Page 1 ___________________ SCALANCE S615 Preface ___________________ Description ___________________ SIMATIC NET Configuration ___________________ Functions specific to SCALANCE Industrial Ethernet Security SCALANCE S615 ___________________ System time Command Line Interface ___________________ Network structures Configuration Manual ___________________ Network protocols ___________________ Load control ___________________ Layer 3 functions...
Page 2: Legal Information
Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems.
Page 3: Preface
Based on examples, this document explains the configuration of the SCALANCE S 615 device. ● Operating Instructions SINEMA RC Server You will find this document on the Internet pages of Siemens Industry Online Support. It contains information on the installation, configuration and operation of the application SINEMA Remote Connect Server.
Page 4 Siemens recommends strongly that you regularly check for product updates. For the secure operation of Siemens products and solutions, it is necessary to take suitable preventive action (e.g. cell protection concept) and integrate each component into a holistic, state-of-the-art industrial security concept.
Page 5 Preface Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device. License conditions Note Open source software Read the license conditions for open source software carefully before using the product.
Page 6 Preface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 7: Table Of Contents
2.1.1.10 show ip interface ........................44 2.1.1.11 show versions ......................... 44 2.1.2 clear counters ......................... 45 2.1.3 configure terminal ........................46 2.1.4 clear line vty ..........................47 2.1.5 disable ............................. 48 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 8 Configuration Save & Restore ....................82 2.4.1 show running-config ....................... 82 2.4.2 write startup-config ......................... 84 2.4.3 Commands in the global configuration mode ................ 84 2.4.3.1 auto-save ..........................85 2.4.3.2 no auto-save .......................... 86 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 9 ......................... 113 3.5.4.4 device id ..........................114 3.5.4.5 device pw ..........................115 3.5.4.6 port ............................116 3.5.4.7 proxy ............................. 117 3.5.4.8 no proxy ..........................118 3.5.4.9 shutdown ..........................119 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 10 5.1.2.4 map protocol ........................148 5.1.2.5 no map protocol ........................149 5.1.2.6 no protocol-vlan........................150 5.1.2.7 protocol-vlan ......................... 151 5.1.2.8 subnet-vlan ........................... 151 5.1.2.9 no subnet-vlan........................152 5.1.2.10 vlan ............................153 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 11 DHCP client .......................... 187 6.3.1 show ip dhcp client ........................ 187 6.3.2 renew dhcp ........................... 187 6.3.3 Commands in the global configuration mode ............... 188 6.3.3.1 ip dhcp config-file-request ..................... 189 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 12 Commands in the DDNS Client configuration mode ............217 6.5.5.1 service ..........................217 6.5.5.2 no service ..........................218 6.5.5.3 userhost ..........................219 6.5.5.4 username ..........................220 6.5.5.5 password ..........................220 SNMP ........................... 222 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 13 Proxy server .......................... 256 6.9.1 show proxyserver table ......................256 6.9.2 Commands in the global configuration mode ............... 256 6.9.2.1 proxyserver ........................... 256 6.9.3 Commands in the PROXYSERVER configuration mode ............. 257 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 14 8.1.1.2 show firewallnat napt ......................286 8.1.1.3 show firewallnat netmap-map ....................286 8.1.1.4 show firewallnat src-nat ....................... 287 8.1.2 Commands in the global configuration mode ..............287 8.1.2.1 firewallnat ..........................287 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 15 ........................... 323 9.2.4.11 ipv4rule set action ......................... 324 9.2.4.12 ipv4rule set dstip ........................325 9.2.4.13 ipv4rule set from ........................326 9.2.4.14 ipv4rule set log ........................327 9.2.4.15 ipv4rule set prior ........................328 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 16 ......................364 9.3.3.8 no remote-end all ......................... 364 9.3.3.9 no shutdown ......................... 365 9.3.3.10 shutdown ..........................366 9.3.4 Commands in the IPSEC REMOTE END configuration mode ..........366 9.3.4.1 addr ............................367 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 17 ........................402 9.3.8.8 lifetime ........................... 403 9.3.8.9 lifebyte ........................... 404 9.3.8.10 proto ............................405 9.3.8.11 port ............................406 Certificates ..........................407 9.4.1 Commands in the global configuration mode ............... 407 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 18 Syslog client ......................... 433 10.2.1 show events syslogserver ....................433 10.2.2 Commands in the Events configuration mode ..............433 10.2.2.1 syslogserver ......................... 434 10.2.2.2 no syslogserver ........................435 Index ..............................437 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 19: Description
Apart from a few exceptions (help, exit), commands can only be called up in the mode to which they are assigned. This grouping allows different levels of access rights for each individual group of commands. The following graphic is an overview of the available modes. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 20 To change from the User EXEC Mode to the Privileged EXEC mode, enter the enable command. When the command executes, you will be prompted to enter the password for the "admin" user. You are logged out with the command. exit SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 21 From the Global configuration mode, you can change to other configuration modes for special tasks. These are either general configuration modes (for example line configuration, interface configuration) or protocol-specific configuration modes (FTP, NTP). SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 22: Working With The Command Line Interface (Cli)
All the configuration settings for the device can be made using the Command Line Interface (CLI). The CLI therefore provides the same options as Web Based Management (WBM). You should read the detailed explanations of the parameters in the configuration manual "SCALANCE S615 Web Based Management". The CLI allows remote configuration over Telnet. Note...
Page 23: The Cli Command Prompt
Make sure, however, that names used by the operating system or other programs are correctly written. Blank To use blanks in a text, enter the text in quotes, for example "H e l l o" SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 24: Symbols Of The Cli Commands
If you use the keyword, you need to specify exactly one of the values "A", "B" or "C". Keyword [A] [B] [C] After the keyword, enter no or several of the values "A", "B" or "C". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 25: Interface Identifiers And Addresses
To be able to use a VLAN, create it with the command. vlan Configuring an interface in the Interface configuration mode To configure the interface use the command in the global configuration mode. interface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 26: Address Types, Address Ranges And Address Masks
1 bits. The mask of the decimal representation 255.255.0.0 is then written as /16. The syntax is then for example: <ipaddress> / 16 Note that there must be a space before and after the "/". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 27: Ipv4 Address
255.255.0.0 D = 1111 1111.1111 1111.0000 0000.0000 0000 B 255.255.128.0 D = 1111 1111.1111 1111.1000 0000.0000 0000 B 255.254.0.0 D = 1111 1111.1111 1110.0000 0000.0000.0000 B Incorrect value: 255.255.1.0 D = 1111 1111.1111 1111.0000 0001.0000 0000 B SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 28 4th decimal number. In the example, however, the 3rd position is different. You must, therefore, change one of the following in the example: The subnet mask to: 255.255.0.0 or the IPv4 address to: 141.30.128.1 or the gateway address to: 141.30.0.1 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 29: General Cli Commands
To do this, you replace with the command from the Privileged EXEC mode that [command ] you want to execute. Example do show cli-console-timeout Result The command from the Privileged EXEC mode will be executed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 30: End
The current mode was exited. You are then at the next higher level. If you are in Privileged EXEC Modus or in User EXEC Modus mode, you will be logged out. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 31: Help Functions And Supported Input
[command] If the command for which you require help consists of several words, enter these words without spaces. Result The syntax of the command is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 32: The Command
-- more -- the display, you can move to the next page with the spacebar. If the display is in pages, you cannot page back. You exit the page display with the key. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 33: Completion Of Command Entries
If the entry is not yet complete, enter further characters. With , you obtain a list of the possible commands. Repeat this if necessary until the command is complete and can execute. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 34: Abbreviated Notation Of Commands
Further notes You display the list of commands last used with the command. This function is show history available in every mode. See also show history (Page 36) SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 35: Working Through A Command Sequence
Call the command without parameters: clear history Result The last commands to be input are deleted. You display a list of the last 14 commands entered with the command. show history SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 36: Show History
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show history Result The list of used commands is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 37: Configuration
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show cli-console-timeout Result The configuration for the timeout is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 38: Show Coordinates
Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show device information SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 39: Show Interfaces
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call up the command with the following parameters: show interfaces [<interface-type><interface-id>] [{description|status}] {vlan<vlan-id(1-4094)>} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 40: Show Im
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show im Result The information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 41: Show Interface Mtu
For information on identifiers of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". If no parameters are specified, the settings for all interfaces are displayed. Result The settings are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 42: Show Interfaces
Description This command shows the current content of the neighborhood table. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 43: Show Lldp Status
Module no. and port no. of the interface For information on identifiers of interfaces and addresses, refer to the section "Interface identifiers and addresses (Page 25)". Result The information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 44: Show Ip Interface
IP interfaces. Result The configuration of the selected IP interface is displayed. 2.1.1.11 show versions Description This command shows the versions of the hardware and software of the device. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 45: Clear Counters
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call up the command with the following parameters: clear counters [<interface-type><interface-id>] SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 46: Configure Terminal
The command prompt is as follows: cli# Syntax Call the command without parameters: configure terminal Result You are now in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 47: Clear Line Vty
2 ... 9 terminated terminates all connections forceful-clear closes a session that is not reacting Result The console session is closed. Further notes You show the logged-on users with the command. show users SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 48: Disable
With this command, you change to the Privileged EXEC mode. Requirement You are in the User EXEC mode. The command prompt is as follows: cli> Syntax Call the command without parameters: enable SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 49: Logout
This allows you to check whether or not another node is reachable. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 50 , the restart memory factory following defaults apply: Parameter Default value size count time-out Result The messages relating to the response of the called node are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 51: Commands In The Global Configuration Mode
Input box for the height coordinate max. 32 characters To use spaces in the entry, enter the height coordinate in quotes: coordinates height "123 456" Result The height coordinate is created. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 52: Coordinates Latitude
With this command, you enter a longitude coordinate. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: coordinates longitude <longitude> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 53: Interface
Specify a valid interface. interface-id Module no. and port no. of the interface For information on identifiers of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 54: No Interface
Call up the command with the following parameters: no interface{vlan<vlan-id(1-4094)>} The parameters have the following meaning: Parameter Description Values vlan Keyword for a VLAN connection vlan-id Number of the addressed VLAN 1 … 4094 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 55: Cli-Console-Timeout
Range of values / note seconds Time in seconds until automatic logout 60 ... 600 after the last entry Default: 300 Result The time is configured and automatic logout is enabled. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 56: No Cli-Console-Timeout
2.1.9.8 system contact Description With this command, you enter contact information for the system. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 57: System Location
The parameter has the following meaning: Parameter Description Range of values / note string Input box for the location information max. 255 characters Result The location information is created in the system. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 58: System Name
● If you exit the Interface configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the Interface configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 59: Alias
2.1.10.2 no alias Description With this command, you delete the name of the interface. Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 60: Duplex
The parameters have the following meaning: Parameter Description Range of values / note full The Interface will be operated in full Default: full duplex mode. half The Interface will be operated in half duplex mode SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 61: No Duplex
Call the command without parameters: no duplex Result The duplex mode of the Interface is reset to the default value. Further notes You configure the duplex mode of the interface with the command. duplex SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 62: Lldp
The setting is configured. Further notes You disable the sending or receipt of LLDP packets with the command. no lldp You display the status of LLDP with the command. show lldp status SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 63: No Lldp
The setting is configured. Further notes You enable the sending or receipt of LLDP packets with the command. lldp You display the status of LLDP with the command. show lldp status SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 64: Negotiation
With this command, you disable autonegotiation of connection parameters on an interface. Requirement You are in the Interface Configuration mode. The command prompt is as follows: cli(config-if-$$$)# Syntax Call the command without parameters: no negotiation SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 65: Mtu
You can shut down the interface with the command. shutdown complete You display this setting with the command. show interface mtu You display this setting and other information with the command. show interfaces SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 66: Shutdown Complete
Reset button. Further notes You activate the interface with the command. no shutdown You can display the status of this function and other information with the show command. interfaces SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 67: No Shutdown
The Interface is activated. Further notes You activate the interface with the command. shutdown complete You can display the status of this function and other information with the show command. interfaces SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 68: Speed
Call up the command with the following parameters: speed {10|100} The parameters have the following meaning: Parameter Description Transmission speed 10 Mbps Transmission speed 100 Mbps Result The transmission speed of the interface is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 69: Load And Save
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show loadsave files Result The current Load&Save file information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 70: Show Loadsave Tftp
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call up the command with the following parameters: load tftp ipv4 <ipv4-address> [port <tcp port (1-65535)>] file <filename> filetype <filetype> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 71: Save Filetype
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call up the command with the following parameters: save filetype <filetype> tftp ipv4 <ipv4-address> [port <tcp port (1-65535)>] file <filename> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 72: Commands In The Global Configuration Mode
You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. 2.2.4.1 loadsave Description With this command, you change to the LOADSAVE configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 73: Commands In The Loadsave Configuration Mode
Privileged EXEC mode. 2.2.5.1 delete Description With this command, you call up the possible files or delete a specific file. Requirement You are in the LOADSAVE configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 74: Tftp Filename
TFTP server. Requirement You are in the LOADSAVE configuration mode. The command prompt is as follows: cli(config-loadsave)# Syntax Call up the command with the following parameters: tftp filename {showfiles|filetype< filetype >name<filename>} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 75: Tftp Load
The parameters have the following meaning: Parameter Description Range of values / note showfiles Shows the available files filetype Keyword for a file type to be loaded filetype Name of the file type max. 100 characters SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 76: Tftp Save
The file types are displayed or the file is copied. Further notes You configure the name of the file with the command. tftp filename With the " " command, you can display the file types. show loadsave files SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 77: Tftp Server
For information on identifiers of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". Result The settings for the access to the selected TFTP server are configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 78: Password
Keyword for the password password Password Enter the password for the file. Result The password for the file is configured and activated. Further notes You disable the password with the command. no password SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 79: No Password
Name of the file type max. 100 characters Result The password for the file is disabled. Further notes You enable the password for the user certificate with the command. password SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 80: Reset And Defaults
– User names and passwords – Mode of the device ● Device restart with the factory configuration settings. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 81 By resetting to the factory configuration settings, the device loses its configured IP address and is reachable again with the IP address 192.168.1.1 set in the factory. Result The device is restarted with the selected settings. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 82: Configuration Save & Restore
Shell protocol. Shows the configuration settings of the Secure Sockets Layer protocol. Shows the configuration settings of the Internet protocol. snmp Shows the configuration settings of the Simple Network Management protocol. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 83 If you call up the command without parameters, only the active operational settings of all modules and all interfaces that do not match the preset values are displayed. Result The selected configuration settings of the device are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 84: Write Startup-Config
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 85: Auto-Save
You save changes to the configuration in the Trial mode with the write startup-config command. You disable the function with the command. no auto-save You can display the status of this function and other information with the show device command. information SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 86: No Auto-Save
You can display the status of this function and other information with the show device command. information You save changes to the configuration in the Trial mode with the write startupconfig command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 87: Functions Specific To Scalance
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show plug Result The current information of the C-PLUG or KEY-PLUG is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 88: Commands In The Global Configuration Mode
Call the command without parameters: plug Result You are now in the Plug Configuration mode. The command prompt is as follows: cli(config-plug)# Further notes You exit the Plug Configuration mode with the command. exit SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 89: Commands In The Plug Configuration Mode
● You are in the Plug Configuration mode. The command prompt is: cli(config-plug)# Syntax Call the command without parameters: factoryclean Result The device configuration on the C-PLUG or KEY-PLUG is deleted. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 90: Write
● You are in the Plug Configuration mode. The command prompt is: cli(config-plug)# Syntax Call the command without parameter assignment: write Result The current device configuration has been copied to the formatted C-PLUG or KEY-PLUG. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 91: Wbm
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 92: Web-Session-Timeout
The time is configured and automatic logout is enabled. Further notes You disable automatic logoff with the command. no web-session-timeout You display the current timeout setting with the command. show web-session-timeout SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 93: No Web-Session-Timeout
Call the command without parameters: no web-session-timeout Result Automatic logoff is disabled. Further notes You enable automatic logoff with the command. web-session-timeout You display the current timeout setting with the command. show web-session-timeout SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 94: Digital Input/Output
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show digital output Result The current setting of the digital input is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 95: Show Digital Output
Privileged EXEC mode again. 3.3.3.1 digital output close Description This command closes the digital output. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 96: Digital Output Open
The digital output is opened. Further notes You close the digital output with the command. digital output close You can display the setting of the digital output with the command show digital output SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 97: Srs
This section describes commands for the Siemens Remote Service (SRS). To use the platform, additional service contracts are necessary and certain constraints must be kept to. If you are interested in SRS, call your local Siemens contact or visit http://support.automation.siemens.com/WW/view/en/42346681 (http://support.automation.siemens.com/WW/view/en/42346681).
Page 98: Commands In The Global Configuration Mode
Call the command without parameters: Result You are now in the SRS configuration mode. The command prompt is as follows: cli(config-srs)# Further notes You exit the SRS configuration mode with the command. exit SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 99: Commands In The Srs Configuration Mode
Range of values / note time Interval in seconds 60 ... 86400 Result The interval is configured. Further notes You display this setting and other information with the command. show srs overview SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 100: Logon
You create the destination server with the command. logon You disable the destination server with the command. no logon (disable) You display the numbers of the destination servers with the command. logon show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 101: Logon Addr
Enter the negotiated password. server Maximum of 100 characters Enables the transfer of the external IP address. This transfer is made using the secure HTTPS protocol. Disables the transfer of the external IP address. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 102: No Logon
Parameter Description Range of values / note Keyword for the number of the destina- tion server Number corresponding to a specific Enter the required number. destination server. Deletes all destination servers SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 103: Logon Idx Addr
Enter the IPv4 address of the proxy server. DNS host name Enter the DNS host name of the proxy server. Maximum of 50 characters Result The address of the destination server has been changed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 104: Logon Idx Group
The group name is changed. Further notes You display this setting and other information with the command. show srs overview You create a destination server entry with the command. logon addr SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 105: Logon Idx Name
You display this setting and other information with the command. show srs overview You change the password with the command. logon idx pw You display the numbers of the destination servers with the command. logon show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 106: Logon Idx Pw
The password for the access is changed. Further notes You change the user name with the command. logon idx name You display the numbers of the destination servers with the command. logon show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 107: Logon Show-Idx
This command is only available with a KEY-PLUG. Description With this command, you disable the use of SRS. Requirement You are in the SRS configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 108: No Shutdown
The command prompt is as follows: cli(config-srs)# Syntax Call the command without parameter assignment: no shutdown Result The use of SRS is enabled. Further notes You disable use with the command. shutdown SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 109: Sinema Rc
In Privileged EXEC mode, enter the command to change to this mode. configure terminal Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 110: Sinemarc
You exit the SINEMARC configuration mode with the command. exit 3.5.4 Commands in the SINEMARC configuration mode This section describes commands that you can call up in the SINEMARC configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 111: Addr
Enter the DNS host name of the SINEMA RC Server. Maximum of 50 characters Result The IPv4 address of the SINEMA RC Server is configured. Further notes You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 112: Autofwnat
The NAT settings are implemented as configured in the SINEMA RC Server. Further notes You enable the setting with the command. autofwnat You disable the setting with the command. no autofwnat SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 113: No Autofwnat
Result The firewall and NAT rules are disabled. Further notes You enable the setting with the command. autofwnat You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 114: Device Id
Range of values / note number Device ID Enter the device ID. 0 ... 20000 Result The device ID is configured. Further notes You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 115: Device Pw
Range of values / note password Device password Enter the password. Maximum of 256 characters Result The device password is configured. Further notes You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 116: Port
Range of values / note number Port number Specify the port. 1 ... 65535 Result The port is configured. Further notes You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 117: Proxy
You remove the proxy server with the command. no proxy You display the available proxy server names with the command. srv show-names You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 118: No Proxy
Result The proxy server is removed. Further notes You configure the proxy server with the command. proxy You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 119: Shutdown
The connection to the SRC server is terminated. Further notes You enable the connection with the command. no shutdown You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 120: No Shutdown
Call the command without parameter assignment: no shutdown Result The connection is enabled. Further notes You disable the connection with the command. shutdown You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 121: Verification Cacert
Result The CA certificate of the server is configured. Further notes You load certificates with the command. tftp load You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 122: Verification Fingerprint
The fingerprint is configured. Based on the fingerprint, the device checks whether the correct SINEMA RC Server is involved. Further notes You display this setting and other information with the command. show sinemarc SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 123: System Time
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 124: Time
The system time is obtained using the "SIMATIC time protocol" Result The method of obtaining the system time is configured. Further notes You display the settings for the system clock with the command. show time SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 125: Time Set
Year 2000 ... 2035 Result The system time is set. Further notes You display the settings for the system clock with the command. show time SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 126: Ntp Client
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 127: Ntp
● If you exit the NTP configuration mode with the command, you return to the Privileged EXEC mode. 4.2.3.1 ntp server Description With this command, you configure the connection to a server on the NTP client. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 128: No Ntp Server
Description With this command, you delete the connection to a server on the NTP client. Requirement You are in the NTP configuration mode. The command prompt is as follows: cli(config-ntp)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 129: Ntp Time Diff
Number of minutes difference Enter the number of hours and number of minutes with two digits each. Default: No time difference. Result The time difference between the device and the NTP server is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 130 System time 4.2 NTP client SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 131: Sntp Client
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show sntp broadcast-mode status Result The current SNTP broadcast configuration is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 132: Show Sntp Status
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show sntp unicast-mode status Result The current SNTP unicast configuration is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 133: Commands In The Global Configuration Mode
Call the command without parameters: sntp Result You are now in the SNTP configuration mode. The command prompt is as follows: cli(config-sntp)# Further notes You exit the SNTP configuration modewith the command. exit SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 134: Commands In The Sntp Configuration Mode
Enter the time difference as follows: ● with sign ● without spaces ● Hours and minutes both two digits (with leading zero) Default: no time difference Result The time zone of the system time is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 135: Sntp Unicast-Server Ipv4
Further notes You can reset the setting to the default with the command. no sntp unicast-server ipv4 You display this setting and other information with the show sntp unicast–mode status command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 136: No Sntp Unicast-Server Ipv4
The SNTP unicast server is reset to the default value. Further notes You configure the setting with the command. sntp unicast-server ipv4 You display this setting and other information with the show sntp unicast–mode status command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 137: Sntp Client Addressing-Mode
You display the settings for the unicast mode with the show sntp unicast-mode status command. You display the settings for the broadcast mode with the show sntp broadcast-mode status command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 138 System time 4.3 SNTP client SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 139: Network Structures
Range of values / note interface Keyword for a an interface description interface-type Type or speed of the interface Specify a valid interface. interface-id Module no. and port no. of the interface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 140: Show Vlan
Shows a summary of the VLANs If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed. Result The information for the selected VLAN is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 141: Show Vlan Device Info
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show vlan device info Result The global information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 142: Show Vlan Learning Params
1 ... 4094 If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed. Result The settings for the automatic learning of addresses are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 143: Show Vlan Port Config
(Page 25)". If you do not select any parameter from the parameter list, the entries of all available interfaces are displayed. Result The information about the ports is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 144: Show Vlan Protocols-Group
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 145: Base Bridge-Mode
VLAN information is taken into account. Result The device mode is configured. Further notes You display the status of this function and other VLAN information with the show vlan device command. info SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 146: Interface Range
The configuration commands you enter in a mode apply to all interfaces of this area. Further notes With the command, you remove VLANs from this range or break it up. no interface range SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 147: No Interface Range
The VLANs have been removed from the specified interface area. Further notes With the command, you can put several interfaces or VLANs together to be interface range able to configure them together. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 148: Map Protocol
The protocol group is created. Further notes You delete the protocol group with the command. no map protocol You can display the status of this function and other information with the show vlan command. protocols-group SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 149: No Map Protocol
The protocol is removed from all protocol groups. Further notes You create the protocol group with the command. map protocol You can display the status of this function and other information with the show vlan command. protocols-group SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 150: No Protocol-Vlan
The classification is disabled. Further notes You enable the setting with the command. protocol-vlan You can display the status of this function and other information with the show vlan device command. info SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 151: Protocol-Vlan
With this command, you enable the subnet-based VLAN classification on all interfaces. Requirement You are in the Global Configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: subnet-vlan SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 152: No Subnet-Vlan
The classification is disabled. Further notes You enable the setting with the command. subnet-vlan You can display the status of this function and other information with the show vlan device command. info SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 153: Vlan
You are now in the VLAN configuration mode. The command prompt is as follows: cli(config-vlan-$$$)# Further notes You delete the VLAN with the command. no vlan You can display information about the VLAN with the command. show vlan SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 154: No Vlan
● If you exit the Interface configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the Interface configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 155: Map Subnet
The subnet with subnet mask and subnet address is assigned to a VLAN. Further notes You cancel the setting with the command. no map subnet You can display the status of this function and other information with the show subnet-vlan command. mapping SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 156: No Map Subnet
The subnet with subnet mask and subnet address is assigned to a VLAN. Further notes You configure the setting with the command. map subnet You can display the status of this function and other information with the show subnet-vlan command. mapping SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 157: Shutdown Complete
The LED for the port status flashes 3 times cyclically. However no data is sent or received. Further notes You activate the interface with the command. no shutdown You can display the status of this function and other information with the show command. interfaces SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 158: No Shutdown
Result The Interface is activated. Further notes You deactivate the interface with the command. shutdown You can display the status of this function and other information with the show command. interfaces SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 159: Switchport
You activate the interface with the command. no shutdown You configure the interface with the command. no switchport You can display the status of this function and other information with the show ip command. interface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 160: No Switchport
You activate the interface with the command. no shutdown You configure the interface as a switch port with the command. switchport You display the status of this function and other information with the show command. interface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 161: Switchport Pvid
You can reset the setting to the default with the command. no switchport pvid You configure the VLAN ID with the command. switchport access vlan You display the setting and other information with the command. show vlan port config SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 162: No Switchport Pvid
● If you exit the VLAN Configuration mode with the command, you return to the Global exit Configuration mode. ● If you exit the VLAN Configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 163: Ip Address
The command is effective immediately. If you configure the interface via which you access the device, the connection will be lost! Further notes You delete the setting with the command. no ip address SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 164: No Ip Address
If you configure the interface via which you access the device, you can lose the connection! Further notes You assign an IP address with the command. ip address ip address dhcp SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 165: Name
Name that will be assigned to the max. 32 characters VLAN Result The VLAN is assigned a name. Further notes You delete name assignment for a VLAN with the command. no name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 166: No Name
PVID. With outgoing frames, the tag with the VLAN ID is removed. ● Forbidden Ports This interface is not used for communication in a VLAN. The "tagged port" and "untagged port" you specify with this command are used for outgoing data traffic. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 167 (Page 25)". Result The settings are enabled. Further notes You display details of the function with the command. show vlan You reset the settings with the command. no ports SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 168: No Ports
Keyword for the name assignment vlan-name Name of the VLAN max. 32 characters For information on identifiers of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 169: Tia Interface
The TIA interface is enabled exclusively for the specified VLAN. The function was disabled on the other interfaces. Further notes Note that only one VLAN interface can become the TIA interface. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 170 Network structures 5.1 VLAN SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 171: Network Protocols
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show ip dns Result Information on the DNS client is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 172: Show Dcp Forwarding
If the DCP function is enabled, the read and write permissions are displayed. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 173: Show Ip Route
Shows the direct connections. static Shows the static connections. For information on identifiers of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". Result The routing table is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 174: Show Ip Routing
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show ip static route Result The static routes are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 175: Show Ip Telnet
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 176: Dcp Server
You disable the DCP server with the command. no dcp server 6.1.2.2 no dcp server Description With this command, you disable the DCP server. Requirement You are in the Global configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 177: Ip Echo-Reply
Call the command without parameters: ip echo-reply Result "ICMP echo reply messages" are enabled. The network node reacts to ping queries. Further notes You disable the setting with the command. no ip echo-reply SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 178: No Ip Echo-Reply
With this command, you configure a static entry in the IP routing table. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: ip route <prefix> <mask> <next-hop> [<distance(1-255)>] SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 179: No Ip Route
Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no ip route <prefix> <mask> <next-hop> [<distance(1-255)>] SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 180: Ip Routing
This command is available only with layer 3. DHCP must not be enabled on any IP interface. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: ip routing SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 181: No Ip Routing
Call the command without parameters: no ip routing Result IPv4 routing is disabled. Further notes You enable the function with the command. ip routing You display the setting with the command. show ip route SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 182: Telnet-Server
With this command, you disable the Telnet server. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no telnet-server SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 183: Commands In The Interface Configuration Mode
The command prompt is as follows: cli(config-if-vlan$)# or with a router port: cli(config-RPort-if-Int$-$) Syntax Call up the command with the following parameters: ip address <ip-address> {<subnet-mask>|/<prefix-length(0-32)>}[secondary] SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 184: Ip Address Dhcp
You are in the Interface Configuration mode of VLAN. The command prompt is as follows: cli(config-if-vlan-$$$)# Syntax Call the command without parameters: ip address dhcp Result The DHCP assigns the IP address to the VLAN interface. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 185: No Ip Address
If you configure the interface via which you access the device, you can lose the connection! Further notes You configure the setting with the command. ip address You display this setting and other information with the command. show ip interface SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 186: Arp
For information on names of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". If you do not select any parameter from the parameter list, the IP ARP table is displayed. Result The IP ARP table is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 187: Dhcp Client
This command reassigns an IP address to the selected interface via DHCP. Requirement ● The IP address of the selected interface was assigned via DHCP. You are in the Privileged EXEC mode. The command prompt is as follows: cli# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 188: Commands In The Global Configuration Mode
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 189: Ip Dhcp Config-File-Request
Description With this command, you disable the DHCP config file request option. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 190: Ip Dhcp Client Mode
The client registers with the assigned ID client-id Name of the assigned ID max. 32 characters sysname The client registers with the assigned system name Result The registration mode of the DHCP client is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 191: Dhcp Server
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameter assignment: show ip dhcp-server bindings Result The information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 192: Show Ip Dhcp-Server Pools
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 193: Ip Dhcp-Server
The DHCP server is enabled. Further notes You disable the DHCP server with the command. no ip dhcp-server. 6.4.2.2 no ip dhcp-server Description With this command, you disable the DHCP server on the device. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 194: No Ip Dhcp-Server Icmp-Probe
The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: no ip dhcp-server icmp-probe Result The function is disabled. Further notes You enable the function with the command. ip dhcp-server icmp-probe SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 195: Ip Dhcp-Server Icmp-Probe
DHCPPOOL configuration mode. If the ID of the address IPv4 address band does not yet exist, it will be created. You then configure the other settings in the DHCPPOOL configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 196: No Ip Dhcp-Server Pool
6.4.2.6 no ip dhcp-server pool Description With this command, you delete the required IPv4 address band. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 197: Commands In The Dhcppool Configuration Mode
IPv4 address or extend the lease time of the existing IPv4 address. Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 198: Network
IPv4 address band. If this is not the case, the interface does not assign any IPv4 addresses Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 199: Option (Ip Address)
DHCP parameter. The DHCP options 3, 6 and 66 are created automatically when the IPv4 address band is created. Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 200: No Option
6.4.3.4 no option Description With this command, you delete the DHCP option with the specified number. Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 201: Option Value-Hex
Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# Syntax Call up the command with the following parameters: option <option-code> value-hex <dhcp-param> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 202: Pool-Enable
With this command you specify that this IPv4 address band will be used. Requirement You are in the DHCPPOOL configuration mode. The command prompt is as follows: cli(config-dhcp-pool-<ID>)# Syntax Call the command without parameter assignment: pool-enable SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 203: No Pool-Enable
Call the command without parameter assignment: no pool-enable Result The setting is disabled. Further notes You display the setting with the command. show ip dhcp-server pools You enable the setting with the command. pool-enable SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 204: Set-Interface
The interface is assigned. Before the IPv4 address band can be used, it still needs to be activated. Further notes You display the setting with the command. show ip dhcp-server pools You enable the IPv4 address band with the command. pool-enable SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 205: Static-Lease Mac
You display the setting with the command. show ip dhcp dhcp-server bindings You disable the IPv4 address band with the command. no pool-enable You delete the assignment with the command. no static-lease mac SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 206: No Static-Lease
Description Range of values / note mac-address Unicast MAC address Specify a valid MAC address. Result The assignment is deleted. Further notes You configure the assignment with the command. static-lease mac SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 207: Dns
This command shows the configuration of the DNS client. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameters: show dnsclient information Result The information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 208: Show Ddnsclient Information
Privileged EXEC mode again. 6.5.2.2 dnsclient Description With this command, you change to the DNS CLIENT configuration mode. Requirement You are in the Global configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 209: Dnsproxy
Result You are now in the DNS PROXY configuration mode. The command prompt is as follows: cli(config-dnsproxy)# Further notes You exit the DNS PROXY configuration mode with the command. exit SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 210: Ddnsclient
● If you exit the DNS CLIENT configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the DNS CLIENT configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 211: Manual Srv
You delete the DNS server with the command. manual See also Interface identifiers and addresses (Page 25) 6.5.3.2 no manual srv Description With this command, you delete a specific DNS server or all DNS servers. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 212: Server Type
You are in the DNS CLIENT configuration mode. The command prompt is as follows: cli(config-dnsclient)# Syntax Call up the command with the following parameters: server type {all | manual | learned} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 213: Shutdown
The command prompt is as follows: cli(config-dnsclient)# Syntax Call the command without parameter assignment: shutdown Result The DNS client is ended. Further notes You start the DNS client with the command. no shutdown SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 214: No Shutdown
● If you exit the DNS PROXY configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the DNS PROXY configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 215: Cachenxdomain
With this command, you disable the caching of NXDOMAIN responses. Requirement You are in the DNS PROXY configuration mode. The command prompt is as follows: cli(config-dnsproxy)# Syntax Call the command without parameter assignment: no cache nxdomain SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 216: Shutdown
6.5.4.4 no shutdown Description With this command, you enable the proxy of the DNS server. Requirement You are in the DNS PROXY configuration mode. The command prompt is as follows: cli(config-dnsproxy)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 217: Commands In The Ddns Client Configuration Mode
With this command, you enable the dynamic DNS provider. Requirement You are in the DDNS Client configuration mode. The command prompt is as follows: cli(config-ddnsclient)# Syntax Call up the command with the following parameters: service {show-services | <index>} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 218: No Service
The parameters have the following meaning: Parameter Description Range of values show- Lists the available providers. services index Number corresponding to a specific provider. Specify a valid number. Result The specified entry is disabled. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 219: Userhost
Further notes You display this setting and other information with the show ddnsclient information command. You configure the user name with the command. username You configure the password with the command. password SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 220: Username
You configure the password with the command. password 6.5.5.5 password Description With this command, you configure the password with which the device logs on to the dynamic DNS server. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 221 Enter the negotiated password. Result The password is configured. Further notes You display this setting and other information with the show ddnsclient information command. You configure the user name with the command. username SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 222: Snmp
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp Result The status information is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 223: Show Snmp Community
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp engineID Result The SNMP identification number of the device is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 224: Show Snmp Filter
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp group Result The configured SNMP groups are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 225: Show Snmp Group Access
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp inform statistics Result The statistics of the Inform Messages are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 226: Show Snmp Notif
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp targetaddr Result The configured SNMP target addresses are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 227: Show Snmp Targetparam
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp tcp Result The configuration for SNMP via TCP is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 228: Show Snmp User
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show snmp viewtree Result The settings for the SNMP tree views are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 229: Commands In The Global Configuration Mode
The command prompt is as follows: cli(config)# Syntax Call the command without parameters: snmpagent Result The SNMP agent function is enabled. Further notes You disable the SNMP agent function with the command. no snmpagent SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 230: No Snmpagent
With this command, you configure whether all SNMP queries or only SNMPv3 queries are processed. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: snmp agent version{v3only|all} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 231: Snmp Access
Selects the version of the protocol used • • • Selects the authentication method: • auth enables MD5 or SHA as au- thentication method • noauth no authentication • priv enables authentication and encryption SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 232: No Snmp Access
6.6.2.5 no snmp access Description With this command, you delete the access to an SNMP group. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 233: Snmp Community Index
With this command, you configure the details of an SNMP community. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 234: No Snmp Community Index
Description With this command, you delete the details of an SNMP community. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 235: Snmp Filterprofile
The parameters have the following meaning: Parameter Description Range of values profile- Name of the filter profile max. 32 characters name OIDTree Object ID Path information of the MIB tree mask Keyword for the OID mask SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 236: No Snmp Filterprofile
With this command, you delete a filter. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 237: Snmp Group
The parameters have the following meaning: Parameter Description Range of values / note GroupName Name of the group max. 32 characters user Keyword for the user name UserName Name of the user max. 32 characters SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 238: No Snmp Group
With this command, you delete the details of an SNMP group. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no snmp group <GroupName> user <UserName>security-model{v1|v2c|v3} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 239: Snmp Notify
The parameters have the following meaning: Parameter Description Range of values / note NotifyName Name of the SNMP notification max. 32 characters Keyword for a target key TagName Name of the target key max. 32 characters SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 240: No Snmp Notify
With this command, you delete the details of the SNMP notifications. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call up the command with the following parameters: no snmp notify <NotifyName> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 241: Snmp Targetaddr
TargetAddressName Name of the target address max. 32 characters param Keyword for the parameter name ParamName Name of the destination address or max. 32 characters the designation of the parameter name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 242 You display the SNMP target address with the command. show snmp targetaddr You configure the SNMP target parameters with the command. snmp targetparams You display the SNMP target parameters with the command. show snmp targetparam SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 243: No Snmp Targetaddr
6.6.2.16 snmp targetparams Description With this command, you configure the SNMP target parameters. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 244 The settings are retained after a restart Keywords need to be specified. If optional parameters are not specified when configuring, the default values apply. Result The SNMP target parameters are configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 245: No Snmp Targetparams
Result The SNMP target parameters are deleted. Further notes You change the SNMP target parameters with the command. snmp targetparams You display settings of this function with the command. show targetparam SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 246: Snmp V1-V2 Readonly
With this command, you enable write access for SNMPv1 and SNMPv2 PDUs. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no snmp v1-v2 readonly SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 247: Snmp User
Storage type specifies whether the settings remain (volatile): • volatile following a restart: The default settings are used after a restart (non-volatile): • nonvolatile The saved settings are used after a restart SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 248: No Snmp User
Result The details of the SNMP user are deleted. Further notes You change the settings with the command. snmp user You display the configured users with the command. show snmp user SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 249: Snmp View
The settings are lost after a restart (non-volatile): • nonvolatile The settings are retained after a restart (default) If optional parameters are not specified when configuring, the default values apply. Result The SNMP view is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 250: No Snmp View
Path information of the MIB tree Result The SNMP view is deleted. Further notes You configure a view with the command. snmp view You display the configured view trees with the command. show snmp viewtree SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 251: Http Server
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 252: Ip Http
Description With this command, you disable HTTP on the device. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 253 HTTP is disabled on the device. Further notes You can display the setting of this function and other information with the show ip http command. server status You enable HTTP with the command. ip http SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 254: Https Server
Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show ssl server-cert SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 255 Network protocols 6.8 HTTPS server Result The SSL server certificate is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 256: Proxy Server
You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. 6.9.2.1 proxyserver Description With this command, you change to the PROXYSERVER configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 257: Commands In The Proxyserver Configuration Mode
With this command, you create a proxy server entry. You assign a name and configure the parameters. Requirement You are in the PROXYSERVER configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 258 Maximum of 255 characters Keyword for a password string Password Specify the password for access to the proxy server. Maximum of 255 characters Result The proxy server is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 259: No Srv
Result The specified proxy server is deleted. Further notes You create the proxy server with the command. srv name You display the available proxy server names with the command. srv show-names SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 260: Srv Name Addr
The IPv4 address of the proxy server has been changed. Further notes You display the available proxy server names with the command. srv show-names You create the proxy server with the command. srv name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 261: Srv Name Auth
You display the available proxy server names with the command. srv show-names You create the proxy server with the command. srv name 6.9.3.5 srv name port Description With this command, you change the port of the proxy server. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 262: Srv Name Pw
● When selecting the authentication method is used. basic ● The proxy server name has been created. ● You are in the PROXYSERVER configuration mode. The command prompt is as follows: cli(config-proxysrv)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 263: Srv Name Type
● The proxy server name has been created. ● You are in the PROXYSERVER configuration mode. The command prompt is as follows: cli(config-proxysrv)# Syntax Call up the command with the following parameters: srv name <string(128)> type <http|socks> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 264: Srv Name User
● The proxy server name has been created. ● You are in the PROXYSERVER configuration mode. The command prompt is as follows: cli(config-proxysrv)# Syntax Call up the command with the following parameters: srv name <string(128)> user <name(255)> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 265: Srv Show-Names
The command prompt is as follows: cli(config-proxysrv)# Syntax Call the command without parameter assignment: srv show-names Result The proxy server names are listed. Further notes You create a proxy server with the command. srv name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 266: Smtp Client
Syntax Call the command without parameters: show events smtp-server Result The configured SMTP servers are displayed. 6.10.1.2 show events sender email Description This command shows the configured e-mail sender address. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 267: Show Events Smtp-Port
Commands in the Events configuration mode This section describes commands that you can call up in the EVENTS configuration mode. In the Global configuration mode, enter the command to change to this mode. events SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 268: Sender Mail-Address
You reset the e-mail name of the sender with the no sender mail-address You display the setting with the command. show events sender email 6.10.2.2 no sender mail-address Description With this command, you reset the e-mail name of the sender. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 269: Smtp-Server
Note on the range if values ipv4 Keyword for an IP address ucast_addr Value for an IPv4 unicast address Enter a valid IPv4 unicast ad- dress. fqdn-name Keyword for a domain name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 270: No Smtp-Server
Keyword for a domain name FQDN(100) Domain name (Fully Qualified Domain Maximum of 100 characters Name) For information on addresses and interfaces, refer to the section "Addresses and interface names (Page 25)". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 271: Smtp-Port
Default: 25 Result An SMTP port is configured. Further notes You can reset the setting to the default with the command. no smtp-port You display the setting with the command. show smtp-port SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 272: No Smtp-Port
Result The SMTP port is reset to the default value. Further notes You configure the setting with the command. smtp-port You display the setting with the command. show smtp-port SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 273: Send Test Mail
Call the command without parameters: send test mail Result An e-mail according to the currently configured SMTP settings was sent. Further notes You can display the current SMTP settings with the command. show events emailserver SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 274: Ssh Server
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 275: Ssh-Server
Call the command without parameters: ssh-server As default the function is "enabled". Result The SSH protocol is enabled on the device. Further notes You disable the SSH protocol with the command. no ssh-server SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 276: No Ssh-Server
The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no ssh-server Result The SSH protocol is disabled on the device. Further notes You enable the SSH protocol with the command. ssh-server SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 277: Load Control
Enter a valid interface. interface-id Module no. and port no. of the interface For information on names of addresses and interfaces, refer to the section "Interface identifiers and addresses (Page 25)". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 278: Commands In The Interface Configuration Mode
With this command, you configure the flow control function for an interface. Requirement You are in the Interface configuration mode. The command prompt is as follows: cli(config-if-$$$)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 279 Enables the function Disables the function Result The settings for the flow control function are configured. Further notes You can display the status of this function with the command. show flow-control SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 280: Dynamic Mac Aging
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show mac-address-table aging-time Result The time is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 281: Show Mac-Address-Table Aging-Status
MAC address list that was learned dynamically is deleted again after a certain time. Requirement You are in the Global configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 282: No Mac-Address-Table Aging
The command prompt is as follows: cli(config)# Syntax Call the command without parameters: no mac-address-table aging Result The "Aging" function is disabled. Further notes You enable the "Aging" function with the command. mac-address-table aging SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 283: Mac-Address-Table Aging-Time
The value of the aging of a dynamically learned entry is configured. Further notes You can reset the setting to the default with the command. no mac-address-table aging-time You display the setting with the command. show mac-address-table aging-time SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 284 Load control 7.2 Dynamic MAC aging SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 285: Layer 3 Functions
This command shows the interfaces on which IP masquerading is enabled. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show firewallnat masquerading Result The interfaces are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 286: Show Firewallnat Napt
You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show firewallnat netmap-nat Result The configured NETMAP rules are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 287: Show Firewallnat Src-Nat
Privileged EXEC mode again. 8.1.2.1 firewallnat Description With this command, you change to the FIREWALL NAT configuration mode. Requirement You are now in the Global configuration mode. The command prompt is as follows: cli(config)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 288: Commands In The Firewall Nat Configuration Mode
M876-3) usb 0 WAN interface LTE (M876-4) ipsecALL IPsecVPN All IPsecVPN connections ipsec num Specific IPsecVPN connection sinemarcall SINEMA RC Connection to SINEMA RC Server x: available - : not available SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 289: Masquerading
You configure the subnet assignment with the command. map subnet You display the setting with the command. show masquerading 8.1.3.2 no masquerading Description With this command, you disable the rules for IP masquerading on the interface. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 290: Napt Type Ipv4
With this command, you create a NAPT rule. Requirement ● VLAN interface with subnet assignment ● You are in the FIREWALL NAT configuration mode. The command prompt is as follows: cli(config-fwnat)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 291 Enter the destination port: End port 0 ... 65535 • A specific port: • Enter a port e.g. A port range • Specify the start port and end port, e.g. 10 - 20 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 292: No Napt
<vlan> <num(0-4094)> idx <num(1-200)> The parameters have the following meaning: Parameter Description Range of values / note srcint Keyword for the source interface if-type Type or speed of the interface Specify a valid interface. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 293: No Napt All
The command prompt is as follows: cli(config-fwnat)# Syntax Call the command without parameter assignment: no napt all Result All NAPT rules are deleted. Further notes You create a NAPT rule with the command. napt type ipv4 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 294: Napt Show-Idx
With this command, you create the NETMAP rule for the address translation of the destination IP address. Requirement You are in the FIREWALL NAT configuration mode. The command prompt is as follows: cli(config-fwnat)# Syntax Call up the command with the following parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 295: No Netmap
You display the numbers of the NETMAP rules with the command. netmap show-idx You display the NETMAP rule with the command. show firewallnat netmap-nat 8.1.3.8 no netmap Description With this command, you delete a specific NETMAP rule. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 296 You display the numbers of the NETMAP rules with the command. netmap show-idx You delete all NETMAP rules with the command. no netpmap all You create a NETMAP rule with the commands netmap source type ipv4 netmap destination type ipv4 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 297: No Netmap All
With this command, you show the numbers of the configured NETMAP rules. Requirement You are in the FIREWALL NAT configuration mode. The command prompt is as follows: cli(config-fwnat)# Syntax Call the command without parameter assignment: netmap show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 298: Src-Nat Type Ipv4
Keyword for the source IP address. ip_addr IPv4 address Enter a valid IPv4 address. ip_range IPv4 address range Specify a valid IPv4 address range. subnet IPv4 address for the subnet Specify the subnet in CIDR notation. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 299: No Src-Nat
8.1.3.12 no src-nat Description With this command, you delete a specific source NAT rule. Requirement You are in the FIREWALL NAT configuration mode. The command prompt is as follows: cli(config-fwnat)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 300: No Src-Nat All
8.1.3.13 no src-nat all Description With this command, you delete all source NAT rules. Requirement You are in the FIREWALL NAT configuration mode. The command prompt is as follows: cli(config-fwnat)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 301: Src-Nat Show-Idx
You delete a source NAT rule with the command no src-nat. You delete all source NAT rules with the command. no src-nat all You create a source NAT rule with the command. src-nat type ipv4 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 302 Layer 3 functions 8.1 NAT SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 303: Security And Authentication
This command displays the users that logged on via Telnet or SSH. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameters: show users Result The logged in users are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 304: Show User-Accounts
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: whoami Result The user name of the logged in user is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 305: Commands In The Global Configuration Mode
<string> password <passwd> privilege {user | admin} The parameters have the following meaning: Parameter Description Range of values / note string User name Enter a user name. The name must be unique. password Keyword for a password SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 306 If a user name needs to be changed, the user must be deleted and a new user created. Further notes You delete a user with the command. no user-account You show the created users with the command. show user-accounts SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 307: No User-Account
You create a user with the command. user-account You show the created users with the command. show user-accounts 9.1.4.3 username Description With this command, you change the password of the factory set user " ". admin SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 308 Even if you change the password in Trial mode, this change is saved immediately. Further notes You create a user with the command. user-account You delete a user with the command. no user-account You show the created users with the command. show user-accounts SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 309: Firewall
You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show firewall icmp-services ipv4 Result The configured ICMPv4 services are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 310: Show Firewall Information
Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show firewall ip-protocols Result The configured protocols are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 311: Show Firewall Ip-Rules Ipv4
This command shows the predefined IPv4 rules available on the interface. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call up the command with the following parameters: show firewall pre-rules ipv4 {show-ifids|all|<if-id>} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 312: Show Firewall Ip-Services
You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show firewall ip-services Result The configured IP services are displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 313: Commands In The Global Configuration Mode
Further notes You exit the FIREWALL configuration mode with the command. 9.2.4 Commands in the FIREWALL configuration mode This section describes commands that you can call up in the FIREWALL configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 314: Icmp Name
You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: icmp name <string(32)> type <num(0-256)> code <num(0-256)> ver ipv4 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 315: No Icmp
With this command, you delete all ICMP services or a specific ICMP service. Requirement ● The corresponding ICMP service has been created and is not being used anywhere. ● You are in the Firewall configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 316: Icmp Name Set
● You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: icmp name <string(255)> set type <num(0-256)> code <num(0-256)> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 317: Icmp Show-Names
With this command, you display the available ICMP service names. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call the command without parameter assignment: icmp show-names SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 318: Icmp Show-Types-Codes
With this command, you configure the required period for ICMP. If no data exchange takes place, the ICMP connection is terminated automatically when this time has elapsed. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 319: Idle Timeout Udp
Call up the command with the following parameters: idle timeout udp <second(1-4294967295)> The parameter has the following meaning: Parameter Description Range of values / note second Interval in seconds 1 ... 4294967295 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 320: Idle Timeout Tcp
9.2.4.9 ipv4rule Description With this command, you create your own IPv4 rules for the firewall. These IPv4 firewall rules have a higher priority than the predefined IPv4 firewall rules. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 321 "-" end address, e.g.192.168.100.10 - 192.168.100.20. All IP addresses: Specify " 0.0.0.0/0". • action Keyword for the action with in- coming IPv4 packets The data packets can pass through. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 322 You create a service with the following commands: icmp name service name You create a protocol with the command. proto name You change the settings with the commands ipv4rule set... SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 323: No Ipv4 Rule
1 ... 64 Result The corresponding IPv4 firewall rule is deleted. Further notes You display the IPv4 firewall rule with the command. ipv4rule You obtain the numbers with the command. ipv4rule show-rules SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 324: Ipv4Rule Set Action
The action taken with the corresponding IPv4 firewall rule has been changed. Further notes You display this setting and other information with the show firewall ip-rules ipv4 command. You obtain the numbers with the command. ipv4rule show-rules SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 325: Ipv4Rule Set Dstip
The destination of the corresponding IPv4 firewall rule has been changed. Further notes You display this setting and other information with the show firewall ip-rules ipv4 command. You obtain the numbers with the command. ipv4rule show-rules SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 326: Ipv4Rule Set From
The outgoing direction of the corresponding IPv4 firewall rule has been changed. Further notes You display this setting and other information with the show firewall ip-rules ipv4 command. You obtain the numbers with the command. ipv4rule show-rules SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 327: Ipv4Rule Set Log
Entering in the firewall log has been changed. Further notes You display this setting and other information with the show firewall ip-rules ipv4 command. You obtain the numbers with the command. ipv4rule show-rules SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 328: Ipv4Rule Set Prior
You display this setting and other information with the show firewall ip-rules ipv4 command. You obtain the numbers with the command. ipv4rule show-rules 9.2.4.16 ipv4rule set service Description With this command, you change the service or protocol name. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 329: Ipv4Rule Set Srcip
With this command, you change the source. Requirement ● The IPv4 firewall rule has been created. ● You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 330: Ipv4Rule Set To
● The IPv4 firewall rule has been created. ● You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 331: Ipv4Rule Ipsec Connection
With this command, you list the firewall rules for the IPsec connections. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call the command without parameter assignment: ipv4rule ipsec connection show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 332: Ipv4Rule Show-Rules
You display the IPv4 firewall rule with the command. ipv4rule 9.2.4.21 prerule ipv4 show-int Description With this command, you list the available interfaces. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 333: Prerule All Ipv4
Enables the predefined firewall rules. disabled Disables the predefined firewall rules. For information on identifiers of addresses and interfaces, refer to the section "Commands in the FIREWALL configuration mode (Page 313)". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 334: Prerule Dhcp Ipv4
Enables the predefined firewall rule. disabled Disables the predefined firewall rule. For information on identifiers of addresses and interfaces, refer to the section "Commands in the FIREWALL configuration mode". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 335: Prerule Dns Ipv4
Interface index Specify a valid interface index. 0 ... 10 all-int Enables the predefined firewall rule on all inter- faces. enabled Enables the predefined firewall rule. disabled Disables the predefined firewall rule. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 336: Prerule Http Ipv4
Type or speed of the interface Specify a valid interface. Interface index Specify a valid interface index. 0 ... 10 all-int Enables the predefined firewall rule on all inter- faces. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 337: Prerule Https Ipv4
{int <interface-type> <num(0-10)> | all-int} {enabled|disabled} The parameters have the following meaning: Parameter Description Range of values / note Keyword for the interface interface-type Type or speed of the interface Specify a valid interface. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 338: Prerule Ip Ipv4
You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: prerule ip ipv4 {int <interface-type> <num(0-10)> | all-int} {enabled|disabled} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 339: Prerule Ipsec Ipv4
With this command, you enable the predefined firewall rule IPsec on the selected interface. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 340: Prerule Snmp Ipv4
You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: prerule snmp ipv4 {int <interface-type> <num(0-10)> | all-int} {enabled|disabled} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 341: Prerule Ssh Ipv4
Description With this command, you enable the predefined firewall rule SSH on the selected interface. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 342: Prerule Telnet Ipv4
Description With this command, you enable the predefined firewall rule Telnet on the selected interface. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 343: Prerule Tftp Ipv4
Description With this command, you enable the predefined firewall rule TFTP on the selected interface. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 344: Prerule Ping Ipv4
Description With this command, you enable the predefined firewall rule Ping on the selected interface. Requirement You are in the Firewall configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 345: Proto Name
With this command, you configure user-defined protocols. You select a protocol name and assign a protocol number to it. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 346: No Proto
● The corresponding protocol has been created and is not being used anywhere. ● You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# Syntax Call up the command with the following parameters: no proto {name <string(32)> | all}} SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 347: Proto Show-Names
The command prompt is as follows: cli(config-fw)# Syntax Call the command without parameter assignment: proto show-names Result The protocol names are listed. Further notes You create a protocol with the command. proto name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 348: Service Name
Specify the start port and end port, e.g. 10 - 20 Keyword for the destination Applies to all ports. Port Keyword for a port number Port number 0 ... 65535 Specify the required port. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 349: No Service
The parameters have the following meaning: Parameter Description Range of values / note name Keyword for service name string Service name Specify a valid service name. Maximum of 32 characters Deletes all service names SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 350: Service Name Set Prot
Specify a valid service name. Maximum of 32 characters The service is valid only for UDP frames. The service is valid only for TCP frames. Result The protocol of the relevant service has been changed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 351: Service Name Set Dst
Start port 0 ... 65535 number Specify the start port and end port, e.g. End port 10 - 20 Result The destination port of the corresponding service has been changed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 352: Service Name Set Src
Start port 0 ... 65535 number Specify the start port and end port, e.g. End port 10 - 20 Result The source port of the corresponding service has been changed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 353: Service Show-Names
You create a protocol with the command. service cr name 9.2.4.43 shutdown Description With this command, you disable the firewall. Requirement You are in the FIREWALL configuration mode. The command prompt is as follows: cli(config-fw)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 354: No Shutdown
The command prompt is as follows: cli(config-fw)# Syntax Call the command without parameter assignment: no shutdown Result The firewall is enabled. Further notes You disable the firewall with the command. shutdown SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 355: Ipsec Vpn
The command prompt is as follows: cli# Syntax Call the command without parameter assignment: show ipsec conn-authentication Result The settings are displayed. 9.3.1.2 show ipsecvpn connections Description This command shows the configuration of the IPsecVPN connections. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 356: Show Ipsec Conn-Phase1
Call the command without parameter assignment: show ipsec conn-phase1 Result The configurations are displayed. 9.3.1.4 show ipsec conn-phase2 Description This command shows the configuration of phase 2 of the IPsecVPN connections. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 357: Show Ipsecvpn Information
Call the command without parameter assignment: show ipsec information Result The settings are displayed. 9.3.1.6 show ipsec remoteend Description This command shows the configuration of the remote stations (VPN end point). SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 358: Commands In The Global Configuration Mode
With this command, you change to the IPSEC configuration mode. Requirement You are in the Global configuration mode. The command prompt is as follows: cli(config)# Syntax Call the command without parameter assignment: ipsec SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 359: Commands In The Ipsec Configuration Mode
The parameter has the following meaning: Parameter Description Range of values / note name Name of the VPN connection Enter the name for the VPN con- nection. Maximum of 122 characters SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 360: No Connection Name
Name of the VPN connection Enter the name of the VPN con- nection. Result The corresponding VPN connection is deleted. Further notes You display the VPN connection with the command. connection name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 361: No Connection All
CRL (Certificate Revocation List). Requirement You are in the IPSEC configuration mode. The command prompt is as follows: cli(config-ipsec)# Syntax Call up the command with the following parameters: CRL-policy <yes|no|ifuri> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 362: Nat-Keep-Alive
Call up the command with the following parameters: nat-keep-alive <sec(1-10000)> The parameter has the following meaning: Parameter Description Range of values / note Interval Enter the required interval. 1 ... 10000 sec Result The interval is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 363: Remote-End Name
You exit the IPSEC REMOTE END configuration mode with the command. exit You delete a VPN remote station with the command. no remote-end name You delete all VPN remote stations with the command. no remote-end all SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 364: No Remote-End Name
The corresponding VPN remote station is deleted. Further notes You create the VPN remote station with the command. remote-end name 9.3.3.8 no remote-end all Description With this command, you delete all VPN remote stations. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 365: No Shutdown
The command prompt is as follows: cli(config-ipsec)# Syntax Call the command without parameter assignment: no shutdown Result The IPsec method is enabled. Further notes You disable the IPsec method with the shutdown command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 366: Shutdown
● If you exit the IPSEC REMOTE END configuration mode with the command, you exit return to the Global configuration mode. ● If you exit the IPSEC REMOTE END configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 367: Addr
(Page 25)". Result The address is specified. Further notes You configure the mode with the command. conn-mode You display this setting and other information with the command. show ipsec remoteend SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 368: Addr-Mode
Only in Roadwarrior mode stations with any IPv4 address. Result The setting is specified. Further notes You configure the mode with the command. conn-mode You configure the IP address with the command. addr SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 369: Conn-Mode
Further notes You display this setting and other information with the command. show ipsec remoteend 9.3.4.4 subnet Description With this command, you configure the remote subnet of the VPN remote station. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 370: Vir-Ip
IP address. Requirement You are in the IPSEC REMOTE END configuration mode. The command prompt is as follows: cli(config-ipsec-rmend-X)# Syntax Call up the command with the following parameters: vir-ip ipv4 [<subnet>] SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 371: No Vir-Ip
Call the command without parameter assignment: no vir-ip Result The setting is configured. Further notes You display this setting and other information with the command. show ipsec remoteend You enable this setting with the vir-ip command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 372: Commands In The Ipsec Connection Configuration Mode
The command prompt is as follows: cli(config-conn-auth)# Further notes You exit the IPSEC AUTHENTICATION configuration mode with the command. exit 9.3.5.2 k-proto Description With this command, you specify whether IKEv2 or IKEv1 will be used. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 373: Loc-Subnet
With this command, you configure the local subnet. Requirement You are in the IPSEC CONNECTION configuration mode. The command prompt is as follows: cli(config-conn-X)# Syntax Call up the command with the following parameters: loc-subnet <subnet|dns> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 374: Rmend Name
The parameter has the following meaning: Parameter Description Range of values / note name Name of the VPN remote station Enter a valid name. Result The VPN remote station has been configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 375: Operation
The VPN connection is established when nec- essary. Result The VPN remote station has been configured. Further notes You display this setting and other information with the command. show ipsec connections SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 376: Phase
Description With this command, you configure the interval after which the VPN connection will be terminated. If no packets are sent during this time, the VPN connection is automatically terminated. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 377: Vir-Ip
With this command, you specify that during connection establishment a virtual IPv4 address is requested from the VPN remote station. Requirement You are in the IPSEC CONNECTION configuration mode. The command prompt is as follows: cli(onfig-conn-X)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 378: No Vir-Ip
The setting is disabled. Further notes You display this setting and other information with the command. show ipsec connections You enable the requesting of a virtual IPv4 address with the command. vir-ip SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 379: Commands In The Ipsec Authentication Configuration Mode
Keyword for a device certificate string Name of the device certificate Specify a valid device certificate. Result The setting is configured. Further notes You show the loaded certificates with the command. show-idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 380: Auth Psk
Specify a valid key. Result The key is configured. Further notes You display this setting and other information with the show ipsec conn-authentication command. You remove the authentication with the command. no auth SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 381: Auth Remcert
You display this setting and other information with the show ipsec conn-authentication command. You remove the authentication with the command. no auth 9.3.6.4 no auth Description With this command, you delete the authentication method. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 382: Local-Id
If you do not specify the local ID, the local ID is read from the device certificate. If you use PSK as the authentication, the WAN IP address is used as the local ID. Result The local ID is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 383: No Local-Id
Result The local ID is removed. Further notes You display this setting and other information with the show ipsec conn-authentication command. You configure the local ID with the command. local-id SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 384: Rem-Id
You remove the remote ID with the command. no rem-id 9.3.6.8 no rem-id Description With this command, you remove the remote ID. Requirement You are in the IPSEC AUTHENTICATION configuration mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 385: Commands In The Ipsec Phase1 Configuration Mode
9.3.7.1 aggressive Description With this command you specify that the aggressive mode will be used. Requirement You are in the IPSEC PHASE configuration mode. The command prompt is as follows: cli(config-conn-phs1)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 386: No Aggressive
The setting is disabled. The main mode is used. Further notes You display this setting and other information with the command. show ipsec conn-phase1 You enable the aggressive mode with the command. aggressive SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 387: Default-Ciphers
You are in the IPSEC PHASE configuration mode. The command prompt is as follows: cli(config-conn-phsX)# X: 1 (Phase 1) 2 (Phase 2) Syntax Call the command without parameter assignment: default-ciphers Result The default list is used. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 388: No Default-Ciphers
You display this setting and other information with the show ipsec conn-phase1 show ipsec command. conn-phase2 You enable the use of the default list with the command. default-ciphers 9.3.7.5 Description With this command, you enable Dead Peer Detection (DPD). SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 389: No Dpd
With this command, you disable DPD. Requirement You are in the IPSEC PHASE configuration mode. The command prompt is as follows: cli(config-conn-phs1)# Syntax Call the command without parameter assignment: Result DPD is disabled. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 390: Dpd-Period
Enter the period of time in sec- onds. Result The period of time is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase1 You enable DPD with the command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 391: Dpd-Timeout
You display this setting and other information with the command. show ipsec conn-phase1 You enable DPD with the command. 9.3.7.9 ike-auth Description With this command, you configure the method for calculating the checksum. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 392: Ike-Encryption
You display this setting and other information with the command. show ipsec conn-phase1 You disable the use of the default list with the command. no default-ciphers 9.3.7.10 ike-encryption Description With this command, you configure the encryption algorithm. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 393 Advanced Encryption Standard with 256 bits in Galois Coun- ter mode using a 16 byte Integrity Check Value (ICV) x: is supported -: is not supported Result The encryption algorithm is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 394: Ike-Keyderivation
Range of values / note auto Automatic detection dhgroup Diffie-Hellmann group (DH) Specify the required Diffie-Hellmann group (DH). • • • • • • • • Result The Diffie-Hellmann group (DH) is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 395: Ike-Keytries
You display this setting and other information with the command. show ipsec conn-phase1 9.3.7.13 ike-lifetime Description With this command, you configure a period to specify the lifetime of the agreed keys. When the time expires, the key is renegotiated. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 396: Commands In The Ipsec Phase2 Configuration Mode
● If you exit the IPSEC PHASE2 configuration mode with the command, you return to the Privileged EXEC mode. 9.3.8.1 auto-fwrules Description With this command you specify that the firewall rule will be created automatically for the VPN connection. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 397: No Auto-Fwrules
The command prompt is as follows: cli(config-conn-phs2)# Syntax Call the command without parameter assignment: no auto-fwrules Result The firewall rule is not created automatically for the VPN connection. You need to create the firewall rule manually. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 398: Default-Ciphers
Requirement You are in the IPSEC PHASE configuration mode. The command prompt is as follows: cli(config-conn-phsX)# X: 1 (Phase 1) 2 (Phase 2) Syntax Call the command without parameter assignment: default-ciphers SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 399: No Default-Ciphers
You display this setting and other information with the show ipsec conn-phase1 show ipsec command. conn-phase2 You enable the use of the default list with the command. default-ciphers SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 400: Esp-Auth
You display this setting and other information with the command. show ipsec conn-phase2 You disable the use of the default list with the command. no default-ciphers 9.3.8.6 esp-encryption Description With this command, you configure the encryption algorithm. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 401 16 byte Integrity Check Value (ICV) x: is supported -: is not supported Result The encryption algorithm is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase2 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 402: Esp-Keyderivation
Perfect Forward Secrecy (PFS) is disabled dhgroup Diffie-Hellmann group (DH) Specify the required Diffie-Hellmann group (DH). • • • • • • • • Result The Diffie-Hellmann group (DH) is configured. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 403: Lifetime
Range of values / note Period Specify the period of time in minutes. Result The period of time is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase2 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 404: Lifebyte
Range of values / note integer Data limit Enter the data limit in bytes. Result The data limit is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase2 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 405: Proto
The protocol is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase2 You assign a VPN remote station to the VPN connection with the command. rmend name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 406: Port
The port is configured. Further notes You display this setting and other information with the command. show ipsec conn-phase2 You assign a VPN remote station to the VPN connection with the command. rmend name SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 407: Certificates
Call the command without parameters: certification Result You are now in the CERT configuration mode. The command prompt is as follows: cli(config-cert)# Further notes You exit the CERT configuration mode with the command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 408: Commands In The Cert Configuration Mode
● Certificates are loaded. ● You are in the CERT configuration mode. The command prompt is as follows: cli(config-cert)# Syntax Call the command without parameter assignment: show idx Result The list is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 409: Show-Info
Number corresponding to a specific certificate. Enter the required number. 1 ... 100 Result The information on the certificate is displayed. Further notes You display the indexes of the certificate with the command. show idx SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 410: Del
The relevant certificate is deleted. Further notes You load certificates with the command. tftp load You show the available certificates with the command. show-idx You display the use of the certificate with the command. show-info SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 411: Diagnostics
"show" commands in every do [command] configuration mode. To do this, you replace with the "show" command that you want to execute. [command] Example do show cli-console-timeout SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 412: Show Events Config
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show events severity Result The corresponding degree of severity is shown for each type of notification. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 413: Show Events Faults Config
Monitoring of the network connections for a change in the connection status If no parameters are specified, the settings for both error monitoring functions are displayed. Result The current configuration of the selected error monitoring function is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 414: Show Events Faults Status
Syntax Call the command without parameters: show fault counter Result The number of faults is displayed. Further notes You reset the counter for the errors with the command. clear fault counter SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 415: Show Fwlog
With this command, you display the content of the logbook. Requirement You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 416: Show Power-Line-State
You are in the User EXEC mode or in the Privileged EXEC mode. The command prompt is as follows: cli> cli# Syntax Call the command without parameters: show power-line-state Result The status of the power supply is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 417: Show Seclog
Range of values / note info Information warning Warnings critical Critical messages If you use the command without setting parameters, all messages are displayed. Result The content of the security log is displayed. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 418: Clear Fault Counter
Call the command without parameters: clear fault counter Result The counter is set to "0". Further notes You shows the number of faults since the last startup with the command. show fault counter SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 419: Clear Fwlog
Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call the command without parameters: clear logbook Result The content of the logbook is deleted. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 420: Clear Seclog
With this command, you acknowledge (delete) the messages of the "Cold/Warm start" event. Requirement You are in the Privileged EXEC mode. The command prompt is as follows: cli# Syntax Call up the command with the following parameter: fault report ack <fault-state-id> SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 421: No Logging Console
Call the command without parameters: no logging console Result The logging function is disabled on the console. Further notes You enable the setting with the command. logging console As default the function is "disabled". SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 422: Logging Console
Commands relating to other topics that can be called in the Global configuration mode can be found in the relevant sections. You exit the Global configuration mode with the command and are then in the exit Privileged EXEC mode again. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 423: Events
● If you exit the EVENTS configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the EVENTS configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 424: Add Log
: sends the messages as SNMP trap to a configured recipient trap ● : sends the messages as e-mail email Requirement You are in the EVENTS Configuration mode. The command prompt is as follows: cli(config-events)# SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 425: No Client Config
{syslog|trap|email|all} The parameters have the following meaning: Parameter Description syslog Disables the client that sends the messages to the Syslog server trap Disables the client that sends the SNMP traps SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 426: Event Config
● Sending the message to the Syslog server of the system ● Sending an e-mail ● Sending an SNMP trap ● Lighting up of the error LED ● Switching at the digital output SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 427 You display the status of the events and the clients with the command. show events config You delete the settings with the command. no event config With this command, the clients are not enabled. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 428: No Event Config
Message when there is a connection change (OpenVPN, IPsec, SINEMA RC) All messages logtable Client that processes the log entries syslog Client that sends the messages to the log server email Client that sends the e-mails SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 429: Link
Call up the command with the following parameters: link {up|down} The parameters have the following meaning: Parameters Description Range of values Only the establishment of a connection is signaled down Only a break on a connection is signaled SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 430: No Link
The settings for monitoring the physical network connections have been configured. Further notes You can display the current setting with the command. show events faults config You enable the function with the command. link SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 431: Severity
The settings for sending system event messages are configured. The "severity" function is enabled. Further notes You disable the setting with the command. no severity You display the status of this function and other information show events severity SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 432: No Severity
The settings for sending system event messages are configured. Further notes You enable the setting with the command. severity You display the status of this function and other information show events severity SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 433: Syslog Client
● If you exit the EVENTS configuration mode with the command, you return to the exit Global configuration mode. ● If you exit the EVENTS configuration mode with the command, you return to the Privileged EXEC mode. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 434: Syslogserver
The settings for the Syslog server are configured. Further notes You disable the setting with the command. no syslogserver You can display the status of this function and other information with the show events config command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 435: No Syslogserver
The settings for the Syslog server are disabled. Further notes You enable the setting with the command. syslogserver You can display the status of this function and other information with the show events config command. SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 436 Diagnostics 10.2 Syslog client SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 437: Index
400 clear screen, 29 esp-encryption, 400 clear seclog, 420 esp-keyderivation, 402 CLI commands event config, 426 Symbolic representation, 24 no event config, 428 cli-console-timeout, 55 events, 423 no cli-console-timeout, 56 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 438 102 no ip dhcp-server, 193 logon addr, 101 ip dhcp-server icmp-probe, 195 logon idx addr, 103 no ip dhcp-server icmp-probe, 194 logon idx group, 104 logon idx name, 105 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 439 187 restart, 80 rmend name, 374 operation, 375 option, 199 no option, 200 option value-hex, 201 option value-string save filetype, 71 no option, 200, 200 Scope of the manual, 3 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 440 131 show idx, 408 show sntp status, 132 show in, 40 show sntp unicast-mode status, 132 show interface mtu, 41 show srs overview, 97 show interfaces, 39 show ssl server-cert, 254 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 441 246 time, 124 snmp view, 249 time set, 125 no snmp view, 250 timeout, 376 snmpagent, 229 no snmpagent, 230 sntp, 133 sntp client addressing-mode, 137 sntp time diff, 134 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...
Page 442 220, 307 verification cacert, 121 verification fingerprint, 122 vir-ip, 370, 377 no vir-ip, 371, 378 vlan, 153 no vlan, 154 web-session-timeout, 92 no web-session-timeout, 93 whoami, 304 write, 90 write startup-config, 84 SCALANCE S615 Command Line Interface Configuration Manual, 06/2015, C79000-G8976-C406-02...

Siemens SCALANCE S615 Configuration Manual

1 Description

2 Configuration

3 Functions Specific to SCALANCE

4 System Time

5 Network Structures

6 Network Protocols

Quick Links

Related Manuals for Siemens SCALANCE S615

Summary of Contents for Siemens SCALANCE S615