Table Of Contents

Command Line Interface (CLI) Commands

Using the CLI

CLI Conventions

Command Privileges

Checking Command Syntax

Command History Feature

Help for CLI Commands

Command Description Conventions

Command Summary

CLI Command Details

aaa-server

apptyp

auth

backup

backupconfig

cdp

clear

clearbackuphosts

clearvar

clock set

debug

df

diagnostic-info

dumptcp

dumptech

erase config

exit

firewall

gethostbyname

help

hostname

http-server

import

install

interface

ip domain-name

ip name-server

listbackup

mail

mailcntrl

mailroute

mkcert

nslookup

ntp server

ping

ps

redundancy

reinitdb

reload

repository

restore

route

services

setup

show auth-cli

show auth-http

show backupconfig

show backuplog

show bootlog

show cdp neighbor

show cdp run

show clock

show config

show daemonslog

show dmgtdlog

show domain-name

show hosts

show http-server

show import hosts

show install

show interfaces

show ipchains

show maillog

show mailroute

show proc[ess]

show redundancy

show repository

show route

show securitylog

show snmp-server

show ssh-server

show ssh-version

show syslog

show tech

show telnetenable

show time

show tomcatlog

show version

show webaccesslog

show weberrorlog

show websslaccesslog

shutdown

snmp-server

ssh host

ssh-server accept

ssh-version

tarlog

telnet

telnetenable

tftpserver

traceroute

username

webtimeout

Maintenance Image Commands

erase config

fsck

reload

Command Line Interface (CLI) Commands

---

This appendix summarizes the WLSE's command line interface (CLI) commands.

---

Note When you use CLI commands to make a configuration change, the system configuration is updated immediately.

---

This appendix contains the following sections:

•Using the CLI

•CLI Conventions

•Command Privileges

•Checking Command Syntax

•Command History Feature

•Help for CLI Commands

•Command Summary

•Command Description Conventions

•CLI Command Details

•Maintenance Image Commands

Using the CLI

You can use the CLI by:

•Attaching a console to the WLSE, or

•Accessing the WLSE using Telnet or SSH.

---

Note Telnet is disabled by default. Use the telnetenable command to enable Telnet. See telnetenable.

---

You can log in to the CLI by using the admin username and password or any user that has CLI privileges. For more information on logging in and out of the CLI, see Logging In and Out via CLI.

CLI Conventions

The command-line interface (CLI) uses the following conventions:

•The key combination ^c or Ctrl-c means hold down the Ctrl key while you press the c key.

•A string is defined as a non-quoted set of characters.

•Use single-quotes (`) to surround a series of parameters; do not use double-quotes

---

Note Although the WLSE CLI is similar to the IOS CLI, they are not identical.

---

Command Privileges

Access to CLI commands is controlled by your user account privilege level. Users with privilege level 15 can use all commands. Users with privilege level 0 can use only a subset of the commands. Most commands require privilege level 15.

Checking Command Syntax

The user interface provides several types of responses to incorrect command entries:

•Command not found—You entered a command line that does not contain a valid command.

•Incomplete command—You entered a valid command but omitted required arguments.

•Invalid input—You entered a valid command but provided invalid arguments or parameters.

In addition, some commands have command-specific error messages that notify you that a command is valid but cannot run correctly.

Command History Feature

The CLI provides a command history feature. To display previously entered commands, press the up arrow key. After pressing the up arrow key, you can press the down arrow key to display the commands in reverse order. To run a command, press the Enter key while the command is displayed on the command line. You can also edit commands before pressing the Enter key.

---

Note Pressing Ctrl-c erases the history.

---

Help for CLI Commands

For a list of all commands and their syntax, type help and press Enter.

For help on a specific command, use either of the following methods:

•Type the command name, a space, help; then press Enter. For example, ntp help.

•Type help, a space, and the command name; then press Enter. For example, help ntp.

The help provides command usage information and syntax.

Command Description Conventions

Command descriptions in this document and in the CLI help system use the following conventions:

•Vertical bars (|) separate alternative, mutually exclusive elements.

•Square brackets ([ ]) indicate optional elements.

•Braces ({ }) indicate a required choice. Braces within square brackets ([{ }]) indicate a required choice within an optional element.

•Boldface indicates commands and keywords that are entered literally as shown.

•Italics indicate arguments for which you supply values.

Command Summary

Table A-1 lists the CLI commands.

Table A-1 Command Summary 

Command	Privilege Level	Description	Reference
aaa-server commands	These commands are for the internal AAA server, which is available on the WLSE Express only. For information on these commands, see "Using the Internal AAA Server (WLSE Express Only)."
apptyp	0	Shows the hardware type.	apptyp
auth	15	Enables remote authentication of WLSE users.	auth
backup	15	Backs up WLSE database configuration.	backup
backupconfig	15	Sets backup file location for all backup and restore operations.	backupconfig
cdp	15	Enables or disables Cisco Discovery Protocol (CDP).	cdp
clear	0	Clears terminal settings for the shell.	clear
clearbackuphosts	15	Clears the stored key for using SCP for backups.	clearbackuphosts
clearvar	15	Purges log files from /var partition.	clearvar
clock set	15	Sets system date and time.	clock set
debug	15	Enables debugging mode for CLI commands.	debug
df	15	Displays current storage usage.	df
diagnostic-info	15	Gathers diagnostic information.	diagnostic-info
dumptcp	15	Displays TCP/IP packet content and dumps packet content to a file.	dumptcp
dumptech	15	For diagnostics.	dumptech
erase config	151	Erases configuration in flash memory and reloads the WLSE.	erase config
exit	0	Logs user out.	exit
firewall	15	Implements port filtering.	firewall
fsck	N/A2	Checks and repairs file system.	fsck
gethostbyname	15	Displays IP address of a known domain name.	gethostbyname
hostname	15	Changes system host name.	hostname
http-server	15	Controls access via HTTP and HTTPS	http-server
import	15	Imports host files or maps IP addresses to host names.	import
install	15	Configures repository for installing software updates and installs software updates.	install
interface	15	Configures Ethernet interfaces.	interface
ip domain-name	15	Defines default domain name.	ip domain-name
ip name-server	15	Specifies address of name servers.	ip name-server
listbackup	15	Lists all current backups at the configured site.	listbackup
mail	15	Debugs and tests email settings.	mail
mailcntrl	15	Lists size of or deletes mail log, send queue, or user queue.	mailcntrl
mailroute	15	Forwards email to specified server.	mailroute
mkcert	15	Generates Certificate Signed Request (CSR) for HTTPS.	mkcert
nslookup	15	Translates device name to IP address or IP address to device name.	nslookup
ntp server	15	Allows system clock to be synchronized by a time server.	ntp server
ping	0	Sends ICMP echo_request packets for diagnosing basic network connectivity.	ping
ps	15	Shows running processes	ps
redundancy	15	Turns redundancy on or off, performs software upgrade on redundant cluster.	redundancy
reinitdb	15	Reinitializes database.	reinitdb
reload3	151	Reboots WLSE.	reload
repository	15	Manages local repository for installing software updates.	repository
restore	15	Restores backed up configuration from the configured location.	restore
route	15	Adds a route.	route
services	15	Manages WLSE services.	services
setup	15	Configure network parameters of WLSE Express	setup
show auth-cli	15	Displays type of authentication used for secure CLI access.	show auth-cli
show auth-http	15	Displays type of authentication used for secure HTTP access.	show auth-http
show backupconfig	15	Displays current backup/restore location.	show backupconfig
show backuplog	15	Displays contents of backup log.	show backuplog
show bootlog	15	Displays messages logged during last system boot.	show bootlog
show cdp neighbor	15	Displays nearest neighbor on the network.	show cdp neighbor
show cdp run	15	Displays Cisco Discovery Protocol (CDP) configuration.	show cdp run
show clock	15	Displays current UTC date and time.	show clock
show config	15	Displays configuration.	show config
show daemonslog	15	Displays daemons log.	show daemonslog
show dmgtdlog	15	Displays daemon manager log.	show dmgtdlog
show domain-name	15	Displays domain name	show domain-name
show hosts	15	Displays host file.	show hosts
show http-server	15	Shows HTTP and HTTP access control information.	show http-server
show import hosts	15	Displays imported host files.	show import hosts
show install	15	Displays software updates and images available on configured repository and logs of installations.	show install
show interfaces	0	Displays information about network interface.	show interfaces
show ipchains	15	Displays IP chains for selected interface.	show ipchains
show maillog	15	Displays mail log.	show maillog
show mailroute	15	Displays SMTP mail server.	show mailroute
show proc[ess]	0	Displays information about processes running on WLSE.	show proc[ess]
show redundancy	15	Displays information about redundancy status and configuration.	show redundancy
show repository	15	Displays status or access log of configured repository.	show repository
show route	15	Displays routes currently configured.	show route
show securitylog	15	Displays secure log information.	show securitylog
show snmp-server	15	Displays SNMP configuration.	show snmp-server
show ssh-version	15	Displays type of SSH enabled.	show ssh-version
show syslog	15	Displays syslog information.	show syslog
show tech	15	Displays information for Cisco's Technical Assistance Center.	show tech
show telnetenable	15	Displays Telnet status.	show telnetenable
show time			show time
show tomcatlog	15	Displays Tomcat log.	show tomcatlog
show version	0	Displays information about current software installed on WLSE.	show version
show webaccesslog	15	Displays Web access log.	show webaccesslog
show weberrorlog	15	Displays Web error log.	show weberrorlog
show websslaccesslog	15	Displays Web SSL log.	show websslaccesslog
shutdown	15	Shuts down WLSE in preparation for powering it off.	shutdown
snmp-server	15	Configures SNMP agent.	snmp-server
ssh host	15	Connects to an external host by using SSH.	ssh host
ssh-server accept	15	Controls SSH access.	ssh-server accept
ssh-version	15	Enables Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.	ssh-version
tarlog	15	Tars log files.	tarlog
telnet	15	Telnets to an external host.	telnet
telnetenable	15	Configures Telnet access.	telnetenable
tftpserver	15	Allows the TFTP server to be used for general purposes (WLSE Express only).	tftpserver
traceroute	0	Displays route to specified host and identifies faulty gateways.	traceroute
username	15	Creates new user account or changes account properties.	username
webtimeout	15	Changes session timeout for the Web interface.	webtimeout
wslseconfig	Do not use this command. This command is for internal use only.

1 This command is also available in the maintenance image. 2 This command is available only in the maintenance image. 3 This command is also available in the maintenance image.

CLI Command Details

This section provides an alphabetical listing of all CLI commands, along with options, examples, and usage guidelines.

---

Note The maintenance image includes a small set of CLI commands. For information on these commands, see Maintenance Image Commands.

---

aaa-server

The aaa-server CLI commands are available on the WLSE Express only. For information on these CLI commands, see "Using the Internal AAA Server (WLSE Express Only)."

apptyp

This command shows the type of WLSE hardware.

apptyp

Example

This command shows that the WLSE is an 1130-series platform:

# apptyp

1130

auth

Use the following command to enable secure authentication through a remote authentication server.

auth { cli | http } { local | tacacs secret server1 [ server2 ] | radius secret server1 [ server2 ] | nt domain pdc [ bdc ] }

Syntax Description

cli	Enables authentication when using the CLI.
http	Enables authentication when using HTTP.
local	Enables local authentication.
tacacs	Enables authentication using TACACS+ (Terminal Access Controller Access Control System). Note If you select this module, only the users configured on the TACACS+ server and the admin user can log into the WLSE.
radius	Enables authentication using RADIUS (Remote Dial-In User Service).
nt	Enables authentication from a Windows NT domain controller.
secret	Shared secret code of server.
server1	IP address or device name of server from which authentication will occur.
server2	IP address or device name of optional secondary server from which authentication could occur
domain	NT domain name.
pdc	Name of the Primary Domain Controller (PDC) and Backup Domain Controller (BDC) for the NT domain. Use the WINS name (simple hostname), not an IP address or fully qualified domain name.
bdc

Example

This command enables secure remote authentication from a remote server, using TACACS.

auth http tacacs tr5e43 209.165.200.224 

Related Commands and Other Topics

show auth-cli

show auth-http

Using an Authentication Module

backup

Use the following command to back up the WLSE.

backup [ test ]

Syntax Description

test	Tests configured backup hostname, username, password, and directory.

Usage Guidelines

The backup command backs up the WLSE configuration to the location specified by the backupconfig command.

Example

A typical backup proceeds as follows:

1. Run backupconfig (see backupconfig) to specify the location for storing the backups.

2. Run backup test to make sure the credentials specified in backupconfig and the user can write to the target location:

admin@sj-wlse:backup test

test OK

The backup test command creates a small file called test.tar at the target location under a sub-directory of BACKUP (the default directory created by the backup process). If the backup test does not return OK, the backup command will fail.

3. Run the backup command to start the backup process. Depending upon the amount of data, this can take a few minutes. Do not interrupt the process:

admin@sj-wlse:backup

backupfile: sj-wlse_02142004_222801.taraa

sj-wlse_02142004_222801.inf

admin@sj-wlse

The backup process creates a .taraa file and .inf file named for the WLSE hostname and the date and time of the backup.

4. Log in to the backup location system and verify that there is a backup directory under the BACKUP/WLSE hostname_date_time subdirectory and that it contains the two files created by the backup process.

Related Commands

backupconfig

listbackup

restore

show backupconfig

backupconfig

Use the backupconfig command to specify the location for all backup and restore operations. To delete the backup configuration, use the no backupconfig command.

backupconfig hostname username password { FTP | SCP } [ directory ]

no backupconfig

Syntax Description

hostname	Host name or IP address of the host system.
username	Username of host system.
password	Password of the host system.
FTP SCP	Protocol to use for transferring the backup to the host system: •FTP (File Transfer Protocol)—the default •SCP (Secure Copy)
directory	Path to specific backup directory, if different from user's default directory.

Usage Guidelines

If you are using SCP for file transfer, the WLSE stores a shared key for the remote host. If the key changes on the remote host, files cannot be transferred. To clear the key and allow the WLSE to use the new key, use the clearbackuphosts command.

Example

The following command causes all backup and restore operations to use the host with IP address 209.165.200.224, username user1, and password pass:

backupconfig 209.165.200.224 user1 pass

The following command clears all backup and restore configuration information:

no backupconfig

Related Commands

backup

clearbackuphosts

listbackup

restore

show backupconfig

cdp

Use the cdp command to configure the Cisco Discovery Protocol (CDP). Allows the WLSE to recognize, and be recognized by, other Cisco devices.

cdp run { [ interface ] | timer seconds | holdtime seconds }

no cdp { run [ interface ] | timer | holdtime }

Syntax Description

run	Starts the WLSE sending out CDP signals to other devices.
timer	Set CDP packet retransmission time, the amount of time, in seconds, that CDP signals are sent.
holdtime	Set CDP packet information hold time, the amount of time a device will recognize another device without receiving a signal. For example, if your system's holdtime is set to 30 seconds, and another device that has already been recognized by yours does not send a signal within that 30 seconds, your system will cease to recognize it.
interface	Ethernet port on which CDP will be enabled. Acceptable range of values is eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.
seconds	Amount of time, in seconds, that the system takes to either transmit the CDP packet information or to hold another system's CDP packet information.

Usage Guidelines

After you use the no cdp command, the timer and holdtime values are set to their default values.

Example

This command sets the CDP packet's retransmission time at 10 seconds:

cdp timer 10

This command sets the CDP packet's retransmission to its default time.

no cdp timer

Related Commands

show cdp run

clear

This command clears the terminal settings for the shell.

clear

clearbackuphosts

This command clears the stored key when using SCP for backups.

Syntax

clearbackuphosts

Usage Guidelines

When you use SCP to transfer backup files to a remote host, the WLSE stores keys to identify the remote hosts. If the key on a remote host changes, the backup files cannot be transferred. This command clears the stored keys and allows the WLSE to store a new key.

Related Commands

backupconfig

clearvar

This command deletes old log files from the /var partition.

clearvar

Usage Guidelines

---

Caution This command stops all services on the WLSE before purging old log files. Upon completion, the command restarts all services.

---

clock set

To set the system date and time, use the following command. See the following usage guidelines before using this command.

clock set { hh:mm:ss month day year }

Syntax Description

set	Sets the system clock.
hh:mm:ss	Current time (for example, 13:32:00).
month	Current month, as full month name or at least the first 3 characters of the month (for example, jan).
day	Day of the month (1 to 31).
year	Current year (for example, 2000).

Usage Guidelines

When setting the system time, set the time to UTC.

When resetting the time, you must stop and restart WLSE services. Otherwise, scheduled configuration and firmware jobs will not run properly.

To reset the time:

---

Step 1 Stop services:

services stop

Step 2 Change the time.

Step 3 Start services:

services start

---

If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command.When setting the clock, enter the current time in Coordinated Universal Time (UTC).

For more information about the system time, see the Understanding WLSE Time Displays.

Example

This command sets the date and time:

clock set 16:00:00 dec 11 2001

Tue Dec 11 16:00:00 UTC 2001

Related Commands

ntp server

clock set

debug

This command enables or disables debugging mode, which displays detailed information when parsing CLI commands.

Syntax

debug

Example

When debug is enabled, the output of the df command is:

admin@wlse1:df

DEBUG:linePtr=---df---

DEBUG:execStrPtr=---/opt/appliance/enable/df ---

DEBUG:Command /opt/appliance/enable/df 

Token: /opt/appliance/enable/df

Token: (null)

DEBUG: progArgV /opt/appliance/enable/df

DEBUG: progArgV (null)

Filesystem            Size  Used Avail Use% Mounted on

/dev/hda12            298M  111M  187M  38% /

/dev/hda1              53M   14M   36M  27% /boot

/dev/hda7             2.7G  1.3M  2.5G   1% /extra

/dev/hda11            596M   33M  564M   6% /home

/dev/hda6             2.8G  278M  2.5G  10% /opt

none                  1.5G     0  1.4G   0% /dev/shm

/dev/hda5             1.9G   33M  1.8G   2% /tftpboot

/dev/hda9             596M   33M  563M   6% /tmp

/dev/hda10            571M  254M  288M  47% /usr

/dev/hda13             27G  502M   26G   2% /var

DEBUG:Error returned from command: 19

DEBUG:arg 0:/opt/appliance/enable/df

DEBUG:/opt/appliance/enable/df

df

To display the current storage usage on the WLSE, use the following command.

df

Usage Guidelines

This command is intended as a debugging tool for problems with full partitions.

Example

The following command displays the current storage usage on the WLSE:

df

Filesystem            Size  Used Avail Use% Mounted on

/dev/sda12            151M   59M   92M  39% /

/dev/sda1              49M  2.8M   44M   6% /boot

/dev/sda7             985M   24M  911M   3% /extra

/dev/sda8             601M   32M  569M   5% /home

/dev/sda6            1001M  136M  865M  14% /opt

/dev/sda13            9.7G   32M  9.7G   0% /tftpboot

/dev/sda9             601M   32M  569M   5% /tmp

/dev/sda10            591M  212M  350M  38% /usr

/dev/sda5             2.9G  450M  2.5G  15% /var

Related Commands

fsck

diagnostic-info

Gathers diagnostic information and places the information in the diagnostic-info.log file.

Syntax Description

diagnostic-info

Usage Guidelines

You can view and download the diagnostic-info.log file by selecting Admin > Appliance > View Log File.

dumptcp

The following command displays TCP/IP network protocol packet content.

dumptcp proto { snmp snmp-trap ip icmp tcp udp | port port }
[ interface eth[ernet]0 ... 5] [ host host [ host2 host2 ]]
[ packets packets ] [ log ]

Syntax Description

proto	Name of protocol. Enter snmp, snmp-trap, ip, icmp, tcp, or udp to specify the protocol for which you want to view the packet content. You must specify either a protocol or a port.
port	Use the port number to specify the protocol to observe, instead of specifying the protocol name. You must specify either a protocol or a port.
port	Port number.
interface eth[0-5]	The interface to observe. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.
host, host2	The host(s) to observe.
host	The host name(s).
packets packets	Maximum number of packets to be captured (up to 10,000).
log	Logs the output of the command in a file in a dumptcp.cap file. You can retrieve the file from the web interface—Admin > Appliance > Status > View Log File. Use a utility such as tcpdump or Ethereal to view the file, which is in binary format.

Usage Guidelines

You can either specify a protocol by name or specify a port; you must specify one or the other. Optionally, you can specify the interface and specify one or two hosts to observe.

The command allows you to continuously observe the packets. Enter Ctrl C to terminate the command.

Examples

The following command listens displays the SNMP packets in the interface:

dumptcp proto snmp interface eth0

The following command listens to packets from port 161 only with abc.com as either the source or destination host:

dumptcp port 161 host abc.com

The following command limits the capture to 1000 packets:

dumptcp proto tcp packets 1000

Related Commands

interface

dumptech

This command is for diagnostic purposes. It calls the diagnostic-info and tarlog commands and sends the output via SCP (secure copy) to a user on a remote host. The output is saved in the dumptech.tgz file in the specified directory. The dumptech.tgz file can also be downloaded from Admin > Appliance > Status > View Log Files.

This command is useful for getting the files to an FTP server in case the Web interface is not accessible.

dumptech username remote-host remote-directory

Syntax

username	Name of the user on the remote host.
remote-host	Name or IP address of the remote host.
remote-directory	Name of the directory in which to save the log file.

Usage Guidelines and Examples

The correct usage of the dumptech command and the output displayed during the transfer process is shown in the following examples.

In the first case, the user has a valid SCP server setup and can access the file from the specified directory on the FTP server or from the WLSE Web interface.

dumptech userA hostA /users/userA

cmd=/opt/appliance/scripts/dumptech.sh userA@hostA:/users/userA

The authenticity of host 'hostA (209.165.200.11)' can't be 
established.

RSA key fingerprint is 
8b:b0:41:00:d5:e4:7a:66:d3:b3:c2:47:f9:1b:7c.38.

Are you sure you want to continue connecting (yes/no)? yes

Warning:Permanently added 'hostA (209.165.200.11)' (RSA) to the list 
of known hosts.

userA@hostA's password: password

dumptech.tgz 100% |***********************| 691 KB 00:01

If you do not have an SCP server or do not know whether your FTP server supports SCP, you can enter non-existent parameters, as shown in the following example. In this case, you can access the file from the WLSE Web interface.

dumptech nouser nowhere /nodirectory

cmd=/opt/appliance/scripts/dumptech.sh nouser@nowhere:/nodirectory

ssh: nowhere: Name or service not known

lost connection

Related Commands

diagnostic-info

tarlog

erase config

To erase the configuration in flash memory and reload the WLSE with its default settings, use the following command.

erase config

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

When you enter the command, you are prompted for confirmation. Enter yes to confirm, or press Enter to accept the default response no.

---

Caution When you confirm this command, the system configuration is erased and the system reboots automatically. The system will not operate until you reconfigure it.

---

When the system reboots, you must reconfigure it. For information, see the relevant Installation and Configuration Guide for your WLSE.

The results of running this command are:

•Created users are erased.

•SNMP and CDP settings are set to their default values.

Example

This command erases the system configuration:

erase config

This will erase your configuration, return device to factory defaults, 
and reload the device 

Do you want to continue?[no]:yes

exit

To log out of the CLI command interface, use the following command:

exit

Syntax Description

This command has no arguments or keywords.

Example

The following command logs you out of the system:

exit

firewall

The following command allows you to configure port access for each interface. The provides flexibility in securing the WLSE. The WLSE can be configured for secure or public network environments. The no form disables the firewall on the interface.

firewall eth[ernet]0-5 { [ public | private ] |
[ icmp | telnet | ssh | snmp | https | 1741 | tftp | REPOSITORY ] }

no firewall eth[ernet]0-5

Syntax Description

eth [0-5]	Interface to be configured. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.
public	Denies access via Internet Control Message Protocol (ICMP), Telnet, SNMP, TFTP, and REPOSITORY. Allows access via SSH, HTTPS, and the HTTP 1741 port.
private	No access is denied. Allows connections via ICMP, Telnet, SSH, SNMP, HTTPS, and the HTTP 1741 port.
icmp	Ignores ICMP ping messages. With this option set, the WLSE will not respond to external ICMP ping messages but you will still be able to perform traceroute and ping commands.
telnet	Ignores incoming Telnet connections.
ssh	Ignores incoming SSH connections.
snmp	Ignores incoming SNMP requests.
https	Denies all connections to the SSL HTTP port used by the SSL Web interface.
1741	Denies all connections to the HTTP 1741 port used by the Web interface.
tftp	Ignores all connections to the TFTP host.
REPOSITORY	Prevents access to the the local software repository from the network. Ignores all connections to WLSE port 9851.

Usage Guidelines

To configure an Ethernet port for secured public access, use the public option.

To configure an Ethernet port for local access, via a LAN or VLAN, use the private option.

To disable ICMP, Telnet, SSH, SNMP, HTTPS, or to deny connections to the SSL HTTP port or the HTTP 1741 port, use the corresponding option.

Example

The following is an example of a secure Ethernet port configuration:

•Ethernet port 0 is connected to the Internet, and is configured to be accessible only via HTTPS by entering:

firewall eth0 public ssh 1741 

•Ethernet port 0 is connected to an internal LAN or VLAN, and is configured to be accessible via any of the supported protocols by entering:

firewall eth0 private 

An on-site user has full access to the WLSE, but an external user can only access it using a secure connection.

Related commands

show interfaces

interface

gethostbyname

Use the following command to display the IP address of a known hostname.

gethostbyname host

Syntax Description

host Domain name of host.

Example

This command displays the IP address of example.com

gethostbyname example.com

209.165.200.224

help

This command displays help for all of the CLI commands.

hostname

To change the system host name, use the following command.

hostname name

Syntax Description

name	New hostname for the WLSE. The name is case-sensitive and may be from 1 to 24 alphanumeric characters (A-Z, a-z, 0-9), the minus sign (-), and the period (.).

Example

The following example changes the hostname to sandbox:

hostname sandbox

http-server

This command controls:

•HTTP and HTTPS access to the WLSE by specifying the IP addresses from which connections are accepted. The default behavior is to accept all connections. If you specify IP addresses, connections are only accepted from matched addresses. The no form of the command removes an address.

•The port used for HTTP access.

http-server accept ip_address [ netmask ] | port { 80 | 1741 }

no http-server accept ip_address [ netmask ]

http-server port { 80 | 1741 }

Syntax Description

accept ip_address netmask	An address and optional netmask from which connections are accepted or an address and optional netmask to remove from the access list.
port { 80 | 1741 }	Port to use for HTTP access.

Usage Guidelines

You can add one address per command line.

The no form of the command removes HTTP/HTTPS access one address at a time. The no form of the command must exactly match the rule it is deleting.

In a redundant cluster of WLSEs, if you are using an HTTP/HTTPS access list, you must enter a command on each WLSE to allow access by the other WLSE in the cluster.

Example

To accept HTTP and HTTPS connections from the host 192.168.12.12 with the netmask 255.255.255.0:

http-server accept 192.168.12.12 255.255.255.0 

To use port 80 for HTTP access instead of the default port 1741:

http-server port 80

Related Commands

firewall

show http-server

import

Use this command to add a single host for IP address mapping or import a UNIX-style hosts file from a remote FTP server.

import host hostname ipaddress

no import host hostname ipaddress

import hosts ftp-host username password pathname

no import hosts

Syntax Description

host	Imports a single hostname mapped to an IP address.
hostname	Hostname to import.
ipaddress	IP address to map hostname to.
hosts	Imports host file from an FTP-accessible host.
password	Password used to access an FTP-accessible host.
pathname	Path to the file to be imported.
ftp-host	IP address or hostname of the FTP-accessible host.
username	username use to access the FTP-accessible host.

Usage Guidelines

To import a single host:

import hosts hostname ipaddress

To import host files from an external, FTP- accessible server:

import hosts ftp-host username password path

To remove an individual IP address from the imported host file:

no import host hostname ipaddress

To remove an imported host file:

no import hosts

Example

The following command imports host files from the FTP- accessible server ftpserver_1. Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts.

import hosts ftpserver_1 admin pass /ftpserver_1/hosts

The following command deletes the hosts imported in the example above:

no import hosts

Related Commands

show import hosts

install

Use this interactive command to install software updates on the WLSE.

install configure { URL URL | default | save }

install update package

install list [ all | full | page | updates ]

install current

install help

---

Caution Before upgrading WLSE software, check the readme.txt file associated with the software image. You can find this file along with the software image in the Software Center on Cisco.com.

---

Syntax Description

configure	Defines the repository from which to install software updates or complete images. A repository is a remote or local server.
	URL	Sets the URL of the repository. Only HTTP is supported.
	URL	The URL of the repository. The URL should take the form of http://host:port/path (the path is optional).
	default	Configures the WLSE to be its own repository. The URL is http://localhost:9851.
	save	Saves the current configuration in the install.ini file.
update	Installs the specified software update package.
	package	Name of an installable update package
current	Lists the currently installed packages on the WLSE.
list	Lists software updates and images on the defined repository.
	all	Lists all software on the defined repository. This command displays software name, version, requirements, type, and summary information.
	full	Lists only the complete images on the defined repository. Displays name of image, version, requirements, type, and summary information
	page	Displays first page of command output. To display more: •Press the Return key to display the next line of output. •Press the Space bar to display the next screen of output Press q or Q to exit paged output and return to the command prompt.
	updates	Lists only the updates on the configured repository. Displays software name, version, requirements, type, and summary information
exit	Exit from interactive use of the install command.

Usage Guidelines

The install command is designed as an interactive command, although you can use it in non-interactive mode. For example, to list the images on the repository in interactive mode:

wlse-1130: install

install: list all

To exit from interactive mode, type exit.

To list the images on the repository in non-interactive mode:

wlse-1130: install list all

Examples

The following command configures the WLSE to use port 9851 on the system with IP address 209.165.200.22, as the repository:

wlse-1130: install 

Install URL not configured

install: configure URL http://209.165.200.224:9851

The following command installs the update package named WLSE-2.0:

install: update WLSE-2.0

The following command lists all software updates in the repository:

install: list all

Name         Version Requires     Type       Summary

WLSE-2.7.1   2.7.1   WLSE-2.7     UPDATE     Wireless LAN Solution ...

WLSE-2.7u    2.7     WLSE-2.0     UPDATE     Wireless LAN Solution ...

WLSE-2.5FCS  2.5     WLSE-2.0     UPDATE     Wireless LAN Solution ...

WLSE-2.0.2   2.0.2   WLSE-2.0     UPDATE     Wireless LAN Solution ...

WLSE-2.0     2.0                  COMPLETE   Wireless LAN Solution ...

The following command lists all the packages and patches currently installed on the WLSE:

wlse-1130:install current 

URL=http://209.165.200.224:9851

Initializing install:  Success

Name         Version Requires     Type       Summary

WLSE-2.7.1   2.7.1   WLSE-2.7     UPDATE     WLSE 2.7.1 Upgrade

WLSE-2.7u    2.7     WLSE-2.0     UPDATE     WLSE 2.7 Upgrade

WLSE-2.5a    2.5a    WLSE-2.5FCS  UPDATE     Wireless Lan Solution ...

WLSE-2.5FCS  2.5     WLSE-2.0     UPDATE     WLSE 2.5FCS Upgrade

WLSE-2.0.2   2.0.2   WLSE-2.0     UPDATE     WLSE 2.0.2 Upgrade

WLSE-2.0a    2.0a    WLSE-2.0     UPDATE     Wireless Lan Solution ...

WLSE-2.0     2.0                  COMPLETE   WLSE Solution Engine

Related Commands

repository

show install

show version

interface

To configure an Ethernet interface, use the following command.

interface eth[ernet][0-5] [ up | down ]

interface eth[ernet][0-5] dhcp

interface eth[ernet][0-5] ipaddress netmask [ default-gateway address ]
[ up | down ] [ auto | speed [10 | 100 | 1000] duplex [ half | full ]
[ mtu 46-1500 ]

Syntax Description

eth[0-5]	Name of the interface port to be configured. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.
up	Enables the interface (the default). Note If you include the ipaddress parameter and want to enable the interface in the same command, either enter the up parameter after ipaddress and its required parameters, or do not specify the up or down parameters (up is the default).
down	Disables the interface. If you include the ipaddress parameter and want to disable the interface in the same command, enter the down parameter after ipaddress and its required parameters.
dhcp	The WLSE acquires network information from a DHCP server. This is the default setting on the WLSE Express (WLSE 1030 hardware).
ipaddress	The IP address of the interface. When changing the WLSE's IP address, append the up option to the command line.
netmask	The netmask of the interface IP address.
default-gateway	The IP address of the default gateway that connects the WLSE to the network.
address	The default gateway IP address.
up	See the preceding description of up.
down	See the preceding description of down.
auto	Allow the interface speed to be set automatically.
speed	Set the interface speed to 10, 100, or 1000 megabits.
duplex half | full	Set interface to half-duplex or full-duplex mode.
mtu 46-1500	Set the maximum packet size within this range, in bytes.

Usage Guidelines

When you enter the interface command, the interface that you specify is enabled by default. If you want to disable an enabled interface or leave a disabled interface disabled, you must specify the down option.

If the interface is down when you change the IP address or hostname, append up to the command line. If the interface is up, append down to the command line. For example:

interface eth0 209.165.201.8 255.255.255.224 default-gateway 
209.165.201.1 up

Example

The following command disables the Ethernet 1 interface:

interface eth0 down

The following command sets the Ethernet 0 IP address, netmask, and gateway IP address:

interface eth0 209.165.200.224 255.255.255.224 default-gateway 
209.165.201.31 up

Related Commands

show interfaces

ip domain-name

To define a default domain name, use the following command. To remove the default domain name, use the no form of the command.

A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured domain name appended to it. If you are using a DNS server, this appended name is resolved by the DNS server, and then added to the host table.

ip domain-name name

no ip domain-name name

Syntax Description

name	Domain name (for example, cisco.com).

Example

This command defines the default domain name to be cisco.com:

ip domain-name cisco.com

This command removes the default domain name abc.com:

no ip domain-name abc.com

Related Commands

show domain-name

ip domain-name

ip name-server

To specify the addresses of up to three name servers for name and address resolution, use the following command. To remove a name server, use the no form of the command.

ip name-server ip-address

no ip name-server ip-address

Syntax Description

ip-address

Name server IP address (maximum of 3).

Usage Guidelines

Use the ip name-server command to point the WLSE to a specific DNS server. You may configure up to three servers. If you attempt to configure a fourth name server, the following error message appears:

# Name-server table is full.

The WLSE must be able to contact a functional DNS server to operate correctly. If it does not, in most cases it will not correctly process requests from management applications that use it. If the system cannot obtain DNS services from the network, Telnet connections to the system will fail or Telnet interaction with the system will become extremely slow.

Example

This command assigns a name server for the system to use for name-to-address resolution:

ip name-server 209.165.200.224

This command disables the name server; the system will not use it for name-to-address resolution:

no ip name-server 209.165.200.224

Related Commands

ip domain-name

listbackup

Use the following command to list all available backups at the defined location. Backup names are created by using the WLSE hostname and the backup date and time.

listbackup

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

You must first define the backup location by using the backupconfig command.

Example

The following command lists all current backups at the configured site:

listbackup

ex1_06042001_170640: Hostname: ex1 Date: 06042001  time: 1700

ex1_06052001_124543: Hostname: ex1 Date: 06052001  time: 1243

ex1_06052001_155148: Hostname: ex1 Date: 06052001  time: 1558

ex1_06202001_145704: Hostname: ex1 Date: 06202001  time: 1454

Related Commands

backup

backupconfig

restore

show backupconfig

mail

Use this command to send and receive mail and to debug and test email settings.

mail [ to user@host [ debug ] ]

Syntax Description

To read email, enter the command with no arguments. To send email, enter the command with the following arguments:

to	Sends email to the expressed recipient.
user@host	Recipient of the email.
debug	Debug email problems.

Usage Guidelines

When sending a message, enter a period on a line by itself to terminate the message body.

When listing the mail queue, enter exit to return to the CLI command prompt.

Example

The following command sends an email message:

mail to operator@sj_wlse

Subject: test 

This is a test mail 

. 

Cc: 

---

Note You must end the mail message with a period (.) on a line by itself.

---

The following command debugs email problems:

admin@magellan.com:mail to operator@cisco.com DEBUG

Subject: testing

testing

.

Cc: 

operator@cisco.com... Connecting to inbound.cisco.com. via esmtp...

220 inbound.cisco.com ESMTP Sendmail 8.12.11/8.11.2; Mon, 19 Jul 2004 
13:24:00 -0700 (PDT)

>>> EHLO magellan.cisco.com

250-inbound.cisco.com Hellomagellan.cisco.com [192.168.65.120], 
pleased to meet you

250-ENHANCEDSTATUSCODES

250-PIPELINING

250-EXPN

250-VERB

250-8BITMIME

250-SIZE

250-DSN

250-ETRN

250-DELIVERBY

250 HELP

>>> MAIL From:<admin@magellan.cisco.com> SIZE=45

250 2.1.0 <admin@magellan.cisco.com>... Sender ok

>>> RCPT To:<operator@cisco.com>

250 2.1.5 <operator@cisco.com>... Recipient ok

>>> DATA

354 Enter mail, end with "." on a line by itself

>>> .

250 2.0.0 i6JKO0im006330 Message accepted for delivery

operator@cisco.com... Sent (i6JKO0im006330 Message accepted for 
delivery)

Closing connection to inbound.cisco.com.

>>> QUIT

221 2.0.0 inbound.cisco.com closing connection

admin@magellan.com:

Related Commands

mailcntrl

mailroute

mailcntrl

This command displays the size of the email log, send queue, or user queue or deletes the email log, send queues, or user queues.

mailcntrl list { logsize | sendqueusize | userqueuesize }

mailcntrl clear { log | sendqueue | userqueue }

Syntax Description

list	Displays the following:
	logsize	Size of the mail log.
	sendqueuesize	Size of the sendqueue.
	userqueuesize	Size of the userqueue.
clear	Deletes the following:
	log	WLSE email log.
	sendqueue	WLSE send queues.
	userqueue	WLSE user queues.

Example

The following command clears the WLSE's email log.

mailcntrl clear log

Related Commands

show maillog

mailroute

To forward email to a specified SMTP server, use the following command to specify the server. If no server is specified, the WLSE will use DNS to determine the correct email server in your local domain. To stop forwarding mail to the SMTP server, use the no mailroute command to remove the defined mail server information.

mailroute { hostname | ip-address }

no mailroute

Syntax Description

hostname	Host name of an email server.
ip-address	IP address of an email server.

Example

The following command forwards email to a server with the hostname mailserver:

mailroute mailserver

Related Commands

show mailroute

mkcert

Use this command to generate or regenerate the SSL self-signed certificate for enabling secure socket layer protocol (SSL). SSL provides a secure HTTPS connection between Web clients and the WLSE.

When you initially set up the WLSE, a private key, a self-signed certificate, and a certificate signing request (CSR) are generated.

This command enables SSL.

The unsigned certificate expires in one year; use the procedure described below to obtain and install a permanent certificate from a certificate authority.

---

Note When you wish to establish an SSL connection to the WLSE, use the https prefix instead of http when entering the URL into the browser. Do not append a port number to the URL.

---

Syntax Description

mkcert

Usage Guidelines

When you run mkcert, the following prompts are displayed. For some fields, there is a default name. If you enter a period (.), the field will be left blank.

Prompt	Response
1. Country Name 2. State or Province Name 3. Locality Name	Country, state or province, and city in which the WLSE is located. Use the 2-character code for the country and the full names of state or province and city.
4. Organization Name	Full name of organization that owns the WLSE.
5. Organizational Unit Name	(Optional) Section of organization that is using the WLSE.
6. Common Name	Fully qualified domain name of organization.
7. Email Address	Email address of organization.

After generating the certificate, view it in the Web interface (Administration > Security > SSL (HTTPS). Copy everything between the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST lines and send it to a certificate authority (such as Verisign). Use the authority's procedure for sending the certificate.

When you receive the signed certificate:

---

Step 1 Copy the certificate into an ASCII file on a client system.

Step 2 Start the WLSE Web interface from the same client system.

Step 3 Select Admin > Security > SSL (HTTPS).

Step 4 Enter the path to the certificate or click Browse to locate it. Then click Submit Certificate.

Step 5 To use the new certificate, restart the WLSE by running the following commands:

services stop

services start

---

nslookup

To translate a device name to its IP address or an IP address to its device name, use the following command.

nslookup { dns-name | ip-address }

Syntax Description

dns-name	Device name of a host on the network.
ip-address	IP address of a host on the network.

Example

The following command translates the device name hostname to its IP address:

nslookup hostname

Server: dns.ex1.com

Address: 209.165.200.224

Name:    ex1.com

Address: 209.165.201.0

ntp server

To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the following command. To disable this function, use the no form of this command.

ntp server ip-address

no ntp server ip-address

Syntax Description

ip-address

IP address of the NTP time server.

Usage Guidelines

Use the ntp server command to synchronize the system clock with the specified NTP server. If you configure multiple NTP servers, the system will synchronize with the first working NTP server it finds. There is no limit to the number of NTP servers that you can configure.

The ntp server command validates the NTP server that you specify. The possible results are:

•If the server is a valid NTP server, a message similar to the following appears:

# 19 Jan 00:43:48 ntpdate[1437]: step time server 209.165.200.224 
offset 999.257304

•If no NTP server with the name or IP address you specified exists, a message similar to the following appears:

# 19 Jan 00:43:40 ntpdate[1431]: no server suitable for 
synchronization found

In this case, remove the NTP server by using the no form of the command, then configure a valid NTP server.

•If the system time is set to a time later than the time on the NTP server, a message similar to the following appears:

# 19 Jan 00:43:58 ntpdate[1265]: Can't adjust the time of day: 
Invalid argument.

In this case, the ntp server command is entered into the system configuration, but NTP will not function. Follow these steps to remove the command and configure NTP correctly:

---

Step 1 Remove the ntp server command from the configuration by entering the no form of the command. For example:

no ntp server ip-address

where ip-address is the IP address of the NTP server.

Step 2 Set the system clock to a time that is behind the time on the NTP server using the clock set command. For more information about the clock command, see clock set.

Step 3 Enter the ntp server command again to configure the NTP server on the system. For example:

ntp server ip-address

---

Example

This command configures the system to use an NTP server:

ntp server 209.165.201.0 

This command configures the system to stop using the NTP server:

no ntp server 209.165.201.0 

Related Commands

clock set

ping

To send ICMP echo_request packets for diagnosing basic network connectivity, use the following command.

ping [ -n ] [ -c count ] [ -i wait ] [ -s packetsize ] { hostname | ip-address }

Syntax Description

-n	Disables reverse DNS lookup.
-c	Sets the number of echo packets to send.
count	Number of echo packets to send.
-i	Sets the amount of time to wait between sending each packet.
wait	Amount of time to wait between sending each packet, in seconds. The default is 1.
-s	Sets the size of each echo packet.
packetsize	The size of each echo packet, in bytes. The default is 56.
hostname	Host name of system to ping.
ip-address	IP address of system to ping.

Usage Guidelines

To use this command with the hostname argument, DNS must be configured on the system.

To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-c.

Example

This command sends 4 echo packets to the host otherhost with a wait time of 5 seconds between each packet:

ping -c 4 -i 5 209.165.200.224

PING 209.165.200.224 (209.165.200.224) from 209.165.201.0 : 56(84) 
bytes of data.

64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=0 ttl=246 
time=16.3 ms

64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=1 ttl=246 
time=2.0 ms

64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=2 ttl=246 
time=2.1 ms

64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=3 ttl=246 
time=2.1 ms

Related Commands

traceroute

ps

This command shows running processes.

ps [ help ] [ info ] [ options ]

Syntax Description

This is a standard Linux command.

help	Displays the Linux manual page.
info	Preprends addiitonal information about /proc and socket status.
options	Use Unix98, BSD, and GNU options that are displayed when use the help option.

Usage Guidelines

The output of the ps command is sent to the procps_last.log file. You can view or download this file from the Web interface: Admin > Status > View Log File.

redundancy

To turn redundancy on or off, use the following command:

redundancy { on | off }

redundancy status

redundancy config

redundancy upgrade package_name

Syntax Description

on	Turn on redundancy mode.
off	Turn off redundancy mode.
status	Show redundancy status.
config	Show redundancy configuration.
upgrade package_name	Will be used to upgrade from 2.11 to the next release of WLSE software. Upgrades WLSE software on a redundant cluster of WLSEs. Upgrades both nodes without requiring that redundancy be turned off during the upgrade.

Examples

This command upgrades a WLSE from an upgrade image that is in the local repository:

redundancy upgrade WLSE-2.11u

Usage Guidelines

When you run redundancy on, the current redundancy settings are validated. Error messages are displayed if any parameters are not configured, and errors must be corrected before you can turn on redundancy mode. To correct validation errors, use the Web interface. For more information, see Managing WLSE Redundancy.

The validation failure messages are:

Notification email is not specified

Admin Password not set

Failed to decrypt admin password

Primary IP not specified

Secondary IP not specified

Sync interval not specified or invalid

Check interval not specified or invalid

Invalid HTTP port specified. Must be 1741 or 80

HTTP port not set

Virtual IP not specified

The upgrade option will be used in the next release to upgrade a redundant cluster after downloading the image to the local WLSE repository via the Software Image Management (SWIM) option of CiscoWorks RME. This command looks for the specified software image in the local repository on either the active or standby WLSE. It is preferable to run the command from the active node. By using this method of upgrading, downtime is minimized because one node is running while the other is being upgraded.

Related commands

show redundancy

repository

reinitdb

To reinitialize the database, use the following command. This command erases all information in the database, stops and restarts system services, and reboots the WLSE.

reinitdb

---

Note This command stops and restarts system services.

---

Usage Guidelines

After the database is reinitialized, the WLSE reboots.

Syntax Description

This command has no arguments or keywords.

Example

This command reinitializes the database:

reinitdb

Related Command

reload

To reboot the WLSE, use the following command.

reload [ force ]

Syntax Description

The force option causes a reload without asking for confirmation.

Usage Guidelines

You will be prompted to verify the reload. Enter yes to confirm or no to cancel the reload.

---

Caution All processes running on the system stop when you run the reload command. The WLSE will not respond while it is reloading.

---

Example

This command reboots the system:

reload

Related Commands

shutdown

repository

This command manages the local repository, from which the WLSE downloads its software updates. You can add, delete, or list software packages in the repository; specify the location from the local repository downloads images, and control the status of the repository.

repository add package [ rate Kbytes/second ]

repository delete [ package | all ]

repository list { local | remote } [ detail ] [ page ]

repository source URL

repository server [ stop | start | status ]

Syntax Description

add package	Transfers a software update image named package from a remote server to the local repository.
rate	Rate of transfer of the image in Kbytes/second.
delete	Deletes a package from local repository.
all	Deletes all packages from local repository.
list	List software images and packages in configured local or remote repository.
local	Lists software updates and packages in local repository.
remote	Lists software updates and packages in remote repository.
detail	Includes details of software updates and images displayed.
page	Displays first page of command output. To display more: •Press the Return key to display the next line of output. •Press the Space bar to display the next screen of output Press q or Q to exit paged output and return to the command prompt.
source URL	Configure WLSE to serve as repository and to download software updates and images from external server whose IP address is URL (restricted to the FTP protocol). This command only configures the WLSE to be a repository. To configure the WLSE to install software updates and images from this repository, see install.
server	Start, stop, or display status of the WLSE's local repository.
stop	Stop local repository.
start	Start local repository.
status	Display status of local repository.

Usage Guidelines

You will be prompted to enter a username and password if they are needed to access the remote server.

Examples

The following command transfers the update EX_2.0 from an update server to the local repository:

repository add ex_2.0

The following command deletes the update EX_2.0 from the local repository:

repository delete EX_2.0

The following command lists the software updates and images available on the configured local repository, with details and one page at a time:

repository list local detail page

The following command configures the WLSE to be a repository, and to download software updates and images from http:// 209.165.200.224:

repository source ftp://209.165.200.224

The following command stops the local repository:

repository server stop

Related Commands

install

show repository

restore

Use the following command to restore a backed up configuration of the WLSE.

restore -n backup_name

Syntax Description

backup_name	Name of backup.
-n	Restores without overwriting the flash memory, which contains network information (hostname, IP address, domain name, name servers, NTP server) and users' CLI privileges.

Usage Guidelines

The restore command shuts down services on the WLSE, restores the data, and then reboots the WLSE.

Backups are restored from the location that you specified. To specify the backup location, use the backupconfig command.

You can restore configuration data from one WLSE to another; for example, if you want to replace one WLSE with another. For more information see the backup procedures in Backing Up and Restoring Data.

Example

The following command restores the backup called backup1 from the configured backup location:

restore backup1

Releated Commands

backup

backupconfig

listbackup

show backupconfig

route

To add a route through a gateway device, use the route command. To delete a route, use the no version of the command.

route network-address netmask  gateway-address

no route network-address netmask gateway-address

Syntax Description

network-address	IP address of the network.
netmask	Value of the network netmask.
gateway-address	IP address of router or gateway.

Example

The following command adds a route:

route 209.165.201.0 255.255.255.224 209.165.200.224

The following command deletes the above route:

no route 209.165.201.0 255.255.255.224 209.165.200.224

services

To list, start, or stop the management services running on the system, use the following command.

services { status | start | stop }

Syntax Description

status	Displays the management services status.
start	Starts the management services.
stop	Stops the management services.

Usage Guidelines

Management services are the software installed on the system by network management applications. Use this command to stop and restart the management services if the system is not responding correctly to a management application. This should cause the services to reset and function properly again.

Example

This command stops management services:

services stop

This command starts management services:

services start

This command shows services status:

# services status

Process= WirelessSvcMgr

        State  = Program started - No mgt msgs received

        Pid    = 1567

        RC     = 0

        Signo  = 0

        Start  = 09/28/04 21:56:11

        Stop   = Not applicable

        Core   = Not applicable

        Info   = Application started by administrator request.

        Process= WLSEjobvm

        State  = Program started - No mgt msgs received

        Pid    = 1573

        RC     = 0

        Signo  = 0

        Start  = 09/28/04 21:56:11

        Stop   = Not applicable

        Core   = Not applicable

        Info   = Application started by administrator request.

.

.

.

Related Commands

show proc[ess]

setup

Use this command to configure the WLSE Express if you are not using DHCP.

setup

Usage Guidelines

For details on using the setup command, see the WLSE Installation and Configuration Guides on Cisco.com.

show auth-cli

Use this command to display the type of authentication used for secure CLI access.

show auth-cli

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that local authentication is being used for the CLI:

show auth-cli

local

Related Commands

auth

show auth-http

Use this command to display the type of authentication used for secure HTTP access.

show auth-http

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that the WLSE's local authentication is being used for the CLI:

show auth-http

Related Commands

auth

show backupconfig

The following command displays the current backup and restore configuration.

show backupconfig

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

If the backup location is not set, the host and username fields display NONE.

Example

The following command displays the current backup and restore configuration:

show backupconfig

Hostname: 209.165.201.0

Username: user1

Related Commands

backup

backupconfig

listbackup

restore

show backuplog

The following command displays the contents of the backup log.

show backuplog

show bootlog

This command displays the messages logged during the last system boot.

show bootlog [ page ]

Syntax Description

page	Displays first page of command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

This command displays the messages logged during the last system boot:

show bootlog page

Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1

Console: colour VGA+ 80x25

Calibrating delay loop... 1133.77 BogoMIPS

start low memory: 0xc0001000 i386_endbase: 0xc009f000

addresses range:: 0xc0f00000  0xc1000000

start memory: c04f8000 end_memory: d0000000

Memory: 257688k/262144k available (988k kernel code, 416k reserved, 
2992k data,)

Dentry hash table entries: 262144 (order 9, 2048k)

Buffer cache hash table entries: 262144 (order 8, 1024k)

Page cache hash table entries: 65536 (order 6, 256k)

vmdump: setting dump_execute() as dump_function_ptr ...

VFS: Diskquotas version dquot_6.4.0 initialized

CPU: Intel Pentium III (Coppermine) stepping 06

Checking 386/387 coupling... OK, FPU using exception 16 error 
reporting.

Checking 'hlt' instruction... OK.

POSIX conformance testing by UNIFIX

mtrr: v1.35a (19990819) Richard Gooch (rgooch@atnf.csiro.au)

:

Related Commands

reload

show cdp neighbor

Use this command to display the nearest neighbor on the network.

show cdp neighbor

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

CDP neighbor information is usually broadcasted at 3- to 5-minute intervals, so there may be a delay in displaying neighbor information.

Example

This command shows the nearest neighbor on the network.

show cdp neighbor

cdp neighbor device: Switch

        device type: cisco WS-C2924-XL

        port: FastEthernet0/12

        address: 209.165.201.0

show cdp run

Use this command to display the Cisco Discovery Protocol (CDP) configuration.

show cdp run

Syntax Description

This command has no arguments or keywords.

Example

The following command displays the CDP configuration:

show cdp run

CDP protocol is enabled ...

        broadcasting interval is every 60 seconds.

        time-to-live of cdp packets is 180 seconds.

        CDP is enabled on port eth0.

Related Commands

cdp

show clock

To display the system date and time in Coordinated Universal Time (UTC), use the following command.

show clock

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

For more information about the system time, see Understanding WLSE Time Displays.

Example

This command displays the system date and time:

show clock

12:43:47 Jun 20 2001

Related Commands

clock set

ntp server

show config

To display network configuration and user information, use the following command. Only the users who have CLI access are shown. Users with Web interface access only are not listed.

show config

Syntax Description

This command has no arguments or keywords.

Example

his command displays the system configuration, including any users who have CLI access:

show config

hostname ex1

interface ethernet0 209.165.201.0 255.255.255.224 default-gateway 
209.165.202.128

interface ethernet1 up

ip domain-name cisco.com

ip name-server 209.165.202.158

ntp server 209.165.202.108

username admin epassword ************* privilege 15

username jpx111 epassword ************* privilege 15

firewall ethernet0 NONE

snmp-server configuration:

	RW community string: private

	RO community string: public

	sysLocation: your site information

	sysContact: your contact information

telnet disabled

CLI auth: local

HTTP auth: local

show daemonslog

To display the daemons log, use the following command.

show daemonslog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the daemons log, one page at a time:

show daemonslog page

[dmgrDbg] getenv(PX_DBG)=NULL

[dmgrDbg] getenv(PX_MY_DEBUG)=NULL

[dmgrDbg] getenv(PX_MY_TRACE)=NULL

[dmgrDbg] getenv(PX_DBG_LEVEL)=NULL

[dmgrDbg][Tue Sep 28 21:55:30 2004]##### INFO ##### re-evaluate 
DbgLevel=0x0

        ++>>it(1) = 80782f0 <WirelessSvcMgr>

        ++>>it(1) = 8077f10 <WLSEjobvm>

        ++>>it(1) = 8077e00 <WLSEFaults>

        ++>>it(1) = 8077c00 <WebServer>

        ++>>it(1) = 8077d00 <Tomcat>

        ++>>it(1) = 8077ab0 <Snmptrapd>

        ++>>it(1) = 8077960 <ExcepReporter>

        ++>>it(1) = 8077850 <CDPbrdcast>

        ++>>it(1) = 80776e0 <PerfMon>

:

show dmgtdlog

To display the daemon manager log, use the following command.

show dmgtdlog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When uisng paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the daemon manager log, one page at a time:

show dmgtdlog page

/var/adm/CSCOets/log/dmgtd.log

Dec 20 13:42:56 ex dmgt[712]: #3001:TYPE=INFO:Using port: tcp/42340.

Dec 20 13:42:56 ex dmgt[714]: #3007:TYPE=INFO:Started application(HSEC

ollector) "/bin/nice -n 19 /opt/CSCOets/bin/collector" pid=715.

Dec 20 13:42:56 ex dmgt[714]: #3007:TYPE=INFO:Started application(HSEA

:

show domain-name

To display the WLSE's current domain name, use the following command. This command uses DNS to perform a reverse DNS lookup.

show domain-name

Syntax Description

This command has no arguments or keywords.

Example

This command displays the system domain name:

show domain-name

cisco.com

Related Commands

ip domain-name

show hosts

This command displays the WLSE's host file.

show hosts [ page ]

Syntax Description

page	Displays first page of command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the host file one page at a time:

show hosts page

127.0.0.1 localhost localhost.localdomain

192.19.28.169  wlse-2.cisco.com

(END)

Related Commands

import

show http-server

This command displays HTTP and HTTPS access control information.

show http-server

Syntax Description

This command has no arguments or keywords.

Related Commands

http-server

show import hosts

Displays the imported host file.

show import hosts

Syntax Description

hosts

Name of server that host files were imported from.

Example

This command displays the imported host file that was imported from the host ftpserver_1:

show import ftpserver_1

Related Commands

import

show install

Displays the names of software updates available on the configured repository or installation log files.

show install

show install logs [ detail ] [ page ]

Syntax Description

detail	Displays names and descriptions of software updates and images on the configured repository.
page	Displays first page of command output.

Usage Guidelines

After running the show install logs command, you must press q to exit to the CLI prompt.

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the names of the software updates installed on the WLSE:

admin@wlse:show install logs page

2

NAME=WLSE-2.11

(END)

The following command displays names and descriptions of software installed on the WLSE:

admin@wlse:show install logs detail page

3

+++++++++++++++++++++++++++++++++++++++++++++++

INFO: System related content of "hwdata"

===============================================

/usr/X11R6/lib/X11/Cards

/usr/share/doc/hwdata-0.14.1

/usr/share/doc/hwdata-0.14.1/COPYING

/usr/share/doc/hwdata-0.14.1/LICENSE

/usr/share/hwdata

/usr/share/hwdata/CardMonitorCombos

/usr/share/hwdata/Cards

/usr/share/hwdata/MonitorsDB

/usr/share/hwdata/pci.ids

/usr/share/hwdata/pcitable

:

Related Commands

install

repository

show interfaces

To display information about the system network interfaces, use the following command.

show interfaces

Syntax Description

This command has no arguments or keywords.

Example

This command displays information about system network interfaces:

show interfaces

eth0      Link encap:Ethernet  HWaddr 00:02:B3:35:FD:CC  

          inet addr:209.165.200.224 Bcast:209.165.201.0 
Mask:255.255.255.224

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:80309 errors:0 dropped:0 overruns:0 frame:0

          TX packets:22451 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:100 

          Interrupt:5 Base address:0xef00 Memory:d0c7e000-d0c7ec40 

          RX bytes:116826221 (111.4 Mb)  TX bytes:59923827 (57.1 Mb)

          Interrupt:5 Base address:0xef00 Memory:febfb000-febfb038 

          Speed: 100Mb/s

          Duplex: Full

lo        Link encap:Local Loopback  

          inet addr:127.0.0.1  Mask:255.0.0.0

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:28836 errors:0 dropped:0 overruns:0 frame:0

          TX packets:28836 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0 

          RX bytes:13419821 (12.7 Mb)  TX bytes:13419821 (12.7 Mb)

Related Commands

interface

show ipchains

This command displays the IP chains for the selected interface.

show ipchains eth[ 0-5 ]

Syntax Description

eth[ 0-5 ]

Interface to be displayed. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to port labeled A on the back panel, and eth1 corresponds to port labeled B.

Example

The following command displays the IP chains for the ethernet 0 interface:

show ipchains eth0

Chain ineth0 (1 references):

target     prot opt     source                destination           
ports

ACCEPT     tcp  -y--l-  anywhere             ex.help     any ->   telt

ACCEPT     tcp  ------  anywhere             ex.help     any ->   telt

ACCEPT     tcp  ------  anywhere             ex.help     any ->   3345

ACCEPT     tcp  -y--l-  anywhere             ex.help     any ->   ssh

Related Commands

interface

show maillog

To display the mail log, use the following command.

show maillog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters command output to display only records that contain the specified string of characters.
matchstring1matchstring2	Strings of characters to search for in command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the collector log, one page at a time:

show maillog page

/var/log/maillog

Dec 21 04:02:06 ex sendmail[11643]: EAA11643: from=root, size=307, 
class=0, pri=30307, nrcpts=1, msgid=<200112210402.EAA11643@ex.help>, 
relay=root@localhost

Dec 21 04:02:06 ex sendmail[11660]: EAA11643: SYSERR(root): Cannot 
exec /usr/bin/procmail: No such file or directory

Dec 21 04:02:06 ex sendmail[11643]: EAA11643: to=root, ctladdr=root 
(0/0), delay=00:00:06, xdelay=00:00:00, mailer=local, stat=Operating 
system error

:

Related Commands

mailcntrl

show mailroute

Use the following command to show the current mail route.

show mailroute

Syntax Description

This command has no arguments or keywords.

Related Commands

mailroute

show proc[ess]

To display active process statistics, use the following command.

show proc [ page ]

Syntax Description

page	Displays first page of command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the active process statistics one page at a time:

show proc page

PID     ELAPSED    SZ                  STARTED TTY  COMMAND

    1    22:29:10   277 Thu Dec 20 13:42:29 2001 ?    init

    2    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kflushd

    3    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kupdate

    4    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kpiod

    5    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kswapd

    6    22:29:03     0 Thu Dec 20 13:42:36 2001 ?    kreiserfsd

   85    22:29:00     0 Thu Dec 20 13:42:39 2001 ?    kreiserfsd

   86    22:29:00     0 Thu Dec 20 13:42:39 2001 ?    kreiserfsd

   87    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd

   88    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd

   89    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd

  208    22:28:57   290 Thu Dec 20 13:42:42 2001 ?    watchdog

  322    22:28:51   342 Thu Dec 20 13:42:48 2001 ?    idled

  510    22:28:51   290 Thu Dec 20 13:42:48 2001 ?    syslogd

  519    22:28:50   361 Thu Dec 20 13:42:49 2001 ?    klogd

  637    22:28:48   327 Thu Dec 20 13:42:51 2001 ?    crond

  651    22:28:48   286 Thu Dec 20 13:42:51 2001 ?    inetd

17076       18:23   364 Fri Dec 21 11:53:16 2001 ?     \_ in.telnetd

17077       18:23   575 Fri Dec 21 11:53:16 2001 0     |   \_ login

:

show redundancy

Use this command to display the current redundancy configuration or status.

show redundancy { config | status }

Usage Guidelines

Although redundancy settings can be displayed with this CLI command, redundancy parameters can only be configured in the Web interface. After you configure redundancy in the Web interface, you can turn it on or off with the redundancy command.

Syntax Description

config	Shows settings of redundancy parameters and whether the WLSE is in redundancy mode.
status	Shows whether WLSE is in redundancy mode.

Example

This command shows an example of the current settings of the redundancy parameters:

show redundancy config

Redundancy Status: Not Configured

HTTP Port: 1741

Notification Email: 

Virtual IP eth0: 

This Node IP: 172.20.114.31

Other Node IP: 

Minutes between sync: 30

Seconds between check of other node: 60

The following command output shows that the WLSE is not in redundancy mode:

show redundancy status

not configured

Related Commands

redundancy

show repository

Use this command to display the status or access log of a configured repository.

show repository { status | access-log } [ page ]

Syntax Description

status	Displays the status of the local repository
access-log	Displays the access-log of the local repository
page	Displays first page of command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output.

•Press q or Q to exit paged output and return to command prompt.

Example

This command displays the status of the configured repository:

show repository status

Repository Source: 171.69.212.146:9851 
repository is running.

Related Commands

repository

show route

To display the routes that are currently configured, use the following command.

show route

Syntax Description

This command has no arguments or keywords.

Example

This command displays the currently configured routes:

show route

Destination     Gateway Genmask         Flags Metric Ref    Use Iface

209.165.200.224 0.0.0.0 255.255.255.224 UH    0      0        0 eth0

209.165.200.225 0.0.0.0 255.255.255.224 U     0      0        0 eth0

209.165.200.254 0.0.0.0 255.255.255.224 U     0      0        0 lo

209.165.202.128 0.0.0.0 255.255.255.224 UG    0      0        0 eth0

Related Commands

route

show securitylog

To display security log information, use the following command.

show securitylog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters command output to display only records that contain specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to command prompt.

Example

The following command displays the security log, one page at a time:

show securitylog page

/var/log/secure

Dec 20 13:45:23 ex in.tftpd[1381]: connect from 209.165.200.224

Dec 20 13:45:27 ex in.tftpd[1383]: connect from 209.165.200.224

Dec 20 13:45:31 ex in.tftpd[1385]: connect from 209.165.200.224

Dec 20 13:45:35 ex in.tftpd[1387]: connect from 209.165.200.224

Dec 20 13:45:39 ex in.tftpd[1389]: connect from 209.165.200.224

Dec 20 13:45:44 ex in.tftpd[1391]: connect from 209.165.200.224

Dec 20 13:45:48 ex in.tftpd[1393]: connect from 209.165.200.224

Dec 20 13:45:52 ex in.tftpd[1395]: connect from 209.165.200.224

Dec 20 13:45:56 ex in.tftpd[1397]: connect from 209.165.200.224

Dec 20 13:46:00 ex in.tftpd[1399]: connect from 209.165.200.224

Dec 20 13:46:04 ex in.tftpd[1412]: connect from 209.165.200.224

Dec 20 13:46:27 ex in.tftpd[1424]: connect from 209.165.200.224

Dec 20 13:46:31 ex in.tftpd[1426]: connect from 209.165.200.224

Dec 20 13:46:35 ex in.tftpd[1428]: connect from 209.165.200.224

:

show snmp-server

The following command displays the SNMP configuration:

show snmp-server

Syntax Description

This command has no arguments or keywords.

Example

The following command displays the WLSE's SNMP configuration:

show snmp-server

RW community string: private

RO community string: public

sysLocation: your site information

sysContact: your contact information

trap-forwarding is disabled

Related Commands

snmp-server

show ssh-server

This command displays SSH access control information.

show ssh-server

Syntax Description

This command has no arguments or keywords.

Related Commands

ssh-server accept

show ssh-version

The following command displays the type of SSH that is enabled:

show ssh-version

Syntax Description

This command has no arguments or keywords.

Example

This command displays the type of SSH that is enabled:

show ssh-version

SSH1, SSH2

Related Commands

ssh-version

show syslog

To display syslog information, use the following command.

show syslog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output.

•Press q or Q to exit paged output and return to command prompt.

To filter command output to include only the records that contain a specified string(s) of characters, use the include option with one or two character strings to search for.

If you include two strings, the command outputs only those records that contain both character strings.

Example

This command displays syslog information:

show syslog

Jun 20 16:04:23 ex syslogd 1.3-3: restart.

Jun 20 16:04:23 ex syslog: syslogd startup succeeded

Jun 20 16:04:23 ex kernel: klogd 1.3-3, log source = /proc/kmsg start.

Jun 20 16:04:23 ex kernel: Inspecting /boot/System.map-2.2.16-13bipse2

Jun 20 16:04:23 ex syslog: klogd startup succeeded

:

Related Command

interface

show tech

Use the following command to display information necessary for Cisco's Technical Assistance Center to assist you:

show tech [ page ]

Syntax Description

page	Displays first page of command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output.

•Press q or Q to exit paged output and return to the command prompt.

Example

show tech page

/bin/cat: /var/log/secure: Permission denied

Copyright (c) 1999-2000 by Cisco Systems, Inc.

Build Version (166) Mon Jun 11 16:56:23 PDT 2001

Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1

Uptime: 0 days 18 hours 35 mins

2 Ethernet interfaces

hostname ex

interface ethernet0 209.165.200.224 255.255.255.224 default-gateway 
209.165.202.128

ip name-server 209.165.201.0

username admin epassword ************* privilege 15

eth0      Link encap:Ethernet  HWaddr 00:02:B3:35:FD:CC  

          inet addr:209.165.200.224 Bcast:209.165.201.31 
Mask:255.255.255.224

:

show telnetenable

To display the WLSE's Telnet status, use the following command.

show telnetenable

Syntax Description

This command has no arguments or keywords.

Example

The following command shows whether Telnet is enabled or disabled:

show telnetenable

telnet enable for: ALL

Related Commands

telnetenable

telnet

show time

The command displays time zone configuration and NTP server (if any).

show tomcatlog

To display the Tomcat log, use the following command.

show tomcatlog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the tomcat log, one page at a time:

show tomcatlog page

/var/adm/CSCOets/log/tomcat.log

2001-12-20 01:43:06 - ContextManager: Adding context Ctx( /examples )

2001-12-20 01:43:06 - ContextManager: Adding context Ctx( /admin )

Starting tomcat. Check logs/tomcat.log for error messages 

2001-12-20 01:43:06 - ContextManager: Adding context Ctx(  )

getUIProperties(): unhandled error could be a bad ui.properties

java.lang.NullPointerException

        at java.io.Reader.<init>(Reader.java:68)

        at java.io.InputStreamReader.<init>(InputStreamReader.java:96)

:

show version

To display information about the current software, hardware type, and some details about the hardware, use the following command.

show version

Syntax Description

This command has no arguments or keywords.

Example

The command displays information about software and hardware and limits on the number of access points that can be managed; for example:

show version

(C) Copyright 2005 by Cisco Systems Inc.

WLSE 1030 Release 2.11FCS Mon Mar 7 12:59:06 UTC 2005

Device Limit = 100

Build Version (66) Tue Mar 8 06:47:27 UTC 2005

Uptime: 0 days 1 hour 34 mins

Linux version 2.4.28-5_WLSE (root@app20.cisco.com) (gcc version 2.96 
20000731 (Red Hat Linux 7.3 2.96-113)) #1 Mon Jan 31 16:16:56 PST 2005

1030

VIA CPU at 1000.058 Mhz with 1025592K bytes of memory.

1 Ethernet interfaces

18.464Gb on disk

show webaccesslog

To display the Web access log, use the following command.

show webaccesslog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

To display more:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output.

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the Web access log, one page at a time:

show webaccesslog page

/var/adm/CSCOets/log/access_log

209.165.200.224 - - [21/Dec/2001:10:38:54 +0000] "GET / HTTP/1.0" 302 
276 "-" "Mozilla/4.76 [en]C-CCK-MCD   (Windows NT 5.0; U)"

209.165.200.224 - - [21/Dec/2001:10:38:54 +0000] "GET 
/perl/login-form.cgi HTTP/1.0" 200 2268 "-" "Mozilla/4.76 
[en]C-CCK-MCD   (Windows NT 5.0; U)"

209.165.200.224 - - [21/Dec/2001:10:38:55 +0000] "GET /icons/hse.gif 
HTTP/1.0" 200 5554 "http://209.165.201.0:1741/perl/login-form.cgi" 
"Mozilla/4.76 [en]C-CCK-MCD   (Windows NT 5.0; U)"

209.165.200.224 - - [21/Dec/2001:10:38:55 +0000] "GET 
/icons/left_top.gif HTTP/1.0" 200 324 
"http://209.165.201.0:1741/perl/login-form.cgi" "Mozilla/4.76 
[en]C-CCK-MCD   (Windows NT 5.0; U)"

:

show weberrorlog

To display the Web error log, use the following command.

show weberrorlog [ page ] [ include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the Web error log, one page at a time:

show weberrorlog page

/var/adm/CSCOets/log/error_log

[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>: 
Invalid command 'secret', perhaps mis-spelled or defined by a module 
not included in the server configuration

[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>: 
Invalid command 'line', perhaps mis-spelled or defined by a module not 
included in the server configuration

[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>:

:

show websslaccesslog

To display the Web SSL log, use the following command.

show websslaccesslog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page	Displays first page of command output.
include	Filters the command output to display only the records that contain the specified string of characters.
matchstring1 matchstring2	Strings of characters to search for in the command output.

Usage Guidelines

When using paged output:

•Press the Return key to display the next line of output.

•Press the Space bar to display the next screen of output

•Press q or Q to exit paged output and return to the command prompt.

Example

The following command displays the Web SSL log, one page at a time:

show websslaccesslog page

shutdown

To shut down the system in preparation for powering it off, use the following command.

shutdown

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

All processes running on the WLSE will stop, and the WLSE will not respond until you power it off and back on.

You are prompted to verify the shutdown. Enter yes to continue, or no to cancel the shutdown.

---

Caution Never power the system off without running the shutdown command first. Doing so can destroy data and prevent the system from booting.

---

Example

This command shuts down the system:

shutdown

Related Commands

reload

snmp-server

To configure the simple network management protocol (SNMP) community string, contact information, and location information, use the following command. Use the no forms to delete the community string, location information, or contact information.

snmp-server { community community-name [ RO | RW ] |
location sysLocation-info | contact sysContact-info }

no snmp-server community community-name

no snmp-server contact

no snmp-server location

Syntax Description

community community-name	Sets a community string.
RO	Makes the community string read-only.
RW	Makes the community string read/write.
location sysLocation-info	Sets the system location string.
contact sysContact-info	Sets the contact string.

Example

This command sets the SNMP contact string:

snmp-server contact Dial System Operator at Beeper # 27345

Related Commands

show snmp-server

ssh host

To use SSH to connect to an external host, use the following command.

ssh host [ -l username ]

Syntax Description

host	Name or IP address of host to which to connect.
-l username

Example

Enter the following command to connect to an external host using SSH:

ssh 209.165.200.224

ssh-server accept

This command controls access to the WLSE via SSH. The default behavior is to accept all connections. If you specify an IP address, connections will be accepted from matching addresses only. Use the no form to remove SSH access control for the specified IP address.

ssh-server accept ip_address [ netmask ]

no ssh-server accept ip_address [ netmask ]

Syntax Description

ip_address	IP address to be allowed access.
netmask	Netmask for the IP address.

Usage Guidelines

The no form of the command must match exactly the rule it is deleting.

Related Commands

show ssh-server

ssh-version

Use this command to enable Secure Shell (SSH) 1 or SSH 2, or both.

ssh-version { ssh1 | ssh2 | both }

Syntax Description

ssh1	Enables SSH 1
ssh2	Enables SSH 2
both	Enables both SSH 1 and SSH2

Example

This command enables ssh1:

ssh-version ssh1

Related Commands

show ssh-version

tarlog

This command creates two archives of system log files.

tarlog

Usage Guidelines

When you run the tarlog command, system log files are archived to var_logs.tgz and logs.tgz.

These files can only be accessed from the web interface:

1. Run the tarlog command. The var_logs.tgz and logs.tgz archive files are created.

2. Select Administration > Appliance > Status > View Log File.

3. Save the desired file to the desktop.

4. Unzip the file.

telnet

To Telnet to an external host, use the following command.

telnet { hostname | ip-address } [ portnumber ]

Syntax Description

hostname	Hostname of the external host.
ip-address	IP address of the external host.
portnumber	portnumber of the external host.

Example

Enter the following command to telnet to port 9851 of a system with the IP address 209.165.200.224:

telnet 209.165.200.224 9851

Related Commands

telnetenable

telnetenable

To control Telnet access to the WLSE, use the following command. The default is disabled.

telnetenable { status | disable | enable [ ip-address [ ip-address ... ] | domain ]] }

Syntax Description

enable	Enables Telnet access to the system.
disable	Disables Telnet access to the system. This is the default.
status	Displays current access status.
ip-address	IP addresses of systems allowed Telnet access. If this argument is used, no other machines will be allowed access. Multiple IP address are allowed.
domain	Domains of systems allowed Telnet access. If this argument is used, machines with domains other than the specified domain will be denied Telnet access. Multiple domains are allowed.

Usage Guidelines

To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable only specific IP addresses, use the telnetenable enable command followed by the IP addresses.

Example

This command enables Telnet for all IP source addresses:

telnetenable enable

Related Commands

show telnetenable

tftpserver

This command allows you to use the WLSE's TFTP server for general purposes. This command is available only on the WLSE Express.

tftpserver [ list | create file | delete file | rename file1 file2 |
upload URL ]

Syntax Description

list	Lists the contents of the TFTP server's public repository.
create file	Creates an empty file, which is required for importing files from devices to the WLSE.
delete file	Delete a file from the TFTP server's public respository.
rename file1 file2	Rename file1 (source) to file2 (destination).
upload URL	Upload file from the desktop. The URL is one of the following: •http://hostname/file •ftp://hostname/file •tftp://hostname/file ]

traceroute

To display the network route to a specified host and identify faulty gateways, use the following command.

traceroute [ -f first_ttl ] [ -m max_ttl ] [ -w waittime ] -n host [ packetlength ]

Syntax Description

-f first_ttl	Maximum time-to-live (maximum number of hops) of first outgoing probe packet. Default: 1 hop.
-m max_ttl	Maximum time-to-live for outgoing probe packets. Default: 30 hops.
-w waittime	Time to wait for a response to a probe, in seconds. Default: 5.
-n	Do not use DNS lookup for hostnames.
host	Name or IP address of host to which to connect.
packetlength	Length of packet to send, in bytes. Default and minimum: 40.

Usage Guidelines

This command displays a list of the hosts that receive probe packets as they travel to the destination host. Hosts are displayed in the order in which the receiving hosts receive the packets. Asterisks (*) appear as the entry for hosts that do not respond correctly to probing.

Example

This command displays the network route to the host otherhost with a packet time-to-live value of 2, a wait time of 5 seconds, and 50-byte packets:

traceroute -m 20 -w 10 cisco.com 50

traceroute to example.com (209.165.200.224), 20 hops max, 50 byte 
packets

 1  ex1.com (209.165.200.225)  0.981 ms  0.919 ms  0.926 ms

 2  ex2.com (209.165.200.254)  1.528 ms  0.747 ms 0.661 ms

 3  ex3.com (209.165.200.255)  0.887 ms  0.770 ms  0.744 ms

 4  ex4.com (209.165.201.0)  0.932 ms  0.789 ms  0.679 ms

 5  ex5.com (209.165.201.1)  1.066 ms  1.052 ms  0.983 ms

 6  ex6.com (209.165.201.30)  1.472 ms  1.247 ms  1.847 ms

 7  ex7.com(209.165.201.31)  1.738 ms  1.424 ms  1.658 ms

 8  ex8.com (209.165.202.128)  3.728 ms  2.429 ms  2.804 ms

 9  ex9.com (209.165.202.129)  6.283 ms  5.499 ms 3.285 ms

10  ex10.com (209.165.202.158)  9.926 ms  73.463 ms  3.895 ms

11  ex11.com (209.165.202.159)  70.967 ms *  47.106 ms

Related Commands

ping

username

Use this command to create a new user account or change account properties. Use the no form of the command to remove a user account.

username name [ password | epassword ] password [ privilege { 0 | 15 }]

no username name

Syntax Description

name	Name of the user account to create or remove: •Usernames can be up to 32 characters long. •Usernames must begin with a character (cannot begin with a number). •Usernames cannot contain a colon, semi-colon, single quote, double quote, or space. Note If the user is not using the CLI (that is, privilege is set to 0), the username can begin with a number.
password password epassword password	Password for the account. •Passwords are unlimited in length and are case sensitive. •You can use any character except for the single quote or double quote.
privilege	(Optional) CLI privilege level.
0	Level 0 privileges. This is the default.
15	Level 15 privileges.

Usage Guidelines

The default privilege level is 0 if you do not use the privilege option.

For information on the allowable characters in user names and passwords, see "Naming Guidelines."

Users that you create by using this command do not automatically have the HTTP access that is required for using the WLSE's web interface. To provide such users with HTTP access:

---

Step 1 Log into the Web interface as admin or as another user with system administrator privileges.

Step 2 Select Administration > User Admin, then select Manage Users.

Step 3 For each user you added by using the CLI:

a. Select the username, then select the relevant role(s).

b. Click Modify.

---

For more information about managing users, see Managing GUI Users.

Example

This command creates a user account named user1 with password password1 and privilege level 15:

username user1 password password1 privilege 15

This command removes the user account:

no username user1

webtimeout

This command sets the timeout period for the Web interface. After the timeout expires, you are logged out. The default is 30 minutes (1800 seconds).

webtimeout [ status | time seconds | default ]

Syntax Description

status	Shows the current web session timeout setting.
time seconds	Sets the web session timeout period.
default	Resets web session timeout to the default 30 minutes (1800 seconds).

Example

webtimeout time 3600 seconds

Maintenance Image Commands

This section describes the commands that are available when the system is booted from the maintenance image. For more information about the maintenance image, seeUsing the Maintenance Image.

erase config

This command is identical to the level-15 erase config command. For a description, see erase config.

fsck

To check and repair the filesystem, use the following command.

fsck

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

This command might prompt you for confirmation before making certain repairs.

Example

The following command checks and repairs the filesystem:

fsck

reload

This command is identical to the level 15 reload command. For a description, see reload.