Page 2
Product provided by Avaya including the selection, arrangement and While reasonable efforts have been made to ensure that the design of the content is owned either by Avaya or its licensors and is information in this document is complete and accurate at the time of protected by copyright and other intellectual property laws including the printing, Avaya assumes no liability for any errors.
The Avaya Secure Router 3120 Command Reference Guide describes the Avaya Secure Router 3120 command line interface (CLI), providing both instructions and typical command syntax and examples. It complements the Secure Router 3120 Configuration Guide, which is used to configure and maintain your Secure Router.
Adobe Acrobat Reader installed on your system, you can obtain it free from the Adobe website: www.adobe.com.. Secure Router Guides SR3120 documentation includes the following: • SR3120 Quick Start Guide Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 33
• SR3120 Command Reference Guide This user guide explains how to configure Secure Routers using the CLI. • SR3120 Web UI User Guide This user guide explains how to configure Secure Routers using the WebUI. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 34
ABOUT THIS GUIDE Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 2: Avaya Secure Router 3120 Basics Default Login Parameters By default, the Avaya Secure Router 3120 ships with the following login parameters for all management methods: Username: admin Password: setup Note: Login information is case sensitive. Enable Telnet Server After upgrading the Secure Router 3120, telnet server is disabled by default.
Table 3: Context-Sensitive Command Sequence Context-Sensitive Command String Example Go into the configuration mode. SR>configure term Specify the type of interface (T1). SR/configure>module t1 Avaya Secure Router 3120 Command Reference Guide December 2010...
In this example, the user enters the first word or argument "connections," appearing in normal type, and then only enters the value "4" of the second word or argument. Syntax: connections connections < n > Command execution: connections 4 Avaya Secure Router 3120 Command Reference Guide December 2010...
Abbreviated Commands You may enter commands by typing the first few characters of each word in a command string. The Avaya Secure Router 3120 recognizes the unique abbreviated entry and executes the command exactly as if you had entered it fully.
Command Help Command help is available for navigating the CLI command hierarchy and for assistance with specific commands. You may obtain help by using one of the three commands described below. Avaya Secure Router 3120 Command Reference Guide December 2010...
(SR> or equivalent) prompt, the entire list of system commands appears. If you type tree within a command mode, such as SR/clear> tree, the commands associated with this command mode are shown. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 42
|-- static |-- dynamic |-- all |-- counters |-- bundle |-- address |-- port |-- static |-- dynamic |-- all |-- counters |-- all |-- dhcps |-- statistics |-- bindings |-- rtp Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 64
|-- flash_file |-- memory |-- terminal |-- mtrace |-- tclsh SR> The following sample tree output is from a Secure Router Secure Router 3120 with E1 and Serial modules installed: SR/configure> tree configure |-- secure_passwords |-- terminal |-- monitor |-- header...
Page 84
|-- flash_file |-- memory |-- terminal |-- mtrace |-- tclsh SR> The following sample tree output is from a Secure Router Secure Router 3120 with E1 and Serial modules installed: SR/configure> tree configure |-- secure_passwords |-- terminal |-- monitor |-- header...
Chapter 4: CLEAR Use the clear commands to clear counters, files, logs, statistics, tables, and other data stored by Avaya Secure Routers 3120. The clear command clears data for both logical and physical interfaces as well as system features such as IP multiplexing, packet filtering, NAT, QoS, SNMP, and VLAN forwarding.
The configuration log stores a history of system configuration events; it also records the use of either the save local or save network commands. syntax: cfg_log example: SR/clear> cfg_log related commands: configure network show configuration running show configuration stored save local applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Resets the counters for the specified Ethernet interface. ethernets Resets the counters for all Ethernet interfaces. tunnel Resets the counters for the specified tunnel interface. tunnels Resets the counters for all of the tunnel interfaces. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command clears transmission counters on a specific bundle. parameter definition bundle_name Bundle on which transmission counters will be cleared. syntax: counters bundle bundle_name < name > example: SR/clear> counters bundle Superior Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear counters Ethernets This command clears the transmission counters on all Ethernet ports. syntax: counters ethernets example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The name of the tunnel (up to eight characters). syntax: counters tunnel < tunnel_name > example: SR/clear> counters tunnel main related commands: clear counters avcs clear counters bundle clear counters bundles clear counters Ethernet applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
1: To clear all of the SA entries in the IKE table: SR/clear/> crypto ike sa all example 2: To clear all of the SA entries for a specified policy: Avaya Secure Router 3120 Command Reference Guide December 2010...
Name of the policy from which the SA entries will be deleted syntax: sa policy-name < all | policy name> example 1: To clear all of the SA entries in the IPSec table: SR/clear> crypto ipsec sa all Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/clear> fr invarp TNET dlci 128 The example above clears inverse ARP data from PVC 128 on the TNET bundle. related commands: clear fr lmistats clear fr vcstats show fr invarp show fr invarp_int applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
Ethernet applies to: All modules clear interface all This command accesses next-level commands for clearing counters on all bundles and all Ethernet ports. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command clears transmission counters on a specific bundle. parameter definition bundle_name Bundle on which transmission counters will be cleared. syntax: interface bundle bundle_name < name > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command clears the transmission counter on all interface bundles. syntax: interface bundles example: host/clear> interface bundles related commands: clear interface avc clear interface bundle clear interface ethernet show interface bundles applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear interface ethernets This command clears the transmission counters on all Ethernet ports. parameter definition ifnum Ethernet port on which transmission counters will be cleared (0 or 1). example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The name of the tunnel. syntax: tunnel tunnel_name example: host/clear> interface tunnel main related commands: clear interface tunnels applies to: All modules clear interface tunnels Resets the all of the tunnel interfaces counters to zero. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip access-list This command accesses next level commands for clearing packet filter data. syntax: ip access-list Avaya Secure Router 3120 Command Reference Guide December 2010...
< name | all > example: SR/clear/ip/access-list> counters Filter02 related commands: clear ip access-list statistics show ip access-list show ip access-list show ip access-list rules show ip access-list statistics applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip dhcps binding This command accesses next-level commands for clearing DHCP server binding data from the system. syntax: ip dhcps binding Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat This command accesses next-level commands for clearing network address translation data from the system. syntax: ip nat example: SR/clear/ip> nat Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat global This command accesses next-level commands to clear global NAT configuration. syntax: global example: SR/clear/ip/nat> global next-level commands clear ip nat global address Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/clear/ip/nat/global> address 10.10.10.5 applies to: All modules clear ip nat global all This command deletes all global NAT entries. syntax: example: SR/clear/ip/nat/global> all applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat global port This command deletes static/dynamic port entries from the network address translation (NAT) table. parameter definition protocol_type Deletes TCP protocol for the specified port. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/clear/ip/nat/global> static applies to: All modules clear ip nat interface This command accesses next-level commands for clearing NAT data from Ethernet ports and bundles. syntax: interface example: SR/clear/ip/nat> interface Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat interface bundle all This command clears all NAT data from a bundle translation table. syntax: example: SR/clear/ip/nat/interface/bundle Austin> all Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat interface bundle dynamic This command clears all dynamic IP addresses and port entries from a bundle translation table. Avaya Secure Router 3120 Command Reference Guide December 2010...
Number of the port to be cleared from the NAT table. The range is 1 - 65535. syntax: port < tcp | udp > ip_address < IP address > port_number < n > example: SR/clear/ip/nat/interface/bundle Austin> port tcp 10.4.72.2 305 Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat interface ethernet This command accesses next-level commands for selecting an Ethernet port for NAT data removal. Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address to be cleared from the NAT table. syntax: address ip_address < IP address > example: SR/clear/ip/nat/interface/ethernet 0> address 10.1.100.4 related commands: clear ip nat interface ethernet all Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat interface ethernet counters This command clears all NAT event counters on an Ethernet port. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip nat interface ethernet static This command clears all static IP address and port entries from an Ethernet port translation table. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip packet_filter counters This command clears counters for specific or all filtering rule sets. Avaya Secure Router 3120 Command Reference Guide December 2010...
Bundle and PVC for which statistics will be cleared (frame relay). Clears all filtering statistics. syntax: ip packet_filter statistics < 0 | 1 | bundle | bundle : pvc | all > example 1: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for clearing IP mux routing data. syntax: ipmux example: host/clear> ipmux related commands: clear ipmux routes applies to: All modules clear ipmux routes This command clears all static ipmux routes from the system. syntax: routes example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip rtp This command accesses next-level commands to clear RTP counters and tables. syntax: clear ip rtp Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip rtp statistics This command clears the RTP statistics for the specified bundle. syntax: statistics interface < bundle name > Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear ip rtp txtable This command clears the RTP transmit table for the specified bundle. syntax: txtable interface < bundle name > Avaya Secure Router 3120 Command Reference Guide December 2010...
Depending on the system, one or more of the following interfaces types may be cleared: T1, E1, Clear Channel T3, Clear Channel T3, or a serial module that supports v.35 or x.21. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
The example above clears statistics from E1 link 1 for the module in slot 2. To see statistics before or after clearing them, use the show module userstats e1 command. related commands: show module userstats e1 applies to: E1 module, serial modules that support v.35 or x.21 module Avaya Secure Router 3120 Command Reference Guide December 2010...
T1 module, serial module that support v.35 or x.21 module Clear Channel T3 clear module ct3_userstats This command clears statistics in one or more CT3 links. parameter definition t3_identifier CT3 slot/port syntax: ct3_userstats t3_identifier Avaya Secure Router 3120 Command Reference Guide December 2010...
This command clears SNMP statistics. syntax: snmp_stats example: SR/clear> snmp_stats The example above clears all system SNMP statistics. To view the current SNMP statistics before clearing them, use the show snmp commands. Avaya Secure Router 3120 Command Reference Guide December 2010...
Clears all entries in the VLAN management table. statistics Clears VLAN forwarding statistics. Choose a particular VLAN ID (number) or a range of VLAN IDs The range is 1 - 4095; the default is all. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command clears all dynamic MAC entries in the forwarding database. syntax: dynamic example: SR> clear vlanfwd macbridge dynamic related commands: clear vlanfwd macbridge all clear vlanfwd macbridge static clear vlanfwd macbridge statistics applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[ vlan_id < n | n - n > ] example: SR> clear statistics 100 applies to: All modules clear vlanfwd table This command clears explicit forwarding entries in the vlan forwarding table. Avaya Secure Router 3120 Command Reference Guide December 2010...
<200-300>; the default is all. syntax: table [ vld_id < n | n - n > ] example: SR> clear vldfwd table 125-200 related commands: clear vldfwd statistics applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[ slot-no ] parameter definition slot-no Identifies the slot. The default is 0 for main Flash. Valid range is : 0 - 2. example: SR/erase> flash applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The above example clears the contents of the system.cfg file. To verify that you have cleared the configuration file, use the show configuration stored or the show flash command. The following screen shows the contents of system.cfg prior to clearing the file. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 155
6467513 FEB-04-2004 13:51:22 T1000.1223.Z 6771268 APR-01-2004 11:38:42 T1000.Z APR-01-2004 11:56:18 system.cfg FEB-05-2004 07:12:30 oldsystem.cfg 6500329 APR-01-2004 11:49:22 T1000.020404.Z > related commands: show configuration stored show flash NCM applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 5: CONFIGURE Use the configure commands to configure an Avaya Secure Router 3120. You also can use these commands to subsequently change a system that has been previously configured. Configuration Methods Before configuring a system, specify the source from which it will be configured. To do this, go to the main CLI prompt and enter one of the commands described below.
A list of up to three authentication values, separated by slashes (/), indicating the order in which the methods are used for login Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure aaa radius auth_port This command configures the port used by the RADIUS server for authentication. Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures fallback for all console and Telnet sessions. The default is off. syntax: [ no ] fallback [ sessions < all > ] example 1: This example configures fallback only for the console connection. SR/configure/aaa/radius> fallback Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure aaa radius secondary_server This command configures the IP address of the secondary RADIUS server. Avaya Secure Router 3120 Command Reference Guide December 2010...
The key is limited to a maximum of 48 characters. parameter definition shared_key key The value of the shared secret RADIUS key. syntax: shared_key key example: SR/configure/aaa/radius> shared_key ax17bfe related commands: configure aaa radius auth_port Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the IP address of the primary tacacs+ server. A primary tacacs+ server must be configured to enable tacacs+. parameter definition ipaddress The IP address of the primary tacacs+ server. syntax: [no] primary_server ipaddress <address> example: SR/configure/aaa/tacacs> primary_server 142.134.14.100 Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the port on the tacacs+ server. parameter definition port The port on the tacacs+ server. Valid range is 1-65535. syntax: server_port port example: SR/configure/aaa/tacacs> server_port 6234 Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure admin_name This command changes the administrator log-in name (Level 1 access) to a user-specified name. The system default is Router. syntax: configure admin_name < new name > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
< hostip > < macaddress > [ flag < published | permanent > ] example: SR/configure> arp 10.22.22.22 11:22:33:44:55:66 published This example sets both the permanent and published flags. applies to: All modules configure arp_timeout This command configures ARP timeout. Avaya Secure Router 3120 Command Reference Guide December 2010...
The example enables IP mux auto-configuration on the Secure Router. applies to: All modules Note: IP mux auto-configuration is only applicable when the Secure Router is operating in IP mux mode. Auto-configurations may be overwritten at connected Secure Routers. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure> date 01 07 2005 In this example, date is January 7, 2005. related commands: show date configure utc applies to: All modules configure echo_errored_cmd This command enables or disables reprinting of errored commands. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure> event next-level commands configure event offline configure event online applies to: All modules configure event offline This command disables the display of system events on your workstation as they occur. Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the backup interface for the primary interface specified with the nat-ip parameter of firewall policy. Use the no form of the command to remove the backup interface for the specified primary interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
Other modes of NAT can be achieved by creating the nat-pool and later attaching the same to the firewall policy traffic While configuring firewall policy for a self-traffic, specify self for the parameter traffic. By default firewall policy is transit. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 181
10.1.1.10 nat-port 8080 To add an outbound policy for an FTP application from private address (50.1.1.30 – 50.1.1.40) to any IP address. The public address is derived from the outgoing wan interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
Time interval for polling The range is 30 - 300 seconds; the default is 30 seconds. syntax: fr invarp interval < n > example: SR/configure> fr invarp 60 Avaya Secure Router 3120 Command Reference Guide December 2010...
[ no ] fr mfr_e2e_enhanced example: SR/configure> fr mfr_e2e_enhanced related commands: configure fr invarp applies to: All modules configure ftp_server This command enables and disables the FTP server. syntax: [ no ] ftp_server Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure gui This command enables the Graphic User Interface (GUI) on supported platforms. This interface is available through HTTP using Internet Explorer (5.5+) and is therefore referred to Avaya Secure Router 3120 Command Reference Guide December 2010...
Descriptive information 80 character (maximum) string enclosed in quotation marks syntax: header string < "string" > example: SR/configure> header "This file was originally activated on 10/17/00." applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for configuring AVCs, WAN bundles, and Ethernet ports for operation. Sub-interfaces can be specified. syntax: interface example 1: SR/configure> interface example 2: To create sub-interface 1 on Ethernet1/0, at 192.168.1.20, enter: SR/configure> interface ethernet 1/0.1 Avaya Secure Router 3120 Command Reference Guide December 2010...
If the total CIR is above the user-supplied threshold value, the AVC is up. syntax: class < A | B | C > [ < D | E > ] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 16 - 1022. bundle Name of the bundle the cvc belongs to syntax: cvc dlci < n > bundle < name > example: SR/configure/interface/avc wan08 22> cvc 22 wan03 Avaya Secure Router 3120 Command Reference Guide December 2010...
16 command is used. parameter definition value Differential delay in milliseconds. The range is 10 - 128. syntax: [ no ] diff_delay [ value < n > ] example: SR/configure/interface/avc wan08 22> diff_delay 25 Avaya Secure Router 3120 Command Reference Guide December 2010...
CVCs (doesn't depend on LMI), software loopback detection, and differential delay calculations. Use the no form of this command to disable enhanced mode and configure standard FRF.15 mode. syntax: [ no ] enable mfr_e2e_enhanced Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address of the AVC subnet mask Subnet mask of the AVC syntax: [ no ] ip address < IP address > subnet mask < subnet mask > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command defines an interface where data on the AVC will be routed to and terminated. parameter definition primary Source forwarding gateway IP address secondary Source forwarding gateway IP address using alternate Eth0ernet The default is none. Avaya Secure Router 3120 Command Reference Guide December 2010...
When the average queue size exceeds this threshold, RED starts dropping packets with a probability that increases linearly with the average queue size until the maximum threshold is reached. When the average queue size exceeds the maximum threshold, all packets are dropped. Avaya Secure Router 3120 Command Reference Guide December 2010...
Router recommends that you do not change the wq_bias_factor value after setting it. parameter definition value The weighting factor for the average queue size calculation. The range is 3 - 20; the default is 5. syntax: wq_bias_factor wq_bias_factor value < n > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The Ethernet type in decimal format The range is 1 - 65535; the default is 33024 (0x8100). syntax: [ no ] vlan_ether_type vlan_ether_type < n > example: SR/configure/interface/avc north 16/vlan> vlan_ether_type 1500 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The Ethernet type in decimal format The range is 1 - 65535; the default is 33024 (0x8100). syntax: [ no ] vld_ether_type vld_ether_type < n > example: SR/configure/interface/avc north 16/vlan> vld_ether_type 1500 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
E1 bundles, each consisting of DS0 channels of a T1 or E1 link. A Secure Router can have up to 128 bundles per interface in any combination of single-T1, multiple-T1, and fractional T1 types. Avaya Secure Router 3120 Command Reference Guide December 2010...
VLAN-tagged packets and automatically forward them. This follows IEEE 802 for tagged frames. parameter definition type LAN packets to be bridged (default). vlan VLAN packets to be bridged. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command gives a brief description of the bundle. This entry is also optional and must be enclosed in quotation marks. parameter definition descr A description of the bundle Use up to 15 characters; enclose in quotation marks. Avaya Secure Router 3120 Command Reference Guide December 2010...
Use the configure interface bundle fr command to set up FR parameters for a fractional, single link, or multilink bundle. To verify bundle encapsulation settings, use the show interface bundle command. parameter definition encapsulation Type of encapsulation to be used (HDLC, PPP, or frame relay). syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle fr enable This command accesses next-level commands for enabling or disabling an entire frame relay bundle, individual PVCs or all PVCs within a frame relay bundle. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle fr enable interface This command enables or disables frame relay operation on the entire bundle. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
The pvc number (DLCI number 16 - 1024) used in this command is for a previously established pvc. configure interface bundle fr frame_size This command sets the maximum frame size for a frame relay bundle. Avaya Secure Router 3120 Command Reference Guide December 2010...
1490/2427 to stay within the max frame size. configure interface bundle fr interleave This command allows you to configure FRF.12 at the bundle level. parameter definition [no] enable Enables or disables voice/data interleaving Avaya Secure Router 3120 Command Reference Guide December 2010...
Maximum number of additional times the system sends an acknowledgement request to a device before dropping a link from the bundle The range is 1 - 5 seconds; the default is 2 seconds. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the differential delay for a multilink frame relay bundle. parameter definition value Tolerance, in milliseconds, to differential delay between frame relay links Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the hello message retransmission interval for a multilink frame relay bundle. This is the time interval between acknowledgement requests sent to destination devices. Avaya Secure Router 3120 Command Reference Guide December 2010...
< n > example: SR/configure/interface/bundle SF_01/fr> mfr seg_threshold 56 applies to: All modules Note: If the segmentation threshold you enter is greater than the frame size, the system disregards Avaya Secure Router 3120 Command Reference Guide December 2010...
Interface is part of a trusted network untrusted Interface is part of a untrusted network Interface is part of a dmz network syntax: [ no ] crypto network_type < trusted | untrusted | dmz > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables the current PVC (DLCI number) on the selected bundle. syntax: [ no ] enable example: SR/configure/interface/bundle SF_01/fr/pvc 19> enable applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command requests that a specific PVC sends ICMP redirect messages when a better route exists for the destination IP address. syntax: [ no ] icmp redirect example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The network 1.1.0.0 is utilized internally in the Secure Router. The user is prevented from configuring IP addresses within, or IP routes to, this network. parameter definition IP address IP address of the PVC netmask Subnet mask of the PVC type broadcast Broadcast interface Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies an IP address to which data on a terminated PVC will be routed. parameter definition primary Source forwarding gateway IP address secondary Source forwarding gateway IP address using alternate Ethernet The default is none. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for enabling network address translation (NAT) on a frame relay PVC. Before using this command, be sure to give the PVC an IP address, using the configure interface bundle fr pvc ip address command. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Local IP address global_address Global (public) IP address syntax: [ no ] address local_address < IP address > global_address < IP address > example: SR/configure/interface/bundle SF_01/fr/pvc 19/nat> address 10.10.1.4 150.157.99.1 Avaya Secure Router 3120 Command Reference Guide December 2010...
The IP address to which the bundle's IP address will be translated. syntax: ip old_ip_address < IP address > new_ip_address < IP address > example: SR/configure/interface/bundle SF_01/fr/pvc 19/nat> ip 140.141.99.28 140.110.87.14 Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address max_translations The maximum number of translations to support. syntax: max_ports ipaddress < IP address > max_translations < n > example: SR/configure/interface/bundle SF_01/fr/pvc 16/nat> max_ports 10.10.20.1 25 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/bundle SF_01/fr/pvc 19/nat> no pass-thru-multicast applies to: All modules configure interface bundle fr pvc nat port This command adds a static TCP or UDP address and port to the NAT table. parameter definition protocol_type Avaya Secure Router 3120 Command Reference Guide December 2010...
This translates the global addresses and ports in the PVC's translation table to local addresses and ports. syntax: [ no ] reverse example: SR/configure/interface/bundle SF_01/fr/pvc 19/nat> reverse applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command adds or deletes a NAT translation port IP address for a specific frame relay PVC. parameter definition ip_address IP address of a translation port syntax: [ no ] trans_addr ip_address < IP address > example: SR/configure/interface/bundle SF_01/fr/pvc 19/nat> trans_addr 101.2.4.9 Avaya Secure Router 3120 Command Reference Guide December 2010...
If this function is enabled, all registered local addresses will pass through without any packet modifications. Avaya Secure Router 3120 Command Reference Guide December 2010...
[ no ] policing [ cir < n > ] [ bc < n > ] [be < n > ] [ de < de > ] example: SR/configure/interface/bundle SF_01/fr/pvc 19> policing cir 128000 bc 256000 be 32000 de applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Default maximum average queue length per PVC. The range is 10 - 511; the default is 15. syntax: tx_max_thresh value < n > Avaya Secure Router 3120 Command Reference Guide December 2010...
PVC's output queue. The range is 3 - 7; the default is 5. syntax: tx_min_thresh value < n > example: SR/configure/interface/bundle SF_01/fr/pvc 19/red> tx_min_thresh 4 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Maximum committed (guaranteed) transmission burst size on the PVC, in bits Generally, this value exceeds cir and may be a multiple of that value. bcmin Minimum committed burst size, in bits Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 239
WAN-FR link t1 1 encapsulation frelay intf_type dce lmi ansi exit lmi pvc 16 no frf12 shaping cir 0 bcmax 0 bcmin 0 be 1536000 ip address 192.168.2.137 255.255.255.252 map 192.168.2.138 Avaya Secure Router 3120 Command Reference Guide December 2010...
The Ethernet type in decimal format The range is 1 - 65535; the default is 33024 (0x8100). syntax: [ no ] vlan_ether_type vlan_ether_type < n > example: SR/configure/interface/bundle wan1/fr/pvc 17/vlan> vlan_ether_type 350 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The Ethernet type in decimal format The range is 1 - 65536; the default is 33024 (0x8100). syntax: [ no ] vld_ether_type vld_ether_type < n > example: SR/configure/interface/bundle wan1/fr/pvc 17/vlan> vld_ether_type 2009 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 64 - 4500; the default is 1500. syntax: hdlc [ keepalive < n >] [ packet_type < broadcast | unicast > ] [ mtu < n > ] Avaya Secure Router 3120 Command Reference Guide December 2010...
This command allows links which have been shutdown because of excessive HDLC errors, to be brought back up without having affecting the rest of the bundle. syntax: hdlc_link_activate example: SR/configure/interface/bundle SF_01>hdlc_link_activate related commands: configure system hdlc_link_deactivate applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sends ICMP redirect messages when a better route exists for a destination IP address. syntax: [ no ] redirect example: SR/configure/interface/bundle SF_01/icmp> redirect related commands: configure interface bundle icmp redirect applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle ip address This command assigns an IP address and subnet mask to a bundle. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables forwarding of directed broadcasts from this interface. The default value for this command is enabled. syntax: [ no ] ip directed_broadcast example: For a frame relay bundle: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for assigning an IP address, configuring source forwarding, or enabling IP unnumbered link on a bundle. syntax: ipmux example: SR/configure/interface/bundle SF_01> ipmux next-level commands configure interface bundle ipmux address Avaya Secure Router 3120 Command Reference Guide December 2010...
This command assigns a destination to which data received by a bundle will be forwarded. You can also use the configure interface bundle ip source_forwarding command for this purpose. Avaya Secure Router 3120 Command Reference Guide December 2010...
64 kbps. inverted_data Whether or not to invert the data on all DS0 channels (optional entry). If inverted_data is not entered, the data will not be inverted on any DS0 channels. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Serial link to be assigned link_spec Specifies the serial module's slot and port to be configured. syntax: serial link_spec example: SR/configure/interface/bundle paultest> link serial 2/3 applies to: Serial modules that support v.35 or x.21 Avaya Secure Router 3120 Command Reference Guide December 2010...
This example assigns DSO channels 1 to 6 and 10 to 15 of T1 link 1 to a fractional T1 bundle. All DSO channels on this bundle will operate at 56 kbps without data inversion. related commands: configure interface bundle link t3 Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the module's slot and ports to be configured. speed Transmission speed for all time slots in the link (optional). Default is 64Kbps. invert_data Specifies whether the link is inverted data or not (optional). Default is no. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
If link_restore is set to manual and a T1 or E1 link is dropped from a bundle, reconfiguring link restore to automatic does not bring link back into bundle. User should restore any dropped links manually before reconfiguring for automatic link restore. Avaya Secure Router 3120 Command Reference Guide December 2010...
When the time to live expires, the access rule denies access and the user must purchase additional connectivity time. Note: When MHU is enabled, NAT is not supported in the current version of the Avaya software. SNMP Set The SNMP set command configures the access rule for a specific IP address for a specific time.
DHCP server performs DHCP address negotiations for both DHCP clients and DHCP proxy clients. The web server/authorization server provides IP addresses for redirected HTTP packets and sends the forced-first-page. The authorization server uses SNMP to authorize a client for network access. Avaya Secure Router 3120 Command Reference Guide December 2010...
MLPPP sequence number length (short is 12 bits, long is 24 bits) The default is long. seg_threshold All packet fragments will be equal to or greater than seg_threshold. Packets less than 2 x seg_threshold will be Avaya Secure Router 3120 Command Reference Guide December 2010...
150.157.99.2 on the public network (Internet). If reverse translation is also enabled, the global address will also be translated back to the local address when data is received from the public network. Avaya Secure Router 3120 Command Reference Guide December 2010...
Type no enable static or no enable dynamic to disable a previously enabled form of translation. parameter definition static Static address and port translation dynamic Dynamic port translation syntax: [ no ] enable < static | dynamic > example: SR/configure/interface/bundle SF_01/nat> enable dynamic Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle nat max_ports This command configures the maximum number of ports/translations to be supported for the translation address. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle nat port This command adds static ports to a bundle for translation. Static ports may be added for both TCP- and UDP-protocol ports. parameter definition protocol_type Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 287
All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle nat timeout This command sets the NAT timeout interval for dynamic translation entries for a bundle. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 289
All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR3120 configure interface bundle pppconfig authentication Configures authentication type for PPP. parameter definition PAP authentication chap CHAP authentication Avaya Secure Router 3120 Command Reference Guide December 2010...
SR3120 configure interface bundle pppconfig mtu-mru-magic Configures PPP parameters. parameter definition maximum transmission unit - range <min-def-max> Default: 64-1500-1600 maximum receive unit - range <min-def-max> Default: 64-1500-1600 magic_check magic number enable/disable Avaya Secure Router 3120 Command Reference Guide December 2010...
SR3120 configure interface bundle pppconfig peer-addr Assigns the peer ip address for PPP bundle parameter definition ip address configure the peer ip address of the bundle syntax: pppconfig peer-addr <address> example: Avaya Secure Router 3120 Command Reference Guide December 2010...
Burst (Peak) Rate as % of interface bandwidth Valid Range(s) : 1 - 100 priority Scheduling priority. Valid only for leaf classes. The range is 1 - 8. Supported for outbound traffic only. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 299
< vlan id > ] [ dscp < n > ] [ nat_ip < nat_ip address > ] [ mark_dscp < n > ] [mark_vlan < n > ] example: SR/configure/interface/bundle SF_01/qos> add_class eng3 r applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle qos class This command accesses next-level commands to modify parameters of this traffic class. parameter definition class_name Name of class being modified. syntax: class class_name Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 301
All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
"cs0-cs7." parameter definition ds_codepoint Specifies the DiffServ code point. The range is 0 - 7 syntax: add_dscp ds_codepoint < n > example 1: SR/configure/interface/bundle wan1/qos/class v100> add_dscp 11 example 2: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/bundle SF_01/qos/class eng3> add_dst_ip 10.1.4.0 255.255.255.0 example 2: SR/configure/interface/bundle SF_01/qos/class eng3> add_dst_ip default This example makes this class a default class. example 3: SR/configure/interface/bundle SF_01/qos/class eng3> add_dst_ip 10.1.4.1- 10.1.4.20 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command assigns a source IP address or a subnet to the specified class. parameter definition ip_address Source IP address to be added to a QoS class. netmask The subnet mask syntax 1: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/bundle SF_01/qos/class eng3> add_vlan_id 100 This example assigns vlan id "100" to the class eng3. example 2: SR/configure/interface/bundle SF_01/qos/class eng3> add_vlan_id default This example makes the class "eng3" the default class for VLAN Ids. Avaya Secure Router 3120 Command Reference Guide December 2010...
New committed rate for a specified QoS class (entered in Kbps) This value cannot exceed the parent committed rate. syntax: committed_rate cr < n > example: SR/configure/interface/bundle SF_01/qos/class eng3> committed_rate 3000 Avaya Secure Router 3120 Command Reference Guide December 2010...
The subnet mask syntax: delete_ip_address ip_address < IP address > [ netmask < subnet mask > ] example 1: SR/configure/interface/bundle SF_01/qos/class eng3> delete_ip_address 10.1.3.0 This example deletes the IP address 10.1.3.0. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/bundle SF_01/qos/class eng3> delete_port default This example deletes the default port from this class. applies to: All modules configure interface bundle qos class delete_vlan_id This command deletes a VLAN identifier assigned to the specified class. Avaya Secure Router 3120 Command Reference Guide December 2010...
Enable RED on class ds_red Enable DiffServ compliant WRED syntax: [ no ] enable red_type < red | ds_red > example: SR/configure/interface/bundle wan 1/qos/class v100> enable red applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command marks all packets with a specific DiffServe code point. parameter definition ds_codepoint DiffServ code point value The range is 0 - 63. syntax: mark_dscp ds_codepoint < n > example: SR/configure/interface/bundle wan 1/qos/class v100> mark_dscp 10 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command tags all packets with a specific VLAN ID when VLAN tagging is enabled. parameter definition vlan_id The range is 1 - 4095. syntax: mark_vlan vlan_id < n > example: SR/configure/interface/bundle wan 1/qos/class v100> mark_vlan vlan_id 105 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Min and max limits and the default value are indicated on the configuration display for the class. parameter definition maximum Maximum buffer limit value syntax: queue_buffers [ maximum < n > ] example: SR/configure/interface/bundle wan 1/qos/class v100> queue_buffers 70 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/bundle wan 1/qos/class v100> red minth 12 maxth 24 dscp af11 applies to: All modules configure interface bundle qos delete_all This command deletes all QoS classes configured for the specified bundle. syntax: delete_all example: SR/configure/interface/bundle SF_01/qos> delete_all applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
If bandwidths are configured as a percentage, when the bandwidth of a multi-link bundle is modified by adding or removing links, the bandwidths will automatically be updated based on Avaya Secure Router 3120 Command Reference Guide December 2010...
Traffic policing is also supported on Ethernet interfaces. Traffic policing is implemented using a token bucket algorithm. Users will be able specify two parameters when configuring traffic policing, Rate (token fill rate) and Burst (number of tokens). Avaya Secure Router 3120 Command Reference Guide December 2010...
R1/configure/interface/bundle wan1/qos> class c3 R1/configure/interface/bundle wan1/qos/class c3> police rate 256 related commands: show configuration stored applies to: All modules configure interface bundle red This command accesses next-level commands for configuring RED on bundles. Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 2 - 511; the default is dependent upon the bandwidth of the bundle. syntax: tx_max_thresh value < n > example: SR/configure/interface/bundle SF_01/red> tx_max_thresh 14 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
A high value reduces the probability of packet drops and increases the queue size, making it better for temporary traffic bursts. Router recommends that you do not change the wq_bias_factor value after setting it. Avaya Secure Router 3120 Command Reference Guide December 2010...
Requires you to restore the link manually via the configure interface bundle link_restore command. syntax: restore < automatic < n > | manual > example: SR/configure/interface/bundle SF_01> restore automatic 20 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the maximum number of RTP connections for the bundle. parameter definition connections The number of connections The range is 1 - 512; the default is 512. syntax: [ no ] connections connections < n > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface bundle shutdown This command shuts down a WAN bundle by stopping all data transmission over it. syntax: [ no ] shutdown Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures tracking on the interface. parameter definition bundle_name Name of bundle to be tracked syntax: track interface bundle_name example: configure/interface/bundle wan1> track interface wan1 Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures a remote router IP address for a VLAN ARP request. syntax: [ no ] router_ip_addr ip_address < IP address > example: SR/configure/interface/bundle SF_01/vlan> router_ip_addr 150.42.3.2 related commands: configure interface bundle vlan vlanid Avaya Secure Router 3120 Command Reference Guide December 2010...
The VLAN ID number The range is 1 - 4095. syntax: [ no ] vlanid vlanid < n > example: SR/configure/interface/bundle SF_01/vlan> vlanid 200 related commands: configure interface bundle vlan router_ip_addr Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the vld tag for this interface. parameter definition vldid The vld id number The range is 1 -4095. syntax: [ no ] vld < n > example: SR/configure/interface/bundle wan1/vlan> vld 243 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command provides a brief description for an Ethernet port. The descriptive string, enclosed in quotation marks, can have up to 15 characters. parameter definition descr Description Use up to 15 characters; enclose in quotation marks. Avaya Secure Router 3120 Command Reference Guide December 2010...
If not specified, the giaddr field is marked with the IP address of interface. syntax: [ no ] dhcp_relay gateway_address < gateway IP address > example: SR/configure/interface ethernet 1/0> dhcp_relay gateway_address 100.4.3.2 Avaya Secure Router 3120 Command Reference Guide December 2010...
Enables encapsulation on the specified Ethernet interface or subinterface for VLAN traffic. parameter definition protocol dot1q Specifies a 802.1Q VLAN. vlanid Specifies the VLAN. Valid range is 1-4095. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/ethernet 0> failover 5 applies to: All modules configure interface ethernet ip This command accesses next-level commands for allowing ICMP messages to be sent on an Ethernet port. syntax: example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command allows the Ethernet port to send IP unreachable messages when no route exists for a destination IP address. syntax: [ no ] unreachable example: SR/configure/interface/ethernet 0/ip> no unreachable Avaya Secure Router 3120 Command Reference Guide December 2010...
This command applies a packet filtering rule set to an Ethernet port. You must first use the configure ip access-list commands to create the rule set. Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address of the Ethernet port (dotted decimal format) netmask Mask used to determine the subnet of the IP address. syntax: ip address ipaddress < IP address > netmask < subnet mask > Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface ethernet mtu This command configures the mtu for an Ethernet interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
150.157.99.2 on the public network (Internet). applies to: All modules configure interface ethernet nat enable This command enables static address and port translation, and enables dynamic port translation on a bundle. Avaya Secure Router 3120 Command Reference Guide December 2010...
New global IP address to which the LAN port's current IP address will be translated. syntax: ip old_ip_address < IP address > new_ip_address < IP address > example: SR/configure/interface/ethernet 0/nat> ip 140.141.99.29 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[ no ] pass_thru example: SR/configure/interface/ethernet 0/nat> no pass_thru applies to: All modules configure interface ethernet nat port This command adds static ports to an Ethernet port for translation. Avaya Secure Router 3120 Command Reference Guide December 2010...
This translates the global addresses and ports in the Ethernet port translation table to local addresses and ports. This function is factory-disabled on all Secure Routers. syntax: [ no ] reverse example: SR/configure/interface/ethernet 0/nat> reverse applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command adds or deletes the NAT translation port IP address for a specific Ethernet port. parameter definition ip_address IP address of a translation port syntax: [ no ] trans_addr ip_address < IP address > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
To disable this function, type no unregistered. If you do this, any local address (registered or unregistered) can be translated by adding the appropriate entries to the translation table or enabling dynamic port translation as previously described. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface ethernet qos add_class This command adds a qos traffic class to the Ethernet interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command adds a source IP address or a source subnet to this traffic class. Note: The subnet always defaults to 32 bits for ranges (255.255.255.255). syntax: add_src_ip < ip_address > [ netmask ] Avaya Secure Router 3120 Command Reference Guide December 2010...
VLAN ID The range is 1 - 4095. Enter a number or a range of numbers, e.g., 100-120. syntax: add_vlan_id vlan_id < n | range > example: SR/configure/interface/ethernet 0/qos/class v1100> add_vlan_id 100-120 Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface ethernet qos class mark_dscp This command marks all packets with a specific DiffServe code point. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command tags packets with a specific VLAN ID when VLAN tagging is enabled. parameter definition vlan_id VLAN ID Enter a number or a range of numbers. The range is 1 - 4095. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables desired feature on this interface. parameter definition feature Enable QoS on the interface Enable monitoring only on the interface direction outbound Outbound traffic only inbound Inbound traffic only syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Number of tokens specified in kilobits. Determines the maximum burst (in bits or bytes) permitted for the flow. burst-time Duration (based on the configured rate) in milliseconds. syntax: police rate <rate> [burst <rate> | burst-time <time>] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface ethernet REM_ This command allows users to add comments (at the end of the Ethernet area of the configuration file) during a configuration session. Avaya Secure Router 3120 Command Reference Guide December 2010...
To restore the port after shutting it down, log into the system from the RS-232 console port and type no ethernet shutdown at the configure/interface> prompt. syntax: shutdown example: SR/configure/interface/ethernet 0> shutdown applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures tracking on the interface. parameter definition bundle_name Name of bundle to be tracked syntax: track interface bundle_name example: configure/interface/ethernet 0> track interface wan1 related commands: configure interface ethernet track hold_down Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 1 - 65535; the default is 33024 (0x8100). syntax: [ no ] vlan_ether_type < n | n - n > example: SR/configure/interface/ethernet 1/vlan> vlan_ether_type 1172 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 1 - 65535; the default is 33024 (0x8100). syntax: [ no ] vld_ether_type < n | n - n > example: SR/configure/interface/ethernet 1/vlan> vlan_ether_type 1172 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure interface ethernet vrrp description This command assigns a description to the VRRP group. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the virtual router to prempt the current VRRP master if it has a higher priority than the current master. syntax: preempt example: SR/configure/interface/ethernet 0/vrrp 10> preempt Avaya Secure Router 3120 Command Reference Guide December 2010...
Secure Routers support the creation of a maximum of 128 loopback interfaces. parameter definition loopback_name Name of the interface Enter a maximum of eight characters. syntax: loopback loopback_name < name > example 1: Local router command sequence: SR/configure/interface> loopback hilow Avaya Secure Router 3120 Command Reference Guide December 2010...
To view the IP parameters before or after configuring them, use the appropriate show ip commands. syntax: example: SR/configure> ip next-level commands configure ip access-group configure ip domain_name configure ip dos configure ip access-list Avaya Secure Router 3120 Command Reference Guide December 2010...
Filters packets that are inbound. Filters packets that are outbound. syntax: access-group interface <bundle name | ethernet0 | ethernet1 > direction < in | out > example: SR/configure/ip> access-group ethernet0 in applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command adds a new rule to an IP packet filtering rule set. Each rule is added with an identifying line number for future editing or deletion. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 378
TCP flags by separating the above keywords with commas (no spaces allowed). This entry may be any of the following words: established Used to match an established connection (Cisco-compatible). Matches the TCP FIN header flag. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 379
| any destination < IP address > [ / < wildcard > ] | any [ precedence < 0 - 7 > ] [ tos < 0 - 15 > ] [ log < on | off > ] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The line number of a specific rule set The range is 1 - 65535. syntax: delete rul_lineno < n > example: SR/configure/ip/access-list Rules_01> delete 3 related commands: configure ip access-list add configure ip access-list insert Avaya Secure Router 3120 Command Reference Guide December 2010...
Optional entry for TCP and UDP protocols; allows the source port to be used for packet filtering. Use comparison symbols to specify ports as follows: Port number p, where n is 1- 65535. Excludes port p. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 382
[ no ] insert rule_lineno < 1 - 65535 > rul_action < permit | deny >protocol < tcp > source < IP address > [ / < wildcard > ] | any destination < IP address > [ / < wildcard > ] | any [ sport < 1- Avaya Secure Router 3120 Command Reference Guide December 2010...
DHCP server. Use the configure ip dhcps relay to configure the addresses of relay agents. Use the configure ip dhcps remote_database command to configure a remote DHCP server database. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command assigns a domain name to the Secure Router. To view the IP domain name, use the show ip dns command. syntax: domain_name < name > example: SR/configure/ip> domain_name abcnetworks applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Use up to 255 characters. hostaddress IP address of the new host. syntax: host_add hostname < host name > hostaddress < IP address > example: SR/configure/ip> host_add mainsys 10.1.3.251 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
You can configure a maximum of three name servers; including a primary server, which is the first configured server. parameter definition ipaddress IP address of the host name server added to the list of name servers. syntax: name_server ipaddress < IP address > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command adds or deletes a dynamic port translation IP address. syntax: [ no ] default_addr ip_address example: SR/configure/ip/nat> default_addr 10.10.10.3 Note: This command should be used in conjunction with the configure ip nat enable command. applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
2: SR/configure/ip/nat> enable address pool1 applies to: All modules configure ip nat interface This command adds or deletes global NAT for an interface. parameter definition interface ethernet0 Ethernet 0 interface Avaya Secure Router 3120 Command Reference Guide December 2010...
New translation IP address to use syntax: ip old_ip_address new_ip_address example: SR/configure/ip/nat> ip 100.10.10.14 100.100.10.1 applies to: All modules configure ip nat max_entries This command limits the number of translations that can occur. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/ip/nat> max_ports 143.55.34.4 140 applies to: All modules configure ip nat pass_thru This command allows not-translated packets to pass through to the router. syntax: pass_thru example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command names the address pool and accesses next-level commands to configure the address pool for dynamic address translation. syntax: pool < name > example: SR/configure/ip/nat> pool custpool1 next-level commands configure ip nat pool range applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies dynamic addressing translation entries for the port local_address The local IP address to translate. local_port The local port to translate. The range is 1 - 65535. global_address The global IP address to use for translation. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures a timeout value for dynamic translation entries. parameter definition option_type Assigns TCP protocol translation entries to the configured timeout value Assigns UDP protocol translation entries to the configured timeout value Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the translation mode to either OVERFLOW or ROUND_ROBIN. parameter definition tmode overflow Uses the next available translation address only if the current translation address ports have been used. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command defines the IP address of the primary DNS server. parameter definition ipaddress IP address of the primary name server. syntax: pname_server ipaddress < IP address > example: SR/configure/ip> pname_server 10.1.100.16 Avaya Secure Router 3120 Command Reference Guide December 2010...
Then review the system configuration (in the new mode) to verify that all IP configurations and IP routes are still configured. syntax: ipmux example: SR/configure> ipmux next-level commands configure ipmux autoconf configure ipmux route configure ipmux src_fwd_gw applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies which slot (1 or 2) and which port is to be configured. syntax: module interface_type slot/port example: SR/configure> module T1 1/1 next-level commands configure module e1 configure module t1 configure module t3 Avaya Secure Router 3120 Command Reference Guide December 2010...
E1 module, serial modules that support v.35 or x.21 configure module e1 alarms This command accesses next-level commands for configuring alarm thresholds. on an E1 link. Avaya Secure Router 3120 Command Reference Guide December 2010...
If a user-defined threshold is exceeded, the system reports an alarm. These alarms indicate the possible deterioration of an associated E1 link. syntax: thresholds example: SR/configure/module/e1 (1/1-3)/alarms> thresholds next-level commands configure module e1 alarms thresholds user Avaya Secure Router 3120 Command Reference Guide December 2010...
Method of sampling, as follows: absolute The errored second or event count is compared directly to the specified threshold values, and the appropriate alarm type (rising or falling) is reported. Avaya Secure Router 3120 Command Reference Guide December 2010...
Optional circuit name for the E1 channel. syntax: circuitId cktid < name > Note: This command does not support the specifying of port ranges. Enter this command on a port-by-port basis. example: SR/configure/module/e1 (2/1-3)> circuitId Main01 Avaya Secure Router 3120 Command Reference Guide December 2010...
E1 module, serial modules that support v.35 or x.21 configure module e1 description This command describes the E1 interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
Alarm Indication Signal (AIS) to the far end and places the link out of service. To verify the in-service or out-of-service status of an E1 channel, use the show module configuration e1 command. syntax: [ no ] enable example: Avaya Secure Router 3120 Command Reference Guide December 2010...
E1 module, serial modules that support v.35 or x.21 configure module e1 name Configures the name for the E1 interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
E1 module, serial modules that support v.35 or x.21 configure module serial Configures the serial interface. parameter definition slot/port The name of the slot and port for the interface. syntax: slot/port v35 example: SR/configure/module> serial (2/3)/ Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/module/serial (2/3)> cable_type x21 Note: When the cable type is set to RS-232, the clock rate is checked and automatically reduced to 115,200 if currently set to higher. next-level commands configure module serial Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures cyclical redundancy checks for the V.35 serial interface. parameter definition Specifies that the CRC is 16 (bit) or 32 (bit). Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the data mode to be normal for normal data, or inverted for inverted data. syntax: data_mode data_mode example: SR/configure/module/serial (2/3)/v35> data_mode normal SR/configure/module/serial (2/3)/v35> data_mode inverted next-level commands configure module serial clock_rate configure module serial clock_source Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the serial mode to be either a DTE (data terminal equipment - for example, the Secure Router 3120) or DCE (data circuit-terminating equipment - typically a modem). parameter definition operation_mode Specify the operational mode to be either dte or dce.
T1s to be configured). parameter definition slot/port The slot and port number to be configured. The range is 1/1-8 or 2/1-8. syntax: module t1<slot/port>t1_no where t1_no is the <slot/port> number. example: Avaya Secure Router 3120 Command Reference Guide December 2010...
If a user-defined threshold is exceeded, the system reports an alarm. These alarms indicate the possible deterioration of an associated T1link. syntax: thresholds example: SR/configure/module/t1 1/3/alarms> thresholds next-level commands configure module t1 alarms thresholds user Avaya Secure Router 3120 Command Reference Guide December 2010...
The falling threshold value must be less than the rising threshold value above. The range is 0 - 2147483647. Avaya Secure Router 3120 Command Reference Guide December 2010...
Optional circuit name for the T1 channel syntax: circuitId cktId < name > Note: This command does not support the specifying of port ranges. Enter this command on a port-by-port basis. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command does not support the specifying of port ranges. Enter this command on a port-by-port basis. example: SR/configure/module t1 1/3> contactInfo James Smythe related commands: configure module t1 alarms configure module t1 circuitID configure module t1 clock_source Avaya Secure Router 3120 Command Reference Guide December 2010...
This command does not support the specifying of port ranges. Enter this command on a port-by-port basis. example: SR/configure/module/t1-1> description xyzInc related commands: configure module t1 alarms configure module t1 circuitID configure module t1 clock_source configure module t1 contactInfo configure module t1 enable Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the amount of T1 signal equalization based on the cabling distance to the DSX cross-connect. parameter definition cable_length Cabling distance to DSX bay, as follows: 0 - 110 feet (default) 111 - 220 feet 221 - 330 feet 331 - 440 feet Avaya Secure Router 3120 Command Reference Guide December 2010...
Clear Channel T3 configure module t3 alarms This command accesses next-level commands for alarm reporting configuration on a Clear Channel T3 link. syntax: module t3 alarms example: SR/configure> module t3 1/1 alarms Avaya Secure Router 3120 Command Reference Guide December 2010...
If a user-defined threshold is exceeded, the system reports an alarm. These alarms can indicate the possible deterioration of the Clear Channel T3. syntax: alarms thresholds example: SR/configure/module/t3 (1/1)> alarms thresholds next-level commands configure module t3 alarms thresholds user applies to: Clear Channel T3 Avaya Secure Router 3120 Command Reference Guide December 2010...
The falling threshold value must be less than the rising threshold value above. The range is 0 - 2147483647. sampling type Method of sampling, as follows: Avaya Secure Router 3120 Command Reference Guide December 2010...
Use 1 for 0 - 225 feet, or 2 for 226 - 450 feet. The default is 1. syntax: cable_length cable_length < 1 | 2 > example: SR/configure/module/t3 (1/1)> cable_length 2 related commands: configure module t3 alarms configure module t3 clock_source Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/module/t3 (1/1)> clock_source line related commands: configure module t3 alarms configure module t3 cable_length configure module t3 dsu configure module t3 framing configure module t3 enable configure module t3 name configure module t3 scramble Avaya Secure Router 3120 Command Reference Guide December 2010...
Note: It is strongly recommended that the user not use the bandwidth value reported by the vendor system as input for the Secure Router. Avaya Secure Router 3120 Command Reference Guide December 2010...
Select a number within the range for the configured mode. Numbers within the 1 - 588 range are valid. 1- 147 Digital Link 1 - 14 Larscom 1 - 588 Adtran Avaya Secure Router 3120 Command Reference Guide December 2010...
Digital Link This is the default value. Kentrox Larscom Adtran Verilink Router (Used for backward compatibility with pre-5.0 releases.) syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
40,751,113 40750 40,826,299 40830 configure module t3 enable This command enables T3 traffic directions. parameter definition options Transmit direction The default configuration is enabled. Receive direction The default configuration is enabled. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the Clear Channel T3 port framing mode, which can be either C-bit parity or M13. parameter definition framing c_bit C_BIT framing (default) M13 framing syntax: framing framing < c_bit | m13 > example: SR/configure/module/t3 (1/1)> framing m13 related commands: configure module t3 alarms Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for configuring a Channelized T3. If a user- defined threshold is exceeded the system reports and alarm. These alarms can indicate the possible deterioration of the Channelized T3. syntax: alarms thresholds example: SR/configure/module/ct3 (1/1)> alarms thresholds Avaya Secure Router 3120 Command Reference Guide December 2010...
The falling threshold value must be less than the rising threshold value. The range is 0 - 2147483647 sampling type Method of sampling, as follows: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the Channelized T3 port framing mode, which can be either C-bit parity or M13. parameter definition framing c_bit - C_BIT framing (default)m13 - M13 framing syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Channelized T3 configure network This command sets the Secure Router 3120 parameters from a configuration file on a network server. This method downloads files via the TFTP protocol, then executes the commands from that file without operator intervention. Use the configure network command if you want to configure one or more Secure Routers with the same configuration.
The name assigned to a new QoS class. The maximum number of characters allowed is 19. parent Name of the parent class; QoS classes are defined hierarchically. To add to the root, specify either root-in or root-out. Avaya Secure Router 3120 Command Reference Guide December 2010...
It is an interactive command and prompts for the primary server's IP address, secondary server's IP address (optional), the user name, and password id. The configuration is stored in NVRAM and not in a configuration file, therefore, the specified values are stored across reboots. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command allows users to add comments (at the beginning of the QoS area of the configuration file) during a configuration session. Comments will appear after using the save local command. parameter definition comments 80-character (maximum) string enclosed in quotation marks. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure reverse_telnet set_flow_control This command sets the flow control for the second serial port. parameter definition flow_control No flow control. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the parity for the second serial port. parameter definition parity No parity is configured. The default is 0. Odd parity is configured. Even parity is configured. syntax: set_parity parity < n > Avaya Secure Router 3120 Command Reference Guide December 2010...
Enables the specified routing protocol. Use this command to enter the specified router configuration mode. Refer to the SR3120 Routing Guide for examples. parameter definition Enables Border Gateway Protocol. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure> secure_passwords applies to: All modules configure shut This command disables the specified interface. By default, interfaces are enabled upon configuration. syntax: [no] shut example: SR/configure/module/t1 (2/1)> shut Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure snmp-server location This command defines the SNMP host system location. Avaya Secure Router 3120 Command Reference Guide December 2010...
Comments will appear in the configuration file after using the save local command. parameter definition comments 80-character (maximum) string enclosed in quotation marks. syntax: REM < "string" > Avaya Secure Router 3120 Command Reference Guide December 2010...
Comments will appear in the configuration file after using the save local command. parameter definition comments 80-character (maximum) string enclosed in quotation marks. syntax: REM_ comments < "string" > example: SR/configure/snmp-server> REM_ "SNMP configured on November 4, 2000.TVD 11:00." Avaya Secure Router 3120 Command Reference Guide December 2010...
Name of the host system syntax: chassis-id id < name > example: SR/configure/snmp-server> chassis-id sanjose_ca related commands: configure snmp-server community configure snmp-server contact configure snmp-server enable traps configure snmp-server location configure snmp-server REM Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure snmp-server enable traps ospf This command enables or disables OSPF related traps. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 508
Enables or disables OSPF virtual interface receive bad packet notification trap if_retransmit ifTxRetransmit Enables or disables OSPF interface retransmit notification trap virt_retransmit virtIfTxRetransmit Enables or disables OSPF virtual interface retransmit notification trap Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 509
All modules operating mode: Routing only. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures SNMP trap messages so that they are sent to a specific IP address. Otherwise, traps will be sent to the system default address. parameter definition host IP address for the source of the SNMP trap messages. Avaya Secure Router 3120 Command Reference Guide December 2010...
The time, in seconds, in which the host responds. The default is 1024 seconds. syntax: [ no ] sntp [ server < IP address > ] [ timeout < n > ] example: SR/configure> sntp server 100.25.6.3 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
The type of conversion to perform, either secsh to convert from OpenSSH public key to SECSH public key or openssh to convert from unencrypted private or public SECSH key to OpenSSH. Avaya Secure Router 3120 Command Reference Guide December 2010...
The type of digest to generate, either fingerprint of bubblebabble. The default is fingerprint syntax: ssh_keygen digest keyfile <file_name> [digest < fingerprint | bubblebabble>] example: SR/configure> ssh_keygen digest tiara.pub fingerprint related commands:. configure ssh_keygen change Avaya Secure Router 3120 Command Reference Guide December 2010...
The name of the file containing the public host key. syntax: ssh_server hostfile hostfile <filename> example: SR/configure/ssh_server> hostfile dsakey related commands: configure ssh_server authentication configure ssh_server cipher configure ssh_server compression Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure ssh_server port This command specifies the port on which the SSH server will listen. parameter definition portno The port number. The default is 22. Avaya Secure Router 3120 Command Reference Guide December 2010...
Comments will appear after using the save local command. parameter definition comments 80-character (maximum) string enclosed in quotation marks. syntax: SYS_REM_ comments < "comments" > example: SR/configure> SYS_REM_ "Everything left unchanged except IP filter. MNB 11/06/00 12:20." Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the state of the alarm relay for non-alarm reporting. parameter definition state open Relay contacts are open when no Summary alarm is active closed Relay contacts are closed when no Summary alarm is active This is the default value. Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies a T1 carrier. Specifies an E1 carrier. syntax: carrier-type slot carrier example: SR/configure/system> carrier-type 1 t1 T1 carrier set for slot 1 related commands: configure system logging configure system mac_range Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure system hdlc_link_deactivate This command is a system-wide setting which deactivates links when the excessive HDLC error threshold is exceeded. syntax: hdlc_link_deactivate example: SR/configure/system> hdlc_link_deactivate Avaya Secure Router 3120 Command Reference Guide December 2010...
Users have the option of selecting which message types they wish to have sent to the console. All messages of the selected message type (and messages of greater severity) will be sent to the console. parameter definition level emergency Emergency messages are logged. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure system logging syslog This command accesses next-level commands for configuring syslog on the Secure Router. syntax: syslog example: SR/configure/system/logging> syslog next-level commandsc configure system logging syslog auth Avaya Secure Router 3120 Command Reference Guide December 2010...
The priorities are defined hierarchically by severity, with "emergency" messages being the most urgent and "debugging" messages being the least. parameter definition message type none Does not log messages of the specified facility. Avaya Secure Router 3120 Command Reference Guide December 2010...
Emergency messages are logged. alert Alert messages are logged, plus emergency messages. crit Critical messages are logged, plus all messages described above. Error messages are logged, plus all messages described above. Avaya Secure Router 3120 Command Reference Guide December 2010...
Critical messages are logged, plus all messages described above. Error messages are logged, plus all messages described above. warning Warning messages are logged, plus all messages described above (default). notice Notification messages are logged, plus all messages described above. Avaya Secure Router 3120 Command Reference Guide December 2010...
Indicates system use sys13 Indicates system use sys14 Indicates system use local0 Locally defined messages local1 Locally defined messages local2 Locally defined messages local3 Locally defined messages local4 Locally defined messages Avaya Secure Router 3120 Command Reference Guide December 2010...
This is the default. notice Notification messages are logged, plus all messages described above. infor Informational messages are logged, plus all messages described above. debug Debugging messages are logged, plus all messages described above. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command sets the HDLC facility logging message priority. The priorities are defined hierarchically by severity, with "emergency" messages being the most urgent and "informational" messages being the least. Avaya Secure Router 3120 Command Reference Guide December 2010...
Syslog host IP address udp_portno Syslog host UDP port number The range is 1 - 65535; the default is 514. syntax: host_ipaddr host_ipaddr < IP address > [ udp_portno < n > ] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures user defined facility logging message priority. Priorities are defined hierarchically by severity, with "emergency" messages being the most urgent and "informational" messages being the least. Avaya Secure Router 3120 Command Reference Guide December 2010...
Does not log mail messages emerg Logs only mail emergency messages alert Logs only mail alert and above messages crit Logs only mail critical and above messages Logs only mail error and above messages Avaya Secure Router 3120 Command Reference Guide December 2010...
Logs only ntp warning and above messages This is the default configuration. notice Logs only ntp notification and above messages info Logs only ntp informational and above messages debug Logs all ntp messages syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules Note: Be sure to designate at least one MAC address per Ethernet port for management purposes. configure system reset-to-factory This command returns the router to factory default settings. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
To preserve your configuration settings, use the save local command prior to issuing the configure system routing command. To turn off routing, enter: SR/configure/system> no routing related commands: configure system alarm_relay configure system carrier_type configure system logging configure system mac_range applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 0 - 3600 seconds; the default is 900 seconds. If 0 is entered, there will be no timeout configured. syntax: telnet_timeout timeout < n > example: SR/configure> telnet_timeout 1300 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables the show of debug information at a remote monitor that is accessing the network over a telnet connection. syntax: [ no ] monitor example: SR/configure/terminal> monitor applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
UTC minutes The number of minutes ahead or behind Greenwich. Valid range is 00 - 59. (Most timezones only need to set the number of hours of offset.) syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Also, when a save local command is executed after a no vlan enable command, the VLAN forwarding table and associated configuration will not be saved. syntax: [ no ] enable example 1: Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 1 - 1440; the default is 5 minutes. syntax: [ no ] age age < n > example: SR/configure/vlanfwd/macbridge> age 10 related commands: configure vlanfwd macbridge add Avaya Secure Router 3120 Command Reference Guide December 2010...
These commands allow users to enable in-band VLAN management: add a destination host to the VLAN management table, set the time for VLAN management entries, add default routes, enable and disable forwarding of untagged packets, and configure the VLAN management ID. syntax: management Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules Note: Both the gateway and interface must be on the same subnet. configure vlanfwd management disable_ipfwd This command enables or disables the forwarding of untagged IP packets. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Comments will appear after using the save local command. parameter definition comments 80-character (maximum) string enclosed in quotation marks. syntax: REM comments < "comments" > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules configure vlanfwd vld_ether_type This command globally configures the vld Ethernet type for the system. Unless a specific vld_ether_type is configured on an interface, this value is inherited. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 572
Set Ethernet type to 41216 (0xa100) for VLAN domain frames. SR/configure/vlanfwd> vld_ether_type 41216 example 2: Set the Ethernet type to default for VLAN domain frames. SR/configure/vlanfwd> no vld_ether_type 41216 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Accesses system-level debug commands. ttcp Accesses commands to configure the ttcp server and client. vlan Accesses Virtual Local Area Network (VLAN) debug commands. debug all debug all This command disables all current debugging. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug crypto all This command enables or disables all IPSec and firewall debugging. syntax: [ no ] all example: Router1/debug/crypto> all Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug crypto ipsec This command enables or disables IPSec debugging. parameter definition mode ipsec IPSec debugging This is the default SPD debugging All IPSec debugging syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug fr mfr states This command accesses next-level frame relay debug commands. parameter definition bundle-name Specifies the name of the bundle. syntax: debug fr mfr state <bundle-name> Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug framer loopInward This command configures the framer for inward loopback. parameter definition link_no Specifies the link number The range is 1 - 16. Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the link number The range is 1 - 16. syntax: loopPayload link_no < n > example: SR/debug/framer> loopPayload 2 related commands: debug framer bert debug framer displayStatus Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug framer sendYellowAlarm This command sends a yellow alarm on the specified link. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip This command accesses next-level ip/ipmux debug commands. syntax: example: SR/debug> ip next-level commands debug ip arp debug ip bgp debug ip dhcps Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip bgp This command accesses next-level BGP4 debug commands. syntax: example: SR/debug/ip> bgp next-level commands debug ip bgp all debug ip bgp events debug ip bgp neighbor Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables all BGP4 debug commands. syntax: example: SR/debug/ip/bgp> all applies to: All modules debug ip bgp events This command enables debugging of BGP4 events. syntax: events example: SR/debug/ip/bgp> events applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip bgp packet keepalive This command displays debug information about BGP4 keepalive packets. Avaya Secure Router 3120 Command Reference Guide December 2010...
Inbound packets outbound Outbound packets syntax: open [ direction < inbound | outbound > ] example: SR/debug/ip/bgp/packet> open inbound related commands: debug ip bgp packet all debug ip bgp packet keepalive Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip bgp policy This command displays debug information about BGP4 policy configuration. syntax: policy Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays debug information about BGP4 state machine transitions. syntax: state example: SR/debug/ip/bgp> state applies to: All modules debug ip bgp tasks This command displays debug information about BGP4 tasks. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands to enable or disable DHCP server debug commands. syntax: dhcps example: SR/debug/ip> dhcps next-level commands debug ip dhcps all debug ip dhcps error debug ip dhcps events debug ip dhcps packet Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip dhcps error This command enables or disables DHCP server error debug messages. syntax: error example: SR/debug/ip/dhcps> error Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip dhcps packet This command enables or disables debug information about all DHCP packet messages. Specify detailed (voluminous) or summary (condensed) information display. syntax: packet [ mode ] Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables debug information about all DHCP state transitions. syntax: state example: SR/debug/ip/dhcps> state related commands: debug ip dhcps all debug ip dhcps error debug ip dhcps events debug ip dhcps packet applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip ospf all This command enables or disables debug messages for all OSPF events. Note: The router must be in routing mode to access this debug command. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables debug messages relating to the OSPF database operation. Note: The router must be in routing mode to access this debug command. syntax: database example: SR/debug/ip> ospf database related commands: debug ip ospf all debug ip ospf dr_election Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip ospf packet This command accesses next-level commands to enable or disable debug messages for OSPF packets. Avaya Secure Router 3120 Command Reference Guide December 2010...
The router must be in routing mode to access this debug command. parameter definition direction Packet direction inbound Inbound packets outbound Outbound packets syntax: all [ direction < inbound | outbound > ] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/debug/ip> ospf packet dd related commands: debug ip ospf packet all debug ip ospf packet hello debug ip ospf packet ls_ack debug ip ospf packet ls_request debug ip ospf packet ls_update Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip ospf packet ls_ack This command enables or disables debug messages for OSPF link state acknowledgement packets. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables debug messages for OSPF link state request packets. Note: The router must be in routing mode to access this debug command. parameter definition direction Packet direction inbound Inbound packets outbound Outbound packets Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip ospf spf_timing This command enables or disables SPF timing measurement. Note: The router must be in routing mode to access this debug command. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
The router must be in routing mode to access this debug command. syntax: state_changes example: SR/debug/ip> ospf state_changes related commands: debug ip ospf all debug ip ospf database debug ip ospf dr_election Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables all RIP debug commands. Note: The router must be in routing mode to access this debug command. syntax: [ no ] all example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The router must be in routing mode to access this debug command. syntax: detail example: SR/debug/ip> rip detail related commands: debug ip rip all debug ip rip flood debug ip rip packet debug ip rip state applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The router must be in routing mode to access this debug command. parameter definition pkt_type The RIP debug packet type All packets send Packets sent receive Packets received summary Summary of updates Avaya Secure Router 3120 Command Reference Guide December 2010...
The router must be in routing mode to access this debug command. syntax: state example: SR/debug/ip> rip state related commands: debug ip rip all debug ip rip detail debug ip rip flood Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/debug/ip> statistics ipmuxclear related commands: debug ip statistics icmpshow debug ip statistics ipmuxshow debug ip statistics ipshow debug ip statistics rtshow debug ip statistics tcpshow debug ip statistics udpshow applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/debug/ip> statistics udpshow related commands: debug ip statistics icmpshow debug ip statistics ipmuxclear debug ip statistics ipmuxshow debug ip statistics ipshow debug ip statistics rtshow debug ip statistics tcpshow applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables all VRRP debug messages. Note: The router must be in routing mode to access this debug command. syntax: [ no ] all example: SR/debug/ip> vrrp all Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip vrrp events This command enables or disables all VRRP events debug messages. Avaya Secure Router 3120 Command Reference Guide December 2010...
_host applies to: All modules debug mhu static_host This command enables or disables MHU debug messages for static hosts. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables internal NAT debug messages to the management console. syntax: debug example: SR/debug/nat/global> debug related commands: debug nat global hash debug nat global packet applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command enables or disables NAT packet debug messages to the management console. syntax: packet example: SR/debug/nat/global> packet related commands: debug nat global debug debug nat global hash applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command saves captured packets to a local file. Syntax: pcap <capname> saveto <filename> Parameter Description filename the filename for captured packets Example: SR/debug/pcap test> saveto test.log Applicable models: All models Avaya Secure Router 3120 Command Reference Guide December 2010...
The number of packets to be captured. Syntax: pcap capture count [cnt] Parameter Description Number of packets to be captured. Valid range is 0 (all packets) to 10000 Example: SR/debug/pcap/capture count 9500 Applicable models: All models Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the packet capture dump. Syntax: pcap capture dump Example: SR/debug/pcap/capture> dump Applicable models: All models debug pcap capture filter The ACL applied for capturing packets on this interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
Size of the packet capture buffer. Valid range: 64-5120KB Example: SR/debug/pcap/capture> size 64 Applicable models: All models debug pcap capture snaplen Sets the number of bytes to be captured. Syntax: pcap capture snaplen [lenpkt] Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ppp debug_link This command provides the ability to enable link level debugging on a per-link basis when multiple PPP/MLPPP bundles are configured. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ppp mlpinfo This command shows MLPPP information for a specified bundle. Avaya Secure Router 3120 Command Reference Guide December 2010...
For frame relay, the pvc number syntax: buf_mgmt_info [ bundle_name < name > ] [ pvc < number > ] example 1: SR/debug/qos> buf_mgmt_info example 2: SR/debug/qos> buf_mgmt_info bundle wan1 example 3: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug qos clear_upload_counters This command clears debug statistics related to uploading of historical statistics. syntax: clear_upload_counters example: SR/debug/qos> clear_upload_counters Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug qos show_intf_qos_info This command shows debug QoS configuration information for the interface. It displays "root class" information, the interface class list, and other details. syntax: show_intf_qos_info example: SR/debug/qos> show_intf_qos_info Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug rtp txtable This command displays the transmit table for the specified bundle interface. syntax: txtable interface < name > example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug system clear_stats This command clears T1/T3 statistics. parameter definition slot_num Specify the slot number for the interface. syntax: clear_stats slot_num < 1 | 2 > example: SR/debug/system> clear_stats Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/debug/system> datapool_display related commands: debug system clear_crash_dump debug system clear_stats debug system display_overwrite_crash_dump debug system overwrite_crash_dump debug system print_stats debug system show_crash debug system stackpool_display applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the status of the overwrite crash dump. syntax: display_overwrite_crash_dump example: SR/debug/system> display_overwrite_crash_dump related commands: debug system clear_crash_dump debug system clear_stats debug system datapool_display debug system overwrite_crash_dump debug system print_stats debug system show_crash debug system stackpool_display Avaya Secure Router 3120 Command Reference Guide December 2010...
[ info < detail | summary > ] example: SR/debug/system> show_crash detail related commands: debug system clear_crash_dump debug system clear_stats debug system datapool_display debug system display_overwrite_crash_dump debug system overwrite_crash_dump debug system print_stats Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ttcp This command accesses next-level commands to configure and debug the ttcp client and server. syntax: ttcp Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the giaddr field of dhcp relayed packets. If not specified, the giaddr field is marked with the IP address of interface. Use the no form of this command to remove the configured gateway address. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface ethernet 1/0> dhcp server_address 120.5.4.3 This example configures the server IP address 120.5.4.3 for dhcp relayed packets on Ethernet related commands: configure interface ethernet dhcp gateway_address applies to: All systems. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the relay state of the Ethernet interfaces. syntax: show dhcp_relay example: SR> show dhcp_relay This example shows the packet relay state for Ethernet interfaces as either enabled or disabled. applies to: All systems. Avaya Secure Router 3120 Command Reference Guide December 2010...
If you enter exit at the Router-T1> prompt, press either y to exit the system CLI or n to return to the Router-T1> prompt. applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
EXIT shutdown Shuts down the router and terminates all processes. User connections to the router are terminated. syntax: shutdown example: SR> shutdown applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
IC or NCM modules. The file commands are not available to level 3 and level 4 users. Displays the contents of system flash. The command is equivalent to file ls. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
3-5 minutes per megabytes of data. Specify compact flash with /cf0 in the path name. Specify system flash with /flash1. Specify USB memory with /USB0. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command formats main flash or compact flash. Specify compact flash with /cf0 in the path name. Specify system flash with /flash1. Specify USB memory with /USB0. syntax: format example: SR> file format applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
/cf0 CONTENTS OF /cf0: size date time name -------- ------ ------ -------- 1813 JAN-12-2005 15:18:00 system.cfg Total bytes: 1813 Bytes Free on /cf0: 63807488 related commands: applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[ slot_no < 0 | 1 | 2 > ] parameter definition file_name The name of the file to be deleted. example: SR> file rm conf.bin 1 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> file show_boot applies to: All modules file upload This command uploads files from an Avaya Secure Router 3120 to a network host. These commands use the TFTP protocol. syntax: upload example: SR> file upload next-level commands...
/cf0 in the path name. Specify system flash with /flash1. Specify USB memory with / USB0. syntax: version example: SR> file version related commands: show version applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Use comparison symbols to specify ports as follows: Port number p, where n is 1- 65535. Excludes port p. >p Any port number greater than p Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 698
Allows a logging message to be reported to the user when a rule match occurs (optional). Log the matching packet on. Log the matching packet off (default). expire The amount of time (in seconds) before a rule expires. Avaya Secure Router 3120 Command Reference Guide December 2010...
The line number of a specific rule set The range is 1 - 65535. syntax: delete rul_lineno < n > example: SR/configure/ip/access-list Rules_01> delete 3 related commands: configure ip access-list add configure ip access-list insert Avaya Secure Router 3120 Command Reference Guide December 2010...
Optional entry for TCP and UDP protocols; allows the source port to be used for packet filtering. Use comparison symbols to specify ports as follows: Port number p, where n is 1- 65535. Excludes port p. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 702
The range is 0 - 15. Allows a logging message to be reported to the user when a rule match occurs (optional). Log the matching packet on. Log the matching packet off (default) Avaya Secure Router 3120 Command Reference Guide December 2010...
4 tos 6 The example above inserts a new rule, 4, behind existing rule 3 in the rule set. It also increments the line numbers of all successive rules in that set. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 704
FILTER LIST related commands: configure ip access-list add configure ip access-list delete applies to: All systems. Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 11: GENERIC ROUTING ENCAPSULATION COMMANDS Use the Generic Routing Encapsulation (GRE) commands to configure an tunnel interface on an Avaya Secure Router 3120. interface tunnel Names a tunnel interface. syntax: tunnel_name parameter definition tunnel_name Names can be up to eight characters in length...
All modules interface tunnel tunnel destination Configures the IP address for the tunnel destination. The tunnel destination cannot be a point- to-point interface peer. It should be reachable through a physical interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
The IP address for the end of the tunnel. example: To set the source IP address of the tunnel mainpipe to be 10.10.40.10, enter: SR/configure/interface/tunnel mainpipe> tunnel source 10.10.40.10 SR/configure/interface/ tunnel mainpipe> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Router to drop corrupted packets. To disable checksum use no tunnel checksum. syntax: [no] tunnel checksum example: To enable checksum tests on all traffic through the tunnel, enter: SR/configure/interface/tunnel mainpipe> tunnel checksum SR/configure/interface/tunnel mainpipe> applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
Configure the tunnel encapsulation mode. syntax: [no] tunnel mode mode parameter definition mode The encapsulation method. Can be either GRE (the default) or IPIP (IP over IP). example: To configure GRE encapsulation, enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures a tunnel interface to drop out-of-order datagrams. This command is turned off by default. Once enabled, use no tunnel sequence to disable. This command is included to provide compatibility with Cisco Systems. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the Type of Service (ToS) value for the tunnel interface. If the ToS value is not specified, the ToS value of the inner IP header is copied to the GRE-IP header. Use the no form to disable this command. syntax: [no] tunnel tos <tosvalue> Avaya Secure Router 3120 Command Reference Guide December 2010...
To enable the mainpipe tunnel interface for, trusted networks, enter: SR/configure/interface/tunnel mainpipe> crypto trusted SR/configure/interface/tunnel mainpipe> applies to: All modules interface tunnel ip Configures the behavior of Internet Protocol over the tunnel. syntax: [no] ip [redirect | unreachable] Avaya Secure Router 3120 Command Reference Guide December 2010...
To configure the mainpipe tunnel interface to be available or to restart it after stopping it, enter: SR/configure/interface/tunnel mainpipe> no shutdown To stop this interface, enter: SR/configure/interface/tunnel mainpipe> shutdown Remember that IP routes must be configured before the tunnel can pass traffic. applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules clear counters tunnel Resets the tunnel counters to null. To clear all tunnel counters, use clear counters tunnels. syntax: tunnel tunnel_name parameter definition tunnel_name Specifies which tunnel counters to reset. Avaya Secure Router 3120 Command Reference Guide December 2010...
To set a debug keepalive process on all tunnels, enter: SR> debug ip tunnel keepalive SR> To debug all traffic on all tunnels, enter: SR> debug ip tunnel all SR> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 12: IPSEC COMMANDS Use the IPSec commands to configure an Avaya Secure Router 3120 with IP security protocol encryption. This is the recommended protection for networking communications. crypto Enters crypto mode and provides access to commands used in Router's IPSec VPN feature.
Any valid local IP address. If no local interface is configured with this address, command execution will be failed. Default: None. example: SR> configure term SR/configure> crypto SR/crypto/ike> ike policy ToNetSc1 100.1.1.2 SR/crypto/ike/policy ToNetSc1> local-address 100.1.1.1 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] configure crypto ike policy <policy-name> <peer-address> remote-id remote-id-type data parameter definition [domain-name] Specifies a fully-qualified domain name string like [Router.com.] [emailid] Specifies a fully-qualified user name string, as per RFC 822, like [name@Router.com.] Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures Perfect Forward Secrecy feature for an IKE policy. To reset the mode to the default value, use the no form. syntax: [no] configure crypto ike policy <policy-name><peer-address> pfs Avaya Secure Router 3120 Command Reference Guide December 2010...
This policy is capable of responding to IKE negotiation, also it can initiate ike negotiation process. Default: both example: SR> configure term SR/configure> crypto SR/crypto/ike> policy ToNetSc1 100.1.1.2 SR/crypto/ike/policy ToNetSc1> exchange-type initiator-only applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
RSA and DSS are not supported in this release. example: SR> configure term SR/configure> crypto SR/configure/crypto> ike policy toOpal 100.1.1.1 SR/crypto/ike/policy toOpal 100.1.1.1> proposal 1 SR/crypto/ike/policy toOpal 100.1.1.1> authentication-method dss-signature applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
SA or terminated. To reset the lifetime to the default value, use the no form. syntax: [no] configure crypto ike policy <policy-name> <peer-address> proposal <proposal priority> lifetime [seconds <secs> | kilobytes <kb>] Avaya Secure Router 3120 Command Reference Guide December 2010...
[sport <port-val>] - the source port number [dport <port-val>] - the destination port number example: SR> configure term SR/configure> crypto SR/crypto> ipsec policy ToNetSc1 100.1.1.1 SR/crypto/ipsec/policy ToNetSc1> match address 10.1.1.0 24 20.1.1.0 24 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
1536-bit. Type of Diffie-Hellman prime modulus group that IKE will use for the PFS key exchange. This is the highest level of security and requires more process time than group 1 and group Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the IPSec authentication algorithm for a given proposal. To reset the authentication algorithm to the default value, use the no form. syntax: [no] configure crypto ipsec policy <name> <peer-address> proposal <priority> [protocol] hash- algorithm [md5-hmac | sha1-hmac] Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address. The protection is offered for the complete packet. The default. transport Transport mode configuration. In transport mode, the old IP address will be retained and the hash (incase of AH) will be Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 732
The protection is offered only for the pay load. example: SR> configure term SR/configure> crypto SR/crypto> ipsec toOpal 100.1.1.1 SR/ crypto/ipsec> proposal 1 SR/crypto/ipsec/proposal 1> mode transport applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Switch type details are: User Side Network Side Variant Country CCITT World 4ESS ATT - North America 5ESS ATT - North America NT DMS 100 Avaya - North America France France Avaya Secure Router 3120 Command Reference Guide December 2010...
CCITT Management Functional Protocol CCITT applies to: T1, E1 module bundle Creates a logical bundle with "bundle-name". "no" form of this command will remove the logical bundle. syntax: bundle <bundle-name> <cr> Avaya Secure Router 3120 Command Reference Guide December 2010...
To add 64 kbps bri link to the bundle "wan1", execute the following command: SR/configure/interface bundle wan1/link bri 64 applies to: T1, E1 module isdn Configures the bundle with ISDN parameters. This is a command sub-tree. syntax: isdn Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the ISDN service profile identifier for BRI channel 2. SPID is used for defining the services subscribed by ISDN device. All the switch types don't support SPID. SPID is Avaya Secure Router 3120 Command Reference Guide December 2010...
Valid range is 6000 - 60000 ms. example: To configure the LAPD keep alive time to 6000 milliseconds, execute the following command: SR/configure/interface bundle wan1/isdn/ keep-alive 6000 applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
Note that, when ISDN device is connected to ISDN switch, which doesn't supply caller ID, all calls will be rejected. "no" form of this command will make all calls acceptable without Caller ID Check. syntax: caller <caller-number> <cr> Avaya Secure Router 3120 Command Reference Guide December 2010...
A number limited to a maximum of 10 digits. example: To configure the bundle "wan1" with called number "1234567", execute the following command: SR/configure/interface bundle wan1/isdn/ callednum 1234567 applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
Letter X is the wildcard, whenever specified, will be replaced by the range of numbers 0 to 9. Note: Wild card support is planned for a future release. applies to:. T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
"1234569", execute the following command: SR/configure/interface bundle wan1/isdn/ answer1 called-party-number 123456X Letter X is the wildcard, whenever specified, will be replaced by the range of numbers 0 to 9. applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
<username> password <password> <cr> parameter definition COMMANDS Any of the following commands can be used username -- configures chap username for PPP/MLPPP bundle password -- configures chap password for PPP/MLPPP bundle example: Avaya Secure Router 3120 Command Reference Guide December 2010...
To configure ISDN idle timeout for 10 minutes, execute the following command: SR/configure/interface bundle wan1/ isdn/ idle-timeout 10 Note: Due to the performance tuning, the idle-timer may not disconnect exactly at the specified timeout value. applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
If call is active, "shutdown" will tear down the call. applies to: T1, E1 module show interface bundle Existing show interface bundle command will display the ISDN bundle related information. Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays the switch-type configured and ISDN BRI interfaces on the router. syntax: show isdn global <cr> parameter definition global Displays ISDN global information. example: To see ISDN global information, enter: SR> show isdn global applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
Controls ICMP traffic processing for unreachable destinations. example: To see the BRI interface related information for bundle "isdn1", execute the following command: SR>show isdn interface isdn1 applies to: T1, E1 module Avaya Secure Router 3120 Command Reference Guide December 2010...
T1, E1 module clear isdn statistics Clears the BRI statistics information syntax: statistics <cr> example: To clear the BRI statistics, execute the following command: SR>clear isdn statistics applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> debug isdn all applies to: T1, E1 module debug ppp auth Debug authentication phase in (ML) PPP. syntax: auth [interface-name] <cr> parameter definition interface-name The name of the bundle. applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 14: MULTICAST COMMANDS This chapter explains how to use the multicast commands in the 8.0 CLI. Use the multicast commands to configure an Avaya Secure Router 3120 for mtrace, Internet Group Management Protocol (IGMP), and sparse mode Protocol Independent Multicast (PIM).
The default is: robustness value. Use the no form of the configuration to return to the default lastmember-query-count value. Note: Specifying a value in the no form has no effect on the configuration syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the value of the query interval in seconds. The Query Interval is the interval between General Queries sent by the Querier. It is encoded in the Query Interval Code (QQIC) field of Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifying a value for time-seconds in the no form has no effect on the configuration. syntax: [no] ip igmp query-response-interval time-seconds parameter definition time-seconds 1 and 3174 seconds Note: This value must be less than or equal to the Query Interval. Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] ip igmp require-router-alert example: The following example turns require-router-alert on for interface ethernet0 and off for all other interfaces. SR/configure/ip/igmp/interface ethernet 1/0> require-router-alert SR/configure/ip/igmp/ interface ethernet 1/0> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command is enabled by default. syntax: [no] ip igmp send-router-alert example: The following example turns the send-router-alert option on for ethernet1. SR/configure/ip/igmp/interface ethernet 1/1> send-router-alert SR/configure/ip/igmp/ interface ethernet 1/1> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
3376.) This value is encoded in the Max Resp Code field of Query messages. Use the no form of this configuration to return to the default value of Startup Query Interval. syntax: [no] ip igmp startup-query-interval time Avaya Secure Router 3120 Command Reference Guide December 2010...
With the group address specified, clears the group regardless of the interface where the information came: syntax: [no ] clear ip igmp groups [interface <name>] [group-addr <addr>] [source-addr <source- addr> ] Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules debug ip igmp normal Enables all levels of diagnostics on IGMP. syntax: [no] ip igmp normal example: The following debugs normal IGMP traffic: SR/debug> ip igmp normal Avaya Secure Router 3120 Command Reference Guide December 2010...
Enables all levels of diagnostics on IGMP state-related events. syntax: [no] ip igmp state example: The following debugs IGMP state events: SR/debug> ip igmp state applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> mtrace 192.168.0.0 192.168.2.22 239.254.254.254 Mtrace from 192.168.2.0 to 192.168.2.22 via group 225.254.254.254 Querying full reverse path... 192.168.2.15 PIM thresh^ 0 0 ms 192.168.2.7 PIM thresh^ 0 2 ms 192.168.2.5 PIM thresh^ 0 674 ms Avaya Secure Router 3120 Command Reference Guide December 2010...
Configures the router to do load splitting of multicast traffic over equal cost paths. By default, multipath is enabled with Highest Random Weight (HRW) method. Use the no form of the command to disable multipath. Enabling multipath without specifying the mode, enables Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the name of the interface, for example, ethernet1. group-addr Specifies the group address multicast address. source-addr Specifies the IP address of the source. example: The following example shows how to configure a static group membership. SR/configure/ip/multicast> static SR/configure/ip/multicast/static> Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the Multicast Forwarding Cache (MFC). Specifying a source and group address displays only the specific entry along with traffic statistics for it. syntax: show ip mfc [source <ip-address>] [group <ip-address>] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
It displays the RPF interface, the unicast route and the associated unicast routing protocol. syntax: show ip rpf <ip-address> example: The following example shows how to see the reverse path forwarding information for the RP at 201.1.1.99: SR> show ip rpf 201.1.1.99 Avaya Secure Router 3120 Command Reference Guide December 2010...
(*,G) or (S, G) entry, as specified by the message. The lifetime of this modification is specified by this command. If another Assert message does not refresh the Assert state before the lifetime expires, then the outgoing interface list reverts to its previous Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules ip pim cbsr interface Sets the CBSR interface. Use the no form of this command to remove the configured bsr interface. syntax: [no] interface name [ dlci ] Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/ip/pim/cbsr> holdtime 33 SR/configure/ip/pim/cbsr> applies to: All modules ip pim cbsr period set the interval between originating bootstrap messages. (default:60). Use the no form of this command to set the default value. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
A set of routers within a domain are configured as candidate Rendezvous Points (C-RPs). This command configures the PIM router as a candidate RP for the group(s). This is a mode command and enters the CRP mode. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Sets the group to advertise for candidate RP. Use the no form of this command to remove a group for CRP advertisement. syntax: [no] group-add address [ mask ] [ priority ] Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] holdtime time parameter definition time The CRP holdtime in seconds. Valid range is: 1—65535 example: To set the holdtime to 200 seconds, enter: SR/configure/ip/pim/crp> holdtime 200 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
CRP (default: 0). Use the no form of this command to set the default value. syntax: [no] priority number parameter definition value Default CRP priority. Valid range is: 0—255. example: To set the CRP priority to 45, enter: SR/configure/ip/pim/crp> priority 45 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The length of time to wait before sending out another hello message. Valid range is: 1—65535 seconds. example: To set the hello interval time to 145 seconds, enter: SR/configure/ip/pim> hello-interval 145 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
The name (ethernet0, ethernet1 or bundle name) of the interface. dlci The data link connection identifier of the PVC. Valid range is 16-1022. example: To configure ethernet1 for PIM, enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
The hello hold time in seconds. Valid range is: 0—65535 example: To configure the hello holdtime to be 35 seconds, enter: SR/configure/ip/pim/interface ethernet 1/1> hello-holdtime 35 SR/configure/ip/pim/interface ethernet 1/1> Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] join-prune-interval interval parameter definition interval The join-prune interval in seconds. Valid range is: 0—65535. example: To set the interval to two minutes, enter: SR/configure/ip/pim/interface ethernet 1/1> join-prune-interval 120 SR/configure/ip/pim/ interface ethernet 1/1> Avaya Secure Router 3120 Command Reference Guide December 2010...
The holdtime (in seconds) that is advertised in join/prune messages. Valid range is: 1— 65535 seconds. example: To set the holdtime to 30 seconds, enter: SR/configure/ip/pim> join-prune-holdtime 30 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The mode of PIM used on the router. Mode takes two options, sparse to configure sparse mode, and dense which is not supported in this release. example: To configure the router for sparse mode PIM, enter: SR/configure/ip/pim> mode applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] ip pim mrt-spt-mult number parameter definition number an integer between 1 and 100 example: The following example configures the MRT SPT Mult value to be 25. SR/configure/ip/pim> mrt-spt-mult 25 Avaya Secure Router 3120 Command Reference Guide December 2010...
Register message to the RP. Valid range is: 1—3600 seconds. The default is 5 seconds. example: The following example configures the probe period to 30 seconds. SR/configure/ip/pim> probe-period 30 SR/configure/ip/pim> Avaya Secure Router 3120 Command Reference Guide December 2010...
Sets the static Rendezvous Point router address. Use the no form of this command to remove the configured static RP address. syntax: [no] rp address [ group-address ] [ group-mask ] Avaya Secure Router 3120 Command Reference Guide December 2010...
To turn on this feature, enter: SR/configure/ip/pim> rp-switch-immediate applies to: All modules ip pim ssm-range Configures a range of multicast addresses to be treated as SSM group addresses. (Default is 232/8). Avaya Secure Router 3120 Command Reference Guide December 2010...
To configure this router such that the data from S addressed to G must exceed an average of 1024 KBytes per second before an SPT switch is initiated, enter: SR/configure/ip/pim> threshold-dr 1024 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] ip pim whole-pkt-checksum example: To specify that the message checksum will be calculated over the entire encapsulated packet, rather than just over the Register message header, enter: SR/configure/ip/pim> whole-packet-checksum applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the interface. Use the keyword all to see information about all the PIM interfaces. detail The detail mode of the display. example: To see information for all interfaces, enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays PIM Rendezvous Point information. syntax: example: To see RP information, enter: SR/configure> show ip pim rp Group/Mask RP ------------------ --------------- 224.0.0.0/4 10.10.1.1 SR/configure> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 15: PASSWORD Use the password command change passwords on an Avaya Secure Router 3120. The new password is effective at the next login session. The password command is as follows: Table 18: Password Command password password This command changes the password on a Secure Router 3120.
Chapter 16: PING Use the ping command to verify connectivity between an Avaya Secure Router 3120 and other network hosts. The ping command is as follows: Table 19: Ping Command ping Note: You can stop pinging using the key combination, Ctrl+C.
Page 798
User pressed Ctrl + C & Got reply with ICMP type "Time Exceeded" Got reply from different hosts Any other ICMP type. To get more info try ping x.x.x.x verbose applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
T1, E1 module ip negotiated This command specifies that the IP address for the interface is obtained via PPP/IPCP (IP Control Protocol) address negotiation with the PPPoE server. syntax: ip negotiated Avaya Secure Router 3120 Command Reference Guide December 2010...
T1, E1 module ppp keepalive This command specifies the amount of time PPP should be keep up when there is no traffic. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/interface/ virtual-access <name>> pppoe ac-name router1 next-level commands show interface virtual-access applies to: T1, E1 module pppoe ethernet This command allows the user to specify the Ethernet interface on which PPPoE is enabled. syntax: pppoe ethernet<number> Avaya Secure Router 3120 Command Reference Guide December 2010...
The system will caution you to save the current configuration before rebooting. reload This command reboots the Avaya Secure Router 3120 from the current NCM and IC boot parameters. Use this command to disconnect all users from the system and momentarily disrupts traffic through the system.
Page 804
RESTART applies to: All modules Note: The system will caution you to save the current configuration before rebooting. Avaya Secure Router 3120 Command Reference Guide December 2010...
A message confirming a successful save appears after the command is executed. parameter definition file Name of saved file syntax: save local file < name > ] example: SR> save local file d011899.cfg related commands: write memory Avaya Secure Router 3120 Command Reference Guide December 2010...
The save network command uses tftp. Be sure that a destination file exists and you have proper permission. write memory This command saves a system configuration to flash memory. This command is equivalent to the save local command. Avaya Secure Router 3120 Command Reference Guide December 2010...
A message confirming a successful save appears after the command is executed. parameter definition file Name of saved file syntax: write local file < name > ] example: SR> write local file d011899.cfg Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules write terminal Displays the current configuration on the local host. This command is the same as show configuration running. syntax: write terminal Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 809
SR> write terminal related commands: cshow configuration running applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 810
SAVE Avaya Secure Router 3120 Command Reference Guide December 2010...
<login | protocol> example: SR/configure> show aaa authentication protocols Protocol List Name Protocols Order _____________________________________________ default NOT CONFIGURED applies to: All modules show aaa authorization commands Display configured AAA authorization lists. Avaya Secure Router 3120 Command Reference Guide December 2010...
------------------------------ Primary server : 0.0.0.0 Secondary server : 0.0.0.0 Server port : 49 Timeout in seconds : 5 Maximum retries : 2 SR/configure> applies to: All modules show arp This command displays the current Address Resolution Protocol (ARP) table. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show boot_params This command shows boot parameters for the system. parameter definition slot_no IC slot number (1 or 2) syntax: boot_params IC < 1 | 2 > Avaya Secure Router 3120 Command Reference Guide December 2010...
The show shows a date and time stamp for each change, the user who logged the change, and the local or network IP address the configuration file was saved to (if applicable). syntax: cfg_log example: SR/show> cfg_log related commands: clear cfg_file applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays details about Avaya Secure Router 3120 chassis hardware, specifically, fans and power supplies. parameter definition fan status Displays the status of the system fans. slot_no Displays the status of the power supplies. syntax: <fan-status | power-status>...
All modules show crypto dynamic clients Displays the remote access clients who logged in successfully. syntax: crypto dynamic clients example: SR> show crypto dynamic clients Avaya Secure Router 3120 Command Reference Guide December 2010...
<policy-name> [<proposal priority(s)>] [detail] example: SR> show crypto ike policy toOpal 1 applies to: All modules show crypto ike This command accesses next-level commands for displaying IKE. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Detail mode of the display syntax: policy policy-name [ proposal-priority ] [ detail ] example 1: Provides a brief display of all IKE policies in the router. Router1> show crypto ike policy all Avaya Secure Router 3120 Command Reference Guide December 2010...
Detail mode of the display syntax: sa policy-name [ detail ] example 1: Provides a brief display of all IKE SAs in the router. Router1> show crypto ike sa all Avaya Secure Router 3120 Command Reference Guide December 2010...
Router1> show crypto interfaces Table 27: screen display example > show crypto interfaces Interface Network Name Type --------- ------- > related commands: show crypto ike show crypto ipsec applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays either all SAs for a specified policy or all SAs in the IPSec table. parameter definition policy-name Displays all IPSec SAs policy name Displays all IPSec SAs for this policy detail Detail mode of the display Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the date and time. syntax: date example: SR/show> date The following screen capture shows the date and time, the number of hours and minutes ahead of or behind the UTC also appears. Avaya Secure Router 3120 Command Reference Guide December 2010...
DHCP RELAY CONFIGURATION --------------------------- Ethernet 0: Disabled Ethernet 1: Disabled > applies to: All modules show environment This command displays the internal operating temperature of a Secure Router 3120. Avaya Secure Router 3120 Command Reference Guide December 2010...
The latest 10 events appear, as shown in. To scroll through the log, 10 events at a time, type y, and then press Return at the "Display more events?" prompt. Or, to go back to the command prompt, type n, and press Return. syntax: event_logs example: SR/show> event_logs Avaya Secure Router 3120 Command Reference Guide December 2010...
Bytes Free: 12648448 > next-level commands show fr avcs show fr cvcs show fr invarp show fr invarp_int show fr lmistats show fr pvcs show fr vcstats applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command shows all CVCs configured on a Secure Router. This display includes the associated bundle information, virtual circuit ID (DLCI), status, policing, and IP address. syntax: fr cvcs example: SR> show fr cvcs Avaya Secure Router 3120 Command Reference Guide December 2010...
< all | name > example: SR/show> fr invarp all related commands: show fr avcs show fr cvcs show fr invarp_int show fr lmistats show fr pvcs show fr vcstats Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the LMI statistics for a bundle. Statistics include the number of received status inquiries and full status inquiries, the number of transmitted and received status inquiries, and the number of transmit-side updates. Avaya Secure Router 3120 Command Reference Guide December 2010...
If the PVC is switched to another PVC, that PVC number will be shown. If the PVC terminates at a LAN, the PVC IP address is displayed. syntax: fr pvcs example: SR/show> fr pvcs related commands: show fr avcs show fr cvcs show fr invarp Avaya Secure Router 3120 Command Reference Guide December 2010...
57sman Password: > applies to: All modules show hostname This command displays the system host name. The host name is visible as the main command prompt. syntax: hostname example: SR/show> hostname Avaya Secure Router 3120 Command Reference Guide December 2010...
Information includes the status of the AVC, status of each CVC in the AVC, individual CVC counters, aggregated AVC counters, the status reporting mode for the AVC, RED configuration and statistics, VLAN tagging on the AVC (when enabled), and IP encapsulation information. Avaya Secure Router 3120 Command Reference Guide December 2010...
Name of bundle to be viewed. syntax: bundle < name > example: SR/show/interface> bundle Brussels related commands: show interface bundles show interface ethernet applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Ethernet port to be viewed (0 or 1). syntax: ethernet <slot/port> example: SR/show/interface> ethernet 0 To clear the Ethernet port display counters, use the clear counters Ethernet command. related commands: clear counters Ethernet Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ip dhcps address_pools This command displays the DHCP address pools. syntax: address_pools example: SR/show/ip> dhcps address_pools related commands: show ip dhcps bindings show ip dhcps configuration Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ip dhcps configuration This command displays the DHCP configuration. syntax: configuration example: SR/show/ip> dhcps configuration Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ip dhcps statistics This command displays the DHCP server statistics. syntax: statistics example: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/ip> dns related commands: show ip hosts applies to: All modules show ip hosts This command displays a list of configured hosts, along with their IP addresses. syntax: hosts example: SR/show/ip> hosts Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ip interface This command displays Ethernet port IP routing data for the specified interface. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 844
(NAT) data. syntax: example: SR/show/ip> nat next-level commands show ip nat address_pool show ip nat all show ip nat configuration show ip nat statistics show ip nat translations applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays a summary of all stored NAT data. syntax: example: SR/show/ip/nat> all applies to: All modules show ip nat configuration This command shows global NAT data or NAT data for a specified interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command shows global NAT statistics or NAT statistics for a specified interface. parameter definition interface ethernet0 Ethernet 0 ethernet1 Ethernet 1 bundle_name Specific WAN bundle name bundle_name:pvc _number Bundle name:PVC number global Global NAT syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
< ethernet0 | ethernet1 | bundle_name | bundle_name : pvc_number > example 1: This example shows NAT data for a specific interface. SR/show/ip/nat> translations ethernet0 example 2: This example shows global NAT data. SR/show/ip/nat> translations global applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Name of the filter set for which rules will be displayed. syntax: filter-list rulelist_name < name > example: SR/show/ip/access-list> filter-list Filter01 related commands: show ip access-list rules show ip access-list statistics Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ip access-list statistics This command shows IP filter statistics for an Ethernet port, a bundle, a PVC, or all interfaces. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays IP routing information. parameter definition network Network IP address mask Net mask address protocol All protocols Border Gateway protocol connected Connected routes ospf Open Shortest Path First protocol Routing Information protocol Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 851
"fib," then the display will show the route summary of FIB. Table 36: screen display example > show ip routes summary IP Routing Table Summary Route Source Number of Routes ------------ ---------------- connected static aggregate OSPF Total > Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 852
All modules show ip rtp This command accesses next-level commands for displaying RTP information. syntax: show ip rtp example: SR> show ip rtp applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
< bundle name > example: SR/show/ip/rtp> statistics wan1 applies to: All modules show ipmux This command accesses next-level commands ipmux show commands. syntax: ipmux example: SR> show ipmux Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show ipmux interfaces This command shows configured interface information. parameter definition interface Interface name or type The default is all. syntax: interfaces [ interface < name > ] Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> show ipmux routes related commands: show ipmux acroutes show ipmux interfaces applies to: All modules show mac This command displays the MAC address assigned to a Secure Router. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
IP address does not match the DHCP address, the client is a static client. applies to: All modules show module This command accesses next-level commands for displaying interface card alarms, configurations, and statistics. syntax: module example: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/module> alarms In alarm displays, Off = No Alarm, On = Alarm in Progress. next-level commands show module alarms e1 show module alarms t1 show module alarms t3 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
[refresh_interval] <cr> example: SR/show/module/alarms> e1 1/1 refresh_interval 1 related commands: show module thresholds e1 applies to: E1 module how module alarms serial This command displays the alarms detected on a serial interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
To see the alarms in real-time, specify the desired refresh interval in minutes when entering this command. To return to the system command prompt, type q. parameter definition T1 link The range is 1/1-8 or 2/1-8. Avaya Secure Router 3120 Command Reference Guide December 2010...
The slot (1 or 2) in which the module is located. Port numbering varies by module. refresh_interval How often, in minutes, the alarm display will be updated (optional entry; minimum is 1 minute). syntax: t3_identifier [ refresh_interval < n > ] Avaya Secure Router 3120 Command Reference Guide December 2010...
The following command shows alarms at the T1 level: syntax: ct3_identifier:t1 [ refresh_interval < n > ] example: SR/show/module/alarms> ct3 1/1:5 In alarm displays, Off = No Alarm, On = Alarm in Progress. applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
The slot (1 or 2) in which the module is located. Port numbering varies by module. interval_range Range of 15-minute intervals for which you wish to see a summary of statistics (1 - 96). syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays ANSI statistics for a Channelized T3 interface. The display shows the current 15-minute interval statistics, the elapsed time in the current sampling interval, and the total counts for the past 8 hours. Avaya Secure Router 3120 Command Reference Guide December 2010...
Channelized T3 show module attstats This command accesses next-level commands for displaying AT&T statistics. syntax: attstats example: SR/show/module> attstats next-level commands show module attstats t3 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show module configuration all This command shows the configuration for all T1 or E1 ports. syntax: example: SR> show module configuration all applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the configuration and status of a T1 interface. parameter definition slot/port The slot (1 or 2) in which the module is located. Port numbering varies by module. T1 link The range is 1/1-8 or 2/1-8. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the configuration and status of a Channelized T3 interface at the T3 level. parameter definition Channelized T3 (1 or 2, depending upon the system) syntax: ct3 slot/port example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show module ietfstats e1 This command displays the IETF performance statistics for an E1 interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
The slot (1 or 2) in which the module is located. Port numbering varies by module. interval_range Range of 15-minute intervals for which you want to see a summary of statistics The range is 1 - 96. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays IETF performance statistics for a Channelized T3 interface. Statistics for multiple 15-minute intervals may be displayed by specifying the number of intervals (1 to 96) you wish to view. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands that display the International Telecommunication Union statistics for an E1 port. syntax: itutstats example: AR1208-E/display/module> itutstats related commands: show module itutstats e1 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/module> test Table 38: E1 BERT Test Criteria on page 874 and Table 39: E1 Loopback Test Criteria page 874 summarize BERT and loopback information for E1 testing. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 874
Type of loop-up code sent to the far end (ANSI FDL or Inband). next-level commands show module test e1 show module test t1 show module test t3 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The slot (1 or 2) in which the module is located. Port numbering varies by module. T1 link The range is 1/1-8 or 2/1-8. syntax: t1 t1_no where t1_no is the <slot/port> number. Avaya Secure Router 3120 Command Reference Guide December 2010...
The slot (1 or 2) in which the module is located. Port numbering varies by module. syntax: t3 t3_no example: SR/show/module/test> t3 1/1 related commands: show module test t1 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for displaying alarm thresholds. These displays show the threshold types, along with the user-defined rising and falling alarm thresholds, sampling intervals, and sample types for each threshold. syntax: thresholds example: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/module/thresholds> e1 1/1 applies to: E1 module show module thresholds t1 This command displays the alarm threshold settings for a T1 interface. parameter definition T1 link The range is 1/1-8 or 2/1-8. Avaya Secure Router 3120 Command Reference Guide December 2010...
Clear Channel T3 show module thresholds ct3 This command displays the alarm threshold settings for a Channelized T3 interface. parameter definition Channelized T3 (1 or 2, depending upon the system) Avaya Secure Router 3120 Command Reference Guide December 2010...
To clear these statistics after viewing them, use the clear module t1_userstats command. syntax: userstats example: SR/show/module> userstats next-level commands show module userstats e1 show module userstats t1 show module userstats t3 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
(1 to 96) you wish to view. To clear these statistics after viewing them, use the clear module t1_userstats command. parameter definition T1 link The range is 1/1-8 or 2/1-8. Avaya Secure Router 3120 Command Reference Guide December 2010...
Range of 15-minute intervals for which you wish to see a summary of statistics (1 - 96). syntax: t3 t3_no [ interval_range < n > ] example: SR/show/module/userstats> t3 1/1 interval_range 1-5 applies to: Clear Channel T3 Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/module/userstats> ct3 1/1:5 interval_range 1 applies to: Channelized T3 show power This command displays the type of power supply (AC, single DC, or dual DC) installed in the system. syntax: power example: SR/show> power Avaya Secure Router 3120 Command Reference Guide December 2010...
Name of bundle containing QoS classes to be displayed. class Individual QoS class to be displayed The default is all. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays historical QoS statistics for the bundle or class. syntax: bundle < name > example: SR/show/qos/historical_stats> bundle wan1 related commands: show qos historical_stats configuration show qos historical_stats ethernet applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays historical QoS statistics for the Ethernet interface or class. parameter definition ethernet Ethernet 0 interface Ethernet 1 interface class QoS class name Enter a word. Avaya Secure Router 3120 Command Reference Guide December 2010...
Status: Active, processing live traffic Alarm Enabled: TRUE DS3 Tx: Enabled Data Loss Threshold: 500000 SR> example 2: For the backup router: SR> show redundancy SR> show redundancy =================== Redundancy Setting: =================== Avaya Secure Router 3120 Command Reference Guide December 2010...
Baud Rate : 9600 Parity : No Parity Data Bits Stop Bits Flow Control : No Flow Control > applies to: All modules show running-config This command shows the running system configuration. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show snmp communities This command displays the current SNMP community names and access privileges. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show/snmp> trap-source applies to: All modules show snmp status This command displays the total number of SNMP data packets sent to and received from each trap host. syntax: status example: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show snmp trap-host This command displays the names and IP addresses of configured SNMP trap hosts. syntax: trap-host Avaya Secure Router 3120 Command Reference Guide December 2010...
To continue scrolling through this display, press any key. Or, to go back to the command prompt, type q, and press Return. parameter definition file name Name of file to be showed The default is system.cfg. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show> system next-level commands show system logging commandLog show system logging console show system logging syslog applies to: All modules show system configuration This command displays the hardware configuration. syntax: configuration Avaya Secure Router 3120 Command Reference Guide December 2010...
Table 44: screen display example > show system diagnostics System Diagnostics Results: DRAM Test: PASSED Flash Memory Test: PASSED Temperature Test: PASSED > related commands: show system configuration show system flash show system memory Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show system logging This command accesses next-level commands for displaying console logging message prioritization and syslog parameters. syntax: logging Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> show system logging commandLog applies to: All modules show system logging console This command displays console logging message prioritization. syntax: logging console example: SR/show> system logging console Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays DRAM memory usage data, including number of free and allocated bytes, number of fragmented memory blocks, average and maximum block sizes, and a cumulative summary of allocated memory. syntax: memory Avaya Secure Router 3120 Command Reference Guide December 2010...
Press 'y' to continue ? (y/n) : n SR> show tech-support WARNING:The system information will be stored in file. The process will take few minutes..Press 'y' to continue ? (y/n) : y > applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/show> users Table 48: screen display example > show users ACTIVE USERS: NAME LOGIN TIME IPADDR +----------------------------------------------------+ 1 : user SAT MAY 08 15:47:16 2004 : CONSOLE +----------------------------------------------------+ > Avaya Secure Router 3120 Command Reference Guide December 2010...
1 : user +---------------------------------+ > related commands: show users configure user applies to: All modules Note: You must be logged in as the System Administrator (Level 1 access) to view this data. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for viewing hardware and software design versions. syntax: version example: SR/show> version applies to: All modules show virtual-access Displays information about PPPoE traffic. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show vlanfwd macbridge This command accesses next-level VLAN bridging show commands. syntax: macbridge Avaya Secure Router 3120 Command Reference Guide December 2010...
SR> show vlanfwd macbridge all related commands: show vlanfwd macbridge config show vlanfwd macbridge dynamic show vlanfwd macbridge specific show vlanfwd macbridge static show vlanfwd macbridge statistics applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show vlanfwd macbridge dynamic This command shows information about all dynamically learned MAC entries in the forwarding database. syntax: dynamic example: SR> show vlanfwd macbridge dynamic Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show vlanfwd macbridge static This command shows information about all static MAC entries in the forwarding database. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
• PktsForwardeded: The number of packets received on a given interface whose destination MAC addresses could be matched in the forwarding database, and therefore were selectively forwarded to a specific VLAN interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules show vlanfwd statistics This command shows if VLAN forwarding is enabled or disabled and the statistics for each VLAN ID. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command shows the VLAN table. syntax: table example: SR> show vlanfwd table related commands: show vlanfwd management show vlanfwd statistics show vlanfwd tagtable applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level show commands for showing vldfwd information. syntax: vldfwd example: SR> show vldfwd related commands: show vldfwd statistics show vldfwd table show vldfwd tagtable applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
The range is 1 - 4095; the default is all. Enter a single vld_id <100> or a range of vld_ids < 200-300>. syntax: table [ vld_id < n | n - n > ] example: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays VRRP related information. parameter definition group VRRP group The range is 1 - 255; the default is all groups. interface ethernet0 Ethernet 0 interface ethernet1 Ethernet 1 interface Avaya Secure Router 3120 Command Reference Guide December 2010...
This command displays the current user name and access level. syntax: whoami example: SR/show> whoami Table 52: screen display example > show whoami you are Router, level 1 user > applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Chapter 21: TELNET Use the telnet command to telnet directly from one Avaya Secure Router 3120to another Secure Router 3120 (or network host). This feature eases network configuration by eliminating the need to exit the Router CLI before establishing a telnet session.
‘The range is 1 - 16, depending upon the system. syntax: e1 <slot/port> e1_no < n > example: SR/test> e1 1/1 next-level commands test e1 bert test e1 loopback applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Before conducting a BERT test, activate an E1 line loopback at a remote system; the remote system will loop the the BERT pattern back to the Avaya Secure Router 3120 for bit error rate calculation. The bit error rate is an indicator of overall E1 quality. To activate a remote E1 loopback, use the test e1 loopback remote line command.
All modules test e1 loopback inward1 This command configures an E1 interface for local inward 1 loopback. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/test/e1 1/1> loopback inward1_analog related commands: test e1 loopback inward1 test e1 loopback inward2 test e1 loopback line test e1 loopback payload applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
[ no ] loopback line example: SR/test/e1 1/3> loopback line To verify loopback status during the test, use the show module test e1 command. related commands: test e1 loopback inward1 Avaya Secure Router 3120 Command Reference Guide December 2010...
All modules test t1 This command accesses next-level commands for conducting tests on a T1 interface. Avaya Secure Router 3120 Command Reference Guide December 2010...
Before conducting a BERT test, activate a T1 line loopback at a remote system; the remote system will loop the BERT pattern back to the Secure Router 3120 for bit error rate calculation. The bit error rate is an indicator of overall T1 quality. To activate a remote T1 loopback, use the test t1 loopback remote line command.
T1 module, serial modules that support v.35 or x.21 test t1 loopback This command accesses next-level commands for activating and deactivating loopbacks on a T1 link. syntax: loopback example: SR/test/t1 1/1> loopback Avaya Secure Router 3120 Command Reference Guide December 2010...
This command activates a local T1 payload loopback. The loopback sends the incoming T1 back to the remote system. The payload loopback corrects bipolar violations, CRC errors, and frame bit errors before returning the signal. Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/test/t1 1/1> loopback remote next-level commands test t1 loopback remote line test t1 loopback remote payload applies to: T1 module, serial modules that support v.35 or x.21 Avaya Secure Router 3120 Command Reference Guide December 2010...
Upon detecting the loop-up code, the remote system removes BPVs, CRC errors, and frame bit errors before returning the signal to the Secure Router. The looped signal path allows you to conduct line testing. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 928
This command accesses next-level commands for conducting tests on a Clear Channel T3 interface. parameter definition t3_no Clear Channel T3 port to be tested. syntax: t3 t3 _no example: SR/test> t3 1/1 next-level commands test t3 loopback applies to: Clear Channel T3 Avaya Secure Router 3120 Command Reference Guide December 2010...
Channel T3 alarms are generated with this loopback in progress, the Clear Channel T3 is faulty. syntax: [ no ] loopback internal_t3 example: SR/test/t3 1/1> loopback internal_t3 To verify the loopback status during the test, use the show module test t3 command. Avaya Secure Router 3120 Command Reference Guide December 2010...
The local loopback routes the Clear Channel output signal to the Clear Channel receiver for local testing. syntax: [ no ] loopback local_t3 example: SR/test/t3 1/1> loopback local_t3 To verify the loopback status during a test, use the show module test t3 command. Avaya Secure Router 3120 Command Reference Guide December 2010...
Clear Channel T3 test t3 loopback remote This command accesses next-level commands for activating Clear Channel T3 loopbacks on remote systems. syntax: loopback remote example: SR/test/t3 1/1> loopback remote Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for conducting tests on a Channelized T3 interface. parameter definition t3_identifier CT3 link(s) to test syntax: ct3 ct3_identifier where t3_identifier is the <slot/port> number. Avaya Secure Router 3120 Command Reference Guide December 2010...
20 consecutive ones 2^23 Pseudorandom signal with no more than 22 consecutive zeros and no more than 23 consecutive ones This pattern provides the highest stress of all BERT patterns. Avaya Secure Router 3120 Command Reference Guide December 2010...
This command accesses next-level commands for activating and deactivating loopbacks on a Channelized T3 port. syntax: loopback example: SR/test/ct3 1/1> loopback next-level commands test ct3 loopback internal_ct3 test ct3 loopback line_t1 test ct3 loopback payload_t1 test ct3 loopback remote Avaya Secure Router 3120 Command Reference Guide December 2010...
[no] loopback line_t1 t1 example: SR/test/ct3 1/1> loopback line_t1 5 To verify the loopback status during the test, use the show module test ct3 command. related commands show module test ct3 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures a T1 in the CT3 for remote line loopback. syntax: line_t1 t1 [loopback_type] parameter description T1 number/range loopback_type Loopcode for LINE Loopback. (default: ansi_fdl) example: SR/test/ct3 1/1> loopback remote line_t1 5 loopback_type ansi_fdl Avaya Secure Router 3120 Command Reference Guide December 2010...
To disable the DNS replay attack check, use the no form of the command. By default it is disabled. When this command is enabled, the DNS connection limit is 2,000. syntax: [no] dns-replay-attack example: SR/configure/firewall global/dos-protect> dns-replay-attack SR/configure/firewall global/dos-protect> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Band) data to an IP address of a Windows machine connected to a network and/or Internet. To disable the win nuke attack check, use the no form of the command. This command is disabled by default. syntax: [no] win-nuke Avaya Secure Router 3120 Command Reference Guide December 2010...
CPU resources. To disable the ftp bounce attack check, use the no form of this command. This command is disabled by default. syntax: [no] ftp-bounce example: Avaya Secure Router 3120 Command Reference Guide December 2010...
IP timestamp option not aligned on a 32-bit boundary. To disable IP unaligned timestamp checks, use the no form of this command. This command is disabled by default Avaya Secure Router 3120 Command Reference Guide December 2010...
The range can be configured with value between 20000 and 2147483647. To disable TCP sequence number range check, use the no form of this command. By default it is disabled. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
To enable all of the Denial of Service protections, enter: SR/configure/firewall global/dos-protect> enable-all applies to: All modules firewall hairpinning-SelfIp This command configures NAT hairpinning. Syntax: [no] hairpinning-selfip Example: SR/configure/firewall global> hairpinning-selfip Avaya Secure Router 3120 Command Reference Guide December 2010...
The threshold for VPN logging. The range is 1—2147483647, the default is 100 packets. example: To configure the router to generate a log message for 10 VPN events, enter: SR/configure/firewall global/logging> vpn 10 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Use the no form of the command to reset to default values. By default, the threshold is configured as 1. syntax: [no] policy <count> parameter definition limit The threshold for policy logging. The range is 1—2147483647, the default is 1 packet. example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The oversized packet can be broken up into pieces small enough to pass. The IP reassembly feature allow the split packets to be reassembled upon delivery. syntax: [no] enable example: To enable IP reassembly, enter: SR/configure/firewall global/ip-reassembly> enable applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
The length of the fragment header. The range is 1— 65535. The default is 28 bits. example: To set the fragment header to 5000 bits, enter: SR/configure/firewall global/ip-reassembly> fragment-size 5000 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
<time> parameter definition time A packet has to be reassembled before this amount of time expires. The valid range is 11—120 seconds, and the default is 60. example: Avaya Secure Router 3120 Command Reference Guide December 2010...
Specifies the User Datagram Protocol timeout. icmp Specifies the Internet Control Message Protocol timeout. tcp-reset Specifies the Transport Control Protocol reset timeout. ftp-inactivity Specifies how long the File Transport Protocol will wait for a response. Avaya Secure Router 3120 Command Reference Guide December 2010...
The timeout value. The range is 0—65535 seconds. example: To create a UDP service named Test on port 4444, with a timeout value of 600 seconds, enter: SR/configure/firewall global/timeout> service Test udp 4444 600 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
To create a global object, enter: SR/configure/firewall global> object SR/configure/firewall global/object> To create an object specific to the corp map, enter SR/configure/firewall corp> object SR/configure/firewall corp/object> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
To disable the stealth mode on corp. Any one of the following commands can be executed. SR/configure/firewall corp> no stealth-mode corp SR/configure/firewall corp> no stealth-mode SR/configure/firewall global> no stealth-mode corp applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
If created in a specific map, then this application filter can be applied to any number of policies, but only for this specific map. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 958
To create a map-specific FTP application filter named corpftp that allows permit, get, and ls commands, enter: SR/configure> firewall corp SR/configure/firewall corp> object SR/configure/firewall corp/ object> ftp-filter corpftp permit put get ls applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
To create a map-specific HTTP application filter named corphttp that allows all URLs but filters out Java applications and files with .exe extensions, enter: SR/configure/firewall corp/object> http-filter corphttp deny java *.exe Avaya Secure Router 3120 Command Reference Guide December 2010...
All IP addresses are in IPv4 format. example: To configure a NAT pool of type one-to-one with a source address range (10.1.1.1 to 10.1.1.10) that will be translated to the address range (20.1.1.51 to 20.1.1.60), enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
Lists RPC numbers that are prohibited. Up to 25 numbers can be listed as strings separated by spaces. Enables or disables logging. example: Avaya Secure Router 3120 Command Reference Guide December 2010...
The name of the SMTP filter. permit Lists SMTP commands that are allowed. Includes: hello mail rcpt data quit send saml reset vrfy expn Enter commands as strings separated by a space. Avaya Secure Router 3120 Command Reference Guide December 2010...
Firewall policies configured with schedule objects are only activated in the time defined in the schedule object. syntax: [no] schedule object-name [ week-day ] [ start-time ] [ end-time ] Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 964
To create a map-specific schedule object named getmail, starting at 9:00 AM and ending at 6:30 PM, Monday through Friday, enter: SR/configure> firewall corp SR/configure/firewall corp> object SR/configure/firewall corp/ object> schedule getmail week-day mon fri start-time 9 0 end-time 18 30 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
To create a map-specific service object named corpserv using TCP on port 2001, enter: SR/configure> firewall corp SR/configure/firewall corp> object SR/configure/firewall corp/ object> service corpserv tcp port 2001 applies to: Avaya Secure Router 3120 Command Reference Guide December 2010...
To remove wan3 and the frame relay interface wan4 with pvc number 16 from the map internet, enter: SR/configure> firewall internet SR/configure/firewall internet> no interface wan3 wan4:16 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
Can be one of: <src-start> <src-end> <dst-start> <dst-end> OR <src-port> <dst-port> traffic The type of traffic. Can be one of the following values: transit -- transit traffic (the default) Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 969
4 out> To modify the source and destination address configuration of an existing firewall policy, enter SR/configure/firewall corp> policy 4 out address 21.1.1.1 21.1.1.5 any any permit SR/ configure/firewall corp/policy 4 out> Avaya Secure Router 3120 Command Reference Guide December 2010...
Valid range is 1—29912. The default is the connection limit of the map. example: To limit the maximum number of connections to 20, enter: SR/configure/firewall corp/policy 4 out> max-connection-limit 20 applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
(disabled by default). syntax: [no] policing <packets-per-second> parameter definition packets-per-second Specifies the maximum number of packets per second. Valid range is 1—2147483647. example: Avaya Secure Router 3120 Command Reference Guide December 2010...
SR/configure/firewall corp/policy 4 out > no bandwidth 4 applies to: All modules policy enable Disables or enables an existing policy of a specific map based on the requirement. By default the policy is enabled. syntax: [no] enable Avaya Secure Router 3120 Command Reference Guide December 2010...
To apply the ftp-filter to the policy myftp, enter: SR/configure/firewall corp/policy 4 out> apply-object ftp-filter myftp applies to: All modules clear firewall statistics Clears the firewall statistics. syntax: clear firewall statistics example: To clear the firewall statistics, enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
To show debug details for the firewall, enter: SR/configure> show debug firewall applies to: All modules show firewall connections View the connection database. syntax: show firewall connections map-name [ summary ] [ address ] [ port ] [protocol] Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays the configured DoS-protect attack check settings. syntax: show firewall dos-protect example: :To see the DoS protection configuration, enter: Router > show firewall dos-protect DOS attack check Status ---------------- ------ syn flooding attack check enabled Avaya Secure Router 3120 Command Reference Guide December 2010...
To view all the interfaces that are configured for security in the map corp, enter: Router > show firewall interface corp Interface Map Name --------- -------- ethernet1 corp SR> applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
:To show current logging thresholds, enter: SR> show firewall logging SR> applies to: All modules show firewall max-connection-limit Displays the maximum number of connections originating from a given map. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays NAT (Network Address Translation) details. syntax: show firewall nat-translations map-name[ address ] [ port ][protocol] parameter definition map-name For a specific map - the name of that map. To name all maps, specify all. Avaya Secure Router 3120 Command Reference Guide December 2010...
For global - the name of the keyword for global objects. For map - the name of an object. object-name The name of the object. example: :To view all the configured ftp-filter objects for the map corp, enter: Avaya Secure Router 3120 Command Reference Guide December 2010...
To view all the corp map firewall policies in brief mode, enter: SR> show firewall policy corp To view all the corp map firewall policies in detail mode, enter: SR> show firewall policy corp detail applies to: All modules Avaya Secure Router 3120 Command Reference Guide December 2010...
To see stealth-mode details, enter: SR> show firewall stealth-mode Map Name Stealth-mode -------- ------------ internet disable corp disable SR> applies to: All modules show firewall timeout View the timeout values for protocols and services. syntax: Avaya Secure Router 3120 Command Reference Guide December 2010...
Displays the keywords configured for blocking in the URLs. syntax: show firewall url-key-filter example: To see key names for URL filtering, enter: SR> show firewall url-key-filter URL Key filtering enabled URL Keys ------- games movies SR> Avaya Secure Router 3120 Command Reference Guide December 2010...
This command configures the VRRP authentication information. Once configured, all outgoing VRRP packets will have this authentication information and all packets received will be authenticated using this information. Avaya Secure Router 3120 Command Reference Guide December 2010...
Description string describing group Enter a string up to 80 characters within quotation marks. syntax: description < "desc_string" > example: SR/configure/interface/ethernet 0/vrrp 10> description "virtual router for wan" Avaya Secure Router 3120 Command Reference Guide December 2010...
All systems. configure interface ethernet vrrp learn_adv_internal This command configures the backup router to learn the advertisement interval from the master. syntax: learn_adv_interval example: SR/configure/interface/ethernet 0/vrrp 10> learn_adv_interval Avaya Secure Router 3120 Command Reference Guide December 2010...
Receive Remote Alarm Indication. The far end system has detected a loss of T3 signal or Loss of Frame, and has sent a Yellow Alarm signal to the Avaya Secure Router 3120. RFEBE Receive Far End Block Errors. System has detected block errors in the incoming T3 signal.
Page 996
Loss of Frame, causing it to send a Yellow Alarm signal to the far end). This Yellow Alarm code is the same as the RRAI code described above. Avaya Secure Router 3120 Command Reference Guide December 2010...
Type Description Coding Violations (excessive zeros or AMI bipolar violations). For a B8ZS-coded T1 signal, a CV is a bipolar violation that is not part of a valid zero-substitution code. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 998
Loss of Frame Count (number of times a LOF is detected). The alarm declaration and clearing times are defined in AT&T TR-54016. Controlled Slip Seconds. Number of seconds in which the system replicated or deleted one or more T1 frames of data. Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 999
Severely Errored Framing Seconds. A SEFS is a second with one or more Out of Frame defects or a detected incoming AIS. This item is not incremented during unavailable seconds. Unavailable Seconds (declared upon occurrence of 10 consecutive SESs). Avaya Secure Router 3120 Command Reference Guide December 2010...
Page 1000
Bursty Errored Seconds (number of 1-second intervals with more than 1 but less than 320 PCVs, no SEF events, and no AIS signal detection). This count is not advanced during a UAS state. 1000 Avaya Secure Router 3120 Command Reference Guide December 2010...