan
] |
[
shutdown
] |
[
speed 10 | 100 | 1000 | auto
] |
[
zone-member security
<WORD>
]}
Configure interface power settings.
Set the role for this interface.
Shutdown this interface.
Set the speed for this interface.
Command Modes
This interface is a member of zone security.
PerleSCR(config-if)#
Usage Guidelines
Set parameters for multiple Ethernet ports.
Examples
This example will restrict IPv6 on Ethernet port range 6-8.
PerleSCR(config) interface range ethernet 6 , 8<cr>
PerleSCR(config-if-range)# ipsec restrict<cr>
(config-if)# openvpn-tunnel
{[
bridge-group
<1-9999>
] | [
description
<LINE>
] |
[
ip ddns service dyndns | use-web skip | url
<WORD>
] | [[firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [message-digestkey
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-to-point] | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-
65535>
| transmit-delay
<1-65535>
] |
[
ipv6 | enable | firewall in | local |out | nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| [ospf | cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| instance-id
<0-
255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] | [policy route-policy
<WORD>
] | [rip authentication key-chain | mode
<WORD>
| split-horizon disabled | poisoned-reverse
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-4>
] |
[
role lan | trusted | wan
] |
[
zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# openvpn-tunnel
{[
bridge-group
<1-9999>
] |
Sets transparent bridging interface parameters.
IOLAN SCR User’s Guide
245
Interface configuration
[
description
<LINE>
] |
[
ip ddns service dyndns | use-web skip | url
<WORD>
] | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point] | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[
ipsec restrict
] |
Description for this interface.
Specify IP parameters.
[
[
ipv6 | enable | firewall in | local |out | nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtuignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| [ospf | cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
] |
[policy route-policy
<WORD>
] | [rip authentication key-chain | mode
<WORD>
| split-horizon disabled | poisoned-reverse
] |
[
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-
17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-
4>
] |
[
role lan | trusted | wan
] |
zone-member security
Command Modes
<WORD>
]}
IOLAN SCR User’s Guide
Do not allow ipsec to run on this interface.
Set IPv6 configuration parameters.
Configure NTP (Network Time
Protocol).
Set the role for this interface.
This interface is a member of zone security.
PerleRouter(config-if)#
246
Interface configuration
Usage Guidelines
Set configuration parameters for OPEN-VPN tunnel.
Examples
This example will set no authentication when using ospf.
PerleRouter(config-if)# ip ospf authentication null<cr>
Related Commands
(config-if)# tunnel
{[
tunnel
<0-999>
mode gre ip arp disable-arp-filter | enable-arp-accept | enablearp-announce | enable-arp-ignore | timeout
<1-2147483>
] | [description
<LINE>
] | [ip address
<A.B.C.D> <A.B.C.D>
| dhcp | ddns service dyndns | useweb skip | url
<WORD>
] | dns dhcp | [firewall in | local | out
<WORD>
] | [healthprofile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] |
[ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | nonbroadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmitinterval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] | [ipsec restrict] | [ipv6
<X:X:X:X::X:X/0-128>
| enable | [firewall in | local | out
<WORD>
] |nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-255>
| mtu-ignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-
65535>
| policy route-policy
<WORD>
| rip disable | poisoned-reverse] | [mtu
<64-1500>
] | [
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-17>
| version
<1-
4>
] | [role lan | trusted | wan] | [shutdown] | [tunnel destination
<A.B.C.D>
| multicast source
<A.B.C.D>
source <A.B.C.D>
|
cellular
<0-0>
| dot11radio
<0-
0>
| ethernet <1-18> .
<1-4000>
| tos
<0-99>
| ttl
<1-255>
] | [zone-member security
<WORD>
] |
[
ipv6ip 6in4 arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arp-ignore | timeout
<1-2147483>
] | [description
<LINE>
] | [firewall in | local | out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] |
[helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-65535>
| dead-interval
<1-65535>
| hellointerval
<1-65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore |
[network broadcast | non-broadcast | point-to-point | point-to-multipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip authentication key-chain | mode
<WORD>
] |
[ipsec restrict] | [ipv6
<X:X:X:X::X:X/0-128>
| enable | [firewall in | local | out
<WORD>
] |nd prefix
<X:X:X:X::X:X/0-128>
| ifmtu
<1-65535>
| instance-id
<0-
IOLAN SCR User’s Guide
247
Interface configuration
255>
| mtu-ignore | passive | priority
<0-255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| policy route-policy
<WORD>
| rip disable | poisonedreverse] | [mtu
<64-1500>
] | [ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-65534> |
minpoll
<4-
17>
| version
<1-4>
] | [
role lan | trusted | wan] | [shutdown] | [tunnel destination
<A.B.C.D>
| multicast source
<A.B.C.D>
source <A.B.C.D>
|
cellular
<0-0>
| dot11radio
<0-0>
| ethernet <1-18> .
<1-4000>
| tos
<0-99>
| ttl
<1-255>
] |
[zone-member security
<WORD>
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description (config-if)# tunnel
IOLAN SCR User’s Guide
248
Interface configuration
{[
tunnel
<0-999>
mode gre ip arp disable-arp-filter | enable-arp-accept | enable-arp-announce | enable-arpignore | timeout
<1-2147483>
] |
[description
<LINE>
] | [ip address
<A.B.C.D> <A.B.C.D>
| dhcp | ddns service dyndns | use-web skip | url
<WORD>
] | dns dhcp | [firewall in | local
| out
<WORD>
] | [health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] |
[helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authentication-key
<LINE>
| cost
<1-
65535>
| dead-interval
<1-65535>
| hello-interval
<1-65535>
| [messagedigest-key
<1-255>
md5
<LINE>
] | mtuignore | [network broadcast | nonbroadcast | point-to-point | point-tomultipoint] | priority
<0-255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip authentication key-chain | mode
<WORD>
] | [ipsec restrict] | [ipv6
<X:X:X:X::X:X/0-128>
| enable | [firewall in | local | out
<WORD>
] |nd prefix
<X:X:X:X::X:X/0-
128>
| ifmtu
<1-65535>
| instance-id
<0-
255>
| mtu-ignore | passive | priority
<0-
255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip disable | poisonedreverse] | [mtu
<64-1500>
] | [
ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-4>
]
| [role lan | trusted | wan] | [shutdown] |
[tunnel destination
<A.B.C.D>
| multicast source
<A.B.C.D>
source
<A.B.C.D>
|
cellular
<0-0>
| ethernet
<0-0>
| dot11radio
<1-4>
.
<1-4000>
| tos
<0-99>
| ttl
<1-
255>
] | [zone-member security
<WORD>
] |
IOLAN SCR User’s Guide
Sets mode gre and tunnel interface parameters.
249
[
ipv6ip 6in4 arp disable-arp-filter | enable-arp-accept | enable-arpannounce | enable-arp-ignore | timeout
<1-2147483>
] | [description
<LINE>
] |
[firewall in | local | out
<WORD>
] |
[health-profile
<WORD>
nexthop
<A.B.C.D>
| dhcp] | [helper-address
<A.B.C.D>
] | [ospf authentication message-digest | null] | authenticationkey
<LINE>
| cost
<1-65535>
| deadinterval
<1-65535>
| hello-interval
<1-
65535>
| [message-digest-key
<1-255>
md5
<LINE>
] | mtu-ignore | [network broadcast | non-broadcast | point-topoint | point-to-multipoint] | priority
<0-
255>
| retransmit-interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip authentication key-chain | mode
<WORD>
] | [ipsec restrict] | [ipv6
<X:X:X:X::X:X/0-128>
| enable | [firewall in | local | out
<WORD>
] |nd prefix
<X:X:X:X::X:X/0-
128>
| ifmtu
<1-65535>
| instance-id
<0-
255>
| mtu-ignore | passive | priority
<0-
255>
retransmit -interval
<1-65535>
| transmit-delay
<1-65535>
| policy routepolicy
<WORD>
| rip disable | poisonedreverse] | [mtu
<64-1500>
] | [ntp broadcast client | destination
<A.B.C.D>
| key
<1-65534>
| minpoll
<4-17>
| version
<1-4>
| disable | multicast
<A.B.C.D>
|
<X:X:X:X::X>
| client
<A.B.C.D>
|
<X:X:X:X::X>
| key
<1-
65534> |
minpoll
<4-17>
| version
<1-4>
]
| [
role lan | trusted | wan] | [shutdown] |
[tunnel destination
<A.B.C.D>
| multicast source
<A.B.C.D>
source
<A.B.C.D>
|
cellular
<0-0>
| dot11radio
<0-0>
| ethernet <1-18> .
<1-4000>
| tos
<0-99>
| ttl
<1-255>
] | [zone-member security
<WORD>
]}
Command Modes
Usage Guidelines
Sets parameters for tunnel interface.
Interface configuration
Sets IPv6 parameters for this interface.
PerleSCR(config-if)#
IOLAN SCR User’s Guide
250
Examples
This example will enable arp accepts on this interface.
PerleSCR(config-if)# arp enable-accepts<cr>
Interface configuration
IOLAN SCR User’s Guide
251
line
6
I
nterface line mode
Chapter 6
This chapter defines all the CLI commands associated with configuring the console and tty ports.
line
{[
console
<0-0>
|
tty
<1-16>
|
vty
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description line
{[
console
<0-0>
|
Set parameters for the console port.
tty
<1-16>
Set parameters for the tty ports.
vty
]}
Command Modes
Set parameters for the vty port.
PerleSCR>enable
PerleSCR>config
PerleSCR#line
Usage Guidelines
Use this command to change to line mode.
Examples
This example set terminal width to 80.
PerleSCR# line vty<cr>
PerleSCR#width 80
Related Commands
|
(config-line)#console
{[
accounting exec
<WORD>
|
<default>
] | [
authorization exec
<WORD>
|
<default>
]
[
databits
256>
] | [
length odd | none
]
<7 | 8>
| [
] | [
exec]
0-512>
login response
<1-300>
] | [
|
[exec-timeout
<0-35791> <0-2147483>
login authentication
<WORD>
speed | 115200 | 19200 | 38400 | 57600 | 9600
] | [
transport all | none | ssh |telnet
|
]
]
<default>
|
|
[
[
]
]
stopbits width
|
Use the no form of this command to negate a command or set its defaults.
|
[
[
history size parity
1 | 2
]
<0-512>
| [
]}
[
0-
even | timeout
Syntax Description
(config-line)#console
{[
accounting exec
<WORD>
|
<default>
] |
Use an accounting list with a specified name or default list.
[
authorization exec
<WORD>
|
<default>
] |
Use an authorization with a specified name or default list.
IOLAN SCR Command Line Reference Guide
252
[
databits
<7 | 8>
] |
[
exec]
|
[
exec-timeout
<0-35791> <0-2147483>
]
|
[
history size
0-256>
] |
[
length
0-512>
] |
[
login authentication
<WORD>
|
<default>
]
|
[
parity
[
even | odd | none
] |
[
speed | 115200 | 19200 | 38400 | 57600 |
9600
] |
[
stopbits 1 | 2
] |
[
timeout login response
<1-300>
] |
[
transport all | none | ssh |telnet
] |
[
width
<0-512>
]}
Command Default
Interface line mode
Type 7 or 8 to set databits.
Enable EXEC CLI session
Time in minutes and seconds for CLI to timeout on the console session.
Sets the size of the history buffer.
Number of lines displayed on the screen. Type 0 for no pausing at end of page.
Use a specified list for authentication requests or use default list.
Set parity for console mode.
Set speed for console mode.
Set stop bits for console mode.
Timeout for user responses during the login sequence.
Allows the user on the console port to telnet or ssh out of the IOLAN.
Set the width of the terminal display.
console 0 timeout login response 30 login authentication default databits 8 parity none stopbits 1 speed 9600
IOLAN SCR Command Line Reference Guide
253
Interface line mode
Command Modes
PerleSCRR>enable
PerleSCR>config
PerleSCR#line config
0<cr>
PerleSCR(config-line)#
Usage Guidelines
Use these commands to set parameters for console mode.
Examples
These commands will set your console to speed 38400, databits 7 and stopbits 2.
PerleSCR#speed 38400<cr>
PerleSCR#databits 7<cr>
PerleSCR#stopbits 2<cr>
Related Commands
(config-line)#tty
{[
break | break-interrupted | local | off |remote
] | [
break-delay
<1-65535>
] |
[
break-length
1-65535>
] |
[
connection-method dial-in
|
dial-out | dial-in-out | direct-connect | ms-directguest | ms-direct-host
] |
[
cts-toggle off | on
] |
[
cts-toggle-final-delay
<0-1000>
] |
[
cts-toggle-inital-delay
<0-1000>
] |
[
databits 5 | 6 | 7 | 8
] |
[
data-logging off | on
] |
[
dial-retries
<0-99>
] |
dial-timeouts
<0-99>
|
[
discard-characters-rxd-with-errors off |on
] |
[
echo-suppression off | on
] |
[
flow both | hard | none | soft
] |
[
flowin off | on
] |
[
flowout off | on
] |
[
hotkey-prefix
<0-ff>
] |
[
idle-timer
<0-4294967>
] |
[
initiate-connection any-char | specific-char
<0-ff>
] |
[
internet address
<A.B.C.D>
|
<X:X:X::X>
] |
[
keepalive off | on
] |
[
lock off | on
] |
[
map-cr-crlf off | on
] |
[
modbus [master crlf | entry | protocol] | [slave cflf | protocol | uid-range
] |
[
modem-init-string
<WORD>
] |
[
monitor-dsr-dtr on | off
] |
IOLAN SCR Command Line Reference Guide
254
Interface line mode
[
motd off | on
] |
[
multihost entry
<1-49> <A.B.C.D>
|
<X:X:X::X>
port
<1-65535>
] |
[
multisessions
<1-8>
] |
[
name
<WORD>
] |
[
packet-forwarding delay-between-messages
<1-65535>
| [enable-end-tigger1 on
| off] | [enable-end-tigger2 on | off] | [enable-eof1 on | off ] | [enable-eof2 on | off] |
[enable-sof1 on | off] | [enable-sof2 on | off] | end-trigger1
<0-0xff>
| end-trigger2
<0-0xff>
| eof1
<0-0xff>
| eof2
<0-0xff>
| force-transmit-timer
<1-65535>
|
[forwarding-rule strip-trigger | trigger | trigger+1 | trigger+2] | idle-timer
<1-
65535>
| [mode custom-on-frame-definition | custom-on-specific-events | minimize-latency | optimize-network-throughput | prevent-messagefragmentation] | packet-size
<1-1024>
| sof1
<0-0xff>
| sof2
<0-0xff>
| start-frametransmit off | on
] |
[
pages
<1-7>
] |
[
parity even | mark| none | odd | space
] |
[
phone -number
<WORD>
] |
[
ppp accm
<8 hex digits>
| [address-comp on | off] | auth-tmout
<1-255>
|
[authentication chap | pap | none] | challenge-interval
<0-255>
| cr-retry
<0-255>
| cr-timeout
<1-255>
| [dynamic-dns on | off hostname | password | username
<WORD>
] echo-retry
<0-255>
| echo-timeout
<0-255>
| [ipaddr-neg on | off] | ipv6-global-network-prefix
<WORD>
| ipv6-local-interface
<WORD >
| ipv6remote interface
<WORD>
| lipaddr
<A.B.C.D>
| magic-neg on | off | mtu
<64-
1500>
| [ms-direct host | guest] | nak-retry
<0-255>
| netmask
<A.B.C.D>
| password
<word>
| [proto-comp off | on] | ripaddr
<A.B.C.D>
| [roamingcallback off | on] | [routing listen | none | send | send-and-listen] | rpassword
<WORD>
| ruser
<WORD>
| tr-retry
<0-255>
| tr-timeout
<1-255> |
user
<WORD> |
vj-comp on | off
] |
[
reset off | on
] |
[
rev-session-security off | on
] |
[
rlogin-client termtype
<WORD>
] |
[
send-port-id off | on
] | [
service bidir
<A.B.C.D> <1-65535> <1-65535>
] |
[
service client-tunnel
<A.B.C.D> <1-65535>
] |
[
service direct raw
<A.B.C.D>
| rlogin
<A.B.C.D>
| ssh
<1-65535>
| telnet
<A.B.C.D> <1-65535>
] |
[
service dslogin
] |
[
service modbus-master
] |
[
service modbus-slave
] |
[
service ppp
] | [
service printer
] |
[
service reverse raw [multihost on | off | tcp-port
<1-65535>
| multihost] | ssh
<1-
65535>
| telnet
<1-65535>
] |
[
service server-tunnel
<1-65535>
] | [
service silent raw
<1-65535>
| multihost all | backup
< A.B.C.D> <1-65535> <1-65535>
| none
] | [
service slip
] |
[
service trueport client-initiated off
<A.B.C.D> <1-65535>
[multihost all | backup | none] signal-active off | on] | on
<1-65535>
[multihost all | backup | none] | signal-active off | on]
] |
[
service udp
<1-65535>
] | [
service vmodem
<1-65535>
] |
[
sess-timer
<0-4294967>
] |
IOLAN SCR Command Line Reference Guide
255
Interface line mode
[
session-strings delay
<0-65535>
| initiate
<WORD>
| terminate
<WORD>
] |
[
slip lipaddr | mtu |
<A.B.C.D>
| netmask
<A.B.C.D>
| ripaddr
<A.B.C.D>
]
routing listen | none | send | send-and-listen | vj-comp on | off
] |
[
speed 115200 | 1200 | 1800 | 19200 | 230400 | 2400 | 28800 | 300 | 38400 | 4800 |
57600 | 600 | 9600 | custom
] |
[
ssh-client authentication [dsa on | off] | [keyboard-interactive on|off] | [rsa on | off] | [compression on | off] | [login on | off] | name
<WORD>
| password
<WORD>
| [ssh-2-cipher-list 3des | aes | aes-ctr | aes-gcm | arcfour | blowfish | cast | chacha20-poly1305] | strict-host-key-checking on | off | termtype
<WORD>
| verbose on | off
] |
[
ssl cipher-suite option
<1-5>
| [encryption 3des | aes | aes-gcm | any | arcfour | arctwo | des min-key-size 128 | 168 | 256 | 40 | 56 | 64] | [max-key-size 128 | 168 |
256 | 40 | 56 | 64] | [key-exchange adh | any | ecdh-ecdsa | edh-dss | edh-rsa | rsa] |
[hmac any | md5 | sha1 | sha256 | sha384] | [enable on | off] | [type client | server]
| validation-criteria common-name
<WORD>
| country
<WORD>
<WORD>
| | locality
<WORD>
| | organisaton
<WORD>
| organisation-unit
<WORD>
| state-province
<WORD>
| [verify-peer off | on] | [version any tlsv1 | tlsv1.1 | tlsv1.2]
] |
[
stop-bits 1 | 2
] |
[
telnet-client echo
<0-0x7f>
| eof
<0-0x7f>
| erase
<0-0x7f>
| escape
<0-0x7f>
| intr
<0-0x7f>
| line-mode off | on | local-echo off | on | map-cr-crlf on | off | quit
<0-0x7f>
] |
[
termtype ansi | dumb | hp700 | ibm3151te | term1 | term2 | term3 | tvi925 | vt100
| vt320 | wyse60
] |
[
udp entry
<1-4>
| both auto-learn
<A.B.C.D>
|
<X:X:X:X::X>
specific
<1-
65535> <WORD>
| in any-port
<A.B.C.D>
|
<X:X:X:X::X>
|
<A.B.C.D>
|
<X:X:X:X::X>
| none | out
<1-65535>
|
<A.B.C.D>
|
<X:X:X:X::X>
] |
[
user
<WORD>
] |
| [
vmodem echo off | on] | [failure-string
<WORD>
] | [host
<A.B.C.D>
|
<X:X:X:X::X>
] | [init-string
<WORD>
| mode [auto | manual] | port
<1-65535>
| response-delay
<1-999>
| [signals cts always-high | represent-ri] | dcd alwayshigh | follow-connection] | [style numeric | verbose] | success-string
<WORD>
| suppress off | on
]}
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-line)#tty
{[
break |
Break signal from peer
[
break-interrupted | local | off |remote
]
|
Specifies how a break is interpreted.
Data Range:
None —The IOLAN ignores the break key completely and it is not passed through to the host.
IOLAN SCR Command Line Reference Guide
256
[
break-delay
<1-65535>
]
[
break-length
1-65535>
]
|
|
IOLAN SCR Command Line Reference Guide
Interface line mode
Local
—The router deals with the break locally. If the user is in a session, the break key has the same effect as a hot key.
Remote
—When the break key is pressed, the router translates this into a telnet break signal which it sends to the host machine.
Break Interrupt —On some systems such as
SunOS, XENIX, and AIX, a break received from the peripheral is not passed to the client properly. If the client wishes to make the break act like an interrupt key (for example, when the stty options - ignbrk and brkintr are set.
Default is None
This parameter defines the delay between the termination of a a break condition and the time data will be sent out the serial port.
Default is 0ms (no delay).
When the IOLAN receives a command from its peer to issue a break signal, this parameters defines the length of time the break condition will be asserted on the serial port
Default is 1000ms (1 second)
257
[
[
[
[
connection-method dial-in out | direct-connect | ms-direct-guest | direct-host
] |
cts-toggle off | on
]
cts-toggle-final-delay cts-toggle-inital-delay databits 5 | 6 | 7 | 8
]
|
|
[
data-logging off | on
]
|
|
dial-out | dial-in-
<0-1000>
<0-1000>
]
]
|
|
ms-
IOLAN SCR Command Line Reference Guide
Interface line mode
Dial in –
If the device is remote and will be dialing in via modem or ISDN
TA, enable this parameter.
Default is Disabled
Dial out–
If you want the modem to dial a number when the serial port is started, enable this parameter.
Default is Disabled
Enable CTS toggle.
CTS final delay in milliseconds.
Value is 1-1000
CTS initial delay in milliseconds.
Value is 1-1000
Specify the databits to use for this connection.
When enabled, serial data will be buffered if the TCP connection is lost. When the
TCP connection is reestablished, the buffered serial data will be sent to its destination. If using the
Trueport profile, data logging is only supported in
Lite mode Lite Mode. If the data buffer is filled, incoming serial data will overwrite the oldest data.
The minimum data buffer size is 4K. The maximum data buffer size is 256K.
Note: A kill line or a reboot of the IOLAN causes all buffered data to be lost.
Some profile features are not compatible with the data logging feature. See
data-logging_buffer_size.
258
[
[
dial-retries
<0-99>
]
dial-timeouts
<0-99>
|
]
|
[
discard-characters-rxd-with-errors off |on
]
|
[
echo-suppression off | on
]
|
Interface line mode
The number of times the
IOLAN will attempt to reestablish a connection with a remote modem.
Range is 0-99
Default is 2
The number of seconds the
IOLAN will wait to establish a connection to a remote modem.
Range is 1-99
Default is 45 seconds
When enabled, the IOLAN will discard characters received with a parity or framing error.
Default is Disabled
This parameter applies to
EIA-485 half-duplex mode, all characters will be echoed to the user and transmitted across the serial ports.
Some EIA-485 applications require local echo to be enabled in order to monitor the loopback data to determine that line contention has occurred. If your application cannot handle loopback data, echo suppression should be enabled.
Default is Disabled
IOLAN SCR Command Line Reference Guide
259
[
flow both | hard | none | soft
]
|
[
flowin off | on
]
[
flowout off on
]
|
|
[
hotkey-prefix
<0-ff>
]
|
Interface line mode
Defines whether the data flow is handled by the software (soft), hardware
(hard), both or none. If you are using SLIP, set to Hard only. If you are using PPP set to either soft or hard
(hard is recommended). If you select soft with PPP, you must set the ACCM parameter when you configure PPP for the serial port.
Data Options: Soft, Hard,
Both, None
Default is None
Determines if input flow control is to be used.
Determines if output flow control is to be used.
Default is Enabled
The prefix that a user types to lock a serial port or redraw the Menu.
Data Range:
•
^a l—(Lowercase L)
Locks the serial port until the user unlocks it.
IOLAN SCR Command Line Reference Guide
260
[
idle-timer
<0-4294967>
]
|
IOLAN SCR Command Line Reference Guide
Interface line mode
The prefix that a user types to lock a serial port or redraw the Menu.
Data Range:
•
^a l—(Lowercase L)
Locks the serial port until the user unlocks it. The user is prompted for a password ( any password, excluding spaces) and locks the serial port. Next, the user must retype the password to unocj the serial port.
• ^r—When you switch from a session back to the
Menu, the screen may not be redrawn correctly. If this happens, use this command to redraw it properly. This is always Ctrl R, regardless of the Hot Key prefix
.
You can use the Hotkey
Prefix to lock a serial port only when the Allow Port
Locking parameter is enabled.
Default is hexadecimal 01
(Ctrl-a, ^a)
Use this timer to close a connection because of inactivity. When the idle timeout expires, the router will end the connection because of inactivity.
Range is 0-4294967 seconds (about 49 days)
Default is 0 seconds so the port will never timeout.
261
[
initiate-connection any-char | specific-char
<0-ff>
]
|
[
internet address
<A.B.C.D>
|
<X:X:X::X>
] |
[
ip-aliasing
] |
[
keepalive off | on
]
|
IOLAN SCR Command Line Reference Guide
Interface line mode
Initiates a connection to the specified host when any data is received on the serial port.
Default is Disabled
Initiates a connection to the specified host only when the specified character is received on the serial port.
Default is Disabled
The internet address of this serial port.
Enable and specify an IP address for the serial port.
Enables a per connection
TCP keep-alive feature.
After the configured number of seconds, the connection will send a gratuitous ACK to the network peer, thus either ensuring the connection stays active OR causing a dropped connection condition to be recognized.This parameter needs to be used in conjunction with the
Monitor Connection Status
Interval parameter found under config
The interval specifies the inactivity period before
"testing" the connection.
Note: If a network connection is accidentally dropped, it can take as long as the specified interval before anyone can reconnect to the serial port.
Default is Disabled
262
[
lock off | on
] |
[
map-cr-crlf off | on
]
|
modbus [master crlf | entry | protocol] | [slave cflf | protocol | uid-range
]
|
[
modem-init-string
<WORD>
]
|
[
monitor-dsr-dtr on | off
] |
|
[
motd off | on
]
|
[
multihost entry
<1-49> <A.B.C.D>
|
<X:X:X::X>
port
<1-65535>
] |
[
multisessions
<1-8>
] |
[
name
<WORD>
] |
IOLAN SCR Command Line Reference Guide
Interface line mode
When enabled, the user can lock his terminal with a password using the hotkey prefix (ctrl-a) ^a (lowercase
L). The IOLAN prompts the user for a password and a confirmation.
Default is disabled.
When enabled, maps carriage returns (CR) to carriage return line feed
(CRLF).
Default is Disabled
When Modbus/Ascii is selected, adds a CR/LF to the end of the transmission; most Modbus devices require this option.
Default is enabled
Sent the configured initialization string to set up with attached modem.
Monitor for dsr-dtr.
Enables/disables the display of the message of the day.
Default is Disabled
Add a multihost to the multihost table.
The number of extra network connections available on a serial port, in addition to the single session that is always available. Enabling multisessions will permit multiple users to monitor the same console port.
Range is 1– 8
Default is 0
Specify a name.
263
[
packet-forwarding delay-between-messages
<1-65535>
| [enable-end-tigger1 on | off] |
[enable-end-tigger2 on | off] | [enable-eof1 on | off ] | [enable-eof2 on | off] | [enable-sof1 on | off] | [enable-sof2 on | off] | end-trigger1
<0-
0xff>
| end-trigger2
<0-0xff>
| eof1
<0-0xff>
| eof2
<0-0xff>
| force-transmit-timer
<1-65535>
| [forwarding-rule strip-trigger | trigger | trigger+1 | trigger+2] | idle-timer
<1-65535>
|
[mode custom-on-frame-definition | customon-specific-events | minimize-latency | optimize-network-throughput | preventmessage-fragmentation] | packet-size
<1-
1024>
| sof1
<0-0xff>
| sof2
<0-0xff>
| startframe-transmit off | on
] |
[
pages
<1-7>
]
|
[
parity even | mark | none | odd | space
]
[
phone-number
<number>
]
|
|
Interface line mode
This option allow you to define the packet forwarding rules based on the packet definition or the frame.
Default is disabled
When enabled, this group of parameters allows you to set a variety of packet definition options. The first criteria that is met cause the packet to be transmitted.
For example, if you set a
Force transmit timer of
1000 ms and a packet size of 100 bytes whichever criteria is met first is what will cause the packet to be transmitted.
Default is enabled
The number of video pages the terminal supports.
Range: 1-7
Default is 5 pages
Specify the type of parity being used for the data communications on the serial port.
If you want to force a parity type, you can specify
Mark for 1 and Space for 0.
Data Options are Even,
Odd, Mark, Space and
None.
The phone number to use when Dial Out is enabled.
IOLAN SCR Command Line Reference Guide
264
[
ppp accm
<8 hex digits>
| [address-comp on | off] | auth-tmout
<1-255>
| [authentication chap | pap | none] | challenge-interval
<0-255>
| cr-retry
<0-255>
| cr-timeout
<1-255>
|
[dynamic-dns on | off hostname | password | username
<WORD>
] echo-retry
<0-255>
| echo-timeout
<0-255>
| [ipaddr-neg on | off] | ipv6-global-network-prefix
<WORD>
| ipv6local-interface
<WORD >
| ipv6-remote interface
<WORD>
| lipaddr
<A.B.C.D>
| magic-neg on | off | mtu
<64-1500>
| [ms-direct host | guest] | nak-retry
<0-255>
| netmask
<A.B.C.D>
| password
<word>
| [proto-comp off | on] | ripaddr
<A.B.C.D>
| [roamingcallback off | on] | [routing listen | none | send | send-and-listen] | rpassword
<WORD>
| ruser
<WORD>
| tr-retry
<0-255>
| tr-timeout
<1-
255> |
user
<WORD> |
vj-comp on | off
] |
[
reset off | on
]
|
[
rev-session-security off | on
]
|
[
rlogin-client termtype
<WORD>
] |
Interface line mode
Set PPP parameters.
SLIP
– The IPv4 address of the router end of the SLIP link. For routing to work you must enter an IP address in this field. Choose an address that is part of the same network or subnetwork as the remote end; for example, if the remote end is address
192.101.34.146, your local
IP address can be
192.101.34.145. Do not use the router’s (main) IP address in this field; if you do so, routing will not take place correctly.
MTU –
The Maximum
Transmission Unit (MTU) parameter restricts the size of individual SLIP packets being sent by the router.
Enter a value between 256 and 1500. The default value is 256. If your user is authenticated by Radius, this value will be overwritten when you have set a Framed MTU in the
RADIUS server.
When enabled, resets the terminal definition connected to the serial port when a user logs out.
Default is disabled
Sets whether reverse telnet sessions will be authenticated.
Set the terminal type for rlogin sessions.
IOLAN SCR Command Line Reference Guide
265
[
send-name off | on
] |
[
send-port-id off | on
] |
[
service bidir
<A.B.C.D> <1-65535> <1-
65535>
] |
[
service client-tunnel
<A.B.C.D> <1-65535>
] |
[
service direct raw
<A.B.C.D>
| rlogin
<A.B.C.D>
| ssh
<1-65535>
| telnet
<A.B.C.D>
<1-65535>
] |
[
service dslogin
] |
[
service modbus-master
] |
[
service modbus-slave
] |
[
service ppp
]
|
[
service printer
] |
[
service reverse raw [multihost on | off | tcpport
<1-65535>
| multihost] | ssh
<1-65535>
| telnet
<1-65535>
] |
[
service server-tunnel
<1-65535>
] |
Interface line mode
When enabled, the port name will be sent to the host upon session initiation.
This will be done before any other data is sent or received to/from the host.
Default is disabled
Send port-id when enabled.
Used for TCP Sockets,
Reverse and Silent connections. Enter the host to connect to, server port number and host port number.
Enter the host to connect to and host port number.
Set service to direct raw.
Connect to the serial port in
Command Line Interface
(CLI) mode on this port.
Set service modbus master.
Set service to modbus slave.
Select service type as PPP for this serial port.
Select printer type as printer for this serial port.
Set parameters for a reverse raw connection.
Set service to server tunnel connection.
IOLAN SCR Command Line Reference Guide
266
[
service silent raw
<1-65535>
| multihost all | backup
< A.B.C.D> <1-65535> <1-65535>
| none
]
Interface line mode
Multihost – Used for connections coming from the network to the serial port for Trueport or Raw.
Multihost all allows multiple hosts to connect to the serial device.
Backup – Used for connections going from the serial port to the network for
Trueport or Silent Raw services, allows the serialport to communicate to either all the hosts in the multi-host list or a primary/backup host.
Set service to slip.
Set service to trueport.
[
service slip
]
|
[
service trueport client-initiated off
<A.B.C.D> <1-65535>
[multihost all | backup | none] signal-active off | on] | on
<1-65535>
[multihost all | backup | none] | signal-active off | on]
] |
[
service udp
<1-65535>
]
|
[
service vmodem
<1-65535>
]
|
[
sess-timer
<0-4294967>
] |
Set service to udp.
Set service to vmodem.
Use this timer to forcibly close the session/connection when the Session Timeout expires.
Default is 0 seconds so that the port never timeouts.
Range is 0-4294967 seconds (about 49 days)
IOLAN SCR Command Line Reference Guide
267
[
session-strings
<WORD>
| delay terminate
<0-65535>
<WORD>
|
] |
initiate
IOLAN SCR Command Line Reference Guide
Interface line mode
Delay after Send
– If configured, a delay time is sent to the device. This delay can be used to provide the serial device with time to process the string before the session is initiated.
Initiate at Start
– If configured, this string will be sent to the serial device on the power-up of the router or when a kill line command is issued on this serial port. If the "monitor
DSR" or "monitor DCD" options are set, the string will also be sent when the monitored signal is raised.
Range is
0-127 alphanumeric characters. Non printable ascii characters must be entered in this format <027>. The decimal numbers within the brackets must be 3 digits long
(example 003 not 3)
Send at Terminate
– If configured, this string will be sent to the serial device when the TCP session on the LAN is terminated. If multi-host is configured, this string will only be sent in listen mode to the serial device when all multi-host connections are terminated.
Range is
0-127 alphanumeric characters. Non printable ascii characters must be entered in this format <027>. The decimal numbers within the brackets must be 3 digits long
(example 003 not 3)
268
[
[
slip lipaddr | mtu |
<A.B.C.D>
| netmask
<A.B.C.D>
| ripaddr
<A.B.C.D>
| routing listen | none | send | send-and-listen | vj-comp on | off
]
[
speed 115200 | 1200 | 1800 | 19200 | 230400 |
2400 | 28800 | 300 | 38400 | 4800 | 57600 | 600 |
9600 | custom
] |
[
ssh-client authentication [dsa on | off] |
[keyboard-interactive on|off] | [rsa on | off] |
[compression on | off] | [login on | off] | name
<WORD>
| password
<WORD>
| [ssh-2-cipherlist 3des | aes | aes-ctr | aes-gcm | arcfour | blowfish | cast | chacha20-poly1305] | stricthost-key-checking on | off | termtype
<WORD>
| verbose on | off
] |
[
enable on | off
] |
[
type client | server
] |
verify-peer off | on
[
stop-bits 1 | 2
] |
] |
[
version any tlsv1 | tlsv1.1 | tlsv1.2
] |
Interface line mode
Set SLIP parameters.
Set the line speed.
Set up SSH client parameters.
Enable or disable ssl.
Select mode for ssl.
client
server
Specify whether the peer will be validated.
Specify the version of tlsv to use.
Specify the number of stop bits.
IOLAN SCR Command Line Reference Guide
269
[
telnet-client echo
<0-0x7f>
| eof
<0-0x7f>
| erase
<0-0x7f>
| escape
<0-0x7f>
| intr
<0-
0x7f>
| line-mode off | on | local-echo off | on
| map-cr-crlf on | off | quit
<0-0x7f>
| termtype
<WORD>
] |
Interface line mode
Echo
– t oggles between local echo of entered characters and suppressing local echo.
Local echo is used for normal processing, while suppressing the echo is convenient for entering text that should not be displayed on the screen, such as passwords. This parameter can be used only when
Enable Line mode is enabled.
Default is disabled
eof
– Defines the end-of-file character. When enabled
Line mode is enabled, entering the EOF character as the first character on a line sends the character to the remote host.
This value is in hexadecimal.
Default is 4 (ASCII value
^D)
This parameter can be used only when Enable Line mode is enabled.
Default is disabled
erase
–Defines the erase character. When Line mode is off, typing the erase character erases one character.
IOLAN SCR Command Line Reference Guide
270
Interface line mode
[
termtype ansi | dumb | hp700 | ibm3151te | term1 | term2 | term3 | tvi925 | vt100 | vt320 | wyse60
] |
IOLAN SCR Command Line Reference Guide
This value is in hexadecimal.
Default is 8 (ASCII value
^H)
escape
– Defines the escape character. Returns you to the command line mode.
This value is hexadecimal.
Default is 1d (ASCII value
GS)
line mode
– When enabled, keyboard input is not sent to the remote host until Enter is pressed, otherwise input is sent every time a key is pressed.
Default is disabled
Local echo
– Toggles between local echo of entered character and suppressing local echo
Local echo is used for normal processing, while suppressing the echo is convenient for entering text that should not be display on the screen such as passwords.
This parameter can only be used when Enable Line
Mode is enabled.
Default is disabled
map cr to crlf
– When enabled, maps carriage return (CR) to carriage return/line feed (CR/LF).
Default is disabled
Quit
–
Defines the quit character. Typing the quit character closes and exits the current telnet session.
This value is in hexadecimal. Default is 1c
(ASCII value FS)
Specify a terminal type.
271
[
udp entry
<1-4>
| [both | in | out | none] | auto-learn
<A.B.C.D>
|
<X:X:X:X::X>
specific
<1-65535> <A.B.C.D>
|
<X:X:X:X::X>
| in anyport
<A.B.C.D>
|
<X:X:X:X::X> <A.B.C.D>
|
<X:X:X:X::X>
| none | out
<1-65535>
<A.B.C.D>
|
<X:X:X:X::X>
] |
Interface line mode
Entry
– Selects which of the 4 available entries we wish to define/modify. For each entry the user can specify a different IP address range, UDP port and direction of data flow
both|in|out|none
The direction in which information is received or relayed:
None
—UDP service not enabled.
In
—
LAN to serial. The
IOLANwill listen on the port value configured in the
DS Port parameter for messages coming from the learned or configured port.
Out
—
Serial to LAN. The
IOLAN will forward data received on the serial port to the IP address range,
UDP port configured for this entry.
Both
—Messages are relayed in both directions.
For messages coming from the LAN to the serial device, the IOLAN must receive a UDP message before it can send one, since the UDP port number is learned from the received message.
IOLAN SCR Command Line Reference Guide
272
[
user
<WORD>
] |
Interface line mode
auto-learn
The IOLAN will only listen to the first port that it receives a UDP packet from.
Auto learn is applicable when direction is set to In or
Both.
any-port
The IOLAN will receive messages from any port sending UDP packets
Applicable when direction is set to In.
specific
The port that the IOLAN
<
start_IP_address
>
The first host IP address in the range of IP addresses
(for IPV4 or IPV6) that the router will listen for messages from and/or send messages to.
IOLAN
<
end_IP_address
>
The last host IP address in the range of IP addresses
(for IPV4, not required for
IPV6) that the IOLAN will listen for messages from and/or send messages to.
Specify a username.
IOLAN SCR Command Line Reference Guide
273
[
vmodem echo off | on] | [failure-string
<WORD>
] | [host
<A.B.C.D>
|
<X:X:X:X::X>
] |
[init-string
<WORD>
| mode [auto | manual] | port
<1-65535>
| response-delay
<1-999>
|
[signals cts always-high | represent-ri] | dcd always-high | follow-connection] | [style numeric | verbose] | success-string
<WORD>
| suppress off | on
]}
Interface line mode
Echo
When enabled, echoes back characters that are typed in
(equivalent to ATE0/ATE1 commands) Disabled by default
Failure-string
String that is sent to the serial device when a connection fails. If no string is entered, the string NO
CARRIER will be sent.
host
Host
The target host name
.
init-string
You can specify additional vmodem commands that will affect how vmodem starts. The following commands are supported:
ATQn, ATVn, ATEn, ATS0,
AT&Z1, AT&Sn,
AT&Rn, AT&Cn, AT&F,
ATS2, ATS12, and ATDS1.
See
VModem Initialization
Commands
in the
Router’s
User’s Guide
for a more detailed explanation of the support initialization commands.
mode
Auto mode establishes the connection when the line becomes active. You must supply the AT command or phone number that will start the connection.
port
The port number the target host is listening on for messages.
IOLAN SCR Command Line Reference Guide
274
Interface line mode
IOLAN SCR Command Line Reference Guide response-delay
The amount of time, in milliseconds, before an AT response is sent to the requesting device. The default is 250 ms.
signals dcd
Controls the state of the
DCD signal.
always-high = DCD
signal will always stay high follow-connection =
DCD signal will be high when an end to end connection is established and low when it is not
Since the IOLAN does not have a physical DCD pin, you need to re-map the
DTR or RTS signal to DCD to have the signal present.
(see next option).
signals dtr
You can specify how the
DTR signal pin acts during your modem application connection, as itself (DTR), as DCD, or as RI.
signals rts
You can specify how the
RTS signal pin acts during your modem application connection, as itself (RTS), as DCD, or as RI.
style
One of the following:
Verbose
—Return codes
(strings) are sent to the connected device.
Numeric
—The following characters can be sent to the connected device:
275
Interface line mode
0
OK
1
CONNECTED
2
RING
3
NO CARRIER
4
ERROR
6
INTERFACE DOWN
7
CONNECTION
REFUSED
8 NO LISTENER
success-string
String that is sent to the serial device when a connection succeeds. If no string is entered, then the string CONNECT will be sent with the connecting speed for example
CONNECT 9600
suppress
When enabled, the connection success/failure indication strings are sent to the connected device, otherwise these indications are suppressed. The default is disabled.
PerleSCR(config-line)#
Command Modes
Usage Guidelines
Set line tty parameters.
Examples
This example disables CLI mode for tty 8.
PerleSCR(config)#tty 8 mode disable<cr>
Related Commands
[
(config-line)#vty
{[
accounting exec
<WORD>
| default login
<WORD>
default
]
|
[
width
] | [
|
exec-timeout
<0-35791> <0-2147483>
] |
authorization exec
[
<0-512>
history size
]}
0-256>
<WORD>
] | [
length
| default
0-512>
]
]
|
|
IOLAN SCR Command Line Reference Guide
276
Interface line mode
Use the no form of this command to negate a command or set its defaults.
Syntax Description
(config-line)#vty
[
accounting exec
<WORD>
| default
] |
|
[
authorization exec
<WORD>
| default
]
[
exec-timeout
<0-35791> <0-2147483>
|
Accounting parameters.
Authorization parameters.
Time in minutes and seconds for
CLI to timeout on the vty session.
[
history size
0-256>
] |
[
length
0-512>
] |
Sets the size of the history buffer.
Number of lines displayed on the screen. Type 0 for no pausing at end of page.
[
login
<WORD>
default
]
|
[
width
<0-512>
]}
Command Modes
Login authentication parameters.
Terminal screen width.
PerleSCR>enable
PerleSCR>config
PerleSCR#line vty<cr>
PerleSCR#
Usage Guidelines
Set line vty paramters.
Examples
Set terminal width to 132.
PerleSCR#line vty<cr>
PerleSCR#width 132<cr>
Related Commands
IOLAN SCR Command Line Reference Guide
277
advertisement
Key Features
- Comprehensive set of commands for configuring and managing Perle devices
- Easy-to-use interface
- Supports a wide range of Perle devices
- Secure and reliable
- Free to download and use
Questions & Answers
P P G
How to save the current device configuration?
Frequently Answers and Questions
What is Perle CLI?
What can I do with Perle CLI?
Is Perle CLI easy to use?
Is Perle CLI secure?
Is Perle CLI free to use?
Related manuals
advertisement
Table of contents
- 3 Table of Contents
- 13 Preface
- 13 About This Book
- 13 Intended Audience
- 13 Typeface Conventions
- 14 Using the Command-Line Interface
- 19 User Exec Mode
- 19 clear ip dhcp binding
- 19 enable
- 20 line-attach
- 20 logout
- 21 ping
- 21 release dhcp | dhcpv6
- 22 renew dhcp | dhcpv6
- 23 show alarm
- 24 show arp
- 24 show clock
- 24 show crypto
- 25 show dot1x
- 26 show eap
- 27 show environment
- 28 show facility-alarm
- 28 show flash:
- 29 show hosts
- 30 show ip arp
- 30 show ip ddns
- 31 show ip dhcp
- 31 show ip host-group
- 32 show ip http
- 32 show ip interface
- 33 show ip ssh
- 34 show ipv6
- 35 show line
- 35 show mab
- 36 show ntp
- 37 show nvram
- 38 show radius
- 38 show snmp
- 39 show ssh
- 39 show tacacs
- 40 show terminal
- 40 show users
- 41 show version
- 42 ssh
- 42 telnet
- 43 terminal
- 43 traceroute
- 45 Privileged EXEC mode
- 45 archive
- 48 boot
- 49 cd
- 49 clear aaa
- 50 clear arp-cache
- 50 clear counters
- 51 clear ip
- 52 clear ipv6
- 52 clear line
- 53 clear logging
- 53 clear radius
- 54 clear tacacs
- 54 clock
- 55 configure
- 56 copy
- 57 debug
- 59 delete
- 59 dir
- 60 disable
- 60 disconnect
- 61 dot1x
- 62 exit
- 62 kill
- 63 line-attach
- 63 logout
- 64 mkdir
- 64 more
- 66 ping
- 67 pwd
- 67 release dhcp | dhcpv6
- 68 reload
- 69 rename
- 69 renew
- 70 reset
- 71 rmdir
- 71 serialt
- 72 show aaa
- 72 show alarm
- 73 show archive
- 74 show arp
- 75 show bgp
- 76 show bridge
- 77 show clock
- 77 show crypto
- 78 show debugging
- 78 show dhcp
- 79 show dot1x
- 80 show eap
- 81 show eee
- 83 show email
- 83 show environment
- 84 show facility-alarm
- 84 show flash:
- 86 show hosts
- 86 show interfaces
- 88 show ip access-lists
- 88 show ip alg
- 89 show ip arp
- 90 show ip bgp
- 90 show ip community-list
- 91 show ip ddns
- 91 show ip dhcp
- 92 show ip dns
- 93 show ip extcommunity-list
- 93 show ip firewall
- 94 show ip health
- 95 show ip host-group
- 95 show ip http
- 96 show ip interface
- 96 show ip nat
- 97 show ip ospf
- 98 show ip prefix-list
- 99 show ip rip
- 99 show ip route
- 100 show ip route-policy
- 101 show ip ssh
- 101 show ipv6
- 103 show line
- 105 show logging
- 106 show mab
- 107 show management-access
- 107 show nat66
- 108 show ntp
- 109 show nvram:
- 109 show processes
- 110 show radius
- 111 show reload
- 111 show route-map
- 113 show running-config
- 115 show serial
- 116 show snmp
- 117 show ssh
- 116 show startup-config
- 119 show system
- 121 show tacacs
- 121 show task-status
- 122 show tech-support
- 122 show terminal
- 123 show users
- 124 show version
- 124 show wan
- 126 show zone-policy
- 126 ssh
- 127 telnet
- 127 terminal
- 128 traceroute
- 128 undebug
- 130 Global Configuration Mode
- 130 aaa
- 131 alarm
- 132 archive
- 134 arp
- 135 banner
- 135 bridge
- 136 boot
- 136 clock
- 137 crypto
- 148 dot1x
- 149 eap
- 150 email
- 151 enable
- 152 hostname
- 152 interface
- 171 ip
- 181 ipv6
- 188 key
- 189 line
- 190 logging
- 192 login
- 193 management-access
- 195 nat66
- 196 ntp
- 199 power-supply
- 200 radius
- 201 radius-server
- 201 router-map
- 203 router
- 211 router-map
- 213 sdm
- 213 serial
- 215 service
- 216 snmp-server
- 217 tacacs
- 218 tty
- 219 username
- 225 wan
- 227 zone
- 228 zone-pair
- 230 Interface configuration
- 230 Interface
- 252 Interface line mode
- 252 line