cc/td/doc/product/lan/cat4000/ftth
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table of Contents

Command Reference

Command Reference

This appendix summarizes the Cisco ESSE command line interface (CLI) commands. When you make a configuration change using these commands, the system configuration is updated immediately.

This appendix contains the following sections:

CLI Conventions

The CLI uses the following conventions:

Do not confuse the Cisco ESSE's CLI with the IOS CLI. Though they are similar, they are not the same thing.

Command Privileges

Access to CLI commands is controlled by your user account privilege level. Users with privilege level 15 can use all commands. Users with privilege level 0 can use only a subset of the commands. The command descriptions in this appendix are organized by privilege level. For more information about user accounts and privileges, see the "Administering User Accounts" section.

Checking Command Syntax

The user interface provides several types of responses to incorrect command entries:

In addition, some commands have command-specific error messages that notify you that a command is valid, but that it cannot run correctly.

Command History Feature

The CLI provides a command history feature. To display previously entered commands, press the Up Arrow key. After pressing the Up Arrow key, you can press the Down Arrow key to display the commands in reverse order. To run a command, press the Enter key while the command is displayed on the command line. You can also edit commands before pressing the Enter key.

System Help

You can obtain help using the following methods:

Command Summary

Table C-1 summarizes all commands available on the Cisco ESSE, and tells you where to find full descriptions. Look at the full description of all commands that you are not familiar with before using them.


Table C-1: Command Summary
Command Privilege Level Summary Description Location of Full Description

auth

15

Enables secure remote authentication

"auth" section

backup

15

Backs up the Cisco ESSE

"backup" section

backupconfig

15

Sets the configuration for all backup and restore operations

"backupconfig" section

cdp

15

Configures the CDP

"cdp" section

clock

15

Sets the Cisco ESSE date and time

"clock" section

erase config

151

Erases the configuration in Flash memory and reload the device

"erase config" section

exit

0

Logs user out of the Cisco ESSE

"exit" section

gethostbyname

15

Displays IP address of a known domain name

"gethostbyname" section

fsck

N/A2

Checks and repairs the file system

"fsck" section

firewall

Implements port filtering on the Cisco ESSE

"firewall" section

help

0

Displays online help for the CLI

"help" section

hostname

15

Changes the system hostname

"hostname" section

import

15

Allows the Cisco ESSE to function without a DNS server

"import" section

interface

15

Configures an Ethernet interface

"interface" section

ip domain-name

15

Defines a default domain name

"ip domain-name" section

ip name-server

15

Specifies the address of up to three DNS servers for name and address resolution

"ip name-server" section

listbackup

15

Lists all current backups at the configured site

"listbackup" section

nslookup

15

Translates a DNS name to its IP address or an IP address to its DNS name

"nslookup" section

ntp server

15

Configures the NTP and allows the system clock to be synchronized by a time server

"ntp server" section

ping

0

Sends ICMP echo_request packets for diagnosing basic network connectivity

"ping" section

reload

151

Reboots the system

"reload" section

restore

15

Restores a backed-up configuration

"restore" section

rootenable

15

Creates a user account with root access

"rootenable" section

route

15

Adds a route through a gateway device

"route" section

services

15

Lists, starts, or stops management services.

"services" section

show ?

0

Display help for the command show

"show ?" section

show auth-cli

15

Displays the type of authentication used for secure CLI access

"show auth-cli" section

show auth-http

15

Displays the type of authentication used for secure HTTP access

"show auth-http" section

show backupconfig

15

Displays the current backup and restore configuration

"show backupconfig" section

show bootlog

0

Displays the messages logged during the last system boot

"show bootlog" section

show cdp-neighbor

15

Displays the nearest neighbor of the Cisco ESSE on the network

"show cdp-neighbor" section

show cdp-run

15

Displays the CDP configuration

"show cdp-run" section

show clock

0

Displays the system date and time in UTC

"show clock" section

show cdp-neighbor

15

Displays the system configuration

"show cdp-neighbor" section

show domain-name

0

Displays the system domain name

"show domain-name" section

show import

15

Displays imported host files

"show import" section

show interfaces

0

Displays information about the system network interface

"show interfaces" section

show process

0

Displays information about processes running on the system

"show process" section

show route

15

Displays the routes currently configured

"show route" section

show ssh-version

15

Displays the type of SSH enabled

"show ssh-version" section

show syslog

15

Displays syslog information

"show syslog" section

show tech

15

Displays information necessary for Cisco's Technical Assistance Center to assist you

"show tech" section

show version

0

Displays information about the current software on the system

"show version" section

shutdown

15

Shuts down the system in preparation for powering it off

"shutdown" section

snmp-server

15

Configures an SNMP agent

"snmp-server" section

ssh-version

15

Enables Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2

"ssh-version" section

telnetenable

15

Configures Telnet access

"telnetenable" section

traceroute

0

Displays the network route to a specified host and identifies faulty gateways

"traceroute" section

username

15

Creates a new user account or changes an account's properties

"username" section

1. This command is also available in the maintenance image.
2. This command is available only in the maintenance image.

Command Description Conventions

Command descriptions in this document and in the CLI help-system use the following conventions:

Privilege Level 0 Commands

This section describes the privilege level 0 commands.

exit

To log out of the system, use the exit command.

exit

Syntax Description

This command has no arguments or keywords.

Example

The following command logs you out of the system:

# exit

help

To display online help for the CLI, use the help command.

help

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the help command to display online help for the CLI. A list of the CLI commands and their syntax is displayed.

Example

The following command displays online help for the CLI:

# help

ping

To send ICMP echo_request packets for diagnosing basic network connectivity, use the ping command.

ping ? | [-c count] [-i wait] [-s packetsize] [-n] {hostname | ip-address}

Syntax Description

?

Displays help for the command

c

Sets the number of echo packets to send

count

Number of echo packets to send

i

Sets the amount of time to wait between sending each packet

wait

Amount of time to wait between sending each packet, in seconds; The default is 1

s

Sets the size of each echo packet.

packetsize

The size of each echo packet, in bytes; The default is 56.

hostname

Host name of system to ping

ip-address

IP address of system to ping

n

disables reverse DNS lookup

Usage Guidelines

To use this command with the hostname argument, you must have DNS configured on the system. To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-C.

Example

This command sends four echo packets to the host 209.165.200.224 with a wait time of
5 seconds between each packet:

ping -c 4 -i 5 209.165.200.224

PING 209.165.200.224 (209.165.200.224) from 209.165.201.0 : 56(84) bytes of data. 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=0 ttl=246 time=16.3 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=1 ttl=246 time=2.0 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=2 ttl=246 time=2.1 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=3 ttl=246 time=2.1 ms

show ?

To display help for the command show, use the show ? command.

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the show ? command to display help for the command show. A list of the command's options and usage appears.

The show command major options are described separately in this appendix. See the "Related Commands" section for a list of these major options.

Example

This command displays help for the command show:

# show ? show auth-cli - Display CLI authentication information. auth-http - Display HTTP authentication information. backupconfig - Display host and account information for the backup/restore commands. bootlog - Displays the boot time information. cdp-neighbor - Displays the next hop CDP connection. cdp-run - Displays the current CDP configuration. clock - Displays the current date and time. config[uration] - Displays the configuration of the system. interfaces - Displays the interfaces information. proc[ess] - Displays the active process statistics. route - Displays the current IP routing table. syslog [page] | include MatchString [MatchString]] - Displays the system syslog information. ssh-version - Display the allow versions for ssh. tech [page] - Show system information for Tech-Support. version - System hardware and software status.
Related Commands

show auth-cli

show auth-http

show backupconfig

show bootlog

show cdp-neighbor

show cdp-run

show clock

show config

show domain-name

show interfaces

show process

show route

show ssh-version

show syslog

show tech

show version


Note   Many of the above commands are privilege level 15

show clock

To display the system date and time in Coordinated Universal Time (UTC), use the show clock command.

show clock

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the show clock command to display the system date and time. For more information about the system time, see the "Setting System Date and Time" section.

Example

This command displays the system date and time:

# show clock 12:43:47 Jun 20 2001
Related Commands

clock

ntp server

show domain-name

To display the system domain name, use the show domain-name command.

show domain-name

Syntax Description

This command has no arguments or keywords.

Example

This command displays the system domain name:

# show domain-name cisco.com

show interfaces

To display information about the system network interface, use the show interfaces command.

show interfaces

Syntax Description

This command has no arguments or keywords.

Example

This command displays information about system network interfaces:

# show interfaces eth0 Link encap:Ethernet HWaddr 00:02:B3:35:FD:CC inet addr:209.165.200.224 Bcast:209.165.201.0 Mask:255.255.255.224 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:80309 errors:0 dropped:0 overruns:0 frame:0 TX packets:22451 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:5 Base address:0xef00 Memory:d0c7e000-d0c7ec40
Related Commands

interface

show process

To display information about processes running on the system, use the show process command.

show process [page]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-C to exit paged output and return to the command prompt.

Example

This command displays information about processes running on the system:

# show process page PID PPID ELAPSED SZ STARTED TTY COMMAND 1 0 4-20:04:35 277 Fri Jun 15 16:54:03 2001 ? init 2 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kflushd 3 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kupdate 4 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kpiod 5 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kswapd 6 1 4-20:04:28 0 Fri Jun 15 16:54:10 2001 ? kreiserfsd 81 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 82 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 83 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 84 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 85 1 4-20:04:24 0 Fri Jun 15 16:54:14 2001 ? kreiserfsd 199 1 4-20:04:23 290 Fri Jun 15 16:54:15 2001 ? watchdog 213 1 4-20:04:23 342 Fri Jun 15 16:54:15 2001 ? idled 402 1 4-20:04:17 290 Fri Jun 15 16:54:21 2001 ? syslogd 411 1 4-20:04:17 360 Fri Jun 15 16:54:21 2001 ? klogd 517 1 4-20:04:15 327 Fri Jun 15 16:54:23 2001 ? crond 531 1 4-20:04:15 286 Fri Jun 15 16:54:23 2001 ? inetd 540 1 4-20:04:14 585 Fri Jun 15 16:54:24 2001 ? sshd 585 1 4-20:04:09 842 Fri Jun 15 16:54:29 2001 ? dmgtd.lnx -----------more-----------

show version

To display information about the current software on the system, use the show version command.

show version

Syntax Description

This command has no arguments or keywords.

Example

This command displays the current software on the system:

# show version Copyright (c) 1999-2000 by Cisco Systems, Inc. Build Version (166) Mon Jun 11 16:56:23 PDT 2001 Uptime: 4 days 20 hours 6 mins Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1

traceroute

To display the network route to a specified host and identify faulty gateways, use the traceroute command.

traceroute ? | [-f first_ttl] [-m max_ttl] [-w waittime] host [packetlength]

Syntax Description

?

Displays help for the command

-f

(Optional) Sets the time-to-live used in the first outgoing probe packet

first_ttl

Time-to-live value of the first outgoing probe packe; the default is 1 hop

-m

(Optional) Sets the maximum time-to-live (maximum number of hops) used in outgoing probe packets

max_ttl

Maximum time-to-live for outgoing probe packets; the default is 30 hops

-w

(Optional) Sets the time to wait for a response to a probe, in seconds

waittime

Time to wait for a response to a probe, in seconds; the default is 5

host

Name or IP address of host to which to connect

packetlength

(Optional) The length of the packet to send, in bytes; the default and minimum value is 40

Usage Guidelines

Use the traceroute command to trace the network route to a specified host and identify faulty gateways. The command displays a list of the hosts that receive probe packets as they travel to the destination host, in the order that the receiving hosts receive the packets. Asterisks (*) appear as the list entry for hosts that do not respond to probing correctly.

Example

This command displays the network route to the host otherhost with a packet time-to-live value of 2, a wait time of 5 seconds, and 50-byte packets:

# traceroute -m 20 -w 10 cisco.com 50 traceroute to example.com (209.165.200.224), 20 hops max, 50 byte packets 1 ex1.com (209.165.200.225) 0.981 ms 0.919 ms 0.926 ms 2 ex2.com (209.165.200.254) 1.528 ms 0.747 ms 0.661 ms 3 ex3.com (209.165.200.255) 0.887 ms 0.770 ms 0.744 ms 4 ex4.com (209.165.201.0) 0.932 ms 0.789 ms 0.679 ms 5 ex5.com (209.165.201.1) 1.066 ms 1.052 ms 0.983 ms 6 ex6.com (209.165.201.30) 1.472 ms 1.247 ms 1.847 ms 7 ex7.com(209.165.201.31) 1.738 ms 1.424 ms 1.658 ms 8 ex8.com (209.165.202.128) 3.728 ms 2.429 ms 2.804 ms 9 ex9.com (209.165.202.129) 6.283 ms 5.499 ms 3.285 ms 10 ex10.com (209.165.202.158) 9.926 ms 73.463 ms 3.895 ms 11 ex11.com (209.165.202.159) 70.967 ms * 47.106 ms
Related Commands

ping

Privilege Level 15 Commands

This section describes the privilege level 15 commands. Only users with privilege level 15 can run them.

auth

Use the auth command to enable secure remote authentication.

auth {cli | http} {local | tacacs secret server1 [server2] | radius secret server1 [server2] | nt domain pdc [bdc]}

Syntax Description

cli

Enables authentication using the CLI

http

Enables authentication using HTTP

local

Enables local authentication

tacacs

Enables authentication using the Terminal Access Controller Access Control System (TACACS)

radius

Enables authentication using Remote Dial-In User Service (RADIUS)

nt

Enables authentication from an NT domain controller

secret

Shared secret code of server

server1

IP address or DNS name of server from which authentication will occur

server2

IP address or DNS name of optional secondary server from which authentication could occur

domain

NT domain name

pdc

Name of the Primary Domain Controller (PDC)

bdc

Name of the Backup Domain Controller (BDC)

Example

This command enables secure remote authentication from a remote server, using TACACS.

auth http tacacs tr5e43 209.165.200.224

backup

Use the backup command to backup the Cisco ESSE.

backup [test]

Syntax Description

test

Tests the configured backup hostname, username, password, and directory

Usage Guidelines

To backup the Cisco ESSE, use the backup command. To configure the backup location, use the backupconfig command.

Example

The following command backs up the Cisco ESSE:

backup
Related Commands

backupconfig

listbackup

restore

show backupconfig

backupconfig

Use the backupconfig command to set the configuration for all backup and restore operations. To clear the backup and restore configuration information, use the no backupconfig command.

backupconfig {hostname} {username} {password} [directory]

no backupconfig

Syntax Description

hostname

IP address of the host system

username

Username of host system

password

Password of the host system

directory

Path to specific backup directory, if different from user's default directory

Usage Guidelines

To set the configuration for all backup and restore operations, use the backup command.

Example

The following command will configure the backup and restore operations to backup to and restore from host 209.165.200.224, set the username to user1, and set the password to pass:

backupconfig 209.165.200.224 user1 pass

The following command clears all backup and restore configuration information:

no backupconfig
Related Commands

backup

listbackup

restore

show backupconfig

cdp

Use the cdp command to configure the Cisco Discovery Protocol

cdp {run [port] | timer seconds | holdtime seconds}

no cdp {run [port] | timer | holdtime}

Syntax Description

run

start CDP

timer

set CDP packets retransmission time

holdtime

set CDP packet info hold time

port

Ethernet port on which CDP will be enabled; acceptable values are eth0-15

seconds

amount of time, in seconds, that the system takes to either transmit the CDP packet information or to hold another system's CDP packet information

Usage Guidelines

Cisco Discovery Protocol (CDP) is a protocol by which one Cisco device can recognize, and be recognized by, another Cisco device. The run command starts the system sending out signals to the other systems. The timer command sets the amount of time, in seconds, that these signals are sent. The holdtime sets the amount of time a system will recognize another system without receiving a signal. For example, if your system's holdtime is set to 30 seconds, and another system that has already been recognized by yours does not send a signal within that 30 seconds, your system will cease to recognize it. If you are using the no cdp command, the timer and holdtime commands set their respective values to the default value.

Example

This command sets the cdp packet's retransmission time at 10 seconds.

# cdp timer 10

This command sets the cdp packet's retransmission to its default time.

# no cdp timer

clock

To set the system date and time, use the clock command.

clock {? | set hh:mm:ss month day year}

Syntax Description

?

Displays help for the command

set

Sets the system clock

hh:mm:ss

Current time (for example, 13:32:02)

month

Current month; you can enter full month names or abbreviations that include at least the first 3 characters of the month name (for example, jan, feb, mar)

day

Day of the month (for example, 1 to 31)

year

Current year (for example, 2002)

Usage Guidelines

To set the date and time, use the set option.

If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command.When setting the clock, enter the current time in Coordinated Universal Time (UTC).

For more information about the system time, see the "Setting System Date and Time" section.

Example

This command sets the date and time:

# clock set 13:32:00 apr 22 2000
Related Commands

ntp server

show clock

erase config

To erase the configuration in Flash memory and reload the device, use the erase config command.

erase config

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use this command to erase the configuration in Flash memory and reload the device.

When you enter the command, you are prompted for confirmation. Enter yes to confirm, or press Enter to accept the default response no.


Caution   When you confirm this command, the system configuration is erased and the system reboots automatically. The system will not operate until you reconfigure it.

When the system reboots, you must reconfigure it with the setup program. For information about using the setup program, see "Installing and Configuring the Cisco ESSE."


Note   When the system erases the configuration, it is disconnected from the network because the network interface configuration is erased. To continue working on the system you must use the system console.

Example

This command erases the system configuration:

# erase config This will erase your configuration, return device t o factory defaults, and reload the device Do you want to continue?[no]:yes

firewall

To implement port filtering on the Cisco ESSE, use the firewall command.

firewall port [public | private] | [icmp telnet ssh snmp https 1741]

Syntax Description

eth <0-5>

Port to be configured; acceptable values are eth0-5

public

Denies access via ICMP, Telnet, SNMP, and the HTTP 1741 port

private

Denies no access

icmp

Denies Internet Control Message Protocol (ICMP) ping messages

telnet

Denies incoming Telnet connections

ssh

Denies incoming SSH connections

snmp

Denies incoming SNMP requests

https

Denies all connections to the SSL HTTP port

1741

Denies all connections to the HTTP 1741 port

Usage Guidelines

Use the firewall command to implement port filtering on the Cisco ESSE. To configure an Ethernet port for secured public access, use the public option. To configure an Ethernet port for local access, via a LAN or VLAN, use the private option. To disable ICMP, Telnet, SSH, SNMP, HTTPS, or to deny connections to the SSL HTTP port or the HTTP 1741 port, use its corresponding option.

Example

The following is an example of a secure Ethernet port configuration:

    firewall eth0 public ssh 1741
    firewall eth1 private
An on-site user has full access to the Cisco ESSE, but an external user can only access it using a secure connection.

gethostbyname

Use the gethostbyname command to display the IP address of a known domain name.

gethostbyname host

Syntax Description

host

Domain name of host

Example

This command displays the IP address of example.com.

# gethostbyname example.com 209.165.200.224

hostname

To change the system hostname, use the hostname command.

hostname ? | name

Syntax Description

?

Displays help for the command

name

New hostname for the Cisco ESSE; the name is case sensitive and can be from 1 to 22 alphanumeric characters

Example

The following example changes the hostname to sandbox:

# hostname sandbox

import

To allow the Cisco ESSE to function without a DNS server, use the import command.

import ? | {host hostname ipaddress} | {hosts ftp-host username password path}

Syntax Description

?

Displays help for the command

host

Maps one IP address to a hostname

hostname

Hostname to map IP address to

hosts

Imports host files from ftp accessible host

ipaddress

IP address to map Hostname to

password

Password used to access ftp accessible host

path

Path to ftp accessible host

ftp-host

IP address of ftp accessible host

username

username use to access ftp accessible host

Usage Guidelines

The import command allows the Cisco ESSE to function without a DNS server by importing the necessary host files. To map a single hostname to an IP address, use the host option. To import host files from an external, FTP-accessible, server, use the hosts option.

Example

This command imports host files from the ftp accessible server ftpserver_1. the FTP server Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts.

import hosts ftpserver_1 admin pass /ftpserver_1/hosts

interface

To configure an Ethernet interface, use the interface command.

interface ? | port {[up | down] | ipaddress netmask [default-gateway address] [up | down]}

Syntax Description

?

Displays help for the command

eth <0-5>

Name of the interface port to be configured; acceptable values are eth0-5.

up

Enables the interface (the default)

If you include the ipaddress parameter and want to enable the interface in the same command, either enter the up parameter after ipaddress and its required parameters, or do not specify the up or down parameters (up is the default)

down

Disables the interface

If you include the ipaddress parameter and want to disable the interface in the same command, enter the down parameter after ipaddress and its required parameters

ipaddress

The IP address of the interface

netmask

The netmask of the interface IP address

default-gateway

Changes the IP address of the default gateway that connects the Cisco ESSE to the network

address

The gateway IP address

Default

When you enter the interface command, the interface that you specify is enabled by default. If you want to disable an enabled interface or leave a disabled interface disabled, you must specify the down option.

Usage Guidelines

Use the interface command to configure an Ethernet interface.

If you change the IP address or hostname, follow these steps to ensure that applications using the system can connect to it correctly:


Step 1   Stop and restart management services by entering:

# services stop # services start

Step 2   Verify that management applications that use the system can still connect to it.

Step 3   Reconnect any applications that cannot connect to it using the system's new IP address or hostname.


Example

This command disables the Ethernet 1interface:

# interface eth1 down

This command sets the Ethernet 0 IP address, netmask, and gateway IP address:

# interface eth0 209.165.200.224 255.255.255.224 default-gateway 209.165.201.31 up

ip domain-name

To define a default domain name, use the ip domain-name command. To remove the default domain name, use the no form of the command.

ip ? | domain-name name

no ip domain-name name

Syntax Description

?

Displays help for the ip command

name

Domain name (e.g. cisco.com)

Usage Guidelines

Use this command to define a default domain name.

A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured domain name appended to it. This appended name is resolved by the DNS server and then added to the host table. A DNS server must be configured on the system for hostname resolution to work correctly. To do this, use the ip name-server command.

Example

This command defines the default domain name cisco.com:

# ip domain-name cisco.com

This command removes the default domain name:

# no ip domain-name
Related Commands

ip name-server

ip name-server

To specify the address of up to three name servers for name and address resolution, use the ip name-server command. To disable a name server, use the no form of the command.

ip ? | name-server ip-address

no ip name-server ip-address

Syntax Description

?

Displays help for the ip command

ip-address

Name server IP address (maximum of 3)

Usage Guidelines

For proper resolution of hostname to IP address or IP address to hostname, the Cisco ESSE uses DNS servers. Use the ip name-server command to point the system to a specific DNS server. You may configure up to three servers.

If you attempt to configure a fourth name server, the following error message appears:

# Name-server table is full.

The system must have a functional DNS server configured to function correctly. If it does not, in most cases it will not correctly process requests from management applications that use it. If the system cannot obtain DNS services from the network, Telnet connections to the system will fail or Telnet interaction with the system will become extremely slow. For more information, refer to the "Cannot Connect to System with Telnet, or Telnet Interaction Is Slow" section.

Example

This command assigns a name server for the system to use for DNS name to address resolution:

# ip name-server 209.165.200.224

This command disables the name server; the system will not use it for name to address resolution:

# no ip name-server 209.165.200.224
Related Commands

ip domain-name

listbackup

Use the listbackup command to list all current backups at the configured site.

listbackup

Syntax Description

This command has no arguments or keywords.

Example

The following command lists all current backups at the configured site:

listbackup ex1_06042001_170640: Hostname: ex1 Date: 06042001 time: 1700 ex1_06052001_124543: Hostname: ex1 Date: 06052001 time: 1243 ex1_06052001_155148: Hostname: ex1 Date: 06052001 time: 1558 ex1_06202001_145704: Hostname: ex1 Date: 06202001 time: 1454
Related Commands

backup

backupconfig

restore

show backupconfig

nslookup

To translate a DNS name to its IP address or an IP address to its DNS name, use the nslookup command.

nslookup {? | {dns-name | ip-address}}

Syntax Description

?

Displays help for the command

dns-name

DNS name of a host on the network

ip-address

IP address of a host on the network

Example

The following command translates the DNS name hostname to its IP address:

# nslookup hostname Server: dns.ex1.com Address: 209.165.200.224 Name: ex1.com Address: 209.165.201.0

ntp server

To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the ntp server command. To disable this function, use the no form of this command.

ntp server ? | ip-address

no ntp server ip-address

Syntax Description

?

Displays help for the command

ip-address

IP address of the NTP time server providing clock synchronization

Usage Guidelines

Use the ntp server command to synchronize the system clock with the specified NTP server. If you configure multiple NTP servers, the system will synchronize with the first working NTP server it finds. There is no limit to the number of NTP servers that you can configure.

The ntp server command validates the NTP server that you specify. The possible results are:

    # 19 Jan 00:43:48 ntpdate[1437]: step time server 209.165.200.224 offset 999.257304
    # 19 Jan 00:43:40 ntpdate[1431]: no server suitable for synchronization found
In this case, remove the NTP server by using the no form of the command, and then configure a valid NTP server.

    # 19 Jan 00:43:58 ntpdate[1265]: Can't adjust the time of day: Invalid argument.
In this case, the ntp server command is entered into the system configuration, but NTP will not function.

Follow these steps to remove the command and configure NTP correctly:


Step 1   Remove the ntp server command from the configuration by entering the no form of the command. For example:

# no ntp server ip-address

Where ip-address is the IP address of the NTP server.

Step 2   Set the system clock to a time that is behind the time on the NTP server using the clock set command. For more information about the clock command, see the "clock" section.

Step 3   Enter the ntp server command again to configure the NTP server on the system. For example:

# ntp server ip-address

Example

This command configures the system to use an NTP server:

# ntp server 209.165.201.0

This command configures the system to stop using the NTP server:

# no ntp server 209.165.201.0
Related Commands

clock

reload

To reboot the system, use the reload command.

reload [?]

Syntax Description

?

Displays help for the command

Usage Guidelines

Use the reload command to reboot the system.

You are prompted to verify the reload. Enter yes to confirm or no to cancel the reload.


Caution   All processes running on the system stop when you run the reload command. The Cisco ESSE will not respond while it is reloading.

Example

This command reboots the system:

# reload
Related Commands

shutdown

restore

Use the restore command to restore a backed up configuration of the Cisco ESSE.

restore {restore name}

Syntax Description

restore name

Name of backup to be used to restore the Cisco ESSE

Usage Guidelines

To restore a configuration, use the restore command. If you use the restore command all current domains, roles, users, and discovery configuration information will be erased.


Note   The system will automatically reboot after a user runs the restore command from either the CLI or the GUI.

Example

The following command will restore a backed up configuration:

restore backup1
Related Commands

backup

backupconfig

listbackup

show backupconfig

rootenable

To enable root access, use the rootenable command.

rootenable

To disable root access, use the no rootenable command.

no rootenable

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

To enable root access, enter the command rootenable. The Cisco ESSE will prompt you for a password, and will ask for a confirmation of that password. Root access is the highest level of access available and is intended for troubleshooting only. Where privilege level 15 allows you access to all CLI commands, root access allows you access to the entire machine. Root access is available to only one user, and is by default set to off. For those users who will need it, an administrator (privilege level 15) can enable it by entering the command rootenable; the system will then prompt you for the password twice.

To use root access, log off and log back on at the console with the root access password. If you forget the password, enter the command erase config. This will completely erase your current configuration, and allow you to create a new password. If you leave root access idle for 20 minutes, you are automatically logged off.


Caution   Root access is intended for troubleshooting purposes only. Do not use this function to add additional software. Doing so could severely hamper the performance of the appliance and void your support contract.

Example

This command enables root access:

# rootenable

route

To add a route through a gateway device, use the route command. To delete a route, use the no version of the command.

route {network address} netmask {network netmask} gateway {gateway address}

no route {network address} netmask {network netmask}

Syntax Description

netmask

Sets value of the network netmask

gateway

Sets the IP address of the router or gateway

network address

IP address of the network

network netmask

Value of the network netmask

gateway address

IP address of router or gateway

Example

The following command adds a route:

route 209.165.201.0 netmask 255.255.255.224 gateway 209.165.200.224

The following command deletes the above route:

no route 209.165.201.0 netmask 255.255.255.224

services

To list, start, or stop the management services running on the system, use the services command.

services [status | start | stop]

Syntax Description

status

Displays the management services status

start

Starts the management services

stop

Stops the management services

Usage Guidelines

Use this command to start, stop, or view status of the management services running on the system.

Management services are the software installed on the system by network management applications. Use this command to stop and restart the management services if the system is not responding correctly to a management application. This should cause the services to reset and function properly again.

Example

This command stops management services:

# services stop

This command starts management services:

# services start

This command shows services status:

# services status Process= HSECollector State = Running but busy flag set Pid = 588 RC = 0 Signo = 0 Start = 06/15/01 16:54:32 Stop = Not applicable Core = Not applicable Info = HSECollector started. Process= HSEANIServer State = Running but busy flag set Pid = 589 RC = 0 Signo = 0 Start = 06/15/01 16:54:32 -----------more-----------
Related Commands

show process

show auth-cli

To display the type of authentication used for secure CLI access, use the show auth-cli command.

show auth-cli

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that the Cisco ESSE's local authentication is being used for the CLI:

# show auth-cli local

show auth-http

To display the type of authentication used for secure HTTP access, use the show auth-http command.

show auth-http

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that the Cisco ESSE's local authentication is being used for the CLI:

# show auth-http local

show backupconfig

Use the show backupconfig command to display the current backup and restore configuration.

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

To display the current backup and restore configuration, use the show backupconfig command. If the backup configuration has not been set, the host and username fields display NONE.

Example

The following command displays the current backup and restore configuration:

# show backupconfig Hostname: 209.165.201.0 Username: user1
Related Commands

backup

backupconfig

listbackup

restore

show bootlog

To display the messages logged during the last system boot, use the show bootlog command.

show bootlog [page]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-C to exit paged output and return to the command prompt.

Example

This command displays the messages logged during the last system boot:

# show bootlog page Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1 Console: colour VGA+ 80x25 Calibrating delay loop... 1133.77 BogoMIPS start low memory: 0xc0001000 i386_endbase: 0xc009f000 addresses range:: 0xc0f00000 0xc1000000 start memory: c04f8000 end_memory: d0000000 Memory: 257688k/262144k available (988k kernel code, 416k reserved, 2992k data,) Dentry hash table entries: 262144 (order 9, 2048k) Buffer cache hash table entries: 262144 (order 8, 1024k) Page cache hash table entries: 65536 (order 6, 256k) vmdump: setting dump_execute() as dump_function_ptr ... VFS: Diskquotas version dquot_6.4.0 initialized CPU: Intel Pentium III (Coppermine) stepping 06 Checking 386/387 coupling... OK, FPU using exception 16 error reporting. Checking 'hlt' instruction... OK. POSIX conformance testing by UNIFIX mtrr: v1.35a (19990819) Richard Gooch (rgooch@atnf.csiro.au) PCI: PCI BIOS revision 2.10 entry at 0xfda95 PCI: Using configuration type 1 -----------more-----------
Related Commands

reload

clock

show cdp-neighbor

To display the Cisco ESSE nearest neighbor on the network, use the show cdp-neighbor command.

show cdp-neighbor

Syntax Description

This command has no arguments or keywords.

Example

This command shows the nearest neighbor on the network.

# show cdp-neighbor cdp neighbor device: Switch device type: cisco WS-C2924-XL port: FastEthernet0/12 address: 209.165.201.0

show cdp-run

To display the Cisco Discovery Protocol (CDP) configuration, use the show cdp-run command.

show cdp-run

Syntax Description

This command has no arguments or keywords.

Example

This command displays the CDP configuration:

# show cdp-run CDP protocol is enabled ... broadcasting interval is every 60 seconds. time-to-live of cdp packets is 180 seconds. CDP is enabled on port eth0.

show config

To display the system configuration, use the show config command.

show config

Syntax Description

This command has no arguments or keywords.

Example

This command displays the system configuration:

# show config hostname ex1 interface ethernet0 209.165.201.0 255.255.255.224 default-gateway 209.165.202.128 interface ethernet1 down interface ethernet2 down interface ethernet3 down interface ethernet4 down interface ethernet5 down ip domain-name embu-doc ip name-server 209.165.202.158 username admin epassword ************* privilege 15

show import

To display an imported host file, use the show import command.

show import hosts

Syntax Description

hosts

Name of server that host files were imported from

Example

This command displays the imported host file

show import ftpserver_1

show route

To display the routes currently configured, use the show route command.

show route

Syntax Description

This command has no arguments or keywords.

Example

This command displays the currently configured routes

# show route Destination Gateway Genmask Flags Metric Ref Use Iface 209.165.200.224 0.0.0.0 255.255.255.224 UH 0 0 0 eth0 209.165.200.225 0.0.0.0 255.255.255.224 U 0 0 0 eth0 209.165.200.254 0.0.0.0 255.255.255.224 U 0 0 0 lo 209.165.202.128 0.0.0.0 255.255.255.224 UG 0 0 0 eth0

show ssh-version

To display the type of SSH enabled, use the ssh-version command.

show ssh-version

Syntax Description

This command has no arguments or keywords.

Example

This command displays the type of SSH that is enabled:

# show ssh-version SSH1, SSH2

show syslog

To display syslog information, use the show syslog command.

show syslog [page] [include matchstring1 [matchstring2]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt

include

Filters the command output to display only the records that contain the specified string of characters

matchstring

String of characters to search for in the command output

matchstring2

(Optional) Another string of characters to search for in the command output

Usage Guidelines

Use this command to display syslog information.

To filter the command output to include only the records that contain the specified string(s) of characters, use the include option with one or two character strings to search for. If you include two strings, the command outputs only those records that contain both character strings.

Example

This command displays syslog information:

# show syslog Jun 20 16:04:23 embu-doc-hse syslogd 1.3-3: restart. Jun 20 16:04:23 embu-doc-hse syslog: syslogd startup succeeded Jun 20 16:04:23 embu-doc-hse kernel: klogd 1.3-3, log source = /proc/kmsg start. Jun 20 16:04:23 embu-doc-hse kernel: Inspecting /boot/System.map-2.2.16-13bipse2 Jun 20 16:04:23 embu-doc-hse syslog: klogd startup succeeded -----------more-----------
Related Command

interface

show tech

To display information necessary for Cisco's Technical Assistance Center to assist you, use the show tech command.

show tech [page]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-C to exit paged output and return to the command prompt.

Example

This command displays system information necessary for Cisco's Technical Assistance Center to assist you.

# show tech page /bin/cat: /var/log/secure: Permission denied Copyright (c) 1999-2000 by Cisco Systems, Inc. Build Version (166) Mon Jun 11 16:56:23 PDT 2001 Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1 Uptime: 0 days 18 hours 35 mins 2 Ethernet interfaces hostname embu-doc-hse interface ethernet0 209.165.200.224 255.255.255.224 default-gateway 209.165.202.128 ip name-server 209.165.201.0 username admin epassword ************* privilege 15 eth0 Link encap:Ethernet HWaddr 00:02:B3:35:FD:CC inet addr:209.165.200.224 Bcast:209.165.201.31 Mask:255.255.255.224 -----------more-----------

shutdown

To shut down the system in preparation for powering it off, use the shutdown command.

shutdown [?]

Syntax Description

?

Displays help for the command

Usage Guidelines

Use this command to shut down the Cisco ESSE in preparation for powering it down. All processes running on the Cisco ESSE will stop, and it will not respond until you power it down and back up.

You are prompted to verify the shutdown. Enter yes to continue, or no to cancel the shutdown.


Caution   Never power the system off without running the shutdown command first. Doing so can destroy data and prevent the system from booting.

Example

This command shuts down the system:

# shutdown
Related Commands

reload

snmp-server

To configure an simple network management protocol (SNMP) agent, use the snmp-server command.

snmp-server {community community-name [RO|RW] | location sysLocation-info | contact sysContact-info}

no snmp-server {community community-name | location | contact}

Syntax Description

community

sets the community strings that permit access to the SNMP

community-name

the community name string

RO

read only

RW

read / write.

location

sets the system location string

sysLocation-info

the location string

contact

sets the contact string

sysContact-info

the contact string

Example

This command sets an SNMP contact string:

# snmp-server contact Dial System Operator at Beeper # 27345

ssh-version

Use the ssh-version command to enable Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.

ssh-version {ssh1 | ssh2 | both}

Syntax Description

ssh1

Enables SSH 1

ssh2

Enables SSH 2

both

Enables both SSH 1 and SSH2

Example

This command enables ssh1:

ssh-version ssh1

telnetenable

To configure Telnet access, use the telnetenable command.

telnetenable {enable [ip-addresses | domains] | disable | status}

Syntax Description

enable

Enables Telnet access to the system

disable

Disables Telnet access to the system

status

Displays current access status

ip-addresses

IP addresses of systems allowed Telnet access; if this argument is used, no other machines will be allowed access; multiple IP address are allowed.

domains

Domains of systems allowed Telnet access; if this argument is used, machines with domains other than the specified domain will be denied Telnet access. Multiple domains are allowed.

Default

The default is disable.

Usage Guidelines

To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable specific IP addresses, use the telnetenable enable command followed by the IP addresses.

Example

This command enables Telnet for all IP source addresses:

# telnetenable enable

username

To create a new user account or change an account's properties, use the username command. Use the no form of the command to remove a user account.

username ? | name password password [privilege {0 | 15}]

no username name

Syntax Description

?

Displays help for the command

name

Name of the user account to create or remove

password

Specifies a password for the account

password

The password for the account

privilege

(Optional) Specifies the account privilege level

0

Gives the account level 0 privileges. This is the default

15

Gives the account level 15 privileges

Usage Guidelines

Use the username command to change the properties of a user account. To assign a user CLI privilege level 15, use the username command. You cannot assign CLI privilege level 15 through the web interface. Use the no form of the command to remove a user account. The default privilege level is 0 if you do not provide the privilege option.

For more information about managing user accounts and privilege levels, refer to the "Administering User Accounts" section.

Example

This command creates a user account named user1 with password password1 and privilege level 15:

# username user1 password password1 privilege 15

This command removes the user account:

# no username user1

Maintenance Image Commands

This section describes the commands that are available when the system is booted from the maintenance image. For more information about the maintenance image, refer to the "Using the Maintenance Image" section.

erase config

This command is identical to the level 15 erase config command. For a description, see the "erase config" section.

fsck

To check and repair the filesystem, use the fsck command.

fsck

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the fsck command to check and repair the filesystem. The command might prompt you for confirmation before making certain repairs.

Example

The following command checks and repairs the filesystem:

#fsck

reload

This command is identical to the level 15 reload command. For a description, see the "reload" section.


hometocprevnextglossaryfeedbacksearchhelp
Posted: Wed Sep 4 22:20:23 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.