3COM SUPERSTACK 4 SWITCH 5500G-EI QUICK REFERENCE GUIDE

3COM OS VERSION 3.1.X

About the Web Interface
This guide details the commands available on the Web and the Command Line Interfaces. The tables contained in this document reference the CLI commands and the equivalent Web Interface menu items that allow the same configuration to be made via the web interface.

About the Command Line Interface

To use and navigate the command line interface of your unit, please refer to the following points for assistance:

When initially accessing the command line interface, press Enter when prompted. The User View menu for the unit displays. This is indicated by the chevron brackets around the name of the unit at the prompt, for example, <sw5500G-EI>. When in the System View menu, square brackets appear around the name of the unit at the prompt, for example, [sw5500G-EI]. You must be in the System View menu to access the configurable CLI commands. Some commands can be entered directly at any prompt from anywhere in the interface. If you enter part of a command followed by a ? (with no space between), the CLI will show you all the commands that begin in that way. To display command parameters: At the prompt, enter the name of the command followed by a space and ?. For example: <sw5500G-EI>boot ? The following parameters are displayed: boot-loader bootrom <sw5500G-EI> To specify boot loader, enter the command as follows: <sw5500G-EI>boot boot-loader ? You only need to enter ? if parameters exist for the command. To display parent menus: At the prompt, enter quit. To display the User View menu: Press <CTRL-Z>. To obtain help: At the prompt, enter ?. The term view may be used interchangeably with the term menu.
1

The undo command is placed before the command you wish to undo, for example, undo set authentication password. <CTRL A> places the cursor back to the start of the command line. Enter the first few characters of a command and press TAB to enter the full command without having to input the entire command (where there is only one command that starts with the entered characters). Use the Up Arrow key at the prompt to repeat the previous command string. Use the Delete key to delete the character after the cursor; the Backspace key deletes the character before the cursor. When entering physical port numbers, Enter the port number as x/0/z, where x is the unit number and z is the physical port number.

Further Information
For further information about how to use the command line interface, refer to the Command Reference Guide and the Configuration Guide, which are both available as PDF documents on the CD that accompanied the unit.

Menus
This section provides a summary of menus and commands supported by the agent for each of the supported hardware platform variants. Any matching web commands available in the web interface are also shown. Commands marked with * are available on the Switch 5500G-EI PWR only.
Table 1
<Ctrl+A> <Tab>

Command Line Editing Moves the cursor to the start of the command line Command completion Commands Available in Any View Description Help Display current system information View detailed configuration information about the ACL View the status of access management function View the ARP mapping table View the current setting of the dynamic ARP map aging timer View the APP file used for this boot and the one that will be used at next boot View details about the information channel View the date and time View statistics of the configuration agent

Table 2 Command
? display display acl display am display arp

Web Command

display arp timer aging display boot-loader display channel display clock display config-agent

display connection display cpu display currentconfiguration display debugging display debugging ospf display device display dhcp client display dhcp-security display dhcp-server display dhcp-server interface vlan-interface display diagnosticinformation display domain display dot1x display fan display fib display fib ip_address display fib acl display fib ip-prefix display fib statistics display ftp-server display ftp-user display history-command display hwping display icmp statistics display igmp group display igmp interface display igmp-snooping configuration display igmp-snooping group display igmp-snooping statistics display info-center display interface

View the connection information of all or specified users Display the occupancy of the CPU Display the current configuration parameters View the enabled debugging process Display debugging ospf information Display device information View detailed information about address allocation to DHCP client View all valid use address information of the DHCP server group View information about DHCP server group View information about the DHCP server group corresponding to the VLAN interface View the current configuration information about all running modules View the configuration of ISP domains View the relevant information of 802.1x View the working state of the built-in fans View the summary of the Forwarding Information Base View the FIB entries matching a destination IP address (range) View the FIB entries matching a specific ACL View the FIB entries matching a specific prefix list View the total number of FIB entries View the parameters of the current FTP server View the parameters of current FTP user View the saved history of commands View the results of hwping View the statistics information about ICMP packets View the member information of the IGMP multicast group View the IGMP configuration and running information on an interface View IGMP snooping configuration information View IP multicast groups and MAC multicast groups View the statistics information on IGMP snooping View the configuration of system log and the information recorded in the memory buffer View port configuration information Port -> Statistics

4
display interface vlaninterface display ip host display ip interface vlaninterface display ip ip-prefix display ip socket display ip statistics display ip routing-table display ip routing-table X.X.X.X display ip routing-table X.X.X.X X.X.X.X display ip routing-table acl display ip routing-table ipprefix display ip routing-table protocol display ip routing-table radix display ip routing-table statistics display ip routing-table verbose display isolate port display lacp system-id display link-aggregation interface display link-aggregation summary display link-aggregation verbose display local-user display local-server statistics display logbuffer display logbuffer summary display loopback-detection display mac-address

View the information about specified or all VLAN interfaces View all the host names and the corresponding IP addresses View the information of an IP interface View the IP address prefix list Display the information about the sockets in the current system View the statistics information about IP packets View the routing table summary View the routing information of the specified destination address View the routing information in the specified destination address range View the route filtered through specified basic access control list (ACL) View the route information that passed the filtering rule according the input ip prefix list name View the route information of specified protocol View radix tree of routing table Summary statistics of all routes Detail information of routing table View port isolation information View actor system ID View detailed link aggregation information at a designated port View summary information of all aggregation groups View detailed information of a designated port View the relevant information of all (or specified) local users View the configuration information of local RADIUS server group View the attributes of logbuffer and the information recorded View the summary information recorded in logbuffer View whether port loopback detection has been enabled and any details View MAC address table information

display mac-address agingtime display mac-authentication display memory display memory limit display mirror display multicast forwarding-table display multicast routingtable display ntp-service sessions display ntp-service status display ntp-service trace

View the aging time of the dynamic entry in the MAC address table Display the global information on centralized MAC address authentication View memory statistics Display information about Switch memory availability View port mirroring configuration View the information of IP multicast forwarding table View the information of IP multicast routing table Display the status of all NTP service sessions provided by local equipment Display the NTP service status Display brief information about every NTP server between the local equipment and the reference clock source View information about the ABR and ASBR of OSPF View the summary information of OSPF imported route View the main summary of OSPF View the OSPF cumulative information View OSPF error information View the OSPF interface information View the database information about OSPF connecting state View the information about the next-hop View the information about OSPF peer View the information about the OSPF request-queue View the information about the OSPF retransmission queue View the information about OSPF routing table View the information about OSPF virtual links View the information of the activated of ACL View the BSR information View the PIM interface configuration information View the PIM neighbor information View the contents of the PIM multicast routing table View the RP information of multicast group View the PoE status of a specific port or all ports on the Switch View the power information of a specific port or all ports on the Switch Device -> PoE

display ospf abr-asbr display ospf asbr-summary display ospf brief display ospf cumulative display ospf error display ospf interface display ospf lsdb display ospf nexthop display ospf peer display ospf request-queue display ospf retrans-queue display ospf routing display ospf vlink display packet-filter display pim bsr-info display pim interface display pim neighbor display pim routing-table display pim rp-info display poe interface* display poe interface power*

6
display poe powersuppply* display port display power display qos-interface display qos-interface linerate display qos-interface mirrored-to display qos-interface traffic-limit display qos-interface traffic-priority display qos-interface traffic-redirect display qos-interface traffic-statistic display qos-profile display queue-scheduler display radius display radius statistics display resilient-arp display rip display rip interface display rip routing display rmon alarm display rmon event display rmon eventlog display rmon history display rmon prialarm display rmon statistics display route-policy display rsa local-key-pair public display rsa peer-public-key display saved-configuration display schedule reboot display snmp-agent display snmp-agent community

View the parameters of the power sourcing equipment (PSE) View any ports where the link type is Hybrid or Trunk View the working state of the built-in power supply View QoS setting information of all interfaces View the parameter setting of traffic rate limitation in the interface output direction View the settings of the traffic mirror View the settings of traffic limit View the settings of traffic priority View the setting of the redirection parameters View the traffic statistics information View QoS profile configuration information View queue scheduling mode and corresponding parameter configuration View the configuration information of all RADIUS server groups or a specified one View the statistics information of RADIUS packet View resilient ARP state of a unit View the current RIP running state View RIP interface information View RIP routing information View RMON alarm information View RMON events View RMON event log View the latest RMON history sampling information Display alarm information about extended RMON View RMON statistics View the configured route policy Display local key pair and public key of the server Display a designated RSA public key View the configuration files stored in the flash memory of the Switch Display the configuration of the schedule reboot terminal service parameters of the current router View information about the SNMP-agent engine ID of current device View the currently configured community names

display snmp-agent group display snmp-agent mib-view display snmp-agent statistics display snmp-agent sys-info display snmp-agent usm-user display ssh server display ssh user-information

View group name, safe mode, state of various views and storage modes View the MIB view configuration information of the Switch View current state of SNMP communication View the system information of SNMP configuration View information of all the SNMP usernames in the group username list Display SSH state or session information Display information of about the user, including username, corresponding key, and authentication type Display configuration filenames used for system start-up. View the stopping accounting requests View the status information of the current RSTP View the list of STP-Ignored VLANs View the statistics information about TCP packets View the TCP connection state Display the running configuration of the current view View the configuration and state of the present time-range View the attributes of trapbuffer and the information recorded View the information of destination Helper server corresponding to a VLAN interface View UDP traffic statistic information View information about the port in a specific unit. View information about the user interface View information about the current user interface Display software version, issue date and the basic hardware configurations Display the OUI address supported by the current system Display information about Voice VLAN features View information about the specified or all VLANs View the information of the entire xrn fabric Traceroute to multicast source Ping command Exit from current command view Assign user a higher user level.

display startup display stop-accountingbuffer display stp display stp ignored-vlan display tcp statistics display tcp status display this display time-range display trapbuffer display udp-helper server display udp statistics display unit display user-interface display users display version display voice vlan oui display voice vlan status display vlan display xrn-fabric mtracert ping quit super

8
return tracert

Return to user view from any view other than user view Check the network routes and troubleshoot the network

Table 3

User View

<SW5500G-EI>
Command
boot boot-loader boot bootrom cd clock datetime clock summer-time clock timezone copy debugging debugging arp packet debugging dhcp client debugging dhcp-relay debugging dhcp xrn xha debugging igmp debugging lacp packet debugging lacp state debugging link-aggregation error debugging link-aggregation event debugging mac-authentication event debugging multicast forwarding debugging multicast kernelrouting debugging multicast statusforwarding debugging ntp-service debugging pim common debugging pim dm debugging pim sm debugging resilient-arp debugging ssh server debugging udp-helper delete dir

Description Specify the application file (.app) used for booting the Switch Upgrade bootrom Change the current directory Configure the current date and time Configure summer time on the Switch Configure local timezone Copy from one file to another Enable system debugging functions Enable ARP debugging Enable DHCP client debugging Enable DHCP relay debugging Enable DHCP/BOOTP client hot backup debugging Enable IGMP debugging functions Enable LACP packets debugging at a designated port or ports Enable LACP state machines debugging on a designated port or ports Enable link aggregation errors debugging Enable link aggregation events debugging Enable the centralized MAC address authentication debugging switch Enable multicast packet forwarding debugging functions Enable multicast kernel routing debugging functions Enable multicast forwarding status debugging functions Debug different NTP services Enable common PIM debugging functions Enable PIM-DM debugging functions Enable PIM-SM debugging functions Enable resilient ARP debugging Display debugging information in running SSH Enable UDP Helper debugging Delete a file List files on a file system

Web Command

10
fabric save-unit-id format free user-interface ftp

Switch off autonumbering and save all Switch unit numbers to flash memory Format the storage device on the Switch Reset a specified user interface Establish control connection with the remote FTP Server and enter FTP Client View (See Table 10, FTP Client View, on page 18) Specify the language environment Lock current user terminal interface Create a new directory Display the contents of a file Move the file Display current working directory Reset switch Rename a file Clear ACL statistics Reset ARP mapping entries Reset statistical information on the port Reset 802.1x statistics information Delete an existing IGMP group from the interface Reset IGMP Snooping statistics information Clear IP statistics information Clear LACP statistics at a designated port or all ports Reset information in log buffer Clear MFC forwarding entries or statistic information of MFC forwarding entries Clear route entries from the core multicast routing table, as well as MFC forwarding entries Reset OSPF process Clear a PIM neighbor Clear a PIM route entry Clear the statistic information related to the RADIUS protocol Delete contents of recycle bin Delete configuration files Delete the stopping accounting requests from the buffer according to the specified RADIUS server name Clear statistics for STP Clear TCP statistics information Reset information in trap buffer Clear UDP statistics information Administartion -> Initialize Administration -> Reboot

language-mode lock mkdir more move pwd reboot rename reset acl counter reset arp reset counters interface reset dot1x statistics reset igmp group reset igmp-snooping statistics

reset ip statistics
reset lacp statistics reset logbuffer reset multicast forwardingtable reset multicast routingtable reset ospf reset pim neighbor reset pim routing-table reset radius statistics reset recycle-bin reset saved-configuration reset stop-accounting-buffer

reset stp reset tcp statistics reset trapbuffer reset udp statistics

rmdir save schedule reboot at schedule reboot delay send startup bootrom-access enable super system-view telnet terminal debugging terminal logging terminal monitor terminal trapping tftp get tftp put undelete xmodem

Delete an existing directory Save current configuration Schedule a reboot of the Switch at specified time Configure the Switch to be rebooted after a specified time delay Send information to other user terminal interface Enable BOOTROM access Privilege current user a specifiied priority level. Enter the system view (See Table 4, System View, on page 11) Establish one Telnet connection Configure to display the debugging information on the terminal Enable terminal log information display Enable the log debugging/log/trap on the terminal monitor Enable terminal trap information display Download a file from the specified directory of the TFTP server Upload a file from the Switch to the specified directory on the TFTP server Recover a deleted file Establish an xmodem connnection Table 4 System View Administration -> Restore Configuration Administration -> Backup Configuration Save Configuration

<SW5500G-EI>sys
Command
acl number

Description Define ACL identified by a number or a name, and then enter the corresponding ACL view (See Table 22, ACL View, on page 27) Enable the access management function Enable the access management trap Enable the checking of ARP entries Configure the static ARP mapping entries in an ARP mapping table Configure the dynamic ARP aging timer Change the ID of the Switch Change the ID of the Switch Specify the command level Copy source port configuration to destination port Disconnect a user or a category of users by force Delete all the static routes

Web Command Device -> ACL Security-> Authorized IP

am enable am trap enable arp check enable arp static arp timer aging change unit-id change self-unit command-privilege level copy configuration cut connection delete static-routes all

Device -> IP Route

11

12
dhcp-security dhcp-security static

Specify DHCP (Dynamic Host Configuration Protocol) relay security configure information Configure user address entries for the DHCP server group Configure the IP address of the DHCP Server used by the DHCP Server group Configure an ISP domain or enter the view of an existing ISP domain Specify 802.1x configuration information Specify authentication method for 802.1x users Trigger system authentication when receiving DHCP packet(s) Specify maximal on-line user number per port Specify port authenticated status Specify port controlled method Enable quiet period timer Specify maximal request times Check whether user(s) access the networks by proxy or not Specify timer parameters Set the handshake period of 802.1x Configure the Switch to periodically test specified end-stations by sending PING packets Run the batch file Modify prompt modes of file operations Start or shutdown the FTP server Configure the FTP connection timeout interval Define the login banner Send sequence of Pings to remote host Enable the HWPing client function IGMP snooping Configure the port aging time of the multicast group members Configure the maximum response time for a query Configure the router port aging time of IGMP Snooping Rename a channel Configure the channel through which log information is output to the console Enable the system log Configure to output information to the memory buffer Configure the IP address of the info-center loghost to which to send information Device -> IGMP Snooping

dhcp-server ip
domain dot1x dot1x authentication-method dot1x dhcp-launch dot1x max-user dot1x port-control dot1x port-method dot1x quiet-period dot1x retry dot1x supp-proxy-check dot1x timer dot1x timer handshake-period end-station polling ipaddress execute file prompt ftp server ftp timeout header hwping hwping-agent enable igmp-snooping igmp-snooping host-agingtime igmp-snooping max-responsetime igmp-snooping router-agingtime info-center channel name info-center console channel info-center enable info-center logbuffer info-center loghost

info-center loghost source info-center monitor channel info-center snmp channel info-center source info-center switch-on info-center timestamp info-center trapbuffer interface ethernet interface vlan-interface

Configure the source address of the packets sent to loghost Configure the channel to output the log information to the user terminal Specify new channel for transmitting the SNMP information Add or delete a record to the information channel Turn on the information synchronization on the specified Switch Configure the timestamp output format in debugging/trap information Output information to the trap buffer Enter Ethernet Port View (See Table 15, Ethernet Port View, on page 22) Enable VLAN interface and enter VLAN interface view (See Table 14, VLAN Inteface View, on page 20) Configure the host name and the host IP address Configure HTTP Configure an address prefix list or one of its items Configure a static route Configure LACP system priority value Device -> IP Route Port -> LACP Port -> Link Aggregation Port -> Link Aggregation Security -> Authorized IP Device -> VLAN Interface Administration -> IP Setup

ip host ip http ip ip-prefix ip route-static lacp system-priority

link-aggregation group agg- Configure a descriptor for an aggregation group id description link-aggregation group agg- Create a manual or static aggregation group id mode
local-server local-user local-user password-displaymode loopback-detection enable loopback-detection intervaltime mac-address mac-address timer mac-authentication mac-authentication domain mac-authentication timer memory

Specify local RADIUS server configuration information Specify local user configuration and enter local-user view (See Table 5, Local-user View, on page 16) Configure the password display mode of all the accessing users Enable port loopback detection Configure the detection interval for the external loopback condition of each port Configure MAC address Configure the aging time of the Layer-2 dynamic address table entry Enable the centralized MAC address authentication feature on a specified port or globally Configure the ISP domain used by the centralized MAC address authentication user Configure timer parameters of the centralized MAC address authentication Free memory for routing protocols to run normally Administration -> System Access

13

14
memory auto-establish enable

Enable memory resume and recover connections of all routing protocols automatically when idle memory of Switch reaches safety value Limit the capacity of multicast routing table Enable IP multicast routing Set authority to access the NTP services on the Switch Enable NTP-service authentication Set NTP authentication key Set how many NTP sessions can be created locally Configure a key as reliable for NTP service authentication Designate an interface to transmit NTP packets Configure NTP peer mode Configure NTP server mode Enable OSPF protocol and enter the OSPF View (See Table 17, OSPF View, on page 25) Bind the MIB operation to the specified OSPF process Specify PIM (Protocol Independent Multicast) configuration information and enter the PIM view (See Table 19, PIM View, on page 26) Enable the non-standard-PD detect function Update the PSE processing software online Tunnel Private Group ID attribute description mode Create a QoS profile and enter the corresponding view (See Table 20, QoS Profile View, on page 26) Specify queue scheduling mode and parameters Specify the source address of the RADIUS packet sent from NAS Specify RADIUS configuration information and enter the RADIUS view (See Table , [SW5500GEI]radius scheme 1, on page 19) Enable resilient ARP

multicast route-limit multicast routing-enable ntp-service access ntp-service authentication enable ntp-service authenticationkeyid ntp-service max-dynamicsessions ntp-service reliable authentication-keyid ntp-service source-interface ntp-service unicast-peer ntp-service unicast-server ospf ospf mib-binding pim

poe legacy enable* poe update* private-group-id qos-profile queue-scheduler radius nas-ip radius scheme

resilient-arp enable

resilient-arp interface vlan- Configure resilient ARP packet-sending VLAN interfaces interface resilient-arp md5 return rip rmon alarm rmon event

Enable MD 5 authentication for resilient ARP packets Return to user view from any view other than user view Enable RIP and enter RIP view (See Table 21, RIP View, on page 26) Add an entry to the alarm table Add an entry to the event table

rmon prialarm route-policy router id rsa local-key-pair create rsa local-key-pair destroy rsa peer-public-key set unit name snmp-agent community snmp-agent group snmp-agent local-engineid snmp-agent mib-view snmp-agent packet max-size snmp-agent sys-info snmp-agent target-host snmp-agent trap enable snmp-agent trap enable ospf snmp-agent trap life snmp-agent trap queue-size snmp-agent trap source snmp-agent usm-user ssh server authenticationretries ssh server rekey-interval ssh server timeout

Add an entry to the extended RMON alarm table Specify a route policy and enter route policy view (See Table 18, Route Policy View, on page 25) Configure the ID of a router running the OSPF protocol Create local RSA host key pair and server key pair Remove all RSA key pairs at the server, including host key pair and Server key pair Enter the public key view (See Table 8, Public Key Edit View, on page 18) Set the unit name of specified unit Configure community access name and access to SNMP Configure an SNMP group Configure a name for a local or remote SNMP engine on the Switch Create or update the view information Specify the size of an SNMP packet Configure system information of running SNMP Configure destination of SNMP notification Enable/disable the device to send Trap messages Enable the OSPF Traps Configure the timeout of Trap packets Configure the information queue length of Trap packets sent to the destination host Configure the source address for sending Trap packets Configure users in an SNMP group Define SSH authentication retry times value Define update interval of server key pair Define timeout value for SSH registration authentication Administration -> SNMP -> Users Administration -> SNMP -> Traps Administration -> SNMP -> Traps Administration -> SNMP -> Community String Administration -> SNMP -> Group

ssh user username assign rsa- Associate an existing public key with a designated user key ssh user username authentication-type stp stp bpdu-protection stp ignored vlan stp mcheck stp mode

Define an authentication type for a designated user Enable Spanning Tree Protocol Enable BPDU protection Configure a STP-Ignored VLAN Force the port to work in RSTP mode Configure the RSTP running mode Device -> Spanning Tree Device -> Spanning Tree Device -> Spanning Tree

15

16
stp pathcost-standard stp priority stp root primary stp root secondary stp timeout-factor stp timer forward-delay stp timer hello stp timer max-age super password level sysname system-guard system-guard l3err enable tcp timer fin-timeout tcp timer syn-timeout tcp window tftp-server time-range udp-helper enable udp-helper port user-interface

Standard to be used for calculating the default Path Cost Configure the bridge priority of the Switch Configure the current switch as the primary root of a spanning tree Configure the current switch as a secondary root of a specified spanning tree Configure multiple of hello time Configure the time of forward delay Configure hello time for Switch Configure the max age of the Switch for judging stp packets Configure a password for changing the user from a lower user level to a higher user level Specify the name of the Switch Configure the System-guard feature Enable L3 error bit management Configure the TCP finwait timer Configure the TCP synwait timer Configure size of transmission and receiving buffers of connection-oriented socket Configure the TFTP server Specify time-range configuration information Enable UDP Helper function Configure the UDP port with relay function Configure the user terminal interface and enter the view (See Table 6, User-interface view, on page 17) Configure VLAN and enter VLAN view (See Table 13, VLAN View, on page 20) Globally enable the Voice VLAN features of one VLAN Configure the aging time of Voice VLAN Set the MAC address that the Voice VLAN can control Set the Voice VLAN in auto mode Enable the Voice VLAN security mode Change the default web source file name Device -> VLAN Device -> Voice VLAN Device -> Voice VLAN Device -> Voice VLAN Device -> Voice VLAN Device -> Voice VLAN Device->ACL/QoS->TimeRange Administration -> SNMP -> Setup Device -> Spanning Tree Device -> Spanning Tree Device -> Spanning Tree Device -> Spanning Tree Device -> Spanning Tree Device -> Spanning Tree

vlan voice vlan voice vlan aging voice vlan mac_address voice vlan mode auto voice vlan security web set-package

Table 5

Local-user View

[SW5500G-EI]local-user admin Command

attribute level password service-type state

Description Configure some attributes for specified local user Configure user priority level Configure a password display mode for local users Configure a service type for a particular user Configure the state of the current user

Web Command Administration -> System Access Administration -> System Access Administration -> System Access

Table 6

User-interface view

[SW5500G-EI]user-interface Command
acl authentication-mode auto-execute command databits history-command max-size idle-timeout parity protocol screen-length set authentication password shell speed stopbits user privilege level

Description Reference ACL and implement the ACL control to the TELNET users Configure local password authentication method Configure to automatically run a specified command after a user logs on Configure the data bits for AUX (Console) port Configure the size of the history command buffer Configure the timeout function Configure the parity mode on AUX (Console) port Set user interface protocol Configure how many lines can be displayed on a screen of the terminal Configure the password for local authentication Enable terminal service of a user interface Specify the transmission rate on the AUX (Console) port in bit/s Configure the stop bits on the AUX (Console) port Configure which level of command a user can use after logon from a specific user interface

Web Command Security -> Authorized IP

Administration -> System Access

Table 7 Command

VTY User-interface View Description Configure the protocols supported by a designated user interface

Web Command

protocol inbound

17

18
Table 8 Public Key Edit View [SW5500G-EI]rsa peer-public-key switchxxx (where xxx is the Switch number) Command
public-key-code begin public-key-code end

Description Enter public key edit view (See Table 8, Public Key Edit View, on page 18) Save the configured public key and return to the public key view

Web Command

Table 9 Command

Public Key View Description Finish editing peer public key and quit from public key view to system view Web Command

peer-public-key end

Table 10

FTP Client View

<SW5500G-EI>ftp xxx.xx.xx.xxx (where xxx.xx.xx.xxx is the IP address of the FTP server) Command
ascii binary bye cd cdup close

Description Configure FTP data transmission mode as ASCII mode Configure FTP data transmission mode as binary mode Disconnect with the remote FTP Server and return to user view Change the working path on the remote FTP server change working path on the FTP server to the next level up in the directory structure Terminate the control connection and data connection with the FTP Server and remain in FTP client view Delete a file on the FTP server Query a file or display the contents of current working directory Disconnect FTP client side from FTP server side without exiting FTP client view Download a remote file and save it locally View local working path of FTP client Query a file or display the contents of current working directory Create a directory on the FTP server Open FTP connection Configure the data transmission mode as passive mode (passive mode is the default data transmission mode)

Web Command

delete dir disconnect get lcd ls mkdir open passive

put pwd quit remotehelp rmdir user verbose

Upload a local file to the FTP server View the current directory on the FTP server Terminate the connection with the FTP server and return to user view View help text about FTP commands Delete a specified directory from the FTP server Register an FTP user Enable verbose (verbose is enabled by default) RADIUS Server Group View

Table 11

[SW5500G-EI]radius scheme 1 Command

accounting optional data-flow-format key nas-ip

Description Enable the selection of RADIUS accounting option Configure the unit of data flow that send to RADIUS Server Configure encryption key for RADIUS authentication/authorization or accounting packet Set the source IP address of the network access server (NAS, i.e: the Switch), so that all packets destined for the RADIUS server carry the same source IP address Configure the IP address and port number for the primary accounting server Configure the IP address and port number for the primary RADIUS authentication/authorization Configure retransmission times of RADIUS request packet Configure the maximum times of real-time accounting request failing to be responded Configure the maximal retransmission times after stopping accounting request Configure the IP address and port number for the second RADIUS accounting server Configure the IP address and port number for the second RADIUS authentication/authorization Configure the supported RADIUS server types Configure the state of RADIUS server without response in the Switch system buffer

Web Command

Security -> RADIUS Client

primary accounting primary authentication retry retry realtime-accounting retry stop-accounting secondary accounting secondary authentication server-type state

Security -> RADIUS Client

stop-accounting-buffer enable Configure to save the stopping accounting requests timer timer realtime-accounting timer response-timeout user-name-format

Configure RADIUS server response timer Configure the real-time accounting interval Configure the RADIUS server response timer Configure the username format sent to RADIUS server

19

20
Table 12 ISP Domain View

[SW5500G-EI]domain test Command

access-limit accounting optional idle-cut messenger radius-scheme scheme self-service-url state

Description Configure a limit to the amount of supplicants in the current ISP domain Enable the selection of RADIUS accounting option Configure the user template in the current ISP domain Specify messenger service of domain Configure the RADIUS server group used by the current ISP domain Configure the AAA scheme to be referenced by the current ISP domain Specify self-service URL (Uniform Resource Locator) of domain Configure the state of the current ISP domain VLAN View

Web Command

Table 13

[SW5500G-EI]vlan 2 Command
description igmp-snooping port

Description Configure a description for the current VLAN or VLAN interface IGMP snooping Add ports to or delete ports from VLAN

Web Command Device -> VLAN

Device -> VLAN

Table 14

VLAN Inteface View

[SW5500G-EI]interface vlan 2 Command

address-check description dhcp-server enable snmp trap igmp enable igmp group-limit igmp group-policy igmp host-join

Description Enable DHCP relay security to check address validity for VLAN interface users Configure a description for the current VLAN or VLAN interface Configure corresponding DHCP Server Group of a VLAN Interface Enable SNMP traps on an interface Enable IGMP on an interface Limit multicast groups on an interface Set the filter of multicast groups on an interface to control the accessing to the IP multicast groups Enable a port in the VLAN interface to join a multicast group

Web Command

igmp lastmember-queryinterval

Set the time interval before IGMP query router sends the IGMP group query message after it receives the IGMP Leave message from the host Configure the maximum response time contained in the IGMP query messages Set the number of sending the IGMP group query message after the IGMP query router receives the IGMP Leave message from the host Configure the timer of presence of the IGMP querier Configure the interval at which a router interface sends IGMP query messages Specify the version of IGMP that a router uses Configure an IP address for VLAN interface Configure a VLAN interface to obtain IP address using BOOTP Configure a VLAN interface to obtain IP address using DHCP Configure NTP broadcast client mode Configure NTP broadcast server mode Disable an interface from receiving NTP packets Configure the NTP multicast client mode Configure NTP multicast server mode Configure the authentication mode and key between adjacent routers Configure different message sending costs to enable the sending of messages from different interfaces Configure the priority for electing the "designated router" on an interface Enable the interface to write MTU value when sending DD packets Configure the network type of OSPF interface Configure the dead interval of the OSPF peer Configure the interval for transmitting Hello messages on an interface Configure the poll Hello packet interval on NBMA and p2mp network Configure the interval for LSA re-transmitting on an interface Configure the LSA transmitting delay on an interface Configure an interface to be the PIM domain border Enable PIM-DM Administration -> IP Setup -> Device -> VLAN Interface Administration -> IP Setup -> Device -> VLAN Interface Administration -> IP Setup -> Device -> VLAN Interface

igmp max-response-time igmp robust-count

igmp timer other-querierpresent igmp timer query igmp version ip address ip address bootp-alloc ip address dhcp-alloc ntp-service broadcast-client ntp-service broadcast-server ntp-service in-interface disable ntp-service multicast-client ntp-service multicast-server ospf authentication-mode ospf cost

ospf dr-priority ospf mtu-enable ospf network-type ospf timer dead ospf timer hello ospf timer poll ospf timer retransmit ospf trans-delay pim bsr-boundary pim dm

21

22
pim neighbor-limit pim neighbor-policy pim sm pim timer hello rip authentication-mode rip input rip metricin rip metricout rip output rip split-horizon rip version rip work shutdown udp-helper server

Limit the PIM neighbors on an interface Set to filter the PIM neighbors on the current interface Enable the PIM-SM protocol on an interface Configure the interval of sending PIM router Hello messages Configure RIP-2 authentication mode and its parameters Allow an interface to receive RIP packets Configure the additional route metric added to the route when an interface receives RIP packets Configure the additional route metric to the route when an interface transmits RIP packets Allow an interface to transmit RIP packets to the network Configure an interface to use split horizon when transmitting RIP packets Configure the RIP version of RIP packets on an interface Enable the running of RIP on an interface Disable the VLAN interface Configure the relay destination server Device -> VLAN Interface

Table 15

Ethernet Port View

[SW5500G-EI]interface ethernet 1/0/1 Command

am ip-pool apply qos-profile arp static broadcast-suppression description dot1x max-user dot1x port-control dot1x port-method dot1x supp-proxy-check duplex enable snmp trap flow-control igmp

Description Configure the IP address pool for access management on a port Apply the QoS profile to the current port Configure the static ARP mapping entries in an ARP mapping table

Web Command

Device -> ACL/QoS -> QoS Profile

Configure the broadcast traffic size enabled on port Port -> Administration Configure name for a port Specify maximal on-line user number per port Specify port authenticated status Specify port controlled method Check whether user(s) access the networks by proxy or not Configure the duplex mode of the port Enable/disable current port to transmit the LINK UP and LINK DOWN trap information Enable flow control on the Ethernet port IGMP Ethernet port configuration Port -> Administration Port -> Administration

igmp group-policy vlan igmp host-join igmp host-join vlan jumboframe enable lacp enable lacp port-priority line-rate loopback

Set filter of multicast groups on a port Enable a loopback interface of an ethernet Switch to join a multicast group Enable a port in the VLAN interface of a Switch to join a multicast group Allow jumbo frames to pass through the current port Enable LACP Configure port priority value Limit the total rate of the packets delivered by interfaces Configure the Ethernet port to perform the loopback test Enable loopback detection control function on a trunk or hybrid port Enable port loopback detection Configure loopback detection on all VLANs on trunk and hybrid ports Limit the number of MAC addresses to be learned by an Ethernet port Enable the centralized MAC address authentication feature on a specified port or globally Enable ACL traffic identification and perform traffic mirror Configure a monitored port Configure a monitor port Configure the multicast traffic size enabled on port Activate ACL Enable PoE on a port Configure the maximum power that can be supplied by a port Supply power through a single line Configure the power supply priority on a port Join the access port to a specified VLAN Configure the default VLAN ID of the hybrid port Join the hybrid port to specified existing VLAN Add a port to an isolation group Add an Ethernet port into a manual or static aggregation group Configure the link type of Ethernet port Join trunk port to specified VLAN Configure the default VLAN ID of trunk port Configure the priority of Ethernet port Port -> Administration Port -> Administration Port -> Administration Port -> Administration Port -> Administration Device -> PoE Port -> Mirroring Port -> Mirroring Port -> Administration Tools -> Loopback Port -> Administration Port -> LACP Port -> LACP

loopback-detection control enable

loopback-detection enable

loopback-detection per-vlan enable

mac-address max-mac-count mac-authentication mirrored-to mirroring-port monitor-port multicast-suppression packet-filter poe enable* poe max-power* poe mode* poe priority* port access vlan port hybrid pvid vlan port hybrid vlan port isolate port link-aggregation group port link-type port trunk permit vlan port trunk pvid vlan priority

23

24
priority trust

Configure system trusting the packet 802.1p priority and not replacing the 802.1p priorities carried by the packets with the port priority Configure application mode on the port of the QoS profile Configure queue scheduling mode Reset the traffic statistics information Add an entry to the history control table Add an entry to the statistic table Disable the port Configure the port speed Enable Spanning Tree Protocol Configure the path cost on a spanning tree for the current Ethernet port Configure the current port as an edge port Enable loop protection function Force the port to work in RSTP mode Configure the link to the current port as point-topoint link or not point-to-point link Configure the priority of the current Ethernet port Enable Root protection Set the maximum number of STP packets the current port can send within one Hello time Activate ACL and perform traffic limitation Activate ACL and perform priority marking Activate the ACL to recognize and redirect the traffic Activate the ACL to recognize and count the traffic Configure the unicast traffic size enabled on the port Enable the Voice VLAN features on the port Port -> Administration Port -> Administration Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port Port -> Spanning Tree Per Port

qos-profile user-based queue-scheduler reset traffic-statistic inbound rmon history rmon statistics shutdown speed stp stp cost stp edged-port stp loop-protection stp mcheck stp point-to-point stp port priority stp root-protection stp transmit-limit traffic-limit traffic-priority traffic-redirect traffic-statistic unicast-suppression voice vlan enable

Table 16

OSPF Area View

[SW5500G-EI]ospf [SW5500G-EI-xx-ospf-1]area 1.1.1.1 Command

abr-summary

Description Configure the route aggregation on the area border router

Web Command

area authentication-mode default-cost network nssa stub vlink-peer

Enter OSPF area view (See Table 16, OSPF Area View, on page 24) Configure one area of OSPF to support the specified authentication mode Configure the cost of the default route transmitted by OSPF to the STUB or NSSA area Configure the interface running OSPF protocol to which the interface belongs Configure the type of an OSPF area as NSSA area Configure the type of an OSPF area as stub Create and configure a virtual link OSPF View

Table 17

[SW5500G-EI]ospf Command
area asbr-summary default cost default interval default limit default tag default type default-route-advertise filter-policy export filter-policy import import-route peer preference silent-interface spf-schedule-interval

Description Enter the OSPF Area View (See Table 16, OSPF Area View, on page 24) Configure the aggregate addresses for OSPF (only for ASBR) Configure the default cost for OSPF to import external routes Configure the default interval for OSPF to import external routes Configure the default value of maximum number of imported routes Configure the default tag of OSPF when it redistributes an external route Configure the default type when OSPF redistributes external routes Import default route to OSPF route area Configure how OSPF filters advertised routing information Configure the OSPF rules of filtering the routing information received Import the information of another routing protocol Cconfigure the neighboring point if a router is connected to a network of NBMA type Configure the preference of an OSPF protocol route Disable an interface to transmit OSPF packet Configure the route calculation interval of OSPF

Web Command

Table 18

Route Policy View

25

26
[SW5500G-EI]route-policy Command
apply cost apply tag if-match if-match cost if-match interface if-match ip next-hop if-match tag

Description Configure the route cost value of route information Configure to set the tag area of OSPF route information Configure the IP address range to match the Routepolicy Configure one of the match rules of route-policy to match the cost of the routing information Configure to match the route whose next hop is designated interface Configure one of the match rules of route-policy on the next hop address of the routing information Configure to match the tag field of OSPF route information

Web Command

Table 19

PIM View

[SW5500G-EI]pim Command
bsr-policy c-bsr c-rp crp-policy register-policy source-policy static-rp

Description Policy to accept PIM BSR messages Candidate bootstrap router Candidate rendezvous point Policy to accept PIM CRP messages Policy to accept PIM register messages Policy to accept multicast packets Static rendezvous point

Web Command

Table 20

QoS Profile View

[SW5500G-EI]qos Command
packet-filter traffic-limit traffic-priority

Description Add packet filtering action to the QoS profile Add traffic policing action in the QoS profile, with the granularity of 64 kbps Enable the ACL and preference replacing action

Web Command Device -> ACL/QoS -> QoS Profile Device -> ACL/QoS -> QoS Profile Device -> ACL/QoS -> QoS Profile

Table 21

RIP View

[SW5500G-EI]rip Command Description Web Command

checkzero default cost filter-policy export filter-policy import host-route import-route network peer

preference Perform the checkzero operation in the zero field of RIP-1 reset

Specify RIP route preference Reset RIP configuration Configure RIP timers Enable RIP to distribute traffic interfaces.

default routing cost of an imported route

summary

Enable RIP-2 automatic route s

Configure RIP to filter the advertised routing timers information Configure to filter the routing information received interface from a specified address Enable receiving host-routes
traffic-share-across-

Table 22 ACL View Import routes from other protocols into RIP [SW5500G-EI]acl number xxxx Enable the routing protocol on the related network (where xxxx is the acl number) or interface Specify a peer router

Command
rule

Description Add a subrule to an ACL

Web Command Device -> ACL Security -> Authorized IP [SW5500G-EI]hwping [SW5500G-EI]hwping xxx yyy (where xxx and yyy are names) Web Command

Table 23

HWPing Test Group View

Command
destination-ip frequency test-enable test-type timeout

Description Specify HWPing class destination ip address Configure an automatic test interval Enable HWPing test Specify HWPing test type Configure timeout time for a test

Part Number:DQA1725-0AAA02 Published: August 2005

27

28