- show aaa accounting
- show aaa authentication
- show aaa authorization
- show aaa groups
- show aaa local user blocked
- show aaa user
- show access-class
- show access-lists
- show accounting log
- show checkpoint
- show checkpoint summary
- show checkpoint system
- show checkpoint user
- show diff rollback-patch checkpoint
- show diff rollback-patch file
- show diff rollback-patch running-config
- show diff rollback-patch startup-config
- show http-server
- show hardware profile tcam resource template
- show ip access-class
- show ip access-lists
- show ip arp
- show ip arp inspection
- show ip arp inspection interfaces
- show ip arp inspection log
- show ip arp inspection statistics
- show ip arp inspection vlan
- show ip arp sync-entries
- show ip dhcp snooping
- show ip dhcp snooping binding
- show ip dhcp snooping statistics
- show ipv6 access-lists
- show ip verify source
- show ipv6 dhcp-ldra
- show mac access-lists
- show platform afm info sup-tcam monitoring info
- show platform afm info tcam access stats
- show privilege
- show radius-server
- show role
- show role feature
- show role feature-group
- show rollback log
- show running-config aaa
- show running-config aclmgr
- show running-config arp
- show running-config dhcp
- show running-config radius
- show running-config security
- show ssh key
- show ssh server
- show startup-config aaa
- show startup-config aclmgr
- show startup-config arp
- show startup-config dhcp
- show startup-config radius
- show startup-config security
- show tacacs-server
- show telnet server
- show user-account
- show users
- show vlan access-list
- show vlan access-map
- show vlan filter
Show Commands
This chapter describes the Cisco NX-OS security show commands.
show aaa accounting
To display authentication, authorization, and accounting (AAA) accounting configuration, use the show aaa accounting command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the configuration of the accounting log:
Related Commands
|
|
---|---|
show aaa authentication
To display authentication, authorization, and accounting (AAA) authentication configuration information, use the show aaa authentication command.
show aaa authentication login [ error-enable | mschap ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the configured authentication parameters:
This example shows how to display the authentication login error enable configuration:
This example shows how to display the authentication login MS-CHAP configuration:
Related Commands
|
|
---|---|
show aaa authorization
To display AAA authorization configuration information, use the show aaa authorization command.
show aaa authorization [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the configured authorization methods:
Related Commands
|
|
---|---|
Configures default AAA authorization methods for EXEC commands. |
|
Configures default AAA authorization methods for configuration commands. |
show aaa groups
To display authentication, authorization, and accounting (AAA) server group configuration, use the show aaa groups command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display AAA group information:
Related Commands
|
|
---|---|
show aaa local user blocked
To display the blocked users, use the show aaa local user blocked command.
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
Examples
This example shows how to display the blocked users:
Related Commands
|
|
---|---|
show aaa user
To display the status of the default role assigned by the authentication, authorization, and accounting (AAA) server administrator for remote authentication, use the show aaa user command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the status of the default role assigned by the AAA server administrator for remote authentication:
Related Commands
|
|
---|---|
show access-class
To display all IPv4 access classes configured for VTY, use the show access-class command.
show access-class [ access-class-name ]
Syntax Description
(Optional) Name of the access class, which can be up to 64 alphanumeric, case-sensitive characters. |
Command Default
The switch shows all ACLs unless you use the access-class-name argument to specify an ACL.
Command Modes
Command History
|
|
Examples
This example shows how to display all access classes configured for VTY on the switch:
Related Commands
|
|
---|---|
show access-lists
To display all IPv4 and MAC access control lists (ACLs) or a specific ACL, use the show access-lists command.
show access-lists [ access-list-name ]
Syntax Description
(Optional) Name of an ACL, which can be up to 64 alphanumeric, case-sensitive characters. |
Command Default
The switch shows all ACLs unless you use the access-list-name argument to specify an ACL.
Command Modes
Command History
|
|
Examples
This example shows how to display all IPv4 and MAC ACLs on the switch:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
Related Commands
|
|
---|---|
show accounting log
To display the accounting log contents, use the show accounting log command.
show accounting log [ size ] [ start-time year month day HH : MM : SS ] [ end-time year month day HH : MM : SS ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the entire accounting log:
In Cisco NX-OS Release, this command displays the following output:
This example shows how to display 400 bytes of the accounting log:
This example shows how to display the accounting log starting at 16:00:00 on February 16, 2008:
This example shows how to display the accounting log starting at 15:59:59 on February 1, 2008 and ending at 16:00:00 on February 29, 2008:
Related Commands
|
|
---|---|
show checkpoint
To display the configuration at the time a checkpoint was implemented, use the show checkpoint command.
show checkpoint [ checkpoint-name ] [ all [ system | user ]]
Syntax Description
(Optional) Checkpoint name. The name can be a maximum of 32 characters. |
|
(Optional) Displays user-configured and system-configured checkpoints. |
|
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
The command output displays a history of the most recent (up to ten) checkpoint IDs. The checkpoint IDs represent the rollback points that allow the user to restore the system to a checkpoint configuration.
Examples
This example shows how to display the rollback checkpoints configured in the local switch:
This example shows how to display information about a specific checkpoint:
This example shows how to display all configured rollback checkpoints:
Related Commands
|
|
---|---|
Rolls back the configuration to any of the saved checkpoints. |
|
show checkpoint summary
To display a summary of the configured checkpoints, use the show checkpoint summary command.
show checkpoint summary [ system | user ]
Syntax Description
(Optional) Displays a summary of the system-configured checkpoints. |
|
(Optional) Displays a summary of the user-configured checkpoints. |
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the configuration rollback checkpoints summary:
This example shows how to display the summary of the system-configured rollback checkpoints:
This example shows how to display the summary of the user-configured rollback checkpoints:
Related Commands
|
|
---|---|
Rolls back the configuration to any of the saved checkpoints. |
|
show checkpoint system
To display only the system-configured checkpoints, use the show checkpoint system command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the rollback checkpoints defined by the system:
Related Commands
|
|
---|---|
Rolls back the configuration to any of the saved checkpoints. |
|
show checkpoint user
To display only the user-configured checkpoints, use the show checkpoint user command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the rollback checkpoints configured by the current user:
Related Commands
|
|
---|---|
Rolls back the configuration to any of the saved checkpoints. |
|
show diff rollback-patch checkpoint
To display the configuration differences between two checkpoints, use the show diff rollback-patch checkpoint command.
show diff rollback-patch checkpoint src-checkpoint-name checkpoint dest-checkpoint-name
Syntax Description
Source checkpoint name. The name can be a maximum of 32 characters. |
|
Destination checkpoint name. The name can be a maximum of 32 characters. |
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use this command to view the differences between the source and destination checkpoints that reference current or saved configurations. The configuration differences based on the current running configuration and checkpointed configuration are applied to the system to restore the running state of the system.
Examples
This example shows how to view the changes between two checkpoints, chkpnt-1 and chkpnt-2:
Related Commands
show diff rollback-patch file
To display the differences between the two checkpoint configuration files, use the show diff rollback-patch file command.
show diff rollback-patch file { bootflash: | volatile: }[ // server ][ directory / ][ src-filename ] { checkpoint dest-checkpoint-name | file { bootflash: | volatile: }[ // server ][ directory / ][ dest-filename ] | running-config | startup-config }
Syntax Description
Note There can be no spaces in the filesystem://server/directory/filename string. Individual elements of this string are separated by colons (:) and slashes (/).
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use this command to view the differences between the source and destination checkpoint configuration files that reference current or saved configurations. The configuration differences based on the current running configuration and checkpointed configuration are applied to the system to restore the running state of the system.
Examples
This example shows how to view the changes between two checkpoint configurations stored in files in the bootflash storage system:
Related Commands
show diff rollback-patch running-config
To display the differences between the current running configuration and the saved (checkpointed) configuration, use the show diff rollback-patch running-config command.
show diff rollback-patch running-config { checkpoint checkpoint-name | file { bootflash: | volatile: }[ // server ][ directory / ][ filename ] | running-config | startup-config }
Syntax Description
Note There can be no spaces in the filesystem://server/directory/filename string. Individual elements of this string are separated by colons (:) and slashes (/).
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use this command to view the differences between the current running configuration and destination checkpoints that reference a saved configuration. The configuration differences based on the current running configuration and checkpointed configuration are applied to the system to restore the running state of the system.
Examples
This example shows how to view the configuration changes between the current running configuration and a checkpoint named chkpnt-1:
This example shows how to view the configuration changes between the current running configuration and a saved configuration in the bootflash storage system:
This example shows how to view the configuration changes between the current running configuration and a checkpointed running configuration:
This example shows how to view the configuration changes between the current running configuration and a saved startup configuration:
Related Commands
show diff rollback-patch startup-config
To display the differences between the current startup configuration and the saved (checkpointed) configuration, use the show diff rollback-patch startup-config command.
show diff rollback-patch startup-config { checkpoint checkpoint-name | file { bootflash: | volatile: }[ // server ][ directory / ][ filename ] | running-config | startup-config }
Syntax Description
Note There can be no spaces in the filesystem://server/directory/filename string. Individual elements of this string are separated by colons (:) and slashes (/).
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Use this command to view the differences between the current startup configuration and destination checkpoints that reference a saved configuration. The configuration differences based on the current running configuration and checkpointed configuration are applied to the system to restore the running state of the system.
Examples
This example shows how to view the configuration changes between the current startup configuration and a checkpoint named chkpnt-1:
This example shows how to view the configuration changes between the current startup configuration and a saved configuration in the bootflash storage system:
This example shows how to view the configuration changes between the current startup configuration and a checkpointed running configuration:
This example shows how to view the configuration changes between the current startup configuration and a saved startup configuration:
Related Commands
show http-server
To display information about the HTTP or HTTPS configuration, use the show http-server command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the status of the HTTP server:
Related Commands
|
|
---|---|
show hardware profile tcam resource template
To display all the TCAM templates, use the show hardware profile tcam resource template command.
show hardware profile tcam resource template [default | tcam-feature-map | name template-name]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to display all the templates:
Related Commands
|
|
---|---|
show ip access-class
To display all IPv4 and IPv6 access classes configured for VTY, use the show ip access-class command.
show ip access-class [ access-class-name ]
Syntax Description
(Optional) Name of the access class, which can be up to 64 alphanumeric, case-sensitive characters. |
Command Default
The switch shows all ACLs unless you use the access-class-name argument to specify an ACL.
Command Modes
Command History
|
|
Examples
This example shows how to display all IP access classes configured for VTY on the switch:
Related Commands
|
|
---|---|
show ip access-lists
To display all IPv4 access control lists (ACLs) or a specific IPv4 ACL, use the show ip access-lists command.
show ip access-lists [ access-list-name ]
Syntax Description
(Optional) Name of an IPv4 ACL, which can be up to 64 alphanumeric, case-sensitive characters. |
Command Default
The switch shows all IPv4 ACLs unless you use the access-list-name argument to specify an ACL.
Command Modes
Command History
|
|
Usage Guidelines
By default, this command displays the IPv4 ACLs configured on the switch. The command displays the statistics information for an IPv4 ACL only if the IPv4 ACL is applied to the management (mgmt0) interface. If the ACL is applied to an SVI interface or in a QoS class map, then the command does not display any statistics information.
Examples
This example shows how to display all IPv4 ACLs on the switch:
In Cisco NX-OS release 5.0(2)N1(1), this example shows how to display all IPv4 ACLs on the switch:
Related Commands
|
|
---|---|
show ip arp
To display the Address Resolution Protocol (ARP) table statistics, use the show ip arp command.
show ip arp [ client | [ statistics | summary ] [ ethernet slot / port | loopback intf-num | mgmt mgmt-intf-num | port-channel channel-num | vlan vlan-id ] [ fhrp-non-active-learn ] [ static ] [ detail ] [ vrf { vrf-name | all | default | management }]]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
You must use the feature interface-vlan command before you can display the ARP information for VLAN interfaces.
Examples
This example shows how to display the ARP table:
This example shows how to display the detailed ARP table:
This example shows how to display the ARP table for VLAN 10 and all VRFs:
Table 1 describes the fields shown in the above displays.
Related Commands
|
|
---|---|
show ip arp inspection
To display the Dynamic ARP Inspection (DAI) configuration status, use the show ip arp inspection command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the status of the DAI configuration:
Related Commands
|
|
---|---|
Displays the trust state and the ARP packet rate for a specified interface. |
|
Displays DHCP snooping configuration, including the DAI configuration. |
show ip arp inspection interfaces
To display the trust state for the specified interface, use the show ip arp inspection interfaces command.
show ip arp inspection interfaces { ethernet slot / port | port-channel channel-number }
Syntax Description
(Optional) Specifies that the output is for an Ethernet interface. |
|
(Optional) Specifies that the output is for a port-channel interface. Valid port-channel numbers are from 1 to 4096. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the trust state for a trusted interface:
Related Commands
|
|
---|---|
Enables Dynamic ARP Inspection (DAI) for a specified list of VLANs. |
|
Displays DHCP snooping configuration, including the DAI configuration. |
show ip arp inspection log
To display the Dynamic ARP Inspection (DAI) log configuration, use the show ip arp inspection log command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the DAI log configuration:
Related Commands
|
|
---|---|
Displays DHCP snooping configuration, including the DAI configuration. |
show ip arp inspection statistics
To display the Dynamic ARP Inspection (DAI) statistics, use the show ip arp inspection statistics command.
show ip arp inspection statistics [ vlan vlan-list ]
Syntax Description
(Optional) Specifies the list of VLANs for which to display DAI statistics. Valid VLAN IDs are from 1 to 4094. You can specify a VLAN or range of VLANs. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the DAI statistics for VLAN 1:
Related Commands
|
|
---|---|
Displays DHCP snooping configuration, including the DAI configuration. |
show ip arp inspection vlan
To display the Dynamic ARP Inspection (DAI) status for the specified list of VLANs, use the show ip arp inspection vlan command.
show ip arp inspection vlan vlan-list
Syntax Description
List of VLANs that have the DAI status. The vlan-list argument allows you to specify a single VLAN ID, a range of VLAN IDs, or comma-separated IDs and ranges. Valid VLAN IDs are from 1 to 4094. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the DAI status for VLAN 1:
Related Commands
|
|
---|---|
Displays the trust state and the ARP packet rate for a specified interface. |
|
Displays DHCP snooping configuration, including the DAI configuration. |
show ip arp sync-entries
To display the Address Resolution Protocol (ARP) table information after an ARP table synchronization, use the show ip arp sync-entries command.
show ip arp sync-entries [ detail | vrf { vrf-name | all | default | management }]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to display the global ARP statistics on virtual port channels (vPCs):
Related Commands
|
|
---|---|
Displays the running configuration information for ARP tables. |
show ip dhcp snooping
To display general status information for Dynamic Host Configuration Protocol (DHCP) snooping, use the show ip dhcp snooping command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display general status information about DHCP snooping:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration. |
|
show ip dhcp snooping binding
To display IP-to-MAC address bindings for all interfaces or a specific interface, use the show ip dhcp snooping binding command.
show ip dhcp snooping binding [ IP-address ] [ MAC-address ] [ interface ethernet slot / port ] [ vlan vlan-id ]
show ip dhcp snooping binding [ dynamic ]
show ip dhcp snooping binding [ static ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
The binding interface includes static IP source entries. Static entries appear with the term “static” in the Type column.
Examples
This example shows how to show all bindings:
Related Commands
show ip dhcp snooping statistics
To display Dynamic Host Configuration Protocol (DHCP) snooping statistics, use the show ip dhcp snooping statistics command.
show ip dhcp snooping statistics
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display DHCP snooping statistics:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration. |
|
show ipv6 access-lists
To display all IPv6 access control lists (ACLs) or a specific IPv6 ACL, use the show ipv6 access-lists command.
show ipv6 access-lists [ access-list-name ] [ expanded | summary ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
The device shows all IPv6 ACLs, unless you use the access-list-name argument to specify an ACL.
The summary keyword allows you to display information about the ACL rather than the ACL configuration. The information displayed includes the following:
- Whether per-entry statistics is configured for the ACL.
- The number of rules in the ACL configuration. This number does not reflect how many entries the ACL contains when the device applies it to an interface. If a rule in the ACL uses an object group, the number of entries in the ACL when it is applied may be much greater than the number of rules.
- The interfaces that the ACL is applied to.
- The interfaces that the ACL is active on.
The show ipv6 access-lists command displays statistics for each entry in an ACL if the following conditions are both true:
Examples
This example shows how to display all IPv6 ACLs on a switch:
Related Commands
|
|
---|---|
show ip verify source
To display the IP Source Guard-enabled interfaces and the IP-to-MAC address bindings, use the show ip verify source command.
show ip verify source [ interface { ethernet slot / port | port-channel channel-number }]
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the IP Source Guard-enabled interfaces and the IP-to-MAC address bindings on the switch:
Related Commands
|
|
---|---|
Creates a static IP source entry for the specified Ethernet interface. |
|
Displays DHCP snooping configuration, including the IP Source Guard configuration. |
show ipv6 dhcp-ldra
To display configuration details and statistics for the Lightweight DHCPv6 Relay Agent (LDRA), use the show ipv6 dhcp-ldra command.
show ipv6 dhcp-ldra [statistics [vlan vlan-id | interface interface-id]]
Syntax Description
Defaults
Command Modes
Command History
|
|
Usage Guidelines
To use this command, you must enable the LDRA feature by using the ipv6 dhcp ldra command.
Examples
This example shows how to enable the LDRA feature on the specified interface:
Related Commands
|
|
---|---|
show mac access-lists
To display all Media Access Control (MAC) access control lists (ACLs) or a specific MAC ACL, use the show mac access-lists command.
show mac access-lists [ access-list-name ]
Syntax Description
(Optional) Name of a MAC ACL, which can be up to 64 alphanumeric, case-sensitive characters. |
Command Default
The switch shows all MAC ACLs unless you use the access-list-name argument to specify an ACL.
Command Modes
Command History
|
|
Examples
This example shows how to display all MAC ACLs on the switch:
Related Commands
|
|
---|---|
show platform afm info sup-tcam monitoring info
To display details about supervisor-region Ternary Content-Addressable Memory (TCAM) monitoring, use the show platform afm info sup-tcam monitoring info command.
show platform afm info sup-tcam monitoring info
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to display details about sup-region TCAM monitoring:
Related Commands
show platform afm info tcam access stats
To display write access statistics per Ternary Content-Addressable Memory (TCAM) entry per ASIC per slot, along with the number of writes, clears and timestamps of the writes and clears since the previous switch reload, use the show platform afm info tcam access stats command.
show platform afm info tcam access stats [ASIC-ID]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
Examples
This example shows how to display write access statistics per TCAM entry per ASIC per slot, along with the number of writes, clears and timestamps of the writes and clears since the previous switch reload:
Related Commands
|
|
---|---|
show privilege
To show the current privilege level, username, and status of cumulative privilege support, use the show privileg e command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
When the feature privilege command is enabled, privilege roles inherit the permissions of lower level privilege roles.
Examples
This example shows how to view the current privilege level, username, and status of cumulative privilege support:
Related Commands
|
|
---|---|
Enables the cumulative privilege of roles for command authorization on RADIUS and TACACS+ servers. |
|
show radius-server
To display RADIUS server information, use the show radius-server command.
show radius-server [ hostname | ipv4-address | ipv6-address ] [ directed-request | groups [ group-name ] | sorted | statistics hostname | ipv4-address | ipv6-address ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
RADIUS preshared keys are not visible in the show radius-server command output. Use the show running-config radius command to display the RADIUS preshared keys.
Examples
This example shows how to display information for all RADIUS servers:
This example shows how to display information for a specified RADIUS server:
This example shows how to display the RADIUS directed request configuration:
This example shows how to display information for RADIUS server groups:
This example shows how to display information for a specified RADIUS server group:
This example shows how to display sorted information for all RADIUS servers:
This example shows how to display statistics for a specified RADIUS servers:
Related Commands
|
|
---|---|
Displays the RADIUS information in the running configuration file. |
show role
To display the user role configuration, use the show role command.
Syntax Description
(Optional) Displays information for a specific user role name. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display information for a specific user role:
This example shows how to display information for all user roles:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
Related Commands
|
|
---|---|
show role feature
To display the user role features, use the show role feature command.
show role feature [ detail | name feature-name ]
Syntax Description
(Optional) Displays detailed information for a specific feature. The name can be a maximum of 16 alphanumeric characters and is case sensitive. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the user role features:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
This example shows how to display detailed information all the user role features:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
This example shows how to display detailed information for a specific user role feature named arp:
In Cisco NX-OS Release 5.0(2)N1(1), this command displays the following output:
Related Commands
|
|
---|---|
show role feature-group
To display the user role feature groups, use the show role feature-group command.
show role feature-group [ detail | name group-name ]
Syntax Description
(Optional) Displays detailed information for all feature groups. |
|
(Optional) Displays detailed information for a specific feature group. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the user role feature groups:
This example shows how to display detailed information about all the user role feature groups:
This example shows how to display information for a specific user role feature group:
Related Commands
|
|
---|---|
show rollback log
To display the log of configuration rollbacks on the switch, use the show rollback log command.
show rollback log { exec | verify }
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
If the rollback log is empty, the following message appears:
Examples
This example shows how to display the rollback execution log:
This example shows how to display the rollback verification log:
Related Commands
|
|
---|---|
show running-config aaa
To display authentication, authorization, and accounting (AAA) configuration information in the running configuration, use the show running-config aaa command.
show running-config aaa [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the configured AAA information in the running configuration:
Related Commands
show running-config aclmgr
To display the access control list (ACL) configuration in the running configuration, use the show running-config aclmgr command.
show running-config aclmgr [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the ACL running configuration:
This example shows how to display only the VTY running configuration:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration file. |
|
show running-config arp
To display the Address Resolution Protocol (ARP) configuration in the running configuration, use the show running-config arp command.
show running-config arp [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the ARP configuration:
This example shows how to display the ARP configuration with the default information:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration file. |
|
show running-config dhcp
To display the Dynamic Host Configuration Protocol (DHCP) snooping configuration in the running configuration, use the show running-config dhcp command.
show running-config dhcp [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
To use this command, you must enable the DHCP snooping feature using the feature dhcp command.
Examples
This example shows how to display the DHCP snooping configuration:
This example shows how to display the DHCP snooping configuration with the default information:
This example shows how to display the DHCP snooping configuration and the IP Source Guard information on a switch that runs Cisco NX-OS Release 5.0(3)N1(1):
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration. |
|
show running-config radius
To display RADIUS server information in the running configuration, use the show running-config radius command.
show running-config radius [ all ]
Syntax Description
(Optional) Displays default RADIUS configuration information. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display information for RADIUS in the running configuration:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
Related Commands
|
|
---|---|
show running-config security
To display user account, Secure Shell (SSH) server, and Telnet server information in the running configuration, use the show running-config security command.
show running-config security [ all ]
Syntax Description
(Optional) Displays default user account, SSH server, and Telnet server configuration information. |
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display user account, SSH server, and Telnet server information in the running configuration:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
Related Commands
|
|
---|---|
show ssh key
To display the Secure Shell (SSH) server key, use the show ssh key command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
This command is available only when SSH is enabled using the ssh server enable command.
Examples
This example shows how to display the SSH server key:
In Cisco NX-OS Release 5.0(2)N1(1), the following output is displayed:
Related Commands
|
|
---|---|
show ssh server
To display the Secure Shell (SSH) server status, use the show ssh server command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the SSH server status:
Related Commands
|
|
---|---|
show startup-config aaa
To display authentication, authorization, and accounting (AAA) configuration information in the startup configuration, use the show startup-config aaa command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the AAA information in the startup configuration:
Related Commands
|
|
---|---|
Displays AAA configuration information in the running configuration. |
show startup-config aclmgr
To display the access control list (ACL) configuration in the startup configuration, use the show startup-config aclmgr command.
show startup-config aclmgr [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the ACL startup configuration:
This example shows how to display only the VTY startup configuration:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration file. |
|
show startup-config arp
To display the Address Resolution Protocol (ARP) configuration in the startup configuration, use the show startup-config arp command.
show startup-config arp [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display the ARP startup configuration:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration file. |
|
show startup-config dhcp
To display the Dynamic Host Configuration Protocol (DHCP) snooping configuration in the startup configuration, use the show running-config dhcp command.
show running-config dhcp [ all ]
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Usage Guidelines
To use this command, you must enable the DHCP snooping feature using the feature dhcp command.
Examples
This example shows how to display the DHCP snooping configuration in the startup configuration file:
Related Commands
|
|
---|---|
Copies the running configuration to the startup configuration. |
|
show startup-config radius
To display RADIUS configuration information in the startup configuration, use the show startup-config radius command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the RADIUS information in the startup configuration:
Related Commands
|
|
---|---|
Displays RADIUS server information in the running configuration. |
show startup-config security
To display user account, Secure Shell (SSH) server, and Telnet server configuration information in the startup configuration, use the show startup-config security command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the user account, SSH server, and Telnet server information in the startup configuration:
Related Commands
|
|
---|---|
Displays user account, Secure Shell (SSH) server, and Telnet server information in the running configuration. |
show tacacs-server
To display TACACS+ server information, use the show tacacs-server command.
show tacacs-server [ hostname | ip4-address | ip6-address ] [ directed-request | groups | sorted | statistics ]
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
TACACS+ preshared keys are not visible in the show tacacs-server command output. Use the show running-config tacacs+ command to display the TACACS+ preshared keys.
You must use the feature tacacs+ command before you can display TACACS+ information.
Examples
This example shows how to display information for all TACACS+ servers:
This example shows how to display information for a specified TACACS+ server:
This example shows how to display the TACACS+ directed request configuration:
This example shows how to display information for TACACS+ server groups:
This example shows how to display information for a specified TACACS+ server group:
This example shows how to display sorted information for all TACACS+ servers:
This example shows how to display statistics for a specified TACACS+ server:
Related Commands
|
|
---|---|
Displays the TACACS+ information in the running configuration file. |
show telnet server
To display the Telnet server status, use the show telnet server command.
Syntax Description
Command Default
Command Modes
Command History
|
|
Examples
This example shows how to display the Telnet server status:
Related Commands
|
|
---|---|
show user-account
To display information about the user accounts on the switch, use the show user-account command.
Syntax Description
(Optional) Information about the specified user account only. |
Command Default
Displays information about all the user accounts defined on the switch.
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display information about all the user accounts defined on the switch:
This example shows how to display information about a specific user account:
Related Commands
|
|
---|---|
show users
To display the users currently logged on the switch, use the show users command.
Syntax Description
Command Default
Command Modes
Command History
|
|
---|---|
Examples
This example shows how to display all the users currently logged on the switch:
Related Commands
|
|
---|---|
show vlan access-list
To display the contents of the IPv4 access control list (ACL) or MAC ACL associated with a specific VLAN access map, use the show vlan access-list command.
show vlan access-list map-name
Syntax Description
Command Default
Command Modes
Command History
|
|
Usage Guidelines
For the specified VLAN access map, the switch displays the access map name and the contents of the ACL associated with the map.
Examples
This example shows how to display the contents of the ACL associated with the specified VLAN access map:
Related Commands
|
|
---|---|
Displays information about how a VLAN access map is applied. |
|
show vlan access-map
To display all VLAN access maps or a VLAN access map, use the show vlan access-map command.
show vlan access-map [ map-name ]
Syntax Description
Command Default
The switch shows all VLAN access maps, unless you use the map-name argument to select a specific access map.
Command Modes
Command History
|
|
Usage Guidelines
For each VLAN access map displayed, the switch shows the access map name, the ACL specified by the match command, and the action specified by the action command.
Use the show vlan filter command to see which VLANs have a VLAN access map applied to them.
Examples
This example shows how to display a specific VLAN access map:
This example shows how to display all VLAN access maps:
Related Commands
show vlan filter
To display information about instances of the vlan filter command, including the VLAN access map and the VLAN IDs affected by the command, use the show vlan filter command.
show vlan filter [ access-map map-name | vlan vlan-id ]
Syntax Description
(Optional) Limits the output to VLANs that the specified access map is applied to. |
|
(Optional) Limits the output to access maps that are applied to the specified VLAN only. |
Command Default
All instances of VLAN access maps applied to a VLAN are displayed, unless you use the access-map keyword and specify an access map or you use the vlan keyword and specify a VLAN ID.
Command Modes
Command History
|
|
Examples
This example shows how to display all VLAN access map information on the switch:
Related Commands
|
|
---|---|
Specifies an action for traffic filtering in a VLAN access map. |
|
Specifies an ACL for traffic filtering in a VLAN access map. |
|