Biz Box ルータ 「N1200」 コマンドリファレンス

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16 A account threshold.......................... 59 account threshold pp....................... 59 administrator.........................26, 232 administrator password..................... 38 administrator password encrypted............ 38 alarm entire.............................. 56 alarm http revision-up...................... 56 alarm http upload......................... 231 alarm sd................................. 56 alarm startup............................. 56 alarm usbhost............................. 56 auth user................................ 143 auth user attribute........................ 143 auth user group.......................... 144 auth user group attribute.................. 144 B bgp aggregate........................... 195 bgp aggregate filter....................... 195 bgp autonomous-system................... 195 bgp configure refresh...................... 197 bgp export.............................. 196 bgp export aspath........................ 196 bgp export filter.......................... 197 bgp import.............................. 197 bgp import filter.......................... 198 bgp log................................. 199 bgp neighbor............................ 198 bgp preference........................... 196 bgp router id............................ 196 bgp use................................. 195 C clear account............................ 235 clear account pp.......................... 235 clear arp................................ 236 clear diagnosis config port.................. 257 clear dns cache........................... 236 clear inarp............................... 236 clear ip dynamic routing................... 236 clear ipv6 dynamic routing................. 237 clear ipv6 neighbor cache.................. 237 clear log................................ 236 clear nat descriptor dynamic................ 236 clear nat descriptor interface dynamic........ 236 clear nat descriptor interface dynamic pp...... 236 clear nat descriptor interface dynamic tunnel.. 236 clear switching-hub macaddress............. 241 clear url filter............................ 242 clear url filter pp.......................... 242 clear url filter tunnel....................... 242 cold start................................ 235 connect................................. 238 console character.......................26, 43 console columns........................... 43 console info.............................. 43 console lines.............................. 43 console prompt............................ 42 cooperation..........................181, 185 cooperation bandwidth-measuring remote..... 181 cooperation load-watch control.............. 185 cooperation load-watch remote.............. 183 cooperation load-watch trigger.............. 184 cooperation port.......................... 181 copy config.............................. 233 copy exec............................... 234 D date..................................... 42 delete config............................. 234 delete exec.............................. 234 description............................... 50 dhcp client client-identifier................. 126 dhcp client client-identifier pool............. 126 dhcp client client-identifier pp............... 126 dhcp client hostname...................... 124 dhcp client hostname pool................. 124 dhcp client hostname pp................... 124 dhcp client option........................ 126 dhcp client option pool.................... 126 dhcp client option pp...................... 126 dhcp convert lease to bind................. 122 dhcp duplicate check...................... 118 dhcp manual lease........................ 123 dhcp manual release...................... 123 dhcp relay select.......................... 124 dhcp relay server......................... 124 dhcp relay threshold...................... 124 dhcp scope.............................. 119 dhcp scope bind.......................... 119 dhcp scope lease type..................... 121 dhcp scope option........................ 123 dhcp server rfc2131 compliant.............. 118 dhcp service............................. 117 diagnose config port access................. 256 diagnose config port map.................. 256 diagnosis config port history-num............ 257 diagnosis config port max-detect............ 257 disconnect............................ 26, 238 disconnect ip connection................... 240 disconnect ipv6 connection................. 240 disconnect user............................ 41 dns cache max entry...................... 174 dns cache use............................ 174 dns domain.............................. 170 dns host................................ 174 dns notice order.......................... 171 dns private address spoof.................. 171 dns server............................... 170 dns server dhcp.......................... 125 dns server pp............................ 171 dns server select.......................... 172 dns service.............................. 170 dns srcport.............................. 173 dns static................................ 173 dns syslog resolv......................... 172 E ethernet filter............................. 99 ethernet interface filter.................... 100 execute batch............................ 229 exit.................................... 232 external-memory auto-search time........... 228

17 external-memory batch filename.............229 external-memory boot permit................226 external-memory config filename.............228 external-memory config filename off..........228 external-memory exec filename..............227 external-memory exec filename off............227 external-memory statistics filename prefix......225 external-memory syslog filename.............226 F fr cir.....................................68 fr compression use..........................69 fr congestion control........................69 fr de.....................................70 fr dlci....................................68 fr inarp...................................69 fr lmi.....................................68 fr pp dequeue type.........................69 H heartbeat pre-shared-key....................222 heartbeat receive..........................222 heartbeat send............................222 help.....................................37 http revision-down permit....................53 http revision-up go........................242 http revision-up permit......................52 http revision-up proxy.......................52 http revision-up timeout.....................52 http revision-up url.........................52 http upload..............................230 http upload go............................231 http upload permit........................230 http upload proxy.........................231 http upload retry interval...................231 http upload timeout.......................231 http upload url............................230 httpd host...............................215 httpd listen...............................215 httpd service.............................215 httpd timeout.............................215 I interface reset............................238 interface reset pp..........................238 ip arp timer...............................82 ip filter...................................74 ip filter directed-broadcast...................76 ip filter dynamic............................76 ip filter dynamic timer.......................77 ip filter set................................75 ip filter source-route........................76 ip flow timer...............................97 ip forward filter............................98 ip fragment remove df-bit filter................81 ip host..................................173 ip icmp echo-reply send.....................127 ip icmp echo-reply send-only-linkup...........127 ip icmp error-decrypted-ipsec send............129 ip icmp log...............................129 ip icmp mask-reply send....................127 ip icmp parameter-problem send.............127 ip icmp redirect receive.....................128 ip icmp redirect send.......................128 ip icmp time-exceeded send.................128 ip icmp timestamp-reply send................128 ip icmp unreachable send...................128 ip implicit-route preference...................97 ip interface address.........................71 ip interface arp queue length.................83 ip interface arp static........................83 ip interface dhcp lease time.................125 ip interface dhcp retry......................125 ip interface forward filter....................98 ip interface intrusion detection................78 ip interface intrusion detection notice-interval...78 ip interface intrusion detection repeat-control....79 ip interface intrusion detection report..........79 ip interface intrusion detection threshold.......79 ip interface mtu............................72 ip interface nat descriptor...................165 ip interface ospf area.......................192 ip interface ospf neighbor...................194 ip interface proxyarp........................82 ip interface proxyarp vrrp....................82 ip interface rip auth key.....................88 ip interface rip auth key text..................88 ip interface rip auth type.....................88 ip interface rip filter.........................87 ip interface rip force-to-advertise..............91 ip interface rip hop.........................88 ip interface rip receive.......................87 ip interface rip send.........................87 ip interface rip trust gateway.................86 ip interface secondary address................72 ip interface secure filter......................81 ip interface secure filter name................81 ip interface tcp mss limit.....................80 ip interface vrrp............................92 ip interface vrrp shutdown trigger.............92 ip interface wol relay........................50 ip keepalive...............................96 ip local forward filter........................98 ip pp address..............................71 ip pp forward filter.........................98 ip pp intrusion detection.....................78 ip pp intrusion detection notice-interval........78 ip pp intrusion detection repeat-control.........79 ip pp intrusion detection report...............79 ip pp intrusion detection threshold............79 ip pp mtu.................................72 ip pp nat descriptor........................165 ip pp ospf area............................192 ip pp ospf neighbor........................194 ip pp remote address........................83 ip pp remote address pool...................84 ip pp rip auth key..........................88 ip pp rip auth key text.......................88 ip pp rip auth type..........................88 ip pp rip backup interface....................90 ip pp rip connect interval....................89 ip pp rip connect send.......................89 ip pp rip disconnect interval..................90 ip pp rip disconnect send....................89 ip pp rip filter..............................87 ip pp rip force-to-advertise...................91 ip pp rip hold routing.......................89 ip pp rip hop..............................88 ip pp rip receive............................87

18 ip pp rip send............................. 87 ip pp rip trust gateway...................... 86 ip pp secure filter.......................... 81 ip pp secure filter name..................... 81 ip pp tcp mss limit......................... 80 ip route.................................. 73 ip route change log........................ 80 ip routing................................ 71 ip routing process.......................... 46 ip simple-service........................... 72 ip stealth................................ 129 ip tos supersede........................... 82 ip tunnel address......................... 133 ip tunnel forward filter...................... 98 ip tunnel intrusion detection................. 78 ip tunnel intrusion detection notice-interval..... 78 ip tunnel intrusion detection repeat-control..... 79 ip tunnel intrusion detection report........... 79 ip tunnel intrusion detection threshold........ 79 ip tunnel mtu............................. 72 ip tunnel nat descriptor.................... 165 ip tunnel ospf area........................ 192 ip tunnel ospf neighbor.................... 194 ip tunnel remote address................... 133 ip tunnel rip auth key....................... 88 ip tunnel rip auth key text................... 88 ip tunnel rip auth type...................... 88 ip tunnel rip filter.......................... 87 ip tunnel rip force-to-advertise................ 91 ip tunnel rip hop.......................... 88 ip tunnel rip receive........................ 87 ip tunnel rip send.......................... 87 ip tunnel rip trust gateway.................. 86 ip tunnel secure filter....................... 81 ip tunnel secure filter name.................. 81 ip tunnel tcp mss limit...................... 80 ipsec auto refresh......................... 136 ipsec ike always-on........................ 137 ipsec ike duration......................... 147 ipsec ike encryption....................... 141 ipsec ike esp-encapsulation................. 146 ipsec ike group........................... 141 ipsec ike hash............................ 142 ipsec ike keepalive log..................... 140 ipsec ike keepalive use..................... 140 ipsec ike local address..................... 139 ipsec ike local id.......................... 139 ipsec ike local name....................... 138 ipsec ike log............................. 146 ipsec ike mode-cfg address................. 145 ipsec ike mode-cfg address pool............. 145 ipsec ike nat-traversal...................... 149 ipsec ike negotiate-strictly.................. 137 ipsec ike payload type..................... 142 ipsec ike pfs............................. 143 ipsec ike pre-shared-key.................... 136 ipsec ike queue length..................... 141 ipsec ike remote address................... 138 ipsec ike remote id........................ 138 ipsec ike remote name..................... 138 ipsec ike restrict-dangling-sa................ 149 ipsec ike retry............................ 137 ipsec ike send info........................ 142 ipsec ike xauth myname.................... 143 ipsec ike xauth request.................... 145 ipsec ipcomp type......................... 150 ipsec log illegal-spi........................ 142 ipsec refresh sa........................... 148 ipsec sa delete........................... 150 ipsec sa policy............................ 148 ipsec transport........................... 153 ipsec tunnel............................. 150 ipsec tunnel outer df-bit.................... 150 ipsec use................................ 136 ipv6 filter............................... 208 ipv6 filter dynamic........................ 209 ipv6 icmp echo-reply send.................. 130 ipv6 icmp echo-reply send-only-linkup........ 130 ipv6 icmp error-decrypted-ipsec send......... 131 ipv6 icmp log............................ 131 ipv6 icmp packet-too-big send............... 131 ipv6 icmp parameter-problem send........... 130 ipv6 icmp redirect receive.................. 130 ipv6 icmp redirect send.................... 130 ipv6 icmp time-exceeded send............... 131 ipv6 icmp unreachable send................ 131 ipv6 interface address..................... 201 ipv6 interface dad retry count............... 202 ipv6 interface mld........................ 210 ipv6 interface mld static.................... 211 ipv6 interface mtu........................ 200 ipv6 interface prefix....................... 202 ipv6 interface rip filter..................... 206 ipv6 interface rip hop...................... 205 ipv6 interface rip receive................... 205 ipv6 interface rip send..................... 205 ipv6 interface rip trust gateway............. 206 ipv6 interface rtadv send................... 204 ipv6 interface secure filter.................. 208 ipv6 interface tcp mss limit................. 200 ipv6 max auto address..................... 202 ipv6 nd ns-trigger-dad..................... 211 ipv6 pp address.......................... 201 ipv6 pp dad retry count.................... 202 ipv6 pp mld............................. 210 ipv6 pp mld static......................... 211 ipv6 pp mtu............................. 200 ipv6 pp prefix............................ 202 ipv6 pp rip connect interval................. 206 ipv6 pp rip connect send................... 206 ipv6 pp rip disconnect interval.............. 207 ipv6 pp rip disconnect send................. 207 ipv6 pp rip filter.......................... 206 ipv6 pp rip hold routing.................... 207 ipv6 pp rip hop........................... 205 ipv6 pp rip receive........................ 205 ipv6 pp rip send.......................... 205 ipv6 pp rip trust gateway.................. 206 ipv6 pp rtadv send........................ 204 ipv6 pp secure filter....................... 208 ipv6 pp tcp mss limit...................... 200 ipv6 prefix............................... 203 ipv6 rh0 discard.......................... 201 ipv6 rip use.............................. 205 ipv6 route............................... 204 ipv6 routing............................. 200 ipv6 routing process....................... 201 ipv6 source address selection rule............ 203 ipv6 stealth.............................. 132 ipv6 tunnel address....................... 201

19 ipv6 tunnel mld...........................210 ipv6 tunnel mld static......................211 ipv6 tunnel prefix.........................202 ipv6 tunnel rip filter........................206 ipv6 tunnel rip receive......................205 ipv6 tunnel rip send.......................205 ipv6 tunnel secure filter....................208 ipv6 tunnel tcp mss limit....................200 isdn arrive permit...........................61 isdn auto connect..........................61 isdn call block time.........................62 isdn call permit............................62 isdn call prohibit time.......................62 isdn callback mscbcp user-specify..............63 isdn callback permit.........................62 isdn callback permit type.....................63 isdn callback request........................62 isdn callback request type....................63 isdn callback response time...................63 isdn callback wait time......................63 isdn disconnect input time...................65 isdn disconnect interval time.................66 isdn disconnect output time..................65 isdn disconnect policy.......................64 isdn disconnect time........................64 isdn fast disconnect time.....................64 isdn forced disconnect time..................65 isdn local address..........................58 isdn piafs arrive............................59 isdn piafs call..............................60 isdn piafs control...........................59 isdn remote address........................60 isdn remote call order.......................61 isdn terminator............................58 L lan backup................................94 lan backup recovery time....................94 lan keepalive interval.......................95 lan keepalive log...........................95 lan keepalive use...........................95 lan port-mirroring..........................47 lan shutdown..............................46 lan type..................................47 leased keepalive down......................86 less config...............................243 less config list............................243 less config pp.............................243 less config tunnel.........................243 less exec list..............................244 less file list...............................244 less log..................................255 line type.............................. 31, 58 login password............................38 login password encrypted....................38 login timer............................ 26, 49 login user.................................39 M mail notify...............................214 mail notify status exec......................242 mail server name..........................212 mail server pop...........................212 mail server smtp...........................212 mail server timeout........................213 mail template.............................213 N nat descriptor address inner.................166 nat descriptor address outer.................166 nat descriptor ftp port......................168 nat descriptor log.........................169 nat descriptor masquerade incoming..........168 nat descriptor masquerade port range.........168 nat descriptor masquerade remove df-bit......169 nat descriptor masquerade rlogin.............167 nat descriptor masquerade session limit.......169 nat descriptor masquerade static.............167 nat descriptor masquerade unconvertible port..168 nat descriptor sip..........................169 nat descriptor static........................166 nat descriptor timer........................167 nat descriptor type........................165 nslookup................................239 ntpdate...................................42 O operation button function download..........229 operation execute batch permit..............229 operation external-memory download permit...226 operation http revision-up permit..............53 ospf area................................190 ospf area network.........................190 ospf area stubhost.........................190 ospf configure refresh......................186 ospf export filter..........................188 ospf export from ospf......................187 ospf import filter..........................189 ospf import from..........................187 ospf log.................................194 ospf merge equal cost stub..................194 ospf preference...........................186 ospf router id.............................186 ospf use.................................186 ospf virtual-link...........................191 P ping....................................239 ping6...................................239 pp always-on..............................60 pp auth accept....................... 103, 155 pp auth multi connect prohibit...............104 pp auth myname..........................104 pp auth request...................... 104, 155 pp auth username.........................103 pp backup................................93 pp backup pp..............................93 pp backup recovery time.....................94 pp backup tunnel..........................93 pp bind.............................. 58, 154 pp disable............................ 26, 237 pp enable............................ 26, 237 pp encapsulation...........................67 pp keepalive interval........................84 pp keepalive log...........................85 pp keepalive use...........................85 pp name.................................216 pp select.................................232

20 ppp bacp maxconfigure.................... 113 ppp bacp maxfailure....................... 113 ppp bacp maxterminate.................... 113 ppp bacp restart.......................... 113 ppp bap maxretry......................... 114 ppp bap restart........................... 114 ppp ccp maxconfigure..................... 110 ppp ccp maxfailure........................ 111 ppp ccp maxterminate..................... 110 ppp ccp no-encryption..................... 157 ppp ccp restart........................... 110 ppp ccp type.........................110, 154 ppp chap maxchallenge.................... 107 ppp chap restart.......................... 107 ppp ipcp ipaddress........................ 108 ppp ipcp maxconfigure.................... 108 ppp ipcp maxfailure....................... 108 ppp ipcp maxterminate.................... 108 ppp ipcp msext........................... 109 ppp ipcp remote address check.............. 109 ppp ipcp restart.......................... 108 ppp ipcp vjc............................. 107 ppp ipv6cp use........................... 111 ppp lcp acfc............................. 105 ppp lcp magicnumber..................... 105 ppp lcp maxconfigure..................... 106 ppp lcp maxfailure........................ 106 ppp lcp maxterminate..................... 106 ppp lcp mru............................. 105 ppp lcp pfc.............................. 105 ppp lcp restart........................... 106 ppp lcp silent............................ 106 ppp mp control........................... 111 ppp mp divide............................ 113 ppp mp interleave........................ 177 ppp mp load threshold..................... 112 ppp mp maxlink.......................... 112 ppp mp minlink.......................... 112 ppp mp timer............................ 112 ppp mp use.............................. 111 ppp mscbcp maxretry...................... 109 ppp mscbcp restart........................ 109 ppp pap maxauthreq...................... 107 ppp pap restart........................... 107 pppoe access concentrator................. 114 pppoe auto connect....................... 114 pppoe auto disconnect..................... 115 pppoe disconnect time..................... 116 pppoe invalid-session forced close........... 116 pppoe padi maxretry...................... 115 pppoe padi restart........................ 115 pppoe padr maxretry...................... 115 pppoe padr restart........................ 115 pppoe service-name....................... 116 pppoe tcp mss limit....................... 116 pppoe use............................... 114 pptp hostname........................... 155 pptp keepalive interval..................... 157 pptp keepalive log........................ 157 pptp keepalive use........................ 156 pptp service............................. 154 pptp service type......................... 154 pptp syslog.............................. 156 pptp tunnel disconnect time................ 156 pptp window size......................... 155 Q queue class filter.......................... 176 queue interface class control................ 180 queue interface class filter list............... 178 queue interface class property............... 179 queue interface default class................ 178 queue interface length..................... 178 queue interface type...................... 177 queue pp class filter list.................... 178 queue pp class property.................... 179 queue pp default class..................... 178 queue pp length.......................... 178 queue pp type........................... 177 queue tunnel class filter list................. 178 quit.................................... 232 R radius account........................... 163 radius account port....................... 164 radius account server...................... 164 radius auth.............................. 163 radius auth port.......................... 164 radius auth server......................... 163 radius retry.............................. 164 radius secret............................. 164 radius server............................. 163 rdate.................................... 42 remote setup............................ 235 remote setup accept....................... 235 restart............................... 31, 237 rip filter rule.............................. 91 rip preference............................. 86 rip timer................................. 91 rip use................................... 86 S save................................. 26, 233 schedule at.............................. 220 sd use.................................. 224 security class.............................. 41 set-default-config......................... 234 set-default-exec........................... 234 show............................. 34, 35, 36 show account............................ 255 show account pp......................... 255 show arp................................ 245 show command........................... 37 show config............................. 243 show config list.......................... 243 show config pp........................... 243 show config tunnel....................... 243 show diagnosis config port access........... 257 show diagnosis config port map............. 257 show dlci................................ 245 show environment........................ 243 show exec list............................ 244 show file list............................. 244 show ip connection....................... 249 show ip connection pp..................... 249 show ip connection tunnel................. 249 show ip intrusion detection................. 250 show ip intrusion detection pp.............. 250 show ip intrusion detection tunnel........... 250 show ip rip table......................... 246

21 show ip route.............................246 show ip secure filter.......................244 show ip secure filter pp.....................244 show ip secure filter tunnel..................244 show ipsec sa.............................247 show ipsec sa gateway.....................247 show ipv6 address.........................244 show ipv6 address pp......................244 show ipv6 address tunnel...................244 show ipv6 connection......................250 show ipv6 connection pp...................250 show ipv6 connection tunnel................250 show ipv6 neighbor cache..................247 show ipv6 rip table........................246 show ipv6 route...........................246 show log................................255 show nat descriptor address.................247 show nat descriptor interface address.........248 show nat descriptor interface address pp......248 show nat descriptor interface address tunnel...248 show nat descriptor interface bind............247 show nat descriptor interface bind pp.........247 show nat descriptor interface bind tunnel......247 show nat descriptor masquerade port summary.248 show sshd public key......................244 show status..............................245 show status backup........................249 show status bgp neighbor..................248 show status cooperation....................253 show status dhcp..........................249 show status dhcpc.........................249 show status external-memory................254 show status heartbeat......................253 show status ip keepalive....................250 show status ipv6 mld.......................251 show status mail service....................251 show status ospf..........................248 show status packet-buffer...................252 show status pp............................245 show status pptp..........................248 show status qos...........................252 show status remote setup...................254 show status sd............................254 show status switching-hub macaddress........250 show status tunnel........................251 show status upnp.........................250 show status usbhost.......................254 show status user..........................251 show status vlan..........................251 show status vrrp..........................247 show techinfo............................254 show url filter.............................253 show url filter pp..........................253 show url filter tunnel.......................253 snmp community read-only..................158 snmp community read-write.................159 snmp display ipcp force.....................162 snmp host...............................158 snmp local address........................158 snmp syscontact..........................159 snmp syslocation..........................159 snmp sysname............................159 snmp trap community......................160 snmp trap enable snmp.....................160 snmp trap host............................161 snmp trap link-updown separate-l2switch-port..162 snmp trap send linkdown...................160 snmp trap send linkdown pp................160 snmp trap send linkdown tunnel.............160 snmp yrifppdisplayatmib2...................161 snmp yriftunneldisplayatmib2...............161 sntpd host...............................223 sntpd service.............................223 speed...................................175 speed pp................................175 sshd client alive............................55 sshd host.................................54 sshd host key generate......................54 sshd listen................................53 sshd service...............................53 sshd session...............................54 statistics.................................258 syslog debug..............................44 syslog execute command....................45 syslog facility..............................44 syslog host................................43 syslog info................................44 syslog local address.........................44 syslog notice..............................44 syslog srcport..............................45 system led brightness.......................57 system packet-buffer........................55 system temperature threshold................46 T tcp log...................................51 telnet...................................240 telnetd host...............................46 telnetd listen..............................45 telnetd service.............................45 telnetd session.............................46 tftp host.............................. 32, 49 time.....................................42 timezone.................................41 traceroute................................239 traceroute6..............................239 tunnel backup............................151 tunnel backup pp.........................151 tunnel backup tunnel......................151 tunnel disable............................133 tunnel enable.............................133 tunnel encapsulation.................. 133, 154 tunnel endpoint address............... 134, 154 tunnel endpoint name......................156 tunnel name..............................216 tunnel select.............................232 tunnel template...........................152 U upnp external address refer.................217 upnp external address refer pp...............217 upnp port mapping timer...................217 upnp port mapping timer type...............217 upnp syslog..............................218 upnp use................................217 url filter.................................101 url filter log..............................102 url filter port.............................101 url filter reject............................102

22 url filter use.............................. 102 url interface filter......................... 101 url pp filter.............................. 101 url tunnel filter........................... 101 usbhost use.............................. 219 user attribute............................. 39 V vlan interface 802.1q...................... 221 vlan port mapping........................ 221 W wins server.............................. 108 wol send................................ 241

23 1. 1.1 Bold face Italic face 1.2 lan1, lan2, lan3 lan1/1, lan1/2,..., lan1/32 vlan1, vlan2,..., vlan8 bri1 loopback1, loopback2,... loopback9 null 1.3 no no show config no show config no no

24 1.4 1.5 1.6 cold start ip lan1 address 192.168.100.1/24 dhcp service server dhcp server rfc2131 compliant except remain-silent dhcp scope 1 192.168.100.2-192.168.100.191/24

25 2. 2.1

26 2.1.1 console character administrator pp disable disconnect pp enable save login timer save cold start

27 2.1.2

28 help show command administrator

29 save quit quit 2.1.3

30 help show command administrator save quit quit 2.1.4 remote setup

31 2.2 2.2.1 2.2.2 login user sshd host key generate sshd service 2.3 line type restart

32 2.3.1 tftp host 2.3.2

33 2.3.3 2.4 console lines console lines infinity SPACE ENTER RETURN q Ctrl-C show config show config list show config pp show file list show log less config less config list less config pp less file list less log

34 {n} f {n} Ctrl-F {n} SPACE {n} b {n} Ctrl-B {n} j {n} Ctrl-J {n} Ctrl-E {n} Ctrl-M {n} ENTER {n} RETURN {n} k {n} Ctrl-K {n} y {n} Ctrl-Y {n} Ctrl-P {n} d {n} Ctrl-D {n} u {n} Ctrl-U {n} g {n} G r Ctrl-R Ctrl-L q Ctrl-C 2.5 2.5.1 show [...] grep [-i] [-v] [-w] pattern...pattern...pattern...pattern pattern

35 show pattern pattern pattern pattern pattern pattern pattern. a.b aab, axb, a-b? b?c ac, abc * ab*c ac, abc, abbc, abbbbbbbbc + ab+c abc, abbc, abbbbbbbbc ab cd abd, acd [ ] a[bc]d abd, acd [^ ] a[^bc]d aad, axd ^ ^abc abc $ abc$ abc ( ) (ab cd) ab, cd a.c a.c less pattern show config grep ip grep lan show config grep ip less 2.5.2 show [...] less show q b j, ENTER k g G /? n N

36 2.5.3 show [...] > name name filename filename filename filename show '>' ' ' ' ' # show log > usb1:log.txt > usb2:log.txt # show log >> usb1:log.txt # ip filter 1 pass * * > usb1:filter.txt # less log > usb1:log.txt # show log > usb1:log.txt # show config > usb1:config.txt # show status pp 1 > sd1:status_pp1.txt # show techinfo > sd1:techinfo.txt

37 3. 3.1 help 3.2 show command

38 4. 4.1 login password 4.2 login password encrypted login password 4.3 administrator password 4.4 administrator password encrypted administrator password

39 4.5 login user user [password] login user user encrypted password no login user user [password] user password password syslog execute command syslog execute command clear log 4.6 user attribute [user] attribute=value [attribute=value...] no user attribute [user...] user attribute=value attribute value administrator on administrator administrator off connection off all serial telnet ssh remote http host any multi-session on off login-timer 120..21474836, clear

40 user user off exit off all off off login timer administrator = on connection = serial,telnet,remote,ssh,http host = any multi-session = on login-timer = 300

41 4.7 disconnect user user [/connection [no]] disconnect user [user] /connection [no] user connection telnet, serial, remote, ssh, http no show status user user # disconnect user test # disconnect user /telnet 4.8 security class level forget [telnet] no security class [level forget telnet] level 1 2 3 forget on off telnet on telnet off telnet remote setup accept remote setup level = 1 forget = on telnet = off 4.9 timezone timezone no timezone [timezone] timezone jst utc jst

42 4.10 date date date...yyyy-mm-dd yyyy/mm/dd 4.11 time time time...hh:mm:ss 4.12 rdate host [syslog] host xxx.xxx.xxx.xxx xxx syslog 4.13 ntpdate ntp_server [syslog] ntp_server xxx.xxx.xxx.xxx xxx syslog rdate syslog 4.14 console prompt prompt no console prompt [prompt] prompt

43 4.15 console character code no console character [code] code ascii sjis euc sjis 4.16 console columns col no console columns [col] col 80..200 80 4.17 console lines lines no console lines [lines] lines 10 100 infinity 24 4.18 console info info no console info [info] info on off off 4.19 syslog host host no syslog host [host] host syslog debug on

44 4.20 syslog facility facility no syslog facility [facility] facility 0..23 user...1 local0..local7...16..23 user 4.21 syslog notice notice no syslog notice [notice] notice on off off 4.22 syslog info info no syslog info [info] info on off on 4.23 syslog debug debug no syslog debug [debug] debug on off debug on syslog host off off 4.24 syslog local address address no syslog local addrress [address] address

45 4.25 syslog srcport port no syslog srcport [port] port 1..65535 514 4.26 syslog execute command switch no syslog execute command [switch] switch off 4.27 telnetd service service no telnetd service service on off on 4.28 telnetd listen port no telnetd listen port 1..65535 23

46 4.29 telnetd host ip_range [ip_range...] no telnetd host ip_range any none any 4.30 telnetd session num no telnetd session num 1..8 8 4.31 system temperature threshold t1 t2 no system temperature threshold t1 t2 t1 t2 t1 t2 t1 = 75, t2 = 70 4.32 ip routing process process no ip routing process process fast normal fast 4.33 lan shutdown interface [port...] interface port

47 4.34 lan port-mirroring interface mirror direction port... [direction port...] no lan port-mirroring interface interface mirror direction in out port # lan port-mirroring lan1 4 in 1 # lan port-mirroring lan1 4 in 1 out 1 2 4.35 lan type interface_with_swhub speed [port] [speed [port]...] [option=value...] lan type interface_with_swhub option=value lan type interface_without_swhub speed [option=value...] lan type interface_without_swhub option=value no lan type interface [...] interface_with_swhub interface_without_swhub interface speed auto 1000-fdx 100-fdx 100-hdx 10-fdx 10-hdx auto port option=value mtu auto-crossover on off macaddress-aging on off divide-network split-into-split_pattern off speed-downshift on off

48 mtu mtu ip mtu ipv6 mtu mtu mtu ip mtu ipv6 mtu mtu ip mtu ipv6 mtu mtu mtu clear switching-hub macaddress vlan port mapping split_pattern

49 speed = auto mtu = 1500 auto-crossover = on macaddress-aging = on port-based-option = off speed-downshift=on # lan type lan1 100-fdx 1 2 # lan type lan1 port-based-option=split-into-123:456:78 # lan type lan1 port-based-option=split-into-123:456 4.36 login timer time no login timer [time] time 120..21474836 clear clear 300 4.37 tftp host host no tftp host [host] host any none none none

50 4.38 ip interface wol relay relay no ip interface wol relay interface relay broadcast unicast off broadcast unicast broadcast unicast off ip filter directed-broadcast off 4.39 description id description no description id [description] description interface description no description interface [description] id 1..21474836 interface description interface show config show status show config console character

51 4.40 tcp log switch [src_addr[/mask] [dst_addr[/mask]] [tcpflag[src_port_list [dst_port_list]]]] no tcp log [...] switch src_addr dst_addr src_addr mask src_addr dst_addr tcpflag tcp 6 tcpsyn - tcpfin - tcprst - established - src_port_list ftp 20,21 ftpdata 20 telnet 23 smtp 25 domain 53 gopher 70 finger 73 www 80 pop3 110 sunrpc 111 ident 113 ntp 123 nntp 119 snmp 161 syslog 514 printer 515 talk 517 route 520 uucp 540

52 dst_port_list src_port_list off 4.41 http revision-up permit permit no http revision-up permit [permit] permit on 4.42 http revision-up url url no http revision-up url [url] url 4.43 http revision-up proxy proxy_server [port] no http revision-up proxy [proxy_server [port]] proxy_server port 4.44 http revision-up timeout time no http revision-up timeout [time] time 30

53 4.45 http revision-down permit permit no http revision-down permit [permit] permit off 4.46 operation http revision-up permit permit no operation http revision-up permit [permit] permit off 4.47 sshd service service no sshd service [service] service on off off 4.48 sshd listen port no sshd listen [port] port listen 1..65535 listen 22

54 4.49 sshd host ip_range [ip_range...] no sshd host [ip_range...] ip_range any none any 4.50 sshd session num no sshd session [num] num 1..8 8 4.51 sshd host key generate [seed] no sshd host key generate [seed] seed 0..4294967295 seed seed seed seed sshd host key generate seed seed

55 4.52 sshd client alive switch [interval [count]] no sshd client alive [switch...] switch on off interval 1..2147483647 count 1..2147483647 interval count switch... off interval... 100 count... 3 4.53 system packet-buffer group parameter=value [parameter=value...] no system packet-buffer group [parameter=value...] group small, middle, large, huge parameter max-buffer max-free min-free buffer-in-chunk init-chunk value max-buffer max-free max-free min-free max_free buffer-in-chunk max_free buffer-in-chunk init-chunk max-free min-free init-chunk max-buffer buffer-in-chunk max-free min-free init-chunk max-free min-free init-chunk max-buffer max-free min-free buffer-in-chunk init-chunk # system packet-buffer small max-buffer=1000 max-free=500 # system packet-buffer large min-free=100

56 4.54 alarm entire switch no alarm entire switch on off on 4.55 alarm usbhost switch no alarm usbhost switch on off on 4.56 alarm sd switch no alarm sd [switch] switch on off on 4.57 alarm startup switch [pattern] no alarm startup [switch] switch on off pattern 1...3 1 off 4.58 alarm http revision-up switch no alarm http revision-up [switch] switch on off on

57 4.59 system led brightness mode no system led brightness [mode] mode 0 1 0

58 5. 5.1 5.1.1 line type interface line [channels] no line type interface line [channels] interface line isdn, isdn-ntt l64 l128 channels...line isdn isdn-ntt 1b 2b interface reset channels 1b line = isdn channels = 2b 5.1.2 isdn local address interface isdn_num[/sub_address] isdn local address interface /sub_address no isdn local address interface interface isdn_num sub_address 5.1.3 isdn terminator interface terminator no isdn terminator interface [terminator] interface terminator on off ON OFF on off on 5.1.4 pp bind interface [interface] no pp bind [interface] interface

59 5.1.5 account threshold [interface] yen account threshold pp yen no account threshold interface yen no account threshold [yen] no account threshold pp [yen] interface yen 1..2147483647 off show account account threshold interface account threshold pp isdn forced disconnect time clear account schedule at clear account off 5.1.6 isdn piafs arrive arrive no isdn piafs arrive [arrive] arrive on off on 5.1.7 isdn piafs control switch no isdn piafs control switch call both arrive switch call both arrive call # pp select 2 # isdn piafs control call # pp enable 2

60 5.1.8 isdn piafs call speed [64kmode] no isdn piafs call [speed [64kmode]] speed off 32k 64k 64kmode guarantee best-effort speed off 32k 64k speed 64k 64kmode 64kmode guarantee 64kmode best-effort off 5.2 5.2.1 pp always-on switch time no pp always-on switch on off time 60..21474836 time switch on time time time off 5.2.2 isdn remote address call_arrive isdn_num [/sub_address] [isdn_num_list] isdn remote address call_arrive isdn_num [isdn_num_list] no isdn remote address call_arrive [isdn_num [/sub_address] [isdn_num_list]] call_arrive call arrive isdn_num sub_address isdn_num_list isdn remote call order

61 5.2.3 isdn auto connect auto no isdn auto connect [auto] auto on off on 5.2.4 isdn remote call order order no isdn remote call order [order] order round serial isdn remote address call round isdn remote address call serial round serial round serial 5.2.5 isdn arrive permit arrive [vrrp interface vrid[slave]] no isdn arrive permit [arrive] arrive on off interface vrid 1..255 on slave slave isdn arrive permit isdn call permit off on

62 5.2.6 isdn call permit permit no isdn call permit [permit] permit on off isdn arrive permit isdn call permit off on 5.2.7 isdn call block time time no isdn call block time [time] time 0..15.0 isdn call prohibit time isdn forced disconnect time 0 5.2.8 isdn call prohibit time time no isdn call prohibit time [time] time 60..21474836.0 isdn call block time 60 5.2.9 isdn callback request callback_request no isdn callback request [callback_request] callback_request on off off 5.2.10 isdn callback permit callback_permit no isdn callback permit [callback_permit] callback_permit on off off

63 5.2.11 isdn callback request type type no isdn callback request type [type] type yamaha mscbcp yamaha 5.2.12 isdn callback permit type type1 [type2] no isdn callback permit type [type1 [type2]] type1, type2 yamaha mscbcp type1 = yamaha type2 = mscbcp 5.2.13 isdn callback mscbcp user-specify specify no isdn callback mscbcp user-specify [specify] specify on off off off 5.2.14 isdn callback response time type time type 1b time 0..15.0 time = 0 5.2.15 isdn callback wait time time no isdn callback wait time [time] time 1..60.0 60

64 5.2.16 isdn disconnect policy type no isdn disconnect policy [type] type 1 2 isdn disconnect time isdn disconnect input time isdn disconnect output time isdn disconnect interval time 1 # isdn disconnect policy 2 # isdn disconnect interval time 240 6 2 5.2.17 isdn disconnect time time no isdn disconnect time [time] time 1..21474836.0 off X isdn disconnect input time IN isdn disconnect output time OUT X>IN X>OUT 60 5.2.18 isdn fast disconnect time time no isdn fast disconnect time [time] time 1..21474836.0 off isdn auto connect off 20

65 5.2.19 isdn forced disconnect time time no isdn forced disconnect time [time] time 1..21474836.0 off isdn call block time off 5.2.20 isdn disconnect input time time no isdn disconnect input time [time] time 1..21474836.0 off 120 5.2.21 isdn disconnect output time time no isdn disconnect output time [time] time 1..21474836.0 off 120

66 5.2.22 isdn disconnect interval time unit watch spare no isdn disconnect interval time [unit watch spare] unit 1..21474836.0 off watch 1..21474836.0 off spare 1..21474836.0 off unit unit unit watch spare watch spare watch spare unit = 180 watch = 6 spare = 2 watch spare unit # isdn disconnect policy 2 # isdn disconnect interval time 240 6 2

67 6. pp encapsulation fr dlci fr lmi show dlci fr inarp ip pp address fr compression use pp encapsulation fr fr lmi fr inarp fr congestion control fr pp dequeue type fr dlci fr dlci fr dlci auto fr dlci auto fr dlci auto 6.1 pp encapsulation type no pp encapsulation [type] type ppp fr ppp

68 6.2 fr dlci dlci_num no fr dlci [dlci_num] dlci_num auto 16..991 auto fr lmi off auto # fr dlci 16 17 18 6.3 fr cir dlci=dlci_num cir [slowstart-idle=idle] [bc=bc_size] [be=be_size] [s=step_count] no fr cir dlci=dlci_num dlci_num 16..991 cir idle 1..2147483647 0 bc_size be_size step_count idle = 20 bc=be = 7000 s=cir/bc_size/be_size 6.4 fr lmi lmi no fr lmi [lmi] lmi q933 ansi off fr lmi off q933

69 6.5 fr inarp inarp no fr inarp [inarp] inarp on off on ip pp address on 6.6 fr compression use dlci=dlci_num type no fr compression use dlci=dlci_num [type] dlci_num 16..991 type stac cstac none dlci_num type = none 6.7 fr congestion control control no fr congestion control [control] control on off off 6.8 fr pp dequeue type type no fr pp dequeue type [type] type serial round-robin serial round-robin round-robin

70 6.9 fr de protocol filter dlci=dlci_num filter_num_list no fr de protocol filter dlci=dlci_num [filter_num_list] protocol ip filter dlci_num 16..991 filter_num_list 1..100 filter_num_list pass pass-log pass-nolog restrict restrict-log restrict-nolog reject reject-log reject-nolog

71 7. 7.1 7.1.1 ip routing routing no ip routing [routing] routing on off off on 7.1.2 ip interface address ip_address/mask [broadcast broadcast_ip] ip interface address dhcp ip pp address ip_address/mask [broadcast broadcast_ip] ip loopback address ip_address/mask no ip interface address [ip_address/mask [broadcast broadcast_ip]] no ip pp address [ip_address/mask [broadcast broadcast_ip]] no ip loopback address [ip_address/mask] interface loopback ip_addres xxx.xxx.xxx.xxx xxx dhcp mask xxx xxx xxx xxx xxx broadcast_ip broadcast broadcast_ip dhcp dhcp no ip interface address show status dhcpc

72 7.1.3 ip interface secondary address ip_address[/mask] ip interface secondary address dhcp no ip interface secondary address [ip_address/mask] interface ip_address xxx.xxx.xxx.xxx xxx dhcp mask xxx xxx xxx xxx xxx dhcp 7.1.4 ip interface mtu mtu0 ip pp mtu mtu1 ip tunnel mtu mtu2 no ip interface mtu [mtu0] no ip pp mtu [mtu1] no ip tunnel mtu [mtu2] interface mtu0, mtu1, mtu2 64..1500 mtu0=1500 mtu1=1500 mtu2=1280 7.1.5 ip simple-service service no ip simple-service service service on off off

73 7.1.6 ip route network gateway gateway1 [parameter] [gateway gateway2 [parameter]...] no ip route network [gateway...] network default 32 gateway1, gateway2... xxx xxx xxx xxx xxx pp peer_num dlci=dlci dlci=dlci peer_num anonymous pp anonymous name name name dhcp interface interface tunnel tunnel_num parameter filter number number number 1..21474836 metric metric metric 1..15 1 hide weight weight weight 0..2147483647 1 keepalive... gateway1 gateway filter weight weight hide weight

74 # ip route default gateway 192.168.0.1 # ip route 192.168.1.0/24 gateway pp 1 # ip route default gateway pp 1 weight 2 hide gateway pp 2 weight 1 hide # ip route 192.168.0.1/24 gateway pp 1 hide gateway pp 2 weight 0 7.1.7 ip filter filter_num pass_reject src_addr[/mask] [dest_addr[/mask] [protocol [src_port_list [dest_port_list]]]] no ip filter filter_num [pass_reject] filter_num 1..21474836 pass_reject pass-log pass-nolog reject-log reject-nolog restrict-log restrict-nolog src_addr xxx xxx xxx xxx xxx xxx dest_addr src_addr mask (src_addr dest_addr xxx xxx xxx xxx xxx 0x 0xffffffff protocol 0..255 icmp 1 tcp 6 udp 17 ipv6 41 esp 50 ah 51 icmp6 58 icmp-error icmp-info tcpfin tcprst established tcpflag=value/mask tcpflag!=value/mask *

75 src_port_list ftp 20,21 ident 113 ftpdata 20 ntp 123 telnet 23 nntp 119 smtp 25 snmp 161 domain 53 syslog 514 gopher 70 printer 515 finger 79 talk 517 www 80 route 520 pop3 110 uucp 540 sunrpc 111 dest_port_list ip interface secure filter ip filter set ip filter dynamic ip interface rip filter # ip filter 1 pass-nolog 172.20.10.* 172.21.192.0/18 tcp ftp # ip lan1 secure filter in 1 2 100 # ip lan1 secure filter out 1 2 100 # ip filter 1 pass-log * * icmp 8 # ip filter 2 pass-log * * icmp 0 # ip filter 100 pass * * # ip lan2 secure filter out 1 100 # ip filter 1 reject * * icmp 5 1 # ip filter 100 pass * * 7.1.8 ip filter set name direction filter_list [filter_list...] no ip filter set name [direction...] name direction in out filter_list ip interface secure filter

76 7.1.9 ip filter source-route filter_out no ip filter source-route [filter_out] filter_out on off on 7.1.10 ip filter directed-broadcast filter_out ip filter directed-broadcast filter filter_num [filter_num...] no ip filter directed-broadcast filter_out on off filter_num 1..21474836 on off filter ip filter wol relay wol relay on on 7.1.11 ip filter dynamic dyn_filter_num srcaddr dstaddr protocol [option...] ip filter dynamic dyn_filter_num srcaddr dstaddr filter filter_list [in filter_list] [out filter_list] [option...] no ip filter dynamic dyn_filter_num [dyn_filter_num...] dyn_filter_num 1..21474836 srcaddr dstaddr protocol tcp udp ftp tftp domain www smtp pop3 telnet netmeeting filter_list ip filter option syslog=switch on off timeout=time time

77 filter in out ip filter filter in out in out ip filter pass/reject tcp udp syslog=on # ip filter 10 pass * * udp * snmp # ip filter dynamic 1 * * filter 10 7.1.12 ip filter dynamic timer [option=timeout [option...]] no ip filter dynamic timer option tcp-syn-timeout tcp-fin-timeout tcp-idle-time udp-idle-time dns-timeout timeout tcp-syn-timeout=30 tcp-fin-timeout=5 tcp-idle-time=3600 udp-idle-time=30 dns-timeout=5

78 7.1.13 ip interface intrusion detection direction [type] switch [option] ip pp intrusion detection direction [type] switch [option] ip tunnel intrusion detection direction [type] switch [option] no ip interface intrusion detection direction [type] switch [option] no ip pp intrusion detection direction [type] switch [option] no ip tunnel intrusion detection direction [type] switch [option] interface direction in out type ip ip-option fragment icmp udp tcp ftp winny share default switch on off option reject=on reject=off type switch... off... on reject...off 7.1.14 ip interface intrusion detection notice-interval frequency ip pp intrusion detection notice-interval frequency ip tunnel intrusion detection notice-interval frequency no ip interface intrusion detection notice-interval no ip pp intrusion detection notice-interval no ip tunnel intrusion detection notice-interval interface frequency 1...1000 1

79 7.1.15 ip interface intrusion detection repeat-control time ip pp intrusion detection repeat-control time ip tunnel intrusion detection repeat-control time no ip interface intrusion detection repeat-control no ip pp intrusion detection repeat-control no ip tunnel intrusion detection repeat-control interface time 1..1000 time 60 7.1.16 ip interface intrusion detection report num ip pp intrusion detection report num ip tunnel intrusion detection report num no ip interface intrusion detection report no ip pp intrusion detection report no ip tunnel intrusion detection report interface num 1..1000 show ip intrusion detection 50 7.1.17 ip interface intrusion detection threshold type count ip pp intrusion detection threshold type count ip tunnel intrusion detection threshold type count no ip interface intrusion detection threshold type no ip pp intrusion detection threshold type no ip tunnel intrusion detection threshold type interface type... port-scan syn-flood count 1..65535 type port-scan syn-flood count count count port-scan = 64 syn-flood = 100

80 7.1.18 ip interface tcp mss limit mss ip pp tcp mss limit mss ip tunnel tcp mss limit mss no ip interface tcp mss limit [mss] no ip pp tcp mss limit [mss] no ip tunnel tcp mss limit [mss] interface mss 536..1460 auto off auto pppoe tcp mss limit pppoe tcp mss limit off 7.1.19 ip route change log log log on off off

81 7.1.20 ip interface secure filter direction [filter_list...] [dynamic filter_list...] ip pp secure filter direction [filter_list...] [dynamic filter_list...] ip tunnel secure filter direction [filter_list...] [dynamic filter_list...] ip interface secure filter name set_name ip pp secure filter name set_name ip tunnel secure filter name set_name no ip interface secure filter direction [filter_list] no ip pp secure filter direction [filter_list] no ip tunnel secure filter direction [filter_list] no ip interface secure filter name [set_name] no ip pp secure filter name [set_name] no ip tunnel secure filter name [set_name] interface direction in out filter_list set_name dynamic ip filter # ip filter 1 pass 192.168.0.0/24 * # ip filter 2 reject 192.168.0.1 # ip lan1 secure filter in 1 2 ip pp secure filter ip pp secure filter direction 7.1.21 ip fragment remove df-bit filter filter_num... no ip fragment remove df-bit filter [filter_num...] filter_num ip filter

82 7.1.22 ip tos supersede id tos [precedence=precedence] filter_num [filter_num_list] no ip tos supersede id [tos] id 1..65535 tos 0..15 normal 0 min-monetary-cost 1 max-reliability 2 max-throughput 4 min-delay 8 precedence precedence 0..7 precedence filter_num 1..100 filter_num_list 1..100 filter_num pass pass-log pass-nolog restrict restrict-log restrict-nolog reject reject-log reject-nolog 7.1.23 ip interface proxyarp proxyarp ip interface proxyarp vrrp vrid no ip interface proxyarp [proxyarp] interface proxyarp on off vrid on off 7.1.24 ip arp timer timer no ip arp timer [timer] timer 30..32767 1200

83 7.1.25 ip interface arp static ip_address mac_address no ip interface arp static ip_address [...] interface ip_address mac_address show arp clear arp 7.1.26 ip interface arp queue length len no ip interface arp queue length [len] interface len 0..10000 200 7.2 7.2.1 ip pp remote address ip_address ip pp remote address dhcpc [interface] no ip pp remote address [ip_address] ip_address... xxx.xxx.xxx.xxx xxx dhcp dhcpc interface dhcpc interface no ip pp remote address " ppp ipcp ipaddress on" "ip pp remote address yyy.yyy.yyy.yyy "yyy.yyy.yyy.yyy"

84 7.2.2 ip pp remote address pool ip_address [ip_address...] ip pp remote address pool ip_address-ip_address ip pp remote address pool dhcp ip pp remote address pool dhcpc [interface] no ip pp remote address pool ip_address ip_address-ip_address dhcp dhcpc... interface dhcpc interface 7.2.3 pp keepalive interval interval [retry-interval=retry-interval] [count=count] [time=time] no pp keepalive interval [interval [count]] interval 1..65535 retry-interval interval count 3..100 time count interval retry-interval count time time show config interval = 30 retry-interval = 1 count = 6

85 7.2.4 pp keepalive use lcp-echo pp keepalive use icmp-echo dest_ip [option=value...] [dest_ip [option=value...]...] pp keepalive use lcp-echo icmp-echo dest_ip [option=value...] [dest_ip [option=value...]...] pp keepalive use off no pp keepalive use lcp-echo icmp-echo dest_ip option = value option value upwait 1..10000 1..10000 disconnect 1..21474836 length 64-1500 lcp-echo icmp-echo icmp-echo pp always-on icmp-echo downwait pp keepalive interval pp keepalive interval downwait upwait disconnect disconnect pp always-on disconnect length 7.2.5 pp keepalive log log no pp keepalive log [log] log on off off

86 7.2.6 leased keepalive down action no leased keepalive down [action] action silent reset silent 7.3 7.3.1 rip use use no rip use [use] use on off off 7.3.2 ip interface rip trust gateway [except] gateway_list ip pp rip trust gateway [except] gateway_list ip tunnel rip trust gateway [except] gateway_list no ip interface rip trust gateway [[except] gateway_list] no ip pp rip trust gateway [[except] gateway_list] no ip tunnel rip trust gateway [[except] gateway_list] interface gateway_list except except 7.3.3 rip preference preference no rip preference [preference] preference 1000

87 7.3.4 ip interface rip send send [version version [broadcast]] ip pp rip send send [version version [broadcast]] ip tunnel rip send send [version version [broadcast]] no ip interface rip send [send...] no ip pp rip send [send...] no ip tunnel rip send [send...] interface send on off version 1,2 broadcast ip interface address version version off ( ) on version 1 ( ) 7.3.5 ip interface rip receive receive [version version [version]] ip pp rip receive receive [version version [version]] ip tunnel rip receive receive [version version [version]] no ip interface rip receive [receive...] no ip pp rip receive [receive...] no ip tunnel rip receive [receive...] interface receive on off version 1,2 version version off on version 1 2 7.3.6 ip interface rip filter direction filter_list ip pp rip filter direction filter_list ip tunnel rip filter direction filter_list no ip interface rip filter direction [filter_list] no ip pp rip filter direction filter_list no ip tunnel rip filter direction filter_list interface direction in out filter_list ip filter pass reject

88 7.3.7 ip interface rip hop direction hop ip pp rip hop direction hop ip tunnel rip hop direction hop no ip interface rip hop direction hop no ip pp rip hop direction hop no ip tunnel rip hop direction hop interface direction in out hop 0..15 0 7.3.8 ip interface rip auth type type ip pp rip auth type type ip tunnel rip auth type type no ip interface rip auth type [type] no ip pp rip auth type [type] no ip tunnel rip auth type [type] interface type text text 7.3.9 ip interface rip auth key hex_key ip pp rip auth key hex_key ip tunnel rip auth key hex_key ip interface rip auth key text text_key ip pp rip auth key text text_key ip tunnel rip auth key text text_key no ip interface rip auth key no ip pp rip auth key no ip tunnel rip auth key no ip interface rip auth key text no ip pp rip auth key text no ip tunnel rip auth key text interface hex_key text_key # ip lan1 rip auth key text testing123 # ip pp rip auth key text "hello world" # ip lan2 rip auth key 01 02 ff 35 8e 49 a8 3a 5e 9d

89 7.3.10 ip pp rip hold routing rip_hold no ip pp rip hold routing [rip_hold] rip_hold on off off 7.3.11 ip pp rip connect send rip_action no ip pp rip connect send [rip_action] rip_action interval ip pp rip connect interval update none update # ip pp rip connect interval 60 # ip pp rip connect send interval 7.3.12 ip pp rip connect interval time no ip pp rip connect interval [time] time 30..21474836 ip pp rip send ip pp rip receive on ip pp rip connect send interval 30 # ip pp rip connect interval 60 # ip pp rip connect send interval 7.3.13 ip pp rip disconnect send rip_action no ip pp rip disconnect send [rip_action] rip_action none interval ip pp rip disconnect interval update none # ip pp rip disconnect interval 1800 # ip pp rip disconnect send interval

90 7.3.14 ip pp rip disconnect interval time no ip pp rip disconnect interval [time] time 30..21474836 ip pp rip send ip pp rip receive on ip pp rip disconnect send interval 3600 # ip pp rip disconnect interval 1800 # ip pp rip disconnect send interval 7.3.15 ip pp rip backup interface switch no ip pp rip backup interface switch on off off on off on off

91 7.3.16 ip interface rip force-to-advertise ip-address/netmask [metric metric] ip pp rip force-to-advertise ip-address/netmask [metric metric] ip tunnel rip force-to-advertise ip-address/netmask [metric metric] no ip interface rip force-to-advertise ip-address/netmask [metric metric] no ip pp rip force-to-advertise ip-address/netmask [metric metric] no ip tunnel rip force-to-advertise ip-address/netmask [metric metric] interface ip-address/netmask metric metric: 1 ip lan1 address 192.168.0.1/24 ip lan2 address 192.168.1.1/24 rip use on rip filter rule with-netmask ip lan1 rip send on version 2 ip lan1 rip receive on version 2 ip filter 1 reject 192.168.1.0/24 ip filter 100 pass * ip lan1 rip filter out 1 100 ip lan1 rip force-to-advertise 192.168.1.28/30 ip lan1 rip force-to-advertise 192.168.1.100/32 ip lan1 rip force-to-advertise 192.168.1.101/32 7.3.17 rip filter rule rule no rip filter rule [rule] rule address-only with-netmask RIP1 RIP1 address-only 7.3.18 rip timer update [invalid [holddown]] no rip timer [update] update invalid holddown update invalid holddown

92 update invalid update update holddown update ip pp rip connect/disconnect interval ip pp rip connect/disconnect interval update invalid holddown ip pp rip connect/disconnect interval update invalid holddown...rip timer rip timer update invalid update holddown update 7.4 7.4.1 ip interface vrrp vrid ip_address [priority=priority] [preempt=preempt] [auth=auth] [advertise-interval=time1] [down-interval=time2] no ip interface vrrp vrid [vrid...] interface vrid 1..255 ip_address priority 1..254 preempt on off auth time1 time2 auth time1 time2 priority preempt 255 priority=100 preempt=on auth= time1=1 time2=3 7.4.2 ip interface vrrp shutdown trigger vrid interface ip interface vrrp shutdown trigger vrid pp peer_num [dlci=dlci] ip interface vrrp shutdown trigger vrid route network [nexthop] no ip interface vrrp shutdown trigger vrid interface no ip interface vrrp shutdown trigger vrid pp peer_num [...] no ip interface vrrp shutdown trigger vrid route network interface vrid 1..255 peer_num

93 dlci network default nexthop lan keepalive pp dlci=dlci pp keepalive use route nexthop nexthop 7.5 7.5.1 pp backup none pp backup pp peer_num [ipsec-fast-recovery=action] pp backup interface ip_address pp backup tunnel tunnel_num no pp backup none peer_num action on off interface ip_address tunnel_num pp always-on pp always-on pp keepalive uselcp-echo none ipsec-fast-recovery=off

94 7.5.2 pp backup recovery time time no pp backup recovery time [time] time 1..21474836 off off 7.5.3 lan backup interface none lan backup interface pp peer_num lan backup interface backup_interface ip_address lan backup interface tunnel tunnel_num no lan backup interface none interface peer_num backup_interface ip_address tunnel_num lan keepalive use none 7.5.4 lan backup recovery time interface time no lan backup recovery time interface [time] interface time 1.. 21474836 off off

95 7.5.5 lan keepalive use interface icmp-echo dest_ip [option=value...] [dest_ip [option=value...]...] lan keepalive use interface arp dest_ip [dest_ip...] lan keepalive use interface icmp-echo dest_ip [option=value...] [dest_ip [option=value...]...] arp dest_ip [dest_ip...] lan keepalive use interface off no lan keepalive use interface [...] interface dest_ip option = value option value upwait 1..10000 1..10000 length 64-1500 icmp-echo arp downwait lan keepalive interval lan keepalive interval downwait upwait length 7.5.6 lan keepalive interval interface interval [count] no lan keepalive interval interface interface interval 1.. 65535 count 3..100 count interval = 30 count = 6 7.5.7 lan keepalive log interface log no lan keepalive log interface interface log on off off

96 7.5.8 ip keepalive num kind interval count gateway [gateway...] [option=value...] no ip keepalive num num kind icmp-echo interval 1..65535 count 3..100 gateway interface interface option = value option value log on off upwait 1..1000000 downwait 1..1000000 length (64-1500) ipsec-refresh ipsec-refreshup ipsec-refreshdown gatewayselection-rule log = off upwait = 5 downwait = 5 length = 64 ipsec-refresh ipsec-refresh-up ipsec-refresh-down gateway-selection-rule = head # ip route 172.16.0.0/24 gateway pp 10 keepalive 1 gateway pp 11 weight 0 # ip keepalive 1 icmp-echo 5 5 172.16.0.1 ipsec-refresh-up=3 # ip route 172.16.112.0/24 gateway null keepalive 1 gateway 172.16.0.1 weight 0 # ip route 172.16.224.0/24 gateway 172.16.112.1 keepalive 2 # ip keepalive 1 icmp-echo 5 5 192.168.100.101 # ip keepalive 2 icmp-echo 5 5 172.16.112.1 gateway-selection-rule=normal

97 7.5.9 ip implicit-route preference preference no ip implicit-route preference [preference] preference (1..2147483647) ip route ip implicit-route preference 10000 7.5.10 ip flow timer protocol time no ip flow timer protocol [time] protocol tcp udp icmp slow time (1-21474836) slow tcp = 900 udp = 30 icmp = 30 slow = 30

98 7.6 7.6.1 ip forward filter id order gateway gateway filter filter_id... [ keepalive keepalive_id ] no ip forward filter id order [ gateway gateway [ filter filter_id... ] [ keepalive keepalive_id ] ] id.. 255 order 1.. 255 gateway IP pp tunnel filter_id keepalive_id id order filter_id ip filter ip filter ip filter ip filter gateway keepalive_id ip keepalive ip filter ip interface forward filter 7.6.2 ip interface forward filter id ip pp forward filter id ip tunnel forward filter id ip local forward filter id no ip interface forward filter [id] no ip pp forward filter [id] no ip tunnel forward filter [id] no ip local forward filter [id] interface id ip forward filter 1..255 ip local forward filter

99 8. 8.1 ethernet filter num kind src_mac [dst_mac [offset byte_list]] ethernet filter num kind type [scope] [offset byte_list] no ethernet filter num [kind src_mac [dst_mac [offset byte_list]]] no ethernet filter num [kind dhcp-bind [ offset byte_list]] num 1-100 kind pass-log pass-nolog reject-log reject-nolog src_mac dst_mac src_mac type dhcp-bind dhcp-not-bind scope 1..65535 offset byte_list ethernet lan filter scope

100 scope scope ethernet lan filter 8.2 ethernet interface filter dir list no ethernet interface filter dir [list] interface dir in out list ethernat filter

101 9. 9.1 url filter Id kind keyword [src_addr[/mask]] no url filter id id 1..65535 kind pass, pass-nolog pass-log reject, reject-log reject-nolog keyword src_addr mask src_addr url interface filter 9.2 url interface filter dir list url pp filter dir list url tunnel filter dir list no url interface filter no url pp filter no url tunnel filter interface dir in out list url filter 9.3 url filter port list no url filter port list 80

102 9.4 url filter use switch no url filter use switch on off on 9.5 url filter reject redirect url filter reject redirect url url filter reject off no url filter reject [action] redirect off url action redirect 9.6 url filter log switch no url filter log switch on off on url filter kind pass p pass-nolog reject-nolog on

103 10. 10.1 pp auth username username password [myname myname mypass] [isdn1] [clid [isdn2]] [mscbcp] [ip_address] [ip6_prefix] no pp auth username username [password...] username password myname myname mypass isdn1 clid isdn2 mscbcp ip_address ip6_prefix pp auth myname isdn1 isdn1 clid isdn2 isdn2 isdn2 isdn1 mscbcp isdn callback permit on 10.2 pp auth accept accept accept no pp auth accept [accept] accept pap chap mschap mschap-v2 pp auth myname

104 10.3 pp auth request auth [arrive-only] no pp auth request [auth [arrive-only]] auth pap chap mschap mschap-v2 chap-pap chap-pap arrive-only 10.4 pp auth myname myname password no pp auth myname [myname password] myname password 10.5 pp auth multi connect prohibit prohibit no pp auth multi connect prohibit [prohibit] prohibit on off pp auth username username off

105 10.6 10.6.1 ppp lcp acfc acfc no ppp lcp acfc [acfc] acfc on off on off 10.6.2 ppp lcp magicnumber magicnumber no ppp lcp magicnumber [magicnumber] magicnumber on off on on 10.6.3 ppp lcp mru mru [length] no ppp lcp mru [mru [length]] mru on off length 1280..1792 on on off length 1792 mru = on length = 1792 10.6.4 ppp lcp pfc pfc no ppp lcp pfc [pfc] pfc on off on off

106 10.6.5 ppp lcp restart time no ppp lcp restart [time] time 20..10000 3000 10.6.6 ppp lcp maxterminate count no ppp lcp maxterminate [count] count 1..10 2 10.6.7 ppp lcp maxconfigure count no ppp lcp maxconfigure [count] count 1..10 10 10.6.8 ppp lcp maxfailure count no ppp lcp maxfailure [count] count 1..10 10 10.6.9 ppp lcp silent switch no ppp lcp silent [switch] switch on off off

107 10.7 10.7.1 ppp pap restart time no ppp pap restart [time] time 20..10000 3000 10.7.2 ppp pap maxauthreq count no ppp pap maxauthreq [count] count 1..10 10 10.8 10.8.1 ppp chap restart time no ppp chap restart [time] time 20..10000 3000 10.8.2 ppp chap maxchallenge count no ppp chap maxchallenge [count] count 1..10 10 10.9 10.9.1 ppp ipcp vjc compression no ppp ipcp vjc [compression] compression on off on off

108 10.9.2 ppp ipcp ipaddress negotiation no ppp ipcp ipaddress [negotiation] negotiation on off off 10.9.3 ppp ipcp restart time no ppp ipcp restart [time] time 20..10000 3000 10.9.4 ppp ipcp maxterminate count no ppp ipcp maxterminate [count] count 1..10 2 10.9.5 ppp ipcp maxconfigure count no ppp ipcp maxconfigure [count] count 1..10 10 10.9.6 ppp ipcp maxfailure count no ppp ipcp maxfailure [count] count 1..10 10 10.9.7 wins server server1 [server2] no wins server [server1 [server2]] server1, server2 xxx.xxx.xxx.xxx xxx

109 10.9.8 ppp ipcp msext msext no ppp ipcp msext [msext] msext on off dns server wins server off off 10.9.9 ppp ipcp remote address check sw no ppp ipcp remote address check [sw] sw on off on 10.10 10.10.1 ppp mscbcp restart time no ppp mscbcp restart [time] time 20..10000 1000 10.10.2 ppp mscbcp maxretry count no ppp mscbcp maxretry [count] count 1..30 30

110 10.11 10.11.1 ppp ccp type type no ppp ccp type [type] type stac0 stac cstac mppe-40 mppe-128 mppe-any none type stac stac0 stac0 stac0 stac cstac mppe-40 mppe-128 mppe-any 10.11.2 ppp ccp restart time no ppp ccp restart [time] time 20..10000 3000 10.11.3 ppp ccp maxterminate count no ppp ccp maxterminate [count] count 1..10 2 10.11.4 ppp ccp maxconfigure count no ppp ccp maxconfigure [count] count 1..10 10

111 10.11.5 ppp ccp maxfailure count no ppp ccp maxfailure [count] count 1..10 10 10.12 10.12.1 ppp ipv6cp use use no ppp ipv6cp use [use] use on off on 10.13 10.13.1 ppp mp use use no ppp mp use [use] use on off on off 10.13.2 ppp mp control type no ppp mp control [type] type arrive both call call

112 10.13.3 ppp mp load threshold call_load call_count disc_load disc_count no ppp mp load threshold [call_load call_count disc_load disc_count] call_load 1..100 call_count 1..100 disc_load 0..50 disc_count 1..100 call_load call_count disc_load disc_count call_load = 70 call_count = 1 disc_load = 30 disc_count = 2 10.13.4 ppp mp maxlink number no ppp mp maxlink [number] number 2 10.13.5 ppp mp minlink number no ppp mp minlink [number] number 1 10.13.6 ppp mp timer time no ppp mp timer [time] time 1..21474836 10

113 10.13.7 ppp mp divide divide no ppp mp divide [divide] divide on off off on 10.14 10.14.1 ppp bacp restart time no ppp bacp restart [time] time 20..10000 3000 10.14.2 ppp bacp maxterminate count no ppp bacp maxterminate [count] count 1..10 2 10.14.3 ppp bacp maxconfigure count no ppp bacp maxconfigure [count] count 1..10 10 10.14.4 ppp bacp maxfailure count no ppp bacp maxfailure [count] count 1..10 10

114 10.15 10.15.1 ppp bap restart time no ppp bap restart [time] time 20..10000 1000 10.15.2 ppp bap maxretry count no ppp bap maxretry [count] count 1..30 30 10.16 10.16.1 pppoe use interface no pppoe use interface 10.16.2 pppoe access concentrator name no pppoe access concentrator name 10.16.3 pppoe auto connect switch no pppoe auto connect switch on off on

115 10.16.4 pppoe auto disconnect switch no pppoe auto disconnect switch on off on 10.16.5 pppoe padi maxretry times no pppoe padi maxretry times 1..10 5 10.16.6 pppoe padi restart time no pppoe padi restart time 20..10000 3000 10.16.7 pppoe padr maxretry times no pppoe padr maxretry times 1..10 5 10.16.8 pppoe padr restart time no pppoe padr restart time 20..10000 3000

116 10.16.9 pppoe disconnect time time no pppoe disconnect time time 1..21474836 off off 10.16.10 pppoe service-name name no pppoe service-name name 10.16.11 pppoe tcp mss limit length no pppoe tcp mss limit length 1240..1452 auto off ip interface tcp mss limit auto 10.16.12 pppoe invalid-session forced close sw no pppoe invalid-session forced close sw on off on

117 11. dhcp service show status dhcp dhcp scope dhcp scope dhcp scope bind no dhcp scope bind dhcp scope expire maxexpire show status dhcp dns server dhcp relay server dhcp relay select ip interface address ip interface secondary address ip pp remote address ip pp remote address pool show status dhcpc 11.1 11.1.1 dhcp service type no dhcp service [type] type server relay cold start

118 11.1.2 dhcp server rfc2131 compliant comp dhcp server rfc2131 compliant [except] function [function..] no dhcp server rfc2131 compliant comp on off except function broadcast-nak none-domain-null remain-silent reply-ack use-clientid on off except broadcast-nak none-domain-null remain-silent reply-ack use-clientid cold start on 11.1.3 dhcp duplicate check check1 check2 no dhcp duplicate check check1 1..1000 off check2 1..3000 off check1 = 100 check2 = 500

119 11.1.4 dhcp scope scope_num ip_address-ip_address/netmask [except ex_ip...] [gateway gw_ip] [expire time] [maxexpire time] no dhcp scope scope_num [ip_address-ip_address/netmask [except ex_ip...] [gateway gw_ip] [expire time] [maxexpire time]] scope_num 1..65535 ip_address-ip_address netmask xxx xxx xxx xxx xxx ex_ip gw_ip time 1..2147483647 infinity gateway cold start expire time = 72:00 maxexpire time = 72:00 11.1.5 dhcp scope bind scope_num ip_address [type] id dhcp scope bind scope_num ip_address mac_address dhcp scope bind scope_num ip_address ipcp no dhcp scope bind scope_num ip_address scope_num 1..65535 ip_address xxx type text... 0x00 ethernet... 0x01 id type ethernet type text type mac_address... xx:xx:xx:xx:xx:xx xx ipcp

120 scope_num dhcp scope dhcp delete scope ipcp dhcp server rfc2131 compliant on dhcp server rfc2131 compliant off type type type type dhcp server rfc2131 compliant off dhcp server rfc2131 compliant on A. # dhcp scope bind scope_num ip_address ethernet 00:a0:de:01:23:45 B. # dhcp scope bind scope_num ip_address text client01 C. # dhcp scope bind scope_num ip_address 01 00 a0 de 01 23 45 01 01 01 D. # dhcp scope bind scope_num ip_address 00:a0:de:01:23:45 dhcp server rfc2131 compliant on dhcp scope bind A B C D 1 dhcp server rfc2131 compliant on chaddr show status dhcp dhcp server rfc2131 compliant off dhcp scope bind D dhcp server rfc2131 compliant on dhcp server rfc2131 compliant off dhcp server rfc2131 compliant on

121 11.1.6 dhcp scope lease type scope_num type [fallback=fallback_scope_num] no dhcp scope lease type scope [type...] scope_num, fallback_scope_num 1-65535) type bind-priority bind-only scope_num type bind-priority dhcp scope bind type bind-priority type bind-only dhcp scope bind type bind-only dhcp scope lease type dhcp scope lease type bind-priority dhcp scope lease type bind-only bind-priority

122 11.1.7 dhcp convert lease to bind scope_n [except] [idx [...]] scope_n 1-65535 idx... show status dhcp summary all all except show status dhcp 00:a0:de:01:02:03 ethernet 00:a0:de:01:02:03 1 00:a0:de:01:02:03 2 01 00 a0 de 01 02 03 ethernet 00:a0:de:01:02:03 01 00 a0 de 01 02 03 04 01 00 a0 de 01 02 03 04 01 31 32 33 00 31 32 33

123 11.1.8 dhcp scope option scope_num option=value no dhcp scope option scope_num [option=value] scope_num 1..65535 option router 3 dns 6 hostname 12 domain 15 wins_server 44 value 0..255 0..65535 0..4294967295 on off 1 0 dns server wins server no dhcp scope 11.1.9 dhcp manual lease ip_address [type] id dhcp manual lease ip_address mac_address dhcp manual lease ip_address ipcp ip_address type... Client-Identifier type text... 0x00 ethernet... 0x01 id type text type ethernet type type mac_address ipcp 11.1.10 dhcp manual release ip_address ip_address

124 11.1.11 dhcp relay server host1 [host2 [host3 [host4]]] no dhcp relay server host1..host4 dhcp relay select 11.1.12 dhcp relay select type no dhcp relay select [type] type hash all dhcp relay server all hash 11.1.13 dhcp relay threshold time no dhcp relay threshold [time] time 0..65535 0 11.2 11.2.1 dhcp client hostname interface primary host dhcp client hostname interface secondary host dhcp client hostname pp peer_num host dhcp client hostname pool pool_num host no dhcp client hostname interface primary host no dhcp client hostname interface secondary host no dhcp client hostname pp peer_num host no dhcp client hostname pool pool_num host interface peer_num anonymous pool_num ip pp remote address pool dhcpc ip pp remote address pool dhcpc ip pp remote address pool dhcpc host

125 11.2.2 dns server dhcp interface no dns server dhcp interface dns server dns server select dns server pp 11.2.3 ip interface dhcp lease time time no ip interface dhcp lease time time interface time 1..21474836 11.2.4 ip interface dhcp retry retry interval no ip interface dhcp retry retry interval interface retry 1..100 infinity interval 1..100 retry infinity interval

126 11.2.5 dhcp client client-identifier interface primary type type id dhcp client client-identifier interface secondary type type id dhcp client client-identifier pp peer_num type type id dhcp client client-identifier pool pool_num type type id no dhcp client client-identifier interface primary no dhcp client client-identifier interface secondary no dhcp client client-identifier pp peer_num no dhcp client client-identifier pool pool_num interface type type id peer_num anonymous pool_num ip pp remote address pool dhcpc ip pp remote address pool dhcpc ip pp remote address pool dhcpc type 11.2.6 dhcp client option interface primary option=value dhcp client option interface secondary option=value dhcp client option pp peer_num option=value dhcp client option pool pool_num option=value no dhcp client option interface primary [option=value] no dhcp client option interface secondary [option=value] no dhcp client option pp peer_num [option=value] no dhcp client option pool pool_num [option=value] interface option value peer_num anonymous pool_num... ip pp remote address pool dhcpc ip pp remote address pool dhcpc ip pp remote address pool dhcpc # dhcp client option lan2 primary 50=c0,a8,00,80 # ip lan2 address dhcp

127 12. 12.1 12.1.1 ip icmp echo-reply send send no ip icmp echo-reply send [send] send on off on 12.1.2 ip icmp echo-reply send-only-linkup send no ip icmp echo-reply send-only-linkup [send] send on off off 12.1.3 ip icmp mask-reply send send no ip icmp mask-reply send [send] send on off on 12.1.4 ip icmp parameter-problem send send no ip icmp parameter-problem send [send] send on off off

128 12.1.5 ip icmp redirect send send no ip icmp redirect send [send] send on off on 12.1.6 ip icmp redirect receive action no ip icmp redirect receive [action] action on off off 12.1.7 ip icmp time-exceeded send send no ip icmp time-exceeded send [send] send on off on 12.1.8 ip icmp timestamp-reply send send no ip icmp timestamp-reply send [send] send on off on 12.1.9 ip icmp unreachable send send no ip icmp unreachable send [send] send on off on

129 12.1.10 ip icmp error-decrypted-ipsec send switch no ip icmp error-decrypted-ipsec send [switch] switch on off on 12.1.11 ip icmp log log no ip icmp log [log] log on off off 12.1.12 ip stealth all ip stealth interface interface no ip stealth all interface ip icmp *

130 12.2 12.2.1 ipv6 icmp echo-reply send send no ipv6 icmp echo-reply send send send on off on 12.2.2 ipv6 icmp echo-reply send-only-linkup send no ipv6 icmp echo-reply send-only-linkup send send on off off 12.2.3 ipv6 icmp parameter-problem send send no ipv6 icmp parameter-problem send send send on off off 12.2.4 ipv6 icmp redirect send send no ipv6 icmp redirect send send send on off on 12.2.5 ipv6 icmp redirect receive action no ipv6 icmp redirect receive action action on off off

131 12.2.6 ipv6 icmp time-exceeded send send no ipv6 icmp time-exceeded send send send on off on 12.2.7 ipv6 icmp unreachable send send no ipv6 icmp unreachable send send send on off on 12.2.8 ipv6 icmp log log no ipv6 icmp log log log on off off 12.2.9 ipv6 icmp packet-too-big send send no ipv6 icmp packet-too-big send send send on off on 12.2.10 ipv6 icmp error-decrypted-ipsec send switch no ipv6 icmp error-decrypted-ipsec send [switch] switch on off on

132 12.2.11 ipv6 stealth all ipv6 stealth interface interface no ipv6 stealth all interface ipv6 icmp *

133 13. 13.1 tunnel enable tunnel_num no tunnel enable tunnel_num all 13.2 tunnel disable tunnel_num tunnel_num all 13.3 tunnel encapsulation type no tunnel encapsulation type ipsec ipip pptp tunnel endpoint address ipsec 13.4 ip tunnel address ip_address [/mask] no ip tunnel address [ip_address[/mask]] ip_address mask 13.5 ip tunnel remote address ip_address no ip tunnel remote address [ip_address] ip_address

134 13.6 tunnel endpoint address local remote no tunnel endpoint address local remote local remote local tunnel encapsulation pptp ipip ipsec ike local address ipsec ike remote address

135 14. ipsec ike pre-shared-key ipsec ike remote address show ipsec sa ipsec sa policy ipsec ike duration ipsec-sa ipsec ike duration isakmp-sa ipsec sa delete ipsec refresh sa ipsec auto refresh tunnel select tunnel enable tunnel disable pp enable tunnel enable pp disable tunnel disable pp select tunnel select ipsec transport no ipsec transport ipsec ike remote address ipsec ike remote name ipsec ike remote address any ipsec ike local name ipsec ike remote address ipsec ike local name ipsec ike remote name ipsec ike local name ipsec ike remote name

136 14.1 ipsec use use no ipsec use [use] use on off on 14.2 ipsec ike pre-shared-key gateway_id key ipsec ike pre-shared-key gateway_id text text no ipsec ike pre-shared-key gateway_id [...] gateway_id key text ipsec ike pre-shared-key 1 text himitsu ipsec ike pre-shared-key 8 0xCDEEEDC0CDEDCD 14.3 ipsec auto refresh [gateway_id] switch no ipsec auto refresh [gateway_id] gateway_id switch on off gateway_id gateway_id gateway_id ipsec auto refresh off ipsec auto refresh gateway_id on

137 14.4 ipsec ike negotiate-strictly gateway_id switch no ipsec ike negotiate-strictly gateway_id gateway_id switch on off off on ipsec ike encryption ipsec ike group ipsec ike hash ipsec ike pfs ipsec ike local name off 14.5 ipsec ike always-on gateway_id switch no ipsec ike always-on gateway_id switch on off off 14.6 ipsec ike retry count interval [max_session] no ipsec ike retry [count interval [max_session]] count 1..50 interval 1..100 max_session 1..5 count = 10 interval = 5 max_session = 3

138 14.7 ipsec ike remote name gateway name no ipsec ike remote name gateway [name] gateway name 14.8 ipsec ike remote address gateway_id ip_address no ipsec ike remote address gateway_id [ip_address] gateway_id ip_address any dns server any any 14.9 ipsec ike remote id gateway_id ip_address[/mask] no ipsec ike remote id gateway_id [ip_address[/mask]] gateway_id ip_address mask mask mask 14.10 ipsec ike local name gateway_id name [type] no ipsec ike local name gateway_id [name] gateway_id name type...id fqdn use-fqdn key-id

139 14.11 ipsec ike local address gateway_id ip_address ipsec ike local address gateway_id vrrp interface vrid ipsec ike local address gateway_id ipv6 prefix prefix on interface ipsec ike local address gateway_id ipcp pp pp_num no ipsec ike local address gateway_id [ip_address] gateway_id ip_address interface vrid 1..255 pp_num vrrp ipv6 14.12 ipsec ike local id gateway_id ip_address[/mask] no ipsec ike local id gateway_id [ip_address[/mask]] gateway_id ip_address mask mask mask

140 14.13 ipsec ike keepalive use gateway_id switch ipsec ike keepalive use gateway_id switch heartbeat [interval count [upwait]] ipsec ike keepalive use gateway_id switch icmp-echo ip_address [length=length] [interval count [upwait]] ipsec ike keepalive use gateway_id switch dpd [interval count [upwait]] no ipsec ike keepalive use gateway_id [switch... ] gateway_id switch on off auto ip_address length 64..1500 interval 1..600 count 1..50 upwait 0..1000000 switch auto auto auto length switch = auto length = 64 interval = 10 count = 6 upwait = 0 14.14 ipsec ike keepalive log gateway_id log no ipsec ike keepalive log gateway_id [log] gateway_id log on off on

141 14.15 ipsec ike encryption gateway_id algorithm no ipsec ike encryption gateway_id [algorithm] gateway_id algorithm 3des-cbc des-cbc aes-cbc 3des-cbc # ipsec ike encryption 1 aes-cbc 14.16 ipsec ike queue length length no ipsec ike queue length [length] length 100...200) 200 14.17 ipsec ike group gateway_id group [group] no ipsec ike group gateway_id [group [group]] gateway_id group modp768 modp1024 modp1536 modp2048 modp1024

142 14.18 ipsec ike hash gateway_id algorithm no ipsec ike hash gateway_id [algorithm] gateway_id algorithm md5 sha sha 14.19 ipsec log illegal-spi switch no ipsec log illegal-spi switch on off off 14.20 ipsec ike payload type gateway_id type no ipsec ike payload type gateway_id [type] gateway_id type 2 3 2 14.21 ipsec ike send info gateway_id info no ipsec ike send info gateway_id [info] gateway_id info on off on on

143 14.22 ipsec ike pfs gateway_id pfs no ipsec ike pfs gateway_id [pfs] gateway_id pfs on off off 14.23 ipsec ike xauth myname gateway_id name password no ipsec ike xauth myname gateway_id gateway_id name password 14.24 auth user userid username password no auth user userid [username...] userid username password 14.25 auth user attribute userid attribute=value [attribute=value...] no auth user attribute userid [attribute=value...] userid attribute value attribute value xauth on off xauth-address xauth-dns xauth-wins xauth-filter

144 # auth user group attribute xauth xauth-address xauth-dns xauth-wins xauth-filter 14.26 auth user group groupid userid [userid...] no auth user group groupid groupid 1..500 userid # auth user group 1 100 101 102 # auth user group 1 200-300 # auth user group 1 100 103 105 107-110 113 14.27 auth user group attribute groupid attribute=value [attribute=value...] no auth user group attribute groupid [attribute=value...] groupid 1..500 attribute value attribute value xauth xauth-addresspool xauth-dns xauth-wins xauth-filter on off xauth xauth-address-pool xauth-dns xauth-wins xauth-filter

145 14.28 ipsec ike xauth request gateway_id auth [group_id] no ipsec ike xauth request gateway_id [auth...] gateway_id group_id auth on off group_id group_id off 14.29 ipsec ike mode-cfg address pool pool_id ip_address[/mask] ipsec ike mode-cfg address pool pool_id ip_address-ip_address[/mask] no ipsec ike mode-cfg address pool pool_id [ip_address...] pool_id 1..65535 ip_address ip_address-ip_address mask # ipsec ike mode-cfg address gateway_id... 14.30 ipsec ike mode-cfg address gateway_id pool_id no ipsec ike mode-cfg address gateway_id [pool_id] gateway_id pool_id # auth user attribute userid xauth-address=address[/mask] # auth user group attribute groupid xauth-address-pool=address-address[/mask]

146 14.31 ipsec ike log gateway_id type [type] no ipsec ike log gateway_id [type] gateway_id type message-info payload-info key-info type 14.32 ipsec ike esp-encapsulation gateway_id encap no ipsec ike esp-encapsulation gateway_id gateway_id encap on off off 14.33

147 14.33.1 ipsec ike duration sa gateway_id second [kbytes] [rekey rekey] no ipsec ike duration sa gateway_id [second [kbytes] [rekey rekey]] sa ipsec-sa isakmp-sa gateway_id second 300..691200 kbytes 100..100000 rekey 70% - 90% sa isakmp-sa kbytes second kbytes sa ipsec-sa rekey second rekey rekey second kbytes sa isakmp-sa rekey off ipsec ike restrict-dangling-sa off second : 28800 rekey : 75%

148 14.33.2 ipsec sa policy policy_id gateway_id ah ah_algorithm [local-id=local-id] [remote-id=remote-id] [anti-replay-check=check] ipsec sa policy policy_id gateway_id esp esp_algorithm [ah_algorithm] [anti-replay-check=check] no ipsec sa policy policy_id [gateway_id] policy_id 1..2147483647 gateway_id ah esp ah_algorithm md5-hmac sha-hmac esp_algorithm 3des-cbc des-cbc aes-cbc local-id remote-id check on off check on off local-id remote-id anti-replay-check = on # ipsec sa policy 101 1 esp aes-cbc sha-hmac 14.33.3 ipsec refresh sa ipsec sa delete all

149 14.33.4 ipsec ike restrict-dangling-sa gateway_id action no ipsec ike restrict-dangling-sa gateway_id [action] gateway_id action auto off auto off auto 14.33.5 ipsec ike nat-traversal gateway switch [ keepalive=interval ] no ipsec ike nat-traversal gateway [ switch [ keepalive=interval ] ] gateway switch on off interval off... 30-100000 ipsec ike esp-encapsulation switch = off interval = 300

150 14.33.6 ipsec sa delete id id all show ipsec sa 14.34 14.34.1 ipsec tunnel outer df-bit mode no ipsec tunnel outer df-bit [mode] mode copy set clear copy set clear copy 14.34.2 ipsec tunnel policy_id no ipsec tunnel [policy_id] policy_id 1..2147483647 14.34.3 ipsec ipcomp type type no ipsec ipcomp type [type] type deflate none none

151 14.34.4 tunnel backup none tunnel backup interface ip_address tunnel backup pp peer_num [switch-router=switch1] tunnel backup tunnel tunnel_num [switch-interface=switch2] no tunnel backup interface ip_address peer_num tunnel_num switch1 on off switch2 on off none switch1 = off switch2 = on

152 14.34.5 tunnel template tunnel_num [tunnel_num...] no tunnel template tunnel_num ipsec sa policy ipsec ipsec ike remote name ipsec ike ipsec auto refresh ipsec tunnel ipsec sa policy tunnel enable # show config tunnel tunnel_num expand ipsec sa policy tunnel select 1 ipsec ike ipsec ike remote name

153 14.35 14.35.1 ipsec transport id policy_id [proto [src_port_list [dst_port_list]]] no ipsec transport id [policy_id [proto [src_port_list [dst_port_list]]]] id 1..2147483647 policy_id 1..2147483647 proto src_port_list dst_port_list proto src_port_list dst_port_list # ipsec sa policy 102 192.168.112.25 esp des-cbc sha-hmac # ipsec transport 1 102 tcp * telnet

154 15. 15.1 tunnel encapsulation tunnel endpoint address ppp ccp type 15.1.1 pptp service service no pptp service [service] service on off off pptp service on off 15.1.2 pp bind tunnel_num pp bind tunnel_num-tunnel_num no pp bind tunnel_num tunnel_num tunnel1.. tunnel20 tunnel encapsulation pptp 15.1.3 pptp service type type no pptp service type type type server client server

155 15.1.4 pptp hostname name no pptp hostname name name show status pp N1200 15.1.5 pptp window size size no pptp window size size size 1..128 32 15.1.6 pp auth request auth arrive-only no pp auth request auth auth pap chap mschap mschap-v2 chap-pap 15.1.7 pp auth accept auth auth no pp auth accept auth auth auth pap chap mschap mschap-v2 mschap-v2

156 15.1.8 pptp syslog syslog no pptp syslog syslog syslog on off off 15.2 15.2.1 pptp tunnel disconnect time time no pptp tunnel disconnect time time time 1..21474836 off 60 15.2.2 tunnel endpoint name local_name remote_name no tunnel endpoint name local_name remote_name local_name remote_name tunnel endpoint address 15.2.3 pptp keepalive use use no pptp keepalive use use use on off pptp keepalive interval on

157 15.2.4 pptp keepalive log log no pptp keepalive log log log on off off 15.2.5 pptp keepalive interval interval count no pptp keepalive interval interval count interval 1..65535 count 3..100 interval = 30 count = 6 15.2.6 ppp ccp no-encryption mode no ppp ccp no-encryption mode mode reject accept accept

158 16. snmp trap enable snmp snmp trap host public public snmp host none snmp trap host clear 16.1 snmp host host [ro_community [rw_community]] no snmp host [host] host any none ro_community rw_community any Read-Write Read-Write Read-Only snmp community none 16.2 snmp local address ip_address no snmp local address ip_address ip_address 16.3 snmp community read-only name no snmp community read-only [name] name public

159 16.4 snmp community read-write name no snmp community read-write [name] name 16.5 snmp syscontact name no snmp syscontact [name] name 16.6 snmp syslocation name no snmp syslocation [name] name 16.7 snmp sysname name no snmp sysname [name] name # snmp sysname Biz Box N1200

160 16.8 snmp trap enable snmp trap [trap...] snmp trap enable snmp all no snmp trap enable snmp trap coldstart... warmstart... linkup... linkdown... authenticationfailure all all snmp trap send linkdown snmp trap send linkdown all 16.9 snmp trap send linkdown interface switch snmp trap send linkdown pp peer_num switch snmp trap send linkdown tunnel tunnel_num switch no snmp trap send linkdown interface no snmp trap send linkdown pp peer_num [switch] no snmp trap send linkdown tunnel tunnel_num [switch] interface peer_num tunnel_num switch on off on 16.10 snmp trap community name no snmp trap community [name] name public

161 16.11 snmp trap host host [community] no snmp trap host host [community] host community snmp trap community 16.12 snmp yrifppdisplayatmib2 switch no snmp yrifppdisplayatmib2 switch on off off 16.13 snmp yriftunneldisplayatmib2 switch no snmp yriftunneldisplayatmib2 switch on off off

162 16.14 snmp display ipcp force switch no snmp display ipcp force switch on off ipcp on off 16.15 snmp trap link-updown separate-l2switch-port interface switch no snmp trap link-updown separate-l2switch-port interface [switch] interface lan1 switch on off off

163 17. 17.1 radius auth auth no radius auth [auth] auth on off pp auth username off 17.2 radius account account no radius account [account] account on off off 17.3 radius server ip1 [ip2] no radius server [ip1 [ip2]] ip1 ip2 radius auth server radius account server radius server 17.4 radius auth server ip1 [ip2] no radius auth server [ip1 [ip2]] ip1 ip2 radius server

164 17.5 radius account server ip1 [ip2] no radius account server [ip1 [ip2]] ip1 ip2 radius server 17.6 radius auth port port_num no radius auth port [port_num] port_num 1645 17.7 radius account port port_num no radius account port [port_num] port_num 1646 17.8 radius secret secret no radius secret [secret] secret 17.9 radius retry count time no radius retry [count time] count 1..10 time 20..10000 count = 4 time = 3000

165 18. nat descriptor address inner nat descriptor address outer 18.1 ip interface nat descriptor nat_descriptor_list [reverse nat_descriptor_list] ip pp nat descriptor nat_descriptor_list [reverse nat_descriptor_list] ip tunnel nat descriptor nat_descriptor_list [reverse nat_descriptor_list] no ip interface nat descriptor [nat_descriptor_list [reverse nat_descriptor_list]] no ip pp nat descriptor [nat_descriptor_list [reverse nat_descriptor_list]] no ip tunnel nat descriptor [nat_descriptor_list [reverse nat_descriptor_list]] interface nat_descriptor_list 1..2147483647 reverse 18.2 nat descriptor type nat_descriptor type no nat descriptor type nat_descriptor [type] nat_descriptor 1..2147483647 type none nat masquerade nat-masquerade nat-masquerade none

166 18.3 nat descriptor address outer nat_descriptor outer_ipaddress_list no nat descriptor address outer nat_descriptor [outer_ipaddress_list] nat_descriptor 1..2147483647 outer_ipaddress_list ipcp primary ip interface address secondary ip interface secondary address ipcp primary secondary ipcp 18.4 nat descriptor address inner nat_descriptor inner_ipaddress_list no nat descriptor address inner nat_descriptor [inner_ipaddress_list] nat_descriptor 1..2147483647 inner_ipaddress_list auto auto 18.5 nat descriptor static nat_descriptor id outer_ip=inner_ip [count] no nat descriptor static nat_descriptor id [outer_ip=inner_ip [count]] nat_descriptor 1..2147483647 id 1..2147483647 outer_ip inner_ip count nat descriptor address outer nat descriptor address inner ipcp auto

167 18.6 nat descriptor masquerade rlogin nat_descriptor use no nat descriptor masquerade rlogin nat_descriptor [use] nat_descriptor 1..2147483647 use on off on on off 18.7 nat descriptor masquerade static nat_descriptor id inner_ip protocol [outer_port=]inner_port no nat descriptor masquerade static nat_descriptor id [inner_ip protocol [outer_port=]inner_port] nat_descriptor 1..2147483647 id inner_ip protocol esp tcp udp icmp outer_port inner_port outer_port inner_port outer_port inner_port inner_port outer_port outer_port inner_port 18.8 nat descriptor timer nat_descriptor time nat descriptor timer nat_descriptor protocol=protocol [port=port_range] time nat descriptor timer nat_desciptor tcpfin time2 no nat descriptor timer nat_descriptor [time] no nat descriptor timer nat_descriptor protocol=protocol [port=port_range] [time] no nat descriptor timer nat_desciptor tcpfin [time2] nat_descriptor 1..2147483647 time 30..21474836 time2 1-21474836 protocol port_range TIME... 900 TIME2... 60

168 18.9 nat descriptor masquerade incoming nat_descriptor action [ip_address] no nat descriptor masquerade incoming nat_descriptor nat_descriptor 1..2147483647 action through reject discard forward ip_address action forward ip_address reject 18.10 nat descriptor masquerade port range nat_descriptor port_range1 [port_range2 [port_range3]] no nat descriptor masquerade port range nat_descriptor [port_range1 [port_range2 [port_range3]]] nat_descriptor 1..2147483647 port_range1, port_range2, port_range3 port_range1 port_range1 port_range2 port_range1 port_range2 port_range3 port_range1=60000-64095 port_range2=49152-59999 port_range3=44096-49151 18.11 nat descriptor ftp port nat_descriptor port [port ] no nat descriptor ftp port nat_descriptor [port ] nat_descriptor 1..2147483647 port 1..65535 21 18.12 nat descriptor masquerade unconvertible port nat_descriptor if-possible nat descriptor masquerade unconvertible port nat_descriptor protocol port no nat descriptor masquerade unconvertible port nat_descriptor protocol [port] nat_descriptor 1..2147483647 protocol tcp...tcp udp...udp port if-possible

169 18.13 nat descriptor log switch no nat descriptor log switch on off off 18.14 nat descriptor sip nat_descriptor sip no nat descriptor sip nat_descriptor nat_descriptor 1..2147483647 sip on off on 18.15 nat descriptor masquerade remove df-bit remove no nat descriptor masquerade remove df-bit [remove] remove on off ping on 18.16 nat descriptor masquerade session limit nat_descriptor id limit no nat descriptor masquerade session limit nat_descriptor id nat_descriptor 1..2147483647 id 1 limit 1..20000 limit 20000

170 19. ping traceroute rdate ntpdate telnet dns server dns server 19.1 dns service service no dns service service service recursive off off recursive 19.2 dns server ip_address [ip_address...] no dns server [ip_address...] ip_address dns server dhcp 19.3 dns domain domain_name no dns domain [domain_name] domain_name dns domain.

171 19.4 dns server pp peer_num no dns server pp [peer_num] peer_num dns server dns server dns server pp ppp ipcp msext on dns server dhcp # pp select 2 pp2# ppp ipcp msext on pp2# dns server pp 2 19.5 dns notice order protocol server [server] no dns notice order protocol [server [server]] protocol dhcp msext server none me server dns server none me server dns server me server dhcp me server msext me server 19.6 dns private address spoof spoof no dns private address spoof [spoof] spoof on off on off

172 19.7 dns syslog resolv resolv no dns syslog resolv [resolv] resolv on off off 19.8 dns server select id server [server2] [type] query [original-sender] [restrict pp connection-pp] dns server select id pp peer_num [default-server] [type] query [original-sender] [restrict pp connection-pp] dns server select id dhcp interface [default-server] [type] query [original-sender] [restrict pp connection-pp] dns server select id reject [type] query [original-sender] no dns server select id id server server2 type a ptr mx ns cname any a query type a mx ns cname query example.jp www.example.jp type ptr..query ip_address[/masklen] masklen masklen reject query example example.jp example.com *example.jp original-sender connection-pp peer_num interface default-server...peer_num query dns server reject query restrict pp connection-pp

173 19.9 ip host fqdn value [ttl=ttl] dns static type name value [ttl=ttl] no ip host fqdn [value] no dns static type name [value] type a aaaa ptr mx ns cname name, value... type type name value a aaaa ptr mx ns cname fqdn ttl 1 4294967295 ip host dns static a ptr ttl ttl # ip host pc1.example.jp 133.176.200.1 # dns static ptr 133.176.200.2 pc2.example.jp # dns static cname mail.example.jp mail2.example.jp 19.10 dns srcport port[-port] no dns srcport [port-[port]] port 1..65535 10000-10999 10000-10999 # dns srcport 10000-10999

174 19.11 dns host host [host [...]] no dns host host any lan lann none any 19.12 dns cache use switch no dns cache uset [sw] switch on off switch dns cache max entry switch on 19.13 dns cache max entry num no dns cache max entry [num] num 1...1024 256 dns cache max entry 16

175 20. queue class filter queue interface type 20.1 speed interface speed speed pp speed no speed interface [speed] no speed pp [speed] interface speed speed 'k' ' M' 0

176 20.2 queue class filter num class1 [cos=cos] ip src_addr [dest_addr [protocol [src_port [dest_port]]]] no queue class filter num [class1...] num class1 1..16 precedence cos precedence src_addr xxx.xxx.xxx.xxx xxx dest_addr protocol icmp 1 tcp 6 udp 17 established src_port ftp 20,21 ident 113 ftpdata 20 ntp 123 telnet 23 nntp 119 smtp 25 snmp 161 domain 53 syslog 514 gopher 70 printer 515 finger 79 talk 517 www 80 route 520 pop3 110 uucp 540 sunrpc 111 dest_port class1 cos cos queue interface class filter list # queue class filter 1 4 ip * * udp 5004-5060 * # queue class filter 2 precedence ip 172.16.5.0/24 * tcp * *

177 20.3 queue interface type type queue pp type type no queue interface type [type] no queue pp type [type] interface type fifo priority cbq wfq shaping fifo fifo fifo queue interface length wfq wfq fifo wfq priority queue class filter queue interface class filter list cbq queue interface class property queue class filter queue interface class filter list shaping fifo 20.4 ppp mp interleave [delay] switch no ppp mp interleave [[delay] switch] delay switch on off delay delay delay ppp ccp type none delay = 30 switch = off # queue class filter 1 4 ip VOIP-GATEWAY * * * * # queue class filter 2 3 ip * * icmp * * # queue class filter 3 1 ip * * * * * # pp select 1

178 pp1# pp bind bri2.1 pp1# queue pp type priority pp1# queue class filter list 1 2 3 pp1# isdn remote address call 03-123-4567 pp1# ppp mp use on pp1# ppp mp interleave on pp1# ppp mp maxlink 1 pp1# ppp ccp type none pp1# pp enable 1 20.5 queue interface class filter list filter_list queue pp class filter list filter_list queue tunnel class filter list filter_list no queue interface class filter list [filter_list] no queue pp class filter list [filter_list] no queue tunnel class filter list [filter_list] interface filter_list queue class filter queue interface default class 20.6 queue interface length len1 [len2...lenn] queue pp length len1 [len2...len16] no queue interface length [len1...] no queue pp length [len1...] interface len1..lenn 1..10000 len1..len16 1..10000 200 20 20.7 queue interface default class class queue pp default class class no queue interface default class class no queue pp default class [class] interface class 1..16 2

179 20.8 queue interface class property class bandwidth=bandwidth queue pp class property class bandwidth=bandwidth [parent=parent] [borrow=borrow] [maxburst=maxburst] [minburst=minburst] [packetsize=packetsize] no queue interface class property class [bandwidth=bandwidth...] no queue pp class property class [bandwidth=bandwidth...] interface class 1..16 bandwidth k M parent 0..16 borrow on off maxburst 1..10000 minburst 1..10000 packetsize 1..10000 bandwidth speed queue interface type bandwidth parent/borrow/maxburst/minburst/packetsize queue pp type cbq cbq bandwidth bandwidth parent = 0 borrow = on maxburst = 20 minburst = maxburst / 10 packetsize = 512

180 20.9 queue interface class control class [except ip_address...] [option=value...] no queue interface class control class [except ip_address...] interface class 1..16 ip_address option = value option value forwarding reject, 1..16 watch source destination threshold time infinity, 10..604800 mode forced adaptive winny trigger share masqueradesession notice on off queue interface class property forwarding forwarding forwarding show status qos time mode threshold time threshold time show status qos trigger notice 80 watch = source threshold = 70%,30 time = 600 mode = forced notice = on

181 21. 21.1 cooperation type role sw no cooperation type role [sw] type bandwidth-measuring load-watch role sw server client on off off 21.2 cooperation port port no cooperation port [port] port 59410 21.3 cooperation bandwidth-measuring remote id role address [option=value] no cooperation bandwidth-measuring remote id [role address [option=value]] id 1..100 role server client address option apply 'on' or 'off' port 1-65535 initial-speed (64000-100000000)[bit/s] interval (60..2147483647)[sec] or 'off' retry-interval (60..2147483647)[sec] sensitivity 'high', 'middle' or 'low' syslog 'on' or 'off' interface class limit-rate (1-10000)[%] number (5..100) local-address

182 role client port syslog server any role client apply on speed lan class queue lan class property bandwidth initial-speed interval 'off' retry-interval number sensitivity interface speed lan class queue lan class property bandwidth limit-rate limit-rate apply = on port = 59410 initial-speed = 10000000 interval = 3600 retry-interval=3600 sensitivity = high syslog = off interface class limit-rate number=30 local-address

183 21.4 cooperation load-watch remote id role address [option=value] no cooperation load-watch remote id [role address [option=value]] id 1..100 role server client address option trigger 1-65535 control 1-65535 port 1-65535 syslog 'on' or 'off' apply 'on' or 'off' register 'on' or 'off' register-interval (1..2147483647)[sec] register-time (1..2147483647)[sec] name local-address trigger role client control role server any register=on name local-address port=59410 syslog=off apply=on register=off register-interval=1200 register-time=3600 local-address

184 21.5 cooperation load-watch trigger id point high=high [, count] low=low [, count] [option=vallue] no cooperation load-watch trigger id [point high=high [, count] low=low [, count] [option=vallue]] id 1-100 point cpu load interface receive interface interface overflow interface interface [class] transmit interface class high low count 1-100 3 option interval 1-65535 sec sec syslog on off off high count count low count show environment show status lan syslog # cooperation load-watch trigger 1 cpu load high=80 low=30 # cooperation load-watch trigger 2 lan2 receive high=80m,5 low=50m,1 # cooperation load-watch trigger 3 lan2 overflow high=2,1 low=0,5

185 21.6 cooperation load-watch control id high=high [raise=raise] low=low [lower=lower] [interval=interval] no cooperation load-watch control id [high=high [raise=raise] low=low [lower=lower] [interval=interval]] id 1-100 high raise low lower interval 1-65535 sec 10 sec high low lower high raise high 21.7 cooperation type go id [packet_type] type bandwidth-measuring load-watch id 1-100 packet_type load-watch packet_type

186 22. 22.1 ospf configure refresh 22.2 ospf use use no ospf use [use] use on off off 22.3 ospf preference preference no ospf preference [preference] preference 2000 22.4 ospf router id router-id no ospf router id [router-id] router_id

187 22.5 ospf export from ospf filter filter_num... no ospf export from ospf [filter filter_num...] filter_num ospf export filter 22.6 ospf import from protocol [filter filter_num...] no ospf import from [protocol [filter filter_num...]] protocol static rip bgp filter_num filter_num ospf import filter filter ospf import filter filter metric = 1 type = 2 tag = 1

188 22.7 ospf export filter filter_num [nr] kind ip_address/mask... no ospf export filter filter_num [...] filter_num nr not reject kind include refines equal ip_address/mask ospf export from ip_address/mask nr not reject kind include refines equal not ospf export from not ospf export from ospf filter 1 2 ospf export filter 1 not equal 192.168.1.0/24 ospf export filter 2 not equal 192.168.2.0/24 ospf export from ospf filter 1 ospf export filter 1 not equal 192.168.1.0/24 192.168.2.0/24 ospf export from ospf filter 1 2 3 ospf export filter 1 reject equal 192.168.1.0/24 ospf export filter 2 reject equal 192.168.2.0/24 ospf export filter 3 include 0.0.0.0/0

189 22.8 ospf import filter filter_num [nr] kind ip_address/mask...[parameter...] no ospf import filter filter_num [[not] kind ip_address/mask...[parameter...]] filter_num nr not reject kind include refines equal ip_address/mask parameter metric 0..16777215 type 1..2 tag 0..4294967295 ospf import from filter ip_address mask nr not reject kind include refines equal kind not not equal parameter metric type tag metric = 1 type = 2 tag = 1 not ospf import from not ospf import from static filter 1 2 ospf import filter 1 not equal 192.168.1.0/24 ospf import filter 2 not equal 192.168.2.0/24 ospf import from static filter 1 ospf import filter 1 not equal 192.168.1.0/24 192.168.2.0/24

190 ospf import from static filter 1 2 3 ospf import filter 1 reject equal 192.168.1.0/24 ospf import filter 2 reject equal 192.168.2.0/24 ospf import filter 3 include 0.0.0.0/0 22.9 ospf area area [auth=auth] [stub [cost=cost]] no ospf area area [auth=auth] [stub [cost=cost]] area backbone auth text md5 cost stub cost cost cost cost 22.10 ospf area network area network/mask [restrict] no ospf area network area network/mask [restrict] area backbone network mask restrict 22.11 ospf area stubhost area host [cost cost] no ospf area stubhost area host area backbone host cost

191 22.12 ospf virtual-link router_id area [parameters...] no ospf virtual-link router_id [area [parameters...]] router_id area parameters = router_id area parameters = retransmit-interval transmit-delay hello-interval dead-interval authkey md5key md5-sequencemode second increment hello-interval/dead-interval hello-interval dead-interval router_id, area = retransmit-interval = 5 transmit-delay = 1 hello-interval = 10 dead-interval = 40 authkey = md5key = md5-sequence-mode = second

192 22.13 ip interface ospf area area [parameters...] ip pp ospf area area [parameters...] ip tunnel ospf area area [parameters...] no ip interface ospf area [area [parameters...]] no ip pp ospf area [area [parameters...]] no ip tunnel ospf area [area [parameters...]] interface area backbone parameters = type parameters = broadcast point-to-point type point-to-multipoint non-broadcast passive cost 0.. 65535 COST priority 0.. 255 retransmit-interval transmit-delay hello-interval dead-interval poll-interval authkey md5key md5-sequencemode second increment type cost type loopback loopback-network

193 type type broadcast point-to-point point-to-multipoint non-broadcast non-broadcast non-broadcast ip pp ospf neighbor point-to-multipoint fr inarp ip pp address point-to-multipoint ip pp ospf neighbor point-to-multipoint non-broadcast non-broadcast broadcast point-to-multipoint point-to-point passive passive passive type broadcast ip interface ospf area passive ip interface ospf area ip interface ospf area ospf import hello-interval/dead-interval hello-interval/dead-interval area = type = broadcast = point-to-point = loopback passive = cost = 1 priority = 1 retransmit-interval = 5 transmit-delay = 1 hello-interval= 10 type broadcast = 10 point-to-point = 30 non-broadcast = 30 point-to-multipoint dead-interval = hello-interval poll-interval = 120 authkey = md5key = md5-sequence-mode = second

194 22.14 ip interface ospf neighbor ip_address [eligible] ip pp ospf neighbor ip_address [eligible] ip tunnel ospf neighbor ip_address [eligible] no ip interface ospf neighbor ip_address [eligible] no ip pp ospf neighbor ip_address [eligible] no ip tunnel ospf neighbor ip_address [eligible] interface ip_address eligible 22.15 ospf merge equal cost stub merge no ospf merge equal cost stub merge on off on off on 22.16 ospf log log [log...] no ospf log [log...] log interface neighbor packet

195 23. 23.1 bgp use use no bgp use [use] use on off off 23.2 bgp aggregate ip_address/mask filter filter_num... no bgp aggregate ip_address/mask [filter filter_num... ] ip_address/mask all filter_num 1.. 2147483647 bgp aggregate filter 23.3 bgp aggregate filter filter_num protocol [reject] kind ip_address/mask... no bgp aggregate filter filter_num [protocol [reject] kind ip_address/mask... ] filter_num 1..2147483647 protocol static rip ospf bgp all kind include refines equal ip_address/mask bgp aggregate ip_address/mask kind reject 23.4 bgp autonomous-system as no bgp autonomous-system [as] as 1..65535

196 23.5 bgp router id ip_address no bgp router id [ip_address] ip_address 23.6 bgp preference preference no bgp preference [preference] preference 1..2147483647... 10000... 1000... 2000... 500 500 23.7 bgp export remote_as filter filter_num... bgp export aspath seq "aspath_regexp" filter filter_num... no bgp export remote_as [ filter filter_num... ] no bgp export aspath seq ["aspath_regexp" [ filter filter_num... ]] remote_as 1..65535 seq (1..65535) aspath_regexp filter_num 1..2147483647 remote_as bgp export filter aspath_regexp remote_as aspath_regexp grep aspath_regexp seq aspath_regexp remote_as # bgp export aspath 10 ".*" filter 1 # bgp export aspath 20 "^1[01]00.*" filter 1 # bgp export aspath 30 "2000" filter 1 # bgp export aspath 40 "^3000 3100 3200$" filter 1 # bgp export aspath 50 "{.*}" filter 1

197 23.8 bgp export filter filter_num [reject] kind ip_address/mask... [parameter ] no bgp export filter filter_num [[reject] kind ip_address/mask... [parameter]] filter_num 1..2147483647 kind include refines equal ip_address/mask all parameter = preference 0..255 bgp export ip_address/mask kind reject preference bgp preference preference 0 # bgp export filter 1 include 10.0.0.0/16 172.16.0.0/16 # bgp export filter 2 reject equal 192.168.0.0/24 23.9 bgp import remote_as protocol [from_as] filter filter_num... no bgp import remote_as protocol [from_as] [filter filter_num... ] remote_as 1..65535 protocol static rip ospf bgp aggregate from_as protocol bgp 1..65535 filter_num 1.. 2147483647 bgp import filter 23.10 bgp configure refresh

198 23.11 bgp import filter filter_num [reject] kind ip_address/mask [ parameter] no bgp import filter filter_num [[reject] kind ip_address/mask [parameter]] filter_num 1..2147483647 kind include refines equal ip_address/mask all parameter metric 1..16777215 bgp import ip_address/mask kind reject metric 1 # bgp import filter 1 include 10.0.0.0/16 172.16.0.0/16 # bgp import filter 2 reject equal 192.168.0.0/24 23.12 bgp neighbor neighbor_id remote_as remote_address [parameter... ] no bgp neighbor neighbor_id [remote_as... ] neighbor_id 1...2147483647 remote_as 1..65535 remote_address parameter hold-time off metric 1.. 21474836 passive on off gateway local-address metric bgp import gateway hold-time 180 metric passive off gateway local-address

199 23.13 bgp log log [log] no bgp log [log...] log neighbor packet

200 24. 24.1 24.1.1 ipv6 routing routing no ipv6 routing [routing] routing on off on off on 24.1.2 ipv6 interface mtu mtu ipv6 pp mtu mtu no ipv6 interface mtu mtu no ipv6 pp mtu mtu interface mtu 1280..1500 1500 24.1.3 ipv6 interface tcp mss limit mss ipv6 pp tcp mss limit mss ipv6 tunnel tcp mss limit mss no ipv6 interface tcp mss limit mss no ipv6 pp tcp mss limit mss no ipv6 tunnel tcp mss limit mss interface mss 536.. 1440 auto off auto pppoe tcp mss limit pppoe tcp mss limit off

201 24.1.4 ipv6 rh0 discard switch no ipv6 rh0 discard switch on 24.1.5 ipv6 routing process process no ipv6 routing process sprocess fast 24.2 24.2.1 ipv6 interface address ipv6_address/prefix_len ipv6 interface address auto ipv6 pp address ipv6_address/prefix_len ipv6 pp address auto ipv6 tunnel address ipv6_address/prefix_len ipv6 tunnel address auto no ipv6 interface address ipv6_address/prefix_len no ipv6 interface address auto no ipv6 pp address ipv6_address/prefix_len no ipv6 pp address auto no ipv6 tunnel address ipv6_address/prefix_len no ipv6 tunnel address auto interface ipv6_address prefix_len auto show ipv6 address

202 24.2.2 ipv6 interface prefix ipv6_prefix/prefix_len ipv6 interface prefix auto ipv6 pp prefix ipv6_prefix/prefix_len ipv6 pp prefix auto ipv6 tunnel prefix ipv6_prefix/prefix_len ipv6 tunnel prefix auto no ipv6 interface prefix ipv6_prefix/prefix_len no ipv6 interface prefix auto no ipv6 pp prefix ipv6_prefix/prefix_len no ipv6 pp prefix auto no ipv6 tunnel prefix ipv6_prefix/prefix_len no ipv6 tunnel prefix auto interface ipv6_prefix prefix_len auto ipv6 interface address ipv6 prefix show ipv6 address 24.2.3 ipv6 interface dad retry count count ipv6 pp dad retry count count no ipv6 interface dad retry count [count] no ipv6 pp dad retry count [count] interface count 0..10 1 24.2.4 ipv6 max auto address max no ipv6 max auto address [max] max 16

203 24.2.5 ipv6 source address selection rule rule no ipv6 source address selection rule [rule] rule prefix 24.3 24.3.1 ipv6 prefix prefix_id prefix/prefix_len [preferred_lifetime=time] [valid_lifetime=time] [l_flag=switch] [a_flag=switch] no ipv6 prefix prefix_id prefix_id prefix prefix_len valid_lifetime 60..15552000 preferred_lifetime 60..15552000 time yyyy-mm-dd[,hh:mm[:ss]] yyyy 1980..2079 mm 01..12 dd 01..31 hh 00..23 mm 00..59 ss 00..59 00 l_flag a_flag switch on off ipv6 interface rtadv send time time time on on valid_lifetime = 2592000 preferred_lifetime = 604800 l_flag = on a_flag = on

204 24.3.2 ipv6 interface rtadv send prefix_id [prefix_id...] [option=value...] ipv6 pp rtadv send prefix_id [prefix_id...] [option=value...] no ipv6 interface rtadv send [...] no ipv6 pp rtadv send [...] interface prefix_id option=value m_flag on off o_flag on off max-rtr-adv-interval min-rtr-adv-interval adv-default-lifetime adv-reachable-time mtu ipv6 prefix m_flag o_flag m_flag = off o_flag = off max-rtr-adv-interval = 600 min-rtr-adv-interval = 200 adv-default-lifetime = 1800 adv-reachable-time = 0 mtu=auto 24.4 24.4.1 ipv6 route network gateway gateway [parameter] [gateway gateway [parameter]] no ipv6 route network network default gateway % pp peer_num dlci=dlci dlci=dlci peer_num anonymous pp anonymous name name name tunnel tunnel_num parameter metric metric 1..15 1 hide show ipv6 address

205 24.5 24.5.1 ipv6 rip use use no ipv6 rip use use on off off 24.5.2 ipv6 interface rip send send ipv6 pp rip send send ipv6 tunnel rip send send no ipv6 interface rip send no ipv6 pp rip send no ipv6 tunnel rip send interface send on off on 24.5.3 ipv6 interface rip receive receive ipv6 pp rip receive receive ipv6 tunnel rip receive receive no ipv6 interface rip receive no ipv6 pp rip receive no ipv6 tunnel rip receive interface receive on off on 24.5.4 ipv6 interface rip hop direction hop ipv6 pp rip hop direction hop no ipv6 interface rip hop direction no ipv6 pp rip hop direction direction in out hop 0..15 0

206 24.5.5 ipv6 interface rip trust gateway [except] gateway [gateway... ] ipv6 pp rip trust gateway [except] gateway [gateway... ] no ipv6 interface rip trust gateway no ipv6 pp rip trust gateway interface gateway except except 24.5.6 ipv6 interface rip filter direction filter_list [filter_list...] ipv6 pp rip filter direction filter_list [filter_list...] ipv6 tunnel rip filter direction filter_list [filter_list...] no ipv6 interface rip filter direction no ipv6 pp rip filter direction no ipv6 tunnel rip filter direction interface direction in out filter_list 24.5.7 ipv6 pp rip connect send action no ipv6 pp rip connect send action none interval ipv6 pp rip connect interval update update # ipv6 pp rip connect interval 60 # ipv6 pp rip connect send interval 24.5.8 ipv6 pp rip connect interval time no ipv6 pp rip connect interval time 30..21474836 30 # ipv6 pp rip connect interval 60 # ipv6 pp rip connect send interval

207 24.5.9 ipv6 pp rip disconnect send action no ipv6 pp rip disconnect send action none interval ipv6 pp rip disconnect interval update none # ipv6 pp rip disconnect interval 1800 # ipv6 pp rip disconnect send interval 24.5.10 ipv6 pp rip disconnect interval time no ipv6 pp rip disconnect interval time 30..21474836 3600 # ipv6 pp rip disconnect interval 1800 # ipv6 pp rip disconnect send interval 24.5.11 ipv6 pp rip hold routing hold no ipv6 pp rip hold routing hold on off off

208 24.6 24.6.1 ipv6 filter filter_num pass_reject src_addr[/prefix_len] [dest_addr[/prefix_len] [protocol [src_port_list [dest_port_list]]]] no ipv6 filter filter_num [pass_reject] filter_num 1..21474836 pass_reject ip filter src_addr prefix_len dst_addr src_addr protocol ip filter icmp-nd src_port_list ip filter dst_port_list # pp select 1 # ip pp secure filter in 1 100 # ip pp secure filter out 1 100 # ipv6 filter 1 pass-log * * icmp6 2 # ipv6 filter 100 pass * * 24.6.2 ipv6 interface secure filter direction [filter_list...] [dynamic filter_list] ipv6 pp secure filter direction [filter_list...] [dynamic filter_list] ipv6 tunnel secure filter direction [filter_list...] [dynamic filter_list] no ipv6 interface secure filter direction no ipv6 pp secure filter direction no ipv6 tunnel secure filter direction interface direction in out filter_list dynamic direction in

209 24.6.3 ipv6 filter dynamic dyn_filter_num srcaddr dstaddr protocol [option...] ipv6 filter dynamic dyn_filter_num srcaddr dstaddr filter filter_list [in filter_list] [out filter_list] [option...] no ipv6 filter dynamic dyn_filter_num [srcaddr...] dyn_filter_num 1..21474836 srcaddr dstaddr protocol tcp udp ftp tftp domain www smtp pop3 telnet filter_list ipv6 filter option syslog=switch on off timeout=time time filter in out ipv6 filter filter in out in out ipv6 filter pass/reject filter snmp tcp udp telnet tcp syslog = on timeout = 60

210 24.7 24.7.1 ipv6 interface mld type [option... ] ipv6 pp mld type [option... ] ipv6 tunnel mld type [option... ] no ipv6 interface mld [type [option... ]] no ipv6 pp mld [type [option... ]] no ipv6 tunnel mld [type [option... ]] interface type off router host option version version 1 2 1,2 syslog switch on off robust-variable 1.. 10 type=off version 1,2 syslog off robust-variable 2

211 24.7.2 ipv6 interface mld static group [filter_mode [source...]] ipv6 pp mld static group [filter_mode [source...]] ipv6 tunnel mld static group [filter_mode [source...]] no ipv6 interface mld static group [filter_mode [source...]] no ipv6 pp mld static group [filter_mode [source...]] no ipv6 tunnel mld static group [filter_mode [source...]] interface group filter_mode include exclude source filter_mode source filter_mode include source filter_mode exclude source ipv6 interface mld host filter_mode source 24.8 24.8.1 ipv6 nd ns-trigger-dad on [option=value] ipv6 nd ns-trigger-dad off no ipv6 nd ns-trigger-dad [...] on off option=value option value na-proxy all discard-one-time off na-proxy=all

212 25. mail notify mail template mail server smtp 25.1 mail server name id name no mail server name id [name] id 1..10 name 25.2 mail server smtp id address [port = port] [smtp-auth username password [auth_protocol]] [pop-before-smtp] no mail server smtp id [...] id 1..10 address port 25 username password auth_protocol cram-md5 digest-md5 plain pop-before-smtp smtp-auth smtp-auth pop-before-smtp mail server pop pop-before-smtp mail server pop 25.3 mail server pop id address [port = port] protocol username password no mail server pop id [...] id 1..10 address port 110 Protocol pop3 apop username password

213 25.4 mail server timeout id timeout no mail server timeout id [timeout] id 1..10 timeout 1..600 mail template 25.5 mail template template_id mailserver_id From:from_address To:to_address [Subject:subject] [Date:date] [mime-version:mime_version] [Content-Type:content_type] [notify-log=switch] [notify-wait-time=sec] no mail template template_id [...] template_id 1..10 mailserver_id 1..10 From:from_address To:to_address Subject:subject Date:date MIME-Version:mime_version Content-Type:content_type switch on off from_address to_address subject subject date date content-type subject date mime-version content-type mail template 1 1 From:test@test.com To:test1@test.com,test2@test.com "Subject:Test Mail" notify-log=on mail template 1 2 From:test@test.com To:test1@test.com "Subject:N1200 test" "Date:Mon, 23 Feb 2009 09:54:20 +0900" MIME-Version:1.0 "Content-Type:text/plain; charset=iso-2022-jp"

214 25.6 mail notify id template_id trigger backup if_b [[range_b] if_b...] mail notify id template_id trigger route route [route...] mail notify id template_id trigger filter ethernet if_f dir_f [if_f dir_f [...]] mail notify id template_id trigger status type [type [...]] mail notify id template_id trigger intrusion if_i [range_i] dir_i [if_i [range_i] dir_i [...]] no mail notify id [...] id 1..10 template_id 1..10 if_b pp lann tunnel range_b route if_f dir_f type all interface routing vpn nat firewall config-log if_i lann(n,m, N/M) range_i dir_i in out in/out mail notify status exec pp backup lan backup tunnel backup ip route mail notify status exec ip interface intrusion detection mail notify 1 1 trigger backup pp * lan2 lan3 tunnel 1-10,12 mail notify 2 1 trigger route 192.168.1.0/24 172.16.0.0/16 mail notify 3 1 trigger filter ethernet lan1 in mail notify 4 1 trigger status all mail notify 5 1 trigger intrusion lan1 in/out pp * in tunnel 1-3,5 out

215 26. 26.1 26.1.1 httpd service switch no httpd service switch on off on 26.1.2 httpd host host no httpd host host any lan lan1 lan2 lan3 none ip_address-ip_address lan 26.1.3 httpd timeout time no httpd timeout [time] time 1..180 5 26.1.4 httpd listen port no httpd listen port 1..65535 80

216 26.1.5 pp name name tunnel name name no pp name no tunnel name name

217 27. 27.1 upnp use use no upnp use use on off off 27.2 upnp external address refer interface upnp external address refer pp peer_num upnp external address refer default no upnp external address refer [interface] no upnp external address refer pp [peer_num] interface default peer_num anonymous default 27.3 upnp port mapping timer type type no upnp port mapping timer type type normal arp arp normal upnp port mapping timer arp arp normal arp 27.4 upnp port mapping timer time no upnp port mapping timer time 600..21474836 off upnp port mapping timer type off 3600

218 27.5 upnp syslog syslog no upnp syslog syslog on off off

219 28. 28.1 usbhost use switch no usbhost use [switch] switch on off on

220 29. 29.1 schedule at id [date] time * command... schedule at id [date] time pp peer_num command... schedule at id [date] time tunnel tunnel_num command... no scudule at id [[date]...] id date 1,2 1 2-1,2 2-7 2- -7 2-7 * -7 mon sat,sun mon-fri -fri * time 0..23 0..59 startup usb-attached peer_num anonymous tunnel_num command time command pp select tunnel select schedule at id administrator administrator password cold start console info console prompt console date exit help http revision-up go interface reset less login password login timer ping ping6 pp select quit remote setup save schedule at show telnet time timezone traceroute traceroute6 tunnel select copy exec command schedule at date startup # schedule at 1 */mon-fri 8:00 pp 1 isdn auto connect on # schedule at 2 */mon-fri 17:00 pp 1 isdn auto connect off # schedule at 3 */mon-fri 17:05 * disconnect 1 # schedule at 1 *:00 pp 1 isdn auto connect on # schedule at 2 *:15 pp 1 isdn auto connect off # schedule at 3 *:15 * disconnect 1 # schedule at 1 1/1 0:0 * ip route NETWORK gateway pp 2

221 30. 30.1 vlan interface/sub_interface 802.1q vid=vid name=name no vlan interface/sub_interface 802.1q interface sub_interface vid name lan type 30.2 vlan port mapping sw_port vlan_interface no vlan port mapping sw_port [vlan_interface...] sw_port vlan_interface lan type # vlan port mapping lan1.3 vlan7 # vlan port mapping lan1.4 vlan7

222 31. 31.1 heartbeat pre-shared-key key no heartbeat pre-shared-key key 31.2 heartbeat receive switch [option=value...] no heartbeat receive [switch] switch on off option value option value log on off monitor (30..21474836) off heartbeat pre-shared-key switch.. off log=off monitor=off 31.3 heartbeat send dest_addr [log=switch] dest_addr switch on off dest_addr heartbeat pre-shared-key log=off

223 32. ntpdate 32.1 sntpd service switch no sntpd service switch on off on 32.2 sntpd host host no sntpd host host any lan lan1 lan2 lan3 none IP_ADDRESS - IP_ADDRESS lan

224 33. execute batch 33.1 sd use switch no sd use [switch] switch on off on

225 33.2 external-memory statistics filename prefix prefix [term] [crypto password] no external-memory statistics filename prefix [prefix [term] [crypto password]] prefix usb1:filename sd1:filename term monthly daily crypto aes128 aes256 password crypto password prefix_type[_id]_yyyymm[dd].ext prefix type cpu memory flow route nat filter traffic qos id... id id yyyy mm dd dd ext csv rtfg term... monthly

226 33.3 external-memory syslog filename name [crypto password] no external-memory syslog filename [name] name usb1:filename filename sd1:filename filename crypto aes128 aes256 password filename filename filename crypto password 33.4 operation external-memory download permit switch no operation external-memory download permit [switch] switch on off on 33.5 external-memory boot permit switch no external-memory boot permit [switch] switch on off external-memory config filename external-memory exec filename on

227 33.6 external-memory exec filename from [to] external-memory exec filename off no external-memory exec filename [from] [to] no external-memory exec filename [off] from usb1:filename filename sd1:filename filename *:filename filename to num 0,1 0 filename external-memory auto-search time *:n1200.bin 0 # external-memory exec filename sd1:n1200.bin # external-memory exec filename sd1:/test/n1200.bin

228 33.7 external-memory config filename from[,from] [to] [password] external-memory config filename off no external-memory config filename [from] [to] [password] no external-memory config filename [off] from usb1:filename filename sd1:filename filename *:filename filename to num 0..4 0 password ) filename external-memory auto-search time *:config.rtfg,*:config.txt 0 # external-memory config filename sd1:config.txt # external-memory config filename sd1:/test/config.txt 33.8 external-memory auto-search time time no external-memory auto-search time [time] time 1..600 300

229 33.9 execute batch external-memory batch filename 33.10 external-memory batch filename batchfile [logfile] no external-memory batch filename [batchfile [logfile]] batchfile usb1:filename sd1:filename *:filename logfile filename filename filename logfile batchfile... *:command.txt logfile... command-log.txt # external-memory batch filename sd1:command_test.txt # external-memory batch filename sd1:/test/command_test.txt 33.11 operation button function download function no operation button function download [function] function http revision-up execute batch http revision-up 33.12 operation execute batch permit permit no operation execute batch permit [permit] permit on off off

230 34. show config show config N show log http upload 34.1 http upload type [config_no] [directory/] filename no http upload [..] type config_no...0-4.2 directory filename 34.2 http upload url url no http upload url [url] url 34.3 http upload permit switch no http upload permit [switch] switch on off off

231 34.4 http upload timeout time no http upload timeout [time] time... 1-180 30 34.5 http upload retry interval interval count no http upload retry interval [..] interval... 1-60 count... 1-10 interval=30 count=5 34.6 http upload proxy proxy [port] no http upload proxy [..] proxy port... 1-65535 80 34.7 http upload go http upload retry interval alarm http upload schedule at http upload retry interval 34.8 alarm http upload switch no alarm http upload [switch] switch on off on

232 35. 35.1 pp select peer_num no pp select peer_num none anonymous console prompt none no pp select pp select none 35.2 tunnel select tunnel_num no tunnel select tunnel_num none no tunnel select tunnel select none 35.3 35.3.1 administrator 35.3.2 quit quit save exit exit save save

233 35.3.3 save [filename [comment]] filename usb1:filename filename sd1:filename filename comment 35.3.4 copy config from to copy config from to crypto [password] copy config from to [password] from 0..4.2 filename filename filename filename filename filename to 0..4 filename filename filename filename crypto aes128 aes256 password save filename filename filename external-memory auto-search time

234 35.3.5 copy exec from to from filename filename filename filename filename filename to filename filename external-memory auto-search time 35.3.6 delete config filename filename 35.3.7 delete exec filename filename 35.3.8 set-default-config filename filename 35.3.9 set-default-exec filename filename

235 35.3.10 cold start 35.3.11 remote setup interface [number [/sub_address]] [type] remote setup interface dlci=dlci interface number sub_address dlci type number sub_address 35.3.12 remote setup accept isdn_num[/sub_address] [isdn_num_list] remote setup accept any remote setup accept none no remote setup accept isdn_num sub_address isdn_num_list any none any 35.4 35.4.1 clear account clear account interface clear account pp [peer_num] interface peer_num

236 35.4.2 clear arp 35.4.3 clear ip dynamic routing 35.4.4 clear log 35.4.5 clear inarp on 35.4.6 clear dns cache 35.4.7 clear nat descriptor dynamic nat_descriptor nat_descriptor 1..2147483647 all 35.4.8 clear nat descriptor interface dynamic interface clear nat descriptor interface dynamic pp [peer_num] clear nat descriptor interface dynamic tunnel [tunnel_num] interface peer_num anonymous tunnel_num

237 35.4.9 clear ipv6 dynamic routing 35.4.10 clear ipv6 neighbor cache 35.5 35.5.1 pp enable peer_num no pp enable peer_num peer_num anonymous all 35.5.2 pp disable peer_num peer_num anonymous all 35.5.3 restart restart binary restart binary config restart config_name binary config config_name

238 35.5.4 interface reset interface [interface...] interface line type interface reset pp line type pp bind 35.5.5 interface reset pp [peer_num] peer_num anonymous 35.5.6 connect peer_num peer_num 35.5.7 disconnect peer_num peer_num all anonymous anonymous1..)

239 35.5.8 ping [-s datalen] [-c count] [-sa ip_address] [-w wait] host datalen 64.. 65535 count 1..21474836 ip_address xxx.xxx.xxx.xxx xxx wait 0.1..99.9 host xxx.xxx.xxx.xxx xxx count 35.5.9 ping6 destination [count] ping6 destination%scope_id [count] ping6 destination interface [count] ping6 destination pp peer_num [count] ping6 destination tunnel tunnel_num [count] destination scope_id interface peer_num tunnel_num count 1..21474836 show ipv6 address 35.5.10 traceroute host [noresolv] host xxx.xxx.xxx.xxx xxx noresolv 35.5.11 traceroute6 destination destination 35.5.12 nslookup host host

240 35.5.13 disconnect ip connection session_id [channel_id] session_id channel_id 35.5.14 telnet host [port [mode [negotiation [abort]]]] host port mode character line auto...port character/line auto negotiation on off auto...port on off auto abort 29(^]) port = 23 mode = auto negotiation = auto abort = 29 35.5.15 disconnect ipv6 connection session_id [channel_id] session_id channel_id

241 35.5.16 clear switching-hub macaddress [interface] interface lan type macaddress-aging off macaddress-aging on 35.5.17 wol send [-i interval] [-c count] interface mac_address [ip_address [udp port]] wol send [-i interval] [-c count] interface mac_address ethernet type interval count interface mac_address ip_address port type 1501..65535 i c interval = 1 count = 4

242 35.5.18 http revision-up go [no-confirm [prompt]] no-confirm prompt "no-confirm" "prompt" http revision-up permit http revision-down permit 35.5.19 clear url filter clear url filter [interface] clear url filter pp [perr_num] clear url filter tunnel [tunnel_num] interface peer_num tunnel_num 35.5.20 mail notify status exec id id 1..10

243 36. 36.1 show environment 36.2 show config show config filename less config less config filename filename 0..4.2 36.3 show config pp [peer_num] less config pp [peer_num] peer_num anonymous show config less config 36.4 show config tunnel [tunnel_num] [expand] less config tunnel [tunnel_num] [expand] tunnel_num show config less config expand tunnel template 36.5 show config list less config list

244 36.6 show file list location less file list location location internal 36.7 show ipv6 address [interface] show ipv6 address pp [peer_num] show ipv6 address tunnel [tunnel_num] interface peer_num tunnel_num 36.8 show sshd public key 36.9 show ip secure filter interface [dir] show ip secure filter pp [peer_num] [dir] show ip secure filter tunnel [tunnel_num] [dir] interface dir 36.10 show exec list less exec list

245 37. 37.1 show arp [interface[/sub_interface]] interface sub_interface... 1-8 37.2 show status interface interface 37.3 show status pp [peer_num] peer_num 37.4 show dlci [peer_num] peer_num

246 37.5 show ip route [destination] show ip route detail show ip route summary destination detail summary detail summary 37.6 show ip rip table 37.7 show ipv6 route show ipv6 route detail show ipv6 route summary detail summary detail summary 37.8 show ipv6 rip table

247 37.9 show ipv6 neighbor cache 37.10 show ipsec sa [id] show ipsec sa gateway [gateway_id] [detail] id gateway_id detail id 37.11 show status vrrp [interface [vrid]] interface vrid 1..255 37.12 show nat descriptor address [nat_descriptor] nat_descriptor 1..2147483647 all nat_descriptor show nat descriptor masquerade port summary 37.13 show nat descriptor interface bind interface show nat descriptor interface bind pp show nat descriptor interface bind tunnel interface

248 37.14 show nat descriptor interface address interface show nat descriptor interface address pp peer_num show nat descriptor interface address tunnel tunnel_num interface peer_num tunnel_num show nat descriptor masquerade port summary 37.15 show nat descriptor masquerade port [nat_descriptor] summary nat_descriptor 1..2147483647 nat_descriptor 37.16 show status pptp 37.17 show status ospf info info database neighbor interface virtual-link 37.18 show status bgp neighbor [ip-address] show status bgp neighbor ip-address route-type ip-address route-type advertised-routes received-routes routes ip-address ip-address route-type advertisedroutes received-routes routes bgp export filter

249 37.19 show status dhcp [summary] [scope_n] summary scope_n 1-65535 37.20 show status dhcpc 37.21 show status backup 37.22 show ip connection show ip connection interface direction show ip connection pp peer_num direction show ip connection tunnel tunnel_num direction show ip connection summary interface peer_num tunnel_num direction in out summary

250 37.23 show ipv6 connection show ipv6 connection interface direction show ipv6 connection pp peer_num direction show ipv6 connection tunnel tunnel_num direction show ipv6 connection summary interface peer_num tunnel_num direction in out summary 37.24 show status ip keepalive 37.25 show ip intrusion detection show ip intrusion detection interface direction show ip intrusion detection pp peer_num direction show ip intrusion detection tunnel tunnel_num direction interface peer_num tunnel_num direction in out ip intrusion detection report 37.26 show status switching-hub macaddress [interface [port]] interface port 1..8 37.27 show status upnp

251 37.28 show status tunnel [tunnel_num] tunnel_num 37.29 show status vlan [interface/sub_interface] interface sub_interface 37.30 show status mail service [template_id] [debug] template_id debug 37.31 show status ipv6 mld 37.32 show status user

252 37.33 show status packet-buffer [group] group small, middle, large, huge # show status packet-buffer large large group: 2048 bytes length parameters: max-buffer=10000 max-free=2812 min-free=62 buffers-in-chunk=625 initial-chunk=4 2372 buffers in free list 128 buffers are allocated, req/succ/fail/rel = 137/137/0/9 4 chunks are allocated, req/succ/fail/rel = 4/4/0/0 37.34 show status qos info [interface [class]] info bandwidth length dcc all interface class 1..16

253 37.35 show status cooperation type [id] type bandwidth-measuring load-watch id 1-100 37.36 show url filter show url filter [interface] show url filter pp [peer_num] show url filter tunnel [tunnel_num] interface peer_num tunnel_num url filter 37.37 show status heartbeat

254 37.38 show status usbhost 37.39 show status remote setup 37.40 show techinfo show show techinfo console columns/lines console character less less less show techinfo less show techinfo 37.41 show status sd 37.42 show status external-memory

255 38. 38.1 show log [reverse] less log [reverse] reverse syslog host 38.2 show account show account interface show account pp [peer_num] interface peer_num anonymous

256 39. 39.1 diagnose config port map interface protocol [src_addr [src_port]] dst_addr interface protocol 0..255 tcp udp icmp gre esp ah src_addr src_port dst_addr interface dst_addr dst_addr src_addr src_port dst_addr dst_addr 39.2 diagnose config port access interface [protocol] dst_addr dst_port interface protocol tcp udp dst_addr dst_port dst_addr/dst_port protocol dst_addr dst_addr

257 39.3 diagnosis config port max-detect num num 100..1000000 2000 39.4 diagnosis config port history-num num num 1..10 3 39.5 show diagnosis config port map 39.6 show diagnosis config port access 39.7 clear diagnosis config port

258 40. 40.1 statistics type sw no statistics type [sw] type cpu memory traffic flow nat route filter qos sw on off off

260