Instruction Manual
Table Of Contents
- Preface
- Chapter 1. Using the CLI
- Chapter 2. ACL Commands
- Chapter 3. AAA Commands
- Chapter 4. Address Table Commands
- bridge address
- bridge multicast filtering
- bridge multicast address
- bridge multicast forbidden address
- bridge multicast unregistered
- bridge multicast forward-all
- bridge multicast forbidden forward-all
- bridge aging-time
- clear bridge
- port security
- port security mode
- port security max
- port security routed secure-address
- show bridge address-table
- show bridge address-table static
- show bridge address-table count
- show bridge multicast address-table
- show bridge multicast address-table static
- show bridge multicast filtering
- show bridge multicast unregistered
- show ports security
- show ports security addresses
- Chapter 5. Clock Commands
- clock set
- clock source
- clock timezone
- clock summer-time
- sntp authentication-key
- sntp authenticate
- sntp trusted-key
- sntp client poll timer
- sntp broadcast client enable
- sntp anycast client enable
- sntp client enable (Interface)
- sntp unicast client enable
- sntp unicast client poll
- sntp server
- show clock
- show sntp configuration
- show sntp status
- Chapter 6. Configuration and Image File Commands
- Chapter 7. DHCP Snooping Commands
- ip dhcp snooping
- ip dhcp snooping vlan
- ip dhcp snooping trust
- ip dhcp snooping information option allowed-untrusted
- ip dhcp snooping verify
- ip dhcp snooping database
- ip dhcp snooping database update-freq
- ip dhcp snooping binding
- clear ip dhcp snooping database
- show ip dhcp snooping
- show ip dhcp snooping binding
- Chapter 8. Ethernet Configuration Commands
- interface ethernet
- interface range ethernet
- shutdown
- description
- speed
- duplex
- negotiation
- flowcontrol
- mdix
- back-pressure
- system flowcontrol
- clear counters
- set interface active
- show interfaces advertise
- show interfaces configuration
- show interfaces status
- show interfaces description
- show interfaces counters
- port storm-control include-multicast (IC)
- port storm-control broadcast enable
- port storm-control broadcast rate
- show ports storm-control
- Chapter 9. GVRP Commands
- Chapter 10. IGMP Snooping Commands
- ip igmp snooping (Global)
- ip igmp snooping (Interface)
- ip igmp snooping mrouter learn-pim-dvmrp
- ip igmp snooping host-time-out
- ip igmp snooping querier enable
- ip igmp snooping querier address
- ip igmp snooping querier version
- ip igmp snooping mrouter-time-out
- ip igmp snooping leave-time-out
- show ip igmp snooping mrouter
- show ip igmp snooping interface
- show ip igmp snooping groups
- Chapter 11. IP Addressing Commands
- Chapter 12. IPv6 Addressing Commands
- Chapter 13. Line Commands
- Chapter 14. DHCP Option 82 Commands
- Chapter 15. IP DHCP Relay
- Chapter 16. LACP Commands
- Chapter 17. LLDP Commands
- lldp enable (global)
- lldp enable (interface)
- lldp timer
- lldp hold-multiplier
- lldp reinit-delay
- lldp tx-delay
- lldp optional-tlv
- lldp management-address
- lldp notifications
- lldp med enable
- lldp med network-policy (global)
- lldp med network-policy (interface)
- lldp med location
- clear lldp rx
- show lldp configuration
- show lldp med configuration
- show lldp local
- show lldp neighbors
- Chapter 18. Login Banner Commands
- Chapter 19. Management ACL Commands
- Chapter 20. PHY Diagnostics Commands
- Chapter 21. Port Channel Commands
- Chapter 22. Port Monitor Commands
- Chapter 23. Power over Ethernet Commands
- Chapter 24. QoS Commands
- Chapter 25. Radius Commands
- Chapter 26. RMON Commands
- Chapter 27. SNMP Commands
- snmp-server community
- snmp-server view
- snmp-server group
- snmp-server user
- snmp-server engineID local
- snmp-server enable traps
- snmp-server filter
- snmp-server host
- snmp-server v3-host
- snmp-server trap authentication
- snmp-server contact
- snmp-server location
- snmp-server set
- show snmp
- show snmp engineid
- show snmp views
- show snmp groups
- show snmp filters
- show snmp users
- Chapter 28. Spanning-Tree Commands
- spanning-tree
- spanning-tree mode
- spanning-tree forward-time
- spanning-tree hello-time
- spanning-tree max-age
- spanning-tree priority
- spanning-tree disable
- spanning-tree cost
- spanning-tree port-priority
- spanning-tree portfast
- spanning-tree link-type
- spanning-tree pathcost method
- spanning-tree bpdu
- spanning-tree guard root
- spanning-tree bpduguard
- clear spanning-tree detected-protocols
- spanning-tree mst priority
- spanning-tree mst max-hops
- spanning-tree mst port-priority
- spanning-tree mst cost
- spanning-tree mst configuration
- instance (mst)
- name (mst)
- revision (mst)
- show (mst)
- exit (mst)
- abort (mst)
- show spanning-tree
- Chapter 29. SSH Commands
- Chapter 30. Syslog Commands
- Chapter 31. TACACS+ Commands
- Chapter 32. Tunnel Commands
- Chapter 33. System Management Commands
- Chapter 34. User Interface Commands
- Chapter 35. VLAN Commands
- vlan database
- vlan
- interface vlan
- interface range vlan
- name
- switchport protected
- switchport mode
- switchport access vlan
- switchport trunk allowed vlan
- switchport trunk native vlan
- switchport general allowed vlan
- switchport general pvid
- switchport general ingress-filtering disable
- switchport general acceptable-frame-type tagged-only
- switchport general map macs-group vlan
- map mac macs-group
- show vlan macs-group
- switchport forbidden vlan
- ip internal-usage-vlan
- show vlan
- show vlan internal usage
- show interfaces switchport
- Chapter 36. Web Server Commands
- Chapter 37. 802.1x Commands
- aaa authentication dot1x
- dot1x system-auth-control
- dot1x port-control
- dot1x re-authentication
- dot1x timeout re-authperiod
- dot1x re-authenticate
- dot1x timeout quiet-period
- dot1x timeout tx-period
- dot1x max-req
- dot1x timeout supp-timeout
- dot1x timeout server-timeout
- show dot1x
- show dot1x users
- show dot1x statistics
- dot1x auth-not-req
- dot1x guest-vlan
- dot1x single-host-violation
- dot1x mac-authentication
- show dot1x advanced
- dot1x guest-vlan enable
- dot1x guest-vlan timeout
- dot1x radius-attributes vlan
- Index
ACL Commands
Page 28
Parameters
•
disable-port — The Ethernet interface is disabled if the condition is matched.
• source — Source IP address of the packet.
• source-wildcard — Wildcard bits to be applied to the source IP address. Use 1s in the bit position to be
ignored.
• destination — Packet’s destination IP address.
• destination-wildcard — Wildcard bits to be applied to the destination IP address. Use 1s in the bit position to
be ignored.
• protocol —The name or number of an IP protocol. Available protocol names: icmp, igmp, ip, tcp, egp, igp,
udp, hmp, rdp, idpr, idrp, rsvp, gre, esp, ah, eigrp, ospf, ipip, pim, l2tp, isis.: (Range: 0 - 255)
• dscp number — Specifies the DSCP value.
• ip-precedence number — Specifies the IP precedence value.
• icmp-type — Specifies an ICMP message type for filtering ICMP packets. Enter a number, or one of the
following values: echo-reply, destination-unreachable, source-quench, redirect, alternate-host-
address, echo-request, router-advertisement, router-solicitation, time-exceeded, parameter-problem,
timestamp, timestamp-reply, information-request, information-reply, address-mask-request, address-
mask-reply, traceroute, datagram-conversion-error, mobile-host-redirect, mobile-registration-request,
mobile-registration-reply, domain-name-request, domain-name-reply, skip, photuriss. (Range: 0 - 255)
• icmp-code — Specifies an ICMP message code for filtering ICMP packets. (Range: 0 - 255)
• igmp-type — GMP packets can be filtered by IGMP message type. Enter a number, or one of the following
values: host-query, host-report, dvmrp, pim, cisco-trace, host-report-v2, host-leave-v2, host-report-v3.
(Range: 0 - 255)
• destination-port — Specifies the UDP/TCP destination port. (Range: 1 - 65535)
• source-port — Specifies the UDP/TCP source port. (Range: 1 - 65535)
• flags list-of-flags — List of TCP flags that should occur. If a flag is intended to be set, it is prefixed by ‘+’.If a
flag should be unset it is prefixed by ‘-’. Available options are: +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack,
-psh, -rst, -syn and -fin. The flags are concatenated to a single string. For example: +fin-ack.
IP Protocol Abbreviated Name Protocol Number
Internet Control Message Protocol icmp 1
Internet Group Management Protocol igmp 2
Transmission Control Protocol tcp 6
Exterior Gateway Protocol egp 8
Interior Gateway Protocol igp 9
User Datagram Protocol udp 17
Host Monitoring Protocol hmp 20
Reliable Data Protocol rdp 27
Inter-Domain Policy Routing Protocol
idpr 35
Ipv6 protocol ipv6 41
Routing Header for IPv6 ipv6-route 43
Fragment Header for IPv6 ipv6-frag 44
Inter-Domain Routing Protocol
idrp 45
Reservation Protocol rsvp 46