Ruijie RG-WLAN Series Rgos Command Reference
  1. Manuals
  2. Brands
  3. Ruijie Manuals
  4. Wireless Access Point
  5. RG-WLAN Series
  6. Rgos command reference

Ruijie RG-WLAN Series Rgos Command Reference

Hide thumbs Also See for RG-WLAN Series:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
Table Of Contents
658
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual
RG-WLAN Series Access Point
RGOS Command Reference
Release 10.4(1b19)p2

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the RG-WLAN Series and is the answer not in the manual?

Questions and answers

Related Manuals for Ruijie RG-WLAN Series

Summary of Contents for Ruijie RG-WLAN Series

  • Page 1 RG-WLAN Series Access Point RGOS Command Reference Release 10.4(1b19)p2...
  • Page 2 This document is provided “as is”. The contents of this document are subject to change without any notice. Please obtain the latest information through the Ruijie Networks website. Ruijie Networks endeavors to ensure content accuracy and will not shoulder any responsibility for losses and damages caused by content omissions, inaccuracies or errors.
  • Page 3 This manual is intended for the following readers:  Network engineers  Technical salespersons  Network administrators Obtaining Technical Assistance Ruijie Networks website: http://www.ruijienetworks.com/ Online customer services: http://webchat.ruijie.com.cn Customer service center: http://www.ruijie.com.cn/service.aspx Customer services hotline: +86-4008-111-000 BBS: http://support.ruijie.com.cn Customer services email: service@ruijie.com.cn Related Documents Documents...
  • Page 4 Bold: Key words in the command line, which shall be entered exactly as they are displayed, shall be indicated with bolded characters. Italic: Parameters in the command line, which must be replaced with actual values, shall be indicated with italic characters.

  • Page 5: Wlan Basic Configuration Commands

    AP configuration mode Command Mode Usage Guide Example 1: Enter the configuration mode of AP0001 and set the AMPDU software retransmission times to 5. Configuration Ruijie(config)#ap- config AP0001 Examples Ruieji(config-ap)#ampdu-retries 5 radio radio_id Related Command Description Commands Supported by both AC and AP.
  • Page 6 Mode Usage Guide Example 1: Enter the configuration mode of AP0001 and enable the AMPDU RTS protection on the radio 1. Configuration Examples Ruijie(config)# ap- config AP0001 Ruieji(config-ap)# ampdu-rts radio 1 Related Command Description Commands Supported by both AC and AP.
  • Page 7 Command Reference WLAN Basic Configuration Commands way. This function automatically performs the following configurations on the AC or the Fat AP: (1)Vlan Division: On an AC, VLAN 1 is AP’s VLAN, VLAN 2 is STA’s VLAN; On a Fat AP, VLAN 1 is STA’s VLAN.
  • Page 8 Mode Usage Guide Example 1: Enter the configuration mode of AP0001 and set the value of the received package limit per time to 100. Configuration Examples Ruijie(config)# ap- config AP0001 Ruieji(config-ap)# eth-schd 100 Related Command Description Commands Supported by both AC and AP.
  • Page 9 Command Reference WLAN Basic Configuration Commands Usage Guide Example 1: Enter the configuration mode of AP0001 and enable LDPC on radio 1 of the designated Configuration Ruijie(config)# ap- config AP0001 Examples Ruieji(config-ap)# ldpc radio 1 Related Command Description Commands Supported by both AC and AP.

  • Page 10: Dot11 Radio Commands

    # Create a WLAN called WLAN 1 and enter WLAN configuration mode. Configuration Examples Ruijie(config)# dot11 wlan 1 Ruijie(dot11-wlan-config)# # Delete the WLAN. Ruijie(config)# no dot11 wlan 1 Related Command Description Commands Sets a WLAN ID for the Dot11radio interface.
  • Page 11 Defaults WLAN configuration mode Command mode Usage Guide # Enable WLAN1 to display the SSID. Configuration Examples Ruijie(config)# dot11 wlan 1 Ruijie(dot11-wlan-config)# broadcast-ssid # Enable WLAN1 to hide the SSID. Ruijie(config)# dot11 wlan 1 Ruijie(dot11-wlan-config)# no broadcast-ssid Related Command Description...
  • Page 12 A SSID can be associated with multiple WLANs, but a WLAN cannot be associated with multiple Usage Guide SSIDs at the same time. # Set the SSID for WLAN 1 to RUIJIE. Configuration Ruijie(config)# dot11 wlan 1 Examples Ruijie(dot11-wlan-config)# ssid RUIJIE...

  • Page 13: Interface Dot11Radio

    Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# # Enter dot11radio sub-interface configuration mode. Ruijie(config)#interface dot11radio 1/0.1 Ruijie(config-subif)# # Delete the dot11radio sub-interface configuration. Ruijie(config)#no interface dot11radio 1/0.1 Related Command Description Commands Platform Description antenna Use this command to set parameters for transmitting and receiving antennas.

  • Page 14: Beacon Dtim-Period

    Dot11radio interface configuration mode Command mode Usage Guide # Set the transmitting and receiving mask. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# antenna transmit 7 Ruijie(config-if-Dot11radio 1/0)# antenna receive 7 Related Command Description Commands Platform Description beacon dtim-period Use this command to set a DTIM period for beacon frames.

  • Page 15: Beacon Period

    Command Reference Dot11 Radio Commands Usage Guide # Set the DTIM period to 20. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)#beacon dtim-period 20 Related Command Description Commands Platform Description beacon period Use this command to set a beacon period. beacon period milliseconds...
  • Page 16 Defaults Dot11radio interface configuration mode Command mode Usage Guide # Set the radio to operate in channel 11. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)#channel 11 Related Command Description Commands Sets the radio type.
  • Page 17 Command Reference Dot11 Radio Commands Dot11radio interface configuration mode Command mode Usage Guide # Set the RF mode to 2.4 GHz frequency band. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)#radio-type 802.11b Related Command Description Commands Platform Description chan-width Use this command to set the bandwidth of radio channels...

  • Page 18: Country Code

    Dot11radio interface configuration mode Command mode Usage Guide # Set the country code of the radio to USI. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)#country-code USI # Delete the setting of country code. Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)#no country-code Related...

  • Page 19: Rts Threshold

    It is only allowed to configure fragmentation thresholds when 802.11n is forbidden. Usage Guide # Set the fragmentation threshold to 1500 bytes. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# fragment-threshold 1500 Related Command Description Commands Platform Description rts threshold Use this command to set an RTS threshold for a radio.
  • Page 20 Command Reference Dot11 Radio Commands Ruijie(config-if-Dot11radio 1/0)# rts threshold 1500 Related Command Description Commands Platform Description slottime Use this command to set the slot time for a radio. slottime { long | short } Parameter Parameter Description Description Sets the long slot time.

  • Page 21: Short-Preamble

    # Enable short GI in the channel width of 20 MHz. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# short-gi enable chan-width 20 # Disable short GI in the channel width of 20 MHz. Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# no short-gi enable chan-width 20 Related Command Description Commands Platform Description short-preamble Use this command to set a preamble for a radio.
  • Page 22 Specifies the RSSI. The range is from 0 to 100 dBm. rssi-value The default value is 0. Defaults Dot11radio interface configuration mode Command mode Usage Guide # set the RSSI value for wireless access. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# response-rssi 10 Related Command Description Commands Platform Description...

  • Page 23: Power Local

    Dot11radio interface configuration mode Command mode Usage Guide # Set the transmitting power of the radio to 50 percent. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# power local 50 Related Command Description Commands Platform Description retries Use this command to set the retries of long or short frames.
  • Page 24 Command mode Usage Guide # Set the retries of long frames. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# retries long 2 # Restore the default retries of short frames. Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)#no retries short Related Command Description Commands...
  • Page 25 Defaults Dot11radio interface configuration mode Command mode Usage Guide # Set the coverage area of wireless signals. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# coverage-area-control 12 Related Command Description Commands Platform Description mcast_rate Use this command to set multicast rate.
  • Page 26 A multicast rate takes effect only when the current AP frequency band supports this rate. If this rate is Usage Guide not supported, the default rate is used. # Set a multicast rate. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# mcast_rate 24 Related Command Description Commands Platform Description sta-limit Use this command to set the maximum number of wireless clients that can be connected to the AP.
  • Page 27 Command Reference Dot11 Radio Commands Related Command Description Commands Platform Description rate-set Use this command to set a rate set. rate-set { 11a | 11b | 11g mandatory | support | disable speed } rate-set 11n mcs-mandatory | mcs-support index Parameter Parameter Description...

  • Page 28: 11Bsupport Enable

    # Set 54 MHz to support on the 802.11a radio. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)# rate-set 11a support 54 # Set 24 MHz to mandatory on the 802.11g radio. Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# rate-set 11g mandatory 54 # Set MCS 12 to mandatory on the 802.11n radio.

  • Page 29: 11Gsupport Enable

    Defaults Dot11radio interface configuration mode Command mode Usage Guide # Disable the radio to support 802.11g. Configuration Examples Ruijie(config)#interface dot11radio 1/0 Ruijie(config-if-Dot11radio 1/0)# no 11gsupport enable Ruijie(config)#interface vfc 2 Ruijie(config-interface-vfc)#bind mac-address 001d.0928.b62f Related Command Description Commands Platform Description 11nsupport enable Use this command to enable the specified radio to support 802.11n.
  • Page 30 Command Reference Dot11 Radio Commands mode Usage Guide # Enable the radio to support 802.11n. Configuration Ruijie(config)#interface dot11radio 1/0 Examples Ruijie(config-if-Dot11radio 1/0)#11nsupport enable Related Command Description Commands Platform Description wlan-id Use this command to enable WLAN while enabling the radio.

  • Page 31: Show Dot11 Wireless

    Description Specifies the Dot11radio interface number. interface-name Defaults Privileged EXEC mode Command mode Usage Guide Configuration Ruijie#show dot11 wireless 1/0 Examples Related Command Description Commands Platform Description show dot11 associations Use this command to show connections of the wireless network card.

  • Page 32: Show Dot11 Associations All-Client

    Command Reference Dot11 Radio Commands Ruijie#show dot11 associations 0023.9090.2900 1/0 Configuration Examples Related Command Description Commands Platform Description show dot11 associations all-client Use this command to show information of all clients connected to the wireless network card. show dot11 associations all-client interface-name...

  • Page 33: Show Dot11 Channels All

    Dot11radio interface number, including sub-interface number. Defaults Privileged EXEC mode Command mode Usage Guide Ruijie#show dot11 channels active 1/0 Configuration Examples Related Command Description Commands Platform Description show dot11 channels all Use this command to show information of all active channels supported by the wireless network card.
  • Page 34 Command Reference Dot11 Radio Commands Related Command Description Commands Platform Description...

  • Page 35: Wlan-Vlan Mapping Commands

    The VLAN assignment mode set in VLAN group configuration mode prevails over that set in global configuration mode. The following example shows how to configure the 802.1x-based VLAN assignment mode for VLAN group 100 on an AP. Configuration Ruijie# configure terminal Examples Ruijie(config)# vlan-group 100 Ruijie(config-vlan-group)# vlan-assign-mode dot1x Command...

  • Page 36: Default Vlan

    128. None Defaults Configuration Global configuration mode Mode None Usage Guide The following example shows how to create VLAN group 100 on an AP: Ruijie# configure terminal Configuration Ruijie(config)# vlan-group 100 Examples Ruijie(config-vlan-group)# Command Description Related Commands show vlan-group [group-id] Display information about a VLAN group.
  • Page 37 WLAN. The following example shows how to set VLAN 10 to the default VLAN of VLAN group 100 on an AP: Configuration Ruijie# configure terminal Examples Ruijie(config)# vlan-group 100 Ruijie(config-vlan-group)# default-vlan 10...
  • Page 38 Mode None Usage Guide The following example shows how to associate WLAN 1 with VLAN group 100: Ruijie# configure terminal Configuration Examples Ruijie(config)# dot11 wlan 1 Ruijie(dot11-wlan-config)# vlan-group 100 Command Description Related Commands Platform This command is supported by the RGOS10.4 (1T17) or later versions.

  • Page 39: Encapsulation Dot1Q

    The following example shows how to configure encapsulation for VLAN group 100 on the sub-interface Dot11radio 1/0.1 on an AP: Configuration Ruijie# configure terminal Examples Ruijie(config)# interface dot11radio 1/0.1 Ruijie(config-subif)# encapsulation dot1Q group 100 Command Description Related Commands Platform This command is supported by the RGOS10.4 (1T17) or later versions.
  • Page 40 None Defaults Configuration Privileged mode Mode None Usage Guide The following example shows how to display information about VLANs in the VLAN group on an AP: Ruijie# show vlan-group Configuration VLAN-Group ID Default VLAN Assign-Mode VLAN-List Examples ------------- ------------ -----------------...

  • Page 41: Wlan-Wlog Commands

    The following example shows how to enable or disable the WLAN-WLOG function: Configuration Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#wlan diag enable Ruijie(config)#no wlan diag enable Related Command Description Commands This command is supported on ACs and APs in WLANs.
  • Page 42 NUMBER Defaults Privileged EXEC mode Command mode Usage Guide This example shows how to display terminal statistics on an AC: Configuration Examples Ruijie# show wlan diag sta sta_record: c83a.35c6.0c72 TIME IP Address Rssi Link Rate AP MAC SSID RADIO Action...
  • Page 43 Command Reference WLAN-WLOG Commands tx/rxmcs mcs0, mcs1 mcs2, mcs3 mcs4, mcs5 mcs6, mcs7 mcs8, mcs9 mcs10, mcs11 mcs12, mcs13 mcs14, mcs15 ------------- ------------- ------------- ------------- ------------- ------------- ------------- ------------- ------------- txmcspercent : 0 rxmcspercent : 0 tx/rxrate 1, 2 5.5, 11 6, 9 12, 18 24, 36 48, 54 ------------- ------- ------- ------- ------- ------- ------- ------- ------- txratepercent: 16...

  • Page 44: Wlan Location Commands

    Wlocation mode on the fat AP. Usage Guide This example shows how to enable wireless location on the AP. Configuration Examples Ruijie(config-ap)# wlocation enable This example shows how to disable wireless location on the AP. Ruijie(config-ap)# wlocation enable Related Command...

  • Page 45: Wlocation Ae-Port Number

    This example shows how to configure the IP address of the AE server on the specified AP. Configuration Examples Ruijie(config-ap)# wlocation ae-ip 1.1.1.1 This example shows how to restore the IP address of the AE to the default configuration. Ruijie(config-ap)# no wlocation ae-ip...

  • Page 46: Wlocation Compound Enable

    This example shows how to enable the function of transmitting aggregate data of wireless location on Configuration the specified AP. Examples Ruijie(config-ap)# wlocation compound enable This example shows how to disable the function of transmitting aggregate data of wireless location on the specified AP. Ruijie(config-ap)# no wlocation compound enable Related Command Description Commands Platform Description wlocation mu enable Use this command to enable Mobile Unit (MU) wireless location on the specified AP.

  • Page 47: Wlocation Tag Enable

    This example shows how to enable MU wireless location on the specified AP. Configuration Examples Ruijie(config-ap)# wlocation mu enable This example shows how to disable MU wireless location on the specified AP. Ruijie(config-ap)# no wlocation mu enable Related Command Description Commands...

  • Page 48: Wlocation Send-Mu-Time Time

    This example shows how to enable tag wireless location on the specified AP. Configuration Ruijie(config-ap)# wlocation tag enable Examples This example shows how to disable tag wireless location on the specified AP. Ruijie(config-ap)# no wlocation tag enable Related Command Description Commands...

  • Page 49: Wlocation Send-Tag-Time Time

    This example shows how to set frequency to send tag location packets on the specified AP. Configuration Examples Ruijie(config-ap)# wlocation send-tag-time 400 This example shows how to restore frequency of sending tag location packets to the default value. Ruijie(config-ap)# no wlocation send-tag-time...

  • Page 50: Wireless Security Commands

    The following example configures the authentication mode of WLAN1 to RSN. Configuration Ruijie(config)#wlansec 1 Examples Ruijie(wlansec)# security rsn enable The followint example disables the RSN authentication mode of WLAN1. Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn disable Related...

  • Page 51: Security Rsn Akm

    Configuration mode to PSK. Examples Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn akm psk enable The following example disables the PSK authentication for WLAN1 in the RSN authentication mode. Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn akm psk disable The following example configures the authentication method for WLAN1 in the RSN authentication mode to 802.1x authentication.

  • Page 52: Security Rsn Akm Psk Set-Key Ascci

    The following example configures the shared password for WLAN 1 RSN to 12345678. Configuration Examples Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn enable Ruijie(wlansec)# security rsn akm psk enable Ruijie(wlansec)# security rsn akm psk set-key ascci 12345678 Related Command Description Commands Configures the RSN authentication mode.

  • Page 53: Security Rsn Ciphers

    The following example configures the encryption method for WLAN1 in the RSN authentication mode Configuration to AES.  Examples Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn ciphers aes enable The following example disables the AES encryption method for WLAN1 in the RSN authentication mode.  Ruijie (config)#wlansec 1 Ruijie(wlansec)# security wpa ciphers aes disable The following example configures the encryption method for WLAN1 in the RSN authentication mode to TKIP. ...

  • Page 54: Security Static-Wep-Key Authentication

    Command Reference Wireless Security Commands Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn ciphers tkip enable The following example disables the TKIP encryption method for WLAN1 in the RSN authentication mode.  Ruijie (config)#wlansec 1 Ruijie(wlansec)# security rsn ciphers tkip disable Related Command...

  • Page 55: Security Static-Wep-Key Encryption

    Command Reference Wireless Security Commands Ruijie(wlansec)# security static-wep-key authentication share-key Related Command Description Commands Configures the static WEP key, and enable the security static-wep-key encryption static WEP security mode. Platform Description security static-wep-key encryption The command is used to configure the static WEP key for a WLAN and configure the security mode of this WLAN to static WEP.

  • Page 56: Security Wpa

    If the client software does not support a 128-bit WEP Description password, as Ruijie’s devices are configured with 128-bit encryption, the consequence is either the client software cannot be associated with the wireless network or the data channel is unavailable, depending on the authentication mode.

  • Page 57: Security Wpa Akm

    Command Reference Wireless Security Commands Ruijie(wlansec)# security wpa disable Related Command Description Commands security wpa akm { psk | 802.1x } { enable | Configures an authentication method in the disable } WPA authentication mode. security wpa ciphers { aes | tkip } { enable |...

  • Page 58: Security Wpa Akm Psk Set-Key Ascci

    Configuration mode to pre-shared key identity authentication. Examples Ruijie (config)#wlansec 1 Ruijie(wlansec)# security wpa akm psk enable The following example disables the pre-shared key identity authentication for WLAN1 in the WPA authentication mode. Ruijie (config)#wlansec 1 Ruijie(wlansec)# security wpa akm psk disable The following example configures the authentication method for WLAN1 in the WPA authentication mode to 802.1x authentication.

  • Page 59: Security Wpa Ciphers

    Command Reference Wireless Security Commands Ruijie(wlansec)# security wpa enable Ruijie(wlansec)# security wpa akm psk enable Ruijie(wlansec)# security wpa akm psk set-key ascci 12345678 Related Command Description Commands security wpa { enable | disable } Configures the WLAN configuration mode. security wpa ciphers { aes | tkip } { enable |...

  • Page 60: Webauth Prevent-Jitter

    Command Reference Wireless Security Commands to AES. Examples Ruijie (config)#wlansec 1 Ruijie(wlansec)# security wpa ciphers aes enable The following example disables the AES encryption method for WLAN1 in the WPA authentication mode. Ruijie (config)#wlansec 1 Ruijie(wlansec)# security wpa ciphers aes disable The following example configures the encryption method for WLAN1 in the WPA authentication mode to TKIP.

  • Page 61: Show Wlan Security

    Indicates the ID of the WLAN to be checked, ranging from 1 to 512. wlan-id Defaults Privileged mode Command mode Usage Guide The following example displays the security configuration of WLAN1. Configuration Examples Ruijie# show wlan security 1 Related Command Description Commands Platform Description...

  • Page 62: Show Wclient Security

    Command mode Usage Guide The following example displays the security configuration of wireless client 1 with a MAC address of Configuration 0023.cdad.d3d5. Examples Ruijie# show wclient security 0023.cdad.d3d5 Security policy finished :TRUE Security policy type :WPA-802.1X Security cipher mode :CCMP...

  • Page 63: Wids Commands

    The parameter indicates that you disable the IDS attack detection function. The default is no. Defaults WIDS configuration mode. Command mode Usage Guide #Enable the Weak-IV IDS attack detection function. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# attack-detection enable weak-iv Related Command Description Commands Platform Description...

  • Page 64: Countermeasures Ap-Max

    WIDS configuration mode Command mode Usage Guide #Set the maximum number of APs for the countermeasures to 100. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# countermeasures ap-max 100 Related Command Description Commands Platform Description countermeasures enable Use this command to enable the device countermeasures. Use the no form of this command to disable the device countermeasures.

  • Page 65: Countermeasures Mode

    Defaults WIDS configuration mode. Command mode Usage Guide #Enable the device countermeasures. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# countermeasure enable Related Command Description Commands This command is supported on ACs and fat APs. Platform Description countermeasures mode Use this command to configure the device countermeasures mode. Use the no form of this command to restore the default countermeasures mode.

  • Page 66: Countermeasures Rssi-Min

    Command Reference WIDS Commands Usage Guide #Set the device countermeasure mode to rogue. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# countermeasure mode rogue Related Command Description Commands This command is supported on ACs and fat APs. Platform Description countermeasures rssi-min Use this command to configure the lower limit of the signal for the countermeasures.

  • Page 67: Device Aging Duration

    WIDS configuration mode. Command mode Usage Guide #Set the device aging duration to 1200s. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# device aging duration 1200 Related Command Description Commands Platform Description device attack mac-address Use this command to configure a static attack list for device countermeasures. Use the no form of this command to delete a configured static attack address entry.

  • Page 68: Device Attack Max

    This configuration is one of the policies for detecting Rogue devices. Usage Guide #Set the device with the static attack source MAC address of 0000.0000.0001. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# device attack mac-address 0000.0000.0001 Related Command Description Commands Platform This command is supported on ACs and fat APs.

  • Page 69: Device Mode

    Command Reference WIDS Commands Ruijie(config)# wids Examples Ruijie(config-wids)# device attack max 100 Related Command Description Commands Platform Description device mode Use this command to configure the working mode of the AP. Use the no form of this command to restore the default working mode.

  • Page 70: Device Permit Mac-Address

    This configuration is one of the policies for detecting Rogue devices. Usage Guide #Set the device with the permissible source MAC address of 0000.0000.0001. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# device permit mac-address 0000.0000.0001 Related Command Description Commands Platform Description device permit mac-address max Use this command to configure the maximum number of permissible MAC address list members.

  • Page 71: Device Permit Max-Ssid

    WIDS configuration mode Command mode Usage Guide #Set the maximum number of permissible MAC address list members to 100. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# device permit mac-address max 100 Related Command Description Commands Platform Description device permit max-ssid Use this command to configure the maximum number of permissible SSID list members.

  • Page 72: Device Permit Ssid

    Command Reference WIDS Commands Ruijie(config-wids)# device permit max-ssid 100 Related Command Description Commands Platform Description device permit ssid Use this command to configure a permissible SSID list. Use the no form of this command to delete a configured permissible SSID entry.

  • Page 73: Device Permit Vendor Bssid Max

    MAC addresses with the same vendor number. This configuration is one of the policies for detecting Rogue devices. #Set the MAC address 0011.2200.0001 as a permissible vendor address. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# device permit vendor bssid 0011.2200.0001 Related Command Description Commands Platform...

  • Page 74: Device Statistics Max

    WIDS configuration mode Command mode Usage Guide #Set the maximum number of permissible vendor list members to 100. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# device permit vendor bssid max 100 Related Command Description Commands Platform Description device statistics max Use this command to configure the maximum number of statistic list members.

  • Page 75: Dynamic-Blacklist Enable

    WIDS configuration mode. Command mode Usage Guide #Enable the dynamic blacklist. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# dynamic-blacklist enable Related Command Description Commands Platform Description dynamic-blacklist lifetime Use this command to configure the dynamic blacklist entry lifetime. Use the no form of this command to restore the default dynamic blacklist entry lifetime.

  • Page 76: Dynamic-Blacklist Max

    WIDS configuration mode. Command mode Usage Guide #Set the dynamic blacklist entry lifetime to 600s. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# dynamic-blacklist lifetime 600 Related Command Description Commands Platform Description dynamic-blacklist max Use this command to configure the maximum number of MAC addresses in the dynamic blacklist.
  • Page 77 Command Reference WIDS Commands #Set the maximum number of MAC addresses in the dynamic blacklist to 100. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# dynamic-blacklist max 100 Related Command Description Commands Platform Description flood-detect { auth | deauth | assoc | disassoc } total number number...

  • Page 78: Kickout Threshold

    10 seconds for different MAC addresses is 200. Examples Ruijie-AC(config)# ap-config ap-name Ruijie-AC(config-ap)# flood-detect auth total number 200 time 10 Ruijie-AP(config)# wids Ruijie-AP(config-wids ) flood-detect auth total number 200 time 10 Related Command Description Commands This command is supported on ACs and fat APs.

  • Page 79: Reset Attack-List All

    WIDS configuration mode Command mode Usage Guide #Clear the entries of all attack lists. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# reset attack-list all Related Command Description Commands Platform Description reset detected Use this command to reset the device list detected in a WLAN.

  • Page 80: Reset Dynamic-Blacklist

    WIDS configuration mode. Command mode Usage Guide #Reset the Rogue AP detected in a WLAN. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# reset detected rogue ap Related Command Description Commands Platform Description reset dynamic-blacklist Use this command to reset dynamic blacklist entries.

  • Page 81: Reset Permit-Mac All

    WIDS configuration mode Command mode Usage Guide #Clear the entries of all permissible MAC address lists. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# reset permit-mac all Related Command Description Commands Platform Description reset permit-ssid all Use this command to clear the entries of all permissible SSID lists.

  • Page 82: Reset Permit-Vendor All

    Command Reference WIDS Commands #Clear the entries of all permissible SSID lists. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# reset permit-ssid all Related Command Description Commands Platform Description reset permit-vendor all Use this command to clear the entries of all permissible vendor lists.

  • Page 83: Reset Statistics

    WIDS configuration mode Command mode Usage Guide #Clear the entries of all static blacklists. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# reset static-blacklist all Related Command Description Commands Platform Description reset statistics Use this command to reset the IDS attack detection statistics in a WLAN.

  • Page 84: Reset User-Isolation-Permit-List All

    WIDS configuration mode Command mode Usage Guide #Clear the entries of all permissible lists for user isolation. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# reset user-isolation-permit-list all Related Command Description Commands Platform Description reset whitelist all Use this command to clear the entries of all whitelists.

  • Page 85: Sigmac { Auth | Deauth | Assoc | Diassoc } Number Number Time Time

    WIDS configuration mode Command mode Usage Guide #Clear the entries of all whitelists. Configuration Examples Ruijie(config)# wids Ruijie(config-wids)# reset whitelist all Related Command Description Commands Platform Description sigmac { auth | deauth | assoc | diassoc } number number time time...

  • Page 86: Static-Blacklist Mac-Address

    10 seconds for the same MAC addresses is 200. Examples Ruijie-AC(config)# ap-config ap-name Ruijie-AC(config-ap)# sigmac {auth | deauth | assoc | disassoc} number 200 time 10 Ruijie-AP(config)# wids Ruijie-AP(config-wids) sigmac {auth | deauth | assoc | disassoc} number 200...

  • Page 87: Static-Blacklist Max

    Command Reference WIDS Commands Ruijie(config-wids)# static-blacklist mac-address 0000.0000.0001 Related Command Description Commands Platform Description static-blacklist max Use this command to configure the maximum number of static blacklists. Use the no form of this command to restore the default setting. static-blacklist max number...

  • Page 88: Whitelist Max

    WIDS configuration mode. Command mode Usage Guide #Configure the device with the source MAC address 0000.0000.0001 to the whitelist. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# whitelist mac-address 0000.0000.0001 Related Command Description Commands Platform Description whitelist max Use this command to configure the maximum number of whitelists.
  • Page 89 Command Reference WIDS Commands Usage Guide #Set the maximum number of whitelists to 100. Configuration Ruijie(config)# wids Examples Ruijie(config-wids)# whitelist max 100 Related Command Description Commands Platform Description wids Use this command to enter WIDS configuration mode. wids Parameter Parameter...

  • Page 90: Show Wids Attack-List

    Description Defaults Privileged EXEC mode. Command mode Usage Guide #Show the WIDS attack list. Configuration Examples Ruijie# show wids attack-list Related Command Description Commands Platform Description show wids blacklist Use this command to show the static or dynamic blacklist. show wids blacklist { static | dynamic }...

  • Page 91: Show Wids Detected

    Shows the detected device with the source MAC address H.H.H. mac-address H.H.H Defaults Privileged EXEC mode. Command mode Usage Guide #Show the Rogue AP detected in a WLAN. Configuration Examples Ruijie# show wids detected rogue ap Related Command Description Commands...

  • Page 92: Show Wids Permitted

    Shows the trusted vendor list. vendor Defaults Privileged EXEC mode Command mode Usage Guide #Show the SSID list trusted in WLAN. Configuration Ruijie# show wids permitted ssid Examples Related Command Description Commands Platform Description show wids statistics Use this command to show the detected attack statistics.

  • Page 93: Show Wids User-Isolation Permit-Mac

    Defaults Privileged EXEC mode Command mode Usage Guide #Show the information of the permissible MAC address list for user isolation. Configuration Examples Ruijie# show wids user-isolation permit-mac Related Command Description Commands Platform Description show wids whitelist Use this command to show the whitelist.
  • Page 94 Command Reference WIDS Commands show wids whitelist Parameter Parameter Description Description Defaults Privileged EXEC mode. Command mode Usage Guide #Show the whitelist. Configuration Ruijie# show wids whitelist Examples Related Command Description Commands Platform Description...

  • Page 95: Wds Commands

    Use this command when broadcast packets need to be forwarded from wired ports to wireless ports Usage Guide in Wireless Distribution Systems (WDSs). #Configure to forward packets from wired ports to wireless ports. Configuration Examples Ruijie(config)# data-plane wireless-broadcast enable Related Command Description Commands station-role { access-point | non-root-bridge | Configures AP working modes.
  • Page 96 Use this command to configure the MAC address of the parent node when AP is in the Usage Guide non-root-bridge mode. #Set the MAC address of the parent node as HHHH.HHHH.HHHH Configuration Examples Ruijie(config-if-Dot11radio 1/0) # parent mac-address HHHH.HHHH.HHHH Related Command Description Commands station-role { access-point | non-root-bridge | Configures the AP working mode.
  • Page 97 Command Reference WDS Commands Platform Description...

  • Page 98: Anti-Arp Spoofing Commands

    Up to 16 IP addresses can be configured with this command in an interface. The following example enables anti-ARP spoofing in a wired interface. Configuration Examples Ruijie(config)#interface fastEthernet 0/1 Ruijie(config-if)#anti-arp-spoofing ip 192.168.1.1 The following example enables anti-ARP spoofing in a wireless wlansec interface. Ruijie(config)#wlansec 1 Ruijie(config-wlansec)#anti-arp-spoofing ip 192.168.1.2...
  • Page 99 Command Reference Anti-ARP Spoofing Commands show anti-arp-spoofing Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show anti-arp-spoofing Configuration Examples Anti-arp-spoofing port ------- ------- GigabitEthernet 0/1 192.168.1.1 Wlan 1 192.168.1.2 Related Command Description Commands Enables anti-ARP spoofing.

  • Page 100: Link Checking Commands

    Usage Guide The following example enables link checking. Configuration Examples Ruijie(config)# link-check enable The following example disables link checking. Ruijie(config)# link-check disable Ruijie(config)# no link-check enable Related Command Description Commands Checks whether link checking is enabled. show running-config This command is supported only on wireless AC and fat AP series.

  • Page 101: Schedule Session Period/Time

    The following example applies scheduling session 1 to WLAN 1 on fit AP networking topology. Ruijie(config)# wlan-config 1 Ruijie(config-wlan)# schedule session 1 The following example deletes scheduling session 1 from WLAN 1 on fit AP networking topology. Ruijie(config)# wlan-config 1 Ruijie(config-wlan)# no schedule session 1 Related Command Description Commands...
  • Page 102 The following example creates scheduling session 1 and sets the scheduling period. Configuration Ruijie(config)# schedule session 1 Examples Ruijie(config)# schedule session 1 time-range 1 period mon to fri time 00:00 to 10:00 Ruijie(config)# schedule session 1 time-range 2 period sat to sun time 10:00 to 12:00...

  • Page 103: Schedule Session Radio

    You are going to config AP(AP-001), which is on line now. Ruijie(config-ap)# schedule session 1 radio 2 The following example applies scheduling session 1 to radio 2 of a specific AP group on fit AP networking topology.

  • Page 104: Schedule Session Wlan

    Usage Guide must have been created. Otherwise, the configuration fails. The following example applies scheduling session 1 to WLAN 2 on fat AP networking topology. Configuration Examples Ruijie(config)# schedule session 1 wlan 2 Related Command Description Commands Checks configuration information about the show schedule session scheduling session.

  • Page 105: Show Schedule Session

    Usage Guide The following example displays configuration about scheduling session 1. Configuration Examples Ruijie(config)#show schedule session 1 Schedule session [1]: Schedule period ....... Sun, Wed to Fri Schedule time ......... 0:00 to 9:30 The following example displays configuration about all scheduling sessions.

  • Page 106: Radius Dynamic Authorization Extension Commands

    Defaults Privileged EXEC mode Command mode Usage Guide #Clear statistics about RADIUS dynamic authorization extension: Configuration Ruijie# show radius dynamic-authorization-extension statistics Examples Disconnect-Request Received: Incorrect Disconnect-Request Received: Disconnect-Request Dropped for Queue Full: Disconnect-Request Process Timeout: Disconnect-Request Process Success: Disconnect-ACK Sent:...

  • Page 107: Radius Dynamic-Authorization-Extension Enable

    RADIUS dynamic authorization extension is disabled by default. Defaults Global configuration mode Command mode Check whether RADIUS dynamic authorization extension can be properly enabled or disabled. Usage Guide #Enable RADIUS dynamic authorization extension. Configuration Ruijie(config)# radius dynamic-authorization-extension enable Examples Related Command Description Commands Checks whether RADIUS...

  • Page 108: Radius Dynamic-Authorization-Extension Timeout

    Command mode Ensure that the configured UDP port is not being used. Usage Guide #Set the UDP port numbered 4000: Configuration Examples Ruijie(config)# radius dynamic-authorization-extension port 4000 Related Command Description Commands Shows the UDP port for receiving packets about RADIUS...

  • Page 109: Radius Dynamic-Authorization-Extension Event-Timestamp Interval

    The timeout time needs to be changed based on application requirements. Usage Guide #Set the timeout time for processing packets about RADIUS dynamic authorization extension to 40 Configuration seconds: Examples Ruijie(config)# radius dynamic-authorization-extension timeout 40 Related Command Description Commands Shows the configuration.

  • Page 110: Radius Dynamic-Authorization-Extension Attribute Check

    Global configuration mode Command mode Usage Guide #Enable the function of checking the event-timestamp attribute of packets about RADIUS dynamic Configuration authorization extension: Examples Ruijie(config)# radius dynamic-authorization-extension attribute check event-timestamp Related Command Description Commands Shows the configuration.

  • Page 111: Radius Dynamic-Authorization-Extension Duplicate-Packet Discard

    Duplicated packets about RADIUS dynamic authorization extension are not discarded. Defaults Global configuration mode Command mode Usage Guide #Discard duplicated packets about RADIUS dynamic authorization extension: Configuration Examples Ruijie(config)# radius dynamic-authorization-extension duplicate-packet discard Related Command Description Commands Shows the configuration.

  • Page 112: Show Radius Dynamic-Authorization-Extension Statistics

    RADIUS Dynamic Authorization Extension Commands Defaults Global configuration mode Command mode Usage Guide #Set the number of concurrently processed RADIUS Disconnect-Request packets to 1: Configuration Examples Ruijie(config)# radius dynamic-authorization-extension max-request 1 Related Command Description Commands Shows the configuration. show running-config Platform Description show radius dynamic-authorization-extension statistics Use this command to show statistics about RADIUS dynamic authorization extension.
  • Page 113 Command Reference RADIUS Dynamic Authorization Extension Commands Disconnect-NAK Sent: Disconnect-NAK Sent Failed: Related Command Description Commands Clears statistics about RADIUS dynamic clear radius dynamic-authorization-extension authorization extension. statistics Platform Description...

  • Page 114: Wlan Qos Commands

    The wireless QoS function is enabled by default. Defaults WLAN configuration mode. Command mode Usage Guide Example 1: Disable the wireless QoS function for WLAN 1. Configuration Examples Ruijie(config)# wlan-config 1 Ruijie(wids-config)# no enable-qos Related Command Description Commands Platform Description fair-schedule Use this command to enable the fair scheduling function on the wireless AP.
  • Page 115  When the AP works in fit AP mode, the fair scheduling can be configured only on the AC. Example 1: Disable the fair scheduling on the AP. Configuration Examples Ruijie(config)# ap-config ap-name Ruijie(wids-config)# no fair-schedule Related Command Description Commands This command is supported on ACs and fat APs.

  • Page 116: Wlan-Qos Ap-Based

    Defaults WLAN configuration mode. Command mode Usage Guide Example 1: Configure the average downstream rate of WLAN 1 to 800Kbps and burst rate to Configuration 1600Kbps. Examples Ruijie(config)# wlan-config 1 Ruijie(wids-config)# wlan-based down-streams average-data-rate burst-data-rate 1600 Related Command Description Commands...

  • Page 117: Wlan-Qos Netuser

    No traffic limit is set by default. Defaults Configuration mode. Command mode Usage Guide Example 1: Configure the average downstream rate of AP wlan-ap-001 to 800Kbps and burst rate to Configuration 1600Kbps. Examples Ruijie(config)# wlan-qos ap-based per-user-limit down-streams average-data-rate 800 burst-data-rate 1600 Related Command Description Commands...

  • Page 118: Wlan-Qos Wlan-Based

    Usage Guide Example 1: Set the average in-band rate to 800Kbps and burst rate to 1600Kbps for the user Configuration 0000.0000.0001 in WLAN 1. Examples Ruijie(config)# wlan-qos netuser 0000.0000.0001 inbound average-data-rate 800 burst-data-rate 1600 Related Command Description Commands wlan-qos...

  • Page 119: Wmm Edca-Client

    Configuration mode. Command mode Usage Guide Example 1: Configure the average downstream rate of WLAN 1 to 800Kbps and burst rate to Configuration 1600Kbps. Examples Ruijie(config)# wlan-based 1 per-user-limit down-streams average-data-rate 800 burst-data-rate 1600 Related Command Description Commands wlan-qos ap-based...

  • Page 120: Wmm Edca-Radio

    Example 1: Configure the value of aifsn, that is the business type of edca-client voice to 10, cwmin to Configuration 1, cwmax to 5, and txop to 50, and allocate edca-client voice to interface radio 1 on the AP. Examples ruijie(config-ap)#wmm edca-client voice aifsn 10 cwmin 1 cwmax 5 txop 50 radio Related Command Description...

  • Page 121: Show Client Details

    Example 1: Configure the value of aifsn, that is the business type of edca-radio voice to 10, cwmin to Configuration 1, cwmax to 5, and txop to 50, and allocate edca-radio voice to interface radio 1 on the AP. Examples ruijie(config-ap)#wmm edca-client voice aifsn 10 cwmin 1 cwmax 5 txop 50 radio Related Command Description...
  • Page 122 H.H.H MAC address. Defaults Command Privileged EXEC mode. mode Usage Guide Example 1: Display the QoS information of the user with the source MAC address of 0000.0000.0001. Configuration Examples Ruijie# show client details 0000.0000.0001 Related Command Description Commands Platform Description...

  • Page 123: Smart Antenna Commands

    #Enable the SA function of Radio 1 on a specified AP. Configuration Examples Ruijie(config-ap)# smart antenna enable radio 1 #Disable the SA function of Radio 1 on a specified AP. Ruijie(config-ap)# no smart antenna enable radio 1 Related Command Description Commands This command is supported only on wireless AC/AP series products.

  • Page 124: I-Share Antenna Feeder Commands

    AP-Config Configuration Mode Command Mode Usage Guide The following example enables I-share antenna feeder link detection function: Configuration Examples ruijie(config-ap)#antdetect enable Related Command Description Commands This command is supported only in RGOS10.4(1T19) and the laters. This command is supported only Platform on the AP220-E(M) v3.0 and above.

  • Page 125: Show Sntenna Single

    Use this command to display the feeder status. Usage Guide The following example displays the feeder status: Configuration Examples ruijie# Show antenna single ap-name Related Command Description Commands This command is supported only in RGOS10.4(1T19) and the laters. This command is supported only Platform on the AP220-E(M) v3.0 and above.

  • Page 126: Wlan Capture Commands

    In the mirror mode, an AP can only captures and forwards all the packets on a particular channel to a remote device running the analyzer software. Example 1: Configure the AP to capture packets on all channels of radio 1 Configuration Examples Ruijie# configure terminal Ruijie(config)#wlan-cap Ruijie(wlan-cap)#channel all 1 Ruijie(wlan-cap)#exit Related...

  • Page 127: Service Enable

    Only when the WLAN capture service is enabled, can the remote host access and control the fat AP. Usage Guide After you enable the WLAN capture, all configurations in this mode are unmodifiable. Example 1: enable the WLAN capture service. Configuration Examples Ruijie# configure terminal Ruijie(config)#wlan-cap Ruijie(wlan-cap)#service enable Ruijie(wlan-cap)#exit Related Command Description Commands Shows the WLAN capture configuration.

  • Page 128: Rpcap Port

    This command does not have the no form. Usage Guide The forwarding mode must be configured before the WLAN capture service is configured. Example 1: Configure the local forwarding mode for the AP. Configuration Examples Ruijie# configure terminal Ruijie(config)#wlan-cap Ruijie(wlan-cap)#forward local Ruijie(wlan-cap)#exit Related Command Description Commands Enables the WLAN capture.

  • Page 129: Rpcap Login

    The sniffing ports must be configured before the WLAN capture is configured. The designated ports must be idle TCP ports, or failure occurs when binding the WLAN capture to the designated ports. Example 1: Configure monitoring port 3000 Configuration Ruijie# configure terminal Examples Ruijie(config)#wlan-cap Ruijie(wlan-cap)#rpcap port 3000 Ruijie(wlan-cap)#exit...
  • Page 130 Login authentication must be configured before the WLAN capture service is configured. Example 1: Configure both the username and the password as “wlan-capture” Configuration Ruijie# configure terminal Examples Ruijie(config)#wlan-cap Ruijie(wlan-cap)#rpcap login wlan-capture wlan-capture Ruijie(wlan-cap)#exit Related Command Description Commands Enable the WLAN capture service.

  • Page 131: Wlan-Cap Channel

    Example 1: Configure the online AP (1414.4b61.09c7) to capture packets on all channels in the Configuration monitor mode of the radio 1. Examples Ruijie# configure terminal Ruijie(config)#ap-config 1414.4b61.09c7 You are going to config AP(1414.4b61.09c7), which is on line now. Ruijie(config-ap)#wlan-cap channel all 1 Ruijie(config-ap)#exit Related Command Description Commands Enables the WLAN capture service.

  • Page 132: Wlan-Cap Enable

    This command is invalid in ap-config all mode. Example 1: Configure the online AP (1414.4b61.09c7) to capture packets on all channels of radio 1. Configuration Examples Ruijie# configure terminal Ruijie(config)#ap-config 1414.4b61.09c7 You are going to config AP(1414.4b61.09c7), which is on line now. Ruijie(config-ap)#wlan-cap enable 1...
  • Page 133 Command mode Usage Guide Example 1: Show current configuration of the WLAN capture. Configuration Examples Ruijie#show wlan-cap config ========================= Wlan-cap-config ======================= Listen port: 2002 Login info: Anonymous Forward: Central Service enable: No Example 2: Show current state of the WLAN capture.
  • Page 134 Command Reference WLAN Capture Commands 20.0.0.10 54990 Related Command Description Commands This command is supported only on the AC and fat AP. Platform Description...

  • Page 135: Ef-Dhcp Commands

    Defaults through the access point. WLAN configuration mode Command mode Ruijie recommends enabling this function for easy management of the DHCP address pool in WLAN Usage Guide simplification of the DHCP topology. The following example enables this function. Configuration Examples...

  • Page 136: Spectral Analysis Commands

    This example shows how to enable the SA function on the specified AP. Configuration Examples Ruijie(config-ap)# spectral enable This example shows how to disable the SA function on the specified AP. Ruijie(config-ap)# no spectral enable Related Command Description Commands This command is supported on all wireless AC products and several AP products, including Platform AP220-SH v1.0 v1.1, AP320-I, AP330-I, AP110-W, AP220-I v2.0, AP220-E v5.0.

  • Page 137: Spectral Period Num

    This example shows how to configure recognition accuracy of the SA video bridge on the specified Configuration Examples Ruijie(config-ap)# spectral stability vbr 2 This example shows how to restore recognition accuracy of the video bridge to the default value on the specified AP.
  • Page 138 Usage Guide This example shows how to configure the SA scanning cycle of the specified AP. Configuration Ruijie(config-ap)# spectral period 10 Examples This example shows how to restore the scanning cycle of the specified AP to the default value. Ruijie(config-ap)# no spectral speriod...

  • Page 139: Cli Authorization

    The mode of the command represented by the alias is the command mode existing in the current system. In the global configuration mode, you can use the alias ? command to list all the modes under which you can configure alias for commands. Ruijie(config)# alias ? aaa-gs AAA server group mode...
  • Page 140 #In global configuration mode, use def-route to represent the default route setting of ip route 0.0.0.0 Configuration 0.0.0.0 192.168.1.1: Examples Ruijie# configure terminal Ruijie(config)# alias config def-route ip route 0.0.0.0 0.0.0.0 192.168.1.1 Ruijie(config)#def-route? *def-route="ip route 0.0.0.0 0.0.0.0 192.168.1.1" Ruijie(config)# end Ruijie# show aliases config...
  • Page 141 KeyChain-key configuration mode #Set the password of CLI level 1 as test and attribute the reload rights to reset the device: Configuration Ruijie(config)#enable secret level 1 0 test Examples Ruijie(config)#privilege exec level 1 reload After the above setting, you can access the CLI window as level-1 user to use the reload command: Ruijie>reload ?

  • Page 142: Show Aliases

    #You can use the key word all to attribute all sub-commands of reload to level-1 users: Ruijie(config)# privilege exec all level 1 reload #After the above setting, you can access the CLI window as level-1 user to use all sub commands of the reload command: Ruijie>reload ?
  • Page 143 Command Reference CLI Authorization Commands Sets a command alias. alias N/A. Platform Description...

  • Page 144: Line Commands

    Use the show running command to view configuration information under Line. In line vty 0 4, configure access-list for the accepted connections to 10: Configuration Examples Ruijie# configure terminal Ruijie(config)# line vty 0 4 Ruijie(config-line)# access-class 10 in Related Command Description...
  • Page 145 Global configuration mode. Command Mode Access to the specified LINE mode. Usage Guide Enter the LINE mode from LINE VTY 1 to 3: Configuration Examples Ruijie(config)# line vty 1 3 Related Command Description Commands Platform Description line vty This command can be used to increase the number of VTY connections currently available. The number of currently available VTY connections can be decreased by using the no form of this command.

  • Page 146: Transport Input

    Increase the number of available VTY connections to 20. The available VTY connections are Configuration numbered 0 to 19. Examples Ruijie(config)# line vty 19 Decrease the number of available VTY connections to 10. The available VTY connections are numbered 0-9. Ruijie(config)# line vty 10...
  • Page 147 LINE mode. The setting result is the same as that of transport input none. Specify that only the Telnet protocol is allowed to login in line vty 0 4: Configuration Examples Ruijie# configure terminal Ruijie(config)# line vty 0 4 Ruijie(config-line)# transport input telnet Related Command Description Commands...

  • Page 148: Basic Management Commands

    The privilege level that follows the disable command must be lower than the current level. The following example lowers the current privilege level of the device to level 10: Configuration Examples Ruijie# disable 10 Command Description Related Moves from user mode enter to privileged EXEC mode or...

  • Page 149: Enable Secret

    Password encryption type, "0" for no encryption, "7" for simple encryption Parameter (Optional) Ruijie’s private algorithm will be used for password encryption. Description If the password type is 0, the password is in plain text. If the type is 7, the password is encrypted by a Ruijie device.

  • Page 150: Enable Service

    "security" password, an alert is given. The password must be encrypted, with simple encryption for "password" type passwords and security encryption for "security" type passwords. The following example configures the security password as pw10: Configuration Examples Ruijie(config)# enable secret 0 pw10 Related Command Description Sets passwords for different privilege levels. Commands...
  • Page 151 Followed by http, the command enables http service only. Followed by https, the command enables https service only. The following example enables the SSH Server: Configuration Examples Ruijie(Config)# enable service ssh-sesrver Related Command Description Views the service status in the current system.
  • Page 152 Ruijie# execute flash:line_rcms_script.text Examples executing script file line_rcms_script.text ..executing done Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# line tty 1 16 Ruijie(config-line)# transport input all Ruijie(config-line)# no exec Ruijie(config-line)# end Command Description Related...
  • Page 153 This command is used to set the mode of Web logon authentication. Use the no ip http Usage Guide authentication command to restore it to the default setting. The following example sets the mode of Web logon authentication as local: Configuration Ruijie(Config)# ip http authentication local Examples Related Command Description Enables or disables the specified service.

  • Page 154: Ip Telnet Source-Interface

    The following example specifies the IP address of the Loopback1 interface as the source address Configuratio for global Telnet connection. n Examples Ruijie(Config)# ip telnet source-interface Loopback 1 Related Command Description Logs in a Telnet server.
  • Page 155 To access the terminal, enter the preset temporary password. To lock the terminal, run the lockable command in line configuration mode and enable terminal locking in the corresponding line. The following example locks a terminal interface: Ruijie(config-line)# lockable Ruijie(config-line)# end Ruijie# lock Configuration Password: <password>...
  • Page 156 This command is used to lock a terminal interface in the corresponding line. To lock the terminal, run Usage Guide the lock command in EXEC mode. The following example enables terminal locking at the console port and locks the console: Ruijie(config)# line console 0 Ruijie(config-line)# lockable Ruijie(config-line)# end Configuration...

  • Page 157: Login Authentication

    The following example shows how to associate the method list on VTY and perform login authentication on a radius server. Configuration Ruijie(config)# aaa new-model Examples Ruijie(config)# aaa authentication login default radius Ruijie(config)# line vty 0 Ruijie(config-line)# login authentication default Related Command Description Enables the AAA security service.

  • Page 158: Login Local

    The following example shows how to set local user authentication on VTY. Configuration Examples Ruijie(config)# no aaa new-model Ruijie(config)# username test password 0 test Ruijie(config)# line vty 0 Ruijie(config-line)# login local Related Command Description Configures local user information.
  • Page 159 Password encryption type, "0" for no encryption, "7" for simple encryption Parameter (Optional) Ruijie’s private algorithm will be used for password encryption. If Description the password type is 0, the password is in plain text. If the type is 7, the password is encrypted by a Ruijie device.

  • Page 160: Service Password-Encryption

    Basic Management Commands This command is used to configure a authentication password for remote line login. Usage Guide The following example configures the line login password as "red": Configuration Ruijie(config)# line vty 0 Examples Ruijie(config-line)# password red Command Description Related...
  • Page 161 Example 1: The following example sets telnet to 192.168.1.11. The port number is the default, and the source interface is Gi 0/1. The queried VRF routing table is vpn1. Configuration Ruijie# telnet 192.168.1.11 /source-interface gigabitEthernet 0/1 /vrf vpn1 Examples Example 2: The following example sets telnet to 2AAA:BBBB::CCCC...
  • Page 162 Password encryption type, 0 for no encryption, 7 for simple encryption (Optional) Ruijie’s private algorithm will be used for password encryption. If the password type is 0, the password is in plain text. If the type is 7, the password is encrypted by a Ruijie device.

  • Page 163: Banner Login

    This command sets the login banner message, which is displayed at login. The system discards all Usage Guide the characters next to the terminating symbol. The following example shows how to configure the login banner: Configuration Ruijie(config)# banner login $ enter your password $ Examples Related Command Description...

  • Page 164: Clock Set

    Once the device is powered off, the set time becomes invalid. The following example configures the current time as 10:20:30AM March 17 2003. Configuration Ruijie# clock set 10:20:30 Mar 17 2003 Examples Ruijie# show clock clock: 2003-3-17 10:20:32...

  • Page 165: Clock Update-Calendar

    The following example copies the current time and date indicated by the software clock to the Configuration hardware clock: Examples Ruijie# clock update-calendar Related Command Description Commands Platform...
  • Page 166 Parameter Description Device hostname, string, number or hyphen, up to 63 characters. Description name The default hostname is Ruijie. Defaults Command Global configuration mode Mode This hostname is mainly used to identify the device and is taken as the username for the local device Usage Guide during dialup and CHAP authentication.
  • Page 167 If no prompt string is configured, the system name applies and varies with the system name. The Usage Guide prompt command is valid only in EXEC mode. Sets the prompt string to rgnos: Configuration Ruijie(config)# prompt rgnos Examples Ruijie(config)# end RGOS Command...

  • Page 168: Session-Timeout

    This command is used to restart the device at a specified time to facilitate management. Usage Guide The following example restarts the system in 10 minutes: Configuration Ruijie# reload in 10 Examples Router will reload in 600 seconds. Command Description...
  • Page 169 This command is used to set the speed at which the terminal transmits packets. Usage Guide The following example shows how to set the rate of the serial port to 57600 bps: Configuration Ruijie(config)# line console 0 Examples Ruijie(config-line)# speed 57600 Command...
  • Page 170 Example 2: The following example shows how to use the write command on a device that supports Configuration boot config before and after removing a USB drive you have set up to store the boot configuration Examples file: Ruijie(config)# boot config /mnt/usb1/config.text Ruijie# write Building configuration... Write to boot config file: [/mnt/usb1/config.text]...

  • Page 171: Show Clock

    Command Reference Basic Management Commands [OK] Ruijie# usb remove 1 0:1:1:38 Ruijie: USB-5-USB_DISK_REMOVED: USB Device <USB Mass Storage Device> Removed! Ruijie# write Building configuration... Write to boot config file: [/mnt/usb1/config.text] [Failed] The device [usb1] does not exist, write to the default config file [/config.text]? [no] yes...

  • Page 172: Show Line

    Command Privileged EXEC mode Mode This command shows the configuration of a line. Usage Guide The following example shows the configuration of a console port: Ruijie# show line console 0 Type speed Overruns 9600 45927 Line 0, Location: "", Type: "vt100"...

  • Page 173: Show Reload

    Privileged EXEC mode Mode This command is used to show the restart settings of the system. Usage Guide The following example shows the restart settings of the system: Ruijie# show reload Configuration Reload scheduled in 595 seconds. Examples At 2003-12-29 11:37:42 Reload reason: test.

  • Page 174: Show Startup-Config

    Command Reference Basic Management Commands None Usage Guide Configuration None Examples Command Description Related Commands Platform None Description show startup-config To view the device configuration stored in the Non Volatile Random Access Memory (NVRAM), run the show startup-config command in privileged user mode. show startup-config Parameter Description...

  • Page 175: Show Version

    This command is used to view current system information, including the system start time, version, Usage Guide device information, and serial number. The following example shows system information. Ruijie# show version System description : Ruijie Dual Stack Multi-Layer Switch(S3760-24) By Ruijie Network System start time: 1970-6-14 11:49:53 Configuration System uptime: 3:17:1:17 Examples System hardware version: 2.0...

  • Page 176: Enable Service Web-Server

    Use the command no enable service web-server to disable the corresponding HTTP service. The following example enables both the HTTP service and the HTTPS service: Configuration Examples Ruijie#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#enable service web-server Related Command Description Commands Displays the configuration information and show service status of system service.
  • Page 177 Web package. To enable the new web package to take effect, log in to the web interface again. The following example updates the Web package Configuration Ruijie#http web-file update Examples Related Command...
  • Page 178 Usage Guide The following example configures the HTTP port number as 8080: Configuration Ruijie#configure terminal Examples Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#ip http port 8080 Related Command Description Commands Enables the HTTP service function. enable service web-server...

  • Page 179: Webmaster Level

    20 usernames and passwords. The following example configures HTTP authentication information, including the username and Configuration password: Examples Ruijie#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#webmaster level 0 username ruijie password admin Related Command Description Commands...
  • Page 180 Use this command to detect the available upgrade files. The detected upgrade files version is later Usage Guide than that of local files, The following example demonstrates the version of the detected HTTP upgrade file. Configuration Ruijie#http check-version Examples Files need to be updated: web. app name:web version...
  • Page 181 Web package. The following example demonstrates how to manually download the latest Web package form the Configuration designated remote server. Examples Ruijie#http update web Related Command Description Commands Detects the available update package on the http check-vesion HTTP server.
  • Page 182 Command Reference HTTP Service Commands manually. The following example enables the Auto-detect mode: Configuration Ruijie#configure terminal Examples Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#http update mode auto-detect Related Command Description Commands Platform Description http update server Use this command to configure the IP address and the HTTP port number of the HTTP upgrade server.
  • Page 183 The following example configures the IP address and the HTTP port number of the HTTP upgrade Configuration server: Examples Ruijie#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#http update server 10.83.132.1 port 90 Related Command Description Commands Platform...

  • Page 184: Show Web-Server Status

    Privileged EXEC mode Command mode Usage Guide The following example displays the configuration information and status of the web: Configuration Ruijie#show web-server status Examples http server status : enabled http server port : 80 https server status: enabled https server port: 443...

  • Page 185: Network Connectivity Test Tool Commands

    To use the domain name function, configure the domain name server firstly. For the concrete configuration, refer to the DNS Configuration section. The example below shows the ordinary ping. Configuration Examples Ruijie# ping 192.168.5.1 Sending 5, 100-byte ICMP Echoes to 192.168.5.1, timeout is 2 seconds:...
  • Page 186 Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms The example below shows the extension ping. Ruijie# ping 192.168.5.197 length 1500 ntimes 100 timeout 3 Sending 100, 1500-byte ICMP Echoes to 192.168.5.197, timeout is 3 seconds, data ffff source 192.168.4.10: <...
  • Page 187 For the concrete configuration, refer to the DNS Configuration section. The example below shows the ordinary ping ipv6. Configurat Ruijie# ping ipv6 2000::1 Examples Sending 5, 100-byte ICMP Echoes to 2000::1, timeout is 2 seconds: < press Ctrl+C to break >...
  • Page 188 The following is two examples of the application bout traceroute, the one is of the smooth network, Configuration and the other is the network in which some gateways aren’t connected successfully. Examples 1. When the network is connected smoothly: Ruijie# traceroute 61.154.22.36 < press Ctrl+C to break > Tracing the route to 61.154.22.36 192.168.12.1 0 msec...
  • Page 189 The above result clearly shown that the gateways passed by the packets sent to the host with an IP address of 202.108.37.42 (gateways 1~17) and the spent time are displayed, and gateway 4 fails. Ruijie# traceroute www.ietf.org Translating "www.ietf.org"...[OK] < press Ctrl+C to break >...

  • Page 190: Traceroute Ipv6

    Configuration network, and the other is the network in which some gateways aren’t connected successfully. Examples 1. When the network is connected smoothly: Ruijie# traceroute ipv6 3004::1 < press Ctrl+C to break > Tracing the route to 3004::1 3000::1 0 msec 0 msec 0 msec...
  • Page 191 Command Reference Network Connectivity Test Tool Commands Tracing the route to 3004::1 3000::1 0 msec 0 msec 0 msec 3001::1 4 msec 4 msec 4 msec 3002::1 8 msec 8 msec 4 msec * * * 3004::1 4 msec 28 msec 12 msec The above result clearly shown that the gateways passed by the packets sent to the host with an IP address of 3004::1 (gateways 1~5) and the spent time are displayed, and gateway 4 fails.

  • Page 192: Upgrade And Maintenance Commands

    The following is two examples: The first one transmits the backup parameter file (config.bak) from the Configuration local host (ip 192.168.12. 1) to the switch; The second one transmits the file (switch.bin) from the Examples switch to the local switch (ip 192.168.12.1): Ruijie# copy tftp://192.168.12.1/config.bak flash: config.text Ruijie# copy flash: switch.bin tftp://192.168.12.1/...

  • Page 193: Copy Tftp Ipv6

    Description filename File name Defaults Command mode Usage Guide The following example downloads the config.text file to the TFTP server. Configuration Examples Ruijie# copy tftp://[2000::100]/config.text flash:config.text Accessing tftp://[2000::100]/config.text... Success : Transmission success,file length 1496 Related Command Description Commands Platform Description...
  • Page 194 If there is a space in the file name, quotation mask is necessary, for example: copy xmodeam flash: “filename” or copy flash: ”filename” xmodem The following is an example of upload and download: Configuration Ruijie# copy xmodem flash: config.text Examples Ruijie# copy flash: config.text xmodem Success : Transmission success,file length 1496...

  • Page 195: Interface Commands

    DCD carrier interruption period is shorter than the time used for route aggregation, you should set the parameter to a higher value to avoid unnecessary route vibration. The following example shows how to configure the carrier delay of serial interface to 5 seconds: Configuration Ruijie(config)# interface gigabitethernet 1/1 Examples Ruijie(config)# carrier-delay 5 Related...

  • Page 196: Clear Interface

    In the privileged EXEC mode, use the show interfaces command to display the counters or the clear Usage Guide counters command to clear the counters. If the interface is not specified, the counters on all interfaces will be cleared. Configuration Ruijie# clear counters gigabitethernet 1/1 Examples Related Command Description Commands Show the interface information.
  • Page 197 By default, there is no alias. Defaults Interface configuration mode. Command Mode Use show interfaces to display the interface information, including the alias. Usage Guide Ruijie(config)# interface gigabitethernet 1/1 Configuration Examples Ruijie(config-if)# description GBIC-1 Related Command Description Commands show interfaces Show the interface information.

  • Page 198: Interface Fastethernet

    Global configuration mode. Command Mode The no form of the command is not available, and this interface type cannot be deleted. Use show Usage Guide interfaces or show interfaces fastEthernet to display the interface configurations. Configuration Ruijie(config)# interface fastEthernet 1/2 Examples Ruijie(config-if)#...

  • Page 199: Interface Giagbitethernet

    Command Mode The no form of the command is not available, and this interface type cannot be deleted. Use show Usage Guide interfaces or show interfaces gigabitEthernet to display the interface configurations. Ruijie(config)# interface gigabitEthernet 1/2 Configuration Ruijie(config-if)# Examples Related...
  • Page 200 After the port type is changed, the attributes of the new port type take the default values, which can be modified as needed. Ruijie(config)# interface gigabitethernet 1/1 Configuration Examples...
  • Page 201 Command Reference Interface Commands Ruijie(config)# interface gigabitethernet 1/1 Configuration Ruijie(config-if)# mtu 9216 Examples Related Command Description Commands Show the interface information. show interfaces Platform Description shutdown Use the shutdown command in the interface configuration mode to disable an interface. Use the no form of the command to enable a disabled port.

  • Page 202: Snmp Trap Link-Status

    Do not send LinkTrap on the interface: Configuration Examples Ruijie(config)# interface gigabitEthernet 1/1 Ruijie(config-if)# no snmp trap link-status Following configuration shows how to configure the interface to forwarding Link trap: Ruijie(config)# interface gigabitEthernet 1/1 Ruijie(config-if)# snmp trap link-status Related...

  • Page 203: Show Interfaces

    You can set the rate of the interface, but it does not take effect until the interface exits the aggregate port. Use show interfaces to display configuration. The rate varies by interface types. For example, you cannot set the rate of a SFP interface to 10M or 100M. Ruijie(config)# interface gigabitethernet 1/1 Configuration Ruijie(config-if)# speed 100...
  • Page 204 Command Reference Interface Commands The counters on the interface. counters The description of the interface, including the link status. description All the link status of the Layer 2 interface, including the rate and status duplex. Layer 2 interface information. switchport Trunk port, applicable for physical port and aggregate port.
  • Page 205 Command Reference Interface Commands admin duplex mode is AUTO, oper duplex is Unknown admin speed is AUTO, oper speed is Unknown flow receive control admin status is OFF,flow send control admin status is OFF,flow receive control oper status is Unknown,flow send control oper status is Unknown broadcast Storm Control is OFF,multicast Storm Control is OFF,unicast Storm Control is OFF...
  • Page 206 Command Reference Interface Commands Control is OFF Port-type: access Vlan id : 2 5 minutes input rate 0 bits/sec, 0 packets/sec 5 minutes output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer, 0 dropped Received 0 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 abort 0 packets output, 0 bytes, 0 underruns , 0 dropped 0 output errors, 0 collisions, 0 interface resets...
  • Page 207 0 packets output, 0 bytes, 0 underruns , 0 dropped 0 output errors, 0 collisions, 0 interface resets The following example shows the layer-2 information of the Gi0/1. Ruijie# show interfacesgigabitEthernet 0/1 switchport Interface Switchport ModeAccess Native Protected VLAN lists --------- ---------- --------- ------ ------ --------- GigabitEthernet 0/1 enabled Access 11 Disabled ALL The following example shows the MTU information on the interface GigabitEthernet 1/1.

  • Page 208: Mac Address Commands

    Command Reference MAC Address Commands MAC Address Commands address-bind ipv6-mode Use this command to set the IP mode of address binding. Use the no form of this command to delete the configuration. Set the IP mode to the compatible mode. address-bind ipv6-mode compatible Set the IP mode to the loose mode.

  • Page 209: Clear Mac-Address-Table Dynamic

    The following example binds the IP address 192.168.5.2 and the MAC address 00do.f822.33aa and Configuration forward the corresponding packets: Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# address-bind 192.168.5.2 00d0.f822.33aa Ruijie(config)# address-bind ipv6-mode compatible Related Command Description Commands...

  • Page 210: Mac-Address-Table Filtering

    Global configuration mode. Command Mode Use the show mac-address-table aging-time command to display configuration. Usage Guide Use the show mac-address-table dynamic command to display the dynamic MAC address table. Ruijie(config)# mac-address-table aging-time 150 Configuration Examples Related Command Description Display the aging time of the dynamic MAC address.

  • Page 211: Mac-Address-Table Notification

    Global configuration mode. Command Mode The filtered MAC address shall not be a multicast address. Use show mac-address-table filtering to Usage Guide display the filtered MAC addresses. Ruijie(config)# mac-address-table filtering 00d0f8000000 vlan 1 Configuration Examples Related Command Description Clear the MAC address filtering table...

  • Page 212: Mac-Address-Table Static

    When the packet destined to 00d0 f800 073c arrives at VLAN4, it will be forwarded to the specified Configuration port gigabitethernet 1/1: Examples Ruijie(config)# mac-address-table static 00d0.f800.073c vlan 4 interface gigabitethernet 1/1 Related Command Description Show the configuration of the static address table.

  • Page 213: Show Address-Bind

    Use this command to show IP address-MAC address binding. show address-bind Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show address-bind Configuration IP Address Binding MAC Addr Examples ------------ ----------------- 3.3.3.3 00d0.f811.1112 3.3.3.4 00d0.f811.1117 Related...

  • Page 214: Show Mac-Address-Table Address

    Specified MAC address. Description address mac-addr Interface ID interface interface-id VLAN ID vlan vlan-id Defaults Privileged EXEC mode. Command mode Usage Guide Ruijie# show mac-address-table address 00d0.f800.1001 Configuration Vlan MAC Address Type Interface Examples ---------- -------------------- -------- 00d0.f800.1001 STATIC Gi1/1 Related Command Description Show the static MAC address.

  • Page 215: Show Mac-Address-Table Aging-Time

    Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show mac-address-table aging-time Configuration Aging time : 300 Examples Related Command Description Specify the aging time of the dynamic MAC address. Commands mac-address-table aging-time...

  • Page 216: Show Mac-Address-Table Dynamic

    Command Reference MAC Address Commands Mode Usage Guide Ruijie# show mac-address-table count Configuration Dynamic Address Count : 51 Examples Static Address Count : 0 Filter Address Count : 0 Total Mac Addresses : 51 Total Mac Address Space Available: 8139...

  • Page 217: Show Mac-Address-Table Filtering

    Destination MAC address of the entry Description mac-addr VLAN ID of the entry vlan-id Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show mac-address-table filtering Configuration Vlan MAC Address Type Interface Examples ------- ----------------- ------- ----------- 0000.2222.2222 FILTER Not available...

  • Page 218: Show Mac-Address-Table Interface

    Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show mac-address-table mac-manage-learning Configuration ######MAC manage-learning Examples running mode: uniform configuration mode: uniform dynamic address learning-synchronization: off. Related Command Description Set the dynamic MAC address management and learning...

  • Page 219: Show Mac-Address-Table Static

    Command Reference MAC Address Commands The MAC address notification configuration is shown by default. Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show mac-address-table notification interface Configuration Interface MAC Added Trap MAC Removed Trap Examples --------- -------------- -------------- GigabitEthernet1/14 Disabled...

  • Page 220: Show Mac-Address-Table Vlan

    Description VLAN ID Description vlan-id Defaults Privileged mode Command Mode Usage Guide Ruijie# show mac-address-table vlan 1 Configuration Vlan MAC Address Type Interface Examples ----- ------------- ------- ------------------ 00d0.f800.1001 STATIC gigabitethernet 1/1 00d0.f800.1002 STATIC gigabitethernet 1/1 00d0.f800.1003 STATIC gigabitethernet 1/1...

  • Page 221: Snmp Trap Mac-Notification

    Defaults Interface configuration mode. Command Mode Use show mac-address-table notification interface to display configuration. Usage Guide Ruijie(config)# interface gigabitethernet 1/1 Configuration Ruijie(config-if)# snmp trap mac-notification added Examples Related Command Description Enable MAC address notification. Commands mac-address-table notification Show the MAC address notification configuration and the MAC show mac-address-table address notification table.

  • Page 222: Vlan Commands

    Global configuration mode Command Mode Execute the end command or press Ctrl+C to return to priviledged EXEC mode. Usage Guide Execute the exit command to returen to global configuration mode. Configuration Ruijie(config)# vlan 1 Examples Ruijie(config-vlan)# Related Command Description Commands Displays VLAN member ports information.

  • Page 223: Ip Address Commands

    Command Reference IP Address Commands IP Address Commands ip-address Use this command to configure the IP address of an interface. Use the no form of this command to delete the IP address of the interface. ip address ip-address network-mask [ secondary ] | [ gateway ip-address ] no ip address [ip-address network-mask [ secondary ] | [ gateway ] ] Parameter Parameter...
  • Page 224 Command Reference IP Address Commands to different networks, and different secondary IP addresses must also belong to different networks. Secondary IP addresses are often used in network construction. Typically, you can try to use secondary IP addresses in the following situations: A network does not have enough host addresses.
  • Page 225 Command Reference IP Address Commands ip unnumbered Use this command to configure an unnumbered interface. After an interface is configured as an unnumbered interface, it is allowed to run the IP protocol and can receive and send IP packets. Use the no form of this command to cancel this configuration.
  • Page 226 Command Reference IP Address Commands This command is not supported on Layer 2 switches. Platform Description Use this command to add a permanent IP-MAC address mapping to the ARP cache table. Use the no form of this command to delete the static MAC address mapping. arp [ vrf name ] ip-address MAC-address type no arp [ vrf name ] ip-address Parameter...

  • Page 227: Arp Anti-Ip-Attack

    The following example sets the number of IP messages that will trigger ARP to set a discard entry to. Configuration Ruijie(config)# arp anti-ip-attack Examples The following example disables the ARP anti-IP-attack function.

  • Page 228: Arp Gratuitous-Send Interval

    The following example sets the interval for sending free ARP request messages to SVI 1 to 1 second. Configuration Ruijie(config)# interface vlan 1 Examples Ruijie(config-if)# arp gratuitous-send interval 1 The following example disables the function of sending free ARP request messages to SVI 1. Ruijie(config)# interface vlan 1 Ruijie(config-if)# no arp gratuitous-send...

  • Page 229: Arp Retry Interval

    Command Reference IP Address Commands arp retry interval Use this command to set the interval for sending ARP request messages locally, namely, the time interval between two continuous ARP requests sent for parsing one IP address. Use the no form of this command to restore the default value, that is, retry an ARP request per second.

  • Page 230: Arp Timeout

    Command Reference IP Address Commands The times of sending the same ARP request in the range from 1 to 100. 1 indicates that the ARP request is not retransmitted but only number one ARP request message is sent. If the ARP response message is not received, the ARP request message will be sent for 5 times, and Defaults then timeout occurs.

  • Page 231: Arp Unresolve

    Command Reference IP Address Commands The ARP timeout setting is only applicable to the IP and MAC address mapping records that are Usage Guide learned dynamically. The shorter the timeout, the truer the mapping table saved in the ARP cache, but the more network bandwidth occupied by ARP.

  • Page 232: Ip Proxy-Arp

    Command Reference IP Address Commands arp unresolve 500 Examples Related Command Description Commands Platform Description ip proxy-arp Use this command to enable the proxy ARP function on the interface. Use the no form of this command to disable the proxy ARP function. ip proxy-arp no ip proxy-arp Parameter...

  • Page 233: Service Trustedarp

    Command Reference IP Address Commands service trustedarp Use this command to enable the trusted ARP function. Use the no form of this command to disable the trusted ARP function. service trustedarp no service trustedarp Parameter Parameter Description Description The trusted ARP function is disabled. Defaults Global configuration mode Command...

  • Page 234: Ip Directed-Broadcast

    Command Reference IP Address Commands Interface configuration mode Command Mode At present, the destination address of an IP broadcast packet is all-1s, indicating 255.255.255.255. Usage Guide The RGOS software can generate broadcast packets with other defined IP addresses, and can receive both all-1s packets and broadcast packets defined by itself.

  • Page 235: Ip Address-Pool

    Command Reference IP Address Commands packet and handles this packet in the same way as forwarding a unicast packet. After the directed broadcast packet reaches a device that is directly connected to this subnet, the device converts the directed broadcast packet into a flooding broadcast packet (typically the broadcast packet whose destination IP address is all-1s), and then sends the packet to all hosts in the destination subnet as with link layer broadcast.

  • Page 236: Clear Arp-Cache

    Command Reference IP Address Commands By default, the IP address pool function is enabled, the user can configure the IP address pool, and Usage Guide the PPP user can assign an IP address to the peer end from the IP address pool. Use the no ip address-pool local command to disable the IP address pool function and delete all IP address pools previously configured.

  • Page 237: Clear Ip Route

    Command Reference IP Address Commands This command can be used to refresh an ARP cache table. Usage Guide A Network Foundation Protection Policy (NFPP) device receives one ARP packet for every MAC or IP address per second by default. If the interval between twice ARP clearing is within 1 second, the second response packet will be filtered out and the ARP packet will fail to be parsed in a short time.

  • Page 238: Show Arp

    Command Reference IP Address Commands Once an invalid route is found in the routing table, you can immediately refresh the routing table to get Usage Guide the updated routes. Note that, however, refreshing the entire routing table will result in a temporary communication failure on the entire network.
  • Page 239 Age(min) Hardware Type Interface Internet 192.168.195.68 0013.20a5.7a5f arpa VLAN 1 The example shows the output result of the show arp 192.168.195.0 255.255.255.0 command. Ruijie# show arp 192.168.195.0 255.255.255.0 Protocol Address Age(min) Hardware Type Interface Internet 192.168.195.64 0018.8b7b.9106 arpa VLAN 1 Internet 192.168.195.2...

  • Page 240: Show Arp Counter

    Command Reference IP Address Commands Internet 192.168.195.51 0018.8b82.8691 arpa VLAN 1 The following example shows the output result of the show arp 001a.a0b5.378d command. Ruijie# show arp 001a.a0b5.378d Protocol Address Age(min) Hardware Type Interface Internet 192.168.195.67 001a.a0b5.378d arpa VLAN 1...

  • Page 241: Show Arp Detail

    Use this command to show ARP details, such as the ARP type (Dynamic, Static, Local, Trust) and Usage Guide information about a specific Layer 2 port. The following example shows the output result of the show arp detail command. Configuration Ruijie# show arp detail Examples IP Address MAC Address Type...

  • Page 242: Show Arp Timeout

    Parameter Parameter Description Description Defaults Any mode Command Mode Usage Guide The following example shows the output result of the show arp timeout command: Configuration Ruijie# show arp timeout Examples Interface arp timeout(sec) ---------------------- ---------------- VLAN 1 3600...

  • Page 243: Show Ip Arp

    Description Defaults Privileged user mode Command Mode Usage Guide The following example shows the output result of the show ip arp command. Configuration Ruijie# show ip arp Examples Protocol Address Age(min)Hardware Type Interface Internet 192.168.7.233 23 0007.e9d9.0488 ARPA FastEthernet 0/0 Internet 192.168.7.112 10...

  • Page 244: Show Ip Interface

    The results shown may vary with the interface type, because some contents are interface-specific options. The following example shows the output result of the show ip interface brirf command. Configuration Ruijie#show ip interface brief Examples Interface IP-Address(Pri) IP-Address(Sec) Status Protocol GigabitEthernet 0/10 2.2.2.2/24...
  • Page 245 Command Reference IP Address Commands VLAN 1 1.1.1.1/24 no address down down Status: link status of the interface. The options include up, down, and administratively down. The link status of an interface will be administratively down if you run the shutdown command to forcibly shut down the interface.
  • Page 246 Command Reference IP Address Commands IP address is: Shows the IP address and mask of the interface. IP address negotiate is: Shows whether to obtain the IP address through negotiation. Forward Shows whether to forward directed broadcast packets. direct-broadcast is: ICMP mask reply is: Shows whether to send ICMP mask response messages.

  • Page 247: Show Ip Pool

    Description Address pool name pool-name Defaults Privileged user mode Command Mode Usage Guide The following example shows the output result of the show ip pool command. Configuration Ruijie#show ip pool Examples Pool Begin Free In use 1.1.1.1 1.1.1.200 2.2.2.2 2.2.2.211...

  • Page 248: Ip Mask-Reply

    Command Reference IP Address Commands ip mask-reply Use this command to configure the RGOS software to respond to the ICMP mask request and send an ICMP response message in interface configuration mode. Use the no form of this command to disable the sending of the ICMP mask response message.
  • Page 249 Command Reference IP Address Commands Maximum transmission unit of IP packets ranging from 68 to 1500 bytes bytes The MTU is the same as the MTU value configured by the interface command mtu. Defaults Interface configuration mode Command Mode If an IP packet is larger than the IP MTU, the RGOS software will split this packet. All the devices in Usage Guide the same physical network segment must have the same IP MTU for the interconnected interface.

  • Page 250: Ip Source-Route

    Command Reference IP Address Commands When the route is not optimal, it may cause the device to receive packets through one interface and Usage Guide send it though the same interface. If the device sends the packet from the same interface through which this packet is received, the device will send an ICMP redirection message to the data source, telling the data source that the gateway for the destination address is another device in the subnet.
  • Page 251 Command Reference IP Address Commands The following example disables the IP source route feature. Configuration no ip source-route Examples Related Command Description Commands This command is not supported on Layer 2 switches. Platform Description ip unreachables Use this command to allow the RGOS software to generate ICMP destination unreachable messages.
  • Page 252 Command Reference IP Address Commands Related Command Description Commands This command is not supported on Layer 2 switches. Platform Description...

  • Page 253: Tcp Commands

    This command is used to limit the maximum value of MSS for the TCP connection to be created. The Usage Guide negotiated MSS cannot exceed the configured value. You can use this command to reduce the maximum value of MSS. However, this configuration is not needed in general. Ruijie(config)# ip tcp mss 1300 Configuration Examples Related...

  • Page 254: Ip Tcp Path-Mtu-Discovery

    TCP connection. The attacker may initiate attacks by sending a large number of port-unreachable TCP packets. You can use this command to prohibit sending the reset packet when a port-unreachable packet is received. Configuration Ruijie(config)# ip tcp not-send-rst Examples Related Command...

  • Page 255: Ip Tcp Syntime-Out

    SYN timeout value can shorten the time for the user to wait, such as telnet login. For poor network conditions, the timeout value can be increased properly. Ruijie(config)# ip tcp syntime-out 10 Configuration Examples...

  • Page 256: Ip Tcp Window-Size

    This command is used to change the size of receiving buffer and sending buffer for TCP connections. This command changes both the receiving buffer and sending buffer, and only applies to subsequent connections. Configuration Ruijie(config)# ip tcp window-size 16386 Examples Related Command...

  • Page 257: Show Tcp Connect

    Use this command to display basic information about the current TCP connections. show tcp connect Parameter Parameter Description Description Defaults Privileged user mode Command Mode Usage Guide Configuration Ruijie#sh tcp connect Examples tcp connect status: Local Address Foreign Address State cf25000 0.0.0.0.2650 0.0.0.0.0 LISTEN c441000 0.0.0.0.23 0.0.0.0.0...

  • Page 258: Show Tcp Pmtu

    Use this command to display information about TCP PMTU. show tcp pmtu Parameter Parameter Description Description Defaults Privileged user mode Command Mode Usage Guide Ruijie# show tcp pmtu Configuration Local Address Foreign Address PMTU Examples 2002::1.18946 2002::2.23 1440 192.168.195.212.23 192.168.195.112.13560 1440...

  • Page 259: Show Tcp Port

    Parameter Parameter Description Description Defaults Privileged user mode Command Mode Usage Guide Ruijie#sh tcp port Configuration tcp port status: Examples Tcpv4 listen on 2650 have connections: Foreign Address Port State Tcpv4 listen on 2650 have total 0 connections. Tcpv4 listen on 23 have connections:...
  • Page 260 Command Reference TCP Commands Foreign Address Port State c429980 3000::2 64572 ESTABLISHED Tcpv6 listen on 23 have total 1 connections. Field Description The control block’s location in the current memory Foreign Address Remote address Port Remote port number State Status of the current TCP connection. There are eleven possible states: CLOSED: The connection has been closed.

  • Page 261: Dhcp Commands

    Command Reference DHCP Commands DHCP Commands bootfile Use this command to define the startup mapping file name of the DHCP client in DHCP address pool configuration mode. Use the no form of this command to remove the definition. bootfile file-name no bootfile Parameter Parameter...

  • Page 262: Client-Name

    RFC1700. This command is used only when the DHCP is defined by manual binding. The following example defines the client ID of the Ethernet DHCP client whose MAC address is Configuration 00d0.f822.33b4. Examples Ruijie(dhcp-config)# client-identifier 0100.d0f8.2233.b467.6967.6162.6974.4574.6865.726e.6574.302f.31 Related Command Description Defines the hardware address of DHCP client.

  • Page 263: Default-Router

    This name should not include the suffix domain name. The following example defines a string river as the name of the client. Configuration Examples Ruijie(dhcp-config)# client-name river Related Command Description Defines the IP address and network mask, which is used to...
  • Page 264 Command Reference DHCP Commands be of the same network segment as the address assigned to the client. The following example defines 192.168.12.1 as the default gateway. Configuration Ruijie(dhcp-config)# default-router 192.168.12.1 Examples Related Command Description Defines the name of the DHCP address pool and enters DHCP...

  • Page 265: Domain-Name

    After the DHCP client obtains specified suffix domain name, it can access a host with the same suffix Usage Guide domain name by the host name directly. The following example defines the suffix domain name i-net.com.cn for the DHCP client. Configuration Examples Ruijie(dhcp-config)# domain-name i-net.com.cn Related Command Description Defines the DNS server of the DHCP client. Commands...
  • Page 266 Mode This command can be used only when the DHCP is defined by manual binding. Usage Guide The following example defines the MAC address 00d0.f838.bf3d with the type ethernet. Configuration Ruijie(dhcp-config)# hardware-address 00d0.f838.bf3d Examples Related Command Description Defines the unique ID of the DHCP client (Indicated in hexadecimal...

  • Page 267: Ip Address Dhcp

    This command can be used only when the DHCP is defined by manual binding. The following example sets the client IP address as 192.168.12.91, and the network mask as Configuration 255.255.255.240. Examples Ruijie(dhcp-config)# host 192.168.12.91 255.255.255.240 Related Command Description Defines the unique ID of the DHCP client (Indicated in...

  • Page 268: Ip Dhcp Excluded-Address

    DHCP server assigns the address. The following example configures that the DHCP server will not assign the IP addresses within Configuration 192.168.12.100 to 150. Examples Ruijie(config)# ip dhcp excluded-address 192.168.12.100 192.168.12.150...

  • Page 269: Ip Dhcp Ping Packets

    DHCP client. The ping operation will send up to 10 packets (two packets by default). The following example sets the number of the packets sent by the ping operation to 3. Configuration Examples Ruijie(config)# ip dhcp ping packets 3 Related Command Description Clears the DHCP history conflict record.

  • Page 270: Ip Dhcp Ping Timeout

    This command defines the time that the DHCP server waits for a ping response packet. Usage Guide The following example configures that the waiting time of the ping response packet is 600ms. Configuration Ruijie(config)# ip dhcp ping timeout 600 Examples Related Command Description Clears the DHCP history conflict record.
  • Page 271 In this configuration mode, you can configure the IP address range, the DNS server and the default gateway. The following example defines a DHCP address pool with the name mypool0. Configuration Examples Ruijie(config)# ip dhcp pool mypool0 Ruijie(dhcp-config)# Related Command Description...
  • Page 272 The following example sets the DHCP lease to 1 hour. Configuration Ruijie(dhcp-config)# lease 0 1 Examples The following example sets the DHCP lease to 1 minute. Ruijie(dhcp-config)# lease 0 0 1 Related Command Description Defines the name of the DHCP address pool and...
  • Page 273 WINS server only when its communication with the former WINS server fails. The following example specifies the WINS server 192.168.12.3 for the DHCP client. Configuration Examples Ruijie(dhcp-config)# netbios-name-server 192.168.12.3 Related Command Description Enables the DHCP client on the interface to obtain...
  • Page 274 Otherwise, hybrid node is used. It is recommended to set the type of the NetBIOS node to Hybrid. The following example sets the NetBIOS node of Microsoft DHCP client as Hybrid. Configuration Examples Ruijie(dhcp-config)# netbios-node-type h-node Related Command Description Defines the name of DHCP address pool and enter...
  • Page 275 The following example defines the network number of the DHCP address pool as 192.168.12.0, and Configuration the network mask as 255.255.255.240. Examples Ruijie(dhcp-config)# network 192.168.12.0 255.255.255.240 Related Command Description Defines the IP addresses that the DHCP server...
  • Page 276 IP packet forwarding. 0 indicates to disable the IP packet forwarding, and 1 indicates to Examples enable the IP packet forwarding. The following configuration enables the IP packet forwarding on the DHCP client. Ruijie(dhcp-config)# option 19 hex 1...

  • Page 277: Service Dhcp

    DHCP responses to the DHCP client, serving as the relay for DHCP packets. The following example enables the DHCP server and the DHCP relay agent on the device. Configuration Examples Ruijie(config)# service dhcp Related Command Description Shows various statistics information of the...

  • Page 278: Clear Ip Dhcp Binding

    Usage Guide deleted by the no ip dhcp pool command. The following example clears the DHCP binding with the IP address 192.168.12.100. Configuration Examples Ruijie# clear ip dhcp binding 192.168.12.100 Related Command Description Shows the address binding of the DHCP server.

  • Page 279: Clear Ip Dhcp Server Statistics

    Command Reference DHCP Commands The following example clears all address conflict records. Configuration Ruijie# clear ip dhcp conflict * Examples Related Command Description Defines the number of the packets sent by the ping Commands operation for the detection of the address conflict when ip dhcp ping packets the DHCP server assigns an IP address.

  • Page 280: Dhcp Relay Commands

    DHCP request. If this comand is not configured, the DHCP request is forwarded to all DHCP servers. The following example enables the ip dhcp relay check server-id function. Configuration Examples Ruijie# configure terminal Ruijie(config)# ip dhcp relay check server-id Related Command Description Commands Enables the DHCP Relay.

  • Page 281: Ip Dhcp Relay Information Option Dot1X Access-Group

    It is necessary to enable the DHCP Relay, and combine with the 802.1x related configuration to Usage Guide configure this command. The following example enables the DHCP option dot1x function on the device. Configuration Examples Ruijie# configure terminal Ruijie(config)# ip dhcp relay information option dot1x Related Command Description Commands Enables the DHCP Relay. service dhcp ip dhcp relay information Configures the option dot1x acl.

  • Page 282: Ip Dhcp Relay Information Option82

    // Permit the communication between the packets whose source IP address is that of the gateway. Ruijie(config-ext-nacl)# permit ip host 192.168.4.1 any Ruijie(config-ext-nacl)# permit ip host 192.168.5.1 any Ruijie(config-ext-nacl)# deny ip 192.168.3.0 0.0.0.255 192.168.3.0 0.0.0.255 //Deny the exchange between the unauthenticated users. Ruijie(config-ext-nacl)# deny 192.168.3.0...

  • Page 283: Ip Dhcp Relay Suppression

    This function is exclusive with the option dot1x function. Usage Guide The following example enables the option82 function on the DHCP relay. Configuration Ruijie# configure terminal Examples Ruijie(config)# Ip dhcp relay information option82 Related Command Description Commands Enables the DHCP Relay.

  • Page 284: Ip Helper-Address

    Command Reference DHCP Relay Commands The following example enables the DHCP relay suppression function on interface 1. Configuration Ruijie# configure terminal Examples Ruijie(config)# interface fastEthernet 0/1 Ruijie(config-if)# ip dhcp relay suppression Ruijie(config-if)# exit Ruijie(config)# Related Command Description Commands service dhcp Enables the DHCP relay.
  • Page 285 Command Reference DHCP Relay Commands Ruijie(config)# ip helper-address 192.168.1.1 Ruijie(config)# ip helper-address vrf dep1 192.168.2.1 Related Command Description Commands Enables the DHCP relay. service dhcp Platform Description service dhcp Use this command to enable the DHCP relay in global configuration mode. Use the no form of this command to disable this function.

  • Page 286: Dhcp Snooping Commands

    The following example demonstrates how to clear the dynamic database information from the DHCP Configuration snooping binding database. Examples Ruijie# clear ip dhcp snooping binding Ruijie# show ip dhcp snooping binding Total number of bindings: 0 MacAddress IpAddress Lease(sec) Type VLAN Interface...

  • Page 287: Ip Dhcp Snooping

    Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping Ruijie(config)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status: ENABLE DHCP snooping Verification of hwaddr field status: DISABLE DHCP snooping database write-delay time: 0 seconds DHCP snooping option 82 status: ENABLE...

  • Page 288: Ip Dhcp Snooping Bootp-Bind

    Bootp user to the static binding database. The following example enables the DHCP snooping bootp bind function. Configuration Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping bootp-bind Ruijie(config)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status :ENABLE Verification of hwaddr field status :DISABLE...

  • Page 289: Ip Dhcp Snooping Database Write-To-Flash

    The following is an example of setting interval at which the switch writes the user information into the Configuration flash as 3600s: Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping database write-delay 3600 Ruijie(config)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status: ENABLE DHCP snooping Verification of hwaddr field status: ENABLE...

  • Page 290: Ip Dhcp Snooping Information Option

    Usage Guide real time. The following is an example of writing the dynamic user information of the DHCP binding database Configuration into flash. Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping database write-to-flash Ruijie(config)# end Ruijie# Related Command Description Commands N/A.

  • Page 291: Ip Dhcp Snooping Trust

    Usage Guide assigns IP address. Add option82 to the DHCP request message: Configuration Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping information option Ruijie(config)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status ENABLE DHCP snooping Verification of hwaddr status...

  • Page 292: Ip Dhcp Snooping Verify Mac-Address

    The following is an example of setting fastEthernet 0/1 as a trust port: Configuration Ruijie# configure terminal Examples Ruijie(config)# interface fastEthernet 0/1 Ruijie(config-if)# ip dhcp snooping trust Ruijie(config-if)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status: ENABLE DHCP snooping Verification of hwaddr field status: DISABLE...

  • Page 293: Show Ip Dhcp Snooping

    The following is an example of enabling the check of the source MAC address of the DHCP request Configuration message. Examples Ruijie# configure terminal Ruijie(config)# ip dhcp snooping verify mac-address Ruijie(config)# end Ruijie# show ip dhcp snooping Switch DHCP snooping status: ENABLE Verification of hwaddr field status: ENABLE...

  • Page 294: Show Ip Dhcp Snooping Binding

    Command Mode N/A. Usage Guide Show the information of the DHCP Snooping binding database. Configuration Ruijie# show ip dhcp snooping binding Examples Total number of bindings: 1 MacAddress IpAddress Lease Type VLAN Interface 00d0.f801.0101 192.168.1.1 - static 1 fastethernet 0/1...
  • Page 295 Command Reference DHCP Snooping Commands Add the static user information to the DHCP ip dhcp snooping binding Snooping database. Clear the dynamic user information from the clear ip dhcp snooping binding DHCP snooping binding database. N/A. Platform Description...

  • Page 296: Dns Module Commands

    Defaults Global configuration mode. Command Mode This command enables the domain name resolution function. Usage Guide The following example enables the DNS domain name resolution function. Configuration Examples Ruijie(config)# ip domain-lookup Related Command Description Commands Shows related configuration show hosts information.
  • Page 297 DNS request to subsequent servers until it receives a response. Up to 6 DNS servers are supported. You can delete a DNS server with the ip-address option or all the DNS servers. Configuration Ruijie(config)# ip name-server 192.168.5.134 Examples Ruijie(config)# ip name-server 2001:0DB8::250:8bff:fee8:f800 2001:0DB8:0:f004::1...

  • Page 298: Clear Host

    Command Reference DNS Module Commands Configuration Ruijie(config)# ip host switch 192.168.5.243 Examples Related Command Description Commands Shows related configuration show hosts information. Platform Description clear host Use this command to clear the dynamically learned host name in privileged user mode.

  • Page 299: Show Hosts

    [ hostname ] Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Show the DNS related configuration information. Usage Guide Configuration Ruijie# show hosts Examples Name servers are: 192.168.5.134 static Host type Address TTL(sec) switch static 192.168.5.243 www.ruijie.com dynamic 192.168.5.123...

  • Page 300: Sntp Commands

    Description SNTP is disabled by default. Defaults Global configuration mode Command Mode This command shows SNTP parameters. Usage Guide Configuration Ruijie(config)# sntp enable Examples Related Command Description Commands Shows the SNTP configuration. show sntp Synchronizes the software clock with the clock update-calendar hardware clock.

  • Page 301: Sntp Server

    Global configuration mode Command Mode The show sntp command shows SNTP parameters. Usage Guide The interval will take effect after the sntp enable command is executed. Configuration Ruijie(config)# sntp interval 3600 Examples Related Command Description Commands Enables SNTP. sntp enable Shows the SNTP configuration.

  • Page 302: Show Sntp

    Command Reference SNTP Commands Ruijie(config)# sntp server 192.168.4.12 Configuration Examples Related Command Description Commands Shows the SNTP configuration status. show sntp Enables SNTP. sntp enable Platform Description show sntp Use this command to show SNTP parameters. show sntp Parameter Parameter...

  • Page 303: Ntp Commands

    By default, the NTP service is disabled. However, the NTP service will be enabled once the NTP Usage Guide server or the NTP security identification mechanism is configured. The following example disables the NTP service. Configuration Examples Ruijie(config)# no ntp Related Command Description Commands Specifies the NTP server.
  • Page 304 The following example shows how to allow the peer device in acl1 to control, query, request for, and Configuration synchronize the time with the local device; and limit the peer device in acl2 to request the time for the Examples local device: Ruijie(config)# ntp access-group peer 1 Ruijie(config)# ntp access-group serve-only 2 Related Command Description Commands Creates the IP access control list.

  • Page 305: Ntp Authenticate

    The following example enables the authentication mechanism after an authentication key is Configuration configured and specified as the global trusted key. Examples Ruijie(config)# ntp authentication-key 6 md5 wooooop Ruijie(config)# ntp trusted-key 6 Ruijie(config)# ntp authenticate Related Command...

  • Page 306: Ntp Disable

    You can use the ntp trusted-key to set the key of key-id as the global trusted key. At most 1024 keys are allowed. However, each server can support only one key. The following example configures an authentication key with ID 6. Configuration Examples Ruijie(config)# ntp authentication-key 6 md5 wooooop Related Command Description Commands...

  • Page 307: Ntp Server

    Global configuration mode Command Mode Currently, Ruijie system only acts as clients that can synchronize time from a maximum of 20 servers. Usage Guide To initiate the encrypted communication with the server, set the global encryption key and global trusted key firstly, and then specify the corresponding key as the trusted key of the server to launch...

  • Page 308: Ntp Synchronize

    Note that the NTP-packet-sending source interface is configured with the IP address and can communicate with the corresponding NTP server. The following example configures the network device as the NTP server. Configuration Examples IPv4 configuration: Ruijie(config)# ntp server 192.168.210.222 IPv6 configuration: Ruijie(config)# ntp server 10::2 Related Command Description Commands Disables the NTP service.

  • Page 309: Ntp Trusted-Key

    ID and is not transmitted. The following example configures an authentication key and sets it as the trusted key of Configuration corresponding server. Examples Ruijie(config)# ntp authentication-key 6 md5 wooooop Ruijie(config)# ntp trusted-key 6 Ruijie(config)# ntp server 192.168.210.222 key 6 Related Command...

  • Page 310: Debug Ntp

    By default, the NTP update-calendar function is not configured. After configuration, the NTP client updates the calendar every time the time synchronization of external clock source is successful. The following example configures the NTP update-calendar function. Configuration Ruijie(config)# ntp update-calendar Examples Related Command...

  • Page 311: Show Ntp Status

    If the NTP service of the system is enabled, the command shows existing NTP information. This Usage Guide command will display no information until the synchronization server is added for the first time. The following example shows the existing NTP information of the system. Configuration Examples Ruijie# show ntp status Related Command Description Commands Platform...
  • Page 312 FTPSRV_DEBUG:(RECV) SYST FTPSRV_DEBUG:(REPLY) 215 RGOS Type: L8 FTPSRV_DEBUG:(RECV) PORT 192,167,201,82,7,120 FTPSRV_DEBUG:(REPLY) 200 PORT Command okay. The following example shows how to disable outputting the debugging messages in the FTP Server: Ruijie# no debug ftpserver Related Command Description Commands Platform Description ftp-server enable Use this command to enable the FTP server.
  • Page 313 The following example shows how to enable the FTP Server and make the FTP client access to the Configuration syslog content only: Examples Ruijie(config)# ftp-server topdir /syslog Ruijie(config)# ftp-server enable The following example shows how to disable the FTP Server: Ruijie(config)# no ftp-server enable...
  • Page 314 The following example shows how to set the plain-text password as pass: Configuration Examples Ruijie(config)# ftp-server password pass Ruijie(config)# ftp-server password 0 pass The following example shows how to set the cipher-text password as 8001: Ruijie(config)# ftp-server password 7 8001 The following example shows how to delete the password configuration:...
  • Page 315 The session idle time refers to the time for the FTP session between two FTP operations The following example shows how to set the session idle timeout as 5m: Configuration Ruijie(config)# ftp-server timeout 5 Examples The following example shows how to restore the session idle timeout to the default value 30m...
  • Page 316 The following example shows how to enable the FTP Server and make the FTP client access to the Configuration syslog content only: Examples Ruijie(config)# ftp-server topdir /syslog Ruijie(config)# ftp-server enable The following example shows how to remove the top-directory configuration: Ruijie(config)# no ftp-server topdir...
  • Page 317 The anonymous user login is not supported on the FTP server. The client fails to pass the identity verification if the username is removed. The following example shows how to set the username as user: Configuration Ruijie(config)# ftp-server username user Examples The following example shows how to remove the username configuration: Ruijie(config)# no ftp-server username...
  • Page 318 The FTP server top directory  The session idle timeout setting The following example shows the related status information of the FTP server: Configuration Examples Ruijie# show ftp-server ftp-server information ======================================= enable : Y topdir : / timeout: 20min username config : Y...

  • Page 319: Udp-Helper Module Commands

    Command Reference UDP-Helper Module Commands UDP-Helper Module Commands ip forward-protocol Use this command to configure the User Datagram Protocol (UDP) port to enable relay forwarding. Use the no form of this command to disable forwarding on the UDP port. ip forward-protocol udp [ port | tftp | domain | time | netbios-ns | netbios-dgm | tacacs ] no ip forward-protocol udp [ port | tftp | domain | time | netbios-ns | netbios-dgm | tacacs ] Parameter Parameter...
  • Page 320 Command Reference UDP-Helper Module Commands Configuration Ruijie(config)# ip forward-protocol udp 134 Examples Related Command Description Commands Enables the forwarding of the UDP broadcast udp-helper enable packet. Configures the UDP port to enalbe relay ip forward-protocol forwarding. Platform Description ip helper-address Use this command to configure the destination server which the UDP broadcast packet will be forwarded to.

  • Page 321: Udp-Helper Enable

    Enable the forwarding function of UDP-Helper. The UDP broadcast packets from the port 69, 53, 37, Usage Guide 137, 138, and 49 are relayed and forwarded by default. #Enable the UDP forwarding function. Configuration Ruijie(config)# udp-helper enable Examples Related Command Description...

  • Page 322: Snmp Commands

    Global configuration mode mode This command disables the SNMP agent services of all Versions supported on the device. Usage Guide The following example disables the SNMP agent service. Configuration Examples Ruijie(config)# no snmp-server Related Command Description Commands Platform Description snmp-server chassis-id Use this command to specify the SNMP system serial number in global configuration mode.

  • Page 323: Snmp-Server Community

    The SNMP system serial number is generally the serial number of the machine to facilitate the device Usage Guide identification. The serial number can be viewed by the show snmp command. The following example specifies the SNMP system serial number as 123456: Configuration Examples Ruijie(config)# snmp-server chassis-id 123456 Related Command Description Commands Shows the SNMP statistics.

  • Page 324: Snmp-Server Contact

    The following example restricts the access to the MIB using the access list, which allows only the Configuration NMS of the IP address 192.168.12.1 to access the MIB. Examples Ruijie(config)# access-list 2 permit 192.168.12.1 Ruijie(config)# access-list 2 deny any Ruijie(config)# snmp-server community public ro 2 Related Command Description Commands Defines the access list.

  • Page 325: Snmp-Server Enable Traps

    Usage Guide SNMP Trap message. The following example enables the SNMP server to actively send the SNMP Trap message. Configuration Ruijie(config)# snmp-server enable traps snmp Examples Ruijie(config)# snmp-server host 192.168.12.219 public snmp Related Command Description Commands Specifies the SNMP host...

  • Page 326: Snmp-Server Group

    No user group is set by default. Defaults Command Global configuration mode mode None Usage Guide The following example sets a user group. Configuration Examples Ruijie(config)# snmp-server group mib2user v3 priv read mib2 Related Command Description Commands Shows the SNMP user group configuration. show snmp group...

  • Page 327: Snmp-Server Host

    In other words, to send different SNMP trap messages to the same host, different combination of SNMP trap messages have to be configured. The following example specifies an SNMP host to receive the SNMP event trap: Configuration Examples Ruijie(config)# snmp-server host 192.168.12.219 public snmp Related Command Description Commands Enables to send the SNMP trap message.

  • Page 328: Snmp-Server Location

    Null Defaults Command Global configuration mode mode Usage Guide The following example specifies the system information: Configuration Examples Ruijie(config)# snmp-server location start-technology-city 4F of A Buliding Related Command Description Commands Specifies the system contact information. snmp-sever contact Platform Description snmp-server packetsize Use this command to specify the maximum size of the SNMP packet in global configuration mode.

  • Page 329: Server Queue-Length

    Global configuration mode mode None Usage Guide The following example specifies the maximum SNMP packet size as 1,492 bytes: Configuration Examples Ruijie(config)# snmp-server packetsize 1492 Related Command Description Commands Specifies the length of the SNMP trap message snmp-server queue-length queue.

  • Page 330: Snmp-Server System-Shutdown

    This command is used to enable the SNMP system restart notification function. The RGOS sends the Usage Guide SNMP trap messages to the NMS to notify the system restart before the device is reloaded or rebooted. The following example enables the SNMP system restart notification function: Configuration Ruijie(config)# snmp-server system-shutdown Examples Related Command Description Commands...

  • Page 331: Snmp-Server Trap-Timeout

    SNMP source address. The following example specifies the IP address of Ethernet interface 0/1 as the source of the SNMP Configuration trap message: Examples Ruijie(config)# snmp-server trap-source fastethernet 0/1 Related Command Description Commands Enables the sending of the SNMP trap snmp-server enable traps message.

  • Page 332: Snmp-Server User

    Command Reference SNMP Commands Examples Ruijie(config)# snmp-server trap-timeout 60 Related Command Description Commands Specifies the length of the SNMP trap message snmp-server queue-length queue. Specifies the NMS host snmp-server enable host Platform Description snmp-server user Use this command to set the SNMP user in global configuration mode. Use the no form of this command to delete the user.

  • Page 333: Snmp-Server View

    Defaults Command Global configuration mode mode Usage Guide The following example configures an SNMPv3 user with MD5 authentication and DES encryption: Configuration Ruijie(config)# snmp-server user user-2 mib2user v3 auth md5 authpassstr priv Examples des56 despassstr Related Command Description Commands Shows the SNMP user configuration.
  • Page 334 Global configuration mode mode None Usage Guide The following example sets a view that includes all MIB-2 sub-trees (oid is 1.3.6.1). Configuration Examples Ruijie(config)# snmp-server view mib2 1.3.6.1 include Related Command Description Commands Shows the view configuration. show snmp view...

  • Page 335: Show Snmp

    Show the SNMP user group information. Show snmp host: show the display information configured by users. The following example shows an SNMP statistics: Configuration Examples Ruijie# show snmp Chassis: 60FF60 0 SNMP packets input 0 Bad SNMP Version errors 0 Unknown community name...
  • Page 336 Command Reference SNMP Commands Related Command Description Commands Specifies the SNMP system serial number. snmp-server chassis-id Platform Description...

  • Page 337: Ipv6 Commands

    Mode This command can be used to clear all the neighbors dynamically learned by the neighbor Usage Guide discovering. Note that the static neighbors will not be cleared. Configuration Ruijie# clear ipv6 neighbors Examples Related Command Description Configure the neighbor.
  • Page 338 Ruijie(config-if)# ipv6 address 2001:1::1/64 Configuration Ruijie(config-if)# no ipv6 address 2001:1::1/64 Examples Ruijie(config-if)# ipv6 address 2002:1::1/64 eui-64 Ruijie(config-if)# no ipv6 address 2002:1::1/64 eui-64 Related Command Description Commands Platform Description...

  • Page 339: Ipv6 Address Autoconfig

    DHCPv6. The “other configurations” usually means the IPv6 address of the DNS server, the IPv6 address of the NTP server, etc. Use the no ipv6 address autoconfig command to delete the IPv6 address. Ruijie(config-if)# ipv6 address autoconfig default Configuration Ruijie(config-if)# no ipv6 address autoconfig...

  • Page 340: Ipv6 General-Prefix

    Usage Guide address for the interface. If an IPv6 address is configured for the interface, the IPv6 function will be enabled automatically on the interface and cannot be disabled with no ipv6 enable. Configuration Ruijie(config-if)# ipv6 enable Examples Related Command Description Show the related information of an interface.

  • Page 341: Ipv6 Hop-Limit

    A general prefix could contain multiple prefixes. These longer specified prefixes are usually used for the Ipv6 address configuration on the interface. The following example configures manually a general prefix as my-prefix. Configuration Ruijie(config)# ipv6 general-prefix my-prefix 2001:1111:2222::/48 Examples Related Command Description Configure the interface address using the general prefix.

  • Page 342: Ipv6 Nd Managed-Config-Flag

    Whenever the state of an interface changes from down to up, the address collision check function of the interface will be enabled. Configuration Ruijie(config-if)# ipv6 nd dad attempts 3 Examples Related Command Description Show the interface information.

  • Page 343: Ipv6 Nd Ns-Interval

    The configured value will be advertised through RA and will be used by the device itself. It is not Usage Guide recommended to set a too short interval. Configuration Ruijie(conifig-if)# ipv6 nd ns-interval 2000 Examples Related Command Description Show the interface information.

  • Page 344: Ipv6 Nd Other-Config-Flag

    IPv6 address for the purpose of automatic configuration. When the managed address configuration is set, the default other stateful configuration is also set Configuration Ruijie(config-if)# ipv6 nd other-config-flag Examples Related Command Description Show the interface information.
  • Page 345 Command Reference IPv6 Commands Set the dead line for the valid lifetime and that of the preferred at valid-date preferred-date lifetime, in day, month, year, hour, minute. Indicate that the prefix is always valid. infinite Set the default prefix. default The prefix will not be advertised by the device.

  • Page 346: Ipv6 Nd Ra-Hoplimit

    Configuration Ruijie(config)# interface vlan 1 Examples 2592000 Ruijie(conifig-if)# ipv6 nd prefix 2001::/64 infinite The following example sets the default prefix parameters for SVI 1 (they cannot be used for auto address configuration): Ruijie(config)# interface vlan 1 Ruijie(config-if)# ipv6 prefix default no-autoconfig If no parameter is specified, the default parameters will be used, and the prefix cannot be used for auto address configuration.

  • Page 347: Ipv6 Nd Ra-Interval

    If the key word min-max is specified, the actual interval for sending the packet will be chosen between the range of minimum value and maximum value. Configuration Ruijie(conifig-if)# ipv6 nd ra-interval 110 Examples Ruijie(config-if)# ipv6 nd ra-interval min-max 110 120 Related Command Description Show the interface information.

  • Page 348: Ipv6 Nd Ra-Lifetime

    If the value is set to 0, the device will not serve as the default device any longer. If it is not set to 0, it shall be larger than or equal to the interval of sending the RA (ra-interval Configuration Ruijie(conifig-if)# ipv6 nd ra-lifetime 2000 Examples Related Command Description Show the interface information.

  • Page 349: Ipv6 Nd Reachable-Time

    IPv6 Commands Interface configuration mode. Command Mode If it is specified as 0, the RA will not have the MTU option Usage Guide Configuration Ruijie(config -if)# ipv6 nd ra-mtu 1400 Examples Related Command Description Show the interface information. Commands show ipv6 interface Set the lifetime of the device.

  • Page 350: Ipv6 Nd Suppress-Ra

    The RA message is not sent on the IPv6 interface by default. Defaults Interface configuration mode. Command Mode This command suppresses the sending of the RA message on an interface. Usage Guide Ruijie(config-if)# ipv6 nd suppress-ra Configuration Examples Related Command Description Show the interface information.

  • Page 351: Ipv6 Ns-Linklocal-Src

    Reachable status. Use clear ipv6 neighbors to clear all the neighbors dynamically learned through NDP. Use show ipv6 neighbors to view the neighbor information. Configuration Ruijie(config)# ipv6 neighbor 2001::1 vlan 1 00d0.f811.1111 Examples Related Command Description Show the neighbor information.

  • Page 352: Ipv6 Redirects

    Command Reference IPv6 Commands None. Usage Guide Ruijie(config)# no ipv6 ns-linklocal-src Configuration Examples Related Command Description Commands Platform Description ipv6 redirects Use this command to control whether to send ICMPv6 redirect message when the switch receives and forwards an IPv6 packet through an interface. Use the no form of this command to disable the function.
  • Page 353 If both the next hop IP address and the outgoing interface are specified, the outgoing interface of the direct route that matches the next hop shall be the same as the configured outgoing interface. 2. Configuration Ruijie(config)# ipv6 route 2001::/64 vlan 1 2005::1 Examples Related Command Description Show the IPv6 route information.

  • Page 354: Ipv6 Source-Route

    Therefore, forwarding the IPv6 packet with route header is disabled by default. However, the IPv6 packet of route header with type 0 that destined to the local machine is processed. Configuration Ruijie(config)# no ipv6 source-route Examples Related Command...

  • Page 355: Show Ipv6 General-Prefix

    The source IP address of the packet is not selected. The network interface is in the Down status, or the IPv6 function is disabled on the the interface (for example, IP address collision is detected). Unknown error Configuration Ruijie# ping ipv6 fec0::1 Examples Related Command Description...

  • Page 356: Show Ipv6 Interface

    Use this command to show the address configuration, ND configuration and other information of an Usage Guide IPv6 interface. Configuration Examples Ruijie# show ipv6 interface vlan 1 Interface vlan 1 is Up, ifindex: 2001 address(es): Mac Address: 00:00:00:00:00:01 INET6: fe80::200:ff:fe00:1 , subnet is fe80::/64...
  • Page 357 Indicate that no DAD is implemented for the address. Indicate that the interface ID of the address is automatically AUTOIFID generated by the system, which is usually an EUI-64 ID. Ruijie# show ipv6 interface vlan 1 ra-info vlan 1: DOWN RA timer is stopped waits: 0, initcount: 3...
  • Page 358 Command Reference IPv6 Commands RA timer is stopped (on) Indicate whether the RA timer is started. Indicate that the RS is received but the number of the responses is waits not available. initcount Indicate the number of the RAs when the RA timer is restarted. out: Indicate the number of the RAs that are sent.

  • Page 359: Show Ipv6 Neighbors

    Privileged EXEC mode. Command Mode Show the neighbors on the SVI 1 interface: Usage Guide Ruijie# show ipv6 neighbors vlan 1 IPv6 Address Linklayer Addr Interface fa::1 00d0.0000.0002 vlan 1 fe80::200:ff:fe00:2 00d0.0000.0002 vlan 1 Show the neighbor details: Ruijie# show ipv6 neighbors verbose IPv6 Address Linklayer Addr Interface 2001::1 00d0.f800.0001 vlan 1...

  • Page 360: Show Ipv6 Route

    NUD. The number of the NSs that are sent to the neighbor for the resolution of the link Asked address of the neighbor. Configuration Ruijie# show ipv6 neighbors Examples Related Command Description Configure a neighbor.

  • Page 361: Show Ipv6 Router

    Use this command to view the routing table. Usage Guide Configuration Examples Ruijie# show ipv6 route Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP I1 - ISIS L1, I2 - ISIS L2, IA - IIS interarea L ::1/128...

  • Page 362: Tunnel Destination

    The following example shows the IPv6 router Configuration Examples Ruijie# show ipv6 routers Router FE80::2D0:F8FF:FEC1:C6E1 on VLAN 2, last update 62 sec Hops 64, Lifetime 1800 sec, ManagedFlag=0, OtherFlag=0, MTU=1500 Preference=MEDIUM...
  • Page 363 Note: For auto tunnel 6to4 and isatap, the destination address shall not be configured. The following example configures an IPv6 manual tunnel. Configuration Examples Ruijie(config)# interface tunnel 1 Ruijie(config-if)# tunnel mode ipv6ip Ruijie(config-if)# tunnel source vlan 1 Ruijie(config-if)# tunnel destination 192.168.5.1 Related Command Description Configure the source IP address of the tunnel.

  • Page 364: Dhcpv6 Relay Agent Commands

    The following example displays the configuration of all destination addresses on the Relay Agent. Configuration Examples Ruijie# show ipv6 dhcp relay destination all Interface: Vlan1 // Interface where DHCPv6 Relay is enabled Destination address(es)
  • Page 365 You can use this command to view the statistics on transmitted packets after DHCPv6 Relay is Usage Guide enabled on the device. The following example queries DHCPv6 Relay Agent statistics. Configuration Examples Ruijie# show ipv6 dhcp relay statistics Packets dropped //Discard packets that are not processed Error //Discard error packets Excess of rate limit...

  • Page 366: Clear Ipv6 Dhcp Relay Statistics

    The following example clears the statistics on DHCPv6 Relay Agent packets (all packets counts Configuration become 0 after this command is executed). Examples Ruijie#clear ipv6 dhcp relay statistics Related Command Description Commands Displays the statistics on DHCPv6 Relay show ipv6 dhcp relay statistics packets.

  • Page 367: Dhcpv6 Commands

    To configure several DNS Server addresses, use the dns-server command for several times. The Usage Guide newly-configured DNS Server address will not overwrite the former ones. Configuration Examples Ruijie(config-dhcp)# dns-server 2008:1::1 Related Command Description Set the DHCPv6 domain name information.

  • Page 368: Iana-Address Prefix

    Command Mode To configure several domain names, use the domain-name command for several times. The Usage Guide newly-configured domain name will not overwrite the former ones. Configuration Ruijie(config-dhcp)# domain-name example.com Examples Related Command Description Set the DHCPv6 DNS server list.

  • Page 369: Ipv6 Dhcp Client Pd

    The following example shows how to enable the prefix information request on the interface: Configuration Ruijie(config)# interface fastethernet 0/1 Examples Ruijie(config-if)# ipv6 dhcp client pd pd_name Related Command Description Reset the DHCPv6 client function on the...

  • Page 370: Ipv6 Dhcp Pool

    DNS Server information, ect. After creating the DHCPv6 Server configuration pool, use the ipv6 dhcp server command to associate the pool and the DHCPv6 Server on one interface. Ruijie# configure terminal Configuration Ruijie(config)# ipv6 dhcp pool pool1 Examples Ruijie(config-dhcp)# Related Command...
  • Page 371 The following example shows how to set the relay destination address on the interface: Configuration Examples Ruijie(config)# interface fastethernet 0/1 Ruijie(config-if)# ipv6 dhcp relay destination 2008:1::1 The following example specifies the destination as 3001::2 while enabling DHCPv6 Relay service on the interface Interface VLAN1. Ruijie#configure terminal Enter configuration commands, one per line.

  • Page 372: Ipv6 Dhcp Server

    255, the client sends the request message to the server to obtain the configurations. DHCPv6 Client, Server and Relay functions are exclusive, and only one of the functions can be configured on the interface. Configuration Ruijie(config)# interface fastethernet 0/1 Examples Ruijie(config-if)# ipv6 dhcp server pool1 Related Command Description Set the DHCPv6 pool. Commands ipv6 dhcp pool Show the DHCPv6 pool information.

  • Page 373: Prefix-Delegation Pool

    Before receiving the request message for the address prefix from the client, DHCPv6 Server searches for the corresponding static binding first. If it succeeds, the server returns to the static binding; otherwise, the server will attempt to allocate the address prefix from other prefix information sources. Ruijie(config-dhcp)# prefix-delegation 2008:2::/64 0003000100d0f82233ac Configuration Examples Related...

  • Page 374: Show Ipv6 Dhcp

    The Server attempts to allocate a usable prefix from the prefix pool to the client upon receiving the prefix request from the client. That prefix will be allocated to other clients if the client no longer uses that prefix again. Configuration Ruijie(config-dhcp)# prefix-delegation pool client-prefix-pool lifetime 2000 Examples 1000 Related...

  • Page 375: Show Ipv6 Dhcp Binding

    If the ipv6-address is not specified, all prefixes dynamically assigned to the client and IANA address Usage Guide binding information are shown. If the ipv6-address is specified, the binding information for the specified address is shown. Configuration Ruijie# show ipv6 dhcp binding Examples Client DUID: 00:03:00:01:00:d0:f8:22:33:ac IAPD: iaid 0, T1 1800, T2 2880 Prefix: 2001:20::/72...

  • Page 376: Show Ipv6 Dhcp Conflict

    Use this command to show the DHCPv6 address conflicts. show ipv6 dhcp conflict Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Configuration Ruijie# show ipv6 dhcp conflict Examples 2008:50::2 declined 2108:50::2 declined 2008:50::3 declined 2008:50::4 declined 2108:50::4 declined...

  • Page 377: Show Ipv6 Dhcp Pool

    Command Reference DHCPv6 Commands interface-name is specified, the specified interface information is shown. Ruijie# show ipv6 dhcp interface Configuration VLAN 1 is in server mode Examples Server pool dhcp-pool Rapid-Commit: disable Related Command Description Commands Platform Description show ipv6 dhcp pool...
  • Page 378 (optional) by an interface for which the relay function has guideline been enabled by Relay Agent. The example below shows all the relay destination addresses. Examples Ruijie# show ipv6 dhcp relay destination all Interface: Vlan1 //interface for which the relay function has been enabled Destination address(es) Output Interface...

  • Page 379: Show Ipv6 Dhcp Server Statistics

    Command Reference DHCPv6 Commands N/A. Defaults Privileged EXEC mode. Command Mode N/A. Usage Guide Configuration Ruijie# show ipv6 dhcp relay statistics Examples Packets dropped Error Excess of rate limit Packets received : 28 SOLICIT REQUEST CONFIRM RENEW REBIND RELEASE DECLINE...
  • Page 380 Defaults Privileged EXEC mode. Command Mode This command is used to show the DHCPv6 server statistics. Usage Guide Configuration Ruijie# show ipv6 dhcp server statistics Examples DHCPv6 server statistics: Packet statistics: DHCPv6 packets received: Solicit received: Request received: Confirm received:...
  • Page 381 Command Reference DHCPv6 Commands Platform Description...

  • Page 382: Dhcpv6 Server Commands

    If you do not specify ipv6-address, all DHCPv6 bindings will be deleted. If you specify ipv6-address, Function only the DHCPv6 binding for the specified IPv6 address will be deleted. Description The following example deletes a DHCPv6 binding. Configuration Ruijie# clear ipv6 dhcp binding Examples Command Description Related Commands...
  • Page 383 Function addresses. Old DNS server addresses will not be overwritten by new ones. Description The following example configures a DNS server address. Configuration Examples Ruijie(config-dhcp)# dns-server 2008:1::1 Command Description Related Commands domain-name Configures the domain name of the DHCPv6 server.
  • Page 384 Command Reference DHCPv6 Server Commands The following example creates a domain name. Configuration Examples Ruijie(config-dhcp)# domain-name example.com Command Description Related Commands Configures a DNS server list for the DHCPv6 server. dns-server Configures a DHCPv6 pool. ipv6 dhcp pool Platform Description iana-address prefix Use this command to configure an IA_NA address prefix for a DHCPv6 server.
  • Page 385 Command Reference DHCPv6 Server Commands The following example configures an IA_NA address prefix for the DHCPv6 server. Configuration Examples Ruijie(config-dhcp)# iana-address prefix 2008:50::/64 lifetime 2000 1000 Command Description Related Commands Configures a DHCPv6 pool. ipv6 dhcp pool Displays the information of the DHCPv6 pool...
  • Page 386 After creating a DHCPv6 server configuration pool, you can use the ipv6 dhcp server command to associate the pool with the DHCPv6 Server service on an interface. The following example creates a DHCPv6 server configuration pool. Configuration Ruijie# configure terminal Examples Ruijie(config)# ipv6 dhcp pool pool1 Ruijie(config-dhcp)#...
  • Page 387 If the static binding exists, the DHCPv6 server returns it to the client; otherwise, the DHCPv6 server assigns an address prefix to the client. The following example configures an address prefix for a client. Configuration Examples Ruijie(config-dhcp)# prefix-delegation 2008:2::/64 0003000100d0f82233ac Related Command Description...
  • Page 388 When the client does not use this prefix, the DHCPv6 server assigns the prefix to another client. The following example configures a prefix pool for a DHCPv6 server. Configuration Ruijie(config-dhcp)# prefix-delegation pool client-prefix-pool lifetime Examples...
  • Page 389 Mode Function The DHCPv6 server, client, and relay on the same device share a DUID. Description The following example displays the DUID of a device. Configuration Ruijie# show ipv6 dhcp Examples This device's DHCPv6 unique identifier(DUID): 00:03:00:01:00:d0:f8:22:33:b0 Command Description Related...
  • Page 390 If you specify ipv6-address, only the DHCPv6 binding for the Description specified IPv6 address will be displayed. The following example displays DHCPv6 bindings. Ruijie# show ipv6 dhcp binding Client DUID: 00:03:00:01:00:d0:f8:22:33:ac Configuration IAPD: iaid 0, T1 1800, T2 2880...
  • Page 391 If you do not specify interface-name, all DHCPv6 interfaces will be displayed. If you specify Function interface-name, only information of the specified interface will be displayed. Description The following example displays DHCPv6 interfaces. Ruijie# show ipv6 dhcp interface Configuration VLAN 1 is in server mode Examples Server pool dhcp-pool...
  • Page 392 Command Reference DHCPv6 Server Commands information of the specified pool will be displayed. Description The following example displays DHCPv6 pools. Ruijie# show ipv6 dhcp pool Configuration DHCPv6 pool: dhcp-pool Examples DNS server: 2011:1::1 DNS server: 2011:1::2 Domain name: example.com Command...

  • Page 393: Port-Based Flow Control Commands

    The following example shows how to enable the ARP check function in interface configuration mode: Configuration Examples Ruijie(config)# interface gigabitethernet 1/1 Ruijie(config-if)# switchport port-security The following example shows how to enable the ARP check function in WLANSEC configuration mode:...
  • Page 394 If the parameter is not specified, all ARP check entries will be displayed. Usage Guide The following example shows how to display the ARP check entries on the interface: Configuration Ruijie#show interfaces arp-check list: Examples Interface Sender MAC Sender IP...

  • Page 395: Dot1X Auto-Req

    The following example sets the device to automatically initiate 802.1x authentication: Configuration Ruijie# configure terminal Examples Ruijie(config)# dot1x auto-req Ruijie(config)# end Ruijie(config)# show dot1x auto-req Auto-Req: Enabled User-Detect : Enabled Packet-Num : 0 Req-Interval: 30 Second Related Command...

  • Page 396: Dot1X Auto-Req Packet-Num

    Use the show dot1x auto-req command to view the setting of this function. Usage Guide The following example sets the device to automatically initiate 802.1x authentication continuously: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x auto-req packet-num 0 Ruijie(config)# end Ruijie# show dot1x auto-req Auto-Req: Enabled User-Detect : Enabled Packet-Num : 0...

  • Page 397: Dot1X Auto-Req Req-Interval

    Usage Guide The following example sets the time interval of sending authentication request message to 60s: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x auto-req req-interval 60 Ruijie(config)# end Ruijie# show dot1x auto-req Auto-Req: Enabled User-Detect : Enabled Packet-Num : 0...

  • Page 398: Dot1X Timeout Quiet-Period

    The following example sets the device to stop sending authentication request messages after the Configuration user gets on line: Examples Ruijie# configure terminal Ruijie(config)# dot1x auto-req user-detect Ruijie(config)# end Ruijie# show dot1x auto-req Auto-Req: Enabled User-Detect : Enabled Packet-Num : 0...

  • Page 399: Dot1X Timeout Re-Authperiod

    When authentication fails, the solicitator must wait for a period of time before reauthentication. Usage Guide The following example sets the time for waiting re-authentication to 1000s: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x timeout quiet-period 1000 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication mode:...
  • Page 400 Use show dot1x command to show the 802.1X configuration. Usage Guide The following example sets the period of re-authentication to 1000s: Configuration Ruijie# configure terminal Examples Ruijie(config)# dot1x timeout re-authperiod 1000 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication mode...

  • Page 401: Dot1X Timeout Server-Timeout

    Use the show dot1x command to show 802.1X configuration. Usage Guide The following example sets the authentication timeout of the authentication server to 10s: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x timeout server-timeout 10 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication mode:...

  • Page 402: Dot1X Timeout Supp-Timeout

    Use the show dot1x command to show 802.1X configuration. Usage Guide Configuration The following example sets the authentication timeout between the device and Examples the supplicant to 10s: Ruijie# configure terminal Ruijie(config)# dot1x timeout supp-timeout 10 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication Mode: EAP-MD5...

  • Page 403: Dot1X Timeout Tx-Period

    Use the show dot1x command to show 802.1X configuration. Usage Guide The following example sets the interval of retransmission to 10s: Configuration Ruijie# configure terminal Examples Ruijie(config)# dot1x timeout tx-period 10 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication mode:...

  • Page 404: Dot1X Re-Authentication

    This command will reauthenticate the supplicant periodically after he passes the authentication. Use Usage Guide show dot1x command to show 802.1X configuration. The following example enables the re-authentication function: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x re-authentication Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled...

  • Page 405: Dot1X Reauth-Max

    Global configuration mode. Command Mode Use this command to specify the maximum number of supplicant reauthentications. Use show dot1x Usage Guide command to show 802.1X configuration. The following example sets the maximum number of re-authentications: Configuration Examples Ruijie# configure terminal...

  • Page 406: Dot1X Authentication

    Command Reference 802.1X Commands Ruijie(config)# dot1x reauth-max 5 Ruijie(config)# end Ruijie# show dot1x 802.1X Status: Enabled Authentication mode: EAP-MD5 Authed User Number: Re-authen Enabled: Enable Re-authen Period: 1000 sec Quiet Timer Period: 1000 sec Tx Timer Period: 10 sec Supplicant Timeout:...

  • Page 407: Dot1X Auth-Mode

    The following command demonstrates how to associate a method list on the interface and use group Configuration radius for authentication. Examples Ruijie# configure terminal Ruijie(config)# aaa new-model Ruijie(config)# aaa authentication dot1x default group radius Ruijie(config)# interface fastEthernet0/1 Ruijie(config-if)# dot1x authentication default Ruijie(config-if)# end Ruijie# Related...

  • Page 408: Dot1X Default

    Command Reference 802.1X Commands This example shows how to configure the 802.1X authentication mode: Configuration Ruijie# configure terminal Examples Ruijie(config)# dot1x auth-mode chap Ruijie(config)# end Ruijie# Related Command Description Commands show dot1x Shows the information about 802.1x. Platform Description dot1x default Use this command to restore part of 802.1x parameters to the default value.

  • Page 409: Dot1X Dhcp-Before-Acct Enable

    Command Mode Use the show running-config command to view the setting. Usage Guide The following example only uses a private client : Configuration Examples Ruijie# configure t Ruijie(config)# dot1x dhcp-before-acct enable Ruijie(config)# end Ruijie# Related Command Description Commands show dot1x Shows the information about 802.1x.

  • Page 410: Dot1X Max-Req

    Command Mode Use the show running-config command to view the setting. Usage Guide The following settings use a private client only: Configuration Ruijie# configure t Examples Ruijie(config)# dot1x dhcp-before-acct timeout 1 Ruijie(config)# end Ruijie# Related Command Description Commands show running-config Views the settings.

  • Page 411: Dot1X Offline-Detect

    By default, this function is enabled. It is helpful to solve wrong fee-deduction problems due to Usage Guide abnormal terminal offline. The following example demonstrates how to set the 802.1x flow detect: Configuration Ruijie# configure terminal Examples Ruijie(config)# wlansec 1 Ruijie(config-wlansec)dot1x offline-detect interval 10 flow 10 Ruijie(config-wlansec)# end Related Command Description...

  • Page 412: Dot1X Redirect Url

    URL accessed by the user to the configured URL, which is began with http://, take http://ruijie.net/web for example. It is worth mentioning that only http:// is supported and only one redirection address can be configured.

  • Page 413: Dot1X Redirect For Special Tcp-Destination Port

    The valid TCP port number range is 1-65535. Usage Guide The following example sets the redirect tcp destination port as 8443: Configuration Examples Ruijie# configure terminal Ruijie(config)# dot1x redirect for special tcp-destination port 8443 Related Command Description Commands Sets the redirect url address.

  • Page 414: Dot1X Redirect Num For Special Source-Ip

    The default value is 3. Defaults Privileged EXEC mode. Command Mode Usage Guide The following example set the redirect timeout time as 5s: Configuration Ruijie(config)# dot1x redirect time-out 5 Examples Related Command Description Commands dot1x redirect url Sets the redirect url address.

  • Page 415: Show Dot1X

    Privileged EXEC mode. Command Mode Usage Guide The following example set the redirect connection number as 3: Configuration Examples Ruijie(config)# dot1x redirect num for special source-ip 3 Related Command Description Commands Sets the redirect url address. dot1x redirect url Sets the specific destination port and redirect dot1x redirect for special tcp-destination port the web request for the destination IP.

  • Page 416: Show Dot1X Auto-Req

    3 times Filter Non-RG Supp: Disabled Client Oline Probe: Disabled Eapol Tag Enable: Disabled Authorization Mode: Group Server Ruijie# Related Command Description Commands Sets the 802.1x authentication mode. dot1x auth-mode Sets the maximum number of authentication dot1x max-req request retransmissions.
  • Page 417 Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the information about automatic 802.1x authentication: Configuration Ruijie# show dot1x auto-req Examples Auto-Req: Disabled User-Detect : Enabled Packet-Num : 0 Req-Interval: 30 Seconds Ruijie# Related Command...

  • Page 418: Show Dot1X Max-Req

    Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the information about the private supplicant: Configuration Ruijie# show dot1x private-supplicant-only Examples private-supplicant-only:: disabled Ruijie# Related Command Description Commands Set the 802.1x authentication mode. dot1x auth-mode...

  • Page 419: Show Dot1X Probe-Timer

    Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the online probing configuration: Configuration Examples Ruijie# show dot1x probe-timer Hello Interval: 20 Seconds Hello Alive: 250 Seconds Ruijie# Related Command Description Commands Set the 802.1x authentication mode.

  • Page 420: Show Dot1X Re-Authentication

    Description Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the information about reauthentication: Configuration Examples Ruijie# show dot1x re-authentication eauth-enabled: disabled Ruijie# Related Command Description Commands Set the 802.1x authentication mode. dot1x auth-mode Set the maximum number of authentication dot1x max-req request retransmissions.

  • Page 421: Show Dot1X Reauth-Max

    Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the information about the maximum number of re-authentications: Configuration Examples Ruijie# show dot1x reauth-max reauth-max: 2 times Ruijie# Related Command Description Commands Set the 802.1x authentication mode. dot1x auth-mode...

  • Page 422: Show Dot1X Summary

    Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the summary of 802.1x authentication: Configuration Ruijie# show dot1x summary Examples User Interface VLAN Auth-State Backend-State Port-Status User-Type Time -------- ---------- -------------- --------- ---- ---------------...

  • Page 423: Show Dot1X Timeout

    Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the information about the time for the device to wait before Configuration reauthentication: Examples Ruijie# show dot1x timeout quiet-period quiet-period: 60 sec Ruijie#...
  • Page 424 Command Reference 802.1X Commands Related Command Description Commands Sets the 802.1x authentication mode. dot1x auth-mode Sets the maximum number of authentication dot1x max-req request retransmissions. Sets the port to participate in authentication. dot1x port-control auto Sets the maximum number of the supplicant dot1x reauth-max re-authentications.

  • Page 425: Web Authentication Commands

    This command configuration is for the first generation Web authentication Portal server address, not Usage Guide for the second generation Web authentication. #Designate the IPv4 address of the HTTP redirection as 172.16.0.1. Configuration Examples Ruijie(config)# http redirect 172.16.0.1 Related Command Description Commands Shows the configurations of HTTP redirection.
  • Page 426 Website. You can configure a maximum of 100 authentication-free network resources. #Set the Website with the IP address of 172.16.0.0 as an authentication-free network resource. Configuration Examples Ruijie(config)# http redirect direct-site 172.16.0.1 Related Command Description Commands Shows the configuration of HTTP redirection.
  • Page 427 In general, while using the external web authentication, configure the released gateway arp; while using the built-in web authentication, configure the released host arp. #Configure the direct gateway ARP with the IP address 172.16.0.1. Configuration Ruijie(config)# http redirect direct-arp 172.16.0.1 Examples Related Command...
  • Page 428 Command Reference Web Authentication Commands To apply Ruijie first generation Web authentication function successfully, you need to configure the Usage Guide homepage address of the authentication page. #Set the homepage address of the authentication page to http://www.ruijie-eportal.net:8080/login Configuration Ruijie(config)# Examples http redirect homepage http://www.ruijie-eportal.net:8080/login...
  • Page 429 HTTP sessions. Therefore, it is not recommended to set the maximum number of HTTP sessions for unauthenticated users to 1. #Set the maximum number of HTTP sessions for an unauthenticated user to 4. Configuration Examples Ruijie(config)# http redirect session-limit 4...
  • Page 430 TCP connection for a long time but not send the GET/HEAD message. #Set the timeout period that maintains the redirection connection to 4 seconds. Configuration Examples Ruijie(config)# http redirect timeout 4 Related Command Description Commands Shows the configuration of HTTP redirection.

  • Page 431: Iportal Service

    You need to configure the same name as the SAM when the device is self-defined. #Set the service name of the extranet as intranet. Configuration Examples Ruijie(config)# iportal service internet intranet Related Command Description Commands Shows the system configuration.

  • Page 432: Iportal Retransmit

    The feature string of the terminal type in UA requests is configured in string. The field name is used to identify a self-defined terminal. Different self-defined terminals cannot share the same name. #Add an ipod terminal with “ipod” as its feature string. Configuration Ruijie(config)# iportal user-agent ipod type mobile ipod Examples Related Command...

  • Page 433: Portal-Server

    Parameter Description Description The server name serves as the index and unique identifier of a Ruijie second-generation Portal Server. Naming restrictions are as follows: The name cannot be the same as the keyword. The name can be a combination of uppercase/lowercase English portal-name letters, digits and special symbols.

  • Page 434: Web-Auth Accounting V2

    Description web-auth accounting v2 Use this command to specify the accounting method list used for Ruijie second-generation web authentication. This command is supported in both global mode and WLAN security mode. Use the no form of this command to restore the default settings.

  • Page 435: Web-Auth Acct-Update-Interval

    #Configure a network-related AAA accounting method list named "comm_acct", use the default Configuration RADIUS server group named "radius" and apply it to the accounting method list for Ruijie Examples second-generation web authentication based on WLAN 100.

  • Page 436: Web-Auth Accounting Jitter-Off

    This command can only be displayed and supported after the second-generation web authentication has been enabled. #Configure the accounting update interval for Ruijie second-generation web authentication as 3 Configuration minutes. Examples Ruijie# configure terminal Enter configuration commands, one per line.

  • Page 437: Web-Auth Authen-Mode

    3. Please refer to Wireless Security Configuration for the details of this function. # Include the checking time in the on-line time. Configuration Ruijie# configure terminal Examples Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# web-auth accounting jitter-off Related Command Description Commands Configures WEB authentication jitter-off time.

  • Page 438: Web-Auth Dhcp-Check

    #Configure only IPv6 authentication mode in WLAN 100. Configuration Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# wlansec 100 Ruijie(wlansec)# web-auth authen-mode ipv6 Ruijie(wlansec)# exit Related Command Description Commands This command is supported only on wireless products.

  • Page 439: Web-Auth Authentication V2

    Description web-auth authentication v2 Use this command to specify the authentication method list used for Ruijie second-generation web authentication. This command is supported in both the global mode and WLAN security mode. Use the no form of this command to restore the default settings.

  • Page 440: Web-Auth Direct-Host

    Command Reference Web Authentication Commands Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# aaa authentication web-auth edu_authen group radius Ruijie(config)# wlansec 100 Ruijie(wlansec)# web-auth authentication v2 edu_authen Ruijie(wlansec)# exit Related Command Description Commands Configures AAA authentication method list for aaa authentication web-auth web authentication.

  • Page 441: Web-Auth Httprd-Guard

    Command Reference Web Authentication Commands #Set the user with the IP address of 172.16.0.1 as an authentication-free user. Configuration Ruijie(config)# web-auth direct-host 172.16.0.1 Examples Related Command Description Commands Shows the IP address scope free of web show web-auth direct-host authentication.

  • Page 442: Web-Auth Offline-Detect Flow

    Usage Guide #Enable the traffic detection function, and set the detection interval as 3 minutes, and the detection Configuration threshold as 1024 bytes. Examples Ruijie(config)# web-auth offline-detect flow idle-timeout 3 threshold 1024 Related Command Description Commands Shows online information about all users or show web-auth user specified users.

  • Page 443: Web-Auth Portal Key

    Global configuration mode Command mode Configuration of this parameter is required for the first generation Web authentication Usage Guide #Set the communication key used between device and authentication server as ruijie. Configuration Examples Ruijie(config)# web-auth portal key ruijie Related Command...
  • Page 444 If this command is configured in the WLAN safe configuration mode, the global commands will not take effect in the WLAN security configuration. #Enable Ruijie second-generation web authentication, configure the name of Portal Server as Configuration "edu-portal" and specify this server as the Portal Server for WLAN 100.

  • Page 445: Web-Auth Portal-Check

    Configuration timeout as 2 seconds and retransmission time as 4 times. Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#web-auth portal-check interval 5 timeout 2 retransmit 4 Related Command Description Commands Configures the Portal Server information for the portal-server second-generation web authentication.

  • Page 446: Web-Auth Portal-Escape

    By default, portal escape is disabled. Defaults Global configuration mode Command mode Usage Guide #Enable portal escape. Configuration Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)#web-auth portal-escape Related Command Description Commands Configures the Portal Server information for the portal-server second-generation web authentication.

  • Page 447: Web-Auth Update-Interval

    #Disable link detection and enable traffic detection. Configuration Examples Ruijie# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie(config)# no web-auth sta-leave detection Ruijie(config)# web-auth offline-detect flow Related Command Description Commands Low-traffic and connection failure detection.

  • Page 448: Webauth-Proxy Enable

    Command Reference Web Authentication Commands #Set the interval of updating the online user’s information to 120 seconds. Configuration Ruijie(config)# web-auth update-interval 120 Examples Related Command Description Commands Platform Description webauth-proxy enable Use this command to enable proxy detection. Use the no form of this command to disable proxy detection.
  • Page 449 By default, the first generation Web authentication is used after being enabled. Usage Guide # Enable the Web authentication function on port WLAN 1, and use Ruijie first generation portal Configuration server to perform authentication. The IP address of the portal server is 172.20.1.1, the authentication Examples page URL is http://172.20.1.1/eportal.htm, the key is ruijie.

  • Page 450: Clear Web-Auth Portal Statistics

    Description Defaults Privileged EXEC mode Command mode The user can use this command to clear the statistics of Ruijie second-generation web authentication Usage Guide and restart statistics. #Clear statistics of Ruijie second-generation web authentication on the device. Configuration Ruijie# clear web-auth portal statistics Ruijie(config-interface-vfc)#bind Examples mac-address 001d.0928.b62f...
  • Page 451 #Log out the web authenticated user with the IP address 172.250.22.14. Configuration Examples Ruijie# clear web-auth user by ip 172.250.22.14 Related Command Description Commands...
  • Page 452 You can show the configurations such as HTTP redirection server, interception port, direct user and Usage Guide direct destination IP address by this command. #Show the configuration of HTTP redirection. Configuration Ruijie# display http redirect Examples HTTP redirection settings: server: 192.168.32.123...
  • Page 453 Command Reference Web Authentication Commands The filed indicates the timeout period that maintains timeout the redirection connection. The field indicates the direct destination IP of an Direct sites authentication-free network resource. Direct arp addresses The field indicates the direct ARP address. field indicates address...

  • Page 454: Show Httprd-Guard User

    --------- ------------------- -------------- ------------------- 192.168.1.1 FFFF:FFFF:FFFF 2014-7-11 11:02:07 --------- ------------------- -------------- ------------------- Related Command Description Commands Configures the Web authentication redirection web-auth httprd-guard guard. Platform Description show web-auth portal Use this command to show relevant configuration and statistics of Ruijie second-generation portal...
  • Page 455 [ parameters | statistics | by-name portal-name ] ] Parameter Parameter Description Description (Optional) Shows relevant parameters of Ruijie second-generation parameters web authentication. (Optional) Shows the configuration of the global AAA method list for Ruijie second-generation web authentication. (Optional) Shows statistics of Ruijie second-generation web statistics authentication.

  • Page 456: Show Web-Auth Direct-Host

    Total amount of passed authentication requests. Auth Failure Count Total amount of failed authentication requests Total amount authentication responses Auth Rsp Send Succ Count successfully sent by the device. Ruijie(config)#interface vfc 2 Ruijie(config-interface-vfc)#bind mac-address 001d.0928.b62f Related Command Description Commands Clears statistics about...

  • Page 457: Show Web-Auth Control

    Web Authentication Commands Parameter Parameter Description Description Defaults Privileged EXEC mode Command mode Usage Guide #Display the authentication-free users. Configuration Ruijie# display web-auth direct-host Examples Direct hosts: Address Mask Port ARP Binding ---------------- ---------------- ---------- ------------ 192.168.0.1 255.255.255.255 Fa0/2 192.168.4.11 255.255.255.255...

  • Page 458: Show Web-Auth User

    Use this command to show the status of web authentication. Usage Guide #Show the authentication configuration and statistics on an interface. Configuration Examples Ruijie#show web-auth control Port Control Server Name Authentication mode Online User Count ------------------------- -------- --------------------- -----------------...
  • Page 459 Command Reference Web Authentication Commands Shows all types of Web authentication users. Shows all Ruijie first generation Web authentication users. (Optional) Shows only online users. Online-only Shows all Ruijie second generation portal Web authentication users. Shows all Ruijie built-in portal Web authentication users.
  • Page 460 Time Used Used online hours, only applicable for online users. The specific status of users The specific status of Ruijie first authentication users is as follows: Active: meaning users are normally online Status Create: meaning users have been just created and configuration has not...
  • Page 461 Authenticating: Authentication is in progress. WaitAffAckAuth: Authentication succeeds; the result has been reported to Ruijie second generation Portal and the device is waiting for Portal confirmation. Authenticated: Users’ authentication succeeds, and users are online. WaitAckLogout: The device logs out the user, and has reported to Portal.

  • Page 462: Aaa Commands

    RADIUS security server is used for authentication first. If the Examples RADIUS security server does not respond within the specified period of time, the local user database is used for authentication.. Ruijie(config)# aaa authentication dot1x rds_d1x group radius local Related Command Description Enables the AAA security service.

  • Page 463: Aaa Authentication Enable

    RADIUS security server is used for authentication first. If the RADIUS security server Examples does not respond with the specified period of time, the local user database is used for authentication. Ruijie(config)# aaa authentication enable default group radius local Related Command...

  • Page 464: Aaa Authentication Login

    Command Reference AAA Commands Enables the AAA security service. Commands aaa new-model Switches the user level. enable Defines a local user database. username Platform Description aaa authentication login Use this command to enable AAA login authentication and configure a login authentication method list in global configuration mode.

  • Page 465: Aaa Authentication Ppp

    Command Reference AAA Commands Ruijie(config)# aaa authentication login list-1 group radius local Related Command Description Enables the AAA security service. Commands aaa new-model Defines a local user database. username Applies the login authentication method to a terminal line. login authentication...
  • Page 466 Command Reference AAA Commands security server does not respond within the specified period of time, the local user database is used for authentication. Ruijie(config)# aaa authentication ppp rds_ppp group radius local Related Command Description Enables the AAA security service. Commands aaa new-model Associates a specific method list with a PPP user.

  • Page 467: Aaa Authorization Commands

    You must apply the configured command authorization method to the terminal line that requires command authorization; otherwise, the configured command authorization method is ineffective. The following example uses the TACACS+ server to authorize level 15 commands. Configuration Examples Ruijie(config)# aaa authorization commands 15 default group tacacs+...

  • Page 468: Aaa Authorization Config-Commands

    This action allows you to run commands in configuration mode and its sub-mode without command authorization. The following example enables the configuration command authorization function. Configuration Examples Ruijie(config)# aaa authorization config-commands Related Command Description Enables the AAA security service. Commands aaa new-model Defines AAA command authorization.

  • Page 469: Aaa Authorization Exec

    The following example enables the command authorization function for users that log in from the Configuration console. Examples Ruijie(config)# aaa authorization console Related Command Description Enables the AAA security service. Commands aaa new-model Defines AAA command authorization.

  • Page 470: Aaa Authorization Network

    You must apply the configured EXEC authorization method to the terminal line that requires EXEC authorization; otherwise the configured method is ineffective. The following example uses the RADIUS server to implement EXEC authorization. Configuration Examples Ruijie(config)# aaa authorization exec default group radius Related Command Description Commands Enables the AAA security service.

  • Page 471: Authorization Commands

    The RADIUS or TACACS+ server authorizes authenticated users by returning a series of attributes. Therefore, network authorization is based on autheitcation. Network authorization is performed only on authenticated users. The following example uses the RADIUS server to authorize network services. Configuration Ruijie(config)# aaa authorization network default group radius Examples Related Command Description Enables the AAA security service.

  • Page 472: Authorization Exec

    TACACS+ as the security server. The none method will be used if the server Examples does not respond. The configured method list is applied to the VTY 0 – 4 line. Ruijie(config)# aaa authorization commands 15 cmd group tacacs+ none Ruijie(config)# line vty 0 4 Ruijie(config-line)# authorization commands 15 cmd...

  • Page 473: Aaa Accounting Commands

    The none method will be used if the server does not respond. The configured Examples method list is applied to the VTY 0 – 4 line. Ruijie(config)# aaa authorization exec exec-1 group radius none Ruijie(config)# line vty 0 4 Ruijie(config-line)# authorization exec exec-1...

  • Page 474: Aaa Accounting Exec

    The following example performs accounting on the command requests from usersby using Configuration TACACS+, and configures the accounting command level to 15. Examples Ruijie(config)# aaa accounting commands 15 default start-stop group tacacs+ Related Command Description Enables the AAA security service.

  • Page 475: Aaa Accounting Network

    The following example performs accounting on users' NAS login activities by using RADIUS, and Configuration sends accounting messages at the start time and end time of access. Examples Ruijie(config)# aaa accounting exec default start-stop group radius Related Command Description Enables the AAA security service.

  • Page 476: Aaa Accounting Update

    The following example performs accounting on the network service requests from users by using Configuration RADIUS, and sends accounting messages at the start time and end time of network access: Examples Ruijie(config)# aaa accounting network default start-stop group radius Related Command Description Enables the AAA security service.

  • Page 477: Aaa Accounting Update Periodic

    AAA security service is enabled. The following example sets the accounting update interval to one minute. Configuration Examples Ruijie(config)# aaa new-model Ruijie(config)# aaa accounting update Ruijie(config)# aaa accounting update periodic 1 Related Command Description Enables the AAA security service. Commands aaa new-model Defines a network accounting method list.

  • Page 478: Accounting Commands

    TACACS+ as the security server. The none method will be used if the server Examples does not respond. The configured method list is applied to the VTY 0 – 4 line. Ruijie(config)# aaa accounting commands 15 cmd group tacacs+ none Ruijie(config)# line vty 0 4 Ruijie(config-line)# accounting commands 15 cmd...

  • Page 479: Aaa Domain

    The none method will be used if the server does not respond. The configured Examples method list is applied to the VTY 0 – 4 line. Ruijie(config)# aaa accounting exec exec-1 group radius none Ruijie(config)# line vty 0 4 Ruijie(config-line)# accounting exec exec-1...

  • Page 480: Aaa Doman Enable

    If users carry this domain name, the method lists associated with this domain are used. Currently, the system can configure up to 32 domains. The following example configures a domain name. Configuration Examples Ruijie(config)# aaa domain ruijie.com Ruijie(config-aaa-domain)# Related Command Description Enables the AAA security service.

  • Page 481: Access-Limit

    Command Mode Use this command to configure the maximum number of users for domains. Usage Guide The following example sets the maximum number of users to 20 for the domain named ruijie.com. Configuration Ruijie(config)# aaa domain ruijie.com Examples Ruijie(config-aaa-domain)# access-limit 20...

  • Page 482: Authentication Dot1X

    Mode Use this command to configure a network accounting method list for a domain. Usage Guide The following example configures a network accounting method list for a domain. Configuration Ruijie(config)# aaa domain ruijie.com Examples Ruijie(config-aaa-domain)# accounting network default Related Command Description Enables the AAA security service.

  • Page 483: Authorization Network

    IEEE802.1x authentication method list for a domain. Usage Guide The following example configures an IEEE802.1x authentication method list for a domain. Configuration Ruijie(config)# aaa domain ruijie.com Examples Ruijie(config-aaa-domain)# authentication dot1x default Command Description Enables the AAA security service.

  • Page 484: Show Aaa Domain

    Use this command to set whether the specified configured domain is valid. Usage Guide The following example sets the configured domain to be invalid. Configuration Examples Ruijie(config)# aaa domain ruijie.com Ruijie(config-aaa-domain)# state block Related Command Description Enables the AAA security service.
  • Page 485 Privileged EXEC mode Command Mode If no domain name is specified, all domain information will be displayed. Usage Guide The following example displays the domain named domain.com. Ruijie# show aaa domain domain.com =============Domain domain.com============= State: Active Configuration Username format: Without-domain Examples Access limit: No limit 802.1X Access statistic: 0...

  • Page 486: Aaa Group Server

    Use this command to confgure AAA server groups. Currently, the RADIUS and TACACS+ server Usage Guide groups are supported. The following example configures an AAA server group. Configuration Examples Ruijie(config)# aaa group server radius ss Ruijie(config-gs-radius)# end Ruijie# show aaa group Group Name: ss Group Type: radius Referred:...

  • Page 487: Ip Vrf Forwarding

    Server group configuration mode Mode Use this command to select VRF for the specified server group. Usage Guide The following example selects VRF for a server group. Ruijie(config)# aaa group server radius ss Configuration Ruijie(config-gs-radius)# server 192.168.4.12 Examples Ruijie(config-gs-radius)# server 192.168.4.13...

  • Page 488: Show Aaa Group

    Use this command to add a server to the specified server group. The default value is used if no port is Usage Guide specified. The following example adds a server to a server group. Ruijie(config)# aaa group server radius ss Ruijie(config-gs-radius)# server 192.168.4.12 acct-port 5 auth-port 6 Ruijie(config-gs-radius)# end Ruijie# show aaa group Configuration Ruijie# show aaa group...

  • Page 489: Aaa Local Authentication Attempts

    Use this command to configure the maximum login attempt times. Usage Guide The following example sets the maximum login attempt times to 6. Configuration Ruijie# configure terminal Examples Ruijie(config)# aaa local authentication attempts 6 Related Command Description Displays the current equipment configuration. Commands show running-config Displays the lockout configuration parameter of the current login.

  • Page 490: Aaa Local Authentication Lockout-Time

    Use this command to configure the length of lockout-time when the maximum login attempt times are Usage Guide exceeded. The following example sets the length of lockout-time to 5 hours. Configuration Ruijie# configure terminal Examples Ruijie(config)# aaa local authentication lockout-time 5 Related Command Description Displays the current equipment configuration. Commands show running-config Displays the lockout configuration parameter of the current login.

  • Page 491: Clear Aaa Local User Lockout

    Usage Guide The following example clears all lockout user lists Configuration Examples Ruijie# clear aaa local user lockout all Command Description Related Displays the current equipment configuration. show running-config Commands Displays the lockout configuration parameter of the current login.

  • Page 492: Show Aaa Method-List

    Command Mode Use this command to query all AAA method lists. Usage Guide The following example displays AAA method lists. Ruijie# show aaa method-list Authentication method-list Configuratin aaa authentication login default group radius Examples aaa authentication ppp default group radius...

  • Page 493: Show Aaa User Lockout

    Use this command to query the current lockout user list and the length of lockout-time. Usage Guide The following example displays the current lockout user list. Configuration Examples Ruijie# show aaa user lockout Command Description Related Displays the current equipment configuration.

  • Page 494: Ip Radius Source-Interface

    The following example specifies that the RADIUS packet obtains an IP address from the Configuration fastEthernet 0/0 interface and uses it as the source IP address of the RADIUS packet. Examples Ruijie(config)# ip radius source-interface fastEthernet 0/0 Related Command Description Commands Defines the RADIUS server.

  • Page 495: Radius Attribute

    { id | down-rate-limit | dscp | mac-limit | up-rate-limit} vendor-type Parameter Parameter Description Function ID in the range from 1 to 255 Description Private attribute type type Only the default configuration of private attributes in Ruijie is recognized. Defaults Function Type max down-rate user ip vlan-id version to client...

  • Page 496: Radius-Server Attribute

    Mode Use this command to configure the type value of a private attribute. Usage Guide The following example sets the type of max up-rate to 211. Configuration Ruijie(config)# radius attribute 16 vendor-type 211 Examples Related Command Description Sets the qos value sent by the RADIUS server as the cos...

  • Page 497: Radius-Server Dead-Ctriteria

    Usage Guide format. In this case, the RADIUS Calling-Station-ID attribute must be set to the IETF format type. The following example defines the RADIUS Calling-Station-ID attribute as the IETF format. Configuration Ruijie(config)# radius-server attribute 31 mac format ietf Examples Related Command...

  • Page 498: Radius-Server Deadtime

    The following example sets the timeout period to 120s and the successive timeout times to 20. Configuration Examples Ruijie(config)# radius-server dead-criteria time 120 tries 20 Command Description Related Defines the host of the RADIUS security server.

  • Page 499: Radius-Server Host

    Command Reference RADIUS Commands The following example sets the duration when a device stops sending requests to a RADIUS Configuration server to 1 minute. Examples Ruijie(config)# radius-server deadtime 1 Related Command Description Defines the criteria of determining that a RADIUS Commands radius-server dead-criteria server is unreachable.

  • Page 500: Radius-Server Key

    The following example defines an IPv4 RADIUS security server host, enables active detection with the detection interval 60 minutes, and disables accounting UDP port detection. Ruijie(config)# radius-server host 192.168.100.1 test username viven idle-time 60 ignore-acct-port The following example defines an IPv6 RADIUS security server host.

  • Page 501: Radius-Server Retransmit

    In order to allow the device to communicate with the RADIUS security server, define the same shared password on the device and the RADIUS security server. The following example defines the shared password aaa for the RADIUS security server. Configuration Examples Ruijie(config)# radius-server key aaa Related Command Description Defines the RADIUS security server host.

  • Page 502: Radius-Server Timeout

    Mode Use this command to change the timeout period of packet retransmission. Usage Guide The following example sets the timeout period to 10 seconds. Configuration Examples Ruijie(config)# radius-server timeout 10 Related Command Description Defines the RADIUS security server host. Commands radius-server host Defines the RADIUS packet retransmission times.

  • Page 503: Radius Vendor-Specific Extend

    Parameter Parameter Description Description Only the private vendor IDs of Ruijie are recognized by default. Defaults Global configuration mode Command Mode Use this command to identify the attributes of all vendor IDs by type.

  • Page 504: Debug Radius

    Command Reference RADIUS Commands Ruijie(config)# radius vendor-specific extend Examples Related Command Description Configures the private vendor type. Commands radius attribute Configures whether the qos value sent by the radius set qos cos RADIUS server to the cos value of an interface.

  • Page 505: Show Radius-Server

    Privileged EXEC mode Command Mode Use this command to query the global parameters of the RADIUS server. Usage Guide Configuration Ruijie# show radius parameter Examples Server Timout: 5 Seconds Server Deadtime: 0 Minutes Server Retries: 3 Server Dead Critera: Time:...
  • Page 506 Command Reference RADIUS Commands Privileged EXEC mode Command Mode Use this command to query the configuration of the RADIUS server. Usage Guide Ruijie# show radius server Configuration Examples Server IP: 192.168.4.12 Accounting Port: 23 Authen Port: Test Username: viven Test Idle Time: 10 Minutes...

  • Page 507: Show Radius Vendor-Specific

    Description Defaults Privileged EXEC mode Command Mode Use this command to query the configuration of the private attribute types of RADIUS. Usage Guide Configuration Ruijie# show radius vendor-specific Examples Ruijie#show radius vendor-specific id vendor-specific type-value ----- -------------------- ---------- max-down-rate port-priority...
  • Page 508 Command Reference RADIUS Commands 23 login-privilege 26 ipv6-multicast-addre 79 27 ipv4-multicast-addre 87 Related Command Description Defines the RADIUS security server host. Commands radius-server host Defines the RADIUS packet retransmission times. radius-server retransmit Defines a shared password for the RADIUS server. radius-server key Defines the timeout period of RADIUS packet retransmission.

  • Page 509: Tacacs+ Commands

    The following example configures a TACACS+ server group named tac1 and a TACACS+ server Configuration address 1.1.1.1 in this group: Examples Ruijie(config)#aaa group server tacacs+ tac1 Ruijie(config-gs-tacacs+)# server 1.1.1.1 Ruijie(config-gs-tacacs+)# ip vrf forwarding vpn1 Related Command...

  • Page 510: Ip Tacacs Source-Interface

    Command Reference TACACS+ Commands debug tacacs+ no debug tacacs+ Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Configuration Examples Related Command Description Commands Platform Description ip tacacs source-interface Use this command to configure the source IP address of TACACS+ packet. ip tacacs source-interface interface no ip tacacs source-interface Parameter...
  • Page 511 Command Reference TACACS+ Commands The following example specifies TACACS+ packet to obtain ip address from fastEthernet 0/0 as the Configuration source IP address of TACACS+ packets: Examples Ruijie(config)# ip tacacs source-interface fastEthernet 0/0 Related Command Description Commands Defines a TACACS+ server.

  • Page 512: Show Tacacs

    For the IP address of the servers in TACACS+ group servers, when one server does not reply, it will send the request to the next server. The following example configures a TACACS+ server group named tac1 and a TACACS+ server Configuration address 1.1.1.1 in this group: Examples Ruijie(config)#aaa group server tacacs+ tac1 Ruijie(config-gs-tacacs+)#server 1.1.1.1 Related Command Description Commands Configures a TACACS+ server group.

  • Page 513: Tacacs-Server Host

    Privileged EXEC mode. Command Mode Use this command to show the interoperation of each TACACS+ server. Usage Guide Configuration Ruijie# show tacacs Examples Tacacs+ Server : 172.19.192.80/49 Socket Opens: 0 Socket Closes: 0 Total Packets Sent: 0 Total Packets Recv: 0...

  • Page 514: Tacacs-Server Key

    Usage Guide You can define one or multiple TACACS+ secure servers by using the tacacs-server host command. The following example defines a TACACS+ secure server host: Configuration Examples Ruijie(config)# tacacs-server host 192.168.12.1 Ruijie(config)# tacacs-server host 2001::1 Related Command Description Commands...

  • Page 515: Tacacs-Server Timeout

    Command Reference TACACS+ Commands The following example defines the shared password of TACACS+ secure server as Configuration aaa: Examples Ruijie(config)# tacacs-server key aaa Related Command Description Commands Defines a TACACS+ secure server host. tacacs-server host Defines the timeout timer of TACACS+ packet.

  • Page 516: Ssh Commands

    A key can be deleted by using the crypto key zeroize command. The no crypto key generate command is not available. Ruijie# configure terminal Configuration Ruijie(config)# crypto key generate rsa Examples Related Command Description Displays the current status of the SSH server.

  • Page 517: Ip Ssh Authentication-Retries

    Usage Guide server state becomes DISABLE. If you want to disable the SSH server, run the no enable service ssh-server command. Ruijie# configure terminal Configuration Ruijie(config)# crypto key zeroize rsa Examples Related Command Description Displays the current status of the SSH server.

  • Page 518: Ip Ssh Timeout

    Command Reference SSH Commands Ruijie# configure terminal Examples Ruijie(config)# ip ssh authentication-retries 2 Related Command Description Displays the current status of the SSH server. Commands show ip ssh Platform Description ip ssh time-out Use this command to set the user authentication timeout period on the SSH server.

  • Page 519: Disconnect Ssh

    Use the show ip ssh command to display the current status of SSH server. The following example sets the version of the SSH server to Version 2. Configuration Examples Ruijie# configure terminal Ruijie(config)# ip ssh version 2 Related Command Description Displays the current status of the SSH server.

  • Page 520: Show Crypto Key Mypubkey

    Use this command to query the public key part of the generated public key on the SSH server, Usage Guide including the key generation time, key name, and contents of the public key part. Configuration Ruijie# show crypto key mypubkey rsa Examples Related Command...

  • Page 521: Show Ssh

    SSH server is enabled, authentication timeout period, and authentication retry times. Note: If no key is generated for the SSH server, the SSH version is still unavailable even if this SSH version has been configured. Configuration Ruijie# show ip ssh Examples Related Command...
  • Page 522 Command Reference SSH Commands Related Command Description Commands Platform Description...
  • Page 523 Command Reference FTP Client Commands FTP Client Commands copy ftp This section introduces how to use the copy ftp command to transfer files at the CLI in the main program. To use the FTP client to download files to the device, execute the copy ftp:url flash:url command in the privileged mode.
  • Page 524 FTP server to the home directory of the device, and save it as local-file. Ruijie# copy ftp://user:pass@192.168.23.69/root/remote-file flash:home/local-file Upload the file local-file under the home directory of the device to the root directory of the FTP server, and save it as remote-file.
  • Page 525 Command Global configuration mode Modes This command sets the file transfer mode to the text (ASCII) mode. Usage Guidelines Set the file transfer mode to ASCII. Examples Ruijie (config)# ftp-client ascii Related Command Description Commands Platform Description ftp-client port Use the ftp-client port command to set the FTP data connection mode to active (PORT). Use the no form of this command to restore the passive mode, in which the client initiates a connection to the server for data transmission.
  • Page 526 You can use this command to set the active mode for data connection, in which the server initiates a Usage connection to the client. Guidelines Set the active mode for FTP connection. Examples Ruijie (config)# ftp-client port Related Command Description Commands Platform...
  • Page 527 FTP Client Commands Modes This command configures a source IP address for a client to connect to the server. Usage Guidelines Set the active mode for FTP connection. Examples Ruijie (config)# ftp-client source-address 192.168.23.236 Related Command Description Commands Platform Description...

  • Page 528: Cpu Protection Commands

    Command Global configuration mode Mode Usage Guide The following example sets the CPU's bandwidth for receiving BPDU packets. Configuration Ruijie(config)# cpu-pr type bpdu pps 100 Examples Set packet type bpdu pps 100 . Command Description Related Sets the priority of the packets of a...

  • Page 529: Show Cpu-Protect Type

    Command Reference CPU Protection Commands Command Global configuration mode Mode Usage Guide The following example maps BPDU packets to queue 7. Configuration Ruijie(config)# cpu-protect type bpdu pri 7 Examples Set packet type bpdu pri 7. Command Description Related Sets bandwidth...
  • Page 530 Command Reference CPU Protection Commands Platform Description In the configuration command of the CPP, the ellipsis (…) refers to the CPP types not listed.

  • Page 531: Threshold Commands

    The following example sets the memory utilization threshold. Configuration Examples Ruijie(config)# threshold set memory 70 90 The following example sets the CPU utilization threshold. Ruijie(config)# threshold set cpu 70 90 The following example sets the temperature threshold.

  • Page 532: Show Threshold

    Defaults Privileged EXEC mode Command mode Usage Guide The following example displays the CPU utilization threshold. Configuration Ruijie# show threshold cpu Examples The following example displays the memory utilization threshold. Ruijie# show threshold memory Related Command Description Commands Sets the threshold value.

  • Page 533: Nfpp Commands

    NFPP configuration mode. Command Mode The attack threshold shall be equal to or greater than the rate-limit threshold. Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# arp-guard attack-threshold per-src-ip 2 Examples Ruijie(config-nfpp)# arp-guard attack-threshold per-src-mac 3 Ruijie(config-nfpp)# arp-guard attack-threshold per-port 50 Related Command Description...

  • Page 534: Arp-Guard Enable

    Description Enabled. Defaults NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# arp-guard enable Related Command Description Commands Enable the anti-ARP attack on the interface. nfpp arp-guard enable Show the configurations. show nfpp arp-guard summary Platform Description arp-guard isolate-period Use this command to set the arp-guard isolate time globally.

  • Page 535: Arp-Guard Monitored-Host-Limit

    Command Reference NFPP Commands Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# arp-guard isolate-period 180 Examples Related Command Description Commands Set the isolate time on the interface. nfpp arp-guard isolate-period Show the configurations. show nfpp arp-guard summary Platform Description arp-guard monitored-host-limit Use this command to set the maximum monitored host number.

  • Page 536: Arp-Guard Monitor-Period

    The monitor period is valid with the isolate period 0. If the isolate period has changed to be 0, the attackers on the interface will be removed rather than being monitored by the software. Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# arp-guard monitor-period 180 Related Command Description Commands Show the configurations.

  • Page 537: Arp-Guard Scan-Threshold

    100pps. NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# arp-guard rate-limit per-src-ip 2 Ruijie(config-nfpp)# arp-guard rate-limit per-src-mac 3 Ruijie(config-nfpp)# arp-guard rate-limit per-port 50 Related Command Description Commands Set the rate limit and the attack threshold.

  • Page 538: Clear Nfpp Arp-Guard Hosts

    N/A. Defaults Privileged EXEC mode. Command Mode Use this command without the parameter to clear all monitored hosts Usage Guide Ruijie# clear nfpp arp-guard hosts vlan 1 interface g0/1 Configuration Examples Related Command Description Commands Set the global attack threshold.

  • Page 539: Clear Nfpp Arp-Guard Scan

    Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Configuration Ruijie# clear nfpp arp-guard scan Examples Related Command Description Commands Set the global attack threshold. arp-guard attack-threshold Set the attack threshold. nfpp arp-guard policy Show the ARP scanning table.

  • Page 540: Clear Nfpp Dhcpv6-Guard Hosts

    Command Reference NFPP Commands Use this command without the parameter to clear all monitored hosts. Usage Guide Ruijie# clear nfpp dhcp-guard hosts vlan 1 interface g0/1 Configuration Examples Related Command Description Commands Set the global attack threshold. dhcp-guard attack-threshold Set the limit threshold and attack threshold.

  • Page 541: Clear Nfpp Icmp-Guard Hosts

    Defaults Privileged EXEC mode. Command Mode Use this command without the parameter to clear all monitored hosts. Usage Guide Ruijie# clear nfpp icmp-guard hosts vlan 1 interface g0/1 Configuration Examples Related Command Description Commands Set the global attack threshold.

  • Page 542: Clear Nfpp Log

    Defaults Privileged EXEC mode. Command Mode Use this command without the parameter to clear all monitored hosts. Usage Guide Configuration Ruijie# clear nfpp ip-guard hosts vlan 1 interface g0/1 Examples Related Command Description Commands Set the global attack threshold. ip-guard attack-threshold Set the limit threshold and attack threshold.

  • Page 543: Dhcp-Guard Attack-Threshold

    Defaults each port is 300pps. NFPP configuration mode. Command Mode N/A. Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# dhcp-guard attack-threshold per-src-mac 15 Examples Ruijie(config-nfpp)# dhcp-guard attack-threshold per-port 200 Related Command Description Commands Show the rate-limit threshold and attack nfpp dhcp-guard policy threshold.

  • Page 544: Dhcp-Guard Isolate-Period

    The isolate period can be configured globally or based on the interface. For one interface, if the Usage Guide isolate period is not set based on the interface, the global value shall be adopted; or the interface-based isolate period shall be adopted. Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# dhcp-guard isolate-period 180 Examples Related Command Description...

  • Page 545: Dhcp-Guard Monitored-Host-Limit

    When the maximum monitored host number has been exceeded, it prompts the message that % NFPP_ARP_GUARD-4-SESSION_LIMIT: Attempt to exceed limit of 1000 monitored hosts.to remind the administrator. Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# dhcp-guard monitored-host-limit 200 Related Command Description Commands Show the configurations.

  • Page 546: Dhcp-Guard Rate-Limit

    The monitor period is valid with the isolate period 0. If the isolate period has changed to be 0, the attackers on the interface will be removed rather than being monitored by the software. Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# dhcp-guard monitor-period 180 Examples Related Command Description Commands Show the configurations.

  • Page 547: Dhcpv6-Guard Attack-Threshold

    NFPP Commands NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# dhcp-guard rate-limit per-src-mac 8 Ruijie(config-nfpp)# dhcp-guard rate-limit per-port 100 Related Command Description Commands Set the rate limit and the attack threshold. nfpp dhcp-guard policy Show the configurations.

  • Page 548: Dhcpv6-Guard Enable

    Disabled Defaults NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# dhcpv6-guard enable Related Command Description Commands Platform Description dhcpv6-guard isolate-period Use this command to set the isolate time globally. dhcpv6-guard isolate-period { seconds | permanent }...

  • Page 549: Dhcpv6-Guard Monitored-Host-Limit

    Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# dhcpv6-guard isolate-period 180 Related Command Description Commands Set the isolate time on the interface.

  • Page 550: Dhcpv6-Guard Monitor-Period

    Command Reference NFPP Commands Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# dhcpv6-guard monitored-host-limit 200 Examples Related Command Description Commands Show the configurations. show nfpp dhcpv6-guard summary Platform Description dhcpv6-guard monitor-period Use this command to configure the monitor time. dhcpv6-guard monitor-period seconds Parameter Parameter...

  • Page 551: Dhcpv6-Guard Rate-Limit

    The default rate limit for each source MAC address is 5pps; the default rate limit for each port is Defaults 150pps. NFPP configuration mode Command Mode Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# dhcpv6-guard rate-limit per-src-mac 8 Examples Ruijie(config-nfpp)# dhcpv6-guard rate-limit per-port 100 Related Command Description Commands Set the rate limit and the attack threshold. nfpp dhcpv6-guard policy Show the configurations.

  • Page 552: Icmp-Guard Isolate-Period

    For the default rate-limit threshold value, see the icmp-guard rate-limit command. NFPP configuration mode. Command Mode N/A. Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# icmp-guard attack-threshold per-src-ip 600 Ruijie(config-nfpp)# icmp-guard attack-threshold per-port 1200 Related Command Description Commands Show the rate-limit threshold and attack nfpp icmp-guard policy threshold.

  • Page 553: Icmp-Guard Enable

    Description Enabled Defaults NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# icmp-guard enable Related Command Description Commands Enable the ICMP anti-attack function on the nffp icmp-guard enable interface. Show the configurations. show nfpp icmp-guard summary Platform...

  • Page 554: Icmp-Guard Monitor-Period

    When the maximum monitored host number has been exceeded, it prompts the message that % NFPP_ARP_GUARD-4-SESSION_LIMIT: Attempt to exceed limit of 1000 monitored hosts.to remind the administrator. Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# icmp-guard monitored-host-limit 200 Examples Related Command Description Commands Show the configurations.

  • Page 555: Icmp-Guard Rate-Limit

    NFPP configuration mode. Command Mode Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# icmp-guard rate-limit per-src-ip 500 Examples Ruijie(config-nfpp)# icmp-guard rate-limit per-port 800 Related Command Description Commands Set the rate limit and the attack threshold.

  • Page 556: Icmp-Guard Trusted-Host

    CPU without any rate-limit and warning configuration. Configure the mask to set all hosts in one network segment free from monitoring. UP to 500 trusted hosts are supported. Ruijie(config)# nfpp Configuration Examples Ruijie(config-nfpp)# icmp-guard trusted-host 1.1.1.0 255.255.255.0 Related Command Description Commands Show the configurations.

  • Page 557: Ip-Guard Enable

    NFPP configuration mode. Command Mode The attack threshold shall be equal to or larger than the rate-limit threshold. Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# ip-guard attack-threshold per-src-ip 2 Examples Ruijie(config-nfpp)# ip-guard attack-threshold per-port 50 Related Command Description Commands Show the rate-limit threshold and attack nfpp ip-guard policy threshold.

  • Page 558: Ip-Guard Isolate-Period

    The default isolate time is 0, which means no isolation. Defaults NFPP configuration mode. Command Mode N/A. Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# ip-guard isolate-period 180 Related Command Description Commands Set the isolate time on the interface. nfpp ip-guard isolate-period Show the configurations. show nfpp ip-guard summary Platform...

  • Page 559: Ip-Guard Monitored-Host-Limit

    The monitor period is valid with the isolate period 0. If the isolate period has changed to be 0, the attackers on the interface will be removed rather than being monitored by the software Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# ip-guard monitor-period 180 Examples Related Command Description Commands Show the configurations.

  • Page 560: Ip-Guard Rate-Limit

    By default, the the rate-limit threshold for each source IP address and each port is 20pps and 100pps Defaults respectively. NFPP configuration mode. Command Mode Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# ip-guard rate-limit per-src-ip 2 Examples Ruijie(config-nfpp)# ip-guard rate-limit per-port 50...

  • Page 561: Ip-Guard Scan-Threshold

    The default scan threshold is 100, in 10 seconds. Defaults NFPP configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# nfpp Examples Ruijie(config-nfpp)# ip-guard scan-threshold 2 Related Command Description Commands Set the scan threshold on the port. nfpp ip-guard scan-threshold Show the configurations. show nfpp ip-guard summary...

  • Page 562: Log-Buffer Entries

    CPU without any rate-limit and warning configuration. Configure the mask to set all hosts in one network segment free from monitoring. UP to 500 trusted hosts are supported. Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# ip-guard trusted-host 1.1.1.0 255.255.255.0 Examples Related Command Description Commands Show the configurations.

  • Page 563: Log-Buffer Logs

    By default, the number_of_message is 1 and the length_in_seconds is 30. Defaults NFPP configuration mode. Command Mode Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# log-buffer logs 2 interval 12 Examples Related Command Description Commands Set the NFPP log buffer area size. log-buffer entries number...
  • Page 564 Ruijie(config)# nfpp Ruijie(config-nfpp)# logging vlan 1-3,5 The following example shows the administrator how to record the logs on the interface GigabitEthernet 0/1 only: Ruijie(config)# nfpp Ruijie(config-nfpp)# logging interface G 0/1 Related Command Description Commands Show the NFPP log configurations or the log show nfpp log summary buffer area.

  • Page 565: Nd-Guard Attack-Threshold

    Mode The attack threshold shall be equal to or larger than the rate-limit threshold. Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# nd-guard attack-threshold per-port ns-na 20 Examples Ruijie(config-nfpp)# nd-guard attack-threshold per-port rs 10 Ruijie(config-nfpp)# nd-guard attack-threshold per-port ra-redirect 10 Related Command...

  • Page 566: Nd-Guard Rate-Limit

    By default, the default rate-limit threshold for the ns-na, rs and ra-redirect on each port is 15. Defaults NFPP configuration mode. Command Mode Usage Guide Ruijie(config)# nfpp Configuration Ruijie(config-nfpp)# nd-guard rate-limit per-port ns-na 10 Examples Ruijie(config-nfpp)# nd-guard rate-limit per-port rs 5 Ruijie(config-nfpp)# nd-guard rate-limit per-port ra-redirect 5...

  • Page 567: Nfpp Arp-Guard Enable

    Interface configuration mode. Command Mode The interface anti-ARP attack configuration is prior to the global configuration. Usage Guide Ruijie(config)# interface G0/1 Configuration Examples Ruijie(config-if)# nfpp arp-guard enable Related Command Description Commands Enable the anti-ARP attack function. arp-guard enable Show the configurations.

  • Page 568: Nfpp Arp-Guard Policy

    By default, the isolate period is not configured. Defaults Interface configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# interface G0/1 Examples Ruijie(config-if)# nfpp arp-guard isolate-period 180 Related Command Description Commands Set the global isolate period. arp-guard isolate-period Show the configurations. show nfpp arp-guard summary...

  • Page 569: Nfpp Arp-Guard Scan-Threshold

    Command Reference NFPP Commands Ruijie(config)# interface G 0/1 Configuration Ruijie(config-if)# nfpp arp-guard policy per-src-ip 2 10 Examples Ruijie(config-if)# nfpp arp-guard policy per-src-mac 3 10 Ruijie(config-if)# nfpp arp-guard policy per-port 50 100 Related Command Description Commands Set the global attack threshold.

  • Page 570: Nfpp Dhcp-Guard Enable

    Interface configuration mode. Command Mode The interface DHCP anti- attack configuration is prior to the global configuratio Usage Guide Configuration Ruijie(config)# interface G0/1 Examples Ruijie(config-if)# nfpp dhcp-guard enable Related Command Description Commands Enable the anti-ARP attack function. dhcp-guard enable Show the configurations.

  • Page 571: Nfpp Dhcpv6-Guard Enable

    Command Reference NFPP Commands Mode Usage Guide Ruijie(config)# interface G0/1 Configuration Ruijie(config-if)# nfpp dhcp-guard isolate-period 180 Examples Related Command Description Commands Set the global isolate period. dhcp-guard isolate-period Show the configurations. show nfpp dhcp-guard summary Platform Description nfpp dhcpv6-guard enable Use this command to enable the DHCPv6 anti-attack function on the interface.

  • Page 572: Nfpp Dhcpv6-Guard Isolate-Period

    By default, the isolate period is not configured. Defaults Interface configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# interface G0/1 Examples Ruijie(config-if)# nfpp dhcpv6-guard isolate-period 180 Related Command Description Commands Set the global isolate period. dhcpv6-guard isolate-period Show the configurations. show nfpp dhcpv6-guard summary...

  • Page 573: Nfpp Icmp-Guard Isolate-Period

    By default, the isolate period is not configured. Defaults Interface configuration mode. Command Mode Usage Guide Configuration Ruijie(config)# interface G0/1 Examples Ruijie(config-if)# nfpp icmp-guard isolate-period 180 Related Command Description Commands Set the global isolate period. icmp-guard isolate-period Show the configurations. show nfpp icmp-guard summary...

  • Page 574: Nfpp Icmp-Guard Policy

    Mode The attack threshold value shall be equal to or greater than the rate-limit threshold. Usage Guide Ruijie(config)# interface G 0/1 Configuration Ruijie(config-if)# nfpp icmp-guard policy per-src-ip 5 10 Examples Ruijie(config-if)# nfpp icmp-guard policy per-port 100 200 Related Command Description Commands Set the global attack threshold.

  • Page 575: Nfpp Ip-Guard Isolate-Period

    Permanent isolation. permanent By default, the isolate period is not configured. Defaults Interface configuration mode. Command Mode Usage Guide Ruijie(config)# interface G0/1 Configuration Ruijie(config-if)# nfpp ip-guard isolate-period 180 Examples Related Command Description Commands Set the global isolate period. ip-guard isolate-period...

  • Page 576: Nfpp Ip-Guard Policy

    The attack threshold value shall be equal to or greater than the rate-limit threshold. Usage Guide Configuration Ruijie(config)# interface G 0/1 Examples Ruijie(config-if)# nfpp ip-guard policy per-src-ip 2 10 Ruijie(config-if)# nfpp ip-guard policy per-port 50 100 Related Command Description Commands Set the global attack threshold.

  • Page 577: Nfpp Ip-Guard Scan-Threshold

    The attack threshold value shall be equal to or greater than the rate-limit threshold. Usage Guide Ruijie(config)# interface G 0/1 Configuration Examples Ruijie(config-if)# nfpp dhcp-guard policy per-src-mac 3 10 Ruijie(config-if)# nfpp dhcp-guard policy per-port 50 100 Related Command Description Commands Set the global attack threshold.

  • Page 578: Nfpp Nd-Guard Enable

    Command Reference NFPP Commands Interface configuration mode. Command Mode Usage Guide Ruijie(config)# interface G 0/1 Configuration Examples Ruijie(config-if)# nfpp ip-guard scan-threshold 20 Related Command Description Commands Set the global attack threshold. ip-guard attack-threshold Show the configurations. show nfpp ip-guard summary...

  • Page 579: Nfpp Nd-Guard Policy

    ND snooping advertises ND guard to set the rate-limit threshold and attack threshold for the three categories of packets as 800pps and 900pps respectively. Ruijie(config)# interface G 0/1 Configuration Ruijie(config-if)# nfpp nd-guard policy per-port ns-na 50 100 Examples Ruijie(config-if)# nfpp nd-guard policy per-port rs 10 20 Ruijie(config-if)# nfpp nd-guard policy per-port ra-redirect 10 20...

  • Page 580: Show Nfpp Arp-Guard Scan

    Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the statistical information of the monitored host: Configuration Examples Ruijie# show nfpp arp-guard hosts statistics success fail total ------- ---- ----- The following example shows the monitored host: Ruijie# show nfpp arp-guard hosts If column 1 shows '*', it means "hardware do not isolate user"...
  • Page 581 2008-01-23 16:23:10 Gi0/2 1.1.1.1 0000.0000.0002 2008-01-23 16:24:10 Gi0/3 0000.0000.0003 2008-01-23 16:25:10 Gi0/4 0000.0000.0004 2008-01-23 16:26:10 Total:4 record(s) Ruijie# show nfpp arp-guard scan vlan 1 interface G 0/1 0000.0000.0001 VLAN interface IP address MAC address timestamp ---- -------- ---------- ----------- ------- Gi0/1 0000.0000.0001...

  • Page 582: Show Nfpp Arp-Guard Summary

    Use this command to show the configurations. show nfpp arp-guard summary Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Configuration Ruijie# show nfpp arp-guard summary Examples (Format column Rate-limit Attack-threshold per-src-ip/per-src-mac/per-port.) Interface Status Isolate-period Rate-limit Attack-threshold Scan-threshold Global Enable 300 4/5/60 8/10/100...

  • Page 583: Show Nfpp Dhcp-Guard Hosts

    Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the statistical information of the monitored host: Configuration Ruijie# show nfpp dhcp-guard hosts statistics Examples success fail total ------- ---- ----- The following example shows the monitored host: Ruijie# show nfpp dhcp-guard hosts If column 1 shows '*', it means "hardware failed to isolate host".

  • Page 584: Show Nfpp Dhcp-Guard Summary

    Use this command to show the configurations. show nfpp dhcp-guard summary Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show nfpp dhcp-guard summary Configuration (Format column Rate-limit Attack-threshold Examples per-src-ip/per-src-mac/per-port.) Interface Status Isolate-period Rate-limit Attack-threshold Global Enable 300...

  • Page 585: Show Nfpp Dhcpv6-Guard Hosts

    The IP address. ip-address The MAC address. mac-address Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the statistical information of the monitored host: Configuration Ruijie# show nfpp dhcpv6-guard hosts statistics Examples success fail total ------- ---- -----...

  • Page 586: Show Nfpp Dhcpv6-Guard Summary

    Command Reference NFPP Commands The following example shows the monitored host: Ruijie# show nfpp dhcpv6-guard hosts If column 1 shows '*', it means "hardware failed to isolate host". VLAN interface MAC address remain-time(seconds) ---- --------- ----------- ------------------- gi0/2 0000.0000.0001 gi0/1 0000.0000.0002...

  • Page 587: Show Nfpp Icmp-Guard Hosts

    Command Reference NFPP Commands Field Description Interface(Global) Global configuration Status Enable/Disable the anti-attack function. Rate-limit In the format of the rate-limit threshold for the source IP address/ the rate-limit threshold for the source MAC address/ the rate-limit threshold for the port Attack-threshold In the same format as the rate-limit.

  • Page 588: Show Nfpp Icmp-Guard Summary

    Command Reference NFPP Commands Usage Guide The following example shows the statistical information of the monitored host: Configuration Ruijie# show nfpp icmp-guard hosts statistics Examples success fail total ------- ---- ----- The following example shows the monitored host: Ruijie# show nfpp icmp-guard hosts If column 1 shows '*', it means "hardware failed to isolate host".

  • Page 589: Show Nfpp Icmp-Guard Trusted-Host

    Command Reference NFPP Commands Interface Status Isolate-period Rate-limit Attack-threshold Global Enable 300 4/-/60 8/-/100 Gi 0/1 Enable 180 5/-/- 8/-/- Gi 0/2 Disable 200 4/-/60 8/-/100 Maximum count of monitored hosts: 1000 Monitor period:300s Field Description Interface(Global) Global configuration Status Enable/Disable the anti-attack function.

  • Page 590: Show Nfpp Ip-Guard Hosts

    The IP address. ip-address The MAC address. mac-address Defaults Privileged EXEC mode. Command Mode Usage Guide The following example shows the statistical information of the monitored host: Configuration Examples Ruijie# show nfpp ip-guard hosts statistics success fail total ------- ---- -----...

  • Page 591: Show Nfpp Ip-Guard Summary

    Use this command to show the configurations. show nfpp ip-guard summary Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Configuration Ruijie# show nfpp ip-guard summary Examples (Format column Rate-limit Attack-threshold per-src-ip/per-src-mac/per-port.) Interface Status Isolate-period Rate-limit Attack-threshold Scan-threshold Global Enable 300 4/-/60 8/-/100...

  • Page 592: Show Nfpp Ip-Guard Trusted-Host

    Use this command to show the trusted host free from being monitored. show nfpp ip-guard summary Parameter Parameter Description Description Defaults Privileged EXEC mode. Command Mode Usage Guide Ruijie# show nfpp ip-guard trusted-host Configuration IP address mask Examples --------- ------ 1.1.1.0 255.255.255.0...

  • Page 593: Show Nfpp Log

    Total log buffer size : 10 Syslog rate : 1 entry per 2 seconds Logging: VLAN 1-3, 5 interface Gi 0/1 interface Gi 0/2 The following example shows the log number in the buffer area: Ruijie#show nfpp log buffer statistics...

  • Page 594: Show Nfpp Nd-Guard Summary

    Command Reference NFPP Commands There are 6 logs in buffer. The following example shows the NFPP log buffer area: Ruijie#show nfpp log buffer Protocol VLAN Interface IP address MAC address Reason Timestamp ------- ---- -------- --------- ----------- ------ --------- Gi0/1 1.1.1.1...
  • Page 595 Command Reference NFPP Commands Privileged EXEC mode. Command Mode Usage Guide Configuration Ruijie# show nfpp nd-guard summary Examples (Format of column Rate-limit and Attack-threshold is NS-NA/RS/RA-REDIRECT.) Interface Status Rate-limit Attack-threshold Global Enable 20/5/10 40/10/20 Gi 0/1 Enable 15/15/15 30/30/30 Gi 0/2...

  • Page 596: Access List

    Command Reference ACL Commands ACL Commands access-list Use this command to create an access list rule to filter data packets. The no form of this command deletes the specified access list entries. Standard IP access list (1 to 99, 1300 to 1999) access-list id { deny | permit } { source source-wildcard | host source | any | interface idx } [time-range tm-range-name ] [ log ] Extended IP access list (100 to 199, 2000 to 2699 )
  • Page 597 Command Reference ACL Commands tcp-flag | established ] User Datagram Protocol (UDP) access-list id {deny | permit} udp[VID [out][inner in]] {source source –wildcard | host source | any} {host source-mac-address | any } [ operator port [port] ] {destination destination-wildcard | host destination | any}{host destination-mac-address | any} [operator port [port] ] [precedence precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name] List remark...
  • Page 598 Command Reference ACL Commands Match the specified VID. VID vid Ethernet type ethernet-type Match all the bits of the TCP flag. match-all Match the TCP flag. tcp-flag Match the RST or ACK bits, not other bits of the TCP flag. established Remark information text...
  • Page 599 Command Reference ACL Commands max-throughput   min-delay  min-monetary-cost  normal The ICMP message types are as below:  administratively-prohibited  dod-host-prohibited  dod-net-prohibited  echo  echo-reply  fragment-time-exceeded  general-parameter-problem  host-isolated  host-precedence-unreachable  host-redirect  host-tos-redirect host-tos-unreachable ...
  • Page 600 Command Reference ACL Commands timestamp-request   ttl-exceeded  unreachable The TCP ports are as follows. A port can be specified by port name and port number:   chargen   daytime  discard  domain  echo  exec ...
  • Page 601 1. Example of the standard IP ACL Configuration The following basic IP ACL allows the packets whose source IP addresses are 192.168.1.64 - Examples 192.168.1.127 to pass: Ruijie (config)#access-list 1 permit 192.168.1.64 0.0.0.63 2. Example of the extended IP ACL...
  • Page 602 ACL Commands The following extended IP ACL allows the DNS messages and ICMP messages to pass: Ruijie(config)#access-list 102 permit tcp any any eq domain log Ruijie(config)#access-list 102 permit udp any any eq domain log Ruijie(config)#access-list 102 permit icmp any any echo log Ruijie(config)#access-list 102 permit icmp any any echo-reply 3.
  • Page 603 Command Reference ACL Commands [sn] deny icmp {source source-wildcard | host source | any} {destination destination-wildcard | host destination | any} [icmp-type] [[icmp-type [icmp-code]] | [icmp-message]] [precedence precedence] [tos tos] [fragment] [time-range time-range-name]  Transmission Control Protocol (TCP) [sn] deny udp {source source –wildcard | host source | any} [ operator port [port]] {destination destination-wildcard | host destination | any} [operator port [port]] [precedence precedence] [tos tos] [fragment] [range lower upper] [time-range time-range-name] ...
  • Page 604 Command Reference ACL Commands Address Resolution Protocol (ARP) [sn] deny arp {vid vlan-id}[ source-mac-address source-wildcard |host source-mac-address | any] [host destination –mac-address | any] {sender-ip sender-ip–wildcard | host sender-ip | any} {sender-mac sender-mac-wildcard | host sender-mac | any} {target-ip target-ip–wildcard | host target-ip | any} 5.
  • Page 605 192.168.4.12 to provide services through the TCP port 100 and apply the ACL to Interface gigabitethernet 1/1. The configuration procedure is as below: Ruijie(config)# ip access-list extended ip-ext-acl Ruijie(config-ext-nacl)# deny tcp host 192.168.4.12 eq 100 any Ruijie(config-ext-nacl)# show access-lists ip access-list extended ip-ext-acl 10 deny tcp host 192.168.4.12 eq 100 any...

  • Page 606: Expert Access-Group

    This example shows how to use the extended IPV6 ACL. The purpose is to deny the host with the IP address 192.168.4.12 and apply the rule to Interface gigabitethernet 1/1. The configuration procedure is as below: Ruijie(config)#ipv6 access-list extended v6-acl Ruijie(config-ipv6-nacl)#11 deny ipv6 host 192.168.4.12 any Ruijie(config-ipv6-nacl)#show access-lists ipv6 access-list extended v6-acl 11 deny ipv6 host 192.168.4.12 any...

  • Page 607: Expert Access-List

    Use the show access-group command to view the setting. The following example shows how to apply the access-list accept_00d0f8xxxxxx only to Gigabit Configuration interface 0/1: Examples Ruijie(config)# interface GigaEthernet 0/1 Ruijie(config-if)# expert access-group accept_00d0f8xxxxxx_only in Related Command...

  • Page 608: Ip Access-Group

    Ruijie(config-exp-nacl)# Create an extended expert ACL: Ruijie(config)# expert access-list extended 2704 Ruijie(config-exp-nacl)# show access-lists access-list extended 2704 Ruijie(config-exp-nacl)# Related Command Description Commands Show the extended expert ACLs show access-lists The expert ACL is not supported by routers.

  • Page 609: Ip Access-List

    Use the ip access-group command to apply the specified ACL to the interface, when the firewall is Usage Guide enabled. The following example applies the ACL 120 on the fastEthernet0/0 to filter the incoming packets: Configuration Examples Ruijie(config)# interface fastEthernet 0/0 Ruijie(config-if)# ip access-group 120 in Related Command Description Commands Define the ACL. access-list Show all the ACLs.

  • Page 610: Ip Access-List Resequence

    Command Reference ACL Commands Create a standard ACL: Configuration Ruijie(config)# ip access-list extended 123 Examples Ruijie(config-ext-nacl)# show access-lists ip access-list extended 123 Ruijie(config-ext-nacl)# Create an extended ACL: Ruijie(config)# ip access-list standard std-acl Ruijie(config-std-nacl)# show access-lists ip access-list standard std-acl Ruijieconfig-std-nacl)#...

  • Page 611: List-Remark Text

    ACL Commands ip access-list standard 1 10 permit host 192.168.4.12 20 deny any any Ruijie# config Ruijie(config)# ip access-list resequence 1 21 43 Ruijie(config)# exit Ruijie# show access-lists ip access-list standard 1 21 permit host 192.168.4.12 64 deny any any...

  • Page 612: Mac Access-Group

    You can use the show running-config command to show the configuration result. Usage Guide The following example shows how to apply the access-list accept_00d0f8xxxxxx only to Gigabit Configuration interface 1: Examples Ruijie(config)#interface GigaEthernet 1/1 Ruijie(config-if)#mac access-group accept__00d0f8xxxxxx_only in Related Command Description Commands Show the ACL configuration.

  • Page 613: Mac Access-List

    Use the show access-lists command to display the ACL configurations. Usage Guide Create an extended MAC ACL: Configuration Ruijie(config)# mac access-list extended mac-acl Examples Ruijie(config-mac-nacl)# show access-lists mac access-list extended mac-acl Create an extended ACL: Ruijie(config)# mac access-list extended 704 Ruijie(config-mac-nacl)# show access-lists mac access-list extended 704 Related Command...
  • Page 614 Use this command to delete an ACL entry in ACL configuration mode. Usage Guide Configuration Ruijie(config)# ipv6 access-list extended v6-acl Examples Ruijie(config-ipv6-nacl)# permit ipv6 host ::192.168.4.12 any Ruijie(config-ipv6-nacl)#12 deny ipv6 host any any Ruijie(config-ipv6-nacl)# show access-lists ipv6 access-list extended v6-acl 10 permit ipv6 host ::192.168.4.12 any...
  • Page 615 Command Reference ACL Commands Extended IP ACLs of some important protocols: Internet Control Message Protocol (ICMP) [ sn ] permit icmp {source source-wildcard | host source | any } { destination destination-wildcard | host destination | any } [ icmp-type ] [ [ icmp-type [icmp-code ] ] | [ icmp-message ] ] [ precedence precedence ] [ tos tos ] [ fragment ] [ time-range time-range-name ] Transmission Control Protocol (TCP) [ sn ] permit tcp { source source-wildcard | host source | any } [ operator port [ port ] ] { destination...
  • Page 616 The following example shows how to create and display an Expert Extended ACL. This expert ACL Configuration permits all the TCP packets with the source IP address 192.168.4.12 and the source MAC address Examples 001300498272. Ruijie(config)#expert access-list extended exp-acl Ruijie(config-exp-nacl)#permit tcp host 192.168.4.12 host 0013.0049.8272...
  • Page 617 192.168.4.12 to provide services through the TCP port 100 and apply the ACL to interface gigabitethernet 1/1. The configuration procedure is as below: Ruijie(config)# ip access-list extended 102 Ruijie(config-ext-nacl)# permit tcp host 192.168.4.12 eq 100 any Ruijie(config-ext-nacl)# show access-lists ip access-list extended 102 10 permit tcp host 192.168.4.12 eq 100 any...

  • Page 618: Security Access-Group

    Command Reference ACL Commands Ruijie(config)#ipv6 access-list extended v6-acl Ruijie(config-ipv6-nacl)#11 permit ipv6 host ::192.168.4.12 any Ruijie(config-ipv6-nacl)# show access-lists ipv6 access-list extended v6-acl 11 permit ipv6 host ::192.168.4.12 any Ruijie(config-ipv6-nacl)# exit Ruijie(config)#interface gigabitethernet 1/1 Ruijie(config-if)#ipv6 traffic-filter v6-acl in Related Command Description Commands Show all the ACLs.

  • Page 619: Security Global Access-Group

    Global configuration mode Command mode Use this command to configure the global security channel. Usage Guide Configuration Examples Ruijie# security global access-group 1 Related Command Description Commands Show configuration of current system. show running This command is not supported by routers.

  • Page 620: Show Access-Group

    Interface configuration mode. Command mode Use this command to configure the uplink port of the security channel on the interface. Usage Guide Configuration Examples Ruijie(config-if)#security uplink enable Related Command Description Commands Show configuration of current system. show running This command is not supported by routers.

  • Page 621: Show Access-Lists

    Use this command to show the specified ACL. If no ID or name is specified, all the ACLs will be shown. Usage Guide Configuration Ruijie# show access-lists n_acl ip access-list standard n_acl Examples Ruijie# show access-lists 102 ip access-list extended 102...

  • Page 622: Show Expert Access-Group

    Show the expert ACL configured on the interface. If no interface is specified, the associated expert Usage Guide ACLs of all the interfaces will be shown. Configuration Ruijie# show expert access-group interface gigabitethernet 0/2 Examples expert access-group ee in Applied On interface GigabitEthernet 0/2.

  • Page 623: Show Ip Access-Group

    Show the IP ACL configured of the interface. If no interface is specified, the associated IP ACLs of all Usage Guide the interfaces will be shown. Configuration Ruijie# show ip access-group interface gigabitethernet 0/1 Examples ip access-group aaa in Applied On interface GigabitEthernet 0/1.
  • Page 624 Command Reference ACL Commands ACLs of all associated interfaces will be shown. Ruijie# show mac access-group interface gigabitethernet 0/3 Configuration mac access-group mm in Examples Applied On interface GigabitEthernet 0/3. Related Command Description Commands Define the extended MAC ACL. mac access-list...

  • Page 625: File System Commands

    Change the above parameter to the directory you want to enter. Use the pwd command to view the Usage Guide present directory. Example 1: The following example sets usb0 root directory as the present directory: Configuration Ruijie# cd usb0:/Example 1: The following example sets sd root directory as the present directory: Examples Ruijie# cd sd0:/ Related Command Description Show the present word directory.
  • Page 626 Without the specified URL prefix configured, the current file system is used by default. Example 1: Download the file from the TFTP server: Configuration Examples Ruijie# copy tftp://192.168.201.54/rgos.bin flash:/ Example 2: Upload the file to the TFTP server: Ruijie# copy flash:/rgos.bin tftp://192.168.201.54/rgos.bin Example 3: Use the xmodem to download the file: Ruijie# copy xmodem: flash:/config.text...
  • Page 627 Command Reference File System Commands Example 6: Copy the file from the flash to the SD card: Ruijie#copy flash:/rgos.bin sd0:/rgos.bin Example 7: Copy the file from the U disk to the SD card: Ruijie#copy usb0:/config.text sd0:/config.text Example 8: Copy the file from the SD card to the U disk: Ruijie#copy sd0:/config.text usb0:/config.text...
  • Page 628 N/A. N/A. Description N/A. Defaults This command shows the present working path Usage Guide The following example shows the present working path. Configuration Ruijie# pwd Examples Flash:/ Related Command Description Change the file system in the present directory. Commands N/A.
  • Page 629 Command Reference File System Commands If there is tmp directory in the current directory and the directory does not contain any files: Configuration Ruijie# rmdir tmp Examples Ruijie# ls Related Command Description Create a directory Commands mkdir Platform Description...

  • Page 630: Cpu-Log Commands

    #Show how to set the low and high threshold of triggering the cpu utilization log to 70% and 80% Configuration respectively. Examples Ruijie(config)# cpu-log log-limit 70 80 #The console prompts the following message when the CPU utilization is higher 80%: Oct 20 15:47:01 %SYSCHECK-5-CPU_USING_RATE: CPU utilization in one minute: 95%, Using most cpu's task is ktimer : 94%...
  • Page 631 Use this command to show the system CPU utilization information in five seconds, one minute and Usage Guide five minutes, and the CPU utilization of every task in five seconds, one minute and five minutes. Ruijie# show cpu Configuration =======================================...
  • Page 632 Command Reference CPU-LOG Commands ll_mt ll main process bridge_relay d1x_task secu_policy_task dhcpa_task dhcpsnp_task igmp_snp mstp_event GVRP_EVENT rldp_task rerp_task reup_event_handler tpp_task ip6timer rtadvd tnet6 tnet Tarptime gra_arp Ttcptimer ef_res ef_rcv_msg ef_inconsistent_daemon ip6_tunnel_rcv_pkt res6t tunrt6 ef6_rcv_msg ef6_inconsistent_daemon imid nsmd ripd ripngd ospfd ospf6d bgpd pimd...
  • Page 633 Command Reference CPU-LOG Commands sntp_recv_task ntp_task sla_deamon track_daemon pbr_guard vrrpd psnpd igsnpd coa_recv co_oper co_mac radius_task tac+_acct_task tac+_task dhcpd_task dhcps_task dhcpping_task dhcpc_task uart_debug_file_task ssp_init_task rl_listen ikl_msg_operate_thread bcmDPC bcmL2X.0 bcmL2X.0 bcmCNTR.0 bcmTX bcmXGS3AsyncTX bcmLINK.0 bcmRX mngpkt_rcv_thread mngpkt_recycle_thread stack_task stack_disc_task redun_sync_task conf_dispatch_task devprob_task rdp_snd_thread rdp_rcv_thread...
  • Page 634 Command Reference CPU-LOG Commands ssp_ipmc_hit_task ssp_ipmc_trap_task hw_err_snd_task rerp_packet_send_task idle_vlan_proc_thread cmic_pause_detect stat_get_and_send rl_con idle In the list above, the first three lines indicate the system CPU utilization in five seconds, one minute and five minutes, including LISR, HISR and tasks. Then, it describes the detailed CPU utilization distribution: No: Serial number 5Sec: CPU utilization of the tasks in five seconds.

  • Page 635: Memory Commands

    This example shows the running result of the command show memory. Configuration Examples Ruijie#show memory System Memory Statistic: Free pages: 1079 watermarks : min 379, lower 758, low 1137, high 1516 System Total Memory : 128MB, Current Free Memory : 5283KB...
  • Page 636 Command Reference Memory Commands The memory resources are insufficient. The routing protocol will be in OVERFLOW state if the low watermark has been reached. In the overflow state, the routers do not learn new routes any more. The commands are not allowed to be executed when the memory lacks.

  • Page 637: Syslog Commands

    This command clears the log packets from the memory buffer. You cannot clear the statistics of the Usage Guide log packets. The following example clears the log packets from the memory buffer. Configuration Examples Ruijie# clear logging Related Command Description Commands Turns on the log switch.

  • Page 638: Logging Buffered

    The following example shows the results of the log files in the extended FLASH: Configuration Examples Ruijie# more flash://f2/log.txt look up file in the extended flash://f2/log.txt 00004 2004-11-17 4:1:32 Ruijie: %5:Reload requested by Administrator. Reload Reason :Reload command Related Command Description Commands Records the logs to the extended FLASH.
  • Page 639 The failure message will be shown. It is recommended to modify the log buffer size as soon as the system starts. The following example allows logs at and below severity 6 to be recorded in the memory buffer sized Configuration 10,000 bytes. Examples Ruijie(config)# logging buffered 10000 6 Related Command Description Commands...

  • Page 640: Logging Console

    The show logging command displays the related setting parameters and statistics of the log. The following example sets the severity of log that is allowed to be displayed on the console as 6: Configuration Examples Ruijie(config)# logging console informational Related Command Description Commands Turns on the log switch.

  • Page 641: Logging Count

    If you run the no logging count command, the statistics function is disabled and the statistics data is deleted. The following example enables the log statistics function: Configuration Examples Ruijie(config)# logging count Related Command Description Commands Views log information about modules of the show logging count system.
  • Page 642 Local use 22 (local6) Local use 23 (local7) Local use The default device value of RGOS is 23 (local 7). The following example sets the device value of Syslog as kernel: Configuration Ruijie(config)# logging facility kern Examples Related Command Description...

  • Page 643: Logging File Flash

    FLASH, the logging file flash command will automatically be hidden, not allowing you to configure it. The following example records the logs in the extended flash, with the name trace.txt, file size 128 K Configuration and log severity 6. Examples Ruijie(config)# logging file flash:trace...

  • Page 644: Logging Monitor

    The log level defined with "Logging monitor" is for all VTY windows. The following example sets the severity of log that is allowed to be printed on the VTY window as 6: Configuration Examples Ruijie(config)# logging monitor informational Related Command Description Commands Turns on the log switch.

  • Page 645: Logging Rate-Limit

    If this switch is turned off, no log will be displayed or recorded unless the severity level is greater than 1. The following example disables the log switch on the device. Configuration Examples Ruijie(config)# no logging on Related Command Description Commands Records the logs to a memory buffer.

  • Page 646: Logging Server

    The following example sets the number of the logs (including debug) that can be processed in a Configuration second as 10. However, the logs with warning or higher severity level are not controlled: Examples Ruijie(config)#logging rate-limit all 10 except warnings Related Command Description...

  • Page 647: Logging Source Ip| Ipv6

    The following example specifies a syslog server of the address 202.101.11.1: Configuration Ruijie(config)# logging server 202.101.11.1 Examples The following example specifies an ipv6 address as AAAA:BBBB:FFFF: Ruijie(config)# logging server ipv6 AAAA:BBBB:FFFF Related Command Description Commands Turns on the log switch.

  • Page 648: Logging Source Interface

    If this IP address is not configured on the device, the source address of the log messages is the address of the sending interface. The following example specifies 192.168.1.1 as the source address of the syslog messages: Configuration Examples Ruijie(config)# logging source ip 192.168.1.1 Related Command Description Commands Sends the logs to the Syslog server.

  • Page 649: Logging Synchronous

    IP address is configured for the source interface, the source address of the log messages is the address of the sending interface. The following example specifies loopback 0 as the source address of the syslog messages: Configuration Examples Ruijie(config)# logging source interface loopback 0 Related Command Description Commands Sends logs to the Syslog server.

  • Page 650: Logging Trap

    The show logging command displays the configured related parameters and statistics of the log. The following example enables logs at severity 6 to be sent to the Syslog Server with the address of Configuration 202.101.11.22: Examples Ruijie(config)# logging 202.101.11.22 Ruijie(config)# logging trap informational Related Command Description Commands...

  • Page 651: Service Sequence-Numbers

    In addition to the timestamp, you can add serial numbers to the logs, numbering from 1. Then, it is Usage Guide clearly known whether the logs are lost or not and their sequence. The following example adds serial numbers to the logs. Configuration Ruijie(config)# service sequence-numbers Examples Related Command Description Commands Turns on the log switch.

  • Page 652: Service Timestamps

    The following example adds a system name in the log information: Configuration Examples Mar 22 15:28:02 %SYS-5-CONFIG: Configured from console by console Ruijie #config terminal Enter configuration commands, one per line. End with CNTL/Z. Ruijie (config)#service sysname Ruijie (config)#end Ruijie #...

  • Page 653: Terminal Monitor

    The following example enables the timestamp for log and debug information, in format of Datetime, Configuration supporting milisecond display. Examples Ruijie(config)# service timestamps debug datetime msec Ruijie(config)# service timestamps log datetime msec Ruijie(config)# end Ruijie(config)# Oct 8 23:04:58.301 %SYS-5-CONFIG I: configured from console by console Related Command Description Commands Turns on the log switch.

  • Page 654: Show Logging

    This command can be also executed on the console, but it does not take effect. The following example allows log information to be printed on the current VTY window: Configuration Examples Ruijie# terminal monitor Related Command Description Commands Platform...
  • Page 655 202.101.11.22 logging to 192.168.200.112 Log Buffer (Total 131072 Bytes): have written 1336, 015487: *Sep 19 02:46:13: Ruijie %LINK-3-UPDOWN: Interface FastEthernet 0/24, changed state to up. 015488: *Sep 19 02:46:13: Ruijie %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet 0/24, changed state to up.

  • Page 656: Show Logging Count

    You can use the show logging command to check whether the log statistics function is enabled. The following is the execution result of the show logging count command: Configuration Examples Ruijie# show logging count Module Name Message Name Sev Occur Last Time...
  • Page 657 Command Reference Syslog Commands Commands Enables the log statistics function. logging count Shows basic configuration of log modules and show logging log information in the buffer. Clears the logs in the buffer. clear logging Platform Description...

Table of Contents

Save PDF