Table Of Contents
show platform software configuration access policy
terminal lat remote-modification
translate lat (virtual access interfaces)
translate tcp (virtual access interfaces)
translate x25 (virtual access interfaces)
secure-server
To enable the secure HTTP (HTTPS) server for a web user interface transport map, use the secure-server command in transport map configuration mode. To disable the HTTPS secure server for a web user interface transport map, use the no form of this command.
secure-server
no secure-server
Syntax Description
This command has no arguments or keywords.
Command Default
No server is enabled in a web user interface transport map by default.
Command Modes
Transport map configuration (config-tmap)
Command History
Cisco IOS XE Release 2.1
This command was introduced on the Cisco ASR 1000 Series Routers.
Usage Guidelines
This command is used to enable the secure HTTPS web server for web user interface traffic. The other choice is the server option, which configures HTTP as the web server. Both web servers can be configured at the same time.
When this command is entered, the router decides which port to use for HTTPS traffic based on the ip http secure-server or ip http secure-port configuration. Therefore, ip http secure-server, which configures the router to use the default port of 443 for HTTPS traffic, or ip http secure-port, which specifies a user-defined port for HTTPS traffic, must be configured when the secure-server command is used.
Examples
In the following example, the web user interface using the default HTTPS port is enabled:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# ip http secure-serverRouter(config)# transport-map type persistent webui https-webuiRouter(config-tmap)# secure-serverRouter(config-tmap)# exitRouter(config)# transport type persistent webui input https-webui*Apr 22 02:38:43.597: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to startRelated Commands
server (transport map)
To enable the HTTP server for a web user interface transport map, use the server command in transport map configuration mode. To disable the HTTP server for a web user interface transport map, use the no form of this command.
server
no server
Syntax Description
This command has no arguments or keywords.
Command Default
No server is enabled in a web user interface transport map by default.
Command Modes
Transport map configuration (config-tmap)
Command History
Cisco IOS XE Release 2.1
This command was introduced on the Cisco ASR 1000 Series Routers.
Usage Guidelines
This command is used to enable the HTTP web server for web user interface traffic. The other choice is the secure-server option, which configures HTTPS as the web server. Both web servers can be configured at the same time.
When this command is entered, the router decides which port to use for HTTP traffic based on the ip http server or ip http port configuration. Therefore, ip http server, which configures the router to use the default port of 80 for HTTP traffic, or ip http port, which specifies a user-defined port for HTTP traffic, must be configured when the server command is used.
Examples
In the following example, the web user interface using the default HTTP port is enabled:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# ip http serverRouter(config)# transport-map type persistent webui http-webuiRouter(config-tmap)# serverRouter(config-tmap)# exitRouter(config)# transport type persistent webui input http-webui*Apr 22 02:43:55.798: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to startRelated Commands
service exec-callback
To enable call back to clients who request a callback from the EXEC level, use the service exec-callback command in global configuration mode.
service exec-callback
Syntax Description
This command has no arguments or keywords.
Defaults
Callback is not enabled.
Command Modes
Global configuration
Command History
Usage Guidelines
This command enables the Cisco IOS software to return a call to a device that dials in, connects to the EXEC, and requests callback.
Examples
The following example enables EXEC level callback:
service exec-callbackRelated Commands
service old-slip-prompts
To provide backward compatibility for client software scripts expecting Serial Line Internet Protocol (SLIP) and PPP dialogs to be formatted with Cisco IOS software Release 9.1 or earlier releases, use the service old-slip-prompts command in global configuration mode. To disable this function, use the no form of this command.
service old-slip-prompts
no service old-slip-prompts
Syntax Description
This command has no arguments or keywords.
Defaults
The prompts and information sent by SLIP and PPP are formatted with the current release of Cisco IOS software.
Command Modes
Global configuration
Command History
Usage Guidelines
This command provides backward compatibility for client software scripts expecting SLIP and PPP dialogs to be formatted with Cisco IOS software Release 9.1 or earlier releases.
Examples
The following example shows the output of a SLIP command after the service old-slip-prompts command is enabled:
Router# configure terminalRouter(config)# service old-slip-promptsRouter(config)# exitRouter# slipIP address or hostname: 10.2.2.2Entering SLIP mode.Your IP address is 10.2.2.2. MTU is 1500 bytesservice pt-vty-logging
To log the X.121 calling address, Call User Data (CUD), and IP address assigned to a vty asynchronous connection, use the service pt-vty-logging command in global configuration mode. To disable this function, use the no form of this command.
service pt-vty-logging
no service pt-vty-logging
Syntax Description
This command has no arguments or keywords.
Defaults
This feature is disabled.
Command Modes
Global configuration
Command History
Usage Guidelines
This command permits you to log the X.121 calling address, CUD, and IP address assigned to a vty asynchronous connection and direct this information to the console, an internal buffer, or a UNIX syslog server, depending on the logging configuration command you use. This authentication information can be used to associate an incoming packet assembler/disassembler (PAD) vty-asynchronous connection with an IP address.
Note
By default, the Cisco IOS software displays all messages to the console terminal.
Examples
The following example enables you to log the X.121 calling address, CUD, and IP address assigned to a vty asynchronous connection and save this information to a syslog server:
service pt-vty-loggingThe following is sample output from the service pt-vty-logging command:
01:24:31: PAD18: call from 00011890 on LCI 10 PID 1 0 0 0 CUD "xyz"Table 12 describes the fields shown in the output.
Related Commands
logging
Logs messages to a syslog server host.
logging buffered
Logs messages to an internal buffer.
session-limit
To set the maximum number of terminal sessions per line, use the session-limit command in line configuration mode. To remove any specified session limit, use the no form of this command.
session-limit session-number
no session-limit
Syntax Description
Defaults
The default and set session limits are displayed with the start-character EXEC command.
Command Modes
Line configuration
Command History
Examples
The following example limits the number of sessions to eight on a ten-line range:
line 2 12session-limit 8Related Commands
line vty
Specifies a virtual terminal for remote console access.
start-character
Sets the flow control start character.
session-timeout
To set the interval for closing the connection when there is no input or output traffic, use the session-timeout command in line configuration mode. To remove the timeout definition, use the no form of this command.
session-timeout minutes [output]
no session-timeout
Syntax Description
Defaults
The default interval is zero, indicating that the router maintains the connection indefinitely.
Command Modes
Line configuration
Command History
Usage Guidelines
This command sets the interval that the Cisco IOS software waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state.
If only the session timeout command is specified, the session timeout interval is based solely on detected input from the user.
If the session timeout command is specified with the output keyword, the interval is based on both input and output traffic. You can specify a session timeout on each port.
The session-timeout command behaves slightly differently on virtual (vty) terminals than on physical console, auxiliary (aux), and terminal (tty) lines. When a timeout occurs on a vty, the user session returns to the EXEC prompt. When a timeout occurs on physical lines, the user session is logged out and the line returned to the idle state.
You can use a combination of the exec-timeout and session-timeout line configuration commands, set to approximately the same values, to get the same behavior from virtual lines that the session-timeout command causes on physical lines.
Examples
The following example sets an interval of 20 minutes and specifies that the timeout is subject to traffic detected from the user (input only):
line 5session-timeout 20The following example sets an interval of 10 minutes, subject to traffic on the line in either direction:
line 5session-timeout 10 outputRelated Commands
set (ruleset)
To unconditionally set one or more connection parameters to a fixed value for a translation ruleset, use the set command in translate ruleset configuration mode. To remove the ruleset, use one of the no forms of this command.
set [#line-number] {pad | telnet} variable-parameter [{pad | telnet} variable-parameter [...]]
no set {pad | telnet} variable-parameter [{pad | telnet} variable-parameter [...]]
no set #line-number [...]
Syntax Description
#line-number
(Optional) The line in the ruleset template the command should occupy. The # character must be entered.
{pad | telnet}
Specifies the incoming or outgoing protocol, which controls the parameters that are available in the next element of this command.
variable-parameter
A parameter that varies depending upon the protocol selected, either pad or telnet, and its role, either incoming or outgoing. Protocol parameter values are available to modify the incoming or outgoing connection behavior during protocol translation session setup. Up to six parameters can be entered on one command line. Table 13 indicates the supported Telnet and PAD incoming and outgoing connection parameter keywords with an X.
[...]
(Optional) Specifies that multiple entries can be made as follows:
•
•
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
Usage Guidelines
Up to six set specifications can be entered on one command line. The ellipses in the format shown above means multiple set statements can be specified.
When you use the first no form of this command, specify the full set of parameters and expressions in the command to be removed. The second no form must specify the correct set command and line number within the ruleset template.
Once an incoming connection has been matched for processing, the ruleset generates the protocol translation parameters using a template that unconditionally sets a value defined by a set statement. It is also possible that the incoming connection could conditionally set a value based on a test of parameter values using regular expressions. This is a test and set operation. The ruleset template could then substitute one parameter into another from a regular expression pattern match. These command combinations provide the network administrator with much flexibility in determining the protocol parameter values to use when establishing a protocol translation session.
As an example of set, test, and substitute command usage, an incoming TCP connection to an outgoing PAD connection might unconditionally set the PAD's profile identifier as follows:
set pad profile Bldg-1-5ess
The incoming connection might conditionally set the profile identifier from a test of the destination information, as follows:
test telnet dest-addr \.11$ telnet dest-port ^10000$ set pad profile ess
Finally, the command might substitute a portion of the TCP destination port into the profile identifier, as follows:
substitute telnet dest-port ^1000(.)$ pad profile Bldg-1-5ess-\1
To combine the test and set commands, use the backslash character (\) to concatenate the command lines. The following statements test conditional parameters and then set appropriate parameters:
test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \
set pad pvc 1 telnet binary TThe protocol parameters for the incoming connection attempt are available for match expressions in the test, set and substitute statements. The values of the incoming connection attempt cannot be modified, though. For example, an incoming PAD connection has source and destination addresses that can be tested and used to modify other parameters, but the incoming connection addresses themselves cannot be modified.
Configuration errors are not detected when translation ruleset commands are entered. They are tested when the connection is attempted and the test (ruleset) command is used. In the following example, the translation ruleset set command unconditionally sets the PAD's profile name to a profile that does not exist in the configuration:
set pad profile Bldg-1-5ess
This command would be accepted at the command-line interpreter, and validated only upon a connection attempt or with the test translate EXEC command. When the error is detected, the following messages display:
*%PT-3-PARAMRESULTERR: PT ruleset test protocol pad parameter profile parse error: Bldg-1-5ess.
-Process= "PAD InCall", ipl= 3, pid= 94
*PAD: ruleset translation not generated Cause: 9 Diag: 0
Table 13 lists the PAD and Telnet parameters that can be set, as indicated by an X. PAD outgoing service routing information (interface, CMNS MAC address, X.25 over TCP or XOT parameters, for example) are available for both switched virtual circuit (SVC) and permanent virtual circuit (PVC) service, and will take precedence over the X.25 routing table. If no routing information is specified, the X.25 routing table will be used. Entering an incomplete specification of routing information or the Connection-Mode Network Service (CMNS) MAC address, or omitting an interface specification for an Annex G data-link connection identifier (DLCI), will result in an error.
Examples
The following example shows how to build a ruleset by writing a match statement, specifying protocol translation options, setting parameters for incoming Telnet connections, then testing and setting appropriate parameters for incoming PAD connections. Note use of the backslash character to combine the test and set statements.
translate ruleset customer-case-1 from telnet to pad! Match an incoming Telnet attempt destined for IP addresses starting! with 172.18., and a 5-digit port starting with 120 through 127match dest-addr ^172\.18\..* dest-port ^12[0-7]..$! Once the correct network is matched, specify that this ruleset is limited! to ten concurrent users and requires a login exchangeoptions max-users 10 login! Set Telnet optionsset telnet printer Y telnet binary Y! Set PAD optionsset pad profile cust-profile-one! Test conditional parameters and make appropriate settingstest telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \set pad pvc 1 telnet binary TRelated Commands
show arap
To display information about a running AppleTalk Remote Access Protocol (ARAP) connection, use the show arap command in EXEC mode.
show arap [line-number]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
Use the show arap command with no arguments to display a summary of the ARAP traffic since the router was last booted.
Examples
The following is sample output from the show arap command:
Router# show arapStatistics are cumulative since last rebootTotal ARAP connections: 2Total Appletalk packets output: 157824Total Appletalk packets input: 12465These fields refer to the sum of all of the ARA connections since the box was last reloaded.
The following sample output results in a display of information about ARA activity on a specific line (line 3):
Router# show arap 3Active for 23 minutes"Unlimited time left" or "22 minutes left""Doing smartbuffering" or "Smartbuffering disabled"Appletalk packets output: 157824Appletalk packets input: 12465Appletalk packets overflowed: 1642Appletalk packets dropped: 586V42bis compression efficiency (incoming/outgoing): {percentage/percentage}MNP4 packets received: 864MNP4 packets sent: 1068MNP4 garbled packets received: 4MNP4 out of order packets received: 0MNP4 packets resent: 0MNP4 nobuffers: 0Table 14 describes the significant fields shown in the display.
Table 14 show arap Field Descriptions
Active for integer minutes
Number of minutes since ARAP started on the line.
Unlimited time left or integer minutes left
Remaining time limit on the line, if applicable on the line.
Doing smartbuffering or Smartbuffering disabled
Obsolete. Always says "Doing smartbuffering."
Appletalk packets output:
Number of AppleTalk packets that have been received from the Apple Macintosh and out to the network during this connection.
Appletalk packets input:
Number of AppleTalk packets that have been received from the network and sent to the Apple Macintosh during this connection.
Appletalk packets overflowed:
Number of packets from the network that have been dropped because the link to the Apple Macintosh was congested.
Appletalk packets dropped:
Number of packets from the network that have been dropped because it was unnecessary to pass them (frequently RTMP).
V42bis compression efficiency (incoming/outgoing):
Performance of the v42bis protocol underneath ARA, expressed as a percentage of incoming/percentage outgoing. If the efficiency is low, a network user is probably copying already compressed files across the link. Generally, low efficiency means slow performance.
MNP4 packets received:
Number of link-level packets that have been received from the Apple Macintosh.
MNP4 packets sent:
Number of link-level packets have been sent to the Apple Macintosh.
MNP4 garbled packets received:
Number of garbled packets that have been received from the Apple Macintosh.
MNP4 out of order packets received:
Number of out-of-order packets that have been received from the Apple Macintosh.
MNP4 packets resent:
Number of times packets have been re-sent.1
MNP4 nobuffers:
Number of times MNP4 has run out of buffers. This field should be zero.
1 Each of these fields indicates line noise. The higher the value, the higher the noise.
show entry
To display the list of queued host-initiated connections to a router, use the show entry command in EXEC mode.
show entry
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
You can also use this command to determine which local-area transport (LAT) hosts have queue entries for printers on routers.
Examples
The following is sample output from the show entry command. The display shows that two LAT connections are waiting for access to port 5. The list is ordered so that the lower-numbered entry has been waiting longer, and will use the line next.
Router# show entry1 waiting 0:02:22 for port 5 from LAT node BLUE2 waiting 0:00:32 for port 5 from LAT node STELLATable 15 describes the fields in the first line of output shown in the display.
show keymap
To test for the availability of a keymap after a connection on a router takes place, use the show keymap command in EXEC mode.
show keymap [keymap-name | all]
Syntax Description
keymap-name
(Optional) Name of the keymap.
all
(Optional) Lists the names of all defined keymaps. The name of the default keymap is not listed.
Command Modes
EXEC
Command History
Usage Guidelines
The Cisco IOS software searches for the specified keymap in its active configuration image and lists the complete entry if found. If the keymap is not found, an appropriate "not found" message appears.
If you do not use any arguments with the show keymap command, then the keymap currently used for the terminal is displayed.
Examples
The following is sample output from the show keymap command:
Router# show keymapciscodefault { clear = '^z'; flinp = '^x'; enter = '^m';\delete = '^d' | '^?';\synch = '^r'; reshow = '^v'; eeof = '^e'; tab = '^i';\btab = '^b'; nl = '^n'; left = '^h'; right = '^l';\up = '^k'; down = '^j'; einp = '^w'; reset = '^t';\xoff = '^s'; xon = '^q'; escape = '^c'; ferase = '^u';\insrt = '\E ';\pa1 = '^p1'; pa2 = '^p2'; pa3 = '^p3';\pfk1 = '\E1'; pfk2 = '\E2'; pfk3 = '\E3'; pfk4 = '\E4';\pfk5 = '\E5'; pfk6 = '\E6'; pfk7 = '\E7'; pfk8 = '\E8';\pfk9 = '\E9'; pfk10 = '\E0'; pfk11 = '\E-'; pfk12 = '\E=';\pfk13 = '\E!'; pfk14 = '\E@'; pfk15 = '\E#'; pfk16 = '\E$';\pfk17 = '\E%'; pfk18 = '\E\^'; pfk19 = '\E&'; pfk20 = '\E*';\pfk21 = '\E('; pfk22 = '\E)'; pfk23 = '\E_'; pfk24 = '\E+';\}Refer to the keymap command for more information about keyboard mappings and keymap entry structures.
Related Commands
show lat advertised
To display the local-area transport (LAT) services a router offers to other systems running LAT on the network, use the show lat advertised command in EXEC mode.
show lat advertised
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
Advertised services are created with the lat service commands. The display includes the service rating, rotary group if present, and whether the service is enabled for incoming connections.
Examples
The following is sample output from the show lat advertised command:
Router# show lat advertisedservice Name Rating Rotary Flagsservice1 4(Dynamic) None EnabledAutocommand: telnet service1Service2 0(Dynamic) 12 EnabledIdent: service2 modem servicesservice3 4(Dynamic) None EnabledIdent: service3...The display shows output from a router named router1 that has three services defined: service1, service2, and service3.
Table 16 describes the fields shown in the display.
show lat groups
To display the groups that were defined in the Cisco IOS software with the lat group-list command, use the show lat groups command in EXEC mode.
show lat groups
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show lat groups command:
Router# show lat groupsGroup Name Len Groupscafeteria 3 13 15 23engineering 7 55manufacturing 10 70 71 72Table 17 describes the fields shown in the display.
Related Commands
lat group-list
Allows a name to be assigned to the group list, which is any combination of group names, numbers, or ranges.
show lat nodes
To display information about all known local-area transport (LAT) nodes, use the show lat nodes command in EXEC mode.
show lat nodes
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show lat nodes command:
Router# show lat nodesNode "service1", usage -1, Interface Ethernet0, Address 0000.0c01.0509Timer 89, sequence 188, changes 131, flags 0x0, protocol 5.1Facility 0, Product code 0, Product version 0Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmitBad messages: 0, Bad slots: 0, Solicits accepted: 0Solicits rejected: 0, Multiple nodes: 0Groups: 0Service classes: 1Node "service2", usage -1, LocalTimer 99, sequence 4, changes 151, flags 0x0, protocol 5.2Facility 0, Product code 0, Product version 0Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmitBad messages: 0, Bad slots: 0, Solicits accepted: 0Solicits rejected: 0, Multiple nodes: 0Groups: 0Service classes: 1Node "service3", usage -1, Interface Ethernet0, Address 0000.0cff.c9edTimer 99, sequence 9, changes 159, flags 0x0, protocol 5.1Facility 0, Product code 0, Product version 0Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmitBad messages: 0, Bad slots: 0, Solicits accepted: 0Solicits rejected: 0, Multiple nodes: 0Groups: 0Service classes: 1Node "service4", usage -1, Interface Ethernet0, Address 0000.0c02.c7c1Timer -10351, sequence 1, changes 131, flags 0x40, protocol 5.2Facility 0, Product code 0, Product version 0Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmitBad messages: 0, Bad slots: 0, Solicits accepted: 0Solicits rejected: 0, Multiple nodes: 0Groups: 0Service classes: 1Table 18 describes the significant fields shown in the display.
show lat services
To display information about learned local-area transport (LAT) services in the Cisco IOS software, use the show lat services command in EXEC mode.
show lat services [service-name]
Syntax Description
Command Modes
EXEC
Command History
Examples
The following is sample output from the show lat services command:
Router# show lat servicesService Name Rating Interface Node (Address)ABCDEFGHIJ 5 Ethernet0 SERVICE1(0000.0c00.391f)GLAD 84 Ethernet0 SERVICE2 (aa00.0400.9205)Ident: Welcome to GatewayWHEEL 83 Ethernet0 SERVICE3 (aa00.0400.9005)ZXYW 5 Ethernet0 SERVICE4 (0000.0c00.391f)Table 19 describes the significant fields shown in the display.
Related Commands
show lat sessions
Displays active LAT sessions.
show resource-pool call
Displays specific LAT learned services.
show lat sessions
To display active local-area transport (LAT) sessions, use the show lat sessions command in EXEC mode.
show lat sessions [line-number]
Syntax Description
Command Modes
EXEC
Command History
Examples
The following is sample output from the show lat sessions command. In this example, information about all active LAT sessions is displayed. The output is divided into three sections for each session (in this case two sessions): TTY data, session data, and remote node data.
Router> show lat sessionstty0, connection 1 to service TERM1TTY data:Name "0", Local usage 1/0, Remote usage disabledFlags: Local Connects, EnabledType flags: noneConfig flags: -FlowOut, -FlowIn, Parameter InfoFlow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8Groups: 0Session data:Name TERM1, Remote Id 1, Local Id 1Remote credits 2, Local credits 0, Advertised Credits 2Flags: noneMax Data Slot 255, Max Attn Slot 255, Stop Reason 0Remote Node data:Node "TERM1", Address 0000.0C00.291F, usage 1Timer 59, sequence 5, changes 159, flags 0x0, protocol 5.1Recv 56/22/83, Xmit 41/23/14, 0 Dups, 0 ReXmitGroups: 0tty10, connection 1 to service ENG2TTY data:Name "10", Local usage 1/0, Remote usage disabledFlags: Local Connects, EnabledType flags: noneConfig flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8Groups: 0Session data:Name ENG2, Remote Id 1, Local Id 1Remote credits 1, Local credits 0, Advertised Credits 2Flags: noneMax Data Slot 255, Max Attn Slot 255, Stop Reason 0Remote Node data:Node "ENG2", Address AA00.0400.34DC, usage 1Timer 179, sequence 60, changes 255, flags 0x0, protocol 5.1Recv 58/29/186, Xmit 50/36/21, 0 Dups, 0 ReXmitGroups: 0The following sample output displays information about active LAT sessions on one line (line 10). The output is divided into three sections: TTY data, session data, and remote node data.
Router> show lat sessions 10tty10, connection 1 to service ENG2TTY data:Name "10", Local usage 1/0, Remote usage disabledFlags: Local Connects, EnabledType flags: noneConfig flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8Groups: 0Session data:Name ENG2, Remote Id 1, Local Id 1Remote credits 1, Local credits 0, Advertised Credits 2Flags: noneMax Data Slot 255, Max Attn Slot 255, Stop Reason 0Remote Node data:Node "ENG2", Address AA00.0400.34DC, usage 1Timer 189, sequence 61, changes 247, flags 0x0, protocol 5.1Recv 60/29/186, Xmit 52/36/21, 0 Dups, 0 ReXmitGroups: 0Table 20 describes the fields shown in the displays.
Related Commands
show lat services
Displays information about learned LAT services in the Cisco IOS software.
show resource-pool call
Displays specific LAT learned services.
show lat traffic
To display information about traffic and resource utilization statistics on all active lines, use the show lat traffic command in EXEC mode.
show lat traffic
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show lat traffic command:
Router# show lat trafficLocal host statistics:0/100 circuits, 0/500 sessions, 1/500 services100 sessions/circuit, circuit timer 80, keep-alive timer 5Recv: 335535 messages (2478 duplicates), 161722 slots, 1950146 bytes0 bad circuit messages, 3458 service messages (52 used)Xmit: 182376 messages (2761 retransmit), 146490 slots, 36085 bytes1 circuit timeoutsTotal: 23 circuits created, 38 sessionsTable 21 describes the significant fields shown in the display.
show line
To display parameters of a terminal line, use the show line command in user EXEC or privileged EXEC mode.
show line [line-number [upper-line-number] | [{aux | console | vty} line-number [upper-line-number]] [summary]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
If Closed User Group (CUG) security is configured on a line, the show line command used with the line-number argument causes "CUG Security Enabled" to be displayed in the Capabilities field of the output.
The show line command used with the summary keyword provides line status summary details such as whether there were modem calls or character mode calls.
Examples
The following sample output from the show line vty4 command shows that virtual terminal line 4 has a send and receive rate of 9600 bits per second (bps). Also shown are the terminal screen width and length, modem state, preferred transport method, and other characteristics.
Router# show line vty4Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns22 VTY - - - - - 0 0 0/0 -Line 22, Location: "", Type: ""Length: 24 lines, Width: 80 columnsBaud rate (TX/RX) is 9600/9600Status: No Exit BannerCapabilities: CUG Security EnabledModem state: IdleSpecial Chars: Escape Hold Stop Start Disconnect Activation^^x none - - noneTimeouts: Idle EXEC Idle Session Modem Answer SessionDispatchnever never none not setIdle Session Disconnect WarningneverLogin-sequence User Response00:00:30Autoselect Initial Waitnot setModem type is unknown.Session limit is not set.Time since activation: neverEditing is enabled.History is enabled, history size is 10.DNS resolution in show commands is enabledFull user help is disabledAllowed input transports are none.Allowed output transports are pad v120 telnet rlogin udptn.Preferred transport is telnet.No output characters are paddedNo special data dispatching charactersTable 22 describes the significant fields shown in the report displayed by the show line command (and may not match the previous example).
The following sample output from the show line summary command shows line summary status for lines 1/3/36 through 1/3/102. Each row of output represents 36 lines, and the line status characters in groups of four for readability. For example, the first row represents information on rows 1/3/36 through 1/3/71, and the first line status character "U" corresponds to line 1/3/36.
Router# show line summary1/3/36: U??? ---- ---- ---- ---- --u- ---- ???? ....1/3/72: ---- ???? ---- ???? ???? MMMM MMMM MMMM MMMM2 character mode users. (U)19 lines never used. (?)31 lines used, but currently idle. (-)4 lines do not exist. (.)16 lines in use by modem management (M)18 total lines in use, 1 not authenticated (lowercase)Table 23 describes the possible line status characters that can be shown in output from the show line summary command.
Related Commands
modem enable
Enables backup dial capability through the console port (changes the console port into an auxiliary port).
show line autodetect
To detect the type of device connected on the console line, use the show line autodetect command in user EXEC or privileged EXEC mode.
show line autodetect
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
Use this command to detect the type of device connected on the console line.
Examples
The following example shows the command used to configure console autodetect mode:
Router(config-line)# modem enable autodetectUse the show line autodetect command to determine when a modem or a console has been detected:
Router# show line autodetectDetection State: Feature not enabledRouter# show line autodetectDetection State: Nothing AttachedRouter# show line autodetectDetection State: Init StateRouter# show line autodetectDetection State: Console AttachedRouter# show line autodetectDetection State: Modem AttachedTable 24 describes the significant fields shown in the display.
Related Commands
modem enable
Enables backup dial capability through the console port (changes the console port into an auxiliary port).
show node
To display information about local-area transport (LAT) nodes, use the show node command in EXEC mode.
show node [all | node-name] [counters | status | summary]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
Entering the show node command with no arguments is the same as entering the show node all summary command and shows a one-line summary of all known nodes.
You can enter the show node command with either a specific node name or the all keyword, but not both.
The show node command displays three different sets of information about a node: the node counters, the node status, or a one-line summary of the node status.
You can enter the show node command with only one of the counters, status, or summary keywords. If you enter show node and two of these keywords without specifying a node name, the first keyword is treated as a node name, causing an error. If you enter the show node node-name command and two of these keywords, the second keyword will be treated as ambiguous.
The show node command with a node-name argument but no counters, status, or summary keyword defaults to show node node-name status.
Examples
The following is sample output from the show node command with no further keywords (the same as the show node all summary command):
Router> show nodeNode Name Status IdentificationCHAOS ReachableMUDDY-RIVER ReachableTARMAC ReachableWHEEL Reachable Welcome to VAX/VMS V5.4-2Table 25 describes the significant fields shown in the display.
The following is sample output from the show node output that defaults to show node chaos status. It results in a display of the detailed status of node chaos.
Router> show node chaosNode: CHAOS Address: 00-00-0C-01-05-09LAT Protocol: V5.1 Data Link Frame Size: 1500Identification:Node Groups: 0Service Name Status Rating IdentificationCHAOS Available 80Table 26 describes the significant fields shown in the display.
The following sample output displays the counter information for a specific node:
Router> show node tarmac countersNode: tarmacSeconds Since Zeroed: 100 Multiple Node Addresses: 0Messages Received: 0 Duplicates Received: 0Messages Transmitted: 0 Messages Re-transmitted: 0Slots Received: 0 Illegal Messages Received: 0Slots Transmitted: 0 Illegal Slots Received: 0Bytes Received: 0 Solicitations Accepted: 0Bytes Transmitted: 0 Solicitations Rejected: 0In the following sample command and output displays, the status keyword is treated as the node name:
Router> show node status countersLocal -710- Node STATUS not knownIn the following example, the second keyword counters is treated as ambiguous:
Router> show node lager status countersLocal -702- Keyword "COUNTERS" not known or ambiguousshow platform software configuration access policy
To view the access policies and banners for users entering the router using Telnet, Secure Shell (SSH), or the console port, enter the show platform software configuration access policy command in priviliged EXEC and diagnostic mode.
show platform software configuration access policy
Syntax Description
This comand has no arguments or keywords.
Command Default
No default behavior or values.
Command Modes
Privileged EXEC (#)
Diagnostic (diag)
Command History
Cisco IOS XE Release 2.1
This command was introduced on the Cisco ASR 1000 Series Routers.
Usage Guidelines
Access policies for the console port, Telnet, and SSH are set through the use of transport maps. If no transport maps are applied for a particular access method, the router uses the default settings.
Transport maps are configured by entering the transport-map type command, then setting the configuration of the transport map in transport map configuration mode. Transport maps are then enabled using the transport type global configuration command.
Examples
In the following example, the connection policy and banners are set for a persistent Telnet transport map, and the transport map is enabled.
The show platform software configuration access policy output is given both before the new transport map is enabled and after the transport map is enabled so the changes to the Telnet configuration are illustrated in the output.
Router# show platform software configuration access policyThe current access-policiesMethod : telnetRule : waitShell banner:Wait banner :Method : sshRule : waitShell banner:Wait banner :Method : consoleRule : wait with interruptShell banner:Wait banner :Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# transport-map type persistent telnet telnethandlerRouter(config-tmap)# connection wait allow interruptableRouter(config-tmap)# banner diagnostic XEnter TEXT message. End with the character 'X'.Welcome to Diagnostic ModeXRouter(config-tmap)# banner wait XEnter TEXT message. End with the character 'X'.Waiting for IOS processXRouter(config-tmap)# transport interface gigabitethernet 0Router(config-tmap)# exitRouter(config)# transport type persistent telnet input telnethandlerRouter# show platform software configuration access policyThe current access-policiesMethod : telnetRule : wait with interruptShell banner:Welcome to Diagnostic ModeWait banner :Waiting for IOS processMethod : sshRule : waitShell banner:Wait banner :Method : consoleRule : wait with interruptShell banner:Wait banner :In the following example, the connection policy and banners are set for a persistent SSH transport map, and the transport map is enabled.
The show platform software configuration access policy output is given both before the new transport map is enabled and after the transport map is enabled so the changes to the SSH configuration are illustrated in the output.
Router# show platform software configuration access policyThe current access-policiesMethod : telnetRule : wait with interruptShell banner:Welcome to Diagnostic ModeWait banner :Waiting for IOS processMethod : sshRule : waitShell banner:Wait banner :Method : consoleRule : wait with interruptShell banner:Wait banner :Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# transport-map type persistent ssh sshhandlerRouter(config-tmap)# connection wait allow interruptableRouter(config-tmap)# banner diagnostic XEnter TEXT message. End with the character 'X'.Welcome to Diag ModeXRouter(config-tmap)# banner wait XEnter TEXT message. End with the character 'X'.Waiting for IOSXRouter(config-tmap)# rsa keypair-name sshkeysRouter(config-tmap)# transport interface gigabitethernet 0Router(config-tmap)# exitRouter(config)# transport type persistent ssh input sshhandlerRouter(config)# exitRouter# show platform software configuration access policyThe current access-policiesMethod : telnetRule : wait with interruptShell banner:Welcome to Diagnostic ModeWait banner :Waiting for IOS processMethod : sshRule : wait with interruptShell banner:Welcome to Diag ModeWait banner :Waiting for IOSMethod : consoleRule : wait with interruptShell banner:Wait banner :Related Commands
show service
To display specific local-area transport (LAT) learned services, use the show service command in EXEC mode.
show service [service-name]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
The show service command without a service name displays a list of known LAT learned services. When entered with the service-name argument, it displays a more-detailed status of the named service. If no LAT learned service by the specified name is known, then a lookup is done for an IP host of that name.
Examples
The following is sample output from the show service command:
Router> show serviceService Name Status IdentificationBLUE Available Welcome to VAX/VMS V5.4CHAOS AvailableMRL12 AvailableMUDDY-RIVER AvailableSTELLA-BLUE Available Welcome to VAX/VMS V5.4The following is sample output of the show service command for a specific service:
Router> show service blueService BLUE - AvailableNode Name Status Rating IdentificationBLUE reachable 84 Welcome to VAX/VMS V5.4Table 27 describes the significant fields shown in the two previous displays.
show terminal
To obtain information about the terminal configuration parameter settings for the current terminal line, use the show terminal command in EXEC mode.
show terminal
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show terminal command:
Router# show terminalLine 2, Location: "", Type: ""Length: 24 lines, Width: 80 columnsBaud rate (TX/RX) is 9600/9600Status: Ready, Active, No Exit BannerCapabilities: EnabledModem state: ReadySpecial Chars: Escape Hold Stop Start Disconnect Activation^^x none - - noneTimeouts: Idle EXEC Idle Session Modem Answer Session Dispatchnever never 0:00:15 not imp not setSession limit is not set.Allowed transports are telnet rlogin. Preferred is telnetNo output characters are paddedTable 28 describes the fields in the first three lines of the show terminal output.
The following line of output indicates the status of the line:
Status: Ready, Active, No Exit BannerTable 29 describes possible values for the Status field.
The following line of output indicates the status of the capabilities of the line. These capabilities correspond closely to configurable parameters that can be set using configuration commands.
Capabilities: EnabledTable 30 describes possible values for the Capabilities field.
The following line of output indicates the modem state. Values include Autobauding, Carrier Dropped, Hanging Up, Idle, and Ready.
Modem state: ReadyThe following lines of output indicate the special characters that can be entered to activate various terminal operations. The none or hyphen (-) values imply that no special characters are set.
Special Chars: Escape Hold Stop Start Disconnect Activation^^x none - - noneThe following lines of output indicate the timeout values that have been configured for the line:
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatchnever never 0:00:15 not imp not setTable 31 describes the fields in the preceding lines of output.
The following lines of output indicate how various options have been configured:
Session limit is not set.Allowed transports are telnet rlogin. Preferred is telnetNo output characters are paddedshow tn3270 ascii-hexval
To determine ASCII-hexadecimal character mappings, use the show tn3270 ascii-hexval command in EXEC mode.
show tn3270 ascii-hexval
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
Use the show tn3270 ascii-hexval command to display the hexadecimal value of a character on your keyboard. After you enter the show tn3270 ascii-hexval command, you will be prompted to press a key. The hexadecimal value of the ASCII character is displayed. This command is useful for users who do not know the ASCII codes associated with various keys or do not have manuals for their terminals.
Examples
The following is sample output from the show tn3270 ascii-hexval command:
Router> show tn3270 ascii-hexvalPress key> 7 - hexadecimal value is 0x37.Router> show tn3270 ascii-hexvalPress key> f - hexadecimal value is 0x66.Router> show tn3270 ascii-hexvalPress key> not printable - hexadecimal value is 0xD.Related Commands
show tn3270 character-map
To display character mappings between ASCII and EBCDIC, use the show tn3270 character-map command in EXEC mode.
show tn3270 character-map {all | ebcdic-in-hex}
Syntax Description
all
Displays all nonstandard character mappings.
ebcdic-in-hex
Displays the ASCII mapping for a specific EBCDIC character.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show tn3270 character-map command:
Router# show tn3270 character-map allEBCDIC 0x81 <=> 0x78 ASCIIEBCDIC 0x82 <=> 0x79 ASCIIEBCDIC 0x83 <=> 0x7A ASCIIRefer to the tn3270 character-map command for more information about EBCDIC and ASCII character mappings.
Related Commands
show tn3270 ascii-hexval
Displays ASCII-hexadecimal character mappings.
tn3270 character-map
Converts incoming EBCDIC characters into ASCII characters for TN3270 connections.
show translate
To display translation sessions that have been configured, use the show translate command in privileged EXEC mode.
show translate
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The display from this command shows each translation session set up on the router. It shows the incoming device and virtual terminal protocol, and the outgoing device and protocol.
Examples
The following show translate sample output is based on the following translate command configuration:
translate x25 3131415912345 ppp ip-pool scope-name router1 keepalive 0If the previous translate command is enabled, the following output is created by the show translate command:
Router# show translateTranslate From: x25 3131415912345To: PPP ip-pool scope-name router1 keepalive 01/1 users active, 1 peak, 1 total, 0 failuresTable 32 describes the significant fields shown in the display.
The following show translate sample output is based on the following translate command configuration:
translate x25 31301234 PPP 192.168.14.23 ipx-client Loopback0If the previous translate command is enabled, the following output is created by the show translate command:
Router# show translateTranslate From: x25 31301234To: PPP 192.168.14.23 ipx-client Loopback01/1 users active, 1 peak, 1 total, 0 failuresTable 33 describes the significant fields shown in the display.
The following show translate sample output is based on the following translate command configuration:
translate tcp 10.60.155.63 x25 12345678 pvc 3 dynamic eor 0x19 insertIf the previous translate command is enabled, the following output is created by the show translate command:
Router# show translateTranslate From: TCP 10.60.155.63 Port 23To: X25 12345678 Pvc 3 dynamicEOR 0x19 Insert1/1 users active, 1 peak, 1 total, 0 failuresTable 34 describes the significant fields shown in the display.
show translate ruleset
To display a summary of a specific or of all configured translate rulesets, behavioral parameters, and usage statistics, use the show translate ruleset command in user or privileged EXEC mode.
show translate ruleset [name]
Syntax Description
Defaults
Displays all one-line translate command and ruleset configuration and connection information.
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
This command is useful for maintaining and updating ruleset statements. The output of this command identifies match, skip, set, test, and substitute statement lines and numbers them. The line number can be used to reconfigure or remove any of these statements.
When the optional name argument is used, the display includes only the configured ruleset and does not include information about the standard one-line translate commands.
Examples
Specific Ruleset Information
The following example shows specific information about the ruleset named A:
Router# show translate ruleset APT ruleset A, from pad to telnet.administrative locks: 2 (2 readers, 0 writers).translations: 0 created, 0 active, 0 failed, 0 created for test.match/skip lines: 2.#1 match on 1 pad test: dest-addr ^5555(.)$.#2 skip on 1 pad test: dest-addr ^5555[89]$.options: limited to 10 active sessions.set/test/substitute lines: 3.#1 set 1 parameter: telnet/dest-addr 10.2.2.1.#2 substitute from: pad/dest-addr ^5555(.)$ into telnet/dest-port 200\1.#3 test 1 parameter: telnet/dest-port 2004; to set 1: telnet/dest-port 2010.Information About All Rulesets
The following example shows information about all protocol translation rulesets configured on the device:
Router# show translate rulesetProtocol translation rulesets: 27 created, 25 deleted, 25 freed, 0 failed.2 active rulesets.in/out: telnet 1/1, pad 1/1, ppp -/0, autocommand -/0, virtual-template -/0.PT ruleset A, from telnet to pad.administrative locks: 2 (2 readers, 0 writers).translations: 2 created, 0 active, 0 failed, 4 created for test.match/skip lines: 1.#1 match on 1 telnet test: dest-addr 10.2.2.3.options: none configured.set/test/substitute lines: 4.#1 test 1 parameter: telnet/dest-addr 10.2.2.3; to set 1: pad/dest-addr 4444.#2 test 1 parameter: pad/dest-addr 4444; to set 1: pad/source-addr-ext 11.2222.2.#3 substitute from: pad/source-addr-ext 11.2222.2 into pad/source-addr-ext 11.2222.3.#4 test 1 parameter: pad/source-addr-ext ^11.2222.3$; to set 1: telnet/binary 1.PT ruleset B, from pad to telnet.administrative locks: 2 (2 readers, 0 writers).translations: 0 created, 0 active, 0 failed, 0 created for test.match/skip lines: 2.#1 match on 1 pad test: dest-addr ^5555(.)$.#2 skip on 1 pad test: dest-addr ^55551$set/test/substitute lines: 3.#1 set 1 parameter: telnet/dest-addr 10.2.2.1.#2 substitute from: pad/dest-addr ^5555(.) into telnet/dest-port 2000.#3 test 1 parameter: pad/dest-addr ^5555[6-9]Table 35 describes all significant fields seen that may be reported by this command.
Related Commands
show transport-map
To view the transport map configuration details on your router, enter the show transport-map EXEC or priviliged EXEC command.
show transport map [all | name transport-map-name | type [console | persistent [ssh | telnet | webui]]]
Syntax Description
Command Modes
EXEC (>)
Privileged EXEC (#)
Command Default
No default behavior or values.
Command History
Cisco IOS XE Release 2.1
This command was introduced on the Cisco ASR 1000 Series Routers.
Usage Guidelines
This command is used to view information about transport map configurations.
If you are unable to access the IOS CLI in diagnostic mode and want transport map configuration information, the show platform software configuration access policy command is available in diagnostic mode and provides some of the information displayed in this command output for console port, Telnet, and SSH connections.
Examples
In the following example, the router has a console port transport map named consolehandler, a persistent SSH transport map named sshhandler, and a persistent Telnet transport map named telnethandler. The show transport-map all, show transport-map type, and show transport-map name command are all used throughout the example to gather information on the transport maps.
Router#show transport-map allTransport Map:Name: consolehandlerType: Console TransportConnection:Wait option: Wait Allow InterruptableWait banner:Waiting for the IOS CLIBshell banner:Welcome to Diagnostic ModeTransport Map:Name: sshhandlerType: Persistent SSH TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS promptBshell banner:Welcome to Diagnostic ModeSSH:Timeout: 120Authentication retries: 5RSA keypair: sshkeysTransport Map:Name: telnethandlerType: Persistent Telnet TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS processBshell banner:Welcome to Diagnostic ModeTransport Map:Name: telnethandling1Type: Persistent Telnet TransportConnection:Wait option: Wait AllowRouter#show transport-map type consoleTransport Map:Name: consolehandlerType: Console TransportConnection:Wait option: Wait Allow InterruptableWait banner:Waiting for the IOS CLIBshell banner:Welcome to Diagnostic ModeRouter#show transport-map type persistent sshTransport Map:Name: sshhandlerType: Persistent SSH TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS promptBshell banner:Welcome to Diagnostic ModeSSH:Timeout: 120Authentication retries: 5RSA keypair: sshkeysRouter#show transport-map type persistent telnetTransport Map:Name: telnethandlerType: Persistent Telnet TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS processBshell banner:Welcome to Diagnostic ModeTransport Map:Name: telnethandling1Type: Persistent Telnet TransportConnection:Wait option: Wait AllowRouter#show transport-map name telnethandlerTransport Map:Name: telnethandlerType: Persistent Telnet TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS processBshell banner:Welcome to Diagnostic ModeRouter#show transport-map name telnethandler1% No transport map telnethandler1Router#show transport-map name consolehandlerTransport Map:Name: consolehandlerType: Console TransportConnection:Wait option: Wait Allow InterruptableWait banner:Waiting for the IOS CLIBshell banner:Welcome to Diagnostic ModeRouter#show transport-map name sshhandlerTransport Map:Name: sshhandlerType: Persistent SSH TransportInterface:GigabitEthernet0Connection:Wait option: Wait Allow InterruptableWait banner:Waiting for IOS promptBshell banner:Welcome to Diagnostic ModeSSH:Timeout: 120Authentication retries: 5RSA keypair: sshkeysRouter#In the following example, a transport map that has enabled both the HTTP server and the secure HTTP server is viewed using this command.
Router# show transport-map type persistent webuiTransport Map:Name: webui_http_httpsType: Persistent Webui TransportWebui:Server: enabledSecure Server: enabled
Related Commands
show ttycap
To test for the availability of a ttycap after a connection on a router takes place, use the show ttycap command in EXEC mode.
show ttycap [ttycap-name | all]
Syntax Description
ttycap-name
(Optional) Name of a ttycap.
all
(Optional) Lists the names of all defined ttycaps. The name of the default ttycap is not listed.
Command Modes
EXEC
Command History
Usage Guidelines
The Cisco IOS software searches for the specified ttycap in its active configuration image, and lists the complete entry if found. If it is not found, an appropriate "not found" message appears.
If you do not include any arguments with the show ttycap command, then the current keymap used for the terminal is displayed.
Examples
The following is sample output from the show ttycap command:
Router# show ttycapd0|vt100|vt100-am|vt100am|dec vt100:do=^J:co#80:li#24:\cl=50^[[;H^[[2J:bs:am:cm=5^[[%i%d;%dH:nd=2^[[C:up=2^[[A:\ce=3^[[K:so=2^[[7m:se=2^[[m:us=2^[[4m:ue=2^[[m:md=2^[[1m:\me=2^[[m:ho=^[[H:xn:sc=^[7:rc=^[8:cs=^[[%i%d;%dr:Router# show ttycap allttycap3 d0|vt100|vt100-am|vt100am|dec vt100ttycap2 dl|vt200|vt220|vt200-js|vt220-js|dec vt200 series with jump scrollttycap1 ku|h19-u|h19u|heathkit with underscore cursorRouter# show ttycap ttycap1ttycap1 ku|h19-u|h19u|heathkit with underscore cursor:\:vs@:ve@:tc=h19-b:\:al=1*\EL:am:le=^H:bs:cd=\EJ:ce=\EK:cl=\EE:cm=\EY%+ %+\:co#80:dc=\EN:\:dl=1*\EM:do=\EB:ei=\EO:ho=\EH\:im=\E@:li#24:mi:nd=\EC:as=\EF:ae=\EG:\:ms:pt:sr=\EI:se=\Eq:so=\Ep:up=\EA:vs=\Ex4:ve=\Ey4:\:kb=^h:ku=\EA:kd=\EB:kl=\ED:kr=\EC:kh=\EH:kn#8:ke=\E>:ks=\E=:\:k1=\ES:k2=\ET:k3=\EU:k4=\EV:k5=\EW:\:l6=blue:l7=red:l8=white:k6=\EP:k7=\EQ:k8=\ER:\:es:hs:ts=\Ej\Ex5\Ex1\EY8%+ \Eo:fs=\Ek\Ey5:ds=\Ey1:Refer to the ttycap command for more information about keyboard mappings and keymap entry structures.
Related Commands
show users
To display information about the active lines on the router, use the show users command in privileged EXEC mode.
show users [all] [lawful-intercept]
Syntax Description
all
(Optional) Specifies that all lines be displayed, regardless of whether anyone is using them.
lawful-intercept
(Optional) Displays lawful-intercept users.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
This command displays the line number, connection name, idle time, hosts (including virtual access interfaces), and terminal location. An asterisk (*) indicates the current terminal session.
If the lawful-intercept keyword is issued, the names of all users who have access to a configured lawful intercept view will be displayed. To access the show users lawful-intercept command, you must be an authorized lawful-intercept-view user.
Examples
The following is sample output from the show users command:
Router# show usersLine User Host(s) Idle Location0 con 0 idle* 2 vty 0 user1 idle 0 SERVICE1.CISCO.COMThe following is sample output identifying an active virtual access interface:
Router# show usersLine User Host(s) Idle Location* 0 con 0 idle 01:5810 vty 0 Virtual-Access2 0 1212321The following is sample output from the show users all command:
Router# show users allLine User Host(s) Idle Location* 0 vty 0 user1 idle 0 SERVICE1.CISCO.COM1 vty 12 con 03 aux 04 vty 2Table 37 describes the significant fields shown in the displays.
The following sample output from the show users lawful intercept command, shows three LI-View users on the system—li_admin, li-user1, and li-user2":
Router# show users lawful-interceptli_adminli-user1li-user2Router#Related Commands
show x25 pad
To display information about current open connections, including packet transmissions, X.3 parameter settings, and the current status of virtual circuits, use the show x25 pad command in EXEC mode.
show x25 pad
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Examples
The following is sample output from the show x25 pad command:
Router# show x25 padtty2, Incoming PAD connectionTotal input: 61, control 6, bytes 129. Queued: 0 of 7 (0 bytes).Total output: 65, control 6, bytes 696.Flags: 1, State: 3, Last error: 1ParamsIn: 1:1, 2:0, 3:2, 4:1, 5:1, 6:0, 7:21,8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:1,16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,ParamsOut: 1:1, 2:1, 3:2, 4:1, 5:0, 6:0, 7:4,8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:0,16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,LCI: 1, State: D1, Interface: Serial0Started 0:11:10, last input 0:00:16, output 0:00:16Connected to 313700540651Window size input: 7, output: 7Packet size input: 512, output: 512PS: 1 PR: 5 ACK: 5 Remote PR: 1 RCNT: 0 RNR: FALSERetransmits: 0 Timer (secs): 0 Reassembly (bytes): 0Held Fragments/Packets: 0/0Bytes 696/129 Packets 65/61 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0Table 38 describes the fields shown in the display.
skip (ruleset)
To identify a connection to ignore by the translation ruleset, use the skip command in translate ruleset configuration mode. To remove the test operation, use one of the two no forms of this command.
skip [#line-number] incoming-connection-parameter regular-expression [#line-number incoming-connection-parameter regular-expression [...]]
no skip incoming-connection-parameter regular-expression [incoming-connection-parameter regular-expression [...]]
no skip #line-number [...]
Syntax Description
#line-number
(Optional) The line in the translation ruleset to test for a skip operation. The # character must be entered.
incoming-connection-parameter
Incoming protocol parameter to test for; up to six skip tests can be written on one command line. Parameters are available for packet assembler/disassembler (PAD) and Telnet connections, and are listed in Table 39 and Table 40.
regular-expression
Pattern with regular expression to test for ignoring.
[...]
(Optional) Specifies that multiple entries can be made as follows:
•
•
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
Usage Guidelines
Up to six skip tests can be written on one command line. The ellipses in the format shown above means multiple skip tests can be written in a translation ruleset statement.
For incoming connection attempts, a template is configured, and within the template a connection can be identified by tests written using Cisco regular expressions and a pattern that is ignored (skipped).
The translation ruleset templates have line numbers that can be displayed using the show translate ruleset EXEC command.
Cisco regular expressions are described in Appendix A, "Regular Expressions," in the Cisco IOS Terminal Services Configuration Guide.
Table 39 and Table 40 list the protocol parameter keywords and arguments that can be specified in the skip statements for incoming PAD and Telnet connections.
Examples
The following example shows how to write match and skip tests to skip connection attempts from any subnetwork address starting with 10 or 11 and match only those with a specific IP address and destination port number:
translate ruleset customer-case-1 from telnet to pad! Ignore an incoming Telnet attempt from any subnetwork address starting with 10skip source-addr ^10\.*! Match an incoming Telnet attempt destined for an IP addresses starting! with 172.18., and a 5-digit port starting with 10 or 11match dest-addr ^172\.18\..* dest-port ^1[0-1]...$! Or match an incoming Telnet attempt destined an IP addresses starting! with 172.18., and a 5-digit port starting with 120 through 127match dest-addr ^172\.18\..* dest-port ^12[0-7]..$The following example shows how to write match and skip tests to skip connection attempts from destination 55554 and to match only those with destination addresses from 55550 to 55553 and from 55556 to 55559:
translate ruleset A from pad to telnetskip dest-addr ^55554$match dest-addr ^5555.$Related Commands
slip
To start a serial connection to a remote host by using Serial Line Internet Protocol (SLIP), use the slip command in EXEC mode.
slip [/default] {remote-ip-address | remote-name} [@tacacs-server] [/routing] [/compressed]
Syntax Description
Command Modes
EXEC
Command History
Usage Guidelines
When you connect from a remote node computer to the EXEC facility on a router and want to connect from the router to a device on the network, issue the slip command.
If you specify an address for the TACACS server by using /default or tacacs-server arguments, the address must be the first parameter in the command after you enter slip. If you do not specify an address or enter /default, you are prompted for an IP address or host name. You can enter the /default keyword at this point.
If you do not use the tacacs-server argument to specify a TACACS server for SLIP address authentication, the TACACS server specified at login (if any) is used for the SLIP address query.
To optimize bandwidth on a line, SLIP enables compression of the SLIP packets using Van Jacobson TCP header compression as defined in RFC 1144.
Your system administrator must configure the system with the ip tcp header-compression passive command for the /compressed command option to be valid in EXEC mode. The ip tcp header-compression command forces header compression on or off. The default is to not compress the packets. The configuration file must have header compression on and the slip /compressed EXEC command must be entered for header compression to occur.
To terminate a session initiated with the slip command, disconnect from the device on the network using the command specific to that device. Then, exit from EXEC mode by using the exit command.
Examples
The following example makes a connection when a default IP address is assigned. Once a correct password is entered, you are placed in SLIP mode, and the IP address is displayed.
Router> slipPassword:Entering SLIP mode.Your IP address is 192.168.7.28, MTU is 1524 bytesThe following example illustrates the prompts displayed and the response required when you use dynamic addressing to assign the SLIP address:
Router> slipIP address or hostname? 192.168.6.15Password:Entering SLIP modeYour IP address is 192.168.6.15, MTU is 1524 bytesIn the preceding example, the address 172.31.6.15 has been assigned as the default. Password verification is still required before SLIP mode can be enabled.
Router> slip /defaultPassword:Entering SLIP modeYour IP address is 192.168.6.15, MTU is 1524 bytesThe following example illustrates the implementation of header compression on the interface with the IP address 172.24.2.1:
Router> slip 172.24.2.1 /compressedPassword:Entering SLIP mode.Interface IP address is 172.24.2.1, MTU is 1500 bytes.Header compression will match your system.In the preceding example, the interface is configured for the ip tcp header-compression passive command, which permits the user to enter the /compressed keyword at the EXEC mode prompt. The message "Header compression will match your system" indicates that the user specified compression. If the line was configured for the ip tcp header-compression on command, this line would read "Header compression is On."
The following example specifies a TACACS server named server1 for address authentication:
Router> slip 10.0.0.1@server1Password:Entering SLIP mode.Interface IP address is 10.0.0.1, MTU is 1500 bytesHeader compression will match your system.Related Commands
substitute (ruleset)
To match an available protocol and substitute another in a translation ruleset, use the substitute command in translate ruleset configuration mode. To change or remove the substitution statement, use one of the no forms of this command.
substitute [#line-number] {pad | telnet} variable-parameter reg-exp-match [#line-number {pad | telnet} variable-parameter reg-exp-match [...]] into {pad | telnet} variable-parameter [reg-exp-write]
no substitute {pad | telnet} variable-parameter reg-exp-match into {pad | telnet} variable-parameter [reg-exp-write]
no substitute #line-number [...]
Syntax Description
#line-number
(Optional) The line in the translation ruleset to test for substitution. The # character must be entered.
{pad | telnet}
Identifies the incoming or outgoing protocol and controls which parameters are available in the next element of this command.
variable-parameter
A parameter that varies depending upon the protocol selected, either pad or telnet, and its role, either incoming or outgoing. Protocol parameters that modify the incoming or outgoing connection behavior during protocol translation session setup are indicated in Table 41 with an X.
reg-exp-match
A standard Cisco regular expression match specification.
into
Makes the substitution into an available protocol parameter.
reg-exp-write
(Optional) A standard Cisco regular expression write specification that uses information from a match specification.
[...]
(Optional) Specifies that multiple entries can be made as follows:
•
•
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
Usage Guidelines
Up to six substitute specifications can be entered on one command line. The ellipses in the format shown above means multiple substitute statements can be specified in a translation ruleset statement.
When you use the first no form of this command, specify the full set of parameters and expressions in the command to be removed. The second no form must specify the correct substitute command and line number within the translation ruleset template.
This command is used to substitute between protocol parameters using regular expressions to match elements with a test string, and to substitute parameters into another string that can take elements from the matched string.
Cisco regular expressions are described in Appendix A, "Regular Expressions," in the Cisco IOS Terminal Services Configuration Guide.
A substitute ... into statement will perform a regular expression match on any available protocol parameter and, if matched, substitute into any available protocol parameter. The regular expression write specification is optional. If the specification is omitted, the current value of the parameter will be taken as the regular expression write specification. This latter provision is a way of using multiple parameter values to set another parameter value. As an example, two successive substitute statements from a Telnet destination address and destination port into a packet assembler/disassembler (PAD) destination address could be specified using the following statements:
substitute telnet dest-addr ^10\.0\.0\.(.)$ into pad dest-addr 111100\1\\1
substitute telnet dest-addr ^10\.0\.0\.(..)$ into pad dest-addr 111100\1\\1
substitute telnet dest-port ^10(...)$ into pad dest-addr
If these successive substitutions were performed using an incoming Telnet connection from IP address 10.0.0.9/10234, the PAD destination address after the first substitution would be 111009\1, and after the second substitution would be 1111009234.
The following statements construct a switched virtual circuit (SVC) source address from the Telnet source information, starting with the source IP address in the form 172.18.#.##, which allows for a subsequent substitution of one field (notice the use of the backslash to concatenate the substitute and into statements):
substitute telnet source-addr ^172\.18\.(.)\.(..) \
into pad source-addr 98\1\2\\1
You can add in elements extracted from the Telnet destination port, where the rewrite pattern is taken from the current value of PAD source address, as follows:
substitute telnet dest-port ^.(...). into pad source-addr
Table 41 lists the PAD and Telnet parameters that can be set, as indicated by an X.
Examples
The following example shows how to build a translation ruleset template by starting with a match connection test, specifying protocol translation options, and setting specific parameters for incoming Telnet connections. The translation ruleset goes on to test and set appropriate parameters for incoming PAD connections, and to construct an SVC source address from Telnet information starting with the source IP address expressed using regular expression characters that allow for subsequent substitution in its last two fields. The translation ruleset is completed by adding in elements extracted from the Telnet destination port; the rewrite pattern is taken from the current value of PAD source address. Note use of the backslash character to construct the test ... set and substitute ... into statements.
translate ruleset customer-case-1 from telnet to pad! Match an incoming Telnet attempt destined for IP addresses starting! with 172.18., and a 5-digit port starting with the numbers 120 through 127.match dest-addr ^172\.18\..* dest-port ^12[0-7]..$! Once the correct network is matched, specify that this ruleset is limited! to ten concurrent users and requires a login exchange.options max-users 10 login! Set Telnet options:set telnet printer Y telnet binary Y! Set PAD options:set pad profile cust-profile-one! Test conditional parameters and make appropriate settings:test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \set pad pvc 1 telnet binary T! Construct an SVC source address from the Telnet source information;! start with the source IP address in the form 172.18.#.##, allowing! for substitutions in the last two fields:substitute telnet source-addr ^172\.18\.(.)\.(..) \into pad source-addr 98\1\2\\1! Now add in an extract from the Telnet destination port,! where the rewrite pattern is taken from the current value of the PAD! source address:substitute telnet dest-port ^.(...). into pad source-addrRelated Commands
telnet
To log in to a host that supports Telnet, use the telnet command in user EXEC or privileged EXEC mode.
telnet host [port] [keyword]
Syntax Description
host
A hostname or an IP address.
port
(Optional) A decimal TCP port number, or port name; the default is the Telnet router port (decimal 23) on the host.
keyword
(Optional) One of the keywords listed in Table 42.
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
Table 42 lists the optional telnet command keywords.
With the Cisco IOS implementation of TCP/IP, you are not required to enter the connect or telnet command to establish a terminal connection. You can enter only the learned hostname—as long as the following conditions are met:
•
•
To display a list of the available hosts, use the show hosts command. To display the status of all TCP connections, use the show tcp command.
The Cisco IOS software assigns a logical name to each connection, and several commands use these names to identify connections. The logical name is the same as the hostname, unless that name is already in use, or you change the connection name with the name-connection EXEC command. If the name is already in use, the Cisco IOS software assigns a null name to the connection.
The Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system-specific functions. To issue a special Telnet command, enter the escape sequence and then a command character. The default escape sequence is Ctrl-^ (press and hold the Ctrl and Shift keys and the 6 key). You can enter the command character as you hold down Ctrl or with Ctrl released; you can use either uppercase or lowercase letters. Table 43 lists the special Telnet escape sequences.
Table 43 Special Telnet Escape Sequences
Ctrl-^ b
Break
Ctrl-^ c
Interrupt Process (IP and IPv6)
Ctrl-^ h
Erase Character (EC)
Ctrl-^ o
Abort Output (AO)
Ctrl-^ t
Are You There? (AYT)
Ctrl-^ u
Erase Line (EL)
1 The caret (^) symbol refers to Shift-6 on your keyboard.
At any time during an active Telnet session, you can list the Telnet commands by pressing the escape sequence keys followed by a question mark at the system prompt:
Ctrl-^ ?
A sample of this list follows. In this sample output, the first caret (^) symbol represents the Ctrl key, and the second caret represents Shift-6 on your keyboard:
router> ^^?[Special telnet escape help]^^B sends telnet BREAK^^C sends telnet IP^^H sends telnet EC^^O sends telnet AO^^T sends telnet AYT^^U sends telnet ELYou can have several concurrent Telnet sessions open and switch among them. To open a subsequent session, first suspend the current connection by pressing the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to return to the system command prompt. Then open a new connection with the telnet command.
To terminate an active Telnet session, enter any of the following commands at the prompt of the device to which you are connecting:
•
•
•
•
•
Examples
The following example establishes an encrypted Telnet session from a router to a remote host named host1:
router> telnet host1 /encrypt kerberosThe following example routes packets from the source system host1 to example.com, then to 10.1.0.11, and finally back to host1:
router> telnet host1 /route:example.com 10.1.0.11 host1The following example connects to a host with the logical name host1:
router> host1The following example suppresses all onscreen messages from the Cisco IOS software during login and logout:
router> telnet host2 /quietThe following example shows the limited messages displayed when connection is made using the optional /quiet keyword:
login:User2Password:Welcome to OpenVMS VAX version V6.1 on node CRAWLast interactive login on Tuesday, 15-DEC-1998 11:01Last non-interactive login on Sunday, 3-JAN-1999 22:32Server3)logoutUser2 logged out at 16-FEB-2000 09:38:27.85Related Commands
telnet break-on-ip
To cause the system to generate a hardware BREAK signal on the EIA/TIA-232 line that is associated with a reverse Telnet connection when a Telnet Interrupt-Process command is received on that connection, use the telnet break-on-ip command in line configuration mode.
telnet break-on-ip
Syntax Description
This command has no arguments or keywords.
Defaults
No hardware BREAK signal is generated when an Interrupt-Process command is received.
Command Modes
Line configuration
Command History
Usage Guidelines
This command causes the system to generate a hardware BREAK signal on the EIA/TIA-232 line that is associated with a reverse Telnet connection. It is useful when a Telnet Interrupt-Process command is received on that connection because it can control the translation of Telnet Interrupt-Process commands into X.25 BREAK indications. It is also a useful workaround in the following situations:
•
•
•
A hardware BREAK signal is generated when a Telnet BREAK command is received.
Examples
In the following example, line 5 is configured with the telnet break-on-ip command. The location text notes that this line is the location of the high-speed modem. The telnet transparent command sets end-of-line handling.
line 5location high-speed modemtelnet transparenttelnet break-on-ipRelated Commands
telnet refuse-negotiations
To set a line using Telnet to refuse to negotiate full-duplex, remote echo requests on incoming connections, use the telnet refuse-negotiations command in line configuration mode. To disable this function, use the no form of this command.
telnet refuse-negotiations
no telnet refuse-negotiations
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Line configuration
Command History
Usage Guidelines
Use this command on reverse Telnet connections to allow the Cisco IOS software to refuse full-duplex, remote echo option connection requests from the other end. This command suppresses negotiation of the Telnet Remote Echo and Suppress Go Ahead options.
This command does not apply to protocol translation configurations. It is intended for applications in which the router is functioning as a terminal server to allow terminal connections to remote devices through the asynchronous terminal ports of the router. Terminal server connections are those where the user types a command similar to the following to access network resources:
telnet access-server 2005
where access-server is the host name of the Cisco router functioning as a terminal server, and 2005 is the port number on the router to which the remote terminal is connected.
Examples
The following example shows how to set line 5 to refuse full-duplex, remote echo requests:
line 5telnet refuse-negotiationsRelated Commands
