Yamaha L2 Switch Network Switches Instruction Manual
- June 12, 2024
- Yamaha
Table of Contents
- L2 Switch Network Switches
- Product Information: Yamaha L2 Switch
- Product Usage Instructions
- 1. How to read the command reference
- 2. How to use the commands
- 2.1 Operation via configuration (config) files
- 2.2 Login
- 2.3 Command input mode
- 3.1 Manage setting values
- 3.2 Default value
- 4.11 Management
- 4.13 SNMP
- 6.1 FDB (Forwarding Data Base)
L2 Switch Network Switches
Product Information: Yamaha L2 Switch
The Yamaha L2 Switch is a networking device designed to provide
intelligent Layer 2 switching capabilities. It is part of the
SWX232x Series and offers advanced command-based configuration and
management options.
This switch is equipped with various features and functions to
ensure efficient network operation and maintenance. It supports
configuration via configuration (config) files, allowing users to
easily access and modify settings. Additionally, it provides login
capabilities for secure access and a command input mode for
executing commands.
The switch offers comprehensive configuration options, allowing
users to manage setting values and restore default values when
needed.
Maintenance and operation functions are also included in the
switch, such as management VLAN setup for better network control.
SNMP (Simple Network Management Protocol) is supported, enabling
users to set up SNMP notifications and define the time delay for
sending notification messages during system boot.
Interface control is another key feature of this switch,
providing users with the ability to manage and control various
network interfaces efficiently.
Layer 2 functions, including the FDB (Forwarding Data Base), are
implemented in this switch. Users can configure the MAC address
acquisition function to enhance network performance.
Product Usage Instructions
1. How to read the command reference
To understand the command reference provided in the user manual,
refer to Chapter 1. It will guide you on how to interpret and
utilize the commands effectively.
2. How to use the commands
2.1 Operation via configuration (config) files
You can access and modify the switch’s settings using
configuration (config) files. Refer to section 2.2 in the user
manual for detailed instructions on accessing these files through a
TFTP client and reading/writing configuration files.
2.2 Login
Secure login is available for accessing the switch. Follow the
instructions provided in section 2.3 of the user manual to log in
securely.
2.3 Command input mode
To execute commands on the switch, you need to enter the command
input mode. Section 2.4 of the user manual explains how to enter
this mode and effectively input commands.
3. Configuration
3.1 Manage setting values
This switch allows you to manage various setting values. Section
3.1 of the user manual provides detailed instructions on how to
modify and manage these settings.
3.2 Default value
If needed, you can restore the default values of the switch.
Refer to section 3.2 in the user manual for instructions on
restoring default settings.
4. Maintenance and operation functions
4.11 Management
For better network control, you can set up a management VLAN.
Section 4.11.1 of the user manual provides instructions on how to
configure this feature.
4.13 SNMP
The switch supports SNMP for network management. You can set up
a host to receive SNMP notifications and define the time delay for
sending notification messages during system boot. Refer to sections
4.13.1 and 4.13.2 in the user manual for detailed instructions.
5. Interface control
Efficient management and control of network interfaces are
possible with this switch. Section 5 of the user manual provides
instructions on how to perform interface control operations.
6. Layer 2 functions
6.1 FDB (Forwarding Data Base)
The switch supports the FDB function, which enhances network
performance. Section 6.1.1 of the user manual explains how to
configure the MAC address acquisition function.
Yamaha L2 Switch
Intelligent L2 SWX232x Series Command Reference
Rev.2.05.13 / Rev.2.06.13
2 | Command Reference | Contents
Contents
Preface: Introduction……………………………………………………………………………………………12
Chapter 1: How to read the command reference……………………………………………………13
1.1 Applicable firmware
revision……………………………………………………………………………………………………………………….13 1.2 How to read the
command reference……………………………………………………………………………………………………………..13 1.3 Interface
names…………………………………………………………………………………………………………………………………………..13 1.4 Input syntax
for commands starting with the word “no”…………………………………………………………………………………..14
Chapter 2: How to use the commands……………………………………………………………………15
2.1 Operation via console………………………………………………………………………………………………………………………………….15
2.1.1 Access from a console terminal……………………………………………………………………………………………………….15
2.1.2 Access from a TELNET client………………………………………………………………………………………………………..15
2.1.3 Access from an SSH client……………………………………………………………………………………………………………..16
2.1.4 Console terminal/VTY settings……………………………………………………………………………………………………….16
2.2 Operation via configuration (config)
files………………………………………………………………………………………………………17 2.2.1 Access from a TFTP
client……………………………………………………………………………………………………………..17 2.2.2 Reading/writing a
configuration file………………………………………………………………………………………………..17
2.3 Login………………………………………………………………………………………………………………………………………………………..18 2.4
Command input mode…………………………………………………………………………………………………………………………………19
2.4.1 Command input mode basics………………………………………………………………………………………………………….19
2.4.2 individual configuration mode………………………………………………………………………………………………………..20
2.4.3 Command prompt prefix………………………………………………………………………………………………………………..20
2.4.4 Executing commands of a different input
mode………………………………………………………………………………..20 2.5 Keyboard operations when using the
console…………………………………………………………………………………………………20 2.5.1 Basic operations for
console input…………………………………………………………………………………………………..20 2.5.2 Command
help……………………………………………………………………………………………………………………………..21 2.5.3 Input command
completion and keyword candidate list display………………………………………………………….22 2.5.4
Entering command abbreviations…………………………………………………………………………………………………….22 2.5.5
Command history………………………………………………………………………………………………………………………….22 2.6 Commands
that start with the word “show”……………………………………………………………………………………………………22 2.6.1
Modifiers……………………………………………………………………………………………………………………………………..22
Chapter 3: Configuration……………………………………………………………………………………..24
3.1 Manage setting values…………………………………………………………………………………………………………………………………24
3.2 Default value……………………………………………………………………………………………………………………………………………..24
Chapter 4: Maintenance and operation functions…………………………………………………..27
4.1 Passwords………………………………………………………………………………………………………………………………………………….27 4.1.1
Set administrator password…………………………………………………………………………………………………………….27 4.1.2
Encrypt password………………………………………………………………………………………………………………………….27
4.2 User account maintenance……………………………………………………………………………………………………………………………28
4.2.1 Set user………………………………………………………………………………………………………………………………………..28 4.2.2
Changing User Permissions……………………………………………………………………………………………………………29 4.2.3
Show login user information…………………………………………………………………………………………………………..30 4.2.4
Set banner…………………………………………………………………………………………………………………………………….31
4.3 Configuration management………………………………………………………………………………………………………………………….31
4.3.1 Save running configuration…………………………………………………………………………………………………………….32
4.3.2 Save running configuration…………………………………………………………………………………………………………….32
4.3.3 Show the running configuration………………………………………………………………………………………………………33
4.3.4 Show startup configuration…………………………………………………………………………………………………………….33
4.3.5 Erase startup configuration……………………………………………………………………………………………………………..34
4.3.6 Copy startup configuration……………………………………………………………………………………………………………..35
4.3.7 Select startup config………………………………………………………………………………………………………………………35
4.3.8 Set description for startup
config…………………………………………………………………………………………………….36
Command Reference | Contents | 3
4.4 Manage boot information…………………………………………………………………………………………………………………………….36
4.4.1 Show boot information…………………………………………………………………………………………………………………..37
4.4.2 Clear boot information…………………………………………………………………………………………………………………..37
4.4.3 Set SD card boot……………………………………………………………………………………………………………………………37 4.4.4
Configuring the SD card boot auto-apply
function…………………………………………………………………………….38 4.4.5 Show the SD card boot setting
information………………………………………………………………………………………38
4.5 Show unit information…………………………………………………………………………………………………………………………………39
4.5.1 Show inventory information……………………………………………………………………………………………………………39
4.5.2 Show operating information……………………………………………………………………………………………………………39
4.5.3 Disk usage status…………………………………………………………………………………………………………………………..40
4.5.4 Show currently-executing
processes………………………………………………………………………………………………..41 4.5.5 Display memory
usage…………………………………………………………………………………………………………………..41 4.5.6 Show technical
support information………………………………………………………………………………………………..41 4.5.7 Save
technical support information………………………………………………………………………………………………….43 4.5.8
Show fan operating history…………………………………………………………………………………………………………….44
4.6 System self-diagnostics……………………………………………………………………………………………………………………………….44
4.6.1 Showing system self-diagnostics
results…………………………………………………………………………………………..44 4.6.2 Executing on-demand
diagnostics……………………………………………………………………………………………………45 4.6.3 Clearing the on-
demand diagnostics results………………………………………………………………………………………45
4.7 Cable diagnostics………………………………………………………………………………………………………………………………………..46
4.7.1 Execute cable diagnostics……………………………………………………………………………………………………………….46
4.7.2 Clear cable diagnostic
results………………………………………………………………………………………………………….46 4.7.3 Display cable
diagnostic results………………………………………………………………………………………………………46
4.8 Time management………………………………………………………………………………………………………………………………………47 4.8.1
Set clock manually………………………………………………………………………………………………………………………..47 4.8.2 Set
time zone………………………………………………………………………………………………………………………………..47 4.8.3
Configuring daylight saving time (recurring)……………………………………………………………………………………48
4.8.4 Configuring daylight saving time (by
date)………………………………………………………………………………………48 4.8.5 Show current
time…………………………………………………………………………………………………………………………49 4.8.6 Set NTP
server……………………………………………………………………………………………………………………………..50 4.8.7 Synchronize
time from NTP server (one-shot update)………………………………………………………………………..50 4.8.8
Synchronize time from NTP server (update
interval)…………………………………………………………………………51 4.8.9 Show NTP server time
synchronization settings………………………………………………………………………………..51
4.9 Time synchronization………………………………………………………………………………………………………………………………….51
4.9.1 PTP function settings
(system)………………………………………………………………………………………………………..52 4.9.2 Set PTP function
(interface)……………………………………………………………………………………………………………52 4.9.3 PTP operation
mode settings…………………………………………………………………………………………………………..53 4.9.4 Forwarding
protocol settings for PTP messages………………………………………………………………………………..54 4.9.5
Show PTP setting status…………………………………………………………………………………………………………………54 4.9.6
Show interface PTP information……………………………………………………………………………………………………..54
4.10 Terminal settings………………………………………………………………………………………………………………………………………55
4.10.1 Move to line mode (console
terminal)……………………………………………………………………………………………55 4.10.2 Set VTY port and move to
line mode (VTY port)……………………………………………………………………………56 4.10.3 Set terminal login
timeout…………………………………………………………………………………………………………….56 4.10.4 Change the number
of lines displayed per page for the terminal in use………………………………………………57 4.10.5
Set the number of lines displayed per page on the
terminal……………………………………………………………….57 4.10.6 Changing the serial baud
rate………………………………………………………………………………………………………..58
4.11 Management…………………………………………………………………………………………………………………………………………….58 4.11.1
Set management VLAN……………………………………………………………………………………………………………….58
4.12 SYSLOG…………………………………………………………………………………………………………………………………………………59 4.12.1
Set log notification destination (SYSLOG
server)……………………………………………………………………………59 4.12.2 Setting the notification format
of the log………………………………………………………………………………………..59 4.12.3 Setting the log
facility value………………………………………………………………………………………………………….60 4.12.4 Set log
output level (debug)………………………………………………………………………………………………………….60 4.12.5 Set log
output level (informational)……………………………………………………………………………………………….61 4.12.6 Set
log output level (error)……………………………………………………………………………………………………………61 4.12.7 Set
log console output………………………………………………………………………………………………………………….61 4.12.8 Set
log output in event units………………………………………………………………………………………………………….62 4.12.9
Back up log…………………………………………………………………………………………………………………………………62 4.12.10 Set log
backup to SD card…………………………………………………………………………………………………………..62 4.12.11 Clear
log…………………………………………………………………………………………………………………………………..63 4.12.12 Show
log…………………………………………………………………………………………………………………………………..63
4.13 SNMP……………………………………………………………………………………………………………………………………………………..64 4.13.1
Set host that receives SNMP notifications………………………………………………………………………………………64
4.13.2 Setting the time to wait before sending a notification message at
system boot…………………………………….65
4 | Command Reference | Contents
4.13.3 Set notification type to
transmit…………………………………………………………………………………………………….66 4.13.4 Set system
contact……………………………………………………………………………………………………………………….67 4.13.5 Set system
location………………………………………………………………………………………………………………………67 4.13.6 Set SNMP
community………………………………………………………………………………………………………………….67 4.13.7 Set SNMP
view…………………………………………………………………………………………………………………………..68 4.13.8 Set SNMP
group………………………………………………………………………………………………………………………….69 4.13.9 Set SNMP
user……………………………………………………………………………………………………………………………70 4.13.10 IP address
restrictions for clients that can access the SNMP server………………………………………………….71
4.13.11 Show SNMP community information…………………………………………………………………………………………..72
4.13.12 Show SNMP view settings………………………………………………………………………………………………………….72
4.13.13 Show SNMP group settings………………………………………………………………………………………………………..72
4.13.14 Show SNMP user settings…………………………………………………………………………………………………………..73
4.14 RMON…………………………………………………………………………………………………………………………………………………….73 4.14.1
Set RMON function…………………………………………………………………………………………………………………….73 4.14.2 Set
RMON Ethernet statistical information group……………………………………………………………………………74
4.14.3 Set RMON history group……………………………………………………………………………………………………………..75
4.14.4 Set RMON event group………………………………………………………………………………………………………………..76
4.14.5 Set RMON alarm group……………………………………………………………………………………………………………….76
4.14.6 Show RMON function status………………………………………………………………………………………………………..78
4.14.7 Show RMON Ethernet statistical information group
status……………………………………………………………….79 4.14.8 Show RMON history group
status…………………………………………………………………………………………………80 4.14.9 Show RMON event group
status……………………………………………………………………………………………………80 4.14.10 Show RMON alarm group
status…………………………………………………………………………………………………80 4.14.11 Clear counters of the
RMON Ethernet statistical information group…………………………………………………81 4.15 Telnet
server…………………………………………………………………………………………………………………………………………….81 4.15.1 Start
Telnet server and change listening port number……………………………………………………………………….81
4.15.2 Show Telnet server settings…………………………………………………………………………………………………………..82
4.15.3 Set host that can access the Telnet
server………………………………………………………………………………………..82 4.15.4 Restrict access to the
TELNET server according to the IP address of the client…………………………………..83 4.16
Telnet client……………………………………………………………………………………………………………………………………………..84 4.16.1
Start Telnet client………………………………………………………………………………………………………………………..84 4.16.2
Enable Telnet client……………………………………………………………………………………………………………………..84 4.17 TFTP
server……………………………………………………………………………………………………………………………………………..85 4.17.1 Start
TFTP server and change listening port number………………………………………………………………………..85
4.17.2 Show TFTP server settings…………………………………………………………………………………………………………..85
4.17.3 Set hosts that can access the TFTP
server……………………………………………………………………………………….85 4.18 HTTP
server…………………………………………………………………………………………………………………………………………….86 4.18.1 Start
HTTP server and change listening port number……………………………………………………………………….86
4.18.2 Start secure HTTP server and change listening port
number……………………………………………………………..86 4.18.3 Show HTTP server
settings…………………………………………………………………………………………………………..87 4.18.4 Set hosts that can
access the HTTP server………………………………………………………………………………………87 4.18.5 Restrict
access to the HTTP server according to the IP address of the
client……………………………………….88 4.18.6 Web GUI display
language…………………………………………………………………………………………………………..89 4.18.7 Set log-in timeout
time for HTTP server…………………………………………………………………………………………89 4.19 HTTP
Proxy…………………………………………………………………………………………………………………………………………….90 4.19.1 Enable
HTTP Proxy function………………………………………………………………………………………………………..90 4.19.2 Set HTTP
Proxy function timeout………………………………………………………………………………………………….90 4.19.3 Show
HTTP Proxy function settings………………………………………………………………………………………………91 4.20 SSH
server……………………………………………………………………………………………………………………………………………….91 4.20.1 Start
SSH server and change listening port number………………………………………………………………………….91
4.20.2 Show SSH server settings…………………………………………………………………………………………………………….92
4.20.3 Set host that can access the SSH
server………………………………………………………………………………………….92 4.20.4 Set client that can access
the SSH server………………………………………………………………………………………..93 4.20.5 Generate SSH server
host key……………………………………………………………………………………………………….93 4.20.6 Clear SSH server
host key…………………………………………………………………………………………………………….94 4.20.7 Show SSH server
public key…………………………………………………………………………………………………………94 4.20.8 Set SSH client
alive checking……………………………………………………………………………………………………….95 4.21 SSH
client………………………………………………………………………………………………………………………………………………..96 4.21.1 Start
SSH client…………………………………………………………………………………………………………………………..96 4.21.2 Enable SSH
client………………………………………………………………………………………………………………………..97 4.21.3 Clear SSH host
information………………………………………………………………………………………………………….97 4.22 E-mail
notification…………………………………………………………………………………………………………………………………….97 4.22.1 SMTP
e-mail server settings…………………………………………………………………………………………………………97 4.22.2 SMTP
e-mail server name settings…………………………………………………………………………………………………98 4.22.3
E-mail notification trigger settings…………………………………………………………………………………………………99
Command Reference | Contents | 5
4.22.4 E-mail transmission template settings
mode………………………………………………………………………………….100 4.22.5 E-mail transmission server ID
settings………………………………………………………………………………………….100 4.22.6 E-mail transmission
source address setting……………………………………………………………………………………101 4.22.7 Destination
e-mail address setting for e-mail transmission………………………………………………………………101
4.22.8 Setting for subject used when sending
e-mails………………………………………………………………………………101 4.22.9 Wait time settings for e-mail
transmission…………………………………………………………………………………….102 4.22.10 E-mail settings when
sending certificates……………………………………………………………………………………102 4.22.11 E-mail
settings for certificate notification……………………………………………………………………………………103
4.22.12 Notification timing settings for expired
certificates………………………………………………………………………104 4.22.13 Show e-mail transmission
information……………………………………………………………………………………….104 4.23
LLDP…………………………………………………………………………………………………………………………………………………….105 4.23.1 Enable
LLDP function……………………………………………………………………………………………………………….105 4.23.2 Set system
description………………………………………………………………………………………………………………..105 4.23.3 Set system
name………………………………………………………………………………………………………………………..105 4.23.4 Create LLDP
agent…………………………………………………………………………………………………………………….106 4.23.5 Set automatic
setting function by LLDP……………………………………………………………………………………….106 4.23.6 Set LLDP
transmission/reception mode………………………………………………………………………………………..107 4.23.7 Set
type of management address………………………………………………………………………………………………….108 4.23.8 Set
basic management TLVs……………………………………………………………………………………………………….108 4.23.9 Set
IEEE-802.1 TLV………………………………………………………………………………………………………………….109 4.23.10 Set
IEEE-802.3 TLV………………………………………………………………………………………………………………..109 4.23.11 Set
LLDP-MED TLV……………………………………………………………………………………………………………….110 4.23.12 Set LLDP
frame transmission interval………………………………………………………………………………………..110 4.23.13 Set
LLDP frame transmission interval for high speed transmission
period………………………………………111 4.23.14 Set time from LLDP frame transmission stop
until re-initialization………………………………………………..111 4.23.15 Set multiplier for
calculating time to live (TTL) of device information…………………………………………..111
4.23.16 Set number of LLDP frames transmitted during the high speed
transmission period………………………..112 4.23.17 Set maximum number of connected
devices manageable by a port…………………………………………………112 4.23.18 Global interface
setting for LLDP function…………………………………………………………………………………113 4.23.19 Show
interface status………………………………………………………………………………………………………………..114 4.23.20 Show
information for connected devices of all
interfaces……………………………………………………………..116 4.23.21 Clear LLDP frame
counters………………………………………………………………………………………………………118 4.24 L2MS (Layer 2
management service) settings…………………………………………………………………………………………….118 4.24.1
Move to L2MS mode…………………………………………………………………………………………………………………118 4.24.2 Set
L2MS function…………………………………………………………………………………………………………………….118 4.24.3 Set role
of L2MS function…………………………………………………………………………………………………………..119 4.24.4 Set L2MS
agent watch interval……………………………………………………………………………………………………119 4.24.5 Set
number of times that is interpreted as L2MS agent
down…………………………………………………………..120 4.24.6 Set terminal management
function……………………………………………………………………………………………….120 4.24.7 Set the device
information acquisition time interval……………………………………………………………………….121 4.24.8
Set L2MS control frame transmit/receive……………………………………………………………………………………..121
4.24.9 Reset agent management…………………………………………………………………………………………………………….122
4.24.10 Show L2MS information…………………………………………………………………………………………………………..122
4.24.11 Show L2MS agent config
information………………………………………………………………………………………..124 4.24.12 Set the device
information acquisition time interval for downstream of a wireless
AP……………………..126 4.24.13 Set event monitoring
function……………………………………………………………………………………………………126 4.24.14 Set event
information acquisition time interval……………………………………………………………………………127 4.24.15
Set whether to use the L2MS agent’s zero config
function…………………………………………………………….127 4.25
Snapshot………………………………………………………………………………………………………………………………………………..128 4.25.1 Set
snapshot function…………………………………………………………………………………………………………………128 4.25.2 Set
whether to include terminals in the snapshot
comparison…………………………………………………………..128 4.25.3 Create
snapshot…………………………………………………………………………………………………………………………129 4.25.4 Delete
snapshot…………………………………………………………………………………………………………………………129 4.26 Firmware
update……………………………………………………………………………………………………………………………………..130 4.26.1 Set
firmware update site……………………………………………………………………………………………………………..130 4.26.2
Configure the HTTP proxy server used for firmware
updates………………………………………………………….130 4.26.3 Execute firmware
update…………………………………………………………………………………………………………….131 4.26.4 Set firmware
download timeout duration………………………………………………………………………………………131 4.26.5 Allow
revision-down………………………………………………………………………………………………………………….132 4.26.6 Show
firmware update function settings……………………………………………………………………………………….132 4.26.7
Update firmware from SD card……………………………………………………………………………………………………133 4.26.8
Set firmware update reload time………………………………………………………………………………………………….133
4.26.9 Set reload method for firmware update of stack
configuration…………………………………………………………134 4.27
Stack……………………………………………………………………………………………………………………………………………………..134 4.27.1 Set
stack function………………………………………………………………………………………………………………………134
6 | Command Reference | Contents
4.27.2 Changing the stack ID………………………………………………………………………………………………………………..135
4.27.3 Show stack information………………………………………………………………………………………………………………136
4.27.4 Set range of IP addresses used by the stack
port…………………………………………………………………………….137 4.27.5 Remote login to a member
switch………………………………………………………………………………………………..137 4.28
Schedule………………………………………………………………………………………………………………………………………………..138 4.28.1
Schedule settings……………………………………………………………………………………………………………………….138 4.28.2
Schedule template description text settings……………………………………………………………………………………140
4.28.3 Settings to enable/disable schedule
template…………………………………………………………………………………140 4.28.4 Schedule template
settings………………………………………………………………………………………………………….141 4.28.5 Schedule template
command execution settings…………………………………………………………………………….141 4.28.6 Schedule
template script execution settings…………………………………………………………………………………..142 4.29
Buzzer……………………………………………………………………………………………………………………………………………………143 4.29.1
Buzzer system settings……………………………………………………………………………………………………………….143 4.29.2
Buzzer trigger settings………………………………………………………………………………………………………………..143 4.29.3
Executing the buzzer check command………………………………………………………………………………………….144
4.29.4 Mute………………………………………………………………………………………………………………………………………..145 4.29.5
Unmute…………………………………………………………………………………………………………………………………….145 4.29.6 Display
buzzer information…………………………………………………………………………………………………………145 4.29.7 Starting
the “Find this switch” function………………………………………………………………………………………..146 4.29.8
Stop the “Find this switch” function…………………………………………………………………………………………….146
4.30 General maintenance and operation
functions…………………………………………………………………………………………….146 4.30.1 Set host
name……………………………………………………………………………………………………………………………146 4.30.2 Reload
system…………………………………………………………………………………………………………………………..147 4.30.3 Initialize
settings……………………………………………………………………………………………………………………….147 4.30.4 Mount SD
card………………………………………………………………………………………………………………………….148 4.30.5 Unmount SD
card………………………………………………………………………………………………………………………148 4.30.6 Set default LED
mode………………………………………………………………………………………………………………..148 4.30.7 Show LED
mode……………………………………………………………………………………………………………………….149 4.30.8 Show port error
LED status…………………………………………………………………………………………………………149 4.30.9 Backup system
information…………………………………………………………………………………………………………150 4.30.10 Restore system
information……………………………………………………………………………………………………….150
Chapter 5: Interface control………………………………………………………………………………..152
5.1 Interface basic
settings………………………………………………………………………………………………………………………………152 5.1.1 Set
description…………………………………………………………………………………………………………………………….152 5.1.2
Shutdown……………………………………………………………………………………………………………………………………152 5.1.3 Set
communication speed and communication mode……………………………………………………………………….152
5.1.4 Auto negotiation type
settings……………………………………………………………………………………………………….153 5.1.5 Auto negotiation
information display…………………………………………………………………………………………….154 5.1.6 Set
MRU…………………………………………………………………………………………………………………………………….155 5.1.7 Set
cross/straight automatic detection…………………………………………………………………………………………….155
5.1.8 Set EEE……………………………………………………………………………………………………………………………………..156 5.1.9
Show EEE capabilities…………………………………………………………………………………………………………………156 5.1.10
Show EEE status……………………………………………………………………………………………………………………….157 5.1.11 Set
port mirroring………………………………………………………………………………………………………………………158 5.1.12 Show
port mirroring status………………………………………………………………………………………………………….158 5.1.13 Show
interface status………………………………………………………………………………………………………………….159 5.1.14 Show
brief interface status………………………………………………………………………………………………………….162 5.1.15
Resetting an interface…………………………………………………………………………………………………………………163 5.1.16
Show frame counter…………………………………………………………………………………………………………………..163 5.1.17
Clear frame counters………………………………………………………………………………………………………………….165 5.1.18
Show SFP module status…………………………………………………………………………………………………………….165 5.1.19 Set
SFP module optical reception level monitoring………………………………………………………………………..166
5.1.20 Configuring transmission queue usage rate monitoring
(system)……………………………………………………..166 5.1.21 Configuring transmission queue usage
rate monitoring (interface)…………………………………………………..167 5.1.22 Display
configuration for transmission queue usage rate
monitoring………………………………………………..168
5.2 Link aggregation………………………………………………………………………………………………………………………………………168
5.2.1 Set static logical
interface……………………………………………………………………………………………………………..168 5.2.2 Show static
logical interface status………………………………………………………………………………………………..169 5.2.3 Set
LACP logical interface……………………………………………………………………………………………………………169 5.2.4 Show
LACP logical interface status……………………………………………………………………………………………….170 5.2.5
Set LACP system priority order…………………………………………………………………………………………………….172 5.2.6
Show LACP system priority…………………………………………………………………………………………………………173 5.2.7
LACP different-speed link aggregation
settings………………………………………………………………………………173
Command Reference | Contents | 7
5.2.8 Set LACP timeout……………………………………………………………………………………………………………………….174 5.2.9
Clear LACP frame counters………………………………………………………………………………………………………….174 5.2.10
Show LACP frame counter…………………………………………………………………………………………………………175 5.2.11 Set
load balance function rules…………………………………………………………………………………………………….175 5.2.12
Show protocol status of LACP logical
interface…………………………………………………………………………….176 5.2.13 Set LACP port priority
order……………………………………………………………………………………………………….178 5.3 Port
authentication…………………………………………………………………………………………………………………………………….178 5.3.1
Configuring the IEEE 802.1X authentication function for the entire
system……………………………………….178 5.3.2 Configuring the MAC authentication function
for the entire system…………………………………………………..179 5.3.3 Configuring the Web
authentication function for the entire system……………………………………………………179 5.3.4 Set
operation mode for the IEEE 802.1X authentication
function………………………………………………………180 5.3.5 Set for forwarding control on an
unauthenticated port for IEEE 802.1X authentication………………………..180 5.3.6 Set
the EAPOL packet transmission count……………………………………………………………………………………..181 5.3.7
Set the MAC authentication function……………………………………………………………………………………………..181
5.3.8 Set MAC address format during MAC
authentication………………………………………………………………………182 5.3.9 Configuring static
registration for MAC authentication……………………………………………………………………183 5.3.10 Set
the Web authentication function…………………………………………………………………………………………….183 5.3.11
Set host mode……………………………………………………………………………………………………………………………184 5.3.12
Configuring the authentication order……………………………………………………………………………………………184
5.3.13 Set re-authentication…………………………………………………………………………………………………………………..185
5.3.14 Set dynamic VLAN……………………………………………………………………………………………………………………186 5.3.15
Set the guest VLAN…………………………………………………………………………………………………………………..186 5.3.16
Suppression period settings following failed
authentication…………………………………………………………….187 5.3.17 Set reauthentication
interval………………………………………………………………………………………………………..187 5.3.18 Set the reply wait
time for the RADIUS server overall…………………………………………………………………..188 5.3.19 Set
supplicant reply wait time……………………………………………………………………………………………………..188 5.3.20
Set RADIUS server host…………………………………………………………………………………………………………….189 5.3.21 Set
the reply wait time for each RADIUS server……………………………………………………………………………190
5.3.22 Set number of times to resend requests to RADIUS
server……………………………………………………………..190 5.3.23 Set RADIUS server shared
password……………………………………………………………………………………………191 5.3.24 Set time of RADIUS
server usage prevention………………………………………………………………………………..191 5.3.25 Set NAS-
Identifier attribute sent to RADIUS server………………………………………………………………………192
5.3.26 Show port authentication
information…………………………………………………………………………………………..192 5.3.27 Show supplicant
information………………………………………………………………………………………………………193 5.3.28 Show statistical
information………………………………………………………………………………………………………..193 5.3.29 Clear
statistical information………………………………………………………………………………………………………..194 5.3.30
Show RADIUS server setting information…………………………………………………………………………………….194
5.3.31 Settings for redirect destination URL following successful Web
authentication………………………………..195 5.3.32 Clear the authentication
state………………………………………………………………………………………………………195 5.3.33 Setting the time for
clearing the authentication state (system)…………………………………………………………196 5.3.34
Setting the time for clearing the authentication state
(interface)……………………………………………………….196 5.3.35 Locate the file for customizing
the Web authentication screen………………………………………………………..197 5.3.36 Delete the file
for customizing the Web authentication screen…………………………………………………………198 5.3.37
Set EAP pass through…………………………………………………………………………………………………………………198 5.4 Port
security……………………………………………………………………………………………………………………………………………..199 5.4.1 Set
port security function……………………………………………………………………………………………………………..199 5.4.2
Register permitted MAC addresses………………………………………………………………………………………………..199
5.4.3 Set operations used for security
violations………………………………………………………………………………………199 5.4.4 Show port security
information……………………………………………………………………………………………………..200 5.5 Error detection
function……………………………………………………………………………………………………………………………..200 5.5.1 Set
automatic recovery from errdisable state…………………………………………………………………………………..200
5.5.2 Show error detection function
information……………………………………………………………………………………..201 5.6
PoE…………………………………………………………………………………………………………………………………………………………202 5.6.1 Set PoE
power supply function (system)………………………………………………………………………………………..202 5.6.2 Set
PoE power supply function (interface)………………………………………………………………………………………202
5.6.3 Set description of PoE port……………………………………………………………………………………………………………203
5.6.4 Set PoE port power supply
priority………………………………………………………………………………………………..203 5.6.5 Continuous PoE
settings for PoE port…………………………………………………………………………………………….204 5.6.6 Guard band
settings……………………………………………………………………………………………………………………..205 5.6.7 Show PoE power
supply information……………………………………………………………………………………………..205
Chapter 6: Layer 2 functions……………………………………………………………………………….207
6.1 FDB (Forwarding Data Base)…………………………………………………………………………………………………………………….207
6.1.1 Set MAC address acquisition
function……………………………………………………………………………………………207
8 | Command Reference | Contents
6.1.2 Set dynamic entry ageing time………………………………………………………………………………………………………207
6.1.3 Clear dynamic entry…………………………………………………………………………………………………………………….208
6.1.4 Set static entry…………………………………………………………………………………………………………………………….208
6.1.5 Show MAC address table……………………………………………………………………………………………………………..209
6.1.6 Show number of MAC addresses…………………………………………………………………………………………………..210
6.2 VLAN……………………………………………………………………………………………………………………………………………………..210 6.2.1
Move to VLAN mode………………………………………………………………………………………………………………….210 6.2.2 Set
VLAN interface……………………………………………………………………………………………………………………..210 6.2.3 Set
private VLAN………………………………………………………………………………………………………………………..211 6.2.4 Set
secondary VLAN for primary VLAN……………………………………………………………………………………….212 6.2.5 Set
access port (untagged port)……………………………………………………………………………………………………..213 6.2.6
Set associated VLAN of an access port (untagged
port)……………………………………………………………………213 6.2.7 Set trunk port (tagged
port)…………………………………………………………………………………………………………..214 6.2.8 Set associated VLAN
for trunk port (tagged port)……………………………………………………………………………215 6.2.9 Set native
VLAN for trunk port (tagged port)………………………………………………………………………………….216 6.2.10
Set private VLAN port type………………………………………………………………………………………………………..216 6.2.11
Set private VLAN host port………………………………………………………………………………………………………..217 6.2.12
Set promiscuous port for private VLAN……………………………………………………………………………………….218
6.2.13 Set voice VLAN………………………………………………………………………………………………………………………..219 6.2.14
Set CoS value for voice VLAN……………………………………………………………………………………………………219 6.2.15
Set DSCP value for voice VLAN…………………………………………………………………………………………………220 6.2.16
Set multiple VALN group…………………………………………………………………………………………………………..220 6.2.17
Set name of multiple VLAN group………………………………………………………………………………………………221 6.2.18
Configuring the YMPI frame transmission when multiple VLANs are
configured…………………………….221 6.2.19 Show VLAN
information……………………………………………………………………………………………………………222 6.2.20 Show private
VLAN information…………………………………………………………………………………………………223 6.2.21 Show multiple
VLAN group setting information…………………………………………………………………………..223 6.3 STP
(Spanning Tree Protocol)……………………………………………………………………………………………………………………224 6.3.1
Set spanning tree for the system…………………………………………………………………………………………………….224
6.3.2 Set forward delay time…………………………………………………………………………………………………………………224
6.3.3 Set maximum aging time………………………………………………………………………………………………………………225
6.3.4 Set bridge priority………………………………………………………………………………………………………………………..225
6.3.5 Set spanning tree for an
interface…………………………………………………………………………………………………..226 6.3.6 Set spanning tree
link type……………………………………………………………………………………………………………226 6.3.7 Set interface BPDU
filtering…………………………………………………………………………………………………………227 6.3.8 Set interface BPDU
guard…………………………………………………………………………………………………………….227 6.3.9 Set interface path
cost…………………………………………………………………………………………………………………..228 6.3.10 Set interface
priority…………………………………………………………………………………………………………………..229 6.3.11 Set edge port
for interface…………………………………………………………………………………………………………..229 6.3.12 Show
spanning tree status…………………………………………………………………………………………………………..230 6.3.13 Show
spanning tree BPDU statistics…………………………………………………………………………………………….232 6.3.14
Clear protocol compatibility mode……………………………………………………………………………………………….233
6.3.15 Move to MST mode…………………………………………………………………………………………………………………..233 6.3.16
Generate MST instance………………………………………………………………………………………………………………234 6.3.17 Set
VLAN for MST instance……………………………………………………………………………………………………….234 6.3.18 Set
priority of MST instance……………………………………………………………………………………………………….235 6.3.19 Set
MST region name…………………………………………………………………………………………………………………235 6.3.20 Set
revision number of MST region……………………………………………………………………………………………..236 6.3.21
Set MST instance for interface…………………………………………………………………………………………………….236
6.3.22 Set interface priority for MST
instance…………………………………………………………………………………………236 6.3.23 Set interface path cost
for MST instance……………………………………………………………………………………….237 6.3.24 Show MST region
information……………………………………………………………………………………………………238 6.3.25 Show MSTP
information……………………………………………………………………………………………………………238 6.3.26 Show MST
instance information………………………………………………………………………………………………….239 6.4 Loop
detection………………………………………………………………………………………………………………………………………….240 6.4.1 Set
loop detection function (system)………………………………………………………………………………………………240 6.4.2
Set loop detection function (interface)……………………………………………………………………………………………241
6.4.3 Set port blocking for loop
detection……………………………………………………………………………………………….242 6.4.4 Detects Port Blocking
loop clearing at regular intervals……………………………………………………………………242 6.4.5 Reset
loop detection status……………………………………………………………………………………………………………243 6.4.6 Show
loop detection function status……………………………………………………………………………………………….243
Chapter 7: Layer 3 functions……………………………………………………………………………….245
7.1 IPv4 address management………………………………………………………………………………………………………………………….245
Command Reference | Contents | 9
7.1.1 Set IPv4 address………………………………………………………………………………………………………………………….245 7.1.2
Show IPv4 address………………………………………………………………………………………………………………………245 7.1.3
Automatically set IPv4 address by DHCP
client……………………………………………………………………………..246 7.1.4 Show DHCP client
status……………………………………………………………………………………………………………..247 7.1.5 Set auto IP
function……………………………………………………………………………………………………………………..247 7.2 IPv4 route
control……………………………………………………………………………………………………………………………………..248 7.2.1 Set
static IPv4 route……………………………………………………………………………………………………………………..248 7.2.2 Show
IPv4 Forwarding Information Base……………………………………………………………………………………….249 7.2.3
Show IPv4 Routing Information Base……………………………………………………………………………………………250 7.2.4
Show summary of the route entries registered in the IPv4 Routing Information
Base…………………………..250 7.3
ARP………………………………………………………………………………………………………………………………………………………..250 7.3.1 Show
ARP table………………………………………………………………………………………………………………………….250 7.3.2 Clear ARP
table…………………………………………………………………………………………………………………………..251 7.3.3 Set static ARP
entry…………………………………………………………………………………………………………………….251 7.3.4 Set ARP
timeout………………………………………………………………………………………………………………………….251 7.4 IPv4 forwarding
control…………………………………………………………………………………………………………………………….252 7.4.1 IPv4
forwarding settings………………………………………………………………………………………………………………252 7.4.2 Show
IPv4 forwarding settings……………………………………………………………………………………………………..252 7.5 IPv4
ping…………………………………………………………………………………………………………………………………………………252 7.5.1 IPv4
ping……………………………………………………………………………………………………………………………………252 7.5.2 Check IPv4
route…………………………………………………………………………………………………………………………253 7.6 IPv6 address
management………………………………………………………………………………………………………………………….254 7.6.1 Set
IPv6……………………………………………………………………………………………………………………………………..254 7.6.2 Set IPv6
address………………………………………………………………………………………………………………………….254 7.6.3 Set RA for
IPv6 address……………………………………………………………………………………………………………….255 7.6.4 Show IPv6
address………………………………………………………………………………………………………………………255 7.7 IPv6 route
control……………………………………………………………………………………………………………………………………..256 7.7.1 Set IPv6
static route……………………………………………………………………………………………………………………..256 7.7.2 Show IPv6
Forwarding Information Base……………………………………………………………………………………….257 7.7.3 Show
IPv6 Routing Information Base……………………………………………………………………………………………257 7.7.4 Show
summary of the route entries registered in the IPv6 Routing Information
Base…………………………..258 7.8 Neighbor
cache…………………………………………………………………………………………………………………………………………258 7.8.1 Set static
neighbor cache entry………………………………………………………………………………………………………258 7.8.2 Show
neighbor cache table……………………………………………………………………………………………………………259 7.8.3 Clear
neighbor cache table……………………………………………………………………………………………………………259 7.9 IPv6
forwarding control…………………………………………………………………………………………………………………………….259 7.9.1
IPv6 forwarding settings………………………………………………………………………………………………………………259 7.9.2
Show IPv6 forwarding settings……………………………………………………………………………………………………..260 7.10
IPv6 ping……………………………………………………………………………………………………………………………………………….260 7.10.1
IPv6 ping………………………………………………………………………………………………………………………………….260 7.10.2 Check
IPv6 route……………………………………………………………………………………………………………………….261 7.11 DNS
client……………………………………………………………………………………………………………………………………………..262 7.11.1 Set
DNS lookup function……………………………………………………………………………………………………………262 7.11.2 Set DNS
server list…………………………………………………………………………………………………………………….262 7.11.3 Set default
domain name…………………………………………………………………………………………………………….263 7.11.4 Set search
domain list…………………………………………………………………………………………………………………263 7.11.5 Show DNS
client information……………………………………………………………………………………………………..264
Chapter 8: IP multicast control……………………………………………………………………………265
8.1 IP multicast basic
settings………………………………………………………………………………………………………………………….265 8.1.1 Set
processing method for unknown multicast frames………………………………………………………………………265
8.1.2 Forwarding settings for unknown multicast
frames………………………………………………………………………….265 8.1.3 Enable/disable function to
transmit IGMP/MLD query when topology changes………………………………….266
8.2 IGMP snooping………………………………………………………………………………………………………………………………………..266
8.2.1 Set enable/disable IGMP
snooping………………………………………………………………………………………………..266 8.2.2 Set IGMP snooping
fast-leave……………………………………………………………………………………………………….267 8.2.3 Set multicast
router connection destination……………………………………………………………………………………..267 8.2.4 Set
query transmission function…………………………………………………………………………………………………….268 8.2.5
Set IGMP query transmission interval……………………………………………………………………………………………268
8.2.6 Set TTL value verification function for IGMP
packets…………………………………………………………………….269 8.2.7 Set IGMP
version………………………………………………………………………………………………………………………..270 8.2.8 Settings for
IGMP Report Suppression…………………………………………………………………………………………..270 8.2.9 Settings
for Suppression of Data Transmission to Multicast Router
Ports…………………………………………..271 8.2.10 Show multicast router connection port
information………………………………………………………………………..272
10 | Command Reference | Contents
8.2.11 Show IGMP group membership
information…………………………………………………………………………………272 8.2.12 Show an interface’s IGMP-
related information………………………………………………………………………………273 8.2.13 Clear IGMP group
membership entries…………………………………………………………………………………………273 8.3 MLD
snooping…………………………………………………………………………………………………………………………………………274 8.3.1
Enable/disable MLD snooping………………………………………………………………………………………………………274 8.3.2
Set MLD snooping fast-leave………………………………………………………………………………………………………..274 8.3.3
Set multicast router connection
destination……………………………………………………………………………………..275 8.3.4 Set query transmission
function…………………………………………………………………………………………………….275 8.3.5 Set MLD query
transmission interval…………………………………………………………………………………………….276 8.3.6 Set MLD
version…………………………………………………………………………………………………………………………277 8.3.7 Show multicast
router connection port information………………………………………………………………………….277 8.3.8 Show
MLD group membership information……………………………………………………………………………………277 8.3.9 Show
an interface’s MLD-related information…………………………………………………………………………………278
8.3.10 Clear MLD group membership
entries………………………………………………………………………………………….279
Chapter 9: Traffic control…………………………………………………………………………………..280
9.1 ACL………………………………………………………………………………………………………………………………………………………..280 9.1.1
Generate IPv4 access list………………………………………………………………………………………………………………280 9.1.2
Adding a description for IPv4 access
list………………………………………………………………………………………..282 9.1.3 Apply IPv4 access
list………………………………………………………………………………………………………………….282 9.1.4 Generate IPv6 access
list………………………………………………………………………………………………………………283 9.1.5 Adding a description
for IPv6 access list………………………………………………………………………………………..284 9.1.6 Apply IPv6
access list………………………………………………………………………………………………………………….284 9.1.7 Generate MAC
access list…………………………………………………………………………………………………………….285 9.1.8 Adding a
description for MAC access lists……………………………………………………………………………………..286 9.1.9
Apply MAC access list…………………………………………………………………………………………………………………287 9.1.10
Show generated access list………………………………………………………………………………………………………….288 9.1.11
Clear counters……………………………………………………………………………………………………………………………288 9.1.12 Show
access list applied to interface…………………………………………………………………………………………….288 9.1.13
Set VLAN access map and move to VLAN access map mode…………………………………………………………289
9.1.14 Set access list for VLAN access
map……………………………………………………………………………………………289 9.1.15 Set VLAN access map
filter………………………………………………………………………………………………………..290 9.1.16 Show VLAN access
map…………………………………………………………………………………………………………….290 9.1.17 Show VLAN access map
filter…………………………………………………………………………………………………….291
9.2 QoS (Quality of Service)……………………………………………………………………………………………………………………………291
9.2.1 Enable/disable QoS……………………………………………………………………………………………………………………..291
9.2.2 Set default CoS……………………………………………………………………………………………………………………………292 9.2.3
Set trust mode……………………………………………………………………………………………………………………………..292 9.2.4 Show
status of QoS function setting………………………………………………………………………………………………293 9.2.5
Show QoS information for interface………………………………………………………………………………………………294
9.2.6 Show egress queue usage ratio………………………………………………………………………………………………………295
9.2.7 Set CoS – egress queue ID conversion
table…………………………………………………………………………………….296 9.2.8 Set DSCP – egress queue ID
conversion tabl…………………………………………………………………………………..296 9.2.9 Set port priority
order…………………………………………………………………………………………………………………..297 9.2.10 Specify egress
queue of frames transmitted from the switch itself……………………………………………………298
9.2.11 Generate class map (traffic category
conditions)……………………………………………………………………………298 9.2.12 Associate class
map……………………………………………………………………………………………………………………299 9.2.13 Set traffic
classification conditions (access-list)…………………………………………………………………………….300
9.2.14 Set traffic classification conditions
(CoS)……………………………………………………………………………………..300 9.2.15 Set traffic classification
conditions (TOS precedence)……………………………………………………………………301 9.2.16 Set traffic
classification conditions (DSCP)…………………………………………………………………………………..301 9.2.17
Set traffic classification conditions (Ethernet
Type)……………………………………………………………………….302 9.2.18 13.2.22 Set traffic classification
conditions (VLAN ID)…………………………………………………………………302 9.2.19 Set traffic
classification conditions (VLAN ID range)……………………………………………………………………303 9.2.20
Show class map information……………………………………………………………………………………………………….303 9.2.21
Generate policy map for received frames………………………………………………………………………………………304
9.2.22 Apply policy map for received
frames………………………………………………………………………………………….305 9.2.23 Set pre-marking
(CoS)……………………………………………………………………………………………………………….306 9.2.24 Set pre-marking
(TOS precedence)………………………………………………………………………………………………306 9.2.25 Set pre-marking
(DSCP)…………………………………………………………………………………………………………….307 9.2.26 Set individual
policers (single rate)………………………………………………………………………………………………308 9.2.27 Set
individual policers (twin rate)………………………………………………………………………………………………..309
9.2.28 Set remarking of individual
policers…………………………………………………………………………………………….310 9.2.29 Generate aggregate
policer………………………………………………………………………………………………………….311
Command Reference | Contents | 11
9.2.30 Set aggregate policer (single
rate)………………………………………………………………………………………………..312 9.2.31 Set aggregate policer
(twin rate)………………………………………………………………………………………………….313 9.2.32 Set remarking of
aggregate policers……………………………………………………………………………………………..314 9.2.33 Show
aggregate policers……………………………………………………………………………………………………………..315 9.2.34 Apply
aggregate policer……………………………………………………………………………………………………………..316 9.2.35 Show
metering counters……………………………………………………………………………………………………………..317 9.2.36 Clear
metering counters………………………………………………………………………………………………………………317 9.2.37 Set
egress queue (CoS-Queue)…………………………………………………………………………………………………….318 9.2.38 Set
egress queue (DSCP-Queue)………………………………………………………………………………………………….318 9.2.39 Show
policy map information……………………………………………………………………………………………………..319 9.2.40 Show
map status………………………………………………………………………………………………………………………..321 9.2.41 Set egress
queue scheduling………………………………………………………………………………………………………..322 9.2.42 Set
traffic shaping (individual port)……………………………………………………………………………………………..322
9.2.43 Sets traffic shaping (per
queue)……………………………………………………………………………………………………323 9.3 Flow
control…………………………………………………………………………………………………………………………………………….324 9.3.1 Set
flow control (IEEE 802.3x PAUSE send/receive)
(system)…………………………………………………………324 9.3.2 Set flow control (IEEE 802.3x PAUSE
send/receive) (interface)……………………………………………………….324 9.3.3 Show flow control
operating status………………………………………………………………………………………………..325 9.4 Storm
control……………………………………………………………………………………………………………………………………………326 9.4.1 Set
storm control…………………………………………………………………………………………………………………………326 9.4.2 Show
storm control reception upper limit……………………………………………………………………………………….327
Chapter 10: Application………………………………………………………………………………………328
10.1 Local RADIUS server……………………………………………………………………………………………………………………………..328
10.1.1 Local RADIUS server function
settings………………………………………………………………………………………..328 10.1.2 Set access
interface…………………………………………………………………………………………………………………….328 10.1.3 Generate a
route certificate authority……………………………………………………………………………………………329 10.1.4
RADIUS configuration mode………………………………………………………………………………………………………329 10.1.5
Authentication method settings……………………………………………………………………………………………………329 10.1.6
RADIUS client (NAS) settings……………………………………………………………………………………………………330 10.1.7
Authenticated user settings………………………………………………………………………………………………………….331 10.1.8
Reauthentication interval setting………………………………………………………………………………………………….333
10.1.9 Apply setting data to local RADIUS
server…………………………………………………………………………………..333 10.1.10 Issuing a client
certificate………………………………………………………………………………………………………….333 10.1.11 Aborting the
issue of a client certificate………………………………………………………………………………………334 10.1.12
Revoking client certificates……………………………………………………………………………………………………….335
10.1.13 Exporting client certificates (copying to SD
card)………………………………………………………………………..335 10.1.14 Exporting of client certificates
(sending via e-mail)……………………………………………………………………..336 10.1.15 Copying RADIUS
data……………………………………………………………………………………………………………..337 10.1.16 Show RADIUS client
(NAS) status……………………………………………………………………………………………337 10.1.17 Show authenticated
user information………………………………………………………………………………………….338 10.1.18 Client
certificate issuance status display……………………………………………………………………………………..339
10.1.19 Client certificate list
display………………………………………………………………………………………………………339 10.1.20 Revoked client
certificate list display…………………………………………………………………………………………340
Index………………………………………………………………………………………………………………………………………..341
Preface
Introduction
· Unauthorized reproduction of this document in part or in whole is
prohibited. · The contents of this document are subject to change without
notice. · Yamaha disclaims all responsibility for any damages caused by loss
of data or other problems resulting from the use of this
product. The warranty is limited to this physical product itself. Please be
aware of these points. · The information contained in this document has been
carefully checked and is believed to be reliable. However, if you find some of
the contents to be missing or have questions regarding the contents, please
contact us.
· All the company and product names used in this manual are registered
trademarks or trademarks of the companies concerned.
Command Reference | How to read the command reference | 13
Chapter 1
How to read the command reference
1.1 Applicable firmware revision
This command reference applies to firmware Yamaha Intelligent L2 Switch
SWX232x of Rev.2.05.13 / Rev.2.06.13. For the latest firmware released after
printing of this command reference, manuals, and items that differ, access the
following URL and see the information in the WWW server.
http://www.rtpro.yamaha.co.jp
1.2 How to read the command reference
This command reference describes the commands that you enter from the console
of the Yamaha Intelligent L2 Switch SWX232x.
In this manual, “SWX232x” indicates the SWX2320 or the SWX2322P. Substitute
either name when reading this manual.
Each command is described by a combination of the following items.
Explains the command input syntax. Key input can use either uppercase or lowercase characters.
Command names are shown in bold (Bold face).
[Syntax]
The parameter portion is shown in italic (Italic face).
Keywords are shown in normal characters.
Parameters that can be omitted are enclosed in square brackets ( [ ] ).
[Keywords]
Explains the type and significance of keywords that can be specified for the command.
[Parameters]
Explains the type and significance of parameters that can be specified for the command.
[Default setting]
Indicates the factory-set state of the command.
[Input mode]
Indicates the modes in which the command can be executed.
[Description]
Explains the command.
[Notes]
Explains points that you should be aware of when using the command.
[Examples]
Provides specific examples of the command.
1.3 Interface names
In the command input syntax, interface names are used to specify each interface of the switch. The following interface names are handled by the SWX232x.
Interface type LAN/SFP port VLAN interface
Prefix port vlan
Description
Examples
Used to specify a physical port. Specify “stack ID” + “.” + “port number” after the port number.
When specifying LAN port #1 on LAN port stack #1 : port1.1
Used to specify a VLAN. Specify vlan followed by the To specify VLAN #1: vlan1 “VLAN ID”.
14 | Command Reference | How to read the command reference
Interface type
Prefix
static logical interface
sa
LACP logical interface
po
Description
Used to specify link aggregation that combines multiple LAN/SFP port. Specify
sa or po followed by “logical interface ID”.
Examples
To specify static logical interface #1: sa1
To specify LACP logical interface #2: po2
1.4 Input syntax for commands starting with the word “no”
Many commands also have a form in which the command input syntax starts with the word no. If you use a syntax that with begins with the word no, the settings of that command are deleted and returned to the default value, unless explained otherwise.
Command Reference | How to use the commands | 15
Chapter 2
How to use the commands
The SWX232x lets you perform command operations in the following two ways.
Type of operation Operation via console
Method of operation
· Access from a console terminal · Access from a TELNET client · Access from a
SSH client
Operation via a config file
· File transfer via TFTP · File transfer via GUI operation · File copy via SD card
This chapter explains how to use each method.
Description
Issue commands one by one to interactively make settings or perform
operations.
A file containing a set of necessary commands (called a configuration or
“config” file) is used to specify multiple settings, or to obtain multiple
settings from the SWX232x, in a single operation.
2.1 Operation via console
2.1.1 Access from a console terminal
Use a USB cable or RJ-45/DB-9 console cable when making settings from a
terminal that is connected to the CONSOLE port of SWX232x.
For the USB cable connected to the mini-USB CONSOLE port, use a USB cable that
supports data communication between a USB Type A connector and a mini-USB Type
B (5-pin) connector. Cables for recharging only cannot be used.
If you are using a computer as a console terminal (serial terminal), you’ll
need a terminal program to control the computer’s serial (COM) port. Set the
communication settings of the console terminal as follows.
Setting item
Value
Baud rate
9600bps
Data
8-bit
Parity
none
Stop bit
1-bit
Flow control
Xon/Xoff
For settings related to the console terminal, use the line con command to move to line mode.
2.1.2 Access from a TELNET client
You can use a TELNET client on a computer to connect to the TELNET server of
the SWX232x and control it. In order to make settings using TELNET, you must
first set up a connection environment (IP network) and then make TELNET server
settings.
The IP address settings of the SWX232x are as follows.
· The default IPv4 address setting is 192.168.100.240/24 for VLAN #1. · To
change the IPv4 address, use the ip address command.
The TELNET server settings of the SWX232x are as follows.
· With the default settings of the TELNET server function, it runs on the
default port (TCP port 23) and allows access only from VLAN #1 (vlan0.1).
· To change the reception port number, use the telnet-server command. · Access
to the TELNET server can be controlled in VLAN units, and can be specified by
the telnet-server interface
command.
A virtual communication port by which a TELNET client connects is called a
“virtual terminal (VTY: Virtual TYpewriter) port.” The maximum number of
simultaneous TELNET client connections depends on the number of VTY ports of
the SWX232x. The VTY ports of the SWX232x are as follows.
· With the default VTY port settings, eight VTY ports (ID: 0–7) can be used.
16 | Command Reference | How to use the commands
· To check the number of VTY ports, use the show running-config | include line
vty command. · To change the number of VTY ports, use the line vty command.
(maximum 8 (ID: 0–7))
To make VTY port settings, use the line vty command to specify the target VTY
port, and then move to line mode. ID management for virtual terminal ports is
handled within the SWX232x, but since login session and ID assignments depend
on the connection timing, you should normally make the same settings for all
VTY ports.
2.1.3 Access from an SSH client
You can use an SSH client on a computer to connect to the SSH server of the
SWX232x and control it. In order to make settings using SSH, you must first
set up a connection environment (IP network) and then make SSH server
settings.
The IP address settings of the SWX232x are as follows.
· The default IPv4 address setting is 192.168.100.240/24 for VLAN #1. · To
change the IPv4 address, use the ip address command.
The following settings on the SWX232x must be made beforehand when accessing
from an SSH client.
· Generate a host key on the SSH server using the ssh-server host key generate
command. · Enable the SSH server functions using the ssh-server command. ·
Register the user name and password using the username command.
The SSH server settings of the SWX232x are as follows.
· Access to an SSH server can be controlled for each VLAN, and is set using
the ssh-server interface command. · Note that the following functions are not
supported. · SSH protocol version 1 · User authentication aside from password
authentication (host response authentication, public key authentication,
challenge-
response authentication, GSSAPI authentication) · Port forwarding (X11/TCP
forwarding) · Gateway Ports (Port relay) · Permitting blank passwords
A virtual communication port by which an SSH client connects is called a
“virtual terminal (VTY: Virtual TYpewriter) port.” The maximum number of
simultaneous SSH client connections depends on the number of VTY ports of the
SWX232x. The VTY ports of the SWX232x are as follows.
· With the default VTY port settings, eight VTY ports (ID: 0–7) can be used. ·
To check the number of VTY ports, use the show running-config | include line
vty command. · To change the number of VTY ports, use the line vty command.
(maximum 8 (ID: 0–7))
To make VTY port settings, use the line vty command to specify the target VTY
port, and then move to line mode. ID management for virtual terminal ports is
handled within the SWX232x, but since login session and ID assignments depend
on the connection timing, you should normally make the same settings for all
VTY ports.
2.1.4 Console terminal/VTY settings
The SWX232x lets you make the following settings for console terminals and
VTY.
1. Timeout duration interpreted as no operation 2. Number of lines shown in
one page of the terminal screen
Setting item
Content of setting
Timeout duration interpreted as no operation
Specifies the time after which the login session is forcibly ended when there has been no key input from the terminal. With the default setting, the session is forcibly disconnected after ten minutes. To make this setting, use the exec-timeout command of the line mode; this takes effect from the next session.
Setting item
Command Reference | How to use the commands | 17 Content of setting
Number of lines shown in one page of the terminal screen
Specifies the number of lines shown on one page of the terminal screen. This can be set as 0–512 lines/page, and the default setting is 24 lines/page. When displaying in this state, 23 lines are displayed, then “–More—” is displayed and the system waits for key input. There are two types of this setting, and they are applied to the system starting with the upper type.
- unprivileged EXEC mode terminal length command 2) global configuration mode
service terminal-length command
Setting 1) is a function that temporarily applies to the user who is using the terminal, and is applied as soon as the command is executed. Setting 2) applies starting with the next session.
2.2 Operation via configuration (config) files
A file containing a set of needed commands is called a configuration (config)
file.
The settings that have been made on the SWX232x can be read as a configuration
file by a host on the LAN via TFTP. A configuration file on the host can also
be loaded into the SWX232x to specify its settings.
A configuration file contains all the settings for the entire unit; it is not
possible to partially read or write only the settings for a specific area. The
configuration file is a text file consisting of ASCII + line-return (CRLF or
LF).
The commands and parameters in a configuration file must be in the correct
syntax. If the syntax or content are incorrect, that content is ignored and is
not applied to operation.
2.2.1 Access from a TFTP client
In order to transfer a configuration file via TFTP, you must first set up a
connection environment (IP network) and then make TFTP server settings.
The IP address settings of the SWX232x are as follows.
· The default IPv4 address setting is 192.168.100.240/24 for VLAN #1. · To
change the IPv4 address, use the ip address command.
The TFTP server settings of the SWX232x are as follows.
· With the default settings of the TFTP server function, it is running on the
default port (UDP port 69) and does not allow access from anywhere.
· To change the reception port number, use the tftp-server command. · Access
to the TFTP server can be controlled in VLAN units, and can be specified by
the tftp-server interface command.
Specify the VLAN ID for which access is allowed.
2.2.2 Reading/writing a configuration file
Reading/writing a configuration file is performed by executing a TFTP command from the host on the LAN. The following configuration files are read or written. · configuration file
Applicable configuration
Applicable file
Description
running-config
CONFIG file (.txt)
Setting values for current operation (Basic settings)
startup-config #0, #1, #SD
CONFIG file (.txt) All settings (.zip)
Saved setting values (Basic settings) Saved setting values (All settings)
Specify the following as the remote path of the configuration file read (GET) or write (PUT) destination. · Remote path for applicable files (No automatic restart)
18 | Command Reference | How to use the commands
Applicable configuration
Applicable file Remote path
Load (GET)
Save (PUT)
Automatic restart
running-config CONFIG file (.txt) config
–
CONFIG file (.txt) config0
–
startup-config #0
All settings (.zip) config0-all
–
CONFIG file (.txt) config1
–
startup-config #1
All settings (.zip) config1-all
–
startup-config
CONFIG file (.txt) configsd
–
SD
All settings (.zip) configsd-all
–
If you want to restart the system automatically after applying the CONFIG
file, specify the following remote path. The currently running configuration
is applicable.
· Remote path for applicable files (with automatic restart)
Applicable configuration
Applicable file Remote path
Load (GET)
Save (PUT)
Automatic restart
Currently running CONFIG file (.txt) reconfig
–
startup-config
All settings (.zip) reconfig-all
–
When applying (PUT) a CONFIG file, confirm that the target CONFIG and the type
of the target file are correct.
If an incorrect file is specified, it cannot be reflected correctly.
The command syntax used depends on the OS of that host (TFTP client). Keep the
following points in mind when executing commands.
· IP address of the SWX232x · Use “binary mode” as the transmission mode. ·
You must specify the administrator password after the remote path in the
format “/PASSWORD”.
When the admin password is in the default state, you cannot read/write
configuration files. The admin password must be changed first. · If you PUT
(write) with “config” specified as the remote path, the changes are added or
overwritten to the current operating settings. Settings that you do not add or
change will remain as the current operating settings. Since the setting values
are not saved, you must use the write command etc. if you want to save them. ·
The encrypted password (password 8 or enable password 8 command format) is not
applied to the settings even if it is PUT to running-config via TFTP. And,
users are not actually registered when making settings for users that include
encrypted passwords (username command).
2.3 Login
When the SWX232x has finished starting up, a login screen is displayed. You
can log in by entering the configured user name and password. By default, a
default administrator is configured, and you can log in with the user
name:adminand password:admin. · Login screen
Username:admin Password: · Console screen following login SWX2320 Rev.2.05.02
(Mon Dec 14 12:08:51 2020)
Copyright (c) 2021 Yamaha Corporation. All Rights Reserved.
SWX232x> When logging in as the default administrator for the first time, the
password change screen is displayed. Change the password. · Password change
screen
Username:admin Password:
Command Reference | How to use the commands | 19 SWX2320 Rev.2.05.02 (Mon Dec
14 12:08:51 2020)
Copyright (c) 2021 Yamaha Corporation. All Rights Reserved. Please change the
default password for admin. New Password: New Password(Confirm): Saving …
Succeeded to write configuration If the incorrect password is entered three
times in a row, you will be restricted from logging in for one minute. After
one minute has passed, please enter the correct password. · Login restriction
screen Username: user Password: % Incorrect username or password, or login as
user is restricted. Password: % Incorrect username or password, or login as
user is restricted. Password: % Incorrect username or password, or blocked
upon 3 failed login attempts for user. % Please try again later. · If a
restricted user enters the wrong password again, the time limit will be
refreshed. · After the restriction time limit expires, you can log in by
entering the correct password.
2.4 Command input mode 2.4.1 Command input mode basics
In order to change the settings of the SWX232x or to reference the status, you
must move to the appropriate command input mode and then execute the command.
Command input mode is divided into hierarchical levels as shown below, and the
commands that can be entered in each mode are different. By noting the prompt,
the user can see which mode they are currently in.
The basic commands related to moving between command input modes are described
below. For commands that move from global configuration mode mode to
individual configuration mode, refer to “individual configuration mode.” ·
exit command · logout command · enable command / administratorcommand
20 | Command Reference | How to use the commands
· disable command · configure terminal command · end command
2.4.2 individual configuration mode
individual configuration mode is the overall name for the mode in which you
can make detailed settings for specific items such as LAN/SFP port, VLAN
interface, and QoS. To enter individual configuration mode, issue the command
for transitioning to the respective mode from global configuration mode.
On SWX232x, individual configuration mode contains the following modes. Some
of the modes within individual configuration mode have a hierarchy. For
example, policy map mode policy map class mode.
individual configuration mode
Transition command
Prompt
interface mode
interface command
SWX232x(config-if)#
line mode
VLAN mode VLAN access map mode
MST mode
class map mode policy map mode policy map class mode L2MS mode LLDP agent mode
E-mail template mode RADIUS configuration mode
line con command line vty command
vlan database command vlan access-map command spanning-tree mst configuration
command class-map command policy-map command class command l2ms configuration
command lldp-agent command mail template command radius-server local-profile
command
SWX232x(config-line)#
SWX232x(config-vlan)# SWX232x(config-vlan-access-map)#
SWX232x(config-mst)#
SWX232x(config-cmap)# SWX232x(config-pmap)# SWX232x(config-pmap-c)# SWX232x
(config-l2ms)# SWX232x(lldp-agent)# SWX232x(config-mail)# SWX232x(config-
radius)#
2.4.3 Command prompt prefix
he command prompt prefix indicates the host name. In the default state, the
host name is the model name “SWX232x”. This indication can be changed by using
the hostname command to specify the host name. In cases where multiple SWX232x
units are used, management will be easier if separate names are assigned to
each switch.
Changing the host name SWX232x(config)# hostname Switch-012
Switch-012(config)#
2.4.4 Executing commands of a different input mode
Because the commands that can be used on the SWX232x differ depending on the
mode, you must transition to the mode in which a command can be executed
before you execute that command. The do command is provided as a way to avoid
this requirement.
By using the do command you can execute privileged EXEC mode commands from any
configuration mode. This allows you to reference the current configuration or
save settings from any configuration mode without having to transition to
privileged EXEC mode.
However, since the completion function cannot be used with do, you must enter
the command that follows either in its full spelling or in its abbreviated
form.
· Entry in full spelling SWX232x(config)#do show running-config
· Entry in abbreviated form SWX232x(config)#do sh ru
2.5 Keyboard operations when using the console
2.5.1 Basic operations for console input
Command Reference | How to use the commands | 21
The SWX232x allows the following operations in the command line. · Moving the cursor
Keyboard operation
Description and notes
Move right one character
Move left one character
Press Esc, then F
Move right one word (move to the character following the end of the word at the cursor location)
Press Esc, then B
Move left one word (move to the first character of the word at the cursor location)
Ctrl + A
Move to the beginning of the line
Ctrl + E · Deleting an input character
Move to the end of the line
Keyboard operation
Description and notes
Backspace Ctrl + H
Delete the character at the left of the cursor
Ctrl + D
Delete the character at the cursor. If this operation is performed when the command line is empty, the result is the same as the exit command.
· Other
Press Esc, then D Ctrl + K Ctrl + U
Keyboard operation
Delete from the cursor position until immediately before the first space
Delete from the cursor position until the end of the line Delete all
characters that are being entered
Description and notes
Ctrl + T
Exchange the character at the cursor position with the preceding character. If the cursor is at the end of the line, exchange the preceding character with the character that precedes it.
Ctrl + C
In unprivileged EXEC mode and privileged EXEC mode, discard the command being entered and move to the next line. In individual configuration mode, discard the command line being entered and move to privileged EXEC mode. Command processing that is currently being executed will be stopped. (ex: ping command)
Ctrl + Z
Move from individual configuration mode to privileged EXEC mode. This is the same operation as the end command.
2.5.2 Command help
By entering ‘?’ in the command line you can search for the available commands or parameters.
SWX232x#show vlan ?
<1-4094>
VLAN id
access-map Show VLAN Access Map
brief
VLAN information for all bridges (static and dynamic)
filter
Show VLAN Access Map Filter
private-vlan private-vlan information
22 | Command Reference | How to use the commands
SWX232x#show vlan
2.5.3 Input command completion and keyword candidate list display
If you press the “Tab” key while entering a command in the console, the
command name is completed. If you press the “Tab” key after entering a
keyword, a list of keyword candidates that can be entered next is shown. The
same operation can also be performed by pressing the “Ctrl + I” key.
· Command name completion
SWX232x#con “press the
SWX232x#configure
· Keyword candidate list display
SWX232x(config)#vlan “press the
2.5.4 Entering command abbreviations
When you enter commands or parameters in abbreviated form, and the characters
you entered can be recognized unambiguously as a command or parameter, that
command is executed. Example of entering a command abbreviation (show running-
config) SWX232x# sh run
2.5.5 Command history
By using the command history function, you can easily re-execute a command
that you previously input, or partially modify a previously input command and
re-execute it. Command history is shown as a history that is common to all
modes.
Operation is shown below.
Keyboard operation
Description and notes
Ctrl + P
Move backward through command history
Ctrl + N
Move forward through command history
2.6 Commands that start with the word “show”
2.6.1 Modifiers
Modifiers send the information produced by the show command through a filter,
restricting the content that is shown in the screen and making it easier for
you to see the desired information.
The SWX232x provides the following three modifiers for the show command.
Modifiers
Description
include grep
Output only the lines that include the specified character string
exclude
Output only the lines that do not include the specified character string
Modifiers can be used only one at a time. You cannot specify more than one
modifier.
· (Example) Using show running-config to view information that includes VLAN
1 (vlan1).
SWX232x#show running-config | grep vlan1 interface vlan1 http-server interface
vlan1 telnet-server interface vlan1
· (Example) Using show spanning-tree to view information that includes Role.
SWX232x# show spanning-tree | include Role % po1: Port Number 505 – Ifindex
4601 – Port Id 0x81f9 – Role Disabled – State Discarding
Command Reference | How to use the commands | 23
% port1.1: Port Number 905 – Ifindex 5001 – Port Id 0x8389 – Role Disabled
State Forwarding % port1.2: Port Number 906 – Ifindex 5002 – Port Id 0x838a –
Role Disabled State Forwarding % port1.3: Port Number 907 – Ifindex 5003 –
Port Id 0x838b – Role Disabled State Forwarding % port1.4: Port Number 908 –
Ifindex 5004 – Port Id 0x838c – Role Disabled State Forwarding % port1.6: Port
Number 910 – Ifindex 5006 – Port Id 0x838e – Role Disabled State Forwarding %
port1.7: Port Number 911 – Ifindex 5007 – Port Id 0x838f – Role Disabled State
Forwarding % port1.8: Port Number 912 – Ifindex 5008 – Port Id 0x8390 – Role
Disabled State Forwarding % port1.9: Port Number 913 – Ifindex 5009 – Port Id
0x8391 – Role Disabled State Forwarding % port1.10: Port Number 914 – Ifindex
5010 – Port Id 0x8392 – Role Disabled State Forwarding
24 | Command Reference | Configuration
Chapter 3
Configuration
3.1 Manage setting values
The SWX232x uses the following configurations to manage its settings.
Types of configuration
Description
Running configuration (running-config)
Setting values currently used for operation. Managed in RAM.
User operations that can be performed
Note / Save to startup configuration
Startup configuration (startup-config)
These are the saved setting values. This
manages 2 configurations in Flash ROM
and 1 configuration on an SD card. The
data in Flash ROM to be used is
determined using the startup-config select command.
Note / Delete / Copy
The single configuration on the SD card
is managed in the “/swx2320/startup-
config” or “/swx2322p/startup-config”
folder.
Default configuration (default-config)
Default setting values. Managed in Flash ROM.
No operations possible
The start-up flow for the SWX232x system is as follows.
1. The setting value of the startup-config select command is referenced to
determine the startup config that will be used. If “sd” is specified by the
startup-config select command, and an SD card on which a startup config is
saved is not inserted, startup config #0 is selected.
2. If the startup configuration that was selected exists, the data in
question is deployed to RAM as a running configuration. If the startup
configuration file that was selected according to the setting values in the
startup-config select command does not exist in Flash ROM, the default
configuration is deployed to RAM.
If commands etc. are used to modify the settings while the SWX232x is running,
the modified settings are immediately reflected in the running configuration.
After modifying the running configuration, executing the write or copy command
will update the startup configuration. If you restart without saving the
content that was specified or modified, the settings or modifications are
lost. Please be aware of this.
3.2 Default value
The default setting values for the SWX232x are shown in the table below. · Default setting values for the entire system
Category
Setting item
CONFIG
CONFIG used at startup
Console timeout
Terminal settings
Number of VTYs
Number of lines displayed
Default administrator
User account
Administrator password
Password encryption
Time zone
Time management
NTP server
NTP update cycle
Default value Startup config in SD card 600 sec 8 24 User name: admin, Password: admin admin not encrypted JST (UTC + 9.0H) none once per hour
Category RMON
Firmware update
LLDP L2MS SYSLOG
Access control
Maintenance VLAN L2 switching DNS cliant Interface control Traffic control Web
GUI Stack Buzzer · Default settings per LAN/SFP port
Setting item Behavior
Download URL
Allow revision-down Timeout Behavior Automatically set Behavior Role Debug
level log output Information level log output Error level log output SYSLOG
server Telnet server status Telnet server access SSH server status TFTP server
status HTTP server status HTTP server access Secure HTTP server status VLAN
interface Automatic MAC address learning Automatic MAC address learning aging
time Spanning tree Proprietary loop detection Behavior
PoE power supply
QoS Flow control (IEEE 802.3x) Language setting Operation Stack ID Range of IP
addresses used by the stack port Enabled Buzzer triger
Command Reference | Configuration | 25
Default value enabled firmware-update url http://
www.rtpro.yamaha.co.jp/firmware/ revision-up/swx2320.bin (Note: the file for
the SWX2322P model is “swx2322p.bin”) don’t allow 300 sec enabled enabled
enabled agent OFF ON ON none run allow only VLAN #1 do not run do not run run
allow only VLAN #1 do not run VLAN #1 enabled
300 sec
enabled disabled enabled enabled (only for models that support PoE) disabled
disabled Japanese (selectable) Disabled 1
192.168.250.0/24
Disabled All disabled
26 | Command Reference | Configuration Category
Common setting
L2MS L2 switching Traffic control
Setting item Speed/duplex mode setting Cross/straight automatic detection MRU Port description EEE Port Mode Associated VLAN ID L2MS filter Spanning tree Proprietary loop detection QoS trust mode Flow control (IEEE 802.3x) Storm control
PoE power supply
LLDP agent · Settings for the default VLAN (vlan1)
· IPv4 Address : 192.168.100.240/24 · IGMP Snooping: Enable
· Querier : Disable · Fast-Leave : Disable · Check TTL : Enable
Power supply operation
Power supply priority Transmit/Receive mode
Default value auto enabled 1,522 Byte none disabled Access 1 (default VLAN) disabled enabled enabled CoS disabled disabled enabled (only for models that support PoE) low (only for models that support PoE) transmit and receive
Command Reference | Maintenance and operation functions | 27
Chapter 4
Maintenance and operation functions
4.1 Passwords
4.1.1 Set administrator password
[Syntax] enable password password
[Parameter]
password
: Administrator password
Single-type alphanumeric characters and ” and ‘ and | and > and ? and single-
byte symbols other than space characters (32 characters or less) The first
character must be a single-byte alphanumeric character
[Initial value]
enable password admin
[Input mode] global configuration mode
[Description] Specifies the administrator password needed to enter privileged
EXEC mode. You cannot change it to the default password, “admin”.
[Note] If the password was encrypted by the password-encryption command, it is
shown in the configuration in the form “enable password 8 password.” The user
cannot enter the password in this form when making configuration settings from
the command line. Automatically set the default administrator password (admin)
if no administrator password is set at boot.
[Example] Specify admin1234 as the administrator password.
SWX232x(config)#enable password admin1234
4.1.2 Encrypt password
[Syntax] password-encryption switch no password-encryption [Parameter]
switch
: Set password encryption
enable disable
Setting value
Encrypt Don’t encrypt
Description
[Initial value] password-encryption disable [Input mode] global configuration mode
28 | Command Reference | Maintenance and operation functions
[Description] Enables password encryption. If this is enabled, the password
entered by the password command, the enable password command, and the username
command are saved in the configuration in an encrypted form. If this command
is executed with the “no” syntax, password encryption is disabled, and the
password entered by the password command, the enable password command, and the
username command are saved in the configuration as plaintext.
[Note] If password encryption is changed from disabled to enabled, previously-
entered passwords are converted from plaintext to an encrypted form; however
if it is changed from enabled to disabled, previously-encrypted passwords in a
configuration file do not return to plaintext.
[Example] Enables password encryption.
SWX232x(config)#password-encryption enable Disabled password encryption.
SWX232x(config)#no password-encryption
4.2 User account maintenance
4.2.1 Set user
[Syntax] username username [privilege privilege] password password no username
username
[Keyword]
privilege password
: Specifies the user’s privileges : Specifies the user’s password
[Parameter]
username
: User name
Single-byte alphanumeric characters (32 characters or less)
privilege
: Whether to grant privilege
Setting value on off
Description
Password input is not requested when moving to privileged EXEC mode Access to
Web GUI is allowed with administrator privileges
Password input is requested when moving to privileged EXEC mode Access to Web
GUI is allowed with guest
password
: User’s login password
Single-type alphanumeric characters and ” and ‘ and | and > and ? and single-
byte symbols other than space characters (32 characters or less) The first
character must be a single-byte alphanumeric character
[Initial value] none [Input mode] global configuration mode
Command Reference | Maintenance and operation functions | 29
[Description] Sets user information. A maximum of 33 items of user information
can be registered. However, while there can be up to 32 privilege off users, 1
privilege on user is required. The following words cannot be registered as
user names. lp, adm, bin, ftp, gdm, man, rpc, sys, xfs, halt, mail, news,
nscd, sync, uucp, root, sshd, games, daemon, gopher, nobody, ftpuser, mtsuser,
rpcuser, mailnull, operator, shutdown The default password of “admin” cannot
be used as a password.
[Note] If the password was encrypted by the password-encryption command, it is
shown in the configuration in the form “username username 8 password
password.” The user cannot enter the password in this form when making
configuration settings from the command line. At boot, if no privilege on user
has been set, a default administrator (admin/admin) is added. At boot, users
who do not have a password set will have their password set to the same string
as the user name.
[Example] Set the user “user1234”.
SWX232x(config)#username user1234 password user_pass Set the privilege on user
user1234 .
SWX232x(config)#username user1234 privilege on password user_pass
4.2.2 Changing User Permissions
[Syntax] username username privilege privilege
[Keyword]
privilege
: Specifies user permissions
[Parameter]
username
: User name
Up to 32 half-width alphanumeric characters
privilege
: Whether or not privileges are granted
Setting value on
off
Description
Users will not be prompted to enter a password when switching to privileged
EXEC mode Web GUI can be accessed with Administrator permissions
Users will be prompted to enter a password when switching to privileged EXEC
mode Web GUI can be accessed with Guest permissions
[Initial value] None
[Input mode] global configuration mode [Description] Permissions of a
registered users can be changed. [Note] Cannot be configured for unregistered
users.
30 | Command Reference | Maintenance and operation functions [Example] Grants privileges to user1234 registered users.
SWX232x(config)#username user1234 privilege on
4.2.3 Show login user information
[Input mode] unprivileged EXEC mode, privileged EXEC mode, global
configuration mode
[Description] Shows information on the current logged-in users. The following
items are shown.
Item
Description
Shows the login method.
con 0 is the serial console port
Line
vty N is the VTY port
stk N is the remote login port
http N is the Web GUI
Own User
Status
Login time IP address
An * is shown for the line of one’s own connection port. Shows the currently logged-in user names. Shows the login status. If the user is in use, this indicates Login. Shows the login time. Shows the IP address of the connected user.
[Example] Show login information for the users when the stack function is disabled.
SWX232x>show users
Line Own User
Status Login time IP address
————————————————————————————-
———
con 0
user1234
Login 02:15:23
vty 0 * operators1
Login 00:12:59 192.168.100.1
vty 1
abcdefghijklmnopqrstuvwxyzabcdef Login 00:00:50 192.168.100.24
vty 2
–
Login 00:00:21 192.168.100.10
vty 3
–
–
–
vty 4
–
–
–
vty 5
–
–
–
vty 6
–
–
–
vty 7
–
–
–
http 0
user