Aruba AOS-CX 10.12 User guide

  • Hello! I've reviewed the AOS-CX Command-Line Interface Guide for the Aruba 6000 and 6100 Switch Series. This document presents a detailed description of how to use the CLI, which includes topics such as navigation, command contexts, and specific commands for features like ACL, ARP, and more. I'm here to help you explore this document and answer any questions you may have regarding the switches and their configuration.
  • What is the purpose of this document?
    What products does this document apply to?
    What is the purpose of the global configuration context?
AOS-CX 10.12 Command-Line
Interface Guide
6000, 6100 Switch Series
Published: September 2023
Edition: 2
|2
Copyright Information
© Copyright 2023 Hewlett Packard Enterprise Development LP.
This product includes code licensed under certain open source licenses which require source
compliance. The corresponding source for these components is available upon request. This offer is
valid to anyone in receipt of this information and shall expire three years following the date of the final
distribution of this product version by Hewlett Packard Enterprise Company. To obtain such source
code, please check if the code is available in the HPE Software Center at
https://myenterpriselicense.hpe.com/cwp-ui/software but, if not, send a written request for specific
software version and product for which you want the open source code. Along with the request, please
send a check or money order in the amount of US $10.00 to:
Hewlett Packard Enterprise Company
Attn: General Counsel
WW Corporate Headquarters
1701 E Mossy Oaks Rd Spring, TX 77389
United States of America.
Notices
The information contained herein is subject to change without notice. The only warranties for Hewlett
Packard Enterprise products and services are set forth in the express warranty statements
accompanying such products and services. Nothing herein should be construed as constituting an
additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or
omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession,
use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer
Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government
under vendor's standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard
Enterprise website.
For more information, see the KM Process Guide. ?>
Acknowledgments
Bluetooth is a trademark owned by its proprietor and used by Hewlett Packard Enterprise under
license.
Contents
Contents
Contents 3
About this document 27
Applicable products 27
What's new in this release 27
Latest version available online 29
Command syntax notation conventions 30
About the examples 30
Identifying switch ports and interfaces 31
Introduction to the AOS-CX CLI 32
CLI access 32
Getting CLI help 32
Authority levels 33
Command contexts 34
Operator context (>) 34
Navigating to the operator context (>) 34
Auditor context 34
Manager context (#) 35
Navigating to the manager context (#) 35
Global configuration context (config) 35
Navigating to the config context 36
Other configuration command contexts 36
Support for range contexts 37
Rules for range contexts 39
Command history 39
Command completion 40
Pipe (|) support in show commands 40
Command syntax notation conventions 41
Service OS CLI commands 42
boot 42
cat 43
cd path 43
config-clear 44
cp 45
du 46
erase zeroize 47
exit 48
format 49
identify 50
ls 51
md5sum 52
mkdir 53
mount 54
mv 55
password (svos) 56
pwd 56
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 3
Contents |4
reboot 57
rm 58
rmdir 58
secure-mode 59
sh 61
umount 61
update 62
version 63
ACL commands 65
ACL application 65
access-list copy 65
access-list ip 68
access-list ipv6 77
access-list log-timer 84
access-list mac 86
access-list resequence 92
access-list reset 94
apply access-list control-plane 97
apply access-list (to interface or LAG) 98
apply access-list (to VLAN) 100
clear access-list hitcounts 102
clear access-list hitcounts control-plane 103
show access-list 104
show access-list control-plane 107
show access-list hitcounts 109
show access-list hitcounts control-plane 112
show capacities 113
show capacities-status 116
ACL and Policy hardware resource commands 118
show resources 118
ARP commands 120
arp inspection 120
arp inspection trust 120
arp ipv4 mac 121
arp process-grat-arp 122
clear arp 123
debug arp-security 124
ip local-proxy-arp 126
ip proxy-arp 127
ipv6 neighbor mac 128
show arp 129
show arp inspection interface 129
show arp inspection statistics 131
show arp inspection vlan 131
show arp state 132
show arp summary 134
show arp timeout 135
show arp vrf 136
show ipv6 neighbors 137
show ipv6 neighbors state 138
show tech arp-security 139
location-override-alternative 141
Banner commands 143
banner 143
show banner 144
Boot commands 146
boot set-default 146
boot system 146
show boot-history 148
Cable diagnostic commands 151
diag cable-diagnostic 151
Captive portal (RADIUS) commands 154
aaa authentication port-access captive-portal-profile 154
show port-access captive-portal-profile 155
url 156
url-hash-key 157
CDP commands 160
cdp 160
clear cdp counters 161
clear cdp neighbor-info 161
show cdp 162
show cdp neighbor-info 163
show cdp traffic 164
Checkpoint commands 165
checkpoint auto 165
checkpoint auto confirm 166
checkpoint diff 167
checkpoint post-configuration 168
checkpoint post-configuration timeout 169
checkpoint rename 170
checkpoint rollback 171
copy checkpoint <CHECKPOINT-NAME> <REMOTE-URL> 171
copy checkpoint <CHECKPOINT-NAME> {running-config | startup-config} 173
copy checkpoint <CHECKPOINT-NAME> <STORAGE-URL> 174
copy <REMOTE-URL> checkpoint <CHECKPOINT-NAME> 174
copy <REMOTE-URL> {running-config | startup-config} 175
copy running-config {startup-config | checkpoint <CHECKPOINT-NAME>} 177
copy {running-config | startup-config} <REMOTE-URL> 178
copy {running-config | startup-config} <STORAGE-URL> 180
copy startup-config running-config 181
copy <STORAGE-URL> running-config 181
erase 183
show checkpoint <CHECKPOINT-NAME> 184
show checkpoint <CHECKPOINT-NAME> hash 186
show checkpoint post-configuration 187
show checkpoint 188
show checkpoint date 189
show running-config hash 190
show startup-config hash 191
write memory 192
Classifier policy commands 193
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 5
Contents |6
Classifier policy application 193
apply policy (config-if, config-lag-if, config-vlan) 193
apply policy 196
class copy 197
class ip 198
class ipv6 205
class resequence 211
class reset 212
clear policy hitcounts 213
policy 214
policy copy 219
policy resequence 219
policy reset 220
show class 221
show policy 223
Client Insight Commands 227
client-insight enable 227
client-insight on-boarding event logs 227
diag-dump client-insight basic 228
show capacities client-insight-client-limit 230
show capacities-status client-insight-client-limit 231
show events -c client-insight 232
show tech client-insight 234
CLI session commands 237
alias 237
auto-confirm 238
configure terminal 239
disable 240
do 240
enable (manager context) 241
end 242
exit 242
list 243
page 243
Pipe (|) command 244
repeat 245
session-timeout 246
show session-timeout 247
show alias 247
show history 248
CLI user session management commands 250
cli-session 250
Clock commands 253
clock date 253
clock datetime 253
clock time 254
clock timezone 255
show clock 255
CoPP commands 257
Classes of traffic 257
apply copp-policy 257
class 259
clear copp-policy statistics 260
copp-policy 260
default-class 262
reset copp-policy 262
show copp-policy 264
show copp-policy factory-default 265
show copp-policy statistics 267
show tech copp 268
Debug logging commands 270
clear debug buffer 270
debug {all | <MODULE-NAME>} 271
debug db 272
debug destination 274
show debug 276
show debug buffer 277
show debug destination 278
Device profile commands 279
aaa authentication port-access allow-cdp-auth 279
aaa authentication port-access allow-cdp-bpdu 279
aaa authentication port-access allow-cdp-proxy-logoff 281
aaa authentication port-access allow-lldp-bpdu 282
associate cdp-group 283
associate lldp-group 284
associate mac-group 285
associate role 286
disable 287
enable 288
ignore (for CDP groups) 288
ignore (for LLDP groups) 290
ignore (for MAC groups) 291
mac-group 296
match (for CDP groups) 297
match (for LLDP groups) 298
match (for MAC groups) 300
port-access cdp-group 304
port-access device-profile 305
port-access device-profile mode block-until-profile-applied 306
port-access lldp-group 307
show port-access device-profile 308
DHCP client commands 311
ip dhcp 311
show ip dhcp 312
DHCPv4 relay commands 313
dhcp-relay 313
dhcp-relay hop-count-increment 313
dhcp-relay option 82 314
diag-dump dhcp-relay basic 315
ip bootp-gateway 317
ip helper-address 318
show dhcp-relay 318
show dhcp-relay bootp-gateway 319
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 7
Contents |8
show ip helper-address 320
DHCP relay (IPv6) commands 322
dhcpv6-relay 322
dhcpv6-relay option 79 323
ipv6 helper-address 323
show dhcpv6-relay 325
show ipv6 helper-address 325
DHCPv4 snooping commands 327
clear dhcpv4-snooping binding 327
clear dhcpv4-snooping statistics 328
dhcpv4-snooping 328
dhcpv4-snooping (in config-vlan context) 329
dhcpv4-snooping allow-overwrite-binding 330
dhcpv4-snooping authorized-server 331
dhcpv4-snooping event-log client 332
dhcpv4-snooping external-storage 333
dhcpv4-snooping flash-storage 334
dhcpv4-snooping max-bindings 336
dhcpv4-snooping option 82 336
dhcpv4-snooping static-attributes 338
dhcpv4-snooping trust 339
dhcpv4-snooping verify mac 340
show dhcpv4-snooping 340
show dhcpv4-snooping binding 342
show dhcpv4-snooping statistics 343
DHCPv6 snooping commands 345
clear dhcpv6-snooping binding 345
clear dhcpv6-snooping statistics 346
dhcpv6-snooping 346
dhcpv6-snooping (in config-vlan context) 347
dhcpv6-snooping authorized-server 348
dhcpv6-snooping event-log client 349
dhcpv6-snooping external-storage 350
dhcpv6-snooping flash-storage 352
dhcpv6-snooping max-bindings 353
dhcpv6-snooping trust 354
show dhcpv6-snooping 355
show dhcpv6-snooping binding 356
show dhcpv6-snooping statistics 357
DHCP options commands 359
http-proxy 359
DNS client commands 361
ip dns domain-list 361
ip dns domain-name 362
ip dns host 363
ip dns server address 364
show ip dns 365
redistribute local-mac 366
Fault monitor commands 367
(Fault enabling/disabling) 367
action 368
apply fault-monitor profile 371
fault-monitor profile 372
show fault-monitor profile 373
show interface fault-monitor profile 375
show interface fault-monitor status 376
show running-config 376
threshold 378
Firmware management commands 381
copy {primary | secondary} <REMOTE-URL> 381
copy {primary | secondary} <FIRMWARE-FILENAME> 382
copy primary secondary 383
copy <REMOTE-URL> 383
copy secondary primary 385
copy <STORAGE-URL> 386
copy hot-patch 387
hot-patch 389
show hot-patch 390
HTTPS server commands 392
https-server authentication certificate 392
https-server authentication password 393
https-server max-user-sessions 393
https-server rest access-mode 394
https-server rest firmware-site-distribution 395
https-server session close all 396
https-server session-timeout 397
https-server vrf 398
show https-server 399
show https-server authentication 400
ICMP commands 402
ip icmp redirect 402
ip icmp throttle 402
ip icmp unreachable 403
IGMP commands 405
ip igmp 405
ip igmp apply access-list 406
ip igmp last-member-query-interval 407
ip igmp querier 408
ip igmp querier interval 409
ip igmp querier query-max-response-time 410
ip igmp robustness 411
ip igmp router-alert-check 412
ip igmp static-group 413
ip igmp version 414
ip igmp version strict 414
no ip igmp 415
show ip igmp 416
show ip igmp counters 417
show ip igmp group 419
show ip igmp groups 421
show ip igmp interface 423
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 9
Contents |10
show ip igmp interface counters 424
show ip igmp interface group 425
show ip igmp interface groups 427
show ip igmp interface statistics 428
show ip igmp static-groups 429
show ip igmp statistics 430
IGMP snooping commands 432
ip igmp snooping (config mode) 432
ip igmp snooping (interface mode) 433
ip igmp snooping (vlan mode) 435
show ip igmp snooping 437
In-System Programming commands 441
clear update-log 441
show needed-updates 441
Interface commands 443
allow-unsupported-transceiver 443
default interface 444
description 445
energy-efficient-ethernet 446
flow-control 447
interface 448
interface vlan 449
ip address 450
ip mtu 451
ipv6 address 452
mtu 453
persona 454
rate-interval 456
show allow-unsupported-transceiver 457
show interface 458
show interface dom 463
show interface energy-efficient ethernet 464
show interface flow-control 465
show interface statistics 469
show interface transceiver 472
show interface utilization 475
show ip interface 476
show ip source-interface 477
show ipv6 interface 478
show ipv6 source-interface 480
shutdown 481
speed 481
IP Client Tracker commands 485
client track ip 485
client track ip { enable | disable | auto } 486
client track ip client-limit 487
client track ip update-interval 487
client track ip update-method probe 488
show capacities 489
show client ip { count | port | vlan } 490
IPv4 source lockdown commands 491
ipv4 source-binding 491
ipv4 source-lockdown 492
ipv4 source-lockdown hardware retry 493
show ipv4 source-binding 493
show ipv4 source-lockdown 494
IPv6 RA commands 498
ipv6 address <global-unicast-address> 498
ipv6 address autoconfig 499
ipv6 address link-local 500
ipv6 nd cache-limit 501
ipv6 nd dad attempts 501
ipv6 nd hop-limit 502
ipv6 nd mtu 503
ipv6 nd ns-interval 503
ipv6 nd prefix 504
ipv6 nd ra dns search-list 506
ipv6 nd ra dns server 507
ipv6 nd ra lifetime 508
ipv6 nd ra managed-config-flag 509
ipv6 nd ra max-interval 510
ipv6 nd ra min-interval 511
ipv6 nd ra other-config-flag 511
ipv6 nd ra reachable-time 512
ipv6 nd ra retrans-timer 513
ipv6 nd route 514
ipv6 nd router-preference 515
ipv6 nd suppress-ra 516
show ipv6 nd global traffic 516
show ipv6 nd interface 517
show ipv6 nd interface prefix 520
show ipv6 nd interface route 521
show ipv6 nd ra dns search-list 522
show ipv6 nd ra dns server 523
IPv6 source lockdown commands 524
ipv6 source-binding 524
ipv6 source-lockdown 525
ipv6 source-lockdown hardware retry 526
show ipv6 source-binding 526
show ipv6 source-lockdown 527
IRDP commands 531
diag-dump irdp basic 531
ip irdp 532
ip irdp holdtime 533
ip irdp maxadvertinterval 533
ip irdp minadvertinterval 534
ip irdp preference 535
show ip irdp 536
Job Scheduler commands 538
job 538
schedule 540
show job 543
show capacities (job, schedule) 546
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 11
Contents |12
show running-config (job, schedule) 546
show schedule 548
Key chain commands 551
accept-lifetime 551
key 552
keychain 553
key-string 554
name 555
recv-id 556
send-lifetime 557
send-id 558
show capacities keychain 559
show keychain 560
show running-config keychain 561
L1-100Mbps downshift commands 563
downshift enable 563
show interface 564
show interface downshift-enable 568
show running-config interface 569
LACP and LAG commands 571
description 571
interface lag 572
lacp fallback-static 573
lacp mode 574
lacp port-id 575
lacp port-priority 575
lacp rate 576
lacp system-priority 577
lag 578
show interface 579
show lacp aggregates 581
show lacp configuration 582
show lacp interfaces 582
show lag 586
show running-config interface lag 587
shutdown 588
vlan trunk native 589
LLDP commands 591
clear lldp neighbors 591
clear lldp statistics 591
lldp 592
lldp dot3 593
lldp dot3 eee 594
lldp dot3 mfs 594
lldp holdtime-multiplier 595
lldp management-address vlan 596
lldp management-ipv4-address 597
lldp management-ipv6-address 598
lldp med 599
lldp med-location 600
lldp receive 602
lldp reinit 603
lldp select-tlv 603
lldp timer 605
lldp transmit 606
lldp txdelay 607
lldp trap enable 608
show lldp configuration 610
show lldp local-device 611
show lldp neighbor-info 613
show lldp neighbor-info detail 615
show lldp statistics 618
show lldp tlv 619
Local AAA commands 621
aaa accounting all-mgmt 621
aaa authentication console-login-attempts 623
aaa authentication limit-login-attempts 624
aaa authentication login 625
aaa authentication minimum-password-length 626
aaa authorization commands (local) 627
show aaa accounting 629
show aaa authentication 630
show aaa authorization 631
show authentication locked-out-users 632
show ssh authentication-method 633
show user 633
ssh password-authentication 635
ssh public-key-authentication 635
user authorized-key 636
Log rotation commands 639
logging threshold 639
logrotate maxsize 640
logrotate period 641
logrotate target 642
show logrotate 644
Loop protect commands 645
loop-protect 645
loop-protect action 646
loop-protect re-enable-timer 647
loop-protect transmit-interval 648
loop-protect trap loop-detected 648
loop-protect vlan 649
show loop-protect 650
Loopback commands 653
interface loopback 653
ip address 653
ipv6 address 654
show interface loopback 655
MAC address table commands 657
clear mac-address 657
mac-address-table age-time 658
show mac-address-table 659
show mac-address-table address 660
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 13
Contents |14
show mac-address-table count 661
show mac-address-table dynamic 662
show mac-address-table interface 663
show mac-address-table lockout 664
show mac-address-table port 665
show mac-address-table static 665
show mac-address-table vlan 666
static-mac 667
Mirroring commands 669
clear mirror 669
comment 669
destination interface 671
diagnostic 672
disable 673
enable 673
mirror session 674
show mirror 675
source interface 677
MLD snooping global configuration commands 680
ipv6 mld snooping 680
MLD snooping VLAN configuration commands 681
ipv6 mld snooping 681
ipv6 mld snooping fastlearn 682
ipv6 mld snooping fastleave vlan 682
ipv6 mld snooping forced fastleave vlan 683
ipv6 mld snooping apply access-list 684
ipv6 mld snooping auto vlan 686
ipv6 mld snooping blocked vlan 686
ipv6 mld snooping forward vlan 687
ipv6 mld snooping static-group 688
ipv6 mld snooping version 689
MLD snooping show commands 691
show ipv6 mld snooping 691
MLD configuration commands for interface VLAN 695
ipv6 mld 695
ipv6 mld apply access-list 695
no ipv6 mld 697
ipv6 mld querier 697
ipv6 mld querier interval 698
ipv6 mld last-member-query-interval 699
ipv6 mld querier query-max-response-time 699
ipv6 mld robustness 700
ipv6 mld static-group 701
ipv6 mld version 702
ipv6 mld version strict 702
MLD show commands for interface VLAN 704
show ipv6 mld 704
MLD configuration commands for interface 708
ipv6 mld 708
ipv6 mld apply access-list 708
no ipv6 mld 710
ipv6 mld querier 710
ipv6 mld querier interval 711
ipv6 mld last-member-query-interval 712
ipv6 mld querier query-max-response-time 712
ipv6 mld robustness 713
ipv6 mld static-group 714
ipv6 mld version 715
ipv6 mld version strict 715
MSTP commands 717
clear spanning-tree statistics 717
show spanning-tree 717
show spanning-tree detail 719
show spanning-tree inconsistent-ports 720
show spanning-tree mst 721
show spanning-tree mst-config 724
show spanning-tree mst detail 724
show spanning-tree mst <INSTANCE-ID> 728
show spanning-tree mst <INSTANCE-ID> detail 729
show spanning-tree mst interface 730
show spanning-tree summary port 731
show spanning-tree summary root 732
spanning-tree 733
spanning-tree bpdu-filter 734
spanning-tree bpdu-guard 735
spanning-tree bpdu-guard timeout 736
spanning-tree config-name 737
spanning-tree config-revision 738
spanning-tree cost 739
spanning-tree forward-delay 740
spanning-tree hello-time 741
spanning-tree instance cost 742
spanning-tree instance port-priority 743
spanning-tree instance priority 744
spanning-tree instance vlan 745
spanning-tree link-type 746
spanning-tree loop-guard 746
spanning-tree max-age 747
spanning-tree max-hops 748
spanning-tree mode 749
spanning-tree port-priority 751
spanning-tree port-type 752
spanning-tree priority 753
spanning-tree root-guard 754
spanning-tree rpvst-filter 755
spanning-tree rpvst-guard 756
spanning-tree tcn-guard 757
spanning-tree transmit-hold-count 758
spanning-tree trap 758
MVRP commands 761
clear mvrp statistics 761
mvrp 761
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 15
Contents |16
mvrp registration 762
mvrp timer 763
show mvrp config 764
show mvrp state 765
show mvrp statistics 766
NTP commands 768
ntp authentication 768
ntp authentication-key 768
ntp disable 770
ntp enable 770
ntp server 771
ntp trusted-key 773
ntp vrf 774
show ntp associations 775
show ntp authentication-keys 776
show ntp servers 777
show ntp statistics 778
show ntp status 779
Ping commands 781
ping 781
ping6 786
PKI commands 790
crypto pki application 790
crypto pki certificate 791
crypto pki ta-profile 792
enroll self-signed 793
enroll terminal 794
import (CA-signed leaf certificate) 795
import (self-signed leaf certificate) 797
key-type 799
ocsp disable-nonce 800
ocsp enforcement-level 801
ocsp url 802
ocsp vrf 803
revocation-check ocsp 804
show crypto pki application 805
show crypto pki certificate 806
show crypto pki ta-profile 808
ta-certificate 810
subject 811
PKI EST commands 813
arbitrary-label 813
arbitrary-label-enrollment 814
arbitrary-label-reenrollment 815
crypto pki est-profile 816
enroll est-profile 817
reenrollment-lead-time 818
retry-count 819
retry-interval 820
show crypto pki est-profile 821
url 822
username 823
vrf 825
PoE commands 827
lldp dot3 poe 827
lldp med poe 828
power-over-ethernet 828
power-over-ethernet allocate-by 829
power-over-ethernet assigned-class 831
power-over-ethernet pre-std-detect 832
power-over-ethernet priority 832
power-over-ethernet threshold 833
power-over-ethernet trap 834
show lldp local 835
show lldp neighbor 836
show power-over-ethernet 837
Port access 802.1X authentication commands 840
aaa authentication port-access dot1x authenticator 840
aaa authentication port-access dot1x authenticator auth-method 841
aaa authentication port-access dot1x authenticator cached-reauth 842
aaa authentication port-access dot1x authenticator cached-reauth-period 842
aaa authentication port-access dot1x authenticator discovery-period 843
aaa authentication port-access dot1x authenticator eap-tls-fragment 844
aaa authentication port-access dot1x authenticator eapol-timeout 845
aaa authentication port-access dot1x authenticator initial-auth-response-timeout 846
aaa authentication port-access dot1x authenticator max-eapol-requests 847
aaa authentication port-access dot1x authenticator max-retries 848
aaa authentication port-access dot1x authenticator quiet-period 849
aaa authentication port-access dot1x authenticator radius server-group 850
aaa authentication port-access dot1x authenticator reauth 851
aaa authentication port-access dot1x authenticator reauth-period 852
clear dot1x authenticator statistics interface 853
show aaa authentication port-access dot1x authenticator interface client-status 853
show aaa authentication port-access dot1x authenticator interface port-statistics 855
Port access 802.1X supplicant commands 858
aaa authentication port-access dot1x supplicant(global) 858
aaa authentication port-access dot1x supplicant(port) 858
associate policy 859
canned-eap-success 861
clear dot1x supplicant statistics 861
discovery-timeout 863
eap-identity 864
eapol-force-multicast 866
eapol-method 867
eapol-protocol-version 868
eapol-timeout 870
enable 871
enable 872
fail-mode 872
held-period 873
max-retries 875
policy (supplicant) 876
port-access dot1x supplicant restart 877
show aaa authentication port-access dot1x supplicant policy 878
show aaa authentication port-access dot1x supplicant statistics 880
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 17
Contents |18
show aaa authentication port-access dot1x supplicant status 882
start-mode 885
Port access cached-critical role commands 887
aaa authentication port-access cached-critical-role (global) 887
aaa authentication port-access cached-critical-role (per interface) 889
port-access clear cached-client 890
show port-access cached-clients 891
show port-access cached-critical-role info 892
Port access general commands 894
aaa authentication port-access auth-mode 894
aaa authentication port-access auth-precedence 895
aaa authentication port-access auth-priority 896
aaa authentication port-access auth-role 897
aaa authentication port-access client-auto-log-off final-authentication-failure 898
aaa authentication port-access client-limit 899
aaa authentication port-access client-limit multi-domain 900
aaa authentication port-access radius-override 901
port-access allow-flood-traffic 902
port-access client-move 903
port-access event-log client 904
port-access fallback-role 905
port-access log-off client 906
port-access onboarding-method precedence 907
port-access onboarding-method concurrent 908
port-access reauthenticate interface 909
show aaa authentication port-access interface client-status 910
show port-access clients 912
show port-access clients detail 915
show port-access clients onboarding-method 918
Port access MAC authentication commands 920
aaa authentication port-access mac-auth 920
aaa authentication port-access mac-auth addr-format 921
aaa authentication port-access mac-auth auth-method 921
aaa authentication port-access mac-auth cached-reauth 922
aaa authentication port-access mac-auth cached-reauth-period 923
aaa authentication port-access mac-auth password 924
aaa authentication port-access mac-auth quiet-period 925
aaa authentication port-access mac-auth radius server-group 926
aaa authentication port-access mac-auth reauth 927
aaa authentication port-access mac-auth reauth-period 928
clear mac-auth statistics 929
show aaa authentication port-access mac-auth interface client-status 929
show aaa authentication port-access mac-auth interface port-statistics 931
Port access policy commands 933
port-access policy 933
port-access policy copy 937
port-access policy resequence 938
port-access policy reset 939
clear port-access policy hitcounts 940
show port-access policy 943
show port-access policy hitcounts 945
Port access role commands 947
associate policy 947
auth-mode 948
cached-reauth-period 949
client-inactivity timeout 950
description 951
device-traffic-class 951
mtu 952
poe-allocate-by 953
poe-priority 954
port-access role 955
reauth-period 956
session timeout 956
show aaa authentication port-access interface client-status 957
show port-access role 958
stp-admin-edge-port 960
trust-mode 961
vlan 962
Port access security violation commands 965
port-access security violation action 965
port-access security violation action shutdown auto-recovery 966
port-access security violation action shutdown recovery-timer 967
show interface 968
show port-access aaa violation interface 968
show port-access port-security violation client-limit-exceeded interface 969
Port access VLAN group commands 972
associate-vlan 972
port-access vlan-group 973
show running-config port-access vlan-group 974
Port filtering commands 975
portfilter 975
show portfilter 976
Port security commands 978
port-access port-security 978
port-access port-security client-limit 979
port-access port-security mac-address 979
show port-access port-security interface client-status 980
show port-access port-security interface port-statistics 982
show port-access security violation sticky-mac-client-move interface 983
sticky-learn enable 984
Private VLAN commands 985
diag-dump private-vlan basic 985
private-vlan 985
private-vlan port-type 987
show capacities private-vlan 988
show capacities-status private-vlan 989
show private-vlan 989
show private-vlan association 991
show private-vlan inconsistency 992
show private-vlan port-type 994
AOS-CX 10.12 Command-Line Interface Guide | (6000, 6100 Switch Series) 19
Contents |20
show running-configuration private-vlan 994
show tech private-vlan 995
QoS commands 998
apply qos 998
map queue 1000
min-bandwidth 1001
name queue 1002
qos cos 1003
qos dscp 1004
qos dscp-map 1006
qos queue-profile 1007
qos schedule-profile 1008
qos trust 1010
rate-limit 1011
show interface queues 1014
show interface qos 1016
show qos dscp-map 1017
show qos queue-profile 1018
show qos schedule-profile 1019
show qos trust 1021
strict queue 1021
Configurable RADIUS attribute commands 1024
aaa radius-attribute group 1024
nas-id request-type 1025
nas-id value 1026
nas-ip-addr request-type authentication 1027
nas-ip-addr service-type user-management 1028
tunnel-private-group-id request-type 1029
tunnel-private-group-id value 1030
RADIUS dynamic authorization commands 1032
radius dyn-authorization enable 1032
radius dyn-authorization client 1032
radius dyn-authorization client tls (RadSec) 1034
radius dyn-authorization port 1035
show radius dyn-authorization 1036
show radius dyn-authorization client 1038
show radius dyn-authorization client tls (RadSec) 1039
Remote AAA (TACACS+, RADIUS) commands 1041
aaa accounting allow-fail-through 1041
aaa accounting all-mgmt 1041
aaa authentication allow-fail-through 1044
aaa authentication login 1045
aaa authorization allow-fail-through 1047
aaa authorization commands 1049
aaa group server 1052
radius-server auth-type 1053
radius-server host 1054
radius-server host secure ipsec 1057
radius-server host tls port-access 1062
radius-server host tls tracking-method 1064
radius-server key 1065
radius-server retries 1067
/