![Zyxel NXC5200 [4/262] Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations](/img/pdf.png)
Zyxel NXC5200 [4/262] Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations
![Zyxel NXC5200 [4/262] Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations](/views2/1169029/page4/bg4.png)
Document Conventions
NXC CLI Reference Guide
4
Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your device.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The NXC may be referred to as the “NXC”, the “device”, the “system” or the “product” in
this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]
means the “enter” or “return” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key.
“Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,
Maintenance > Log > Log Setting means you first click Maintenance in the navigation
panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For
example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”
or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
Содержание
- Cli reference guide 1
- Default login 1
- Nxc5200 1
- Www zyxel com 1
- About this cli reference guide 3
- Some features cannot be configured in both the web configurator and cli 3
- Document conventions 4
- Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations 4
- Warnings tell you about things that could harm you or your device 4
- Document conventions 5
- Figures in this user s guide may use the following generic icons the nxc icon is not an exact representation of your device 5
- Icons used in figures 5
- Nxc cli reference guide 5
- Contents overview 7
- Accessing the cli 9
- Command line interface 9
- Hapter 9
- Overview 9
- The configuration file 9
- Console port 10
- The nxc might force you to log out of your session if reauthentication time lease time or idle timeout is reached see chapter 21 on page 151 for more information about these settings 10
- Web configurator console 11
- Before you use the console ensure that 12
- Chapter 1 command line interface 12
- Click the console button on the web configurator title bar 12
- Label description 12
- Nxc cli reference guide 12
- Table 2 console 12
- The following table describes the elements in this screen 12
- To login in through the console 12
- Your web browser of choice allows pop up windows from the ip address assigned to your nxc your web browser allows java programs you are using the latest version of the java program http www java com 12
- Ssh secure shell 14
- Telnet 14
- The default login username is admin and password is 1234 the username and password are case sensitive 14
- Background information 15
- Command input values 15
- How commands are explained 15
- How to find commands in this guide 15
- See the user s guide for background information about most features 15
- Changing the password 16
- Cli modes 16
- Command examples 16
- Command summary 16
- Command syntax 16
- A list of valid commands can be found by typing 17
- At the command prompt to view a list of available commands within a command group enter 17
- At the time of writing there is not much difference between user and privilege mode for admin users this is reserved for future use 17
- Chapter 1 command line interface 17
- List of available commands 17
- Nxc cli reference guide 17
- See chapter 21 on page 151 for more information about the user types user users can only log in look at but not run the available commands in user mode and log out limited admin users can look at the configuration in the web configurator and cli and they can run basic diagnostics in the cli admin users can configure the nxc in the web configurator or cli 17
- Shortcuts and help 17
- Table 3 cli modes continued 17
- Chapter 1 command line interface 18
- Figure 5 help available commands example 1 18
- Figure 6 help available command example 2 18
- Figure 7 help sub command information example 18
- Figure 8 help required user input example 18
- List of sub commands or required user input 18
- Nxc cli reference guide 18
- To view detailed help information for a command enter 18
- Command history 19
- Entering a in a command 19
- Entering partial commands 19
- Erase current command 19
- Navigation 19
- The no commands 19
- Chapter 1 command line interface 20
- Description 20
- Input values 20
- Nxc cli reference guide 20
- Table 4 input value formats for strings in cli commands 20
- The following table provides more information about input values like 20
- You can use the or tab to get more information about the next input value that is required for a command in some cases the next input value is a string whose length and allowable characters may not be displayed in the screen for example in the following example the next input value is a string called 20
- Chapter 1 command line interface 21
- Nxc cli reference guide 21
- Table 4 input value formats for strings in cli commands continued 21
- Chapter 1 command line interface 22
- Nxc cli reference guide 22
- Table 4 input value formats for strings in cli commands continued 22
- Always save the changes before you log out after each management session all unsaved changes will be lost after the system restarts 23
- Command in user mode or privilege mode to log out of the cli 23
- Command to save the current configuration to the nxc 23
- Enter the 23
- Logging out 23
- Or end command in configure mode to go to privilege mode 23
- Saving configuration changes 23
- Use the 23
- Hapter 25
- User and privilege modes 25
- Chapter 2 user and privilege modes 26
- Note these commands are for zyxel s internal manufacturing process 26
- Nxc cli reference guide 26
- Subsequent chapters in this guide describe the configuration commands user privilege mode commands that are also configuration commands for example show are described in more detail in the related configuration command chapter 26
- Table 5 user u and privilege p mode commands continued 26
- Chapter 2 user and privilege modes 27
- Debug commands 27
- Debug commands marked with an asterisk are not available when the debug flag is on and are for zyxel service personnel use only the debug commands follow a syntax that is linux based so if there is a linux equivalent it is displayed in this chapter for your reference you must know a command listed here well before you use it otherwise it may cause undesired results 27
- Nxc cli reference guide 27
- Table 6 debug commands 27
- Chapter 2 user and privilege modes 28
- Nxc cli reference guide 28
- Table 6 debug commands continued 28
- Hapter 29
- Object reference 29
- Object reference commands 29
- Chapter 3 object reference 30
- Nxc cli reference guide 30
- Object reference command example 30
- Table 7 show reference commands continued 30
- This example shows how to check which configuration is using an address object named lan1_subnet for the command output firewall rule 3 named lan1 to usg 2000 is using the address object 30
- Hapter 31
- Status 31
- Chapter 4 status 32
- Here are examples of the commands that display the fan speed mac address memory usage ram size and serial number 32
- Here is an example of the command that displays the listening ports 32
- Nxc cli reference guide 32
- Chapter 4 status 33
- Here is an example of the command that displays the open ports 33
- Nxc cli reference guide 33
- Chapter 4 status 34
- Here are examples of the commands that display the system uptime and model firmware and build information 34
- Nxc cli reference guide 34
- This example shows the current led states on the nxc the sys led lights on and green 34
- Hapter 35
- Myzyxel com overview 35
- Registration 35
- Subscription services available on the nxc 35
- Registration commands 36
- To update the signature file or use a subscription service you have to register the nxc and activate the corresponding service at myzyxel com through the nxc 36
- Command examples 37
- Command to enter the configuration mode before you can use these commands 37
- The following command displays the account information and whether the device is registered 37
- The following commands allow you to register your device with an existing account or create a new account and register the device at one time and activate a trial service subscription 37
- The following table describes the commands available for registration you must use the 37
- Chapter 5 registration 38
- Country code 38
- Nxc cli reference guide 38
- Table 11 country codes 38
- The following command displays the service registration status and type and how many days remain before the service expires 38
- The following table displays the number for each country 38
- Chapter 5 registration 39
- Nxc cli reference guide 39
- Table 11 country codes continued 39
- Chapter 5 registration 40
- Nxc cli reference guide 40
- Table 11 country codes continued 40
- Chapter 5 registration 41
- Nxc cli reference guide 41
- Table 11 country codes continued 41
- Hapter 43
- Interface general commands summary 43
- Interface overview 43
- Interfaces 43
- Types of interfaces 43
- Basic interface properties and ip address commands 44
- Chapter 6 interfaces 44
- Nxc cli reference guide 44
- Table 12 input values for general interface commands continued 44
- Table 13 interface general commands basic properties and ip address assignment 44
- The following sections introduce commands that are supported by several types of interfaces 44
- This table lists basic properties and ip address commands 44
- Chapter 6 interfaces 45
- Nxc cli reference guide 45
- Table 13 interface general commands basic properties and ip address assignment continued 45
- Basic interface properties command examples 46
- Chapter 6 interfaces 46
- Nxc cli reference guide 46
- The following commands make ethernet interface ge1 a dhcp client 46
- This example shows how to modify the name of interface ge4 to vip first you have to check the interface system name ge4 in this example on the nxc then change the name and display the result 46
- Chapter 6 interfaces 47
- Nxc cli reference guide 47
- This example shows how to change the user defined name from vip to partner note that you have to use the interface rename command if you do not know the system name of the interface to use the interface name command you have to find out the corresponding system name first ge4 in this example this example also shows how to change the user defined name from partner to customer using the interface name command 47
- This example shows how to restart an interface you can check all interface names on the nxc then use either the system name or user defined name of an interface ge4 or customer in this example to restart it 47
- Chapter 6 interfaces 48
- Dhcp setting commands 48
- Hardware addres 48
- Networ 48
- Note the ip address must be in the same subnet as the interface to which you plan to bind the dhcp pool 48
- Nxc cli reference guide 48
- Table 14 interface commands dhcp settings 48
- This table lists dhcp setting commands dhcp is based on dhcp pools create a dhcp pool if you want to assign a static ip address to a mac address or if you want to specify the starting ip address and pool size of a range of ip addresses that can be assigned to dhcp clients there are different commands for each configuration afterwards in either case you have to bind the dhcp pool to the interface 48
- Chapter 6 interfaces 49
- First and the start address must be in the same subnet 49
- Network numbe 49
- Note the dhcp pool must have the same subnet as the interface to which you plan to bind it 49
- Note you must specify the 49
- Nxc cli reference guide 49
- Table 14 interface commands dhcp settings continued 49
- Chapter 6 interfaces 50
- Dhcp setting command examples 50
- Nxc cli reference guide 50
- Table 14 interface commands dhcp settings continued 50
- The following example uses these commands to configure dhcp pool dhcp_test 50
- Chapter 6 interfaces 51
- Connectivity check ping check commands 51
- Nxc cli reference guide 51
- Table 15 interface commands ping check 51
- This table lists the ping check commands 51
- Use these commands to have an interface regularly check the connection to the gateway you specified to make sure it is still available you specify how often the interface checks the connection how long to wait for a response before the attempt is a failure and how many consecutive failures are required before the nxc stops routing to the gateway the nxc resumes routing to the gateway the first time the gateway passes the connectivity check 51
- Chapter 6 interfaces 52
- Connectivity check command example 52
- Ethernet interface specific commands 52
- Mac address setting commands 52
- Nxc cli reference guide 52
- Table 16 input values for ethernet interface commands 52
- Table 17 interface commands mac setting 52
- The following commands show you how to set the wan1 interface to use a tcp handshake on port 8080 to check the connection to ip address 1 52
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 52
- This section covers commands that are specific to ethernet interfaces 52
- This table lists the commands you can use to set the mac address of an interface 52
- In cli representative interfaces are also called representative ports 53
- Port commands 53
- This section covers commands that are specific to ports 53
- Chapter 6 interfaces 54
- Command to enter the configuration mode before you can use these commands 54
- Configure termina 54
- Nxc cli reference guide 54
- Port role commands 54
- Port role examples 54
- Table 19 command summary port role 54
- The following are two port role examples 54
- The following table describes the commands available for port role identification you must use the 54
- A virtual local area network vlan divides a physical network into multiple logical networks the standard is defined in ieee 802 q 55
- Command to enter the configuration mode before you can use these commands 55
- In the nxc each vlan is called a vlan interface as a router the nxc routes traffic between vlan interfaces but it does not route traffic within a vlan interface 55
- Otherwise vlan interfaces are similar to other interfaces in many ways they have an ip address subnet mask and gateway used to make routing decisions they restrict bandwidth and packet size they can provide dhcp services and they can verify the gateway is available 55
- The following table describes the commands available for vlan interface managment you must use the 55
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 55
- Vlan interface specific commands 55
- Vlan0 is the default vlan interface it cannot be deleted and its vid cannot changed 55
- Chapter 6 interfaces 56
- Nxc cli reference guide 56
- Table 21 command summary vlan interface profile continued 56
- Chapter 6 interfaces 57
- Nxc cli reference guide 57
- This example changes vlan interface vlan0 to use dhcp 57
- This example creates a vlan interface called vlan0 57
- Vlan interface examples 57
- Hapter 59
- Policy route 59
- Policy route commands 59
- Chapter 7 route 60
- Command to enter the configuration mode before you can use these commands 60
- Configure termina 60
- Nxc cli reference guide 60
- Table 23 command summary policy route 60
- The following table describes the commands available for policy route you must use the 60
- Chapter 7 route 61
- Nxc cli reference guide 61
- Table 23 command summary policy route continued 61
- Assured forwarding af behavior is defined in rfc 2597 the af behavior group defines four af classes inside each class packets are given a high medium or low drop precedence the drop precedence determines the probability that routers in the network will drop packets when congestion occurs if congestion occurs between classes the traffic in the higher class smaller numbered class is generally given priority combining the classes and drop precedence produces the following twelve dscp encodings from af11 through af43 the decimal equivalent is listed in brackets 62
- Assured forwarding af phb for diffserv 62
- Chapter 7 route 62
- Nxc cli reference guide 62
- Table 23 command summary policy route continued 62
- Table 24 assured forwarding af behavior group 62
- Chapter 7 route 63
- Ip static route 63
- Nxc cli reference guide 63
- Policy route command example 63
- The following commands create two address objects tw_subnet and gw_1 and insert a policy that routes the packets with the source ip address tw_subnet and any destination ip address through the interface ge1 to the next hop router gw_1 this route uses the ip address of the outgoing interface as the matched packets source ip address 63
- The nxc has no knowledge of the networks beyond the network that is directly connected to the nxc for instance the nxc knows about network n2 in the following figure through gateway r1 however the nxc is unable to route a packet to network n3 because it doesn t know that there is a route through the same gateway r1 via gateway r2 the static routes are for you to tell the nxc about the networks beyond the network connected to the nxc directly 63
- Command to enter the configuration mode before you can use these commands 64
- Static route commands 64
- Static route commands example 64
- The following command sets a static route with ip address 10 0 0 and subnet mask 255 55 55 and with the next hop interface ge1 then use the show command to display the setting 64
- The following table describes the commands available for static route you must use the 64
- Ap management 65
- Ap management overview 65
- Hapter 65
- Ap management commands 66
- Chapter 8 ap management 66
- Command to enter the configuration mode before you can use these commands 66
- Configure termina 66
- Nxc cli reference guide 66
- Table 26 input values for general ap management commands 66
- Table 27 command summary ap management 66
- The following table describes the commands available for ap managment you must use the 66
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 66
- Chapter 8 ap management 67
- Nxc cli reference guide 67
- Table 27 command summary ap management continued 67
- Ap management commands example 68
- Chapter 8 ap management 68
- Nxc cli reference guide 68
- The following example shows you how to add an ap to the management list and then edit it 68
- Ap monitor profile commands 69
- Hapter 69
- Wireless lan profiles 69
- Wireless lan profiles overview 69
- Chapter 9 wireless lan profiles 70
- Command to enter the configuration mode before you can use these commands 70
- Configure termina 70
- Nxc cli reference guide 70
- Table 28 input values for general radio and monitor profile commands continued 70
- Table 29 command summary radio profile 70
- The following table describes the commands available for radio and monitor profile managment you must use the 70
- Chapter 9 wireless lan profiles 71
- Nxc cli reference guide 71
- Table 29 command summary radio profile continued 71
- Chapter 9 wireless lan profiles 72
- Nxc cli reference guide 72
- Table 29 command summary radio profile continued 72
- 2 g band with channel 6 channel width of 20mhz a dtim period of 2 a beacon interval of 100ms ampdu frame aggregation enabled an ampdu buffer limit of 65535 bytes an ampdu subframe limit of 64 frames amsdu frame aggregation enabled an amsdu buffer limit of 4096 block acknowledgement enabled a short guard interval an output power of 100 73
- Ap monitor profile commands example 73
- Chapter 9 wireless lan profiles 73
- Nxc cli reference guide 73
- Table 29 command summary radio profile continued 73
- The following example shows you how to set up the radio profile named radio01 activate it and configure it to use the following settings 73
- Chapter 9 wireless lan profiles 74
- It will also assign the ssid profile labled default in order to create wlan vap wlan 1 1 functionality within the radio profile 74
- Nxc cli reference guide 74
- Ssid profile commands 74
- Table 30 input values for general ssid profile commands 74
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 74
- Chapter 9 wireless lan profiles 75
- Command to enter the configuration mode before you can use these commands 75
- Configure termina 75
- Nxc cli reference guide 75
- Table 30 input values for general ssid profile commands continued 75
- Table 31 command summary ssid profile 75
- The following table describes the commands available for ssid profile managment you must use the 75
- Chapter 9 wireless lan profiles 76
- Command to enter the configuration mode before you can use these commands 76
- Configure termina 76
- Nxc cli reference guide 76
- Security profile commands 76
- Show wlan security profile all security_profile_name 76
- Ssid profile example 76
- Table 32 input values for general security profile commands 76
- Table 33 command summary security profile 76
- The following example creates an ssid profile with the name zyxel it makes the assumption that both the security profile security01 and the mac filter profile macfilter01 already exist 76
- The following table describes the commands available for security profile managment you must use the 76
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 76
- Chapter 9 wireless lan profiles 77
- Nxc cli reference guide 77
- Table 33 command summary security profile continued 77
- Chapter 9 wireless lan profiles 78
- Mac filter profile commands 78
- Nxc cli reference guide 78
- Security profile example 78
- Table 33 command summary security profile continued 78
- Table 34 input values for general mac filter profile commands 78
- The following example creates a security profile with the name security01 78
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 78
- Chapter 9 wireless lan profiles 79
- Command to enter the configuration mode before you can use these commands 79
- Configure termina 79
- Mac filter profile example 79
- Nxc cli reference guide 79
- Table 35 command summary mac filter profile 79
- The following example creates a mac filter profile with the name macfilter01 79
- The following table describes the commands available for security profile managment you must use the 79
- Hapter 81
- Rogue ap 81
- Rogue ap detection commands 81
- Rogue ap detection overview 81
- Rogue ap detection examples 82
- This example displays the rogue ap detection list 82
- This example sets the device associated with mac address 00 13 49 11 11 11 as a rogue ap and the device associated with mac address 00 13 49 11 11 22 as a friendly ap it then removes mac address from the rogue ap list with the assumption that it was misidentified 82
- Chapter 10 rogue ap 83
- Nxc cli reference guide 83
- Rogue ap containment overview 83
- These commands enable rogue ap containment you can use them to isolate a device that is flagged as a rogue ap they are global in that they apply to all managed aps on the network all aps utilize the same containment list but only aps set to monitor mode can actively engage in containment of rogue aps this means if we add a mac address of a device to the containment list then every ap on the network will respect it 83
- This example shows both the status of rogue ap detection and the summary of detected aps 83
- This example shows the combined rogue and friendly ap detection list 83
- This example shows the friendly ap detection list 83
- Containing a rogue ap means broadcasting unviable login data at it preventing legitimate wireless clients from connecting to it this is a kind of denial of service attack 84
- Rogue ap containment commands 84
- Rogue ap containment example 84
- Hapter 85
- Wireless frame capture 85
- Wireless frame capture commands 85
- Wireless frame capture overview 85
- Chapter 11 wireless frame capture 86
- Command to enter the configuration mode before you can use these commands 86
- Configure termina 86
- Nxc cli reference guide 86
- Table 41 command summary wireless frame capture 86
- The following table describes the commands available for wireless frame capture you must use the 86
- This example configures the wireless frame capture parameters for an ap located at ip address 192 68 86
- This example shows frame capture status and configuration 86
- Wireless frame capture examples 86
- Dcs commands 87
- Dcs overview 87
- Dynamic channel selection 87
- Hapter 87
- Chapter 12 dynamic channel selection 88
- Dcs examples 88
- Nxc cli reference guide 88
- Table 43 command summary dcs continued 88
- This example creates a dcs configuration 88
- This example displays the dcs configuration created in the previous example 88
- Hapter 89
- Wireless load balancing 89
- Wireless load balancing commands 89
- Wireless load balancing overview 89
- Chapter 13 wireless load balancing 90
- Note this parameter has been optimized for the nxc and should not be changed unless you have been specifically directed to do so by zyxel support 90
- Nxc cli reference guide 90
- Table 44 command summary load balancing continued 90
- Chapter 13 wireless load balancing 91
- Nxc cli reference guide 91
- The following example shows you how to configure ap load balancing in by station mode the maximum number of stations is set to 1 91
- The following example shows you how to configure ap load balancing in by traffic mode the traffic level is set to low and disassociate station is enabled 91
- Wireless load balancing examples 91
- Hapter 93
- Zones overview 93
- Chapter 14 zones 94
- Nxc cli reference guide 94
- Table 45 input values for zone commands 94
- Table 46 zone commands 94
- The following commands add ethernet interfaces ge1 and ge2 to zone a and block intra zone traffic 94
- The following table describes the values required for many zone commands other values are discussed with the corresponding commands s 94
- This table lists the zone commands 94
- Zone command examples 94
- Zone commands summary 94
- Alg introduction 95
- Hapter 95
- Alg commands 96
- Chapter 15 alg 96
- Command to enter the configuration mode before you can use these commands 96
- Commands you must use the 96
- Configure terminal 96
- Nxc cli reference guide 96
- Table 47 alg commands 96
- The following table lists the 96
- Alg commands example 97
- Chapter 15 alg 97
- Nxc cli reference guide 97
- The following example turns on pass through for sip and turns it off for h 23 97
- Firewall 99
- Firewall overview 99
- Hapter 99
- Chapter 16 firewall 100
- Command to enter the configuration mode before you can use these commands 100
- Configure termina 100
- Firewall commands 100
- For example if you want to allow a specific user from any computer to access one zone by logging in to the nxc you can set up a rule based on the user name only if you also apply a schedule to the firewall rule the user can only access the network at the scheduled time a user aware firewall rule is activated whenever the user logs in to the nxc and will be disabled after the user logs out of the nxc 100
- Nxc cli reference guide 100
- Table 48 input values for general firewall commands 100
- Table 49 command summary firewall 100
- The following table describes the commands available for the firewall you must use the 100
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 100
- Your customized rules take precedence and override the nxc s default settings the nxc checks the schedule user name user s login name on the nxc source ip address destination ip address and ip protocol type of network traffic against the firewall rules in the order you list them when the traffic matches a rule the nxc takes the action specified in the rule 100
- Chapter 16 firewall 101
- Nxc cli reference guide 101
- Table 49 command summary firewall continued 101
- Chapter 16 firewall 102
- Firewall sub commands 102
- Nxc cli reference guide 102
- Table 50 firewall sub commands 102
- The following table describes the sub commands for several firewall commands 102
- Firewall command examples 103
- Chapter 16 firewall 104
- Nxc cli reference guide 104
- Session limit commands 104
- Table 51 input values for general session limit commands 104
- The following command displays the firewall rule s including the default firewall rule that applies to the packet direction from wan to lan the firewall rule numbers in the menu are the firewall rules priority numbers in the global rule list 104
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 104
- Chapter 16 firewall 105
- Command to enter the configuration mode before you can use these commands 105
- Configure termina 105
- Nxc cli reference guide 105
- Table 52 command summary session limit 105
- The following table describes the session limit commands you must use the 105
- Application patrol 107
- Application patrol overview 107
- Hapter 107
- Aol ic 108
- Application patrol commands summary 108
- Bittorren 108
- Chapter 17 application patrol 108
- Edonke 108
- Fasttrac 108
- Gnutell 108
- Napste 108
- Nxc cli reference guide 108
- Pre defined application commands 108
- Soulseek strea 108
- Table 53 input values for application patrol commands 108
- Table 54 app commands pre defined applications 108
- The following sections list the application patrol commands 108
- The following table describes the values required for many application patrol commands other values are discussed with the corresponding commands 108
- This table lists the commands for each pre defined application 108
- Chapter 17 application patrol 109
- Nxc cli reference guide 109
- Rule commands for pre defined applications 109
- Rule sub commands 109
- Table 54 app commands pre defined applications continued 109
- Table 55 app commands rules in pre defined applications 109
- Table 56 app protocol rule sub commands 109
- The following table describes the sub commands for several application patrol rule commands note that not all rule commands use all the sub commands listed here 109
- This table lists the commands for rules in each pre defined application 109
- Chapter 17 application patrol 110
- Exception commands for pre defined applications 110
- Nxc cli reference guide 110
- Table 56 app protocol rule sub commands continued 110
- Table 57 app commands exception rules in pre defined applications 110
- This table lists the commands for exception rules for application access controls these commands are used for backward compatible only 110
- Chapter 17 application patrol 111
- Exception rule sub commands 111
- Nxc cli reference guide 111
- Table 57 app commands exception rules in pre defined applications continued 111
- Table 58 app patrol exception rule sub commands 111
- The following table describes the sub commands for several application patrol exception rule commands note that not all rule commands use all the sub commands listed here 111
- Chapter 17 application patrol 112
- Nxc cli reference guide 112
- Other application commands 112
- Other rule sub commands 112
- Rule commands for other applications 112
- Table 58 app patrol exception rule sub commands continued 112
- Table 59 app commands other applications 112
- Table 60 app commands rules in other applications 112
- Table 61 app patrol other rule sub commands 112
- The following table describes the sub commands for several application patrol other rule commands note that not all rule commands use all the sub commands listed here 112
- This table lists the commands for other applications in application patrol 112
- This table lists the commands for rules in other applications 112
- General commands for application patrol 113
- You must register for the idp apppatrol signature service at least the trial before you can use it see chapter 5 on page 35 113
- Chapter 17 application patrol 114
- Nxc cli reference guide 114
- Table 62 app commands pre defined applications continued 114
- Chapter 17 application patrol 115
- Commands 115
- General command examples 115
- Nxc cli reference guide 115
- Table 62 app commands pre defined applications continued 115
- The following examples show the information that is displayed by some of the 115
- Chapter 17 application patrol 116
- Nxc cli reference guide 116
- Chapter 17 application patrol 117
- Nxc cli reference guide 117
- Anti virus 119
- Anti virus commands 119
- Anti virus overview 119
- Hapter 119
- General anti virus commands 120
- You must register for the ant virus service before you can use it see chapter 5 on page 35 120
- Zone to zone anti virus rules 120
- Chapter 18 anti virus 121
- Nxc cli reference guide 121
- Table 65 commands for zone to zone anti virus rules continued 121
- Chapter 18 anti virus 122
- Command to enter the configuration mode before you can use these commands 122
- Configure termina 122
- Nxc cli reference guide 122
- Table 66 commands for anti virus white and black lists 122
- The following table describes the commands for configuring the white list and black list you must use the 122
- This example shows how to configure and display a wan to lan antivirus rule to scan http traffic and destroy infected files the white and black lists are ignored and zipped files are decompressed any zipped files that cannot be decompressed are not destroyed 122
- White and black lists 122
- Zone to zone anti virus rule example 122
- Chapter 18 anti virus 123
- Nxc cli reference guide 123
- Table 66 commands for anti virus white and black lists continued 123
- This example shows how to enable the white list and configure an active white list entry for files with a exe extension it also enables the black list and configure an inactive black list entry for files with a exe extension 123
- White and black lists example 123
- Chapter 18 anti virus 124
- Command to enter the configuration mode before you can use this command 124
- Configure termina 124
- Nxc cli reference guide 124
- Signature search anti virus command 124
- Signature search example 124
- Table 67 command for anti virus signature search 124
- Table 68 update signatures 124
- The following table describes the command for searching for signatures you must use the 124
- This example shows how to search for anti virus signatures with msn in the name 124
- Update anti virus signatures 124
- Use these commands to update new signatures you should have already registered for anti virus service 124
- Anti virus statistics 125
- Chapter 18 anti virus 125
- Command to enter the configuration mode before you can use these commands 125
- Configure termina 125
- Nxc cli reference guide 125
- Table 69 commands for anti virus statistics 125
- The following table describes the commands for collecting and displaying anti virus statistics you must use the 125
- These examples show how to enable disable automatic anti virus downloading schedule updates display the schedule display the update status show the new updated signature version number show the total number of signatures and show the date time the signatures were created 125
- Update signature examples 125
- Anti virus statistics example 126
- Chapter 18 anti virus 126
- Nxc cli reference guide 126
- This example shows how to collect and display anti virus statistics it also shows how to sort the display by the most common destination ip addresses 126
- General idp commands 127
- Hapter 127
- Idp activation 127
- Idp commands 127
- Overview 127
- Activate deactivate idp example 128
- Chapter 19 idp commands 128
- Global profile commands 128
- Idp profile commands 128
- Nxc cli reference guide 128
- Table 71 idp activation 128
- Table 72 global profile commands 128
- This example shows how to activate and deactivate signature based idp on the nxc 128
- This table shows the idp signature anomaly and system protect activation commands 128
- Use these commands to rename or delete existing profiles and show idp base profiles 128
- Chapter 19 idp commands 129
- Example of global profile commands 129
- Idp zone to zone rules 129
- In this example we rename an idp signature profile from old_profile to new_profile delete the bye_profile and show all base profiles available 129
- Nxc cli reference guide 129
- Table 72 global profile commands 129
- Table 73 idp zone to zone rule commands 129
- Use the following rules to apply idp profiles to specific directions of packet travel 129
- Editing creating idp signature profiles 130
- You cannot change the base profile later 130
- Editing creating anomaly profiles 131
- You cannot change the base profile later 131
- Chapter 19 idp commands 132
- Nxc cli reference guide 132
- Table 75 editing creating anomaly profiles continued 132
- Chapter 19 idp commands 133
- Nxc cli reference guide 133
- Table 75 editing creating anomaly profiles continued 133
- Chapter 19 idp commands 134
- Creating an anomaly profile example 134
- In this example we create a profile named test configure some settings display them and then return to global command mode 134
- Nxc cli reference guide 134
- Table 75 editing creating anomaly profiles continued 134
- Editing system protect 135
- It is recommended you use the web configurator to search for signatures 135
- Signature search 135
- Chapter 19 idp commands 136
- Nxc cli reference guide 136
- Search parameter tables 136
- Table 77 signature search command 136
- Table 78 severity platform and policy type command values 136
- The following table displays the command line severity platform and policy type equivalent values if you want to combine platforms in a search then add their respective numbers together for example to search for signatures for windows nt windows xp and windows 2000 computers then type 12 as the platform parameter 136
- Containing the text worm within the signature name with an id of 12345 has a very low severity level operates on the windows nt platform is a scan policy type dns service is enabled generates logs 137
- Custom signatures screen 137
- Idp custom signatures 137
- Signature search example 137
- The following table displays the command line service and action equivalent values if you want to combine services in a search then add their respective numbers together for example to search for signatures for dns finger and ftp services then type 7 as the service parameter 137
- This example command searches for all signatures in the lan_idp profile 137
- Use these commands to create a new signature or edit an existing one 137
- Custom signature examples 138
- You must use the web configurator to import a custom signature file 138
- Chapter 19 idp commands 139
- Nxc cli reference guide 139
- This example shows you how to display custom signature details 139
- This example shows you how to edit a custom signature 139
- Chapter 19 idp commands 140
- Nxc cli reference guide 140
- This example shows you how to display custom signature contents 140
- This example shows you how to display all details of a custom signature 141
- This example shows you how to display the number of custom signatures on the nxc 141
- Update idp signatures 141
- Use these commands to update new signatures you register for idp service before you can update idp signatures although you do not have to register in order to update system protect signatures 141
- You must use the web configurator to import a custom signature file 141
- Chapter 19 idp commands 142
- Command to enter the configuration mode before you can use these commands 142
- Configure termina 142
- Idp statistics 142
- Nxc cli reference guide 142
- Table 81 update signatures 142
- Table 82 commands for idp statistics 142
- The following table describes the commands for collecting and displaying idp statistics you must use the 142
- These examples show how to enable disable automatic idp downloading schedule updates display the schedule display the update status show the new updated signature version number show the total number of signatures and show the date time the signatures were created 142
- Update signature examples 142
- Chapter 19 idp commands 143
- Idp statistics example 143
- Nxc cli reference guide 143
- Table 82 commands for idp statistics continued 143
- This example shows how to collect and display idp statistics it also shows how to sort the display by the most common signature name source ip address or destination ip address 143
- Device ha 145
- Device ha overview 145
- Hapter 145
- Active passive mode device ha 146
- Before you begin 146
- General device ha commands 146
- Subscribe to services on the backup nxc before synchronizing it with the master nxc 146
- Active passive mode device ha commands 147
- Chapter 20 device ha 147
- Commands 147
- Device h 147
- If a backup takes over for the master it uses the master s ip addresses these ip addresses are know as the virtual router ip addresses each interface can also have a management ip address you can connect to this ip address to manage the nxc regardless of whether it is the master or the backup 147
- Nxc cli reference guide 147
- Table 84 input values for device ha commands 147
- Table 85 device ha ap mode commands 147
- The following sections list the 147
- The following table identify the values required for many of these commands other input values are discussed with the corresponding commands 147
- This table lists the commands for configuring active passive mode device ha 147
- Virtual router and management ip addresses 147
- Chapter 20 device ha 148
- Nxc cli reference guide 148
- Table 85 device ha ap mode commands continued 148
- Active passive mode device ha command example 149
- Chapter 20 device ha 149
- Nxc cli reference guide 149
- Table 85 device ha ap mode commands continued 149
- This example configures a nxc to be a master nxc for active passive mode device ha there is a management ip address of 192 68 on lan1 wan1 and lan1 are monitored the synchronization password is set to mysyncpassword 149
- Hapter 151
- User account overview 151
- User group 151
- User types 151
- Chapter 21 user group 152
- Commands 152
- Commands other input values are discussed with the corresponding commands 152
- Nxc cli reference guide 152
- Table 87 username groupname command input values 152
- Table 88 username groupname commands summary users 152
- The first table lists the commands for users 152
- The following sections list the 152
- The following table identify the values required for many 152
- User commands 152
- User group commands summary 152
- Username groupnam 152
- Chapter 21 user group 153
- Nxc cli reference guide 153
- Table 88 username groupname commands summary users continued 153
- Table 89 username groupname commands summary groups 153
- Table 90 username groupname commands summary settings 153
- This table lists the commands for groups 153
- This table lists the commands for user settings except for forcing user authentication 153
- User group commands 153
- User setting commands 153
- Chapter 21 user group 154
- Nxc cli reference guide 154
- Table 90 username groupname commands summary settings continued 154
- The following commands show the current settings for the number of simultaneous logins 154
- User setting command examples 154
- Additional user command examples 155
- Additional user commands 155
- Chapter 21 user group 155
- Nxc cli reference guide 155
- Table 91 username groupname commands summary additional 155
- The following commands display the users that are currently logged in to the nxc and forces the logout of all logins from a specific ip address 155
- This table lists additional commands for users 155
- Chapter 21 user group 156
- Nxc cli reference guide 156
- The following commands display the users that are currently locked out and then unlocks the user who is displayed 156
- Captive portal 157
- Captive portal commands 157
- Captive portal overview 157
- Hapter 157
- Captive portal sub commands 158
- Chapter 22 captive portal 158
- Nxc cli reference guide 158
- Table 92 captive portal commands continued 158
- Table 93 captive portal policy sub commands 158
- The following table describes the sub commands for several captive portal policy commands note that not all rule commands use all the sub commands listed here 158
- Chapter 22 captive portal 159
- Nxc cli reference guide 159
- Table 93 captive portal policy sub commands continued 159
- Address overview 161
- Addresses 161
- Hapter 161
- Address commands summary 162
- Address object commands 162
- Chapter 23 addresses 162
- Nxc cli reference guide 162
- Table 94 input values for address commands 162
- Table 95 address object commands address objects 162
- The following sections list the address object and address group commands 162
- The following table describes the values required for many address object and address group commands other values are discussed with the corresponding commands 162
- This table lists the commands for address objects 162
- Address group commands 163
- Address object command examples 163
- Chapter 23 addresses 163
- Nxc cli reference guide 163
- Table 96 object group commands address groups 163
- The following example creates three address objects and then deletes one 163
- This table lists the commands for address groups 163
- Address group command examples 164
- Chapter 23 addresses 164
- Nxc cli reference guide 164
- The following commands create three address objects a0 a1 and a2 and add a1 and a2 to address group rd 164
- Hapter 165
- Service object commands 165
- Services 165
- Services commands summary 165
- Services overview 165
- Chapter 24 services 166
- Nxc cli reference guide 166
- Service group commands 166
- Service object command examples 166
- Table 98 service object commands service objects continued 166
- Table 99 object group commands service groups 166
- The first table lists the commands for service groups 166
- The following commands create four services displays them and then removes one of them 166
- Chapter 24 services 167
- Nxc cli reference guide 167
- Service group command examples 167
- Table 99 object group commands service groups continued 167
- The following commands create service icmp_echo create service group sg1 and add icmp_echo to sg1 167
- Hapter 169
- Schedule commands summary 169
- Schedule overview 169
- Schedules 169
- Chapter 25 schedules 170
- Nxc cli reference guide 170
- Schedule command examples 170
- Table 101 schedule commands 170
- The following commands create recurring schedule schedule1 and one time schedule schedule2 and then delete schedule1 170
- The following table lists the schedule commands 170
- Aaa server 171
- Aaa server overview 171
- Authentication server command summary 171
- Hapter 171
- Aaa group server ad 172
- Aaa group server ad commands 172
- Chapter 26 aaa server 172
- Commands you use to configure a group of ad servers 172
- Note you can not delete a server group that is currently in use 172
- Nxc cli reference guide 172
- Table 102 aaa group server ad commands 172
- The following table lists the 172
- Aaa group server ldap 173
- Aaa group server ldap commands 173
- Chapter 26 aaa server 173
- Commands you use to configure a group of ldap servers 173
- Note you can not delete a server group that is currently in use 173
- Nxc cli reference guide 173
- Table 102 aaa group server ad commands continued 173
- Table 103 aaa group server ldap commands 173
- The following table lists the 173
- Aaa group server radius 174
- Aaa group server radius commands 174
- Chapter 26 aaa server 174
- Commands you use to configure a group of radius servers 174
- Note you can not delete a server group that is currently in use 174
- Nxc cli reference guide 174
- Table 103 aaa group server ldap commands continued 174
- Table 104 aaa group server radius commands 174
- The following table lists the 174
- Aaa group server command example 175
- Chapter 26 aaa server 175
- Nxc cli reference guide 175
- Table 104 aaa group server radius commands continued 175
- The following example creates a radius server group with two members and sets the secret key to 12345678 and the timeout to 100 seconds then this example also shows how to view the radius group settings 175
- Aaa authentication commands 177
- Authentication objects 177
- Authentication objects overview 177
- Hapter 177
- Aaa authentication command example 178
- Chapter 27 authentication objects 178
- Note you must specify at least one member for each profile each type of member can only be used once in a profile 178
- Nxc cli reference guide 178
- Table 105 aaa authentication commands continued 178
- The following example creates an authentication profile to authentication users using the ldap server group and then the local user database 178
- Chapter 27 authentication objects 179
- Command you use to teat a user account on an authentication server 179
- Ip address 172 6 0 port 389 base dn dc zyxel dc com bind dn zyxel engineerabc password abcdefg login name attribute samaccountname 179
- Nxc cli reference guide 179
- Table 106 test aaa command 179
- Test a user account command example 179
- Test aa 179
- Test aaa command 179
- The following example shows how to test whether a user account named userabc exists on the ad authentication server which uses the following settings 179
- The following table lists the 179
- The result shows the account exists on the ad server otherwise the nxc returns an error 179
- Certificate commands 181
- Certificates 181
- Certificates commands input values 181
- Certificates overview 181
- Hapter 181
- Certificates commands summary 182
- Chapter 28 certificates 182
- Command to enter the configuration mode to be able to use these commands 182
- Configure termina 182
- Nxc cli reference guide 182
- Table 107 certificates commands input values continued 182
- Table 108 ca commands summary 182
- The following table lists the commands that you can use to display and manage the nxc s summary list of certificates and certification requests you can also create certificates or certification requests use the 182
- Chapter 28 certificates 183
- Nxc cli reference guide 183
- Table 108 ca commands summary continued 183
- Certificates commands examples 184
- Chapter 28 certificates 184
- Nxc cli reference guide 184
- The following example creates a self signed x 09 certificate with ip address 10 8 as the common name it uses the rsa key type with a 512 bit key then it displays the list of local certificates finally it deletes the pkcs12request certification request 184
- Customizing the www login page 185
- Hapter 185
- System 185
- System overview 185
- Chapter 29 system 186
- Color rgb enter red green and blue values in parenthesis and separate by commas for example use rgb 0 0 0 for black color name enter the name of the desired color color number enter a pound sign followed by the six digit hexadecimal number that represents the desired color for example use 000000 for black 186
- Command to enter the configuration mode before you can use these commands 186
- Configure termina 186
- Figure 16 access page customization 186
- Logo title 186
- Message color of all text 186
- Note message last line of text 186
- Nxc cli reference guide 186
- Table 109 command summary customization 186
- The following table describes the commands available for customizing the web configurator login screen and the page that displays after an access user logs into the web configurator to access network services like the internet you must use the 186
- Window background 186
- You can specify colors in one of the following ways 186
- Chapter 29 system 187
- Command to enter the configuration mode before you can use these commands 187
- Configure termina 187
- For effective scheduling and logging the nxc system time must be accurate the nxc s real time chip rtc keeps track of the time and date there is also a software mechanism to set the time manually or get the current time and date from an external server 187
- Host name commands 187
- Nxc cli reference guide 187
- Table 109 command summary customization continued 187
- Table 110 command summary host name 187
- The following table describes the commands available for the hostname and domain name you must use the 187
- Time and date 187
- Command to enter the configuration mode before you can use these commands 188
- Date time commands 188
- The following table describes the commands available for date and time setup you must use the 188
- Command to enter the configuration mode before you can use these commands 189
- Console port speed 189
- Dns commands 189
- Dns domain name system is for mapping a domain name to its corresponding ip address and vice versa the dns server is extremely important because without it you must know the ip address of a machine before you can access it 189
- Dns overview 189
- The following table describes the commands available for dns you must use the 189
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 189
- This section shows you how to set the console port speed when you connect to the nxc via the console port using a terminal emulation program the following table describes the console port commands you must use the 189
- Chapter 29 system 190
- Dns command example 190
- Nxc cli reference guide 190
- Table 114 command summary dns continued 190
- This command sets an a record that specifies the mapping of a fully qualified domain name www abc com to an ip address 210 7 3 190
- Hapter 191
- Remote management limitations 191
- Remote management overview 191
- System remote management 191
- System timeout 191
- Chapter 30 system remote management 192
- Command to enter the configuration mode before you can use these commands 192
- Common system command input values 192
- Configure termina 192
- Defaul 192
- Http https commands 192
- Nxc cli reference guide 192
- Table 115 input values for general system commands 192
- Table 116 command summary http https 192
- The following table describes the commands available for http https you must use the 192
- The following table identifies the values required for many of these commands other input values are discussed with the corresponding commands 192
- Chapter 30 system remote management 193
- Http https command examples 193
- Nxc cli reference guide 193
- Table 116 command summary http https continued 193
- This following example adds a service control rule that allowed an administrator from the computers with the ip addresses matching the marketing address object to access the wan zone using http service 193
- Chapter 30 system remote management 194
- Command to enter the configuration mode before you can use these commands 194
- Configure termina 194
- Defaul 194
- Nxc cli reference guide 194
- Requirements for using ssh 194
- Ssh commands 194
- Ssh implementation on the nxc 194
- Table 117 command summary ssh 194
- The following table describes the commands available for ssh you must use the 194
- This command sets an authentication method used by the http https server to authenticate the client s 194
- This following example sets a certificate named mycert used by the https server to authenticate itself to the ssl client 194
- Unlike telnet or ftp which transmit data in clear text ssh secure shell is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network 194
- You must install an ssh client program on a client computer windows or linux operating system that is used to connect to the nxc over ssh 194
- Your nxc supports ssh versions 1 and 2 using rsa authentication and four encryption methods aes 3des archfour and blowfish the ssh server is implemented on the nxc for remote management on port 22 by default 194
- Chapter 30 system remote management 195
- Nxc cli reference guide 195
- Ssh command examples 195
- Table 117 command summary ssh continued 195
- Telnet 195
- This command sets a certificate default to be used to identify the nxc 195
- This command sets a service control rule that allowed the computers with the ip addresses matching the specified address object to access the specified zone using ssh service 195
- You can configure your nxc for remote telnet access 195
- Chapter 30 system remote management 196
- Command to enter the configuration mode before you can use these commands 196
- Configure termina 196
- Nxc cli reference guide 196
- Table 118 command summary telnet 196
- Telnet commands 196
- Telnet commands examples 196
- The following table describes the commands available for telnet you must use the 196
- This command displays telnet settings 196
- This command sets a service control rule that allowed the computers with the ip addresses matching the specified address object to access the specified zone using telnet service 196
- Command to enter the configuration mode before you can use these commands 197
- Configuring ftp 197
- Ftp commands 197
- Ftp commands examples 197
- The following table describes the commands available for ftp you must use the 197
- This command sets a service control rule that allowed the computers with the ip addresses matching the specified address object to access the specified zone using ftp service 197
- You can upload and download the nxc s firmware and configuration files using ftp to use this feature your computer must have an ftp client 197
- Chapter 30 system remote management 198
- Nxc cli reference guide 198
- Simple network management protocol is a protocol used for exchanging management information between network devices your nxc supports snmp agent functionality which allows a manager station to manage and monitor the nxc through the network the nxc supports snmp version one snmpv1 and version two snmpv2c 198
- Snmp traps 198
- Supported mibs 198
- Table 120 snmp traps 198
- The nxc supports mib ii that is defined in rfc 1213 and rfc 1215 the nxc also supports private mibs aat private lol mib to collect information about cpu and memory usage the focus of the mibs is to let administrators collect statistical data and monitor status and performance you can download the nxc s mibs from www zyxel com 198
- The nxc will send traps to the snmp manager when any one of the following events occurs 198
- This command displays ftp settings 198
- Command to enter the configuration mode before you can use these commands 199
- Snmp commands 199
- The following table describes the commands available for snmp you must use the 199
- Access 200
- Command to enter the configuration mode before you can use these commands 200
- Language commands 200
- Snmp commands examples 200
- The following command sets a service control rule that allowed the computers with the ip addresses matching the specified address object to access the specified zone using snmp service 200
- The following command sets the ip address of the host that receives the snmp notifications to 172 3 5 4 and the password sent with each trap to qwerty 200
- The following command sets the password secret for read write 200
- Use the language commands to display what language the web configurator is using or change it you must use the 200
- Configuration files and shell scripts overview 201
- File directories 201
- File manager 201
- Hapter 201
- Chapter 31 file manager 202
- Comments in configuration files or shell scripts 202
- Figure 17 configuration file shell script example 202
- In a configuration file or shell script use or as the first character of a command line to have the nxc treat the line as a comment 202
- Nxc cli reference guide 202
- Table 124 configuration files and shell scripts in the nxc 202
- These files have the same syntax which is also identical to the way you run cli commands manually an example is shown below 202
- While configuration files and shell scripts have the same syntax the nxc applies configuration files differently than it runs shell scripts this is explained below 202
- You have to run the example in table 17 on page 202 as a shell script because the first command is run in privilege mode if you remove the first command you have to run the example as a configuration file because the rest of the commands are executed in configuration mode see section 1 on page 16 for more information about cli modes 202
- Your configuration files or shell scripts can use exit or a command line consisting of a single to have the nxc exit sub command mode 202
- Errors in configuration files or shell scripts 203
- Exit or must follow sub commands if it is to make the nxc exit sub command mode 203
- Nxc configuration file details 203
- Configuration file flow at restart 204
- File manager commands input values 204
- Chapter 31 file manager 205
- File manager commands summary 205
- Nxc cli reference guide 205
- Table 126 file manager commands summary 205
- The following table lists the commands that you can use for file management 205
- Chapter 31 file manager 206
- Command line ftp file upload 206
- Connect to the nxc 2 enter bin to set the transfer mode to binary 3 you can upload the firmware after you log in through ftp to upload other files use cd to change to the corresponding directory 4 use put to transfer files from the computer to the nxc 206
- File manager command example 206
- For example in the conf directory use put config conf today conf to upload the configuration file config conf to the nxc and rename it today conf put 1 0 xl bin transfers the firmware 1 0 xl bin to the nxc 206
- Ftp file transfer 206
- Nxc cli reference guide 206
- Table 126 file manager commands summary continued 206
- This example saves a back up of the current configuration before applying a shell script file 206
- You can use ftp to transfer files to and from the nxc for advanced maintenance and support 206
- Command line ftp configuration file upload example 207
- Command line ftp file download 207
- The firmware update can take up to five minutes do not turn off or reset the nxc while the firmware update is in progress if you lose power during the firmware upload you may need to refer to section 31 on page 209 to recover the firmware 207
- Uploading a custom signature file named custom rules overwrites all custom signatures on the nxc 207
- Boot module 208
- Chapter 31 file manager 208
- Command line ftp configuration file download example 208
- Figure 19 ftp configuration file download example 208
- Figure 20 nxc file usage at startup 208
- Firmware 208
- Nxc cli reference guide 208
- Nxc file usage at startup 208
- Recovery image 208
- The boot module performs a basic hardware test you cannot restore the boot module if it is damaged the boot module also checks and loads the recovery image the nxc notifies you if the recovery image is damaged 2 the recovery image checks and loads the firmware the nxc notifies you if the firmware is damaged 208
- The following example gets a configuration file named today conf from the nxc and saves it on the computer as current conf 208
- The nxc uses the following files at system startup 208
- Do not press any keys at this point wait to see what displays next 209
- Notification of a damaged recovery image or firmware 209
- Restoring the recovery image 210
- You only need to use the atuk or atur command if the recovery image is damaged 210
- You only need to use this section if you need to restore the recovery image 210
- Restoring the firmware 212
- This section is not for normal firmware uploads you only need to use this section if you need to recover the firmware 212
- Restoring the default system database 214
- This procedure requires the nxc s default system database file download the firmware package from www zyxel com and unzip it the default system database file uses a db extension for example 1 1 xl c0 db do the following after you have obtained the default system database file 215
- Using the atkz u debug command 216
- You only need to use the atkz u command if the default system database is damaged 216
- Hapter 219
- Log commands summary 219
- Chapter 32 logs 220
- Log entries commands 220
- Nxc cli reference guide 220
- System log commands 220
- Table 128 logging commands log entries 220
- Table 129 logging commands system log settings 220
- This table lists the commands for the system log settings 220
- This table lists the commands to look at log entries 220
- Chapter 32 logs 221
- Debug log commands 221
- Nxc cli reference guide 221
- System log command examples 221
- Table 130 logging commands debug log settings 221
- The following command displays the current status of the system log 221
- This table lists the commands for the debug log settings 221
- Chapter 32 logs 222
- E mail profile log commands 222
- Nxc cli reference guide 222
- Table 131 logging commands remote syslog server settings 222
- Table 132 logging commands e mail profile settings 222
- This table lists the commands for the e mail profile settings 222
- This table lists the commands for the remote syslog server settings 222
- Chapter 32 logs 223
- Console port log commands 223
- E mail profile command examples 223
- Nxc cli reference guide 223
- Table 132 logging commands e mail profile settings continued 223
- Table 133 logging commands console port settings 223
- The following commands set up e mail log 1 223
- This table lists the commands for the console port settings 223
- Access point logging commands 224
- For the purposes of this device s cli access points are referred to as wtps 224
- Chapter 32 logs 225
- Nxc cli reference guide 225
- Table 134 logging commands access point settings continued 225
- Hapter 227
- Report commands 227
- Report commands summary 227
- Reports and reboot 227
- Chapter 33 reports and reboot 228
- Nxc cli reference guide 228
- Report command examples 228
- Session commands 228
- Table 136 session commands 228
- The following commands start collecting data display the traffic reports and stop collecting data 228
- This table lists the command to display the current sessions for debugging or statistical analysis 228
- Chapter 33 reports and reboot 229
- Command to enter the configuration mode before you can use these commands 229
- Configure termina 229
- Email daily report commands 229
- Nxc cli reference guide 229
- Table 137 input values for email daily report commands 229
- Table 138 email daily report commands 229
- The following table identifies the values used in some of these commands other input values are discussed with the corresponding commands 229
- Use these commands to have the nxc e mail you system statistics every day you must use the 229
- Chapter 33 reports and reboot 230
- Nxc cli reference guide 230
- Table 138 email daily report commands continued 230
- Chapter 33 reports and reboot 231
- Email daily report example 231
- Nxc cli reference guide 231
- This example sets the nxc to send a daily report e mail 231
- Chapter 33 reports and reboot 232
- Command to restart the device 232
- Command to save the configuration before you reboot otherwise the changes are lost when you reboot 232
- If you made changes in the cli you have to use the 232
- Nxc cli reference guide 232
- Reboot 232
- This displays the email daily report settings and has the nxc send the report now 232
- Use the 232
- Use this to restart the device for example if the device begins behaving erratically 232
- Hapter 233
- Session timeout 233
- Diagnosis commands 235
- Diagnosis commands example 235
- Diagnostics 235
- Hapter 235
- Hapter 237
- Maintenance tools 237
- Chapter 36 maintenance tools 238
- Note if you have existing capture files you may need to set this size larger or delete existing capture files 238
- Nxc cli reference guide 238
- Table 141 maintenance tools commands in privilege mode continued 238
- Chapter 36 maintenance tools 239
- Command examples 239
- Nxc cli reference guide 239
- Some packet trace command examples are shown below 239
- Chapter 36 maintenance tools 240
- Here are maintenance tool commands that you can use in configure mode 240
- Ip address any host ip any host port any then you do not need to configure this setting file suffix example file size 10000 byes 240
- Nxc cli reference guide 240
- Packet capture command example 240
- Table 142 maintenance tools commands in configuration mode 240
- The following example creates an arp table entry for ip address 192 68 0 and mac address 01 02 03 04 05 06 then it shows the arp table and finally removes the new entry 240
- The following examples show how to configure packet capture settings and perform a packet capture first you have to check whether a packet capture is running this example shows no other packet capture is running then you can also check the current packet capture settings 240
- Then configure the following settings to capture packets going through the nxc s wan1 interface only this means you have to remove lan2 and wan2 from the iface list 240
- Chapter 36 maintenance tools 241
- Check current packet capture status and list all packet captures the nxc has performed 241
- Duration 150 seconds 241
- Exit the sub command mode and have the nxc capture packets according to the settings you just configured 241
- Manually stop the running packet capturing 241
- Nxc cli reference guide 241
- You can use ftp to download a capture file open and study it using a packet analyzer tool for example ethereal or wireshark 241
- Hapter 243
- Hardware watchdog timer 243
- Software watchdog timer 243
- Watchdog timer 243
- App watchdo 244
- Application watchdog 244
- Chapter 37 watchdog timer 244
- Command to enter the configuration mode to be able to use these commands 244
- Commands use the 244
- Configure termina 244
- Nxc cli reference guide 244
- Table 144 software watchdog timer commands continued 244
- Table 145 app watchdog commands 244
- The application watchdog has the system restart a process that fails these are the 244
- Application watchdog commands example 245
- Chapter 37 watchdog timer 245
- Nxc cli reference guide 245
- The following example displays the application watchdog configuration and lists the processes that the application watchdog is monitoring 245
- List of commands 247
- Nxc cli reference guide 247
- This section lists the root commands in alphabetical order 247
- List of commands 248
- Nxc cli reference guide 248
- List of commands 249
- Nxc cli reference guide 249
- List of commands 250
- Nxc cli reference guide 250
- List of commands 251
- Nxc cli reference guide 251
- List of commands 252
- Nxc cli reference guide 252
- List of commands 253
- Nxc cli reference guide 253
- List of commands 254
- Nxc cli reference guide 254
- List of commands 255
- Nxc cli reference guide 255
- List of commands 256
- Nxc cli reference guide 256
- List of commands 257
- Nxc cli reference guide 257
- List of commands 258
- Nxc cli reference guide 258
- List of commands 259
- Nxc cli reference guide 259
- List of commands 260
- Nxc cli reference guide 260
- List of commands 261
- Nxc cli reference guide 261
Похожие устройства
- HP 1405-5 v2 switch, j9791a Инструкция по эксплуатации
- Zyxel NWA3000-N series Инструкция по эксплуатации
- Zyxel NWA3000-N series Технические характеристики
- HP probook 4540s, h5j04ea Инструкция по эксплуатации
- HP envy dv6-7263er, c5u12ea Инструкция по эксплуатации
- Zyxel NWA5123-NI Инструкция по эксплуатации
- Zyxel NWA5123-NI Инструкция по установке
- Zyxel NWA5123-NI Технические характеристики
- HP in-ear headphone h1000 Инструкция по эксплуатации
- HP probook 4540s, h4r27es Инструкция по эксплуатации
- Zyxel NWA5121-NI Инструкция по эксплуатации
- Zyxel NWA5121-NI Инструкция по установке
- Zyxel NWA5121-NI Технические характеристики
- HP webcam hd 2300 Инструкция по эксплуатации
- Zyxel NWA5121-N Инструкция по эксплуатации
- Zyxel NWA5121-N Инструкция по установке
- Zyxel NWA5121-N Технические характеристики
- HP pavilion 15-n071sr, f4b06ea Инструкция по эксплуатации
- HP pavilion 15-n067sr, f2v33ea Инструкция по эксплуатации
- Zyxel NWA5301-NJ Инструкция по эксплуатации