Cisco IOS Terminal Services Command�Reference, Release�12.2
Commands AB through LA
Downloads: This chapterpdf (PDF - 511.0KB) The complete bookPDF (PDF - 2.44MB) | Feedback

Terminal Services Commands

Table Of Contents

Terminal Services Commands

absolute-timeout

access-class (LAT)

arap dedicated

arap enable

arap net-access-list

arap network

arap noguest

arap require-manual-password

arap timelimit

arap warningtime

arap zonelist

async default ip address

autocommand

busy-message

clear entry

connect

flush-at-activation

ip alias

ipx nasi-server enable

keymap

keymap-type

lat

lat access-list

lat enabled

lat group-list

lat host-buffers

lat ka-timer

lat node

lat out-group

lat remote-modification

lat retransmit-limit

lat server-buffers

lat service-announcements

lat service enabled

lat service-group

lat service ident

lat service password

lat service rating

lat service-responder

lat service rotary

lat service-timer

lat vc-sessions

lat vc-timer


Terminal Services Commands


This chapter describes the commands used to configure, connect to, and maintain Cisco IOS terminal services. The commands are listed alphabetically. Some commands required for configuring terminal services may be found in other Cisco IOS command references. Use the command reference master index or search online to find these commands.

For interface configuration tasks and examples, refer to the Cisco IOS Terminal Services Configuration Guide, Release 12.2.

absolute-timeout

To set the interval for closing the connection, use the absolute-timeout command in line configuration mode. To restore the default, use the no form of this command.

absolute-timeout minutes

no absolute-timeout

Syntax Description

minutes

Number of minutes after which the user session will be terminated.


Defaults

No timeout interval is automatically set.

Command Modes

Line configuration

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

Use the absolute-timeout command line configuration command to configure the EXEC to terminate when the configured number of minutes occurs on the virtual terminal (vty) line. The absolute-timeout command terminates the connection after the specified time period has elapsed, regardless of whether the connection is being used at the time of termination. You can specify an absolute-timeout value for each port. The user is given 20 seconds notice before the session is terminated. You can use this command along with the logout-warning command to notify users of an impending logout.

Cisco IOS software also provides the session-timeout and exec-timeout line configuration commands for releasing lines when they have been idle for too long.

You can set the absolute-timeout command and an AppleTalk Remote Access Protocol (ARAP) timeout for the same line; however, this command supersedes any timeouts set in ARAP. Additionally, ARAP users will receive no notice of any impending termination if you use this command.

Examples

The following example sets an interval of 60 minutes on line 5:

line 5
 absolute-timeout 60

Related Commands

Command
Description

exec-timeout

Sets the interval that the EXEC command interpreter waits until user input is detected.

logout-warning

Sets and displays a warning for users about an impending forced timeout.

session-timeout

Sets the interval for closing the connection on a console or terminal line.


access-class (LAT)

To define restrictions on incoming and outgoing connections, use the access-class command in line configuration mode. To remove the access list number, use the no form of this command.

access-class access-list-number {in | out}

no access-class access-list-number

Syntax Description

access-list-number

Specifies an integer from 1 to 199 that defines the access list.

in

Controls which nodes can make local-area transport (LAT) connections into the server.

out

Defines the access checks made on outgoing connections. (A user who types a node name at the system prompt to initiate a LAT connection is making an outgoing connection.)


Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command defines access list numbers that will then be used with the lat access-list command to specify the access conditions.

The value supplied for the access-list-number argument is used for all protocols supported by the Cisco IOS software. If you are already using an IP access list, you must define LAT and possibly X.25 access lists permitting connections to all devices, to emulate the behavior of previous software versions.

When both IP and LAT connections are allowed from a terminal line and an IP access list is applied to that line with the access-class line configuration command, you must also create a LAT access list with the same number if you want to allow any LAT connections from that terminal. You can specify only one incoming and one outgoing access list number for each terminal line.When checking LAT access lists, if the specified list does not exist, the system denies all LAT connections.

Examples

The following example configures an incoming access class on vty line 4:

line vty 4
 access-class 4 in


Related Commands

Command
Description

lat access-list

Specifies access conditions to nodes on the LAT network.


arap dedicated

To configure a line to be used only as an AppleTalk Remote Access (ARA) connection, use the arap dedicated command in line configuration mode. To return the line to interactive mode, use the no form of this command.

arap dedicated

no arap dedicated

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Examples

The following example configures line 3 to be used only for ARA connections:

line 3 
 arap dedicated

arap enable

To enable AppleTalk Remote Access (ARA) for a line, use the arap enable command in line configuration mode. To disable ARA, use the no form of this command.

arap enable

no arap enable

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Examples

The following example enables ARA on a line:

line 3 
 arap enable

Related Commands

Command
Description

appletalk routing

Enables AppleTalk routing.

autoselect

Configures a line to start an ARA, PPP, or SLIP session.


arap net-access-list

To control Apple Macintosh access to networks, use the arap net-access-list command in line configuration mode. To return to the default setting, use the no form of this command.

arap net-access-list net-access-list-number

no arap net-access-list net-access-list-number

Syntax Description

net-access-list-number

One of the list values configured using the AppleTalk access-list cable-range, access-list includes, access-list network, access-list other-access, or access-list within commands.


Defaults

Disabled. The Macintosh has access to all networks.

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

You can use the arap net-access-list command to apply access lists defined by the access-list cable-range, access-list includes, access-list network, access-list other-access, or access-list within commands.

You cannot use the arap net-access-list command to apply access lists defined by the access-list zone or access-list additional-zones commands.

Examples

In the following example, ARA is enabled on line 3 and the Macintosh will have access to the AppleTalk access list numbered 650:

line 3
 arap enable
 arap net-access-list 650

Related Commands

Command
Description

access-list cable-range

Defines an AppleTalk access list for a cable range (for extended networks only).

access-list includes

Defines an AppleTalk access list that overlaps any part of a range of network numbers or cable ranges (for both extended and nonextended networks).

access-list network

Defines an AppleTalk access list for a single network number (that is, for a nonextended network).

access-list other-access

Defines the default action to take for subsequent access checks that apply to networks or cable ranges.

access-list within

Defines an AppleTalk access list for an extended or a nonextended network whose network number or cable range is included entirely within the specified cable range.

arap zonelist

Controls which zones the Apple Macintosh client sees.


arap network

To create a new network or zone and cause it to be advertised, use the arap network command in global configuration mode. To prevent a new network or zone from being advertised, use the no form of this command.

arap network [network-number] [zone-name]

no arap network

Syntax Description

network-number

(Optional) AppleTalk network number. The network number must be unique on your AppleTalk network. This network is where all AppleTalk Remote Access (ARAP) users appear when they dial in to the network.

zone-name

(Optional) AppleTalk zone name.


Defaults

A new network or zone is not created.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This is a required command. ARAP does not run without it in Cisco IOS Release 10.2 and later.

Examples

The following example creates a new zone:

arap network 400 test zone

arap noguest

To prevent Apple Macintosh guests from logging in to the router, use the arap noguest command in line configuration mode. To remove this restriction, use the no form of this command.

arap noguest [if-needed]

no arap noguest

Syntax Description

if-needed

(Optional) Does not authenticate if the user already provided authentication. This allows users to log in as guests if they have already been authenticated through a username or password.


Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

A guest is a person who connects to the network without needing to give a name or a password.


Note You should not use the arap noguest command if you are using modified Common Command Language (CCL) scripts and the login tacacs command.


Examples

The following example prohibits guests from logging in to the router:

line 3
 arap enable
 arap noguest

arap require-manual-password

To require users to enter their password manually at the time they log in, use the arap require-manual-password command in line configuration mode. To disable the manual password-entry requirement, use the no form of this command.

arap require-manual-password

no arap require-manual-password

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

This command only works for AppleTalk Remote Access Protocol (ARAP) 2.0 connections.

Examples

The following example forces users to enter their passwords manually at the time they log in, rather than use a saved password:

arap require-manual-password

Related Commands

Command
Description

enable password

Sets a local password to control access to various privilege levels.

login (line)

Enables password checking at login and defines the method (local or TACACS+).

resume (setting X.3 PAD parameters)

Specifies an IP address, an address from a specific IP address pool, or an address from the DHCP mechanism to be returned to a remote peer connecting to this interface.


arap timelimit

To set the maximum length of an AppleTalk Remote Access (ARA) session for a line, use the arap timelimit command in line configuration mode. To return to the default of unlimited session length, use the no form of this command.

arap timelimit [minutes]

no arap timelimit

Syntax Description

minutes

(Optional) Maximum length of time, in minutes, for a session.


Defaults

Unlimited session length

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

After the specified length of time, the session will be terminated.

Examples

The following example specifies a maximum length of 20 minutes for ARA sessions:

line 3
 arap enable
 arap timelimit 20 

Related Commands

Command
Description

arap warningtime

Sets when a disconnect warning message is displayed.


arap warningtime

To set when a disconnect warning message is displayed, use the arap warningtime command in line configuration mode. To disable this function, use the no form of this command.

arap warningtime [minutes]

no arap warningtime

Syntax Description

minutes

(Optional) Amount of time, in minutes, before the configured session time limit. At the configured amount of time before a session is to be disconnected, the router sends a message to the Apple Macintosh client, which causes a warning message to appear on the user screen.


Defaults

Disabled

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command can only be used if a session time limit has been configured on the line.

Examples

The following example shows a line configured for 20-minute AppleTalk Remote Access (ARA) sessions, with a warning 17 minutes after the session is started:

line 3
 arap enable
 arap dedicated
 arap timelimit 20
 arap warningtime 3 

Related Commands

Command
Description

arap timelimit

Sets the maximum length of an ARA session for a line.


arap zonelist

To control which zones the Apple Macintosh client sees, use the arap zonelist command in line configuration mode. To disable the default setting, use the no form of this command.

arap zonelist zone-access-list-number

no arap zonelist zone-access-list-number

Syntax Description

zone-access-list-number

One of the list values configured using the AppleTalk access-list zone or access-list additional-zones command.


Defaults

Disabled. The Macintosh will see all defined zones.

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

You can use the arap zonelist command to apply access lists defined by the access-list zone and access-list additional-zones commands.

You cannot use the arap zonelist command to apply access lists defined by the access-list network command.

Hiding a zone from users is not the same as preventing them from sending and receiving packets from the networks that make up that zone. For true security, an arap net-access-list command must be issued to prevent traffic to and from those networks.

Examples

The following example enables AppleTalk Remote Access (ARA) on line 3; the Macintosh will see only zones permitted by access list 650.

line 3
 arap enable
 arap zonelist 650

Related Commands

Command
Description

arap net-access-list

Controls Apple Macintosh access to networks.


async default ip address

The async default ip address command is replaced by the peer default ip address command. See the description of the peer default ip address command for more information.

autocommand

To automatically execute a command when a user connects to a particular line, use the autocommand command in line configuration mode. To disable the automatic execution, use the no form of this command.

autocommand command

no autocommand command

Syntax Description

command

Any appropriate EXEC command, including the host name and any switches that occur with the EXEC command.


Defaults

No commands are configured to automatically execute.

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command enables you to automatically execute an EXEC command when a user connects to a line.

Examples

The following example forces an automatic connection to a host named host21 (which could be an IP address):

line vty 4
 autocommand connect host21

busy-message

To create a "host failed" message that displays when a connection fails, use the busy-message command in global configuration mode. To disable the "host failed" message from displaying on the specified host, use the no form of this command.

busy-message host-name d message d

no busy-message host-name

Syntax Description

host-name

Name of the host that cannot be reached.

d

Delimiting character of your choice—a pound sign (#), for example. You cannot use the delimiting character in the message.

message

Message text.


Defaults

No message is displayed.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command applies only to Telnet connections.

Follow the busy-message command with one or more blank spaces and a delimiting character of your choice. Then enter one or more lines of text, terminating the message with the second occurrence of the delimiting character.

Defining a "host failed" message for a host prevents all Cisco IOS software-initiated user messages, including the initial message that indicates the connection is "Trying...." The busy-message command can be used in the autocommand command to suppress these messages.

Examples

The following example sets a message that will be displayed on the terminal whenever an attempt to connect to the host named dross fails. The pound sign (#) is used as a delimiting character.

busy-message dross #
Cannot connect to host. Contact the computer center.
#

clear entry

To delete an entry from the list of queued host-initiated connections, use the clear entry command in EXEC mode.

clear entry number

Syntax Description

number

An entry number obtained from the show entry EXEC command.


Command Modes

EXEC

Command History

Release
Modification

10.0

This command was introduced.


Examples

The following example deletes pending entry number 3 from the queue:

Router# clear entry 3

Related Commands

Command
Description

show entry

Displays the list of queued host-initiated connections to a router.


connect

To log in to a host that supports Telnet, rlogin, or local-area transport (LAT), use the connect command in EXEC mode.

connect host [port] [keyword]

Syntax Description

host

A host name or an IP address.

port

(Optional) A decimal TCP port number; the default is the Telnet router port (decimal 23) on the host.

keyword

(Optional) One of the keywords listed in Table 3.


Command Modes

EXEC

Command History

Release
Modification

10.0

This command was introduced in a release prior to Cisco IOS Release 10.0.

12.1

The /quiet keyword was added.


Usage Guidelines

Table 3 lists the optional connect command keywords.

Table 3 connect Keyword Options 

Option
Description

/debug

Enables Telnet debugging mode.

/encrypt kerberos

Enables an encrypted Telnet session. This keyword is available only if you have the Kerberized Telnet subsystem.

If you authenticate using Kerberos Credentials, the use of this keyword initiates an encryption negotiation with the remote server. If the encryption negotiation fails, the Telnet connection will be reset. If the encryption negotiation is successful, the Telnet connection will be established, and the Telnet session will continue in encrypted mode (all Telnet traffic for the session will be encrypted).

/line

Enables Telnet line mode. In this mode, the Cisco IOS software sends no data to the host until you press the Enter key. You can edit the line using the standard Cisco IOS software command editing characters. The /line keyword is a local switch; the remote router is not notified of the mode change.

/noecho

Disables local echo.

/quiet

Prevents onscreen display of all messages from the Cisco IOS software.

/route path

Specifies loose source routing. The path argument is a list of host names or IP addresses that specify network nodes and ends with the final destination.

/source-interface

Specifies the source interface.

/stream

Turns on stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process Telnet options and can be appropriate for connections to ports running UNIX-to-UNIX Copy Program (UUCP) and other non-Telnet protocols.

port-number

Port number.

bgp

Border Gateway Protocol.

chargen

Character generator.

cmd rcmd

Remote commands.

daytime

Daytime.

discard

Discard.

domain

Domain Naming Service.

echo

Echo.

exec

EXEC.

finger

Finger.

ftp

File Transfer Protocol.

ftp-data

FTP data connections (used infrequently).

gopher

Gopher.

hostname

Host name server.

ident

Ident Protocol.

irc

Internet Relay Chat.

klogin

Kerberos login.

kshell

Kerberos shell.

login

Login (rlogin).

lpd

Printer service.

nntp

Network News Transport Protocol.

node

Connect to a specific LAT node.

pop2

Post Office Protocol v2.

pop3

Post Office Protocol v3.

port

Destination LAT port name.

smtp

Simple Mail Transport Protocol.

sunrpc

Sun Remote Procedure Call.

syslog

Syslog.

tacacs

Specify TACACS security.

talk

Talk.

telnet

Telnet.

time

Time.

uucp

UNIX-to-UNIX Copy Program.

whois

Nickname.

www

World Wide Web.


With the Cisco IOS software implementation of TCP/IP, you are not required to enter the connect, telnet, lat, or rlogin commands to establish a terminal connection. You can enter only the learned host name—as long as the host name is different from a command word in the Cisco IOS software. The Cisco IOS software assigns a logical name to each connection, and several commands use these names to identify connections. The logical name is the same as the host name, unless that name is already in use, or you change the connection name with the name-connection EXEC command. If the name is already in use, the Cisco IOS software assigns a null name to the connection. To display a list of the available hosts, use the show hosts command. To display the status of all TCP connections, use the show tcp command.

Examples

The following example establishes an encrypted Telnet session from a router to a remote host named host1:

Router> connect host1 /encrypt kerberos

The following example routes packets from the source system named host1 to kl.sri.com, then to 10.1.0.11, and finally back to host1:

Router> connect host1 /route:kl.sri.com 10.1.0.11 host1

The following example connects to a host with logical name host1:

Router> host1

The following example suppresses all onscreen messages from the Cisco IOS software during login and logout:

Router> connect host2 /quiet

The following example shows the limited messages displayed when connection is done using the optional /quiet keyword:

login:User2

Password:
         Welcome to OpenVMS VAX version V6.1 on node CRAW
     Last interactive login on Tuesday, 15-DEC-1998 11:01
     Last non-interactive login on Sunday,  3-JAN-1999 22:32

Server3)logout

User2        logged out at  16-FEB-2000 09:38:27.85

Related Commands

Command
Description

kerberos clients mandatory

Causes the rsh, rcp, rlogin, and telnet commands to fail if they cannot negotiate the Kerberos Protocol with the remote server.

l2f ignore-mid-sequence

Specifies a connection to a particular LAT node that offers LAT services.

rlogin

Logs in to a UNIX host using rlogin.

telnet

Logs in to a host that supports Telnet.


flush-at-activation

To discard any data or noise characters that are sitting in the input buffer of the asynchronous line before the line is activated, use the flush-at-activation command in line configuration mode. To keep any data or noise characters that are sitting in the input buffer of the asynchronous line before the line is activated, use the no form of this command.

flush-at-activation

no flush-at-activation

Syntax Description

This command has no keywords or arguments.

Defaults

Enabled by default.

Command Modes

Line configuration

Command History

Release
Modification

11.1(5)

This command was introduced.


Usage Guidelines

For an incoming call on a line configured with modem control (using the modem inout and modem dialin commands), the line will be activated when the data set ready (DSR) signal goes high and will be dropped when the DSR signal goes low. While the line is idle, its input buffer may receive characters; for example, modem result codes such as "NO CARRIER" or "RING" or line noise. Such characters are not useful to the line application. Flushing the line input buffer when the DSR goes high using the flush-at-activation command is the preferred behavior.


Note To know whether the DSR signal is going high or low, use the debug modem command or the show line command. Output of these commands displays the status of DSR signal.


On most Cisco IOS platforms, there may be up to a one-second delay between when the DSR signal goes high and Cisco IOS activates the line. Therefore, some valid data received from the line may be discarded when you issue the flush-at-activation command. If it is important to process this valid data rather than discarding it and the application is tolerant of receiving bad data, configure the no flush-at-activation command.

The application that is used determines whether the system can differentiate the valid data from the bad data or the system is tolerant of receiving any data. For example, consider that the application used is TCP over IP over PPP. PPP uses a Frame Check Sequence (FCS) in a data frame format to verify the integrity of the received data. If an invalid data pattern is delivered to a PPP receiver, PPP will discard it as a framing or FCS error. So the bad data will not be delivered to the higher layers. Even if some data is delivered up to IP and TCP, TCP has its own FCS which will reject bad data. Therefore, the application is tolerant of receiving the bad data that the line delivers.

Consider another application where incoming character data received from the line is delivered as TCP payload to a server running a pager application. Unless the pager application has implemented its own protocol to verify data integrity, this bad data may cause the pager not to be delivered, or to deliver bad data within the message payload to the receiving pager. So the bad data should not be delivered as payload to the line.

Where an upper-layer framed protocol such as PPP or Serial Line Internet Protocol (SLIP) is always used (asynchronous mode dedicated), the framed protocol may reach link status more quickly when you issue the no flush-at-activation command. Since the framed protocol discards any erroneous data received, you do not have to use the flush-at-activation command.

If the line application is not tolerant of receiving bad data; for example, when you are using character-mode username/password authentication, always use the flush-at-activation command. Otherwise, the bad data may trigger an application failure.


Note Prior to Cisco IOS Release 12.2, the no flush-at-activation command was the default on AS5000 platforms with modem ISDN channel aggregation (MICA) and NextPort modems. However, from Cisco IOS Release 12.3 and later, there is no longer any significant delay between when the modem link reaches steady state (DSR high) and when the line is activated so you do not need to use the no flush-at-activation command.
The modem state STEADY_STATE is mapped to DSR high and TERMINATING is mapped to DSR low when asynchronous lines are the internal digital modem ports.


Examples

The following example shows how to configure lines 1/0 through 1/59 to flush any data in their input buffers when the lines are activated:

Router(config)# line 1/0 1/59
Router(config-line)# flush-at-activation

Related Commands

Command
Description

activation-character

Defines the charecter entered at a vacant terminal to begin a terminal session.

debug modem

Observes modem line activity on an access server.

modem dialin

Configures a line to enable a modem attached to the router to accept incoming calls only.

modem inout

Configures a line for both incoming and outgoing calls.

show line

Displays parameters of a terminal line.


ip alias

To assign an IP address to the service provided on a TCP port, use the ip alias command in interface configuration mode. To remove the specified address for the router, use the no form of this command.

ip alias ip-address tcp-port

no ip alias ip-address

Syntax Description

ip-address

Specifies the IP address for the service.

tcp-port

Specifies the number of the TCP port.


Defaults

No default behavior or values.

Command Modes

Interface configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

A user attempting to establish a connection is connected to the first free line in a rotary group using the Telnet protocol.

The IP address must be on the same network or subnet as the main address of the terminal server, and must not be used by another host on that network or subnet. Connecting to the IP address has the same effect as connecting to the main address of the router, using the argument tcp-port as the TCP port.

You can use the ip alias command to assign multiple IP addresses to the router. For example, in addition to the primary alias address, you can specify addresses that correspond to lines or rotary groups. Using the ip alias command in this way makes connection to a specific rotary group transparent to the user.

When asynchronous mode is implemented, the Cisco IOS software creates the appropriate IP aliases, which map the asynchronous addresses for the lines to which they are connected. This process is automatic and does not require configuration.

Examples

The following example configures connections to IP address 172.30.42.42 to act identically to connections made to the primary IP address of the server on TCP port 3001. In other words, a user is connected to the first free line on port 1 of the rotary group that uses the Telnet protocol.

ip alias 172.30.42.42 3001

ipx nasi-server enable

To enable NetWare Access Server Interface (NASI) clients to connect to asynchronous devices attached to your router, use the ipx nasi-server enable command in global configuration mode. To prevent NASI clients from connecting through a router, use the no form of this command.

ipx nasi-server enable

no ipx nasi-server enable

Syntax Description

This command has no arguments or keywords.

Defaults

NASI is not enabled.

Command Modes

Global configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

When you issue this command, NASI clients can connect to any port on the router other than the console port to access network resources. When the user on the NASI client uses the Windows or DOS application to connect to the router, a list of available TTY and vty lines appears, beginning with TTY1. The user selects the desired outgoing TTY or vty port.

You can configure TACACS+ security on the router so that after the user selects a tty or vty port, a username and password prompt appear for authentication, authorization, and accounting purposes.

Examples

The following example shows a minimum configuration to enable NASI client dial-in access with TACACS+ authentication:

ipx routing
ipx internal-network ncs001
interface ethernet 0
 ipx network 1 
ipx nasi-server enable
! Enable TACACS+ authentication for NASI clients using the list name swami.
aaa authentication nasi swami tacacs+
line 1 8
 modem inout

Related Commands

Command
Description

aaa authentication nasi

Specifies AAA authentication for NASI clients connecting through the access server.

nasi authentication

Enables AAA authentication for NASI clients connecting to a router.

show ipx nasi connections

Displays the status of NASI connections.

show ipx spx-protocol

Displays the status of the SPX protocol stack and related counters.


keymap

To define specific characteristics of keyboard mappings, use the keymap command in global configuration mode. To remove the named keymap from the current image of the configuration file, use the no form of this command.

keymap keymap-name keymap-entry

no keymap keymap-name

Syntax Description

keymap-name

Name of the file containing the keyboard mappings. The name can be up to 32 characters long and must be unique.

keymap-entry

Commands that define the keymap.


Defaults

VT100 keyboard emulation

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The keymap command maps individual keys on a non-TN3270 keyboard to perform the function defined for the TN3270 keyboard. Use the show keymap EXEC command to test for the availability of a keymap.

Do not use the name default for a ttycap entry filename or the Cisco IOS software will adopt the newly defined entry as the default.

The guidelines for creating a keymap follow.

The Keymap Entry Structure

A keymap is a keyboard map file. A keymap consists of an entry for a keyboard. The first part of a keymap lists the names of the keyboards that use that entry. These names will often be the same as in the ttycaps (terminal emulation) file, and often the terminals from various ttycap entries will use the same keymap entry. For example, both 925 and 925vb (for 925 with visual bells) terminals would probably use the same keymap entry. There are other circumstances in which it is necessary to specify a keyboard name as the name of the entry (for example, if a user requires a custom key layout).

After the names, which are separated by vertical bars (|), comes an open brace ({), the text that forms the definitions, the a close brace (}), as follows:

	ciscodefault{
	clear = '^z';\
	flinp = '^x';\
	enter = '^m';\
	delete = '^d' | '^?';\
	synch = '^r';\
	ebcdic_xx='string'
	reshow = '^v';
	eeof = '^e';\
	tab = '^i';\
	btab = '^b';\
	nl = '^n';\
	left = '^h';\
	right = '^l';\
	up = '^k';\
	down = '^j';\
	einp = '^w';\
	reset = '^t';\
	ferase = '^u';\
	insrt = '\E ';\
	pa1 = '^p1'; pa2 = '^p2'; pa3 = '^p3';\
	pfk1 = '\E1'; pfk2 = '\E2'; pfk3 = '\E3'; pfk4 = '\E4';\
	pfk5 = '\E5'; pfk6 = '\E6'; pfk7 = '\E7'; pfk8 = '\E8';\
	pfk9 = '\E9'; pfk10 = '\E0'; pfk11 = '\E-'; pfk12 = '\E=';\
	pfk13 = '\E!'; pfk14 = '\E@'; pfk15 = '\E#'; pfk16 = '\E$';\
	pfk17 = '\E%'; pfk18 = '\E'; pfk19 = '\E&'; pfk20 = '\E*';\
	pfk21 = '\E('; pfk22 = '\E)'; pfk23 = '\E_'; pfk24 = '\E+';\
}

Each definition consists of a reserved keyword, which identifies the TN3270 function, followed by an equal sign (=), followed by the various ways to generate this particular function, followed by a semicolon (;), as follows:

	pa1 = '^p1'; pa2 = '^p2'; pa3 = '^p3';\

Each alternative way to generate the function is a sequence of ASCII characters enclosed inside single quotes (''); the alternatives are separated by vertical bars (|), as follows:

	delete = '^d' | '^?';\

Inside the single quotes, a few characters are special. A caret (^) specifies that the next character is a control (Ctrl) character. The two-character string caret-a (^a) represents Ctrl-a. The caret-A sequence (^A) generates the same code as caret-a (^a). To generate Delete (or DEL), enter the caret-question mark (^?) sequence.


Note The Ctrl-caret combination (Ctrl-^), used to generate a hexadecimal 1E, is represented as two caret symbols in sequence (^^)—not as a caret-backslash-caret combination (^\^).


In addition to the caret, a letter can be preceded by a backslash (\). Because this sequence has little effect for most characters, its use is usually not recommended. In the case of a single quote ('), the backslash prevents that single quote from terminating the string. In the case of a caret (^), the backslash prevents the caret from having its special meaning. To include the backslash in the string, place two backslashes (\\) in the keymap. Table 4 lists other supported special characters.

Table 4 Special Characters Supported by TN3270 Keymap Capability 

Character
Description

\E

Escape character

\n

Newline

\t

Tab

\r

Carriage return


Each character in a string needs not be enclosed within single quotes. For example, \E\E\E means three escape characters.

To enter a keymap, provide a unique name for it and explicitly define all special keys you intend to include in it within open and close braces. Also, except for the last line, each line must be terminated with a backslash symbol (\). The last line ends with the closing bracket (}) symbol and an end-of-line character.

Keymap Restrictions

When IBM-style TN3270 terminals are emulated, a mapping must be performed between sequences of keys pressed at an ASCII keyboard and the keys available on a TN3270 keyboard. For example, a TN3270 keyboard has a key labeled EEOF that erases the contents of the current field from the location of the cursor to the end. To accomplish this function, the terminal user and a program emulating a TN3270 keyboard must agree on which keys will be typed to invoke the function. The requirements for these sequences follow:

The first character of the sequence must be outside of the standard ASCII printable characters.

No sequence can be a complete subset of another sequence (although sequences can share partial elements).

Following are examples of acceptable keymap entries:

pfk1 = '\E1';
pfk2 = '\E2';

Following are examples of unacceptable keymap entries:

pfk1 = '\E1';
pfk11 = '\E11';

In the acceptable example, the keymap entry for pfk1 is not completely included in the keymap entry for pfk2. By contrast, in the unacceptable, or conflicting keymap pair, the sequence used to represent pfk1 is a complete subset of the sequence used to represent pfk11. See the keymap entry provided later in the Examples section of how various keys can be represented to avoid this kind of conflict.

Table 5 lists TN3270 key names that are supported in this keymap. Note that some of the keys do not exist on a TN3270 keyboard. An unsupported function will cause the Cisco IOS software to send a (possibly visual) bell sequence to the terminal.

Table 5 TN3270 Key Names Supported by Defaults Keymap 

TN3270 Key Name
Functional Description

LPRT

Local print1

DP

Duplicate character

FM

Field mark character

CURSEL

Cursor select

CENTSIGN

EBCDIC cent sign

RESHOW

Redisplay the screen

EINP

Erase input

EEOF

Erase end of field

DELETE

Delete character

INSRT

Toggle insert mode

TAB

Field tab

BTAB

Field back tab

COLTAB

Column tab

COLBAK

Column back tab

INDENT

Indent one tab stop

UNDENT

Undent one tab stop

NL

New line

HOME

Home the cursor

UP

Up cursor

DOWN

Down cursor

RIGHT

Right cursor

LEFT

Left cursor

SETTAB

Set a column tab

DELTAB

Delete a column tab

SETMRG

Set left margin

SETHOM

Set home position

CLRTAB

Clear all column tabs

APLON

Apl on1

APLOFF

Apl off1

APLEND1

Treat input as ASCII

PCON

Xon/xoff on1

PCOFF

Xon/xoff off1

DISC

Disconnect (suspend)1

INIT

New terminal type1

ALTK

Alternate keyboard dvorak1

FLINP

Flush input

ERASE

Erase last character

WERASE

Erase last word1

FERASE

Erase field

SYNCH

In synchronization with the user

RESET

Reset key-unlock keyboard

MASTER_RESET

Reset, unlock, and redisplay

XOFF

Please hold output1

XON

Please give me output1

WORDTAB

Tab to beginning of next word1

WORDBACKTAB

Tab to beginning of current or last word1

WORDEND

Tab to end of current or next word1

FIELDEND

Tab to last nonblank of current or next unprotected (writable) field1

PA1

Program attention 1

PA2

Program attention 2

PA3

Program attention 3

CLEAR

Local clear of the TN3270 screen

TREQ

Test request

ENTER

Enter key

PFK1 to PFK30

Program function key 1 program function key 30

ATTN

Attention

SYSREQ

System request

1 Not supported by the Cisco TN3270 implementation.


Table 6 lists the proper keys used to emulate each TN3270 function when default key mappings are used.

Table 6 Keys Used to Emulate Each TN3270 Function with Defaults Keymap 

Key Types
IBM TN3270 Key
Defaults Keys

Cursor movement keys

New Line

Tab

Back Tab

Back Tab

Cursor Left

Cursor Right

Cursor Up

Cursor Down

Ctrl-n or Home

Ctrl-i

Ctrl-b

Ctrl-b

Ctrl-h

Ctrl-l

Ctrl-k

Ctrl-j or LINE FEED

Edit control keys

Delete Char

Erase EOF

Erase Input

Insert Mode

End Insert

Ctrl-d or RUB

Ctrl-e

Ctrl-w

ESC-Space1

ESC-Space

Program function keys

PF1

PF2

...

PF10

PF11

PF12

PF13

PF14

...

PF24

ESC 1

ESC 2

...

ESC 0

ESC -

ESC =

ESC !

ESC @

...

ESC +

Program attention keys

PA1

PA2

PA3

Ctrl-p 1

Ctrl-p 2

Ctrl-p 3

Local control keys

Reset After Error

Purge Input Buffer

Keyboard Unlock

Redisplay Screen

Ctrl-r

Ctrl-x

Ctrl-t

Ctrl-v

Other keys

Enter

Clear

Erase current field

Return

Ctrl-z

Ctrl-u

1 ESC refers to the Escape key.


Examples

The following example is the default entry used by the TN3270 emulation software when it is unable to locate a valid keymap in the active configuration image. Table 5 lists the key names supported by the default Cisco TN3270 keymap.

	ciscodefault{
	clear = '^z';\
	flinp = '^x';\
	enter = '^m';\
	delete = '^d' | '^?';\
	synch = '^r';\
	reshow = '^v';\
	ebcdic_xx='string'
	eeof = '^e';\
	tab = '^i';\
	btab = '^b';\
	nl = '^n';\
	left = '^h';\
	right = '^l';\
	up = '^k';\
	down = '^j';\
	einp = '^w';\
	reset = '^t';\
	ferase = '^u';\
	insrt = '\E ';\
	pa1 = '^p1'; pa2 = '^p2'; pa3 = '^p3';\
	pfk1 = '\E1'; pfk2 = '\E2'; pfk3 = '\E3'; pfk4 = '\E4';\
	pfk5 = '\E5'; pfk6 = '\E6'; pfk7 = '\E7'; pfk8 = '\E8';\
	pfk9 = '\E9'; pfk10 = '\E0'; pfk11 = '\E-'; pfk12 = '\E=';\
	pfk13 = '\E!'; pfk14 = '\E@'; pfk15 = '\E#'; pfk16 = '\E$';\
	pfk17 = '\E%'; pfk18 = '\E'; pfk19 = '\E&'; pfk20 = '\E*';\
	pfk21 = '\E('; pfk22 = '\E)'; pfk23 = '\E_'; pfk24 = '\E+';\
}

The following keymap statement maps the "|" character to send EBCDIC 0x6A:

ebcdic_6f='|'

Related Commands

Command
Description

keymap-type

Specifies the keyboard map for a terminal connected to the line.

show keymap

Tests the availability of a keymap after a connection on a router takes place.

terminal-type

Specifies the type of terminal connected to a line.


keymap-type

To specify the keyboard map for a terminal connected to the line, use the keymap-type command in line configuration mode. To reset the keyboard type for the line to the default, use the no form of this command.

keymap-type keymap-name

no keymap-type

Syntax Description

keymap-name

Name of a keymap defined within the configuration file of the router. The TN3270 terminal-type negotiations use the specified keymap type when setting up a connection with the remote host.


Defaults

VT100

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command must follow the corresponding keymap global configuration entry in the configuration file. The TN3270 terminal-type negotiations use the specified keymap type when setting up a connection with the remote host.

Setting the keyboard to a different keymap requires that a keymap be defined with the Cisco IOS software configuration either by obtaining a configuration file over the network that includes the keymap definition or by defining the keyboard mapping using the keymap global configuration command.

Use the command show keymap EXEC command to test for the availability of a keymap.

Examples

The following example sets the keyboard mapping to a keymap named vt100map:

line 3
 keymap-type vt100map

Related Commands

Command
Description

show keymap

Tests the availability of a keymap after a connection on a router takes place.

ttycap

Defines characteristics of a terminal emulation file.


lat

To connect to a local-area transport (LAT) host, use the lat command in EXEC mode.

lat name [node nodename | port portname | /debug]

Syntax Description

name

LAT-learned service name.

node nodename

(Optional) Specifies a connection to a particular LAT node that offers a service. If you do not include the node name option, the node with the highest rating offering the service is used. Use the show lat nodes EXEC command to display information about all known LAT nodes.

port portname

(Optional) Specifies a destination LAT port name. This keyword is ignored in most time-sharing systems, but is used by routers and network access servers offering reverse LAT services. Reverse LAT involves connecting to one router from another, so that the target router runs the host portion of the protocol. Enter the port name in the format of the remote system as the portname argument.

/debug

(Optional) Enables a switch to display parameter changes and other special messages.


Command Modes

EXEC

Command History

Release
Modification

11.0

This command was introduced.


Usage Guidelines

After entering the lat command, you can quit the connection by pressing Ctrl-C, or complete the connection by entering the password for a given service.

You can have several concurrent LAT sessions open and switch between them. To open a subsequent session, first enter the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to suspend the current session. Then open a new session.

To list the available LAT services, use the show lat services EXEC command.

You can temporarily define the list of services to which you or another user can connect. To do so, use the terminal lat out-group command to define the group code lists used for connections from specific lines.

To exit a session, simply log off the remote system. Then terminate an active LAT session by entering the exit command.

If your preferred transport is set to lat, you can use the connect command in place of the lat command. Refer to the chapter "Configuring Terminal Operating Characteristics for Dial-In Sessions" in the Cisco IOS Terminal Services Configuration Guide for more information about configuring a preferred transport type. When your preferred transport is set to none or to another protocol, you must use the lat command to connect to a LAT host.

Examples

The following sample command and output shows a LAT connection from the router named Router_A to host eng2:

Router_A> lat eng2
Trying ENG2...Open
         ENG2 - VAX/VMS V5.2
Username: JSmith
Password:
    Welcome to VAX/VMS version V5.2 on node ENG2
    Last interactive login on Friday,  1-APR-1994 19:46

The system informs you of its progress by displaying the messages "Trying <system>..." and then "Open." If the connection attempt is not successful, you receive a failure message.

The following sample command establishes a LAT connection from the router named Router_B to a device named our-modems and specifies port 24, which is a special modem:

Router_B> lat our-modems port 24

The following sample command establishes a LAT connection from the router named Router_C to a device named our-modems and specifies a node named eng:

Router_C> lat our-modems node eng

The following sample command and output shows the LAT session debugging capability:

Router_D> lat Eng2 /debug
Trying ENG2...Open
        ENG2 - VAX/VMS V5.2
 Username: JSmith
 Password:
    Welcome to VAX/VMS version V5.2 on node ENG2
    Last interactive login on Tuesday, 5-APR-1994 19:02
[Set Flow out off, Flow in on, Format 8:none, Speed 9600/9600]
[Set Flow out off, Flow in on, Format 8:none, Speed 9600/9600]
$ set ter/speed=2400
[Set Flow out off, Flow in on, Format 8:none, Speed 2400/2400]

A variety of LAT events are reported, including all requests by the remote system to set local line parameters. The messages within brackets ([ ]) are the messages produced by the remote system setting line characteristics to operating system defaults.

Related Commands

Command
Description

ip alias

Assigns an IP address to the service provided on a TCP port.

show lat services

Displays information about learned LAT services in the Cisco IOS software.


lat access-list

To specify access conditions to nodes on the local-area transport (LAT) network, use the lat access-list command in global configuration mode. To remove a specified access list number, use the no form of this command.

lat access-list number {permit | deny} nodename

no lat access-list number

Syntax Description

number

Specifies a number from 1 to 199 assigned to the line using the access-class line configuration command.

permit

Allows any matching node name to access the line.

deny

Denies access to any matching node name.

nodename

Specifies the name of the LAT node, with or without regular expression pattern matching characters, with which to compare for access. The UNIX-style regular expression characters allow for pattern matching of characters and character strings in the node name.


Defaults

No access conditions are defined.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Regular expressions are case sensitive. Because LAT node names are always in all uppercase letters, make sure you use only all uppercase regular expressions.

Table 7 and Table 8 list pattern and character matching symbols and their use. A more complete description of the pattern matching characters is found in the "Regular Expressions" appendix in the Cisco IOS Terminal Services Configuration Guide.

Table 7 Pattern Matching

Character
Description

\0

Replaces the entire original address.

\1..9

Replaces the strings that match the first through ninth parenthesized part of X.121 address.

*

Matches 0 or more sequences of the regular expressions.

+

Matches 1 or more sequences of the regular expressions.

?

Matches the regular expression of the null string.


Table 8 Character Matching

Character
Description

^

Matches the null string at the beginning of the input string.

$

Matches the null string at the end of the input string.

\char

Matches char.

.

Matches any single character.


Examples

The following example permits all packets destined for any LAT node named WHEEL:

lat access-list 1 permit WHEEL

The following example denies all packets destined for any LAT node name beginning with the BLDG1- prefix:

lat access-list 2 deny ^BLDG1-

Related Commands

Command
Description

accept dialin

Defines access list restrictions on incoming and outgoing connections.


lat enabled

To enable local-area transport (LAT), use the lat enabled command in interface configuration mode. To disable LAT, use the no form of this command.

lat enabled

no lat enabled

Syntax Description

This command has no arguments or keywords.

Defaults

Enabled

Command Modes

Interface configuration

Command History

Release
Modification

10.0

This command was introduced.


Examples

The following example enables LAT on Ethernet interface 0:

interface ethernet 0
 lat enabled

The following example disables LAT on the same Ethernet interface:

interface ethernet 0
 no lat enabled

lat group-list

To allow a name to be assigned to the group list, use the lat group-list command in global configuration mode. To remove the specified group list, use the no form of this command.

lat group-list groupname {number | range | all} [enabled | disabled]

no lat group-list groupname {number | range | all} [enabled | disabled]

Syntax Description

groupname

Specifies a group code name.

number

Specifies a group code number. You can enter both a group code name and group code numbers.

range

Specifies a hyphenated range of numbers.

all

Specifies the range from 0 to 255.

enabled

(Optional) Allows incremental changes to the list; that is, you can add a group code without retyping the entire command.

disabled

(Optional) Allows selective removal of a group code from the list.


Defaults

None. A group list is any combination of group names, numbers, or ranges. No group names are assigned to the list by default.

Command Modes

Global configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

Specifying a name for a group list simplifies the task of entering individual group codes. In other words, a name makes it easier to refer to a long list of group code numbers. The group list must already exist. Use the show lat groups EXEC command to see a list of existing groups.

Examples

The following example creates the new group named stockroom and defines it to include the group numbers 71 and 99:

lat group-list stockroom 71 99

The following example adds group code 101 to the group named stockroom:

lat group-list stockroom 101 enabled

The following example deletes the group named Bldg-2:

no lat group-list Bldg-2

Related Commands

Command
Description

lat out-group

Defines a group list for the outgoing user-initiated connections for a line.

lat service-group

Specifies a group code mask to use when advertising all services for this node and to control incoming services.

show lat groups

Displays the groups that were defined in the Cisco IOS software.


lat host-buffers

To set the number of receive buffers that will be negotiated when the router is acting as a local-area transport (LAT) host, use the lat host-buffers command in global configuration mode. To return to the default of one receive buffer, use the no form of this command.

lat host-buffers receive-buffers

no lat host-buffers receive-buffers

Syntax Description

receive-buffers

Integer from 1 to 128 that specifies the number of receive buffers that will be negotiated.


Defaults

One receive buffer

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Before LAT Version 5.2, LAT allowed only one outstanding message at a time on a virtual circuit. This restriction could limit the performance of large routers. For example, only one Ethernet packet of data could be in transit at a time. With LAT Version 5.2, nodes can indicate that they are willing to receive more than one message at a time. During virtual circuit startup, each side communicates to the other how many outstanding messages it is willing to accept.

Examples

The following example enables LAT and configures the LAT host to negotiate 100 receive buffers:

lat enabled
lat host-buffers 100

Related Commands

Command
Description

lat server-buffers

Sets the number of receive buffers that will be negotiated when the router is acting as a LAT server.


lat ka-timer

To set the rate of the keepalive timer, use the lat ka-timer command in global configuration mode. To restore the default, use the no form of this command.

lat ka-timer seconds

no lat ka-timer

Syntax Description

seconds

Timer rate, in seconds.


Defaults

20 seconds

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The keepalive timer sets the rate that messages are sent in the absence of actual traffic between the router and the remote node. The server uses keepalive messages to detect when communication with a remote node is disrupted or when the remote node has crashed.

Examples

The following example sets the keepalive timer rate to 5 seconds:

lat ka-timer 5

lat node

To change the local-area transport (LAT) node name without changing the system host name, use the lat node command in global configuration mode.

lat node node-name

Syntax Description

node-name

Name of the LAT node.


Defaults

No default LAT node name

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

This command allows you to give the server a node name that is different from the host name. Use the show entry EXEC command to determine which LAT hosts have queue entries for printers on the servers. Use the clear entry EXEC command to delete entries from the queue.

Examples

The following example specifies the LAT node name as DEC2:

lat node DEC2

Related Commands

Command
Description

hostname

Specifies or modifies the host name for the network server.

show entry

Displays the list of queued host-initiated connections to a router.


lat out-group

To define a group list for outgoing user-initiated connections on a line, use the lat out-group command in line configuration mode. To return to the default value, use the lat out-group 0 command.

lat out-group {groupname number | range | all}

Syntax Description

groupname

Group code name.

number

Group code number. You can also enter both a group code name and group code numbers.

range

Hyphenated range of numbers.

all

Range from 0 to 255.


Defaults

The default group code number is 0.

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

You can have values for one, two, or all three arguments. If the all keyword is specified, no arguments can be used. You can enter the groupname, number, and range arguments in any order.

Use the show lat EXEC command to display group numbers. If the host node and router do not share a common group number, the host services will not be displayed.

Examples

The following example defines the services for lines 1 through 7, 10 through 17, and 20 through 24. Access to systems on the first set of lines is limited to groups 12 and 18 through 23; the second set is limited to group 12; the third set is limited to group codes 12, 18 through 23, and 44. All other lines use the default of group 0.

line 1 7
 lat out-group 12 18-23
line 10 17
 lat out-group 12
line 20 24
 lat out-group 12 18-23 44

Related Commands

Command
Description

lat group-list

Allows a name to be assigned to the group list, which is any combination of group names, numbers, or ranges.


lat remote-modification

To enable remote local-area transport (LAT) modification of line characteristics (for example, baud rate), use the lat remote-modification command in line configuration mode. To disable remote LAT modification of line characteristics, use the no form of this command.

lat remote-modification

no lat remote-modification

Syntax Description

This command has no arguments or keywords.

Defaults

Remote modification is disabled.

Command Modes

Line configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Enabling the line for remote modification allows the remote LAT node to change line characteristics (for example, baud rate, parity, and so on).

Examples

The following example enables remote LAT modification on line 4:

line 4
 lat remote-modification

lat retransmit-limit

To set the number of times that local-area transport (LAT) resends a message before declaring the remote system unreachable, use the lat retransmit-limit command in global configuration mode. To restore the default retry value, use the no form of this command.

lat retransmit-limit number

no lat retransmit-limit

Syntax Description

number

Number of retries; any number from 4 to 255.


Defaults

8 retries

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Assigning larger values to the number of tries increases the robustness of the LAT service at the cost of longer delays when communications are disrupted. Because LAT generally resends messages once per second, the value is approximately the number of seconds that LAT connections will survive connection disruption.

If you bridge LAT, the retransmission limit should be set to at least 20 tries for LAT sessions to survive a worst-case spanning-tree reconfiguration, because the time for bridging spanning-tree reconfiguration to be completed can be up to 15 seconds.

Examples

The following example sets the retransmission limit to 30 tries, enough time to sustain the downtime incurred when the system must reconfigure a spanning-tree topology:

lat retransmit-limit 30

lat server-buffers

To set the number of receive buffers that will be negotiated when the router is acting as a local-area transport (LAT) server, use the lat server-buffers command in global configuration mode. To return to the default of one receive buffer, use the no form of this command.

lat server-buffers receive-buffers

no lat server-buffers receive-buffers

Syntax Description

receive-buffers

Integer from 1 to 128 that specifies the number of receive buffers that will be negotiated.


Defaults

1 receive buffer

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Before LAT Version 5.2, LAT allowed only one outstanding message on a virtual circuit at a time. This restriction could limit the performance of large routers because only one Ethernet packet of data could be in transit at a time. With LAT Version 5.2, nodes can indicate that they are willing to receive more than one message at a time. During virtual circuit startup, each side communicates to the other how many outstanding messages it is willing to accept.

Examples

The following example enables LAT and configures the server to negotiate 25 receive buffers:

lat enabled
lat server-buffers 25

Related Commands

Command
Description

lat host-buffers

Sets the number of receive buffers that will be negotiated when the router is acting as a LAT host.


lat service-announcements

To reenable local-area transport (LAT) broadcast service announcements, use the lat service-announcements command in global configuration mode. To disable the sending of LAT service announcements, use the no form of this command.

lat service-announcements

no lat service-announcements

Syntax Description

This command has no arguments or keywords.

Defaults

Enabled

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

If this command is enabled, the LAT code will periodically broadcast service advertisements. If the command is disabled, the LAT code will not send service announcements, so solicit information messages must be used to look up node information.


Note You should only disable service announcements if all of the nodes on the LAN support the service responder feature.


Examples

The following example reenables the sending of broadcast service announcements:

lat service-announcements

Related Commands

Command
Description

lat service-responder

Configures a node to act as proxy for other nodes when a solicit-information multicast message is received.


lat service enabled

To enable inbound connections to the specified service and enable the advertisement of this service to routers on the network, use the lat service enabled command in global configuration mode. To delete the named service, use the no form of this command.

lat service service-name enabled

no lat service service-name enabled

Syntax Description

service-name

Name of the service.


Defaults

No services are enabled.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

In the simplest form, this command creates a service that gives connecting users access to a vty port on the server.

Use the lat service enabled command after commands that define a service so that users do not connect to a service before all the parameters are set.

Deleting a service does not disconnect existing connections.

Examples

The following example enables inbound connections to the service named WHEEL:

lat service WHEEL enabled

lat service-group

To specify a group code mask to use when advertising all services for this node and to control incoming services, use the lat service-group command in global configuration mode. To remove the group code mask specified, use the no form of this command.

lat service-group {groupname | number | range | all} [enabled | disabled]

no lat service-group {groupname | number | range | all} [enabled | disabled]

Syntax Description

groupname

Specifies a group code name.

number

Specifies a group code number.

range

Specifies a hyphenated range of numbers from 0 to 255.

all

Specifies the range from 0 to 255.

enabled

(Optional) Allows incremental changes to the list; that is, you can add a group code without retyping the entire command.

disabled

(Optional) Allows selective removal of a group code from the list.


Defaults

If no service group is specified, the Cisco IOS software defaults to advertising to group 0.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

When this command is written to NVRAM (using the write memory EXEC command), the system looks for an exact match on a group code name. If it finds one, it uses that name in the command. Otherwise, it writes out a list of numbers, using the range syntax whenever possible.

Examples

The following example specifies groups 100 through 103, then defines engineering as the group code list to advertise:

lat group-list engineering 100-103
lat service-group engineering enabled

The following example specifies the groups 1, 5, 20 through 36, and 52:

lat service-group 1 5 20-36 52

Related Commands

Command
Description

lat group-list

Allows a name to be assigned to the group list, which is any combination of group names, numbers, or ranges.


lat service ident

To set the local-area transport (LAT) service identification for a specified service, use the lat service ident command in global configuration mode. To remove the identification, use the no form of this command.

lat service service-name ident identification

no lat service service-name ident

Syntax Description

service-name

Name of the service.

identification

Descriptive name (text only) that identifies the service.


Defaults

No LAT service identification is set for specific services.

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The identification is advertised to other servers on the network and is displayed along with the list of name services on the LAN.

Examples

The following example specifies the identification "Welcome to Gateway-A" on the service named STELLA:

lat service STELLA ident Welcome to Gateway-A

lat service password

To set up a local-area transport (LAT) password for a service, use the lat service password command in global configuration mode. To remove the password, use the no form of this command.

lat service service-name password password

no lat service service-name password

Syntax Description

service-name

Name of the service.

password

Password used to gain access to the service.


Defaults

No default LAT service passwords

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The connecting user will be required to enter the password to complete the connection. The password is obtained through the LAT password mechanism.

Examples

The following example specifies a service named BLUE and the password secret:

lat service BLUE password secret

lat service rating

To set a static service rating for the specified service, use the lat service rating command in global configuration mode. To remove the service rating, use the no form of this command.

lat service service-name rating static-rating

no lat service service-name rating

Syntax Description

service-name

Name of the service.

static-rating

Static service rating. The rating must be in the range from 1 to 255.


Defaults

Dynamic rating

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

If this command is not entered, the Cisco IOS software calculates a dynamic rating based on the number of free ports that can handle connections to the service. Setting a static rating overrides this calculation and causes the specified value to be used.

Examples

The following example specifies a service rating of 84 on the service named WHEEL:

lat service WHEEL rating 84

lat service-responder

To configure a node to act as proxy for other nodes when a solicit-information multicast message is received, use the lat service-responder command in global configuration mode. To remove any proxy definition set up using the lat service-responder command, use the no form of this command.

lat service-responder

no lat service-responder

Syntax Description

This command has no arguments or keywords.

Defaults

Disabled

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

The Cisco IOS software can be configured to support the service responder feature that is part of the latest LAT Version 5.2 specification.

Specifically, the DECserver90L+, which has less memory than other Digital Equipment Corporation servers, does not maintain a cache of learned services. Instead, the DECserver90L+ solicits information about services as they are needed.

LAT Version 5.2 nodes can respond for themselves; however LAT Version 5.1 nodes, for example, VMS Version 5.4 or earlier nodes, cannot respond for themselves. Instead, a LAT Version 5.2 node configured as a service responder must respond in proxy for the LAT Version 5.1 nodes.

The Cisco IOS software can be configured as a LAT service responder. If all your nodes are LAT Version 5.2 nodes, you need not enable the service responder features.

Examples

The following example configures a node to act as a proxy for a node when a solicit-information multicast message is received. The node configured with this command will respond to solicit messages.

lat service-responder

Related Commands

Command
Description

lat service-announcements

Reenables LAT broadcast service announcements.


lat service rotary

To associate a rotary group with a service, use the lat service rotary command in global configuration mode. To remove the association, use the no form of this command.

lat service service-name rotary group-number

no lat service service-name rotary

Syntax Description

service-name

Name of the service.

group-number

Rotary group number.


Defaults

Disabled

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Establish rotary groups using the rotary line configuration command.

When an inbound connection is received for this service, the router establishes a reverse local-area transport (LAT) connection to a terminal in that rotary group.

If the rotary option is not set, the connection will be to a virtual terminal session on the router.

Examples

The following example creates a service named MODEM to establish a rotary group:

lat services MODEM rotary 1

Related Commands

Command
Description

rotary

Defines a group of lines consisting of one of more lines.


lat service-timer

To adjust the time between local-area transport (LAT) service advertisements, use the lat service-timer command in global configuration mode. To return to the default setting, use the no form of this command.

lat service-timer interval

no lat service-timer

Syntax Description

interval

Number of seconds between service announcements. Note that the granularity offered by this command is 10-second intervals, and the interval value is rounded up.


Defaults

20 seconds

Command Modes

Global configuration

Command History

Release
Modification

11.1

This command was introduced.


Usage Guidelines

This command adjusts the time, in seconds, between LAT service announcements for services offered by the router. This function is useful in large networks with many LAT services and limited bandwidth.

Examples

The following example sets the interval between LAT service advertisements to 11, and illustrates the rough granularity of the lat service-timer command:

! The time between LAT service advertisements is set to 11. Because the 
! granularity is in ten-second intervals, the actual time between advertisement
! is 20 seconds.
lat service-timer 11
! 20 seconds between updates.
lat service-timer 19
! 120 seconds between updates.
lat service-timer 120

lat vc-sessions

To set the maximum number of sessions to be multiplexed onto a single local-area transport (LAT) virtual circuit, use the lat vc-sessions command in global configuration mode. To remove the definition of a prior session, use the no form of this command.

lat vc-sessions maximum-number

no lat vc-sessions maximum-number

Syntax Description

maximum-number

Specifies the number of sessions that will be multiplexed onto a single LAT virtual circuit. This number cannot be greater than 255.


Defaults

255 sessions per virtual circuit

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Setting the number of sessions to a lower number can increase throughput if many sessions are running on one host, especially with routers with many physical ports. It can also increase overhead if the same host has little traffic but a large number of sessions.

Examples

The following example sets the maximum number of sessions to be multiplexed onto a single LAT virtual circuit at 100:

lat vc-sessions 100

lat vc-timer

To set the interval of time local-area transport (LAT) waits before sending any traffic, use the lat vc-timer command in global configuration mode. To remove a timer definition, use the no form of this command.

lat vc-timer milliseconds

no lat vc-timer milliseconds

Syntax Description

milliseconds

Timer value. Specifies the amount of time LAT will wait before sending traffic. Acceptable values are from 10 to 1000 milliseconds.


Defaults

80 milliseconds

Command Modes

Global configuration

Command History

Release
Modification

10.0

This command was introduced.


Usage Guidelines

Smaller timer values increase the overhead on both the router and the host. However, you can use smaller values to correct buffer overflows, which happen when the router receives more data than it can buffer during a virtual circuit timer interval.

Larger values increase the need for buffering and can cause noticeable echoing delay. However, increased values can reduce traffic. In environments with slow bridging, retransmissions can be reduced if you increase the value to at least three times the worst-case, round-trip interval.

Examples

The following example sets the time between sending messages to 500 milliseconds:

lat vc-timer 500