Dell PowerConnect 3324 Owner's manual

Type
Owner's manual
Dell™PowerConnect™3324/3348SwitchCLIGuide
Models 3324 and 3348
Notes, Notices, and Cautions
Information in this document is subject to change without notice.
©2003DellComputerCorporation.Allrightsreserved.
Reproduction in any manner whatsoever without the written permission of Dell Computer Corporation is strictly forbidden.
Trademarks used in this text: Dell, the DELL logo, PowerConnect, PowerEdge, PowerVault, PowerApp, and Dell OpenManage are trademarks of Dell Computer Corporation.
Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Computer Corporation
disclaims any proprietary interest in trademarks and trade names other than its own.
May 2003 P/N J0926 Rev. A00
Using the CLI
Command Groups
AAA Commands
Address Table Commands
Ethernet Configuration Commands
Configuration and Image Files
IGMP Snooping Commands
GVRP Commands
IP Addressing Commands
LACP Commands
Line Commands
Management ACL
Port Channel Commands
Port Monitor Commands
QoS Commands
Radius Commands
RMON Commands
SNMP Commands
Spanning Tree Commands
SSH Commands
Syslog Commands
System Management
User Interface Commands
VLAN Commands
Web Server
NOTE: A NOTE indicates important information that helps you make better use of your computer.
NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death.
Back to Contents Page

AAA Commands
Dell™PowerConnect™3324/3348SwitchCLIGuide

aaa authentication login

Use the aaa authentication login global configuration command to define login authentication. To return to the default configuration, use the no form of this
command.

Syntax

aaa authentication login {default | list-name} method1 [method2...]

no aaa authentication login {default | list-name}
l default—Uses the listed authentication methods that follow this argument as the default list of methods when a user logs in.
l list-name—Character string used to name the list of authentication methods activated when a user logs in.
l method1 [method2...]—Select at least one method from the following table:


Default Configuration

The local user database is checked. This has the same effect as the aaa authentication login local command.


Command Mode

Global Configuration Mode

User Guidelines

The default and optional list names created with the aaa authentication login command are used with the login authentication command.
aaa authentication login
aaa authentication enable
login authentication
enable authentication
ip http authentication
ip https authentication
show authentication methods
password
enable password
username
show users accounts
Source or destination
Uses the enable password for authentication.
Uses the line password for authentication.
Uses the local user name database for authentication.
Uses no authentication. Access can be provided without authorization if defined as a specific authentication method.
Uses the list of all RADIUS servers for authentication.
NOTE: On the console, login succeeds without any authentication check if the authentication method is not defined.

Use the aaa authentication login list-name method command to creat a list for a particular protocol, where list-name is any character string used to
name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds
even if all methods return an error, specify none as the final method in the command line.

The following is an example of the CLI commands.


aaa authentication enable

Use the aaa authentication enable default global configuration command to define authentication method lists for accessing higher privilege levels. To return
to the default configuration, use the no form of this command.

Syntax

aaa authentication enable {default | list-name} method1 [method2...]

no aaa authentication enable default
l default—Uses the listed authentication methods that follow this argument as the default list of methods, when using higher privilege levels.
l list-name—Character string used to name the list of authentication methods activated, when using access higher privilege levels.
l method1 [method2...]—Select at least one method from the following table:


Default Configuration

If the default list is not set, only the enable password is checked. This has the same effect as the aaa authentication enable default enable command.

On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the aaa
authentication enable default enable none command.

Command Mode

Global Configuration Mode

User Guidelines


Console (config)# aaa authentication login default
radius local enable none
Source or destination
Uses the enable password for authentication.
Uses the line password for authentication.
Uses no authentication. Access can be provided without authorization if defined as a specific authentication method.
Uses the list of all RADIUS servers for authentication. Uses user name $enabx$. where x is the privilege level.

The default and optional list names created with the aaa authentication enable command are used with the enable authentication command.

Use the aaa authentication enable list-name method command to create a list, where list-name is any character string used to name this list. The
method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds
even if all methods return an error, specify none as the final method in the command line.

All aaa authentication enable default requests sent by the device to a RADIUS server include the username $enabx$., where x is the requested
privilege level.

Example

The following example sets authentication when accessing higher privilege levels.


login authentication

Use the login authentication line configuration command to specify the login authentication method list for a remote Telnet or console. To return to the default
specified by the authentication login command, use the no form of this command.

Syntax

login authentication {default | list-name}

no login authentication
l default—Uses the default list created with the authentication login command.
l list-name—Uses the indicated list created with the authentication login command.

Default Configuration

Uses the default set with the command authentication login.

Command Mode

Line Configuration Mode

User Guidelines

There are no user guidelines for this command.


Console (config)#
aaa authentication enable default

Example

The following example specifies the default authenticationmethod for a remote Telnet or console.


enable authentication

Use the enable authentication line configuration command to specify the authentication method list when accessing a higher privilege level from a remote
Telnet or console. To return to the default specified by the enable authentication command, use the no form of this command.

Syntax

enable authentication {default | list-name}

no enable authentication
l default—Uses the default list created with the authentication enable command.
l list-name—Uses the indicated list created with the authentication enable command.

Default Configuration

Uses the default set with the authentication enable command.

Command Mode

Line Configuration Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example specifies the default authentication method when accessing a higher privilege level from a remote Telnet or console.



Console (config-line)#
login authentication default

Console (config-line)#
enable authentication default
ip http authentication

Use the ip http authentication global configuration mode command to specify authentication methods for http. To return to the default, use the no form of this
command.

Syntax

ip http authentication method1 [method2...]

no ip http authentication
l method1 [method2...]—Select at least one method from the following table:


Default Configuration

The local user database is checked. This has the same effect as the ip http authentication local command.

Command Mode

Global Configuration Mode

User Guidelines

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds
even if all methods return an error, specify none as the final method from the command line.

Example

The following example configures the http authentication as either RADIUS or local in that order.


ip https authentication

Use the ip https authentication global configuration command to specify authentication methods for https. To return to the default, use the no form of this
command.

Source or destination
Uses the local user name database for authentication.
Uses no authentication. Access can be provided without authorization if defined as a specific authentication method.
Uses the list of all RADIUS servers for authentication.

Console (config)#
ip http authentication radius local
Syntax

ip https authentication method1 [method2...]

no ip https authentication
l method1 [method2...]—Select at least one method from the following table:


Default Configuration

The local user database is checked. This has the same effect as the ip https authentication local command.

Command Mode

Global Configuration Mode

User Guidelines

The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds
even if all methods return an error, specify none as the final method in the command line.

Example

The following is an example of the CLI command.


show authentication methods

Use the authentication methods privilege EXEC command to display information about the authentication methods.

Syntax

show authentication methods

Default Configuration

Source or destination
Uses the local user name database for authentication.
Uses no authentication. Access can be provided without authorization if defined as a specific authentication method.
Uses the list of all RADIUS servers for authentication.

Console (config)#
ip https authentication radius local

This command has no default configuration.

Command Mode

Privileged EXEC Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example displays the authentication configuration.


Console# show authentication methods


Login Authentication Method Lists

---------------------------------

Default: Radius, Local, Line

Console_Login: Line, None


Enable Authentication Method Lists

----------------------------------

Default: Radius, Enable

Console_Enable: Enable, None



Line Login Method List Enable Method List

------- ----------------- -------------------


password

Use the password line configuration command to specify a password on a command line. To remove the password, use the no form of this command.

Syntax

password password [encrypted]

no password
l password—Password for this level, from 1 to 159 characters in length.
l encrypted—Encrypted password to be entered, copied from another device configuration.

Default Configuration

This command has no default configuration.

Command Mode

Line Configuration Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example specifies a password.

Console Console_Login Console_Enable

Telnet Default Default

SSH Default Default


HTTP: Radius, local

HTTPS: Radius, local

Console (config-line)# password
dell

enable password

Use the enable password global configuration command to set a local password to control access to user and privilege levels. To remove the password
requirement, use the no form of this command.

Syntax

enable password [level level ] password [encrypted]

no enable password [ level level ]
l password—Password for this level, from 1 to 159 characters in length.
l level level—Level for which the password applies. If not specified, the level is 15 (Range: 1-15).
l encrypted—Encrypted password entered, copied from another device configuration.

Default Configuration

This command has no default configuration.

Command Mode

Global Configuration Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example sets a local level for a password to control access to user and privilege levels.


username

Use the username global configuration command to establish a user name-based authentication system. To remove a user name, use the no form of this
command.

Syntax


Console (config)# enable password level
15 dell

username name [password password] [privilege level] [encrypted]

no username
l name—The user name.
l password—The user authentication password (Range: 1-159).
l privilege level—Specifies the user level (Range: 1-15).
l encrypted—Encrypted password entered, copied from another device configuration.

Default Configuration

The default privilege level is 1.

Command Mode

Global Configuration Mode

User Guidelines

When creating a user name, the default priority is 1, which does not allow access to the device. A priority of 15 must be specifically set to enable access
to the device.

Example

The following example configures a user with the encrypted password and user level for the system.


show users accounts

The show users accounts privileged EXEC command displays information about the local user database.

Syntax

show users accounts

Default Configuration

This command has no default configuration.

Command Mode

Console (config)# username bob password lee 15
encrypted

Privileged EXEC Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example displays the local users configured with access to the system.


Back to Contents Page


Console#
show users accounts


Username Privilege

--------- ---------

Bob 15

Robert 15
Back to Contents Page

Address Table Commands
Dell™PowerConnect™3324/3348SwitchCLIGuide

bridge address

Use the bridge address interface configuration command to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use
the no form of the bridge address command (using the no form of the command without specifying a MAC address deletes all static MAC addresses belonging
to this VLAN).

Syntax

bridge address mac-address {ethernet interface | port-channel port-channel-number} [permanent | delete-on-reset | delete-on-timeout | secure]

no bridge address [mac-address]
l mac-address—A MAC address.
l interface—An ethernet port.
l port-channel-number—A port-channel number.
l permanent—The address can only deleted by the no bridge address command.
l delete-on-reset—The address is deleted after reset.
l delete-on-timeout—The address is deleted after age out time has expired.
l secure—The address is deleted after the port changes mode to unlock learning (no port security command). This parameter is only available
when the port is in learning locked mode.

Default Configuration

No static addresses are defined. The default mode for an added address is permanent.

Command Mode

Interface Configuration (VLAN) Mode

User Guidelines

There are no user guidelines for this command.

Example

bridge address
bridge aging-time
clear bridge
show bridge address-table
show bridge address-table static
port security
show ports security
bridge multicast filtering
bridge multicast address
bridge multicast forbidden address
bridge multicast forward-all
bridge multicast forbidden forward-all
show bridge multicast address-table
show bridge multicast filtering

The following example adds a permanent static MAC-layer station source address on a port to the bridge table.


bridge aging-time

Use the bridge aging-time global configuration command to set the address table aging time. To restore the default, use the no form of the command.

Syntax

bridge aging-time seconds

no bridge aging-time
l seconds—Time is number of seconds. (Range: 10-5000000 seconds)

Default Configuration

The default is 300 seconds.

Command Mode

Global Configuration Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example sets the bridge aging time.


clear bridge

Use the clear bridge privileged EXEC command to remove any learned entries from the forwarding database.


Console (config-if)# bridge address 168.210.0.10 ethernet 1/e8
permanent

Console (config)# bridge aging-time
250

Syntax

clear bridge

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example clears the bridge tables.


show bridge address-table

Use the show bridge address-table privileged EXEC command to display dynamically created entries in the bridge-forwarding database.

Syntax

show bridge address-table [vlan vlan] [ethernet interface | port-channel port-channel-number]
l vlan—Specific VLAN, such as VLAN 1.
l interface—An ethernet port.
l port-channel-number—A port-channel number.

Default Configuration

This command has no default configuration.

Command Mode


Console#
clear bridge
Privileged EXEC Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example displays all classes of entries in the bridge-forwarding database.


show bridge address-table static

Use the show bridge address-table privileged EXEC command to display statically entered entries in the bridge-forwarding database.

Syntax

show bridge address-table static [vlan vlan] [ethernet interface | port-channel port-channel-number]
l vlan—Specific VLAN, such as VLAN 1.
l interface—An ethernet port.
l port-channel-number—A port-channel number.

Default Configuration

This command has no default configuration.

Console#
show bridge address table


Aging time is 300 sec


vlan mac address port type

---- -------------- ----- -----

1 0060.704C.73FF 5/8 dynamic

1 0060.708C.73FF 5/8 dynamic

200 0010.0D48.37FF 5/9 static

Command Mode

Privileged EXEC Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example displays all classes of entries in the bridge-forwarding database.


port security

Use the port security interface configuration command to disable new address learning on an interface. To enable new address learning, use the no form of
the command.

Syntax

port security [forward | discard | discard-shutdown] [trap seconds]

no port security
l forward—Forwards frames with unlearned source addresses, but does not learn the address.
l discard—Discards frames with unlearned source addresses. This is the default if no option is indicated.
l discard-shutdown—Discards frames with unlearned source addresses. The port is also shut down.
l trap seconds—Sends SNMP traps and defines the minimal amount of time in seconds between two consecutive traps (Range: 1-1,000,000)


Console#
show bridge address table static


Aging time is 300 sec


vlan mac address port type

---- -------------- ----- -----

200 0010.0D48.37FF 5/9 delete-on-reset
Default Configuration

Port security is disabled.

Command Mode

Interface Configuration (Ethernet, port-channel) Mode

User Guidelines

There are no user guidelines for this command.

Example

The following example disables the learning of new addresses on a port. All frames with unlearned source addresses are discarded.


show ports security

Use the show ports security privileged EXEC command to display the port-lock status.

Syntax

show ports security [ethernet interface | port-channel port-channel-number]
l interface—An ethernet port.
l port-channel-number—A port-channel number.

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC Mode

User Guidelines


Console (config)# interface ethernet 1/e8

Console (config-if)#
port security discard

There are no user guidelines for this command.

Example

The following example displays all classes of entries in the port-lock status.


bridge multicast filtering

Use the bridge multicast filtering global configuration command to enable filtering of multicast addresses. To disable filtering of multicast addresses, use the
no form of the command.

Syntax

bridge multicast filtering

no bridge multicast filtering

Default Configuration

Disabled. All multicast addresses are flooded to all ports of the relevant VLAN.

Command Mode

Console # show ports security


Port Action Trap Frequency Counter

---- ----------------- -------- --------- -------

5/7 Discard Enable 100 88

7/8 Discard, Shutdown Disable


Frequency: Trap Frequency

Counter: Number of violations since last trap


Global Configuration Mode

User Guidelines

If multicast routers exist on the VLAN and IGMP snooping is not enabled, use the bridge multicast forward-all command to forward all multicast packets
to the multicast routers.

Example

The following example enables bridge multicast filtering.


bridge multicast address

Use the bridge multicast address interface configuration command to register MAC-layer multicast addresses to the bridge table, and adds static ports to the
group. To unregister the MAC address, use the no form of the bridge multicast address command.

Syntax

bridge multicast address {mac-multicast-address | ip-multicast-address}

bridge multicast address {mac-multicast-address | ip-multicast-address} {add | remove} {ethernet interface-list | port-channel port-channel-number-
list }

no bridge multicast address {mac-multicast-address | ip-multicast-address}
l add—Adds ports to the group.
l remove—Removes ports from the group.
l mac-multicast-address—MAC multicast address.
l ip-multicast-address—IP multicast address.
l interface-list—Separates non-consecutive ethernet ports with a comma and no spaces. A hyphen is used to designate a range of ports.
l port-channel-number-list—Separates non-consecutive port-channels with a comma and no spaces. A hyphen is used to designate a range of
ports.

Default Configuration

No multicast addresses are defined.

Command Mode

Interface Configuration (VLAN) Mode


Console (config)#
bridge multicast filtering
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82
  • Page 83 83
  • Page 84 84
  • Page 85 85
  • Page 86 86
  • Page 87 87
  • Page 88 88
  • Page 89 89
  • Page 90 90
  • Page 91 91
  • Page 92 92
  • Page 93 93
  • Page 94 94
  • Page 95 95
  • Page 96 96
  • Page 97 97
  • Page 98 98
  • Page 99 99
  • Page 100 100
  • Page 101 101
  • Page 102 102
  • Page 103 103
  • Page 104 104
  • Page 105 105
  • Page 106 106
  • Page 107 107
  • Page 108 108
  • Page 109 109
  • Page 110 110
  • Page 111 111
  • Page 112 112
  • Page 113 113
  • Page 114 114
  • Page 115 115
  • Page 116 116
  • Page 117 117
  • Page 118 118
  • Page 119 119
  • Page 120 120
  • Page 121 121
  • Page 122 122
  • Page 123 123
  • Page 124 124
  • Page 125 125
  • Page 126 126
  • Page 127 127
  • Page 128 128
  • Page 129 129
  • Page 130 130
  • Page 131 131
  • Page 132 132
  • Page 133 133
  • Page 134 134
  • Page 135 135
  • Page 136 136
  • Page 137 137
  • Page 138 138
  • Page 139 139
  • Page 140 140
  • Page 141 141
  • Page 142 142
  • Page 143 143
  • Page 144 144
  • Page 145 145
  • Page 146 146
  • Page 147 147
  • Page 148 148
  • Page 149 149
  • Page 150 150
  • Page 151 151
  • Page 152 152
  • Page 153 153
  • Page 154 154
  • Page 155 155
  • Page 156 156
  • Page 157 157
  • Page 158 158
  • Page 159 159
  • Page 160 160
  • Page 161 161
  • Page 162 162
  • Page 163 163
  • Page 164 164
  • Page 165 165
  • Page 166 166
  • Page 167 167
  • Page 168 168
  • Page 169 169
  • Page 170 170
  • Page 171 171
  • Page 172 172
  • Page 173 173
  • Page 174 174
  • Page 175 175
  • Page 176 176
  • Page 177 177
  • Page 178 178
  • Page 179 179
  • Page 180 180
  • Page 181 181
  • Page 182 182
  • Page 183 183
  • Page 184 184
  • Page 185 185
  • Page 186 186
  • Page 187 187
  • Page 188 188
  • Page 189 189
  • Page 190 190
  • Page 191 191
  • Page 192 192
  • Page 193 193
  • Page 194 194
  • Page 195 195
  • Page 196 196
  • Page 197 197
  • Page 198 198
  • Page 199 199
  • Page 200 200
  • Page 201 201
  • Page 202 202
  • Page 203 203
  • Page 204 204
  • Page 205 205
  • Page 206 206
  • Page 207 207
  • Page 208 208
  • Page 209 209
  • Page 210 210
  • Page 211 211
  • Page 212 212
  • Page 213 213
  • Page 214 214
  • Page 215 215
  • Page 216 216
  • Page 217 217
  • Page 218 218
  • Page 219 219
  • Page 220 220
  • Page 221 221
  • Page 222 222
  • Page 223 223
  • Page 224 224
  • Page 225 225
  • Page 226 226
  • Page 227 227
  • Page 228 228
  • Page 229 229
  • Page 230 230
  • Page 231 231
  • Page 232 232
  • Page 233 233
  • Page 234 234
  • Page 235 235
  • Page 236 236
  • Page 237 237
  • Page 238 238
  • Page 239 239
  • Page 240 240
  • Page 241 241
  • Page 242 242
  • Page 243 243
  • Page 244 244
  • Page 245 245
  • Page 246 246
  • Page 247 247
  • Page 248 248
  • Page 249 249
  • Page 250 250
  • Page 251 251
  • Page 252 252
  • Page 253 253
  • Page 254 254
  • Page 255 255
  • Page 256 256

Dell PowerConnect 3324 Owner's manual

Type
Owner's manual

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI