-
Cisco IOS Dial Services Command Reference, Release 12.1
-
About the Cisco IOS Software Documentation
-
Commands: A through B
-
Commands: C
-
Commands: D
-
Commands: E through IP
-
Commands IS through LAT
-
Commands: LC through MOD
-
Commands: MU through PPP
-
Commands: PRI through SGBP
-
Commands: SHOW A through E
-
Commands: SHOW I through L
-
Commands: SHOW M
-
Commands: SHOW N through X
-
Commands: SL through TN
-
Commands: TR through VIR
-
Commands: VPDN through X
- Appendixes
-
Table Of Contents
vpdn authorize directed-request
vty-async ipx ppp-client loopback
vpdn aaa attribute
To enable reporting of network access server (NAS) authentication, authorization, and accounting (AAA) attributes related to a virtual private dialup network (VPDN) to the AAA server, use the vpdn aaa attribute command in global configuration mode. To disable reporting of AAA attributes related to VPDN, use the no form of this command.
vpdn aaa attribute {nas-ip-address vpdn-nas | nas-port vpdn-nas}
no vpdn aaa attribute {nas-ip-address vpdn-nas | nas-port}
Syntax Description
nas-ip-address vpdn-nas
Enable reporting of the VPDN NAS IP address to the AAA server.
nas-port vpdn-nas
Enable reporting of the VPDN NAS port to the AAA server.
Command Default
AAA attributes are not reported to the AAA server.
Command Modes
Global configuration
Command History
11.3 NA
This command was introduced.
11.3(8.1)T
This command was integrated into Cisco IOS Release 11.3(8.1)T.
Usage Guidelines
This command can be used with RADIUS or TACACS+, and is applicable only on the VPDN tunnel server.
Examples
The following example configures VPDN on a tunnel server and enables reporting of VPDN AAA attributes to the AAA server:
vpdn enablevpdn-group 1accept-dialinprotocol anyvirtual-template 1!terminate-from hostname nas1local name ts1!vpdn aaa attribute nas-ip-address vpdn-nasvpdn aaa attribute nas-port vpdn-nasvpdn aaa override-server
To specify an authentication, authorization, and accounting (AAA) server to be used for virtual private dialup network (VPDN) tunnel authorization other than the default AAA server, use the vpdn aaa override-server global configuration command. To return to the default setting, use the no form of this command.
vpdn aaa override-server {aaa-server-ip-address | aaa-server-name}
no vpdn aaa override-server {aaa-server-ip-address | aaa-server-name}
Syntax Description
aaa-server-ip-address
The IP address of the AAA server to be used for tunnel authorization.
aaa-server-name
The name of the AAA server to be used for tunnel authorization.
Defaults
If the AAA server is not specified, the default AAA server configured for network authorization is used.
Command Modes
Global configuration
Command History
Usage Guidelines
This command can be used with RADIUS or TACACS+, and is applicable only on the VPDN network access server (NAS). Configuring this command restricts tunnel authorization to the specified AAA servers only. This command can be used to specify multiple AAA servers.
For TACACS+ configuration, the tacacs-server directed-request command must be configured using the restricted keyword, or authorization will continue with all configured TACACS+ servers.
Examples
The following example enables AAA attributes and specifies the AAA server to be used for VPDN tunnel authorization:
aaa new-modelaaa authorization network default group radiusvpdn aaa override-server 10.1.1.1vpdn enableradius-server host 10.1.1.2 auth-port 1645 acct-port 1646radius-server key SecretRelated Commands
vpdn authen-before-forward
To configure a network access server (NAS) to request authentication of a complete username before making a forwarding decision for all dial-in Layer 2 Tunnel Protocol (L2TP) or Layer 2 Forwarding (L2F) tunnels, use the vpdn authen-before-forward command in global configuration mode. To disable this configuration, use the no form of this command.
vpdn authen-before-forward
no vpdn authen-before-forward
Syntax Description
This command has no arguments or keywords.
Command Default
L2TP or L2F tunnels are forwarded to the tunnel server without first requesting authentication of the complete username.
Command Modes
Global configuration
Command History
Usage Guidelines
To configure the NAS to perform authentication of all dial-in L2TP or L2F sessions before the sessions are forwarded to the tunnel server, configure the vpdn authen-before-forward command in global configuration mode.
To configure the NAS to perform authentication of dial-in L2TP or L2F sessions belonging to a specific VPDN group before the sessions are forwarded to the tunnel server, use the authen-before-forward command in VPDN group configuration mode.
Enabling the vpdn authen-before-forward command instructs the NAS to authenticate the complete username before making a forwarding decision based on the domain portion of the username. A user may be forwarded or terminated locally depending on the information contained in the users RADIUS profile. Users with forwarding information in their RADIUS profile are forwarded based on that information. Users without forwarding information in their RADIUS profile are either forwarded or terminated locally based on the Service-Type in their RADIUS profile. The relationship between forwarding decisions and the information contained in the users RADIUS profile is summarized in Table 154.
Examples
The following example configures the NAS to request authentication of all dial-in L2TP or L2F sessions before the sessions are forwarded to the tunnel server:
vpdn authen-before-forwardRelated Commands
vpdn authorize directed-request
To enable virtual private dialup network (VPDN) authorization for directed-request users, use the vpdn authorize directed-request command in global configuration mode. To disable VPDN authorization for directed request users, use the no form of this command.
vpdn authorize directed-request
no vpdn authorize directed-request
Syntax Description
This command has no keywords or arguments.
Defaults
VPDN authorization for directed-request users is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
When a username incudes both a username and a domain portion, such as user@site.com, directed request configuration allows the authorization request to be sent to a specific RADIUS or TACACS+ server based on the domain name portion of the username (site.com). The vpdn authorize directed-request command must be enabled to allow VPDN authorization of any directed request user.
Directed request for RADIUS users is enabled by issuing the radius-server directed-request command. Directed request for TACACS+ users is enabled by default, and may be disabled using the no tacacs-server directed request command. The ip host command must be configured to enable directed requests to RADIUS or TACACS+ servers.
The vpdn authorize directed-request command is usually configured on the L2TP network server (LNS). When directed-requests are used on an L2TP access concentrator (LAC) in conjuction with per-user VPDN configuration, the authen before-forward command must be enabled.
Examples
The following example enables VPDN authorization and RADIUS directed requests on an LNS:
ip host site.com 10.1.1.1radius-server host 10.1.1.1 auth-port 1645 acct-port 1646radius-server directed-requestvpdn authorize directed-requestThe following example enables VPDN authorization and TACACS+ directed requests on an LNS:
ip host site.com 10.1.1.1tacacs-server host 10.1.1.1tacacs-server directed-requestvpdn authorize directed-requestThe following example enables per-user VPDN and enables VPDN authorization for directed request users on a LAC:
vpdn-group 1request-dialinprotocol l2fdomain site.com!initiate-to ip 10.1.1.1local name local1authen before-forward!ip host site.com 10.1.1.1vpdn authorize directed-request!radius-server host 10.1.1.1 auth-port 1645 acct-port 1646radius-server directed-requestRelated Commandsradius-server directed-requestradius-server directed-request
vpdn domain-delimiter
To specify the characters to be used to delimit the domain prefix or domain suffix, use the vpdn domain-delimiter command in global configuration mode.
vpdn domain-delimiter characters [suffix | prefix]
Syntax Description
Defaults
This command is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
You can enter one vpdn domain-delimiter command to list the suffix delimiters and another vpdn domain-delimiter command to list the prefix delimiters. However, no character can be both a suffix delimiter and a prefix delimiter.
This command allows the network access server to parse a list of home gateway DNS domain names and addresses sent by an AAA server. The AAA server can store domain names or IP addresses in the following AV pair:
cisco-avpair = "lcp:interface-config=ip address 1.1.1.1 255.255.255.255.0",
cisco-avpair = "lcp:interface-config=ip address bigrouter@excellentinc.com,
Examples
The following example lists three suffix delimiters and three prefix delimiters:
vpdn domain-delimiter %-@ suffixvpdn domain-delimiter #/\\ prefixThis example allows the following host and domain names:
cisco.com#houstonddrhoustonddr@cisco.comRelated Commands
vpdn enable
To enable virtual private dialup networking on the router and inform the router to look for tunnel definitions in a local database and on a remote authorization server (home gateway), if one is present, use the vpdn enable command in global configuration mode.
vpdn enable
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
To disable a VPN tunnel, use the command clear vpdn tunnel in EXEC mode. The command no vpdn enable does not automatically disable a VPN tunnel.
Examples
The following example enables virtual private dialup networking on the router:
vpdn enableRelated Commands
vpdn force-local-chap
To cause the home gateway to issue its own Challenge Handshake Authentication Protocol (CHAP) challenge even if one has already been issued from the network access server, use the vpdn force-local-chap command in global configuration mode. Use the no form of this command to prevent the home gateway from issuing its own CHAP challenge.
vpdn force-local-chap
no vpdn force-local-chap
Syntax Description
This command has no arguments or keywords.
Defaults
The home gateway does not issue its own CHAP challenge:
Command Modes
Global configuration
Command History
Examples
The following example configures a virtual template interface on the home gateway and then enables VPDN and forces the home gateway to issue its own CHAP challenge.
interface virtual-template 1ip unnumbered ethernet 0encapsulation pppppp authentication chap!vpdn enablevpdn incoming world12 troll virtual-template 1vpdn force-local-chapvpdn group
To associate a virtual private dialup network (VPDN) group with a customer or VPDN profile, use the vpdn group command in customer profile or VPDN profile configuration mode. To disassociate a VPDN group from a customer or VPDN profile, use the no form of this command.
vpdn group name
no vpdn group name
Syntax Description
name
Name of the VPDN group.
Note
This name should match the name defined for the VPDN group configured with the vpdn-group command.
Defaults
No default behavior or values.
Command Modes
Customer profile configuration
VPDN profile configurationCommand History
12.0(4)XI
This command was introduced.
12.0(5)T
This command was integrated into Cisco IOS Release 12.0(5)T.
Usage Guidelines
Use the vpdn group command in customer profile configuration mode or VPDN profile configuration mode to associate a VPDN group with a customer profile or a VPDN profile, respectively.
VPDN groups are created using the vpdn-group command in global configuration mode.
Examples
The following example creates the VPDN groups named l2tp and l2f, and associates both VPDN groups with the VPDN profile named profile32:
Router(config)# vpdn-group l2tpRouter(config-vpdn)#!Router(config)# vpdn-group l2fRouter(config-vpdn)#!Router(config)# resource-pool profile vpdn profile32Router(config-vpdn-profile)# vpdn group l2tpRouter(config-vpdn-profile)# vpdn group l2fThe following example creates two VPDN groups and configures them under a customer profile named company2:
Router(config)# vpdn-group mygroupRouter(config-vpdn)#!Router(config)# vpdn-group yourgroupRouter(config-vpdn)#!Router(config)# resource-pool profile vpdn company2Router(config-vpdn-profile)# vpdn group mygroupRouter(config-vpdn-profile)# vpdn group yourgroupRelated Commands
vpdn history failure
To enable logging of virtual private dialup network (VPDN) failures to the history failure table or to set the failure history table size, use the vpdn history failure command in global configuration mode. To disable logging of VPDN history failures or to restore the default table size, use the no form of this command.
vpdn history failure [table-size entries]
no vpdn history failure [table-size]
Syntax Description
table-size entries
(Optional) Sets the number of entries in the history failure table. Valid entries range from 20 to 50.
Defaults
VPDN failures are logged by default.
table size: 20 entriesCommand Modes
Global configuration
Command History
Usage Guidelines
Logging of VPDN failure events is enabled by default. You can disable the logging of VPDN failure events by issuing the no vpdn history failure command.
The logging of a failure event to the history table is triggered by event logging by the syslog facility. The syslog facility creates a failure history table entry, which keeps records of failure events. The table starts with 20 entries, and the size of the table can be expanded to a maximum of 50 entries using the vpdn history failure table-size entries command. You may configure the vpdn history failure table-size entries command only if VPDN failure event logging is enabled.
All failure entries for the user are kept chronologically in the history table. Each entry records the relevant information of a failure event. Only the most recent failure event per user, unique to its name and tunnel client ID (CLID), is kept.
When the total number of entries in the table reaches the configured table size, the oldest record is deleted and a new entry is added.
Examples
The following example disables logging of VPDN failures to the history failure table:
no vpdn history failureThe following example enables logging of VPDN failures to the history table and sets the history failure table size to 40 entries:
vpdn history failurevpdn history failure table-size 40Related Commands
vpdn incoming
To specify the local name to use for authenticating and the virtual template to use for building interfaces for incoming connections when a Level 2 Forwarding (tunnel) connection is requested from a certain remote host, use the vpdn incoming command in global configuration mode.
vpdn incoming remote-name local-name virtual-template number
Syntax Description
Defaults
Disabled. No host name, IP address, or local name for authentication are provided.
Command Modes
Global configuration
Command History
Usage Guidelines
The remote-name and local-name arguments are case sensitive.
This command is usually used on a home gateway, not on the network access server in the ISP or public data network.
Examples
The following partial example specifies use of local host go_blue and virtual template interface 6 for connections with remote host dallas_wan:
vpdn incoming dallas_wan go_blue virtual-template 6vpdn logging
To enable the logging of virtual private dialup network (VPDN) events, use the vpdn logging command in global configuration mode. To disable the logging of VPDN events, use the no form of this command.
vpdn logging [local | remote | user]
no vpdn logging [local | remote | user]
Syntax Description
Defaults
All VPDN event logging is disabled.
Command Modes
Global configuration
Command History
11.3T
This command was introduced.
12.1
The user keyword was introduced in Cisco IOS Release 12.1.
Usage Guidelines
This command controls the logging of VPDN events. By default, all VPDN event logging is disabled.
To enable the logging of VPDN events to the system message logging (syslog) of the local or remote tunnel endpoint router, issue the vpdn logging command with the local or remote keyword.
To log VPDN user events to the syslog, you must configure the vpdn logging command with the user keyword.
You may configure as many types of VPDN event logging as you want.
Examples
The following example enables VPDN logging locally:
vpdn logging localThe following example disables VPDN event logging locally, enables VPDN event logging at the remote tunnel endpoint, and enables the logging of VPDN user events to the syslog of the remote router:
no vpdn logging localvpdn logging remotevpdn logging userRelated Commands
vpdn history failure
Enables logging of VPDN failures to the history failure table or sets the failure history table size.
vpdn multihop
To enable virtual private dialup network (VPDN) multihop, use the vpdn multihop global configuration command. To disable VPDN multihop capability, use the no form of this command.
vpdn multihop
no vpdn multihop
Syntax Description
This command has no arguments or keywords.
Defaults
Multihop is not enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
The Cisco Multihop VPDN feature allows you to perform Multichassis Multilink Point-to-Point Protocol (MMP) on a home gateway (HGW) or Layer 2 Tunneling Protocol (L2TP) network server (LNS) in a VPDN scenario. This feature allows sharing tunnel resources between the HGW and LNS routers, and the possibility to offload by default to another router in the network.
The VPDN multihop feature also allows a router configured as a tunnel switch to terminate tunnels from Layer 2 access concentrators (LACs) and forward the sessions through up to four newly established L2TP tunnels. The tunnels are selected using client-supplied matching criteria configured by the vpdn search-order global configuration command.
Before using the vpdn multihop command, refer to the Dial Services Configuration Guide: Network Services, to learn more about Multilink PPP and MMP.
Examples
The following example shows a configuration where a packet traverses a VPDN tunnel over a service provider link, and then a second tunnel by traversing a hop between home gateways on the corporate network. The bundle owner is Home-Gateway1 and the stack group peer, Home-Gateway2, is specified as a peer (10.10.1.2).
vpdn multihopusername stack password hellotheremultilink virtual-template 1sgbp group stacksgbp member Home-Gateway2 10.10.1.2interface virtual-template 1ip unnumbered e0ppp multilinkppp auth chapThe following example also shows how to configure the Cisco Multihop VPDN feature:
!vpdn enablevpdn multihopvpdn search-order domain!vpdn-group 1request-dialinprotocol l2tpdomain cisco.cominitiate-to ip 172.22.53.144 priority 1initiate-to ip 172.22.53.145 priority 1!l2tp tunnel password 7 <deleted>!Related Commands
vpdn outgoing
To specify use of Dialed Number Information Service (DNIS) or use of a domain name when selecting a tunnel for forwarding traffic to the remote host (the home gateway) on a Virtual Private Dialup Network (VPDN), use the vpdn outgoing command in global configuration mode.
vpdn outgoing word | dnis dialed-number
Syntax Description
word
Case-sensitive name of the gateway domain for forwarding traffic.
dnis dialed-number
Dialed number to be used for selecting a specific tunnel to be used for forwarding traffic to a home gateway.
Defaults
Disabled. No remote names and local names are defined.
Command Modes
Global configuration
Command History
Usage Guidelines
The word argument is case sensitive.
This command is usually used on a network access server, not on a home gateway.
When use of the Dialed Number Information Service is enabled and a dialed number is provided, the network service provider can use the dialed number to select a specific tunnel destination.
The domain name can be used to choose a tunnel destination. For example, if a user dials in as "joe@company-a.com," then matching on "company-a.com," a tunnel destination can be chosen.
If both DNIS information and a CHAP or PAP name map to a valid tunnel, the DNIS information is used.
If TACACS+ is used to get tunnel information, the string "dnis:" is prepended to the phone number before attempting to look up the information in AAA.
Examples
The following example selects a tunnel destination based on the domain name:
vpdn outgoing chicago-main go-blueThe following example selects a tunnel destination based on the use of DNIS and a specific dialed number:
vpdn outgoing dnis 2387765 gocardinalRelated Commands
vpdn profile
To associate a virtual private dialup network (VPDN) profile with a customer profile, use the vpdn profile command in customer profile configuration mode. To remove a VPDN profile from a customer profile, use the no form of this command.
vpdn profile name
no vpdn profile name
Syntax Description
Defaults
No default behavior or values.
Command Modes
Customer profile configuration
Command History
12.0(4)XI
This command was introduced.
12.0(5)T
Support for this command was integerated into Cisco IOS Release 12.0(5)T.
Usage Guidelines
Use the vpdn profile command to associate a VPDN profile with a customer profile.
VPDN profiles can be used to combine session counting over multiple VPDN groups. This ability can be applied to customer profiles by configuring multiple VPDN groups under a VPDN profile, then associating the VPDN profile with the customer profile using the vpdn profile command.
Examples
The following example shows how to create two VPDN groups, configure the VPDN groups under a VPDN profile named profile1, then associates the VPDN profile with a customer profile named customer12:
Router(config)# vpdn-group 1Router(config-vpdn)#!Router(config)# vpdn-group 2Router(config-vpdn)#!Router(config)# resource-pool profile vpdn profile1Router(config-vpdn-profile)# vpdn group 1Router(config-vpdn-profile)# vpdn group 2!Router(config)# resource-pool profile customer customer12Router(config-vpdn-customer)# vpdn profile profile1Related Commands
vpdn search-order
To specify how the service provider's network access server is to perform Virtual Private Dialup Network (VPDN) tunnel authorization searches, use the vpdn search-order command in global configuration mode. Use the no form of the command to remove a prior specification.
vpdn search-order {dnis domain | domain dnis | domain | dnis}
no vpdn search-order
Syntax Description
Defaults
When this command is not used, the default is to search first on the Dialed Number Information Service (DNIS) information provided on ISDN lines and then search on the domain name. This is equivalent to using the vpdn search-order dnis domain command.
Command Modes
Global configuration
Command History
Usage Guidelines
VPDN authorization searches are performed only as specified.
The configuration shows the vpdn search-order command setting only if the command is explicitly configured.
Examples
The following example configures a network access server to select a tunnel destination based on the use of DNIS and a specific dialed number and to perform tunnel authorization searches based on the DNIS information only.
vpdn enablevpdn outgoing dnis 2387765 gocardinal ip 170.16.44.56vpdn search-order dnisRelated Commands
Specifies to use either DNIS or a domain name when selecting a tunnel for forwarding traffic to the remote host (the home gateway) on a VPDN.
vpdn source-ip
To set the source IP address of the network access server, use the vpdn source-ip command in global configuration mode.
vpdn source-ip address
Syntax Description
Defaults
This command is disabled. No default IP address is provided.
Command Modes
Global configuration
Command History
Usage Guidelines
One source IP address is configured on the network access server. The source IP address is configured per network access server, not per domain.
Examples
This example enables VPDN on the network access server and sets an IP source address of 171.4.48.3:
vpdn enablevpdn source-ip 171.4.48.3Related Commands
vpdn-group
To create a virtual private dialup network (VPDN) group and to enter VPDN group configuration mode, use the vpdn-group command in global configuration mode. To delete a VPDN group, use the no form of this command.
vpdn-group name
no vpdn-group name
Syntax Description
Defaults
No VPDN groups are defined.
Command Modes
Global configuration
Command History
12.0(4)XI
This command was introduced.
12.0(5)T
This command was integrated into Cisco IOS Release 12.0(5)T.
Usage Guidelines
Issuing the vpdn-group command creates a VPDN group with the specified name and enters VPDN group configuration mode. If a VPDN group with the specified name already exists, issuing the vpdn-group command will enter VPDN group configuration mode and allow configuration of that VPDN group.
A VPDN group can be associated with a customer profile or a VPDN profile by issuing the vpdn group command in customer profile configuration mode or VPDN profile configuration mode.
Examples
The following example creates the VPDN group named l2tp and enters VPDN group configuration mode:
Router(config)# vpdn-group l2tpRouter(config-vpdn)#The following example associates the VPDN group created in the preceding example with the VPDN profile named profile1:
Router(config)# resource-pool profile vpdn profile1Router(config-vpdn-profile)# vpdn group l2tpThe following example creates a VPDN group named l2f and associates it with the customer profile named customer1:
Router(config)# vpdn-group l2f!Router(config)# resource-pool profile customer customer1Router(config-customer-profile)# vpdn group l2fRelated Commands
vty-async
To configure all virtual terminal lines on a router to support asynchronous protocol features, use the vty-async command in global configuration mode. Use the no form of this command to disable asynchronous protocol features on virtual terminal lines.
vty-async
no vty-async
Syntax Description
This command has no arguments or keywords.
Defaults
Asynchronous protocol features are not enabled by default on virtual terminal lines.
Command Modes
Global configuration
Command History
Usage Guidelines
The vty-async command extends asynchronous protocol features from physical asynchronous interfaces to virtual terminal lines. Normally, SLIP and PPP can function only on asynchronous interfaces, not on virtual terminal lines. However, extending asynchronous functionality to virtual terminal lines permits you to run SLIP and PPP on these virtual asynchronous interfaces. One practical benefit is the ability to tunnel SLIP and PPP over X.25 PAD, thus extending remote node capability into the X.25 area. You can also tunnel SLIP and PPP over Telnet or LAT on virtual terminal lines. To tunnel SLIP and PPP over X.25, LAT, or Telnet, you use the protocol translation feature in the Cisco IOS software.
To tunnel SLIP or PPP inside X.25, LAT, or Telnet, you can use two-step protocol translation or one-step protocol translation, as follows:
•
•
Examples
The following example enables asynchronous protocol features on virtual terminal lines:
vty-asyncRelated Commands
vty-async dynamic-routing
To enable dynamic routing on all virtual asynchronous interfaces, use the vty-async dynamic-routing command in global configuration mode. Use the no form of this command to disable asynchronous protocol features on virtual terminal lines and, therefore, disable routing on virtual terminal lines.
vty-async dynamic-routing
no vty-async dynamic-routing
Syntax Description
This command has no arguments or keywords.
Defaults
Dynamic routing is not enabled on virtual asynchronous interfaces.
Command Modes
Global configuration
Command History
Usage Guidelines
This feature enables IP routing on virtual asynchronous interfaces. When you issue this command and a user later makes a connection to another host using SLIP or PPP, the user must specify /routing on the SLIP or PPP command line.
If you had not previously entered the vty-async command, the vty-async dynamic-routing command creates virtual asynchronous interfaces, then enables dynamic routing on them.
Examples
The following example enables dynamic routing on virtual asynchronous interfaces:
vty-async dynamic-routingRelated Commands
async dynamic routing
Enables manually configured routing on an asynchronous interface.
vty-async header-compression
To compress the headers of all TCP packets on virtual asynchronous interfaces, use the vty-async header-compression command in global configuration mode. Use the no form of this command to disable virtual asynchronous interfaces and header compression.
vty-async header-compression [passive]
no vty-async header-compression
Syntax Description
Defaults
Header compression is not enabled on virtual asynchronous interfaces.
Command Modes
Global configuration
Command History
Usage Guidelines
This feature compresses the headers on TCP/IP packets on virtual asynchronous connections to reduce the size of the packets and to increase performance.This feature only compresses the TCP header, so it has no effect on UDP packets or other protocol headers. The TCP header compression technique, described fully in RFC 1144, is supported on virtual asynchronous interfaces using SLIP or PPP encapsulation. You must enable compression on both ends of a connection.
Examples
The following example compresses outgoing TCP packets on virtual asynchronous interfaces only if incoming TCP packets are compressed:
vty-async header-compression passiveRelated Commands
async dynamic routing
Enables manually configured routing on an asynchronous interface.
vty-async ipx ppp-client loopback
To enable IPX-PPP on virtual terminal lines, use the vty-async ipx ppp-client loopback command in global configuration mode. Use the no form of this command to disable IPX-PPP sessions on virtual terminal lines.
vty-async ipx ppp-client loopback number
no vty-async ipx ppp-client loopback
Syntax Description
number
Number of the loopback interface configured for IPX to which the virtual terminal lines are assigned.
Defaults
IPX over PPP is not enabled on virtual terminal lines.
Command Modes
Global configuration
Command History
Usage Guidelines
This command enables users to log into the router from a device running a virtual terminal protocol, then issue the PPP command at the EXEC prompt to connect to a remote device.
A loopback interface must already have been defined and an IPX network number must have been assigned to the loopback interface before the vty-async ipx ppp-client loopback command will permit IPX-PPP on virtual terminal lines.
Examples
The following example enables IPX over PPP on virtual terminal lines:
ipx routing ramanainterface loopback0ipx network 12345vty-async ipx ppp-client loopback0Related Commands
interface loopback
Creates a loopback interface.
ipx network
Enables IPX routing on a particular interface and optionally selects the type of encapsulation (framing).
vty-async keepalive
To change the frequency of keepalive packets on all virtual asynchronous interfaces, use the vty-async keepalive command in global configuration mode. Use the no vty-async command to disable asynchronous protocol features on virtual terminal lines, or the vty-async keepalive 0 command to disable keepalive packets on virtual terminal lines.
vty-async keepalive seconds
no vty-async keepalive
vty-async keepalive 0
Syntax Description
Defaults
Keepalive is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to change the frequency of keepalive updates on virtual asynchronous interfaces, or to disable keepalive updates. To determine if keepalive is enabled on an interface, use the show running-config EXEC command. If the router has not received a keepalive packet after three update intervals have passed, the connection is considered down.
Examples
The following example sets the keepalive interval to 30 seconds:
vty-async keepalive 30The following example sets the keepalive interval to 0 (off):
vty-async keepalive 0Related Commands
vty-async mtu
To set the maximum transmission unit (MTU) size on virtual asynchronous interfaces, use the vty-async mtu command in global configuration mode. Use the no form of this command to disable asynchronous protocol features on virtual terminal lines.
vty-async mtu bytes
no vty-async
Syntax Description
bytes
MTU size of IP packets that the virtual asynchronous interface can support. The default MTU is 1500 bytes, the minimum MTU is 64 bytes, and the maximum is 1,000,000 bytes.
Defaults
1500 bytes
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to modify the MTU for packets on a virtual asynchronous interfaces. You might want to change to a smaller MTU size for IP packets transmitted on a virtual terminal line configured for asynchronous functions for any of the following reasons:
•
•
•
Do not change the MTU size unless the SLIP or PPP implementation running on the host at the other end of the virtual asynchronous interface supports reassembly of IP fragments. Because each fragment occupies a spot in the output queue, it might also be necessary to increase the size of the SLIP or PPP hold queue if your MTU size is such that you might have a high amount of packet fragments in the output queue.
Examples
The following example sets the MTU for IP packets to 256 bytes:
vty-async mtu 256Related Commands
vty-async ppp authentication
To enable PPP authentication on virtual asynchronous interfaces, use the vty-async ppp authentication command in global configuration mode. Use the no form of this command to disable PPP authentication.
vty-async ppp authentication {chap | pap}
no vty-async ppp authentication {chap | pap}
Syntax Description
chap
Enable CHAP on all virtual asynchronous interfaces.
pap
Enable PAP on all virtual asynchronous interfaces.
Defaults
No CHAP or PAP authentication for PPP.
Command Modes
Global configuration
Command History
Usage Guidelines
This command configures the virtual asynchronous interface to either authenticate CHAP or PAP while running PPP. After you have enabled CHAP or PAP, the local router requires a password from remote devices. If the remote device does not support CHAP or PAP, no traffic will be passed to that device.
Examples
The following example enables CHAP authentication for PPP sessions on virtual asynchronous interfaces:
vty-async ppp authentication chapRelated Commands
vty-async ppp use-tacacs
To enable TACACS authentication for PPP on virtual asynchronous interfaces, use the vty-async ppp use-tacacs command in global configuration mode. Use the no form of this command to disable TACACS authentication on virtual asynchronous interfaces.
vty-async ppp use-tacacs
no vty-async ppp use-tacacs
Syntax Description
This command has no arguments or keywords.
Defaults
TACACS for PPP is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
This command requires the extended TACACS server.
After you have enabled TACACS, the local router requires a password from remote devices.
This feature is useful when integrating TACACS with other authentication systems that require a clear-text version of a user's password. Such systems include one-time password systems and token card systems.
If the username and password are contained in the CHAP password, then the CHAP secret is not used by the router. Because most PPP clients require that a secret be specified, you can use any arbitrary string; the Cisco IOS software ignores it.
You cannot enable TACACS authentication for SLIP on asynchronous or virtual asynchronous interfaces.
Examples
The example enables TACACS authentication for PPP sessions:
vty-async ppp use-tacacsRelated Commands
ppp use-tacacs
Enables TACACS for PPP authentication.
Enables PPP authentication on virtual asynchronous interfaces.
vty-async virtual-template
To configure virtual terminal lines to support asynchronous protocol functions based on the definition of a virtual interface template, use the vty-async virtual-template command in global configuration mode. Use the no form of this command to disable virtual interface templates for asynchronous functions on virtual terminal lines.
vty-async virtual-template number
no vty-async virtual-template
Syntax Description
Defaults
Asynchronous protocol features are not enabled by default on virtual terminal lines.
Command Modes
Global configuration
Command History
10.3
The vty-async command was introduced.
11.3
The vty-async virtual-template command was introduced.
Usage Guidelines
The vty-async virtual-template command enables you to support tunneling of SLIP or PPP across X.25, TCP, or LAT networks by using two-step protocol translation.
Before issuing the vty-async virtual-template command, create and configure a virtual interface template by using the interface virtual-template command. Configure this virtual interface as a regular asynchronous serial interface. That is, assign the virtual interface template the IP address of the Ethernet interface, and configure addressing, just as on an asynchronous interface. You can also enter commands in interface configuration mode that compress TCP headers or configure CHAP authentication for PPP.
After creating a virtual interface template, apply it by issuing the vty-async virtual-template command. When a user dials in through a virtual terminal line, the router creates a virtual access interface, which is a temporary interface that supports the asynchronous protocol configuration specified in the virtual interface template. This virtual access interface is created dynamically, and is freed up as soon as the connection drops.
Before virtual templates were implemented, you could use the vty-async command to extend asynchronous protocol functions from physical asynchronous interfaces to virtual terminal lines. However, in doing so, you created a virtual asynchronous interface, rather than the virtual access interface. The difference is that the virtual asynchronous interfaces are allocated permanently, whereas the virtual access interfaces are created dynamically when a user calls in and closed down when the connection drops.
You can have up to 25 virtual templates interfaces, but you can apply only one template to vty-async interfaces on a router. There can be up to 300 virtual access interfaces on a router.
Examples
The following example enables asynchronous protocol features on virtual terminal lines:
vty-asyncvty-async Virtual-Template 1vty-async dynamic-routingvty-async header-compression!interface Virtual-Template1ip unnumbered Ethernet0encapsulation pppno peer default ip addressppp authentication chapRelated Commands
where
To list the open sessions, use the where command in EXEC mode.
where
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
The where command displays all open sessions associated with the current terminal line.
The Ctrl^x, where, and resume commands are available with all supported connection protocols.
Examples
The following is sample output from the where command:
router# whereConn Host Address Byte Idle Conn Name1 MATHOM 192.31.7.21 0 0 MATHOM* 2 CHAFF 131.108.12.19 0 0 CHAFFThe asterisk (*) indicates the current terminal session.
Table 155 describes significant fields shown in the display.
Related Commands
Sets X.3 parameters for PAD connections.
Displays information about open LAT, Telnet, or rlogin connections.
x25 aodi
To enable the Always On/Dynamic ISDN (AO/DI) client on an interface, use the x25 aodi command in interface configuration mode. Use the no form of this command to remove AO/DI client functionality.
x25 aodi
no x25 aodi
Syntax Description
This command has no arguments or keywords.
Defaults
AO/DI client is not enabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
Use this command to enable the AO/DI client on an interface.
Examples
The following example enables the AO/DI client on the interface running X.25, using the x25 aodi command:
interface bri0isdn x25 dchannelisdn x25 static-tei 8interface bri0:0x25 aodix25 address 12135551234x25 htc 4x25 win 3x25 wout 3x25 map ppp 12135556789 interface dialer 1
Note
Cisco IOS Dial Services Configuration Guide: Terminal Services publication for additional information about this command.
x25 map ppp
To enable a PPP session over the X.25 protocol, use the x25 map ppp command in interface configuration mode. Use the no form of this command to remove a prior mapping.
x25 map ppp x121-address interface cloning-interface no-outgoing
no x25 map ppp x121-address interface cloning-interface no-outgoing
Syntax Description
Defaults
Disabled
Command Modes
Interface configuration
Command History
Usage Guidelines
Use x25 map ppp command to allow a PPP session to run over X.25.
The interface keyword refers to the interface that will be used to clone the configuration.
Note
Client Examples
The following example enables the AO/DI client on the interface and configures the D channel (BRI interface 0:0) with the x25 map statement in order to allow PPP sessions over X.25 encapsulation with the configured AO/DI server:
interface BRI0:0x25 address 16193368208 x25 aodi x25 htc 4 x25 win 3 x25 wout 3 x25 map ppp 16193368209 interface dialer 1Server Examples
The following example enables the AO/DI server to receive calls from the AO/DI client and configures the D channel (BRI0:0) with the x25 map statement which allows PPP sessions over X.25 encapsulation with the configured AO/DI client. The no-outgoing option is used with the x.25 map command since the AO/DI server is receiving, versus initiating, calls.
interface BRI0:0 x25 address 16193368209 x25 htc 4 x25 win 3 x25 wout 3 x25 map ppp 16193368208 interface dialer 1 no-outgoing
Note
x25 subaddress
To append either a physical port number or a value specified for a line as a subaddress to the X.121 calling address, use the x25 subaddress command in line configuration mode. Use the no form of this command to disable subaddressing.
x25 subaddress {line | number}
no x25 subaddress {line | number}
Syntax Description
line
The physical port number for the indicated line will be appended to the X.121 address as the subaddress.
number
Numeric variable assigned to a specific line.
Defaults
No default behavior or values.
Command Modes
Line configuration
Command History
Usage Guidelines
Use the x25 subaddress line command to create a unique X.121 calling address by adding either a physical port number or a numeric value for a line as a subaddress to the X.121 calling address.
Examples
The following example shows how to configure subaddressing on vty lines 10 through 20 by appending the line number as a subaddress to the X.121 calling address:
line vty 10 20x25 subaddress lineThe following example shows how to configure subaddressing on the first five tty lines by appending the value "09" as a subaddress to the X.121 calling address of an X.28 connection originating on these lines:
line 1 5x25 subaddress 9autocommand x28Related Commands
Identifies a specific line for configuration and starts the line configuration command collection mode.
x28
To enter X.28 mode and access an X.25 network or set X.3 packet assembler/disassembler (PAD) parameters, use the x28 EXEC command. Use the no form of this command to exit X.28 mode.
x28 [escape character-string] [noescape] [nuicud] [profile file-name] [reverse] [verbose]
no x28 [escape character-string] [noescape] [nuicud] [profile file-name] [reverse] [verbose]
Syntax Description
Defaults
Disabled. X.28 mode uses standard X.28 command syntax.
Command Modes
EXEC
Command History
Usage Guidelines
If both the escape and noescape options are not set, the default escape sequence is used (exit command).
X.28 mode is identified with an asterisk (*) router prompt. After you enter this mode, the standard X.28 user interface (with the exception of the escape sequence) is available. From this interface, you can configure a PAD device using X.3 parameters, or you can access an X.25 network.
In X.28 mode, you can set PAD command signals using standard or extended command syntax. For example, you can enter the clr command or clear command to clear a virtual call. A command specified with standard command syntax is merely an abbreviated version of the extended syntax version.
Table 156 lists the commands available in both standard and extended command syntax.
Table 156 Available PAD Command Signals
Syntax
Syntaxbreak
Simulate an asynchronous break.
call
Place a virtual call to a remote device.
clr
clear
Clear a virtual call.
command-signal1
Specifies a call request without using a standard X.28 command, which is entered with the following syntax: facilities-x121-addressDcall-user-data
help
Display help information. (See Table 158.)
iclr
iclear
Request the remote device to clear the call.
int
interrupt
Send an Interrupt Packet.
par?
parparameter
readShow the current values of local parameters (see Table 157).
prof
profile file-name
Load a standard or a named profile.
reset
Reset the call.
rpar?
rread
Show the current values of remote parameters.
rset?
rsetread
Set and then read the values of remote parameters.
set
Change the values of local parameters. (See Table 157.)
set?
setread
Change and then read values of parameters.
stat
status
Request the status of a connection.
selection pad
Set up a virtual call.
1 This is an example of issuing a call request command: the R,G23,P2-234234Duser1 command.
Table 157 lists the different types of parameters you can set using the set parameter-number: new-value PAD command signal from X.28 mode.
Note
Table 158 lists the options for the X.28 help command.
You can issue call requests from X.28 mode without using standard X.28 commands. To do this, use the following command syntax:
facilities-x121-addressDcall-user-data
where:
The following rules apply to all call requests parsed in X.28 mode:
•
•
•
•
•
•
Table 159 shows examples of parsed call requests.
Examples
Use the ? command to display the optional X.28 keywords:
router# x28 ?debug Turn on Debug Messages for X28 Modeescape Set the string to escape from X28 PAD modenoescape Never exit x28 mode (use with caution)nuicud All calls with NUI, are normal charge with the NUI placed in CallUser Dataprofile Use a defined X.3 Profilereverse All calls default to reverse chargeverbose Turn on Verbose Messages for X28 Mode<cr>After you are in X.28 mode, use the call PAD signal command to place a virtual call:
router# x28* call 123456The following example enters X.28 mode with the x28 EXEC command and configures a PAD with the set X.3 parameter command. The set command sets the idle time delay to 40 seconds.
router# x28* set 4:40Related Commands
x3
To set X.3 packet assembler/disassembler (PAD) parameters, use the x3 EXEC command.
x3 parameter:value
Syntax Description
parameter:value
Sets the PAD parameters. (See Table 157 in the x28 command description.)
Defaults
For outgoing connections, the X.3 parameters default to the following:
2:1, 3:2, 4:1, 7:4, 16:127, 17:21, 18:19All other parameters default to zero, but can be changed using the /set switch keyword with either the resume command or the x3 command.
For incoming PAD connections, the software sends an X.29 SET PARAMETER packet to set only the following parameters:
2:0, 4:1, 7:21, 15:0For a complete description of the X.3 PAD parameters, refer to the appendix titled "X.3 PAD Parameters" in this publication.
Command Modes
EXEC
Command History
Usage Guidelines
You can have several PAD connections open at the same time and switch between them. You can also exit a connection and return to the user EXEC prompt at any point.
To open a new connection, first suspend the current connection by pressing the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to return to the system command prompt, then open the new connection with the pad command.
You can have several concurrent sessions open and switch back and forth between them. The number of PAD sessions that can be open is defined by the session-limit command.
To switch between sessions you must escape one session and resume a previously opened session. Use the Ctrl^x, where, and resume commands, which are available with all supported connection protocols, to do this.
You can issue any of the following commands to terminate a terminal session:
•
•
•
To display information about packet transmission and X.3 PAD parameter settings, use the show x25 pad command.
Examples
The following example shows how to change a local X.3 PAD parameter from a remote X.25 host using X.29 messages, which is a secure way to enable a remote host to gain control of local PAD. The local device is Router-A. The remote host is Router-B. The parameters listed in the ParamsIn field are incoming parameters, which are sent by the remote PAD. The parameters listed in the ParamsOut field are parameters sent by the local PAD.
Router-A# pad 123456Trying 123456...OpenRouter-B> x3 2:0Router-B>Router-A# show x25 padtty0, connection 1 to host 123456Total input: 12, control 3, bytes 35. Queued: 0 of 7 (0 bytes).Total output: 10, control 3, bytes 64.Flags: 1, State: 3, Last error: 1ParamsIn: 1:0, 2:0, 3:0, 4:0, 5:0, 6:0, 7:0,8:0, 9:0, 10:0, 11:0, 12:0, 13:0, 14:0, 15:0,16:0, 17:0, 18:0, 19:0, 20:0, 21:0, 22:0,ParamsOut: 1:1, 2:0, 3:2, 4:1, 5:1, 6:0, 7:21,8:0, 9:1, 10:0, 11:14, 12:1, 13:0, 14:0, 15:0,16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,Router-A#Related Commands
xremote
To prepare the router for manual startup and initiate an XRemote connection, use the xremote EXEC command. This command begins the instructions that prompt you through the connection.
xremote
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
EXEC
Command History
Usage Guidelines
If you do not use a host computer that supports XDMCP or LAT, you must use manual session startup. Manual session startup involves the following steps:
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Note
Refer to the Cisco IOS Dial Services Configuration Guide: Terminal Services for more information about how to establish XRemote sessions between servers.
Examples
The following example starts a manual XRemote session:
dialup> xremoteXRemote enabled; your display is dialup:2006Start your clients and type XRemote againThe router replies with a message informing you of your X display location. Use this information to tell the XRemote host the location of your X display server. If no clients are found, you see the following message:
No X clients waiting - check that your display is darkstar:2006The following example shows a connection from an X display terminal through a router to a host running client programs:
dialup> xremoteXRemote enabled; your display is dialup:2006Start your clients and type XRemote againdialup> telnet eureka Trying EUREKA.NOWHERE.COM (252.122.1.55)... OpenSunOS UNIX (eureka)login: dealPassword:Last login: Fri Apr 1 17:17:46 from dialup.nowhere.comSunOS Release (SERVER+FDDI+DBE.patched) #14: Fri Apr 8 10:37:29 PDT 1994eureka% setenv DISPLAY dialup:2006eureka% xterm &[1] 15439eureka% logout[Connection to EUREKA closed by foreign host]dialup> xremoteEntering XRemoteThe following procedure shows how an XRemote connection is established for a configuration like the one shown in Figure 4. This example assumes that the administrator has set the user's display environment variable to identify the user's X display terminal.
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
You can use the master indexes or search online to find documentation of related commands.
Figure 4 XRemote Session Between Servers
The following example shows how to make an XRemote connection between servers. The number 9016 in the first line of the display indicates a connection to individual line 16. If the administrator had configured a rotary connection, the user enters 10000 plus the number of the rotary instead of 9016.
router% telnet golden-road 9016Trying 192.31.7.84 ...Connected to golden-road.cisco.com.Escape character is '^]'.User Access VerificationPassword:Password OK--- Outbound XRemote service ---Enter X server name or IP address: innerspaceEnter display number [0]:Connecting to tty16... please start up XRemote on the remote systematdt 13125554141DIALINGRINGCONNECT 14400User Access VerificationUsername: dealPassword:Welcome to the cisco dial-up access server.dialup> xremoteXRemote enabled; your display is dialup:2006Start your clients and type XRemote againdialup> telnet sparksTrying SPARKS.NOWHERE.COM (252.122.1.55)... OpenSunOS UNIX (sparks)login: dealPassword:Last login: Fri Apr 1 17:17:46 from dialup.nowhere.comSunOS Release (SERVER+FDDI+DBE.patched) #14: Fri Apr 8 10:37:29 PDT 1994sparks% setenv DISPLAY dialup:2006sparks% xterm &[1] 15439sparks% logout[Connection to SPARKS closed by foreign host]dialup> xremoteEntering XRemoteRelated Commands
Initiates a DEC window session over a LAT connection.
Activates automatic session startup for an XRemote connection.
xremote lat
To initiate a DECwindow session over a local-area transport (LAT) connection, use the xremote lat EXEC command.
xremote lat service
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
If your host computer supports DECwindows login sessions, you can use automatic session startup to make an XRemote session connection. Once the system administrator at the remote host configures support for DECwindows over LAT, use the xremote lat EXEC command to initiate the connection. After you issue this command, the following events occur:
•
•
Log on to the host. Upon completion of login, more fonts are loaded, and the remote session begins.
Note
To exit XRemote sessions, you must quit all active X connections, usually with a command supported by your X client system. Usually, when you quit the last connection (when all client processes are stopped), XRemote closes and you return to the EXEC prompt. However, your X client system determines how the session closes.
Examples
The following example begins connection with a LAT service named service1:
xremote lat service1Related Commands
Prepares the router for manual startup and initiates an XRemote connection.
Activates automatic session startup for an XRemote connection.
xremote tftp buffersize
To change the buffer size used for loading font files, use the xremote tftp buffersize command in global configuration mode. Use the no form of this command to restore the buffer size to the default value.
xremote tftp buffersize buffersize
no xremote tftp buffersize
Syntax Description
buffersize
Buffer size in bytes. This is a decimal number in the range from 4096 to 70000 bytes. The default is 70000.
Defaults
70000 bytes
Command Modes
Global configuration
Command History
Usage Guidelines
When the X terminal requests that a font file be loaded, the Cisco IOS software must first load the font file into an internal buffer before passing it to the X terminal. The default value of 70000 bytes is adequate for most font files, but the size can be increased as necessary for nonstandard font files.
The buffer size can be set as low as 4096 bytes and as large as the available memory on the router will allow. If you are using LAT font access, you should not lower the buffer size below the default, because the font directory for all of the LAT fonts (created internally) requires 70000 bytes.
This command applies to both TFTP and LAT font access.
Examples
The following example sets the buffer size to 20000 bytes:
xremote tftp buffersize 20000xremote tftp host
To add a specific Trivial File Transfer Protocol (TFTP) font server as a source of fonts for the terminal, use the xremote tftp host command in global configuration mode. Use the no form of this command to remove a font server from the list.
xremote tftp host hostname
no xremote tftp host hostname
Syntax Description
Defaults
No TFTP font server is specified.
Command Modes
Global configuration
Command History
Usage Guidelines
Each time a new host name is entered, the list in the Cisco IOS software is updated. Font servers are queried in the order of their definition when the X terminal requests a font.
Examples
The following example sets the host IBM-1 as an XRemote TFTP font server:
xremote tftp host IBM-1The following example sets the host with IP address 10.0.0.7 as an XRemote TFTP font server:
xremote tftp host 10.0.0.7xremote tftp retries
To specify the number of retries the font loader will attempt before declaring an error condition, use the xremote tftp retries command in global configuration mode. Use the no form of this command to restore the default retries number.
xremote tftp retries retries
no xremote tftp retries
Syntax Description
retries
(Optional) Number of retries. Acceptable values are decimal numbers in the range from 1 to 15.
Defaults
3 retries
Command Modes
Global configuration
Command History
Usage Guidelines
Under certain conditions, you might need to increase the number of retries, particularly if the font servers are known to be heavily loaded.
Examples
The following example sets the font loader retries to 5:
xremote tftp retries 5xremote xdm
To activate automatic session startup for an XRemote connection, use the xremote xdm EXEC command.
xremote xdm [hostname]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
If your host computer supports a server running XDMCP (such as the xdm program included in X11R4 or later), you can use automatic session startup to make an XRemote session connection. To do so, use the xremote xdm EXEC command.
This command sends an X Display Manager Control Protocol (XDMCP) session startup request to the host computer. If you do not specify a host name or IP address, a broadcast message is sent to all hosts. The first host to respond by starting up a session is used.
The XRemote (the host) server and X terminal stay in XRemote mode until either the display manager terminates the session or the XRemote server receives a reset request from the X terminal.
To exit XRemote sessions, you must quit all active X connections, usually with a command supported by your X client system. Usually, when you quit the last connection (all client processes are stopped), XRemote closes and you return to the EXEC prompt. However, your remote X client system determines how the session closes.
To terminate a session, disconnect from the device on the network using the command specific to that device. Then, exit from the EXEC by using the exit command.
Examples
The following example starts a session with a remote host named host1:
xremote xdm host1Related Commands
Prepares the router for manual startup and initiates an XRemote connection.
Initiates a DEC window session over a LAT connection.
