H3C SecPath Series Command Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Firewall
  5. SecPath Series
  6. Command manual
H3C SecPath Series Command Manual

H3C SecPath Series Command Manual

User access, security products
Hide thumbs Also See for SecPath Series:
Table of Contents

Advertisement

Quick Links

Download this manual
Command Manual - User Access
H3C SecPath Series Security Products
Chapter 1 PPP Configuration Commands .................................................................................. 1-1
1.1 PPP Configuration Commands.......................................................................................... 1-1
1.1.1 debugging ppp { all | cbcp | ccp | scp }.................................................................... 1-1
1.1.3 debugging ppp { core | ip | ipcp | lcp | lqc | mp } ..................................................... 1-3
1.1.4 link-protocol ppp ...................................................................................................... 1-4
1.1.5 ppp authentication-mode......................................................................................... 1-4
1.1.6 ppp chap password ................................................................................................. 1-5
1.1.7 ppp chap user.......................................................................................................... 1-6
1.1.8 ppp ipcp dns ............................................................................................................ 1-7
1.1.9 ppp ipcp dns admit-any ........................................................................................... 1-8
1.1.10 ppp ipcp remote-address forced ........................................................................... 1-8
1.1.11 ppp ipcp dns request............................................................................................. 1-9
1.1.12 ppp lqc................................................................................................................. 1-10
1.1.13 ppp pap local-user............................................................................................... 1-11
1.1.14 ppp timer negotiate ............................................................................................. 1-12
1.1.15 timer hold............................................................................................................. 1-12
1.2 PPP Link Efficiency Mechanism Commands................................................................... 1-13
1.2.1 debugging ppp compression iphc rtp .................................................................... 1-13
1.2.2 debugging ppp compression iphc tcp ................................................................... 1-14
1.2.3 display ppp compression iphc rtp.......................................................................... 1-15
1.2.4 display ppp compression iphc tcp ......................................................................... 1-15
1.2.5 display ppp compression stac-lzs ......................................................................... 1-16
1.2.6 ip tcp vjcompress................................................................................................... 1-16
1.2.7 ppp compression iphc ........................................................................................... 1-17
1.2.8 ppp compression iphc rtp-connections ................................................................. 1-18
1.2.9 ppp compression iphc tcp-connections ................................................................. 1-19
1.2.10 ppp compression stac-lzs.................................................................................... 1-19
1.2.11 reset ppp compression iphc ................................................................................ 1-20
1.2.12 reset ppp compression stac-lzs........................................................................... 1-21
Chapter 2 PPPoE Server Configuration Commands ................................................................. 2-1
2.1.1 display pppoe-server session.................................................................................. 2-1
2.1.2 pppoe-server bind virtual-template.......................................................................... 2-2
2.1.3 pppoe-server log-information off ............................................................................. 2-3
2.1.4 pppoe-server max-sessions local-mac ................................................................... 2-3
2.1.5 pppoe-server max-sessions remote-mac................................................................ 2-4
2.1.6 pppoe-server max-sessions total ............................................................................ 2-4

Table of Contents

i
Table of Contents

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SecPath Series and is the answer not in the manual?

Questions and answers

Related Manuals for H3C SecPath Series

Summary of Contents for H3C SecPath Series

  • Page 1: Table Of Contents

    Command Manual – User Access H3C SecPath Series Security Products Table of Contents Table of Contents Chapter 1 PPP Configuration Commands .................. 1-1 1.1 PPP Configuration Commands..................1-1 1.1.1 debugging ppp { all | cbcp | ccp | scp }..............1-1 1.1.2 debugging ppp { chap | compression | pap | vjcomp packet }.........
  • Page 2 Command Manual – User Access H3C SecPath Series Security Products Table of Contents 2.1.7 reset pppoe-server ....................2-5 Chapter 3 PPPoE Client Configuration Commands..............3-1 3.1.1 debugging pppoe-client................... 3-1 3.1.2 dialer enable-circular ....................3-1 3.1.3 dialer bundle......................3-2 3.1.4 dialer-group ......................3-3 3.1.5 dialer-rule ........................

  • Page 3: Chapter 1 Ppp Configuration Commands

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Chapter 1 PPP Configuration Commands 1.1 PPP Configuration Commands 1.1.1 debugging ppp { all | cbcp | ccp | scp } Syntax debugging ppp { all | cbcp packet | ccp { all | event | error | packet | state } | scp...

  • Page 4: Debugging Ppp { Chap | Compression | Pap | Vjcomp Packet

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.1.2 debugging ppp { chap | compression | pap | vjcomp packet } Syntax debugging ppp { chap { all | event | error | packet | state } | compression iphc { rtp...

  • Page 5: Debugging Ppp { Core | Ip | Ipcp | Lcp | Lqc | Mp

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.1.3 debugging ppp { core | ip | ipcp | lcp | lqc | mp } Syntax debugging ppp { core event | ip packet-| ipcp { all | event | error | packet | state } |...

  • Page 6: Link-Protocol Ppp

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.1.4 link-protocol ppp Syntax link-protocol ppp View Interface view Parameter None Description Use the link-protocol ppp command to configure the link-layer protocol encapsulated on the interface as PPP.

  • Page 7: Ppp Chap Password

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Description Use the ppp authentication-mode command to set the mode that the local PPP uses to authenticate the peer. Use the undo ppp authentication-mode command to disable authentication.

  • Page 8: Ppp Chap User

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Parameter password: Password. simple, cipher: Passwords in plain text or in encrypted text. Description Use the ppp chap password command to configure the default CHAP password while performing CHAP authentication.

  • Page 9: Ppp Ipcp Dns

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Example # Configure the local user name to Root when CHAP authentication is performed on interface Dialer1. [H3C- Dialer1] ppp chap user Root 1.1.8 ppp ipcp dns...

  • Page 10: Ppp Ipcp Dns Admit-Any

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.1.9 ppp ipcp dns admit-any Syntax ppp ipcp dns admit-any undo ppp ipcp dns admit-any View Interface view Parameter None Description Use the ppp ipcp dns admit-any command to enable the firewall to accept the unsolicited DNS address allocated by the peer without sending a DNS request.

  • Page 11: Ppp Ipcp Dns Request

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Description Use the ppp ipcp remote-address forced command to forbid the peer to use the fix self-configured IP address but the one allocated by this firewall.

  • Page 12: Ppp Lqc

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands firewall to request the peer for a DNS address after negotiation and then use the allocated DNS server to resolve domain names. Use the undo ppp ipcp dns request command to disable the firewall from requesting the peer for a DNS address.

  • Page 13: Ppp Pap Local-User

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands You may use PPP LQC to monitor quality of PPP links including those in MP bundles. The system shuts down a link when its quality decreased below the forbidden-percentage and brings it up when its quality ameliorates exceeding the resumptive-percentage.

  • Page 14: Ppp Timer Negotiate

    Related command: ppp authentication-mode pap, local-user. Example # Set both username and password of the local firewall authenticated by the peer in PAP mode to myuser and mypwd. [H3C-Serial1/0/0] ppp pap local-user myuser password simple mypwd 1.1.14 ppp timer negotiate Syntax ppp timer negotiate seconds...

  • Page 15: Ppp Link Efficiency Mechanism Commands

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands undo timer hold View Interface view Parameter seconds: Time interval for the interface to send keepalive packet in seconds. The value ranges from 0 to 32767 and defaults to 10.

  • Page 16: Debugging Ppp Compression Iphc Tcp

    IP/UDP/RTP header debugging in IP header compression. Example # Enable IP/UDP/RTP header error debugging of IP header compression. <H3C> debugging ppp compression iphc rtp error 1.2.2 debugging ppp compression iphc tcp Syntax debugging ppp compression iphc tcp { all | context_state | error | full_header |...

  • Page 17: Display Ppp Compression Iphc Rtp

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.2.3 display ppp compression iphc rtp Syntax display ppp compression iphc rtp [ interface-type interface-number ] View Any view Parameter interface-type: Interface type. interface-number: Interface number.

  • Page 18: Display Ppp Compression Stac-Lzs

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.2.5 display ppp compression stac-lzs Syntax display ppp compression stac-lzs [ interface-type interface-number ] View Any view Parameter interface-type: Interface type. interface-number: Interface number. Description Use the display ppp compression stac-lzs command to view information about STAC-LZS compression.

  • Page 19: Ppp Compression Iphc

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Use the undo ip tcp vjcompress command to disable the PPP interface to compress the VJ TCP header. If the VJ TCP header is permitted to compress at the PPP interface, the interface at the opposite end shall also permit to compress the VJ TCP header.

  • Page 20: Ppp Compression Iphc Rtp-Connections

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands Example # Enable IP header compression on interface Dialer1. [H3C-Dialer1] ppp compression iphc 1.2.8 ppp compression iphc rtp-connections Syntax ppp compression iphc rtp-connections number undo ppp compression iphc rtp-connections...

  • Page 21: Ppp Compression Iphc Tcp-Connections

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands 1.2.9 ppp compression iphc tcp-connections Syntax ppp compression iphc tcp-connection number undo ppp compression iphc tcp-connection View Interface view Parameter number: The maximum connection number (from 3 to 256) of TCP compression mode on the interface.

  • Page 22: Reset Ppp Compression Iphc

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands View Interface view Parameter None Description Use the ppp compression stac-lzs command to enable STAC-LZS compression for PPP. Use the undo ppp compression stac-lzs command to disable STAC-LZS compression on the current interface.

  • Page 23: Reset Ppp Compression Stac-Lzs

    Command Manual – User Access H3C SecPath Series Security Products Chapter 1 PPP Configuration Commands If no parameter is specified, the storage table entries of IP header compression on all interfaces will be cleared. Example # clear the statistics about the IP/UDP/RTP header compression.

  • Page 24: Chapter 2 Pppoe Server Configuration Commands

    Command Manual – User Access H3C SecPath Series Security Products Chapter 2 PPPoE Server Configuration Commands Chapter 2 PPPoE Server Configuration Commands 2.1.1 display pppoe-server session Syntax display pppoe-server session { all | packet } View Any view Parameter all: Displays all information about each PPPoE session.

  • Page 25: Pppoe-Server Bind Virtual-Template

    Command Manual – User Access H3C SecPath Series Security Products Chapter 2 PPPoE Server Configuration Commands # View the statistics information of PPPoE session. <H3C> display pppoe-server session packet RemMAC LocMAC OutP OutO OutD 0050ba1a02ce 0001af02a40f 2980 Table 2-2 Description of the output...

  • Page 26: Pppoe-Server Log-Information Off

    Command Manual – User Access H3C SecPath Series Security Products Chapter 2 PPPoE Server Configuration Commands 2.1.3 pppoe-server log-information off Syntax pppoe-server log-information off undo pppoe-server log-information off View System view Parameter None Description Use the pppoe-server log-information off command to disable the output display of the PPP-related log information generated by the PPPoE server.

  • Page 27: Pppoe-Server Max-Sessions Remote-Mac

    Command Manual – User Access H3C SecPath Series Security Products Chapter 2 PPPoE Server Configuration Commands Use the undo pppoe-server max-sessions local-mac command to restore the default configuration. Related command: pppoe-server max-sessions remote-mac and pppoe-server max-sessions total. Example # Set the maximum number of PPPoE sessions that can be established at a local MAC address to 50.

  • Page 28: Reset Pppoe-Server

    Command Manual – User Access H3C SecPath Series Security Products Chapter 2 PPPoE Server Configuration Commands undo pppoe-server max-sessions total View System view Parameter number: Maximum number of PPPoE sessions that the system can establish. Description Use the pppoe-server max-sessions total command to set the maximum number of PPPoE sessions that the system can establish.

  • Page 29: Chapter 3 Pppoe Client Configuration Commands

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands Chapter 3 PPPoE Client Configuration Commands 3.1.1 debugging pppoe-client Syntax debugging pppoe-client { all | data | error | event | packet | verbose } [ interface...

  • Page 30: Dialer Bundle

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands Parameter None Description Use the dialer enable-circular command to enable Circular DCC. Use the undo dialer enable-circular command to disable Circular DCC. By default, Circular DCC is enabled on the ISDN interfaces and disabled on other interfaces.

  • Page 31: Dialer-Group

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands 3.1.4 dialer-group Syntax dialer-group group-number undo dialer-group View Dialer interface view Parameter group-number: Sequence number of dialer access group, ranges from 1 to 255. This group is set through the dialer-rule command.

  • Page 32: Dialer-Rule

    If an access control group cannot find the corresponding dialer-rule, DCC will regard the packets as Uninteresting packets. Related command: dialer-group. Example # Set a dialer-rule. [H3C] acl number 3101 [H3C-acl-adv-3101] rule permit ip source 0.0.0.0 255.255.255.255 destination 0.0.0.0 255.255.255.255 [H3C-acl-adv-3101] quit [H3C] dialer-rule 1 acl 3101...

  • Page 33: Dialer User

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands [H3C] interface dialer1 [H3C-dialer1] dialer-group 1 3.1.6 dialer user Syntax dialer user username undo dialer user View Dialer interface view Parameter username: Remote user name for PPP authentication, which is a string of 1 to 80 characters.
  • Page 34 Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands View Any view Parameter summary: Displays the summary of PPPoE session. packet: Displays the statistics of PPPoE session data packet. dial-bundle-number number: Displays the statistics of the specified PPPoE session. If PPPoE session is not specified, the system will display the statistics of all PPPoE sessions.

  • Page 35: Interface Dialer

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands 6126 1069 9886 2142 For more details of the display information, see the following table. Table 3-2 Explanation of the information displayed by pppoe-client session packet...

  • Page 36: Pppoe-Client

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands configured on these physical interfaces, so as to use the user name of a dial-in party to locate the corresponding dialer interface for the call. In this mode, physical interfaces and dialer interfaces are dynamically bound.

  • Page 37: Reset Pppoe-Client

    Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands Bundle only has one Ethernet interface. PPPoE session and Dialer Bundle are one-to-one. If the Dialer Bundle at a certain Dialer has had one Ethernet interface used by PPPoE, any other interfaces cannot be added to this Dialer Bundle.
  • Page 38 Command Manual – User Access H3C SecPath Series Security Products Chapter 3 PPPoE Client Configuration Commands Example # Clear all PPPoE sessions, and re-initiate PPPoE session later. <H3C> reset pppoe-client all 3-10...

  • Page 39: Chapter 4 Vlan Configuration Commands

    Command Manual – User Access H3C SecPath Series Security Products Chapter 4 VLAN Configuration Commands Chapter 4 VLAN Configuration Commands 4.1.1 display vlan interface Syntax display vlan interface interface-type interface-num View Any view Parameter interface-type interface-num: Specifies the interface. At present, the interface types supported include Ethernet interface and Gigabit Ethernet interface, and it only supports sub-interface.

  • Page 40: Display Vlan Statistics Vid

    Command Manual – User Access H3C SecPath Series Security Products Chapter 4 VLAN Configuration Commands Example # Display the maximum number of per-second-processed packets configured on the VLAN 10. <H3C> display vlan max-packet-process 10 Max Packet Process Count for Vid 10 is 300000 4.1.3 display vlan statistics vid...

  • Page 41: Reset Vlan Statistics Vid

    Command Manual – User Access H3C SecPath Series Security Products Chapter 4 VLAN Configuration Commands Description Use the max-packet-process command to set the maximum number of packets processed per second on a certain VLAN. Use the undo max-packet-process command to restore the default setting.
  • Page 42 Command Manual – User Access H3C SecPath Series Security Products Chapter 4 VLAN Configuration Commands View Interface view Parameter vid: VLAN ID, used to identify a VLAN, its value ranges from 1 to 4094. Description Use the vlan-type dot1q command to set the encapsulation type on the sub-interface.

Table of Contents