CiscoWorks 1160 Security Information Management Solution Engine 3.1 Installation and Configuration Guide - Command Reference [CiscoWorks Security Information Management Solution]

Table Of Contents

Command Reference

CLI Conventions

Command Privileges

Checking Command Syntax

Command History Feature

System Help

Command Description Conventions

Privilege Level 0 Commands

Privilege Level 15 Commands

Maintenance Image Commands

Command Reference

The Security Information Management Solution Engine (SIMS Engine) provides a command-line interface (CLI).

Topics include:

•CLI Conventions

•Command Privileges

•Checking Command Syntax

•Command History Feature

•System Help

•Command Description Conventions

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

CLI Conventions

The command-line interface (CLI) uses the following conventions:

•The key combination ^c or Ctrl-c means hold down the Ctrl key while you press the c key.

•A string is defined as a nonquoted set of characters.

Do not confuse the SIMS Engine's CLI with the IOS CLI. Though they are similar, they are not identical.

Command Privileges

Access to CLI commands is controlled by your user account privilege level. Users with privilege level 15 can use all commands. Users with privilege level 0 can use only a subset of the commands. The command descriptions in this section are organized by privilege level.

Checking Command Syntax

The user interface provides several types of responses to incorrect command entries:

•If you enter a command line that does not contain any valid commands, the system displays Command not found.

•If you enter a valid command but omit required options, the system displays Incomplete command.

•If you enter a valid command but provide invalid options or parameters, the system displays Invalid input.

•In addition, some commands have command-specific error messages that notify you that a command is valid, but that it cannot run correctly.

Related Topics

•System Help

•Command Description Conventions

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

Command History Feature

The CLI provides a command history feature. To display previously entered commands, press the up arrow key. After pressing the up arrow key, you can press the down arrow key to display the commands in reverse order. To run a command, press the Enter key while the command is displayed on the command line. You can also edit commands before pressing the Enter key.

System Help

You can obtain help using the following methods:

•For a list of all commands and their syntax, enter help, then press Enter.

•For help about a specific command, type the command name, a space, and a question mark, then press Enter, for example, ntp ?. The help contains command usage information and syntax.

Related Topics

•Checking Command Syntax

•Command Description Conventions

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

Command Description Conventions

Command descriptions in this document and in the CLI help system use the following conventions:

•Vertical bars (|) separate alternative, mutually exclusive elements.

•Square brackets ([ ]) indicate optional elements.

•Braces ({ }) indicate a required choice.

•Braces within square brackets ([{ }]) indicate a required choice within an optional element.

•Boldface indicates commands and keywords that are entered literally as shown.

•Italics indicate arguments for which you supply values.

Related Topics

•Checking Command Syntax

•System Help

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

Privilege Level 0 Commands

This section describes the commands that have privilege level of 0.

exit

To log out of the system, use the exit command:

exit
Syntax Description

This command has no arguments or keywords.

Example

The following command logs you out of the system:
exit
help

To display online help for the command-line interface, use the help command:

help
Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the help command to display online help for the command-line interface. A list of the CLI commands and their syntax is displayed.

Example

The following command displays online help for the command-line interface:
help
ping

To send ICMP echo_request packets for diagnosing basic network connectivity, use the ping command:

ping ? | [-c count] [-i wait] [-s packetsize] [-n] {hostname | ip-address}
Syntax Description

c Sets the number of echo packets to send.

count Number of echo packets to send.

i Sets the amount of time to wait between sending each packet.

wait Amount of time to wait between sending each packet, in seconds. The default is 1.

s Sets the size of each echo packet.

packetsize The size of each echo packet, in bytes. The default is 56.

hostname Host name of system to ping.

ip-address IP address of system to ping.

n disables reverse DNS lookup.

Usage Guidelines

To use this command with the hostname argument, DNS must be configured on the system. To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-c.

Example

This command sends 4 echo packets to the host otherhost with a wait time of
5 seconds between each packet:
ping -c 4 -i 5 209.165.200.224
PING 209.165.200.224 (209.165.200.224) from 209.165.201.0 : 56(84) 
bytes of data.
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=0 ttl=246 
time=16.3 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=1 ttl=246 
time=2.0 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=2 ttl=246 
time=2.1 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=3 ttl=246 
time=2.1 ms
show clock

To display the system date and time in Coordinated Universal Time (UTC), use the show clock command:

show clock
Syntax Description

This command has no arguments or keywords.

Example

This command displays the system date and time:
show clock
12:43:47 Jun 20 2001
Related Commands

clock

ntp server

show domain-name

To display the system domain name, use the show domain-name command:

show domain-name
Syntax Description

This command has no arguments or keywords.

Example

This command displays the system domain name:
show domain-name
cisco.com
show interfaces

To display information about the system network interface, use the show interfaces command:

show interfaces
Syntax Description

This command has no arguments or keywords.

Example

This command displays information about system network interfaces:
show interfaces
eth0      Link encap:Ethernet  HWaddr 00:02:B3:35:FD:CC  
          inet addr:172.20.98.119  Bcast:172.20.98.127 
Mask:255.255.255.192
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80309 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22451 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:5 Base address:0xef00 Memory:d0c7e000-d0c7ec40 
Related Command

interface

show process

To display information about processes running on the system, use the show process command:

show process [page]
Syntax Description

page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

Example

This command displays information about processes running on the system:
show process page
PID  PPID     ELAPSED    SZ                  STARTED TTY  COMMAND
    1     0  4-20:04:35   277 Fri Jun 15 16:54:03 2001 ?    init
    2     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kflushd
    3     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kupdate
    4     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kpiod
    5     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kswapd
    6     1  4-20:04:28     0 Fri Jun 15 16:54:10 2001 ?    kreiserfsd
   81     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   82     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   83     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   84     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   85     1  4-20:04:24     0 Fri Jun 15 16:54:14 2001 ?    kreiserfsd
  199     1  4-20:04:23   290 Fri Jun 15 16:54:15 2001 ?    watchdog
  213     1  4-20:04:23   342 Fri Jun 15 16:54:15 2001 ?    idled
  402     1  4-20:04:17   290 Fri Jun 15 16:54:21 2001 ?    syslogd
  411     1  4-20:04:17   360 Fri Jun 15 16:54:21 2001 ?    klogd
  517     1  4-20:04:15   327 Fri Jun 15 16:54:23 2001 ?    crond
  531     1  4-20:04:15   286 Fri Jun 15 16:54:23 2001 ?    inetd
  540     1  4-20:04:14   585 Fri Jun 15 16:54:24 2001 ?    sshd
  585     1  4-20:04:09   842 Fri Jun 15 16:54:29 2001 ?    dmgtd.lnx
-----------more-----------
show version

To display information about the current software on the system, use the show version command:

show version
Syntax Description

This command has no arguments or keywords.

Example

This command displays the current software on the system:
show version
(C) Copyright 2003 by Cisco Systems Inc.
NetForensics Release 3.1nfapp Wed Jun 11 23:43:20 UTC 2003
Build Version (44) Wed May 14 23:43:18 UTC 2003
Uptime: 0 days 0 hours 15 mins
Linux version 2.4.18-18.7.xsmp (root@app20.cisco.com) (gcc version 
2.96 20000731 (Red Hat Linux 7.3 2.96-113)) #1 SMP Tue Jan 7 13:45:20 
PST 2003
traceroute

To display the network route to a specified host and identify faulty gateways, use the traceroute command:

traceroute ? | [-f first_ttl] [-m max_ttl] [-w waittime] host [packetlength]
Syntax Description

-f (Optional) Sets the time-to-live used in the first outgoing probe packet.

first_ttl Time-to-live value of the first outgoing probe packet. The default is 1 hop.

-m (Optional) Sets the maximum time-to-live (maximum number of hops) used in outgoing probe packets.

max_ttl Maximum time-to-live for outgoing probe packets. The default is 30 hops.

-w (Optional) Sets the time to wait for a response to a probe, in seconds.

waittime Time to wait for a response to a probe, in seconds. The default is 5.

host Name or IP address of host to which to connect.

packetlength (Optional) The length of the packet to send, in bytes. The default and minimum value is 40.

Usage Guidelines

Use the traceroute command to trace the network route to a specified host and identify faulty gateways. The command displays a list of the hosts that receive probe packets as they travel to the destination host, in the order that the receiving hosts receive the packets. Asterisks (*) appear as the list entry for hosts that do not respond to probing correctly.

Example

This command displays the network route to the host otherhost with a packet time-to-live value of 2, a wait time of 5 seconds, and 50-byte packets:
traceroute -m 20 -w 10 cisco.com 50
traceroute to example.com (209.165.200.224), 20 hops max, 50 byte 
packets
 1  ex1.com (209.165.200.225)  0.981 ms  0.919 ms  0.926 ms
 2  ex2.com (209.165.200.254)  1.528 ms  0.747 ms 0.661 ms
 3  ex3.com (209.165.200.255)  0.887 ms  0.770 ms  0.744 ms
 4  ex4.com (209.165.201.0)  0.932 ms  0.789 ms  0.679 ms
 5  ex5.com (209.165.201.1)  1.066 ms  1.052 ms  0.983 ms
 6  ex6.com (209.165.201.30)  1.472 ms  1.247 ms  1.847 ms
 7  ex7.com(209.165.201.31)  1.738 ms  1.424 ms  1.658 ms
 8  ex8.com (209.165.202.128)  3.728 ms  2.429 ms  2.804 ms
 9  ex9.com (209.165.202.129)  6.283 ms  5.499 ms 3.285 ms
10  ex10.com (209.165.202.158)  9.926 ms  73.463 ms  3.895 ms
11  ex11.com (209.165.202.159)  70.967 ms *  47.106 ms
Related Command

ping

Related Topics

•Checking Command Syntax

•System Help

•Command Description Conventions

•Privilege Level 15 Commands

•Maintenance Image Commands

Privilege Level 15 Commands

This section describes the privilege level 15 commands. Only users with privilege level 15 can run them.

backup

Use the backup command to backup the SIMS Engine:

backup [test]
Syntax Description

test Tests the configured backup hostname, username, password, and directory.

Usage Guidelines

To backup the SIMS Engine, use the backup command. To configure the backup location, use the backupconfig command.

Example

The following command backs up the SIMS Engine:
backup
Related Commands

backupconfig

listbackup

restore

backupconfig

backupconfig

Use the backupconfig command to set the configuration for all backup and restore operations. To clear the backup and restore configuration information, use the no backupconfig command:

backupconfig {hostname} {username} {password} [directory]
no backupconfig
Syntax Description

hostname IP address of the host system.

username Username of host system.

password Password of the host system.

directory Path to specific backup directory, if different from user's default directory.

Usage guidelines

To set the configuration for all backup and restore operations, use the backup command.

Example

The following command will configure the backup and restore operations to backup to and restore from host 10.11.12.13, set the username to user1, and set the password to pass:
backupconfig 209.165.200.224 user1 pass
The following command clears all backup and restore configuration information:
no backupconfig
Related Commands

backup

listbackup

restore

cdp

Use the cdp command to configure the Cisco Discovery Protocol:

cdp {run interface | timer seconds | holdtime seconds}
no cdp {run | timer | holdtime}
Syntax Description

run Start CDP

interface Ethernet port on which CDP will be enabled. Acceptable values are eth0-5.

timer Set CDP packets retransmission time.

holdtime Set CDP packet info hold time.

seconds Amount of time, in seconds, that the system takes to either transmit the CDP packet information or to hold another system's CDP packet information.

Usage Guidelines

Cisco Discovery Protocol (CDP) is a protocol by which one Cisco device can recognize, and be recognized by, another Cisco system. The run command starts the system sending out signals to the other systems. The timer command sets the amount of time, in seconds, that these signals are sent. The holdtime sets the amount of time a system will recognize another system without receiving a signal. For example, if your system's holdtime is set to 30 seconds, and another system that has already been recognized by yours does not send a signal within that
30 seconds, your system will cease to recognize it. If you are using the no cdp command, the timer and holdtime commands set their respective values to the default value.

Example

This command sets the cdp packet's retransmission time at 10 seconds.
cdp timer 10
This command sets the cdp packet's retransmission to its default time.
no cdp timer
clear

To clear the current shell state, enter the clear command.

clear

clock

To set the system date and time, use the clock command:

clock {? | set hh:mm:ss month day year}
Syntax Description

set Sets the system clock.

hh:mm:ss Current time (for example, 13:32:00).

month Current month. You can enter full month names or abbreviations that include at least the first 3 characters of the month name (for example, jan, feb, mar).

day Day of the month (for example, 1 to 31).

year Current year (for example, 2000).

Usage Guidelines

To set the date and time, use the set option.

If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command.

When setting the clock, enter the current time in Coordinated Universal Time (UTC). The system uses only UTC for keeping and displaying the time and date.

Example

This command sets the date and time:
clock set 13:32:00 apr 22 2000
Tue Dec 11 16:00:00 UTC 2001
Related Commands

ntp server

show clock

df

To display the disk usage, enter the df command.

df
Command Syntax

This command has no arguments or keywords.

Example

This command displays system disk usage:
df
erase config

To erase the configuration in Flash memory and reload the device, use the erase config command:

erase config
Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use this command to erase the configuration in Flash memory and reload the device.

When you enter the command, you are prompted for confirmation. Enter yes to confirm, or press Enter to accept the default response no.

Caution When you confirm this command, the system configuration is erased and the system reboots automatically. The system will not operate until you reconfigure it.

When the system reboots, you must reconfigure it with the setup program. For information about using the setup program, refer to Configuring the SIMS Engine, page 3-12.

Note When the system erases the configuration, it is disconnected from the network because the network interface configuration is erased. To continue working on the system you must use the system console.

Example

This command erases the system configuration:
erase config
This will erase your configuration, return device t
o factory defaults, and reload the device 
Do you want to continue?[no]:yes
firewall

To implement port filtering on the SIMS Engine, use the firewall command:

firewall interface [public | private] | [icmp telnet ssh snmp https]
Syntax Description

interface Port to be configured. Acceptable values are eth0-5.

public Denies access via ICMP, Telnet, SNMP, and the HTTP port.

private Denies no access.

icmp Denies Internet Control Message Protocol (ICMP) ping messages.

telnet Denies incoming Telnet connections.

ssh Denies incoming SSH connections.

snmp Denies incoming SNMP requests.

tftp Ignores connections to the TFTP host.

REPOSITORY Ignores connections to port 9851.

Usage Guidelines

Use the firewall command to implement port filtering on the SIMS Engine. To configure an Ethernet port for secured public access, use the public option. To configure an Ethernet port for local access, via a LAN or VLAN, use the private option. To disable icmp, telnet, ssh, snmp, https, use its corresponding option.

Example

The following is an example of a secure Ethernet port configuration:

•The Ethernet 1 port is connected to an internal LAN or VLAN, and is configured to be accessible via any of the supported protocols by entering the following command:
firewall eth1 private 
An on-site user has full access to the SIMS Engine, but an external user can only access it using a secure connection.

gethostbyname

Use the gethostbyname command to display the IP address of a known domain name:

gethostbyname host
Syntax Description

host Domain name of host.

Example

This command displays the IP address of example.com
gethostbyname example.com
209.165.200.224
hostname

To change the system hostname, use the hostname command:

hostname ? | name
Syntax Description

name New hostname for the SIMS Engine; the name is case sensitive and may be from 1 to 22 alphanumeric characters.

Example

The following example changes the hostname to sandbox:
hostname sandbox
import

To allow the SIMS Engine to function without s DNS server, use the import command:

import | {host hostname ipaddress} | {hosts ftp-host username password path}
no import {host hostname ipaddress} | {hosts}
Syntax Description

host Maps IP address to a hostname.

ipaddress IP address to map Hostname to.

hostname Hostname to map IP address to.

hosts Imports host files from FTP-accessible host.

password Password used to access FTP-accessible host.

path Path to FTP-accessible host.

ftp-host IP address of FTP-accessible host.

username Username used to access FTP-accessible host.

Usage Guidelines

To map a single hostname to an IP address, enter the import command as follows:

import host hostname ipaddress

To import host files from an external, ftp-accessible server, enter the import command as follows:

import hosts ftp-host username password path

To remove an individual IP address from a host file, use the no version of the import command as follows:

no import host hostname ipaddress

To remove an imported host file, use the no version of the import command as follows:

no import hosts

Example

This command imports host files from the ftp-accessible server ftpserver_1. Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts.
import hosts ftpserver_1 admin pass /ftpserver_1/hosts
This command deletes the hosts imported in the example above:
no import hosts
install

To enter the install mode for applying software updates and images, use the install command:

install
Syntax Description

This command has no arguments or keywords.

Example

This command enters the install mode:
install
install configure

To define the repository that the SIMS Engine uses to install software updates and images, use the install configure command.

install configure {URL URL Value | default | save}
Syntax Description

URL Sets the URL of the repository.

URL Value The URL of the repository. The URL should take the form of http://host:port/path.

default Configure the SIMS Engine to be its own repository. The URL is http://localhost:9851.

save Saves the current configuration in the install.ini file.

Usage Guidelines

The install configure command defines the repository that the SIMS Engine uses. A repository is a remote of local server from which a system can download software updates and images. Only HTTP is supported.

Example

The following command configures the SIMS Engine to use http://209.165.200.224, with port 9851, as a repository:
install configure URL http://209.165.200.224:9851
Related Commands

install update

install list

install update

To install a software update or image, use the install update command.

install update package name
Syntax Description

package Name Name of the software update or image to be installed. To see the names of software updates and images available for installation, use the install list command.

Example

The following command installs the update EX-2.0:
install update EX-2.0
Related Commands

install configure

install list

install list

To list software updates and images currently available on the configured repository, use the install list command.

install list [all | full | page | updates]
Syntax Description

all Displays all software updates and images on a configured repository. This command displays the name, version, requirements, type, and a summary of the software.

full Displays only the complete images on a configured repository. This command displays the name, version, requirements, type, and a summary of the software.

page Displays only the names of all software updates and images on a configured repository. All other information is omitted.

updates Displays only the updates on a configured repository. This command displays the name, version, requirements, type, and a summary of the update.

Usage Guidelines

The install list command displays software updates and images currently available on a repository. A repository is a remote of local server from which a system can receive software.

Example

Enter the following command to display a list of all available software updates and images on a configured repository:
install list all
Name 	Version 	Requires 	Type 	Summary
EX-1.02 	1.02 	HSE-1.0 	UPDATE 	Hosting Solution...
EX-1.1aR 	1.1aR 	HSE-1.1 	UPDATE 	Hosting Solution...
EX-1.1a 	1.1a 	HSE-1.1 	UPDATE 	Hosting Solution...
EX-1.0a 	1.0a 	HSE-1.0 	UPDATE 	Hosting Solution...
EX-1.0aR 	1.0aR 	HSE-1.0 	UPDATE 	Hosting Solution...
EX-1.0-ROB	1.0 	HSE-1.0 	COMPLETE 	Hosting Solution...
EX-1.0 	1.0 	HSE-1.0 	COMPLETE 	Hosting Solution...
Related Topics

install configure

install update

interface

To configure an Ethernet interface, use the interface command:

interface eth<0-5> {[up | down] | ipaddress netmask [default-gateway address] [up | down]}
Syntax Description

eth<0-5> Name of the interface port to be configured. Acceptable values are eth0-5.

up Enables the interface (the default).

If you include the ipaddress parameter and want to enable the interface in the same command, either enter the up parameter after ipaddress and its required parameters, or do not specify the up or down parameters (up is the default).

down Disables the interface.

If you include the ipaddress parameter and want to disable the interface in the same command, enter the down parameter after ipaddress and its required parameters.

ipaddress The IP address of the interface.

netmask The netmask of the interface IP address.

default-gateway Changes the IP address of the default gateway that connects the SIMS Engine to the network.

address The gateway IP address.

Default

When you enter the interface command, the interface that you specify is enabled by default. If you want to disable an enabled interface or leave a disabled interface disabled, you must specify the down option.

Usage Guidelines

Use the interface command to configure an Ethernet interface.

If you change the IP address or hostname, follow these steps to ensure that applications using the system can connect to it correctly:

Step 1 Stop and restart management services by entering:
services stop
services start
Step 2 Verify that management applications that use the system can still connect to it.

Step 3 Reconnect any applications that cannot connect to it using the system's new IP address or hostname.

Example

This command disables the Ethernet 1 interface:
interface eth1 down
This command sets the Ethernet 1IP address, netmask, and gateway IP address:
interface eth0 209.165.200.224 255.255.255.224 default-gateway 
209.165.201.31 up
ip domain-name

To define a default domain name, use the ip domain-name command. To remove the default domain name, use the no form of the command:

ip domain-name name
no ip domain-name name
Syntax Description

name Domain name (e.g. cisco.com).

Usage Guidelines

Use this command to define a default domain name.

A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured NS server, this appended name is resolved by the DNS server, and then added to the host table.

Example

This command defines the default domain name cisco.com:
ip domain-name cisco.com
This command removes the default domain name:
no ip domain-name
Related Command

ip name-server

ip name-server

To specify the address of up to three name servers for name and address resolution, use the ip name-server command. To disable a name server, use the no form of the command:

ip name-server ip-address
no ip name-server ip-address
Syntax Description

ip-address Name server IP address (maximum of 3).

Usage Guidelines

Use the ip name-server command to point the system to a specific DNS server. You may configure up to three servers.

If you attempt to configure a fourth name server, the following error message appears:
# Name-server table is full.
The system must have a functional DNS server configured to function correctly.If it does not, in most cases it will not correctly process requests from management applications that it uses. If the system cannot obtain DNS services from the network, Telnet connections to the system will fail or Telnet interaction with the system will become extremely slow.

Example

This command assigns a name server for the system to use for DNS name to address resolution:
ip name-server 209.165.200.224
This command disables the name server; the system will not use it for name to address resolution:
no ip name-server 209.165.200.224
Related Command

ip domain-name

listbackup

Use the listbackup command to list all current backups at the configured site:

listbackup
Syntax Description

This command has no arguments or keywords.

Example

The following command lists all current backups at the configured site:
listbackup
ex1_06042001_170640: Hostname: ex1 Date: 06042001  time: 1700
ex1_06052001_124543: Hostname: ex1 Date: 06052001  time: 1243
ex1_06052001_155148: Hostname: ex1 Date: 06052001  time: 1558
ex1_06202001_145704: Hostname: ex1 Date: 06202001  time: 1454
Related Commands

backup

backupconfig

restore

mail

To debug and test email settings, use the mail command.

mail [to user@host [debug]]
Usage Guidelines

Entering the mail command with no arguments will allow you to read email. Entering the mail command with the arguments listed will allow you to send email.

Syntax Description

to Sends email to the expressed recipient.

user@host Recipient of the email.

debug Debugs any email problems.

Example

The following command sends an email message:
mail to johndoe@example.com
mailcntrl clear

To delete the maillog, sendqueue, or userqueue, use the mailcntrl clear command.

mailcntrl clear {log | sendqueue | userqueue}
Syntax Description

log Clears the Cisco SIMS Engine email log.

sendqueue Clears the Cisco SIMS Engine sendqueue.

userqueue Clears the Cisco SIMS Engine userqueue.

Example

The following command clears the Cisco SIMS Engine email log.
mailcntrl clear log
Related Commands

mailcntrl list

mailcntrl list

To list the size of the userlog, userqueue, or the sendqueue, use the mailcntrl list command.

mailcntrl list {logsize | sendqueuesize | userqueuesize}
Syntax Description

logsize Size of the mail log.

sendqueuesize Size of the sendqueue.

userqueuesize Size of the userqueue.

Example

The following command displays the size of the Cisco SIMS Engine email log.
mailcntrl list logsize
Mail log files total size: 4.0k
Related Commands

mailcntrl clear

mailroute

To forward email to a specified SMTP server, use the mailroute command to specify the server. If no server is specified, the Cisco SIMS Engine will use DNS to resolve the correct email server in your local domain. To stop forwarding mail to the SMTP server, use the mailroute command followed by a blank space.

mailroute {hostname | ip-address}
Syntax Description

hostname Host name of an email server.

ip-address IP address of an email server.

Example

The following command forwards email to a server with the hostname mailserver:
mailroute mailserver 
nfadmin

To start the nFAdmin tool, use the nfadmin command.

nfadmin
Syntax Description

This command has no arguments or keywords.

Example

This command starts the nFAdmin tool:
nfadmin
nslookup

To translate a DNS name to its IP address or an IP address to its DNS name, use the nslookup command:

nslookup {dns-name | ip-address}
Syntax Description

dns-name DNS name of a host on the network.

ip-address IP address of a host on the network.

Example

The following command translates the DNS name hostname to its IP address:
nslookup hostname
Server: dns.ex1.com
Address: 209.165.200.224
Name:    ex1.com
Address: 209.165.201.0
ntp server

To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the ntp server command. To disable this function, use the no form of this command:

ntp server ip-address
no ntp server ip-address
Syntax Description

ip-address IP address of the NTP time server providing clock synchronization.

Usage Guidelines

Use the ntp server command to synchronize the system clock with the specified NTP server. If you configure multiple NTP servers, the system will synchronize with the first working NTP server it finds. There is no limit to the number of NTP servers that you can configure.

The ntp server command validates the NTP server that you specify. The possible results are:

•If the server is a valid NTP server, a message similar to the following appears:
19 Jan 00:43:48 ntpdate[1437]: step time server 10.10.10.10 offset 
999.257304
•If no NTP server with the name or IP address you specified exists, a message similar to the following appears:
19 Jan 00:43:40 ntpdate[1431]: no server suitable for 
synchronization found
In this case, remove the NTP server by using the no form of the command, then configure a valid NTP server.

•If the system time is set to a time later than the time on the NTP server, a message similar to the following appears:
19 Jan 00:43:58 ntpdate[1265]: Can't adjust the time of day: 
Invalid argument.
In this case, the ntp server command is entered into the system configuration, but NTP will not function. Follow these steps to remove the command and configure NTP correctly:

Step 1 Remove the ntp server command from the configuration by entering the no form of the command. For example:
no ntp server ip-address
where ip-address is the IP address of the NTP server.

Step 2 Set the system clock to a time that is behind the time on the NTP server using the clock set command.

Step 3 Enter the ntp server command again to configure the NTP server on the system. For example:
ntp server ip-address
Example

This command configures the system to use an NTP server:
ntp server 209.165.201.0 
This command configures the system to stop using the NTP server:
no ntp server 209.165.201.0 
Related Command

clock

reload

To reboot the system, use the reload command:

reload
Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the reload command to reboot the system.

You are prompted to verify the reload. Enter yes to confirm or no to cancel the reload.

Caution All processes running on the system stop when you run the reload command. The system will not respond to requests from applications while it is reloading.

Example

This command reboots the system:
reload
Related Command

shutdown

repository

To configure the SIMS Engine to be a repository server, use the repository command.

repository source URL
Syntax Description

source Sets the location from where the local repository downloads software updates and images.

URL The IP address of an external server containing software updates and images.

Usage Guidelines

The repository command allows the SIMS Engine to be a repository both for itself and for external systems. A repository is a remote or local server from where a system can receive software updates and images.

The repository command only configures the SIMS Engine to be a repository. To configure the SIMS Engine to install software updates and images from this repository, use the install configure command.

Example

To configure the SIMS Engine to be a repository, and to download software updates and images from http:// 209.165.200.224, enter the following command:
repository source http://209.165.200.224
Related Commands

repository server

repository delete

repository add

repository server

To start, stop, or view the status of the SIMS Engine's local repository, use the repository server command.

repository server [stop | start | status]
Syntax Description

stop Stops the local repository.

start Starts the local repository.

status Displays the status of the local repository.

Usage Guidelines

The repository server command starts, stops, or displays the status of the SIMS Engine's local repository. A repository is a remote or local server from where a system can receive software updates and images.

Example

The following command stops the local repository:
repository server stop
Related Commands

repository

repository delete

repository add

repository delete

To delete software updates and images on the SIMS Engine's local repository, use the repository delete command.

repository delete [package | all]
Syntax Description

all Deletes all software updates and images in the local repository.

package Name of the software update or image to be deleted.

Usage Guidelines

The repository delete command deletes software updates and images on the SIMS Engine's local repository. A repository is a remote or local server from where a system can receive software updates and images.

Example

The following command deletes the update EX_2.0 from the local repository:
repository delete EX_2.0
Related Commands

repository

repository server

repository add

repository list

To list software updates and images on the configured local or remote repository, use the repository list command.

repository list {local | remote} [detail] [page]
Syntax Description

local Lists software updates and packages on the local repository.

remote Lists software updates and packages on a remote repository.

detail Includes details of the software updates and images displayed.

page Displays the software updates and packages on page at a time.

Example

To list the software updates and images available on the configured local repository, with details and one page at a time, enter the following command:

repository list local detail page

repository add

To transfer software updates and images from a remote server to the SIMS Engine's local repository, use the repository add command.

repository add package
Syntax Description

package Name of the software update or image to be transferred.

Usage Guidelines

The repository add command transfers software updates and images from a remote server to the SIMS Engine's local repository. You will be prompted to enter a username and password if they are needed to access the remote server. A repository is a remote or local server from where a system can receive software updates and images.

Example

To transfer the update EX_2.0 from an update server to the local repository, enter the following command:
repository add ex_2.0
Related Commands

repository

repository server

repository delete

restore

Use the restore command to restore a backed up configuration of the SIMS Engine.

restore restore name
Syntax Description

restore name Name of backup to be used to restore the SIMS Engine.

Usage Guidelines

To restore a configuration, use the restore command. If you use the restore command, the current configuration will be erased.

Example

The following command will restore a backed up configuration:
restore backup1
Related Commands

backup

backupconfig

listbackup

rootenable

To enable a root login, use the rootenable command. You are prompted to enter a password for the su command. You can use this password with the su command to login to the system as the root user.

rootenable
Syntax Description

This command has no arguments or keywords.

Example

This command enables a root login:
rootenable
Related Commands

su

route

To add a route through a gateway device, use the route command. To delete a route, use the no version of the command.

route {network address} netmask {network netmask} gateway {gateway address}
no route {network address} netmask {network netmask}
Syntax Description

netmask Sets value of the network netmask.

gateway Sets the IP address of the router or gateway.

network address IP address of the network.

network netmask Value of the network netmask.

gateway address IP address of router or gateway.

Example

The following command adds a route:
route 209.165.201.0 netmask 255.255.255.224 gateway 209.165.200.224
The following command deletes the above route:
no route 209.165.201.0 netmask 255.255.255.224
show config

To display the system configuration, use the show config command:

show config
Syntax Description

This command has no arguments or keywords.

Example

This command displays the system configuration:
show config
hostname ex1
interface ethernet0 209.165.201.0 255.255.255.224 default-gateway 
209.165.202.128
interface ethernet1 down
interface ethernet2 down
interface ethernet3 down
interface ethernet4 down
interface ethernet5 down
ip domain-name embu-doc
ip name-server 209.165.202.158
username admin epassword ************* privilege 15
show install logs

To display the software updates and images available on the configured repository, use the show install logs command.

show install logs [short | long] [page]
Syntax Description

short Displays only the names of software updates and images on the configured repository

long Displays the names and descriptions of software updates and images on the configured repository.

page Displays command output one screen at a time.

Example

The following command displays the software updates and images available on the configured browser, one screen at a time:
show install updates page
show syslog

To display syslog information, use the show syslog command:

show syslog [page] [include matchstring1 [matchstring2]]
Syntax Description

page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include Filters the command output to display only the records that contain the specified string of characters.

matchstring1 String of characters to search for in the command output.

matchstring2 (Optional) Another string of characters to search for in the command output.

Usage Guidelines

Use this command to display syslog information.

To filter the command output to include only the records that contain the specified string(s) of characters, use the include option with one or two character strings to search for. If you include two strings, the command outputs only those records that contain both character strings.

Example

This command displays syslog information:
show syslog
Jun 20 16:04:23 embu-doc-sims syslogd 1.3-3: restart.
Jun 20 16:04:23 embu-doc-sims syslog: syslogd startup succeeded
Jun 20 16:04:23 embu-doc-sims kernel: klogd 1.3-3, log source = 
/proc/kmsg start.
Jun 20 16:04:23 embu-doc-sims kernel: Inspecting 
/boot/System.map-2.2.16-13bipse2
Jun 20 16:04:23 embu-doc-sims syslog: klogd startup succeeded
-----------more-----------
Related Command

interface

shutdown

To shut down the system in preparation for powering it off, use the shutdown command:

shutdown
Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use this command to shut down the SIMS Engine in preparation for powering it off. All processes running on the SIMS Engine will stop, and it will not respond until you power it off and back on.

You are prompted to verify the shutdown. Enter yes to continue, or no to cancel the shutdown.

Caution Never power the system off without running the shutdown command first. Doing so can destroy data and prevent the system from booting.

Example

This command shuts down the system:
shutdown
Related Command

reload

snmp-server

To configure an simple network management protocol (SNMP) agent, use the snmp-server command:

snmp-server {community community-name [RO | RW] | location sysLocation-info | contact sysContact-info}
no snmp-server {community community-name | location | contact}
Syntax Description

community sets the community strings that permit access to the SNMP.

community-name the community name string.

RO read only.

RW read / write.

location sets the system location string.

sysLocation-info the location string.

contact sets the contact string.

sysContact-info the contact string.

Usage Guidelines

Use the command snmp-server to configure the snmp agent:

Example

This command sets an SNMP contact string:
snmp-server contact Dial System Operator at Beeper # 27345
ssh-version

Use the ssh-version command to enable Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.

ssh-version {ssh1 | ssh2 | both}
Syntax Description

ssh1 Enables SSH 1

ssh2 Enables SSH 2

both Enables both SSH 1 and SSH2

Example

This command enables ssh1
ssh-version ssh1
su

To login to the system as the root user, enter the su command. You are prompted to enter the password that you created by entering the rootenable command.

su [-]
Syntax Description

- Creates a new login shell for the root session.

Example

This command logs you into the system as the root user:
su -
Related Commands

rootenable

telnet

To Telnet to an external host, use the telnet command.

telnet {hostname | ip-address} [portnumber]
Syntax Description

hostname Hostname of the external device.

ip-address IP address of the external device.

portnumber portnumber of the external device.

Example

Enter the following command to telnet to port 9851 of a system with the IP address 209.165.200.224:
telnet 209.165.200.224 9851
telnetenable

To configure Telnet access, use the telnetenable command:

telnetenable {enable [ip-address | domain] | disable | status}
Syntax Description

enable Enables Telnet access to the system.

disable Disables Telnet access to the system.

status Displays current access status.

ip-address IP address of systems allowed Telnet access. If this argument is used, no other machines will be allowed access. Multiple IP address are allowed.

domain Domain of systems allowed Telnet access. If this argument is used, machines with domains other than the specified domain will be denied Telnet access. Multiple domains are allowed.

Default

The default is disable.

Usage Guidelines

To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable specific IP addresses, use the telnetenable enable command followed by the IP addresses.

Example

This command enables telnet for all IP source addresses:
telnetenable enable
username

To create a new user account or change an account's properties, use the username command. Use the no form of the command to remove a user account:

username name password password [privilege {0 | 15}]
no username name
Syntax Description

name Name of the user account to create or remove.

password Specifies a password for the account.

password The password for the account.

privilege (Optional) Specifies the account privilege level.

0 Gives the account level 0 privileges. This is the default.

15 Gives the account level 15 privileges.

Usage Guidelines

Use the username command to change the properties of a user account. To assign a user CLI privilege lever 15, use the username command. You cannot assign CLI privilege level 15 through the Web interface. Use the no form of the command to remove a user account. The default privilege level is 0 if you do not provide a privilege option.

Example

This command creates a user account named user1 with password password1 and privilege level 15:
username user1 password password1 privilege 15
This command removes the user account:
no username user1
Maintenance Image Commands

This section describes the commands that are available when the system is booted from the maintenance image.

erase config

This command is identical to the level 15 erase config command.

fsck

To check and repair the filesystem, use the fsck command.

fsck
Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the fsck command to check and repair the filesystem. The command might prompt you for confirmation before making certain repairs.

Example

The following command checks and repairs the filesystem:
fsck
reload

This command is identical to the level 15 reload command.

Related Topics

•Checking Command Syntax

•System Help

•Command Description Conventions

•Privilege Level 0 Commands

•Privilege Level 15 Commands

	CiscoWorks 1160 Security Information Management Solution Engine 3.1 Installation and Configuration Guide
	Command Reference
CiscoWorks 1160 Security Information Management Solution Engine 3.1 Installation and Configuration Guide Supplemental License Agreement Cisco 90-Day Limited Hardware Warranty Terms Preface Product Overview Preparing for Installation Installing and Configuring the Security Information Management Solution Engine Administering the Security Information Management Solution Engine Troubleshooting Technical Specifications Command Reference	Download this chapter Command Reference Table Of Contents Command Reference CLI Conventions Command Privileges Checking Command Syntax Command History Feature System Help Command Description Conventions Privilege Level 0 Commands Privilege Level 15 Commands Maintenance Image Commands Command Reference The Security Information Management Solution Engine (SIMS Engine) provides a command-line interface (CLI). Topics include: •CLI Conventions •Command Privileges •Checking Command Syntax •Command History Feature •System Help •Command Description Conventions •Privilege Level 0 Commands •Privilege Level 15 Commands •Maintenance Image Commands CLI Conventions The command-line interface (CLI) uses the following conventions: •The key combination ^c or Ctrl-c means hold down the Ctrl key while you press the c key. •A string is defined as a nonquoted set of characters. Do not confuse the SIMS Engine's CLI with the IOS CLI. Though they are similar, they are not identical. Command Privileges Access to CLI commands is controlled by your user account privilege level. Users with privilege level 15 can use all commands. Users with privilege level 0 can use only a subset of the commands. The command descriptions in this section are organized by privilege level. Checking Command Syntax The user interface provides several types of responses to incorrect command entries: •If you enter a command line that does not contain any valid commands, the system displays Command not found. •If you enter a valid command but omit required options, the system displays Incomplete command. •If you enter a valid command but provide invalid options or parameters, the system displays Invalid input. •In addition, some commands have command-specific error messages that notify you that a command is valid, but that it cannot run correctly. Related Topics •System Help •Command Description Conventions •Privilege Level 0 Commands •Privilege Level 15 Commands •Maintenance Image Commands Command History Feature The CLI provides a command history feature. To display previously entered commands, press the up arrow key. After pressing the up arrow key, you can press the down arrow key to display the commands in reverse order. To run a command, press the Enter key while the command is displayed on the command line. You can also edit commands before pressing the Enter key. System Help You can obtain help using the following methods: •For a list of all commands and their syntax, enter help, then press Enter. •For help about a specific command, type the command name, a space, and a question mark, then press Enter, for example, ntp ?. The help contains command usage information and syntax. Related Topics •Checking Command Syntax •Command Description Conventions •Privilege Level 0 Commands •Privilege Level 15 Commands •Maintenance Image Commands Command Description Conventions Command descriptions in this document and in the CLI help system use the following conventions: •Vertical bars (\|) separate alternative, mutually exclusive elements. •Square brackets ([ ]) indicate optional elements. •Braces ({ }) indicate a required choice. •Braces within square brackets ([{ }]) indicate a required choice within an optional element. •Boldface indicates commands and keywords that are entered literally as shown. •Italics indicate arguments for which you supply values. Related Topics •Checking Command Syntax •System Help •Privilege Level 0 Commands •Privilege Level 15 Commands •Maintenance Image Commands Privilege Level 0 Commands This section describes the commands that have privilege level of 0. exit To log out of the system, use the exit command: exit Syntax Description This command has no arguments or keywords. Example The following command logs you out of the system: exit help To display online help for the command-line interface, use the help command: help Syntax Description This command has no arguments or keywords. Usage Guidelines Use the help command to display online help for the command-line interface. A list of the CLI commands and their syntax is displayed. Example The following command displays online help for the command-line interface: help ping To send ICMP echo_request packets for diagnosing basic network connectivity, use the ping command: ping ? \| [-c count] [-i wait] [-s packetsize] [-n] {hostname \| ip-address} Syntax Description c Sets the number of echo packets to send. count Number of echo packets to send. i Sets the amount of time to wait between sending each packet. wait Amount of time to wait between sending each packet, in seconds. The default is 1. s Sets the size of each echo packet. packetsize The size of each echo packet, in bytes. The default is 56. hostname Host name of system to ping. ip-address IP address of system to ping. n disables reverse DNS lookup. Usage Guidelines To use this command with the hostname argument, DNS must be configured on the system. To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-c. Example This command sends 4 echo packets to the host otherhost with a wait time of 5 seconds between each packet: ping -c 4 -i 5 209.165.200.224 PING 209.165.200.224 (209.165.200.224) from 209.165.201.0 : 56(84) bytes of data. 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=0 ttl=246 time=16.3 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=1 ttl=246 time=2.0 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=2 ttl=246 time=2.1 ms 64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=3 ttl=246 time=2.1 ms show clock To display the system date and time in Coordinated Universal Time (UTC), use the show clock command: show clock Syntax Description This command has no arguments or keywords. Example This command displays the system date and time: show clock 12:43:47 Jun 20 2001 Related Commands clock ntp server show domain-name To display the system domain name, use the show domain-name command: show domain-name Syntax Description This command has no arguments or keywords. Example This command displays the system domain name: show domain-name cisco.com show interfaces To display information about the system network interface, use the show interfaces command: show interfaces Syntax Description This command has no arguments or keywords. Example This command displays information about system network interfaces: show interfaces eth0 Link encap:Ethernet HWaddr 00:02:B3:35:FD:CC inet addr:172.20.98.119 Bcast:172.20.98.127 Mask:255.255.255.192 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:80309 errors:0 dropped:0 overruns:0 frame:0 TX packets:22451 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 Interrupt:5 Base address:0xef00 Memory:d0c7e000-d0c7ec40 Related Command interface show process To display information about processes running on the system, use the show process command: show process [page] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. Example This command displays information about processes running on the system: show process page PID PPID ELAPSED SZ STARTED TTY COMMAND 1 0 4-20:04:35 277 Fri Jun 15 16:54:03 2001 ? init 2 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kflushd 3 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kupdate 4 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kpiod 5 1 4-20:04:35 0 Fri Jun 15 16:54:03 2001 ? kswapd 6 1 4-20:04:28 0 Fri Jun 15 16:54:10 2001 ? kreiserfsd 81 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 82 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 83 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 84 1 4-20:04:25 0 Fri Jun 15 16:54:13 2001 ? kreiserfsd 85 1 4-20:04:24 0 Fri Jun 15 16:54:14 2001 ? kreiserfsd 199 1 4-20:04:23 290 Fri Jun 15 16:54:15 2001 ? watchdog 213 1 4-20:04:23 342 Fri Jun 15 16:54:15 2001 ? idled 402 1 4-20:04:17 290 Fri Jun 15 16:54:21 2001 ? syslogd 411 1 4-20:04:17 360 Fri Jun 15 16:54:21 2001 ? klogd 517 1 4-20:04:15 327 Fri Jun 15 16:54:23 2001 ? crond 531 1 4-20:04:15 286 Fri Jun 15 16:54:23 2001 ? inetd 540 1 4-20:04:14 585 Fri Jun 15 16:54:24 2001 ? sshd 585 1 4-20:04:09 842 Fri Jun 15 16:54:29 2001 ? dmgtd.lnx -----------more----------- show version To display information about the current software on the system, use the show version command: show version Syntax Description This command has no arguments or keywords. Example This command displays the current software on the system: show version (C) Copyright 2003 by Cisco Systems Inc. NetForensics Release 3.1nfapp Wed Jun 11 23:43:20 UTC 2003 Build Version (44) Wed May 14 23:43:18 UTC 2003 Uptime: 0 days 0 hours 15 mins Linux version 2.4.18-18.7.xsmp (root@app20.cisco.com) (gcc version 2.96 20000731 (Red Hat Linux 7.3 2.96-113)) #1 SMP Tue Jan 7 13:45:20 PST 2003 traceroute To display the network route to a specified host and identify faulty gateways, use the traceroute command: traceroute ? \| [-f first_ttl] [-m max_ttl] [-w waittime] host [packetlength] Syntax Description -f (Optional) Sets the time-to-live used in the first outgoing probe packet. first_ttl Time-to-live value of the first outgoing probe packet. The default is 1 hop. -m (Optional) Sets the maximum time-to-live (maximum number of hops) used in outgoing probe packets. max_ttl Maximum time-to-live for outgoing probe packets. The default is 30 hops. -w (Optional) Sets the time to wait for a response to a probe, in seconds. waittime Time to wait for a response to a probe, in seconds. The default is 5. host Name or IP address of host to which to connect. packetlength (Optional) The length of the packet to send, in bytes. The default and minimum value is 40. Usage Guidelines Use the traceroute command to trace the network route to a specified host and identify faulty gateways. The command displays a list of the hosts that receive probe packets as they travel to the destination host, in the order that the receiving hosts receive the packets. Asterisks () appear as the list entry for hosts that do not respond to probing correctly. Example This command displays the network route to the host otherhost with a packet time-to-live value of 2, a wait time of 5 seconds, and 50-byte packets: traceroute -m 20 -w 10 cisco.com 50* traceroute to example.com (209.165.200.224), 20 hops max, 50 byte packets 1 ex1.com (209.165.200.225) 0.981 ms 0.919 ms 0.926 ms 2 ex2.com (209.165.200.254) 1.528 ms 0.747 ms 0.661 ms 3 ex3.com (209.165.200.255) 0.887 ms 0.770 ms 0.744 ms 4 ex4.com (209.165.201.0) 0.932 ms 0.789 ms 0.679 ms 5 ex5.com (209.165.201.1) 1.066 ms 1.052 ms 0.983 ms 6 ex6.com (209.165.201.30) 1.472 ms 1.247 ms 1.847 ms 7 ex7.com(209.165.201.31) 1.738 ms 1.424 ms 1.658 ms 8 ex8.com (209.165.202.128) 3.728 ms 2.429 ms 2.804 ms 9 ex9.com (209.165.202.129) 6.283 ms 5.499 ms 3.285 ms 10 ex10.com (209.165.202.158) 9.926 ms 73.463 ms 3.895 ms 11 ex11.com (209.165.202.159) 70.967 ms * 47.106 ms Related Command ping Related Topics •Checking Command Syntax •System Help •Command Description Conventions •Privilege Level 15 Commands •Maintenance Image Commands Privilege Level 15 Commands This section describes the privilege level 15 commands. Only users with privilege level 15 can run them. backup Use the backup command to backup the SIMS Engine: backup [test] Syntax Description test Tests the configured backup hostname, username, password, and directory. Usage Guidelines To backup the SIMS Engine, use the backup command. To configure the backup location, use the backupconfig command. Example The following command backs up the SIMS Engine: backup Related Commands backupconfig listbackup restore backupconfig backupconfig Use the backupconfig command to set the configuration for all backup and restore operations. To clear the backup and restore configuration information, use the no backupconfig command: backupconfig {hostname} {username} {password} [directory] no backupconfig Syntax Description hostname IP address of the host system. username Username of host system. password Password of the host system. directory Path to specific backup directory, if different from user's default directory. Usage guidelines To set the configuration for all backup and restore operations, use the backup command. Example The following command will configure the backup and restore operations to backup to and restore from host 10.11.12.13, set the username to user1, and set the password to pass: backupconfig 209.165.200.224 user1 pass The following command clears all backup and restore configuration information: no backupconfig Related Commands backup listbackup restore cdp Use the cdp command to configure the Cisco Discovery Protocol: cdp {run interface \| timer seconds \| holdtime seconds} no cdp {run \| timer \| holdtime} Syntax Description run Start CDP interface Ethernet port on which CDP will be enabled. Acceptable values are eth0-5. timer Set CDP packets retransmission time. holdtime Set CDP packet info hold time. seconds Amount of time, in seconds, that the system takes to either transmit the CDP packet information or to hold another system's CDP packet information. Usage Guidelines Cisco Discovery Protocol (CDP) is a protocol by which one Cisco device can recognize, and be recognized by, another Cisco system. The run command starts the system sending out signals to the other systems. The timer command sets the amount of time, in seconds, that these signals are sent. The holdtime sets the amount of time a system will recognize another system without receiving a signal. For example, if your system's holdtime is set to 30 seconds, and another system that has already been recognized by yours does not send a signal within that 30 seconds, your system will cease to recognize it. If you are using the no cdp command, the timer and holdtime commands set their respective values to the default value. Example This command sets the cdp packet's retransmission time at 10 seconds. cdp timer 10 This command sets the cdp packet's retransmission to its default time. no cdp timer clear To clear the current shell state, enter the clear command. clear clock To set the system date and time, use the clock command: clock {? \| set hh:mm:ss month day year} Syntax Description set Sets the system clock. hh:mm:ss Current time (for example, 13:32:00). month Current month. You can enter full month names or abbreviations that include at least the first 3 characters of the month name (for example, jan, feb, mar). day Day of the month (for example, 1 to 31). year Current year (for example, 2000). Usage Guidelines To set the date and time, use the set option. If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command. When setting the clock, enter the current time in Coordinated Universal Time (UTC). The system uses only UTC for keeping and displaying the time and date. Example This command sets the date and time: clock set 13:32:00 apr 22 2000 Tue Dec 11 16:00:00 UTC 2001 Related Commands ntp server show clock df To display the disk usage, enter the df command. df Command Syntax This command has no arguments or keywords. Example This command displays system disk usage: df erase config To erase the configuration in Flash memory and reload the device, use the erase config command: erase config Syntax Description This command has no arguments or keywords. Usage Guidelines Use this command to erase the configuration in Flash memory and reload the device. When you enter the command, you are prompted for confirmation. Enter yes to confirm, or press Enter to accept the default response no. Caution When you confirm this command, the system configuration is erased and the system reboots automatically. The system will not operate until you reconfigure it. When the system reboots, you must reconfigure it with the setup program. For information about using the setup program, refer to Configuring the SIMS Engine, page 3-12. Note When the system erases the configuration, it is disconnected from the network because the network interface configuration is erased. To continue working on the system you must use the system console. Example This command erases the system configuration: erase config This will erase your configuration, return device t o factory defaults, and reload the device Do you want to continue?[no]:yes firewall To implement port filtering on the SIMS Engine, use the firewall command: firewall interface [public \| private] \| [icmp telnet ssh snmp https] Syntax Description interface Port to be configured. Acceptable values are eth0-5. public Denies access via ICMP, Telnet, SNMP, and the HTTP port. private Denies no access. icmp Denies Internet Control Message Protocol (ICMP) ping messages. telnet Denies incoming Telnet connections. ssh Denies incoming SSH connections. snmp Denies incoming SNMP requests. tftp Ignores connections to the TFTP host. REPOSITORY Ignores connections to port 9851. Usage Guidelines Use the firewall command to implement port filtering on the SIMS Engine. To configure an Ethernet port for secured public access, use the public option. To configure an Ethernet port for local access, via a LAN or VLAN, use the private option. To disable icmp, telnet, ssh, snmp, https, use its corresponding option. Example The following is an example of a secure Ethernet port configuration: •The Ethernet 1 port is connected to an internal LAN or VLAN, and is configured to be accessible via any of the supported protocols by entering the following command: firewall eth1 private An on-site user has full access to the SIMS Engine, but an external user can only access it using a secure connection. gethostbyname Use the gethostbyname command to display the IP address of a known domain name: gethostbyname host Syntax Description host Domain name of host. Example This command displays the IP address of example.com gethostbyname example.com 209.165.200.224 hostname To change the system hostname, use the hostname command: hostname ? \| name Syntax Description name New hostname for the SIMS Engine; the name is case sensitive and may be from 1 to 22 alphanumeric characters. Example The following example changes the hostname to sandbox: hostname sandbox import To allow the SIMS Engine to function without s DNS server, use the import command: import \| {host hostname ipaddress} \| {hosts ftp-host username password path} no import {host hostname ipaddress} \| {hosts} Syntax Description host Maps IP address to a hostname. ipaddress IP address to map Hostname to. hostname Hostname to map IP address to. hosts Imports host files from FTP-accessible host. password Password used to access FTP-accessible host. path Path to FTP-accessible host. ftp-host IP address of FTP-accessible host. username Username used to access FTP-accessible host. Usage Guidelines To map a single hostname to an IP address, enter the import command as follows: import host hostname ipaddress To import host files from an external, ftp-accessible server, enter the import command as follows: import hosts ftp-host username password path To remove an individual IP address from a host file, use the no version of the import command as follows: no import host hostname ipaddress To remove an imported host file, use the no version of the import command as follows: no import hosts Example This command imports host files from the ftp-accessible server ftpserver_1. Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts. import hosts ftpserver_1 admin pass /ftpserver_1/hosts This command deletes the hosts imported in the example above: no import hosts install To enter the install mode for applying software updates and images, use the install command: install Syntax Description This command has no arguments or keywords. Example This command enters the install mode: install install configure To define the repository that the SIMS Engine uses to install software updates and images, use the install configure command. install configure {URL URL Value \| default \| save} Syntax Description URL Sets the URL of the repository. URL Value The URL of the repository. The URL should take the form of http://host:port/path. default Configure the SIMS Engine to be its own repository. The URL is http://localhost:9851. save Saves the current configuration in the install.ini file. Usage Guidelines The install configure command defines the repository that the SIMS Engine uses. A repository is a remote of local server from which a system can download software updates and images. Only HTTP is supported. Example The following command configures the SIMS Engine to use http://209.165.200.224, with port 9851, as a repository: install configure URL http://209.165.200.224:9851 Related Commands install update install list install update To install a software update or image, use the install update command. install update package name Syntax Description package Name Name of the software update or image to be installed. To see the names of software updates and images available for installation, use the install list command. Example The following command installs the update EX-2.0: install update EX-2.0 Related Commands install configure install list install list To list software updates and images currently available on the configured repository, use the install list command. install list [all \| full \| page \| updates] Syntax Description all Displays all software updates and images on a configured repository. This command displays the name, version, requirements, type, and a summary of the software. full Displays only the complete images on a configured repository. This command displays the name, version, requirements, type, and a summary of the software. page Displays only the names of all software updates and images on a configured repository. All other information is omitted. updates Displays only the updates on a configured repository. This command displays the name, version, requirements, type, and a summary of the update. Usage Guidelines The install list command displays software updates and images currently available on a repository. A repository is a remote of local server from which a system can receive software. Example Enter the following command to display a list of all available software updates and images on a configured repository: install list all Name Version Requires Type Summary EX-1.02 1.02 HSE-1.0 UPDATE Hosting Solution... EX-1.1aR 1.1aR HSE-1.1 UPDATE Hosting Solution... EX-1.1a 1.1a HSE-1.1 UPDATE Hosting Solution... EX-1.0a 1.0a HSE-1.0 UPDATE Hosting Solution... EX-1.0aR 1.0aR HSE-1.0 UPDATE Hosting Solution... EX-1.0-ROB 1.0 HSE-1.0 COMPLETE Hosting Solution... EX-1.0 1.0 HSE-1.0 COMPLETE Hosting Solution... Related Topics install configure install update interface To configure an Ethernet interface, use the interface command: interface eth<0-5> {[up \| down] \| ipaddress netmask [default-gateway address] [up \| down]} Syntax Description eth<0-5> Name of the interface port to be configured. Acceptable values are eth0-5. up Enables the interface (the default). If you include the ipaddress parameter and want to enable the interface in the same command, either enter the up parameter after ipaddress and its required parameters, or do not specify the up or down parameters (up is the default). down Disables the interface. If you include the ipaddress parameter and want to disable the interface in the same command, enter the down parameter after ipaddress and its required parameters. ipaddress The IP address of the interface. netmask The netmask of the interface IP address. default-gateway Changes the IP address of the default gateway that connects the SIMS Engine to the network. address The gateway IP address. Default When you enter the interface command, the interface that you specify is enabled by default. If you want to disable an enabled interface or leave a disabled interface disabled, you must specify the down option. Usage Guidelines Use the interface command to configure an Ethernet interface. If you change the IP address or hostname, follow these steps to ensure that applications using the system can connect to it correctly: Step 1 Stop and restart management services by entering: services stop services start Step 2 Verify that management applications that use the system can still connect to it. Step 3 Reconnect any applications that cannot connect to it using the system's new IP address or hostname. Example This command disables the Ethernet 1 interface: interface eth1 down This command sets the Ethernet 1IP address, netmask, and gateway IP address: interface eth0 209.165.200.224 255.255.255.224 default-gateway 209.165.201.31 up ip domain-name To define a default domain name, use the ip domain-name command. To remove the default domain name, use the no form of the command: ip domain-name name no ip domain-name name Syntax Description name Domain name (e.g. cisco.com). Usage Guidelines Use this command to define a default domain name. A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured NS server, this appended name is resolved by the DNS server, and then added to the host table. Example This command defines the default domain name cisco.com: ip domain-name cisco.com This command removes the default domain name: no ip domain-name Related Command ip name-server ip name-server To specify the address of up to three name servers for name and address resolution, use the ip name-server command. To disable a name server, use the no form of the command: ip name-server ip-address no ip name-server ip-address Syntax Description ip-address Name server IP address (maximum of 3). Usage Guidelines Use the ip name-server command to point the system to a specific DNS server. You may configure up to three servers. If you attempt to configure a fourth name server, the following error message appears: # Name-server table is full. The system must have a functional DNS server configured to function correctly.If it does not, in most cases it will not correctly process requests from management applications that it uses. If the system cannot obtain DNS services from the network, Telnet connections to the system will fail or Telnet interaction with the system will become extremely slow. Example This command assigns a name server for the system to use for DNS name to address resolution: ip name-server 209.165.200.224 This command disables the name server; the system will not use it for name to address resolution: no ip name-server 209.165.200.224 Related Command ip domain-name listbackup Use the listbackup command to list all current backups at the configured site: listbackup Syntax Description This command has no arguments or keywords. Example The following command lists all current backups at the configured site: listbackup ex1_06042001_170640: Hostname: ex1 Date: 06042001 time: 1700 ex1_06052001_124543: Hostname: ex1 Date: 06052001 time: 1243 ex1_06052001_155148: Hostname: ex1 Date: 06052001 time: 1558 ex1_06202001_145704: Hostname: ex1 Date: 06202001 time: 1454 Related Commands backup backupconfig restore mail To debug and test email settings, use the mail command. mail [to user@host [debug]] Usage Guidelines Entering the mail command with no arguments will allow you to read email. Entering the mail command with the arguments listed will allow you to send email. Syntax Description to Sends email to the expressed recipient. user@host Recipient of the email. debug Debugs any email problems. Example The following command sends an email message: mail to johndoe@example.com mailcntrl clear To delete the maillog, sendqueue, or userqueue, use the mailcntrl clear command. mailcntrl clear {log \| sendqueue \| userqueue} Syntax Description log Clears the Cisco SIMS Engine email log. sendqueue Clears the Cisco SIMS Engine sendqueue. userqueue Clears the Cisco SIMS Engine userqueue. Example The following command clears the Cisco SIMS Engine email log. mailcntrl clear log Related Commands mailcntrl list mailcntrl list To list the size of the userlog, userqueue, or the sendqueue, use the mailcntrl list command. mailcntrl list {logsize \| sendqueuesize \| userqueuesize} Syntax Description logsize Size of the mail log. sendqueuesize Size of the sendqueue. userqueuesize Size of the userqueue. Example The following command displays the size of the Cisco SIMS Engine email log. mailcntrl list logsize Mail log files total size: 4.0k Related Commands mailcntrl clear mailroute To forward email to a specified SMTP server, use the mailroute command to specify the server. If no server is specified, the Cisco SIMS Engine will use DNS to resolve the correct email server in your local domain. To stop forwarding mail to the SMTP server, use the mailroute command followed by a blank space. mailroute {hostname \| ip-address} Syntax Description hostname Host name of an email server. ip-address IP address of an email server. Example The following command forwards email to a server with the hostname mailserver: mailroute mailserver nfadmin To start the nFAdmin tool, use the nfadmin command. nfadmin Syntax Description This command has no arguments or keywords. Example This command starts the nFAdmin tool: nfadmin nslookup To translate a DNS name to its IP address or an IP address to its DNS name, use the nslookup command: nslookup {dns-name \| ip-address} Syntax Description dns-name DNS name of a host on the network. ip-address IP address of a host on the network. Example The following command translates the DNS name hostname to its IP address: nslookup hostname Server: dns.ex1.com Address: 209.165.200.224 Name: ex1.com Address: 209.165.201.0 ntp server To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the ntp server command. To disable this function, use the no form of this command: ntp server ip-address no ntp server ip-address Syntax Description ip-address IP address of the NTP time server providing clock synchronization. Usage Guidelines Use the ntp server command to synchronize the system clock with the specified NTP server. If you configure multiple NTP servers, the system will synchronize with the first working NTP server it finds. There is no limit to the number of NTP servers that you can configure. The ntp server command validates the NTP server that you specify. The possible results are: •If the server is a valid NTP server, a message similar to the following appears: 19 Jan 00:43:48 ntpdate[1437]: step time server 10.10.10.10 offset 999.257304 •If no NTP server with the name or IP address you specified exists, a message similar to the following appears: 19 Jan 00:43:40 ntpdate[1431]: no server suitable for synchronization found In this case, remove the NTP server by using the no form of the command, then configure a valid NTP server. •If the system time is set to a time later than the time on the NTP server, a message similar to the following appears: 19 Jan 00:43:58 ntpdate[1265]: Can't adjust the time of day: Invalid argument. In this case, the ntp server command is entered into the system configuration, but NTP will not function. Follow these steps to remove the command and configure NTP correctly: Step 1 Remove the ntp server command from the configuration by entering the no form of the command. For example: no ntp server ip-address where ip-address is the IP address of the NTP server. Step 2 Set the system clock to a time that is behind the time on the NTP server using the clock set command. Step 3 Enter the ntp server command again to configure the NTP server on the system. For example: ntp server ip-address Example This command configures the system to use an NTP server: ntp server 209.165.201.0 This command configures the system to stop using the NTP server: no ntp server 209.165.201.0 Related Command clock reload To reboot the system, use the reload command: reload Syntax Description This command has no arguments or keywords. Usage Guidelines Use the reload command to reboot the system. You are prompted to verify the reload. Enter yes to confirm or no to cancel the reload. Caution All processes running on the system stop when you run the reload command. The system will not respond to requests from applications while it is reloading. Example This command reboots the system: reload Related Command shutdown repository To configure the SIMS Engine to be a repository server, use the repository command. repository source URL Syntax Description source Sets the location from where the local repository downloads software updates and images. URL The IP address of an external server containing software updates and images. Usage Guidelines The repository command allows the SIMS Engine to be a repository both for itself and for external systems. A repository is a remote or local server from where a system can receive software updates and images. The repository command only configures the SIMS Engine to be a repository. To configure the SIMS Engine to install software updates and images from this repository, use the install configure command. Example To configure the SIMS Engine to be a repository, and to download software updates and images from http:// 209.165.200.224, enter the following command: repository source http://209.165.200.224 Related Commands repository server repository delete repository add repository server To start, stop, or view the status of the SIMS Engine's local repository, use the repository server command. repository server [stop \| start \| status] Syntax Description stop Stops the local repository. start Starts the local repository. status Displays the status of the local repository. Usage Guidelines The repository server command starts, stops, or displays the status of the SIMS Engine's local repository. A repository is a remote or local server from where a system can receive software updates and images. Example The following command stops the local repository: repository server stop Related Commands repository repository delete repository add repository delete To delete software updates and images on the SIMS Engine's local repository, use the repository delete command. repository delete [package \| all] Syntax Description all Deletes all software updates and images in the local repository. package Name of the software update or image to be deleted. Usage Guidelines The repository delete command deletes software updates and images on the SIMS Engine's local repository. A repository is a remote or local server from where a system can receive software updates and images. Example The following command deletes the update EX_2.0 from the local repository: repository delete EX_2.0 Related Commands repository repository server repository add repository list To list software updates and images on the configured local or remote repository, use the repository list command. repository list {local \| remote} [detail] [page] Syntax Description local Lists software updates and packages on the local repository. remote Lists software updates and packages on a remote repository. detail Includes details of the software updates and images displayed. page Displays the software updates and packages on page at a time. Example To list the software updates and images available on the configured local repository, with details and one page at a time, enter the following command: repository list local detail page repository add To transfer software updates and images from a remote server to the SIMS Engine's local repository, use the repository add command. repository add package Syntax Description package Name of the software update or image to be transferred. Usage Guidelines The repository add command transfers software updates and images from a remote server to the SIMS Engine's local repository. You will be prompted to enter a username and password if they are needed to access the remote server. A repository is a remote or local server from where a system can receive software updates and images. Example To transfer the update EX_2.0 from an update server to the local repository, enter the following command: repository add ex_2.0 Related Commands repository repository server repository delete restore Use the restore command to restore a backed up configuration of the SIMS Engine. restore restore name Syntax Description restore name Name of backup to be used to restore the SIMS Engine. Usage Guidelines To restore a configuration, use the restore command. If you use the restore command, the current configuration will be erased. Example The following command will restore a backed up configuration: restore backup1 Related Commands backup backupconfig listbackup rootenable To enable a root login, use the rootenable command. You are prompted to enter a password for the su command. You can use this password with the su command to login to the system as the root user. rootenable Syntax Description This command has no arguments or keywords. Example This command enables a root login: rootenable Related Commands su route To add a route through a gateway device, use the route command. To delete a route, use the no version of the command. route {network address} netmask {network netmask} gateway {gateway address} no route {network address} netmask {network netmask} Syntax Description netmask Sets value of the network netmask. gateway Sets the IP address of the router or gateway. network address IP address of the network. network netmask Value of the network netmask. gateway address IP address of router or gateway. Example The following command adds a route: route 209.165.201.0 netmask 255.255.255.224 gateway 209.165.200.224 The following command deletes the above route: no route 209.165.201.0 netmask 255.255.255.224 show config To display the system configuration, use the show config command: show config Syntax Description This command has no arguments or keywords. Example This command displays the system configuration: show config hostname ex1 interface ethernet0 209.165.201.0 255.255.255.224 default-gateway 209.165.202.128 interface ethernet1 down interface ethernet2 down interface ethernet3 down interface ethernet4 down interface ethernet5 down ip domain-name embu-doc ip name-server 209.165.202.158 username admin epassword *********** privilege 15 show install logs To display the software updates and images available on the configured repository, use the show install logs command. show install logs [short \| long] [page] Syntax Description short Displays only the names of software updates and images on the configured repository long Displays the names and descriptions of software updates and images on the configured repository. page Displays command output one screen at a time. Example The following command displays the software updates and images available on the configured browser, one screen at a time: show install updates page show syslog To display syslog information, use the show syslog command: show syslog [page] [include** matchstring1 [matchstring2]] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. include Filters the command output to display only the records that contain the specified string of characters. matchstring1 String of characters to search for in the command output. matchstring2 (Optional) Another string of characters to search for in the command output. Usage Guidelines Use this command to display syslog information. To filter the command output to include only the records that contain the specified string(s) of characters, use the include option with one or two character strings to search for. If you include two strings, the command outputs only those records that contain both character strings. Example This command displays syslog information: show syslog Jun 20 16:04:23 embu-doc-sims syslogd 1.3-3: restart. Jun 20 16:04:23 embu-doc-sims syslog: syslogd startup succeeded Jun 20 16:04:23 embu-doc-sims kernel: klogd 1.3-3, log source = /proc/kmsg start. Jun 20 16:04:23 embu-doc-sims kernel: Inspecting /boot/System.map-2.2.16-13bipse2 Jun 20 16:04:23 embu-doc-sims syslog: klogd startup succeeded -----------more----------- Related Command interface shutdown To shut down the system in preparation for powering it off, use the shutdown command: shutdown Syntax Description This command has no arguments or keywords. Usage Guidelines Use this command to shut down the SIMS Engine in preparation for powering it off. All processes running on the SIMS Engine will stop, and it will not respond until you power it off and back on. You are prompted to verify the shutdown. Enter yes to continue, or no to cancel the shutdown. Caution Never power the system off without running the shutdown command first. Doing so can destroy data and prevent the system from booting. Example This command shuts down the system: shutdown Related Command reload snmp-server To configure an simple network management protocol (SNMP) agent, use the snmp-server command: snmp-server {community community-name [RO \| RW] \| location sysLocation-info \| contact sysContact-info} no snmp-server {community community-name \| location \| contact} Syntax Description community sets the community strings that permit access to the SNMP. community-name the community name string. RO read only. RW read / write. location sets the system location string. sysLocation-info the location string. contact sets the contact string. sysContact-info the contact string. Usage Guidelines Use the command snmp-server to configure the snmp agent: Example This command sets an SNMP contact string: snmp-server contact Dial System Operator at Beeper # 27345 ssh-version Use the ssh-version command to enable Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2. ssh-version {ssh1 \| ssh2 \| both} Syntax Description ssh1 Enables SSH 1 ssh2 Enables SSH 2 both Enables both SSH 1 and SSH2 Example This command enables ssh1 ssh-version ssh1 su To login to the system as the root user, enter the su command. You are prompted to enter the password that you created by entering the rootenable command. su [-] Syntax Description - Creates a new login shell for the root session. Example This command logs you into the system as the root user: su - Related Commands rootenable telnet To Telnet to an external host, use the telnet command. telnet {hostname \| ip-address} [portnumber] Syntax Description hostname Hostname of the external device. ip-address IP address of the external device. portnumber portnumber of the external device. Example Enter the following command to telnet to port 9851 of a system with the IP address 209.165.200.224: telnet 209.165.200.224 9851 telnetenable To configure Telnet access, use the telnetenable command: telnetenable {enable [ip-address \| domain] \| disable \| status} Syntax Description enable Enables Telnet access to the system. disable Disables Telnet access to the system. status Displays current access status. ip-address IP address of systems allowed Telnet access. If this argument is used, no other machines will be allowed access. Multiple IP address are allowed. domain Domain of systems allowed Telnet access. If this argument is used, machines with domains other than the specified domain will be denied Telnet access. Multiple domains are allowed. Default The default is disable. Usage Guidelines To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable specific IP addresses, use the telnetenable enable command followed by the IP addresses. Example This command enables telnet for all IP source addresses: telnetenable enable username To create a new user account or change an account's properties, use the username command. Use the no form of the command to remove a user account: username name password password [privilege {0 \| 15}] no username name Syntax Description name Name of the user account to create or remove. password Specifies a password for the account. password The password for the account. privilege (Optional) Specifies the account privilege level. 0 Gives the account level 0 privileges. This is the default. 15 Gives the account level 15 privileges. Usage Guidelines Use the username command to change the properties of a user account. To assign a user CLI privilege lever 15, use the username command. You cannot assign CLI privilege level 15 through the Web interface. Use the no form of the command to remove a user account. The default privilege level is 0 if you do not provide a privilege option. Example This command creates a user account named user1 with password password1 and privilege level 15: username user1 password password1 privilege 15 This command removes the user account: no username user1 Maintenance Image Commands This section describes the commands that are available when the system is booted from the maintenance image. erase config This command is identical to the level 15 erase config command. fsck To check and repair the filesystem, use the fsck command. fsck Syntax Description This command has no arguments or keywords. Usage Guidelines Use the fsck command to check and repair the filesystem. The command might prompt you for confirmation before making certain repairs. Example The following command checks and repairs the filesystem: fsck reload This command is identical to the level 15 reload command. Related Topics •Checking Command Syntax •System Help •Command Description Conventions •Privilege Level 0 Commands •Privilege Level 15 Commands
	© 1992-2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.