[Top] [Table Of Contents] [Prev] [Next] [Index]
This chapter describes how to use the command line interface for global configuration. Detailed command definitions follow a command summary table. Detailed command definitions and summary tables are also provided for RADIUS, ChoiceNet, and SNMP configuration commands.
The command line interface can be used to configure global settings, allowing you to set default and alternate hosts, set gateways and metrics, set the name service used by the PortMaster, and set the administrative password of the PortMaster.
To display information about your configuration, use the following global commands:
Table 3-1 contains the global configuration commands that affect the entire PortMaster.
These commands are used to configure everything on the PortMaster except for interfaces, routing protocols, and tables.
set assigned_address
This command sets the base IP address of the assigned address pool.
set assigned_address Ipaddress
The PortMaster allocates a pool of addresses starting at the assigned base address and counting up. The total number of addresses is equal to the number of ports configured for network dial-in. If someone dials in and requests an unused address from the pool, that is assigned. If someone dials in and requests any address, the next address from the pool is assigned. If someone disconnects, their address is placed at the end of the pool for reuse.
Note ¯ 
You must use the command save all and reboot the PortMaster after setting or changing the base IP address.
Command> set assigned 172.16.200.220
First Assigned address changed from 0.0.0.0 to 172.16.200.220
set pool - page 3-17
set user destination - page 13-6
set call-check
This command provides the choice of supporting or disabling the call-check feature on PortMaster products that support ISDN PRI or in-band signaling.
set call-check on|off
Caution ¯ 
To support the call-check feature, you must configure RADIUS Call-Check-User entries; otherwise, the PortMaster issues a busy signal to every call.
For more information about enabling RADIUS call-check features, refer to ComOS 3.8 Release Notes.
ComOS 3.8 and later supports the call-check feature to enable services without authenticating the user at the point of entry. This feature is useful when you want to provide guest access or establish tunnels based on dial number information services. Call checking can be done against the calling number ID (CNID) or calling line ID (CLID) or both. The RADIUS attributes are Called-Station-Id and Calling-Station-Id, respectively.
If the call-check feature is set to on, the PortMaster sends a ringing message to the switch while the service information is being looked up in RADIUS.
RADIUS either rejects the message with a busy signal, acknowledges the call and allows the call to be completed with no special service type determined during the call, or, allows the creation of a netdata clear channel TCP connection to the destination specified in the RADIUS accept record.
Command> set call-check on
Call Check changed from off to on
Command> show global
Alt. Acct. Server: 0.0.0.0
PPP Authentication: PAP: on CHAP: off
ISDN Switch Type: (Call Check Enabled)
End Point Disc: None
set chap
This command provides the choice of supporting or disabling the Challenge Handshake Authentication Protocol (CHAP) authentication for dial-in users.
set chap on|off
If you do not want to support CHAP authentication, you must set CHAP to off. With both PAP and CHAP off, the only authentication method allowed is a username-password login.
Command> set chap off
CHAP authentication changed from on to off
set location chap - page 14-8
set pap - page 3-15
show global - page 2-27
set dhcp-server
This command configures a PortMaster to forward a Dynamic Host Configuration Protocol (DHCP) request from a dial-in client of a cable modem to be forwarded to the specified DHCP server.
set dhcp-server Ipaddress
In ComOS version 3.7.2 and later, this command is used to support Cable Modem Telephone Return Interface Specification (CMTRIS) developed by Multimedia Cable Network System (MCNS) Partners Limited. This specification requires that a cable modem using the telephone interface as an upstream channel be able to request and receive the cable interface address and configuration information using a DHCP request.
ComOS modifies the received DHCP request by removing the broadcast address and replacing it with the DHCP server's address. This enables the DHCP server to direct the response to the dial-in client of the cable modem. The DHCP server sends configuration information to the dial-in client of the cable modem to be used to configure the cable interface.
ComOS does not add routes to its table when forwarding or returning DHCP requests. It transparently forwards and returns DHCP requests from dial-in clients to the specified server.
For more information about using this command, refer to the PortMaster Configuration Guide.
To view DHCP relaying information, use the command set console, followed by the command set debug 0x81.
To disable DHCP reply information, set the IP address to 0.0.0.0.
Note ¯ 
This command does not support DHCP requests from the Ethernet or requests from a PortMaster 2Ei or Office Router OR-U.
Note ¯ 
The PortMaster router does not allow for the forwarding of a packet to the broadcast address 255.255.255.255.
set console - page 2-19
set debug Hex - page 17-5
set domain
This command sets the domain name to use with hostname lookups.
set domain String|none
Enter the domain name of your network in this command, after you have selected Network Information Service (NIS) or Domain Name System (DNS) as your name service and have set a name server address.
Command> set domain edu.edu
Domain changed from to edu.edu
set namesvc - page 3-13
set nameserver - page 3-12
set ipx
This command enables or disables PortMaster support for the Novell Internet Packet Exchange (IPX) protocol.
set ipx on|off
To enable support for IPX, you must use this command. After changing the IPX setting, you must use the save all command and reboot the PortMaster before the change takes effect.
Command> set ipx on
IPX will be enabled after next reboot
set Ether0 ipxframe - page 4-7
set Ether0 ipxnet - page 4-8
set location ipxnet - page 14-14
set S0 ipxnet - page 5-26
set W1 ipxnet - page 6-14
show modules - page 2-31
set ipxgateway
This command sets a static default route for all IPX packets not routed by a more specific route.
set ipxgateway Network|Node Metric
When troubleshooting IPX routing problems, you can reset the IPX gateway be resetting the network and node numbers to zeros. For more information on troubleshooting IPX routing problems, refer to the PortMaster Troubleshooting Guide.
Command> set ipxgateway tyche:010101010101 1
IPX Gateway set to tyche:010101010101, metric = 1
Command> set ipxgateway 00000000:000000000000
IPX gateway reset
set loghost
This command sets the IP address or name of the host to which the PortMaster sends syslog messages.
set loghost Ipaddress
Informational syslog messages are sent to the host with the following defaults:
Command> set loghost 192.168.200.2
Loghost changed from 0.0.0.0 to 192.168.200.2
set syslog - page 3-20
set maximum pmconsole
This command sets the maximum number of concurrent connections for management applications allowed into the PortMaster.
set maximum pmconsole Number
The programs PMVision, ChoiceNet, pmconsole, pminstall, pmreadconf, pmreadpass, pmcommand, pmreset, and other applications connect to TCP port 1643 on the PortMaster. If you set the maximum number of connections to 2 or higher, more than one program can connect at the same time.
If you use ChoiceNet to download filters dynamically, the maximum number of connections should be set to 10.
Note ¯ 
If two or more GUIs are used to configure the PortMaster at the same time, each might not see the change made by the others.
All 1643 network connections must disconnect from the PortMaster for the new settings to take effect. Use the reset nHandle command to reset network handles. To view open network connections, use the show netconns command.
Command> set maximum pmconsole 2
set serial-admin - page 3-19
set telnet - page 3-22
set nameserver
This command sets the name server IP address.
set nameserver [1|2] Ipaddress
This command sets the server used for DNS or NIS hostname lookups. Setting Ipaddress to 0.0.0.0 cancels the setting.
Command> set nameserver 172.16.200.2
Name Server changed from 0.0.0.0 to 172.16.200.2
set domain - page 3-7
set namesvc - page 3-13
set namesvc
This command sets the service (NIS or DNS) used for resolving hostnames.
set namesvc dns|nis
A name service should be selected only if users are prompted for hosts that require a name service for resolution to an IP address, or to display hostnames instead of addresses in the administrative command line interface. If the service is set to DNS, the PortMaster sends DNS server information to PPP dial-in users as specified in RFC 1877.
Command> set namesvc dns
Name Service changed from NIS to DNS
set domain - page 3-7
set nameserver - page 3-12
set netbios
This command sets the NetBIOS parameter for use with IPX.
set netbios on|off
Full NetBIOS protocol compliance requires that this command be set to on. The PortMaster then propagates and forwards type 20 broadcast packets across your IPX network. Be aware of this behavior before changing from the default of netbios off.
Command> set netbios on
NetBIOS changed from off to on
set ipx - page 3-8
set pap
This command provides the choice of accepting either Password Authentication Protocol (PAP) or CHAP authentication for dial-in users, or CHAP only.
set pap on|off
With PAP set to off, the default is to support CHAP. If you do not want to support CHAP authentication, you must disable CHAP (see page 3-5).
Command> set pap off
PAP authentication changed from on to off
set chap - page 3-5
show global - page 2-27
set password
This command sets the PortMaster administrative password.
set password [Password]
When shipped, the PortMaster has no password. You must enter a password to protect the PortMaster administrative features. Using the command set password without a Password value erases the administrative password.
The password string cannot start with a question mark.
Command> set password supercalifragil
!root password changed from to supercalifragil
set pool
This command explicitly sets the size of the assigned pool of IP addresses.
set pool Number
After you set or change the pool size of IP addresses, you must reboot the PortMaster for the change to take effect.
Command> set pool 12
Assigned address pool size changed from 0 to 12
set assigned-address - page 3-3
set pots
This command enables or disables the analog PHONE port on the Office Router
OR-ST-AP and OR-U-AP.
set pots [on|off
]
To receive data over voice (DOV) calls on the OR-ST-AP or the OR-U-AP units, you must set the PHONE port to off.
To display the status of the analog PHONE port, enter the command set pots with no parameters.
Command> set pots off
Pots port disabled
Command> set pots on
Pots port enabled
set reported_ip
This command reports an IP address different from the Ether0 address used during PPP negotiation and Serial Line Internet Protocol (SLIP) startup.
set reported_ip Ipaddress
The IP address of any PortMaster device can be used with this command. This feature is valuable for sites that require a number of PortMaster devices to appear as a single IP address to other networks. With PPP, this information is placed in the startup message, and the PortMaster devices report this address to other networks. With SLIP, this information is placed in the startup message.
Setting Ipaddress to 0.0.0.0 cancels the setting.
Command> set reported_ip 172.16.200.1
Reported IP address changed from 0.0.0.0 to 172.16.200.1
set Ether0 address - page 4-3
set user local-ip-address - page 13-14
set serial-admin
This command enables or disables administrative logins on the serial ports of the PortMaster.
set serial-admin on|off
If administrative logins-!root-are disabled, you can still use port S0 (or C0) for !root login by setting the console DIP switch to the up position.
Command> set serial-admin off
Serial Administration changed from on to off
set syslog
This command changes the syslog settings for logged events.
set syslog Logtype {[disabled] [Facility.Priority]}
The keywords to use for Facility and Priority are shown in Table 3-2 and Table 3-3. Lucent recommends that you use the auth facility or local0 through local7 facilities for receiving syslog messages from PortMaster products, but all the facilities listed in Table 3-2 are provided. See your operating system documentation for information on configuring syslog on your host.
syslog Facility Keywords
syslog Priority Keywords
Command> set syslog commands local0.debug
Syslog setting for commands changed from disabled to local0.debug
set loghost - page 3-10
set telnet
This command sets the Telnet administrative port.
set telnet Tport
This command allows the administrator to use the Telnet protocol to maintain the PortMaster. The value is a number from 0 to 65535. If set to 0, the PortMaster disables the Telnet administration function. Ports numbered 10000 through 10100 are reserved for outbound users and should not be used for this function.
Command> set telnet 23
Setting Telnet Administration port to 23
set maximum pmconsole - page 3-11
set serial-admin - page 3-19
telnet - page 2-41
show pots
This command displays the status of the analog PHONE port and the B channel associated with it.
show pots
This command is supported on the Office Routers OR-U-AP and OR-ST-AP.
set pots - page 3-17
The RADIUS commands in Table 3-4 configure the PortMaster to use a RADIUS server. RADIUS is consulted if a port is set for security on and a user is not found in the PortMaster user table.
The following commands configure the PortMaster as a RADIUS client. For RADIUS server configuration information, see the RADIUS Administrator's Guide.
set accounting
This command designates a host as the primary or alternate RADIUS accounting server.
set accounting [1|2] Ipaddress [Uport]
You can designate both primary and alternate RADIUS accounting servers. The accounting server daemon must be present on the host before the RADIUS accounting server will function correctly.
Note ¯ 
Do not assign the authentication server and the alternate authentication server to the same IP address.
A PortMaster uses one of the following criteria to determine whether to send accounting packets to a secondary accounting server instead of the primary accounting server:
Command> set accounting 10.0.0.3
Accounting Server changed from 0.0.0.0 1646 to 10.0.0.3 1646
Command> set accounting 10.0.0.3 1813
Accounting Server changed from 10.0.0.3 1646 to 10.0.0.3 1813
Command> set accounting 2 10.0.0.4 1813
Alternate Accounting Server changed from 0.0.0.0 1646 to 10.0.0.4 1813
set authentication_server - page 3-27
set secret - page 3-28
set alternate_auth_server
This command sets the alternate RADIUS authentication server, which is used if the primary server does not respond.
set alternate_auth_server Ipaddress [Uport]
This address must be different from that of the primary RADIUS authentication server.
Command> set alternate 10.0.0.4
Alternate Authentication Server changed from 0.0.0.0 1645 to 10.0.0.4 1645
Command> set alternate 10.0.0.4 1812
Alternate Authentication Server changed from 10.0.0.4 1645 to 10.0.0.4 1812
set authentication_server - page 3-27
set authentication_server
This command sets the primary RADIUS authentication server.
set authentication_server Ipaddress
[Uport]
For more information about setting up a RADIUS authentication server, refer to the RADIUS Administrator's Guide.
Command> set authentication 10.0.0.3
Authentication Server changed from 0.0.0.0 1645 to 10.0.0.3 1645
Command> set authentication 10.0.0.3 1812
Authentication Server changed from 10.0.0.3 1645 to 10.0.0.3 1812
set accounting - page 3-24
set alternate_auth_server - page 3-26
set secret - page 3-28
set S0 security - page 5-42
set secret
This command sets the RADIUS shared secret.
set secret String
This value functions as the user's password in a RADIUS Access-Request, and must match the secret used by the RADIUS server.
Command> set secret expli7%QZixZZy7
Authentication Secret successfully changed
set authentication_server - page 3-27
set S0 security - page 5-42
The ChoiceNet commands in Table 3-5 configure the PortMaster to use a ChoiceNet server.
The following commands configure the PortMaster as a ChoiceNet client. For ChoiceNet server configuration, see the ChoiceNet Administrator's Guide.
set choicenet
This command designates a host as the primary or alternate ChoiceNet server.
set choicenet [1|2] Ipaddress [Uport]
You can designate both primary and alternate ChoiceNet servers, but do not set them to the same IP address.
Command> set choicenet 10.0.0.5
ChoiceNet Server changed from 0.0.0.0 1647 to 10.0.0.5 1647
Command> set choicenet 10.0.0.5 6047
ChoiceNet Server changed from 10.0.0.5 1647 to 10.0.0.5 6047
This command sets the ChoiceNet secret.
set choicenet-secret String
The shared secret is used to authenticate communications between the PortMaster and the ChoiceNet server.
Command> set choicenet-secret vizkaRg76poj
ChoiceNet Secret successfully changed
set choicenet - page 3-29
The commands in Table 3-6 allow you to configure the PortMaster as a Simple Network Management Protocol (SNMP) agent. Use SNMP writes only if you understand the risks involved.
add snmphost
This command allows you to control SNMP security by specifying the addresses of the read or write hosts that are permitted to access SNMP information.
add snmphost reader|writer any|none|Ipaddress
The specification of read and write hosts allows another level of security beyond the community strings. If SNMP hosts are specified, each host wanting to access SNMP information must possess the correct community string and must also be on the read or write host list.
Command> add snmphost reader 192.168.1.99
New SNMP reader 192.168.1.99 successfully added
Command> add snmphost writer none
delete snmp host - page 3-33
save snmp - page 3-34
set snmp - page 3-35
show table snmp - page 3-38
clear alarm
This command deletes recorded instances of SNMP traps-notifications of certain events.
clear alarm Alarm-id|all
A recorded instance of an alarm remains unless you use the command clear alarm.
Examples
show alarms - page 3-37
delete snmphost
This command deletes read or write hosts that are allowed to access SNMP information.
delete snmphost reader|writer Ipaddress
Command> delete snmphost reader 192.168.1.99
SNMP reader 192.168.1.99 successfully deleted
add snmphost - page 3-31
save snmp
This command saves the settings of the SNMP parameters in the SNMP table.
save snmp
This command writes the SNMP table settings to the nonvolatile RAM of the PortMaster. You can also use save all.
Command> save snmp
SNMP table successfully saved
set snmp - page 3-35
set snmp
This command allows you to enable or disable PortMaster support for SNMP monitoring.
set snmp on|off
To enable support for SNMP, you must use set snmp on.
Note ¯ 
After enabling or disabling SNMP, you must use the save snmp or save all command and reboot the PortMaster before the change takes effect.
Command> set snmp on
SNMP will be enabled after next reboot
add snmphost - page 3-31
save snmp - page 3-34
show modules - page 2-31
show table snmp - page 3-38
set snmp readcommunity|writecommunity
This command sets the read and write community strings used for SNMP security.
set snmp readcommunity|writecommunity String
Note ¯ 
Use of the default write community string (private) is strongly discouraged. Because it is the default, it is known to all users and therefore provides no security. You should use some other value for the write community string.
Community strings allow you to control access to the Management Information Base (MIB) information on selected SNMP devices (such as the PortMaster).
A host must know the read community string to read the MIB information, and must know the write community string to set information on the SNMP agent.
Command> set snmp read public
SNMP read community changed to: public
add snmphost - page 3-31
save snmp - page 3-34
set snmp - page 3-35
show table snmp - page 3-38
show alarms
This command displays instances of SNMP traps-notifications of certain events-that have occurred.
show alarms|[Alarm-id]
An alarm is an instance of a trap. The command show alarms generates a list of all traps that have occurred-except for recurring traps which are summarized and identified by an asterisk (*). If SNMP is enabled and a reader is specified, the reader receives traps for PRI, modem, T1 expansion card, and BRI failures.
clear alarm - page 3-32
show table snmp
This command shows the settings in the SNMP table.
show table snmp
The SNMP table is used to check the settings for the SNMP read and write communities, which should be set so that configuration information is not changed by unauthorized users.
Command> show table snmp
SNMP Readers (public): Any
SNMP Writers (private): None
save snmp - page 3-34
set snmp - page 3-35
[Top] [Table Of Contents] [Prev] [Next] [Index]
spider@livingston.com
Copyright © 1998, Lucent Technologies. All rights
reserved.
You must use the command save all and reboot PortMaster after making changes to the loghost address. You can also use the reset nHandle command to reset the UDP port 514 connection.
Do not use a loghost at a location configured for on-demand connections, because doing so will keep the connection up or bring up the connection each time a syslog message is queued for the syslog host.