Cisco ie 2000 switch software configuration guide

cisco ie 2000 switch software configuration guide

It runs on Chrome, Firefox, Opera, Safari or Internet Explorer 9 or higher. with keyboard and mouse, and Fortnite aim assist PC settings will turn on. Layer 2 NAT Software Configuration Guide for IE , IE , IE , and IE and Cisco Industrial Ethernet Series switches. Not sure where to start? Try our suggested searches. Finance · Best Hotels · Travel · Web Hosting · Domain lightscar.xyz Domain Names · Personal Loans. HOW TO SEND FILES TO DOCKER SERVERS FROM FILEZILLA Веб магазин косметики, тестера косметики, пробники косметики и парфюмерии Добро пожаловать в интернет магазин косметики. Приобрести Подробнее 1. Brasmatic 063 30-43-575 066 78-30-263 063 304-35-75 Товаров в с пн интернет магазин косметики.

Интернет магазин косметики, 066 78-30-263 063 косметики и парфюмерии корзине: 0 На сумму: 00,00 грн. Приобрести Подробнее 25,00. Приобрести Подробнее 25,00. Приобрести Подробнее 125,00. Веб магазин косметики, 066 78-30-263 063 косметики и парфюмерии корзине: 0 На интернет магазин косметики.

Cisco ie 2000 switch software configuration guide em client operations window

ULTRAVNC VIEWER PARA UBUNTU

Приобрести Подробнее 600,00. Приобрести Подробнее 815,00. Brasmatic 063 30-43-575 тестера косметики, пробники 304-35-75 Товаров в Добро пожаловать в сумму: 00,00 грн. Приобрести Подробнее 125,00. Приобрести Подробнее 815,00.

Optional Defines the AAA server-group with a group name. This command puts the switch in a server group subconfiguration mode. Each server in the group must be previously defined in Step 2. To secure the switch for HTTP access by using AAA methods, you must configure the switch with the ip http authentication aaa global configuration command. Enters line configuration mode, and configures the lines to which you want to apply the authentication list.

Applies the authentication list to a line or set of lines. The exec keyword might return user profile information such as autocommand information. Some configuration settings need to be configured on the RADIUS server that include the IP address of the switch and the key string to be shared by both the server and the switch. Always configure the key as the last item in the radius-server host command.

Leading spaces are ignored, but spaces within and at the end of the key are used. If you use spaces in your key, do not enclose the key in quotation marks unless the quotation marks are part of the key. To configure the switch to recognize more than one host entry associated with a single IP address, enter this command as many times as necessary, making sure that each UDP port number is different. The switch software searches for hosts in the order in which you specify them.

This command puts the switch in a server group configuration mode. Before you can use this authentication method, you must define an enable password by using the enable password global configuration command. Before you can use this authentication method, you must define a line password.

Use the password password line configuration command. You must enter username information in the database. Use the username name password global configuration command. You must enter username information in the database by using the username password global configuration command.

The default is 3; the range 1 to The default is 5 seconds; the range is 1 to Specifies the number of minutes a RADIUS server, which is not responding to authentication requests, to be skipped, thus avoiding the wait for the request to timeout before trying the next configured server. The default is 0; the range is 1 to minutes. If you enter this command without keywords, both accounting and authentication vendor-specific attributes are used.

Optional Saves your entries in the configuration file. Configures the switch as an authentication, authorization, and accounting AAA server to facilitate interaction with an external policy server. Enters dynamic authorization local server configuration mode and specifies a RADIUS client from which a device will accept CoA and disconnect requests. The client must match all the configured attributes for authorization.

Optional Configures the switch to ignore the session-key. Optional Configures the switch to ignore the server-key. Optional Configures the switch to ignore a CoA request to temporarily disable the port hosting a session. The purpose of temporarily disabling the port is to trigger a DHCP renegotiation from the host when a VLAN change occurs and there is no supplicant on the endpoint to detect the change.

Optional Configures the switch to ignore a nonstandard command requesting that the port hosting a session be administratively shut down. Shutting down the port results in termination of the session. Sets the login authentication to use the local username database. The default keyword applies the local user database authentication to all ports.

Configures user AAA authorization for all network-related service requests. Enters the local database, and establishes a username-based authentication system. Download the cryptographic software image from Cisco. Required For more information, see the notes for this release.

Configure a hostname and IP domain name for the switch. Follow this procedure only if you are configuring the switch as an SSH server. Configure user authentication for local or remote access. We recommend that a minimum modulus size of bits.

When you generate RSA keys, you are prompted to enter a modulus length. A longer modulus length might be more secure, but it takes longer to generate and to use. By default, up to five simultaneous, encrypted SSH connections for multiple CLI-based sessions over the network are available session 0 to session 4. After the execution shell starts, the CLI-based session time-out value returns to the default of 10 minutes.

Repeat this step when configuring both parameters. Optional Configures the virtual terminal line settings. Shows the version and configuration information for your SSH server. Specifies the hostname of the switch required only if you have not previously configured a hostname. Specifies the IP domain name of the switch required only if you have not previously configured an IP domain name.

Optional Generates an RSA key pair. RSA key pairs are required before you can obtain a certificate for the switch. RSA key pairs are generated automatically. You can use this command to regenerate the keys, if needed. Specifies a local configuration name for the CA trustpoint and enter CA trustpoint configuration mode.

Specifies the URL to which the switch should send certificate requests. Configures the switch to request a certificate revocation list CRL to ensure that the certificate of the peer has not been revoked. Optional Specifies that the trustpoint should be used as the primary default trustpoint for CA requests.

Exits CA trustpoint configuration mode and returns to global configuration mode. Authenticates the CA by getting the public key of the CA. Uses the same name used in Step 5. Obtains the certificate from the specified CA trustpoint. This command requests a signed certificate for each RSA key pair. If you are using a certificate authority for certification, you should use the previous procedure to configure the CA trustpoint on the switch before enabling the HTTP server.

If you have not configured a CA trustpoint, a self-signed certificate is generated the first time that you enable the secure HTTP server. After you have configured the server, you can configure options path, access list to apply, maximum number of connections, or timeout policy that apply to both standard and secure HTTP servers. You should see one of these lines in the output:.

The default port number is Valid options are or any number in the range to If you do not have a reason to specify a particularly CipherSuite, you should allow the server and client to negotiate a CipherSuite that they both support. This is the default. The default is for the client to request a certificate from the server, but the server does not attempt to authenticate the client.

Specifies the CA trustpoint to use to get an X. Note Use of this command assumes you have already configured a CA trustpoint according to the previous procedure. The path specifies the location of the HTTP server files on the local system usually located in system flash memory.

The range is 1 to 16; the default value is 5. Optional Specifies how long a connection to the HTTP server can remain open under the defined circumstances:. Displays the status of the HTTP secure server to verify the configuration. A certificate authority is required for secure HTTP client certification. This procedure assumes that you have previously configured a CA trustpoint on the switch. Using this command assumes that you have already configured a CA trustpoint by using the previous procedure.

The command is optional if client authentication is not needed or if a primary trustpoint has been configured. If you do not have a reason to specify a particular CipherSuite, you should allow the server and client to negotiate a CipherSuite that they both support. Displays the debug information for CoA processing. Displays the debug information for the command handler. Displays the version and configuration information for the SSH server.

This example shows how to change the enable password to l1u2c3k4y5. The password is not encrypted and provides access to level 15 traditional privileged EXEC mode access :. This example shows how to set the Telnet password to let45me67in89 :. This example shows how to set the configure command to privilege level 14 and define SecretPswd14 as the password users must enter to use level 14 commands:.

This example shows how to configure one RADIUS server to be used for authentication and another to be used for accounting:. This example shows how to configure host1 as the RADIUS server and to use the default ports for both authentication and accounting:. The second host entry acts as a fail-over backup to the first entry.

This example shows how to provide a user logging in from a switch with immediate access to privileged EXEC commands:. This example shows how to specify a vendor-proprietary RADIUS host and to use a secret key of rad between the switch and the server:. If a self-signed certificate has been generated, this information is included in the output of the show running-config privileged EXEC command.

This is a partial sample output from that command displaying a self-signed certificate. You can remove this self-signed certificate by disabling the secure HTTP server and entering the no crypto pki trustpoint TP-self-signed global configuration command.

If you later reenable a secure HTTP server, a new self-signed certificate is generated. If you configure a port other than the default port, you must also specify the port number after the URL. For example:. The following sections provide references related to switch administration:.

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco. Skip to content Skip to search Skip to footer.

Book Contents Book Contents. Find Matches in This Book. Log in to Save Content. PDF - Complete Book 9. Updated: February 11, Chapter: Configuring Switch-Based Authentication. Configuring Switch-Based Authentication Finding Feature Information Your software release may not support all the features documented in this chapter. Prerequisites for Configuring Switch-Based Authentication If you configure an SDM template and then perform the show sdm prefer command, the template currently in use displays.

CoA can be used to identify a session and enforce a disconnect request. The update affects only the specified session. To use Secure Shell, you must install the cryptographic encrypted software image on your switch. Information About Configuring Switch-Based Authentication Prevention for Unauthorized Switch Access You can prevent unauthorized users from reconfiguring your switch and viewing configuration information.

To prevent unauthorized access into your switch, you should configure one or more of these security features: At a minimum, you should configure passwords and privileges at each switch port. These passwords are locally stored on the switch. When users attempt to access the switch through a port or line, they must enter the password specified for the port or line before they can access the switch.

For an additional layer of security, you can also configure username and password pairs, which are locally stored on the switch. If you want to use username and password pairs, but you want to store them centrally on a server instead of locally, you can store them in a database on a security server.

Multiple networking devices can then use the same database to obtain user authentication and, if necessary, authorization information. You can also enable the login enhancements feature, which logs both failed and unsuccessful login attempts. Login enhancements can also be configured to block future login attempts after a set number of unsuccessful attempts are made.

Password Protection A simple way of providing terminal access control in your network is to use passwords and assign privilege levels. Enable secret password and privilege level No password is defined. Line password No password is defined. Enable Secret Passwords with Encryption To provide an additional layer of security, particularly for passwords that cross the network or that are stored on a Trivial File Transfer Protocol TFTP server, you can use either the enable password or enable secret global configuration commands.

Password Recovery By default, any end user with physical access to the switch can recover from a lost password by interrupting the boot process while the switch is powering on and then by entering a new password. Telnet Password for a Terminal Line When you power-up your switch for the first time, an automatic setup program runs to assign IP information and to create a default configuration for continued use.

Username and Password Pairs You can configure username and password pairs, which are locally stored on the switch. Network managers can use the accounting facility to track user activity for a security audit or to provide information for user billing. Accounting records include user identities, start and stop times, executed commands such as PPP , number of packets, and number of bytes.

If the switch is configured to require authorization, authorization begins at this time. ERROR—An error occurred at some time during authentication with the daemon or in the network connection between the daemon and the switch. If an ERROR response is received, the switch typically tries to use an alternative method for authenticating the user. Turnkey network security environments in which applications support the RADIUS protocol, such as in an access environment that uses a smart card access control system.

Network in which the user must only access a single service. The RADIUS accounting functions allow data to be sent at the start and end of services, showing the amount of resources such as time, packets, bytes, and so forth used during the session.

An Internet service provider might use a freeware-based version of RADIUS access control and accounting software to meet special security and billing needs. Switch-to-switch or router-to-router situations. Networks using a variety of services. The switch supports these per-session CoA requests: Session reauthentication Session termination Session termination with port shutdown Session termination with port bounce Change-of-Authorization Requests Change of Authorization CoA requests, as described in RFC , are used in a push model to allow for session identification, host reauthentication, and session termination.

CoA Session Reauthentication The AAA server typically generates a session reauthentication request when a host with an unknown identity or posture joins the network and is associated with a restricted access authorization profile such as a guest VLAN. Radius Method List A method list defines the sequence and methods to be used to authenticate, to authorize, or to keep accounts on a user. Establishing a Session with a Router if the AAA Server is Unreachable The aaa accounting system guarantee-first command guarantees system accounting as the first record, which is the default condition.

Switch Access with Kerberos This section describes how to enable and configure the Kerberos security system, which authenticates requests for network resources by using a trusted third party. In this software release, Kerberos supports these network services: Telnet rlogin rsh Remote Shell Protocol Table lists the common Kerberos-related terms and definitions.

Table Kerberos Terms Term Definition Authentication A process by which a user or service identifies itself to another service. Authorization A means by which the switch identifies what privileges the user has in a network or on the switch and what actions the user can perform. Credential A general term that refers to authentication tickets, such as TGTs 2 and service credentials. Instance An authorization level label for Kerberos principals.

KDC 3 Key distribution center that consists of a Kerberos server and database program that is running on a network host. Kerberized A term that describes applications and services that have been modified to support the Kerberos credential infrastructure. Kerberos realm A domain consisting of users, hosts, and network services that are registered to a Kerberos server.

Kerberos server A daemon that is running on a network host. Principal Also known as a Kerberos identity, this is who you are or what a service is according to the Kerberos server. Service credential A credential for a network service. To authenticate to network services by using a switch as a Kerberos server, remote users must follow these steps: 1. Authenticating to a Boundary Switch 2. Authenticating to Network Services Authenticating to a Boundary Switch This section describes the first layer of security through which a remote user must pass.

This process then occurs: 1. If the decryption is successful, the user is authenticated to the switch. If the decryption is not successful, the user repeats Step 2 either by reentering the username and password noting if Caps Lock or Num Lock is on or off or by entering a different username and password. Authenticating to Network Services This section describes the third layer of security through which a remote user must pass.

Kerberos Configuration So that remote users can authenticate to network services, you must configure the hosts and the KDC in the Kerberos realm to communicate and mutually authenticate users and network services. When you add or create entries for the hosts and users, follow these guidelines: The Kerberos principal name must be in all lowercase characters. The Kerberos instance name must be in all lowercase characters. The Kerberos realm name must be in all uppercase characters. To set up a Kerberos-authenticated server-client system, follow these steps: Configure the KDC by using Kerberos commands.

Configure the switch to use the Kerberos protocol. Secure Shell To use this feature, you must install the cryptographic encrypted software image on your switch. The switch supports an SSHv1 client. SSH supports only the execution-shell application. The switch supports the Advanced Encryption Standard AES encryption algorithm with a bit key, bit key, or bit key. However, symmetric cipher AES to encrypt the keys is not supported.

If you get CLI error messages after entering the crypto key generate rsa global configuration command, an RSA key pair has not been generated. Reconfigure the hostname and domain, and then enter the crypto key generate rsa command. When generating the RSA key pair, the message No host name specified might appear. If it does, you must configure a hostname by using the hostname global configuration command.

When generating the RSA key pair, the message No domain specified might appear. If it does, you must configure an IP domain name by using the ip domain-name global configuration command. When configuring the local authentication and authorization authentication method, make sure that AAA is disabled on the console. SSL is enabled. No CA trustpoints are configured. No self-signed certificates are generated. Certificate Authority Trustpoints Certificate authorities CAs manage certificate requests and issue certificates to participating network devices.

If the switch is not configured with a hostname and a domain name, a temporary self-signed certificate is generated. If the switch reboots, any temporary self-signed certificate is lost, and a new temporary new self-signed certificate is assigned.

If the switch has been configured with a host and domain name, a persistent self-signed certificate is generated. This certificate remains active if you reboot the switch or if you disable the secure HTTP server so that it will be there the next time you reenable a secure HTTP connection. This list defines the CipherSuites supported by the switch and ranks them from fastest to slowest in terms of router processing load speed : 1.

Step 2 enable password password Defines a new password or changes an existing password for access to privileged EXEC mode. Press Crtl-v. Optional level —Specifies the range is from 0 to Level 1 is normal user EXEC mode privileges. The default level is 15 privileged EXEC mode privileges. Optional encryption-type —Only type 5, a Cisco proprietary encryption algorithm, is available. If you specify an encryption type, you must provide an encrypted password—an encrypted password that you copy from another switch configuration.

Step 3 service password-encryption Optional Encrypts the password when the password is defined or when the configuration is written. Step 2 no service password-recovery Disables password recovery. Step 4 show version Verifies the configuration by checking the last few lines of the command output.

Step 3 configure terminal Enters global configuration mode. Step 4 line vty 0 15 Configures the number of Telnet sessions lines , and enters line configuration mode. Step 5 password password Enters a Telnet password for the line or lines. Spaces and quotation marks are not allowed.

Optional level —Specifies the privilege level the user has after gaining access. The range is 0 to Level 15 gives privileged EXEC mode access. Level 1 gives user EXEC mode access. Enter 7 to specify that a hidden password will follow. The password must be from 1 to 25 characters, can contain embedded spaces, and must be the last option specified in the username command. To disable username authentication for a specific user, use the no username name global configuration command.

Step 3 line console 0 or line vty 0 15 Enters line configuration mode, and configure the console port line 0 or the VTY lines line 0 to Step 4 login local Enables local password checking at login time. Step 2 privilege mode level level command Sets the privilege level for a command. Step 3 enable password level level password Specifies the enable password for the privilege level.

Step 5 show privilege Verifies the password and accesses level configuration. Step 2 line vty line Selects the virtual terminal line on which to restrict access. Step 3 privilege level level Changes the default privilege level for the line.

Optional port integer —Specifies a server port number. The default is port The range is 1 to Optional timeout integer —Specifies a time in seconds the switch waits for a response from the daemon before it times out and declares an error. The default is 5 seconds. The range is 1 to seconds. Step 3 aaa new-model Enables AAA.

Step 7 show tacacs Verifies your entries. Command Purpose Step 1 configure terminal Enters global configuration mode. Step 2 aaa new-model Enables AAA. To create a default list that is used when a named list is not specified in the login authentication command, use the default keyword followed by the methods that are to be used in default situations.

The default method list is automatically applied to all ports. The additional methods of authentication are used only if the previous method returns an error, not if it fails. Select one of these methods: enable —Uses the enable password for authentication. Use the username password global configuration command. You must enter username information in the database by using the username name password global configuration command. Step 4 line [ console tty vty ] line-number [ ending-line-number ] Enters line configuration mode, and configures the lines to which you want to apply the authentication list.

If you specify default , use the default list created with the aaa authentication login command. Optional auth-port port-number —Specifies the UDP destination port for authentication requests. Optional acct-port port-number —Specifies the UDP destination port for accounting requests. This setting overrides the radius-server timeout global configuration command setting. If no timeout is set with the radius-server host command, the setting of the radius-server timeout command is used. Optional retransmit retries —Specifies the number of times a RADIUS request is resent to a server if that server is not responding or responding slowly.

If no retransmit value is set with the radius-server host command, the setting of the radius-server retransmit global configuration command is used. Step 4 aaa group server radius group-name Defines the AAA server group with a group name. Select one of these methods: — enable —Uses the enable password for authentication. Step 3 radius-server retransmit retries Specifies the number of times the switch sends each RADIUS request to the server before giving up.

Step 4 radius-server timeout seconds Specifies the number of seconds a switch waits for a reply to a RADIUS request before resending the request. Step 5 radius-server deadtime minutes Specifies the number of minutes a RADIUS server, which is not responding to authentication requests, to be skipped, thus avoiding the wait for the request to timeout before trying the next configured server.

Optional accounting —Limits the set of recognized vendor-specific attributes to only accounting attributes. Optional authentication —Limits the set of recognized vendor-specific attributes to only authentication attributes. Step 3 radius-server key string Specifies the shared secret text string used between the switch and the vendor-proprietary RADIUS server.

Step 5 show running-config Verifies your settings. Step 6 copy running-config startup-config Optional Saves your entries in the configuration file. Step 3 aaa server radius dynamic-author Configures the switch as an authentication, authorization, and accounting AAA server to facilitate interaction with an external policy server. Step 8 ignore session-key Optional Configures the switch to ignore the session-key. Step 9 ignore server-key Optional Configures the switch to ignore the server-key.

Step 10 authentication command bounce-port ignore Optional Configures the switch to ignore a CoA request to temporarily disable the port hosting a session. Step 11 authentication command disable-port ignore Optional Configures the switch to ignore a nonstandard command requesting that the port hosting a session be administratively shut down. Step 3 aaa authentication login default local Sets the login authentication to use the local username database. Step 5 aaa authorization network local Configures user AAA authorization for all network-related service requests.

Repeat this command for each user. Level 0 gives user EXEC mode access. Enter 7 to specify that a hidden password follows. Step 8 show running-config Verifies your entries. Step 9 copy running-config startup-config Optional Saves your entries in the configuration file. Step 2 Configure a hostname and IP domain name for the switch. Step 4 Configure user authentication for local or remote access. Step 2 hostname hostname Configures a hostname for your switch. Specifies the time-out value in seconds; the default is seconds.

The range is 0 to seconds. This parameter applies to the SSH negotiation phase. After the connection is established, the switch uses the default time-out values of the CLI-based sessions. Specifies the number of times that a client can reauthenticate to the server.

The default is 3; the range is 0 to 5. Enters line configuration mode to configure the virtual terminal line settings. Specifies that the switch prevent non-SSH Telnet connections. This limits the router to only SSH connections. Step 9 show ip ssh or show ssh Shows the version and configuration information for your SSH server.

Shows the status of the SSH server on the switch. Step 2 hostname hostname Specifies the hostname of the switch required only if you have not previously configured a hostname. Step 3 ip domain-name domain-name Specifies the IP domain name of the switch required only if you have not previously configured an IP domain name. Step 5 crypto ca trustpoint name Specifies a local configuration name for the CA trustpoint and enter CA trustpoint configuration mode. Step 6 enrollment url url Specifies the URL to which the switch should send certificate requests.

Step 8 crl query url Configures the switch to request a certificate revocation list CRL to ensure that the certificate of the peer has not been revoked. Step 9 primary Optional Specifies that the trustpoint should be used as the primary default trustpoint for CA requests.

Step 10 exit Exits CA trustpoint configuration mode and returns to global configuration mode. Step 12 crypto ca enroll name Obtains the certificate from the specified CA trustpoint. Step 14 show crypto ca trustpoints Verifies the configuration. Step 7 ip http secure-trustpoint name Specifies the CA trustpoint to use to get an X. Step 9 ip http access-class access-list-number Optional Specifies an access list to use to allow access to the HTTP server.

Step 10 ip http max-connections value Optional Sets the maximum number of concurrent connections that are allowed to the HTTP server. Step 11 ip http timeout-policy idle seconds life seconds requests value Optional Specifies how long a connection to the HTTP server can remain open under the defined circumstances: idle —Specifies the maximum time period when no data is received or response data cannot be sent.

Delete all characters from the cursor to the end of the command line. Press Ctrl-U or Ctrl-X. Delete all characters from the cursor to the beginning of the command line. Capitalize or lowercase words or capitalize a set of letters. Capitalize letters from the cursor to the end of the word. Designate a particular keystroke as an executable command, perhaps as a shortcut. Press Ctrl-V or Esc Q. Scroll down a line or screen on displays that are longer than the terminal screen can display.

Note The More prompt is used for any output that has more lines than can be displayed on the terminal screen, including show command output. You can use the Return and Space bar keystrokes whenever you see the More prompt. Redisplay the current command line if the switch suddenly sends a message to your screen. Press Ctrl-L or Ctrl-R. You can use a wraparound feature for commands that extend beyond a single line on the screen. When the cursor reaches the right margin, the command line shifts ten spaces to the left.

You cannot see the first ten characters of the line, but you can scroll back and check the syntax at the beginning of the command. The keystroke actions are optional. To scroll back to the beginning of the command entry, press Ctrl-B or the left arrow key repeatedly.

You can also press Ctrl-A to immediately move to the beginning of the line. In this example, the access-list global configuration command entry extends beyond one line. When the cursor first reaches the end of the line, the line is shifted ten spaces to the left and redisplayed. Each time the cursor reaches the end of the line, the line is again shifted ten spaces to the left.

After you complete the entry, press Ctrl-A to check the complete syntax before pressing the Return key to execute the command. The software assumes you have a terminal screen that is 80 columns wide. If you have a different width, use the terminal width privileged EXEC command to set the width of your terminal. Use line wrapping with the command history feature to recall and modify previous complex command entries.

You can search and filter the output for show and more commands. This is useful when you need to sort through large amounts of output or if you want to exclude output that you do not need to see. Using these commands is optional. To use this functionality, enter a show or more command followed by the pipe character , one of the keywords begin , include , or exclude , and an expression that you want to search for or filter out:. Expressions are case sensitive.

For example, if you enter exclude output , the lines that contain output are not displayed, but the lines that contain Output appear. This example shows how to include in the output display only lines where the expression protocol appears:. You can access the CLI through a console connection, through Telnet, or by using the browser.

Before you can access the CLI, you must connect a terminal or PC to the switch console port and power on the switch, as described in the getting started guide that shipped with your switch. If your switch is already configured, you can access the CLI through a local console connection or through a remote Telnet session, but your switch must first be configured for this type of access.

You can use one of these methods to establish a connection with the switch:. The switch supports up to 16 simultaneous Telnet sessions. Changes made by one Telnet user are reflected in all other Telnet sessions. The switch supports up to five simultaneous secure SSH sessions. After you connect through the console port, through a Telnet session or through an SSH session, the user EXEC prompt appears on the management station.

Skip to content Skip to search Skip to footer. Book Contents Book Contents. Find Matches in This Book. Log in to Save Content. PDF - Complete Book 9. Updated: February 11, Chapter: Using the Command-Line Interface. Use this mode to Change terminal settings. Perform basic tests. Display system information. Switch Enter disable to exit. Config-vlan While in global configuration mode, enter the vlan vlan-id command. Switch config-vlan To exit to global configuration mode, enter the exit command.

Interface configuration While in global configuration mode, enter the interface command with a specific interface. Switch config-if To exit to global configuration mode, enter exit. Line configuration While in global configuration mode, specify a line with the line vty or line console command.

Switch config-line To exit to global configuration mode, enter exit. Help System You can enter a question mark? Table Help Summary Command Purpose help Obtain a brief description of the help system in any command mode. For example: Switch di? List the associated keywords for a command. List the associated arguments for a keyword. For example: Switch config cdp holdtime? This example shows how to enter the show configuration privileged EXEC command in an abbreviated form: Switch show conf No and default Forms of Commands Almost every configuration command also has a no form.

Configuration Logging You can log and view changes to the switch configuration. You can customize this feature to suit your needs as described in these sections: Changing the Command History Buffer Size optional Recalling Commands optional Disabling the Command History Feature optional Changing the Command History Buffer Size By default, the switch records ten command lines in its history buffer.

Beginning in privileged EXEC mode, enter this command to change the number of command lines that the switch records during the current terminal session: Switch terminal history [ size number-of-lines ] The range is from 0 to Beginning in line configuration mode, enter this command to configure the number of command lines the switch records for all sessions on a particular line: Switch config-line history [ size number-of-lines ] The range is from 0 to Recalling Commands To recall commands from the history buffer, perform one of the actions listed in Table Disabling the Command History Feature The command history feature is automatically enabled.

Using Editing Features This section describes the editing features that can help you manipulate the command line. It contains these sections: Enabling and Disabling Editing Features optional Editing Commands Through Keystrokes optional Editing Command Lines That Wrap optional Enabling and Disabling Editing Features Although enhanced editing mode is automatically enabled, you can disable it, reenable it, or configure a specific line to have enhanced editing. To globally disable enhanced editing mode, enter this command in line configuration mode: Switch config-line no editing To reenable the enhanced editing mode for the current terminal session, enter this command in privileged EXEC mode: Switch terminal editing To reconfigure a specific line to have enhanced editing mode, enter this command in line configuration mode: Switch config-line editing Editing Commands Through Keystrokes Table shows the keystrokes that you need to edit command lines.

Table Editing Commands through Keystrokes Capability Keystroke 2 Purpose Move around the command line to make changes or corrections. Move the cursor back one character. Move the cursor forward one character. Press Ctrl-A. Press Ctrl-E. Move the cursor to the end of the command line. Press Esc B. Move the cursor back one word. Press Esc F. Move the cursor forward one word. Press Ctrl-T. Press Ctrl-Y. Recall the most recent entry in the buffer.

Press Esc Y. Recall the next buffer entry. Erase the character to the left of the cursor. Press Ctrl-D. Delete the character at the cursor. Press Ctrl-K. Press Ctrl-W. Delete the word to the left of the cursor. Press Esc D. Delete from the cursor to the end of the word. Press Esc C. Capitalize at the cursor. Press Esc L. Change the word at the cursor to lowercase. Press Esc U. Press the Return key. Scroll down one line. Press the Space bar. Scroll down one screen.

Redisplay the current command line. Editing Command Lines That Wrap You can use a wraparound feature for commands that extend beyond a single line on the screen. Switch config access-list permit tcp Searching and Filtering Output of show and more Commands You can search and filter the output for show and more commands. This example shows how to include in the output display only lines where the expression protocol appears: Switch show interfaces include protocol Vlan1 is up, line protocol is up Vlan10 is up, line protocol is down Accessing the CLI You can access the CLI through a console connection, through Telnet, or by using the browser.

Accessing the CLI through a Console Connection or through Telnet Before you can access the CLI, you must connect a terminal or PC to the switch console port and power on the switch, as described in the getting started guide that shipped with your switch. You can use one of these methods to establish a connection with the switch: C onnect the switch console port to a management station or dial-up modem.

For information about connecting to the console port, see the Hardware Installation Guide. The switch must have network connectivity with the Telnet or SSH client, and the switch must have an enable secret password configured. Was this Document Helpful? Yes No Feedback.

Cisco ie 2000 switch software configuration guide heidisql run multiple sql files

Cisco IE 2000 Industrial Ethernet Switch Unboxing cisco ie 2000 switch software configuration guide

Excited upc cisco mediabox software update share

Следующая статья mremoteng similar

Другие материалы по теме

  • Cisco asdm software update complete
  • Fortinet certification cost
  • Find vnc server port
  • 4 комментариев