Table of Contents 1 Basic Configuration Commands 1-1

Similar documents
Table of Contents 1 Basic Configuration Commands 1-1

Table of Contents 1 Basic Configuration Commands 1-1

Table of Contents 1 Commands for Access Controller Switch Interface Board 1-1

Device management commands 1

Basic Device Management

Login management commands

Privilege Level Switching Authentication Technology White Paper

HP 3600 v2 Switch Series

HP A3100 v2 Switch Series

H3C WA Series WLAN Access Points. Fundamentals Command Reference

HP 3600 v2 Switch Series

Scheduling. Scheduling Tasks At Creation Time CHAPTER

Operation Manual Login and User Interface. Table of Contents

Example. Section: PS 709 Examples of Calculations of Reduced Hours of Work Last Revised: February 2017 Last Reviewed: February 2017 Next Review:

Configuring the Hostname, Domain Name, Passwords, and Other Basic Settings

Logging in to the CLI

Managing System of Standalone EAP

HP A5830 Switch Series Fundamentals. Configuration Guide. Abstract

AIMMS Function Reference - Date Time Related Identifiers

Table of Contents 1 SSH Configuration 1-1

Table of Contents 1 PPP Configuration Commands PPPoE Configuration Commands 2-1

Table of Contents 1 CLI Configuration 1-1

HP 6125 Blade Switch Series

HP 6125G & 6125G/XG Blade Switches

HPE FlexFabric 5700 Switch Series

Examples of Cisco APE Scenarios

HP 5500 EI & 5500 SI Switch Series

Logging in through SNMP from an NMS 22 Overview 22 Configuring SNMP agent 22 NMS login example 24

Table of Contents 1 Information Center 1-1

Lab Configure Basic AP Security through IOS CLI

Table of Contents 1 Ethernet Interface Configuration Commands 1-1

H3C S10500 Switch Series Troubleshooting Guide

RC001-NMS1 (REV.C) User Manual

H3C S7500E Switch Series Troubleshooting Guide

H3C Intrusion Prevention System. Command Reference. Hangzhou H3C Technologies Co., Ltd. Document Version: 5PW

Using the Command-Line Interface

PPP configuration commands

Using the Startup Wizard

System Management Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9400 Switches)

H3C WA Series WLAN Access Points. Layer 2 WAN Command Reference. Hangzhou H3C Technologies Co., Ltd.

RADview-EMS/NGN Element Management System for NGN Applications ACE-3100, ACE-3200

Programming Date and Time APIs

Lab Using the CLI to Gather Network Device Information Topology

HP Load Balancing Module

H3C S5120-EI Switch Series

System Management Configuration Guide, Cisco IOS XE Fuji 16.9.x (Catalyst 9500 Switches)

Loop detection commands 1

Lab - Configuring a Switch Management Address

CALENDAR OF FILING DEADLINES AND SEC HOLIDAYS

Nortel Secure Router 2330/4134 Commissioning. Release: 10.2 Document Revision: NN

Console Port, Telnet, and SSH Handling

User and System Administration

User authentication configuration example 11 Command authorization configuration example 13 Command accounting configuration example 14

H3C S5830V2 & S5820V2 Switch Series

Calendar Excel Template User Guide

Setup manual VU COM. VU COM - version V2.04. Product reference number:

Lab - Troubleshooting Standard IPv4 ACL Configuration and Placement Topology

INFORMATION TECHNOLOGY SPREADSHEETS. Part 1

System Management Configuration Guide, Cisco IOS XE Fuji 16.8.x (Catalyst 3850 Switches)

CP-EX252N/CP-EX302N/CP-EW302N

CHAPTER 2 ACTIVITY

USER MANUAL. BioPro SA50 Fingerprint & Palm Terminal. Version: 1.0 Date: August Inch TFT Terminal User Manual 1

H3C S12500 Series Routing Switches

Lab Managing Router Configuration Files with Terminal Emulation Software

Lab 7 Configuring Basic Router Settings with IOS CLI

Configuring Message Notification

Solar Eclipse Scheduler. Release 9.0

H3C SecBlade NetStream Card Configuration Examples

Loopback detection configuration commands

Lab Configuring Basic RIPv2 (Solution)

Table of Contents. 2 MIB Style Configuration 2-1 Overview 2-1 Setting the MIB Style 2-1 Displaying and Maintaining MIB 2-1

Eclipse Scheduler and Messaging. Release (Eterm)

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide. Figure 3-1 Device Information window

Skills Assessment Student Training

Lab Configuring Dynamic and Static NAT (Solution)

ID-AL - SCHEDULER V2.x - Time-stamped & dated programming Scheduler - Manual SCHEDULER. V2.x MANUAL

Lab Configuring and Verifying Standard IPv4 ACLs (Instructor Version Optional Lab)

Table of Contents 1 FTP and SFTP Configuration TFTP Configuration 2-1

Nortel Enterprise Reporting Quality Monitoring Meta-Model Guide

client through crl configure Commands

Configuring System Message Logging

Clock Commands on the Cisco IOS XR Software

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Auction Calendar 2017/2018 for Capacity Allocation Mechanism Network Code

Clock Commands on the Cisco IOS XR Software

Configuring Performance Routing Cost Policies

Table of Contents Chapter 1 Configuration File Management Commands

Using the emergency shell 1

HP FlexFabric 12900E Switch Series

Institute For Arts & Digital Sciences SHORT COURSES

Available Commands CHAPTER

PT Activity: Configure AAA Authentication on Cisco Routers

Backup and Restore Guide for Cisco Unified Communications Domain Manager 8.1.3

Configuring Online Diagnostics

Software Upgrade Guide

Lab Configuring and Verifying Standard IPv4 ACLs Topology

4(b): Assign the IP address on the Serial interface of Router. Console Cable

FortiNAC Motorola Wireless Controllers Integration

System Management Commands

Bulk Statistics. Feature Summary and Revision History. This chapter provides configuration information for:

Transcription:

Table of Contents 1 Basic Configuration Commands 1-1 Basic Configuration Commands 1-1 clock datetime 1-1 clock summer-time one-off 1-2 clock summer-time repeating 1-3 clock timezone 1-4 configure-user count 1-5 display clipboard 1-5 display clock 1-6 display configure-user 1-7 display current-configuration 1-7 display diagnostic-information 1-9 display this 1-10 display version 1-11 header 1-12 super 1-13 super authentication-mode 1-14 super password 1-15 sysname 1-16 i

Support of the H3C WA series WLAN access points for commands may vary by AP model. For more information, see Feature Matrix. The interface types and the number of interfaces vary by AP model. The models listed in this document are not applicable to all regions. Please consult your local sales office for the models applicable to your region. 1 Basic Configuration Commands Basic Configuration Commands clock datetime clock datetime time date User view 3: Manage level time: Configured time, in the format of HH:MM:SS, where HH is hours in the range 00 to 23, MM is minutes in the range 00 to 59, and SS is seconds in the range 00 to 59. The first zero in the HH, MM, or SS value can be omitted; if the value of SS is 00, the time argument can be represented in the format of HH:MM; if both the values of MM and SS are 00s, the time argument can be represented in the format of HH. date: Configured date, in the format of MM/DD/YYYY or YYYY/MM/DD. MM is the month of the year in the range 1 to 12, DD is the day of the month that varies with months, and YYYY is a year in the range 2000 to 2035. Use the clock datetime command to set the current time and date of the AP. The current time and date of the AP must be set in an environment that requires the acquisition of absolute time. You may choose not to provide seconds when inputting the time parameters. Related commands: clock summer-time one-off, clock summer-time repeating, clock timezone, and display clock. 1-1

Set the current system time to 14:10:20 08/01/2005. <Sysname> clock datetime 14:10:20 8/1/2005 Set the current system time to 00:06:00 01/01/2007. <Sysname> clock datetime 0:6 2007/1/1 clock summer-time one-off clock summer-time zone-name one-off start-time start-date end-time end-date add-time undo clock summer-time System view 3: Manage level zone-name: Name of the daylight saving time, a string of 1 to 32 characters. It is case sensitive. start-time: Start time, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. start-date: Start date, in the format of MM/DD/YYYY (months/days/years) or YYYY/MM/DD. end-time: End time, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. end-date: End date, in the format of MM/DD/YYYY (months/days/years) or YYYY/MM/DD. add-time: Time added to the standard time of the AP, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. Use the clock summer-time one-off command to adopt daylight saving time from the start-time of the start-date to the end-time of the end-date. Daylight saving time adds the add-time to the current time of the AP. Use the undo clock summer-time command to cancel the configuration of the daylight saving time. By default, daylight saving time is configured on the AP, and the universal time coordinated (UTC) time zone is applied. After the configuration takes effect, you can use the display clock command to view it. Besides, the time of the log or debug information is the local time of which the time zone and daylight saving time have been adjusted. The time range from start-time in start-date to end-time in end-date must be longer than one day and shorter than one year. Otherwise, the argument is considered as invalid and the configuration fails. If the current system time is in the time range specified with this command, the system time automatically adds add-time after the execution of this command. Related commands: clock datetime, clock summer-time repeating, clock timezone, and display clock. 1-2

For daylight saving time in abc1 between 06:00:00 on 08/01/2006 and 06:00:00 on 09/01/2006, set the system clock ahead one hour. [Sysname] clock summer-time abc1 one-off 6 08/01/2006 6 09/01/2006 1 clock summer-time repeating clock summer-time zone-name repeating start-time start-date end-time end-date add-time undo clock summer-time System view 3: Manage level zone-name: Name of the daylight saving time, a string of 1 to 32 characters. start-time: Start time, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. start-date: Start date which can be set in two ways: Enter the year, month and date at one time, in the format of MM/DD/YYYY (months/days/years) or YYYY/MM/DD. Enter the year, month and date one by one, separated by spaces. The year ranges from 2000 to 2035; the month can be January, February, March, April, May, June, July, August, September, October, November or December; the start week can be the first, second, third, fourth, fifth or last week of the month; the start date is Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday. end-time: End time, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. end-date: End date which can be set in two ways: Enter the year, month and date at one time, in the format of MM/DD/YYYY (months/days/years) or YYYY/MM/DD. Enter the year, month and date one by one, separated by spaces. The year ranges from 2000 to 2035; the month can be January, February, March, April, May, June, July, August, September, October, November or December; the end week can be the first, second, third, fourth, fifth or last week of the month; the end date is Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday. add-time: Time added to the current standard time of the AP, in the format of HH:MM:SS (hours/minutes/seconds). The zeros in the argument can be omitted except for indicating 0 hours. Use the clock summer-time repeating command to adopt the daylight saving time repeatedly. Use the undo clock summer-time command to cancel the configuration of the daylight saving time. By default, daylight saving time is configured on the AP, and the UTC time zone is applied. 1-3

For example, when start-date and start-time are set to 2007/6/6 and 00:00:00, end-date and end-time to 2007/10/01 and 00:00:00, and add-time to 01:00:00, it specifies to adopt daylight saving time from 00:00:00 of June 6 until 00:00:00 of October 1 each year from 2007 (2007 inclusive). The daylight saving time adds one hour to the current AP time. After the configuration takes effect, use the display clock command to view the result. The information such as log file and debug adopts the local time modified by time-zone and daylight saving time. The time range from start-time in start-date to end-time in end-date must be longer than one day and shorter than one year. Otherwise, the argument is considered as invalid and the configuration fails. If the current system time is in the time range specified with this command, the system time automatically adds add-time after the execution of this command. Related commands: clock datetime, clock summer-time one-off, clock timezone, and display clock. For the daylight saving time in abc2 between 06:00:00 on 08/01/2007 and 06:00:00 on 09/01/2007 and from 06:00:00 08/01 to 06:00:00 on 09/01 each year after 2007, set the system clock ahead one hour. [Sysname] clock summer-time abc2 repeating 06:00:00 08/01/2007 06:00:00 09/01/2007 01:00:00 clock timezone clock timezone zone-name { add minus } zone-offset undo clock timezone System view 3: Manage level zone-name: Time zone name, a string of 1 to 32 characters. It is case sensitive. add: Adds a specified offset to UTC time. minus: Subtracts a specified offset to UTC time. zone-offset: Offset to the UTC time, in the format of HH/MM/SS (hours/minutes/seconds), where HH is hours in the range 0 to 23, MM is minutes in the range 0 to 59, and SS is seconds in the range 0 to 59. The zeros in the argument can be omitted except for indicating 0 hours. Use the clock timezone command to set the local time zone. Use the undo clock timezone command to restore the local time zone to the default UTC time zone. By default, the local time zone is UTC zone. After the configuration takes effect, use the display clock command to view the result. The information such as log file and debug adopts the local time modified by time-zone and daylight saving time. 1-4

Related commands: clock datetime, clock summer-time one-off, clock summer-time repeating, and display clock. Set the name of the local time zone to Z5, five hours ahead of UTC time. [Sysname] clock timezone z5 add 5 configure-user count configure-user count number undo configure-user count System view 2: System level number: Number of users. The value ranges from 1 to 6. Use the configure-user count command to configure the number of users allowed to enter system view at the same time. Use the undo configure-user count command to restore the default. Two users are allowed to configure in system view by default. Related commands: display configure-user. When multiple users enter system view to configure certain attribute, only the last configuration applies. When the number of users has already reached the limit, other users can not enter system view. Configure the limit of users as 4. [Sysname] configure-user count 4 display clipboard display clipboard 1-5

Any view 1: Monitor level None Use the display clipboard command to view the contents of the clipboard. To copy the specified content to the clipboard: Move the cursor to the starting position of the content and press the <Esc+Shift+,> combination (, is an English comma). Move the cursor to the ending position of the content and press the <Esc+Shift+.> combination (. is an English dot) to copy the specified content to the clipboard. the content of the clipboard. <Sysname> display clipboard ---------------- CLIPBOARD----------------- display current-configuration display clock display clock Any view 1: Monitor level None Use the display clock command to view the current system time and date. The current system time and date are decided by the clock datetime, clock summer-time one-off (or clock summer-time repeating), clock timezone. For more information about the rules, see Basic System Configuration in the Fundamentals Configuration Guide. Related commands: clock datetime, clock summer-time one-off, clock summer-time repeating, and clock timezone. Display the current time and date. <Sysname> display clock 09:41:23 UTC Thu 12/15/2005 1-6

display configure-user display configure-user Any view 1: Monitor level None Use the display configure-user command to display the users that have logged in to the AP and are not in user view. Related commands: configure-user count. Display the users entering system view at the same time. <Sysname> display configure-user The information of current configuration user(s): Idx UI Delay Type Userlevel + 178 VTY 0 01:10:16 TEL 3 + 179 VTY 1 00:00:00 TEL 3 Following are more details. VTY 0 : Location: 192.168.1.59 VTY 1 : Location: 192.168.1.54 + : User-interface is active. F : User-interface is active and work in async mode. display current-configuration display current-configuration [ [ configuration [ configuration ] interface [ interface-type ] [ interface-number ] ] [ by-linenum ] [ { begin exclude include } regular-expression ] ] Any view 2: System level configuration [ configuration ]: Specifies to display non-interface configuration. If no parameter is used, all the non-interface configuration is displayed; if parameters are used, display the specified information. For example: isp: Displays the ISP configuration. 1-7

post-system: Displays the post-system configuration. system: Displays the system configuration. user-interface: Displays the user interface configuration. interface [ interface-type ] [ interface-number ]: Displays the interface configuration, where interface-type represents the interface type and interface-number represents the interface number. by-linenum: Specifies to display the number of each line. : Filters command output by specifying a regular expression. For more information about regular expressions, see Basic System Configuration in the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays the lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression. regular-expression: Specifies a regular expression, which is a case sensitive string of 1 to 256 characters. This argument is case-sensitive and can have spaces included. Use the display current-configuration command to display the current validated configuration of an AP. You can use the display current-configuration command to view the currently validated configuration. A parameter is not displayed if it has the default configuration. If the validated parameter is changed, although you have configured it, the validated parameter is displayed. For example, ip address 11.11.11.11 24 has been configured on a Loopback interface. In this case, if you execute the display current-configuration command, ip address 11.11.11.11 255.255.255.255 is displayed, meaning the validated subnet mask is 32 bits. Related commands: save, reset saved-configuration, and display saved-configuration (File Management in the Fundamentals Command Reference). Display the configuration information of interfaces on the APs (the output information depends on the AP model and the current configuration). <Sysname> display current-configuration interface NULL0 interface Vlan-interface1 ip address 20.1.1.11 255.0.0.0 interface Ethernet1/0/1 interface Ethernet1/0/2 interface WLAN-BSS1 interface WLAN-BSS2 interface WLAN-Radio1/0/1 service-template 1 interface wlan-bss 1 1-8

interface WLAN-Radio1/0/2 service-template 2 interface wlan-bss 2 return Display the configuration from the line containing user-interface to the last line in the current validated configuration (the output information depends on the current configuration). <Sysname>display currrent-configuration begin user-interface user-interface con 0 user-interface vty 0 4 return display diagnostic-information display diagnostic-information Any view 1: Monitor level None Use the display diagnostic-information command to display or save the statistics of the running status of multiple modules in the system. During daily maintenance or when the system is out of order, you need to display the running information of each functional module to locate the problem. Generally, you need to execute the corresponding display commands for each module, because each module has independent running information. To collect more information at one time, you can execute the display diagnostic-information command to display or save the statistics of the running status of multiple modules in the system. Execution of the display diagnostic-information command equals execution of the commands display clock, display version, display device, and display current-configuration one by one. Save the statistics of each module's running status in the system. <Sysname> display diagnostic-information Save or display diagnostic information (Y=save, N=display)?[Y/N]y Please input the file name(*.diag)[flash:/default.diag]:aa.diag Diagnostic information is outputting to flash:/aa.diag. Please wait... Save succeeded. You can view the content of the file aa.diag by executing the more.aa.diag command in user view, in combination of the Page Up and Page Down keys. Display the statistics of each module's running status in the system. 1-9

<Sysname> display diagnostic-information Save or display diagnostic information (Y=save, N=display)? [Y/N]:n ================================================= ===============display clock=============== ================================================= 08:54:16 UTC Fri 11/15/2008 =================================================== ===============display version=============== =================================================== Omitted display this display this [ by-linenum ] Any view 1: Monitor level by-linenum: Specifies to display the number of each line. Use the display this command to display the validated configuration information under the current view. After finishing a set of configurations under a view, you can use the display this command to check whether the configuration takes effect. A parameter is not displayed if it has the default configuration. A parameter is not displayed if the configuration has not taken effect. Execution of this command in any user interface view displays the valid configuration in all the user interfaces. Execution of this command in any VLAN view displays the configurations of all the created VLANs. Display the valid configuration information in the current view (the output information depends on the current configuration of the AP). [Sysname] user-interface vty 0 [Sysname-ui-vty0] display this user-interface con 0 user-interface vty 0 history-command max-size 256 user-interface vty 1 4 return 1-10

Display the valid configuration information of all user interfaces (the output information depends on the current configuration of the AP). [Sysname] user-interface vty 0 [Sysname-ui-vty0] display this user-interface con 0 user-interface vty 0 history-command max-size 256 user-interface vty 1 4 return display version display version Any view 1: Monitor level None Use the display version command to view system version information. By viewing system version information, you can learn about the current software version, rack type and the information related to the main control board and interface boards. Display system version information. <Sysname> display version H3C Comware Platform Software Comware Software, Version 5.00, 0001 Copyright (c) 2004-2007 Hangzhou H3C Tech. Co., Ltd. All rights reserved. WA2200 uptime is 0 week, 0 day, 3 hours, 45 minutes CPU type: AMCC PowerPC 266MHz 64M bytes SDRAM Memory 8M bytes Flash Memory Pcb Version: Ver.A Basic BootROM Version: 1.00 Extend BootROM Version: 1.01 [SLOT 1]CON (Hardware)Ver.A, (Driver)1.0 [SLOT 1]RADIO1/0/1 (Hardware)Ver.N/A, (Driver)1.0 [SLOT 1]RADIO1/0/2 (Hardware)Ver.N/A, (Driver)1.0 [SLOT 1]ETH1/0/1 (Hardware)Ver.A, (Driver)1.0 [SLOT 1]ETH1/0/2 (Hardware)Ver.A, (Driver)1.0 1-11

header header { incoming legal login motd shell } text undo header { incoming legal login motd shell } System view 2: System level incoming: Sets the banner displayed when a Modem login user enters user view. If authentication is needed, the incoming banner is displayed after the authentication is passed. legal: Sets the authorization banner before a user logs onto the terminal interface. The legal banner is displayed before the user inputs the username and password. login: Sets the login banner at authentication. motd: Banner displayed before login. shell: Sets the banner displayed when a non Modem login user enters user view. text: Banner message, which can be input in two formats. For more information, see Basic System Configuration in the Fundamentals Configuration Guide. Use the header command to create a banner. Use the undo header command to clear a banner. Configure banners. [Sysname] header incoming % Please input banner content, and quit with the character '%'. Welcome to incoming(header incoming)% [Sysname] header legal % Please input banner content, and quit with the character '%'. Welcome to incoming(header incoming)% [Sysname] header legal % Please input banner content, and quit with the character '%'. Welcome to legal (header legal)% [Sysname] header login % Please input banner content, and quit with the character '%'. Welcome to login(header login)% [Sysname] header motd % Please input banner content, and quit with the character '%'. Welcome to motd(header motd)% [Sysname] header shell % Please input banner content, and quit with the character '%'. Welcome to shell(header shell)% 1-12

The character % is the starting/ending character of text in this example. Entering % after the displayed text quits the header command. As the starting and ending character, % is not a part of a banner. Test the configuration remotely using Telnet. (only when login authentication is configured can the login banner be displayed). ************************************************************************** * All rights reserved (2004-2006) * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ************************************************************************** Welcome to legal(header legal) Press Y or ENTER to continue, N to exit. Welcome to motd(header motd) Welcome to login(header login) Login authentication Password: Welcome to shell(header shell) <Sysname> super super [ level ] User view 0: Visit level level: User level, in the range 0 to 3, and defaults to 3. Use the super command to switch from the current user privilege level to the specified user privilege level. If the level argument is not specified, the current user privilege level will be switched to 3. 1-13

Login users are classified into four levels that correspond to the four command levels. After users at different levels log in, they can only use commands at their own, or lower, levels. A user can switch to a privilege level lower than the current one unconditionally and is not required to input the password (if any) set with the super password command. A user is required to input the password (if any) set with the super password command to switch to a higher privilege level. If no password is set with the super password command, privilege level switch is treated as follows: If the user is logged in from the console port, the switch succeeds. If the user is logged in from any of the AUX, TTY, or VTY user interfaces, the switch fails. Therefore, before switching a user logging in from AUX, TTY or VTY user interface to a higher user privilege level, you should configure the password needed. Related commands: super password and super authentication-mode. Set the user privilege level to 2 (The current user privilege level is 3.). <Sysname> super 2 User privilege level is 2, and only those commands can be used whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE Switch the user privilege level back to 3 (Suppose password 123 has been set; otherwise, the user privilege level cannot be switched to 3.). <Sysname> super 3 Password: User privilege level is 3, and only those commands can be used whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE super authentication-mode super authentication-mode { local scheme } * undo super authentication-mode System view 2: System level local: Authenticates a user by using the local password set with the super password command. In this case, when no password is set with the super password command, privilege level switch succeeds if the user is logged in from the console port, and the switch fails if the user is logged in from the VTY user interface or inputs an incorrect switch password. scheme: AAA authentication. For more information about AAA, see AAA in the Security Configuration Guide. local scheme: First local and then scheme, that is, authenticates a user by using the local password first, and if no password is set, for the user logged in from the console port, the privilege level switch 1-14

succeeds; for the user logged in from any of the AUX, TTY, or VTY user interfaces, the AAA authentication is performed. scheme local: First scheme and then local, that is, AAA authentication is performed first, and if the AAA configuration is invalid (domain parameters or authentication scheme are not configured) or the server does not respond, the authentication requiring the local password is performed. Use the super authentication-mode command to set the authentication mode for user privilege level switch. Use the undo super authentication-mode command to restore the default. By default, the authentication mode for user privilege level switch is local. Related commands: super password. Set the authentication mode for user privilege level switch to local. [Sysname] super authentication-mode local Set the authentication mode for user privilege level switch to scheme local. [Sysname] super authentication-mode scheme local super password super password [ level user-level ] { simple cipher } password undo super password [ level user-level ] System view 2: System level level user-level: User privilege level in the range 1 to 3, with the default as 3. simple: Plain text password. cipher: Cipher text password. password: Password, a string of characters. It is case-sensitive. For simple password, it is a string of 1 to 16 characters. For cipher password, it is a string of 1 to 16 characters in plain text or 24 characters in cipher text. For example, the simple text 1234567 corresponds to the cipher text (TT8F]Y\5SQ=^Q`MAF4<1!!. Use the super password command to set the password needed to switch from a lower user privilege level to a higher one. Use the undo super password command to restore the default. By default, no password is set to switch from a lower user privilege level to a higher one. 1-15

Use the simple keyword to set a simple-text password. Use the cipher keyword to set a cipher-text password. A cipher-text password is recommended because a simple-text password easily gets cracked. During authentication, you must input a simple-text password regardless of the password type you set. Set the password to abc in simple form for switching user-level to 3. [Sysname] super password level 3 simple abc Display the password for switching user-level. [Sysname] display current-configuration super password level 3 simple abc Set the password to abc in cipher form for switching user-level to 3. [Sysname] super password level 3 cipher abc Display the password for switching user-level. [Sysname] display current-configuration super password level 3 cipher =`*Y=F>*.%-a_SW8\MYM2A!! sysname sysname sysname undo sysname System view 2: System level sysname: Name of the AP, a string of 1 to 30 characters. Use the sysname command to set the name of the AP. Use the undo sysname demand to restore the AP name to the default. The default AP name the AP model. Modifying AP name affects the prompt of the CLI. For example, if the AP name is Sysname, the prompt of user view is <Sysname>. Set the name of the AP to R2000. [Sysname] sysname R2000 [R2000] 1-16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback