- EXEC Commands
- application install
- application remove
- application reset-config
- application reset-passwd
- application start
- application stop
- application upgrade
- backup
- backup-logs
- clock
- configure
- copy
- debug
- delete
- dir
- exit
- forceout
- halt
- help
- mkdir
- nslookup
- patch install
- patch remove
- ping
- ping6
- reload
- restore
- rmdir
- show
- ssh
- tech
- telnet
- terminal length
- terminal session-timeout
- terminal session-welcome
- terminal terminal-type
- traceroute
- undebug
- write
- Show Commands
- show application
- show backup history
- show cdp
- show clock
- show cpu
- show disks
- show icmp-status
- show interface
- show inventory
- show logging
- show logins
- show memory
- show ntp
- show ports
- show process
- show repository
- show restore
- show running-config
- show startup-config
- show tech-support
- show terminal
- show timezone
- show timezones
- show udi
- show uptime
- show users
- show version
- Configuration Commands
- backup-staging-url
- cdp holdtime
- cdp run
- cdp timer
- clock timezone
- do
- end
- exit
- hostname
- icmp echo
- interface
- ipv6 address autoconfig
- ipv6 address dhcp
- ip address
- ip default-gateway
- ip domain-name
- ip name-server
- ip route
- kron occurrence
- kron policy-list
- logging
- ntp
- ntp authenticate
- ntp authentication-key
- ntp server
- ntp trusted-key
- password-policy
- repository
- service
- shutdown
- snmp-server community
- snmp-server contact
- snmp-server host
- snmp-server location
- username
CDA Command Reference
This chapter contains an alphabetical listing of the commands specific to the Cisco Context Directory Agent (CDA).
The commands comprise these modes:
Note
Use the EXEC mode system-level config or configure command to access the Configuration mode.
Each of the commands in this chapter is followed by a brief description of its use, command syntax, usage guidelines, and one or more examples. Throughout this chapter, the CDA server uses the name CDA in place of the CDA server’s hostname.
Note If an error occurs in any command usage, use the debug command to determine the cause of the error.
EXEC Commands
This section lists each EXEC command and includes a brief description of its use, command syntax, usage guidelines, and sample output.
Table 4-1 lists the EXEC commands that this section describes.
application install
Note You are not allowed to run the application install command from the CLI under normal operations because the CDA application is preinstalled with the provided ISO image on all supported appliances and VMware.
To install a specific application other than the CDA, use the application install command in the EXEC mode. To remove this function, use the application remove command.
application install application-bundle remote-repository-name
Syntax Description
Defaults
Command Modes
Usage Guidelines
Installs the specified application bundle on the appliance. The application bundle file is pulled from the specified repository.
If you issue the application install or application remove command when another installation or removal operation of an application is in progress, you will see the following warning message:
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application remove
Note You are not allowed to run the application remove command from the CLI to remove the CDA application unless you are explicitly instructed for an upgrade.
To remove a specific application other than the CDA, use the application remove command in the EXEC mode. To remove this function, use the no form of this command.
Syntax Description
The application command for an application install and administration. |
|
Application name. Supports up to 255 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application reset-config
To reset the CDA application configuration and clear the CDA database, use the application reset-config command in the EXEC mode. (This command does not reset your initial chassis configuration settings like the IP Address, netmask, administrator user interface password, and so on.) Part of this reset function requires you to enter new CDA administrator name and passwords.
Syntax Description
Defaults
Command Modes
Usage Guidelines
You can use the application reset-config command to reset the CDA configuration and clear the CDA database without reimaging the CDA appliance or VMware, and reset the CDA username and passwords.
Note Although the application reset-config command resets the CDA configuration to factory defaults, the operating system (Cisco ADE-OS) configuration still remains intact. The Cisco ADE-OS configuration includes items such as the network settings, CLI password policy, and backup history.
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application reset-passwd
To reset the administrator user interface login password for a specified user account (usually an existing administrator account) in CDA after you have lost the user account credentials, use the application reset-passwd command in the EXEC mode.
application reset-passwd application-name administrator-ID
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application start
To enable a specific application, use the application start command in the EXEC mode. To remove this function, use the no form of this command.
Syntax Description
The application command for an application install and administration. |
|
Name of the predefined application that you want to enable. Supports up to 255 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
You cannot use this command to start the CDA application. If you use this command to start the application, you can see that the CDA is already running.
Examples
You can check the status of CDA using the show application status cda command. If you are checking the status right after starting CDA, it will show the following output:
But after a short while the output will be similar to:
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application stop
To disable a specific application, use the application stop command in the EXEC mode.
Syntax Description
The application command for application install and administration. |
|
Name of the predefined application that you want to disable. Supports up to 255 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
application upgrade
To upgrade a specific application bundle, use the application upgrade command in the EXEC mode.
application upgrade application-bundle remote-repository-name
Syntax Description
Defaults
Command Modes
Usage Guidelines
Upgrades an application bundle, and preserves any application configuration data.
If you issue the application upgrade command when another application upgrade operation is in progress, you will see the following warning message:
Do not issue the
backup or
restore commands when the upgrade is in progress. This action might cause the database to be corrupted.
Note Before attempting to use this application upgrade command to upgrade to a newer release, you must read the upgrade instructions in the release notes supplied with that newer release. The release notes contains important instructions updated for upgrading to the newer release, which must be followed.
Examples
Related Commands
|
|
|
|---|---|
Shows application information for the installed application packages on the system. |
backup
To perform a backup of the CDA configuration data and place the backup in a repository, use the backup command in the EXEC mode. To perform a backup of only the CDA application data without the Cisco ADE OS data, use the application command.
Note Before attempting to use this backup command in the EXEC mode, you must copy the running configuration to a safe location, such as a network server, or save it as the CDA server startup configuration. You can use this startup configuration when you restore or troubleshoot your CDA application from the backup and system logs. For more information of copying the running configuration to the startup configuration, see the “copy” section.
backup backup-name repository repository-name application application-name
Syntax Description
Defaults
Command Modes
Usage Guidelines
Performs a backup of the CDA and Cisco ADE OS data and places the backup in a repository.
To perform a backup of only the CDA application data without the Cisco ADE OS data, use the application command.
Examples
Related Commands
|
|
|
|---|---|
Restores from backup the file contents of a specific repository. |
|
Displays the available backup files located on a specific repository. |
backup-logs
To back up system logs, use the backup-logs command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Backs up system logs with an encrypted (hashed) or unencrypted plaintext password.
Examples
Related Commands
clock
To set the system clock, use the clock command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Sets the system clock. You must restart the CDA server after you reset the clock for the change to take effect. Under normal circumstances (with NTP configured), there is no reason to manually set the system clock using this command.
Warning Changing the system time on a CDA appliance causes the CDA application to be unusable in the deployment.
Note To ensure that you have the correct system time set at the time of installation, the setup wizard prompts for an NTP server and tries to sync with it. You must ensure that the configured NTP server during setup is always reachable so that the system time is always kept accurate, especially in rare situations where the BIOS time can get corrupted because of power failure or CMOS battery failure and this in turn can corrupt the ADE-OS system time during reboot.
Examples
Related Commands
|
|
|
|---|---|
Displays the time and date set on the system software clock. |
configure
To enter the Configuration mode, use the configure command in the EXEC mode. If the replace option is used with this command, copies a remote configuration to the system which overwrites the existing configuration.
Syntax Description
The command that allows you to enter the Configuration mode. |
|
Defaults
Command Modes
Usage Guidelines
Use this command to enter the Configuration mode. Note that commands in this mode write to the running configuration file as soon as you enter them (press Enter).
To exit the Configuration mode and return to the EXEC mode, enter end, exit, or Ctrl-z.
To view the changes that you have made to the configuration, use the show running-config command in the EXEC mode.
Examples
Related Commands
|
|
|
|---|---|
Displays the contents of the currently running configuration file or the configuration. |
|
Displays the contents of the startup configuration file or the configuration. |
copy
To copy any file from a source to a destination, use the copy command in the EXEC mode. The copy command in the CDA copies a configuration (running or startup).
The CDA active configuration stores itself in the CDA RAM. Every configuration command you enter resides in the running configuration. If you reboot your CDA server, you lose the running configuration. If you make changes that you want to save, you must copy the running configuration to a safe location, such as a network server, or save it as the CDA server startup configuration.
You cannot edit a startup configuration directly. All commands that you enter store themselves in the running configuration, which you can copy into the startup configuration.
In other words, when you boot a CDA server, the startup configuration becomes the initial running configuration. As you modify the configuration, the two diverge: the startup configuration remains the same; the running configuration reflects the changes that you have made. If you want to make your changes permanent, you must copy the running configuration to the startup configuration.
The following command lines show some of the copy command scenarios available:
copy running-config startup-config —Copies the running configuration to the startup configuration.
copy run start —Replaces the startup configuration with the running configuration.
Note If you do not save the running configuration, you will lose all your configuration changes during the next reboot of the CDA server. When you are satisfied that the current configuration is correct, copy your configuration to the startup configuration with the copy run start command.
copy startup-config running-config —Copies the startup configuration to the running configuration.
copy start run —Merges the startup configuration on top of the running configuration.
copy [ protocol :// hostname / location ] startup-config—Copies but does not merge a remote file to the startup configuration.
copy [ protocol :// hostname / location ] running-config—Copies and merges a remote file to the running configuration.
copy startup-config [ protocol :// hostname / location ]— Copies the startup configuration to a remote system.
copy running-config [ protocol :// hostname / location ]— Copies the running configuration to a remote system.
copy logs [ protocol :// hostname / location ]— Copies log files from the system to another location.
Note The copy command is supported only for the local disk and not for a repository.
Syntax Description
Represents the configuration file used during initialization (startup). |
|
See Table 4-2 for protocol keyword options. |
|
Copies all CDA log files from the system to another location. All logs are packaged as cdalogs.tar.gz and transferred to the specified directory on the remote host. |
|
Allows you to copy a single CDA log file and transfer it to the specified directory on the remote host, with its original name. |
|
Name of the CDA log file, as displayed by the show logs command (up to 255 characters). |
|
Copies the CDA management debug logs and Tomcat logs from the system, bundles them as mgmtlogs.tar.gz, and transfers them to the specified directory on the remote host. |
|
Copies the CDA runtime debug logs from the system, bundles them as runtimelogs.tar.gz, and transfers them to the specified directory on the remote host. |
Defaults
Command Modes
Usage Guidelines
The fundamental function of the copy command allows you to copy a file (such as a system image or configuration file) from one location to another location. The source and destination for the file specified uses the CDA file system, through which you can specify any supported local or remote file location. The file system being used (a local memory source or a remote system) dictates the syntax used in the command.
You can enter on the command line all the necessary source and destination information and the username and password to use; or, you can enter the copy command and have the server prompt you for any missing information.
Timesaver Aliases reduce the amount of typing that you need to do. For example, type copy run start (the abbreviated form of the copy running-config startup-config command).
The entire copying process might take several minutes and differs from protocol to protocol and from network to network.
Use the filename relative to the directory for file transfers.
Possible errors are standard FTP or SCP error messages.
Examples
Related Commands
debug
To display errors or events for command situations, use the debug command in the EXEC mode.
debug { all | application | backup-restore | cdp | config | icmp | copy | locks | logging | snmp | system | transfer | user | utils }
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use the debug command to identify various failures within the CDA server; for example, setup failures or configuration failures.
Examples
Related Commands
|
|
|
|---|---|
Disables the output (display of errors or events) of the debug command for various command situations. |
delete
To delete a file from the CDA server, use the delete command in the EXEC mode. To remove this function, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
If you attempt to delete the configuration file or image, the system prompts you to confirm the deletion. Also, if you attempt to delete the last valid system image, the system prompts you to confirm the deletion.
Examples
Related Commands
|
|
|
|---|---|
dir
To list a file from the CDA server, use the dir command in the EXEC mode. To remove this function, use the no form of this command.
Syntax Description
Directory name. Supports up to 80 alphanumeric characters. Requires disk:/ preceding the directory name. |
|
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
exit
To close an active terminal session by logging out of the CDA server or to move up one mode level from the Configuration mode, use the exit command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use the exit command in EXEC mode to exit an active session (log out of the CDA server) or to move up from the Configuration mode.
Examples
Related Commands
|
|
|
|---|---|
forceout
To force users out of an active terminal session by logging them out of the CDA server, use the forceout command in the EXEC mode.
Syntax Description
The command that enforces logout of all the sessions of a specific system user. |
|
The name of the user. Supports up to 31 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Use the forceout command in EXEC mode to force a user from an active session.
Examples
halt
To shut down and power off the system, use the halt command in EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Before you issue the halt command, ensure that the CDA is not performing any backup, restore, installation, upgrade, or remove operation. If you issue the halt command while the CDA is performing any of these operations, you will get one of the following warning messages:
If you get any of these warnings, enter Yes to halt the operation, or enter No to cancel the halt.
If no processes are running when you use the halt command or if you enter Yes in response to the warning message displayed, the CDA asks you to respond to the following option:
Enter Yes to save the existing CDA configuration. The CDA displays the following message:
Examples
Related Commands
|
|
|
|---|---|
help
To describe the interactive help system for the CDA server, use the help command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
The help command provides a brief description of the context-sensitive help system.
- To list all commands available for a particular command mode, enter a question mark (?) at the system prompt.
- To obtain a list of commands that begin with a particular character string, enter the abbreviated command entry immediately followed by a question mark (?). This form of help is called word help, because it lists only the keywords or arguments that begin with the abbreviation that you entered.
- To list the keywords and arguments associated with a command, enter a question mark (?) in place of a keyword or argument on the command line. This form of help is called command syntax help, because it lists the keywords or arguments that apply based on the command, keywords, and arguments that you have already entered.
Examples
mkdir
To create a new directory on the CDA server, use the mkdir command in the EXEC mode.
Syntax Description
The name of the directory to create. Supports up to 80 alphanumeric characters. |
|
Defaults
Command Modes
Usage Guidelines
Use disk :/ path with the directory name; otherwise, an error appears that indicates that the disk :/ path must be included.
Examples
Related Commands
|
|
|
|---|---|
nslookup
To look up the hostname of a remote system on the CDA server, use the nslookup command in the EXEC mode.
Syntax Description
The command to search the IP Address or hostname of a remote system. |
|
IPv4 address or hostname of a remote system. Supports up to 64 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
patch install
The patch install command installs a patch bundle of the application only on a specific node where you run the patch install command from the CLI.
To install a patch bundle of the application, use the patch command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Installs a specific patch bundle of the application.
If you attempt to install a patch that is an older version of the existing patch, then you receive the following error message:
Note Before attempting to use this patch install command to install a patch, you must read the patch installation instructions in the release notes supplied with that patch. The release notes contains important instructions updated for installing that patch, which must be followed.
Related Commands
patch remove
To remove a specific patch bundle version of the application, use the patch command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Removes a specific patch bundle of the application.
If you attempt to remove a patch that is not installed, then you receive the following error message:
Note Before attempting to use this patch remove command to rollback a patch, you must read the rollback instructions of the patch in the release notes supplied with that patch. The release notes contains important instructions updated for rolling back the previously installed patch, which must be followed.
Examples
Related Commands
|
|
|
|---|---|
The command that installs a specific patch bundle of the application. |
|
Displays information about the currently loaded software version, along with hardware and device information. |
ping
To diagnose the basic IPv4 network connectivity to a remote system, use the ping command in the EXEC mode.
ping { ip-address | hostname } [ df df ] [ packetsize packetsize ] [ pingcount pingcount ]
Syntax Description
Defaults
Command Modes
Usage Guidelines
The ping command sends an echo request packet to an address, then awaits a reply. The ping output can help you evaluate path-to-host reliability, delays over the path, and whether you can reach a host.
Examples
Related Commands
|
|
|
|---|---|
ping6
Similar to the IPv4 ping, use the IPv6 ping6 command in the EXEC mode.
ping6 { ip-address | hostname } [ GigabitEthernet 0-3 ][ packetsize packetsize ] [ pingcount pingcount ]
Syntax Description
Command Default
Command Modes
Usage Guidelines
The IPv6 ping6 command sends an echo request packet to an address, then awaits a reply. The ping output can help you evaluate path-to-host reliability, delays over the path, and whether you can reach a host.
The IPv6 ping6 command is similar to the existing IPv4 ping command. The ping 6 command does not support the IPv4 ping fragmentation (df in IPv4) options, but it allows an optional specification of an interface. The interface option is primarily useful for pinning with link-local addresses that are interface-specific. The packetsize and pingcount options work the same as they do with the IPv4 command.
Examples
Related Commands
|
|
|
|---|---|
reload
To reload the CDA operating system, use the reload command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
The reload command reboots the system. Use the reload command after you enter configuration information into a file and save the running-configuration to the persistent startup-configuration on the CLI and save any settings in the web Administration user interface session.
Before you issue the reload command, ensure that the CDA is not performing any backup, restore, installation, upgrade, or remove operation. If the CDA performs any of these operations and you issue the reload command, you will notice any of the following warning messages:
If you get any of these warnings, enter Yes to halt the operation, or enter No to cancel the halt.
If no processes are running when you use the reload command or you enter Yes in response to the warning message displayed, the CDA asks you to respond to the following option:
Enter Yes to save the existing CDA configuration. The CDA displays the following message:
Examples
Related Commands
|
|
|
|---|---|
restore
To perform a restore of a previous backup, use the restore command in the EXEC mode. A restore operation restores data related to the CDA as well as the Cisco ADE OS. To perform a restore of a previous backup of the application data of the CDA only, add the application command to the restore command in the EXEC mode. To remove this function, use the no form of this command.
Use the following command to restore data related to the CDA application and Cisco ADE OS:
restore filename repository repository-name
Use the following command to restore data related only to the CDA application:
restore filename repository repository-name application application-name
Syntax Description
Defaults
Command Modes
Usage Guidelines
When you use restore commands in CDA, the CDA server restarts automatically.
The encryption key is optional while restoring data. To support restoring earlier backups where you have not provided encryption keys, you can use the restore command without the encryption key.
Examples
Related Commands
|
|
|
|---|---|
Performs a backup (CDA and Cisco ADE OS) and places the backup in a repository. |
|
Displays the available backup files located on a specific repository. |
|
rmdir
To remove an existing directory, use the rmdir command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
show
To show the running system information, use the show command in the EXEC mode. The show commands are used to display the CDA settings and are among the most useful commands.
The commands in Table 4-3 require the show command to be followed by a keyword; for example, show application status. Some show commands require an argument or variable after the keyword to function; for example, show application version.
For detailed information on all the CDA show commands, see Show Commands.
Syntax Description
Table 4-3 provides a summary of the show commands.
|
|
|
|---|---|
|
(requires keyword)2 |
Displays information about the installed application; for example, status or version. |
|
|
|
|
|
Displays information about the enabled Cisco Discovery Protocol interfaces. |
|
|
Displays the day, date, time, time zone, and year of the system clock. |
|
|
|
|
|
|
|
|
Displays statistics for all the interfaces configured on the Cisco ADE OS. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Displays information about the active processes of the CDA server. |
|
|
|
|
|
|
|
|
Displays the contents of the currently running configuration file on the CDA server. |
|
|
Displays the contents of the startup configuration on the CDA server. |
|
|
Displays system and configuration information that you can provide to the TAC when you report a problem. |
|
|
Displays information about the terminal configuration parameter settings for the current terminal line. |
|
|
|
|
|
Displays all the time zones available for use on the CDA server. |
|
|
Displays information about the unique device identifier (UDI) of the CDA. |
|
|
Displays how long the system you are logged in to has been up and running. |
|
|
|
|
|
Displays information about the installed application version. |
|
1.The commands in this table require that the show command precedes a keyword; for example, show application. 2.Some show commands require an argument or variable after the keyword to function; for example, show application version. This show command displays the version of the application installed on the system (see show application). |
Defaults
Command Modes
Usage Guidelines
Examples
ssh
To start an encrypted session with a remote system, use the ssh command in the EXEC mode.
ssh [ ip-address | hostname ] username port [ number ] version [1 | 2] delete hostkey word
Syntax Description
Defaults
Command Modes
Usage Guidelines
The ssh command enables a system to make a secure, encrypted connection to another remote system or server. This connection provides functionality similar to that of an outbound Telnet connection except that the connection is encrypted. With authentication and encryption, the SSH client allows for secure communication over an insecure network.
Examples
tech
To dump traffic on a selected network interface, use the tech command in the EXEC mode.
Syntax Description
Specifies a maximum package count, and default is continuous (no limit). |
|
Defaults
Command Modes
Usage Guidelines
If you see bad udp cksum warnings in the tech dumptcp output, it may not be a cause for concern. The tech dumptcp command examines outgoing packets before they exit through the Ethernet microprocessor. Most modern Ethernet chips calculate checksums on outgoing packets, and so the operating system software stack does not. Hence, it is normal to see outgoing packets declared as bad udp cksum.
Examples
telnet
To log in to a host that supports Telnet, use the telnet command in Operator (user) or EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
terminal length
To set the number of lines on the current terminal screen for the current session, use the terminal length command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
The system uses the length value to determine when to pause during multiple-screen output.
Examples
terminal session-timeout
To set the inactivity timeout for all sessions, use the terminal session-timeout command in the EXEC mode.
Syntax Description
The command that sets the inactivity time out of all the sessions. |
|
Sets the number of minutes for the inactivity timeout. From 0 to 525,600. Zero (0) disables the timeout. |
Defaults
Command Modes
Usage Guidelines
Setting the terminal session-timeout command to zero (0) results in no timeout being set.
Examples
Related Commands
|
|
|
|---|---|
Sets a welcome message on the system for all users who log in to the system. |
terminal session-welcome
To set a welcome message on the system for all users who log in to the system, use the terminal session-welcome command in EXEC mode.
Syntax Description
The command that sets a welcome message on the system for all users who log in to the system. |
|
Welcome message. Supports up to 2,048 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
terminal terminal-type
To specify the type of terminal connected to the current line for the current session, use the terminal terminal-type command in EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Indicate the terminal type if it is different from the default of VT100.
Examples
traceroute
To discover the routes that packets take when traveling to their destination address, use the traceroute command in EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
undebug
To disable debugging functions, use the undebug command in EXEC mode.
undebug { all | application | backup-restore | cdp | config | copy | icmp | locks | logging | snmp | system | transfer | user | utils }
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
write
To copy, display, or erase CDA server configurations, use the write command with the appropriate argument in the EXEC mode.
Syntax Description
Erases the startup configuration. This option is disabled in CDA. |
|
Copies the running configuration to the startup configuration. |
|
Defaults
Command Modes
Usage Guidelines
Using this write command with the erase option is disabled in CDA.
If you use the write command with the erase option, CDA displays the following error message:
Examples
Show Commands
This section lists each show command and includes a brief description of its use, command syntax, usage guidelines, and sample output.
Table 4-4 lists the show commands in the EXEC mode that this section describes.
show application
To show application information of the installed application packages on the system, use the show application command in the EXEC mode.
Syntax Description
Displays the application version for an installed application—the CDA. |
|
|—Output modifier variables (see Table 4-5 ).
|—Output modifier variables (see Table 4-5 ). |
Defaults
Command Modes
Usage Guidelines
Examples
CDA application server is running PID:2840
Related Commands
|
|
|
|---|---|
show backup history
To display the backup history of the system, use the show backup history command in the EXEC mode.
Syntax Description
Displays history information about any backups on the system. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
show cdp
To display information about the enabled Cisco Discovery Protocol interfaces, use the show cdp command in the EXEC mode.
Syntax Description
The command to display Cisco Discovery Protocol show commands. |
|
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
show clock
To display the day, month, date, time, time zone, and year of the system software clock, use the show clock command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Note The show clock output in the previous example includes Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT), Great Britain, or Zulu time (see Tables 4-13, 4-14, and 4-15 on pages A-84 and A-85 for sample time zones).
Related Commands
|
|
|
|---|---|
show cpu
To display CPU information, use the show cpu command in the EXEC mode.
Syntax Description
|—Output modifier variables (see Table 4-6 ).
|—Output modifier variables (see Table 4-6 ). |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Displays the amount of system memory that each system process uses. |
show disks
To display the disks file-system information, use the show disks command in the EXEC mode.
Syntax Description
The command to display the disks and the file-system information |
|
|—Output modifier variables (see Table 4-7 ).
|—Output modifier variables (see Table 4-7 ). |
Defaults
Command Modes
Usage Guidelines
Only platforms that have a disk file system support the show disks command.
Examples
Related Commands
|
|
|
|---|---|
Displays the amount of system memory that each system process uses. |
show icmp-status
To display the Internet Control Message Protocol echo response configuration information, use the show icmp_status command in EXEC mode.
Syntax Description
The command to display the Internet Control Message Protocol echo response configuration information. |
|
–
– |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Configures the Internet Control Message Protocol (ICMP) echo requests. |
show interface
To display the usability status of interfaces configured for IP, use the show interface command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
In the show interface GigabitEthernet 0 output, you can find that the interface has three IPv6 addresses. The first internet address (starting with 3ffe) is the result of using stateless autoconfiguration. For this to work, you need to have IPv6 route advertisement enabled on that subnet. The next address (starting with fe80) is a link local address that does not have any scope outside the host. You always see a link local address regardless of the IPv6 autoconfiguration or DHCPv6 configuration. The last address (starting with 2001) is the result obtained from a IPv6 DHCP server.
Examples
Related Commands
|
|
|
|---|---|
Configures an interface type and enters the interface configuration submode. |
|
show inventory
To display information about the hardware inventory, including the CDA appliance model and serial number, use the show inventory command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
show logging
To display the state of system logging (syslog) and the contents of the standard system logging buffer, use the show logging command in the EXEC mode.
show logging { application [ application-name ]} { internal } { system } |
Syntax Description
Defaults
Command Modes
Usage Guidelines
This command displays the state of syslog error and event logging, including host addresses, and for which, logging destinations (console, monitor, buffer, or host) logging is enabled.
Examples
show logins
To display the state of system logins, use the show logins command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
show memory
To display the memory usage of all the running processes, use the show memory command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
show ntp
To show the status of the NTP associations, use the show ntp command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Primary NTP : cd-acs-ntp.cisco.com
synchronised to NTP server (10.56.60.29) at stratum 3
remote refid st t when poll reach delay offset jitter
==============================================================================
127.127.1.0.LOCL. 10 l 5 64 377 0.000 0.000 0.001
*10.56.60.29 64.103.34.15 2 u 98 1024 377 0.001 0.205 0.054
Warning: Output results may conflict during periods of changing synchronization.
Related Commands
|
|
|
|---|---|
Allows you to configure NTP configuration up to three NTP servers. |
|
Allows synchronization of the software clock by the NTP server for the system. |
show ports
To display information about all the processes listening on active ports, use the show ports command in the EXEC mode.
Syntax Description
The command to display all the processes listening on open ports in the CDA. |
|
|—Output modifier variables (see Table 4-9 ).
|—Output modifier variables (see Table 4-9 ). |
Defaults
Command Modes
Usage Guidelines
When you run the show ports command, the port must have an associated active session.
Examples
show process
To display information about active processes, use the show process command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
See Table 4-10 for process field descriptions.
|
|
|
|---|---|
show repository
To display the file contents of the repository, use the show repository command in the EXEC mode.
Syntax Description
Name of the repository whose contents you want to view. Supports up to 30 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Performs a backup (CDA and Cisco ADE OS) and places the backup in a repository. |
|
Restores from backup the file contents of a specific repository. |
|
show restore
To display the restore history, use the show restore command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Performs a backup (CDA and Cisco ADE OS) and places the backup in a repository. |
|
Restores from backup the file contents of a specific repository. |
|
show running-config
To display the contents of the currently running configuration file or the configuration, use the show running-config command in the EXEC mode.
Syntax Description
Defaults
The show running-config command displays all of the configuration information.
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Displays the contents of the startup configuration file or the configuration. |
show startup-config
To display the contents of the startup configuration file or the configuration, use the show startup-config command in the EXEC mode.
Syntax Description
Defaults
The show startup-config command displays all of the startup configuration information.
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Displays the contents of the currently running configuration file or the configuration. |
show tech-support
To display technical support information, including email, use the show tech-support command in the EXEC mode.
Syntax Description
Save any technical support data as a file in the local disk. |
|
Filename to save. Supports up to 80 alphanumeric characters. |
Defaults
Passwords and other security information do not appear in the output.
Command Modes
Usage Guidelines
The show tech-support command is useful for collecting a large amount of information about your CDA server for troubleshooting purposes. You can then provide output to technical support representatives when reporting a problem.
Examples
Related Commands
|
|
|
|---|---|
show terminal
To obtain information about the terminal configuration parameter settings, use the show terminal command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Table 4-11 describes the fields of the show terminal output.
|
|
|
|---|---|
Length of time, in minutes, for a session, after which the connection closes. |
show timezone
To display the time zone as set on the system, use the show timezone command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
show timezones
To obtain a list of time zones from which you can select, use the show timezones command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
See the “clock timezone” section, for examples of the time zones available for the CDA server.
Examples
Related Commands
|
|
|
|---|---|
show udi
To display information about the UDI of the CDA appliance, use the show udi command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
The following output appears when you run the show udi command on VMware servers.
show uptime
To display the length of time that you have been logged in to the CDA server, use the show uptime command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
show users
To display the list of users logged in to the CDA server, use the show users command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
show version
To display information about the software version of the system, use the show version command in the EXEC mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
This command displays version information about the Cisco ADE-OS software running on the CDA server, and displays the CDA version.
Examples
Configuration Commands
This section list each Configuration command and includes a brief description of its use, command syntax, usage guidelines, and sample output.
Configuration commands include interface and repository.
Note Some of the Configuration commands require you to enter the configuration submode to complete the command configuration.
To access the Configuration mode, you must use the configure command in the EXEC mode.
Table 4-12 lists the Configuration commands that this section describes.
backup-staging-url
To allow you to configure a Network File System (NFS) location that the backup and restore operations will use as a staging area to package and unpackage backup files, use the backup-staging-url command in Configuration mode.
Syntax Description
The command to configure a Network File System (NFS) location as a staging area that the backup and restore operations use. |
|
NFS URL for staging area. Supports up to 2048 alphanumeric characters. Use nfs:// server : path 3. |
|
3.Server is the server name and path refers to /subdir/subsubdir. Remember that a colon (:) is required after the server. |
Defaults
Command Modes
Usage Guidelines
The URL is NFS only. The format of the command is backup-staging-url nfs : //server:path.
Warning Ensure that you secure your NFS server in such a way that the directory can be accessed only by the IP Address of the CDA server.
Examples
cdp holdtime
To specify the amount of time for which the receiving device should hold a Cisco Discovery Protocol packet from the CDA server before discarding it, use the cdp holdtime command in the Configuration mode. To revert to the default setting, use the no form of this command.
Syntax Description
The command to configure the Cisco Discovery Protocol parameters. |
|
Specifies the hold time, in seconds. Value from 10 to 255 seconds. |
Defaults
Command Modes
Usage Guidelines
Cisco Discovery Protocol packets transmit with a time to live, or hold time, value. The receiving device will discard the Cisco Discovery Protocol information in the Cisco Discovery Protocol packet after the hold time has elapsed.
The cdp holdtime command takes only one argument; otherwise, an error occurs.
Examples
Related Commands
|
|
|
|---|---|
Specifies how often the CDA server sends Cisco Discovery Protocol updates. |
|
cdp run
To enable the Cisco Discovery Protocol, use the cdp run command in Configuration mode. To disable the Cisco Discovery Protocol, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
The command has one optional argument, which is an interface name. Without an optional interface name, the command enables the Cisco Discovery Protocol on all interfaces.
Note The default for this command is on interfaces that are already up and running. When you are bringing up an interface, stop the Cisco Discovery Protocol first; then, start the Cisco Discovery Protocol again.
Examples
Related Commands
cdp timer
To specify how often the CDA server sends Cisco Discovery Protocol updates, use the cdp timer command in Configuration mode. To revert to the default setting, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Cisco Discovery Protocol packets transmit with a time to live, or hold time, value. The receiving device will discard the Cisco Discovery Protocol information in the Cisco Discovery Protocol packet after the hold time has elapsed.
The cdp timer command takes only one argument; otherwise, an error occurs.
Examples
Related Commands
|
|
|
|---|---|
Specifies the amount of time that the receiving device should hold a Cisco Discovery Protocol packet from the CDA server before discarding it. |
|
clock timezone
To set the time zone, use the clock timezone command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Name of the time zone visible when in standard time. Supports up to 64 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
The system internally keeps time in UTC. If you do not know your specific time zone, you can enter the region, country, and city (see Tables 4-13 , 4-14 , and 4-15 for sample time zones to enter on your system).
|
|
|
|---|---|
|
|
|
|
|
|
|
|
|||
|---|---|---|---|
ACT5 |
|||
LHI6 |
|||
NSW7 |
|||
|
4.Enter the country and city together with a forward slash (/) between them; for example, Australia/Currie. |
|
|
|||
|---|---|---|---|
Aden9 |
|||
Note Several more time zones are available to you. On your CDA server, enter show timezones. A list of all the time zones available in the CDA server appears. Choose the most appropriate one for your time zone.
Warning Changing the time zone on a CDA appliance after installation causes the CDA application on that node to be unusable. However, the preferred time zone (default UTC) can be configured during the installation when the initial setup wizard prompts you for the time zone.
Examples
Related Commands
|
|
|
|---|---|
do
To execute an EXEC-level command from Configuration mode or any configuration submode, use the do command in any configuration mode.
Syntax Description
The EXEC command to execute an EXEC-level command from Configuration mode or any configuration submode |
|
The EXEC command to execute an EXEC-level command (see Table 4-16 ). |
Command Default
Command Modes
Configuration or any configuration submode
Usage Guidelines
Use this command to execute EXEC commands (such as show, clear, and debug commands) while configuring your server. After the EXEC command executes, the system will return to the configuration mode you were using.
Examples
end
To end the current configuration session and return to the EXEC mode, use the end command in Configuration mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
This command brings you back to EXEC mode regardless of what configuration mode or submode you are in.
Use this command when you finish configuring the system and you want to return to EXEC mode to perform verification steps.
Examples
Related Commands
|
|
|
|---|---|
exit (EXEC) |
Closes the active terminal session by logging out of the CDA server. |
exit
To exit any configuration mode to the next-highest mode in the CLI mode hierarchy, use the exit command in Configuration mode.
Syntax Description
Defaults
Command Modes
Usage Guidelines
The exit command is used in the CDA server to exit the current command mode to the next highest command mode in the CLI mode hierarchy.
For example, use the exit command in Configuration mode to return to the EXEC mode. Use the exit command in the configuration submodes to return to Configuration mode. At the highest level, EXEC mode, the exit command exits the EXEC mode and disconnects from the CDA server (see the “exit” section, for a description of the exit (EXEC) command).
Examples
Related Commands
|
|
|
|---|---|
exit (EXEC) |
Closes the active terminal session by logging out of the CDA server. |
hostname
To set the hostname of the system, use the hostname command in Configuration mode. To delete the hostname from the system, use the no form of this command, which resets the system to localhost.
Syntax Description
Name of the host. Contains at least 2 to 64 alphanumeric characters and an underscore ( _). The hostname must begin with a character that is not a space. |
Defaults
Command Modes
Usage Guidelines
A single instance type of command, hostname only occurs once in the configuration of the system. The hostname must contain one argument; otherwise, an error occurs.
Examples
icmp echo
To configure the Internet Control Message Protocol (ICMP) echo responses, use the icmp echo command in Configuration mode.
Syntax Description
The command to configure Internet Control Message Protocol echo requests. |
|
Defaults
The system behaves as if the ICMP echo response is on (enabled).
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
interface
To configure an interface type and enter the interface configuration mode, use the interface command in Configuration mode. This command does not have a no form.
Note VMware virtual machine may have a number of interfaces available that depends on how many network interfaces (NIC) are added to the virtual machine.
Syntax Description
Note After you enter the Gigabit Ethernet port number in the interface command, you enter the config-GigabitEthernet configuration submode (see the following Syntax Description).
EXEC command. Allows you to perform any EXEC commands in this mode (see the “do” section). |
|
Exits the config-GigabitEthernet submode and returns you to the EXEC mode. |
|
Sets the IP Address and netmask for the Ethernet interface (see the “ip address” section). |
|
Configures IPv6 autoconfiguration address and IPv6 address from DHCPv6 server. (see the “ipv6 address autoconfig” section and the “ipv6 address dhcp” section) |
|
Negates the command in this mode. Two keywords are available: |
|
Shuts down the interface (see the “shutdown” section). |
Defaults
Command Modes
Usage Guidelines
You can use the interface command to configure subinterfaces to support various requirements.
Examples
Related Commands
|
|
|
|---|---|
ip address (interface configuration mode) |
|
shutdown (interface configuration mode) |
Shuts down the interface (see “shutdown” section). |
ipv6 address autoconfig
To enable IPv6 stateless autoconfiguration, use the interface GigabitEthernet 0 command in Configuration mode. This command does not have a no form.
IPv6 address autoconfiguration is enabled by default in Linux. Cisco ADE 2.0 shows the IPv6 address autoconfiguration in the running configuration for any interface that is enabled.
Syntax Description
Defaults
Command Modes
Usage Guidelines
IPv6 stateless autoconfiguration has the security downfall of having predictable IP Addresses. This downfall is resolved with privacy extensions. You can verify that the privacy extensions feature is enabled using the show command.
When IPv6 autoconfiguration is enabled, the running configuration shows the interface settings similar to the following:
You can use the show interface GigabitEthernet 0 command to display the interface settings. In example 2, you can see that the interface has three IPv6 addresses. The first address (starting with 3ffe) is obtained using the stateless autoconfiguration. For the stateless autoconfiguration to work, you must have IPv6 route advertisement enabled on that subnet. The next address (starting with fe80) is a link-local address that does not have any scope outside the host. You will always see a link local address regardless of the IPv6 autoconfiguration or DHCPv6 configuration. The last address (starting with 2001) is obtained from a IPv6 DHCP server.
The following RFC provides the IPv6 stateless autoconfiguration privacy extensions:
http://www.ietf.org/rfc/rfc3041.txt
To verify that the privacy extensions feature is enabled, you can use the show interface GigabitEthernet 0 command. You can see two autoconfiguration addresses: one address is without the privacy extensions, and the other is with the privacy extensions.
In the example 3 below, the MAC is 3ffe:302:11:2:20c:29ff:feaf:da05/64 and the non-RFC3041 address contains the MAC, and the privacy-extension address is 302:11:2:9d65:e608:59a9:d4b9/64.
The output appears similar to the following:
Related Commands
|
|
|
|---|---|
ip address (interface configuration mode) |
|
shutdown (interface configuration mode) |
Shuts down the interface (see “shutdown” section). |
Displays the contents of the currently running configuration file or the configuration. |
ipv6 address dhcp
To enable IPv6 address DHCP, use the interface GigabitEthernet 0 command in Configuration mode. This command does not have a no form.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
When IPv6 DHCPv6 is enabled, the running configuration shows the interface settings similar to the following:
Note The IPv6 stateless autoconfiguration and IPv6 address DHCP are not mutually exclusive. It is possible to have both IPv6 stateless autoconfiguration and IPv6 address DHCP on the same interface. You can use the show interface to display what IPv6 addresses are in use for a particular interface.
When both the IPv6 stateless autoconfiguration and IPv6 address DHCP are enabled, the running configuration shows the interface settings similar to the following:
Related Commands
|
|
|
|---|---|
ip address (interface configuration mode) |
|
shutdown (interface configuration mode) |
Shuts down the interface (see “shutdown” section). |
Displays the contents of the currently running configuration file or the configuration. |
ip address
To set the IP Address and netmask for the Ethernet interface, use the ip address command in interface Configuration mode. To remove an IP Address or disable IP processing, use the no form of this command.
ip address ip-address network mask
Note You can configure the same IP Address on multiple interfaces. You might want to do this to limit the configuration steps that are needed to switch from using one interface to another.
Syntax Description
The command to configure IP Address and netmask for the GigabitEthernet interface. |
|
Defaults
Command Modes
Usage Guidelines
Requires exactly one address and one netmask; otherwise, an error occurs.
Examples
Related Commands
|
|
|
|---|---|
shutdown (interface configuration mode) |
Disables an interface (see “shutdown” section). |
ip default-gateway
To define or set a default gateway with an IP Address, use the ip default-gateway command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
If you enter more than one argument or no arguments at all, an error occurs.
Examples
Related Commands
|
|
|
ip address (interface configuration mode) |
ip domain-name
To define a default domain name that the CDA server uses to complete hostnames, use the ip domain-name command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Default domain name used to complete the hostnames. Contains at least 2 to 64 alphanumeric characters. |
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
ip name-server
To set the Domain Name Server (DNS) servers for use during a DNS query, use the ip name-server command in Configuration mode. You can configure one to three DNS servers. To disable this function, use the no form of this command.
Note Using the no form of this command removes all the name servers from the configuration. Using the no form of this command and one of the IP names removes only that name server.
Syntax Description
The command to configure IP Addresses of name server(s) to use. |
|
Defaults
Command Modes
Usage Guidelines
The first name server that is added with the ip name-server command occupies the first position and the system uses that server first to resolve the IP Addresses.
You can add name servers to the system one at a time or all at once, until you reach the maximum (3). If you already configured the system with three name servers, you must remove at least one server to add additional name servers.
To place a name server in the first position so that the subsystem uses it first, you must remove all name servers with the no form of this command before you proceed.
Examples
You can choose not to restart the CDA server; nevertheless, the changes will take effect.
Related Commands
|
|
|
|---|---|
Defines a default domain name that the server uses to complete hostnames. |
ip route
To configure the static routes, use the ip route command in Configuration mode. To remove static routes, use the no form of this command.
Static routes are manually configured, which makes them inflexible (they cannot dynamically adapt to network topology changes), but extremely stable. Static routes optimize bandwidth utilization, because no routing updates need to be sent to maintain them. They also make it easy to enforce routing policy.
Syntax Description
IP Address of the next hop that can be used to reach that network. |
Defaults
Command Modes
Examples
kron occurrence
To schedule one or more Command Scheduler commands to run at a specific date and time or a recurring level, use the kron occurrence command in Configuration mode. To delete this schedule, use the no form of this command.
Syntax Description
Name of the occurrence. Supports up to 80 alphanumeric characters. (See the following note and Syntax Description.) |
Note After you enter the occurrence-name in the kron occurrence command, you enter the config-occurrence configuration submode (see the following Syntax Description).
Identifies that the occurrence is to run at a specified calendar date and time. Usage: at [ hh:mm ] [ day-of-week | day-of-month | month day-of-month ]. |
|
EXEC command. Allows you to perform any EXEC commands in this mode (see the “do” section). |
|
Exits the kron-occurrence configuration submode and returns you to the EXEC mode. |
|
Specifies a Command Scheduler policy list to be run by the occurrence. |
|
Identifies that the occurrences run on a recurring basis.
Note |
Defaults
Command Modes
Usage Guidelines
Use the kron occurrence and policy-list commands to schedule one or more policy lists to run at the same time or interval.
Use the kron policy-list command in conjunction with the cli command to create a Command Scheduler policy that contains the EXEC CLI commands to be scheduled to run on the CDA server at a specified time. See the “kron policy-list” section.
Examples
Note When you run the kron command, backup bundles are created with a unique name (by adding a time stamp) to ensure that the files do not overwrite each other.
Related Commands
|
|
|
|---|---|
kron policy-list
To specify a name for a Command Scheduler policy and enter the kron-Policy List configuration submode, use the kron policy-list command in Configuration mode. To delete a Command Scheduler policy, use the no form of this command.
Syntax Description
Name of the policy list. Supports up to 80 alphanumeric characters. |
Note After you enter the list-name in the kron policy-list command, you enter the config-Policy List configuration submode (see the following Syntax Description).
Command to be executed by the scheduler. Supports up to 80 alphanumeric characters. |
|
EXEC command. Allows you to perform any EXEC commands in this mode (see “do” section). |
|
Exits from the config-Policy List configuration submode and returns you to the EXEC mode. |
|
Defaults
Command Modes
Usage Guidelines
Use the kron policy-list command in conjunction with the cli command to create a Command Scheduler policy that contains the EXEC CLI commands to be scheduled to run on the CDA server at a specified time. Use the kron occurrence and policy list commands to schedule one or more policy lists to run at the same time or interval. See the “ip route” section.
Examples
Related Commands
|
|
|
|---|---|
Specifies schedule parameters for a Command Scheduler occurrence and enters the config-Occurrence configuration mode. |
logging
To enable the system to forward logs to a remote system or to configure the log level, use the logging command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
This command requires an IP Address or hostname or the loglevel keyword; an error occurs if you enter two or more of these arguments.
Examples
Related Commands
|
|
|
|---|---|
ntp
To specify an NTP configuration, use the ntp command in configuration mode with authenticate, authentication-key, server, and trusted-key commands.
ntp authentication-key <key id> md5 hash | plain <key value>
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use the ntp command to specify an NTP configuration.
To terminate NTP service on a device, you must enter the no ntp command with keywords or arguments such as authenticate, authentication-key, server, and trusted-key. For example, if you previously issued the ntp server command, use the no ntp command with server.
For more information on how to configure an NTP server, see ntp server.
Examples
Related Commands
|
|
|
|---|---|
Allows synchronization of the software clock by the NTP server for the system. |
|
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. |
|
ntp authenticate
To enable authentication of all time sources, use the ntp authenticate command. Time sources without the NTP authentication keys will not be synchronized.
To disable this capability, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use the ntp authenticate command to enable authentication of all time sources. This command is optional and authentication will work even without this command.
If you want to authenticate in a mixed mode where only some servers require authentication, that is, only some servers need to have keys configured for authentication, then this command should not be executed.
Examples
Related Commands
|
|
|
|---|---|
Allows synchronization of the software clock by the NTP server for the system. |
|
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. |
|
ntp authentication-key
To specify an authentication key for a time source, use the ntp authentication-key command in configuration command with a unique identifier and a key value.
To disable this capability, use the no form of this command.
ntp authentication-key <key id> md5 hash | plain <key value>
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use the ntp authentication-key command to set up a time source with an authentication key for NTP authentication and specify its pertinent k ey identifier, key encryption type, and k ey value settings. Add this key to the trusted list before you add this key to the ntp server command.
Time sources without the NTP authentication keys that are added to the trusted list will not be synchronized.
Examples
Note The show running-config command will always show keys that are entered in Message Digest 5 (MD5) plain format converted into hash format for security. For example, ntp authentication-key 1 md5 hash ee18afc7608ac7ecdbeefc5351ad118bc9ce1ef3.
(Removes authentication key 3.)
Related Commands
|
|
|
|---|---|
Allows synchronization of the software clock by the NTP server for the system. |
|
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. |
|
ntp server
To allow for software clock synchronization by the NTP server for the system, use the ntp server command in Configuration mode. Allows up to three servers each with a key in a separate line. The key is an optional parameter but the key is required for NTP authentication. The CDA always requires a valid and reachable NTP server.
Although key is an optional parameter, it must be configured if you need to authenticate an NTP server.
To disable this capability, use the no form of this command only when you want to remove an NTP server and add another one.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Use this ntp server command with a trusted key if you want to allow the system to synchronize with a specified server.
The key is optional, but it is required for NTP authentication. Define this key in the ntp authentication-key command first and add this key to the ntp trusted-key command before you can add it to the ntp server command.
The show ntp command displays the status of synchronization. If none of the configured NTP servers are reachable or not authenticated (if NTP authentication is configured), then this command displays synchronization to local with the least stratum. If an NTP server is not reachable or is not properly authenticated, then its reach as per this command statistics will be 0.
To define an NTP server configuration and authentication in the CDA admin user interface, see the System Time and NTP Server Settings section in the Cisco Identity Services Engine User Guide, Release 1.1.1.
Note This command gives conflicting information during the synchronization process. The synchronization process can take up to 20 minutes to complete.
Examples
Related Commands
|
|
|
|---|---|
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. |
|
ntp trusted-key
To add a time source to the trusted list, use the ntp trusted-key command with a unique identifier. To disable this capability, use the no form of this command.
Syntax Description
Specifies key numbers for trusted time sources that needs to be defined as NTP authentication keys. Supports up to 65535 numeric characters. |
Defaults
Command Modes
Usage Guidelines
Define this key as an NTP authentication key and then add this key to the trusted list before you add this key to an NTP server. Keys that are added to the trusted list can only be used that allows synchronization by the NTP server with the system.
Examples
(Removes key 2 from the trusted list.)
Related Commands
|
|
|
|---|---|
Allows synchronization of the software clock by the NTP server for the system. |
|
password-policy
To enable or configure the passwords on the system, use the password-policy command in Configuration mode. To disable this function, use the no form of this command.
Note The password-policy command requires a policy option (see Syntax Description). You must enter the password-expiration-enabled command before the other password-expiration commands.
Syntax Description
Note After you enter the password-policy command, you can enter the config-password-policy configuration submode.
Defaults
Command Modes
Usage Guidelines
Examples
repository
To enter the repository submode for configuration of backups, use the repository command in Configuration mode.
Syntax Description
Name of repository. Supports up to 80 alphanumeric characters. |
Note After you enter the name of the repository in the repository command, you enter the config-Repository configuration submode (see the Syntax Description).
EXEC command. Allows you to perform any of the EXEC commands in this mode (see the “do” section). |
|
Exits the config-Repository submode and returns you to the EXEC mode. |
|
URL of the repository. Supports up to 80 alphanumeric characters (see Table 4-17 ). |
|
Configure the username and password for access. Supports up to 30 alphanumeric characters. |
|
|
|
|---|---|
Enter the repository URL, including server and path information. Supports up to 80 alphanumeric characters. |
|
| You can run the show repository repository_name to view all the files in the local repository. Note All local repositories are created on the /localdisk partition. When you specify disk:// in the repository URL, the system creates directories in a path that is relative to /localdisk. For example, if you entered disk://backup, the directory is created at /localdisk/backup. |
|
Source or destination URL for an FTP network server. Use url ftp:// server / path 10. |
|
Source or destination URL for an NFS network server. Use url nfs:// server:path 1. |
|
Source or destination URL for an TFTP network server. Use url nfs:// server:path 1. Note You cannot use a TFTP repository for performing CDA upgrade. |
|
10.Server is the server name and path refers to /subdir/subsubdir. Remember that a colon (:) is required after the server for an NFS network server. |
Defaults
Command Modes
Usage Guidelines
When configuring url sftp: in the submode, you must provide the host-key un der repository configuration through CLI and the RSA fingerprint is added to the list of SSH known hosts.
To disable this function, use the no form of host-key host command in the submode.
CDA displays the following warning when you configure a secure ftp repository in the administration user interface in Administration > System > Maintenance > Repository > Add Repository.
The host key of the SFTP server must be added through the CLI by using the host-key option before this repository can be used.
A corresponding error is thrown in the Cisco ADE logs when you try to back up into a secure FTP repository without configuring the host-key.
Related Commands
service
To specify a service to manage, use the service command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
shutdown
To shut down an interface, use the shutdown command in the interface configuration mode. To disable this function, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
When you shut down an interface using this command, you lose connectivity to the CDA appliance through that interface (even though the appliance is still powered on). However, if you have configured the second interface on the appliance with a different IP and have not shut down that interface, you can access the appliance through that second interface.
To shut down an interface, you can also modify the ifcfg-eth[0,1] file, which is located at /etc/sysconfig/network-scripts, using the ONBOOT parameter:
You can also use the no shutdown command to enable an interface.
Examples
Related Commands
|
|
|
ip address (interface configuration mode) |
|
snmp-server community
To set up the community access string to permit access to the Simple Network Management Protocol (SNMP), use the snmp-server community command in Configuration mode. To disable this function, use the no form of this command.
Syntax Description
Accessing string that functions much like a password and allows access to SNMP. No blank spaces allowed. Supports up to 255 alphanumeric characters. |
|
Defaults
Command Modes
Usage Guidelines
The snmp-server community command requires a community string and the ro argument; otherwise, an error occurs.
The SNMP Agent on the CDA provides read-only SNMP v1 and SNMP v2c access to the following MIBs:
- SNMPv2-MIB
- RFC1213-MIB
- IF-MIB
- IP-MIB
- IP-FORWARD-MIB
- TCP-MIB
- UDP-MIB
- HOST-RESOURCES-MIB
- ENTITY-MIB—Only 3 MIB variables are supported on the ENTITY-MIB:
– Product ID: entPhysicalModelName
Examples
Related Commands
|
|
|
|---|---|
snmp-server contact
To configure the SNMP contact Management Information Base (MIB) value on the system, use the snmp-server contact command in Configuration mode. To remove the system contact information, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Examples
Related Commands
|
|
|
|---|---|
Sets up the community access string to permit access to the SNMP. |
|
snmp-server host
To send SNMP traps to a remote user, use the snmp-server host command in Configuration mode. To remove trap forwarding, use the no form of this command.
snmp-server host { ip-address | hostname } version { 1 | 2c } community
Syntax Description
Defaults
Command Modes
Usage Guidelines
The command takes arguments as listed; otherwise, an error occurs. SNMP traps are not supported.
Examples
Related Commands
|
|
|
|---|---|
Sets up the community access string to permit access to SNMP. |
|
snmp-server location
To configure the SNMP location MIB value on the system, use the snmp-server location command in Configuration mode. To remove the system location information, use the no form of this command.
Syntax Description
Defaults
Command Modes
Usage Guidelines
Cisco recommends that you use underscores (_) or hyphens (-) between the terms within the word string. If you use spaces between terms within the word string, you must enclose the string in quotation marks (“).
Examples
Related Commands
|
|
|
|---|---|
Sets up the community access string to permit access to SNMP. |
|
username
To add a user who can access the CDA appliance using SSH, use the username command in Configuration mode. If the user already exists, the password, the privilege level, or both change with this command. To delete the user from the system, use the no form of this command.
username username password { hash | plain } password role { admin | user ] [ disabled [ email email-address ]] [ email email-address ]
Syntax Description
Defaults
Command Modes
Usage Guidelines
The username command requires that the username and password keywords precede the hash | plain and the admin | user options.
Examples
Related Commands
|
|
|
|---|---|
Displays a list of users and their privilege level. It also displays a list of logged-in users. |
Feedback