This chapter also gives you a general description for accessing telnet and describes the firmware versions for the routers explained in this manual.

Note: For Windows 7 user, please make sure the Windows Features of Telnet Client has been turned on under Control Panel>>Programs.

Enter cmd and press Enter. The Telnet terminal will be open later.

In the following window, type Telnet 192.168.1.224 as below and press Enter. Note that the IP address in the example is the default address of the router. If you have changed the default, enter the current IP address of the router.

Next, enter admin/admin for Account/Password.


For users using previous Windows system (e.g., XP), simply click Start >> Run and type Telnet 192.168.1.224 in the Open box.

Next, enter admin/admin for Account/Password.

 

Enter ? to get a list of available commands.

The availabe commands contain ¡V clear, clock, configure, copy, delete, disable, end, exit, ping, reboot, renew, restore-defaults, save, show, ssl, terminal, traceroute and udld. Each command will be explained as follows.

Note: You can also enter ? to check if there are subcommands under current command.

This command allows resetting the functions of ARP, interface, IP, IPv6, LACP, Line, LLDP, Logging, MAC, MVR, and Spanning Tree.

Telnet Command: clear arp

Use this command to clear entries in the ARP cache.

Syntax Items

clear arp

Description

Syntax Items

Description

clear arp

<A.B.C.D> - Enter the IP address of the device (e.g., 192.168.1.224).

Related Syntax:

l        # clear arp

l        # clear arp <A.B.C.D>

Example

G2280# clear arp 192.168.1.224

G2280#

 

Telnet Command: clear authentication

Use this command to clear authentication sessions based on LAN port, MAC address, or authentication type for 802.1x/MAC authentication.

Syntax Items

clear authentication sessions

clear authentication sessions interfaces gigabitethernet

clear authentication sessions mac

clear authentication sessions session-id

clear authentication sessions type

Description

Syntax Items

Description

clear authentication sessions

Clear all of the sessions related to authentication.

Related Syntax:

l        # clear authentication sessions

clear authentication sessions interfaces gigabitethernet

Clear the sessions of a specific interface.

<1-28> - Enter the number of LAN port.

Related Syntax:

l        # clear authentication sessions interfaces gigabitethernet <1-28>

clear authentication sessions mac

Clear the sessions with the MAC address set here.

<A:B:C:D:E:F> - Enter the MAC address of the device that you want to clear the authentication information.

Related Syntax:

l        # clear authentication sessions mac <A:B:C:D:E:F>

clear authentication sessions session-id

Clear the sessions with the string set here.

<WORD> - Enter a string of a session that you want to clear.

Related Syntax:

l        # clear authentication sessions session-id <WORD>

clear authentication sessions type

Clear the sessions with authentication type selected here.

<dot1x> - Use 802.1x authentication.

<mac> - Use mac-based authentication.

<web> - Use web-based authentication.

Related Syntax:

l        # clear authentication sessions type <dot1x><mac><web>

Example

G2280# clear authentication sessions

No Auth Manager sessions currently exist

G2280# clear authentication sessions mac 48:5B:39:2F:A8:66

G2280# clear authentication sessions interfaces GigabitEthernet 2

G2280# clear authentication sessions session-id 0000000B002AFBE8

 

Telnet Command: clear gvrp

Use this command to clear statistics or port error statistics for all interfaces or a specific interface (LAN or LAG).

Syntax Items

clear gvrp error-statistics

clear gvrp statistics

Description

Syntax Items

Description

clear gvrp error-statistics

Specify a LAN/LAG interface for clearing error statistics for GVRP.

<1-28> - Enter the number (1 to 28) of LAN port.

<1 - 8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface) that you want to clear the GVRP setting.

Related Syntax:

l        # clear gvrp error-statistics interfaces GigabitEthernet <1-28>

l        # clear gvrp error-statistics interfaces LAG <1 - 8>

clear gvrp statistics

Specify a LAN/LAG interface for clearing statistics for GVRP.

<1-28> - Specify an interface for clearing statistics for GVRP.

<1 - 8> - Specify LAG interface for clearing statistics for GVRP.

Related Syntax:

l        # clear statistics interfaces GigabitEthernet <1-28>

l        # clear statistics interfaces LAG <1 - 8>

Example

G2280# clear gvrp error-statistics interfaces GigabitEthernet 2

G2280#

G2280# clear gvrp error-statistics interfaces LAG 2

G2280#

 

 


Telnet Command: clear interfaces

Use this command to clear statistics counters for all interfaces or a specific interface (LAN or LAG).

Syntax Items

clear interfaces GigabitEthernet

clear interfaces LAG

Description

Syntax Items

Description

clear interfaces GigabitEthernet

Specify a LAN/LAG interface for clearing statistics counters on that port.

<1-28> - Enter the number (1 to 28) of LAN port.

Related Syntax:

l        # clear interfaces gigabitEthernet <1-28> counters

clear interfaces LAG

Specify a LAG interface for clearing statistics counters on that port.

<1 - 8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear interfaces LAG <1 - 8> counters

Example

G2280# clear interfaces gigabitethernet 3 counters

G2280# clear interfaces

G2280# clear interfaces lag 2 counters

G2280#

 

Telnet Command: clear ip

Use this command to clear ARP inspection information, DHCP snooping database agent, and IGMP snooping groups (dynamic or static) information for all interfaces or a specific interface (LAN or LAG) with IP address.

Syntax Items

clear ip arp

clear ip dhcp

clear ip igmp

Description

Syntax Items

Description

clear ip igmp

snooping groups dynamic - Clear dynamic snooping groups of IGMP server.

snooping groups static - Clear static snooping groups of IGMP server.

snooping statistics - Clear snooping statistics for IGMP server.

Related Syntax:

l        # clear ip igmp snooping groups dynamic

l        # clear ip igmp snooping groups static

l        # clear ip igmp snooping statistics

clear ip dhcp

snooping database statistics - Clear snooping database statistics for DHCP server.

snooping interfaces GigabitEthernet / LAG- Specify a LAN / LAG interface for clearing DHCP snooping information.

<1-28> - Enter the number (1 to 28) of LAN port.

<1 - 8> - Specify a LAG interface for clearing DHCP snooping information.

Related Syntax:

l        # clear ip dhcp snooping database statistics

l        # clear ip dhcp snooping interfaces GigabitEthernet <1-28> statistics

l        # clear ip dhcp snooping interfaces LAG <1 - 8> statistics

clear ip igmp

snooping groups dynamic - Clear dynamic snooping groups of IGMP server.

snooping groups static - Clear static snooping groups of IGMP server.

snooping statistics - Clear snooping statistics for IGMP server.

Related Syntax:

l        # clear ip igmp snooping groups dynamic

l        # clear ip igmp snooping groups static

l        # clear ip igmp snooping statistics

Example

G2280# clear ip igmp snooping groups dynamic

G2280#

 

Telnet Command: clear ipv6

Use this command to clear MLD snooping configuration for dynamic / static group(s) with IPv6 address.

Syntax Items

clear ipv6 mld

Description

Syntax Items

Description

clear ipv6 mld

snooping groups dynamic - Clear dynamic snooping groups of MLD.

snooping groups static - Clear static snooping groups of MLD.

Related Syntax:

l        # clear ipv6 mld snooping groups dynamic

l        # clear ipv6 mld snooping groups static

Example

G2280# clear ipv6

G2280# clear ipv6 mld snooping groups dynamic

G2280# clear ipv6 mld snooping groups dynamic?

  <cr>

G2280# clear ipv6 mld snooping groups static

 

Telnet Command: clear lacp

Use this command to clear LACP configuration for specified LAG interface or all LAG intefaces.

Syntax Items

clear lacp <1-8> counters

clear lacp counters

Description

Syntax Items

Description

clear lacp <1-8>

<1-8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear lacp <1-8> counters

clear lacp counters

Clear LACP configuration for all LAG interfaces.

Related Syntax:

l        # clear lacp counters

Example

G2280# clear lacp 1 counters

No interfaces configured in the channel group

G2280#

Telnet Command: clear line

Use this command to clear line settings including SSH (Secure Shell) configuration and telnet daemon configuration.

Syntax Items

clear line ssh

clear line telnet

Description

Syntax Items

Description

clear line ssh

Clear SSH configuration for line connection.

Related Syntax:

l        # clear line ssh

slear line telnet

Clear SSH Telnet configuration for line connection.

Related Syntax:

l        # clear line telnet

Example

G2280# clear line ssh

G2280# clear line telnet

Telnet Command: clear lldp

Use this command to clear LLDP statistics or reset LLDP information.

Syntax Items

clear lldp global

clear lldp interfaces

Description

Syntax Items

Description

clear lldp global

Clear all of the statistics related to LLDP.

Related Syntax:

l        # clear lldp global statistics

clear lldp interfaces

Specify a LAN / LAG interface for clearing LLDP information.

<1-28> - Enter the number (1 to 28) of LAN port. 

<1-8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear lldp interfaces GigabitEthernet <1-28> statistics

l        # clear lldp interfaces LAG <1-8> statistics

Example

G2280# clear lldp global statistics

G2280#

G2280# clear lldp interfaces LAG 1 statistics

G2280# clear lldp interfaces gigabitethernet 1 statistics

G2280#

Telnet Command: clear logging

Use this command to clear log messages from the internal logging buffer and flash.

Syntax Items

clear logging buffered

clear logging file

Description

Syntax Items

Description

clear logging buffered

Clear the log stored in RAM.

Related Syntax:

l        # clear logging buffered

clear logging file

Clear the log stored in flash.

Related Syntax:

l        # clear logging file

Example

G2280# clear logging buffered

G2280# clear logging file

G2280#

Telnet Command: clear mac

Use this command to clear MAC configuration related to VLAN, LAG, and LAN port.

Syntax Items

clear mac

Description

Syntax Items

Description

clear mac address-table

<1-28> - Enter the number (1 to 28) of LAN port.

<1-8>- Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

<1-4094> - Specify a VLAN ID by entering its number.

Related Syntax:

l        # clear mac adderss-table dynamic interfaces GigabitEthernet <1-28>

l        # clear mac adderss-table dynamic interfaces LAG <1-8>

l        # clear mac adderss-table dynamic vlan <1-4094>

Example

G2280# clear mac address-table dynamic vlan 2038

G2280# clear mac address-table dynamic interfaces gigabitethernet 3

G2280#

Telnet Command: clear mvr

Use this command to clear information for all members (including dynamic, static) of MVR.

Syntax Items

clear mvr members

Description

Syntax Items

Description

clear mvr members

Clear information for dynamic / static members.

Related Syntax:

l        # clear mvr members dynamic

l        # clear mvr members static

Example

G2280# clear mvr members dynamic

G2280# clear mvr members static

G2280#

Telnet Command: clear spanning-tree

Use this command to clear running system information.

Syntax Items

clear spanning-tree

Description

Syntax Items

Description

clear spanning-tree interfaces

Specify a LAN interface for clearing its running information.

<1-28>- Enter the number (1 to 28) of LAN port. 

Related Syntax:

l        # clear spanning-tree interfaces GigabitEthernet <1-28> statistics

l        # clear spanning-tree interfaces LAG <1-8> statistics

Example

G2280# clear spanning-tree interfaces GigabitEthernet

  <1-28>  GigabitEthernet device number

G2280# clear spanning-tree interfaces gigabitethernet 3 statistics

G2280# clear spanning-tree interfaces LAG 1 statistics

G2280#

 

This command allows managing the system clock.

Telnet Command: clock set

Use this command to configure the system clock manually.

Syntax Items

clock set

Description

Syntax Items

Description

clock set

Set current by entering hours, minutes, seconds, month, date and year with the format listed below:

<HH:MM:SS> - Hour, minute, second (e.g., 08:10:30).

<Jan> - January.

<feb> - February

<mar> - March

<apr> - April

<may> - May

<jun> - June

<jul> - July

<aug> - August

<sep> - September

<oct> - October

<nov> - November

<dec> - December

<1-31> - Date 1 to 31.

<2000-2035> - Year of 2000 to 2035.

Related Syntax:

l        # clock set HH:MM:SS jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec <1-31> <2000-2035>

Example

G2280# clock set 12:10:30 jan 1 2019

2019-01-01 12:10:30 UTC+8

 

This command allows configuring the settings related to VigorSwitch.

Available sub-commands under Configure include:

aaa,authentication, boot, clock, custom, dos, dot1x, do, dray_surveillence, enable, end, errdisable, exit, gvrp, hostname, interface, ip, ipv6, jumbo-frame, lacp, lag, line, lldp, logging, logmail, loop-protection, mac, mailalert, management, management-vlan, mirror, mvr, no, openvpn, port-security, qos, radius, schedule, snmp, sntp, spanning-tree, start-up, storm-control, surveillance-vlan, system, tacacs, tr069, udld, username, vlan, voice-vlan, webhook

Before configuration, you have to enter ¡§configure¡¨ to access into next phase.

To return to previous phase, enter ¡§exit¡¨

Example

G2280# configure

G2280(config)#

G2280(config)# exit

G2280#

Telnet Command: aaa

Use this command to add a login authentication list to authenticate with local, tacacs+, radius, and none service.

Syntax Items

aaa authentication enable

aaa authentication login

Description

Syntax Items

Description

aaa authentication enable

Enable authentication is used only on CLI for a user trying to switch from User EXEC (>) mode to Privileged EXEC (#) mode.

enable ¡V Enable the authentication list.

<LISTNAME> ¡V Enter a string as the list name for authentication type. Default value is ¡§default¡¨.

<none, enable, tacacs+, radius> ¡V Specify the authentication method by entering none, enable, tacacs+ or radius.

l        None: Do nothing and just make user be authenticated.

l        Enable: Use local password to authenticate.

l        Tacacs+: Use remote Tacas+ server to authenticate.

l        Radius: Use remote Radius server to authenticate.

default - It is used to configure default enable authentication.

Related Syntax:

l        <config>#aaa authentication enable <LISTNAME> <none, enable, tacacs+, radius>

l        <config>#aaa authentication enable default <none, enable, tacacs+, radius>

aaa authentication login

Login authentication is used when a user tries to login into the switch.

<none, enable, tacacs+, radius> ¡VSpecify the authentication method by entering none, enable, tacacs+ or radius.

default - It is used to configure default login authentication.

Related Syntax:

l        <config>#aaa authentication login <none, enable, tacacs+, radius>

l        <config>#aaa authentication login default <none, enable, tacacs+, radius>

Example

G2280# configure

G2280(config)#

G2280(config)# aaa authentication enable LISTNAME enable

G2280(config)#

G2280(config)# exit

G2280# show aaa authentication enable lists

 Enable List Name   Authentication Method List

------------------ -------------------------------

          default        enable

         LISTNAME        enable

G2280#

Telnet Command: authentication

Use this command to enable the global setting of 802.1x/MAC/WEB authentication network access control (default is disabled for all).

Syntax Items

authentication dot1x

authentication guest-vlan

authentication mac

authentication web

Description

Syntax Items

Description

authentication dot1x

Enable 802.1x authentication by entering the word, dot1x after authentication.

Related Syntax:

l        <config># authentication dot1x

authentication guest-vlan 

Configure the guest VLAN.

<1-4094> - Specify a guest VLAN ID by entering its number.

Related Syntax:

l        <config># authentication guest-vlan <1-4094>

authentication mac

Enable MAC authentication by entering the word, mac after authentication.

mac local - Local database for MAC-Based authentication. It can add local MAC authentication hosts in database.

<A:B:C:D:E:F> - Enter the MAC address to be added for authentication.

control auth ¡V Set a local entry control mode, auth (the host will be set to authorized) or unauth (the host will be set to unauthorized).

vlan <1~4094> - Specify a VLAN ID by entering its number

reauth-period <300~4294967294> - Set a time to initiate automatic re-authentication.

inactive-timeout <60~65535>- Set the inactive timeout for MAC authentication host. After the time interval, if there is no activity from the client, then it will be unauthorized by Vigor system.

control unauth - Set a local entry control mode as ¡§unauth¡¨ to let the host set as unauthorized.

radius mac-case <lower / upper> - Set RADIUS user ID with lower case or upper case.

radius mac-delimiter <colon/dot/hyphen/none> - Select RADIUS user ID delimiter. In which,

colon: XX:XX:XX:XX:XX:XX

dot: XX.XX.XX.XX.XX.XX

hyphen: XX-XX-XX-XX-XX-XX

none: XXXXXXXXXXXX

gap <2/4/6> - Select delimiter gap.

Related Syntax:

l        <config>#authentication mac

l        <config>#authentication mac local <A:B:C:D:E:F> control auth inactive-timeout <60~65535>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth reauth-period <300~4294967294>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan <1~4094>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan<1~4094> reauth-period <300~4294967294>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan<1~4094> reauth-period <300~4294967294> inactive-timeout <60~65535>

l        <config>#authentication mac local <A:B:C:D:E:F> control unauth

l        <config>#authentication mac radius mac-case <lower / upper>

l        <config>#authentication mac radius mac-delimiter <colon/dot/hyphen/none>

l        <config>#authentication mac radius mac-delimiter <colon/dot/hyphen/none> gap <2/4/6>

authentication web

Web - Enable web authentication by entering the word ¡§web¡¨ after ¡§authentication¡¨.

username <WORD> - Specify a username.

password <string> - Set a password.

vlan <1~4094> - Specify a VLAN ID by entering its number.

reauth-period <30~4294967294> - Set a time to initiate automatic re-authentication.

inactive-timeout <60~65535>- Set the inactive timeout for MAC authentication host. After the time interval, if there is no activity from the client, then it will be unauthorized by Vigor system.

Related Syntax:

l        <config>#authentication web

l        <config>#authentication web local username <WORD> password <string> inactive-timeout <60~65535>

l        <config>#authentication web local username <WORD> password <string> reauth-period <300~4294967294>

l        <config>#authentication web local username <WORD> password <string> reauth-period <300~4294967294> inactive-timeout <60~65535>

l        <config>#authentication web local username <WORD> password <string> vlan<1~4094>

l        <config>#authentication web local username <WORD> password <string> vlan<1~4094> reauth-period <30~4294967294> inactive-timeout <60~65535>

Example

G2280# configure

G2280(config)# authentication dot1x

G2280(config)# vlan 3

P2280(config-vlan)# exit

G2280(config)# authentication guest-vlan 3

G2280(config)#

G2280(config)# exit

G2280# show authentication

Autentication dot1x state        : enabled

Autentication mac state          : disabled

Autentication web state          : disabled

Guest VLAN                    : enabled (3)

Mac-auth Radius User ID Format  : XXXXXXXXXXXX

Mac-auth Local Entry             :

Web-auth Local Entry             :

Interface Configurations

Interface GigabitEthernet1

  Admin Control              : disable

  Host Mode                   : multi-auth

  Type dot1x State           : disabled

  Type mac State             : disabled

  Type web State             : disabled

  Type Order                  : dot1x

  MAC/WEB Method Order      : radius

  Guest VLAN                  : disabled

  Reauthentication           : disabled

  Max Hosts                   : 256

  VLAN Assign Mode           : static

--More¡X

¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K¡K..

G2280# configure

G2280(config)# authentication mac local 00:11:22:33:00:01 control auth vlan 3 reauth-period 500 inactive-timeout 300

G2280(config)#

G2280(config)# authentication mac local 00:11:22:33:00:01 control unauth

G2280(config)#

G2280(config)# authentication web local username user_1 password 1234tw vlan 3 reauth-period 600 inactive-timeout 700

G2280(config)#

 

Telnet Command: boot

Use this command to have a backup image in the flash partition. Select the active firmware image, and another firmware image will become a backup one.

Syntax Items

boot system

Description

Syntax Items

Description

boot system

Boot the system from flash image partition 0 / 1.

Related Syntax:

l        <config># boot system image0

l        <config># boot system image1

Example

G2280# configure

G2280(config)#

G2280(config)# boot system image0

Select "image0" Success

G2280(config)# exit

G2280#

G2280# show boot

Image  Version       Date                        Status       File Name

-----  ----------   ---------------------   -----------  ----------

0        1.0.2        2017-08-29 09:44:57      Not active*  2280_r442_220RC1.all

1        2.3.2        2018-05-16 09:14:31      Active        p2280_r734_230RC4.all

 

"*" designates that the image was selected for the next boot

 

G2280#

 

Telnet Command: clock

Use this command to configure time zone, summer-time and external time source for the system clock.

Syntax Items

clock auto timezone

clock source local

clock source sntp

clock summer-time

clock timezone

Description

Syntax Items

Description

clock auto timezone

VigorSwitch sets the time zone automatically.

clock source local

Configure an external time source for the system clock.

¡§local¡¨ means to use static time. It is the default setting.

Related Syntax:

l        <config># clock source local

clock source sntp

Configure an external time source for the system clock. ¡§sntp¡¨ means to use SNTP time.

Related Syntax:

l        <config># clock source sntp

clock summer-time

Configure the system to automatically switch to summer time (daylight saving time).

ACRONYM ¡V Specify the acronym name of time zone. The acronym of the time zone will be displayed when summer time is in effect. If unspecified, the time zone acronym will be used in default. (1-4 chars)

<jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> - Indicate January, February, March, April, May, June, July, August, September, October, November, December.

<1-31> means date 1 to 31.

<2000-2037> - means year of 2000 to 2035.

<HH:MM> - means hours and minutes.

recurring - Summer time should start and end on the corresponding specified days every year.

<1-1440>- Set the number of minutes to add during the summer time. The default number is 60.

eu - The summer time is based on the European Union rules. (Start point ¡V last Sunday in March, End point ¡V last Sunday in October)

usa - The summer time is based on the United States rules. (Start point ¡V second Sunday in March, End point ¡V first Sunday in November)

first - The first week of the month.

last - The last week of the month.

<sun/mon/tue/wed/thu/fri/sat> - Indicate Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday.

<jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> - Indicate January, February, March, April, May, June, July, August, September, October, November, December.

<first/last>- Specify the first week or the last week of the month.

<1-5> - Specify the number of the week in the month.

Note that the first group of month, date, hour and minute is used for configuring starting time, and the second group is used for configuring ending time.

Related Syntax:

l        <config># clock summer-time ACRONYM date <jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> <1-31> <2000-2037> <HH:MM> <jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec><1-31><2000-2037> <HH:MM>

l        <config># clock summer-time ACRONYM recurring eu <1-1440>

l        <config># clock summer-time ACRONYM recurring usa <1-1440>

l        <config># clock summer-time ACRONYM recurring first <sun/mon/tue/wed/thu/fri/sat>< jan / feb / mar / apr / may / jun/jul/aug/sep/oct/nov/dec> <HH:MM> <first/last> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr/may/ jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

l        <config># clock summer-time ACRONYM recurring last <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may /jun/jul/aug/sep/oct/nov/dec> <HH:MM> <first/last><sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr/may/ jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

l        <config># clock summer-time ACRONYM recurring <1-5> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may /jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-5> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may/jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

clock timezone ACRONYM <-12-13> minutes <0-59>

Set the time zone for display purposes.

ACRONYM ¡V Specify the acronym name of time zone. The acronym of the time zone will be displayed when summer time is in effect. If unspecified, the time zone acronym will be used in default. (1-4 chars)

<-12-13> ¡V Specify the hour offset (from -12 to +13) of time zone.

minutes <0-59> ¡V Specify the minute difference from UTC.

Related Syntax:

l        <config># clock timezone ACRONYM <-12-13> minutes <0-59>

Example

G2280# configure

G2280(config)# clock source sntp

G2280(config)# exit

G2280# show clock detail

2019-01-05 06:51:23 UTC+8

Time source is sntp

Time zone:

Acronym is

Offset is UTC+8

G2280# configure

G2280(config)# clock summer-time tw date jan 30 2019 23:30 feb 1 2019 20:50

G2280(config)# exit

G2280# show clock detail

2019-01-05 07:13:49 UTC+8

Time source is sntp

 

Time zone:

Acronym is ACRONYM

Offset is UTC-10:08

 

Summertime:

Acronym is tw

Starting and ending on a specific date.

Begins at 1 30 19 23:30

Ends at 2 1 19 20:50

Offset is 60 minutes.

G2280# configure

G2280(config)# clock summer-time ACRONYM recurring eu 1200

G2280(config)# clock summer-time ACRONYM recurring first mon jan 10:10 first sun feb 10:10 1000

G2280(config)# exit

G2280# show clock detail

2019-01-05 11:37:18 UTC+8

Time source is sntp

Time zone:

Acronym is

Offset is UTC+8

Summertime:

Acronym is ACRONYM

Recurring every year.

Begins at 1 1 1 10:10

Ends at 1 0 2 10:10

Offset is 1000 minutes.

 

 

Telnet Command: custom

Use this command to enable the module settings.

Syntax Items

custom enable

Description

Syntax Items

Description

custom enable

Enable the module settings.

Related Syntax:

l        <config># custom enable

Example

G2280# configure

G2280(config)# custom enable

G2280(config)#

Telnet Command: dos

Use this command to enable specific Denial of Service (DoS) protection.

Syntax Items

dos daeqsa-deny

dos icmp-frag-pkts-deny

dos icmp-ping-max-length

dos icmpv4-ping-max-check

dos icmpv6-ping-max-check

dos ipv6-min-frag-size-check

dos ipv6-min-frag-size-length

dos land-deny

dos nullscan-deny

dos pod-deny

dos smurf-deny

dos smurf-netmask

dos syn-sportl1024-deny

dos synfin-deny

dos synrst-deny

dos tcp-frag-off-min-check

dos tcpblat-deny

dos tcphdr-min-check

dos tcphdr-min-length

dos udpblat-deny

dos xma-deny

Description

Syntax Items

Description

dos daeqsa-deny

Drop the packets if the destination MAC address equals to the source MAC address.

Related Syntax:

l        <config># dos daeqsa-deny

dos icmp-frag-pkts-deny

Drop the fragmented ICMP packets.

Related Syntax:

l        <config># dos icmp-frag-pkts-deny

dos icmp-ping-max-length

Set the maximum packet size for ICMPv4/ICMPv6 ping operation.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos icmp-ping-max-length <0-65535>

dos icmpv4-ping-max-check

Check ICMPv4 ping maximum packets size and drop the packets larger than the maximum packet size defined by the command, dos icmp-ping-max-length.

Related Syntax:

l        <config># dos icmpv4-ping-max-check

dos icmpv6-ping-max-check

Check ICMPv6 ping maximum packets size and drop the packets larger than the maximum packet size defined by the command, icmp-ping-max-length.

Related Syntax:

l        <config># dos icmpv6-ping-max-check

dos ipv6-min-frag-size-check

Check minimum size of IPv6 fragments.

Related Syntax:

l        <config># dos ipv6-min-frag-size-check

dos ipv6-min-frag-size-length <0-65535>

Set the minimum packet size of IPv6 fragmented packets.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos ipv6-min-frag-size-length <0-65535>

dos land-deny

Drop the packets if the source IP address equals to destination IP address.

Related Syntax:

l        <config># dos land-deny

dos nullscan-deny

Drop the packets if attacked by NULL Scan.

Related Syntax:

l        <config># dos nullscan-deny

dos pod-deny

Drop the packets if attacked by Ping of Death.

Related Syntax:

l        <config># dos pod-deny

dos smurf-deny

Drop the packets if encountered Smurf attack.

Related Syntax:

l        <config># dos smurf-deny

dos smurf-netmask

Set the smurf attack size.

<0-32> - Enter a number as smurf attacks size.

Related Syntax:

l        <config># dos smurf-netmask <0-32>

dos syn-sportl1024-deny

Drop SYN packets with sport less than 1024.

Related Syntax:

l        <config># dos syn-sportl1024-deny

dos synfin-deny

Drop the packets with SYN and FIN bits set.

Related Syntax:

l        <config># dos synfin-deny

dos synrst-deny

Drop the packets with SYNC and RST bits set.

Related Syntax:

l        <config># dos synrst-deny

dos tcp-frag-off-min-check

Drop the TCP fragmented packet with offset equals to the minimum packet size.

Related Syntax:

l        <config># dos tcp-frag-off-min-check

dos tcpblat-deny

Drop the packets if the source TCP port equals to destination TCP port.

Related Syntax:

l        <config># dos tcpblat-deny

dos tcphdr-min-check

Check the minimum TCP header and drop the TCP packets with the header smaller than the minimum size defined.

Related Syntax:

l        <config># dos tcphdr-min-check

dos tcphdr-min-length

Set the minimum size of TCP header.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos tcphdr-min-length <0-65535>

dos udpblat-deny

Drop the packets if the source UDP port equals to destination UDP port.

Related Syntax:

l        <config># dos udpblat-deny

dos xma-deny

Drop the packets if the sequence number is zero and the FIN, URG and PSH bits are set already.

Related Syntax:

l        <config># dos xma-deny

Example

G2280# configure

G2280(config)#

G2280(config)# dos icmp-ping-max-length 25252

G2280(config)# dos icmpv4-ping-max-check

G2280(config)#

Telnet Command: dot1x

Use this command to ¡§enable¡¨ the global setting for guest VLAN and specify the guest VLAN ID.

Syntax Items

dot1x guest-vlan

Description

Syntax Items

Description

dot1x guest-vlan

<1-4094> - Select a guest VLAN by entering its number.

Related Syntax:

l        <config># dot1x guest-vlan <1-4094>

Example

G2280# configure

G2280(config)#

G2280(config)# dot1x guest-vlan 3

G2280(config)#

Telnet Command: do

Use this command to execute a command immediately.

Syntax Items

do SEQUENCE

Description

Syntax Items

Description

SEQUENCE

Enter the command that you want to execute immediately.

Related Syntax: (for example)

l        <config># do show info

Example

G2280# configure

G2280(config)# do show info

System Name        : G2280

System Location    : Default

System Contact     : Default

MAC Address        : 00:1D:AA:0C:B7:F6

IP Address         : 192.168.1.232

Subnet Mask        : 255.255.255.0

Loader Version     : 1.0.3

Loader Date        : Sep 21 2017 - 20:30:13

Firmware Version : 2.4.3

Firmware Date      : May 02 2019 - 17:37:13

Firmware Revision : 1393

System Object ID : 1.3.6.1.4.1.7367

System Up Time     : 6 days, 22 hours, 50 mins, 33 secs

PoE SW Version     : 260

G2280(config)#

Telnet Command: dray_surveillence

Use this command to enable / disable the ONVIF.

Syntax Items

dray_surveillence add

dray_surveillence direct-add

dray_surveillence set

Description

Syntax Items

Description

dray_surveillence add

Add an IP device for surveillance.

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence add device uuid WORD <36-36>

l        <config># dray_surveillence add group uuid WORD <36-36>

dray_surveillence direct-add

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence direct-add device uuid WORD <36-36>

dray_surveillence set

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence set device uuid WORD <36-36>

l        <config># dray_surveillence set group uuid WORD <36-36>

Example

G2280# configure

G2280(config)#

G2280(config)# dray_surveillence

G2280(config)#

G2280(config)# dray_surveillence add device uuid 53d7762a-c52b-4bb9-8000-305501e0f35f

G2280(config)#

Telnet Command: enable

Use this command to configure local password with encrypted string or not.

Syntax Items

enable password

enable privilege

enable secret

Description

Syntax Items

Description

enable password

Edit the password for each privilege level for activating authentication.

<1-15> - Enter a number for specifying a privilege level. Default value is 15.

Related Syntax:

l        <config># enable password <1-15>

enable privilege

Edit the privilege level of the password for local user.

<1-15> - Enter a number for specifying a privilege level. Default value is 15.

<string> - Enter a new string as the password.

Related Syntax:

l        <config># enable privilege <1-15> password <string>
(This password will NOT be encrypted.)

l        <config># enable privilege <1-15> secret <string>
(This password will BE encrypted.)

l        <config># enable privilege <1-15> secret encrypted <string>
(This password is copied from another configuration file. So, enter an existed and encrypted password.)

enable secret

<PASSWORD> - Enter a new string as the encrypted password.

Related Syntax:

l        <config># enable secret PASSWORD

l        <config># enable secret encrypted PASSWORD

Example

G2280# configure

G2280(config)# enable secret encrypted testtest

G2280(config)# exit

G2280# show running-config

G2280# ¡K

enable privilege 2 secret "OTE5ZTY4MmNhYzgyNWQ0MzBhNTgwZTg0MmZmMGJiYzQ="

enable secret "testtest"

vlan 2

 name "test0002"

vlan 3

 name "test0003"

vlan 5

 name "test_carrie"

voice-vlan oui-table 00:E0:BB "3COM"

voice-vlan oui-table 00:03:6B "Cisco"

voice-vlan oui-table 00:E0:75 "Veritel"

.......

 

Telnet Command: end

Use this command to end current mode.

Syntax Items

end

Example

G2280# configure

G2280(config)#end

G2280#

Telnet Command: errdisable

Use this command to enable the auto recovery timer for port error.

Syntax Items

errdisable recovery cause

errdisable recovery interval

Description

Syntax Items

Description

errdisable recovery cause

Enable the auto recovery timer for port error disabled from ACL,all, ARP rate limit, STP BPDU guard, broadcast flooding, DHCP rate limit, port security, STP self-loop, unicast flooding, or unknown multicast flooding causes.

Related Syntax:

l        <config># erridisable recovery cause < acl /all /arp-inspection /bpduguard /broadcast-flood /dhcp-rate-limit /psecure-violation /selfloop /unicast-flood /unknown-multicast-flood >

errdisable recovery interval

Set the recovery time of the error disabled port.

<30-86400> - The default value is 300 seconds.

Related Syntax:

l        <config># errdisable recovery interval <30-86400>

Example

G2280# configure

G2280(config)#

G2280(config)# errdisable recovery interval 600

G2280(config)#

Telnet Command: exit

Use this command to exit current mode and return to previous mode/phase.

Syntax Items

exit

Example

G2280# configure

G2280(config)#

G2280(config)# exit

G2280#

Telnet Command: gvrp

Use this command to enable the GVRP configuration. In default, the GVRP is disabled.

Syntax Items

gvrp

Example

G2280# configure

G2280(config)# gvrp

G2280(config)#

G2280(config)# exit

G2280# show gvrp

                GVRP    Status

                --------------------

    GVRP                            : Enabled

    Join time                      : 200 ms

    Leave time                     : 600 ms

    LeaveAll time                 : 10000 ms

G2280#

Telnet Command: hostname

Use this command to modify the network name of VigorSwitch.

Syntax Items

hostname

Description

Syntax Items

Description

hostname

<word> - Enter a string as the network name for VigorSwitch.

Related Syntax:

l        <config># hostname <word>

Example

G2280# configure

G2280(config)# hostname Switch_3F

Switch_3F(config)#

Telnet Command: interface

Use this command to configure interface settings.

Before configuring, you have to access into next phase. See the following example:

G2280# configure

G2280(config)#

G2280(config)# interface GigabitEthernet 3

G2280(config-if)#

Or

G2280# configure

G2280(config)#

G2280(config)# interface range LAG 3

P2280(config-if-range)#

Syntax Items

interface GigabitEthernet

interface LAG

interface range

Description

Syntax Items

Description

interface GigabitEthernet

<1-28> - Specify the number of Ethernet LAN port.

Related Syntax:

l        <config># interface GigabitEthernet <1-28>

interface LAG

<1-8> - Specify the number of LAG interface.

Related Syntax:

l        <config># interface LAG <1-8>

Interface range

Specify an interface ranges for configuring detailed settings.

Related Syntax:

l        <config># interface range GigabitEthernet <1-28>

l        <config># interface range LAG <1-8>

Example

G2280# configure

G2280(config)# interface LAG 1

G2280(config-if)#

 

Under (config-if)#, available sub-commands are:

<config-if># authentication

<config-if># back-pressure

<config-if># custom

<config-if># description

<config-if># device-check

<config-if># dos

<config-if># dot1x

<config-if># do

<config-if># dray_surveillence

<config-if># duplex

<config-if># eee

<config-if># end

<config-if># exit

<config-if># flowcontrol

<config-if># gvrp

<config-if># ip

<config-if># ipv6

<config-if># lacp

<config-if># lag

<config-if># lldp

<config-if># mac

<config-if># mvr

<config-if># no

<config-if># port-security

<config-if># protected

<config-if># qos

<config-if># rate-limit

<config-if># shutdown

<config-if># spanning-tree

<config-if># speed

<config-if># storm-control

<config-if># surveillance-vlan

<config-if># switchport

<config-if># udld

<config-if># vlan

<config-if># voice-vlan

Description

Syntax Items

Description

authentication

Apply Auth Manager Port Configuration Commands to the specified interface (Ethernet port/LAG port).

dot1x ¡V Execute the 802.1x authentication.

guest-vlan ¡V Authenticate the guest VLAN configuration.

host-mode <multi-auth / multi-host / single-host> - Set the host mode for authentication on this port.

max-hosts <1-256> - Set the maximum number of authenticated hoss allowed on this port.

method <local/radius> - Set authentication method by using local or RADIUS server.

order <dot1x / mac /web> - Add an authentication type to the order list.

port-control <auto / force-auth / force-unauth> - Set the port state of this port as AUTO, Authorized or Unauthorized.

radius-attributes vlan reject ¡V If the Radius server authorizes the supplicant, but does not provide a supplicant VLAN, the supplicant will be rejected. If the parameter is omitted, the option is applied by default.

radius-attributes vlan static - If the Radius server authorizes the supplicant but does not provide asupplicant VLAN, the supplicant will be accepted.

reauth ¡V Enable/Disabel Reauthentication for this port

timer <inactive> <60-65535> ¡V Set the time value for authentication. After the time interval, if there is no activity from the client, it will be unauthorized.

timer quiet <0-65535> - Set the time value to wait failed authentication exchange.

timer reauth <300-4294967294> - Set the time value. After the time interval, an automatic re-authentication should be initiated.

web ¡V Execute the web-based authentication.

web max-login-attempts <3-10> ¡V Set a maximum number of login attemps on the port.

web max-login-attempts infinite ¡V No limit for login attempts.

Related Syntax:

l        <config-if># authentication dot1x

l        <config-if># authentication guest-vlan

l        <config-if># authentication host-mode <multi-auth / multi-host / single-host>

l        <config-if># authentication mac

l        <config-if># authentication max-hosts <1-256>

l        <config-if># authentication method <local/radius>

l        <config-if># authentication order <dot1x / mac /web>

l        <config-if># authentication port-control <auto / force-auth / force-unauth>

l        <config-if># authentication radius-attributes vlan reject

l        <config-if># authentication radius-attributes vlan static

l        <config-if># authentication reauth

l        <config-if># authentication timer inactive <60-65535>

l        <config-if># authentication timer quiet <0-65535>

l        <config-if># authentication timer reauth <300-4294967294>

l        <config-if># authentication web

l        <config-if># authentication web max-login-attempts <3-10>

l        <config-if># authentication web max-login-attempts infinite

back-pressure

Enable back-pressure for the specified interface (Ethernet port/LAG port).

Related Syntax:

l        <config-if># back-pressure

custom

<enable> - Enable the custom module configuration for the specified interface (Ethernet port/LAG port).

Related Syntax:

l        <config-if># custom enable

description

Write a description for the specified interface (Ethernet port/LAG port).

<WORD> - Enter a description (up to 32 characters).

Related Syntax:

l        <config-if># descripton <WORD>

device-check

Perform a device check the specified interface (Ethernet port/LAG port).

ip-address<A.B.C.D> - Enter the IP address of the device.

interval <120/15/30/60>¡V Check the device interval by entering the time value. Unit is second.

retry <1/3/5> - Enter the retry time during a checking period.

Failure-action <nothing/powercycle/poweroff> ¡V Set the power cycle.

Related Syntax:

l        <config-if># device-check ip-address <A.D.C.D> interval <120/15/30/60> retry <1/3/5> failure-action  <nothing/powercycle/poweroff>

dos

Apply DoS to the specified interface (Ethernet port/LAG port).

dot1x

It is available for GigabitEthernet port only.

guest-vlan ¡V Set guest VLAN configuration.

max-req <1-10>¡V Set the maximum request retries. Default is 2.

Port-control <auto/force-auth/force-unauth>¡V Set the port control value (auto, authorized or unauthorized)

reauth ¡V Enable/disable the reauthenctication for this port.

timeout <quiet-period / reauth-period / server-timeout /supp-timeout /tx-period>¡V Set timeout value for this port.

<0-65535> - Set a value as quiet period (default is 60-second).

<300-4294967294> - Set a value as re-authentication period. (default is 3600-second).

<1-65535> - Set a value to wait for a packet retransmission to the authentication server.

supp-timeout <1-65535> ¡V Set a vale as supplicant timeout period.

tx-period <1-65535> - Set a value to wait for a response to an EAP-request / identity before resending the request.

Related Syntax:

l        <config-if># dot1x guest-vlan

l        <config-if># dot1x max-req <1-10>

l        <config-if># dot1x port-control <auto /force-auth /force-unauth >

l        <config-if># dot1x reauth

l        <config-if># dot1x timeout quiet-period <0-65535>

l        <config-if># dot1x timeout reauth-period <300-4294967294>

l        <config-if># dot1x timeout server-timeout <1-65535>

l        <config-if># dot1x timeout supp-timeout <1-65535>

l        <config-if># dot1x timeout tx-period <1-65535>

do

Run execution commands in current mode.

dray_surveillence

Use this command to set the ONVIF throughput alert threshold.

<16-1000000> - Specify a number as the alert threshold for egress /ingress throughput.

Related Syntax:

l        <config-if>#dray_surveillence set threshold alert egress <16-1000000>

l        <config-if>#dray_surveillence set threshold alert ingress <16-1000000>

duplex

Apply the duplex configuration to the specified interface (Ethernet port/LAG port).

<Auto> ¡V Auto duplex configuration.

<Full>¡V Force full duplex operation.

<Half> ¡V Force half-duplex operation.

Related Syntax:

l        <config-if># duplex <auto/full/half>

eee

Apply the EEE configuration to the specified interface (Ethernet port).

end

End current mode, change to enable mode and return to previous phase.

exit

Exit from current mode.

flowcontrol

Configure flow-control mode to the specified interface (Ethernet port/LAG port).

<Auto> ¡V Enable AUTO flow-control configuration.

<Off> ¡V Disable the force flow-control.

<On> ¡V Enable the force flow-control.

Related Syntax:

l        <config-if># flowcontrol <auto/off/on>

gvrp

Apply the GVRP configuration to the specified interface (Ethernet port/LAG port).

registration-mode <fixed / forbidden / normal>- Set registration mode for GVRP. When registration-mode is fixed or forbidden, it will remove the dynamic port from VLAN.

vlan-creation-forbid ¡V Do not remove dynamic port from VLAN.

Related Syntax:

l        <config-if># gvrp registration-mode <fixed / forbidden / normal>

l        <config-if># gvrp vlan-creation-forbid

ip

Apply IP configuration to the specified interface (Ethernet port/LAG port).

acl <NAME> - Specify an ACL for packets. Enter the name of the ACL.

arp inspection rate-limit <1-50> ¡V ARP inspection is to enable Dynamic ARP Inspection function. Set the rate limitation (1 ¡V 50) on the interface. Vigor switch will drop ARP packets after receives more than configured rate of packets per second.

arp inspection trust ¡V Use it to set trusted interface.

arp inspection validate dst-mac ¡V It means Vigor switch will drop ARP reply packets if arp-target-mac and ethernet-dst-mac are not matched.

arp inspection validate ip allow-zeros ¡V The ¡§allow-zeros¡¨ means Vigor switch will not drop all zero IP address.

arp inspection validate src-mac ¡V It means Vigor switch will drop ARP requests and reply packets if arp-sender-mac and ethernet- source-mac are not matched.

conflict prevention bind-ip <A.B.C.D> -

conflict prevention port-type DHCP-Client ¡V

conflict prevention port-type DHCP-Client has-server ¡V

conflict prevention port-type DHCP-Server ¡V

conflict prevention port-type DHCP-Server has-server ¡V

conflict prevention port-type Multiple-Hosts ¡V

conflict prevention port-type Multiple-Hosts has-server ¡V

conflict prevention port-type Static-Binding ¡V

conflict prevention port-type Static-Binding has-server -

dhcp snooping option ¡V Use it to enable the function of inserting option82 content into the packet.

dhcp snooping option action <drop / keep / replace> - Use it to set the action (drop, keep or replace) when receiving packets with option82 content.

dhcp snooping option circuit-id <STRING> - Use it to set user-defined circuit-id string (1 to 63 characters).

dhcp snooping rate-limit <1-300> - Use it to set rate limitation on the interface.

dhcp snooping trust ¡V Use it to set trusted interface.

dhcp snooping verify mac-address ¡V Use it to verify MAC address function on the interface.

dhcp snooping vlan <1-4094> option circuit-id <STRING> - Set user-defined circuit-id string for specified VLAN ID.

igmp filter <1-128> - Use it to bind a profile for a port. Specify a profile ID.

igmp max-groups <0-256> - Use it to limit port learning max group number (0-256).

igmp max-groups action <deny/replace> - Use it to set the action (deny or replace) when the number of groups reach the limitation.

source binding max-entry <1-50> -

source binding max-entry no-limit -

source verify mac-and-ip ¡V Use it to enable IP source guard function.

Related Syntax:

l        <config-if># ip acl <NAME>

l        <config-if># ip arp inspection rate-limit <1-50>

l        <config-if># ip arp inspection trust

l        <config-if># ip arp inspection validate dst-mac

l        <config-if># ip arp inspection validate ip allow-zeros

l        <config-if># ip arp inspection validate src-mac

l        <config-if># ip conflict prevention bind-ip <A.B.C.D>

l        <config-if># ip conflict prevention port-type DHCP-Client

l        <config-if># ip conflict prevention port-type DHCP-Client has-server

l        <config-if># ip conflict prevention port-type DHCP-Server

l        <config-if># ip conflict prevention port-type DHCP-Server has-server

l        <config-if># ip conflict prevention port-type Multiple-Hosts

l        <config-if># ip conflict prevention port-type Multiple-Hosts has-server

l        <config-if># ip conflict prevention port-type Static-Binding

l        <config-if># ip conflict prevention port-type Static-Binding has-server

l        <config-if># ip dhcp snooping option

l        <config-if># ip dhcp snooping option action <drop / keep / replace>

l        <config-if># ip dhcp snooping option circuit-id <STRING>

l        <config-if># ip dhcp snooping rate-limit <1-300>

l        <config-if># ip dhcp snooping trust

l        <config-if># ip dhcp snooping verify mac-address

l        <config-if># ip dhcp snooping vlan <1-4094> option circuit-id <STRING>

l        <config-if># ip igmp filter <1-128>

l        <config-if># ip igmp max-groups <0-256>

l        <config-if># ip igmp max-groups action <deny/replace>

l        <config-if># ip source binding max-entry <1-50>

l        <config-if># ip source binding max-entry no-limit

l        <config-if># ip source verify mac-and-ip

ipv6

Apply IPV6 configuration to the specified interface (Ethernet port/LAG port).

acl <NAME> - Specify the ACL name for packets

mld <filter> ¡V Set IPv6 filter for MLD configuration.

mld max-groups ¡V Specify the number for maximum group.

<0-256> - MLD snooping group number.

action <deny /replace> ¡V Define the action to be performed when excessing the maximum group.

Related Syntax:

l        <config-if># ipv6 acl <NAME>

l        <config-if># ipv6 mld filter

l        <config-if># ipv6 mld max-groups <0-256>

l        <config-if># ipv6 mld max-groups action <deny / replace>

lacp

Apply LACP Configuration to the specified interface (Ethernet port/LAG port).

<1-65535> - Set a number for IEEE 802.3 link aggregation port priority.

<long/short> ¡V Set long or short timeout value.

Related Syntax:

l        <config-if># lacp port-priority <1-65535>

l        <config-if># lacp timeout <long/short>

lag

Apply Link Aggregation Group Configuration the specified interface (Ethernet port/LAG port).

<1-8> - Specify LAG number.

Related Syntax:

l        <config-if># lag <1-8>

lldp

med location - Configure the LLDP MED location data. The ¡§coordinate¡¨, ¡§civic-address¡¨, ¡§ecs-elin¡¨ locations are independent, so at most three location TLVs could be sent if their data are not empty.

med network-policy add / remove - Configure the LLDP MED network policy table. Add /remove a network policy entry that can be bind to ports.

med tlv-select - Configure LLDP MED TLVs selection. Available optional TLVs are network-policy, location, inventory and poe-pse.

tlv-select - Select LLDP TLVs to send.

<civic-address> - The location is specified as civic address.

<ADDR> - Range from 6 to 160 hexadecimal bytes.

<Coordinate> - The location is specified as coordinates.

<ADDR> - 16 hexadecimal bytes exactly.

<ecs-elin> - The location is specified as ECS ELIN.

<ADDR> - 10 to 25 hexadecimal bytes.

<IDX_LIST> - Range from 1 to 32.

<TLV> - LLDP optional TLV, pick from: port-desc, sys-name, sys-desc, sys-cap, mac-phy, lag, max-frame-size, management-addr.

pvid <disable/enable> - Enable or disable the TX optional-TLV 802.1 PVID.

vlan-name <add/remove> <2-4094> - Add/remove a selected VLAN. Enter the VLAN ID number.

<rx> - Enable LLDP reception on interface.

<tx> - Enable LLDP transmission on interface.

Related Syntax:

l        <config-if># lldp med location <civic-address/coordinate/ecs-elin> <ADDR>

l        <config-if># lldp med network-policy add <IDX_LIST>

l        <config-if># lldp med network-policy remove <IDX_LIST>

l        <config-if># lldp med tlv-select <network-policy/location/inventory/poe-pse> <network-policy/location/inventory/poe-pse> <network-policy/location/inventory/poe-pse>

l        <config-if># lldp tlv-select <TLV/pvid/vlan-name>

l        <config-if># lldp tlv-select pvid <disable/enable>

l        <config-if># lldp tlv-select vlan-name <add/remove> <2-4094>

l        <config-if># lldp <rx/tx>

mac

Specify an access control list for packets.

Before configuring, you have to create an ACL based on MAC address. For example,

<config># mac acl CA_ACL

<config-mac-acl>#

<NAME> - Enter a name for ACL.

Related Syntax:

l        <config-if># mac acl <NAME>

mvr

Make MVR configuration.

immediate - Enable MVR function.

type <receiver/source> - Specify MVR port type as receiver or source.

Related Syntax:

l        <config-if># mvr immediate

l        <config-if># mvr type <receiver/source>

no

Negate command. Such command can disable current setting of command executed and return to the factory setting of that command.

Example:

<config-if> # no mvr

The operation will make mvr setting is default. Continue? [yes/no]:yes

<config-if> #

Related Syntax:

l        <config-if># no <command>

port-security

port-security - Enable the port security functionality. Default is disabled.

address-limit <1-256>- Enter the number as limitation for MAC address.

action <discard / forward / shutdown> ¡V Speicfy an action to be performed.

Related Syntax:

l        <config-if># port-security

l        <config-if># port-security adderss-limit <1-256> action <discard / forward / shutdown>

protected

Configure an interface to be a protected port.

Related Syntax:

l        <config-if>#protected

qos

cos - Configure the default CoS value for an Ethernet port.

<0-7> - Specify a CoS value for the selected interface. Default value is 0.

remark - Configure remarking state of each port.

trust - Configure each port to trust state while the system is in ¡§basic¡¨ mode. There are four trust types for a device to judge the appropriate queue of the packets.

<cos> - Enable cos remarking.

<dscp> - Enable DSCP remarking.

<cos-dscp> - Enable cos and DSCP remarking.

<precedence> - Enable IP precedence remarking.

Related Syntax:

l        <config-if>#qos cos <0-7>

l        <config-if>#qos remark <cos/dscp/precedence>

l        <config-if>#qos trust <cos/cos-dscp/ dscp/precedence>

rate-limit

It is effective for Ethernet port only.

egress - Configure the egress port shaper.

ingress - Configure the ingress port shaper.

egress queue ¡V Configure queue for egress port shaper.

<0-1000000> - Enter a number as the average traffic rate in Kbps. It must be a multiple of 16.

<16-1000000> - Enter a number as the average traffic rate in Kbps. It must be a multiple of 16.

<1-8> - Specify a nubmer as queue ID.

Related Syntax:

l        <config-if># rate-limit egress <0-1000000>

l        <config-if># rate-limit egress queue <1-8> <16-1000000>

l        <config-if># rate-limit ingress <16-1000000>

shutdown

Disable the selected interface.

Example:

(config)# interface gigabitethernet 3

(config-if)# shutdown

(config-if)# exit

(config)# exit

# show interface Gigabitethernet 3

GigabitEthernet3 is down

Related Syntax:

l        <config-if># shutdown

spanning-tree

Configure spanning-tree settings.

bpdu-filter - Set the BPDU-Filter for specified port.

bpdu-guard - Set the BPDU-Guard for specified port.

edge - Set the edge-port for specified port.

cost - Change an interface¡¦s spanning tree path cost.

link-type - Specify a link type for spanning tree protocol use.

mcheck - Set the mcheck for specified port to migrate.

mst - Set spanning-tree parameters of instance.

port-priority- Set the priority for specified instance.

<0-200000000> - Specify a value of internal path cost (0 means Auto).

<point-to-point> - The selected port will be treated as point-to-point.

<shared> - The selected port will be treated as shared.

<0-15> - Specify an instance ID.

<0-240> - Specify a priority number for the selected port.

Related Syntax:

l        <config-if># spanning-tree <bpdu-filter /bpdu-guard/ edge>

l        <config-if># spanning-tree cost <0-200000000>

l        <config-if># spanning-tree link-type <point-to-point/shared>

l        <config-if>#spanning-tree mcheck

l        <config-if>#spanning-tree mst <0-15> cost <0-200000000>

l        <config-if># spanning-tree port-priority <0-240>

speed

Configure speed operation.

<10/100/1000> - Force 10/100/1000 Mbps operation.

<auto> - Enable Auto speed configuration.

Related Syntax:

l        <config-if># speed<10/100/1000>

l        <config-if># speed auto

storm-control

action - Select an action for storm control after exceeding the threshold.

broadcast level - Enable the storm control type of broadcast for the selected port.

unknown-multicast level - Enable the storm control type of unknown-multicast for the selected port.

unknown-unicast level- Enable the storm control type of unknown-unicast for the selected port.

<drop> - Drop packets after exceeding storm control threshold.

<shutdown> - Disable the port after exceeding storm control threshold.

<1-1000000> - Specify the rate value.

Related Syntax:

l        <config-if># storm-control action <drop/shutdown>

l        <config-if># storm-control broadcast level <1-1000000>

l        <config-if># storm-control unknown-multicast level <1-1000000>

l        <config-if># storm-control unknown-unicast level <1-1000000>

surveillance-vlan

cos - Set surveillance VLAN configuration.

mode - Set surveillance member port join mode.

<all> - QoS attributes are applied to all packets that are classified to the Surveillance VLAN.

<src> - QoS attributes are applied only on packets from IP phones.

<auto> - Make surveillance member port join voice VLAN automatically.

<manual> - The administrator manually makes surveillance member port join voice VLAN.

Related Syntax:

l        <config-if># surveillance-vlan cos <all/src>

l        <config-if># surveillance-vlan mode <auto/manual>

switchport

Set switching mode characteristics.

access vlan ¡VUse it to set a native VLAN on the interface.

default-vlan tagged ¡V Use it to make the selected port interface to become the default VLAN tagged member.

forbidden default-vlan ¡V Use it to forbid the defult-vlan on the interface.

forbidden vlan - Use it to forbid a vlan on the interface.

hybrid accetable-frame-type ¡V Use it to choose which type of frame will be accepted.

hybrid allowed ¡V Use it to allow a VALN set on the interface.

hybrid ingress-filtering ¡V Use it to enable VLAN ingress filter.

hybrid pvid ¡V Use it to set PVID of the interface.

mode access - Use it to configure the selected port as the role of access. Only untagged frames will be accepted.

mode hybrid - Use it to configure the selected port as the role of hybrid. Support all functions defined in IEEE 802.1Q specification.

mode trunk uplink ¡V Use it to configure the selected port as the role of trunk. It can recognize double tagging on the interface.

trunk allowed ¡V Use it to allow a VALN on the interface.

trunk native ¡V Use it to set a native VLAN on the interface.

tunnel vlan ¡V Use it to set a Dot1q tunnel VLAN on the interface.

vlan tpid ¡V Use it to set TPID on the interface.

<1-4094> - Specify a VLAN ID.

<add/remove> - Add or remove the allowed VLAN list.

<all/tagged-only/untagged-only> - Specify an option for accepting all frames, only tagged frames or only untagged frames.

<1-4094/all> - Specify a VLAN ID or all VLAN IDs.

< 0x8100 / 0x88A8 / 0x9100 / 0x9200> - Specify one tag-protocol-id.

Related Syntax:

l        <config-if># switchport access vlan <1-4094>

l        <config-if># switchport default-vlan tagged

l        <config-if># switchport forbidden default-vlan

l        <config-if># switchport forbidden vlan <add/remove> <1-4094>

l        <config-if># switchport hybrid accetable-frame-type <all/tagged-only/untagged-only>

l        <config-if># switchport hybrid allowed vlan add <1-4094>

l        <config-if># switchport hybrid allowed vlan add <1-4094> <tagged/ untagged>

l        <config-if># switchport hybrid allowed vlan remove <1-4094>

l        <config-if># switchport hybrid ingress-filtering

l        <config-if># switchport hybrid pvid <1-4094>

l        <config-if># switchport mode <access/hybrid>

l        <config-if># switchport mode trunk uplink

l        <config-if># switchport trunk allowed vlan <add /remove> <1-4094/all>

l        <config-if># switchport trunk native <1-4094>

l        <config-if># switchport tunnel vlan <1-4094>

l        <config-if># switchport vlan tpid < 0x8100/0x88A8 / 0x9100 / 0x9200>

udld

Configure UDLD enabled or disabled and ignore global UDLD setting.

aggressive - Enable UDLD protocol on such interface.

Related Syntax:

l        <config-if># udld

l        <config-if># udld aggressive

vlan

mac-vlan group - Set a MAC-based VLAN configuration.

protocol-vlan group - Set a protocol-based VLAN configuration.

<1-2147483647> - Specify a group ID to map.

<1-4094> - Specify a VLAN ID.

Related Syntax:

l        <config-if># vlan mac-vlan group <1-2147483647> vlan <1-4094>

l        <config-if># vlan protocol-vlan group<1-2147483647> vlan <1-4094>

voice-vlan

cos - Set voice VLAN configuration as COS mode.

mode - Set voice member port join mode.

<all> - QoS attributes are applied on all packets that are classified to the Voice VLAN.

<src> - QoS attributes are applied only on packets from IP phones.

<auto> - Make voice member port join voice VLAN automatically.

<manual> - The administrator manually makes voice member port join voice VLAN.

Related Syntax:

l        <config-if># voice-vlan cos <all/src>

l        <config-if># voice-vlan mode <auto/manual>

Example

G2280# configure

G2280(config)# interface LAG 1

G2280(config-if)# speed 100

G2280(config-if)# backpressure

G2280(config-if)# lldp med location ecs-elin 112233445566778899AA

G2280(config-if)# vlan mac-vlan group 35 vlan 1000

G2280(config-if)#

 

Telnet Command: ip

Use this command to create an IPv4 access list (ACL) which performs classification on layer 3 fields and enters ip-access configuration mode.

Syntax Items

ip acl

ip address

ip arp

ip conflict

ip default-gateway

ip dhcp

ip dns

ip forcedhttps

ip http

ip https

ip igmp

ip source

ip ssh

ip telnet

Description

Syntax Items

Description

ip acl

acl <NAME> - Set the name of the access list (ACL) based on IPv4.

To configure detailed settings, enter the name of ACL to access into next level.

<config>#ip acl <NAME>

Then, available sub-command includes:

<config-ip-acl>#deny

<config-ip-acl>#do

<config-ip-acl>#end

<config-ip-acl>#exit

<config-ip-acl>#permit

<config-ip-acl>#sequence

<config-ip-acl>#show

Use the ¡§deny¡¨ command to create deny rules for the IPv4 access list.

<0-255/egp/hmp/icmp/igp/ipinip/ipv6 /ipv6:frag /ipv6:icmp /ipv6:rout / ip / l2tp /ospf /pim / rdp / rsvp /tcp /udp > - Specify the IP protocol number or enter the name of the protocol.

<A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> - Specify the source and destination IPv4 addresses and subnet masks.

dscp <0-63> - Set the DSCP filtering by specifying a value for DSCP.

precedence <0-7> - Set the cos value and the cos mask for a packet.

shutdown ¡V Disable the Ethernet interface.

any ¡V Any IP address (as source or destination).

Related Syntax:

l        <config-ip-acl >#deny <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> dscp <0-63>

l        <config-ip-acl >#deny <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> dscp <0-63> shutdown

l        <config-ip-acl >#deny <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> precedence <0-7>

l        <config-ip-acl >#deny <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> precedence <0-7> shutdown

l        <config-ip-acl >#deny <0-255> any <A.B.C.D>/<A.B.C.D> dscp <0-63>

l        <config-ip-acl >#deny <0-255> any <A.B.C.D>/<A.B.C.D> dscp <0-63> shutdown

l        <config-ip-acl >#deny <0-255> any <A.B.C.D>/<A.B.C.D> precedence <0-7>

l        <config-ip-acl >#deny <0-255> any <A.B.C.D>/<A.B.C.D> precedence <0-7> shutdown

l        <config-ip-acl >#deny <0-255> any any dscp <0-7>

l        <config-ip-acl >#deny <0-255> any any dscp <0-7> shutdown

l        <config-ip-acl >#deny <0-255> any any precedence <0-7>

l        <config-ip-acl >#deny <0-255> any any precedence <0-7> shutdown

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l        <config-ip-acl>#do <SEQUENCE>

Use the ¡§end¡¨ command to finish current mode. Any changes in current mode will be saved.

Related Syntax:

l        <config-ip-acl>#end

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l        <config-ip-acl>#exit

Use the ¡§no sequence¡¨ command to delete any entry in management ACL.

<1-2147483647>- Specify an index number of the ACL.

Related Syntax:

l        <config-ip-ayl>#no sequence <1-2147483647>

Use the ¡§permit¡¨ command to create permit rules which bypass the packets meet the rule.

<0-255/egp/hmp/icmp/igp/ipinip/ipv6 /ipv6:frag /ipv6:icmp /ipv6:rout / ip / l2tp /ospf /pim / rdp / rsvp /tcp /udp > - Specify the IP protocol number or enter the name of the protocol.

<A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> - Specify the source and destination IPv4 addresses and subnet masks.

dscp <0-63> - Set the DSCP filtering by specifying a value for DSCP.

precedence <0-7> - Set the cos value and the cos mask for a packet.

Shutdown ¡V Disable the Ethernet interface.

any ¡V Any IP address (as source or destination).

Related Syntax:

l        <config-ip-acl >#permit <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> dscp <0-63>

l        <config-ip-acl >#permit <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> dscp <0-63> shutdown

l        <config-ip-acl >#permit <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> precedence <0-7>

l        <config-ip-acl >#permit <0-255> <A.B.C.D>/<A.B.C.D> <A.B.C.D>/<A.B.C.D> precedence <0-7> shutdown

l        <config-ip-acl >#permit <0-255> any <A.B.C.D>/<A.B.C.D> dscp <0-63>

l        <config-ip-acl >#permit <0-255> any <A.B.C.D>/<A.B.C.D> dscp <0-63> shutdown

l        <config-ip-acl >#permit <0-255> any <A.B.C.D>/<A.B.C.D> precedence <0-7>

l        <config-ip-acl >#permit <0-255> any <A.B.C.D>/<A.B.C.D> precedence <0-7> shutdown

l        <config-ip-acl >#permit <0-255> any any dscp <0-7>

l        <config-ip-acl >#permit <0-255> any any dscp <0-7> shutdown

l        <config-ip-acl >#permit <0-255> any any precedence <0-7>

l        <config-ip-acl >#permit <0-255> any any precedence <0-7> shutdown

Use the ¡§sequence¡¨ command to deny or permit the ACL.

<1-2147483647> - Enter the sequence of ACL entry. The sequence represents the priority of the ACE in the ACL.

Related Syntax:

l        <config-ip-acl >#sequence <1-2147483647> deny

l        <config-ip-acl >#sequence <1-2147483647> permit

Use the ¡§show acl¡¨ command to list current status of the selected ACL.

ip address

Use this command to modify the administration IPv4 address.

adddress <A.B.C.D> - Specify the IPv4 addresses. This IP is required when the administer wants to access into VigorSwitch through Telnet, SSH, HTTP, HTTPS, SNMP and so on.

mask <A.B.C.D> - Specify the netmask of the IP address.

Related Syntax:

l        <config>#ip address <A.B.C.D>

l        <config>#ip address <A.B.C.D> mask <A.B.C.D>

ip arp

Use this command to enable the function of dynamic ARP inspection.

vlan <1-4094> - Specify the VLAN ID number.

Related Syntax:

l        <config>#ip arp inspection

l        <config>#ip arp inspection vlan <1-4094>

ip conflict

Use this command to do IP conflict prevention.

lag - Enable/disable the function.

<A.B.C.D> - Specify the IPv4 addresses.

<1-28> - Specify a physical port.

<1-8> - Specify a LAG port.

Related Syntax:

l        <config>#ip conflict lag

l        <config>#ip conflict prevention

l        <config>#ip conflict prevention clear

l        <config>#ip conflict prevention server-ip <A.B.C.D> interface GigabitEthernet <1-28>

l        <config>#ip conflict prevention server-ip <A.B.C.D> interface LAG <1-8>

ip default-gateway

Use this command to modify default gateway address.

adddress <A.B.C.D> - Specify the IPv4 addresses.

Related Syntax:

l        <config>#ip default-gateway <A.B.C.D>

ip dhcp

Use this command to enable DHCP client to get IP address from remote DHCP server.

database <flash/tftp/timeout/write-delay> - Write the database to FLASH or remote TFTP server. Set timeout interval for abortion. Set delay timer for writing to URL.

<A.B.C.D> - Specify the IPv4 addresses.

<HOSTNAME> - Enter the name of the host.

<NAME> - Set a name for the backup file.

<0-86400> - Enter a value. Unit is second.

<15-86400> - Enter a value. Unit is second.

option ¡V Configure DHCP-Option82 settings by specifying remote ID number.

<STRING> - Enter a string (from 1 to 63 characters) for the DHCP option.

vlan ¡V Configure VLAN settings.

<1-4094> - Specify the VLAN ID number.

Related Syntax:

l        <config>#ip dhcp snooping

l        <config>#ip dhcp snooping database

l        <config>#ip dhcp snooping database flash

l        <config>#ip dhcp snooping database tftp <A.B.C.D>

l        <config>#ip dhcp snooping database tftp <HOSTNAME><NAME>

l        <config>#ip dhcp snooping database timeout <0-86400>

l        <config>#ip dhcp snooping database write-delay <15-86400>

l        <config>#ip dhcp snooping option remote-id <STRING>

l        <config>#ip dhcp snooping vlan <1-4094>

ip dns

Use this command to modify DNS server configuration.

<A.B.C.D> - Specify the IP address as primary DNS server.

<A.B.C.D> <A.B.C.D> - Sepcify two IP addresses as primary and secondary DNS server.

<X:X:XX:X:X> - Specify the MAC address as primary DNS server.

<X:X:XX:X:X><X:X::X:X> - Specify two MAC addresses as primary and secondary DNS server.

lookup ¡V Enable the IP domain naming system lookup.

Related Syntax:

l        <config>#ip dns <A.B.C.D>

l        <config>#ip dns <A.B.C.D> <A.B.C.D>

l        <config>#ip dns <X:X:XX:X:X>

l        <config>#ip dns <X:X:XX:X:X><X:X::X:X>

l        <config>#ip dns lookup

ip forcedhttps

Use this command to enable the function of forced HTTPS configuration.

Related Syntax:

l        <config>#ip forcedhttps

ip http

Use this command to enable the function of HTTP configuration.

Login ¡V Set login authentication.

<LISTNAME> - Enter the authentication method list name.

Session-timeout ¡V Set the session timeout.

<0-86400> - Set the timeout value. 0 means no timeout.

Related Syntax:

l        <config>#ip http login authentication <LISTNAME>

l        <config>#ip http session-timeout <0-86400>

ip https

Use this command to enable the function of HTTPS configuration.

Login ¡V Set login authentication.

<LISTNAME> - Enter the authentication method list name.

Session-timeout ¡V Set the session timeout.

<0-86400> - Set the timeout value. 0 means no timeout.

Related Syntax:

l        <config>#ip https login authentication <LISTNAME>

l        <config>#ip https session-timeout <0-86400>

ip igmp

Use this command to set IGMP profile and enable IGMP snooping function.

Profile ¡V Set IGMP profile.

<1-128> - Enter the index number of IGMP profile to access into next phase for configuring detailed settings.

<A.B.C.D><A.B.C.D> - Specify the source and destination IPv4 addresses

action <deny/permit> - Speicfy the rule (deny/permit) for the IGMP profile.

Related Syntax:

l        <config>#ip igmp profile <1-128>

                     <config-igmp-profile># do

                     <config-igmp-profile># end

                     <config-igmp-profile># exit

                     <config-igmp-profile># profile range ip <A.B.C.D><A.B.C.D>

                     <config-igmp-profile># profile range ip <A.B.C.D><A.B.C.D> action <deny/permit>

                     <config-igmp-profile># profile range ip <A.B.C.D> action <deny/permit>

                     <config-igmp-profile># show

l        <config>#ip igmp snooping

ip source

Use this command to create a static IP source binding entry.

<A:B:C:D:E:F> - Enter the MAC address for the binding entry.

vlan <1-4094> - Specify the VLAN ID number.

<A.B.C.D><A.B.C.D> - Specify the source and destination IPv4 addresses

<1-28> - Specify a physical port.

<1-8> - Specify a LAG port.

Related Syntax:

l        <config>#ip source binding <A:B:C:D:E:F> vlan <1-4094> <A.B.C.D> <A.B.C.D> interface GigabitEthernet <1-28>

l        <config>#ip source binding <A:B:C:D:E:F> vlan <1-4094> <A.B.C.D> <A.B.C.D> interface LAG <1-8>

l        <config>#ip source binding vlan <1-4094> <A.B.C.D> <A.B.C.D> interface GigabitEthernet <1-28>

l        <config>#ip source binding vlan <1-4094> <A.B.C.D> <A.B.C.D> interface LAG <1-8>

ip ssh

Use this command to generate the key files for SSH connection.

<all/v1/v2> - Select the key files for SSH connection.

Related Syntax:

l        <config>#ip ssh <all/v1/v2>

ip telnet

Use this command to enable telent service.

Related Syntax:

l        <config>#ip telnet

Example

G2280# configure

G2280(config)# ip acl market_1

P2280(config-ip-acl)#

P2280(config-ip-acl)# deny 20 192.168.2.55/255.255.255.0 192.168.2.85/255

G2280(config)# ip dhcp snooping database tftp draytek carrie_backup

 

 

Telnet Command: ipv6

Use this command to create an IPv6 access list (ACL).

Syntax Items

ipv6

ipv6 acl

ipv6 address

ipv6 autoconfig

ipv6 default-gateway

ipv6 dhcp

ipv6 mld

Description

Syntax Items

Description

ipv6 acl

<NAME> - Set the name of the access list (ACL) based on IPv6.

To configure detailed settings, enter the name of ACL to access into next level.

<config>#ipv6 acl <NAME>

Then, available sub-command includes:

<config-ipv6-acl>#deny

<config-ipv6-acl>#do

<config-ipv6-acl>#end

<config-ipv6-acl>#exit

<config-ipv6-acl>#no

<config-ipv6-acl>#permit

<config-ipv6-acl>#sequence

<config-ipv6-acl>#show

Use the ¡§deny¡¨ command to create deny rules for the IPv4 access list.

<0-255/icmp/ipv6/tcp /udp > - Specify the IP protocol number or enter the name of the protocol.

<0-255/any> - Specify ICMPv6 number.

<X:X::X:X>/<0-128> <X:X::X:X>/<0-128> - Specify the source/destination IPv6 addresses and subnet masks.

dscp <0-63> - Set the DSCP filtering by specifying a value for DSCP.

precedence <0-7> - Set the cos value and the cos mask for a packet.

shutdown ¡V Disable the Ethernet interface.

any ¡V Any IP address (as source or destination).

<0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> - Set TCP port.

match-all <TCP_FLAG> - Set TCP flags. List of TCP flags that should occur. If a flag should be set, it is p refixed by "+".If a flag should be unset, it is prefixed by "-". Avai lable options are +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -psh, -rst, -syn and -fin.To define more than 1 flag - enter additional flags one after another without a space (example +syn-ack).

<0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> - Set UDP port.

Related Syntax:

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128>

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> any  dscp <0-63>

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> any  dscp <0-63> shutdown

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> any precedence <0-7>

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> any precedence <0-7>shutdown

l        <config-ipv6-acl >#deny <0-255> <X:X::X:X>/<0-128> any shutdown

l        <config-ipv6-acl >deny icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> dscp <0-63>

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> precedence <0-7>

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> shutdown

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> dscp <0-63>

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> precedence <0-7>

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128>

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> any  dscp <0-63>

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> any  dscp <0-63> shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> any precedence <0-7>

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> any precedence <0-7>shutdown

l        <config-ipv6-acl >#deny ipv6 <X:X::X:X>/<0-128> any shutdown

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128>

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny ipv6 any <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl >#deny ipv6 any any

l        <config-ipv6-acl >#deny ipv6 any any dscp <0-63>

l        <config-ipv6-acl >#deny ipv6 any any dscp <0-63>  shutdown

l        <config-ipv6-acl >#deny ipv6 any any precedence <0-7>

l        <config-ipv6-acl >#deny ipv6 any any precedence <0-7> shutdown

l        <config-ipv6-acl >#deny ipv6 any any shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www>

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> dscp <0-63>

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> dscp <0-63>

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> precedence <0-7>

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> precedence <0-7>

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> shutdown

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who>

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63>

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> precedence <0-7>

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> precedence <0-7> shutdown

l        <config-ipv6-acl >#deny udp <X:X::X:X>/<0-128> <0-65535> any

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l        <config-ipv6-acl>#do <SEQUENCE>

Use the ¡§end¡¨ command to finish current mode. Any changes in current mode will be saved.

Related Syntax:

l        <config-ipv6-acl>#end

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l        <config-ipv6-acl>#exit

Use the ¡§no sequence¡¨ command to delete any entry in management ACL.

<1-2147483647>- Specify an index number of the ACL.

Related Syntax:

l        <config-ip-acl>#no sequence <1-2147483647>  

Use the ¡§permit¡¨ command to create permit rules which bypass the packets meet the rule.

<0-255/icmp/ipv6/tcp /udp > - Specify the IP protocol number or enter the name of the protocol.

<0-255/any> - Specify ICMPv6 number.

<X:X::X:X>/<0-128> <X:X::X:X>/<0-128> - Specify the source/destination IPv6 addresses and subnet masks.

dscp <0-63> - Set the DSCP filtering by specifying a value for DSCP.

precedence <0-7> - Set the cos value and the cos mask for a packet.

shutdown ¡V Disable the Ethernet interface.

any ¡V Any IP address (as source or destination).

<0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> - Set TCP port.

match-all <TCP_FLAG> - Set TCP flags. List of TCP flags that should occur. If a flag should be set, it is p refixed by "+".If a flag should be unset, it is prefixed by "-". Avai lable options are +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -psh, -rst, -syn and -fin.To define more than 1 flag - enter additional flags one after another without a space (example +syn-ack).

<0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> - Set UDP port.

Related Syntax:

l        <config-ipv6-acl >#permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128>

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> any dscp <0-63>

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> any dscp <0-63> shutdown

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> any precedence <0-7>

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> any precedence <0-7>shutdown

l        <config-ipv6-acl ># permit <0-255> <X:X::X:X>/<0-128> any shutdown

l        <config-ipv6-acl > permit icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> dscp <0-63>

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> precedence <0-7>

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> <X:X::X:X>/<0-128><0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255/any> shutdown

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> dscp <0-63>

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> precedence <0-7>

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit icmp <X:X::X:X>/<0-128> any  <0-255 / any / destination-unreachable / echo-reply / echo-request / nd-na / nd-ns / packet-too-big/ parameter-problem/ router-advertisement / router-solicitation / time-exceeded> <0-255 /any> shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128>

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> any  dscp <0-63>

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> any  dscp <0-63> shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> any precedence <0-7>

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> any precedence <0-7>shutdown

l        <config-ipv6-acl ># permit ipv6 <X:X::X:X>/<0-128> any shutdown

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128>

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128> dscp <0-63>

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128> precedence <0-7>

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit ipv6 any <X:X::X:X>/<0-128> shutdown

l        <config-ipv6-acl ># permit ipv6 any any

l        <config-ipv6-acl ># permit ipv6 any any dscp <0-63>

l        <config-ipv6-acl ># permit ipv6 any any dscp <0-63>  shutdown

l        <config-ipv6-acl ># permit ipv6 any any precedence <0-7>

l        <config-ipv6-acl ># permit ipv6 any any precedence <0-7> shutdown

l        <config-ipv6-acl ># permit ipv6 any any shutdown

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www>

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> dscp <0-63>

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> dscp <0-63> shutdown

l        <config-ipv6-acl >#deny tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> dscp <0-63>

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> precedence <0-7>

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> match-all <TCP_FLAG> shutdown

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> precedence <0-7>

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit tcp <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> <X:X::X:X>/<0-128> <0-65535 / PORT_RANGE / any / daytime / discard / domain / drip / echo / ftp / ftp-data / hostname / klogin / kshell / pop2 / pop3 / smtp / sunrpc / syslog / tacacs-ds / talk / telnet / time / whois / www> shutdown

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who>

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63>

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> shutdown

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> precedence <0-7>

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> <X:X::X:X>/<0-128> <0-65535/ PORT_RANGE / any / bootpc / bootps / discard / domain / echo / nameserver / netbios-ns / ntp / rip / snmp / snmptrap / sunrpc / syslog / tacacs-ds / talk / tftp / time / who> dscp <0-63> precedence <0-7> shutdown

l        <config-ipv6-acl ># permit udp <X:X::X:X>/<0-128> <0-65535> any

Use the ¡§sequence¡¨ command to deny or permit the ACL.

<1-2147483647> - Enter the sequence of ACL entry. The sequence represents the priority of the ACE in the ACL.

Related Syntax:

l        <config-ipv6-acl >#sequence <1-2147483647> deny

l        <config-ipv6-acl >#sequence <1-2147483647> permit

Use the ¡§show acl¡¨ command to list current status of the selected ACL.

Ipv6 address

Use this command to modify the administration IPv6 address.

adddress <X:X::X:X> - Specify the IPv6 addresses. This IP is required when the administer wants to access into VigorSwitch through Telnet, SSH, HTTP, HTTPS, SNMP and so on.

prefix <0-128> - Specify the prefix length of the IPv6 address.

Related Syntax:

l        <config>#ipv6 address <X:X::X:X> prefix <0-128>

ipv6 autoconfig

Use this command to enable IPv6 auto configuration feature.

Ipv6 default-gateway

Use this command to modify default gateway address.

default-adddress <X:X::X:X> - Specify the IPv6 addresses of the gateway.

Related Syntax:

l        <config>#ipv6 default-gateway <X:X::X:X>

ipv6 dhcp

Use this command to enable DHCPv6 client to get IP address from remote DHCPv6 server.

ipv6 mld

Use this command to set MLD configuration.

profile <1-128> - Use it to enter profile configuration.

snooping ¡V Use it to enable MLD snooping function.

forward-method <dip/mac> -

report-suppression ¡V Use it to enable MLD snooping report-suppression function.

unknown-multicast action <drop/flood/router-port> - Use it to set unknown multicast action.

version <1/2> ¡V Use it to change MLD support version.

vlan <1-4094> - Use it to enable MLD on VLAN. Specify a VLAN ID for configuration.

forbidden-port GigabitEthernet <1-28> - Specify a physical port.

forbidden-port LAG <1-8> - Specify a LAG port.

forbidden-router-port GigabitEthernet <1-28> - Use it to add static forbidden router port. Specify a physical port.

forbidden-router-port LAG <1-8> - Use it to add static forbidden router port. Specify a LAG port.

immediate-leave ¡V Use it to enable fastleave function.

last-member-query-count <1-7> - Use it to change how many query packets will send. Specify the last member query count. Default is 2.

last-member-query-interval <1-25> - Use it to set interval between each query packet. Specify the last member query interval. Default is 1.

query-interval <30-18000> - Use it to set interval between each query. Specify the query interval. Default is 125.

response-time <5-20> - Use it to set response time. Specify a time value. Default is 10.

robustness-variable <1-7> - Specify a robustness-variable value. Default is 2.

router learn pim-dvmrp ¡V Use it to enable learning router port by rouing protocol packets (DVMRP).

static-group <X:X::X:X> interfaces gigabitethernet <1-28> - Use it to add a static group. Specify a physical port.

static-group <X:X::X:X> interfaces LAG <1-8> - Use it to add a static group. Specify a LAG port.

static-port gigabitethernet <1-28>- Use it to add static forwarding port. Specify a physical port.

static-port LAG <1-8>- Use it to add static forwarding port. Specify a LAG port.

static-router-port GigabitEthernet <1-28> - Use it to add static router port. All query packets wil forward to the specified port. Specify a physical port.

static-router-port LAG <1-8> - Use it to add static router port. All query packets wil forward to the specified port. Specify a LAG port.

Related Syntax:

l        <config>#ipv6 mld profile <1-128>

<config-mld-profile># do

<config-mld-profile># end

<config-mld-profile># exit

<config-mld-profile># profile range ipv6 <X:X::X:X> action <deny/permit>

<config-mld-profile># profile range ipv6 <X:X::X:X> <X:X::X:X>

<config-mld-profile># profile range ipv6 <X:X::X:X> <X:X::X:X> action <deny/permit>

<config-mld-profile># show

l        <config>#ipv6 mld snooping

l        <config>#ipv6 mld snooping forward-method <dip/mac>

l        <config>#ipv6 mld snooping report-suppression

l        <config>#ipv6 mld snooping unknown-multicast action <drop/flood/router-port>

l        <config>#ipv6 mld snooping version <1/2>

l        <config>#ipv6 mld snooping vlan <1-4094>

l        <config>#ipv6 mld snooping vlan <1-4094> forbidden-port GigabitEthernet <1-28>

l        <config>#ipv6 mld snooping vlan <1-4094> forbidden-port LAG <1-8>

l        <config>#ipv6 mld snooping vlan <1-4094> forbidden-router-port GigabitEthernet <1-28>

l        <config>#ipv6 mld snooping vlan <1-4094> forbidden-router-port LAG <1-8>

l        <config>#ipv6 mld snooping vlan <1-4094> immediate-leave

l        <config>#ipv6 mld snooping vlan <1-4094> last-member-query-count <1-7>

l        <config>#ipv6 mld snooping vlan <1-4094> last-member-query-interval <1-25>

l        <config>#ipv6 mld snooping vlan <1-4094> query-interval <30-18000>

l        <config>#ipv6 mld snooping vlan <1-4094> response-time <5-20>

l        <config>#ipv6 mld snooping vlan <1-4094> robustness-variable <1-7>

l        <config>#ipv6 mld snooping vlan <1-4094> router learn pim-dvmrp

l        <config>#ipv6 mld snooping vlan <1-4094> static-group <X:X::X:X> interfaces gigabitethernet <1-28>

l        <config>#ipv6 mld snooping vlan <1-4094> static-group <X:X::X:X> interfaces LAG <1-8>

l        <config>#ipv6 mld snooping vlan <1-4094> static-port gigabitethernet <1-28>

l        <config>#ipv6 mld snooping vlan <1-4094> static-port LAG <1-8>

l        <config>#ipv6 mld snooping vlan <1-4094> static-router-port GigabitEthernet <1-28>

l        <config>#ipv6 mld snooping vlan <1-4094> static-router-port LAG <1-8>

Example

G2280# configure

G2280(config)#

G2280(config)# ipv6 mld snooping vlan 33

G2280(config)# ipv6 acl CA_v6

P2280(config-ipv6-acl)# deny 3 00:50::32:ff/24 00:50::78:aa/32

 

Telnet Command: jumbo-frame

Use this command to modify the maximum frame size of jumbo frame.

Syntax Items

jumbo-frame

Description

Syntax Items

Description

jumbo-frame

Enable the function of jumbo frame.

Set the maximum frame size.

<1518-10000> - The default value is 1522.

Related Syntax:

l        <config># jumbo-frame

l        <config># jumbo-frame <1518-10000>

Example

G2280# configure

G2280(config)#

G2280(config)# jumbo-frame 8000

G2280(config)#

Telnet Command: lacp

Use this command to set the system priority of the switch.

Syntax Items

lacp

lacp system-priority

Description

Syntax Items

Description

lacp

Enable the function.

lacp system-priority

It is used for selelcting a master switch between two devices. Lower system priority has higher priority. The device with higher priority value can determine which port is able to join LAG.

<1-65535> - Specify the system priority value.

Related Syntax:

l        <config># lacp

l        <config># lacp system-priority <1-65535>

Example

G2280# configure

G2280(config)#

G2280(config)# lacp system-priority 1000

G2280(config)#

Telnet Command: lag

LAG port can transmit packets to all ports for balancing the traffic loading. Use this command to change the load balance algorithm to src-dst-mac or src-dst-mac-ip as the Load Balance policy.

Syntax Items

lag load-balance

Description

Syntax Items

Description

lag load-balance

LAG load balancing is based on source and destination MAC address and/or IP address.

Related Syntax:

l        <config># lag load-balance src-dst-mac

l        <config># lag load-balance src-dst-mac-ip

Example

G2280# configure

G2280(config)#

 

Telnet Command: line

Use this command to select line configuration mode.

Syntax Items

line console

line ssh

line telent

Description

Syntax Items

Description

console/ssh/telnet

Select console configuration mode.

To configure detailed settings, access into next level.

<config>#line <console/ssh/telnet>

console - Select the console line to configure. Then, available sub-commands are:

<config-line>#do

<config-line>#exec-timeout

<config-line>#exit

<config-line>#lhistory

<config-line>#no

<config-line>#password-thresh

<config-line>#silent-time

Select SSH line to configure. Then, available sub-commands are:

<config-line>#do

<config-line>#end

<config-line>#exec-timeout

<config-line>#exit

<config-line>#password-thresh

<config-line>#silent-time

telnet - Select telnet line to configure. Then, available sub-commands are:

<config-line>#do

<config-line>#end

<config-line>#exec-timeout

<config-line>#exit

<config-line>#password-thresh

<config-line>#silent-time

#do

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l        <config-line>#do <SEQUENCE>

#exec-timeout

Use the ¡§exec-timeout¡¨ to set the session timeout configuration.

<0-65535> - Enter the number.

Related Syntax:

l        <config-line>#exec-timeout <0-65535>

#exit

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l        <config-line>#exit

#history

Use the ¡§history¡¨ command to specify the index number of history.

<1-256> - Enter a number.

Related Syntax:

l        <config-line>#history <1-256>

#no

Use the ¡§no¡¨ command to negate line command.

Related Syntax:

l        <config-line>#no enable

l        <config-line>#no history

l        <config-line>#no login

#password-thresh

Use the ¡§password-thresh¡¨ command to set the login password intrusion threshold.

<0-120> - Set a number of allowed password attempts. 0 means no threshold.

Related Syntax:

l        <config-line>#password-thresh <0-120>

#silent-time

Use the ¡§silent-time¡¨ command to set fail silent time.

<0-65535> - Set the time to disable the console response.

Related Syntax:

l        <config-line>#silent-time <0-65535>

Example

G2280# configure

G2280(config)#

G2280(config)# line telnet

P2280(config-line)#

 

Telnet Command: lldp

Use this command to set LLDP function.

Syntax Items

lldp

lldp holdtime-multiplier

lldp lldpdu

lldp med

lldp reinit-delay

lldp tx-delay

lldp tx-interval

Description

Syntax Items

Description

lldp

Enable the function of LLDP.

lldp holdtime-multiplier

Set the multiplier used for calculating the LLDP discovery packet hold time.

<2-10> - Set the LLDP hold time multiplier.

Related Syntax:

l        <config># lldp holdtime-multiplier <2-10>

lldp lldpdu

bridging - The LLDP packets will be bridging when LLDP is disabled.

filtering - The LLDP packets will be filtered and deleted when LLDP is disabled.

flooding - The LLDP packets will be flooded and forwarded to all interfaces when LLDP is disabled.

Related Syntax:

l        <config># lldp lldpdu bridging

l        <config># lldp lldpdu filtering

l        <config># lldp lldpdu flooding

lldp med

med fast-start-repeat-count - Set the LLDP PDU fast start TX repeat count.

med network-policy - Set the LLDP MED network policy table.

med network-poicy voice auto - Enable the network policy voice auto mode.

<1-10> - Set the fast start repeat count.

<1-32> - Specify the index number of the policy.

app <guest-voice/ gust-voice-signaling / softphone-voice / streaming-video / video-conferencing / video-signaling / voice / voice-signaling> - Configure the application type for the policy.

vlan <1-4094> - Specify the VLAN ID.

vlan-type <tag/untag> - Set the VLAN tag status.

priority <0-7> - Specify the L2 priority.

dscp <0-63> - Specify the DSCP value.

Related Syntax:

l        <config># lldp med fast-start-repeat-count <1-10>

l        <config># lldp med network-policy <1-32> app< guest-voice/ gust-voice-signaling / softphone-voice / streaming-video / video-conferencing / video-signaling / voice / voice-signaling > vlan <1-4094> vlan-type <tag/untag> priority <0-7> dscp <0-63>

l        <config># lldp med network-poicy voice auto

lldp rinit-delay

Set the LLDP re-initial delay to avoid LLDP generating too many PDU.

<1-10> - Specify a number for LLDP server to initialize.

Related Syntax:

l        <config># lldp rinit-delay <1-10>

lldp tx-delay

Set the delay time between the successful LLDP frame transmissions.

<1-8191> - Enter the number of delay time.

Note that both tx-interval and tx-delay will affect the LLDP PDU TX time.

Related Syntax:

l        <config># lldp tx-delay <1-8191>

lldp tx-interval

Set the LLDP TX interval.

<5-32767> - Enter the interval in unit of second.

Related Syntax:

l        <config># lldp tx-interval <5-32767>

Example

G2280# configure

G2280(config)#

G2280(config)# lldp med network-policy 30 app guest-voice vlan 30 vlan-type untag priority 3 dscp

G2280(config)#

 

Telnet Command: logging

Use this command to set logging service on VigorSwitch.

Syntax Items

logging

logging buffered

logging console

logging file

logging host

Description

Syntax Items

Description

logging

Enable the logging service.

logging buffered

Store the log message in the RAM.

logging console

Specify the logging level.

<0-7> - Specify the logging level by entering a number (from EMEGR-DEBUG).

Related Syntax:

l        <config># logging console

l        <config># logging console severity <0-7>

logging file

Store the log message in the flash.

<0-7> - Specify the logging level by entering a number (from EMEGR-DEBUG).

Related Syntax:

l        <config># logging file severity <0-7>

logging host

Define the logging server.

host <A.B.C.D> - Enter an IP address of the remote (or local) server.

facility <local0-local7> - Specify the facility parameter for the syslog message.

port <1-65535> - Enter a number for the remote server. Default is 514.

severity <0-7> - Specify the logging level by entering a number (from EMEGR-DEBUG).

<HOSTNAME> - Define a name as the host.

Related Syntax:

l        <config>#logging host <A.B.C.D> facility <local0-local7>

l        <config>#logging host <A.B.C.D> port <1-65535>

l        <config>#logging host <A.B.C.D> port <1-65535> facility <local0-local7>

l        <config>#logging host <A.B.C.D> port <1-65535> severity <0-7> facility <local0-local7>

l        <config>#logging host <A.B.C.D> severity <0-7> facility <local0-local7>

l        <config>#logging host <HOSTNAME> facility <local0-local7>

l        <config>#logging host <HOSTNAME> port <1-65535>

l        <config>#logging host <HOSTNAME> port <1-65535> facility <local0-local7>

l        <config>#logging host <HOSTNAME> port <1-65535> severity <0-7> facility <local0-local7>

l        <config>#logging host <HOSTNAME> severity <0-7> facility <local0-local7>

l        <config>#logging host <X:X::X:X> facility <local0-local7>

l        <config>#logging host <X:X::X:X> port <1-65535>

l        <config>#logging host <X:X::X:X> port <1-65535> facility <local0-local7>

l        <config>#logging host <X:X::X:X> port <1-65535> severity <0-7> facility <local0-local7>

Example

G2280# configure

G2280(config)#

G2280(config)# logging host aa:00::1a:FF facility local1

 

Telnet Command: logmail

Use this command to configure log mail.

Syntax Items

logmail active

logmail auth

logmail category

logmail encry

logmail password

logmail port

logmail receiver

logmail sender

logmail server

logmail username

Description

Syntax Items

Description

logmail active

<disable/enable> - Enable or disable the function of log mail.

Related Syntax:

l        <config># logmail active <disable/enable>

logmail auth

<disable/enable> - Enable or disable the function of SMTP server authentication.

Related Syntax:

l        <config># logmail auth <disable/enable>

logmail category

<AAA, ACL, AUTHMGR,CABLE_DIAG, DAI, DHCP_SNOOPING, GVRP, IGMP_SNOOPING, IPSG, L2, LLDP, Mac-based, Mirror, MLD_SNOOPING, Platform, PM, POE, Port, PORT_SECURITY, QoS, Rate, SNMP, STP, Security, System, Surveillance, Trunk, UDLD, VLAN, CLEAR> - Specify one type for the logmail.

Related Syntax:

l        <config># logmail category <AAA, ACL, AUTHMGR,CABLE_DIAG, DAI, DHCP_SNOOPING, GVRP, IGMP_SNOOPING, IPSG, L2, LLDP, Mac-based, Mirror, MLD_SNOOPING, Platform, PM, POE, Port, PORT_SECURITY, QoS, Rate, SNMP, STP, Security, System, Surveillance, Trunk, UDLD, VLAN, CLEAR>

logmail encry

<disable/ssltls/starttls> - Specify the encryption type for mail alert.

Related Syntax:

l        <config># logmail encry <disable/ ssltls/starttls>

logmail password

<PASSWORD> - Enter the password for SMTP server authentication.

Related Syntax:

l        <config># logmail password <PASSWORD>

logmail port

<0-65535>- Enter a port number.

Related Syntax:

l        <config># logmail port <0-65535>

logmail receiver

Specify an address for receiving the alart mail.

<ADDRESS> - Enter the email address of the receiver.

Related Syntax:

l        <config># logmail receiver <ADDRESS>

logmail sender

Specify an address which sends out the alert mail.

<ADDRESS> - Enter the email address of the sender.

Related Syntax:

l        <config># logmail

logmail server

Set the IP address of the server.

<ADDRESS> - Enter the IP address of the SMTP server.

Related Syntax:

l        <config># logmail server <ADDRESS>

logmail username

<NAEM> - Enter the username authenticated by STMP server.

Related Syntax:

l        <config># logmail username <NAME>

Example

G2280# configure

G2280(config)#

G2280(config)# logmail receiver carrie_ni@draytek.com

G2280(config)#

Telnet Command: loop-protection

Use this command to set loop-protection.

Syntax Items

loop-protection action

loop-protection periodicTime

loop-protection state

Description

Syntax Items

Description

loop-protection action

Specify an action to be taken when the loop is happened.

<all/log/shutdown> - Specify one action to be executed.

Related Syntax:

l        <config># loop-protection action <all/log/shutdown>

loop-protection periodicTime

Send the loop protection packets to the network hosts.

<1-3> - Enter the number of the packet.

Related Syntax:

<config># Related Syntax:

l        <config># loop-protection periodicTime <1-3>

loop-protection state

<enable/disable> - Enable or disable the function of loop protection.

Related Syntax:

l        <config># loop-protection state <enable/disable>

Example

G2280# configure

G2280(config)#

G2280(config)# loop-protection state enable

G2280(config)#

Telnet Command: mac

Use this command to create a MAC access list.

Syntax Items

mac acl

mac address-table

Description

Syntax Items

Description

mac acl

<NAME> - Set the name of the access list (ACL).

To configure detailed settings, enter the name of ACL to access into next level.

<config>#mac acl <NAME>

Then, available sub-commands are:

<config-mac-acl>#deny

<config-mac-acl>#do

<config-mac-acl>#end

<config-mac-acl>#exit

<config-mac-acl>#permit

<config-mac-acl>#sequence

Use the ¡§deny¡¨ command to add deny rules for the MAC access list:

<A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> - Specify the source and destination MAC addresses and subnet masks.

cos <0-7><0-7> - Set the cos value and the cos mask for a packet.

<0x0600-0xFFFF> - Set the EtherType of the packet.

Shutdown ¡V Disable the Ethernet interface.

vlan <1-4094> - Specify the VLAN ID of the packet.

any ¡V Any MAC address.

Related Syntax:

l        <config-mac-acl >#deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> shutdown

l        <config-mac-acl >#deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF>

l        <config-mac-acl ># deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl ># deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> shutdown

l        <config-mac-acl >#deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> shutdown

l        <config-mac-acl >#deny any any cos <0-7><0-7>

l        <config-mac-acl >#deny any any cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny any any cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny any any cos <0-7><0-7> shutdown

l        <config-mac-acl >#deny any any ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny any any ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny any any shutdown

l        <config-mac-acl >#deny any any vlan <1-4094>

l        <config-mac-acl >#deny any any vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#deny any any vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny any any vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny any any vlan <1-4094> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#deny any any vlan <1-4094> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#deny any any vlan <1-4094> shutdown

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l        <config-mac-acl>#do <SEQUENCE>

Use the ¡§end¡¨ command to finish current mode. Any changes in current mode will be saved.

Related Syntax:

l        <config-mac-acl>#end

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l        <config-mac-acl>#exit

Use the ¡§no sequence¡¨ command to delete any entry in management ACL.

<1-65535>- Specify an index number of the ACL.

Related Syntax:

l        <config-mac-acl>#no sequence <1-65535>

Use the ¡§permit¡¨ command to add permit rules which bypass the packets meet the rule.

<A:B:C:D:E:F>/<A:B:C:D:E:F >- Specify the source and destination MAC addresses and subnet masks.

cos <0-7><0-7> - Set the cos value and the cos mask for a packet.

<0x0600-0xFFFF> - Set the EtherType of the packet.

Shutdown ¡V Disable the Ethernet interface.

vlan <1-4094> - Specify the VLAN ID of the packet.

any ¡V Any MAC address.

Related Syntax:

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>cos <0-7><0-7>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7>ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> ethtype <0x0600-0xFFFF>

Use the ¡§sequence¡¨ command to deny or permit the ACL.

<1-2147483647> - Enter the sequence index ACE. The sequence represents the priority of the ACE in the ACL.

<A:B:C:D:E:F>/<A:B:C:D:E:F >- Specify the source and destination MAC addresses and subnet masks.

cos <0-7><0-7> - Set the cos value and the cos mask for a packet.

<0x0600-0xFFFF> - Set the EtherType of the packet.

Shutdown ¡V Disable the Ethernet interface.

vlan <1-4094> - Specify the VLAN ID of the packet.

any ¡V Any MAC address.

Related Syntax:

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any <A:B:C:D:E:F>/<A:B:C:D:E:F ><A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>deny any any cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny any any cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any cos <0-7><0-7> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny any any ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094>

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> ethtype <0x0600-0xFFFF> shutdown

l        <config-mac-acl >#sequence <1-2147483647>deny any any vlan <1-4094> shutdown

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit <A:B:C:D:E:F>/<A:B:C:D:E:F> <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any <A:B:C:D:E:F>/<A:B:C:D:E:F> vlan <1-4094> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any any cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit any any cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any any ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any any vlan <1-4094>

l        <config-mac-acl >#sequence <1-2147483647>permit any any vlan <1-4094> cos <0-7><0-7>

l        <config-mac-acl >#sequence <1-2147483647>permit any any vlan <1-4094> cos <0-7><0-7> ethtype <0x0600-0xFFFF>

l        <config-mac-acl >#sequence <1-2147483647>permit any any vlan <1-4094> ethtype <0x0600-0xFFFF>

mac address-table aging-time <10-630>

Set the aging time for an entry remains in the MAC address table.

address-table static - Add a static address to the MAC address table to drop the packets with the specified source or destination MAC address.

<10-630> - Unit is second. Default is 300.

static <A:B:C:D:E:F> - Enter the MAC address.

vlan <1-4094> - Specify the VLAN ID of the packet.

GigabitEthernet <1-28> - Specify a physical port.

LAG <1-8> - Specify a LAG port.

Related Syntax:

l        <config># mac address-table aging-time <10-630>

l        <config># mac address-table static <A:B:C:D:E:F> vlan <1-4094> drop

l        <config># mac address-table static <A:B:C:D:E:F> vlan <1-4094> interfaces GigabitEthernet <1-28>

l        <config># mac address-table static <A:B:C:D:E:F> vlan <1-4094> interfaces LAG <1-8>

Example

G2280# configure

G2280(config)# mac acl test_CA

P2280(config-mac-acl)# deny 00:50:00:7f:12:11/00:00:00:00:10:20 00:50:00:aa:bb:cc/00:00:00:00:12:00 cos 3 2 ethtype 0x0600

P2280(config-mac-acl)# deny any 00:50:00:7f:12:11/00:00:00:00:10:20 cos 5 6 ethtype 0x0600

P2280(config-mac-acl)# deny any

G2280(config)# mac address-table static 00:50:07:12:ff:aa vlan 300 drop

Telnet Command: mail alert

Use this command to configure mail alert for various conditions.

Syntax Items

mailalert active

mailalert auth

mailalert devicecheck

mailalert encry

mailalert interval

mailalert ipconfilict

mailalert password

mailalert port

mailalert portlink

mailalert portspeed

mailalert receiver

mailalert sender

mailalert server

mailalert sysrestart

mailalert throughputcheck

mailalert username

Description

Syntax Items

Description

mailalert active

<disable/enable> - Enable or disable the function of mail alert.

Related Syntax:

l        <config># mailalert active <disable/enable>

mailalert auth

<disable/enable> - Enable or disable the function of SMTP server authentication.

Related Syntax:

l        <config># mailalert auth <disable/enable>

mailalert devicecheck

<disable/enable> - Enable or disable the function of sending a mail alert when encountering a device check error.

Related Syntax:

l        <config># mailalert devicecheck <disable/enable>

mailalert encry

Specify the encryption type for mail alert.

<disable/ssltls/starttls> -

Related Syntax:

l        <config># mailalert encry <disable/ ssltls/starttls>

mailalert interval

Set the transmission interval for the mail alert.

<1-60> - Unit is second.

Related Syntax:

l        <config># mailalert interval <1-60>

mailalert ipconflict

<disable/enable> - Enable or disable the function of sending a mail alert if encountering the IP conflict.

Related Syntax:

l        <config># mailalert ipconflict <disable/enable>

mailalert password

<PASSWORD> - Enter the password for SMTP server authentication.

Related Syntax:

l        <config># mailalert password <PASSWORD>

mailalert port

<0-65535>- Enter a port number.

Related Syntax:

l        <config># mailalert port <0-65535>

mailalert portlink

<disable/enable> - Enable or disable the function of sending an alert when the port lnik status changes.

Related Syntax:

l        <config># mailalert portlink <disable/enable>

mailalert portspeed

<disable/enable> - Enable or disable the function of sending an alert when the port link speed changes.

Related Syntax:

l        <config># mailalert portspeed <disable/enable>

mailalert receiver

Specify an address for receiving the alart mail.

<ADDRESS> - Enter the email address of the receiver.

Related Syntax:

l        <config># mailalert receiver <ADDRESS>

mailalert sender

Specify an address which sends out the alert mail.

<ADDRESS> - Enter the email address of the sender.

Related Syntax:

l        <config># mailalert sender <ADDRESS>

mailalert server

Set the IP address of the server.

<ADDRESS> - Enter the IP address of the SMTP server.

Related Syntax:

l        <config># mailalert server <ADDRESS>

mailalert sysrestart

<disable/enable> -Enable or disable the function of sending a mail alert when the system restarts.

Related Syntax:

l        <config># mailalert sysrestart <disable/enable>

mailalert throughputcheck

<disable/enable> - Enable or disable the function of sending a mail alert when reaching the throughput threshold.

Related Syntax:

l        <config># mailalert throughputcheck <disable/enable>

mailalert username

<NAEM> - Enter the username authenticated by STMP server.

Related Syntax:

l        <config># mailalert username <NAME>

Example

G2280# configure

G2280(config)#

G2280(config)# mailalert receiver carrie_ni@draytek.com

Telnet Command: management

Use this command to create a management access list and set configuration mode.

Syntax Items

management access-list

management access-class

Description

Syntax Items

Description

management access-list

<NAME> - Enter the name of the access list.

To configure detailed settings, enter the name of ACL to access into next level.

<config>#management access-list <NAME>

Then, available sub-commands are:

<config-macl>#deny

<config-macl>#do

<config-macl>#end

<config-macl>#exit

<config-macl>#permit

<config-macl>#sequence

Use the ¡§deny¡¨ command to add deny rules for the management access list:

GigabitEthernet <1-28> - Specify a physical port.

LAG <1-8> - Specify a LAG port.

service <all/http/https/snmp/ssh/telnet> - Specify the servcie type.

ip <A.B.C.D>/<A.B.C.D> - Specify the source IP address with mask for the packets.

ipv6 <X:X::X:X>/<0-128> - Specify the source IPv6 address and prefix length of the packet.

Related Syntax:

l           <config-macl>#deny interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#deny interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#deny ip <A.B.C.D>/<A.B.C.D> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#deny ip <A.B.C.D>/<A.B.C.D> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#deny ipv6 <X:X::X:X>/<0-128> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#deny ipv6 <X:X::X:X>/<0-128> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l           <config-macl>#do <SEQUENCE>

Use the ¡§end¡¨ command to finish current mode. Any changes in current mode will be saved.

Related Syntax:

l           <config-macl>#end

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l           <config-macl>#exit

Use the ¡§no sequence¡¨ command to delete any entry in management ACL.

<1-65535>- Specify an index number of the ACL.

Related Syntax:

l           <config-macl>#no sequence <1-65535>

Use the ¡§permit¡¨ command to add permit rules which bypass the packets meet the rule.

GigabitEthernet <1-28> - Specify a physical port.

LAG <1-8> - Specify a LAG port.

service <all/http/https/snmp/ssh/telnet> - Specify the servcie type.

ip <A.B.C.D>/<A.B.C.D> - Specify the source IP address with mask for the packets.

ipv6 <X:X::X:X>/<0-128> - Specify the source IPv6 address and prefix length of the packet.

Related Syntax:

l           <config-macl>#permit interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#permit interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#permit ip <A.B.C.D>/<A.B.C.D> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#permit ip <A.B.C.D>/<A.B.C.D> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#permit ipv6 <X:X::X:X>/<0-128> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#permit ipv6 <X:X::X:X>/<0-128> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

Use the ¡§sequence¡¨ command to deny or permit the ACL.

<1-65535>- Specify an index number of the ACL.

GigabitEthernet <1-28> - Specify a physical port.

LAG <1-8> - Specify a LAG port.

service <all/http/https/snmp/ssh/telnet> - Specify the servcie type.

ip <A.B.C.D>/<A.B.C.D> - Specify the source IP address with mask for the packets.

ipv6 <X:X::X:X>/<0-128> - Specify the source IPv6 address and prefix length of the packet.

Related Syntax:

l           <config-macl>#sequence <1-65535>deny interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535>deny interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535>deny ip <A.B.C.D>/<A.B.C.D> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535>deny ip <A.B.C.D>/<A.B.C.D> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535>deny ipv6 <X:X::X:X>/<0-128> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535>deny ipv6 <X:X::X:X>/<0-128> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit ip <A.B.C.D>/<A.B.C.D> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit t ip <A.B.C.D>/<A.B.C.D> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit ipv6 <X:X::X:X>/<0-128> interfaces GigabitEthernet <1-28> service <all/http/https/snmp/ssh/telnet>

l           <config-macl>#sequence <1-65535> permit <X:X::X:X>/<0-128> interfaces LAG <1-8> service <all/http/https/snmp/ssh/telnet>

management access-class

Specify an ACL as active access-list.

<NAME> - Enter the name of the access list.

Related Syntax:

l           <config># management access-class <NAME>

Example

G2280# configure

G2280(config)#

G2280(config)# management access-list CA_ACL

G2280(config-macl)# deny ip 192.168.2.56/255.255.255.0 interfaces gigabitethernet 3 service telnet

G2280(config-macl)#

G2280(config-macl)# deny ipv6 00:50::7f:3b/24

Telnet Command: management-vlan

Use this command to set VLAN ID for management VLAN.

Syntax Items

management-vlan vlan

Description

Syntax Items

Description

management-vlan vlan

Set the management VLAN ID.

<1-4094>- Specify the VLAN ID number of management VLAN.

Related Syntax:

l        <config># management-vlan vlan <1-4094>

Example

G2280# configure

G2280(config)#

G2280(config)# management-vlan vlan 200

VLAN 200: VLAN does not exist

G2280(config)#

 

Telnet Command: mirror

Use this command to set the source / destination interface of a port mirror session.

Syntax Items

mirror session

Description

Syntax Items

Description

mirror session

Set the destination interface of a port mirror session.

<1-4> - Specify the mirror session ID number.

<1-28> - Specify a physical port as the SPAN destination.

allow-ingress ¡V Enable the ingress traffic forwarding.

<both/rx/tx> - Specify the mirror direction, TX only, RX only or TX and RX.

Related Syntax:

l        <config># mirror session <1-4> destination interface GigabitEthernet <1-28> allow-ingress

l        <config># mirror session <1-4> source interfaces GigabitEthernet <1-28> <both/rx/tx>

l        <config># mirror session <1-4> source interfaces LAG <1-8><both/rx/tx>

Example

G2280# configure

G2280(config)#

G2280(config)# mirror session 3 destination interface GigabitEthernet 3 allow

G2280(config)#

G2280(config)# mirror session 3 source interfaces LAG 3 both

G2280(config)#

Telnet Command: mvr

Use this command to enable MVR function and configure related settings.

Syntax Items

mvr

mvr group

mvr mode

mvr query-time

mvr vlan

Description

Syntax Items

Description

mvr

Enable MVR function.

Related Syntax:

l        <config># mvr

mvr group

Set MVR group address.

<A.B.C.D> - Enter an IP address.

<1-128> - Specify a number for contiguous series of IPv4 multicast address.

Related Syntax:

l        <config># mvr group <A.B.C.D><1-128>

mvr mode

Set MVR mode as compatible or dynamic.

<compatible> - The switch does not support IGMP dynamic joins on the source ports.

<dynamic> - The switch supports MVR membership on the source ports.

Related Syntax:

l        <config># mvr mode <compatible/dynamic>

mvr query-time

Set query response time for MVR.

<1-10> - Specify the response time (second).

Related Syntax:

l        <config># mvr query-time <1-10>

mvr vlan

Set a VLAN ID for MVR.

<1-4094> - Specify the existed static VLAN ID.

Related Syntax:

l        <config># mvr vlan <1-4094>

Example

G2280# configure

G2280(config)#

G2280(config)# mvr group 192.168.2.33

The operation will delete the MVR VLAN groups include static MVR groups.Continue

? [yes/no]:y

Input Parameter Error

G2280(config)#

 

Telnet Command: no

Use this command to disable specific command.

Syntax Items

no <command>

Example

G2280# configure

G2280(config)#

G2280(config)# no port-security

G2280(config)#

 


Telnet Command: openvpn

Use this command to enable/disable the OpenVPN tunnel.

Syntax Items

openvpn enable

openvpn disable

openvpn filename

Description

Syntax Items

Description

enable

Enable the OpenVPN tunnel.

disable

Disable the OpenVPN tunnel.

filename

<NAME> - Define a name for OpenVPN configuration.

Related Syntax:

l        <config># openvpn filename <NAME>

Example

G2280# configure

G2280(config)#

G2280(config)#

Telnet Command: port-security

Use this command to enable the function of port security.

Syntax Items

port-security

Example

G2280# configure

G2280(config)#

G2280(config)# port-security

G2280(config)#

 

Telnet Command: qos

Use this command to configure QoS settings.

Syntax Items

qos

qos map

qos queue

qos trust

Description

Syntax Items

Description

qos

Enable the quality of service based on basic trust type to assign the queue for packets.

Related Syntax:

l        <config># qos

qos map

map cos-queue - Set the CoS to queue map.

map dscp-queue - Set the DSCP to queue map.

map precedence-queue - Set the IP Precedence to queue map.

map queue-cos - Modify the queue to CoS map.

map queue-dscp - Modify the queue to DSCP map.

map queue-precedence - Modify the queue to IP precedence map.

<1-8> - Specify the queue number for the following CoS values mapped.

<1-8> - Specify the queue number to which the DSCP value shall correspond.

<1-8> - Specify the queue number to which the IP precedence value shall correspond.

<0-7> - Enter the cos value to which the queue ID shall correspond.

<0-7> - Enter the DSCP value to which the queue ID shall correspond.

<0-7> - Enter the IP precedence value to which the queue ID shall correspond.

Related Syntax:

l        <config># qos map cos-queue SEQUENCE to <1-8>

l        <config># qos map dscp-queue SEQUENCE to <1-8>

l        <config># qos map precedence-queue SEQUENCE to <1-8>

l        <config># qos map queue-cos SEQUENCE to <0-7>

l        <config># qos map queue-dscp SEQUENCE to <0-7>

l        <config># qos map queue-precedence SEQUENCE to <0-7>

qos queue

queue strict-priority-num - Set the number of strict priority queue.

queue weight SEQUENCE - Set the number of non-strict priority queue.

<0-8> - Specify the queue number.

<weight1-weight8> <1-127> - Specify a number (1~127) representing queue weight value.

Related Syntax:

l        <config># qos queue strict-priority-num <0-8>

l        <config># qos queue weight SEQUENCE <weight1 ¡V weight8> <1-127>

qos trust

Set the trust type, cos, for the device to judge the appropriate queue of the packets.

Related Syntax:

l        <config># qos trust <cos/cos-dscp/ dscp/ip-precedence>

Example

G2280# configure

G2280(config)#

G2280(config)# qos map cos-queue SEQUENCE to 3

G2280(config)#

Telnet Command: radius

Use this command to configure settings for RADIUS server.

Syntax Items

radius default-config

radius host

Description

Syntax Items

Description

radius default-config

Key <RADIUSKEY> - Specify key string for RADIUS server.

Retransmit <1-10> - Specify the retransmit times (from 1 to 10) for RADIUS server.

Timeout <1-30> - Specify the time out value (from 1 to 30) for RADIUS server.

Related Syntax:

l        <config># radius default-config key <RADIUSKEY>

l        <config># radius default-config key <RADIUSKEY> retransmit <1-10>

l        <config># radius default-config key <RADIUSKEY> retransmit <1-10> timeout <1-30>

l        <config># radius default-config retransmit <1-10>

l        <config># radius default-config retransmit <1-10> timeout <1-30>

l        <config># radius default-config timeout <1-30>

radius host

host <HOSTNAME> - Specify a domain name or IP address for RADIUS server host.

auth-port <0~65535> - Speicfy a UDP port number for RADIUS server.

key <RADIUSKEY> - Specify key string for RADIUS server.

priority <0~65535> - Specify the priority for RADIUS server.

retransmit <1-10> - Specify the retransmit times (from 1 to 10) for RADIUS server.

timeout <1-30> - Specify the time out value (from 1 to 30) for RADIUS server.

type <802.1x / all / login> - Choose the usage type for 802.1X authentication, or login, or both 802.1X authentication and login of RADIUS type.

Related Syntax:

l        <config># radius host <HOSTNAME> auth-port <0~65535>

l        <config># radius host <HOSTNAME> auth-port <0~65535> key <RADIUSKEY>

l        <config># radius host <HOSTNAME> auth-port <0~65535> key <RADIUSKEY> priority <0~65535>

l        <config># radius host <HOSTNAME> auth-port <0~65535> key <RADIUSKEY> priority <0~65535> retransmit <1-10>

l        <config># radius host <HOSTNAME> auth-port <0~65535> key <RADIUSKEY> priority <0~65535> retransmit <1-10> timeout <1-30> type <802.1x / all / login>

l        <config># radius host <HOSTNAME> key <RADIUSKEY>

l        <config># radius host <HOSTNAME> key <RADIUSKEY> priority <0~65535>

l        <config># radius host <HOSTNAME> key <RADIUSKEY> priority <0~65535> retransmit <1-10>

l        <config># radius host <HOSTNAME> key <RADIUSKEY> priority <0~65535> retransmit <1-10> timeout <1-30>

l        <config># radius host <HOSTNAME> key <RADIUSKEY> priority <0~65535> retransmit <1-10> timeout <1-30> type <802.1x / all / login>

l        <config># radius host <HOSTNAME> priority <0~65535>

l        <config># radius host <HOSTNAME> priority <0~65535> retransmit <1-10>

l        <config># radius host <HOSTNAME> priority <0~65535> retransmit <1-10> timeout <1-30>

l        <config># radius host <HOSTNAME> priority <0~65535> retransmit <1-10> timeout <1-30> type <802.1x / all / login>

l        <config># radius host <HOSTNAME> retransmit <1-10>

l        <config># radius host <HOSTNAME> retransmit <1-10> timeout <1-30>

l        <config># radius host <HOSTNAME> retransmit <1-10> timeout <1-30> type <802.1x / all / login>

l        <config># radius host <HOSTNAME> timeout <1-30>

l        <config># radius host <HOSTNAME> timeout <1-30> type <802.1x / all / login>

l        <config># radius host <HOSTNAME> type <802.1x / all / login>

Example

G2280# configure

G2280(config)#

G2280(config)# radius default-config key 123456789 retransmit 3 timeout 10

G2280(config)# radius host radius auth-port 3000

Telnet Command: schedule

Use this command to set schedule.

Syntax Items

schedule index

Description

Syntax Items

Description

schedule index

Specify an index number for configuring detailed settings of a schedule profile.

<1-15> - Enter a number to select a schedule profile.

<DESCRIPTION> - Give a brief description for such profile.

cycle-days - The action applied with the schedule will take place every few days.

monthly-date - The action applied with the schedule will take place in specified day within a month.

once - The action applied with the schedule will take place for one time.

weekdays - The action applied with the schedule will take place on a certain day within a week.

<1-31> - Enter a number to make action repeat.

<apr / aug / dec / feb /jan / jul / jun /jul / mar / may / nov / oct / sep > - Represent month of April, August, December, February, January, July, June, March, May, November, October, and September.

<sun /mon /tue /wed / thu / fri / sat> - Represent Sunday, Monday, Tuesday, Wednesday, Thursday, Friday and Saturday.

<1-31> - Enter a number as the start date within a month.

<2000-2035> - Enter the number as the year of start date.

<HH:MM> - Enter the hours and the miniutes.

<on/off> - Enable (on) or disable (off) the action applied with such profile.

Related Syntax:

l        <config># schedule index <1-15> description <DESCRIPTION>

l        <config># schedule index <1-15> how-often cycle-days <1-31> start-date <apr / aug / dec / feb /jan / jul / jun / mar / may / nov / oct / sep > <1-31> <2000-2035> start-time <HH:MM> duration <HH:MM> action <on/off>

l        <config># schedule index <1-15> how-often monthly-date <1-31> start-date <apr / aug / dec / feb /jan / jul / jun / mar / may / nov / oct / sep > <1-31> <2000-2035> start-time <HH:MM> duration <HH:MM> action <on/off>

l        <config># schedule index <1-15> how-often once start-date<apr / aug / dec / feb /jan / jul / jun / mar / may / nov / oct / sep > <1-31> <2000-2035> start-time <HH:MM> duration <HH:MM> action <on/off>

l        <config># schedule index <1-15> how-often weekdays <sun /mon /tue /wed / thu / fri / sat> start-date <apr / aug / dec / feb /jan / jul / jun / mar / may / nov / oct / sep > <1-31> <2000-2035> start-time <HH:MM> duration <HH:MM> action <on/off>

Example

G2280# configure

G2280(config)#

G2280(config)# schedule index 1 how-often cycle-days 3 start-date jan 1 2019 start-time 08:01 duraton 17:30 action on

G2280(config)# schedule index 2 how-often weekdays sun start-date may 11 2019 start-time 02:10 duration 12:10 action on

G2280(config)#

Telnet Command: snmp

Use this command to define SNMP community.

Syntax Items

snmp community

snmp engineid

snmp group

snmp host

snmp trap

snmp user

snmp view

Description

Syntax Items

Description

snmp community

snmp community - Set community name for SNMP v1 and v2, and access group name.

Available parameters for SNMP community:

<NAME> after community - Enter a string (maximum length: 20 characters) as community name.

<NAME> after group - Enter a string (maximum length: 30 characters) as access group.

ro - Set the community as read only.

rw - Set the community as read and write.

Related Syntax:

l        <config># snmp community <NAME> group <NAME>

l        <config># snmp community <NAME> ro

l        <config># snmp community <NAME> rw

l        <config># snmp community <NAME> view <NAME> ro

l        <config># snmp community <NAME> view <NAME> rw

snmp engineid

snmp engineid - Set the remote host for SNMP engine.

default - Reset to default setting of engine ID for SNMP server.

<ENGINEID> - Such number must be 10 ~ 64 hexadecimal.

<A.B.C.D> - Enter the IP address of the remote SNMP server.

<HOSTNAME> - Enter the host name of the remote SNMP server.

<X:X::X:X> - Enter the IPv6 address for remote SNMP server.

Related Syntax:

l        <config># snmp engineid <ENGINEID>

l        <config># snmp engineid default

l        <config># snmp engineid remote <A.B.C.D> <ENGINEID>

l        <config># snmp engineid remote <HOSTNAME> <ENGINEID>

l        <config># snmp engineid remote <X:X::X:X><ENGINEID>

snmp group

snmp group - Set the SNMP group.

<NAME> - Specify the name of SNMMP group.

version <1/2c/3> - Specify the version of SNMP service.

<auth/noauth/priv> - Specify the packet authentication mode. ¡§auth¡¨ means to perform packet authentication without encryption. It is applicable for SNMPv3 only. ¡§noauth¡¨ means no packet authentication performed. ¡§priv¡¨ means to perform packet authentication with encryption and also it is applicable for SNMPv3 only.

read-view <NAME> - Set the view name to enable agent configuration.

notify-view <NAME> - Set the view name to send only trap included in SNMP view for notification.

write-view <NAME> - Set the view name to enable viewing.

Related Syntax:

l        <config># snmp group <NAME> version <1/2c/3> <auth/noauth/priv> read-view <NAME>

l        <config># snmp group <NAME> version <1/2c/3> <auth/noauth/priv> read-view <NAME> notify-view <NAME>

l        <config># snmp group <NAME> version <1/2c/3> <auth/noauth/priv> read-view <NAME> notify-view <NAME> write-view <NAME>

snmp host

snmp host - Set a host to receive SNMP notifications.

<A.B.C.D> - Enter the IPv4/IPv6 address or host name of the receipt.

version <1/2c/3> - Specify the version of SNMP service.

<NAME> - Set the community name sent with the notification.

udp-port <1-65535> - Set the UDP port number.

timeout <1-300> - Set the timeout of V2c informs.

retries <1-255> - Enter the retry counter of V2c informs.

Related Syntax:

Set a host to receive SNMP notifications.

l        <config># snmp host <A.B.C.D> <NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <A.B.C.D> <NAME> udp-port <1-65535> timeout <1-300>

Set a host to receive SNMP notifications. Notification type is informs.

l        <config># snmp host <A.B.C.D> informs <NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> informs <NAME> timeout <1-300>

l        <config># snmp host <A.B.C.D> informs <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> informs <NAME> udp-port <1-65535>

l        <config># snmp host <A.B.C.D> informs <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <A.B.C.D> informs <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <A.B.C.D> informs <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> timeout <1-300>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> udp-port <1-65535>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <A.B.C.D> informs version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

Set a host to receive SNMP notifications. Notification type is traps.

l        <config># snmp host <A.B.C.D> traps <NAME>

l        <config># snmp host <A.B.C.D> traps <NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> traps <NAME> timeout <1-300>

l        <config># snmp host <A.B.C.D> traps <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> udp-port <1-65535>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <A.B.C.D> traps version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> retries <1-255>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> timeout <1-300>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> udp-port <1-65535>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <A.B.C.D> version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300>

l        <config>#snmp host <A.B.C.D> version <1/2c/3><NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME <NAME>

l        <config># snmp host HOSTNAME <NAME> retries <1-255>

l        <config># snmp host HOSTNAME <NAME> timeout <1-300>

l        <config># snmp host HOSTNAME <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME <NAME> udp-port <1-65535>

l        <config># snmp host HOSTNAME <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host HOSTNAME <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host HOSTNAME <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME informs <NAME>

l        <config># snmp host HOSTNAME informs <NAME> retries <1-255>

l        <config># snmp host HOSTNAME informs <NAME> timeout <1-300>

l        <config># snmp host HOSTNAME informs <NAME> retries <1-255> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME informs <NAME> udp-port <1-65535>

l        <config># snmp host HOSTNAME informs <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host HOSTNAME informs <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host HOSTNAME informs <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME traps <NAME>

l        <config># snmp host HOSTNAME traps <NAME> retries <1-255>

l        <config># snmp host HOSTNAME traps <NAME> timeout <1-300>

l        <config># snmp host HOSTNAME traps <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME traps <NAME> udp-port <1-65535>

l        <config># snmp host HOSTNAME traps <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host HOSTNAME traps <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host HOSTNAME traps <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> retries <1-255>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> timeout <1-300>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> udp-port <1-65535>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host HOSTNAME traps version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> retries <1-255>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> timeout <1-300>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> udp-port <1-65535>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host HOSTNAME version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <config># snmp host <X:X::X:X> <NAME>

l        <config># snmp host <X:X::X:X> <NAME> retries <1-255>

l        <config># snmp host <X:X::X:X> <NAME> retries <1-255> timeout <1-300>

l        <config># snmp host <X:X::X:X> <NAME> retries <1-255> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> <NAME> udp-port <1-65535>

l        <config># snmp host <X:X::X:X> <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <X:X::X:X> <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <X:X::X:X> <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> informs <NAME>

l        <config># snmp host <X:X::X:X> informs <NAME> retries <1-255>

l        <config># snmp host <X:X::X:X> informs <NAME> timeout <1-300>

l        <config># snmp host <X:X::X:X>informs <NAME> retries <1-255> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> informs <NAME> udp-port <1-65535>

l        <config># snmp host <X:X::X:X> informs <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <X:X::X:X> informs <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <X:X::X:X> informs <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> traps <NAME>

l        <config># snmp host <X:X::X:X> traps <NAME> retries <1-255>

l        <config># snmp host <X:X::X:X> traps <NAME> timeout <1-300>

l        <config># snmp host <X:X::X:X> traps <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> traps <NAME> udp-port <1-65535>

l        <config># snmp host <X:X::X:X> traps <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <X:X::X:X> traps <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <X:X::X:X> traps <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> retries <1-255>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> timeout <1-300>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> timeout <1-300> retries <1-255>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> udp-port <1-65535>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> udp-port <1-65535> retries <1-255>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300>

l        <config># snmp host <X:X::X:X> version <1/2c/3> <NAME> udp-port <1-65535> timeout <1-300> retries <1-255>

snmp trap

snmp trap - Send the SNMP traps.

auth ¡V Enable the SNMP authentication failure trap.

cold-start ¡V Enable the SNMP cold startup failure trap.

linkUpDown ¡V Enable the SNMP link up and down failure trap.

wort-security ¡V Enable the SNMP port security trap.

Warm-start ¡V Enable the SNMP warm startup failure trap.

Related Syntax:

l        <config># snmp trap <auth / cold-start / linkUpDown / port-security / warm-start>

snmp user

snmp user - Set SNMP user account.

<username> - Specify a name of SNMP user.

<groupNAME> - Sepcify a name of SNMP group.

auth <md5/sha> - Specify the authentication mode, md5 or sha.

<AUTHPASSWD> - Enter the password for the md5/sha mode.

Pri <PRIVPASSWD> - Enter a password as a privacy key.

Related Syntax:

l        <config># snmp user <sername> <groupNAME>

l        <config># snmp user <sername> <groupNAME> auth <md5/sha> <AUTHPASSWD>

l        <config># snmp user <sername> <groupNAME> auth <md5/sha> <AUTHPASSWD> priv <PRIVPASSWD>

snmp view

snmp view - Set the SNMP view.

<NAME> - Enter the SNMP view name.

Subtree <OID> - Specify the ASN.1 subtree object identifier (OID).

oid-mask <mask/all> - Speicfy the OID mask, or use all for all masks.

viewtype <exluded/included> - Let the selected MIBs include or exclude in the SNMP view.

Related Syntax:

l        <config># snmp view <NAME> subtree <OID> oid-mask <mask> viewtype <excluded/included>

Example

G2280# configure

G2280(config)#

G2280(config)# snmp engineid remote 192.168.2.38 00036D001188

G2280(config)# snmp engineid remote 00:50::16:88 00036D002288

G2280(config)# snmp host 192.168.2.89 CAR_community udp-port 1500 timeout 200

G2280(config)# snmp host 192.168.2.88 informs version 2c CAR_community udp-port 3000 timeout 180 retries 35

G2280(config)# snmp host 192.168.2.88 traps version 2c CAR_traps udp-port 6500 timeout 60 retries 2

G2280(config)# snmp host 192.168.2.88 version 2c CAR_version udp-port 3000 timeout 60 retries 2

G2280(config)# snmp host HOSTNAME CAR_host udp-port 3000 timeout 60 retries

G2280(config)# snmp host HOSTNAME informs HA_informs udp-port 3000 timeout 60 retries 2

G2280(config)# snmp host HOSTNAME version 2c HT_verstion udp-port 3000 timeout 60 retries 2

G2280(config)# snmp user CA_user_1 CA_group_1 auth md5 CA12345678 priv PR12345678

G2280(config)# snmp view CAR_community subtree 10 oid-mask 9 viewtype included

G2280(config)#

 

Telnet Command: sntp

Use this command to configure settings for remote SNTP server.

Syntax Items

sntp host

Description

Syntax Items

Description

sntp host

Set the remote SNTP server by specifying IP address or hostname.

<HOSTNAME> - Enter the IP address or hostname of SNTP server.

<1-65535> - Specify the port number for the SNTP server.

Related Syntax:

l        <config># sntp host <HOSTNAME>

l        <config># sntp host <HOSTNAME>> port <1-65535>

Example

G2280# configure

G2280(config)#

G2280(config)# sntp host KEY1245 port 3000

G2280(config)#

 

Telnet Command: spanning-tree

Use this command to configure settings for spanning-tree.

Syntax Items

spanning-tree

spanning-tree bpdu

spanning-tree forward-delay

spanning-tree hello-time

spanning-tree max-hops

spanning-tree maximum-age

spanning-tree mode

spanning-tree mst

spanning-tree pathcost

spanning-tree priority

spanning-tree tx-hold-count

Description

Syntax Items

Description

spanning-tree

Enable the function of spanning-tree.

Related Syntax:

l        <config># spanning-tree

spanning-tree bpdu

Filter/flood the BPDU packets.

<filtering> - Packets will be filtered when STP is disabled on specified interface.

<flooding> - Packets will be flooded to all interfaces with STP disabled and flooding mode.

Related Syntax:

l        <config># spanning-tree bpdu<filtering/flooding>

spanning-tree forward-delay

Set the STP forward delay time.

<4-30> - Default value is 15 (seconds).

Related Syntax:

l        <config># spanning-tree forward-delay <4-30>

spanning-tree hello-time

Set the hello time interval to broadcast the message to other bridges.

<1-10> - Default value is 2 (seconds).

Related Syntax:

l        <config># spanning-tree hello-time <1-10>

spanning-tree max-hops

Set the number of hops for BPDI packets to be forwarded in the MSTP region.

<1-40> - Default value is 20 (seconds).

Related Syntax:

l        <config># spanning-tree max-hops <1-40>

spanning-tree maximum-age

Set the time interval for VigorSwitch to wait without receiving the configuration message.

<6-40> - Default value is 20 (seconds).

Related Syntax:

l        <config># spanning-tree maximum-age <6-40>

spanning-tree mode

<mstp/rstp/stp> - Specify the operation mode for spanning tree, such as multiple spanning tree (MSTP), rapid spanning tree (RSTP) or spanning tree (STP).

Related Syntax:

l        <config># spanning-tree mode <mstp/rstp/stp>

spanning-tree mst

spanning-tree mst - Configure port priority settings for MST.

<0-15> - Specify the instance ID.

<0-61440> - Set the priority for the specified instance ID.

Related Syntax:

l        <config># spanning-tree mst <0-15> priority <0-61440>

spanning-tree mst configuration - Access into the MSTP configuration mode. To configure detailed settings, access into next level.

<config># spanning-tree mst configuration

<config-mst>#

Then, available sub-commands are:

<config-mst>#do

<config-mst># end

<config-mst># exit

<config-mst># instance

<config-mst># name

<config-mst># no

<config-mst># revision

do <SEQUENCE> - Enter the action to be performed.

end - End current mode.

exit - Exit from current mode.

instance <0-15> vlan <1-4094> - Specify the instance ID number and VLAN ID number.

name <NAME> - Set a name of MST configuration.

no - Set to default setting.

revision <0-65535> - Set revision level.

spanning-tree pathcost

Set the path-cost method for spanning tree.

<long/short> - Long means the path cost ranging from 1 to 200000000; short means the path cost ranging from 1 to 65535.

Related Syntax:

l        <config># spanning-tree pathcost method <long/short>

spanning-tree priority

Set the priority for the specified instance ID.

<0-61440> - The number must be multiple of 4096.

Related Syntax:

l        <config># spanning-tree priority <0-61440>

spanning-tree tx-hold-count

Set the maximum number of packets transmission per second.

<1-10> - Valid range is from 1 to 10.

Related Syntax:

l        <config># spanning-tree tx-hold-count <1-10>

Example

G2280# configure

G2280(config)#

G2280(config)# spanning-tree forward-delay 20

G2280(config)#

G2280(config)# spanning-tree maximum-age 38

G2280(config)#

G2280(config)# spanning-tree tx-hold-count 3

G2280(config)#

Telnet Command: start-up

Use this command to restart ICP status after rebooting VigorSwitch.

Syntax Items

start-up icp

Description

Syntax Items

Description

start-up icp

Related Syntax:

l        <config># start-up icp enable

Example

G2280# configure

G2280(config)#

G2280(config)# start-up icp enable

G2280(config)#

Telnet Command: storm-control

Use this command to configure settings for Storm Control.

Syntax Items

storm-control ifg exclude

storm-control ifg include

storm-control unit bps

storm-control unit pps

Description

Syntax Items

Description

storm-control ifg exclude

Exclude the preamble and IFG (inter frame gap) into the calculating.

Related Syntax:

l        <config># storm-control ifg exclude

storm-control ifg include

Include the preamble and IFG (inter frame gap) into the calculating.

Related Syntax:

l        <config># storm-control ifg include

storm-control unit bps

Change the unit of calculating method for storm-control.

bps ¡V Calculate the storm control rate by octet-based.

Related Syntax:

l        <config># storm-control unit bps

storm-control unit pps

Change the unit of calculating method for storm-control.

pps ¡V Calculate the storm control rate by packet-based.

Related Syntax:

l        <config># storm-control unit pps

Example

G2280# configure

G2280(config)#

G2280(config)# storm-control ifg exclude

G2280(config)#

G2280(config)# storm-control unit bps

G2280(config)#

Telnet Command: surveillance-vlan

Use this command to configure settings for surveillance-VLAN.

Syntax Items

surveillance-vlan

surveillance-vlan aging-time

surveillance-vlan cos

surveillance-vlan oui-table

surveillance-vlan vlan

Description

Syntax Items

Description

surveillance-vlan

Enable the function of surveillance VLAN on VigorSwitch.

Related Syntax:

l        <config># surveillance-vlan

surveillance-vlan aging-time

Set the aging time for surveillance VLAN.

<30-65536> - Enter a value as aging time.

Related Syntax:

l        <config># surveillance-vlan aging-time <30-65536>

surveillance-vlan cos

Set the class of service (0~7) for surveillance VLAN.

<0-7>- Enter a number.

Related Syntax:

l        <config># surveillance-vlan cos <0-7> remark

surveillance-vlan oui-table

Enable OUI surveillance VLAN configuration for specified interface.

<A:B:C> - Enter the OUI address (e.g., 00:50:12).

<DESCRIPTION> - Enter a string to briefly explain the surveillance VLAN.

Related Syntax:

l        <config># surveillance-vlan oui-table <A:B:C> <DESCRIPTION>

surveillance-vlan vlan

Specify a VLAN profile as surveillance VLAN.

<2-4094> - Specify the surveillance VLAN ID.

Related Syntax:

l        <config># surveillance-vlan vlan <2-4094>

Example

G2280# configure

G2280(config)#

G2280(config)#

G2280(config)# surveillance-vlan aging-time 60

G2280(config)#

G2280(config)# surveillance-vlan oui-table 00:50:12 fortestonly

G2280(config)#

Telnet Command: system

Use this command to modify the contact information of VigorSwitch.

Syntax Items

system contact

system location

system name

Description

Syntax Items

Description

system contact

<CONTACT> - Enter a string (maximum length: 256 characters).

Related Syntax:

l        <config># system contact <CONTACT>

system location

<LOCATION> - Specify the location of the host.

Related Syntax:

l        <config># system location <LOCATION>

system name

<NAME> - Change the name of the system. The default name is ¡§P1280¡¨.

Related Syntax:

l        <config># system name <NAME>

Example

G2280# configure

G2280(config)#

G2280(config)# system contact callMIS

G2280(config)#

G2280(config)# system location DrayTek

G2280(config)# system name UPDATEFRIM

UPDATEFRIM(config)#

Telnet Command: tacacs

Use this command to configure TACACS+ server.

Syntax Items

tacacs default-config

tacacs host

Description

Syntax Items

Description

tacacs default-config

Set the default parameters for the TACACS+ server.

Modify the default parameters of server key and timeout setting for the TACACS+ server.

<TACPLUSKEY> - Enter a string as the TACACS+ server key.

<1-30> - Enter a value as the TACACS+ server timeout.

Related Syntax:

l        <config># tacacs default-config

l        <config># tacacs default-config key <TACPLUSKEY>

l        <config># tacacs default-config key <TACPLUSKEY> timeout <1-30>

tacacs host

Set host name for the TACACS+ server or set host name, server key and priority for the TACACS+ server.

<HOSTNAME> - Enter the host name of the TACACS+ server.

<TACPLUSKEY> - Enter a string as the TACACS+ server key.

<0-65535> - Enter a value as server priority in server group.

<1-30> - Enter a timeout setting.

Related Syntax:

l        <config># tacacs host <HOSTNAME>

l        <config># tacacs host <HOSTNAME> key <TACPLUSKEY>

l        <config># tacacs host <HOSTNAME> key <TACPLUSKEY> priority <0-65535>

l        <config># tacacs host <HOSTNAME> key <TACPLUSKEY> priority <0-65535> timeout <1-30>

Example

G2280# configure

G2280(config)#

G2280(config)# tacacs default-config key tce00056 timeout 25

G2280(config)#

G2280(config)# tacacs host carrie02 key TA012345 priority 3000 timeout 10

G2280(config)#

Telnet Command: tr069

Use this command to configure parameter settings of TR-069.

Syntax Items

tr069 acsPwd

tr069 acsUsername

tr069 acsurl

tr069 cpeEnable

tr069 cpePwd

tr069 cpeUsername

tr069 cpeport

tr069 healthlinkstatus

tr069 healthpoewarning

tr069 healthspeedstatus

tr069 periodicInfo

tr069 periodicTime Time

tr069 ssl

tr069 stun

tr069 stunMAXkeepalive

tr069 stunMINkeepalive

tr069 stunaddr

tr069 stunport

Description

Syntax Items

Description

tr069 acsPwd

<PASSWORD> - Enter the password used for registering to VigorACS server.

Related Syntax:

l        <config># tr069 acsPwd<PASSWORD>

tr069 acsUsername

<NAME> - Enter the username used for registering to VigorACS server.

Related Syntax:

l        <config># tr069 acsUsername<NAME>

tr069 acsurl

<ADDRESS> - Enter the URL for VigorACS server.

Related Syntax:

l        <config># tr069 acsurl <ADDRESS>

tr069 cpeEnable

<disable/enable> - Enter Enable for VigorACS controlling such CPE through the Internet.

Related Syntax:

l        <config># tr069 cpeEnable <disable/enable>

tr069 cpePwd

<PASSWORD> - Enter the password that VigorACS server can use it to authenticate and control the CPE device.

Related Syntax:

l        <config># tr069 cpePwd <PASSWORD>

tr069 cpeUsername

<NAME> - Enter the username that VigorACS server can use it to authenticate and control the CPE device.

Related Syntax:

l        <config># tr069 cpeUsername <NAME>

tr069 cpeport

<0-65535> - Enter the port number for CPE.

Related Syntax:

l        <config># tr069 cpeport <0-65535>

tr069 healthlinkstatus

Perform the health check for the link status of specified interface(s).

<PORTLIST> - Specify the interface, such as GE1, GE3-GE5 and so on.

Related Syntax:

l        <config># tr069 healthlinkstatus <PORTLIST>

tr069 healthpoewarning

Perform the health check for PoE port warning status.

<PORTLIST> - Specify the interface, such as GE1, GE3-GE5 and so on.

Related Syntax:

l        <config># tr069 healthpoewarning <PORTLIST>

tr069 healthspeedstatus

Perform the health check for link speed status of specified interface(s).

<PORTLIST> - Specify the interface, such as GE1, GE3-GE5 and so on.

Related Syntax:

l        <config># tr069 healthspeedstatus <PORTLIST>

tr069 periodicInfo

<disable/enable> - Enter Enable to activate periodic information setting.

Related Syntax:

l        <config># tr069 periodicInfo <disable/enable>

tr069 periodicTime TIME

Update the CPE information to VigorACS server.

Related Syntax:

l        <config># tr069 periodicTime TIME

tr069 ssl

<disable/enable> - Enter Enable to enable CPE management protocol with SSL.

Related Syntax:

l        <config># tr069 ssl <disable/enable>

tr069 stun

<disable/enable> - Enter Enable to enable CPE management protocol with STUN server.

Related Syntax:

l        <config># tr069 stun <disable/enable>

tr069 stunMAXkeepalive

Set the maximum time period for CPE to send the binding request to VigorACS server.

<0-65535> - Enter a number.

Related Syntax:

l        <config># tr069 stunMAXkeepalive <0-65535>

tr069 stunMINkeepalive

Set the minimum time period for CPE to send the binding request to VigorACS server.

<0-65535> - Enter a number.

Related Syntax:

l        <config># tr069 stunMINkeepalive <0-65535>

tr069 stunaddr

<ADDRESS> - Enter the URL/IP address of STUN server.

Related Syntax:

l        <config># tr069 stunaddr <ADDRESS>

tr069 stunport

<0-65535> - Set the port number for STUN server.

Related Syntax:

l        <config># tr069 stunport <0-65535>

Example

G2280# configure

G2280(config)#

G2280(config)# tr069 stunaddr 192.168.3.99

G2280(config)#

Telnet Command: udld

Use this command to set the time interval of UniDirectional Link Detection (UDLD) sent message.

Syntax Items

udld

Description

Syntax Items

Description

udld message time

<1-90> - Specify a time interval for sending message.

Related Syntax:

l        <config>#udld message time <1-90>

Example

G2280# configure

G2280(config)# udld message time 35

G2280(config)#

Telnet Command: username

Use this command to add a new user account or edit an existing user account.

Syntax Items

username

Description

Syntax Items

Description

username

privilege - Set a user account with the privilege of admin, user or customized level.

secret - Set a user account with unencrypted password.

secret encrypted - Set a user account with encrypted password.

<WORD> - Enter the name (0~32 characters) of the local user profile.

<admin/ user> - Specify the privilege level to be admin (privilege 15) / user (privilege 1).

<PASSWORD> - Enter a string as the password for the local user.

Related Syntax:

l        <config># username <WORD> privilege <admin/user> secret <PASSWORD>

l        <config># username <WORD> secret <PASSWORD>

l        <config># username <WORD> secret encrypted <PASSWORD>

Example

G2280# configure

G2280(config)#

G2280(config)# username carrie_1 privilege admin secret md123456

G2280(config)#

G2280(config)# username carrie_1 secret encrypted ca123456

Old password: ********

G2280(config)#

Telnet Command: vlan

Use this command to configure detailed settings for VLAN profile.

Before configuring, you have to access into next phase. See the following example:

G2280# configure

G2280(config)#

G2280(config)# vlan 3

P1280(config-vlan)#

Syntax Items

vlan vlan-list

vlan mac-vlan group

vlan protocol-vlan group

Description

Syntax Items

Description

vlan

Specify the index number of VLAN profile. To configure detailed settings, access into next level.

<vlan-list> - The available range is 1 to 4094.

<config># vlan 33

<config-vlan>#

Then, available sub-commands are:

<config-vlan>#do

<config-vlan>#end

<config-vlan>#exit

<config-vlan>#name

Use the ¡§do¡¨ command to run execution command in current mode.

<SEQUENCE> -

Related Syntax:

l        <config-vlan>#do <SEQUENCE>

Use the ¡§end¡¨ command to finish current mode. Any changes in current mode will be saved.

Related Syntax:

l        <config-vlan>#end

Use the ¡§exit¡¨ command to close the current CLI session or return to the previous mode without saving the settings.

Related Syntax:

l        <config-macl>#exit

Use the ¡§name¡¨ command to add a VLAN profile.

<string> - Enter the name of the VLAN profile.

Related Syntax:

l        <config-vlan>#name <string>

vlan mac-vlan group

Create a MAC-vlan group.

<1-2147483647> - Specify a group ID.

<A:B:C:D:E:F> - Enter the MAC address to be mapped.

<9-48> - Enter a number representing the subnet mask.

Related Syntax:

l        <config># vlan mac-vlan group <1-2147483647> <A:B:C:D:E:F> mask <9-48>

vlan protocol-vlan group

Create a protocol VLAN group with specified protocol type and value.

<1-8> - Enter a number to specify a VLAN group.

<Ethernet_ii/ 11c_other/snap_1042> - Specify a frame type by entering Ethernet_ii, 11c_other or snap_1042.

<value> - Enter a value (0x0600~0xFFFE).

Related Syntax:

l        <config># vlan protocol-vlan group <1-8> frame-type <Ethernet_ii/ 11c_other/snap_1042> protocol-value <value>

Example

G2280# configure

G2280(config)# vlan 3

P2280(config-vlan)#

P2280(config-vlan)# name vlan_friends

P2280(config-vlan)#

¡K

G2280(config)# vlan mac-vlan group 33 00:50:17:22:12:ff mask 10

G2280(config)# vlan group 1 frame-type ethernet_ii protocol-value 0x0600

G2280(config)#

Telnet Command: voice-vlan

Use this command to enable voice VLAN and configure settings for voice VLAN.

Syntax Items

voice-vlan aging-time

voice-vlan cos

voice-vlan oui-table

voice-vlan vlan

Description

Syntax Items

Description

voice-vlan aging-time

Set the voice VLAN aging timeout interval.

<30-65536> - The unit is minute. Default is 1440 (minutes).

<string> - Enter the name of the VLAN profile.

Related Syntax:

l        <config># voice-vlan aging-time <30-65536>

voice-vlan cos

Set the voice VLAN cos value and remark function.

Specify the class of service for voice VLAN.

<0-7> - CoS value. Default is 6. Remark is disabled.

remark ¡V L2 user priority is remarked with the CoS value.

Related Syntax:

l        <config># voice-vlan cos <0-7> remark

voice-vlan oui-table

Add or remove the selected OUI to/from the OUI table. In default, there are 8 OUI addresses.

<A:B:C> - Enter the OUI address.

<DESCRIPTION> - Enter a brief description for the specified MAC address to the voice VLAN OUI table.

Related Syntax:

l        <config># voice-vlan cos <0-7> remark

voice-vlan vlan

Set the VLAN identifier of the voice VLAN.

<2-4094> - Enter the number of VLAN ID.

Related Syntax:

l        <config># voice-vlan vlan <2-4094>

Example

G2280# configure

G2280(config)# voice-vlan aging-time 1000

G2280(config)#

G2280(config)# voice-vlan oui-table 22:30:ff test_01

G2280(config)#

G2280(config)# voice-vlan oui-table 00:01:E2 STAMP

G2280(config)# exit

G2280# show voice-vlan interfaces gigabitEthernet 1

Voice VLAN Aging    : 1000 minutes

Voice VLAN CoS      : 6

Voice VLAN 1p Remark: disabled

 

OUI table

   OUI MAC    |   Description

--------------+-----------------

   00:E0:BB   | 3COM

   00:03:6B   | Cisco

   00:E0:75   | Veritel

   00:D0:1E   | Pingtel

   00:01:E3   | Siemens

   00:60:B9   | NEC/Philips

   00:0F:E2   | H3C

   00:09:6E   | Avaya

   22:30:FF   | test_01

   00:01:E2   | STAMP

 

  Port | State    | Port Mode   | Cos Mode

-------+----------+-------------+-----------

gi1    | Disabled |    Auto     | Src

G2280#

 

Telnet Command: webhook

Use this command to enable or disable the webhook service.

Syntax Items

webhook active

webhook host

webhook interval

webhook keep

Description

Syntax Items

Description

webhook active

<enable/disable> - Enable or disable the webhook application.

Related Syntax:

l        <config># webhook active <enable/disable>

webhook host

Specify the destination (URL, domain name, IP address) to receive the data transferred by VigorSwitch.

ip <ADDRESS> - Enter the IP address of the destination.

path <PATH> - Enter the path string (part of the composition of the URL) of the destination.

port <number> - Enter a port number.

service <http/https> - Specify the protocol (http or https) of the destination.

url <domain name> - Enter the domain name (e.g., draytek.com) of the destination. Note that it is not necessary to enter this information if IP address has been set first.

Related Syntax:

l        <config># webhook host ip <ADDRESS>

l        <config># webhook host path <PATH>

l        <config># webhook host port <number>

l        <config># webhook host service <http/https>

l        <config># webhook host url <domain name>

webhook interval

<1-60> - Set the transmission interval (unit is minute).

Related Syntax:

l        <config># webhook interval <1-60>

webhook keep

setings <enable/disable> - Enable or disable the function of keep webhook settings.

Related Syntax:

l        <config># webhook keep setings <enable/disable>

Example

G2280# configure

G2280(config)# webhook host service https

G2280(config)# webhook host url www.demo.com

G2280(config)# webhook host path Draytek/demo

G2280(config)# webhook host port 443

G2280(config)# webhook interval 2

 

 


Use this command to upgrade firmware image, configuration file, syslog file, language file and security certificate.

Syntax Items

copy flash://

copy tftp://

copy backup-config

copy running-config

copy startup-config

Description

Syntax Items

Description

copy flash://

Related Syntax:

l        # copy flash:// flash://

l        # copy flash:// tftp://

copy running-config

startup-config - Copy the running configuration file to startup configuration.

tftp://- Copy the running configuration file to remote TFTP server with a filename.

<IP address> - Enter the IP address of TFTP sever.

<filename> - Create a name to save the configuration file.

Related Syntax:

l        # copy running-config backup-config

l        # copy running-config startup-config

l        # copy running-config tftp://

copy startup-config

running-config - Copy the startup configuration file to the running configuration.

tftp://- Copy the startup configuration file to remote TFTP server with a filename.

<IP address> - Enter the IP address of TFTP sever.

<filename> - Create a name to save the configuration file.

Related Syntax:

l        # copy startup-config backup-config

l        # copy startup-config running-config

l        # copy startup-config tftp://

copy tftp://

Backup-config - Get the backup configuration from specified TFTP server.

running-config - Get the running configuration from specified TFTP server.

startup-config - Get the startup configuration from specified TFTP server.

Related Syntax:

l        # copy tftp:// backup-config

l        # copy tftp:// flash://

l        # copy tftp:// running-config

l        # copy tftp:// startup-config

l        # copy tftp:// tftp://

Example

G2280# copy running-config tftp://172.16.3.8/test_carrie.cfg

Uploading file. Please wait...

Save configuration done.

G2280# copy startup-config tftp://172.16.3.8/test_da.cfg

Uploading file. Please wait...

Save configuration done.

G2280#

 

Use this command to delete a file from the FLASH file system or restore the factory default settings of VigorSwitch.

Syntax Items

delete backup-config

delete flash:// startup-config

delete startup-config

delete system

Description

Syntax Items

Description

delete backup-config

Delete the backup configuration file in FLASH file system.

Related Syntax:

l        # delete backup-config

delete flash://startup-config

Delete the startup configuration file in FLASH file system.

Related Syntax:

l        # delete flash://startup-config

delete startup-config

Restore the factory default settings of VigorSwitch.

Related Syntax:

l        # delete startup-config

delete system

Delete the firmware image0/image1 stored in FLASH file system.

<image0/image1> -

Related Syntax:

l        # delete system <image0/image1>

Example

G2280# delet flash://startup-config

Delete flash://startup-config [y/n] y

Do you want to reload the system to take effect? [y/n] y

¡K

 

All commands used will be divided into EXEC mode and Privileged EXEC mode. This command is to turn off privileged mode command.

Default privilege level is 15 if no privilege level is specified on enable command.

Default privilege level is 1 if no privilege level is specified on disable command.

Syntax Items

disable

Description

Syntax Items

Description

disable

Enter a number to specify the privilege level.

Related Syntax:

l        # disable <1-14>

Example

G2280# disable ?

  <1-14>  Privilege level

  <cr>

G2280# disable 3

P1280>

 

Use this command to end current mode.

Syntax Items

end

Example

G2280(config)# interface GigabitEthernet 3

G2280(config-if)# end

G2280#

 

Use this command to close current CLI session or return to previous mode.

Syntax Items

exit

Example

G2280(config)# interface GigabitEthernet 3

G2280(config-if)# exit

G2280(config)#

 

I-2-9 Ping Configuration

Use this command to send ICMP ECHO_REQUEST to network hosts.

Syntax Items

ping

Description

Syntax Items

Description

ping

<HOSTNAME> - Enter an IPv4/IPv6 address or a domain name to ping.

count <1-999999999> - Specify the number of repetitions of ping operation.

Related Syntax:

l        # ping <HOSTNAME> count <1-999999999>

Example

G2280# ping 192.168.1.11 count 3

PING 192.168.1.11 (192.168.1.11): 56 data bytes

64 bytes from 192.168.1.11: icmp_seq=0 ttl=64 time=0.0 ms

64 bytes from 192.168.1.11: icmp_seq=1 ttl=64 time=0.0 ms

64 bytes from 192.168.1.11: icmp_seq=2 ttl=64 time=0.0 ms

 

--- 192.168.1.11 ping statistics ---

3 packets transmitted, 3 packets received, 0% packet loss

round-trip min/avg/max = 0.0/0.0/0.0 ms

G2280#

 

Use this command to perform a cold restart of VigorSwitch.

Syntax Items

reboot

Example

G2280# reboot

G2280#

Use this command to renew DHCP Snooping database from backup file.

Syntax Items

renew ip dhcp snooping database

Example

G2280# renew ip dhcp snooping database

G2280#

Use this command to restore the factory default settings for the system or for the selected port.

Syntax Items

restore-defaults

Description 

Syntax Items

Description

restore-defaults

<1-28> - Enter the number (1 to 28) of LAN port.

<1-8> - Enter the number of LAG port.

Related Syntax:

l        # restore-defaults

l        # restore-defaults interfaces GigabitEthernet <1-28>

l        # restore-defaults interfaces LAG <1-8>

Example

G2280# restore-defaults interfaces gigabitethernet 3

Interface gi3: restore factory defaults.

G2280#

G2280# restore-default

System: restore factory defaults. Do you want to reboot now? (y/n)y

 

 

Use this command to save configuration and activate the settings.

Note that this command has the same effect as "copy running-config startup-config".

Syntax Items

save

Example

G2280# save

Success

G2280#

 

After finished the command setting, use this command to display the configuration for all commands.

Syntax Items

show <command>

Example

G2280# show acl utilization

Type: sys                            usage: 256

Type: IPSG                           usage: 128

Type: Auth                           usage: 128

G2280#

G2280#

G2280# show arp

Address           HWtype  HWaddress           Flags Mask         Iface

192.168.1.55     ether   00:1D:AA:F0:26:08   C                   eth0

192.168.1.10     ether   00:05:5D:E4:D8:EE   C                   eth0

G2280# show voice-vlan interfaces gigabitethernet 3

Voice VLAN Aging    : 1440 minutes

Voice VLAN CoS      : 6

Voice VLAN 1p Remark: disabled

 

OUI table

   OUI MAC    |   Description

--------------+-----------------

   00:E0:BB   | 3COM

   00:03:6B   | Cisco

   00:E0:75   | Veritel

   00:D0:1E   | Pingtel

   00:01:E3   | Siemens

   00:60:B9   | NEC/Philips

   00:0F:E2   | H3C

   00:09:6E   | Avaya

 

  Port | State    | Port Mode   | Cos Mode

-------+----------+-------------+-----------

gi3    | Disabled |    Auto     | Src

G2280#

 

Use this command to generate security certificate files such as RSA, DSA.

After entering the command of SSL, follow the onscreen questions to give the required information.

Syntax Items

ssl

Example

G2280# ssl

Generating a 1024 bit RSA private key

.............................................++++++

..............................++++++

writing new private key to '/mnt/ssh/ssl_key.pem_tmp'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a D

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:tw

State or Province Name (full name) [Some-State]:hs

Locality Name (eg, city) []:hschu

Organization Name (eg, company) [Internet Widgits Pty Ltd]:draytek

Organizational Unit Name (eg, section) []:marketing

Common Name (e.g. server FQDN or YOUR name) []:draytek

Email Address []:carrie_ni@draytek.com

G2280#

 

Use this command to set the maximum line number that the terminal is able to print.

Syntax Items

terminal

Syntax Description

Syntax Items

Description

terminal

<0-24> - Enter the length value. 0 means no limit.

Related Syntax:

l        # terminal length <0-24>

Example

G2280# terminal length 15

G2280# show running-config

¡K¡K

Use this command to execute network trace route diagnostic.

Syntax Items

traceroute

Syntax Description

Syntax Items

Description

traceroute

<HOSTNAME>- Enter the IP address or the hostname of the device for VigorSwitch to perform traceroute diagnostic.

Related Syntax:

l        # traceroute <HOSTNAME>

Example

G2280# traceroute 192.168.1.224

traceroute to 192.168.1.224 (192.168.1.224), 30 hops max, 40 byte packets

 1  192.168.1.224 (192.168.1.224)  0 ms  0 ms  0 ms

G2280#

 

Use this command to reset all interfaces disabled by the UniDirectional Link Detection (UDLD) and make data traffic begin passing through the interfaces again.

Syntax Items

udld

Syntax Description

Syntax Items

Description

udld

Enter the IP address or the hostname of the device for VigorSwitch to perform traceroute diagnostic.

Related Syntax:

l        # udld reset

Example

G2280# udld reset

G2280#