Ruckus Brocade Mobility RFS4000, RFS6000 And RFS7000 CLI Reference Guide, 5.3.0.0 RFS Controller Guide 5300 Cliguide
Mobility 5.3.0.0 RFS Controller CLI Reference Guide mobility-5300-controller-cliguide
2017-05-10
User Manual: Ruckus Mobility 5.3.0.0 RFS Controller CLI Reference Guide
Open the PDF directly: View PDF 
.
Page Count: 928
| Download | |
| Open PDF In Browser | View PDF |
53-1002619-01 14 May 2012 Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide Supporting software release 5.3.0.0 and later ® Copyright © 2012 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, MLX, SAN Health, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government. The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it. The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd. Brocade Communications Systems, Incorporated Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax: +8620 3891 2111 E-mail: china-info@brocade.com Document History Title Publication number Summary of changes Date Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002313-01 New document June 2011 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002486-01 New Additions for software version 5.2.0.0 November 2011 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 New Additions for software version 5.3.0.0 May 2012 Contents About This Guide In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xix Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxii Chapter 1 Introduction In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 CLI Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Getting Context Sensitive Help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Using the No Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Basic Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Using CLI Editing Features and Shortcuts . . . . . . . . . . . . . . . . . . . . . . 6 Moving the Cursor on the Command Line . . . . . . . . . . . . . . . . . . 7 Completing a Partial Command Name . . . . . . . . . . . . . . . . . . . . . 7 Command Output pagination . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Creating Profiles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Change the default profile by creating vlan 150 and mapping to ge3 Physical interface . . . . . . . . . . . . . . . . . . . . . . . . 9 Remote Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Chapter 2 User Exec Mode Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 iii User Exec Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 ap-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 change-passwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 crypto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 exit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 mint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 time-it . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 watch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Chapter 3 Privileged EXEC Mode Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 iv Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 Privileged Exec Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 ap-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 archive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 boot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 cd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 change-passwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 configure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64 copy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 crypto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 diff. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 dir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 edit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 exit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 halt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 join-cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 mkdir. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 mint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 more . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 pwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 rename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 rmdir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 self . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100 time-it . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 upgrade-abort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103 watch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Chapter 4 Global Configuration Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 v Global Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . .106 aaa-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 aaa-tacacs-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109 advanced-wips-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 br300 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 br650 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111 br6511 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 br71xx . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 association-acl-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113 auto-provisioning-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114 captive portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129 critical-resource-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 customize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133 device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139 device-categorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 dhcp-server-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 dns-whitelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 do . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159 event-system-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159 firewall-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179 host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179 ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180 l2tpv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181 mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182 management-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183 mint-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184 nac-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189 password-encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190 profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191 radio-qos-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194 radius-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194 radius-server-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195 radius-user-pool-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196 rf-domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196 rfs4000. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213 rfs6000. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213 rfs7000. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214 role-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214 self . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215 smart-rf-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216 wips-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216 wlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 wlan-qos-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252 Chapter 5 Common Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255 vi Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 Common Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255 clrscr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255 commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257 exit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .258 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262 revert. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264 service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290 write . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291 Chapter 6 Show Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 vii show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295 adoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .298 advanced-wips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300 ap-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302 boot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303 captive-portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304 cdp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306 clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308 cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .311 critical-resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312 crypto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313 debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315 debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317 device-categorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 event-history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 event-system-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320 file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321 firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327 ip-access-list-stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333 l2tpv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .334 licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336 lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337 mac-access-list-stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338 mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339 mint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340 noc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342 ntp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344 password-encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345 power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346 pppoe-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347 privilege . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348 remote-debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348 reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349 rf-domain-manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350 role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350 running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .351 session-changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355 session-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355 sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .356 smart-rf. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357 spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359 startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362 terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363 timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363 upgrade-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364 version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .365 viii Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .366 what . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .367 wireless. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368 wwan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377 Chapter 7 Profiles In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 ix Creating Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380 ap-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .381 br300 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .382 arp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .383 auto-learn-staging-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384 autoinstall. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .385 bridge commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .386 cdp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .396 cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .397 configuration-persistence . . . . . . . . . . . . . . . . . . . . . . . . . . . . .399 controller. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .400 critical-resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402 crypto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404 Crypto-auto-ipsec-secure Commands. . . . . . . . . . . . . . . . . . . .409 crypto-ikev1 policy commands . . . . . . . . . . . . . . . . . . . . . . . . .412 crypto-ikev1-peer commands . . . . . . . . . . . . . . . . . . . . . . . . . . 416 crypto map commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421 dscp-mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .427 email-notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .428 enforce-version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .430 events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431 ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .432 l2tpv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436 nat-pool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .438 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .440 Interface Config Instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . .442 Interface vlan Instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .458 led . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .466 legacy-auto-downgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .467 legacy-auto-update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .468 lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .468 load-balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .469 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475 mint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476 misconfiguration-recovery-time . . . . . . . . . . . . . . . . . . . . . . . .479 monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480 neighbor-inactivity-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . .481 neighbor-info-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482 noc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485 ntp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485 preferred-controller-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . .487 preferred-tunnel-controller . . . . . . . . . . . . . . . . . . . . . . . . . . . .488 power-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .489 router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .490 rf-domain-manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .491 spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .492 tunnel-controller. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .494 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .495 vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .497 x Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 wep-shared-key-auth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501 Device Specific Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .501 area. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505 channel-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506 contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506 country-code. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507 dhcp-redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .508 floor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509 hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 layout-coordinates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .511 mac-name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .512 neighbor-info-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .513 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 override-wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517 remove-override . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .518 rsa-key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .519 sensor-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520 stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .521 timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .522 trustpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .523 Chapter 8 AAA-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525 aaa-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525 accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .526 authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .529 health-check. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533 mac-address-format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .534 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .535 server-pooling-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .537 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .538 Chapter 9 Auto-Provisioning-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .541 auto-provisioning-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542 adopt. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .542 default-adoption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .545 deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .545 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .548 Chapter 10 Advanced-WIPS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .551 advanced-wips-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .551 event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .552 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .557 server-listen-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .560 terminate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .560 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .561 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xi Chapter 11 Association-ACL-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563 association-acl-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .563 deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .564 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .565 permit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .567 Chapter 12 Access-list In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .569 ip-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .570 deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .570 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .575 permit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .580 mac-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .585 deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .585 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .588 permit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590 Chapter 13 DHCP-Server-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593 dhcp-server-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .594 bootp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .594 dhcp-class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .595 dhcp-pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .598 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .628 option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .629 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .630 Chapter 14 Firewall-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .633 firewall-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .634 alg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .635 clamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .635 dhcp-offer-convert. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .636 dns-snoop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .637 firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .637 flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .638 ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .640 ip-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .645 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .647 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .648 proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .655 stateful-packet-inspection-12 . . . . . . . . . . . . . . . . . . . . . . . . . .655 storm-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .656 virtual-defragmentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .658 Chapter 15 MiNT-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .659 xii Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 mint-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .659 level. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .660 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .661 udp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .662 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .662 Chapter 16 Management-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .665 management-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .666 aaa-login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .666 banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .668 ftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .669 http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .670 https . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 idle-session-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .672 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .673 restrict-access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .675 snmp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .677 ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .681 telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .681 user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .682 Chapter 17 RADIUS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .685 radius-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .685 guest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .686 policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .687 rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .689 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .689 radius-server-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .691 authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .692 crl-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .693 ldap-group-verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .694 ldap-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .694 local. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .696 nas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .697 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .698 proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .700 session-resumption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .702 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .702 radius-user-pool-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .703 user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .704 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .705 Chapter 18 Radio-QoS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .707 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xiii radio-qos-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .707 accelerated-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .708 admission-control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .709 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711 wmm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 Chapter 19 Role-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715 role-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715 default-role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 user-role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719 Chapter 20 Smart-RF-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .733 smart-rf-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .733 assignable-power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .734 auto-assign-sensor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .735 channel-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .736 channel-width. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .737 coverage-hole-recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .737 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .739 group-by . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 740 interference-recovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741 neighbor-recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744 sensitivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745 smart-ocs-monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746 Chapter 21 WIPS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751 wips-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .751 ap-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .752 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .753 event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .754 history-throttle-duration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .757 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .757 signature. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .773 Chapter 22 WLAN-QoS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .775 xiv Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 wlan-qos-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 776 accelerated-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 776 classification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .777 multicast-mask. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .779 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .780 qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .782 rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .783 svp-prioritization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .784 voice-prioritization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .785 wmm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .786 Chapter 23 Interface-Radio Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .791 interface-radio Instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .792 ack-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .793 aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .794 airtime-fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .796 antenna-gain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .797 antenna-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .798 beacon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .799 channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .800 data-rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .801 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .803 dynamic-chain-selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .804 guard-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .804 lock-rf-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .805 max-clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .806 mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .807 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .808 non-unicast. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .811 off-channel-scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .812 placement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .814 power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .814 preamble-short. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .815 probe-response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .816 radio-tap-mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817 rf-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817 rifs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .818 rts-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .819 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .820 sniffer-redirect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .821 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .821 wireless-client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .822 wlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .823 Chapter 24 Firewall Logging In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .825 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xv Firewall Log Terminology and Syslog Severity Levels . . . . . . . . . . .826 Date format in Syslog messages . . . . . . . . . . . . . . . . . . . . . . .826 FTP data connection log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .827 UDP packets log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .827 ICMP type logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .828 ICMP type logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829 Raw IP Protocol logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .829 Raw IP Protocol logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .830 Firewall startup log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .831 Manual time change log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832 Firewall ruleset log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .832 TCP Reset Packets log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .834 ICMP Destination log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .834 ICMP Packet log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .835 SSH connection log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .835 Allowed/Dropped Packets Log . . . . . . . . . . . . . . . . . . . . . . . . .836 Chapter 25 L2TPV3-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .837 l2tpv3-policy-commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .838 cookie-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .838 hello-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .839 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .840 reconnect-attempts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .841 reconnect-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .842 retry-attempts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .843 retry-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .844 rx-window-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .844 tx-window-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .845 l2tpv3-tunnel-commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .846 hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .847 local-ip-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .847 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .848 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .849 peer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .850 router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .851 session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .852 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .853 l2tpv3-manual-session-commands . . . . . . . . . . . . . . . . . . . . . . . . .854 local-cookie. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .855 local-ip-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .856 local-session-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .857 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .858 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .859 peer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .860 remote-cookie . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861 remote-session-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .862 traffic-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .863 Chapter 26 xvi Router-Mode Commands Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865 router-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .866 area. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .866 auto-cost. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .867 default-information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .868 ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .868 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .869 ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .869 passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .870 redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .870 route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871 router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .872 vrrp-state-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .873 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .873 OSPF-area-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 874 Chapter 27 Routing-Policy Commands In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .879 routing-policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .879 apply-to-local-packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .880 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .880 route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .881 route-map-mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .881 use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .886 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .886 Chapter 28 AAA-TACACS-Policy In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .889 aaa-tacacs-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .889 accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .890 authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .892 authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .893 no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .895 Chapter A Controller Managed WLAN Use Case In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .897 Creating a First Controller Managed WLAN. . . . . . . . . . . . . . . . . . .897 Assumptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .897 Design. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .897 Using the Command Line Interface to Configure the WLAN . .898 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xvii xviii Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 About This Guide In this chapter • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix xix xxi xxii Supported hardware and software This guide provides information on using the following Brocade wireless controllers and access points: • • • • • • • Brocade Mobility RFS7000 Controller Brocade Mobility RFS6000 Controller Brocade Mobility RFS4000 Controller Brocade Mobility 71XX Series Access Point Brocade Mobility 300 Access Point Brocade Mobility 650 Access Point Brocade Mobility 6511 Access Point Document Conventions This section describes text formatting conventions and important notice formats used in this document. Text formatting The narrative-text formatting conventions that are used are as follows: Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xix bold text Identifies command names Identifies the names of user-manipulated GUI elements Identifies keywords Identifies text to enter at the GUI or CLI italic text Provides emphasis Identifies variables Identifies document titles code text Identifies CLI output For readability, command names in the narrative portions of this guide are presented in bold; for example, show version. Notes The following notice statement is used in this manual. NOTE A note provides a tip, guidance or advice, emphasizes important information, or provides a reference to related information. Understanding command syntaxVariables are described with a short description enclosed within a ‘<‘ and a ‘>’ pair. For example, the command, RFController>show interface ge 1 is documented as show interface ge • show – The command – Display information • interface – The keyword – The interface • – The variable – ge Index value | The pipe symbol. This is used to separate the variables/keywords in a list. For example, the command RFController> show ..... is documented as show [adoption|advanced-wips|boot|captive-portal|......] where: • show – The command • [adoption|advanced-wips|boot|captive-portal|......] – Indicates the different commands that can be combined with the show command. However, only one of the above list can be used at a time. show adoption ... show advanced-wips ... show boot ... xx Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 [] Of the different keywords and variables listed inside a ‘[‘ & ‘]’ pair, only one can be used. Each choice in the list is separated with a ‘|’ (pipe) symbol. For example, the command RFController# clear ... is documented as clear [arp-cache|cdp|crypto|event-history| firewall|ip|spanning-tree] where: • clear – The command • [arp-cache|cdp|crypto|event-history|firewall|ip|spanning-tree] – Indicates that seven keywords are available for this command and only one can be used at a time {} Any command/keyword/variable or a combination of them inside a ‘{‘ & ‘}’ pair is optional. All optional commands follow the same conventions as listed above. However they are displayed italicized. For example, the command RFController> show adoption .... is documented as show adoption info {on } Here: • show adoption info – The command. This command can also be used as show adoption info • {on } – The optional keyword on . The command can also be extended as show adoption info {on } Here the keyword {on } is optional. command / keyword The first word is always a command. Keywords are words that must be entered as is. Commands and keywords are mandatory. For example, the command, RFController>show wireless is documented as show wireless where: • show – The command • wireless – The keyword Related publications The following Brocade Communications Systems, Inc. documents supplement the information in this guide and can be located at http://www.brocade.com/ethernetproducts. • Brocade Mobility RFS4000, RFS6000 and RFS7000 System Reference Guide - Describes configuration of the Brocade wireless controllers using the Web UI. • Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide (this document) Describes the Command Line Interface (CLI) and Management Information Base (MIB) commands used to configure the Brocade wireless controllers. If you find errors in the guide, send an e-mail to documentation@brocade.com. Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 xxi Getting technical help To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the latest e-mail and telephone contact information. xxii Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 Chapter 1 Introduction In this chapter • CLI Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Getting Context Sensitive Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Using the No Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Using CLI Editing Features and Shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 5 6 6 This chapter describes the commands available using the wireless controller Command Line Interface (CLI). CLI is available for wireless controllers as well as access points (APs). Access the CLI by using: • A terminal emulation program running on a computer connected to the serial port on the wireless controller. The serial port is located on the front of the wireless controller. • A Telnet session through Secure Shell (SSH) over a network. Configuration for connecting to a Wireless Controller using a terminal emulator If connecting through the serial port, use the following settings to configure your terminal emulator: Bits Per Second 19200 Data Bits 8 Parity None Stop Bit 1 Flow Control None When a CLI session is established, complete the following (user input is in bold): login as: administrator’s login password: User Credentials Use the following credentials when logging into a device for the first time: User Name admin Password admin123 When logging into the CLI for the first time, you are prompted to change the password. Examples in this reference guide Examples used in this reference guide are generic to the each supported wireless controller model and AP. Commands that are not common, are identified using the notation “Supported in the following platforms.” For an example, see below: Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 1 Supported in the following platforms: • Brocade Mobility RFS6000 The above example indicates the command is only available for a Brocade Mobility RFS6000 model wireless controller. CLI Overview The CLI is used for configuring, monitoring, and maintaining the wireless controller managed network. The user interface allows you to execute commands on supported wireless controllers and APs, using either a serial console or a remote access method. This chapter describes basic CLI features. Topics covered include an introduction to command modes, navigation and editing features, help features and command history. The CLI is segregated into different command modes. Each mode has its own set of commands for configuration, maintenance and monitoring. The commands available at any given time depend on the mode you are in, and to a lesser extent, the particular model used. Enter a question mark (?) at the system prompt to view a list of commands available for each command mode/instance. Use specific commands to navigate from one command mode to another. The standard order is: USER EXEC mode, PRIV EXEC mode and GLOBAL CONFIG mode. FIGURE 1 Hierarchy of User Modes Command Modes A session generally begins in the USER EXEC mode (one of the two access levels of the EXEC mode). For security, only a limited subset of EXEC commands are available in the USER EXEC mode. This level is reserved for tasks that do not change the wireless controller configuration. rfs7000-37FABE> The system prompt signifies the device name and the last three bytes of the device MAC address. 2 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 To access commands, enter the PRIV EXEC mode (the second access level for the EXEC mode). Once in the PRIV EXEC mode, enter any EXEC command. The PRIV EXEC mode is a superset of the USER EXEC mode. rfs7000-37FABE>enable rfs7000-37FABE# Most of the USER EXEC mode commands are one-time commands and are not saved across wireless controller reboots. Save the command by executing ‘commit’ command. For example, the show command displays the current configuration and the clear command clears the interface. Access the GLOBAL CONFIG mode from the PRIV EXEC mode. In the GLOBAL CONFIG mode, enter commands that set general system characteristics. Configuration modes, allow you to change the running configuration. If you save the configuration later, these commands are stored across wireless controller reboots. Access a variety of protocol specific (or feature-specific) modes from the global configuration mode. The CLI hierarchy requires you to access specific configuration modes only through the global configuration mode. rfs7000-37FABE# configure terminal Enter configuration commands, one per line. rfs7000-37FABE(config)# End with CNTL/Z. You can also access sub-modes from the global configuration mode. Configuration sub-modes define specific features within the context of a configuration mode. rfs7000-37FABE(config)# aaa-policy test rfs7000-37FABE(config-aaa-policy-test)# Table 1 summarizes available wireless controller commands TABLE 1 Wireless Controller modes and commands User Exec Mode Priv Exec Mode Global Configuration Mode ap-upgrade ap-upgrade aaa-policy change-passwd archive advanced-wips-policy boot br300 cluster change-passwd br650 commit clear br6511 debug commit br71xx disable configure association-acl-policy enable connect auto-provisioning-policy help copy captive-portal logging crypto clear mint debug critical-resource-policy no delete customize page diff device ping dir device-categorization remote-debug disable dhcp-sever-policy revert edit dns-whitelist clear Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 3 1 TABLE 1 Wireless Controller modes and commands User Exec Mode Priv Exec Mode Global Configuration Mode service enable event-system-policy show erase firewall-policy ssh format help telnet halt host terminal help igmp-snoop-policy time-it logging ip traceroute mint mac watch mkdir management-policy write more mint-policy clrscr no nac-list exit page no ping password-encryption pwd profile reload radio-qos-policy remote-debug radius-group rename radius-server-policy revert radius-user-pool-policy rmdir rf-domain self rfs4000 service rfs6000 show rfs7000 ssh role-policy telnet self terminal smart-rf-policy time-it wips-policy traceroute wlan upgrade wlan-qos-policy upgrade-abort write watch clrscr write commit clrscr do exit end exit revert service show 4 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 Getting Context Sensitive Help Enter a question mark (?) at the system prompt to display a list of commands available for each mode. Obtain a list of arguments and keywords for any command using the CLI context-sensitive help. Use the following commands to obtain help specific to a command mode, command name, keyword or argument: Command Description (prompt)# help Displays a brief description of the help system (prompt)# abbreviated-command-entry? Lists commands in the current mode that begin with a particular character string (prompt)# abbreviated-command-entry Completes a partial command name (prompt)# ? Lists all commands available in the command mode (prompt)# command ? Lists the available syntax options (arguments and keywords) for the command (prompt)# command keyword ? Lists the next available syntax option for the command NOTE The system prompt varies depending on which configuration mode your in. NOTE Enter Ctrl + V to use ? as a regular character and not as a character used for displaying context sensitive help. This is required when the user has to enter a URL that ends with a ? NOTE The escape character used through out the CLI is “\”. To enter a "\" use "\\" instead. When using context-sensitive help, the space (or lack of a space) before the question mark (?) is significant. To obtain a list of commands that begin with a particular sequence, enter the characters followed by a question mark (?). Do not include a space. This form of help is called word help, because it completes a word. rfs7000-37FABE#service? service Service Commands rfs7000-37FABE#service Enter a question mark (?) (in place of a keyword or argument) to list keywords or arguments. Include a space before the “?”. This form of help is called command syntax help. It shows the keywords or arguments available based on the command/keyword and argument already entered. rfs7000-37FABE>service ? advanced-wips Advanced WIPS service commands clear Clear cli-tables-expand Expand the cli-table in drapdown format cli-tables-skin Choose a formatting layout/skin for CLI tabular outputs cluster Cluster Protocol locator Enable leds flashing on the device pktcap Start packet capture radio Radio parameters show Show running system information smart-rf Smart-RF Management Commands Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 5 1 traceroute Trace route to destination wireless Wireless commands rfs7000-37FABE>service It’s possible to abbreviate commands and keywords to allow a unique abbreviation. For example, “configure terminal” can be abbreviated as config t. Since the abbreviated command is unique, the wireless controller accepts the abbreviation and executes the command. Enter the help command (available in any command mode) to provide the following description: rfs7000-37FABE>help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. Two styles of help are provided: 1. Full help is available when you are ready to enter a command argument (e.g. 'show ?') and describes each possible argument. 2. Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input (e.g. 'show ve?'.) Using the No Command Almost every command has a no form. Use no to disable a feature or function or return it to its default value. Use the command without the no keyword to re-enable a disabled feature. Basic Conventions Keep the following conventions in mind while working within the wireless controller CLI: • Use ? at the end of a command to display available sub-modes. Type the first few characters of the sub-mode and press the tab key to add the sub-mode. Continue using ? until you reach the last sub-mode. • Pre-defined CLI commands and keywords are case-insensitive: cfg = Cfg = CFG. However (for clarity), CLI commands and keywords are displayed (in this guide) using mixed case. For example, apPolicy, trapHosts, channelInfo. • Enter commands in uppercase, lowercase, or mixed case. Only passwords are case sensitive. Using CLI Editing Features and Shortcuts A variety of shortcuts and edit features are available. The following describe these features: • Moving the Cursor on the Command Line • Completing a Partial Command Name • Command Output pagination 6 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 Moving the Cursor on the Command Line Table 2 on page 7 Shows the key combinations or sequences to move the command line cursor. Ctrl defines the control key, which must be pressed simultaneously with its associated letter key. Esc means the escape key (which must be pressed first), followed by its associated letter key. Keys are not case sensitive. Specific letters are used to provide an easy way of remembering their functions. In Table 2 on page 7, bold characters indicate the relation between a letter and its function. TABLE 2 Keystrokes Details Keystrokes Function Summary Function Details Left Arrow or Ctrl-B Back character Moves the cursor one character to the left When entering a command that extends beyond a single line, press the Left Arrow or Ctrl-B keys repeatedly to move back to the system prompt. Right Arrow or Ctrl-F Forward character Moves the cursor one character to the right Esc- B Back word Moves the cursor back one word Esc- F Forward word Ctrl-A Beginning of line Moves the cursor to the beginning of the command line Ctrl-E End of line Moves the cursor to the end of the command line Moves the cursor forward one word Ctrl-D Deletes the current character Ctrl-U Deletes text up to cursor Ctrl-K Deletes from the cursor to end of the line Ctrl-P Obtains the prior command from memory Ctrl-N Obtains the next command from memory Esc-C Converts the letter at the cursor to uppercase Esc-L Converts the letter at the cursor to lowercase Esc-D Deletes the remainder of a word Ctrl-W Deletes the word up to the cursor Ctrl-Z Returns to the root prompt Ctrl-T Transposes the character to the left of the cursor with the character located at the cursor Ctrl-L Clears the screen Completing a Partial Command Name If you cannot remember a command name (or if you want to reduce the amount of typing you have to perform), enter the first few letters of a command, then press the Tab key. The command line parser completes the command if the string entered is unique to the command mode. If your keyboard does not have a Tab key, press Ctrl-L. The CLI recognizes a command once you have entered enough characters to make the command unique. If you enter “conf” within the privileged EXEC mode, the CLI associates the entry with the configure command, since only the configure command begins with conf. Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 7 1 In the following example, the CLI recognizes a unique string in the privileged EXEC mode when the Tab key is pressed: rfs7000-37FABE# conf rfs7000-37FABE# configure When using the command completion feature, the CLI displays the full command name. The command is not executed until the Return or Enter key is pressed. Modify the command if the full command was not what you intended in the abbreviation. If entering a set of characters (indicating more than one command), the system lists all commands beginning with that set of characters. Enter a question mark (?) to obtain a list of commands beginning with that set of characters. Do not leave a space between the last letter and the question mark (?). For example, entering U lists all commands available in the current command mode: rfs7000-37FABE# co? commit Commit all changes made in this session configure Enter configuration mode connect Open a console connection to a remote device copy Copy from one file to another rfs7000-37FABE# co NOTE The characters entered before the question mark are reprinted to the screen to complete the command entry. Command Output pagination Output often extends beyond the visible screen length. For cases where output continues beyond the screen, the output is paused and a --More-- prompt displays at the bottom of the screen. To resume the output, press the Enter key to scroll down one line or press the Spacebar to display the next full screen of output. Creating Profiles Profiles are sort of a ‘template’ representation of configuration. The system has: • a default wireless controller profile • a default profile for each of the following APs: • Brocade Mobility 650 Access Point • Brocade Mobility 6511 Access Point • Brocade Mobility 7131 Access Point To modify the default profile to assign an IP address to the management port: rfs7000-37FABE(config)#profile rfs7000 default-rfs-7000 rfs7000-37FABE(config-profile-default-rfs-7000)#interface me1 rfs7000-37FABE(config-profile-default-rfs-7000-if-me1)#ip address 172.16.10.2/24 rfs7000-37FABE(config-profile-default-rfs-7000-if-me1)#commit rfs7000-37FABE(config-profile-default-rfs-7000)#exit rfs7000-37FABE(config)# The following command displays default br7131 profile: 8 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 rfs7000-37FABE(config)#profile br7131 default-br7131 rfs7000-37FABE(config-profile-default-br7131)#show context Change the default profile by creating vlan 150 and mapping to ge3 Physical interface Logon to the wireless controller in config mode and follow the procedure below: rfs7000-37FABE(config-profile-default-rfs7000)# interface vlan 150 rfs7000-37FABE(config-profile-default-rfs7000-if-vlan150)# ip address 192.168.150.20/24 rfs7000-37FABE(config-profile-default-rfs7000-if-vlan150)# exit rfs7000-37FABE(config-profile-default-rfs7000)# interface ge 3 rfs7000-37FABE(config-profile-default-rfs7000-if-ge3)# switchport access vlan 150 rfs7000-37FABE(config-profile-default-rfs7000-if-ge3)# commit write [OK] rfs7000-37FABE(config-profile-default-rfs7000-if-ge3)# show interface vlan 150 Interface vlan150 is UP Hardware-type: vlan, Mode: Layer 3, Address: 00-15-70-37-FA-BE Index: 8, Metric: 1, MTU: 1500 IP-Address: 192.168.150.20/24 input packets 43, bytes 12828, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0 output packets 0, bytes 0, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 Viewing Configured APs To view previously configured APs, enter the following command: rfs7000-37FABE(config)#show wireless ap configured Remote Administration A terminal server may function in remote administration mode if either the terminal services role is not installed on the machine or the client used to invoke the session has enabled the admin wireless controller. • A terminal emulation program running on a computer connected to the serial port on the wireless controller. The serial port is located on the front of the wireless controller. • A Telnet session through a Secure Shell (SSH) over a network. The Telnet session may or may not use SSH depending on how the wireless wireless controller is configured. Brocade recommends using SSH for remote administration tasks. Configuring Telnet for Management Access Login through the serial console. Perform the following: A session generally begins in the USER EXEC mode (one of the two access levels of the EXEC mode). Access the GLOBAL CONFIG mode from the PRIV EXEC mode. rfs7000-37FABE> en Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 9 1 rfs7000-37FABE# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Go to ‘default-management-policy’ mode. rfs7000-37FABE(config)# management-policy ? rfs7000-37FABE(config)# management-policy default rfs7000-37FABE(config-management-policy-default)# Enter Telnet and the port number at the command prompt. The port number is optional. The default port is 23. Commit the changes after every command. Telnet is enabled. rfs7000-37FABEconfig-management-policy-default)# telnet rfs7000-37FABE(config-management-policy-default)# commit write Connect to the wireless wireless controller through Telnet using its configured IP address. Use the following credentials when logging on to the device for the first time: User Name admin Password admin123 When logging into the wireless controller for the first time, you are prompted to change the password. To change user credentials: Enter the username, password, role and access details rfs7000-37FABE(config-management-policy-default)# user testuser password symbol role helpdesk access all rfs7000-37FABE(config-management-policy-default)# commit rfs7000-37FABE(config-management-policy-default)# show context management-policy default telnet http server ssh user admin password 1 c9745a77bb8663fbe9422c0bab93087208e68c40add8edd0a3b4a985aa96a682 role superuser access all user testuser password 1 fd6af6a0e74ede3fc4bd54519e4864b078554aa2d97a623eedefae2ede682c13 role helpdesk access all rfs7000-37FABE(config-management-policy-default)# show context include-factory management-policy default secure-management telnet port 23 http server no https server no ftp ssh port 22 user admin password 1 c9745a77bb8663fbe9422c0bab93087208e68c40add8edd0a3b4a985aa96a682 role superuser access all user testuser password 1 fd6af6a0e74ede3fc4bd54519e4864b078554aa2d97a623eedefae2ede682c13 role helpdesk access all snmp-server manager v2 snmp-server manager v3 10 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 1 no snmp-server enable traps rfs7000-37FABE(config-management-policy-default)# rfs7000-37FABE(config-management-policy-default)# user testuser password symbol role helpdesk access all ? Logon to the Telnet console and provide the user details configured in the previous step to access the wireless controller. Brocade Mobility RFS7000 release 5.2.0.0-048B rfs7000-37FABE login: testuser Password: Welcome to CLI Starting CLI... rfs7000-37FABE> Configuring ssh By default, SSH is enabled from the factory settings on the wireless controller. The wireless controller requires an IP address and login credentials. To enable SSH access in the default profile, login through the serial console. Perform the following: Access the GLOBAL CONFIG mode from the PRIV EXEC mode. rfs7000-37FABE> en rfs7000-37FABE# configure Enter configuration commands, one per line. rfs7000-37FABE> en rfs7000-37FABE# configure Enter configuration commands, one per line. End with CNTL/Z. End with CNTL/Z. Go to ‘default-management-policy’ mode. rfs7000-37FABE(config)# management-policy default rfs7000-37FABE(config-management-policy-default)# Enter SSH at the command prompt. rfs7000-37FABE(config-management-policy-default)# ssh Log into the wireless wireless controller through SSH using appropriate credentials. Use the following credentials when logging on to the device for the first time: User Name admin Password admin123 When logging into the wireless controller for the first time, you are prompted to change the password. • To change the user credentials: Brocade Mobility RFS7000 release 5.2.0.0-048B rfs7000-37FABE login: testuser Password: Welcome to CLI Starting CLI... rfs7000-37FABE> Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 11 1 12 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 Chapter User Exec Mode Commands 2 In this chapter • User Exec Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Logging in to the wireless controller places you within the USER EXEC command mode. Typically, a login requires a user name and password. You have three login attempts before the connection attempt is refused. USER EXEC commands (available at the user level) are a subset of the commands available at the privileged level. In general, USER EXEC commands allow you to connect to remote devices, perform basic tests and list system information. To list available USER EXEC commands, use? at the command prompt. The USER EXEC prompt consists of the device host name followed by an angle bracket (>). rfs7000-37FABE? User Exec commands: ap-upgrade AP firmware upgrade change-passwd Change password clear Clear clock Configure software system clock cluster Cluster commands commit Commit all changes made in this session connect Open a console connection to a remote device crypto Encryption related commands debug Debugging functions disable Turn off privileged mode command enable Turn on privileged mode command help Description of the interactive help system logging Modify message logging facilities mint MiNT protocol no Negate a command or set its defaults page Toggle paging ping Send ICMP echo messages remote-debug Troubleshoot remote system(s) revert Revert changes service Service Commands show Show running system information ssh Open an ssh connection telnet Open a telnet connection terminal Set terminal line parameters time-it Check how long a particular command took between request and completion of response traceroute Trace route to destination watch Repeat the specific CLI command at a periodic interval write Write running configuration to memory or terminal clrscr exit rfs7000-37FABE> Clears the display screen Exit from the CLI Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 13 2 User Exec Commands Table 3 summarizes User Exec Mode commands TABLE 3 User Exec Mode Commands Command Description Reference ap-upgrade Enables an automatic adopted AP firmware upgrade page 2-14 change-passwd Changes the password of a logged user page 2-14 clear Resets the last saved command page 2-19 clock Configures the system clock page 2-22 cluster Accesses the cluster context page 2-23 connect Establishes a console connection to a remote device page 2-23 crypto Enables encryption page 2-24 disable Turns off (disables) the privileged mode command set page 2-35 enable Turns on (enables) the privileged mode command set page 2-35 logging Modifies message logging facilities page 2-36 mint Configures MiNT protocol page 2-37 no Negates a command or sets its default value page 2-39 page Toggles to the wireless controller paging function page 2-42 ping Sends ICMP echo messages to a user-specified location page 2-42 ssh Opens an SSH connection between two network devices page 2-43 telnet Opens a Telnet session page 2-44 terminal Sets the length/number of lines displayed within the terminal window page 2-44 time-it Verifies the time taken by a particular command between request and response page 2-45 traceroute Traces the route to its defined destination page 2-46 watch Repeats a specific CLI command at a periodic interval page 2-47 clrscr Clears the display screen page 5-255 commit Commits (saves) changes made in the current session page 5-256 exit Ends the current mode and moves to the previous mode page 5-257 help Displays the interactive help system page 5-258 revert Reverts changes to their last saved configuration page 5-264 service Invokes service commands to troubleshoot or debug (config-if) instance configurations page 5-265 show Displays running system information page 6-295 write Writes information to memory or terminal page 5-291 ap-upgrade User Exec Commands 14 Brocade Mobility RFS4000, RFS6000, and RFS7000 CLI Reference Guide 53-1002619-01 2 Enables an automatic firmware upgrade on an adopted AP or a set of APs. APs of the same type can be upgraded together. Once APs have been upgraded, they can be forced to reboot. This command also loads the firmware on to the wireless controller. The AP upgrade command also upgrades APs in a specified RF Domain. Supported in the following platforms: • • • • • • • Brocade Mobility 300 Access Point Brocade Mobility 650 Access Point Brocade Mobility 6511 Access Point Brocade Mobility 71XX Access Point Brocade Mobility RFS4000 Brocade Mobility RFS6000 Brocade Mobility RFS7000 Syntax: ap-upgrade [ |all|br650|br6511| br71xx|cancel-upgrade|load-image|rf-domain] ap-upgrade [ |all] {no-reboot|reboot-time