User Guide for the CiscoWorks Wireless LAN Solution Engine, 2.7 - Using the Command Line Interface (CLI) [CiscoWorks Wireless LAN Solution Engine (WLSE)]

Table Of Contents

Using the Command Line Interface (CLI)

Using the CLI

CLI Conventions

Command Privileges

Checking Command Syntax

Command History Feature

Help for CLI Commands

Command Description Conventions

Command Summary

Privilege Level 0 Commands

exit

ping

show clock

show domain-name

show interfaces

show process

show version

traceroute

Privilege Level 15 Commands

auth

backup

backupconfig

cdp

clear

clearvar

clock

df

dumptcp

erase config

firewall

gethostbyname

hostname

http-server

import

install

interface

ip domain-name

ip name-server

listbackup

mail

mailcntrl

mailroute

mkcert

nslookup

ntp server

ps

reload

reinitdb

repository

restore

route

services

show anilog

show auth-cli

show auth-http

show backupconfig

show bootlog

show cdp neighbor

show cdp run

show collectorlog

show config

show daemonslog

show dmgtdlog

show http-server

show import

show install logs

show ipchains

show hosts

show maillog

show mailroute

show proc

show repository

show route

show securitylog

show snmp-server

show ssh-server

show ssh-version

show syslog

show tech

show telnetenable

show tomcatlog

show webaccesslog

show weberrorlog

show websslaccesslog

shutdown

snmp-server

ssh

ssh-server accept

ssh-version

tarlog

telnet

telnetenable

username

webtimeout

Maintenance Image Commands

erase config

fsck

reload

Using the Command Line Interface (CLI)

This appendix summarizes the Wireless LAN Solution Engine's command line interface (CLI) commands.

Note When you use CLI commands to make a configuration change, the system configuration is updated immediately.

This appendix contains the following sections:

•Using the CLI

•CLI Conventions

•Command Privileges

•Checking Command Syntax

•Command History Feature

•Help for CLI Commands

•Command Summary

•Command Description Conventions

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

Using the CLI

You can use the CLI by:

•Attaching a console to the WLSE, or

•Accessing the WLSE using Telnet or SSH.

Note Telnet is disabled by default. Use the telnetenable command to enable Telnet. See telnetenable.

CLI Conventions

The command-line interface (CLI) uses the following conventions:

•The key combination ^c or Ctrl-c means hold down the Ctrl key while you press the c key.

•A string is defined as a non-quoted set of characters.

•Use single-quotes (`) to surround a series of parameters; do not use double-quotes

Note Although the WLSE CLI is similar to the IOS CLI, they are not identical.

Command Privileges

Access to CLI commands is controlled by your user account privilege level. Users with privilege level 15 can use all commands. Users with privilege level 0 can use only a subset of the commands. The command descriptions in this appendix are organized by privilege level.

Checking Command Syntax

The user interface provides several types of responses to incorrect command entries:

•Command not found—You entered a command line that does not contain a valid command.

•Incomplete command—You entered a valid command but omitted required arguments.

•Invalid input—You entered a valid command but provided invalid arguments or parameters.

In addition, some commands have command-specific error messages that notify you that a command is valid but cannot run correctly.

Command History Feature

The CLI provides a command history feature. To display previously entered commands, press the up arrow key. After pressing the up arrow key, you can press the down arrow key to display the commands in reverse order. To run a command, press the Enter key while the command is displayed on the command line. You can also edit commands before pressing the Enter key.

Help for CLI Commands

You can obtain help using the following methods:

•For a list of all commands and their syntax, type help and press Enter.

•For help on a specific command, use either of the following methods:

–Type the command name, a space, help; then press Enter. For example, ntp help.

–Type help, a space, and the command name; then press Enter. For example, help ntp.

The help contains command usage information and syntax.

Command Description Conventions

Command descriptions in this document and in the CLI help system use the following conventions:

•Vertical bars (|) separate alternative, mutually exclusive elements.

•Square brackets ([ ]) indicate optional elements.

•Braces ({ }) indicate a required choice. Braces within square brackets ([{ }]) indicate a required choice within an optional element.

•Boldface indicates commands and keywords that are entered literally as shown.

•Italics indicate arguments for which you supply values.

Command Summary

Table A-1 summarizes all commands available on the WLSE. For full descriptions of commands, see the following sections:

•Privilege Level 0 Commands

•Privilege Level 15 Commands

•Maintenance Image Commands

Table A-1 Command Summary

Command

Privilege Level

Description

Reference

auth

15

Enables remote authentication.

auth

backup

15

Backs up WLSE configuration.

backup

backupconfig

15

Sets backup file location for all backup and restore operations.

backupconfig

cdp

15

Enables or disables Cisco Discovery Protocol (CDP).

cdp

clock

15

Sets system date and time.

show clock

clear

15

Clears the terminal settings for the shell.

clear

clearvar

15

Purges log files from /var partition.

clearvar

df

15

Displays current storage usage.

df

dumptcp

15

Displays TCP/IP packet content and dumps packet content to a file.

dumptcp

erase config

15^¹

Erases configuration in flash memory and reloads the WLSE.

erase config

exit

0

Logs user out.

exit

gethostbyname

15

Displays IP address of a known domain name.

gethostbyname

fsck

N/A^²

Checks and repairs file system.

fsck

firewall

15

Implements port filtering.

firewall

hostname

15

Changes system host name.

hostname

http-server

15

Controls access via HTTP and HTTPS

http-server

import

15

Imports host files or maps IP addresses to host names.

import

install

15

Configures repository for installing software updates on the WLSE and installs software updates.

install

interface

15

Configures Ethernet interfaces.

interface

ip domain-name

15

Defines default domain name.

ip domain-name

ip name-server

15

Specifies address of name servers.

ip name-server

listbackup

15

Lists all current backups at the configured site.

listbackup

mail

15

Debugs and tests email settings.

mail

mailcntrl

15

Lists size of or deletes mail log, send queue, or user queue.

mailcntrl

mailroute

15

Forwards email to specified server.

mailroute

mkcert

15

Generates Certificate Signed Request (CSR) for HTTPS.

mkcert

nslookup

15

Translates device name to IP address or IP address to device name.

nslookup

ntp server

15

Allows system clock to be synchronized by a time server.

ntp server

ping

0

Sends ICMP echo_request packets for diagnosing basic network connectivity.

ping

ps

15

Shows running processes

ps

reload

15¹

Reboots the WLSE.

reload

reinitdb

15

Reinitializes database.

reinitdb

repository

15

Manages local repository for installing software updates.

repository

restore

15

Restores backed up configuration from the configured location.

restore

route

15

Adds a route.

route

services

15

Manages WLSE services.

services

show anilog

15

Displays WLSE ANI log.

show anilog

show auth-cli

15

Displays type of authentication used for secure CLI access.

show auth-cli

show auth-http

15

Displays type of authentication used for secure HTTP access.

show auth-http

show backupconfig

15

Displays current backup/restore location.

show backupconfig

show bootlog

0

Displays messages logged during last system boot.

show bootlog

show cdp neighbor

15

Displays WLSE's nearest neighbor on the network.

show cdp neighbor

show cdp run

15

Displays Cisco Discovery Protocol (CDP) configuration.

show cdp run

show clock

0

Displays system time in Coordinated Universal Time (UTC).

show clock

show collectorlog

15

Displays WLSE's collector log.

show collectorlog

show config

15

Displays WLSE configuration.

show config

show daemonslog

15

Displays WLSE's daemons log.

show daemonslog

show dmgtdlog

15

Displays WLSE's daemon manager log.

show dmgtdlog

show domain-name

0

Displays WLSE's domain name

show domain-name

show http-server

15

Shows HTTP and HTTP access control information.

show http-server

show import

15

Displays imported host files.

show import

show install logs

15

Displays software updates and images available on configured repository.

show install logs

show interfaces

0

Displays information about WLSE's network interface.

show interfaces

show ipchains

15

Displays IP chains for selected interface.

show ipchains

show hosts

15

Displays WLSE's host file.

show hosts

show maillog

15

Displays WLSE's mail log.

show maillog

show mailroute

15

Displays SMTP mail server.

show mailroute

show process

0

Displays information about processes running on WLSE.

show process

show repository

15

Displays status or access log of configured repository.

show repository

show route

15

Displays routes currently configured.

show route

show securitylog

15

Displays WLSE's secure log information.

show securitylog

show snmp-server

15

Displays WLSE's SNMP configuration.

show snmp-server

show ssh-version

15

Displays type of SSH enabled.

show ssh-version

show syslog

15

Displays syslog information.

show syslog

show tech

15

Displays information necessary for Cisco's Technical Assistance Center to assist you.

show tech

show telnetenable

15

Displays WLSE's Telnet status.

show telnetenable

show tomcatlog

15

Displays WLSE's Tomcat log.

show tomcatlog

show version

0

Displays information about current software installed on WLSE.

show version

show webaccesslog

15

Displays WLSE's Web access log.

show webaccesslog

show weberrorlog

15

Displays WLSE's Web error log.

show weberrorlog

show websslaccesslog

15

Displays WLSE's Web SSL log.

show websslaccesslog

shutdown

15

Shuts down WLSE in preparation for powering it off.

shutdown

snmp-server

15

Configures SNMP agent.

snmp-server

ssh

15

Connects to an external host by using SSH.

ssh

ssh-version

15

Enables Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.

ssh-version

tarlog

15

Tars log files.

tarlog

telnet

15

Telnets to an external host.

telnet

telnetenable

15

Configures Telnet access.

telnetenable

traceroute

0

Displays route to specified host and identifies faulty gateways.

traceroute

username

15

Creates new user account or changes account properties.

username

webtimeout

15

Changes session timeout for the Web interface.

webtimeout

¹This command is also available in the maintenance image.

²This command is available only in the maintenance image.

Privilege Level 0 Commands

This section describes the privilege level 0 commands.

exit

To log out of the system, use the following command:

exit

Syntax Description

This command has no arguments or keywords.

Example

The following command logs you out of the system:
exit
ping

To send ICMP echo_request packets for diagnosing basic network connectivity, use the following command.

ping [ -c count ] [ -i wait ] [ -s packetsize ] [ -n ] { hostname | ip-address }

Syntax Description

-c

Sets the number of echo packets to send.

count

Number of echo packets to send.

-i

Sets the amount of time to wait between sending each packet.

wait

Amount of time to wait between sending each packet, in seconds. The default is 1.

-s

Sets the size of each echo packet.

packetsize

The size of each echo packet, in bytes. The default is 56.

hostname

Host name of system to ping.

ip-address

IP address of system to ping.

-n

Disables reverse DNS lookup.

Usage Guidelines

To use this command with the hostname argument, DNS must be configured on the system.

To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-c.

Example

This command sends 4 echo packets to the host otherhost with a wait time of 5 seconds between each packet:
ping -c 4 -i 5 209.165.200.224
PING 209.165.200.224 (209.165.200.224) from 209.165.201.0 : 56(84) 
bytes of data.
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=0 ttl=246 
time=16.3 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=1 ttl=246 
time=2.0 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=2 ttl=246 
time=2.1 ms
64 bytes from dns-sj1.cisco.com (209.165.200.224): icmp_seq=3 ttl=246 
time=2.1 ms
Related Commands

traceroute

show clock

To display the system date and time in Coordinated Universal Time (UTC), use the following command.

show clock

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

For more information about the system time, see Understanding WLSE Time Displays.

Example

This command displays the system date and time:
show clock
12:43:47 Jun 20 2001
Related Commands

show clock

ntp server

show domain-name

To display the system domain name, use the following command.

show domain-name

Syntax Description

This command has no arguments or keywords.

Example

This command displays the system domain name:
show domain-name
cisco.com
Related Commands

ip domain-name

show interfaces

To display information about the system network interfaces, use the following command.

show interfaces

Syntax Description

This command has no arguments or keywords.

Example

This command displays information about system network interfaces:
show interfaces
eth0      Link encap:Ethernet  HWaddr 00:02:B3:35:FD:CC  
          inet addr:209.165.200.224 Bcast:209.165.201.0 
Mask:255.255.255.224
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80309 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22451 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:5 Base address:0xef00 Memory:d0c7e000-d0c7ec40 
          RX bytes:116826221 (111.4 Mb)  TX bytes:59923827 (57.1 Mb)
          Interrupt:5 Base address:0xef00 Memory:febfb000-febfb038 
          Speed: 100Mb/s
          Duplex: Full
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:28836 errors:0 dropped:0 overruns:0 frame:0
          TX packets:28836 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:13419821 (12.7 Mb)  TX bytes:13419821 (12.7 Mb)
Related Commands

interface

show process

To display information about processes running on the system (including the status of the database), use the following command.

show process [ page ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

Usage Guidelines

If the db2sync process is listed in the command output, the database is running.

Example

The following command displays information about processes running on the system:
show process page
PID  PPID     ELAPSED    SZ                  STARTED TTY  COMMAND
    1     0  4-20:04:35   277 Fri Jun 15 16:54:03 2001 ?    init
    2     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kflushd
    3     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kupdate
    4     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kpiod
    5     1  4-20:04:35     0 Fri Jun 15 16:54:03 2001 ?    kswapd
    6     1  4-20:04:28     0 Fri Jun 15 16:54:10 2001 ?    kreiserfsd
   81     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   82     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   83     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   84     1  4-20:04:25     0 Fri Jun 15 16:54:13 2001 ?    kreiserfsd
   85     1  4-20:04:24     0 Fri Jun 15 16:54:14 2001 ?    kreiserfsd
  199     1  4-20:04:23   290 Fri Jun 15 16:54:15 2001 ?    watchdog
  213     1  4-20:04:23   342 Fri Jun 15 16:54:15 2001 ?    idled
  402     1  4-20:04:17   290 Fri Jun 15 16:54:21 2001 ?    syslogd
  411     1  4-20:04:17   360 Fri Jun 15 16:54:21 2001 ?    klogd
  517     1  4-20:04:15   327 Fri Jun 15 16:54:23 2001 ?    crond
  531     1  4-20:04:15   286 Fri Jun 15 16:54:23 2001 ?    inetd
  540     1  4-20:04:14   585 Fri Jun 15 16:54:24 2001 ?    sshd
  585     1  4-20:04:09   842 Fri Jun 15 16:54:29 2001 ?    dmgtd.lnx
-----------more-----------
show version

To display information about the current software, hardware type, and some details about the hardware, use the following command.

show version

Syntax Description

This command has no arguments or keywords.

Example

This command displays the current software on the system:
show version
(C) Copyright 2004 by Cisco Systems Inc.
WLSE Release 2.7 Tue Feb 17 17:05:56 UTC 2004
Build Version (42) Thu Jan 22 23:54:46 UTC 2004
Uptime: 0 days 0 hours 49 mins
Linux version 2.4.20-24.7 (root@app20.cisco.com) (gcc version 2.96 
20000731 (Red Hat Linux 7.3 2.96-113)) #1 Tue Dec 9 18:39:22 PST 2003
1105
Pentium CPU at  1002.293 Mhz with 1030860K bytes of memory.
2 Ethernet interfaces
18.459Gb on disk
traceroute

To display the network route to a specified host and identify faulty gateways, use the following command.

traceroute [ -f first_ttl ] [ -m max_ttl ] [ -w waittime ] -n host [ packetlength ]

Syntax Description

-f first_ttl

Maximum time-to-live (maximum number of hops) of first outgoing probe packet. Default: 1 hop.

-m max_ttl

Maximum time-to-live for outgoing probe packets. Default: 30 hops.

-w waittime

Time to wait for a response to a probe, in seconds. Default: 5.

-n

Do not use DNS lookup for hostnames.

host

Name or IP address of host to which to connect.

packetlength

Length of packet to send, in bytes. Default and minimum: 40.

Usage Guidelines

This command displays a list of the hosts that receive probe packets as they travel to the destination host. Hosts are displayed in the order in which the receiving hosts receive the packets. Asterisks (*) appear as the entry for hosts that do not respond correctly to probing.

Example

This command displays the network route to the host otherhost with a packet time-to-live value of 2, a wait time of 5 seconds, and 50-byte packets:
traceroute -m 20 -w 10 cisco.com 50
traceroute to example.com (209.165.200.224), 20 hops max, 50 byte 
packets
 1  ex1.com (209.165.200.225)  0.981 ms  0.919 ms  0.926 ms
 2  ex2.com (209.165.200.254)  1.528 ms  0.747 ms 0.661 ms
 3  ex3.com (209.165.200.255)  0.887 ms  0.770 ms  0.744 ms
 4  ex4.com (209.165.201.0)  0.932 ms  0.789 ms  0.679 ms
 5  ex5.com (209.165.201.1)  1.066 ms  1.052 ms  0.983 ms
 6  ex6.com (209.165.201.30)  1.472 ms  1.247 ms  1.847 ms
 7  ex7.com(209.165.201.31)  1.738 ms  1.424 ms  1.658 ms
 8  ex8.com (209.165.202.128)  3.728 ms  2.429 ms  2.804 ms
 9  ex9.com (209.165.202.129)  6.283 ms  5.499 ms 3.285 ms
10  ex10.com (209.165.202.158)  9.926 ms  73.463 ms  3.895 ms
11  ex11.com (209.165.202.159)  70.967 ms *  47.106 ms
Related Commands

ping

Privilege Level 15 Commands

This section describes the privilege level 15 commands. Only users with privilege level 15 can run these commands.

auth

Use the following command to enable secure authentication through a remote authentication server.

auth { cli | http } { local | tacacs secret server1 [ server2 ] | radius secret server1 [ server2 ] | nt domain pdc [ bdc ] }

Syntax Description

cli

Enables authentication using the CLI.

http

Enables authentication using HTTP.

local

Enables local authentication.

tacacs

Enables authentication using TACACS+ (Terminal Access Controller Access Control System).

radius

Enables authentication using RADIUS (Remote Dial-In User Service).

nt

Enables authentication from a Windows NT domain controller.

secret

Shared secret code of server.

server1

IP address or device name of server from which authentication will occur.

server2

IP address or device name of optional secondary server from which authentication could occur

domain

NT domain name.

pdc

Name of the Primary Domain Controller (PDC).

bdc

Name of the Backup Domain Controller (BDC).

Example

This command enables secure remote authentication from a remote server, using TACACS.
auth http tacacs tr5e43 209.165.200.224 
Related Commands

show auth-cli

show auth-http

backup

Use the following command to back up the WLSE.

backup [ test ]

Syntax Description

test

Tests configured backup hostname, username, password, and directory.

Usage Guidelines

The backup command backs up the WLSE configuration to the location specified by the backupconfig command.

Example

A typical backup proceeds as follows:

1. Run backupconfig (see backupconfig) to specify the location for storing the backups.

2. Run backup test to make sure the credentials specified in backupconfig and the user can write to the target location:
admin@sj-wlse:backup test
test OK
The backup test command creates a small file called test.tar at the target location under a sub-directory of BACKUP (the default directory created by the backup process). If the backup test does not return OK, the backup command will fail.

3. Run the backup command to start the backup process. Depending upon the amount of data, this can take a few minutes. Do not interrupt the process:
admin@sj-wlse:backup
backupfile: sj-wlse_02142004_222801.taraa
sj-wlse_02142004_222801.inf
admin@sj-wlse
The backup process creates a .taraa file and .inf file named for the WLSE hostname and the date and time of the backup.

4. Log in to the backup location system and verify that there is a backup directory under the BACKUP/WLSE hostname_date_time subdirectory and that it contains the two files created by the backup process.

Related Commands

backupconfig

listbackup

restore

show backupconfig

backupconfig

Use the backupconfig command to specify the location for all backup and restore operations. To delete the backup configuration, use the no backupconfig command.

backupconfig { hostname } { username } { password } [ directory ]
no backupconfig

Syntax Description

hostname

Host name or IP address of the host system.

username

Username of host system.

password

Password of the host system.

directory

Path to specific backup directory, if different from user's default directory.

Example

The following command causes all backup and restore operations to use the host with IP address 209.165.200.224, username user1, and password pass:
backupconfig 209.165.200.224 user1 pass
The following command clears all backup and restore configuration information:
no backupconfig
Related Commands

backup

listbackup

restore

show backupconfig

cdp

Use the cdp command to configure the Cisco Discovery Protocol (CDP). CDP allows a Cisco device to recognize, and be recognized by, other Cisco devices.

cdp { run [ interface ] | timer seconds | holdtime seconds }
no cdp { run [ interface ] | timer | holdtime }

Syntax Description

run

Starts the WLSE sending out CDP signals to other devices.

timer

Set CDP packet retransmission time, the amount of time, in seconds, that CDP signals are sent.

holdtime

Set CDP packet information hold time, the amount of time a device will recognize another device without receiving a signal. For example, if your system's holdtime is set to 30 seconds, and another device that has already been recognized by yours does not send a signal within that 30 seconds, your system will cease to recognize it.

interface

Ethernet port on which CDP will be enabled. Acceptable range of values is eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.

seconds

Amount of time, in seconds, that the system takes to either transmit the CDP packet information or to hold another system's CDP packet information.

Usage Guidelines

After you use the no cdp command, the timer and holdtime values are set to their default values.

Example

This command sets the CDP packet's retransmission time at 10 seconds:
cdp timer 10
This command sets the CDP packet's retransmission to its default time.
no cdp timer
Related Commands

show cdp run

clear

This command clears the terminal settings for the shell.

clear

clearvar

This command deletes old log files from the /var partition.

clearvar

Usage Guidelines

This command stops all services on the WLSE before purging old log files. Upon completion, the command restarts all services.

clock

To set the system date and time, use the following command. See the following usage guidelines before using this command.

clock set { hh:mm:ss month day year }

Syntax Description

set

Sets the system clock.

hh:mm:ss

Current time (for example, 13:32:00).

month

Current month, as full month name or at least the first 3 characters of the month (for example, jan).

day

Day of the month (1 to 31).

year

Current year (for example, 2000).

Usage Guidelines

When resetting the time, you must stop and restart WLSE services. Otherwise, scheduled configuration and firmware jobs will not run properly. To reset the time:

Step 1 Stop services:
services stop
Step 2 Change the time.

Step 3 Start services:
services start
To set the date and time, use the set option.

If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command.When setting the clock, enter the current time in Coordinated Universal Time (UTC).

For more information about the system time, see the Understanding WLSE Time Displays.

Example

This command sets the date and time:
clock set 16:00:00 dec 11 2001
Tue Dec 11 16:00:00 UTC 2001
Related Commands

ntp server

show clock

df

To display the current storage usage on the WLSE, use the following command.

df

Usage Guidelines

This command in primarily intended as a debugging tool for problems with full partitions.

Example

The following command displays the current storage usage on the WLSE:
df
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda12            151M   59M   92M  39% /
/dev/sda1              49M  2.8M   44M   6% /boot
/dev/sda7             985M   24M  911M   3% /extra
/dev/sda8             601M   32M  569M   5% /home
/dev/sda6            1001M  136M  865M  14% /opt
/dev/sda13            9.7G   32M  9.7G   0% /tftpboot
/dev/sda9             601M   32M  569M   5% /tmp
/dev/sda10            591M  212M  350M  38% /usr
/dev/sda5             2.9G  450M  2.5G  15% /var
Related Commands

fsck

dumptcp

The following command displays TCP/IP network protocol packet content.

dumptcp proto { snmp snmp-trap ip icmp tcp udp | port port }
[ interface eth[ernet] 0 ... 5] [ host host [ host2 host2 ]]
[ packets packets ] [ log ]

Syntax Description

proto

Name of protocol. Enter snmp, snmp-trap, ip, icmp, tcp, or udp to specify the protocol for which you want to view the packet content. You must specify either a protocol or a port.

port

Use the port number to specify the protocol to observe, instead of specifying the protocol name. You must specify either a protocol or a port.

port

The port number.

interface eth[0-5]

The interface to observe. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.

host, host2

The host(s) to observe.

host

The host name(s).

packets packets

Maximum number of packets to be captured (up to 10,000)

log

Logs the output of the command in a file in a dumptcp.cap file. You can retrieve the file from the web interface—Administration > Appliance > Status > View Log File. Use a utility such as tcpdump or Ethereal to view the file, which is in binary format.

Usage Guidelines

You can either specify a protocol by name or specify a port; you must specify one or the other. Optionally, you can specify the interface and specify one or two hosts to observe.

The command allows you to continuously observe the packets. Enter Ctrl C to terminate the command.

Examples

The following command listens to and displays the SNMP packets in the interface:
dumptcp proto snmp interface eth0
The following command listens to packets from port 161 only with abc.com as either the source or destination host:
dumptcp port 161 host abc.com
Related Commands

interface

erase config

To erase the configuration in flash memory and reload the WLSE, use the following command.

erase config

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

When you enter the command, you are prompted for confirmation. Enter yes to confirm, or press Enter to accept the default response no.

Caution When you confirm this command, the system configuration is erased and the system reboots automatically. The system will not operate until you reconfigure it.

When the system reboots, you must reconfigure it with the setup program. For information about using the setup program, see the Installation and Configuration Guide for the CiscoWorks Wireless LAN Solution Engine, 2.7.

Example

This command erases the system configuration:
erase config
This will erase your configuration, return device to factory defaults, 
and reload the device 
Do you want to continue?[no]:yes
firewall

The following command implements port filtering on the WLSE. The command allows port access configuration on a per-interface basis, and allows you to configure the WLSE for secure or public network environments.

firewall [ interface ] [ public | private | none ] | [ icmp | telnet | ssh | snmp | https | 1741 | repository | tftp | REPOSITORY ]]

Syntax Description

eth [0-5]

Interface to be configured. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.

public

Denies access via Internet Control Message Protocol (ICMP), Telnet, SNMP, and the HTTP 1741 port.

none

Disables the firewall on an interface.

private

Denies no access.

icmp

Denies ICMP ping messages.

telnet

Denies incoming Telnet connections.

ssh

Denies incoming SSH connections.

snmp

Denies incoming SNMP requests.

https

Denies all connections to the SSL HTTP port.

1741

Denies all connections to the HTTP 1741 port.

repository

Disables the local software repository from access from the network. Ignores all connections to WLSE port 9851.

tftp

Disables TFTP access.

Usage Guidelines

To configure an Ethernet port for secured public access, use the public option.

To configure an Ethernet port for local access, via a LAN or VLAN, use the private option.

To disable ICMP, Telnet, SSH, SNMP, HTTPS, or to deny connections to the SSL HTTP port or the HTTP 1741 port, use the corresponding option.

Example

The following is an example of a secure Ethernet port configuration:

•Ethernet port 0 is connected to the Internet, and is configured to be accessible only via HTTPS by entering the following command:
firewall eth0 public ssh 1741 
•Ethernet port 0 is connected to an internal LAN or VLAN, and is configured to be accessible via any of the supported protocols by entering the following command:
firewall eth0 private 
An on-site user has full access to the WLSE, but an external user can only access it using a secure connection.

Related commands

show interfaces

interface

gethostbyname

Use the following command to display the IP address of a known hostname.

gethostbyname host

Syntax Description

host Domain name of host.

Example

This command displays the IP address of example.com
gethostbyname example.com
209.165.200.224
hostname

To change the system host name, use the following command.

hostname name

Syntax Description

name

New hostname for the WLSE. The name is case-sensitive and may be from 1 to 24 alphanumeric characters (A-Z, a-z, 0-9), the minus sign (-), and the period (.).

Example

The following example changes the hostname to sandbox:
hostname sandbox
http-server

This command controls:

•HTTP and HTTPS access to the WLSE by specifying the IP addresses from which connections are accepted. The default behavior is to accept all connections. If you specify IP addresses, connections are only accepted from matched addresses. The no form of the command removes an address.

•The port used for HTTP access.

http-server accept ip_address [ netmask ] | port { 80 | 1741 }
no http-server accept ip_address [ netmask ]
http-server port { 80 | 1741 }

Syntax Description

accept ip_address netmask

An address and optional netmask from which connections are accepted or an address and optional netmask to remove from the access list.

port { 80 | 1741 }

Port to use for HTTP access.

Usage Guidelines

You can add one address per command line.

The no form of the command removes one address at a time. The no form of the command must match exactly the rule it is deleting.

In a redundant cluster of WLSEs, if you are using an HTTP/HTTPS access list, you must enter a command on each WLSE to allow access by the other WLSE in the cluster.

Example

To accept HTTP and HTTPS connections from the host 192.168.12.12 with the netmask 255.255.255.0:

http-server accept 192.168.12.12 255.255.255.0

To use port 80 for HTTP access instead of the default port 1741:

http-server port 80

Related Commands

firewall

show http-server

import

Use this command to add single hostnames or a host file to the WLSE's host file.

import { host hostname ipaddress} | { hosts ftp-host username password path }
no import hosts

Syntax Description

host

Imports a single hostname mapped to an IP address.

hostname

Hostname to import.

ipaddress

IP address to map hostname to.

hosts

Imports host files from an FTP-accessible host.

password

Password used to access an FTP-accessible host.

path

Path to the file to be imported.

ftp-host

IP address of the FTP-accessible host.

username

username use to access the FTP-accessible host.

Usage Guidelines

To import a single host:

import host hostname ipaddress

To import host files from an external, FTP- accessible server:

import hosts ftp-host username password path

To remove an individual IP address from the imported host file:

no import host hostname ipaddress

To remove an imported host file:

no import hosts

Example

The following command imports host files from the FTP- accessible server ftpserver_1. Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts.
import hosts ftpserver_1 admin pass /ftpserver_1/hosts
The following command deletes the hosts imported in the example above:
no import hosts
Related Commands

show import

install

Use this interactive command to install software updates on the WLSE.

install configure { URL URL | default | save }
install update package
install list [ all | full | page | updates ]
install current
install help

Syntax Description

configure

Defines the repository that the WLSE uses to install software updates and images. A repository is a remote or local server from where a system can download software updates and images.

URL

Sets the URL of the repository. Only HTTP is supported.

URL

The URL of the repository. The URL should take the form of http://host:port/path (the path is optional).

default

Configures the WLSE to be its own repository. The URL is http://localhost:9851.

save

Saves the current configuration in the install.ini file.

update package

Installs the specified software update package.

list

Lists software updates and images on the configured repository.

all

Lists all software updates and images on the configured repository. This command displays the name, the version, the requirements, the type, and a summary of the software.

full

Lists only the complete images on the configured repository. This command displays the name, the version, the requirements, the type, and a summary of the image.

page

Lists only the names of all software updates and images on the configured repository.

updates

Lists only the updates on the configured repository. This command displays the name, the version, the requirements, the type, and a summary of the update.

current

Lists the currently installed patches and packages on the WLSE.

exit

Exit from interactive use of the install command.

Example

The following command configures the WLSE to use port 9851 on the system with IP address 209.165.200.22, as the repository:
wlse-1130:install 
Install URL not configured
install: configure URL http://209.165.200.224:9851
The following command installs the update package named WLSE-2.0:
install: update WLSE-2.0
The following command lists all software updates in the repository:
install: list all
Name         Version Requires     Type       Summary
WLSE-2.7.1   2.7.1   WLSE-2.7     UPDATE     Wireless LAN Solution ...
WLSE-2.7u    2.7     WLSE-2.0     UPDATE     Wireless LAN Solution ...
WLSE-2.5FCS  2.5     WLSE-2.0     UPDATE     Wireless LAN Solution ...
WLSE-2.0.2   2.0.2   WLSE-2.0     UPDATE     Wireless LAN Solution ...
WLSE-2.0     2.0                  COMPLETE   Wireless LAN Solution ...
The following command lists all the packages and patches currently installed on the WLSE:
wlse-1130:install current 
URL=http://209.165.200.224:9851
Initializing install:  Success
Name         Version Requires     Type       Summary
WLSE-2.7.1   2.7.1   WLSE-2.7     UPDATE     WLSE 2.7.1 Upgrade
WLSE-2.7u    2.7     WLSE-2.0     UPDATE     WLSE 2.7 Upgrade
WLSE-2.5a    2.5a    WLSE-2.5FCS  UPDATE     Wireless Lan Solution ...
WLSE-2.5FCS  2.5     WLSE-2.0     UPDATE     WLSE 2.5FCS Upgrade
WLSE-2.0.2   2.0.2   WLSE-2.0     UPDATE     WLSE 2.0.2 Upgrade
WLSE-2.0a    2.0a    WLSE-2.0     UPDATE     Wireless Lan Solution ...
WLSE-2.0     2.0                  COMPLETE   WLSE Solution Engine
Related Commands

repository

show install logs

show version

interface

To configure an Ethernet interface, use the following command.

interface eth[ernet][0-5] {[ up | down ] | ipaddress netmask
[ default-gateway address ] [ up | down ] }
[ auto | speed [10 | 100 | 1000]] duplex [ half | full ]
mtu [ 46-1500 ]

Syntax Description

eth[0-5]

Name of the interface port to be configured. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to the port labeled A on the back panel, and eth1 corresponds to the port labeled B.

up

Enables the interface (the default).

If you include the ipaddress parameter and want to enable the interface in the same command, either enter the up parameter after ipaddress and its required parameters, or do not specify the up or down parameters (up is the default).

down

Disables the interface. If you include the ipaddress parameter and want to disable the interface in the same command, enter the down parameter after ipaddress and its required parameters.

ipaddress

The IP address of the interface.

netmask

The netmask of the interface IP address.

default-gateway

The IP address of the default gateway that connects the WLSE to the network.

address

The default gateway IP address.

up

See the preceding description of up.

down

See the preceding description of down.

auto

Allow the interface speed to be set automatically.

speed

Set the interface speed to 10, 100, or 1000 megabits.

duplex half | full

Set interface to half- or full-duplex mode.

mtu [ 46-1500 ]

Set the maximum packet size within this range, in bytes.

Default

When you enter the interface command, the interface that you specify is enabled by default. If you want to disable an enabled interface or leave a disabled interface disabled, you must specify the down option.

Usage Guidelines

If you change the IP address or hostname, follow these steps to make sure that applications can connect to the WLSE:

Step 1 Stop and restart management services by entering:
# services stop
# services start
Step 2 Verify that management applications can still connect to the WLSE.

Step 3 Reconnect any applications that cannot connect to it using the system's new IP address or hostname.

Example

The following command disables the Ethernet 1 interface:
interface eth1 down
The following command sets the Ethernet 0 IP address, netmask, and gateway IP address:
interface eth0 209.165.200.224 255.255.255.224 default-gateway 
209.165.201.31 up
Related Commands

show interfaces

ip domain-name

To define a default domain name, use the following command. To remove the default domain name, use the no form of the command.

A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured domain name appended to it. If you are using a DNS server, this appended name is resolved by the DNS server, and then added to the host table.

ip domain-name name
no ip domain-name name

Syntax Description

name

Domain name (for example, cisco.com).

Example

This command defines the default domain name to be cisco.com:
ip domain-name cisco.com
This command removes the default domain name abc.com:
no ip domain-name abc.com
Related Commands

show domain-name

ip domain-name

ip name-server

To specify the addresses of up to three name servers for name and address resolution, use the following command. To remove a name server, use the no form of the command.

ip name-server ip-address
no ip name-server ip-address

Syntax Description

ip-address

Name server IP address (maximum of 3).

Usage Guidelines

Use the ip name-server command to point the WLSE to a specific DNS server. You may configure up to three servers. If you attempt to configure a fourth name server, the following error message appears:
# Name-server table is full.
The WLSE must be able to contact a functional DNS server to operate correctly. If it does not, in most cases it will not correctly process requests from management applications that use it. If the system cannot obtain DNS services from the network, Telnet connections to the system will fail or Telnet interaction with the system will become extremely slow.

Example

This command assigns a name server for the system to use for name-to-address resolution:
ip name-server 209.165.200.224
This command disables the name server; the system will not use it for name-to-address resolution:
no ip name-server 209.165.200.224
Related Commands

ip domain-name

listbackup

Use the following command to list all available backups at the configured site. Backup names are created by using the WLSE hostname and the backup date and time.

listbackup

Syntax Description

This command has no arguments or keywords.

Example

The following command lists all current backups at the configured site:
listbackup
ex1_06042001_170640: Hostname: ex1 Date: 06042001  time: 1700
ex1_06052001_124543: Hostname: ex1 Date: 06052001  time: 1243
ex1_06052001_155148: Hostname: ex1 Date: 06052001  time: 1558
ex1_06202001_145704: Hostname: ex1 Date: 06202001  time: 1454
Related Commands

backup

backupconfig

restore

show backupconfig

mail

Use this command to send and receive mail and to debug and test email settings.

mail [ to user@host [ debug ]]

Syntax Description

To read email, enter the command with no arguments. To send email, enter the command with the following arguments:

to

Sends email to the expressed recipient.

user@host

Recipient of the email.

debug

Debug email problems.

Example

The following command sends an email message:
mail to operator@sj_wlse
Subject: test 
This is a test mail 
. 
Cc: 
Note You must end the mail message with a period (.) on a line by itself.

Related Commands

mailcntrl

mailroute

mailcntrl

This command clears or lists the size of the mail log, send queue, or user queue.

mailcntrl list { logsize | sendqueusize | userqueuesize }
clear { log | sendqueue | userqueue }

Syntax Description

logsize

Size of the mail log.

sendqueuesize

Size of the sendqueue.

userqueuesize

Size of the userqueue.

log

Clears the WLSE's email log.

sendqueue

Clears the WLSE's send queue.

userqueue

Clears the WLSE's user queue.

Example

The following command clears the WLSE's email log.
mailcntrl clear log
Related Commands

show maillog

mailroute

To forward email to a specified SMTP server, use the following command to specify the server. If no server is specified, the WLSE will use DNS to resolve the correct email server in your local domain. To stop forwarding mail to the SMTP server, use the no mailroute command to remove the mail server information.

mailroute { hostname | ip-address }
no mailroute

Syntax Description

hostname

Host name of an email server.

ip-address

IP address of an email server.

Example

The following command forwards email to a server with the hostname mailserver:
mailroute mailserver
Related Commands

show mailroute

mkcert

Use this command to generate a Certificate Signed Request (CSR) for enabling secure socket layer protocol (SSL). SSL provides a secure HTTPS connection between Web clients and the WLSE.

When you initially set up the WLSE, a private key, a self-signed certificate, and a certificate signing request (CSR) are generated. This set up procedure enables SSL.

The unsigned certificate expires in one year; use the mkcert command or the Web interface to obtain a permanent, signed certificate.

Note When you wish to establish an SSL connection to the WLSE, use the https prefix instead of http when entering the URL into the browser. Do not append a port number to the URL.

Syntax Description

mkcert

Usage Guidelines

When you run mkcert, the following prompts are displayed. For some fields, there is a default name. If you enter a period (.), the field will be left blank.
Prompt

Response
1. Country Name
2. State or Province Name
3. Locality Name
Country, state or province, and city in which the WLSE is located. Use the 2-character code for the country and the full names of state or province and city.
4. Organization Name
Full name of organization that owns the WLSE.
5. Organizational Unit Name
(Optional) Section of organization that is using the WLSE.
6. Common Name
Fully qualified domain name of organization.
7. Email Address
Email address of organization.
After generating the certificate, view it in the Web interface (Administration > Security > SSL (HTTPS). Copy everything between the BEGIN CERTIFICATE REQUEST and END CERTIFICATE REQUEST lines and send it to a certificate authority (such as Verisign). Use the authority's procedure for sending the certificate.

When you receive the signed certificate:

Step 1 Copy the certificate into an ASCII file on a client system.

Step 2 Using the WLSE Web interface on the same client, select Administration > Security > SSL (HTTPS).

Step 3 Enter the path to the certificate or click Browse to locate it. Then click Submit Certificate.

Step 4 To use the new certificate, restart the WLSE by running the following commands:
services stop
services start
nslookup

To translate a device name to its IP address or an IP address to its device name, use the following command.

nslookup { dns-name | ip-address }

Syntax Description

dns-name

Device name of a host on the network.

ip-address

IP address of a host on the network.

Example

The following command translates the device name hostname to its IP address:
nslookup hostname
Server: dns.ex1.com
Address: 209.165.200.224
Name:    ex1.com
Address: 209.165.201.0
ntp server

To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the following command. To disable this function, use the no form of this command.

ntp server ip-address
no ntp server ip-address

Syntax Description

ip-address

IP address of the NTP time server.

Usage Guidelines

Use the ntp server command to synchronize the system clock with the specified NTP server. If you configure multiple NTP servers, the system will synchronize with the first working NTP server it finds. There is no limit to the number of NTP servers that you can configure.

The ntp server command validates the NTP server that you specify. The possible results are:

•If the server is a valid NTP server, a message similar to the following appears:
# 19 Jan 00:43:48 ntpdate[1437]: step time server 209.165.200.224 
offset 999.257304
•If no NTP server with the name or IP address you specified exists, a message similar to the following appears:
# 19 Jan 00:43:40 ntpdate[1431]: no server suitable for 
synchronization found
In this case, remove the NTP server by using the no form of the command, then configure a valid NTP server.

•If the system time is set to a time later than the time on the NTP server, a message similar to the following appears:
# 19 Jan 00:43:58 ntpdate[1265]: Can't adjust the time of day: 
Invalid argument.
In this case, the ntp server command is entered into the system configuration, but NTP will not function. Follow these steps to remove the command and configure NTP correctly:

Step 1 Remove the ntp server command from the configuration by entering the no form of the command. For example:
no ntp server ip-address
where ip-address is the IP address of the NTP server.

Step 2 Set the system clock to a time that is behind the time on the NTP server using the clock set command. For more information about the clock command, see show clock.

Step 3 Enter the ntp server command again to configure the NTP server on the system. For example:
ntp server ip-address
Example

This command configures the system to use an NTP server:
ntp server 209.165.201.0 
This command configures the system to stop using the NTP server:
no ntp server 209.165.201.0 
Related Commands

show clock

ps

This command shows running processes.

ps [ options ]

Syntax Description

This is a standard Linux command. For a Linux man page, type ps help.

reload

To reboot the system, use the following command.

reload

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

You will be prompted to verify the reload. Enter yes to confirm or no to cancel the reload.

Caution All processes running on the system stop when you run the reload command. The WLSE will not respond while it is reloading.

Example

This command reboots the system:
reload
Related Commands

shutdown

reinitdb

To reinitialize the database, use the following command. This command erases all information contained within the database and stops and restarts system services.

reinitdb

Note This command stops and restarts system services.

Syntax Description

This command has no arguments or keywords.

Example

This command reinitializes the database:
reinitdb
Related Command

services

repository

This command manages the local repository, from which the WLSE downloads its software updates. You can add, delete, or list software packages in the repository; specify the location from the local repository downloads images, and control the status of the repository.

repository add package
repository delete [ package | all ]
repository list { local | remote } [ detail ] [ page ]
repository source URL
repository server[ stop | start | status ]

Syntax Description

add package

Transfer a software update image named package from a remote server to the local repository.

delete

Delete software images from local repository.

all

Deletes all images from local repository.

list

List software images and packages in configured local or remote repository.

local

List software updates and packages in local repository.

remote

Lists software updates and packages in remote repository.

detail

Include details of software updates and images displayed.

page

Display software updates and packages one page at a time.

source URL

Configure WLSE to serve as repository and to download software updates and images from external server whose IP address is URL (restricted to the FTP protocol). This command only configures the WLSE to be a repository. To configure the WLSE to install software updates and images from this repository, see install.

server

Start, stop, or display status of the WLSE's local repository.

stop

Stop local repository.

start

Start local repository.

status

Display status of local repository.

Usage Guidelines

You will be prompted to enter a username and password if they are needed to access the remote server.

Examples

The following command transfers the update EX_2.0 from an update server to the local repository:
repository add ex_2.0
The following command deletes the update EX_2.0 from the local repository:
repository delete EX_2.0
The following command lists the software updates and images available on the configured local repository, with details and one page at a time:
repository list local detail page
The following command configures the WLSE to be a repository, and to download software updates and images from http:// 209.165.200.224:
repository source ftp://209.165.200.224
The following command stops the local repository:
repository server stop
Related Commands

install

show repository

restore

Use the following command to restore a backed up configuration of the WLSE.

restore -n backup_name

Syntax Description

backup_name

Name of backup.

-n

Restores without overwriting the flash memory, which contains network information (WLSE hostname, IP address, domain name, name servers, NTP server) and users' CLI privileges.

Usage Guidelines

The restore command shuts down services on the WLSE, restores the data, and then reboots the WLSE.

Backups are restored from the location that you specified. To specify the backup location, use the backupconfig command.

You can restore configuration data from one WLSE to another; for example, if you want to replace one WLSE with another. For more information see the backup procedures in Backing Up and Restoring Data.

Example

The following command restores the backup called backup1 from the configured backup location:
restore backup1
Releated Commands

backup

backupconfig

listbackup

show backupconfig

route

To add a route through a gateway device, use the route command. To delete a route, use the no version of the command.

route { network address } netmask { network netmask } gateway { gateway address }
no route { network address } netmask { network netmask } gateway gateway address }

Syntax Description

netmask

Sets value of the network netmask.

gateway

Sets the IP address of the router or gateway.

network address

IP address of the network.

network netmask

Value of the network netmask.

gateway address

IP address of router or gateway.

Example

The following command adds a route:
route 209.165.201.0 netmask 255.255.255.224 gateway 209.165.200.224
The following command deletes the above route:
no route 209.165.201.0 netmask 255.255.255.224 gateway 209.165.200.224
services

To list, start, or stop the management services running on the system, use the following command.

services [ status | start | stop ]

Syntax Description

status

Displays the management services status.

start

Starts the management services.

stop

Stops the management services.

Usage Guidelines

Management services are the software installed on the system by network management applications. Use this command to stop and restart the management services if the system is not responding correctly to a management application. This should cause the services to reset and function properly again.

Example

This command stops management services:
services stop
This command starts management services:
services start
This command shows services status:
# services status
Process= HSECollector
        State  = Running but busy flag set
        Pid    = 588
        RC     = 0
        Signo  = 0
        Start  = 06/15/01 16:54:32
        Stop   = Not applicable
        Core   = Not applicable
        Info   = HSECollector started.
        Process= HSEANIServer
        State  = Running but busy flag set
        Pid    = 589
        RC     = 0
        Signo  = 0
        Start  = 06/15/01 16:54:32
-----------more----------- 
Related Commands

show proc

show anilog

To display the WLSE's ANI log, use the following command.

show anilog [ page ] | include MatchString1 [ MatchString2 ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1

matchstring2

String of characters to search for in the command output.

Example

The following command displays the WLSE's ANI log, one page at a time:
show anilog page
/var/adm/CSCOets/log/ani.log
SNMPThrPool: Instantiated ex.lib.snmp.lib.timer.DynamicThreadPool,  mi
n=15, max=48, maxIdleSecs=240
2001/12/20 13:43:12 main ani MESSAGE DBConnection: Created new 
Database connecti
on [hashCode = 45981573]
2001/12/20 13:43:38 main ani MESSAGE ServletServiceModule: Moxie 
Servlet Engine 
is ready to receive requests
2001/12/20 15:43:39 HSEStatusPoll ani MESSAGE DBConnection: Created 
new Database
 connection [hashCode = 85057415]
2001/12/20 17:43:39 HSEStatusPoll ani MESSAGE DBConnection: Created 
new Database
 connection [hashCode = 396959623]
2001/12/20 19:43:39 HSEStatusPoll ani MESSAGE DBConnection: Created 
new Database
--More--
show auth-cli

Use this command to display the type of authentication used for secure CLI access.

show auth-cli

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that the WLSE's local authentication is being used for the CLI:
show auth-cli
local
Related Commands

auth

show auth-http

Use this command to display the type of authentication used for secure HTTP access.

show auth-http

Syntax Description

This command has no arguments or keywords.

Example

This command and response shows that the WLSE's local authentication is being used for the CLI:
show auth-http
local
Related Commands

auth

show backupconfig

The following command displays the current backup and restore configuration.

show backupconfig

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

If the backup location is not set, the host and username fields display NONE.

Example

The following command displays the current backup and restore configuration:
show backupconfig
Hostname: 209.165.201.0
Username: user1
Related Commands

backup

backupconfig

listbackup

restore

show bootlog

To display the messages logged during the last system boot, use the following command.

show bootlog [ page ]

Syntax Description

page

Displays command output one screen at a time. Press the return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

Example

This command displays the messages logged during the last system boot:
show bootlog page
Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1
Console: colour VGA+ 80x25
Calibrating delay loop... 1133.77 BogoMIPS
start low memory: 0xc0001000 i386_endbase: 0xc009f000
addresses range:: 0xc0f00000  0xc1000000
start memory: c04f8000 end_memory: d0000000
Memory: 257688k/262144k available (988k kernel code, 416k reserved, 
2992k data,)
Dentry hash table entries: 262144 (order 9, 2048k)
Buffer cache hash table entries: 262144 (order 8, 1024k)
Page cache hash table entries: 65536 (order 6, 256k)
vmdump: setting dump_execute() as dump_function_ptr ...
VFS: Diskquotas version dquot_6.4.0 initialized
CPU: Intel Pentium III (Coppermine) stepping 06
Checking 386/387 coupling... OK, FPU using exception 16 error 
reporting.
Checking 'hlt' instruction... OK.
POSIX conformance testing by UNIFIX
mtrr: v1.35a (19990819) Richard Gooch (rgooch@atnf.csiro.au)
PCI: PCI BIOS revision 2.10 entry at 0xfda95
PCI: Using configuration type 1
-----------more-----------
Related Commands

reload

show cdp neighbor

Use this command to display the WLSE's nearest neighbor on the network.

show cdp neighbor

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

CDP neighbor information is usually broadcasted at 3- to 5-minute intervals, so there may be a delay in displaying neighbor information.

Example

This command shows the nearest neighbor on the network.
show cdp neighbor
cdp neighbor device: Switch
        device type: cisco WS-C2924-XL
        port: FastEthernet0/12
        address: 209.165.201.0
show cdp run

Use this command to display the Cisco Discovery Protocol (CDP) configuration.

show cdp run

Syntax Description

This command has no arguments or keywords.

Example

The following command displays the CDP configuration:
show cdp run
CDP protocol is enabled ...
        broadcasting interval is every 60 seconds.
        time-to-live of cdp packets is 180 seconds.
        CDP is enabled on port eth0.
Related Commands

cdp

show collectorlog

To display the WLSE's collector log, use the following command.

show collectorlog [ page ] | include matchstring1 [ matchstring2 ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1matchstring2

Strings of characters to search for in the command output.

Example

The following command displays the WLSE's collector log, one page at a time:
show collectorlog page
/var/adm/CSCOets/log/collector.log
2001/12/20 13:43:18 main HSECollector MESSAGE CollectorMain: Waiting 
for database to be ready
2001/12/20 13:43:21 main HSECollector MESSAGE CollectorMain: Database 
is ready
SNMPThrPool: Instantiated ex.lib.snmp.lib.timer.DynamicThreadPool,  
min=15, max=48, maxIdleSecs=0
2001/12/20 13:43:29 main HSECollector MESSAGE ServletServiceModule: 
Moxie Servlet Engine is ready to receive requests
2001/12/20 13:43:30 PeriodicSchedulerRun:FaultCleanup HSECollector 
MESSAGE CollectorDBUtils: DB.TableCleanupCommand=[VACUUM ]
2001/12/20 13:43:30 PeriodicSchedulerRun:FaultCleanup HSECollector 
MESSAGE CollectorDBUtils: DB.TableUpdateStatsCommand=[VACUUM ANALYZE ]
2001/12/21 10:39:52 Moxie Servlet Engine:Pooled Thread:1 HSECollector 
MESSAGE ServletContextAdaptor: Collector: init
show config

To display the system configuration, use the following command.

show config

Syntax Description

This command has no arguments or keywords.

Example

This command displays the system configuration:
show config
hostname ex1
interface ethernet0 209.165.201.0 255.255.255.224 default-gateway 
209.165.202.128
interface ethernet1 down
interface ethernet2 down
interface ethernet3 down
interface ethernet4 down
interface ethernet5 down
ip domain-name embu-doc
ip name-server 209.165.202.158
username admin epassword ************* privilege 15
show daemonslog

To display the WLSE's daemons log, use the following command.

show daemonslog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1

String of characters to search for in the command output.

matchstring2

Another string of characters to search for in command output.

Example

The following command displays the WLSE's daemons log, one page at a time:
show daemonslog page
/var/adm/CSCOets/log/daemons.log
[dmgrDbg] getenv(PX_DBG)=NULL
[dmgrDbg] getenv(PX_MY_DEBUG)=NULL
[dmgrDbg] getenv(PX_MY_TRACE)=NULL
[dmgrDbg] getenv(PX_DBG_LEVEL)=NULL
[dmgrDbg][Thu Dec 20 13:42:53 2001]##### INFO ##### re-evaluate 
DbgLevel=0x0
        ++>>it(1) = 8077978 <HSECollector>
        ++>>it(1) = 8077898 <HSEANIServer>
        ++>>it(1) = 8077428 <PostgreSQL>
        ++>>it(1) = 8077228 <WebServer>
        ++>>it(1) = 8077328 <Tomcat>
        ++>>it(1) = 80770d8 <ExcepReporter>
        ++>>it(1) = 8076fc8 <CDPbrdcast>
        ++>>it(1) = 8076e58 <PerfMon>
#!/bin/sh -v
#!/bin/sh -v
if [ "$NMSROOT" = "" ]; then
        NMSROOT=/opt/CSCOets
        export NMSROOT
fi
cd $NMSROOT
--More--
show dmgtdlog

To display the WLSE's daemon manager log, use the following command.

show dmgtdlog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1

String of characters to search for in the command output.

matchstring2

Another string of characters to search for in command output.

Example

The following command displays the daemon manager log, one page at a time:
show dmgtdlog page
/var/adm/CSCOets/log/dmgtd.log
Dec 20 13:42:56 ex dmgt[712]: #3001:TYPE=INFO:Using port: tcp/42340.
Dec 20 13:42:56 ex dmgt[714]: #3007:TYPE=INFO:Started application(HSEC
ollector) "/bin/nice -n 19 /opt/CSCOets/bin/collector" pid=715.
Dec 20 13:42:56 ex dmgt[714]: #3007:TYPE=INFO:Started application(HSEA
--More--
show http-server

This command displays HTTP and HTTPS access control information.

show http-server

Syntax Description

This command has no arguments or keywords.

Related Commands

http-server

show import

To display an imported host file, use the following command.

show import hosts

Syntax Description

hosts

Name of server that host files were imported from.

Example

This command displays the imported host file.
show import ftpserver_1
Related Commands

import

show install logs

Displays the software updates and images available on the configured repository.

show install logs [ short | long ] [ page ]

Syntax Description

short

Displays only the names of software updates and images on the configured repository

long

Displays the names and descriptions of software updates and images on the configured repository.

page

Displays command output one screen at a time.

Example

The following command displays the software updates and images available on the configured repository, one screen at a time:
show install updates page
2
NAME=EX-2.0a
Related Commands

install

repository

show ipchains

This command displays the IP chains for the selected interface.

show ipchains eth[ 0-5 ]

Syntax Description

eth[ 0-5 ]

Name of interface port to be displayed. Acceptable values are eth0-eth5. On the WLSE 1130, eth0 corresponds to port labeled A on the back panel, and eth1 corresponds to port labeled B.

Example

The following command displays the IP chains for the ethernet 0 interface:
show ipchains eth0
Chain ineth0 (1 references):
target     prot opt     source                destination           
ports
ACCEPT     tcp  -y--l-  anywhere             ex.help     any ->   telt
ACCEPT     tcp  ------  anywhere             ex.help     any ->   telt
ACCEPT     tcp  ------  anywhere             ex.help     any ->   3345
ACCEPT     tcp  -y--l-  anywhere             ex.help     any ->   ssh
Related Commands

interface

show hosts

This command displays the WLSE's host file.

show hosts [ page ]

Syntax Description

page

Displays command output one screen at a time.

Example

The following command displays the host file one page at a time:
show hosts page
Related Commands

import

show maillog

To display the WLSE's mail log, use the following command.

show maillog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to command prompt.

include

Filters command output to display only records that contain the specified string of characters.

matchstring1matchstring2

Strings of characters to search for in command output.

Example

The following command displays the collector log, one page at a time:
show maillog page
/var/log/maillog
Dec 21 04:02:06 ex sendmail[11643]: EAA11643: from=root, size=307, 
class=0, pri=30307, nrcpts=1, msgid=<200112210402.EAA11643@ex.help>, 
relay=root@localhost
Dec 21 04:02:06 ex sendmail[11660]: EAA11643: SYSERR(root): Cannot 
exec /usr/bin/procmail: No such file or directory
Dec 21 04:02:06 ex sendmail[11643]: EAA11643: to=root, ctladdr=root 
(0/0), delay=00:00:06, xdelay=00:00:00, mailer=local, stat=Operating 
system error
Related Commands

mailcntrl

show mailroute

Use the following command to show the current mail route.

show mailroute

Syntax Description

This command has no arguments or keywords.

Related Commands

mailroute

show proc

To display the WLSE's active process statistics, use the following command.

show proc [ page ]

Syntax Description

page

Displays command output one screen at a time.

Example

The following command displays the active process statistics one page at a time:
show proc page
PID     ELAPSED    SZ                  STARTED TTY  COMMAND
    1    22:29:10   277 Thu Dec 20 13:42:29 2001 ?    init
    2    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kflushd
    3    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kupdate
    4    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kpiod
    5    22:29:10     0 Thu Dec 20 13:42:29 2001 ?    kswapd
    6    22:29:03     0 Thu Dec 20 13:42:36 2001 ?    kreiserfsd
   85    22:29:00     0 Thu Dec 20 13:42:39 2001 ?    kreiserfsd
   86    22:29:00     0 Thu Dec 20 13:42:39 2001 ?    kreiserfsd
   87    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd
   88    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd
   89    22:28:59     0 Thu Dec 20 13:42:40 2001 ?    kreiserfsd
  208    22:28:57   290 Thu Dec 20 13:42:42 2001 ?    watchdog
  322    22:28:51   342 Thu Dec 20 13:42:48 2001 ?    idled
  510    22:28:51   290 Thu Dec 20 13:42:48 2001 ?    syslogd
  519    22:28:50   361 Thu Dec 20 13:42:49 2001 ?    klogd
  637    22:28:48   327 Thu Dec 20 13:42:51 2001 ?    crond
  651    22:28:48   286 Thu Dec 20 13:42:51 2001 ?    inetd
17076       18:23   364 Fri Dec 21 11:53:16 2001 ?     \_ in.telnetd
17077       18:23   575 Fri Dec 21 11:53:16 2001 0     |   \_ login
-----------more-----------
show repository

Use this command to display the status or access log of a configured repository.

show repository {[ status | access-log ]} [ page ]

Syntax Description

status

Displays the status of the local repository

access-log

Displays the access-log of the local repository

page

Displays command output one screen at a time.

Example

This command displays the status of the configured repository:
show repository status
Repository Source: 171.69.212.146:9851 
repository is running.
Related Commands

repository

show route

To display the routes that are currently configured, use the following command.

show route

Syntax Description

This command has no arguments or keywords.

Example

This command displays the currently configured routes:
show route
Destination     Gateway Genmask         Flags Metric Ref    Use Iface
209.165.200.224 0.0.0.0 255.255.255.224 UH    0      0        0 eth0
209.165.200.225 0.0.0.0 255.255.255.224 U     0      0        0 eth0
209.165.200.254 0.0.0.0 255.255.255.224 U     0      0        0 lo
209.165.202.128 0.0.0.0 255.255.255.224 UG    0      0        0 eth0
Related Commands

route

show securitylog

To display the WLSE's security log information, use the following command.

show securitylog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press Return to display next output screen. Press Ctrl-c to exit paged output and return to command prompt.

include

Filters command output to display only records that contain specified string of characters.

matchstring1

String of characters to search for in command output.

matchstring2

Another string of characters to search for in command output.

Example

The following command displays the security log, one page at a time:
show securitylog page
/var/log/secure
Dec 20 13:45:23 ex in.tftpd[1381]: connect from 209.165.200.224
Dec 20 13:45:27 ex in.tftpd[1383]: connect from 209.165.200.224
Dec 20 13:45:31 ex in.tftpd[1385]: connect from 209.165.200.224
Dec 20 13:45:35 ex in.tftpd[1387]: connect from 209.165.200.224
Dec 20 13:45:39 ex in.tftpd[1389]: connect from 209.165.200.224
Dec 20 13:45:44 ex in.tftpd[1391]: connect from 209.165.200.224
Dec 20 13:45:48 ex in.tftpd[1393]: connect from 209.165.200.224
Dec 20 13:45:52 ex in.tftpd[1395]: connect from 209.165.200.224
Dec 20 13:45:56 ex in.tftpd[1397]: connect from 209.165.200.224
Dec 20 13:46:00 ex in.tftpd[1399]: connect from 209.165.200.224
Dec 20 13:46:04 ex in.tftpd[1412]: connect from 209.165.200.224
Dec 20 13:46:27 ex in.tftpd[1424]: connect from 209.165.200.224
Dec 20 13:46:31 ex in.tftpd[1426]: connect from 209.165.200.224
Dec 20 13:46:35 ex in.tftpd[1428]: connect from 209.165.200.224
Dec 20 13:46:39 ex in.tftpd[1430]: connect from 209.165.200.224
Dec 20 13:46:43 ex in.tftpd[1432]: connect from 209.165.200.224
Dec 20 13:46:47 ex in.tftpd[1434]: connect from 209.165.200.224
--More--
show snmp-server

The following command displays the WLSE's SNMP configuration:

show snmp-server

Syntax Description

This command has no arguments or keywords.

Example

The following command displays the WLSE's SNMP configuration:
show snmp-server
RW community string: private
RO community string: public
sysLocation: your site information
sysContact: your contact information
trap-forwarding is disabled
Related Commands

snmp-server

show ssh-server

This command displays SSH access control information.

show ssh-server

Syntax Description

This command has no arguments or keywords.

Related Commands

ssh-server accept

show ssh-version

The following command displays the type of SSH that is enabled:

show ssh-version

Syntax Description

This command has no arguments or keywords.

Example

This command displays the type of SSH that is enabled:
show ssh-version
SSH1, SSH2
Related Commands

ssh-version

show syslog

To display syslog information, use the following command.

show syslog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1

String of characters to search for in the command output.

matchstring2

Another string of characters to search for in command output.

Usage Guidelines

To filter command output to include only the records that contain a specified string(s) of characters, use the include option with one or two character strings to search for.

If you include two strings, the command outputs only those records that contain both character strings.

Example

This command displays syslog information:
show syslog
Jun 20 16:04:23 ex syslogd 1.3-3: restart.
Jun 20 16:04:23 ex syslog: syslogd startup succeeded
Jun 20 16:04:23 ex kernel: klogd 1.3-3, log source = /proc/kmsg start.
Jun 20 16:04:23 ex kernel: Inspecting /boot/System.map-2.2.16-13bipse2
Jun 20 16:04:23 ex syslog: klogd startup succeeded
-----------more-----------
Related Command

interface

show tech

Use the following command to display information necessary for Cisco's Technical Assistance Center to assist you:

show tech [ page ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

Example
show tech page
/bin/cat: /var/log/secure: Permission denied
Copyright (c) 1999-2000 by Cisco Systems, Inc.
Build Version (166) Mon Jun 11 16:56:23 PDT 2001
Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1
Uptime: 0 days 18 hours 35 mins
2 Ethernet interfaces
hostname ex
interface ethernet0 209.165.200.224 255.255.255.224 default-gateway 
209.165.202.128
ip name-server 209.165.201.0
username admin epassword ************* privilege 15
eth0      Link encap:Ethernet  HWaddr 00:02:B3:35:FD:CC  
          inet addr:209.165.200.224 Bcast:209.165.201.31 
Mask:255.255.255.224
-----------more-----------
show telnetenable

To display the WLSE's Telnet status, use the following command.

show telnetenable

Syntax Description

This command has no arguments or keywords.

Example

The following command shows whether Telnet is enabled or disabled:
show telnetenable
telnet enable for: ALL
Related Commands

telnetenable

telnet

show tomcatlog

To display the WLSE's Tomcat log, use the show tomcatlog command.

show tomcatlog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1

String of characters to search for in the command output.

matchstring2

Another string of characters to search for.

Example

The following command displays the tomcat log, one page at a time:
show tomcatlog page
/var/adm/CSCOets/log/tomcat.log
2001-12-20 01:43:06 - ContextManager: Adding context Ctx( /examples )
2001-12-20 01:43:06 - ContextManager: Adding context Ctx( /admin )
Starting tomcat. Check logs/tomcat.log for error messages 
2001-12-20 01:43:06 - ContextManager: Adding context Ctx(  )
getUIProperties(): unhandled error could be a bad ui.properties
java.lang.NullPointerException
        at java.io.Reader.<init>(Reader.java:68)
        at java.io.InputStreamReader.<init>(InputStreamReader.java:96)
--More--
show webaccesslog

To display the WLSE's Web access log, use the following command.

show webaccesslog [ page ] [ include matchstring1 [ matchstring2 ]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1matchstring2

Strings of characters to search for in the command output.

Example

The following command displays the Web access log, one page at a time:
show webaccesslog page
/var/adm/CSCOets/log/access_log
209.165.200.224 - - [21/Dec/2001:10:38:54 +0000] "GET / HTTP/1.0" 302 
276 "-" "Mozilla/4.76 [en]C-CCK-MCD   (Windows NT 5.0; U)"
209.165.200.224 - - [21/Dec/2001:10:38:54 +0000] "GET 
/perl/login-form.cgi HTTP/1.0" 200 2268 "-" "Mozilla/4.76 
[en]C-CCK-MCD   (Windows NT 5.0; U)"
209.165.200.224 - - [21/Dec/2001:10:38:55 +0000] "GET /icons/hse.gif 
HTTP/1.0" 200 5554 "http://209.165.201.0:1741/perl/login-form.cgi" 
"Mozilla/4.76 [en]C-CCK-MCD   (Windows NT 5.0; U)"
209.165.200.224 - - [21/Dec/2001:10:38:55 +0000] "GET 
/icons/left_top.gif HTTP/1.0" 200 324 
"http://209.165.201.0:1741/perl/login-form.cgi" "Mozilla/4.76 
[en]C-CCK-MCD   (Windows NT 5.0; U)"
--More--
show weberrorlog

To display the WLSE's Web error log, use the following command.

show weberrorlog [ page ] [ include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1 matchstring2

Strings of characters to search for in the command output.

Example

The following command displays the Web error log, one page at a time:
show weberrorlog page
/var/adm/CSCOets/log/error_log
[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>: 
Invalid command 'secret', perhaps mis-spelled or defined by a module 
not included in the server configuration
[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>: 
Invalid command 'line', perhaps mis-spelled or defined by a module not 
included in the server configuration
[Thu Dec 20 13:43:00 2001] [error] (22)Invalid argument: <Perl>:
show websslaccesslog

To display the WLSE's Web SSL log, use the following command.

show websslaccesslog [ page | include matchstring1 [ matchstring2 ]]

Syntax Description

page

Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.

include

Filters the command output to display only the records that contain the specified string of characters.

matchstring1 matchstring2

Strings of characters to search for in the command output.

Example

The following command displays the Web SSL log, one page at a time:
show websslaccesslog page
shutdown

To shut down the system in preparation for powering it off, use the following command.

shutdown

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

All processes running on the WLSE will stop, and the WLSE will not respond until you power it off and back on.

You are prompted to verify the shutdown. Enter yes to continue, or no to cancel the shutdown.

Caution Never power the system off without running the shutdown command first. Doing so can destroy data and prevent the system from booting.

Example

This command shuts down the system:
shutdown
Related Commands

reload

snmp-server

To configure the simple network management protocol (SNMP) community string, contact information, or location information, use the following command. Use the no forms to delete the community string, location information, or contact information.

snmp-server { community community-name [ RO | RW ] |
location sysLocation-info | contact sysContact-info }
no snmp-server community community-name
no snmp-server contact
no snmp-server location

Syntax Description

community community-name

Sets a community string.

RO

Makes the community string read-only.

RW

Makes the community string read/write.

location sysLocation-info

Sets the system location string.

contact sysContact-info

Sets the contact string.

Example

This command sets the SNMP contact string:
snmp-server contact Dial System Operator at Beeper # 27345
Related Commands

show snmp-server

ssh

To use SSH to connect to an external host, use the following command.

ssh [ options ] host [ command ]

Syntax Description

options

Standard SSH options. For a list of these options, enter the ssh command without any arguments.

host

Name or IP address of host to which to connect.

command

Command for the external host to execute.

Example

Enter the following command to connect to an external host using SSH:
ssh 209.165.200.224
ssh-server accept

This command controls access to the WLSE via SSH. The default behavior is to accept all connections. If you specify an IP address, connections will be accepted from matching addresses only. Use the no form to remove SSH access control for the specified IP address.

ssh-server accept ip_address [ netmask ]
no ssh-server accept ip_address [ netmask ]

Syntax Description

ip_address

IP address to be allowed access.

netmask

Netmask for the IP address.

Usage Guidelines

The no form of the command must match exactly the rule it is deleting.

Related Commands

show ssh-server

ssh-version

Use this command to enable Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.

ssh-version { ssh1 | ssh2 | both }

Syntax Description

ssh1

Enables SSH 1

ssh2

Enables SSH 2

both

Enables both SSH 1 and SSH2

Example

This command enables ssh1:
ssh-version ssh1
Related Commands

show ssh-version

tarlog

This command creates two archives of system log files.

tarlog

Usage Guidelines

When you run the tarlog command, system log files are archived to var_logs_tgz.log, and logs_tgz.log.

These files can only be accessed from the web interface:

1. Run the tarlog command. The var_logs_tgz.log and logs_tgz.log archive files are created.

2. Select Administration > Appliance > Status > View Log File.

3. Save the desired archives to the desktop.

4. Change the file extension from .log to .tgz.

5. Unzip the file.

telnet

To Telnet to an external host, use the following command.

telnet { hostname | ip-address } [ portnumber ]

Syntax Description

hostname

Hostname of the external device.

ip-address

IP address of the external device.

portnumber

portnumber of the external device.

Example

Enter the following command to telnet to port 9851 of a system with the IP address 209.165.200.224:
telnet 209.165.200.224 9851
Related Commands

telnetenable

telnetenable

To control Telnet access to the WLSE, use the following command. The default is disabled.

telnetenable { enable [ ip-addresses | domains ] | disable | status }

Syntax Description

enable

Enables Telnet access to the system.

disable

Disables Telnet access to the system. This is the default.

status

Displays current access status.

ip-addresses

IP addresses of systems allowed Telnet access. If this argument is used, no other machines will be allowed access. Multiple IP address are allowed.

domains

Domains of systems allowed Telnet access. If this argument is used, machines with domains other than the specified domain will be denied Telnet access. Multiple domains are allowed.

Usage Guidelines

To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable specific IP addresses, use the telnetenable enable command followed by the IP addresses.

Example

This command enables Telnet for all IP source addresses:
telnetenable enable
Related Commands

show telnetenable

username

Use this command to create a new user account or change account properties. Use the no form of the command to remove a user account.

username name password password [ privilege { 0 | 15 }]
no username name

Syntax Description

name

Name of the user account to create or remove. User names can be up to 32 characters long.

password

Specifies a password for the account.

password

The password for the account. Passwords can be 5 to 8 characters long.

privilege

(Optional) Specifies the account privilege level.

0

Gives the account level 0 privileges. This is the default.

15

Gives the account level 15 privileges.

Usage Guidelines

The default privilege level is 0 if you do not provide the privilege option.

For information on the allowable characters in user names and passwords, see "Naming Guidelines."

Users that you create by using this command do not automatically have the HTTP access that is required for using the WLSE's web interface. To provide such users with HTTP access:

Step 1 Log into the Web interface as admin or as another user with system administrator privileges.

Step 2 Select Administration > User Admin, then select Manage Users.

Step 3 For each user you added by using the CLI:

a. Select the username, then select the relevant role(s).

b. Click Modify.

For more information about managing users, seeManaging Users.

Example

This command creates a user account named user1 with password password1 and privilege level 15:
username user1 password password1 privilege 15
This command removes the user account:
no username user1
webtimeout

This command sets the timeout period for the Web interface. After the timeout expires, you are logged out. The default is 30 minutes (1800 seconds).

webtimeout [ status | time seconds | default ]

Syntax Description

status

Shows the current web session timeout setting.

time seconds

Sets the web session timeout period.

default

Resets web session timeout to the default 30 minutes (1800 seconds).

Example
webtimeout time 3600 seconds
Maintenance Image Commands

This section describes the commands that are available when the system is booted from the maintenance image. For more information about the maintenance image, see the Installation and Configuration Guide for the CiscoWorks Wireless LAN Solution Engine, 2.7.

erase config

This command is identical to the level-15 erase config command. For a description, see erase config.

fsck

To check and repair the filesystem, use the following command.

fsck

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

This command might prompt you for confirmation before making certain repairs.

Example

The following command checks and repairs the filesystem:
fsck
reload

This command is identical to the level 15 reload command. For a description, see reload.