Upload
kostic2006
View
244
Download
0
Embed Size (px)
Citation preview
7/24/2019 Download hp manual
1/211
HP 5820X & 5800 Switch SeriesFundamentals
Command Reference
Abstract
This document describes the commands and command syntax options available for the HP 5820X &5800 Series products.
This document is intended for network planners, field technical support and servicing engineers, andnetwork administrators who work with HP 5820X & 5800 Series products.
Part number: 5998-1619Software version: Release 1211Document version: 6W10 2 -201 30520
7/24/2019 Download hp manual
2/211
Legal and notice information
Copyright 2013 Hewlett-Packard Development Company, L.P.
No part of this documentation may be reproduced or transmitted in any form or by any means withoutprior written consent of Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice.
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TMATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHA
AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contaherein or for incidental or consequential damages in connection with the furnishing, performance, or useof this material.
The only warranties for HP products and services are set forth in the express warranty statementsaccompanying such products and services. Nothing herein should be construed as constituting anadditional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
7/24/2019 Download hp manual
3/211
iii
Contents
CLI configuration commands 1 command-alias enable 1 command-alias mapping 1
command-privilege 2 display clipboard 3 display command-alias 4 display history-command 4 display hotkey 5 hotkey 7 quit 9 return 9 screen-length disable10 super 10 super authentication-mode 11 super password 12
system-view 13 Logging in to the switch commands 15
acl (user interface view) 15 activation-key 16 auto-execute command 17 authentication-mode 19 command accounting 20 command authorization 21 databits 21 display ip http 22 display ip https 23 display telnet client configuration 24
display user-interface 25 display users 27 display web users 28 escape-key 29 flow-control 31 free user-interface 31 free web-users 32 history-command max-size 33 idle-timeout 34 ip http acl 34 ip http enable 35 ip http port35
ip https acl 36 ip https certificate access-control-policy 37 ip https enable 38 ip https port 38 ip https ssl-server-policy39 lock 40 parity 40 protocol inbound 41 screen-length 42 send 43 set authentication password 44
7/24/2019 Download hp manual
4/211
iv
shell 45 speed (user interface view) 45 stopbits 46 telnet 47 telnet client source 48 telnet ipv649 telnet server enable 49 terminal type 50
user privilege level 51
user-interface 52
FTP configuration commands 53 FTP server configuration commands53
display ftp-server 53 display ftp-user 54 free ftp user 55 ftp server acl 56 ftp server enable 56 ftp timeout57 ftp update 57
FTP client configuration commands 59
ascii59 binary 59 bye 60 cd 61 cdup 61 close 62 debugging 63 delete 64 dir 65 disconnect 66 display ftp client configuration66 ftp 67
ftp client source 68 ftp ipv6 69 get 70 lcd 71 ls 72 mkdir 73 open 73 open ipv6 74 passive 75 put 76 pwd 77 quit 77
remotehelp 78
rmdir 80 user 80 verbose 81
TFTP client configuration commands 83 display tftp client configuration 83 tftp-server acl 83 tftp 84 tftp client source 86 tftp ipv6 87
7/24/2019 Download hp manual
5/211
v
File management commands 88 cd 88 copy 89 delete 89 dir 90 display nandflash file-location 92 display nandflash badblock-location 93 display nandflash page-data 94
execute 95 file prompt 96 fixdisk 96 format 97 mkdir 97 more 98 move 99 pwd 100 rename 100 reset recycle-bin 101 rmdir 103 undelete 103
Configuration file management commands 105 archive configuration 105 archive configuration interval 105 archive configuration location 106 archive configuration max 107 backup startup-configuration 108 configuration replace file 109 display archive configuration 110 display current-configuration 111 display default-configuration 112 display saved-configuration 114 display startup 117
display this 118 reset saved-configuration 120 restore startup-configuration 121 save 122 slave auto-update config 124 startup saved-configuration 125
Software upgrade commands 127 boot-loader 127 boot-loader update file 128 bootrom 129 bootrom-update security-check enable 130 display boot-loader 131
display patch information 132 patch active 133 patch deactive 134 patch delete 134 patch install 135 patch load 136 patch location 136 patch run 137
ISSU commands 138 display issu rollback-timer 138
7/24/2019 Download hp manual
6/211
vi
display issu state 139 display version comp-matrix 141 issu accept 142 issu commit 143 issu load 143 issu rollback 144 issu rollback-timer 145 issu run switchover 146
Device management commands 148 clock datetime 148 clock summer-time one-off 148 clock summer-time repeating 149 clock timezone 151 copyright-info enable 151 display clock 153 display cpu-usage 154 display cpu-usage history 156 display device 159 display device manuinfo 161 display diagnostic-information 164
display environment 165 display fan 166 display job 168 display memory 169 display power 170 display reboot-type 171 display rps 172 display schedule job 173 display schedule reboot 174 display system-failure 175 display transceiver 175 display transceiver alarm 177
display transceiver diagnosis 179 display transceiver manuinfo 180 display version 181 display version-update-record 182 fan prefer-direction 183 header 184 job 186 reboot 186 reset unused porttag 187 reset version-update-record 188 schedule job 188 schedule reboot at 190
schedule reboot delay 191
shutdown-interval 192 sysname 193 system-failure 194 temperature-limit 194 time at 196 time delay 197 view 198
Support and other resources 199 Contacting HP 199
Subscription service 199
7/24/2019 Download hp manual
7/211
vii
Related information 199 Documents 199
Websites 199 Conventions 200
Index 202
7/24/2019 Download hp manual
8/211
1
CLI configuration commands
command-alias enableDescription
Use command-alias enable to enable the command alias function.
Use undo command-alias enable to disable the command alias function (disabled is the defaultcondition).
Syntaxcommand-alias enable
undo command-alias enable
ViewSystem view
Default level2: System level
ParametersNone
Examples1. Enable the command alias function.
system-view
[Sysname] command-alias enable
2. Disable the command alias function. system-view
[Sysname] undo command-alias enable
command-alias mappingDescription
Use command-alias mapping to configure command aliases.
Use undo command-alias mapping to restore the original configuration. By default, a command has noalias.
Syntaxcommand-alias mapping cmdkey alias
undo command-alias mapping cmdkey
ViewSystem view
7/24/2019 Download hp manual
9/211
2
Default level2: System level
Parameterscmdkey : The complete form of the first keyword of a command.
alias: Specifies the command alias, which cannot be the same as the first keyword of an existingcommand.
Examples1. Configure command aliases by specifyingshow as the replacement of the display keyword.
system-view
[Sysname] command-alias mapping display show
After you configure the command aliases, thedisplay commands have aliases. For example, if theoriginal command is display clock, now its alias is show clockand you can input the alias to view thesystem time and date.2. Delete the command aliases by canceling the replacement of thedisplay keyword.
system-view
[Sysname] undo command-alias mapping display
command-privilegeDescription
Use command-privilegeto change the command privilege level in the specified view. Command levelsinclude four privileges: visit (0), monitor (1), system (2), and manage (3).By default, each command in a view has a specified privilege level. Changes can cause maintenance,operation, and security problems. HP recommends that you use the default command level or that youmodify the command level under the guidance of professional staff.
Assign a privilege level according to the users need. When logging in to the switch, the user can accessthe assigned level and all levels below it.
Thecommand specified in command-privilegemust be complete and have valid arguments. Forexample, the default level of thetftp server-address {get | put | sget } source-filename [ destination- filename] [ source { interface interface-type interface-number | ip source-ip-address } ] command is3. After command-privilege level0 view shell tftp 1.1.1.1 put a.cfg is executed, users with privilegelevel 0 log in to the switch, and can execute thetftp server-address put source-filename command(such as tftp 192.168.1.26 put syslog.txt). They cannot execute the command with theget, sget orsource keyword, and cannot specify the destination-filename argument.Thecommand specified in undo command-privilege view can be incomplete. For example, afterundo command-privilege view system ftpis executed, all commands starting with the keywordftp (such as ftp server acl, ftp server enable, and ftp timeout) are restored to their default levels. If youhave modified the level offtp server enable and ftp timeout and you want to restore only ftp serverenable to its default level, useundo command-privilege view system ftp server .If you modify the command level of in a specified view from the default level to a lower level, modifythe command levels of thequit command and the corresponding command that is used to enter thisview. For example, the default command level ofinterface and system-view is 2 (system level). If youwant to make the interface command available to the level 1 users, execute the following threecommands:command-privilege level 1 view shell system- view, command-privilege level 1
view system interface GigabitEthernet 1/0/1, and command-privilege level 1 view system quit. The
7/24/2019 Download hp manual
10/211
3
level 1 users can enter system view, execute theinterface GigabitEthernet command, and return touser view.
Use undo command-privilege view to disable the change.
Syntaxcommand-privilege level level view view command
undo command-privilege view view command View
System view
Default level3: Manage level
Parameterslevel level : Command level, which ranges from 0 to 3.
view view : Specifies a view. The value represents a user view. Theview argument must be the view where
the command resides.command : Command to be set in the specified view.
Example# Set the command level of thesystem-view command to 3 in system view. (By default, level 2 and level3 users can use the system-view command. After the configuration, only level 3 users can use thiscommand.)
system-view
[Sysname] command-privilege level 3 view shell system-view
display clipboardDescriptionUse display clipboard to view the contents of the clipboard.
To copy content to the clipboard:Move the cursor to the starting position of the content and pressEsc+Shift+,.Move the cursor to the ending position of the content and pressEsc+Shift+..
Syntaxdisplay clipboard [ | {begin | exclude | include } regular-expression ]
View Any view
Default level1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
7/24/2019 Download hp manual
11/211
4
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, which is a case-sensitive string of 1 to 256 characters.
Example# View the content of the clipboard.
display clipboard
---------------- CLIPBOARD-----------------
display current-configuration
display command-aliasDescription
Use display command-aliasto display defined command aliases and their corresponding commands.
Syntaxdisplay command-alias[ | {begin | exclude | include } regular-expression ]
View Any view
Default level1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display the defined command aliases and the corresponding commands.
display command-alias
Command alias is enabled
index alias command key1 show display
display history-commandDescription
Use display history-command to display commands saved in the history command buffer.
7/24/2019 Download hp manual
12/211
5
By default, the system saves the last 10 executed commands. To set the buffer size, use thehistory-command max-size command. For more information, see Logging in to the switch commands.
Syntaxdisplay history-command[ | {begin | exclude | include } regular-expression ]
View
Any viewDefault level
1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display history commands in current user view.
display history-command
display history-command
system-view
vlan 2
quit
display hotkeyDescription
Use display hotkey to display hotkey information.
Syntaxdisplay hotkey [ | {begin | exclude | include } regular-expression ]
View Any view
Default level1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see "CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
7/24/2019 Download hp manual
13/211
6
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display hotkey information.
display hotkey
----------------- HOTKEY -----------------
=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configuration
CTRL_L display ip routing-table
CTRL_O undo debug all
=Undefined hotkeys=
Hotkeys Command
CTRL_T NULL
CTRL_U NULL
=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the current line.
CTRL_B Move the cursor one character left.
CTRL_C Stop current command function.
CTRL_D Erase current character.
CTRL_E Move the cursor to the end of the current line.
CTRL_F Move the cursor one character right.
CTRL_H Erase the character left of the cursor.
CTRL_K Kill outgoing connection.CTRL_N Display the next command from the history buffer.
CTRL_P Display the previous command from the history buffer.
CTRL_R Redisplay the current line.
CTRL_V Paste text from the clipboard.
CTRL_W Delete the word left of the cursor.
CTRL_X Delete all characters up to the cursor.
CTRL_Y Delete all characters after the cursor.
CTRL_Z Return to the User View.
CTRL_] Kill incoming connection or redirect connection.
ESC_B Move the cursor one word back.
ESC_D Delete remainder of word.ESC_F Move the cursor forward one word.
ESC_N Move the cursor down a line.
ESC_P Move the cursor up a line.
ESC_< Specify the beginning of clipboard.
ESC_> Specify the end of clipboard.
7/24/2019 Download hp manual
14/211
7
hotkeyDescription
Use hotkey to associate a hot key to a command.
Use undo hotkey to remove the association. By default,Ctrl+G, Ctrl+L, and Ctrl+O are associated withthese commands:
Ctrl+G corresponds to display current-configuration. Ctrl+L corresponds to display ip routing-table. Ctrl+O corresponds to undo debugging all.
You can modify the associations as needed.
Syntaxhotkey {CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U }command
undo hotkey {CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U }
ViewSystem view
Default level2: System level
ParametersCTRL_G: Associates hot keyCtrl+G to a command.
CTRL_L: Associates hot keyCtrl+L to a command.
CTRL_O: Associates hot keyCtrl+O to a command.
CTRL_T: Associates hot keyCtrl+T to a command.
CTRL_U: Associates hot keyCtrl+U to a command.
command : The command line associated with the hot key.
Examples1. Associate the hot keyCtrl+T to the display tcp status command.
system-view
[Sysname] hotkey ctrl_t display tcp status
7/24/2019 Download hp manual
15/211
8
2. Display hotkeys.[Sysname] display hotkey
----------------- HOTKEY -----------------
=Defined hotkeys=
Hotkeys Command
CTRL_G display current-configurationCTRL_L display ip routing-table
CTRL_O undo debug all
CTRL_T display tcp status
=Undefined hotkeys=
Hotkeys Command
CTRL_U NULL
=System hotkeys=
Hotkeys Function
CTRL_A Move the cursor to the beginning of the current line.
CTRL_B Move the cursor one character left.CTRL_C Stop current command function.
CTRL_D Erase current character.
CTRL_E Move the cursor to the end of the current line.
CTRL_F Move the cursor one character right.
CTRL_H Erase the character left of the cursor.
CTRL_K Kill outgoing connection.
CTRL_N Display the next command from the history buffer.
CTRL_P Display the previous command from the history buffer.
CTRL_R Redisplay the current line.
CTRL_V Paste text from the clipboard.
CTRL_W Delete the word left of the cursor.CTRL_X Delete all characters up to the cursor.
CTRL_Y Delete all characters after the cursor.
CTRL_Z Return to the user view.
CTRL_] Kill incoming connection or redirect connection.
ESC_B Move the cursor one word back.
ESC_D Delete remainder of word.
ESC_F Move the cursor forward one word.
ESC_N Move the cursor down a line.
ESC_P Move the cursor up a line.
ESC_< Specify the beginning of clipboard.
ESC_> Specify the end of clipboard.
7/24/2019 Download hp manual
16/211
9
quitDescription
Use quit to return to a lower-level view.
In user view,quit terminates the connection and reconnects to the switch.
Syntaxquit
View Any view
Default level0: Visit level (in user view)
2: System level (in other views)
ParametersNone
Example# Switch from GigabitEthernet 1/0/1 interface view to system view, and then to user view.
[Sysname-GigabitEthernet1/0/1] quit
[Sysname] quit
returnDescription
Use return to go back into user view, which can also be done with the hot key Ctrl+Z.
Related commands:quit.
Syntaxreturn
View Any view except user view
Default level
2: System levelParameters
None
7/24/2019 Download hp manual
17/211
10
Example# Return to user view from GigabitEthernet 1/0/1 view.
[Sysname-GigabitEthernet1/0/1] return
screen-length disableDescriptionUse screen-length disable to disable the multiple-screen output function.
Use undo screen-length disable to enable the multiple-screen output function.
The default settings of the screen-length command are: multiple-screen output enabled and 24 linesdisplayed on the next screen. For more information aboutscreen-length, see Logging in to the switchcommands.
When the user logs out, the settings restore to their default values.
Syntaxscreen-length disable
undo screen-length disable
ViewUser view
Default level1: Monitor level
Parameters
NoneExample
# Disable multiple-screen output for the current user. screen-length disable
superDescription
Use super to switch user privilege levels.
If no level is specified, the command switches the user privilege level to 3. Command levels include fourprivileges: visit (0), monitor (1), system (2), and manage (3). Assign privilege level according to the usersneed. When logging in to the switch, the user can access the assigned level and all levels below it.
7/24/2019 Download hp manual
18/211
11
A user can switch to a lower privilege level unconditionally. To switch to a higher privilege level: An AUX user can switch to a higher privilege level without entering any password. A VTY user must input the switching password set by thesuper password command to switch to ahigher privilege level. If the password is incorrect or no password is configured, the switchingoperation fails.
Related commands:super password.Syntax
super [ level ]
ViewUser view
Default level0: Visit level
Parameter
level : User level, which ranges from 0 to 3 and defaults to 3.Examples
1. Switch to user privilege level 2 from privilege level 3. super 2
User privilege level is 2, and only those commands can be used
whose level is equal or less than this.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE
2. Switch the user privilege level back to 3 (the switching password123 has been set). If nopassword is set, the user privilege level cannot be switched to 3. super 3
Password:User privilege level is 3, and only those commands can be used
whose level is equal or less than this.
Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE
super authentication-modeDescription
Use super authentication-mode to set the authentication mode for user privilege level switch.
Use undo super authentication-mode to restore the default condition (authentication mode).
Related commands:super password.
Syntaxsuper authentication-mode{ local | scheme } *
undo super authentication-mode
ViewSystem view
7/24/2019 Download hp manual
19/211
12
Default level2: System level
Parameterslocal: Authenticates a user by using the local password set by thesuper password command. When nopassword is set, two results can occur: the privilege level switch succeeds if the user is logged in through
the AUX user interface; the switch operation fails if the user logs in through a VTY user interface. If theuser enters the incorrect password, the switch operation fails.
scheme: AAA authentication. For more information about AAA, see theSecurity Configuration Guide .
local scheme: Firstlocal and then scheme, which authenticates a user by using the local password first. Ifno password is set, the user logged in through the AUX user interface can switch the privilege level; otherusers need to pass AAA authentication before they can switch the privilege level.
scheme local: Firstscheme and then local, which authenticates a user by performing the AAAauthentication first. If the AAA configuration is invalid (the domain parameters or authentication schemeare not configured) or the server does not respond, the local password authentication is performed.
Examples1. Set the authentication mode for the user privilege level switch tolocal.
system-view
[Sysname] super authentication-mode local
2. Set the authentication mode for the user privilege level switch toscheme local. system-view
[Sysname] super authentication-mode scheme local
super passwordDescription
Use super password to set the password used to switch user privilege to a higher level.Use the simple parameter to set a simple-text password.Use the cipher parameter to set a cipher-text password. A cipher-text password is recommended.During authentication, you must input a cipher-text password regardless of the password type you set.
Use undo super password to restore the default condition (no password is set).
Syntaxsuper password [ leveluser-level ] { simple | cipher } password
undo super password [ level user-level ]
ViewSystem view
Default level2: System level
Parameterslevel user-level : User privilege level, which ranges from 1 to 3 and defaults to 3.
simple: Plain-text password, a string of 1 to 16 characters.
7/24/2019 Download hp manual
20/211
13
cipher : Cipher-text password. A cipher password is a string of 1 to 16 characters in plain text or 24characters in cipher text. For example, the simple text 1234567 corresponds to the cipher text(TT8F]Y\5SQ=^Q`MAF4
7/24/2019 Download hp manual
21/211
14
Example# Enter system view from the user view.
system-view
System View: return to User View with Ctrl+Z.
[Sysname]
7/24/2019 Download hp manual
22/211
15
Logging in to the switch commands
acl (user interface view)Description
Use acl to reference ACLs to control access to the VTY user interface.If no ACL is referenced in VTY user interface view, the VTY user interface has no access control overestablishing a Telnet or SSH connection.If an ACL is referenced in VTY user interface view, the connection is permitted only when packetsestablishing a Telnet or SSH connection match a permit statement in the ACL.The system regards the basic/advanced ACL with theinbound keyword, the basic/advanced ACLwith theoutbound keyword, Ethernet frame header ACL as four different types of ACLs, which cancoexist in one VTY user interface.
The match order is basic/advanced ACL, Ethernet frame header ACL. At most one ACL of each typecan be referenced in the same VTY user interface, and the last configured one takes effect.
Use undo acl to cancel the ACL application. For more information about ACL, see the ACL and QoSConfiguration Guide . By default, access to the VTY user interface is not restricted.
SyntaxTo use a basic or advanced ACL:
acl [ ipv6 ] acl-number{inbound | outbound }
undo acl [ ipv6 ] acl-number { inbound | outbound }To use an Ethernet frame header ACL:
acl acl-number inbound
undo acl acl-number inbound
View VTY user interface view
Default level
2: System level
Parametersipv6: When this keyword is present, the command supports IPv6; otherwise, it supports IPv4.
acl-number : Number of the ACL. The value range varies with devices:
Basic ACL: 2000 to 2999 Advanced ACL: 3000 to 3999Ethernet frame header ACL: 4000 to 4999
inbound: Restricts Telnet or SSH connections established in the inbound direction through the VTY userinterface. If the received packets for establishing a Telnet or SSH connection are permitted by an ACL rule,
7/24/2019 Download hp manual
23/211
16
the connection is allowed to be established. When the device functions as a Telnet server or SSH server,this keyword is used to control access of Telnet clients or SSH clients. outbound: Restricts Telnet connections established in the outbound direction through the VTY userinterface. If the packets sent for establishing a Telnet connection are permitted by an ACL rule, theconnection is allowed to be established. When the device functions as a Telnet client, this keyword isused to define Telnet servers accessible to the client.
Example# Allow only the user with the IP address of 192.168.1.26 to access the device through Telnet or SSH.
system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 192.168.1.26 0
[Sysname-acl-basic-2001] quit
[Sysname] user-interface vty 0
[Sysname-ui-vty0] acl 2001 inbound
With this configuration, user A (with IP address 192.168.1.26) can Telnet to the device but user B (with IPaddress 192.168.1.60) cannot. If a connection failure occurs, the "%connection closed by remotehost! " message will appear.
activation-keyDescription
Use activation-key to define a shortcut key for starting a terminal session.Theactivation-key command is not supported by the VTY user interface.To display the shortcut key you have defined, use thedisplay current-configuration| includeactivation-keycommand.If a new shortcut key is defined with theactivation-keycommand, the Enter key no longer functions.
Use undo activation-key to restore the default. By default, pressing theEnterkey starts a terminal session.Syntax
activation-key character
undo activation-key
ViewUser interface view
Default level
3: Manage level
7/24/2019 Download hp manual
24/211
17
Parameterscharacter: Shortcut key for starting a terminal session, a single character (or its ASCII code value thatranges from 0 to 127) or a string of one to three characters. Only the first character functions as theshortcut key. For example, if you input an ASCII code value of 97, the system uses its charactera as theshortcut key. If you input string b@c, the system uses the first characterb as the shortcut key.
Examples1. Configure character s as the shortcut key for starting a terminal session on the console port.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] activation-key s
To verify the configuration, perform the following operations:2. Exit the terminal session on the console port.
[Sysname-ui-aux0] return
quit
3. Log in to the console port again. The following message appears:******************************************************************************* Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
User interface aux0 is available.
Please press ENTER.
4. At this moment, pressing Enter does not start a session. To start the terminal session, enters.
%Mar 2 18:40:27:981 2005 Sysname SHELL/5/LOGIN: Console logged in from aux0.
auto-execute commandDescription
CAUTION: Applyingauto-execute command to the user interface may disable you from configuring the system.Before configuring the command and saving the configuration (by using thesave command), makesure that you can access the device through VTY and AUX interfaces to remove the configuration whena problem occurs.
auto-execute command is not supported by the console port.
Use auto-execute command to specify a command automatically executed when a user logs in to thecurrent user interface.
The system automatically executes the command when a user logs in to the user interface, and tearsdown the user connection after the command is executed.
7/24/2019 Download hp manual
25/211
18
If the command triggers another task, the system does not tear down the user connection until thetask is completed.
Use undo auto-execute command to remove the configuration. By default, command auto-execution isdisabled.
Syntaxauto-execute command command
undo auto-execute command
ViewUser interface view
Default level
3: Manage level
Parametercommand : Specifies a command to be automatically executed.
Examples1. Configure the device to automatically Telnet to 192.168.1.41 after a user logs in to interface VTY
0. system-view
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] auto-execute command telnet 192.168.1.41
% This action will lead to configuration failure through ui-vty0. Are yousure?
[Y/N]:y
[Sysname-ui-vty0]
2. To verify the configuration, perform the following operations:
Telnet to 192.168.1.40. The device automatically Telnets to 192.168.1.41. The following output isdisplayed:
C:\> telnet 192.168.1.40
****************************************************************************
* Copyright(c)2010-2011 Hewlett-Packard Development Company, L.P. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
7/24/2019 Download hp manual
26/211
19
Trying 192.168.1.41 ...
Press CTRL+K to abort
Connected to 192.168.1.41 ...
****************************************************************************
* Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
This operation is the same as directly logging in to the device at 192.168.1.41. If the Telnetconnection to 192.168.1.41 breaks down, the Telnet connection to 192.168.1.40 breaks down at thesame time.
authentication-modeDescription
Use authentication-mode to set the authentication mode for the user interface.
Use undo authentication-mode to restore: VTY user interfaces authentication mode default (password) AUX user interface authentication mode default (none)
Related commands:set authentication password.
Syntaxauthentication-mode{none | password | scheme }
undo authentication-mode View
User interface view
Default level
3: Manage level
Parametersnone: Performs no authentication.
password: Performs local password authentication.
scheme: Performs AAA authentication. For more information about AAA, see theSecurity ConfigurationGuide.
7/24/2019 Download hp manual
27/211
20
Examples1. Specify that no authentication is needed when users log in to the device through VTY 0. This mode
is insecure. system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] authentication-mode none
2. Use password authentication when users log in to the device through VTY 0, and set theauthentication password to321.
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] authentication-mode password
[Sysname-ui-vty0] set authentication password cipher 321
3. Authenticate users by username and password when users log in to the device through VTY 0. Setthe username to 123 and the password to 321.
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] authentication-mode scheme[Sysname-ui-vty0] quit
[Sysname] local-user 123
[Sysname-luser-123] password cipher 321
[Sysname-luser-123] service-type telnet
[Sysname-luser-123] authorization-attribute level 3
command accountingDescription
Use command accounting to enable command accounting. When command accounting is enabled and command authorization is not, every executedcommand is recorded on the HWTACACS server.
When both command accounting and command authorization are enabled, only the authorized andexecuted commands are recorded on the HWTACACS server.
Use undo command accounting to restore the default (command accounting disabled). The accountingserver does not record the commands that users have executed.
Syntaxcommand accounting
undo command accounting
ViewUser interface view
Default level3: Manage level
ParametersNone
7/24/2019 Download hp manual
28/211
21
Example# Enable command accounting on VTY 0. The HWTACACS server records the commands executed byusers that have logged in through VTY 0.
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] command accounting
command authorizationDescription
Use command authorization to enable command authorization. When enabled, users can only performcommands authorized by the server.
Use undo command authorization to restore the default (command authorization disabled). Logged-inusers can execute commands without authorization.
Syntaxcommand authorization
undo command authorization
ViewUser interface view
Default level3: Manage level
ParametersNone
Example# Enable command accounting for VTY 0 so that users logging in from VTY 0 can perform only thecommands authorized by the HWTACACS server.
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] command authorization
databitsDescription
This command only applies to the console port.Use databits to set data bits for each character. The data bits setting must be the same for the userinterface of the connecting port on the device and the terminal device for communication.
Use undo databits to restore the default (8 data bits per character).
Syntaxdatabits {5 | 6 | 7 | 8 }
undo databits
7/24/2019 Download hp manual
29/211
22
ViewUser interface view
Default level
2: System level
Parameters5: Sets 5 data bits for each character.
6: Sets 6 data bits for each character.
7: Sets 7 data bits for each character.
8: Sets 8 data bits for each character.
Example# Specify 5 data bits for each character.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] databits 5
display ip httpDescription
Use display ip http to display HTTP information.
Syntaxdisplay ip http[ | {begin | exclude | include } regular-expression ]
View
Any viewDefault level
1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display information about HTTP.
display ip http
HTTP port: 80
Basic ACL: 2222
Current connection: 0
7/24/2019 Download hp manual
30/211
23
Operation status: Running
Table 1 Command output
Field Description
HTTP port Port number used by the HTTP service.
Basic ACL Basic ACL number associated with the HTTP service.Current connection Number of current connections.
Operation statusOperation status: RunningHTTP service is enabled. StoppedHTTP service is disabled.
display ip httpsDescription
Use display ip https to display information about HTTPS.
Syntaxdisplay ip https[ | {begin | exclude | include } regular-expression ]
View Any view
Default level1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
7/24/2019 Download hp manual
31/211
24
Example# Display information about HTTPS.
display ip https
HTTPS port: 443
SSL server policy: test
Certificate access-control-policy:
Basic ACL: 2222
Current connection: 0
Operation status: Running
Table 2 Command output
Field Description
HTTPS port Port number used by the HTTPS service.
SSL server policy SSL server policy associated with the HTTPS service.
Certificate access-control-policyCertificate attribute access control policy associated with theHTTPS service.
Basic ACL Basic ACL number associated with the HTTPS service.
Current connection Number of current connections.
Operation statusOperation status: RunningHTTPS service is enabled. StoppedHTTPS service is disabled.
display telnet client configurationDescription
Use display telnet client configurationto display device configuration when it serves as a Telnet client.
Syntaxdisplay telnet client configuration [ | {begin | exclude | include } regular-expression ]
View Any view
Default level1: Monitor level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see the Fundamentals Configuration Guide .
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
7/24/2019 Download hp manual
32/211
25
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display the configuration of the device when it serves as a Telnet client.
display telnet client configuration
The source IP address is 1.1.1.1.
The output shows that when the device serves as a client, the source IPv4 address for sending Telnetpackets is 1.1.1.1.
display user-interfaceDescription
Use display user-interface to display information about a specific interface or all user interfaces.If thesummary parameter is included, the command displays all user interface numbers and types.If the summary parameter is not included, the command displays the type of the user interface, theabsolute or relative number, the transmission rate, the user privilege level, the authentication mode,and the access port.
Syntaxdisplay user-interface [ num1 | { aux | vty } num2 ] [ summary ] [ | { begin | exclude | include }regular-expression ]
View Any view
Default level
1: Monitor level
Parametersnum1: Absolute number of a user interface. The value range varies with devices.
aux: Specifies the AUX user interface.
vty: Specifies the VTY user interface.
num2 : Relative number of a user interface. It ranges from 0 to 9 for an AUX user interface and 0 to 15 fora VTY user interface.
summary: Displays summary about user interfaces.
| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
7/24/2019 Download hp manual
33/211
26
Examples1. Display information about user interface 29.
display user-interface 29
Idx Type Tx/Rx Modem Privi Auth Int
+ 29 VTY 0 - 3 N -
+ : Current user-interface is active.
F : Current user-interface is active and work in async mode.
Idx : Absolute index of user-interface.
Type : Type and relative index of user-interface.
Privi: The privilege of user-interface.
Auth : The authentication mode of user-interface.
Int : The physical location of UIs.
A : Authentication use AAA.
L : Authentication use local database.
N : Current UI need not authentication.
P : Authentication use current UI's password.
Table 3 Command output
Field Description
+ The current user interface is active.
F The current user interface is active and works in asynchronous mode.
Idx Absolute number of the user interface.
Type Type and relative number of the user interface.
Tx/Rx Transmission/Receive rate of the user interface.
Modem Whether the modem is allowed to dial in (in), dial out (out), or both (inout).
By default, the hyphen (-) is displayed to indicate that this function is disabled.Privi Indicates the command level of a user under that user interface.
Auth
Authentication mode for the users: AAAA authentication. PPassword authentication. LLocal authentication. NNone authentication.
Int The physical port that corresponds to the user interface.
A AAA authentication with the authentication mode ofscheme .
L Local authentication (not supported).
N No authentication with the authentication mode ofnone .
P Password authentication with the authentication mode ofpassword .
7/24/2019 Download hp manual
34/211
27
2. Display summary about all user interfaces. display user-interface summary
User interface type : [TTY]
0:XXX
User interface type : [AUX]
3:XXXX XXXX XX
User interface type : [VTY]
29:UXXX XXXX XXXX XXXX
1 character mode users. (U)
28 UI never used. (X)
1 total UI in use
Table 4 Command output
Field Description
User interface type Type of user interface (AUX or VTY).
0:X
0Represents the absolute number of the user interface. XThis user interface is not used. UThis user interface is in use.
Character mode users. (U) Number of users or the total number of character U.
UI never used. (X) Number of user interfaces not used or the total number ofcharacter X.
Total UI in use Total number of user interfaces in use.
display usersDescription
Use display users to display information about the interfaces that are active.
Use display users all to display information about all interfaces supported by the device.
Syntaxdisplay users [ all ] [ | {begin | exclude | include } regular-expression ]
View Any view
Default level
1: Monitor levelParameters
all: Displays information about all user interfaces that the device supports.
| : Filters command output by specifying a regular expression. For more information about regularexpressions, see CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
7/24/2019 Download hp manual
35/211
28
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display information about the user interfaces that are being used.
display users
The user application information of the user interface(s):Idx UI Delay Type Userlevel
+ 29 VTY 0 00:00:00 TEL 3
Following are more details.
VTY 0 :
Location: 192.168.0.5
+ : Current operation user.
F : Current operation user work in async mode.
Table 5 Command output
Field Description
Idx Absolute number of the user interface.
UIRelative number of the user interface. For example, with VTY, the first columnrepresents user interface type, and the second column represents the relative numberof the user interface.
Delay Time elapsed since the user's last input, in the format of hh:mm:ss.
Type User type, such as Telnet, SSH.
Userlevel User level: 0 for visit, 1 for monitor, 2 for system, and 3 for manage.
+ Current user.
Location IP address of the user.
F The current user works in asynchronous mode.
display web usersDescription
Use display web users to display information about web users.
Syntaxdisplay web users [ | {begin | exclude | include } regular-expression]
View Any view
Default level1: Monitor level
7/24/2019 Download hp manual
36/211
29
Parameter| : Filters command output by specifying a regular expression. For more information about regularexpressions, see "CLI configuration.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display information about the current web users.
display web users
UserID Name Language Level State LinkCount LoginTime LastTime
ab890000 admin Chinese Management Enable 0 14:13:46 14:14:18
Table 6 Command output
Field DescriptionUserID ID of a web user.
Name Name of the web user.
Language Login language used by the web user.
Level Level of the web user.
State State of the web user.
LinkCount Number of tasks that the web user runs.
LoginTime Time when the web user logged in.
LastTime Last time when the web user accessed the switch.
escape-keyDescription
Use escape-key to define a shortcut key for aborting a task. The new shortcut key functions to terminate atask.If you set the character parameter in a user interface of a device to log in to the device and then Telnet toanother device, the character argument can only be used as a control character to abort a task (not forinput as a common character). This can cause problems, which you can avoid by specifyingcharacter asa key combination rather than as a single character.
For example, in a VTY 0 user interface, if you specifycharacter as e on Device A and log in to Device Aon a PC (Hyper Terminal):
The problem does not occur on Device A. Entere as a common character on the A, and also use e to terminate the task running on Device A.The problem occurs if you Telnet from Device A to Device B. On Device B, you can only usee toterminate the task running on Device B. You cannot inpute as a common character (as part ofanother command, for example) To avoid this, specify character as a key combination.
Use undo escape-key to restore the default key combination (Ctrl+C).
7/24/2019 Download hp manual
37/211
30
To display the shortcut key you have defined, use thedisplay current-configurationcommand.
Syntaxescape-key {default | character }
undo escape-key
ViewUser interface view
Default level
3: Manage level
Parameterscharacter: Specifies the shortcut key for aborting a task, a single character (or its ASCII code value in therange 0 to 127), or a string of 1 to 3 characters. Only the first character of a string functions as theshortcut key. If you enter an ASCII code value of 113, the system uses its character q as the shortcut key. Ifyou enter the string q@c, the system uses the first characterq as the shortcut key.
default: Restores the default escape key combination ofCtrl+C.
Examples# Define keya as the shortcut key for aborting a task.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] escape-key a
# To verify the configuration, perform the following operations:1. Use the ping command to check the reachability of the device with the IP address of
192.168.1.49, and use the -c keyword to specify the number of ICMP echo packets to besent as 20.
ping -c 20 192.168.1.49PING 192.168.1.49: 56 data bytes, press a to break
Reply from 192.168.1.49: bytes=56 Sequence=1 ttl=255 time=3 ms
Reply from 192.168.1.49: bytes=56 Sequence=2 ttl=255 time=3 ms
2. Entera . The task terminates immediately and the system returns to system view.--- 192.168.1.49 ping statistics ---
2 packet(s) transmitted
2 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/3/3 ms
7/24/2019 Download hp manual
38/211
31
flow-controlDescription
Use flow-control to configure the flow control mode.The switch supports thenone flow control mode only.
The command only applies to the console port.Use undo flow-control to restore the default (none is the default flow control mode). No flow control isperformed.
Syntaxflow-control{hardware | none | software }
ViewUser interface view
Default level
2: System level
Parametershardware : Performs hardware flow control.
none: Disables flow control.
software: Performs software flow control.
Example# Configure no flow control in the inbound and outbound directions for AUX 0.
system-view
[Sysname] user-interface aux 0[Sysname-ui-aux0] flow-control none
free user-interfaceDescription
This command cannot release the connection that you are using.
Use free user-interface to release the established connection.
Syntax
free user-interface{num1 | { aux | vty }num2 } View
User view
Default level
3: Manage level
7/24/2019 Download hp manual
39/211
32
Parametersnum1: Absolute number of a user interface. The value range varies with devices.
aux: Specifies the AUX user interface.
vty: Specifies the VTY user interface.
num2 : Relative number of a user interface. The value ranges from 0 to 9 for an AUX user interface and 0
to 15 for a VTY user interface.Examples
1. Display the connection established on user interface VTY 1. display users
The user application information of the user interface(s):
Idx UI Delay Type Userlevel
+ 29 VTY 0 00:00:00 TEL 3
Following are more details.
VTY 0 :
Location: 192.168.0.5
+ : Current operation user.F : Current operation user work in async mode.
2. You can display information about the users that are using the device. free user-interface vty 1
Are you sure to free user-interface vty1? [Y/N]:y
3. To make configurations without interruption from the user using VTY1, you can release theconnection established on VTY1.
free web-usersDescription
Use free web-users to disconnect a specific web user or all web users by force.
Syntaxfree web-users{all | user-id userid | user-name username }
ViewUser view
Default level2: System level
Parameteruserid : Web user ID.
username : User name of the web user. This argument can contain 1 to 80 characters.
all: Specifies all web users.
7/24/2019 Download hp manual
40/211
33
Example# Disconnect all web users by force.
free web-users all
history-command max-sizeDescription
Use history-command max-size to set the size of the history command buffer for the current user interface.The history command buffer saves executed history commands for each user interface.Buffers for different user interfaces do not affect each other.
To display the commands that are stored in the history buffer, usedisplay history.To view the recently executed commands, press the upper or lower arrow key. For more informationabout display history-command, see CLI configuration commands.
After you terminate the current session, the system automatically removes the commands saved in thehistory buffer.
Use undo history-command max-size to restore the default (10 commands saved).
Syntaxhistory-command max-size size-value
undo history-command max-size
ViewUser interface view
Default level2: System level
Parameterssize-value : Specifies the maximum number of history commands that the buffer can store. The valueranges from 0 to 256.
Example# Set the buffer to store a maximum of 20 history commands.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] history-command max-size 20
7/24/2019 Download hp manual
41/211
34
idle-timeoutDescription
Use idle-timeout to set the idle-timeout timer.Setting idle-timeout to 0 disables the timer and maintains the connection until you terminate it.
If no information interaction occurs between the device and the user within the timeout time, thesystem automatically terminates the connection.
Use undo idle-timeout to restore the default timeout (10 minutes).
Syntaxidle-timeout minutes[ seconds ]
undo idle-timeout
ViewUser interface view
Default level2: System level
Parametersminutes: Specifies the timeout time, in minutes, which ranges from 0 to 35791 and defaults to 10 minutes.
seconds: Specifies the timeout time, in seconds, which ranges from 0 to 59 and defaults to 0 seconds.
Example# Set the idle-timeout timer to 1 minute and 30 seconds.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] idle-timeout 1 30
ip http aclDescription
Use ip http acl to associate an ACL with the HTTP service. After the HTTP service is associated with an ACL, only the clients permitted by the ACL can access the device through HTTP.
Use undo ip http acl to remove the association and restore the default condition (HTTP service is notassociated with any ACL by default).
Related commands:display ip http; acl (see ACL and QoS Command Reference ). Syntax
ip http acl acl-number
undo ip http acl
View
System view
7/24/2019 Download hp manual
42/211
35
Default level2: System level
Parametersacl-number : ACL number. A basic IPv4 ACL ranges from 2000 to 2999.
Example# Associate the HTTP service with ACL 2001 to only allow the clients within the 10.10.0.0/16 network toaccess the device through HTTP.
system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ip http acl 2001
ip http enable
DescriptionUse ip http enable to enable the HTTP service. The device can act as the HTTP server when enabled.
Use undo ip http enable to disable the HTTP service.
Related commands:display ip http.
Syntaxip http enable
undo ip http enable
View
System viewDefault level
2: System level
ParametersNone
Example# Enable the HTTP service.
system-view
[Sysname] ip http enable
ip http portDescription
Verify that the port number is not used by another service. This command does not check for conflicts withconfigured port numbers.
Use ip http port to configure the port number of the HTTP service.
7/24/2019 Download hp manual
43/211
36
Use undo ip http port to restore the default port number (80 is the default port).
Related commands:display ip http.
Syntaxip http port port-number
undo ip http port
ViewSystem view
Default level3: Manage level
Parameterport-number : Port number of the HTTP service, which ranges from 1 to 65535.
Example# Configure the port number of the HTTP service as 8080.
system-view
[Sysname] ip http port 8080
ip https acl Description
Use ip https acl to associate HTTPS service with an ACL. After this association, only clients permitted bythe ACL rules can access the device.
Use undo ip https acl to remove the association and restore the default condition (no association is thedefault).
Related commands:display ip https; acl ( ACL and QoS Command Reference ).
Syntaxip https acl acl-number
undo ip https acl
ViewSystem view
Default level3: Manage level
Parameteracl-number : ACL number. A basic IPv4 ACL ranges from 2000 to 2999. The value range depends on thedevice model.
Example# Associate the HTTPS service with ACL 2001 to only allow the clients in the 10.10.0.0/16 networksegment to access the HTTPS server through HTTP.
system-view
7/24/2019 Download hp manual
44/211
37
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255
[Sysname-acl-basic-2001] quit
[Sysname] ip https acl 2001
ip https certificate access-control-policyDescription
Use ip https certificate access-control-policy to associate the HTTPS service with a certificate attributeaccess control policy. Association of the HTTPS service with a certificate attribute access control policycontrols client access rights.
Use undo ip https certificate access-control-policy to remove the association and restore the defaultcondition (no association by default).
Related commands: display ip https; pki certificate access-control-policy (see Security CommandReference ).
Syntax
ip https certificate access-control-policy policy-name undo ip https certificate access-control-policy
ViewSystem view
Default level3: Manage level
Parameterpolicy-name : Name of the certificate attribute access control policy, a string of 1 to 16 characters.
Example# Associate the HTTPS server with certificate attribute access control policymyacl.
system-view
[Sysname] ip https certificate access-control-policy myacl
7/24/2019 Download hp manual
45/211
38
ip https enableDescription
Use ip https enable to enable the HTTPS service. The device can act as the HTTP server if enabled.
Enabling the HTTPS service triggers an SSL handshake negotiation process.If the local certificate of the device exists, the SSL negotiation succeeds and the HTTPS service canbe started.If no local certificate exists, the SSL negotiation triggers a certificate application process that oftenfails because it times out. If that happens, execute theip https enable command multiple times tostart the HTTPS service.
Use undo ip https enable to disable the HTTPS service (the default condition).
Related commands:display ip https.
Syntax
ip https enable
undo ip https enable
View
System view
Default level3: Manage level
ParametersNone
Example# Enable the HTTPS service.
system-view
[Sysname] ip https enable
ip https portDescription
Verify that the port number is not used by another service. This command does not check for conflicts withconfigured port numbers.
Use ip https port to configure the port number of the HTTPS service.Use undo ip https port to restore the default port number (443 is the default port).
Related commands:display ip https.
Syntaxip https port port-number
undo ip https port
7/24/2019 Download hp manual
46/211
39
ViewSystem view
Default level3: Manage level
Parameterport-number : Port number of the HTTPS service, which ranges from 1 to 65535.
Example# Configure the port number of the HTTPS service as 6000.
system-view
[Sysname] ip https port 6000
ip https ssl-server-policyDescription
Use ip https ssl-server-policy to associate the HTTPS service with an SSL server-end policy.Use undo ip https ssl-server-policy to remove the association and restore the default condition (noassociation).
The HTTPS service can be enabled only after this command is configured. After the HTTPS service isenabled, you cannot:
Modify the associated SSL server-end policy.Remove the association between the HTTPS service and the SSL server-end policy.
Related commands:display ip https; ssl server-policy (Security Command Reference ).
Syntax
ip https ssl-server-policy policy-nameundo ip https ssl-server-policy
ViewSystem view
Default level3: Manage level
Parameterpolicy-name : Name of an SSL server policy, a string of 1 to 16 characters.
Example # Associate the HTTPS service with SSL server-end policymyssl.
system-view
[Sysname] ip https ssl-server-policy myssl
7/24/2019 Download hp manual
47/211
40
lockDescription
Use lock to prevent unauthorized users from using the user interface. When entering the lock command:
1. Enter a password (up to 16 characters).
2. Confirm it by entering the password again.
3. To set the password, enter the same password. After locking the user interface, the next time you access it, you must pressEnter and enter thecorrect password.
Syntaxlock
View
User viewDefault level
3: Manage level
ParametersNone
Example# Lock the current user interface.
lock
Please input password to lock current user terminal interface:
Password:
Again:
locked !
Password:
parityDescription
This command only applies to the console port.
Use parity to set a parity check method. This setting must be identical for the user interface of theconnecting port on the device and the target terminal device.
Use undo parity to restore the default (no parity check performed).
Syntaxparity {even | mark | none | odd | space }
undo parity
7/24/2019 Download hp manual
48/211
41
ViewUser interface view
Default level
2: System level
Parameterseven: Performs an even parity check.
mark: Performs a mark parity check.
none: Performs no parity check.
odd: Performs an odd parity check.
space: Performs a space parity check.
Example# Configure the console port to perform odd parity check.
system-view
[Sysname] user-interface aux 0[Sysname-ui-aux0] parity odd
protocol inboundDescription
Use protocol inbound to enable the user interface to support Telnet, SSH, or both. The configuration iseffective next time you log in.
Before configuring a user interface to support SSH, set the authentication mode toscheme for userslogging in through the user interface. Otherwise,protocol inbound sshfails. For more information,see authentication-mode.
By default: All protocols are supported.The authentication mode of the Telnet protocol ispassword.
Syntaxprotocol inbound {all | ssh | telnet }
View VTY interface view
Default level3: Manage level
Parametersall: Supports all three protocols: Telnet, SSH, and both.
ssh: Supports SSH only.
telnet: Supports Telnet only.
7/24/2019 Download hp manual
49/211
42
Example# Enable the VTYs 0 through 15 to support SSH only.
system-view
[Sysname] user-interface vty 0 15
[Sysname-ui-vty0-15] authentication-mode scheme
[Sysname-ui-vty0-15] protocol inbound ssh
screen-lengthDescription
Not all display terminals support this command setting.
Use screen-length to set the number of lines on the next screen.
Because terminal display varies, you may need to press theSpace, Page Up, or Page Down key to displayadditional lines of information. For example, if you setscreen-length to 40, but the terminal screen candisplay only 24 lines: When you press Space, the device sends 40 lines, but the next screen displays onlylines 18 through 40. To view the first 17 lines, you must press thePage Up or Page Downkey.
Use undo screen-length to restore the default next screen display (24 lines).
To disable multiple-screen output of the current user interface, use thescreen-length disable command. Formore information about thescreen-length disable command, see CLI configuration commands.
Syntaxscreen-length screen-length
undo screen-length
ViewUser interface view
Default level2: System level
Parameterscreen-length: Number of lines on the next screen, which ranges from 0 to 512. Setting a value of 0disables pausing between screens of output.
Example# Set the next screen of the AUX user interface to display 30 lines.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] screen-length 30
7/24/2019 Download hp manual
50/211
43
sendDescription
Use send to send messages to the specified user interfaces.
To end the message input, press Ctrl+Z. To cancel the message input and return to user view, press Ctrl+C.
Syntaxsend {all | num1 | { aux | vty }num2 }
ViewUser view
Default level
1: Monitor level
Parametersall: Sends messages to all user interfaces.
num1: Absolute number of a user interface. The value range varies with devices.
aux: Specifies the AUX user interface.
vty: Specifies the VTY user interface.
num2 : Relative number of a user interface. The value ranges from 0 to 9 for an AUX user interface and 0to 15 for a VTY user interface.
Example# Send message hello abc to the AUX user interface.
send aux 0
Enter message, end with CTRL+Z or Enter; abort with CTRL+C:hello abc^Z
Send message? [Y/N]:y
***
***
***Message from aux0 to aux0
***
hello abc
7/24/2019 Download hp manual
51/211
44
set authentication passwordDescription
Use set authentication password to set a local authentication password. You must enter the password inplain-text during authentication. A plain-text password can be easily compromised. It is safer to use a
cipher-text password.Use undo set authentication password to restore the default (no local authentication password).
Related commands:authentication-mode.
Syntaxset authentication password{cipher | simple }password
undo set authentication password
ViewUser interface view
Default level 3: Manage level
Parameterscipher : Cipher-text password.
simple: Plain-text password.
password : A case-sensitive string. If the password format issimple, the password argument must be inplain text, and the configuration file saves the password in plain text. If the format iscipher , password can be either in cipher text or in plain text, and the configuration file always saves the password in ciphertext. A plain-text password can be a string of up to 16 characters. A cipher-text password or the
encrypted version of the plain-text password comprises 24 characters, such as_(TT8F]Y\5SQ=^Q`MAF4
7/24/2019 Download hp manual
52/211
45
shellDescription
The command is not applicable to the console port.
Use shell to enable terminal services on the user interface. By default, terminal services are enabled on alluser interfaces.Use undo shell to disable terminal services. You cannot disable the terminal services on the user interfacethrough which you are logged in.
Syntaxshell
undo shell
ViewUser interface view
Default level3: Manage level
ParametersNone
Examples1. Disable terminal services on the VTYs 0 through 4.
system-view
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4] undo shell
% Disable ui-vty0-4 , are you sure? [Y/N]:y
[Sysname-ui-vty0-4]
2. The following message appears when a terminal tries to Telnet to the device:The connection was closed by the remote host!
speed (user interface view)Description
This command only applies to the console port.
Use speed to set the transmission rate on the user interface. This setting must be identical for the userinterface of the connecting port on the device and the target terminal device for communicationUse undo speed to restore the default transmission rate (9600 bps is the default rate).
Syntaxspeed speed-value
undo speed
7/24/2019 Download hp manual
53/211
46
ViewUser interface view
Default level
2: System level
Parametersspeed-value : Transmission rate in bps.
The transmission rates available with asynchronous serial interfaces follow:300 bps600 bps1200 bps2400 bps4800 bps9600 bps
19200 bps38400 bps57600 bps115200 bps
The transmission rate varies with devices and configuration environment.
Example# Set the transmission rate on the user interface AUX 0 to 19200 bps.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] speed 19200
stopbitsDescription
This command only applies to the console port.
Use stopbits to set the number of stop bits transmitted per byte. This setting must be identical for the userinterface of the connecting port on the device and the target device for communication.
Use undo stopbits to restore the default stop bit (1).
Syntaxstopbits {1 | 1.5 | 2 }
undo stopbits
ViewUser interface view
Default level
2: System level
7/24/2019 Download hp manual
54/211
47
Parameters1: One stop bit.
1.5: One and a half stop bits.
2: Two stop bits.
Example# Set the stop bits on the user interface AUX 0 to 1.5.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0] stopbits 1.5
telnetDescription
Use telnet to establish Telnet connection with a remote host. The source IPv4 address or source interfacespecified by this command applies to the current Telnet connection only.
To stop the current Telnet connection, pressCtrl+K or use the quit command.
Syntaxtelnet remote-host [ service-port ] [ vpn-instance vpn-instance-name] [ source { interface interface-type interface-number | ip ip-address } ]
ViewUser view
Default level0: Visit level
Parametersremote-host : IPv4 address or host name of a remote host, a case-insensitive string of 1 to 20 characters.
service-port : TCP port number of the Telnet service on the remote host. It ranges from 0 to 65535 anddefaults to 23.
vpn-instancevpn-instance-name : Specifies the MPLS L3VPN that the remote system belongs to, wherevpn- instance-name is a case-sensitive string of 1 to 31 characters. If the remote system is on the public network,do not specify this keyword and argument combination.
source: Specifies the source interface or source IPv4 address of Telnet packets.interface interface-type interface-number:Specifies the source interface. The source IPv4 address of the
Telnet packets that are sent is the IPv4 address of the specified source interface.interface-type interface- number represents the interface type and number, respectively.
ip ip-address: Specifies the source IPv4 address of Telnet packets.
Example# Telnet to the remote host 1.1.1.2, specifying the source IP address of Telnet packets as 1.1.1.1.
telnet 1.1.1.2 source ip 1.1.1.1
7/24/2019 Download hp manual
55/211
48
telnet client sourceDescription
If you use both this command and the telnet command to specify the source IPv4 address or sourceinterface, the source IPv4 address or interface specified by thetelnet command takes effect.
Use telnet client sourceto specify the source IPv4 address or source interface for sending Telnet packetswhen the device serves as a Telnet client. The source IPv4 address or source interface specified by thiscommand applies to all Telnet connections.
Use undo telnet client sourceto remove the source IPv4 address or source interface for sending Telnetpackets. By default, no source IPv4 address or source interface for sending Telnet packets is specified. Thesource IPv4 address is selected by routing.
Related commands:display telnet client configuration.
Syntaxtelnet client source{interface interface-type interface-number | ip ip-address }
undo telnet client source
ViewSystem view
Default level2: System level
Parametersinterface interface-type interface-number : Specifies the source interface. The source IPv4 address of theTelnet packets sent is the IPv4 address of a specific interface.interface-type interface-number representsthe interface type and number, respectively.
ip ip-address: Specifies the source IPv4 address of Telnet packets.Example
# Specify the source IPv4 address for sending Telnet packets when the device serves as a Telnet client as1.1.1.1.
system-view
[Sysname] telnet client source ip 1.1.1.1
7/24/2019 Download hp manual
56/211
49
telnet ipv6Description
Use telnet ipv6 to establish a Telnet connection to a remote host in an IPv6 network. To stop the currentTelnet connection, pressCtrl+K or use the quit command.
Syntaxtelnet ipv6 remote-host [ -i interface-type interface-number ] [ port-number ] [ vpn-instance vpn-instance- name ]
ViewUser view
Default level0: Visit level
Parameters
remote-host : IP address or host name of a remote host, a case-insensitive string of 1 to 46 characters.-i interface-type interface-number:Specifies the outbound interface for sending Telnet packets, whereinterface-type interface-number represents the interface type and number. You need to provide the-iinterface-type interface-number argument if the destination address is a link-local address.
port-number:TCP port number for the remote host to provide the Telnet service. It ranges from 0 to 65535and defaults to 23.
vpn-instance vpn-instance-name : Specifies the MPLS L3VPN that the remote system belongs to, wherevpn- instance-name is a case-sensitive string of 1 to 31 characters. If the remote system is on the public network,do not specify this keyword and argument combination.
Example# Telnet to the remote host with the IPv6 address 5000::1.
telnet ipv6 5000::1
telnet server enableDescription
Use telnet server enable to enable the Telnet server.
Use undo telnet server enable to disable the Telnet server (disabled is the default condition).
Syntaxtelnet server enable
undo telnet server enable
ViewSystem view
Default level3: Manage level
7/24/2019 Download hp manual
57/211
50
ParametersNone
Example# Enable the Telnet server.
system-view
[Sysname] telnet server enable
terminal typeDescription
The device supports two types of terminal display: ANSI and VT100. HP recommends you to set thedisplay type to VT100 on both the device and the client to avoid anomalies when the total number ofcharacters of the edited command line exceeds 80.
Use terminal type to configure the current user interfaces type of terminal display.
Use undo terminal type to restore the default (ANSI is the default).
Syntaxterminal type {ansi | vt100 }
undo terminal type
ViewUser interface view
Default level
2: System level
Parametersansi: Specifies the terminal display type as ANSI.
vt100: Specifies the terminal display type as VT100.
Example# Set the terminal display type to VT100.
system-view
[Sysname] user-interface vty 0
[Sysname-ui-vty0] terminal type vt100
7/24/2019 Download hp manual
58/211
51
user privilege levelDescription
Use user privilege level to assign users logging into the interface a privilege level.
Use undo user privilege level to restore:
AUX user interfaces default to command level 3.Other user interfaces default to command level 0.
Syntaxuser privilege level level
undo user privilege level
ViewUser interface view
Default level
3: Manage level
Parameterlevel : Specifies a user privilege level, which ranges from 0 to 3. User privilege levels include visit (0),monitor (1), system (2), and manage (3). The administrator can change the user privilege level asnecessary.
Examples# Set the command level for users logging in through VTY 0 to 0.
system-view
[Sysname] user-interface vty 0[Sysname-ui-vty0] user privilege level 0
# After you Telnet to the device through VTY 0, the terminal only displays commands of level 0 in the helpinformation:
?
User view commands:
cluster Run cluster command
display Display current system information
ping Ping function
quit Exit from current command view
ssh2 Establish a secure shell client connectionsuper Set the current user priority level
telnet Establish one TELNET connection
tracert Trace route function
7/24/2019 Download hp manual
59/211
52
user-interfaceDescription
Use user-interface to enter a single or multiple user interface views.In single user interface view, the configuration takes effect in the user view only.
In multiple user interface view, the configuration takes effect in these user views.
Syntaxuser-interface{first-num1 [ last-num1 ] | { aux | vty }first-num2[ last-num2] }
ViewSystem view
Default level
2: System level
Parametersfirst-num1: Absolute number of the first user interface. The value range varies with devices.
last-num1: Absolute number of the last user interface. The value range varies with devices. aux: Specifies the AUX user interface. vty: Specifies the VTY user interface.
first-num2 : Relative number of the first user interface: AUX user interfaces: from 0 to 9 VTY user interfaces: from 0 to 15
last-num2 : Relative number of the last user interface: AUX user interfaces: from 0 to 9 for an AUX user interface VTY user interfaces: from 0 to 15, but cannot be smaller than first-num 2.
Examples#Enter AUX user interface view.
system-view
[Sysname] user-interface aux 0
[Sysname-ui-aux0]
#Enter the user interface views of VTYs 0 to 4. system-view
[Sysname] user-interface vty 0 4
[Sysname-ui-vty0-4]
7/24/2019 Download hp manual
60/211
53
FTP configuration commands
FTP server configuration commands display ftp-serverDescription
Use display ftp-server to view the FTP server configuration. Verify configured FTP server parameterwith this command.
Related commands:ftp server enable, ftp timeout, and ftp update.
Syntaxdisplay ftp-server[ | {begin | exclude | include } regular-expression ]
View Any view
Default level
3: Manage level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see the Fundamentals Configuration Guide .
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Example# Display the FTP server configuration.
display ftp-server
FTP server is running
Max user number: 1
User count: 1
Timeout value(in minute): 30Put Method: fast
Table 7 Table 1 Command output
Field Description
Max user number Maximum number of login users at a time.
7/24/2019 Download hp manual
61/211
54
Field Description
User count Number of the current login users.
Timeout value (in minute) Allowed idle time of an FTP connection. If there is no packetexchange between the FTP server and client during the wholeperiod, the FTP connection will be disconnected.
Put Method File update method of the FTP server, including: fast: Fast update. normal: Normal update.
display ftp-userDescription
Use display ftp-user to display detailed information for current FTP users.
Syntaxdisplay ftp-user[ | {begin | exclude | include } regular-expression ]
View Any view
Default level3: Manage level
Parameters| : Filters command output by specifying a regular expression. For more information about regularexpressions, see the Fundamentals Configuration Guide.
begin: Displays the first line that matches the regular expression and all lines that follow.
exclude: Displays all lines that do not match the regular expression.
include: Displays all lines that match the regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples# Display the detailed information of FTP users.
display ftp-user
UserName HostIP Port Idle HomeDir
ftp 192.168.1.54 1190 0 flash:
7/24/2019 Download hp manual
62/211
55
# If the name of the logged-in user exceeds 10 characters, the exceeded characters will appear in thenext line and be right justified. For example, if the logged-in user name is administrator, this is howthe information would appear:
display ftp-user
UserName HostIP Port Idle HomeDir
administra
tor 192.168.0.152 1031 0 flash:Table 8 Command output
Field Description
UserName Name of the logged-in user.
HostIP IP address of the logged-in user.
Port Port that the logged-in user is using.
Idle Duration time of the current FTP connection, in minutes.
HomeDir Authorized path of the present logged-in user.
free ftp userDescription
Use free ftp user to manually release the FTP connection established with the specified usernameimmediately.
Syntaxfree ftp user username
ViewUser view
Default level3: Manage level
Parameterusername : Use the display ftp-user command to view the logged-in user name of the current FTPconnection.
Example
# Manually release the FTP connection established with usernameftpuser . free ftp user ftpuser
Are you sure to free FTP user ftpuser? [Y/N]:y
7/24/2019 Download hp manual
63/211
56
ftp server aclDescription
Use ftp server acl to control FTP clients access to the device using an ACL. When associated with an ACL, the FTP server denies incoming client requests and permits clientaccess allowed by the ACL rules.This configuration has no effect on already established FTP connections and operations.If you execute the command multiple times, the last specified ACL takes effect.
Use undo ftp server aclto restore the default (no ACL used is the default condition).
Syntaxftp server acl acl-number
undo ftp server acl
ViewSystem view
Default level3: Manage level
Parameteracl-number : Basic access control list (ACL) number, ranging from 2000 to 2999.
Example# Associate the FTP service with ACL 2001 to allow only the client 1.1.1.1 to access the device throughFTP.
system-view
[Sysname] acl number 2001[Sysname-acl-basic-2001] rule 0 permit source 1.1.1.1 0
[Sysname-acl-basic-2001] rule 1 deny source any
[Sysname-acl-basic-2001] quit
[Sysname] ftp server acl 2001
ftp server enableDescription
Use ftp server enable to enable the FTP server and allow FTP user login.
Use undo ftp server to disable the FTP server (disabled is the default condition).
Syntaxftp server enable
undo ftp server
ViewSystem view
7/24/2019 Download hp manual
64/211
57
Default level3: Manage level
ParametersNone
Example# Enable the FTP server.
system-view
[Sysna