This chapter also gives you a general description for accessing telnet and describes the firmware versions for the routers explained in this manual.

Note: For Windows 7 user, please make sure the Windows Features of Telnet Client has been turned on under Control Panel>>Programs.

Enter cmd and press Enter. The Telnet terminal will be open later.

In the following window, type Telnet 192.168.1.224 as below and press Enter. Note that the IP address in the example is the default address of the router. If you have changed the default, enter the current IP address of the router.

Next, enter admin/admin for Account/Password.


For users using previous Windows system (e.g., XP), simply click Start >> Run and type Telnet 192.168.1.224 in the Open box.

Next, enter admin/admin for Account/Password.

 

 

Enter ? to get a list of available commands.

The availabe commands contain –clear, clock, configure, copy, delete, disable, end, exit, hardware-monitor, ping, reboot, renew, restore-defaults, save, show, ssl, terminal, traceroute and udld. Each command will be explained as follows.

Note: You can also enter ? to check if there are subcommands under current command.

This command allows resetting the functions of ARP, authentication, gvrp, interfaces, IP, IPv6, LACP, Line, LLDP, Logging, MAC, mvr, and Spanning Tree.

Telnet Command: clear arp

Use this command to clear entries in the ARP cache.

Syntax Items

clear arp

Description

Syntax Items

Description

clear arp

<A.B.C.D> - Enter the IP address of the device (e.g., 192.168.1.224).

Related Syntax:

l        # clear arp

l        # clear arp <A.B.C.D>

Example

P2100# clear arp 192.168.1.224

P2100#

 

Telnet Command: clear authentication

Use this command to clear authentication sessions based on LAN port, MAC address, or authentication type for 802.1x/MAC authentication.

Syntax Items

clear authentication sessions

clear authentication sessions interfaces gigabitethernet

clear authentication sessions mac

clear authentication sessions session-id

clear authentication sessions type

Description

Syntax Items

Description

clear authentication sessions

Clear all of the sessions related to authentication.

Related Syntax:

l        # clear authentication sessions

clear authentication sessions interfaces gigabitethernet

Clear the sessions of a specific interface.

<1-10> - Enter the number of LAN port.

Related Syntax:

l        # clear authentication sessions interfaces gigabitethernet <1-10>

clear authentication sessions mac

Clear the sessions with the MAC address set here.

<A:B:C:D:E:F> - Enter the MAC address of the device that you want to clear the authentication information.

Related Syntax:

l        # clear authentication sessions mac <A:B:C:D:E:F>

clear authentication sessions session-id

Clear the sessions with the string set here.

<WORD> - Enter a string of a session that you want to clear.

Related Syntax:

l        # clear authentication sessions session-id <WORD>

clear authentication sessions type

Clear the sessions with authentication type selected here.

<dot1x> - Use 802.1x authentication.

<mac> - Use mac-based authentication.

<web> - Use web-based authentication.

Related Syntax:

l        # clear authentication sessions type <dot1x><mac><web>

Example

P2100# clear authentication sessions

No Auth Manager sessions currently exist

P2100# clear authentication sessions mac 48:5B:39:2F:A8:66

P2100# clear authentication sessions interfaces GigabitEthernet 2

P2100# clear authentication sessions session-id 0000000B002AFBE8

 

Telnet Command: clear gvrp

Use this command to clear statistics or port error statistics for all interfaces or a specific interface (LAN or LAG).

Syntax Items

clear gvrp error-statistics

clear gvrp statistics

Description

Syntax Items

Description

clear gvrp error-statistics

Specify a LAN/LAG interface for clearing error statistics for GVRP.

<1 - 10> - Enter the number (1 to 10) of LAN port.

<1 - 8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface) that you want to clear the GVRP setting.

Related Syntax:

l        # clear gvrp error-statistics interfaces GigabitEthernet <1-10>

l        # clear gvrp error-statistics interfaces LAG <1- 8>

clear gvrp statistics

Specify a LAN/LAG interface for clearing statistics for GVRP.

<1 - 10> - Specify an interface for clearing statistics for GVRP.

<1 - 8> - Specify LAG interface for clearing statistics for GVRP.

Related Syntax:

l        # clear statistics interfaces GigabitEthernet <1-10>

l        # clear statistics interfaces LAG <1- 8>

Example

P2100# clear gvrp error-statistics interfaces GigabitEthernet 2

P2100#

P2100# clear gvrp error-statistics interfaces LAG 2

P2100#

 

 


Telnet Command: clear interfaces

Use this command to clear statistics counters for all interfaces or a specific interface (LAN or LAG).

Syntax Items

clear interfaces GigabitEthernet

clear interfaces LAG

Description

Syntax Items

Description

clear interfaces GigabitEthernet

Specify a LAN/LAG interface for clearing statistics counters on that port.

<1-10> - Enter the number (1 to 10) of LAN port.

Related Syntax:

l        # clear interfaces gigabitEthernet <1-10> counters

clear interfaces LAG

Specify a LAG interface for clearing statistics counters on that port.

<1 - 8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear interfaces LAG <1 - 8> counters

Example

P2100# clear interfaces gigabitethernet 3 counters

P2100# clear interfaces

P2100# clear interfaces lag 2 counters

P2100#

 

Telnet Command: clear ip

Use this command to clear ARP inspection information, DHCP snooping database agent, and IGMP snooping groups (dynamic or static) information for all interfaces or a specific interface (LAN or LAG) with IP address.

Syntax Items

clear ip arp

clear ip dhcp

clear ip igmp

Description

Syntax Items

Description

clear ip igmp

snooping groups dynamic - Clear dynamic snooping groups of IGMP server.

snooping groups static - Clear static snooping groups of IGMP server.

snooping statistics - Clear snooping statistics for IGMP server.

Related Syntax:

l        # clear ip igmp snooping groups dynamic

l        # clear ip igmp snooping groups static

l        # clear ip igmp snooping statistics

clear ip dhcp

snooping database statistics - Clear snooping database statistics for DHCP server.

snooping interfaces GigabitEthernet / LAG- Specify a LAN / LAG interface for clearing DHCP snooping information.

<1 - 10> - Enter the number (1 to 10) of LAN port.

<1 - 8> - Specify a LAG interface for clearing DHCP snooping information.

Related Syntax:

l        # clear ip dhcp snooping database statistics

l        # clear ip dhcp snooping interfaces GigabitEthernet <1-10> statistics

l        # clear ip dhcp snooping interfaces LAG <1- 8> statistics

clear ip igmp

snooping groups dynamic - Clear dynamic snooping groups of IGMP server.

snooping groups static - Clear static snooping groups of IGMP server.

snooping statistics - Clear snooping statistics for IGMP server.

Related Syntax:

l        # clear ip igmp snooping groups dynamic

l        # clear ip igmp snooping groups static

l        # clear ip igmp snooping statistics

Example

P2100# clear ip igmp snooping groups dynamic

P2100#

 

Telnet Command: clear ipv6

Use this command to clear MLD snooping configuration for dynamic / static group(s) with IPv6 address.

Syntax Items

clear ipv6 mld

Description

Syntax Items

Description

clear ipv6 mld

snooping groups dynamic - Clear dynamic snooping groups of MLD.

snooping groups static - Clear static snooping groups of MLD.

Related Syntax:

l        # clear ipv6 mld snooping groups dynamic

l        # clear ipv6 mld snooping groups static

Example

P2100# clear ipv6

P2100# clear ipv6 mld snooping groups dynamic

P2100# clear ipv6 mld snooping groups dynamic?

  <cr>

P2100# clear ipv6 mld snooping groups static

 

Telnet Command: clear lacp

Use this command to clear LACP configuration for specified LAG interface or all LAG intefaces.

Syntax Items

clear lacp <1-8> counters

clear lacp counters

Description

Syntax Items

Description

clear lacp <1-8>

<1-8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear lacp <1-8> counters

clear lacp counters

Clear LACP configuration for all LAG interfaces.

Related Syntax:

l        # clear lacp counters

Example

P2100# clear lacp 1 counters

No interfaces configured in the channel group

P2100#

Telnet Command: clear line

Use this command to clear line settings including SSH (Secure Shell) configuration and telnet daemon configuration.

Syntax Items

clear line ssh

clear line telnet

Description

Syntax Items

Description

clear line ssh

Clear SSH configuration for line connection.

Related Syntax:

l        # clear line ssh

slear line telnet

Clear SSH Telnet configuration for line connection.

Related Syntax:

l        # clear line telnet

Example

P2100# clear line ssh

P2100# clear line telnet

Telnet Command: clear lldp

Use this command to clear LLDP statistics or reset LLDP information.

Syntax Items

clear lldp global

clear lldp interfaces

Description

Syntax Items

Description

clear lldp global

Clear all of the statistics related to LLDP.

Related Syntax:

l        # clear lldp global statistics

clear lldp interfaces

Specify a LAN / LAG interface for clearing LLDP information.

<1-10> - Enter the number (1 to 10) of LAN port. 

<1-8> - Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear lldp interfaces GigabitEthernet <1-10> statistics

l        # clear lldp interfaces LAG <1-8> statistics

Example

P2100# clear lldp global statistics

P2100#

P2100# clear lldp interfaces LAG 1 statistics

P2100# clear lldp interfaces gigabitethernet 1 statistics

P2100#

Telnet Command: clear logging

Use this command to clear log messages from the internal logging buffer and flash.

Syntax Items

clear logging buffered

clear logging file

Description

Syntax Items

Description

clear logging buffered

Clear the log stored in RAM.

Related Syntax:

l        # clear logging buffered

clear logging file

Clear the log stored in flash.

Related Syntax:

l        # clear logging file

Example

P2100# clear logging buffered

P2100# clear logging file

P2100#

Telnet Command: clear mac

Use this command to clear MAC configuration related to VLAN, LAG, and LAN port.

Syntax Items

clear mac

Description

Syntax Items

Description

clear mac address-table

<1-10> - Enter the number (1 to 10) of LAN port.

<1-8>- Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

<1-4094> - Specify a VLAN ID by entering its number.

Related Syntax:

l        # clear mac adderss-table dynamic interfaces GigabitEthernet <1-10>

l        # clear mac adderss-table dynamic interfaces LAG <1-8>

l        # clear mac adderss-table dynamic vlan <1-4094>

Example

P2100# clear mac address-table dynamic vlan 2038

P2100# clear mac address-table dynamic interfaces gigabitethernet 3

P2100#

Telnet Command: clear mvr

Use this command to clear information for all members (including dynamic, static) of MVR.

Syntax Items

clear mvr members

Description

Syntax Items

Description

clear mvr members

Clear information for dynamic / static members.

Related Syntax:

l        # clear mvr members dynamic

l        # clear mvr members static

Example

P2100# clear mvr members dynamic

P2100# clear mvr members static

P2100#

Telnet Command: clear spanning-tree

Use this command to clear running system information.

Syntax Items

clear spanning-tree

Description

Syntax Items

Description

clear spanning-tree interfaces

Specify a LAN interface for clearing its running information.

<1-10>- Enter the number (1 to 10) of LAN port. 

<1-8>- Enter the number (1 to 8) of LAG interface (IEEE 802.3 Link Aggregation Interface).

Related Syntax:

l        # clear spanning-tree interfaces GigabitEthernet <1-28> statistics

l        # clear spanning-tree interfaces LAG <1-8> statistics

Example

P2100# clear spanning-tree interfaces gigabitethernet 3 statistics

P2100# clear spanning-tree interfaces LAG 1 statistics

P2100#

 

This command allows managing the system clock.

Telnet Command: clock set

Use this command to configure the system clock manually.

Syntax Items

clock set

Description

Syntax Items

Description

clock set

Set current by entering hours, minutes, seconds, month, date and year with the format listed below:

<HH:MM:SS> - Hour, minute, second (e.g., 08:10:30).

<Jan> - January.

<feb> - February

<mar> - March

<apr> - April

<may> - May

<jun> - June

<jul> - July

<aug> - August

<sep> - September

<oct> - October

<nov> - November

<dec> - December

<1-31> - Date 1 to 31.

<2000-2035> - Year of 2000 to 2035.

Related Syntax:

l        # clock set HH:MM:SS jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec <1-31> <2000-2035>

Example

P2100# clock set 12:10:30 jan 1 2019

2019-01-01 12:10:30 UTC+8

 

This command allows configuring the settings related to VigorSwitch.

Available sub-commands under Configure include:

aaa, acct, authentication, clock, custom, dos, dot1x, do, dray_surveillence, enable, end, errdisable, exit, gvrp, hostname, http, interface, ip, ipv6, jumbo-frame, lacp, lag, line, lldp, logging, logmail, loop-protection, mac, mailalert, management, management-vlan, mirror, mvr, no, openvpn, poe, port-security, qos, radius, schedule, snmp, sntp, spanning-tree, start-up, storm-control, surveillance-vlan, system, tacacs, tr069, udld, username, vlan, voice-vlan, webhook

Before configuration, you have to enterconfigure” to access into next phase.

To return to previous phase, enter “exit”

Example

P2100# configure

P2100(config)#

P2100(config)# exit

P2100#

Telnet Command: aaa

Use this command to add a login authentication list to authenticate with local, tacacs+, radius, and none service.

Syntax Items

aaa authentication enable

aaa authentication login

Description

Syntax Items

Description

aaa authentication enable

Enable authentication is used only on CLI for a user trying to switch from User EXEC (>) mode to Privileged EXEC (#) mode.

enable – Enable the authentication list.

<LISTNAME> – Enter a string as the list name for authentication type. Default value is “default”.

<none, enable, tacacs+, radius> – Specify the authentication method by entering none, enable, tacacs+ or radius.

l        None: Do nothing and just make user be authenticated.

l        Enable: Use local password to authenticate.

l        Tacacs+: Use remote Tacas+ server to authenticate.

l        Radius: Use remote Radius server to authenticate.

default - It is used to configure default enable authentication.

Related Syntax:

l        <config>#aaa authentication enable <LISTNAME> <none, enable, tacacs+, radius>

l        <config>#aaa authentication enable default <none, enable, tacacs+, radius>

aaa authentication login

Login authentication is used when a user tries to login into the switch.

<LISTNAME> – Enter a string as the list name for authentication type. Default value is “default”.

<none, enable, tacacs+, radius> –Specify the authentication method by entering none, enable, tacacs+ or radius.

default - It is used to configure default login authentication.

Related Syntax:

l        <config>#aaa authentication login <none, enable, tacacs+, radius>

l        <config>#aaa authentication login default <none, enable, tacacs+, radius>

Example

P2100# configure

P2100(config)#

P2100(config)# aaa authentication enable LISTNAME enable

P2100(config)#

P2100(config)# exit

P2100# show aaa authentication enable lists

 Enable List Name   Authentication Method List

------------------ -------------------------------

          default        enable

         LISTNAME        enable

P2100#

Telnet Command: acct

Use this command to set RADIUS / TACACS server.

Syntax Items

acct server radius

acct server tacacs

Description

Syntax Items

Description

server radius

<1-65535> - Set a value to wait for a packet retransmission to the authentication server.

<1-60> - Set the transmission interval (unit is second).

l           # acct server radius disconnect message port <1-65535> interval <1-60>

server tacacs

<1-65535> - Set a value to wait for a packet retransmission to the authentication server.

<1-60> - Set the transmission interval (unit is second).

l           # acct server tacacs disconnect message port <1-65535> interval <1-60>

 

Telnet Command: authentication

Use this command to enable the global setting of 802.1x/MAC/WEB authentication network access control (default is disabled for all).

Syntax Items

authentication dot1x

authentication guest-vlan

authentication mac

authentication web

Description

Syntax Items

Description

authentication dot1x

Enable 802.1x authentication by entering the word, dot1x after authentication.

Related Syntax:

l        <config># authentication dot1x

authentication guest-vlan 

Configure the guest VLAN.

<1-4094> - Specify a guest VLAN ID by entering its number.

Related Syntax:

l        <config># authentication guest-vlan <1-4094>

authentication mac

Enable MAC authentication by entering the word, mac after authentication.

mac local - Local database for MAC-Based authentication. It can add local MAC authentication hosts in database.

<A:B:C:D:E:F> - Enter the MAC address to be added for authentication.

control auth – Set a local entry control mode, auth (the host will be set to authorized) or unauth (the host will be set to unauthorized).

vlan <1~4094> - Specify a VLAN ID by entering its number

reauth-period <300~4294967294> - Set a time to initiate automatic re-authentication.

inactive-timeout <60~65535>- Set the inactive timeout for MAC authentication host. After the time interval, if there is no activity from the client, then it will be unauthorized by Vigor system.

control unauth - Set a local entry control mode as “unauth” to let the host set as unauthorized.

radius mac-case <lower / upper> - Set RADIUS user ID with lower case or upper case.

radius mac-delimiter <colon/dot/hyphen/none> - Select RADIUS user ID delimiter. In which,

colon: XX:XX:XX:XX:XX:XX

dot: XX.XX.XX.XX.XX.XX

hyphen: XX-XX-XX-XX-XX-XX

none: XXXXXXXXXXXX

gap <2/4/6> - Select delimiter gap.

Related Syntax:

l        <config>#authentication mac

l        <config>#authentication mac local <A:B:C:D:E:F> control auth inactive-timeout <60~65535>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth reauth-period <300~4294967294>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan <1~4094>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan<1~4094> reauth-period <300~4294967294>

l        <config>#authentication mac local <A:B:C:D:E:F> control auth vlan<1~4094> reauth-period <300~4294967294> inactive-timeout <60~65535>

l        <config>#authentication mac local <A:B:C:D:E:F> control unauth

l        <config>#authentication mac radius mac-case <lower / upper>

l        <config>#authentication mac radius mac-delimiter <colon/dot/hyphen/none>

l        <config>#authentication mac radius mac-delimiter <colon/dot/hyphen/none> gap <2/4/6>

authentication web

Web - Enable web authentication by entering the word “web” after “authentication”.

username <WORD> - Specify a username.

password <string> - Set a password.

vlan <1~4094> - Specify a VLAN ID by entering its number.

reauth-period <30~4294967294> - Set a time to initiate automatic re-authentication.

inactive-timeout <60~65535>- Set the inactive timeout for MAC authentication host. After the time interval, if there is no activity from the client, then it will be unauthorized by Vigor system.

Related Syntax:

l        <config>#authentication web

l        <config>#authentication web local username <WORD> password <string> inactive-timeout <60~65535>

l        <config>#authentication web local username <WORD> password <string> reauth-period <300~4294967294>

l        <config>#authentication web local username <WORD> password <string> reauth-period <300~4294967294> inactive-timeout <60~65535>

l        <config>#authentication web local username <WORD> password <string> vlan<1~4094>

l        <config>#authentication web local username <WORD> password <string> vlan<1~4094> reauth-period <30~4294967294> inactive-timeout <60~65535>

Example

P2100# configure

P2100(config)# authentication dot1x

P2100(config)# vlan 3

P2100(config-vlan)# exit

P2100(config)# authentication guest-vlan 3

P2100(config)#

P2100(config)# exit

P2100# show authentication

Autentication dot1x state        : enabled

Autentication mac state          : disabled

Autentication web state          : disabled

Guest VLAN                    : enabled (3)

Mac-auth Radius User ID Format  : XXXXXXXXXXXX

Mac-auth Local Entry             :

Web-auth Local Entry             :

Interface Configurations

Interface GigabitEthernet1

  Admin Control              : disable

  Host Mode                   : multi-auth

  Type dot1x State           : disabled

  Type mac State             : disabled

  Type web State             : disabled

  Type Order                  : dot1x

  MAC/WEB Method Order      : radius

  Guest VLAN                  : disabled

  Reauthentication           : disabled

  Max Hosts                   : 256

  VLAN Assign Mode           : static

--More—

………………………………………………………………………………………………..

P2100# configure

P2100(config)# authentication mac local 00:11:22:33:00:01 control auth vlan 3 reauth-period 500 inactive-timeout 300

P2100(config)#

P2100(config)# authentication mac local 00:11:22:33:00:01 control unauth

P2100(config)#

P2100(config)# authentication web local username user_1 password 1234tw vlan 3 reauth-period 600 inactive-timeout 700

P2100(config)#

 

Telnet Command: clock

Use this command to configure time zone, summer-time and external time source for the system clock.

Syntax Items

clock auto timezone

clock source local

clock source sntp

clock summer-time

clock timezone

Description

Syntax Items

Description

clock auto timezone

VigorSwitch sets the time zone automatically.

clock source local

Configure an external time source for the system clock.

“local” means to use static time. It is the default setting.

Related Syntax:

l        <config># clock source local

clock source sntp

Configure an external time source for the system clock. “sntp” means to use SNTP time.

Related Syntax:

l        <config># clock source sntp

clock summer-time

Configure the system to automatically switch to summer time (daylight saving time).

ACRONYM – Specify the acronym name of time zone. The acronym of the time zone will be displayed when summer time is in effect. If unspecified, the time zone acronym will be used in default. (1-4 chars)

<jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> - Indicate January, February, March, April, May, June, July, August, September, October, November, December.

<1-31> means date 1 to 31.

<2000-2037> - means year of 2000 to 2035.

<HH:MM> - means hours and minutes.

recurring - Summer time should start and end on the corresponding specified days every year.

<1-1440>- Set the number of minutes to add during the summer time. The default number is 60.

eu - The summer time is based on the European Union rules. (Start point – last Sunday in March, End point – last Sunday in October)

usa - The summer time is based on the United States rules. (Start point – second Sunday in March, End point – first Sunday in November)

first - The first week of the month.

last - The last week of the month.

<sun/mon/tue/wed/thu/fri/sat> - Indicate Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday.

<jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> - Indicate January, February, March, April, May, June, July, August, September, October, November, December.

<first/last>- Specify the first week or the last week of the month.

<1-5> - Specify the number of the week in the month.

Note that the first group of month, date, hour and minute is used for configuring starting time, and the second group is used for configuring ending time.

Related Syntax:

l        <config># clock summer-time ACRONYM date <jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec> <1-31> <2000-2037> <HH:MM> <jan/feb/mar/apr/may/jun/jul/aug/sep/oct/nov/dec><1-31><2000-2037> <HH:MM>

l        <config># clock summer-time ACRONYM recurring eu <1-1440>

l        <config># clock summer-time ACRONYM recurring usa <1-1440>

l        <config># clock summer-time ACRONYM recurring first <sun/mon/tue/wed/thu/fri/sat>< jan / feb / mar / apr / may / jun/jul/aug/sep/oct/nov/dec> <HH:MM> <first/last> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr/may/ jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

l        <config># clock summer-time ACRONYM recurring last <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may /jun/jul/aug/sep/oct/nov/dec> <HH:MM> <first/last><sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr/may/ jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

l        <config># clock summer-time ACRONYM recurring <1-5> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may /jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-5> <sun/mon/tue/wed/thu/fri/sat>< jan /feb /mar /apr /may/jun/jul/aug/sep/oct/nov/dec> <HH:MM> <1-14400>

clock timezone ACRONYM <-12-13> minutes <0-59>

Set the time zone for display purposes.

ACRONYM – Specify the acronym name of time zone. The acronym of the time zone will be displayed when summer time is in effect. If unspecified, the time zone acronym will be used in default. (1-4 chars)

<-12-13> – Specify the hour offset (from -12 to +13) of time zone.

minutes <0-59> – Specify the minute difference from UTC.

Related Syntax:

l        <config># clock timezone ACRONYM <-12-13> minutes <0-59>

Example

P2100# configure

P2100(config)# clock source sntp

P2100(config)# exit

P2100# show clock detail

2019-01-05 06:51:23 UTC+8

Time source is sntp

Time zone:

Acronym is

Offset is UTC+8

P2100# configure

P2100(config)# clock summer-time tw date jan 30 2019 23:30 feb 1 2019 20:50

P2100(config)# exit

P2100# show clock detail

2019-01-05 07:13:49 UTC+8

Time source is sntp

 

Time zone:

Acronym is ACRONYM

Offset is UTC-10:08

 

Summertime:

Acronym is tw

Starting and ending on a specific date.

Begins at 1 30 19 23:30

Ends at 2 1 19 20:50

Offset is 60 minutes.

P2100# configure

P2100(config)# clock summer-time ACRONYM recurring eu 1200

P2100(config)# clock summer-time ACRONYM recurring first mon jan 10:10 first sun feb 10:10 1000

P2100(config)# exit

P2100# show clock detail

2019-01-05 11:37:18 UTC+8

Time source is sntp

Time zone:

Acronym is

Offset is UTC+8

Summertime:

Acronym is ACRONYM

Recurring every year.

Begins at 1 1 1 10:10

Ends at 1 0 2 10:10

Offset is 1000 minutes.

 

 

Telnet Command: custom

Use this command to enable the module settings.

Syntax Items

custom enable

Description

Syntax Items

Description

custom enable

Enable the module settings.

Related Syntax:

l        <config># custom enable

Example

P2100# configure

P2100(config)# custom enable

P2100(config)#

Telnet Command: dos

Use this command to enable specific Denial of Service (DoS) protection.

Syntax Items

dos daeqsa-deny

dos icmp-frag-pkts-deny

dos icmp-ping-max-length

dos icmpv4-ping-max-check

dos icmpv6-ping-max-check

dos ipv6-min-frag-size-check

dos ipv6-min-frag-size-length

dos land-deny

dos nullscan-deny

dos pod-deny

dos smurf-deny

dos smurf-netmask

dos syn-sportl1024-deny

dos synfin-deny

dos synrst-deny

dos tcp-frag-off-min-check

dos tcpblat-deny

dos tcphdr-min-check

dos tcphdr-min-length

dos udpblat-deny

dos xma-deny

Description

Syntax Items

Description

dos daeqsa-deny

Drop the packets if the destination MAC address equals to the source MAC address.

Related Syntax:

l        <config># dos daeqsa-deny

dos icmp-frag-pkts-deny

Drop the fragmented ICMP packets.

Related Syntax:

l        <config># dos icmp-frag-pkts-deny

dos icmp-ping-max-length

Set the maximum packet size for ICMPv4/ICMPv6 ping operation.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos icmp-ping-max-length <0-65535>

dos icmpv4-ping-max-check

Check ICMPv4 ping maximum packets size and drop the packets larger than the maximum packet size defined by the command, dos icmp-ping-max-length.

Related Syntax:

l        <config># dos icmpv4-ping-max-check

dos icmpv6-ping-max-check

Check ICMPv6 ping maximum packets size and drop the packets larger than the maximum packet size defined by the command, icmp-ping-max-length.

Related Syntax:

l        <config># dos icmpv6-ping-max-check

dos ipv6-min-frag-size-check

Check minimum size of IPv6 fragments.

Related Syntax:

l        <config># dos ipv6-min-frag-size-check

dos ipv6-min-frag-size-length <0-65535>

Set the minimum packet size of IPv6 fragmented packets.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos ipv6-min-frag-size-length <0-65535>

dos land-deny

Drop the packets if the source IP address equals to destination IP address.

Related Syntax:

l        <config># dos land-deny

dos nullscan-deny

Drop the packets if attacked by NULL Scan.

Related Syntax:

l        <config># dos nullscan-deny

dos pod-deny

Drop the packets if attacked by Ping of Death.

Related Syntax:

l        <config># dos pod-deny

dos smurf-deny

Drop the packets if encountered Smurf attack.

Related Syntax:

l        <config># dos smurf-deny

dos smurf-netmask

Set the smurf attack size.

<0-32> - Enter a number as smurf attacks size.

Related Syntax:

l        <config># dos smurf-netmask <0-32>

dos syn-sportl1024-deny

Drop SYN packets with sport less than 1024.

Related Syntax:

l        <config># dos syn-sportl1024-deny

dos synfin-deny

Drop the packets with SYN and FIN bits set.

Related Syntax:

l        <config># dos synfin-deny

dos synrst-deny

Drop the packets with SYNC and RST bits set.

Related Syntax:

l        <config># dos synrst-deny

dos tcp-frag-off-min-check

Drop the TCP fragmented packet with offset equals to the minimum packet size.

Related Syntax:

l        <config># dos tcp-frag-off-min-check

dos tcpblat-deny

Drop the packets if the source TCP port equals to destination TCP port.

Related Syntax:

l        <config># dos tcpblat-deny

dos tcphdr-min-check

Check the minimum TCP header and drop the TCP packets with the header smaller than the minimum size defined.

Related Syntax:

l        <config># dos tcphdr-min-check

dos tcphdr-min-length

Set the minimum size of TCP header.

<0-65535> - Specify a packet number.

Related Syntax:

l        <config># dos tcphdr-min-length <0-65535>

dos udpblat-deny

Drop the packets if the source UDP port equals to destination UDP port.

Related Syntax:

l        <config># dos udpblat-deny

dos xma-deny

Drop the packets if the sequence number is zero and the FIN, URG and PSH bits are set already.

Related Syntax:

l        <config># dos xma-deny

Example

P2100# configure

P2100(config)#

P2100(config)# dos icmp-ping-max-length 25252

P2100(config)# dos icmpv4-ping-max-check

P2100(config)#

Telnet Command: dot1x

Use this command to set 802.1x configuration.

Syntax Items

dot1x guest-vlan

Description

Syntax Items

Description

dot1x guest-vlan

<1-4094> - Select a guest VLAN by entering its number.

Related Syntax:

l        <config># dot1x guest-vlan <1-4094>

Example

P2100# configure

P2100(config)#

P2100(config)# dot1x guest-vlan 3

P2100(config)#

Telnet Command: do

Use this command to execute a command immediately.

Syntax Items

do SEQUENCE

Description

Syntax Items

Description

SEQUENCE

Enter the command that you want to execute immediately.

Related Syntax: (for example)

l        <config># do show info

Example

P2100(config)# do show info

System Name        : P2100

System Location    : Default

System Contact     : Default

MAC Address        : 14:49:BC:41:33:F4

IP Address         : 192.168.1.11

Subnet Mask        : 255.255.255.0

Loader Version     : 2.0.0

Loader Date        : Aug 30 2019 - 13:58:32

Firmware Version : 2.5.1_RC5

Firmware Date      : Nov 28 2019 - 17:06:13

Firmware Revision : 1688

System Object ID : 1.3.6.1.4.1.7367

System Up Time     : 3 days, 22 hours, 13 mins, 25 secs

P2100(config)#

Telnet Command: dray_surveillence

Use this command to enable / disable the ONVIF.

Syntax Items

dray_surveillence add

dray_surveillence direct-add

dray_surveillence set

Description

Syntax Items

Description

dray_surveillence add

Add an IP device for surveillance.

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence add device uuid WORD <36-36>

l        <config># dray_surveillence add group uuid WORD <36-36>

dray_surveillence direct-add

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence direct-add device uuid WORD <36-36>

dray_surveillence set

WORD <36-36> - Enter the UUID string of the IP camera or IP-based device.

Related Syntax:

l        <config># dray_surveillence set device uuid WORD <36-36>

l        <config># dray_surveillence set group uuid WORD <36-36>

Example

P2100# configure

P2100(config)#

P2100(config)# dray_surveillence

P2100(config)#

P2100(config)# dray_surveillence add device uuid 53d7762a-c52b-4bb9-8000-305501e0f35f

P2100(config)#

Telnet Command: enable

Use this command to configure local password with encrypted string or not.

Syntax Items

enable password

enable privilege

enable secret

Description

Syntax Items

Description

enable password

<PASSWORD> - Edit the password for each privilege level for activating authentication.

Related Syntax:

l        <config># enable password PASSWORD

enable privilege

Edit the privilege level of the password for local user.

<1-15> - Enter a number for specifying a privilege level. Default value is 15.

<string> - Enter a new string as the password.

Related Syntax:

l        <config># enable privilege <1-15> password <string>
(This password will NOT be encrypted.)

l        <config># enable privilege <1-15> secret <string>
(This password will BE encrypted.)

l        <config># enable privilege <1-15> secret encrypted <string>
(This password is copied from another configuration file. So, enter an existed and encrypted password.)

enable secret

<PASSWORD> - Enter a new string as the encrypted password.

Related Syntax:

l        <config># enable secret PASSWORD

l        <config># enable secret encrypted PASSWORD

Example

P2100# configure

P2100(config)# enable secret encrypted testtest

P2100(config)# exit

P2100# show running-config

P2100# …

enable privilege 2 secret "OTE5ZTY4MmNhYzgyNWQ0MzBhNTgwZTg0MmZmMGJiYzQ="

enable secret "testtest"

vlan 2

 name "test0002"

vlan 3

 name "test0003"

vlan 5

 name "test_carrie"

voice-vlan oui-table 00:E0:BB "3COM"

voice-vlan oui-table 00:03:6B "Cisco"

voice-vlan oui-table 00:E0:75 "Veritel"

.......

 

Telnet Command: end

Use this command to end current mode.

Syntax Items

end

Example

P2100# configure

P2100(config)#end

P2100#

Telnet Command: errdisable

Use this command to enable the auto recovery timer for port error.

Syntax Items

errdisable recovery cause

errdisable recovery interval

Description

Syntax Items

Description

errdisable recovery cause

Enable the auto recovery timer for port error disabled from ACL,all, ARP rate limit, STP BPDU guard, broadcast flooding, DHCP rate limit, port security, STP self-loop, unicast flooding, or unknown multicast flooding causes.

Related Syntax:

l        <config># erridisable recovery cause < acl /all /arp-inspection /bpduguard /broadcast-flood /dhcp-rate-limit /psecure-violation /selfloop /unicast-flood /unknown-multicast-flood >

errdisable recovery interval

Set the recovery time of the error disabled port.

<30-86400> - The default value is 300 seconds.

Related Syntax:

l        <config># errdisable recovery interval <30-86400>

Example

P2100# configure

P2100(config)#

P2100(config)# errdisable recovery interval 600

P2100(config)#

Telnet Command: exit

Use this command to exit current mode and return to previous mode/phase.

Syntax Items

exit

Example

P2100# configure

P2100(config)#

P2100(config)# exit

P2100#

Telnet Command: gvrp

Use this command to enable the GVRP configuration. In default, the GVRP is disabled.

Syntax Items

gvrp

Example

P2100# configure

P2100(config)# gvrp

P2100(config)#

P2100(config)# exit

P2100# show gvrp

                GVRP    Status

                --------------------

    GVRP                            : Enabled

    Join time                      : 200 ms

    Leave time               : 600 ms

    LeaveAll time                 : 10000 ms

P2100#

Telnet Command: hostname

Use this command to modify the network name of VigorSwitch.

Syntax Items

hostname

Description

Syntax Items

Description

hostname

<word> - Enter a string as the network name for VigorSwitch.

Related Syntax:

l        <config># hostname <word>

Example

P2100# configure

P2100(config)# hostname Switch_3F

Switch_3F(config)#

Telnet Command: interface

Use this command to configure interface settings.

Before configuring, you have to access into next phase. See the following example:

P2100# configure

P2100(config)#

P2100(config)# interface GigabitEthernet 3

G2280(config-if)#

Or

P2100# configure

P2100(config)#

P2100(config)# interface range LAG 3

P2100(config-if-range)#

Syntax Items

interface GigabitEthernet

interface VLAN

interface LAG

interface range

Description

Syntax Items

Description

interface GigabitEthernet

<1-10> - Specify the number of Ethernet LAN port.

Related Syntax:

l           <config># interface GigabitEthernet <1-10>

interface LAG

<1-8> - Specify the number of LAG interface.

Related Syntax:

l           <config># interface LAG <1-8>

Interface range

Specify an interface ranges for configuring detailed settings.

Related Syntax:

l           <config># interface range GigabitEthernet <1-10>

            <config># interface range LAG <1-8>

Example

P2100# configure

P2100(config)# interface LAG 1

G2280(config-if)#

 

Under (config-if)#, available sub-commands are:

<config-if># authentication

<config-if># back-pressure

<config-if># custom

<config-if># description

<config-if># device-check

<config-if># dos

<config-if># dot1x

<config-if># do

<config-if># dray_surveillence

<config-if># duplex

<config-if># eee

<config-if># end

<config-if># exit

<config-if># flowcontrol

<config-if># gvrp

<config-if># ip

<config-if># ipv6

<config-if># lacp

<config-if># lag

<config-if># lldp

<config-if># loop-protection

<config-if># mac

<config-if># mvr

<config-if># no

<config-if># poe

<config-if># port-security

<config-if># power

<config-if># protected

<config-if># qos

<config-if># rate-limit

<config-if># shutdown

<config-if># spanning-tree

<config-if># speed

<config-if># storm-control

<config-if># surveillance-vlan

<config-if># switchport

<config-if># udld

<config-if># vlan

<config-if># voice-vlan

Description

Syntax Items

Description

authentication

Apply Auth Manager Port Configuration Commands to the specified interface (Ethernet port/LAG port).

dot1x – Execute the 802.1x authentication.

guest-vlan – Authenticate the guest VLAN configuration.

host-mode <multi-auth / multi-host / single-host> - Set the host mode for authentication on this port.

max-hosts <1-256> - Set the maximum number of authenticated hoss allowed on this port.

method <local/radius> - Set authentication method by using local or RADIUS server.

order <dot1x / mac /web> - Add an authentication type to the order list.

port-control <auto / force-auth / force-unauth> - Set the port state of this port as AUTO, Authorized or Unauthorized.

radius-attributes vlan reject – If the Radius server authorizes the supplicant, but does not provide a supplicant VLAN, the supplicant will be rejected. If the parameter is omitted, the option is applied by default.

radius-attributes vlan static - If the Radius server authorizes the supplicant but does not provide asupplicant VLAN, the supplicant will be accepted.

reauth – Enable/Disabel Reauthentication for this port

timer <inactive> <60-65535> – Set the time value for authentication. After the time interval, if there is no activity from the client, it will be unauthorized.

timer quiet <0-65535> - Set the time value to wait failed authentication exchange.

timer reauth <300-4294967294> - Set the time value. After the time interval, an automatic re-authentication should be initiated.

web – Execute the web-based authentication.

web max-login-attempts <3-10> – Set a maximum number of login attemps on the port.

web max-login-attempts infinite – No limit for login attempts.

Related Syntax:

l        <config-if># authentication dot1x

l        <config-if># authentication guest-vlan

l        <config-if># authentication host-mode <multi-auth / multi-host / single-host>

l        <config-if># authentication mac

l        <config-if># authentication max-hosts <1-256>

l        <config-if># authentication method <local/radius>

l        <config-if># authentication order <dot1x / mac /web>

l        <config-if># authentication port-control <auto / force-auth / force-unauth>

l        <config-if># authentication radius-attributes vlan reject

l        <config-if># authentication radius-attributes vlan static

l        <config-if># authentication reauth

l        <config-if># authentication timer inactive <60-65535>

l        <config-if># authentication timer quiet <0-65535>

l        <config-if># authentication timer reauth <300-4294967294>

l        <config-if># authentication web

l        <config-if># authentication web max-login-attempts <3-10>

l        <config-if># authentication web max-login-attempts infinite

back-pressure

Enable back-pressure for the specified interface (Ethernet port/LAG port).

Related Syntax:

l        <config-if># back-pressure

custom

<enable> - Enable the custom module configuration for the specified interface (Ethernet port/LAG port).

Related Syntax:

l        <config-if># custom enable

description

Write a description for the specified interface (Ethernet port/LAG port).

<WORD> - Enter a description (up to 32 characters).

Related Syntax:

l        <config-if># descripton <WORD>

device-check

Perform a device check the specified interface (Ethernet port/LAG port).

ip-address<A.B.C.D> - Enter the IP address of the device.

interval <120/15/30/60>– Check the device interval by entering the time value. Unit is second.

retry <1/3/5> - Enter the retry time during a checking period.

Failure-action <nothing/powercycle/poweroff> – Set the power cycle.

Related Syntax:

l        <config-if># device-check ip-address <A.D.C.D> interval <120/15/30/60> retry <1/3/5> failure-action  <nothing/powercycle/poweroff>

dos

Apply DoS to the specified interface (Ethernet port/LAG port).

dot1x

It is available for GigabitEthernet port only.

guest-vlan – Set guest VLAN configuration.

max-req <1-10>– Set the maximum request retries. Default is 2.

Port-control <auto/force-auth/force-unauth>– Set the port control value (auto, authorized or unauthorized)

reauth – Enable/disable the reauthenctication for this port.

timeout <quiet-period / reauth-period / server-timeout /supp-timeout /tx-period>– Set timeout value for this port.

<0-65535> - Set a value as quiet period (default is 60-second).

<300-4294967294> - Set a value as re-authentication period. (default is 3600-second).

<1-65535> - Set a value to wait for a packet retransmission to the authentication server.

supp-timeout <1-65535> – Set a vale as supplicant timeout period.

tx-period <1-65535> - Set a value to wait for a response to an EAP-request / identity before resending the request.

Related Syntax:

l        <config-if># dot1x guest-vlan

l        <config-if># dot1x max-req <1-10>

l        <config-if># dot1x port-control <auto /force-auth /force-unauth >

l        <config-if># dot1x reauth

l        <config-if># dot1x timeout quiet-period <0-65535>

l        <config-if># dot1x timeout reauth-period <300-4294967294>

l        <config-if># dot1x timeout server-timeout <1-65535>

l        <config-if># dot1x timeout supp-timeout <1-65535>

l        <config-if># dot1x timeout tx-period <1-65535>

do

Run execution commands in current mode.

dray_surveillence

Use this command to set the ONVIF throughput alert threshold.

<16-1000000> - Specify a number as the alert threshold for egress /ingress throughput.

Related Syntax:

l        <config-if>#dray_surveillence set threshold alert egress <16-1000000>

l        <config-if>#dray_surveillence set threshold alert ingress <16-1000000>

duplex

Apply the duplex configuration to the specified interface (Ethernet port/LAG port).

<Auto> – Auto duplex configuration.

<Full>– Force full duplex operation.

<Half> – Force half-duplex operation.

Related Syntax:

l        <config-if># duplex <auto/full/half>

eee

Apply the EEE configuration to the specified interface (Ethernet port).

end

End current mode, change to enable mode and return to previous phase.

exit

Exit from current mode.

flowcontrol

Configure flow-control mode to the specified interface (Ethernet port/LAG port).

<Auto> – Enable AUTO flow-control configuration.

<Off> – Disable the force flow-control.

<On> – Enable the force flow-control.

Related Syntax:

l        <config-if># flowcontrol <auto/off/on>

gvrp

Apply the GVRP configuration to the specified interface (Ethernet port/LAG port).

registration-mode <fixed / forbidden / normal>- Set registration mode for GVRP. When registration-mode is fixed or forbidden, it will remove the dynamic port from VLAN.

vlan-creation-forbid – Do not remove dynamic port from VLAN.

Related Syntax:

l        <config-if># gvrp registration-mode <fixed / forbidden / normal>

l        <config-if># gvrp vlan-creation-forbid

ip

Apply IP configuration to the specified interface (Ethernet port/LAG port).

acl <NAME> - Specify an ACL for packets. Enter the name of the ACL.

arp inspection rate-limit <1-10> – ARP inspection is to enable Dynamic ARP Inspection function. Set the rate limitation (1 – 10) on the interface. Vigor switch will drop ARP packets after receives more than configured rate of packets per second.

arp inspection trust – Use it to set trusted interface.

arp inspection validate dst-mac – It means Vigor switch will drop ARP reply packets if arp-target-mac and ethernet-dst-mac are not matched.

arp inspection validate ip allow-zeros – The “allow-zeros” means Vigor switch will not drop all zero IP address.

arp inspection validate src-mac – It means Vigor switch will drop ARP requests and reply packets if arp-sender-mac and ethernet- source-mac are not matched.

conflict prevention bind-ip <A.B.C.D> -

conflict prevention port-type DHCP-Client –

conflict prevention port-type DHCP-Client has-server –

conflict prevention port-type DHCP-Server –

conflict prevention port-type DHCP-Server has-server –

conflict prevention port-type Multiple-Hosts –

conflict prevention port-type Multiple-Hosts has-server –

conflict prevention port-type Static-Binding –

conflict prevention port-type Static-Binding has-server -

dhcp snooping option – Use it to enable the function of inserting option82 content into the packet.

dhcp snooping option action <drop / keep / replace> - Use it to set the action (drop, keep or replace) when receiving packets with option82 content.

dhcp snooping option circuit-id <STRING> - Use it to set user-defined circuit-id string (1 to 63 characters).

dhcp snooping rate-limit <1-300> - Use it to set rate limitation on the interface.

dhcp snooping trust – Use it to set trusted interface.

dhcp snooping verify mac-address – Use it to verify MAC address function on the interface.

dhcp snooping vlan <1-4094> option circuit-id <STRING> - Set user-defined circuit-id string for specified VLAN ID.

igmp filter <1-128> - Use it to bind a profile for a port. Specify a profile ID.

igmp max-groups <0-256> - Use it to limit port learning max group number (0-256).

igmp max-groups action <deny/replace> - Use it to set the action (deny or replace) when the number of groups reach the limitation.

source binding max-entry <1-10> -

source binding max-entry no-limit -

source verify mac-and-ip – Use it to enable IP source guard function.

Related Syntax:

l        <config-if># ip acl <NAME>

l        <config-if># ip arp inspection rate-limit <1-10>

l        <config-if># ip arp inspection trust

l        <config-if># ip arp inspection validate dst-mac

l        <config-if># ip arp inspection validate ip allow-zeros

l        <config-if># ip arp inspection validate src-mac

l        <config-if># ip conflict prevention bind-ip <A.B.C.D>

l        <config-if># ip conflict prevention port-type DHCP-Client

l        <config-if># ip conflict prevention port-type DHCP-Client has-server

l        <config-if># ip conflict prevention port-type DHCP-Server

l        <config-if># ip conflict prevention port-type DHCP-Server has-server

l        <config-if># ip conflict prevention port-type Multiple-Hosts

l        <config-if># ip conflict prevention port-type Multiple-Hosts has-server

l        <config-if># ip conflict prevention port-type Static-Binding

l        <config-if># ip conflict prevention port-type Static-Binding has-server

l        <config-if># ip dhcp snooping option

l        <config-if># ip dhcp snooping option action <drop / keep / replace>

l        <config-if># ip dhcp snooping option circuit-id <STRING>

l        <config-if># ip dhcp snooping rate-limit <1-300>

l        <config-if># ip dhcp snooping trust

l        <config-if># ip dhcp snooping verify mac-address

l        <config-if># ip dhcp snooping vlan <1-4094> option circuit-id <STRING>

l        <config-if># ip igmp filter <1-128>

l        <config-if># ip igmp max-groups <0-256>

l        <config-if># ip igmp max-groups action <deny/replace>

l        <config-if># ip source binding max-entry <1-10>

l        <config-if># ip source binding max-entry no-limit

l        <config-if># ip source verify mac-and-ip

ipv6

Apply IPV6 configuration to the specified interface (Ethernet port/LAG port).

acl <NAME> - Specify the ACL name for packets

mld <filter> – Set IPv6 filter for MLD configuration.

mld max-groups – Specify the number for maximum group.

<0-256> - MLD snooping group number.

action <deny /replace> – Define the action to be performed when excessing the maximum group.

Related Syntax:

l        <config-if># ipv6 acl <NAME>

l        <config-if># ipv6 mld filter

l        <config-if># ipv6 mld max-groups <0-256>

l        <config-if># ipv6 mld max-groups action <deny / replace>

lacp

Apply LACP Configuration to the specified interface (Ethernet port/LAG port).

<1-65535> - Set a number for IEEE 802.3 link aggregation port priority.

<long/short> – Set long or short timeout value.

Related Syntax:

l        <config-if># lacp port-priority <1-65535>

l        <config-if># lacp timeout <long/short>

lag

Apply Link Aggregation Group Configuration the specified interface (Ethernet port/LAG port).

<1-8> - Specify LAG number.

Related Syntax:

l        <config-if># lag <1-8>

loop-protection

Record the log, shutdown the port or follow the global loop-protection settings for each port.

Related Syntax:

l            <config-if># loop-protection action all

l            <config-if># loop-protection action global

l            <config-if># loop-protection action log

l            <config-if># loop-protection action shutdown

lldp

med location - Configure the LLDP MED location data. The “coordinate”, “civic-address”, “ecs-elin” locations are independent, so at most three location TLVs could be sent if their data are not empty.

med network-policy add / remove - Configure the LLDP MED network policy table. Add /remove a network policy entry that can be bind to ports.

med tlv-select - Configure LLDP MED TLVs selection. Available optional TLVs are network-policy, location, inventory and poe-pse.

tlv-select - Select LLDP TLVs to send.

<civic-address> - The location is specified as civic address.

<ADDR> - Range from 6 to 160 hexadecimal bytes.

<Coordinate> - The location is specified as coordinates.

<ADDR> - 16 hexadecimal bytes exactly.

<ecs-elin> - The location is specified as ECS ELIN.

<ADDR> - 10 to 25 hexadecimal bytes.

<IDX_LIST> - Range from 1 to 32.

<TLV> - LLDP optional TLV, pick from: port-desc, sys-name, sys-desc, sys-cap, mac-phy, lag, max-frame-size, management-addr.

pvid <disable/enable> - Enable or disable the TX optional-TLV 802.1 PVID.

vlan-name <add/remove> <2-4094> - Add/remove a selected VLAN. Enter the VLAN ID number.

<rx> - Enable LLDP reception on interface.

<tx> - Enable LLDP transmission on interface.

Related Syntax:

l        <config-if># lldp med location <civic-address/coordinate/ecs-elin> <ADDR>

l        <config-if># lldp med network-policy add <IDX_LIST>

l        <config-if># lldp med network-policy remove <IDX_LIST>

l        <config-if># lldp med tlv-select <network-policy/location/inventory/poe-pse> <network-policy/location/inventory/poe-pse> <network-policy/location/inventory/poe-pse>

l        <config-if># lldp tlv-select <TLV/pvid/vlan-name>

l        <config-if># lldp tlv-select pvid <disable/enable>

l        <config-if># lldp tlv-select vlan-name <add/remove> <2-4094>

l        <config-if># lldp <rx/tx>

mac

Specify an access control list for packets.

Before configuring, you have to create an ACL based on MAC address. For example,

<config># mac acl CA_ACL

<config-mac-acl>#

<NAME> - Enter a name for ACL.

Related Syntax:

l        <config-if># mac acl <NAME>

mvr

Make MVR configuration.

immediate - Enable MVR function.

type <receiver/source> - Specify MVR port type as receiver or source.

Related Syntax:

l        <config-if># mvr immediate

l        <config-if># mvr type <receiver/source>

no

Negate command. Such command can disable current setting of command executed and return to the factory setting of that command.

Example:

<config-if> # no mvr

The operation will make mvr setting is default. Continue? [yes/no]:yes

<config-if> #

Related Syntax:

l        <config-if># no <command>

poe

Enable or disable the PoE port.

port-security

port-security - Enable the port security functionality. Default is disabled.

address-limit <1-256>- Enter the number as limitation for MAC address.

action <discard / forward / shutdown> – Speicfy an action to be performed.

Related Syntax:

l        <config-if># port-security

l        <config-if># port-security adderss-limit <1-256> action <discard / forward / shutdown>

power

Configure the inline power for the PoE device.

inline auto - Turn on the PoE device discovery protocol and apply the power to the devcie.

inline never - Turn off the PoE device power.

power-limit <15.4w/30w/MW> - Set the power limit for the PoE device.

priority <1-3/critical/high/low> - Set the priority of power application for the PoE device.

schedule-index - Specify the index number of the schedule profile.

Related Syntax:

l           <config-if># power inline auto

l           <config-if># power inline never

l           <config-if># power power-limit <15.4w/30w/MW>

l           <config-if># power priority <1-3/critical/high/low>

l           <config-if># power schedule-index

protected

Configure an interface to be a protected port.

Related Syntax:

l        <config-if>#protected

qos

cos - Configure the default CoS value for an Ethernet port.

<0-7> - Specify a CoS value for the selected interface. Default value is 0.

remark - Configure remarking state of each port.

trust - Configure each port to trust state while the system is in “basic” mode. There are four trust types for a device to judge the appropriate queue of the packets.

<cos> - Enable cos remarking.

<dscp> - Enable DSCP remarking.

<cos-dscp> - Enable cos and DSCP remarking.

<precedence> - Enable IP precedence remarking.

Related Syntax:

l        <config-if>#qos cos <0-7>

l        <config-if>#qos remark <cos/dscp/precedence>

l        <config-if>#qos trust <cos/cos-dscp/ dscp/precedence>

rate-limit

It is effective for Ethernet port only.

egress - Configure the egress port shaper.

ingress - Configure the ingress port shaper.

egress queue – Configure queue for egress port shaper.

<0-1000000> - Enter a number as the average traffic rate in Kbps. It must be a multiple of 16.

<16-1000000> - Enter a number as the average traffic rate in Kbps. It must be a multiple of 16.

<1-8> - Specify a nubmer as queue ID.

Related Syntax:

l        <config-if># rate-limit egress <0-1000000>

l        <config-if># rate-limit egress queue <1-8> <16-1000000>

l        <config-if># rate-limit ingress <16-1000000>

shutdown

Disable the selected interface.

Example:

(config)# interface gigabitethernet 3

(config-if)# shutdown

(config-if)# exit

(config)# exit

# show interface Gigabitethernet 3

GigabitEthernet3 is down

Related Syntax:

l        <config-if># shutdown

spanning-tree

Configure spanning-tree settings.

bpdu-filter - Set the BPDU-Filter for specified port.

bpdu-guard - Set the BPDU-Guard for specified port.

edge - Set the edge-port for specified port.

cost - Change an interface’s spanning tree path cost.

link-type - Specify a link type for spanning tree protocol use.

mcheck - Set the mcheck for specified port to migrate.

mst - Set spanning-tree parameters of instance.

port-priority- Set the priority for specified instance.

<0-200000000> - Specify a value of internal path cost (0 means Auto).

<point-to-point> - The selected port will be treated as point-to-point.

<shared> - The selected port will be treated as shared.

<0-15> - Specify an instance ID.

<0-240> - Specify a priority number for the selected port.

Related Syntax:

l        <config-if># spanning-tree <bpdu-filter /bpdu-guard/ edge>

l        <config-if># spanning-tree cost <0-200000000>

l        <config-if># spanning-tree link-type <point-to-point/shared>

l        <config-if>#spanning-tree mcheck

l        <config-if>#spanning-tree mst <0-15> cost <0-200000000>

l        <config-if># spanning-tree port-priority <0-240>

speed

Configure speed operation.

<10/100/1000> - Force 10/100/1000 Mbps operation.

<auto> - Enable Auto speed configuration.

Related Syntax:

l        <config-if># speed<10/100/1000>

l        <config-if># speed auto

storm-control

action - Select an action for storm control after exceeding the threshold.

broadcast level - Enable the storm control type of broadcast for the selected port.

unknown-multicast level - Enable the storm control type of unknown-multicast for the selected port.

unknown-unicast level- Enable the storm control type of unknown-unicast for the selected port.

<drop> - Drop packets after exceeding storm control threshold.

<shutdown> - Disable the port after exceeding storm control threshold.

<1-1000000> - Specify the rate value.

Related Syntax:

l        <config-if># storm-control action <drop/shutdown>

l        <config-if># storm-control broadcast level <1-1000000>

l        <config-if># storm-control unknown-multicast level <1-1000000>

l        <config-if># storm-control unknown-unicast level <1-1000000>

surveillance-vlan

cos - Set surveillance VLAN configuration.

mode - Set surveillance member port join mode.

<all> - QoS attributes are applied to all packets that are classified to the Surveillance VLAN.

<src> - QoS attributes are applied only on packets from IP phones.

<auto> - Make surveillance member port join voice VLAN automatically.

<manual> - The administrator manually makes surveillance member port join voice VLAN.

Related Syntax:

l        <config-if># surveillance-vlan cos <all/src>

l        <config-if># surveillance-vlan mode <auto/manual>

switchport

Set switching mode characteristics.

access vlan –Use it to set a native VLAN on the interface.

default-vlan tagged – Use it to make the selected port interface to become the default VLAN tagged member.

forbidden default-vlan – Use it to forbid the defult-vlan on the interface.

forbidden vlan - Use it to forbid a vlan on the interface.

hybrid accetable-frame-type – Use it to choose which type of frame will be accepted.

hybrid allowed – Use it to allow a VALN set on the interface.

hybrid ingress-filtering – Use it to enable VLAN ingress filter.

hybrid pvid – Use it to set PVID of the interface.

mode access - Use it to configure the selected port as the role of access. Only untagged frames will be accepted.

mode hybrid - Use it to configure the selected port as the role of hybrid. Support all functions defined in IEEE 802.1Q specification.

mode trunk uplink – Use it to configure the selected port as the role of trunk. It can recognize double tagging on the interface.

trunk allowed – Use it to allow a VALN on the interface.

trunk native – Use it to set a native VLAN on the interface.

tunnel vlan – Use it to set a Dot1q tunnel VLAN on the interface.

vlan tpid – Use it to set TPID on the interface.

<1-4094> - Specify a VLAN ID.

<add/remove> - Add or remove the allowed VLAN list.

<all/tagged-only/untagged-only> - Specify an option for accepting all frames, only tagged frames or only untagged frames.

<1-4094/all> - Specify a VLAN ID or all VLAN IDs.

< 0x8100 / 0x88A8 / 0x9100 / 0x9200> - Specify one tag-protocol-id.

Related Syntax:

l        <config-if># switchport access vlan <1-4094>

l        <config-if># switchport default-vlan tagged

l        <config-if># switchport forbidden default-vlan

l        <config-if># switchport forbidden vlan <add/remove> <1-4094>

l        <config-if># switchport hybrid accetable-frame-type <all/tagged-only/untagged-only>

l        <config-if># switchport hybrid allowed vlan add <1-4094>

l        <config-if># switchport hybrid allowed vlan add <1-4094> <tagged/ untagged>

l        <config-if># switchport hybrid allowed vlan remove <1-4094>

l        <config-if># switchport hybrid ingress-filtering

l        <config-if># switchport hybrid pvid <1-4094>

l        <config-if># switchport mode <access/hybrid>

l        <config-if># switchport mode trunk uplink

l        <config-if># switchport trunk allowed vlan <add /remove> <1-4094/all>

l        <config-if># switchport trunk native <1-4094>

l        <config-if># switchport tunnel vlan <1-4094>

l        <config-if># switchport vlan tpid < 0x8100/0x88A8 / 0x9100 / 0x9200>

udld

Configure UDLD enabled or disabled and ignore global UDLD setting.

aggressive - Enable UDLD protocol on such interface.

Related Syntax:

l        <config-if># udld

l        <config-if># udld aggressive

vlan

mac-vlan group - Set a MAC-based VLAN configuration.

protocol-vlan group - Set a protocol-based VLAN configuration.

<1-2147483647> - Specify a group ID to map.

<1-4094> - Specify a VLAN ID.

Related Syntax:

l        <config-if># vlan mac-vlan group <1-2147483647> vlan <1-4094>

l        <config-if># vlan protocol-vlan group<1-2147483647> vlan <1-4094>

voice-vlan

cos - Set voice VLAN configuration as COS mode.

mode - Set voice member port join mode.

<all> - QoS attributes are applied on all packets that are classified to the Voice VLAN.

<src> - QoS attributes are applied only on packets from IP phones.

<auto> - Make voice member port join voice VLAN automatically.

<manual> - The administrator manually makes voice member port join voice VLAN.

Related Syntax:

l        <config-if># voice-vlan cos <all/src>

l        <config-if># voice-vlan mode <auto/manual>

Example

P2100# configure

P2100(config)# interface LAG 1

G2280(config-if)# speed 100

G2280(config-if)# backpressure

G2280(config-if)# lldp med location ecs-elin 112233445566778899AA

G2280(config-if)# vlan mac-vlan group 35 vlan 1000

G2280(config-if)#