(IILFLHQW 1HWZRUNV 5RXWHU )DPLO\ &RPPDQG /LQH ,QWHUIDFH *XLGH Part No.
Efficient Networks®
Software License and Limited Warranty Copyright 2002, Efficient Networks, Inc. All rights reserved. Printed in the U.S.A. Efficient Networks and SpeedStream are registered trademarks, and the Efficient Networks logo is a trademark of Efficient Networks, Inc. All other names may be trademarks, service marks or registered trademarks held by their respective companies. This document is for information purposes only, Efficient Networks is not responsible for errors or omissions herein.
Software License and Limited Warranty B. After receiving an RMA, the end user shall ship the product or defective component, including power supplies and cable, where applicable, freight or postage prepaid and insured, to EFFICIENT at 4849 Alpha Road, Dallas Texas 75244, U.S.A.
Efficient Networks® Router family Command Line Interface Guide Revision History Revision Effective Date Description Of Change - 001 12 Feb 2002 Initial Release. Information provided to support software kernel release 6.0.0.
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents Introduction 1-1 How This Manual is Organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 Command Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Accessing the Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2 Terminal Sessions . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents ps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-20 reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-21 save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents system addsyslogserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14 system addtelnetfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15 system addudprelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16 system authen . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents system name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-44 system onewandialup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45 system passwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-46 system riptimer. . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents eth ip directbcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-18 eth ip disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-18 eth ip enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents remote addiproute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9 remote addipxroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11 remote addipxsap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-12 remote addserver . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents remote setauthen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-41 remote setbod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-42 remote setbroptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-43 remote setbwthresh . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents WAN Interface Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1 ADSL Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 adsl ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2 adsl restart . . . . . . . . . . . . . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents idsl save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28 idsl set speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-28 idsl set switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-29 remote setdlci . . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents dhcp delrelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12 dhcp disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12 dhcp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13 dhcp list .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents l2tp set window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-16 remote setl2tpclient . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-17 remote setlns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents ike ipsec policies set translate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-21 ike ipsec proposals add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22 ike ipsec proposals delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-23 ike ipsec proposals list . . . . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents ipsec list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-48 ipsec set authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-50 ipsec set authkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1 user ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2 user add access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-3 user add class . . . . . .
Efficient Networks® Router family Command Line Interface Guide Table of Contents Contents snmp enablesnmpif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-7 snmp list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-7 snmp settrapenable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-8 snmp snmppasswd . . . . . . . . . . .
Table of Contents Efficient Networks® Router family Command Line Interface Guide Contents ssh set rekey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-8 ssh set status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-8 system sshport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 1: Introduction CHAPTER 1 CHAPTER 1 INTRODUCTION This manual contains information on the syntax and use of the Command Line Interface for the Efficient Networks family of business-class DSL routers. This manual is intended for small and home office users, remote office users, and other networking professionals who are installing and maintaining bridged and routed networks.
Chapter 1: Introduction Efficient Networks® Router family Command Line Interface Guide Command Conventions The Command Line Interface (CLI), unless noted otherwise, follows these conventions: • Command line length may be up to 120 characters long unless otherwise noted. Input characteristics are footnoted throughout the manual. • The Command Line Interface is not case-sensitive except for passwords and router names, and key strings. • All parameters are positional; i.e.
Efficient Networks® Router family Command Line Interface Guide Chapter 1: Introduction NOTE: The password will be displayed as ***** Step 6 A confirmation is returned; the command line interface is now available. Logged in successfully! Step 7 If the default login password (admin) was used a message will be displayed.
Chapter 1: Introduction Efficient Networks® Router family Command Line Interface Guide Terminal Session under Windows (HyperTerminal) To open the HyperTerminal emulator available under the Windows operating system: Step 1 Click Start on the Windows taskbar, then select: > Programs > Accessories > Communications > Hyperterminal > Hyper Terminal The HyperTerminal window will appear in the background and you will be prompted for configuration information.
Efficient Networks® Router family Command Line Interface Guide Step 4 Chapter 1: Introduction In the Com 1 (or 2) Properties page, enter the following port settings and select OK: Bits per second: 9600a Data bits: Parity: Stop bits: Flow control: 8 None 1 Hardware a To use a baud rate other than 9600, “Option 7: Set Console Baud Rate” on page 4-39 in the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 1: Introduction Terminal Session for Macintosh or UNIX To open a terminal window emulation in a Macintosh or UNIX environment, a VT100 terminal emulation program is required. Step 1 Start your VT100 terminal emulator.
Efficient Networks® Router family Command Line Interface Guide Chapter 1: Introduction Telnet Session for Remote Access From the local area network you can use TELNET to login in using the Ethernet IP address. (For more information, see Telnet Remote Access.) NOTE: Remote access to the router configuration can be disabled or restricted. For further information, see “Controlling Remote Management” on page 5-15. Step 1 Make sure that your PC and router addresses are in the same subnetwork.
Chapter 1: Introduction Efficient Networks® Router family Command Line Interface Guide Command Line via the Web Management Interface The Web Management interface provides a web gateway to the command line interface allowing command line syntax the be entered through a browser-based connection. For more information on connecting to the system via the Web Management Interface, refer to the User Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands CHAPTER 2 CHAPTER 2 STATUS COMMANDS The commands in this section are online action and status commands.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Table 2-1: Status Command Listing (Cont.) Command Page 2-2 Function erase Erases the entire router’s configuration or parts of it from FLASH memory. exit Has the same function as logout, but will disconnect the Telnet session. ifs Lists the communication interfaces installed in the router and the status of the interfaces. ipifs Lists the system IP interface(s).
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Table 2-1: Status Command Listing (Cont.) Command Function sntp server Displays or changes the SNTP server list. tcp stats Displays the TCP statistics and open connections. time Displays or changes the current time on the router’s clock. traceroute Traces the route taken by packets sent from the local router to the specified IP address or domain name.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands arp delete Deletes the IP address of the entry in the ARP table. For additional information, see ”ARP” on page 6-6. Mgmt Class Network (R/W) Input Format arp delete | all Parameters a IP address of IP entry to delete from ARP table. all Deletes all existing are table entries. a Dotted-decimal notation. Example arp delete 128.1.2.0 Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Parameters a IP address associated with a MAC address for a device on the local interface b MAC address on the local network. c For an Ethernet interface, this can be a 1 or 0. For a DSL interface, this is a VPN number. a Dotted-decimal notation. b HEX notation c Integer Example arp list Response -> arp list IP Addr 192.84.210.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands bi list Lists the contents of the bridge table. Each MAC address in the table is listed with its corresponding bridge port as learned by the bridge function. The line also shows the number of seconds elapsed since the last packet was received by the MAC address followed by flags. Possible flags include: P Permanent (This entry is not aged out of the table.) FLD Flood US This entry is for the target router.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands call Dials a remote router. This command can be used to test the ISDN link or L2TP secession and the configuration settings for the remote router. Mgmt Class Voice (R/W) Input Format call Parameters a a ASCII Name of the target router. string.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands date Displays or changes the current date on the router’s clock. To change the current time, use the time command. Automatic SNTP requests are generated if the system needs to get the time. You can specify an SNTP server using the command sntp server () and a UTC offset with the sntp offset command.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands erase Erases the entire router’s configuration or parts of it from FLASH memory. CAUTION: You will need to completely reconfigure any part of the configuration that you erase. NOTE: An erase command does not take effect until after a reboot without a save command.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide Response Command prompt. NOTE: There is a time lag between the response issued by the erase command and the time that the data is actually deleted from FLASH memory. To commit the changes to FLASH memory, issue a sync command after an erase command before powering off the router. exit Has the same function as logout, but will disconnect an active Telnet session.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Response A typical response is shown below. Interface ETHERNET/0 SHDSL/0 ATM-VOICE/1 BACKUP/0 CONSOLE/0 VOX-STRM/0 Speed 10.0mb 384kb 384kb 57kb 9600 b 0 b In % 0%/0% 50%/50% 45/45% 0%/0% 0/0% Out % 0%/0% 50%/50% 0%/0% 0%/0% 0%/0% Protocol (Ethernet) (ATM) (ATM) (AHDLC/PPP) (ATM) (CLEAR) State OPENED OFF OFF OPENED OFF OFF Connection to backup An example of additional interfaces that may be displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands iproutes Lists the current entries in the IP routing table. Mgmt Class Network (R) Input Format iproutes Parameters None Response -> iproutes IP route / Mask 0.0.0.0 192.84.210.0 192.84.210.12 192.168.254.0 192.168.254.1 192.168.254.2 224.0.0.9 255.255.255.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Response -> ipxroutes Network Gateway Interface Hops Ticks Flags 00001001 HQ [down] 1 4 STATIC FORWARD DOD 00000456 (DIRECT) ETHERNET/0 0 1 FORWARD ipxsaps Lists the current services in the IPX SAPs table.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide logout Logs user out (to login prompt) to reinstate administrative security. Mgmt Class All (R) Input Format logout Parameters None Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands mem Reports the amount of RAM memory installed in the router and its current allocation. Mgmt Class System (R), Debug (R) Input Format mem Parameters None Response -> mem Small buffers used.......18 (7% of 256 used) Large buffers used.......41 (16% of 256 used) Buffer descriptors used..59 (7% of 768 used) Number of waiters s/1....
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide mlp summary Lists the status of the protocols negotiated for an active remote connection.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands password Changes the current user password. Mgmt Class All (R/W) Input Format password Parameters a User’s current password. a User’s new password.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands ping Transmits an echo message, available within the TCP/IP protocol suite. The echo message is sent to a remote node and returned; the echo tests connectivity to the remote node. It is particularly useful for locating connection problems on a network. The remote node can be specified by IP address or by domain name.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Response The following are application examples of the ping command and their typical responses. Example The following command will ping the domain name www.yahoo.com. -> ping www.yahoo.com The command attempts a DNS (domain name server) lookup to find the address of the domain. If the DNS server address is not known, it returns the following message: ping: unknown host www.yahoo.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands ps Lists all of the tasks (processes) running in the system and the status of the tasks.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands reboot This command causes a reboot of the system. CAUTION: A reboot erases any configuration changes that have not been saved. If necessary, enter a save command before the reboot command. Certain configuration settings require a reboot before the setting becomes effective, including: • A change from IP routing to bridging or the reverse.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide Parameters NOTE: The word default cannot be abbreviated in the command. *** If no option is specified, the router is rebooted using the existing configuration file. factory This option deletes all files except AUTOEXEC.OLD if it exists. AUTOEXEC.OLD is renamed AUTOEXEC.BAT; it is re-executed by the reboot.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands sntp active Displays the active SNTP server, that is, the server that last responded to an SNTP request. Mgmt Class Admin (R/W) Input Format sntp active Parameters None Response -> sntp active Active SNTP server is 1 (192.6.38.127) sntp disable Disables SNTP requests.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands sntp enable Enables SNTP requests. Mgmt Class Admin (R/W) Input Format sntp enable Parameters None Response -> sntp enable Current offset from UTC is 0 minutes Use to set time zone sntp offset Specifies the SNTP offset from the Universal Time Coordinate (UTC). The offset is specified in minutes.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Response -> sntp offset Current offset from UTC is 0 minutes Use to set time zone usage: sntp offset (offset is negative for west, positive for east of Greenwich meridian) -> sntp offset -360 sntp prefserver Displays or changes the preferred SNTP server. (The preferred server is the server that should be attempted first when a request is made.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide When entered with a parameter: -> sntp prefserver 3 Preferred SNTP server is set to 3 (192.6.38.127) sntp request Requests the time from an SNTP server. (SNTP is the Simple Network Time Protocol defined by RFC 1769.) NOTE: A request is performed only if SNTP is enabled (see sntp enable).
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands sntp server Displays or changes the SNTP server list. • To see the current SNTP server list, specify sntp server with no parameter. • To specify the default server list, specify sntp server default. • To add a server to the list, specify sntp server with the server IP address and a new number for the entry.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide tcp stats Displays the TCP statistics and open connections. Mgmt Class Network (R) Input Format tcp stats Parameters None Response Typical response: -> tcp stats TCP Statistics: Active Opens.............. 0 Passive Opens............. 0 Failed Connect Attempts... 0 Connections Reset......... 0 Current Connections....... 0 Segments Received......... 0 Segments Sent............. 0 Segments Retransmitted....
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands time Displays or changes the current time on the router’s clock. To change the current date, use the command date. Automatic SNTP requests are generated if the system needs to get the time. You can specify an SNTP server using the command sntp server and a UTC offset with the command sntp offset.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands traceroute Traces the route taken by packets sent from the local router to the specified IP address or domain name. A packet is sent for each hop in the route. The output lists the IP addresses of the hops that returned packets. Unless the -n option is specified, traceroute also attempts to look up the name of each gateway in the route. If the DNS lookup is successful, the name is included in the output message.
Efficient Networks® Router family Command Line Interface Guide Chapter 2: Status Commands Example The following two commands trace the same route. The first specifies the domain name; the second specifies the IP address. -> traceroute www.yahoo.com -> traceroute 204.71.200.68 Both commands send up to thirty packets with a wait period of one second and a packet length of 56 bytes. The following is an example of the command output: 1: 172.17.20.122 l2tp-router.flowpoint.com 2: 172.17.20.1 checkpoint.
Chapter 2: Status Commands Efficient Networks® Router family Command Line Interface Guide vers Displays the software version level, source, software options, and amount of time elapsed since router has been running. All software options are listed. • If the option has no prefix, the option was enabled when the router was manufactured. • If the option has a + prefix, the option was enabled using a key. • If the option has a ~ prefix, the option is disabled in this router.
Efficient Networks® Router family Command Line Interface Guide Chapter 3: File System Commands CHAPTER 3 CHAPTER 3 FILE SYSTEM COMMANDS The file system commands allow you to perform maintenance and recovery on the device. These commands allow you to: • Format the file system • List the contents of the file system • Copy, rename, and delete files The router file system is DOS-compatible, and the file system commands are similar to the DOS commands of the same name.
Chapter 3: File System Commands Efficient Networks® Router family Command Line Interface Guide copy Copies a file from the source to the destination. This command allows you to update the device software level or to write configuration files to a TFTP server Issue a sync command after a copy command to commit the changes to FLASH memory. CAUTION: No warning message is issued if copying over an existing file.
Efficient Networks® Router family Command Line Interface Guide Chapter 3: File System Commands Response Refer to examples for typical responses. delete Deletes the specified file from the flash filesystem. Mgmt Class Admin (R/W), System (R/W) Input Format delete Parameters a a ASCII Name of the file to be deleted. string Response A typical response is shown below. -> delete kernel.f2k kernel.
Chapter 3: File System Commands Efficient Networks® Router family Command Line Interface Guide dir Displays the directory of the file system. The size of each file is listed in bytes. Mgmt Class Admin (R/W), System (R/W) Input Format dir Parameters None Response A typical response is shown below.
Efficient Networks® Router family Command Line Interface Guide Chapter 3: File System Commands execute This command loads batch files of configuration commands into the router. This allows for customization and simpler installation of the device. A script file can contain commands, comments (lines introduced by the # or ; characters), and blank lines. There are two kinds of script files: • A one-time script that is executed on startup (only once).
Chapter 3: File System Commands Efficient Networks® Router family Command Line Interface Guide format disk Erases and reformats the device file system. This command should only be used when the file system is unusable. If the device does not execute the POST test and software boot successfully, and the result of the dir command indicates the file system is corrupted, you may wish to reformat the disk, reboot the device, and recopy the system software.
Efficient Networks® Router family Command Line Interface Guide Chapter 3: File System Commands msfs Checks the structure of the file system. This command performs a function similar to the DOS chkdsk command. The router analyzes the File Allocation Table (FAT) and produces a file system status report. CAUTION: When you specify , make sure that no other operation is being performed on the configuration files at the same time by another user.
Chapter 3: File System Commands Efficient Networks® Router family Command Line Interface Guide rename Renames a file in the file system. Mgmt Class All (R/W) Input Format rename Parameters a a ASCII a Existing name of the file. New name of the file. string Response The following is an example rename command. -> rename ether.dat oldeth.dat ‘ether.dat’ renamed to ‘oldeth.dat’ sync Commits the changes made to the file system to FLASH memory.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands CHAPTER 4 CHAPTER 4 SYSTEM COMMANDS All commands in this section begin with the word system.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Table 4-1: System Command Listing (Cont.) Command Function system addhttpfilter Enables blocking all devices except those within the defined IP address range from using the HTTP protocol system addiproutingtable Defines a new virtual routing table. system addserver Configures a local IP address as the selected server on the LAN (FTP, SMTP, etc.) for the global configuration.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Table 4-1: System Command Listing (Cont.) Command Function system backup successrate Changes the minimum success rate required for a group of pinged addresses. system blocknetbiosdefault Sets the default value used when a remote router entry is defined. system community Enables changing the SNMP community name from its default value. system default modem Lists the default modem settings.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Table 4-1: System Command Listing (Cont.) Command Function system name Sets or changes the name of the local router being configured. system onewandialup Can force the router to have no more than one remote connection active at a time. system passwd Sets the system authentication password for the target router that is used when the router connects to other routers or is challenged by them.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system ? Lists the supported keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class All (R) Input Format system ? Parameters None Response A listing of all the supported system commands and keywords with a brief description of their function. system addbootpserver Adds an address to the BootP server list. (The BootP server list is also the DHCP relay list.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Parameters a a Dotted-decimal IP address of the server. notation Response The following is an example of adding a server address then querying a response. -> system addbootpserver 128.1.210.64 -> system addbootpserver BOOTP/DHCP Server address: 128.1.210.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addhostmapping Remaps a range of local-LAN IP addresses to a range of public IP addresses on a system-wide basis. These local addresses are mapped one-to-one to the public addresses. NOTE: The range of public IP addresses is defined by only. The rest of the range is computed automatically (from to + number of addresses remapped - 1) inclusive.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addhttpfilter Enables blocking all devices except those within the defined IP address range from using the HTTP protocol (for example, to browse the Web). This command can block devices on the WAN from accessing the Web browser. This validation feature is off by default. NOTE: This command does not require a reboot and is effective immediately.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addiproutingtable Defines a new virtual routing table. Once defined, you can add routes to the table using the commands eth ip bindroute and remote bindipvirtualroute. The command specifies the name of the new routing table and the range of IP addresses that reference the table for their routing. When the router receives a packet, the source address of the packet determines which routing table is used.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Response Example The following command defines a virtual routing table named ROSA (if it does not already exist) and assigns it the IP address range 192.168.1.5 through 192.168.1.12. -> system addiproutingtable 192.168.1.5 192.168.1.12 ROSA After routing table ROSA has been defined, the following line appears in the output for the command system list: 192.168.1.5 through 192.168.1.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters One of the following command actions: a Selects the host with this IP address as server. discard Discards the incoming server request. me Sends the incoming server requests to the local router, regardless of the IP address. Protocol used by the selected server. b Numerical protocol ID. tcp TCP only. udp UDP only. all All protocols.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addsnmpfilter Validates SNMP clients by defining a range of IP addresses that are allowed to access the router via SNMP. This validation feature is off by default. This command is functionally equivalent to the snmp addsnmpfilter command. NOTE: This command does not require a reboot and is effective immediately. NOTE: To list the range of allowed clients, use the system list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addsyslogfilter Limits the Syslog server addresses that may be returned by DHCP. By default, this validation feature is off. The Syslog filter can comprise one or more ranges of IP addresses that DHCP may return for Syslog servers. To delete addresses from the Syslog filter, use the system delsyslogfilter command. This command does not affect the Syslog server addresses that you specify explicitly.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addsyslogserver Adds an address to the list of Syslog servers. The router sends system event messages to all Syslog servers in the list, unless the Syslog port has been disabled. For more information about the router as a Syslog client, refer to ”Syslog Client” on page 7-1 of the Technical Reference Guide. To see the server addresses, use the system list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addtelnetfilter Validates Telnet clients by defining a range of IP addresses that are allowed to access the router via Telnet. The mode is off by default. For more information, refer to ”Controlling Remote Management” on page 5-15 of the Technical Reference Guide. NOTE: This command does not require a reboot and is effective immediately.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system addudprelay Create a UDP port range for packet forwarding. You can specify a port range from 0 to 65535; however, 137 to 139 are reserved for NetBIOS ports. NOTE: Overlap of UDP ports is not allowed. Mgmt Class Network (R/W) Input Format system addudprelay |all [] Parameters a IP address of the server to which the UDP packet will be forwarded.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system authen Forces the target router authentication protocol that is used for security negotiation with the remote routers when the local side authentication is set. You should not need to issue this command as the best security possible is provided with the none default. To read about PAP/CHAP, see ”PAP/CHAP Security Authentication” on page 5-20 of the Technical Reference Guide.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide system backup add Adds an IP address to the list of addresses to be pinged for the Dial Backup option. The command can specify an explicit address, or it can request that the router determine the gateway or DNS address and add that address to the list. For additional information, see ”Dial Backup” on page 6-7 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system backup delete Deletes an IP address from the list of addresses to be pinged for the Dial Backup option. The command can: • Specify an explicit address to be deleted. • Request that the router delete the gateway or DNS address from the list. • Delete all addresses in a group. • Clear all addresses from the list. To see the addresses in the current list, use the system list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands The following command clears all addresses from the list. -> system backup delete all all Response Command prompt. system backup disable Disables the Dial Backup option in the router. NOTE: Because Dial Backup uses the console port, you cannot access the command line via the console port while Dial Backup is enabled. You must use the Web GUI interface or a Telnet session to disable Dial Backup.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system backup enable Turns on the enable switch for the Dial Backup option in the router. To see the current setting of the Dial Backup switch, use the system list command. To disable Dial Backup, use the system backup disable command. For more information, see ”Dial Backup” on page 6-7 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system backup pinginterval Changes the ping interval for a group, that is, the number of seconds between pings during a test of the addresses in the group. To see the current ping intervals, use the system list command. For more information about the ping interval and Dial Backup, see ”Ping Interval, Number of Samples, and Success Rate” on page 6-13 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system backup pingsamples Changes the number of ping samples for a group, that is, the number of pings performed for each address in the group. To see the current ping sample values, use the system list command. For more information about ping samples and Dial Backup, see ”Addresses to Ping” on page 612 of the Technical Reference Guide.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide system backup retry Changes the Dial Backup retry period. The retry period determines how often the router attempts to restore the DSL link. For more information about the Dial Backup retry period, see ”Setting DSL Link Conditions” on page 6-11 of the Technical Reference Guide. The default retry period is thirty minutes. The minimum retry period is two minutes.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system backup stability Changes the Dial Backup stability period. The stability period guards against frequent switching back and forth between the DSL link and the backup port. For more information about the Dial Backup stability period, see ”Stability Period” on page 6-11 of the Technical Reference Guide. To see the current stability value, use the system list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands To see the current success rate values, use the system list command. For more information about success rates and Dial Backup, see ”Ping Interval, Number of Samples, and Success Rate” on page 6-13 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Input Format system blocknetbiosdefault yes | no Parameters yes Sets the default to block all NetBIOS and NetBUI requests. no Sets the default to not block all NetBIOS and NetBUI requests. Examples The following command will block all NetBIOS and Net BUI requests -> system blocknetbiosdefault yes Response Command prompt.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Response The following response is given when the system community is changed to ’fred’: -> system community fred The community name fred will take effect at the next reboot system default modem Lists the default modem settings. The modem settings are for the backup V.90 modem connected to the console port. To change the modem settings, use the command system modem.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters a IP address of the server to be deleted from the BootP server list. all Removes all addresses from the BootP server list. a Dotted-decimal notation Examples The following command will remove only the address 128.1.210.64 from the bootP server list. -> system delbootpserver 128.1.210.64 The following command will remove all addresses from the bootP server list.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system delhttpfilter Deletes an http address filter created by the system addhttpfilter command. To see the address range of the filter, use the system list command. Mgmt Class Security (R/W) Input Format system delhttpfilter [] | lan Parameters a a First IP address of the range. Last IP address of the range.b Local Ethernet LAN.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters Deletes the virtual routing table. Both the table definition and all routes in the table are deleted. all a a c First IP address of the range. Last IP address of the range.b Name of the virtual routing table in which the addresses are assigned. a Dotted-decimal notation be omitted if the range contains only one IP address.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters One of the following command actions: a Selects the host with this IP address as server. discard Discards the incoming server request. me Sends the incoming server requests to the local router, regardless of the IP address. Protocol used by the selected server. b Numerical protocol ID. tcp TCP only. udp UDP only. all All protocols.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system delsnmpfilter Deletes the client range previously defined by the command system addsnmpfilter. This command is functionally equivalent to the snmp delsnmpfilter command. NOTE: This command does not require a reboot and is effective immediately. NOTE: To list the range of allowed clients, use the command system list.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system delsyslogfilter Deletes the Syslog address filter. To see the address range of the filter, use the command system list. To define a new Syslog address filter, use the command system system addsyslogfilter. NOTE: This command does not require a reboot and is effective immediately.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters a a Dotted-decimal IP address to be deleted from the Syslog server address list. notation Response Command prompt. system deltelnetfilter Deletes the client range previously defined by the command system system addtelnetfilter. NOTE: This command does not require a reboot and is effective immediately. NOTE: To list the range of allowed clients, use the command system list.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system deludprelay Deletes the port range that was previously enabled by the command system addudprelay. Mgmt Class Network (R/W) Input Format system deludprelay |all [] Parameters a IP address of the server. b Deletes all existing UDP ports. all First port in the UDP port range to be deleted.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Response The following is a typical response. -> system history Begin System History. POST summary: successful Initializing the system RAM ..... done Hardware "IDSL" successfully initialized -- ID: 3000 Today is Tuesday May 15, 2001; the time is 10:40:30 My MAC address is: 00:20:6F:0B:67:A1 Reason for this reset: power up Trying to boot from flash memory loading .................................................done.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system httpport This command manages HTTP port access. It can: • Disable HTTP for this router (sets the HTTP port to 0). • Request the default HTTP port (80). This re-enables HTTP after it is disabled. • Redefine the HTTP port. NOTE: This command requires a save and reboot to take effect. To see the current setting, use the command system list.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system list Lists the system settings for the target router. Mgmt Class Network (R) Input Format system list Parameters None Response The following is an example of a typical response. -> system list GENERAL INFORMATION FOR file systems...done. System started on.............. 9/8/2000 at 13:29 Authentication override........ none file systems...done. WAN to WAN Forwarding.......... no file systems...done.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide system log Allows logging of the device’s activity in a Telnet session. Mgmt Class Admin (R/W) Input Format system log start | stop | status Parameters start Initiates monitoring activity. stop Discontinues monitoring activity. status Displays all users (yourself included) currently using this feature. Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system modem Changes the selected modem setting. The modem settings are for the backup asynchronous modem connected to the console port. For more information on the Dial Backup option, ”Dial Backup” on page 6-7 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system moveiproutingtable Moves a range of IP addresses to another virtual routing table. The command first looks at the address ranges defined for other virtual routing tables, searching for the addresses to be moved. If it finds addresses to be moved, it deletes them from the address ranges for the other virtual routing tables.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system msg Sets or changes the message saved in the local router you are configuring. Mgmt Class System (R/W) Input Format system msg Parameters *** Entering the command with no parameter will display the current message or use the command system list. a,b New message. a ASCII string of 255 characters. Space characters are not allowed; use underscore characters instead.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system name Sets or changes the name of the local router being configured. A name must be assigned to the local router. This name is sent to a remote router during PAP/CHAP Security Authentication. Mgmt Class Security (R/W) Input Format system name Parameters *** Entering the command with no parameter will display the current router name. a,b New name of the target router.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system onewandialup This command can force the router to have no more than one remote connection active at a time. (Multiple links to the same remote are allowed.) To see the current setting, use the command system list and check the One WAN Dial Up line. This command is useful when security concerns dictate that the router have only one connection active at a time.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide system passwd Sets the system authentication password for the target router that is used when the router connects to other routers or is challenged by them. This password is a default password used for all remote sites unless a unique password is explicitly defined for connecting to a remote router with the remote setourpasswd command.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Response Command prompt. system securemode list Displays the current secure mode configuration values and the number of concurrent Telnet and SSH sessions allowed. Mgmt Class Security (R) Input Format system securemode list Parameters None Response A typical response is shown below. Secure Mode is currently "ENABLED". WAN interface is currently "UN-TRUSTED". LAN interface is currently "TRUSTED".
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Parameters enable Enables secure mode. disable Disables secure mode. Response Typical response indicating the curent mode is displayed. System Secure Mode set to "ENABLED". system securemode set cli Sets the number of concurrent telnet and SSH sessions allowed by the system. NOTE: The number of sessions allowed is a system setting and independent of the secure mode state (enabled or disabled).
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system securemode set lan Allows discrete control of the secure mode function on the LAN interface. When secure mode is enabled, the LAN interface can be set to trusted and unsecured sessions will still be allowed; untrusted will require a secure connection. NOTE: Changes to this setting are persistent, but not effective unless the secure mode is enabled.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Input Format system securemode set wan Parameters trusted Allows unsecure sessions from the WAN when secure mode is enabled. untrusteda Only secure connections from the WAN are allowed when secure mode is enabled. a Default value Response Typical response: System WAN designation set to "UN-TRUSTED".
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system selnat addpolicy Configures selective NAT policies. Selective NAT translation is performed based on destination address defined in the policy. For more information, refer to ”Selective NAT” on page 4-30 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system selnat delpolicy Deletes an existing selective NAT policy. To view the existing policies, use the system selnat list command. Mgmt Class Network (R/W) Input Format system selnat delpolicy Parameters a Number of the policy to be deleted. a Integer Response Command prompt. system selnat list Lists the current selective NAT policies.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system snmpport This command manages SNMP port access. It can: • Disable SNMP for this router (sets the HTTP port to 0). • Request the default SNMP port (161). This re-enables SNMP after it is disabled. • Redefine the SNMP port. NOTE: This command is functionally equivalent to the snmp snmpport command. NOTE: This command requires a save and reboot to take effect.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Parameters default Restores the port value to the default value 161 and re-enables the port. disable Disables the existing SNMP port. a Defines a new SNMP port number. Use this option to restrict remote access. a Integer Examples This command sets the SNMP port to the default value (161) -> system snmpport default This command disables the existing SNMP port.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system sshport Specifies the port that the SSH server listens on. Mgmt Class Security (R/W) Input Format system sshport Parameters default Restores the SSH port value to the default value 22 and reenables the port. disable Disables the existing SSH port. a a Integer, Defines a new SNMP port number. Use this option to restrict remote access.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Mgmt Class Debug (R/W) Input Format system supporttrace Parameters None Response The following is a typical response: -> system supporttrace === HISTORY === End System History. === VERSION === Efficient 7851 SDSL [CM/FR] (120-7851-034) Router Efficient-5000 BOOT/POST V7.0.101 (19-Apr-01 16:57) Software version v5.X.Y(irislin).
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Total in use: 105080, total free: 968952 (6488 + 962464) === PROCESSES === TID: NAME FL P BOTTOM CURRENT SIZE 1:IDLE 02 7 2f6974 2f7880 4080 04 3 30ec84 30f368 2032 3:MSFS_SYNC 03 6 2f8a04 2f9100 2032 4:SYSTEM LOGGER 03 5 2fc874 2fcf70 2032 5:LL_PPP 03 5 2fb844 2fc738 4080 6:NL_IP 03 5 2fddf4 2fe4f0 2032 7:TL_IP_UDP 03 3 2fe674 2fed78 2032 8:TL_IP_TCP 03 3 2feed4 2ff5d8 2032 9:TELNETD 03 5
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands 2BC5A0B4 DHV ... 960 bytes .. ok. DSP DAT ... 28 bytes .. ok. USER BAT ... 462 bytes .. ok. 41DB833E DHV ... 960 bytes .. ok. EF2E6B8F GAN ... 192 bytes .. ok. 35B2A0B5 GAN ... 192 bytes .. ok. 35B2A0B5 DHV ... 960 bytes .. ok. EF2E6B8F DHV ... 960 bytes .. ok. 2D4E5524 GAN ... 192 bytes .. ok. 2D4E5524 DHV ... 960 bytes .. ok. FILTER DAT ... KERNEL F2K ... 684629 bytes .. ok. 1284 bytes ..
Efficient Networks® Router family Command Line Interface Guide Reset: ATZ Escape: +++ Init: ATS0=0Q0V1&C1&D0X4S12=20 Chapter 4: System Commands Off-Hook: ATH1 Dial: ATDT Answer: ATA Hangup: ATH0 === ETHERNET === GLOBAL BRIDGING/ROUTING SETTINGS: Bridging enabled..................... no Exchange spanning tree with dest... yes Bridge only PPPoE with dest........ no IP Routing enabled................... yes Multicast forwarding enabled....... no Firewall filter enabled ...........
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Subnet 192.168.254.0, enabled When DHCP servers are active . stop Mask ......................... 255.255.255.0 first ip address ............. 192.168.254.2 last ip address .............. 192.168.254.20 lease ........................ default bootp ........................ not allowed bootp server ................. none bootp file ................... n/a Client IP State Host Name Expires 192.168.254.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Receive IP default route by RIP.... no Keep this IP destination private..... yes Total IP remote routes............... 1 0.0.0.0/0.0.0.0/1 IPX network number................... 00000000 Use IPX RIP/SAP (negotiate with PPP): yes Total IPX remote routes.............. 0 Total IPX SAPs....................... 0 Bridging enabled..................... no Exchange spanning tree with dest... yes Bridge only PPPoE with dest....
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands 192.168.254.254/ffffffff --> 0.0.0.0 ETHERNET/0 0 ME 224.0.0.9 /ffffffff --> 0.0.0.0 [none] 0 ME 224.0.0.18 /ffffffff --> 0.0.0.0 [none] 0 ME 255.255.255.255/ffffffff --> 0.0.0.0 [none] 0 NW PRM === IP IFS === FR-VC/2 172.17.32.132 (FFFFFF00) dest 0.0.0.0 sub 172.17.32.0 net 172.17.0.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Global Filter) configuredForCMPPlay remote ipfilter insert 2 transmit accept -c 0 -p 51 -sa 172.17.32.132 (IKE Global Filter) configuredForCMPPlay # End rules for transmit list # Begin rules for output list remote ipfilter flush output configuredForCMPPlay remote ipfilter insert 0 output accept -c 0 -p udp -sa 172.17.32.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide End IPFilters for (ETHERNET/0) === IPSEC === There are no security associations. === IKE === There are no IKE peers. There are no IKE proposals. There are no IKE IPSec Proposals. There are no IKE IPSec Policies.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands system syslogport This command manages Syslog port access. It can: • Disable syslog port for this router (sets the syslog port to 0). • Request the default syslog port (514). Re-enables Syslog after it is disabled. • Redefine the syslog port. NOTE: This command requires a save and reboot to take effect. To see the current setting, use the command system list.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide Parameters default Restores the port value to the default value 514 and re-enables the port. disable Disables the existing Syslog port. a Defines a new Syslog port number. Use this option to restrict remote access. a Integer Examples This command sets the Syslog port to the default value (514). -> system syslogport default This command disables the existing Syslog port.
Efficient Networks® Router family Command Line Interface Guide Chapter 4: System Commands Parameters default Restores the port value to the default value 23 and re-enables the port. disabled Disables the existing Telnet port. a a Defines a new Telnet port number. Use this option to restrict remote access. Integer Examples This command sets the Telnet port to the default value (23). -> system telnetport default This command disables the existing telnet port.
Chapter 4: System Commands Efficient Networks® Router family Command Line Interface Guide system wan2wanforwarding Allows management of WAN-to-WAN forwarding of data from one WAN link to another. For example, an employee uses the router at home to access both a company network and the Internet at the same time. To prevent the passing of company information to the Internet, WAN-to-WAN forwarding should be disabled. To see the current setting for WAN to WAN forwarding, use the command system list.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands CHAPTER 5 CHAPTER 5 ETHERNET INTERFACE COMMANDS The commands in this section begin with the word eth. The commands configure the Ethernet interfaces in your router.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Table 5-1: Ethernet Interface Command Listing (Cont.) Command Page 5-2 Function eth ip addroute Adds a route to the default routing table for the Ethernet interface. eth ip addserver This Network Address Translation (NAT) command adds a server’s IP address (on the LAN) associated with this interface for a particular protocol.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Table 5-1: Ethernet Interface Command Listing (Cont.) Command Function eth ipx addr Sets the IPX network number for the Ethernet LAN connection. eth ipx disable Disables IPX routing across the Ethernet LAN. eth ipx enable Enables IPX routing across the Ethernet LAN. eth ipx frame Sets the frame encapsulation method.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ? Lists the supported keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class All (R) Input Format eth ? Parameters None Response A listing of all the supported Ethernet commands and keywords with a brief description of their function.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth add Adds a logical interface onto an Ethernet port so that the router can provide service to multiple IP subnets. The eth add command defines the port number and logical interface number. Next, use the eth ip addr command to define the IP subnet that uses the logical interface. For more information, see “IP Subnets” on page 6-1 of the Technical Reference Guide.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth delete Deletes a logical interface from an Ethernet port. For more information, see “IP Subnets” on page 6-1 of the Technical Reference Guide. When a logical interface is deleted, all information defined for that interface, such as routes and filters, is deleted automatically.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip addhostmapping Remaps a range of local LAN IP addresses to a range of public IP addresses on a per-interface basis. These local addresses are mapped one-to-one to the public addresses. For more information, see “Host Remapping” on page 4-23 of the Technical Reference Guide. NOTE: The range of public IP addresses is defined by only.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip addr Defines the IP address and subnet mask for an Ethernet port or logical interface. Mgmt Class Network (R/W) Input Format eth ip addr [] Parameters a Ethernet LAN IP address. a IP network mask. b,c Ethernet interface. a Dotted-decimal notation parameter may be omitted if the router has only one Ethernet interface.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip addroute Adds a route to the default routing table for the Ethernet interface. This command is needed only if the system does not support RIP (see “RIP Controls” on page 6-4 of the Technical Reference Guide and the eth ip options command). NOTE: This command requires a save and reboot before it takes effect.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip addserver This Network Address Translation (NAT) command adds a server’s IP address (on the LAN) associated with this interface for a particular protocol. For more information, see “Network Address Translation (NAT)” on page 4-17 of the Technical Reference Guide. To delete a server designation, use the command eth ip delserver.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Parameters Cont. smtp Simple Mail Transfer Protocol (SMTP) port. snmp Simple Network Management Protocol (SNMP) port. t120 T.120 port. telnet Telnet port. tftp Trivial File Transfer Protocol (TFTP) port. all All ports. Optional, last port in the range of ports as seen by the remote end for the server on the LAN.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide Mgmt Class Network (R/W) Input Format eth ip bindroute [] [] Parameters a Ethernet LAN IP address. a b IP network mask. Number of routers through which the packet must go to get to its destination. a IP address of the IP gateway. c IP virtual routing table o which the route is added.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip defgateway Assigns an Ethernet default gateway for packets whose destination address does not have a route defined. This setting is most useful when IP routing is not enabled, in which case the system acts as an IP host (i.e., an end system, as opposed to an IP router). NOTE: This command requires a save and reboot before it takes effect.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip delhostmapping Undoes an IP address/ host translation (remapping) range that was previously established with the command eth ip addhostmapping on a per-interface basis. For more information, see “Host Remapping” on page 4-23 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip delroute Removes a route from the default routing table that was added using the eth ip addroute command. The route to be deleted is identified by its IP address and mask and its Ethernet interface. To see the remaining routes, use the iproutes command. NOTE: This command requires a save and reboot before it takes effect.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip delserver Deletes an entry created by the command eth ip addserver. Mgmt Class Network (R/W) Input Format eth ip delserver [ []] Parameters One of the following command actions: a Selects the host with this IP address as server. discard Discards the incoming server request.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Parameters Cont. Protocol used by the selected server. a Numerical protocol ID. tcp TCP only. udp UDP only. all All protocols. First or only port as seen by the Ethernet interface. Port used by the selected server. b Numerical port value; a value of 0 matches any port. ftp File Transfer Protocol (FTP) port. h323 H.323 port.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip directbcast Enables or disables the forwarding of broadcast packets directed to a specific network prefix. When forwarding is disabled, the router silently discards all packets broadcast to a subnet. The default is off; thus, by default, all network prefix-directed broadcast packets are discarded. This applies to all broadcast interfaces, including all Ethernet interfaces.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Input Format eth ip disable Parameters None Response Command prompt. eth ip enable Enables IP routing across the Ethernet LAN. This command acts as a master switch allowing you to re-enable all IP routing. NOTE: This command requires a save and reboot before it takes effect. Mgmt Class Network (R/W) Input Format eth ip enable Parameters None Response Command prompt.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip filter Manages the IP filters for the Ethernet interface(s). The filters are used to screen IP packets. Each Ethernet interface can have its own set of filters. The intended interface is designated at the end of the filter command. If the router has two physical Ethernet interfaces (an Ethernet hub router), the interface is designated by its port number (0 or 1).
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Inserts a filter in the list of filters for this and . The filter is specified by the and optional . If no line number is specified, the filter is inserted at the beginning of the list; otherwise, it is inserted before the specified line. For example, “insert 0” inserts the filter before line 0 so it is the first filter in the list.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip filter check eth ip filter check [] Checks the action that would be taken if a packet with the specified parameters was compared with the list of filters defined for the specified and .
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands If the packet matches the filter, the specified is performed: accept drop reject inipsec outipsec The packet is allowed to proceed for further processing. The packet is discarded, without sending an ICMP (Internet Control Management Protocol) error message. The packet is discarded and an ICMP error message is returned to the sender. The packet is passed to IPSec for decrypting.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide -dp | [:] The packet must have a destination port that matches the specified ICMP type or that is within the specified port range. If only one port is specified, the packet must have that destination port. If no destination port is specified, the filter matches any destination port in the range 0:0xffff.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands - q or -v Specify one of these options to determine when watch messages are sent for this filter. The messages are sent to the console serial port (and to any Syslog servers; see “Syslog Client” on page 7-1.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip firewall The router supports IP Internet Firewall Filtering to prevent unauthorized access to your system and network resources from the Internet. This filter discards packets received from the WAN that have a source IP address recognized as a local LAN address. This command sets Ethernet Firewall Filtering on or off and allows you to list the active state.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip mgmt Assigns to an Ethernet interface an IP address which is to be used for management purposes only and not for IP address translation. This management IP address is generally a private network address used solely by the ISP. The management IP address is separate from the IP address used for IP address translation.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Ethernet IP address. a b,c IP subnet mask. Ethernet interface. a Dotted-decimal notation parameter may be omitted if the router has only one Ethernet interface. If the router has two physical Ethernet interfaces (an Ethernet hub router), the port number (0 or 1) must be specified.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Parameters
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide Parameters a a Dotted-decimal IP address of the remote network or station. notation Response Command prompt. eth ip translate Controls Network Address Translation on a per-interface basis; it allows several PCs to share a single IP address to the Internet. To read more about NAT, refer to “Network Address Translation (NAT)” on page 4-17 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ip unbindroute Removes an Ethernet route from the named IP virtual routing table. To list the routes, use the command iproutes. To add an Ethernet route to a virtual routing table, use the command eth ip bindroute. NOTE: A route change in an IP virtual routing table takes effect immediately. However, the change is lost if it is not saved before the next reboot.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip vrid Assigns a virtual router ID (VRID) to an Ethernet interface. The same VRID must be assigned to the master router and its backup routers. For more information, see “VRRP Backup” on page 6-16 of the Technical Reference Guide. This command designates the interface as the VRRP interface for the router. You must use another logical Ethernet interface as the management interface for the router.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Parameters a Virtual route ID. b Ethernet interface. The default value is 0:0. a Integer, b 1 - 255 To specify a logical interface other than 0:0, specify both the port number (0 or 1) and the logical interface number using the format : (for example, 0:1). Example This command example assigns VRID 7 to the logical Ethernet interface 0:1.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide NOTE: This command requires a reboot. Mgmt Class Network (R/W) Input Format eth ipx disable [port#] Parameters a a Integer, Port number of the Ethernet LAN. 0, 1 or it may be omitted. Response Command prompt. eth ipx enable Enables IPX routing across the Ethernet LAN. This acts as a master switch allowing you to enable IPX routing. NOTE: This command requires a reboot.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth ipx frame Sets the frame encapsulation method. Mgmt Class Network (R/W) Input Format eth ipx enable Parameters 802.2 (DEC standard).a 802.3 (Intel standard). dix (Xerox/Ethernet II standard). a Default value Response Command prompt.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide Response Typical response: -> eth list GLOBAL BRIDGING/ROUTING SETTINGS Bridging enabled ........................... Exchange spanning tree with dest.......... IP Routing enabled.......................... Multicast forwarding enabled.............. Firewall filter enabled................... Directed Broadcasts Allowed............... RIP Multicast address..................... IPX Routing enabled............
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth mtu Sets the maximum transfer unit for the Ethernet interface. The default is 1500 bytes. You can set the MTU size to less than 1500 bytes, but you cannot set the MTU to greater than 1500 bytes, even if you specify a larger value on an eth mtu command. (RFC 1042 recommends 1500 bytes as the maximum MTU for an Ethernet network.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide Mgmt Class Network (R/W) Input Format eth restart Parameters a,b Logical Ethernet interface. a Integer, b 0, 1 or it may be omitted if the router has only 1 Ethernet interface. To specify a logical interface other than logical interface 0, specify both the port number and the logical interface number (:, for example, 0:1). Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth stop Stops a logical Ethernet interface. NOTE: To keep certain configuration changes, you must enter a save command before stopping the logical interface. The stopped interface is disabled until it is started again. To start a logical Ethernet interface, use the command eth start. To stop and immediately restart a logical Ethernet interface, use the command eth restart.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth vrrp add Defines a VRRP attribute record for the VRID (virtual router ID). Attribute records must be defined for the VRID in the master router and in each of its backup routers. For more information, see “VRRP Backup” on page 6-16 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth vrrp clear password Clears the password in a VRRP attribute record for the VRID (virtual router ID). To see the current password, use the command eth vrrp list. To set a new password, use the command eth vrrp set password. For more information,see “VRRP Backup” on page 6-16 of the Technical Reference Guide. NOTE: If the VRRP attribute record has no password, no VRRP authentication is performed.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth vrrp delete Deletes a VRRP attribute record for the VRID (virtual router ID). It also disassociates the VRRP IP and MAC addresses from the logical interface. For more information, see “VRRP Backup” on page 6-16 of the Technical Reference Guide. Use this command to disable VRRP. To re-instate a deleted VRID, you need to redefine both the VRID and the VRRP attribute record.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth vrrp list Lists the VRRP attribute records for the port and shows the status of the VRRP router. For more information, see “VRRP Backup” on page 6-16 of the Technical Reference Guide. Mgmt Class Network (R) Input Format eth vrrp list [] Parameters a a The Physical Ethernet interface (port) number. default is 0; the parameter may be omitted if the router has only one port.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Mgmt Class Network (R/W) Input Format eth vrrp set multicast Parameters a a Dotted-decimal IP address that is to be the new multicast address. notation Example This command example specifies a new multicast address for VRRP. -> eth vrrp multicast 192.168.255.255 Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Mgmt Class Network (R/W) Input Format eth vrrp set option preempt | nopreempt [] Parameters preempt Preempt immediately. nopreempt Do not preempt a router with lower priority. a b Virtual router ID of the VRRP attribute record (integer, 1-255). The attribute record was created by the command eth vrrp add. Physical Ethernet interface (port) number (0 or 1).
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide NOTE: The password must be the same for every router in the Virtual Router, that is, for every router in the LAN with the same VRID. For example, if a VRRP interface in routers A, B, and C has the VRID 7, routers A, B, and C must all specify the same password for VRID 7.
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands eth vrrp set priority Specifies the priority attribute in a VRRP attribute record for the VRID (virtual router ID). The priority value determines which VRRP router in the LAN takes over when a VRRP router fails. For more information, see “VRRP Backup” on page 6-16 of the Technical Reference Guide.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide -> eth vrrp set priority 255 7 This command example defines priority 50 for a backup router for VRID 7 using port 1. -> eth vrrp set priority 50 7 1 Response Command prompt. eth vrrp set timeinterval Specifies the time interval attribute in a VRRP attribute record for the VRID (virtual router ID).
Efficient Networks® Router family Command Line Interface Guide Chapter 5: Ethernet Interface Commands Mgmt Class Network (R/W) Input Format eth vrrp set timeinterval [] Parameters a Time interval value in seconds b Virtual router ID of the VRRP attribute record. c Physical Ethernet interface (port) number (0 or 1). a Integer, 0 - 60 1 - 255 c The default is 0; the parameter may be omitted if the router has only one port.
Chapter 5: Ethernet Interface Commands Efficient Networks® Router family Command Line Interface Guide eth ip remsrcrouteopt Adds or removes the source routing option. Mgmt Class Network (R/W) Input Format eth ip remsrcrouteopt Parameters enable Adds the source routing option. disable Removes the source routing option. (Default value) Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands CHAPTER 6 CHAPTER 6 REMOTE COMMANDS The commands in this section begin with the word remote. The commands allow you to add, delete, and modify remote routers to which the target router can connect.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Table 6-1: Remote Command Listing (Cont.) Command Page 6-2 Function remote addiproute Adds an IP address route to a network or station on the LAN connected beyond the remote router. remote addipxroute Adds an IPX route for a network or station on the LAN network connected beyond the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Table 6-1: Remote Command Listing (Cont.) Command Function remote disauthen This command is intended for situations where thirdparty routers cannot be authenticated; the target router will not attempt to authenticate the remote router. remote disbridge Disables bridging from the target router to the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Table 6-1: Remote Command Listing (Cont.) Command Page 6-4 Function remote setcompression Enables or disables negotiation of the Stac LZS compression of the payload (RFC 1974). remote setencryption RFC 1969 encryption. Specifies a PPP DES (Data Encryption Standard) 56-bit key with fixed transmit and receive keys. remote setencryption Diffie-Hellman Encryption.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Table 6-1: Remote Command Listing (Cont.) Command Function remote setppppretrytimer Enables or disables the PPP retry timer for a remote session. remote setprefer Changes the interface for the remote entry. remote setprotocol Sets the link protocol for the remote router. remote setpvc Specifies the PVC number for connecting to the remote router.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote ? Lists the supported remote keywords. The list will vary depending on the router model. Mgmt Class Network (R) Input Format remote ? Parameters None Response A listing of the remote commands and keywords with a brief description of their function. remote add Adds a remote router entry into the remote router database.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote addbridge Defines the remote router entry as the default bridging destination for outbound bridging. The command can define either the default bridging destination for all MAC addresses or the default bridging destination for a specific MAC address. When you specify a MAC address on this command, a permanent entry for that address is created in the bridging table.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote addhostmapping Remaps a range of local LAN IP addresses to a range of public IP addresses on a per-remote-router basis. These local addresses are mapped one-to-one to the public addresses. NOTE: The range of public IP addresses is defined by only. The rest of the range is computed automatically (from to + number of addresses remapped - 1) inclusive.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote addiproute Adds an IP address route to a network or station on the LAN connected beyond the remote router. The route is added to the default routing table. The local router’s routing table must be seeded statically to access networks and stations beyond this remote router. After the connection is established, standard RIP update packets can dynamically add routes to the routing table.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Examples The first two addresses in the list represent subnetworks, the third is a class B network, the fourth is a host, and the fifth address is the default route. The fifth command adds the default route when the WAN interface is a point-to-point interface; the sixth command adds the default route when the WAN interface is a broadcast interface. -> remote addIpRoute 10.1.210.64 255.255.255.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote addipxroute Adds an IPX route for a network or station on the LAN network connected beyond the remote router. The target router’s routing information table must be seeded statically to access networks and stations beyond this remote router. After the connection is established, standard RIP update packets will dynamically add to the routing table.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote addipxsap Adds an IPX SAP to the server information table for a service on the LAN network connected beyond the remote router. The target router’s SAP table must be seeded statically to access services beyond this remote router. After the connection is established, standard SAP broadcast packets will dynamically add to the table.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote addserver This Network Address Translation (NAT) command is used to add a server’s IP address (on the LAN) associated with this remote router for a particular protocol. To learn more, see “Network Address Translation (NAT)” on page 4-17. Multiple system addserver and remote addserver commands can designate different servers for different protocols, ports, and interfaces.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters Cont. smtp Simple Mail Transfer Protocol (SMTP) port. sntp Simple Network Management Protocol (SNMP) port. t120 T.120 port. telnet Telnet port. tftp Trivial File Transfer Protocol (TFTP) port. all All ports. Optional last port in the range of ports as seen by the remote end for the server on the LAN.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote bindipvirtualroute Adds a remote route to the named IP virtual routing table. To list the remote routes, use the remote listiproutes command. To remove a route from a virtual routing table, use the remote unbindipvirtualroute command. NOTE: A route change in an IP virtual routing table takes effect immediately.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote blocknetbios This command enables or disables a filter that blocks all NetBIOS packets over this WAN connection. Mgmt Class Security (R/W) Input Format remote blocktetbios on | off Parameters Enables NetBIOS filtering. on Disables NetBIOS filtering. off a ASCII a Name of the remote router. string Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote delatmsnap This command deletes an ATM mapping set by the remote setatmnsap command, page 40. Mgmt Class Network (R/W) Input Format remote delatmfasp atmf | e164 partial | full Parameters atmf ATM forum encoding. E164 ITU E164 encoding. partial The MAC address of the router is substituted for octets 2-7 of the NSAP. No change is made to the specified NSAP.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Parameters All MAC addresses * a MAC address b Name of the remote router. c a HEX-decimal notation string c The name is case sensitive. b ASCII Response Command prompt. remote delencryption Deletes encryption files associated with a remote router. Mgmt Class Security (R/W) Input Format remote delencryption Parameters a a ASCII Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote delhostmapping Undoes an IP address/host translation (remapping) range that was previously established with the command remote addhostmapping on a per-remote-router basis. Mgmt Class Network (R/W) Input Format remote delhostmapping Parameters a First IP address in the range of local IP address to be remapped.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Parameters a IP address of the remote network or station. a b b Name of the remote router. Dotted-decimal notation ASCII string Response Command prompt. remote delipxroute Deletes an IPX address for a network on the LAN connected beyond the remote router. NOTE: A reboot command must be performed on the target router for the deletion of a static route to take effect.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote delipxsap Deletes an IPX service on the LAN network connected beyond the remote router. NOTE: A reboot must be performed on the target router for a deleted service to take effect. Mgmt Class Network (R/W) Input Format remote delipxSap Parameters a ASCII a Name of service. Name of the remote router. string Response Command prompt.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote delourpasswd Removes the unique CHAP or PAP authentication password entries established by the remote setourpasswd command. Mgmt Class Network (R/W) Input Format remote delourpasswd Parameters a Name of the remote router. a ASCII string Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote delphone Deletes a phone number that was specified by the command remote setphone. Mgmt Class Network (R/W) Input Format remote delphone async | isdn 1 | 2 Parameters async Asynchronous connection. isdn ISDN connection. 1 Primary phone number or first ISDN channel. Alternative phone number or first ISDN channel.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters One of the following command actions: a Selects the host with this IP address as server. discard Discards the incoming server request. me Sends the incoming server requests to the local router, regardless of the IP address. Protocol used by the selected server. b Numerical protocol ID. tcp TCP only. udp UDP only. all All protocols.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote disable Disables the remote. The remote remains disabled even after a reboot. To enable the remote, the command remote enable must be entered. NOTE: You may enter and save information and settings for a disabled remote entry. However, the remote entry cannot be used until it is enabled. NOTE: If the remote is currently active when the remote is disabled, the active session is not stopped.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Parameters a a ASCII Name of the remote router. string Response Command prompt. remote disbridge Disables bridging from the target router to the remote router. NOTE: This command requires a reboot of the target system for the change to take effect. Mgmt Class Security (R/W) Input Format remote disbridge Parameters a a ASCII Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote enaauthen Initiates the target router authentication negotiation as defined in the remote router’s database. Mgmt Class Security (R/W) Input Format remote enaAuthen Parameters a Name of the remote router. a ASCII string Response Command prompt. remote enable Enables use of an entry in the remote router database.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Parameters a a ASCII Name of the remote router. string Response Command prompt. remote enabridge Enables bridging from the target router to the remote router. NOTE: This command requires a reboot of the target system for the change to take effect. Mgmt Class Security (R/W) Input Format remote enablebridge Parameters a a ASCII Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote ipfilter Manages the IP filters on the WAN interface. The filters screen IP packets at the interface level. You can define filters for any entry in the remote router database. To see the names of the remote entries, use the command remote list. A remote entry can have up to four lists of filters; the list types are Input, Receive, Transmit, and Output.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide If no line number is specified, the filter is inserted at the beginning of the list; otherwise, it is inserted before the specified line. For example, “insert 0” inserts the filter before line 0 so it is the first filter in the list. Filters are used in the order they appear in their list.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands For example, the command -> remote ipfilter check input -p TCP branch1 would check what action (accept, drop, reject, inipsec, outipsec) would be taken for a TCP packet after it was compared with the list of input filters defined for remote entry branch1.
Chapter 6: Remote Commands reject inipsec outipsec Efficient Networks® Router family Command Line Interface Guide The packet is discarded and an ICMP error message is returned to the sender. The packet is passed to IPSec for decrypting. The filter is intended to match packets coming from the other IPSec gateway. Although filters are the mechanism by which packets are passed to IPSec, it is recommended that you use IKE to manage your IP Security (see “IPSec (Internet Protocol Security)” on page 5-50.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands -tcp syn | ack | noflag | rst If the IP packet is a TCP packet, the filter matches the packet only if the packet flag settings are as specified. If no -tcp option is specified for the filter, flag settings are not checked. NOTE: More than one -tcp option may be specified for the IP filter. The syn, ack, and noflag settings work together as follows: • Specify -tcp syn if the TCP SYN flag must be set.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Specify one of these options to determine when watch messages are sent for this filter. The messages are sent to the console serial port (and to any Syslog servers; see see “Syslog Client” on page 7-1.) If neither -q or -v are specified for the filter, and a remote ipfilter watch command is entered for the interface, a message is sent each time this filter causes a packet to be dropped or rejected.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters *** If entered with no parameters, all remote router entries are listed. a Name of the remote router. a ASCII string Response Typical response: -> rem list internet INFORMATION FOR Status............................... Our System Name when dialing out..... Our Password used when dialing out... Protocol in use...................... ATM traffic shaping..................
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Exchange spanning tree with dest... TX Encryption........................ RX Encryption........................ mtu.................................. no unknown unknown 1500 remote listbridge Lists the current bridge settings for the specified remote router entry.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote listiproutes Lists IP information for a remote router or, if the router name is omitted, for all routers in the remote router database. The IP information includes all network or station IP addresses defined for the LAN connected beyond the remote router. This command lists all routes defined for the remote router, including those defined in the default routing table and in any virtual routing tables.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote listipxroutes Lists all network IPX route addresses defined for the LAN connected beyond the remote router. The network number, hop count, and ticks are displayed. If the remote name is not specified, a list of IPX routes is displayed for each remote router in the database. Mgmt Class Network (R) Input Format remote listipxroutes Parameters a a ASCII Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters a a ASCII Name of the remote router. string Response Typical response: -> rem listipxsaps hq IPX SAP INFORMATION FOR ... 1 Total IPX SAPs SERV312_FP 00001001 00:00:00:00:00:01 0451 0004 1 IPX SAP INFORMATION FOR Total IPX SAPs................ 1 SERV312_FP 00001001 00:00:00:00:00:01 0451 0004 1 remote listphones Lists the PVC numbers available for connecting to the remote router.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote restart Stops the current active session and starts a new active session for a remote. Certain configuration changes for a remote become effective only after the remote is restarted or the router is rebooted. Remember to save the changes before the restart or reboot. NOTE: Use restart instead of reboot whenever possible. A restart does not affect other interfaces, allowing their traffic to continue.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Mgmt Class Network (R/W) Input Format remote setatmnasp atmf | e164 partial | full Parameters atmf ATM forum encoding. E164 ITU E164 encoding. partial The MAC address of the router is substituted for octets 2-7 of the NSAP. No change is made to the specified NSAP.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters chap, pap, or none. The default is pap. a a Name of the remote router. ASCII string Response Command prompt. remote setbod Sets the bandwidth on demand (BOD) management option for a DOD (dial on demand) connection, that is, a connection where the link goes up and down. These links include those for ISDN, L2TP tunnels, IPSec tunnels, and dial backup.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setbroptions Sets controls on bridging for the remote router entry. To see the current bridging settings for remote router entries, use the remote listbridge command. CAUTION: Do not change the setting without approval from your system administrator.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setbwthresh Sets the bandwidth threshold for a DOD (dial on demand) connection, that is, a connection where the link goes up and down. These links include those for ISDN, L2TP tunnels, IPSec tunnels, and dial backup. The threshold is used in bandwidth on demand management. Initially, a call is activated on one B-channel.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setcompression Enables or disables negotiation of the Stac LZS compression of the payload (RFC 1974). The CCP (Compression Control Protocol, RFC 1962) negotiates and handles any compression between the local router and the remote router. The default setting is off because LZS compression has a negative effect with high bit rates (greater than 768 Kb/s).
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters Recieve key rx Transmit key tx key a Key a b b Name of the remote router. Hexadecimal notation ASCII string Response Command prompt. remote setencryption Diffie-Hellman Encryption. Specifies encryption based on the Diffie-Hellman keyexchange protocol. Each router possesses an internal encryption file that is associated with a public key providing 768-bit security.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setipoptions Enables or disables the selected IP option for the WAN interface. To select IP options for the Ethernet interface, use the command eth ip options. Several RIP options are available. RIP is a protocol used for exchanging IP routing information among routers. The RIP options allow you to set IP routing information protocol controls over a point-to-point WAN.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters Cont. multicast Allows the remote router to forward IP multicast traffic. lanconfig Accept LAN configuration information. Indicates that this PPP remote can receive IPCP information for dynamically reconfiguring the Ethernet interface. lcpecho a a Use periodic echo. Name of the remote router ASCII string Response Command prompt. remote setipslaveppp Sets the IP Slave PPP mode.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setiptranslate Controls Network Address Translation on a per remote router basis. It allows several PCs to share a single IP address to the Internet. The remote router must assign the source WAN IP address to the routers’ local WAN port. This command requires that you define a Source WAN IP Address with the remote setsrcipaddr command.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Parameters a a b IPX network number. b Name of the remote router. Hexadecimal notation ASCII string Response Command prompt. remote setipxoptions Enables or disables the IPX option RIPSAP for the remote WAN connection. Mgmt Class Network (R/W) Input Format remote setIpxOptions ripsap on | off Parameters Enables or disables option.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setmaxline Sets the maximum links (1 or 2) for a DOD (dial on demand) connection, that is, a connection where the link goes up and down. These links include those for ISDN, L2TP tunnels, IPSec tunnels, and dial backup. If you set the maximum links to 2, bandwidth on demand management determines their actual usage; see the remote setbwthresh command.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands NOTE: To use the management address as the source address for a ping, you must specify it using the -I option on the ping command. For example, to use management address 192.168.1.2 when pinging destination address 192.168.100.100, specify: ping -I 192.168.1.2 192.168.100.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setminline This command is used for dial-up connections and other connections that behave like dial-up connections, such as L2TP and PPPoE sessions. The command sets the minimum number of channels to be continually allocated to the connection. The default is 0, in which case a channel is allocated only when needed.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setmtu Sets the maximum transfer unit for the remote interface. To see the current MTU size for an active remote that is doing IP routing, use the ipifs command. To change the MTU for an Ethernet interface, use the command eth mtu. If the protocol in use is PPP, you can see the MRU and MTU sizes using the command mlp show. The MRU is the maximum receive unit.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setourpasswd Sets a unique CHAP or PAP authentication password for the local router that is used for authentication when the local router connects to the specified remote router. This password overrides the password set in the system passwd command. A common use is to set a password assigned by the Internet Service Providers.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide Parameters a,b a b a System name of the target router. Name of the remote router. ASCII string The name is case-sensitive and its maximum length is 255 characters. Response Command prompt. remote setpasswd Sets the CHAP or PAP authentication password that is used when the remote router establishes a connection or is challenged by the target router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Mgmt Class Network (R/W) Input Format remote setPhone async | isdn 1 | 2 Parameters async Asynchronous connection. isdn ISDN connection. 1 Primary phone number or first ISDN channel. Alternative phone number or first ISDN channel. 2 a a Decimal number representing the exact digits to be dialed. b Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setpppoptions Enables and disables a PPP option. The default settings vary with the option. To see the current settings of the PPP options, use the command remote list.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setppppretrytimer Enables or disables the PPP retry timer for a remote. The default is off (0). The PPP retry timer is useful in a network where several routers are connected to the same PPP server. If the link to the PPP server goes down, all PPP sessions on the connected routers go down. Then, when the link comes back up, all routers attempt reconnection at the same time and this could crash the PPP server.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setprefer Changes the interface for the remote entry. Normally, a new remote profile defaults to the type of the WAN port present in the router: FR for Frame-Relay WANs (IDSL and some SDSL routers) or HSD for all ATM routers. Use this command when defining the remote profile for Dial Backup.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands Authentication level required........ PAP . . . (subsequent lines same as for async) . . . -> remote setPrefer async backup -> remote list backup INFORMATION FOR Status............................... enabled Our System Name when dialing out..... gwbush Our Password used when dialing out... yes Disconnect timeout (in seconds)...... 60 Min/max channels..................... 0/1 Interface in use.................
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote setprotocol Sets the link protocol for the remote router. NOTE: The link protocol and encapsulation option must match those at the other end of the connection (the settings in the DSLAM). The encapsulation options are described in “Encapsulation Options” in Chapter 2 of the Technical Reference manual.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setpvc Specifies the PVC number for connecting to the remote router. Mgmt Class Network (R/W) Input Format remote setpvc * Parameters Virtual Path ID - number that identifies the link formed by the virtual path. Virtual Circuit ID - number that identifies a channel within a virtual path in a DSL/ATM environment. rfc1483 RFC 1483 protocol.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote setrmtipaddr Sets the WAN IP address for the remote router. This address is required only if the remote router does not support IP address negotiation under PPP (i.e., numbered mode is required, and the remote router cannot specify a WAN IP address for use during the negotiation process).
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote setspeed Specifies the speed to be used when dialing out using the backup V.90 modem connected to the console port. Specify a speed for each phone number you provide (primary and alternative). For more information specifying phone numbers for the Dial Backup feature, see “Specifying the Dialup Parameters” on page 6-9.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote setsrcipaddr Sets the IP address for the target WAN connection to the remote router. You may set this address when the remote router requires the target and the remote WAN IP addresses to be on the same subnetwork. Another instance is to force numbered mode and to prevent the remote router from changing the target WAN IP address through IPCP address negotiation.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote settimer This command is used for dial-up connections and other connections that behave like dial-up connections, such as L2TP and PPPoE sessions. The command sets the length of the timeout period before disconnection. When the connection has had no traffic for the timeout period, the channel is deallocated. A channel is re-allocated when it is needed.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote start If the remote is not currently active, this command attempts to start an active session. NOTE: A reboot ends the active session; to start a session after the reboot, you must enter another remote start command. To stop an active session for the remote, use the remote stop command. To stop and immediately restart a session for the remote, use the remote restart command.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote stats Shows the current status of the connection to the remote router, including the bandwidth and data transfer rate. Mgmt Class Network (R) Input Format remote stats Parameters a a ASCII Name of the remote router.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide remote stop If the remote is active, this command stops the active session. NOTE: To keep certain configuration changes, you must enter a save command before stopping the remote interface. NOTE: The stop command does not disable the remote entry so another session can be started for the remote.To start an active session for the remote, use the remote start commad.
Efficient Networks® Router family Command Line Interface Guide Chapter 6: Remote Commands remote unbindipvirtualroute Removes a remote route from the named IP virtual routing table. To list the remote routes, use the remote listiproutes command. To add a remote route, use the remote remote bindipvirtualroute command. NOTE: A route change in an IP virtual routing table takes effect immediately. However, the change is lost if it is not saved before the next remote restart or reboot.
Chapter 6: Remote Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands CHAPTER 7 CHAPTER 7 WAN INTERFACE COMMANDS This chapter contains subsections of commands applicable to specific WAN interfaces. The subsections are: • ADSL (Asymmetric Digital Subscriber Line) commands, see ADSL Commands. • ADSL, Annex B commands, see GTI Commands. • ATM (Asynchronous Transfer Mode) commands, see ATM Commands. • DMT (Discrete Multi-Tone) commands, see DMT Commands.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands ADSL Commands This section provides the commands to manage the ADSL (Asymmetric Digital Subscriber Line) link for an ADSL router. These commands include: Table 7-1: ADSL Command Listing Command Function adsl ? Lists the supported ADSL keywords. adsl restart Re synchronizes the modem with the CO (Central Office) equipment. adsl speed Displays the current downstream and upstream rates.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands adsl restart Re synchronizes the modem with the CO (Central Office) equipment.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Response -> adsl speed downstream rate: 6272 Kb/s, upstream rate: 1088 Kb/s adsl stats Shows the current error status for the ADSL connection. Mgmt Class Network (R/W) Input Format adsl stats [clear] Parameters *** When entered with no parameters, the current ADSL statistics are displayed. clear Optional, resets the statistical counters. Response Statistical information displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands ATM Commands The following commands are used to manage the ATM-25 (Asynchronous Transfer Mode) link for an ATM router. The commands include: Table 7-2: ATM Command Listing Command Function atm ? Lists the supported ATM keywords. atm pcr Sets the speed of the ATM link in cells per second. atm save Saves the ATM configuration settings. atm speed Sets the speed of the ATM link in kilobits per second.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands atm pcr Sets the speed of the ATM link in cells per second. The default upstream speed is 768 cells/second. Generally, your Network Service Provider should provide you with your speed value. If your service provider states your speed value in kilobits per second, enter the value using the atm speed command. NOTE: The speed value entered may not be the actual upstream speed attained.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands atm save Saves the ATM configuration settings. Mgmt Class Network (R/W) Input Format atm save Parameters None Response Command prompt. atm speed Sets the speed of the ATM link in kilobits per second. The default upstream speed is 326 Kb/s. Generally, your Network Service Provider should provide you with your speed value.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Parameters *** When entered with no parameters, the current upstream speed is displayed. a Upstream speed requested in kilobits/second. a Integer, 125-8000 Example The following command example requests a speed of 512 kilobits/second. However, 512 is not one of the discrete speed values allowed, so the next lower value, 500 kilobits/second, is set, as indicated by the message.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Parameters a Sustained Cell Rate (cells per second). Maximum Burst Size (cells). For a constant bit rate (CBR), specify 1; for a variable bit rate (VBR), specify a value greater than 1. b Name of the remote router. a b Integer ASCII string Examples The following command disables ATM traffic-shaping remote router HQ.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands DMT Commands These commands contained in this section are used manage the ADSL DMT (Discrete MultiTone) router; they include Table 7-3: DMT Command Listing Command Function dmt ? Lists the supported DMT keywords. dmt link Selects the link type for the ADSL DMT router. dmt mode Sets DMT operational mode. dmt ? Lists the supported DMT keywords.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands dmt link Selects the link type for the ADSL DMT router. The link type is persistent across reboots. Normally, the CO and CPE negotiate the link type to be used. Use the dmt link command when you do not want the CO and CPE to negotiate the link type, but instead want to specify the type of data link required. CAUTION: This command forces the CPE into the specified mode. It is not for normal use.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide dmt mode Sets DMT operational mode. The dmt mode command can request one of three modes: ANSI, no_Trellis_ANSI, and UAWG. NOTE: UAWG mode is becoming obsolete. No Trellis encoding for T1.413 ANSI ADSL is only needed where auto-negotiation is not supported for Trellis. Mgmt Class Network (R/W) Input Format dmt mode ansi | no_trellis_ansi | uawg Parameters ansi | no_trellis_ansi Selects the DMT mode used.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Dual-Ethernet Router (ETH) Commands The following Ethernet commands are used to manage the Ethernet interfaces of the Dual-Ethernet (Ethernet-to-Ethernet) router and thus are specific to that type of router only. For the other Ethernet commands, see Chapter 5, Ethernet Interface Commands.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide eth br enable Enables bridging in a Dual-Ethernet environment. This command requires a reboot of the router for the change to take effect. Mgmt Class Network (R/W) Input Format eth br enable Parameters None Response Command prompt. eth br disable Disables bridging in a Dual-Ethernet environment. NOTE: This command requires a reboot of the router for the change to take effect.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands eth br options Sets controls on bridging for the Ethernet interface. To see the current bridge settings for the Ethernet interface, use the eth list command. Spanning Tree Protocol (STP) is used to detect bridging loops. Set this option to off only if the bridging peers do not support the Spanning Tree Protocol or if you are certain that no bridging loops could exist.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide Examples The following command turns off the spanning tree protocol for Ethernet port 0. -> eth br options stp off The following command configures Ethernet port 1 so that only PPPoE traffic is bridged through it. -> eth br options pppoeonly on 1 Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Frame Commands The following commands are used to manage a frame relay router’s WAN interface. The Frame Relay commands found in this section include: Table 7-5: Frame Relay Command Listing Command Function frame ? Lists the supported frame keywords. frame cmpplay Selects activation in routing or bridge mode. This command is applicable only when the router is configured using Copper Mountain Plug & Play.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide frame cmpplay Selects activation in routing or bridge mode. This command is applicable only when the router is configured using Copper Mountain Plug & Play (see Chapter 3 of the Technical Reference manual). Mgmt Class Network (R/W) Input Format frame cmpplay < router | bridge > Parameters bridge Selects bridging mode. router Selects bridging mode, default value. Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands frame stats Displays frame relay statistics. Mgmt Class Network (R) Input Format frame stats Parameters None Response Although it is not an end-to-end loopback test, the command output does show counters for data sent and received as well as LMI events. -> frame stats FR/0 Frame Relay Statistics ANSI LMI: Protocol Errors........................ Unknown Msg Recv....................... T391 Timeouts.........
Chapter 7: WAN Interface Commands LMI State.......................... Status State Changes............... Active to Not Active Changes....... Not Active to Active Changes....... Data Packets In.................... Data Packets Out................... Data Packets Out Queued............ Data Packets Out (dropped Q Full).. Voice Cells In..................... Voice Cells In (with errors)....... Voice Cells Out....................
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands GTI Commands This section provides the commands to manage the GTI - ADSL, Annex B (Asymmetric Digital Subscriber Line) link for an ADSL router. These commands include: Table 7-6: GTI Command Listing Command Function gti ? Lists the supported GTI keywords. gti speed Displays the current downstream and upstream rates. gti stats Shows the operational time for the system and ADSL connection.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide Mgmt Class Network (R) Input Format gti speed Parameters None Response -> gti speed ATM Downstream: 6088 Kb/s Upstream: 1021 Kb/s gti stats Shows the operational time for the system and ADSL connection. Mgmt Class Network (R) Input Format gti stats Parameters None Response Statistical information displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands gti version Displays GTI ADSL version information. Mgmt Class Network (R) Input Format gti speed Parameters None Response GTI ADSL Version information is displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands HDSL Commands Use the following commands to manage the HDSL (High-Speed Digital Subscriber Line) link for an HDSL router. The HDSL commands found in this section include: Table 7-7: HDSL Command Listing Command Function hdsl ? Lists the supported HDSL keywords. hdsl save Saves the HDSL-related changes across restarts and reboots. hdsl speed Manages the line speed for the HDSL interface.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands hdsl save Saves the HDSL-related changes across restarts and reboots. Mgmt Class Network (R/W) Input Format hdsl save Parameters None Response Command prompt. hdsl speed Manages the line speed for the HDSL interface, as follows: • CO end: Sets the speed manually on the Central Office (CO) end only.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide Parameters *** When entered with no parameters, the current speed is dispalyed. a 384 Authorized non-default speed for the CO in Mbps. Authorized non-default speed for the CO in Mbps. 1168 noauto a b b Used to override auto-speed on the CPE. Available only if the modem has activated successfully. hdsl speed noauto should be followed by the command hdsl save to be persistent across restarts and reboots.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands IDSL Commands This section describes the following commands used to manage an IDSL interface. The IDSL commands found in this section include: Table 7-8: IDSL Command Listing Command Function idsl list Lists the current switch type. idsl save Saves the IDSL-related changes across restarts and reboots. idsl set speed Specifies the speed of the IDSL connection.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide idsl save Saves IDSL-related changes across restarts and reboots. Changes that are not saved are discarded. Mgmt Class Network (R/W) Input Format idsl save Parameters None Response Command prompt. idsl set speed Specifies the speed of the IDSL connection. The IDSL bandwidth is composed of two 64 Kbps B channels, plus one 16 Kbps D channel. Your speed setting indicates the channels that you are using.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands idsl set switch Specifies link speeds of 64, 128, or 144 Kbps for the IDSL connection. Mgmt Class Network (R/W) Input Format idsl set switch FR64 | FR128 | FR144 Parameters FR64 Link speed of 64 Kbps FR128 Link speed of 128 Kbps FR144 Link speed of 144 Kbps Response Command prompt. remote setdlci This command sets the DLCI for the remote router entry.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands Parameters a a b Frame Relay number identifying the data-link connection. b Name of the remote router. Integer ASCII string Response Command prompt. remote setprotocol This IDSL-specific command is used to select the appropriate link protocol for the IDSL connection. The Network Service Provider should provide which link protocol to use.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands SDSL Commands The commands in this section are used to manage the Symmetric Digital Subscriber Line (SDSL) link for an SDSL router. The SDSL commands found in this section include: Table 7-9: SDSL Command Listing Command Function sdsl ? Lists the supported SDSL keywords. sdsl preact Displays and/or changes the autobaud pre-activation status.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide sdsl preact Displays and/or changes the autobaud pre-activation status.The default status is on. However, to be effective, autobaud pre-activation must also be enabled at the Central Office (CO) end of the connection. NOTE: Remember to enter an sdsl save or save command to save SDSL changes across restarts and reboots. For more information on the autobaud feature, see Auto-baud preactivation.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands sdsl save Saves SDSL configuration changes across restarts and reboots. Mgmt Class Network (R/W) Input Format sdsl save Parameters None Response Command prompt. sdsl speed Manages the speed of the SDSL line. • At the Central Office (CO) end, the command sets the speed manually only.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide NOTE: Enter an sdsl save or reboot command to save SDSL changes across restarts and reboots. Parameters *** When entered with no parameters, the current speed is displayed. Speed in kbps.a noauto Overrides auto-speed detection.b a If the auto-speed search is in progress, this command stops the search and sets the line speed as specified on the command.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands sdsl terminal Displays and/or changes the router’s status as CO or CPE. The router is, by default, configured as Customer Premises Equipment (CPE). Use this command if to configure the router as Central Office equipment (CO). Mgmt Class Network (R/W) Input Format sdsl terminal [cpe | co] Parameters *** When entered with no parameters, the current mode is displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands SHDSL Commands The commands in this section are used to manage the WAN link for a G.shdsl router. The SHDSL commands found in this section include: Table 7-10: SHDSL Command Listing Command Page 7-36 Function shdsl ? Lists the supported SHDSL keywords. shdsl annex Selects annex A or annex B of the G.shdsl standard. shdsl list Lists the current configuration of the G.shdsl interface.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands shdsl ? Lists the supported SHDSL keywords. Input Format shdsl ? | help Parameters None Response Lists the supported SHDSL commands and keywords and a brief description of their function. shdsl annex Selects annex A or annex B of the G.shdsl standard. The annex used depends on the DSLAM the router is to connect to. In general, annex B is used in Europe and annex A is used in the rest of the world.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide shdsl list Lists the current configuration of the G.shdsl interface. Mgmt Class Network (R) Input Format shdsl list Parameters None Response The following is a typical response. -> shdsl list G.SHDSL INTERFACE CONFIGURATION: Terminal ..................... GTI SHDSL version ............ Requested speed .............. Actual speed ................. Startup margin ............... Rate mode ...................
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands shdsl margin Specifies the acceptable noise margin in decibels. If the connection is unstable, you may need to increase the margin. Mgmt Class Network (R/W) Input Format shdsl margin [dB] Parameters *** Enter the command with no parameter to display the current margin value. a Noise margin in decibels. a integer, -10 - 10, (6) Response Current margin is displayed.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide Parameters *** Enter the command with no parameter to display the current rate mode. adaptive Selects adaptive mode. fixed Selects fixed mode. Response Current ratemode is displayed. -> shdsl ratemode Adaptive shdsl restart Restarts the G.shdsl WAN interface. NOTE: Unlike a reboot, a restart does not discard unsaved changes.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands shdsl save Saves SHDSL configuration changes across restarts and reboots. Mgmt Class Network (R/W) Input Format shdsl save Parameters None Response Command prompt. shdsl speed Manages the speed of the SHDSL line. NOTE: By default, it is assumed that the router is Customer Premises Equipment (CPE) and the line speed desired is the maximum allowed by the central office (CO).
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide Mgmt Class Network (R/W) Input Format shdsl speed [ | auto] Parameters Enter the command with no parameter to display the current speed. *** a,b speed auto c Speed in Kbps. Selects auto-speed detection. a Integer, 72 - 2312 in increments of 64 kbps If a value is specified falling between steps, the speed is set to the next lower step. c Enter the command shdsl restart to carry out this change.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands shdsl stats Displays SHDSL statistics. The statistics are kept for 24 hours and then automatically cleared. The statistics can also be cleared manually with the clear option. Mgmt Class Network (R/W) Input Format shdsl stats [clear] Parameters *** Enter the command with no parameter to display the current speed. clear Option used to reset the statistical counters.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide shdsl terminal Displays and/or changes the router’s designation as CO (Central Office) or CPE (Customer Premises Equipment). By default, the router is assumed to be CPE. Use this command if the router is to be used as CO. Mgmt Class Network (R/W) Input Format sdsl terminal [cpe | co] NOTE: To determine the current CO/CPE setting, enter shdsl terminal with no parameters.
Efficient Networks® Router family Command Line Interface Guide Chapter 7: WAN Interface Commands shdsl ver Displays the G.shdsl version level of the modem firmware. Mgmt Class Network (R/W) Input Format shdsl ver Parameters None Response Typical response: -> shdsl ver GTI SHDSL Version R1.
Chapter 7: WAN Interface Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands CHAPTER 8 CHAPTER 8 DHCP COMMANDS The following DHCP (Dynamic Host Configuration Protocol) commands allow you to: • Enable and disable subnetworks and client leases. • Add subnetworks and client leases. • Set the lease time. • Change client leases manually. • Set option values globally, for a subnetwork, or for a client lease. • Enable/disable BootP. • Use BootP to specify the boot server.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands Table 8-1: DHCP Command Listing (Cont.) Command Page 8-2 Function dhcp bootp tftpserver Specifies the TFTP server (boot server). dhcp clear addresses Clears the values from a pool of addresses. dhcp clear all records Clears all DHCP information, including all leases and all global DHCP information. dhcp clear expire Releases a client lease.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp ? Lists the supported DHCP keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Network (R) Input Format dhcp ? Parameters None Response List of the supported DHCP commands and keywords and a brief description of their function. dhcp add Provides one of three types of DHCP definitions: subnetwork, client lease, or option type.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide Parameters a IP address of the subnetwork lease a IP network mask a IP address of the subnetwork lease User-defined code (128 - 254, or a keyword). Minimum number of values. Maximum number of values. Byte | word | long | longint | binary | ipaddress | string a Dotted-decimal notation Examples Command usage defining a subnetwork: -> dhcp add 192.168.254.0.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp addrelay Adds an address to the DHCP relay list. (This list is also the BootP server list.) While the relay list contains at least one address, the DHCP server in the router is disabled, and the router forwards all DHCP requests and BootP requests to all servers in the relay list. (A DHCP request is issued whenever a device attempts to acquire an IP address).
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide dhcp bootp allow Allows a BootP request to be processed for a particular client or subnet. Mgmt Class Network (R/W) Input Format dhcp bootp allow | Parameters a IP address of the subnetwork lease. a a Dotted-decimal IP address of the client lease. notation. Response Command prompt. dhcp bootp disallow Denies processing of a BootP request for a particular client or subnet.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp bootp file Specifies the boot file name (kernel) and the subnet to which it applies. NOTE: The TFTP server IP address must be specified when specifying the file using the command dhcp bootp tftpserver. Mgmt Class Network (R/W) Input Format dhcp bootp file [ | ] Parameters a IP address of the subnetwork lease. a b IP address of the client lease.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp bootp tftpserver Specifies the TFTP server (boot server). Mgmt Class Admin (R/W) Input Format dhcp bootp tftpserver [ | Parameters a IP address of the subnetwork lease. a IP address of the client lease. a Dotted-decimal a IP address of the TFTP server notation. Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp clear all records Clears all DHCP information, including all leases and all global DHCP information. Unlike the erase command, this command clears all DHCP information from memory, but leaves the DHCP.DAT file intact. If you want to clear the information in the DHCP.DAT file as well, enter a save command after dhcp clear all records.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide Parameters a a Dotted-decimal IP address of the subnetwork lease. notation. Response Command prompt. dhcp clear valueoption Clears the value for a global option, for an option associated with a subnetwork, or with a specific client. Mgmt Class Network (R/W) Input Format dhcp clear valueoption [ | ] Parameters a IP address of the subnetwork lease.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp del Deletes a subnetwork lease, a specific client lease, or a code. Mgmt Class Network (R/W) Input Format dhcp del | | Parameters a IP address of the subnetwork lease. a b IP address of the client lease. User defined codec a Dotted-decimal notation. 128 - 245, or a keyword c Use the command dhcp list definedoptions to list the codes and keywords.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide dhcp delrelay Removes an address from the DHCP relay list. (This list is also the BootP server list.) To remove all addresses from the list, use dhcp delRelay all. If you remove all addresses from the DHCP relay list, the DHCP server is re-enabled and resumes processing DHCP requests and also BootP requests (if BootP processing is enabled). To add an address to the list, use the command dhcp addrelay command.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands Parameters Disables all subnets. all a a IIP address of the subnetwork lease. a IIP address of the client lease. Dotted-decimal notation. Response Command prompt. dhcp enable Enables a subnetwork or a client lease. Mgmt Class Network (R/W) Input Format dhcp enable all | | Parameters Enables all subnets. all a IIP address of the subnetwork lease.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide dhcp list Lists global, subnetwork, and client lease information. Mgmt Class Network (R) Input Format dhcp list | Parameters When entered with no parameter, displays global DHCP information. *** a IIP address of the subnetwork lease. a a Dotted-decimal IIP address of the client lease. notation.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands The following example command lists information for client 192.168.254.3: -> dhcp list 192.168.254.3 Client 192.168.254.3, Enabled lease....................... expires..................... bootp....................... bootp server................ bootp file.................. HOSTNAME (12)................... CLIENTIDENTIFIER (61)...........
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide dhcp list definedoptions Lists all available predefined and user-defined options. NOTE: For description of the predefined options listed below, refer to RFC 1533. A predefined code can be a number between 1 and 61 or a keyword. A user-defined code can be a number between 128 and 254 or a keyword.
Efficient Networks® Router family Command Line Interface Guide code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code code Chapter 8: DHCP Commands MERITDUMPFILE (14), 1 to 255 characters, type STRING DOMAINNAME (15), 1 to 255 characters, type STRING SWAPSERVER (16), 1 occurrence, type IPADDRESS ROOTPATH (17), 1 to 255 characters, type STRING
Chapter 8: DHCP Commands code code code code code code code code code code code code code code code code code code Efficient Networks® Router family Command Line Interface Guide REBINDTIME (59), 1 occurrence, type LONGINT CLASSIDENTIFIER (60), 1 to 255 occurrences, type BYTE CLIENTIDENTIFIER (61), 2 to 255 occurrences, type BYTE NOTDEFINED62 (62), 1 to 255 occurrences, type BYTE NOTDEFINED63 (63), 1 to 255 occurrences, type BYTE NISDOMAIN (64), 1 to 255 characters, type STRING NISSERVERS (65), 1 to 63 oc
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands Response Default lease duration is displayed. -> dhcp list lease Default lease time ......... 168 hours dhcp set addresses Creates or changes a pool of IP addresses that are associated with a subnetwork. Mgmt Class Network (R/W) Input Format dhcp set addresses Parameters a First address in a pool of addresses for a particular subnetwork.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands Parameters a b P address of the client lease. Lease time. default Lease time that has been specified at the subnetwork or global level. infinite No lease time limit; the lease becomes permanent. a b Dotted-decimal notation. Integer, minimum 1 (168) Response Command prompt. dhcp set lease Controls DHCP lease time.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands Examples Example command sets client lease time to the default value: -> dhcp set lease 192.168.254.17 default Example command sets lease time to infinite for this subnet: -> dhcp set lease 192.168.254.0 infinite Response Command prompt.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide dhcp set otherserver Instructs the router’s DHCP server to either continue or stop sending DHCP requests when another DHCP server is detected on the LAN. Mgmt Class Network (R/W) Input Format dhcp set otherserver continue | stop Parameters a IP address of the subnetwork lease. continue The router’s DHCP server continues sending DHCP requests, even if another DHCP server is detected on the LAN.
Efficient Networks® Router family Command Line Interface Guide Chapter 8: DHCP Commands dhcp set valueoption Sets values for global options, options specific to a subnetwork, or options specific to a client lease. For more information, see “Setting Option Values” on page 4-8. Mgmt Class Network (R/W) Input Format dhcp set valueoption [|] .... Parameters a Specify the client IP address if the option value applies only to the client lease.
Chapter 8: DHCP Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands CHAPTER 9 CHAPTER 9 L2TP COMMANDS This section contains L2TP command descriptions. For a complete discussion of L2TP tunneling, see “L2TP Tunneling — Virtual Dial-Up” on page 6-26 of the Technical Reference Guide.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Table 9-1: L2TP Command Listing (Cont.) Command Page 9-2 Function l2tp set address Defines the IP address of the other end of the tunnel, either the remote L2TP Access Concentrator (LAC) or remote L2TP Network Server (LNS). l2tp set authen Enables or disables authentication of the remote router during tunnel establishment using the CHAP secret. l2tp set chapsecret Creates a CHAP secret.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp ? Lists the supported L2TP keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Security (R) Input Format l2tp ? Parameters None Response Lists the supported L2TP commands and keywords and a brief description of their function. l2tp add Creates a tunnel entry. Mgmt Class Security (R/W) Input Format l2tp add Parameters a Name of the tunnel.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Response Command prompt. l2tp call This command is primarily used for debugging purposes and it establishes a tunnel without creating a session. Mgmt Class Security (R/W) Input Format l2tp call Parameters a Name of the tunnel. b a ASCII b The string name is case sensitive. Example Example command adding the tunnel named PacingAtWork. -> l2tp call PacingAtWork Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Parameters a -n IP address of the subnetwork lease. Name of the tunnel.c b -t Local tunnel id. -s Serial number of the call within the tunnel. -c ID of the local call for the session. a Integer ASCII string c The tunnel name is case sensitive. b Response Command prompt. l2tp del Deletes a tunnel entry.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp forward The router can be configured to forward all incoming calls to an LNS without answering the incoming call. This feature is normally used when the router is acting as a LAC or both a LAC and LNS. NOTE: Only one tunnel entry can have this option set.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp list Provides a complete display of the current configuration settings for tunnel(s), except for the authentication password/secret. Mgmt Class Security (R) Input Format l2tp list || Parameters a Name of the tunnel. b a ASCII b The string name is case sensitive. Response Typical response: -> l2tp list INFORMATION FOR type ..............................
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp set address Defines the IP address of the other end of the tunnel, either the remote L2TP Access Concentrator (LAC) or remote L2TP Network Server (LNS). CAUTION: If the IP address of the remote tunnel is part of a subnet that is also reached through the tunnel, a routing table entry for this address must be explicitly added. Normally, this routing entry will be added to remote entry, which has the default route.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp set authen Enables or disables authentication of the remote router during tunnel establishment using the CHAP secret, if it exists. If the remote router tries to authenticate the local end during tunnel authentication, the local router will always attempt to respond, provided a CHAP secret has been configured.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Parameters secreta a b CHAP secret used to authenticate the creation of the tunnel. a Name of the tunnel. b ASCII string The name is case sensitive. Response Command prompt. l2tp set dialout Allows the LNS instruct the L2TP client to use an ISDN phone line to place a call on its behalf.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Input Format l2tp set hiddenAVP yes | no Parameters Allows the router hide AVPs. Default value. yes Disables hidden AVPs. no a Name of the tunnel. b a ASCII b string The name is case sensitive. Response Command prompt. l2tp set ouraddress Specifies the source IP address used when the tunnel is originated.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp set ourpassword Specifies the router’s secret/password for PPP authentication on a per-tunnel basis. Mgmt Class Security (R/W) Input Format l2tp set ourpassword Parameters a Router’s secret/password used for authentication when challenged by another router. a Name of the tunnel. b a ASCII b The string name is case sensitive. Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp set ourtunnelname Creates local router’s host name. NOTE: If this command is not used, then, if it has been specified, the from the l2tp set oursysname command or the from the command system name is used. Mgmt Class Security (R/W) Input Format l2tp set ourTunnelName Parameters a,b Host name of the local router.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Parameters a,b Host name of the remote tunnel. This is the fully qualified domain name of the remote host. a,b Name of the tunnel. a ASCII string name is case sensitive. b The Response Command prompt. l2tp set type Defines the type of L2TP support for the tunnel. The router’s role is defined on a pertunnel basis.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands l2tp set wanif Restricts the remote interface with which the L2TP tunnel can be established. If this command is not used, no remote interface restriction is enforced. For example, no restriction would be enforced when the Dial Backup feature is used (see “Dial Backup” on page 6-7.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands Response Command prompt. l2tp set window Enhances traffic performance in a tunneling environment. The command’s options affect the way incoming payload packets are processed. The router is configured with the following default options: sequencing, required, and size 10.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands remote setl2tpclient With this command, this remote is the path to the L2TP client and accepts tunnel calls. Use this command if your router acts as an LNS. You must also specify PPP authentication and IP routes for this remote.
Efficient Networks® Router family Command Line Interface Guide Chapter 9: L2TP Commands remote setlns With this command, this remote is the path to the LNS, and it will forward the incoming call (which matches this remote entry) through the tunnel named if your router is the client. NOTE: The remote entry must also have appropriate information such as PPP authentication, IP routing, IPX routing, bridging, or Caller ID.
Efficient Networks® Router family Command Line Interface Guide Chapter 10: Bridge Filtering Commands CHAPTER 10 CHAPTER 10 BRIDGE FILTERING COMMANDS Bridge Filtering allows you to control the packets transferred across the router. This feature can be used to enhance security or improve performance. Filtering is based on matched patterns within the packet at a specified offset.
Chapter 10: Bridge Filtering Commands Efficient Networks® Router family Command Line Interface Guide Input Format filter br ? Parameters None Response Lists the supported bridge filtering commands and keywords and a brief description of their function. filter br add Adds a bridging filter to the filtering database. The filter can allow or deny the forwarding of packets based on the contents of the packets.
Efficient Networks® Router family Command Line Interface Guide Chapter 10: Bridge Filtering Commands filter br del Deletes a bridging filter from the filtering database. The parameters on the command identify the filter to be deleted. Mgmt Class Security (R/W) Input Format filter br del [pos] [data] allow | deny Parameters a Byte offset within a packet. Hexadecimal number up to 6 bytes. allow Allows forwarding of the packet(s). deny Denies forwarding of the packet(s).
Chapter 10: Bridge Filtering Commands Efficient Networks® Router family Command Line Interface Guide filter br list Lists the bridging filters in the filtering database.
Efficient Networks® Router family Command Line Interface Guide Chapter 10: Bridge Filtering Commands filter br use Sets the mode of filtering to either deny, allow, or none. Mgmt Class Security (R/W) Input Format filter br use none | deny | allow Parameters none Disables all filtering. deny Enables deny filtering. allow Enables allow filtering. Example This command enables allow filtering. -> filter br use allow Response Command prompt.
Chapter 10: Bridge Filtering Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 11: PPPoE Commands CHAPTER 11 CHAPTER 11 PPPOE COMMANDS This section contains the commands that are specific to PPPoE (PPP over Ethernet). To learn more about PPPoE configuration and management, see “PPPoE (PPP over Ethernet)” on page 6-41. The PPPoE commands found in this section include: Table 11-1: Bridge Filtering Command Listing Command Function remote setpppoeservice Defines the remote router entry as a PPPoE remote entry.
Chapter 11: PPPoE Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Name of the PPPoE service to which this remote connects PPPoE users. The service provider defines the name of its service.b Specify * if the router can be used to connect to any PPPoE service. * Specify - to clear the setting. a Name of the remote router.
Efficient Networks® Router family Command Line Interface Guide Chapter 11: PPPoE Commands pppoe list Lists information about the currently active PPPoE sessions. Mgmt Class Security (R/W) Input Format pppoe list Parameters None Response Typical response: -> pppoe list PPPoE Client Session...... PPPoE/IFs number..... Access Concentrator.. Peer MAC Address .... Session ID........... State................ Flags................ Efficient Networks® DialUpPPP.
Chapter 11: PPPoE Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands CHAPTER 12 CHAPTER 12 IKE/IPSEC COMMANDS The commands in this section are used to manage the security features Internet Key Exchange (IKE) and Internet Protocol Security IPSec). For additional information on IKE and IPSec, see Chapter 5, System Security.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Table 12-1: Internet Key Exchange Command Listing (Cont.) Command Function ike ipsec policies set peer Defines a peer filtering parameter value for the policy. ike ipsec policies set pfs Defines the pfs filtering parameter value for the policy. ike ipsec policies set proposal Defines a proposal filtering parameter value for the policy.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Table 12-1: Internet Key Exchange Command Listing (Cont.) Command Function ike peers list Lists the defined IKE peers. ike peers set address Sets the IP address of the other endpoint of the secure IKE peer connection. ike peers set localid Sets the local ID for the IKE peer connection. ike peers set localidtype Sets the type of the local ID for the IKE peer connection.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Table 12-1: Internet Key Exchange Command Listing (Cont.) Command Function ipsec enable Enables a defined IPSec security association entry. ipsec flush Clears all IPSec definitions. ipsec list Lists one or all of the IPSec security association (SA) entries. ipsec set authentication Selects authentication for the IPSec SA using either SHA-1 (Secure Hashing Algorithm 1) or MD5 (Message Digest 5).
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec ? Three commands are used to list the supported IKE, IPSEC and IKE IPSEC keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Security (R) Input Format ike ipsec ? for IKE IPSec sub-commands. ike ? for IKE sub-commands ipsec ? for IPSec sub-commands Parameters None Response Lists the supported commands and keywords and a brief description of their functions.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike commit Determines whether the IKE commit bit is set. By default, the commit bit is not set (off). If packets are not being processed correctly across an IPSec tunnel, try the command ike commit on so that the commit bit is set. Setting the commit bit makes sure that no IPSec traffic arrives at the router before the router is ready for it.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies add Defines the name of an IPsec policy to be used for filtering. Other IPSec Policy commands define the filtering parameters (see “IKE IPSec Policy Commands” on page 5-61.) Mgmt Class Security (R/W) Input Format ike ipsec policies add Parameters a New name for an IPsec policy.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters Name of an existing IPsec policy.b a a ASCII b string To see the policy names in use, use the ike ipsec policies list command. Example -> ike ipsec policies delete yourpolicy Response Command prompt. ike ipsec policies disable Disables an IPSec policy. The policy can be re-enabled using the ike ipsec policies enable command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies enable Enables an IPSec policy. An enable command is required for each new policy; the enable command indicates that the specification of the policy is complete and the policy is ready to be used. The enable command can also be used to re-enable a disabled policy. For more information, see “IKE IPSec Policy Commands” on page 561.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec policies list Lists the IPSec policies. For more information, see “IKE IPSec Policy Commands” on page 5-61. Mgmt Class Security (R) Input Format ike ipsec policies list Parameters None Response Typical response: -> ike ipsec policies list IKE IPSec policies: mypolicy (enabled) Source address/mask: 192.168.16.0/255.255.255.0 Destination address/mask: 192.168.23.0/255.255.255.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies set dest Defines a destination filtering parameter value for the policy. The destination parameter requires that the data be intended for the specified destination IP address and mask. The destination is the device or network that finally receives the packet, not the router that routes the packet.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Parameters Destination port whose data is allowed by the policy. The port telnet http can be specified by one of the listed names or by its number. To allow data through for any destination port, specify an asterisk (*). snmp tftp * a Name of the IPsec policy to which the destination port parameter value is added.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies set interface Defines an interface filtering parameter value for the policy. The policy is only used when the specified interface is connected. For example, if the policy is to be used only when the Dial Backup remote is connected, you would specify the remote name as the interface for the policy.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Interface that must be connected when the policy is used. This is usually referenced by a remote name, although it could be another interface such as “ethernet/0”. If no interface restriction is to be set for this policy, specify the string all. a Name of the IPsec policy to which the interface parameter value is added.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters tunnel | transport Encapsulation method required for the connection. The de- fault value is TUNNEL. a a To Name of the IPsec policy to which the encapsulation mode parameter value is added.a see the policy names, use the ike ipsec policies list command. Example -> ike ipsec policies set mode transport rtr2rtrpolicy Response Command prompt.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec policies set pfs Defines the pfs filtering parameter value for the policy. The pfs parameter specifies the Perfect Forward Secrecy negotiation used for the connection. If you specify 1 or 2, Perfect Forward Secrecy is performed using the specified DiffieHellman group (1 or 2).
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies set proposal Defines a proposal filtering parameter value for the policy. The proposal parameter specifies an IKE IPSec proposal that may be used for the connection. (It must have been defined by IKE IPSec proposal commands; see “IKE IPSec Proposal Commands” on page 5-58.) Unlike the other filtering parameters, the policy may allow more than one value for the proposal parameter.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec policies set protocol Defines a protocol filtering parameter value for the policy. The protocol parameter requires a specific protocol that must be used or allows any protocol (*). Mgmt Class Security (R/W) Input Format ike ipsec policies set protocol Parameters Protocol required by the policy.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies set source Defines a source filtering parameter value for the policy. The source parameter requires the data come from the specified source IP address and mask. The source is the device or network that sent the packet, not the router that routes the packet.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec policies set sourceport Defines a source port filtering parameter value for the policy. The source port parameter requires a specific source port for the data or allows any source port (*) (Because port numbers are TCP and UDP specific, a port filter is effective only when the protocol filter is TCP or UDP.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec policies set translate Defines a translate filtering parameter value for the policy. The translate option determines whether the router applies NAT (network address translation) before the packets are encrypted by IPSec. NOTE: The remote must have IP address translation enabled (see “Network Address Translation (NAT)” on page 4-17. Or, the remote setiptranslate command).
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Example The following commands suggest how a virtual interface could be defined for use with Network Address Translation and an IPSec tunnel. # The address of the corporate LAN is 192.168.0.0, but the desired # NAT address is 10.0.0.1 so you create a virtual interface (0:99), # turn off RIP for the interface, and assign it the address 10.0.0.1/24.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters a New name for an IPsec proposal.b a ASCII b To string see the proposal names in use, use the ike ipsec proposals list command. Example -> ike ipsec proposals add myproposal Response Command prompt. ike ipsec proposals delete Deletes an existing IKE IPSec proposal. For more information, see “IKE IPSec Proposal Commands” on page 5-58.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec proposals list Lists the IPSec proposals. For more information, see “IKE IPSec Proposal Commands” on page 5-58.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec proposals set ahauth Sets the proposal parameter that determines whether AH message authentication is requested and, if it is requested, the hash algorithm used. NOTE: The proposal must select either the AH or ESP encapsulation methods. It cannot request AH authentication if it requests ESP encryption and/or ESP authentication. For more information, see “ESP and AH Security Protocols” on page 5-51.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec proposals set espauth Sets the proposal parameter that determines whether ESP message authentication is requested and, if it is requested, the hash algorithm used. For more information, see “ESP and AH Security Protocols” on page 5-51. Or, see “IKE IPSec Proposal Commands” on page 5-58.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike ipsec proposals set espenc Sets the proposal parameter that determines whether ESP encryption is requested and, if it is requested, the encryption method used. For more information, see “ESP and AH Security Protocols” on page 5-51. Or, see “IKE IPSec Proposal Commands” on page 5-58.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike ipsec proposals set ipcomp Sets the proposal parameter that requests either no compression or LZS compression. For more information, see “IKE IPSec Proposal Commands” on page 558. Mgmt Class Security (R/W) Input Format ike ipsec proposals set ipcomp Parameters Choose one of the following: No compression. none Compress using the LZS algorithm.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Input Format ike ipsec proposals set lifedata Parameters a Maximum number of kilobytes transferred before renegotiation; 0 means unlimited. b Name of the IPsec proposal to which the lifedata parameter is added.c a Integer ASCII string c To see the proposal names in use, use the ike ipsec proposals list command.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Maximum number of seconds before renegotiation; 0 means unlimited. b Name of the IPsec proposal to which the lifetime parameter is added.c a Integer b c ASCII string To see the proposal names in use, use the ike ipsec proposals list command. Example -> ike ipsec proposals set lifetime 600 myproposal Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike peers delete Deletes an existing IKE peer entry. For more information, see “IKE Peer Commands” on page 5-56. Mgmt Class Security (R/W) Input Format ike peers delete Parameters a Name of the IKE peer to delete.b a ASCII b To string see the peer names in use, use the ike peers list command. Example -> ike peers delete my_aggressive_peer Response Command prompt.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Response Typical response: -> ike peers list IKE Peers: IKE Peers: my_aggresive_peer IP address = 0.0.0.0 preshared secret = "confidential_hushhush" aggressive, peer id = example.efficient.com (Domain name) local peer id = test.efficient.com (Domain name) my_main_peer TP address = 1.2.3.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters a b IP address. Name of the IKE peer whose address is specified. c a Dotted-decimal notation ASCII string c To see the peer names, use the ike peers list command. b Example -> ike peers set address 0.0.0.0 my_aggressive_peer Response Command prompt. ike peers set localid Sets the local ID for the IKE peer connection.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters IP addressa, domain nameb, or e-mail address. b Name of the IKE peer whose local ID is specified. c a Dotted-decimal notation, ASCII string ASCII string c To see the peer names, use the ike peers list command. b Example -> ike peers set localid test.efficient.com my_aggressive_peer Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters Choose one of the following: ipaddr The local ID must be an IP address. domainname The local ID must be a domain name. email The local ID must be an e-mail address. a b a Name of the IKE peer whose local ID type is specified.b ASCII string To see the peer names, use the ike peers list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike peers set mode Sets the IKE peer connection mode to either main mode or aggressive mode. Main mode is used when the IP addresses of both ends are known and constant. Aggressive mode is used when the address of one end can change, as with a typical modem or DSL connection. (See “Main Mode and Aggressive Mode” on page 5-54.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike peers set peerid Sets the peer ID for the IKE peer connection. This command is used only when aggressive mode has been selected by the ike peers set mode command for this peer name. The peer ID must match the local ID on the other end of the connection. The peer ID can be an IP address, domain name, or e-mail address as specified by the ike peers set peeridtype command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Input Format ike peers set peeridtype Parameters Choose one of the following: ipaddr The peer ID must be an IP address. domainname The peer ID must be a domain name. email The peer ID must be an e-mail address. a Name of the IKE peer whose peer ID type is specified.b a ASCII b string To see the peer names, use the ike peers list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Example -> ike peers set secret confidential_hushhush my_aggressive_peer Response Command prompt. ike proposals add Defines the name of a new IKE proposal. The IKE proposal commands define the proposals exchanged during the Phase 1 SA. For more information, see “IKE Management” on page 5-52.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Name of the IKE proposal to delete.b a ASCII b string To see the peer names in use, use the ike proposals list command. Example -> ike proposals delete my_ike_proposal Response Command prompt. ike proposals list Lists the IKE proposals. For more information, see “IKE Proposal Commands” on page 5-58.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands ike proposals set dh_group Sets the IKE proposal parameter that specifies the Diffie-Hellman (DH) key generation group used (no group or group 1 or 2). See “IKE Proposal Commands” on page 5-58. Mgmt Class Security (R/W) Input Format ike proposals set dh_group Parameters Choose one of the following: none No DH group is used. 1 Use DH group 1. Use DH group 2.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ike proposals set encryption Sets the IKE proposal parameter that requests ESP encryption and specifies the encryption method used. See “IKE Proposal Commands” on page 5-58. Mgmt Class Security (R/W) Input Format ike proposals set encryption Parameters Choose one of the following: Use DES (56-bit) encryption. des a Use 3DES (168-bit) encryption (if 3DES encryption is enabled).
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters a Maximum number of seconds before renegotiation; 0 means unlimited. b Name of the IKE proposal to which the lifetime parameter is added.c a Integer b c ASCII string To see the proposal names in use, use the ike proposals list command. Example -> ike proposals set lifetime 86400 my_ike_proposal Response Command prompt.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide Parameters none No authentication. md5 Authentication using the Message Digest 5 algorithm. Authentication using algorithm Secure Hash Algorithm-1. sha1 a b a Name of the IKE proposal to which the authentication parameter is added.b ASCII string To see the proposal names in use, use the ike proposals list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands IPSec Commands The following commands allow you to define an IPSec connection without IKE. To read about IPSec Security, see “IPSec (Internet Protocol Security)” on page 5-50. NOTE: If you define a tunnel using IPSec commands, the keys will remain static. This could pose a security risk and is not recommended. Use of IKE for key management is recommended.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec delete Deletes an existing IPSec security association (SA) name. Mgmt Class Security (R/W) Input Format ipsec delete Parameters a Name of the IPSec SA to be deleted.b a ASCII b To string see the SA names in use, use the ipsec list command. Example -> ipsec delete show_rx Response Command prompt. ipsec disable Disables a defined IPSec security association entry.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Example -> ipsec disable show_rx Response Command prompt. ipsec enable Enables a defined IPSec security association entry, indicating it is complete and ready to be used. Mgmt Class Security (R/W) Input Format ipsec enable Parameters a Name of the IPSec SA to be enabled.b a ASCII b To string see the SA names in use, use the ipsec list command.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec flush Clears all IPSec definitions. Mgmt Class Debug (R/W) Input Format ipsec flush Parameters None Response Command prompt. ipsec list Lists one or all of the IPSec security association (SA) entries. Mgmt Class Security (R) Input Format ipsec list [] Parameters a a ASCII Page 12-48 Optional, name for a single IPSec SA to be listed.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Response Typical response: -> ipsec list IPSec security associations: show_rx Gateway: 207.135.89.233 Inbound Tunnel Both 3DES key=1111111122222222333333334444444455555555 SHA1 key=aaaaaaaabbbbbbbbccccccccdddddddd (20) No compression ID =424242 seq=1, bitmap=ffffffff show_tx Gateway: 207.135.89.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec set authentication Selects authentication for the IPSec SA using either SHA-1 (Secure Hashing Algorithm 1) or MD5 (Message Digest 5). Mgmt Class Security (R/W) Input Format ipsec set authentication Parameters Authentication using the Message Digest 5 algorithm. md5 Authentication using algorithm Secure Hash Algorithm-1.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters Hexadecimal authentication key. a b Name of the IPSec SA to which the authentication key is added.b a ASCII string To see the IPSec SA names in use, use the ipsec list command. Example -> ipsec set authkey aaaaaaaabbbbbbbbccccccccdddddddd show_rx Response Command prompt. ipsec set direction Defines the direction of the IPSec SA.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec set compression Selects either LZ compression or no compression for the IPSec SA. Mgmt Class Security (R/W) Input Format ipsec set compression Parameters Choose one of the following: No compression. none Compress using the LZS algorithm. lzs a Name of the IPsec SA to which the compression parameter is added.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters a Hexadecimal encryption key. Name of the IPSec SA to which the authentication key is added.c b a 64-bits for DES, 192-bits for 3DES. ASCII string c To see the IPSec SA names in use, use the ipsec list command. b Example -> ipsec set enckey 1111111122222222333333334444444455555555 show_rx Response Command prompt.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec set gateway Defines the IP address of the IP gateway of the IPSec SA. Mgmt Class Security (R/W) Input Format ipsec set gateway Parameters a IP address of the IP gateway. b Name of the IPSec SA to which the gateway parameter is added.c a Dotted-decimal notation. string c To see the IPSec SA names in use, use the ipsec list command.
Efficient Networks® Router family Command Line Interface Guide Chapter 12: IKE/IPsec Commands Parameters a a b SPID for the IPSec tunnel. a Name of the IPSec SA.b ASCII string To see the IPSec SA names in use, use the ipsec list command. Example -> ipsec set ident 424242 show_rx Response Command prompt. ipsec set mode Selects the encapsulation mode (tunnel or transport) for the SA.
Chapter 12: IKE/IPsec Commands Efficient Networks® Router family Command Line Interface Guide ipsec set service Selects the authentication and/or encryption services used for the IPSec SA. Mgmt Class Security (R/W) Input Format ipsec set service Parameters Choose one of the following: esp ESP encryption. ah AH authentication. Use Both ESP encryption and authentication. both a Name of the IPsec SA to which the service parameter is added.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands CHAPTER 13 CHAPTER 13 VOICE COMMANDS The commands in this section are used to manage the voice functions of integrated access devices (IADs). The commands available on the command line will vary based on the voice gateway configuration.
Chapter 13: Voice Commands Efficient Networks® Router family Command Line Interface Guide dsp ? / voice ? Two commands are used to list the voice related commands. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Voice (R) Input Format dsp | voice ? Parameters None Response Lists the supported DSP or Voice commands and keywords and a brief description of their function.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands dsp ecode Selects the voice encoding method for all voice ports. Mgmt Class Voice (R/W) Input Format dsp ecode Parameters *** When entered with no parameter, the current encoding method is displayed alaw Sets encoding method to alaw. ulaw Sets encoding method to ulaw. Example The following command example will set the voice encoding method to alaw.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands dsp jitter Adjusts the size of the jitter buffer for all voice ports. CAUTION: Setting the jitter buffer to a value less that the default (15 milliseconds) may cause degradation of voice quality. NOTE: Prior to changing the jitter buffer size, cease any active calls and close all data transfers.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands dsp provision Sets the signalling the method in which phone lines (or trunks) are seized and released. Mgmt Class Voice (R/W) Input Format dsp provision Parameters *** When entered with no parameter, the current configuration is displayed a Voice port to configure.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands dsp save Saves the current DSP configuration parameters to flash memory. Mgmt Class Voice (R/W) Input Format dsp save Parameters None Response Command prompt. dsp vr Displays the current voice rate and encoding type. Mgmt Class Voice (R) Input Format dsp vr Parameters *** When entered with no parameter, the value for port 1 value is displayed. a Voice port to configure.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands voice l2clear Clears L2 control channel statistics. This command is only enabled when configured for operation with a Jetstream voice gateway. Mgmt Class Voice (R/W) Input Format voice profile Parameters None Response Command prompt. voice l2stats Displays L2 control channel statistics. This command is only enabled when configured for operation with a Jetstream voice gateway.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands Response -> voice l2stats Stats for Sub ID 1: Rx Frames: 0 Rx I Frames: 0 Tx Frames: 0 Tx I Frames: 0 ReTx Frames: 0 voice profile Defines the feature set and the voice packet payload size for voice connections as prescribed in ATMF Standards-based signalling profiles.
Efficient Networks® Router family Command Line Interface Guide Chapter 13: Voice Commands voice refreshcas Defines the mode in which refresh CAS (channel associated signalling) cells will be sent to the voice gateway. NOTE: A mode change is effective immediately. However you must perform a save command if the change is to be persistent across reboots.
Chapter 13: Voice Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 14: radius Commands CHAPTER 14 CHAPTER 14 RADIUS COMMANDS This section contains Radius (RAD) command descriptions. Radius allows access control and user authentication to be managed from a remote server. For more information on Access Controland RADIUS, see “Radius” on page 5-10.
Chapter 14: radius Commands Efficient Networks® Router family Command Line Interface Guide rad ? Lists the supported radius commands and keywords. To see the syntax for a command, enter the command followed by a ?. Input Format rad ? Parameters None Response A listing of the rad commands and keywords and a brief description of their function. rad deleteserver Deletes a configured radius server entry.
Efficient Networks® Router family Command Line Interface Guide Chapter 14: radius Commands rad list secret Displays the radius servers shared-secret authentication. NOTE: The local servers’ shared-secret must match the remote server’s shared-secret or authentication will not occur. Mgmt Class Security (R) Input Format rad list secret Parameters None Response A typical response is shown below.
Chapter 14: radius Commands Efficient Networks® Router family Command Line Interface Guide rad list server Displays the IP address and port for the primary and secondary radius servers. Mgmt Class Security (R) Input Format rad list server Parameters None Response A typical response is shown below. -> rad list server RADIUS Server 1 ---------------IP Address: 192.168.12.251 Port: 1812 RADIUS Server 2 ---------------IP Address: 192.168.11.
Efficient Networks® Router family Command Line Interface Guide Chapter 14: radius Commands rad set retries Sets the number of retires to a radius server before attempting the next radius server, if configured. Mgmt Class Security (R/W) Input Format rad set retries Parameters a a Integer, Number of retry attempts. 0 - 5 (3) Response Command prompt. radius set server Sets the IP address and port values for the primary and/or secondary radius server(s).
Chapter 14: radius Commands Efficient Networks® Router family Command Line Interface Guide radius set secret Sets the authentication secret for the specified (primary or secondary) radius server. Mgmt Class Secret (R/W) Input Format rad set secret Parameters a b Specifies the Radius server. (1 =primary, 2 = secondary). Authentication secret for the specified radius server. a Integer, b ASCII 1 / 2 (1) string, maximum of 64 characters with no white-spaces.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands CHAPTER 15 CHAPTER 15 USER COMMANDS This section contains User command descriptions.
Chapter 15: User Commands Efficient Networks® Router family Command Line Interface Guide Table 15-1: User Command Listing (Cont.) Command Function user enable Enables or disables authentication of the remote router during tunnel establishment using the CHAP secret. user list Displays the contents of the user account database. user list lookup Lists the primary and secondary locations to access and validate user account.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user add access Adds an access privilege for the specified user. To view the current access methods for a user, use the command user list. Mgmt Class Admin (R/W) Input Format user add access Parameters lan Adds user access through a LAN connection. wan Adds user access through the WAN connection. console Adds user access through the console (serial port).
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user add class Configures the managements class with read-only or read-write privileges for the specified user. Multiple class and privilege pairs may be specified for a user. To view the current management class(es) for a user, use the command user list.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user add user Adds a user account. To add a user account a user name and password are required. The optional template parameter can be used to quickly and easily assign a user access privilege rights based on pre-defined templates. For additional information on adding a user account and templates, see “Templates” on page 5-4.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands Examples Example command adding the user guiguy with the access rights and privilege of the network template. -> user add user guiguy htmlrus network enable User "guiguy" added (enabled, with "network" template) Example command adding a user account with no optional parameters. -> user add user staff001 secret User "staff001" added. Response See examples above.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user delete class Changes or deletes a user account management class privileges. To view the current management class(es) for a user, use the command user list. NOTE: The system must contain at least one enabled user account with privilege read and write access. If only one Admin account exists, it cannot be deleted, disabled or have the privilege class changed to read-only or deleted.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands Examples In the following example, the user (Admin1) has read-write permission for the privilege management class. The example below will delete the write permission and make the user account read only for the privilege management class.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands Response A typical response confirms the user account has been deleted. -> user delete user Admin1 staff001 User "Admin1" deleted User "staff001" deleted user disable Disables an existing user account. The user account information is not changed, but the user acount cannot access the router. To view a user account listing, use the command user list.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user enable Enables an existing user account. To add a new user account, use the user add user command. To view a user account listing, use the command user list. Mgmt Class Admin (R/W)) Input Format user enable Parameters a a ASCII User account to be enabled. string Response A typical response is shown when enabling the user account Admin1. -> user enable Admin1 User "Admin1" enabled.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands Response A typical response is shown below. -> user list Printing local user database (3 total valid users)...
Chapter 15: User Commands Efficient Networks® Router family Command Line Interface Guide user list lookup Lists the primary and secondary locations to lookup and validate a user account. The primary and secondary locations are configured with the user set lookup command. Mgmt Class Admin (R/W) Input Format user list lookup Parameters None Response A typical response is shown below.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands Access: WAN LAN CONSOLE Status: ENABLED Template: 1 Username: VoiceManager Password: **************** Mgmt Class(read): SYSTEM VOICE Mgmt Class(write): SYSTEM VOICE Access: WAN LAN CONSOLE Status: ENABLED Template: 2 Username: NetworkManager Password: **************** Mgmt Class(read): NETWORK SYSTEM Mgmt Class(write): NETWORK SYSTEM Access: WAN LAN CONSOLE Status: ENABLED Template: 3 Username: SecurityManager Passwor
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user set lookup Sets the primary and secondary locations to lookup and validate user account information. To view the current lookup configuration, use the user list lookup command. NOTE: The Radius client is a Key-Enabled feature and is not functional without entering a required key. For more information on Radius, see “Radius” on page 5-10.
Efficient Networks® Router family Command Line Interface Guide Chapter 15: User Commands user set password Changes the password of an existing user account. Mgmt Class Admin (R/W) Input Format user setpassword Parameters a a ASCII User account for the new password. a New password for the user account. string, 6 - 32 characters. The user name and password are case-sensitive. Response A typical response is shown below.
Chapter 15: User Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 16: Key Commands CHAPTER 16 CHAPTER 16 KEY COMMANDS This section contains KEY commands descriptions. Key-enabled features are optional router capabilitiesthat can be enabled by purchasing Activation keys. These optional capabilities include: • 3DES Encryption • DES Encryption • Internal V.
Chapter 16: Key Commands Efficient Networks® Router family Command Line Interface Guide Table 16-1: KEY Command Listing (Cont.) Command Function key disable Disables a key-enabled feature. key enable Enables a feature key that has been previously added to the key-enabled feature database. key list Displays the contents of the key-enabled features database and the status of each feature. key revoke Revokes a key-enabled feature key. key unrevoke Unrevokes a revoked feature key.
Efficient Networks® Router family Command Line Interface Guide Chapter 16: Key Commands key add Validates a the key that has been generated for the specific device. Once validated, adds key to key database. When adding a key enabled feature, the feature is enabled by default. To disable a feature, use the key disable command. A key cannot be entered if one of the following conditions exist: • The key was generated for a different router.
Chapter 16: Key Commands Efficient Networks® Router family Command Line Interface Guide key delete Deletes the specified key from the key enabled feature database. CAUTION: Feature status (enabled /disabled) is disregarded when deleting the feature. Deleting an enabled feature may result in reduced security or quality of service, or may otherwise effect system operation. NOTE: Features with keys that have expired or have been revoked cannot be deleted, nor can Legacy or Manufacturing keys be deleted.
Efficient Networks® Router family Command Line Interface Guide Chapter 16: Key Commands key disable Disables the specified feature. Feature configuration is not changed, but feature is rendered non-operational. To view the current status of installed key features, use the key list command. CAUTION: Disabling a feature may result in reduced security or quality of service, or may otherwise effect system operation. NOTE: Disabling a feature does not change or extend the expiration date of the feature key.
Chapter 16: Key Commands Efficient Networks® Router family Command Line Interface Guide key enable Enables a specified key-enabled feature. To enable a feature, the key must have been previously added with the key add command. To view the current status of installed key features, use the key list command. NOTE: Features with a revoked or expired key cannot be enabled. Mgmt Class Security (R/W) Input Format key enable Parameters a Name of the feature to be enabled.
Efficient Networks® Router family Command Line Interface Guide Chapter 16: Key Commands Parameters -l This optional parameter will include the key strings for each feature installed. Response A typical response is shown below.
Chapter 16: Key Commands Efficient Networks® Router family Command Line Interface Guide key revoke Revokes a key-enabled feature. NOTE: Once a feature has been revoked, it may not be enabled, updated or deleted. To reenable a feature that has been revoked, a new key must be generated and added. NOTE: Manufacturing or Legacy keys cannot be revoked. Mgmt Class Security (R/W) Input Format key revoke Parameters a Name of the feature key to be revoked.
Efficient Networks® Router family Command Line Interface Guide Chapter 16: Key Commands Input Format key unrevoke Parameters a a Unrevoke keystring. The key string is case-sensitive and must be entered exactly as received and with no spaces. Response A typical response is shown below.
Chapter 16: Key Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands CHAPTER 17 CHAPTER 17 SNMP COMMANDS This section contains SNMP command descriptions. For a complete discussion of SNMP, see “SNMP” on page 7-2. The SNMP commands found in this section include: Table 17-1: SNMP Command Listing Command Function snmp ? Lists the supported SNMP keywords and commands.
Chapter 17: SNMP Commands Efficient Networks® Router family Command Line Interface Guide snmp ? Lists the supported SNMP commands and keywords. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Network (R) Input Format snmp ? Parameters None Response Lists the supported SNMP commands and keywords and a brief description of their function. snmp addsnmpfilter Validates SNMP clients by defining a range of IP addresses that are allowed to access the router via SNMP.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands Input Format snmp addsnmpfilter [] | lan Parameters a First IP address of the client range. a Last IP address of the client range.b Local Ethernet LAN. lan a Dotted-decimal b notation May be omitted if the range contains only one IP address. Response Command prompt. snmp addtrapdest Adds the IP address for a SNMP Trap manager.
Chapter 17: SNMP Commands Efficient Networks® Router family Command Line Interface Guide snmp community Sets the SNMP community to which the router belongs; the default community is "public". For additional information on SNMP, see “SNMP” on page 7-2. NOTE: This command requires a save to be persistent across reboots. Mgmt Class Network (R/W) Input Format snmp community Parameters *** When entered with no parameters, the current SNMP community name is displayed.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands snmp delsnmpfilter Deletes the client range previously defined by the commands snmp addsnmpfilter or system addsnmpfilter. NOTE: This command is functionally equivalent to system delsnmpfilter. NOTE: This command does not require a reboot and is effective immediately. NOTE: To list the range of allowed clients, use the command system list. For more information on SNMP, see.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands snmp deltrapdest Deletes the IP address of a current SNMP Trap manager. To view the existing trap addresses, use the command snmp list. For additional information, see “SNMP” on page 7-2. NOTE: This command does not require a reboot and is effective immediately.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands Parameters wan | lan Interface from which SNMP access will be disabled. Response Command prompt. snmp enablesnmpif Enables SNMP access from the specified interface. To see the current interface(s) enabled, use the command snmp list. NOTE: This command does not require a reboot and is effective immediately.
Chapter 17: SNMP Commands Efficient Networks® Router family Command Line Interface Guide Input Format snmp list Parameters None Response Typical response: -> snmp list SNMP CONFIGURATION INFORMATION Community name....................... iads Port................................. default (161) IF Enabled........................... LAN only Clients.............................. all Global Trap Enable................... on Configured Trap Destinations.........
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands Parameters on Enables trap event message transmission. off Disables trap event message transmission. Response Command prompt. snmp snmppasswd Sets an authentication password for an SNMP Manager. Once authenticated, SNMP set requests will be honored allowing changes to the system configuration. NOTE: This command does not require a reboot and is effective immediately.
Efficient Networks® Router family Command Line Interface Guide Chapter 17: SNMP Commands snmp snmpport This command manages SNMP port access. It can: • Disable SNMP for this router (sets the SNMP port to 0). • Request the default SNMP port (161). This re-enables SNMP after it is disabled. • Redefines the SNMP port. NOTE: This command is the functional equivalent of system snmpport. NOTE: This command requires a save and reboot to take effect. To see the current setting, use the command snmp list.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands CHAPTER 18 CHAPTER 18 STATEFUL FIREWALL COMMANDS This section contains command descriptions for the key-enabled Stateful Firewall feature. For an overview of firewalls and more detailed information on Stateful Firewall, see “Stateful Firewall” on page 4-34. For Internet firewall filtering commands, see eth ip firewall, in Chapter 5, Ethernet Interface Commands.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide Table 18-1: Firewall Command Listing (Cont.) Command Function firewall seticmpfloodthreshold Sets the threshold value for the number of ICMP packets per second, which when exceeded, will cause the firewall to block any subsequent ICMP packets until the ICMP traffic drops below the threshold value.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands firewall allow Creates a firewall rule that will be added to the firewall allow rules list. To view the current allow firewall rules, use the firewall list command. NOTE: If NAT is enabled on the router, then the outgoing firewall rules should be specified in terms of the private addresses. However, for inbound rules, the rules would need to use the router’s WAN address.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide The packet must have a destination IP address within the specified address range. If only one address is specified, the packet must have that destination IP address. If no destination IP address is specified, the firewall rule matches any valid IPV4 address. -sa [:] The packet must have a source IP address within the specified address range.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands The following example will allow only one machine (192.168.1.34) in the subnet to be able to FTP to the internet. -> firewall allow -a FTP -sa 192.168.1.34 -d out The following example will enable ports for one machine (192.168.1.34) in the subnet to use the application ’netmeeting’. -> firewall -a netmeeting -sa 192.168.1.23 -d out Response Command prompt.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide firewall clearcounter Clears the counters for a firewall rule or a range of firewall rules. Mgmt Class Security (R/W) Input Format firewall clearcounter [] allow | deny Parameters a Specifies a filter rule number.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands firewall clearcounter all Clears the counters for all firewall rules in both the allow and deny rule lists. Mgmt Class Security (R/W) Input Format firewall clearcounter all Parameters None Response Command prompt. firewall delete Deletes a single firewall rule or range of firewall rules based on firewall rule numbers.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide Parameters a Specifies the firewall rule, or first rule in the specified range of rules, to be deleted. a Optional, last rule in range of rules to delete. allow Rule list from which the firewall rule will be deleted. deny a Integer Example Example command deletes rule 3 from the deny rules list. -> firewall delete 3 deny Response Command prompt.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands Example Example command deletes all firewall rules from the allow rules list. -> firewall delete all allow Response Command prompt. firewall deny Creates a firewall rule that will be added to the firewall deny rules list. To view the current deny firewall rules, use the firewall list command.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide The following specify additional characteristics that an IP packet must have in order to match the firewall rule. -sp | [:] If the protocol is ICMP, the packet must match the specified ICMP type.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands firewall list Displays the current stateful firewall settings and configured rules. Optional parameters will display only the specified allow or deny rules listing. Mgmt Class Security (R/W) Input Format firewall list [] Parameters allow Optional parameter will display only allow rules list. deny Optional parameter will display only deny rules list.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide Command entered with the optional allow parameter. -> firewall list allow # Begin rules for firewall allow list 1. firewall allow -a NNTP -sa 10.0.0.1 -c 0 -q -d in 2. firewall allow -p TCP -sp 20:21 -c 0 -q -d in 3. firewall allow -p TCP -sp 23 -c 0 -q -d in 4. firewall allow -a SMTP -sa 192.168.113.254 -c 0 -q -d in # End rules for firewall allow list Response See examples above.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands The following paragraphs identify the s for modification: -ac allow | deny Changes the action taken on the packet when the rule is matched. Rule will move from one allow | deny rules list to the other list. -p | tcp | udp | icmp | a Specifies the protocol a packet must have.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide firewall set Enables or disables the stateful firewall configuration. To view the current firewall status, use the firewall list command. NOTE: Firewall rules can be added, deleted, or modified regardless of the firewall status. Mgmt Class Security (R/W) Input Format firewall set on | off Parameters on Enables the firewall as currently configured. off Disables the firewall.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands Parameters a Specifies the threshold value in dropped packets per second. a Integer (200) Example Example command that sets the threshold to 150 dropped packets per second. -> firewall setdroppkthreshold 150 Response Command prompt.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide firewall setsynfloodthreshold As a method to prevent a flooding of the system with SYN requests, use this command set the threshold value for the number of SYN packets per second. When the specified threshold is exceeded, the firewall will block any subsequent SYN packets until the SYN traffic drops below the threshold value. For more information on SYN attacks, see “Stateful Firewall” on page 4-34.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands firewall setudpfloodthreshold As a method to prevent a flooding of the system with User Datagram Protocol (UDP) packets, use this command set the threshold value for the number of UDP packets per second. When the specified threshold is exceeded, the firewall will block any subsequent UDP packets until the UDP traffic drops below the threshold value.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands Response Typical response using the optional parameter. -> firewall viewdroppkts 6 1. 10/17/2001 at 19:01:33:000 Protocol: ICMP Src Addr: 192.168.1.2 Dest Addr: 1.1.1.1 ICMP type: 8 2.
Efficient Networks® Router family Command Line Interface Guide Chapter 18: Stateful Firewall Commands firewall watch Enables or disables the console watch for firewall messages. If the watch is on, a message is printed to the console serial port (and any Syslog Servers) when a packet is dropped or accepted or as specified in the message logging parameter within the firewall rule.
Chapter 18: Stateful Firewall Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands CHAPTER 19 CHAPTER 19 SSH COMMANDS The commands in this section are used to Secure Shell (SSH) connections. For additional information Secure Shell, see SSH in Chapter 5, System Security. The commands found in this section include: Table 19-1: SSH Command Listing Command Function ssh ? List the supported SSH sub-commands. ssh keygen Generates the Private-Public key-pair for the local server.
Chapter 19: SSH Commands Efficient Networks® Router family Command Line Interface Guide ssh ? Lists the supported SSH commands. To see the syntax for a command, enter the command followed by a ?. Mgmt Class Security (R) Input Format ssh ? Parameters None Response Lists the supported SSH commands and a brief description of their functions. ssh keygen Generates the Private-Public key-pair for the local server.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands ssh list Displays the current SSH configuration with the exception of the list of host public keys. Mgmt Class Security (R) Input Format ssh list Parameters None Response A typical response is shown below. -> ssh list SSH List ----------------------Supported SSH versions: ssh2 Encryption Set: 3des-cbc MAC Set: hmac-md5 Idle Timeout: 600 seconds.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands Parameters a IP address of the TFTP server. b Key file to load. a b Dotted-decimal notation. ASCII string Response A typical response is shown below. -> ssh load privatekey tftp@192.168.13.174:mykey copying... copied 882 bytes ssh load publickey Loads a precomputed public-key, from the given TFTP server.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands ssh set encryption Sets the type(s) of encryption the SSH connections will use. Mgmt Class Security (R/W) Input Format ssh set encryption NOTE: Multiple are allowed on the command line. Parameters Select from the following encryption des DES (56-bit) encryption.
Chapter 19: SSH Commands Efficient Networks® Router family Command Line Interface Guide ssh set idletimeout Sets the idle timeout period (time an SSH connection can remain idle) before the SSH session is disconnected. Mgmt Class Security (R/W) Input Format ssh set idletimeout Parameters secondsa a Integer, Idle timeout period (in seconds). 30 - 1200 (600) Response A typical response is shown below.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands Parameters enablea Keepalive messages are sent. disable Keepalive messages are not sent. a Default value Response A typical response is shown below. -> ssh set keepalive enable SSH Keepalive messages enabled. ssh set mac Sets the type(s) of message authentication code use for SSH connections.
Chapter 19: SSH Commands Efficient Networks® Router family Command Line Interface Guide ssh set rekey Specifies the interval at which additional key exchanges will be performed. Mgmt Class Security (R/W) Input Format ssh set rekeyinterval Parameters a Interval in minutes. Entering a zero "0" for this value will disable re- key requests. a Integer, 0 - 600 (60). Response A typical response is shown below.
Efficient Networks® Router family Command Line Interface Guide Chapter 19: SSH Commands Parameters enablea Allows SSH connections. disable Disallows SSH connections. a Default value Response A typical response is shown below. -> ssh set status enable SSH Enabled. Connections now permitted. system sshport Specifies the port that the SSH server listens on.
Chapter 19: SSH Commands Efficient Networks® Router family Command Line Interface Guide This page intentionally left blank.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands CHAPTER 20 CHAPTER 20 QOS COMMANDS The commands in this section are used to manage the Quality of Service (QoS); a key-enabled feature. For additional information on QoS, see the Technical Reference Manual. The commands found in this section include: Table 20-1: QoS Command Listing Command Function qos ? List the supported QoS commands and a brief description of their functions.
Chapter 20: QoS Commands SpeedStream® Router family Command Line Interface Guide Table 20-1: QoS Command Listing (Cont.) Command Function qos save Saves the current QoS configuration and QoS policies. qos set Defines the pfs filtering parameter value for the policy. qos setweight Defines a proposal filtering parameter value for the policy. qos ? Provides a list of the supported QoS commands. To see the syntax for a command, enter the command followed by a ?.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands Input Format qos append Parameters a a Specifies the QoS policy name to be added. ASCII string, policy name is case-sensitive. Example Example command will add new policy mypolicy1 to the end of the QoS policies list. -> qos append mypolicy1 Response Command prompt. qos del Deletes a single or all existing QoS policies. To view the existing QoS policy numbers, use the qos list command.
Chapter 20: QoS Commands SpeedStream® Router family Command Line Interface Guide Example Example command that deletes all disabled QoS policies. -> qos del all Response Command prompt. qos diffserv Enables and disables marking of the Differentiated Services (DiffServ) field of the IP header. Mgmt Class Network (R/W) Input Format qos diffserv Parameters on QOS will mark Diffserv field in IP header. off No QOS Diffserv marking will be performed. Response Command prompt.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands Parameters a a ASCII Specifies the QoS policy to be disabled. string, policy name is case-sensitive. Response Command prompt. qos enable Enables an existing QoS policy. To view the existing QoS policies and their status, use the qos list command. Mgmt Class Network (R/W) Input Format qos enable Parameters a a ASCII Specifies the QoS policy to be enabled.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands qos insert Creates a new QoS policy name and inserts it into a specified location in the QoS policies list. To view the existing QoS policy list, use the qos list command. Mgmt Class Security (R/W) Input Format qos del Parameters a Specifies the QoS policy to be deleted.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands Parameters a a Optional parameter that will display only the specified policy name. ASCII string, policy name is case-sensitive Example Example command using the optional parameter to display only mypolicy3 configuration information.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands qos move Moves an existing QoS policy within the policies list. To view the existing QoS policy order, use the qos list command. Mgmt Class Network (R/W) Input Format qos move Parameters a Specifies the QoS policy to be moved. a Specifies the QoS policy location.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands Parameters a a Specifies the policy to be moved to the end of the QoS policies list. ASCII string, policy name is case-sensitive. Response Command prompt. qos off Disables the QOS feature. To view the current QoS status, use the qos list command. Mgmt Class Network (R/W) Input Format qos off Parameters None Response Command prompt.
Chapter 20: QoS Commands SpeedStream® Router family Command Line Interface Guide qos on Enables the QOS feature as currently configured. To view the current QoS status, use the qos list command. NOTE: QoS policies that are currently disabled will not be active. Mgmt Class Network (R/W) Input Format qos on Parameters None Response Command prompt. qos save Saves the current QoS feature and policy configurations.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands qos set Defines one or more parameters of a QoS policy. To view the current configuration of a policy, use the qos list command. NOTE: The QoS policy must exist (created with the qos append or qos insert commands) and be disabled prior to configuration.
Chapter 20: QoS Commands SpeedStream® Router family Command Line Interface Guide Specifies the incoming code point. -oc d off | Specifies the outgoing code point. -b on | off -st e Specifies the time of day when the specified policy becomes active. -du e Specifies the active time period for the policy.
SpeedStream® Router family Command Line Interface Guide Chapter 20: QoS Commands qos setweight Configures the weighted fair queue that manages bandwidth based on traffic priority. For more information on bandwidth management, see the Technical Reference Manual. Mgmt Class Network (R/W) Input Format qos setweight Parameters Select one of the following: high medium normal Specifies the priority level queue to configure.
Chapter 20: QoS Commands SpeedStream® Router family Command Line Interface Guide This page intentionally left blank.
Efficient Networks® Router family Command Line Interface Guide Chapter 21: Switch Commands CHAPTER 21 CHAPTER 21 SWITCH COMMANDS This section contains Switch command descriptions. These commands are used for Ethernet switch management and include: Table 21-1: Switch Command Listing Command Function switch ? Lists the supported Switch sub-commands. switch agetime Specifies the aging time of the switch. switch block Disables the specified Ethernet port.
Chapter 21: Switch Commands Efficient Networks® Router family Command Line Interface Guide switch ? Lists the supported Switch commands and keywords. To see the syntax for a command, enter the command followed by a ? or help. Mgmt Class Network (R) Input Format switch ? | help Parameters None Response Lists the supported Switch commands and a brief description of their function. switch agetime Specifies the aging time of the switch.
Efficient Networks® Router family Command Line Interface Guide Chapter 21: Switch Commands switch block Disables the specified Ethernet Port. The port can be re-enabled with the switch unblock command. Mgmt Class Network (R/W) Input Format switch block Parameters 1 Ethernet port to be disabled.
Chapter 21: Switch Commands Efficient Networks® Router family Command Line Interface Guide switch mirror Configures port traffic mirroring. Switch mirroring allows traffic from an Ethernet port(s) to be mirrored to another Ethernet port. Switch mirroring is disabled by default. NOTE: Port 9 is the uplink of the switch to the WAN/router.
Efficient Networks® Router family Command Line Interface Guide Chapter 21: Switch Commands Response When the command is entered with parameters, a command prompt is returned.
Efficient Networks® Router family Command Line Interface Guide Chapter 21: Switch Commands Response Typical response: -> switch status Port 1 status: No Connection, 10Mb/s , Half Duplex, Enabled Port 2 status: No Connection, 10Mb/s , Half Duplex, Enabled Port 3 status: No Connection, 10Mb/s , Half Duplex, Disabled Port 4 status: Connected , 100Mb/s, Full Duplex, Enabled Port 5 status: Connected , 10Mb/s, Port 6 status: Connected , 100Mb/s, Full Duplex, Enabled Port 7 status: Connected , 100Mb/s, Fu
