These commands are used to control system logs, passwords,
user name, browser configuration options, and display or configure a variety
of other system information.
After initially logging onto the system, you should set the administrator (Privileged
Exec) and guest (Normal Exec) passwords. Remember to record them in a safe place.
Use the enable password command to set the password for access to the
Privileged Exec level from the Normal Exec level. Use the no form to
reset the default password.
levellevel - Only level 15 (Privileged Exec) is
valid for this command.
{0 | 7} - 0 means plain password, 7 means encrypted password.
password - password for this privilege level.
(Maximum length: 8 characters, case sensitive)
Default Setting
The default password is "super"
Command Mode
Global Configuration
Command Usage
You cannot set a null password. You will have to enter a password to change
the command mode from Normal Exec to Privileged Exec with the enable
command.
The encrypted password is required for compatiblity with legacy password
settings (i.e., plain text or encrypted) when reading the configuration file
during system bootup or when downloading the configuration file from a TFTP
server. There is no need for you to manually configure encrypted passwords.
Use this command to control logging of error messages. This command sends debug
or error messages to a logging process. The no form disables the logging
process.
Syntax
logging on
no logging on
Default Setting
None
Command Mode
Global Configuration
Command Usage
The logging process controls error messages saved to switch memory or sent
to remote syslog servers. You can use the logging history command to
control the type of error messages that are stored in memory. The logging
trap command controls the type of error messages that are sent to specified
syslog servers.
Use this command to limit syslog messages saved to switch memory based on severity.
The no form returns the logging of syslog messages to the default level.
Syntax
logging history {flash | ram} level no logging history {flash | ram}
flash- Event history stored in flash memory (i.e., permanent
memory).
ram- Event history stored in temporary RAM (i.e., memory
flushed on power reset).
level - One of the level arguments listed in Table
1. Messages sent include the selected level up through level 0.
The message level specified for Flash memory must be a higher priority (i.e.,
numerically lower) than that specified for RAM.
The switch can hold up to 4096 event log entries in Flash memory, with the
oldest entries being overwritten first when the available memory for logs
(256 Kilobyte)
has been exceeded.
Example
Console(config)#logging history
ram 0
Console(config)#
Use this command to limit syslog messages saved to a remote server based on
severity. Use the no form to return the remote logging of syslog messages
to the default level.
Syntax
logging traplevel no logging traplevel
level - One of the level arguments listed in Table
1 above. Messages sent include the selected level up through level 0.
Use this command to require user name authentication at login. Use the no
form to remove a user name.
Syntax
usernamename {access-levellevel | nopassword
| password {0 | 7} password} no username name
name - The name of the user.
(Maximum length: 8 characters, case sensitive; maximum number of users:
16)
access-levellevel - Specifies the user level.
The device has two predefined privilege levels: 0: Normal Exec, 15:
Privileged Exec.
nopassword - No password is required for this user to log in.
{0 | 7}- 0 means plain password, 7 means encrypted
password.
passwordpassword - The authentication password for the
user.
(Maximum length: 8 characters plain text, 32 encrypted, case sensitive)
Default Setting
The default access level is Normal Exec.
Factory defaults for the user names and passwords are:
username
access-level
password
guest
admin
0 (Normal Exec)
15 (Privileged Exec)
guest
admin
Command Mode
Global Configuration
Command Usage
The encrypted password is required for compatiblity with legacy password
settings (i.e., plain text or encrypted) when reading the configuration file
during system bootup or when downloading the configuration file from a TFTP
server. There is no need for you to manually configure encrypted passwords.
Example
Console(config)#username bob
access-level 15 Console(config)#username bob password 0 smith
Console(config)#
Use this command to enable jumbo frames through this device. Use the no
form to disable jumbo frames.
Syntax
jumbo frame no jumbo frame
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
This command is only available for the PowerConnect 5224.
This switch provides more efficient throughput for large sequential data
transfers by supporting Jumbo frames up to 9000 bytes. Compared to standard
Ethernet frames that run only up to 1.5 KB, using jumbo frames significantly
reduces the per-packet overhead required to process protocol encapsulation
fields.
To use jumbo frames, both the source and destination end nodes (such as
a computer or server) must support this feature. Also, when the connection
is operating at full duplex, all switches in the network between the two end
nodes must be able to accept the extended frame size. And for half-duplex
connections, all devices in the collision domain would need to support jumbo
frames.
Enabling jumbo frames will limit the maximum threshold for broadcast storm
control to 64 packets per second. (See the switchport
broadcast command.)
Use this command to specify the UDP port number used for HTTPS/SSL connection
to the switch’s Web interface. Use the no form to restore the default
port..
Syntax
ip http secure-portport-number no ip http secure-port
port-number - The UDP port used for HTTPS/SSL. (Range: 1-65535)
Default Setting
443
Command Mode
Global Configuration
Command Usage
You cannot configure the HTTP and HTTPS servers to use the same port.
If you change the HTTPS port number, clients attempting to connect to the
HTTPS server must specify the port number in the URL, in this format: https://device:port_number
Use this command to enable the secure hypertext transfer protocol (HTTPS) over
the Secure Socket Layer (SSL), providing secure access (i.e., an encrypted connection)
to the switch’s Web interface. Use the no form to disable this function.
Syntax
ip http secure-server
no ip http secure-server
Default Setting
Enabled
Command Mode
Global Configuration
Command Usage
Both HTTP and HTTPS service can be enabled independently.
If you enable HTTPS, you must indicate this in the URL: https://device[port_number]
When you start HTTPS, the connection is established in this way:
The client authenticates the server using the server’s digital certificate.
The client and server negotiate a set of security protocols to use for
the connection.
The client and server generate session keys for encrypting and decrypting
data.
The client and server establish a secure encrypted connection. A padlock
icon should appear in the status bar for Internet Explorer 5.x and Netscape
Navigator 4.x.
The following Web browsers and operating systems currently support HTTPS:
Table 2. Web Browsers
Web Browser
Operating System
Internet Explorer 5.0
or later
Windows 98,Windows NT
(with service pack 6a), Windows 2000
Netscape Navigator 4.76
or later
Windows 98,Windows NT
(with service pack 6a), Windows 2000, Solaris 2.6
Use this command to enable the Secure Shell (SSH) server on this switch. Use
the no form to disable this service.
Syntax
ip ssh server no ip ssh server
Default Setting
Disabled
Command Mode
Global Configuration
Command Usage
The SSH server supports up to four client sessions. The maximum number of
client sessions includes both current Telnet sessions and SSH sessions.
The SSH server uses RSA for key exchange when the client first establishes
a connection with the switch, and then negotiates with the client to select
either DES (56-bit) or 3DES (168-bit) for data encryption.
Use this command to configure authentication control parameters for the Secure
Shell (SSH) server on this switch. Use the no form to restore the default
settings.
Syntax
ip ssh {[timeoutseconds] | [authentication-retriescount]} no ip ssh {[timeout] | [authentication-retries]}
seconds – The timeout for client response during SSH negotiation.
(Range: 1-120) count – The number of authentication attempts permitted after
which the interface is reset. (Range: 1-5)
Default Setting
Timeout: 120 seconds
Count: 3
Command Mode
Global Configuration
Command Usage
The timeout specifies the interval the switch will wait for a response
from the client during the SSH negotiation phase. Once an SSH session has
been established, the timeout for user input is controlled by the exec-timeout
command for vty sessions.
Use this command to display the configuration information currently in use.
Default Setting
None
Command Mode
Privileged Exec
Command Usage
Use this command in conjunction with the show startup-config command
to compare the information in running memory to the information stored in
non-volatile memory.
Example
Console#show running-config
building running-config, please wait.....
!
!
snmp-server community private rw
snmp-server community public ro
!
username admin access-level 15
username admin password 7 21232f297a57a5a743894a0e4a801fc3
username guest access-level 0
username guest password 7 084e0343a0486ff05530df6c705c8bb4
enable password level 15 7 1b3231655cebb7a1f783eddf27d254ca
!
vlan database
vlan 1 name DefaultVlan media ethernet state active
!
!
interface ethernet 1/1
switchport allowed vlan add 1 untagged
switchport native vlan 1
.
.
.
interface vlan 1
ip address 10.1.0.4 255.255.255.0
!
!
!
!
!
!
!
line console
!
!
line vty
exec-timeout 65535
!
!
!
end
Console#
Console#show system
System description: PowerConnect 3248
System OID string: 1.3.6.1.4.1.674.10895.3
System information
System Up time: 0 days, 0 hours, 55 minutes, and 54.91 seconds
System Name :
Switch
System Location : Boston
System Contact :
Charles
MAC address :
00-00-e8-00-00-01
Web server :
enable
Web server port : 80
Web secure server : enable
Web secure server port : 443
POST result
UART Loopback Test......................PASS
Timer Test..............................PASS
DRAM Test ..............................PASS
I2C Initialization......................PASS
Runtime Image Check ....................PASS
PCI Device Check .......................PASS
Switch Driver Initialization............PASS
Switch Internal Loopback Test...........PASS
------------------- DONE --------------------
Console#
Use this command to display hardware and software version information for the
system.
Default Setting
None
Command Mode
Normal Exec, Privileged Exec
Example
Console#show
version
Unit1
Serial number :00000000000000000000
Service tag :0000000
Hardware version :R0C
Number of ports :50
Main power status :up
Redundant power status :not present
Agent(master)
Unit id :1
Loader version :1.0.0.0
Boot rom version :1.0.0.3
Operation code version :2.0.0.19
Console#
