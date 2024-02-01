On This Page
UI Commands
This section displays all the relevant commands used to manage CLI session terminal.
cli clear-history
|
cli clear-history
Clears the command history of the current user.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # cli clear-history
|
Related Commands
|
show cli
|
Notes
cli default
|
cli default {auto-logout <minutes> | paging enable | prefix-modes {enable | show-config} | progress enable | prompt {confirm-reload | confirm-reset | confirm-unsaved | empty-password}}
no cli default {auto-logout | paging enable | prefix-modes {enable | show-config} | progress enable prompt {confirm-reload | confirm-reset | confirm-unsaved | empty-password}
Configures default CLI options for this session only.
The no form of the command deletes or disables the default CLI options.
|
Syntax Description
|
auto-logout
|
Configures keyboard inactivity timeout for automatic logout. Range is 0-35791 minutes. Setting the value to 0 or using the no form of the command disables the auto-logout.
|
paging enable
|
Enables text viewing one screen at a time.
|
prefix-modes {enable | show-config}
|
Configures the prefix modes feature of CLI.
|
progress enable
|
Enables progress updates.
|
prompt confirm-reload
|
Prompts for confirmation before rebooting.
|
prompt confirm-reset
|
Prompts for confirmation before resetting to factory state.
|
prompt confirm-unsaved
|
Confirms whether or not to save unsaved changes before rebooting.
|
prompt empty-password
|
Prompts for a password if none is specified in a pseudo-URL for SCP.
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # cli default prefix-modes enable
|
Related Commands
|
show cli
|
Notes
cli max-sessions
|
cli max-sessions <number>
no cli max-sessions
Configures the maximum number of simultaneous CLI sessions allowed.
The no form of the command resets this value to its default.
|
Syntax Description
|
number
|
Range: 3-30
|
Default
|
30 sessions
|
Configuration Mode
|
config
|
History
|
3.5.0200
|
Example
|
switch (config) # cli max-sessions 40
|
Related Commands
|
show terminal
|
Notes
cli session
|
cli session {auto-logout <minutes> | paging enable | prefix-modes enable | progress enable | terminal {length <size> | resize | type <terminal-type> | width} | x-display full <display>}
no cli session {auto-logout | paging enable | prefix-modes enable | progress enable | terminal type | x-display}
Configures CLI options for this session only.
The no form of the command deletes or disables the CLI sessions.
|
Syntax Description
|
minutes
|
Configures keyboard inactivity timeout for automatic logout.
Range: 0-35791 minutes
Setting the value to 0 or using the no form of the command disables the auto logout.
|
paging enable
|
Enables text viewing one screen at a time.
|
prefix-modes enable
|
Configures the prefix modes feature of CLI and enables prefix modes for current session.
|
progress enable
|
Enables progress updates.
|
terminal length
|
Sets the number of lines for the current terminal.
Range: 5-999
|
terminal resize
|
Resizes the CLI terminal settings (to match the actual terminal window).
|
terminal-type
|
Sets terminal type. Valid options are:
|
terminal width
|
Sets the width of the terminal in characters.
Range: 34-999
|
x-display full <display>
|
Specifies the display as a raw string (e.g. localhost:0.0).
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.8.2100: Removed "prefix-modes show-config" option and terminal type vt320
|
Example
|
switch (config) # cli session auto-logout
|
Related Commands
|
show terminal
|
Notes
|
The "minutes" attribute can be configured from the CLI shell only.
terminal
|
terminal {length <number of lines> | resize | type <terminal type> | width <number of characters>}
no terminal type
Configures default CLI options for this session only.
The no form of the command clears the terminal type.
|
Syntax Description
|
length
|
Sets the number of lines for this terminal.
Range: 5-999
|
resize
|
Resizes the CLI terminal settings (to match with real terminal).
|
type
|
Sets the terminal type.
Possible values: ansi, console, dumb, linux, screen, vt52, vt100, vt102, vt220, xterm.
|
width
|
Sets the width of this terminal in characters.
Range: 34-999
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # terminal length 500
|
Related Commands
|
show terminal
|
Notes
terminal sysrq enable
|
terminal sysrq enable
no terminal sysrq enable
Enable SysRq over the serial connection (RS232 or Console port).
The no form of the command disables SysRq over the serial connection (RS232 or Console port).
|
Syntax Description
|
N/A
|
Default
|
Disabled
|
Configuration Mode
|
config
|
History
|
3.4.3000
3.9.3100: Updated command to be disabled by default
|
Example
|
switch (config) # terminal sysrq enable
|
Related Commands
|
show terminal
|
Notes
show cli
|
show cli
Displays the CLI configuration and status.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.1.0000
|
Example
|
switch (config) # show cli
|
Related Commands
|
cli default
|
Notes
show cli max-sessions
|
show cli max-sessions
Displays maximum number of sessions.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.5.0200
|
Example
|
switch (config) # show cli max-sessions
Maximum number of CLI sessions: 5
|
Related Commands
|
Notes
show cli num-sessions
|
show cli num-sessions
Displays current number of sessions.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.5.0200
|
Example
|
switch (config) # show cli num-sessions
Current number of CLI sessions: 40
|
Related Commands
|
Notes
Banner
banner login
|
banner login <string>
no banner login
Sets the CLI welcome banner message.
The no form of the command resets the system login banner to its default.
|
Syntax Description
|
N/A
|
Default
|
MLNX-OS Switch Management
|
Configuration Mode
|
Any command mode
|
History
|
3.5.0200
|
Example
|
switch (config) # banner login Example
|
Related Commands
|
show banner
|
Notes
|
If more than one word is used (there is a space) quotation marks should be added (i.e., “xxxx xxxx”).
banner login-local
|
banner login-local <string>
no banner login-local
Sets system login local banner.
The no form of the command resets the banner to its default value.
|
Syntax Description
|
N/A
|
Default
|
""
|
Configuration Mode
|
Any command mode
|
History
|
3.1.0000
3.5.0200: Added the no form of the command
|
Example
|
switch (config) # banner login-local Example
|
Related Commands
|
show banner
|
Notes
|
banner login-remote
|
banner login-remote <string>
no banner login-remote
Sets system login remote banner.
The no form of the command resets the banner to its default value.
|
Syntax Description
|
string
|
Text string
|
Default
|
""
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.5.0200: Added the no form of the command
|
Example
|
switch (config) # banner login-remote Example
|
Related Commands
|
show banner
|
Notes
|
banner logout
|
banner logout <string>
no banner logout
Sets system logout banner (for both local and remote logins).
The no form of the command resets the banner to its default value.
|
Syntax Description
|
string
|
Text string
|
Default
|
""
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.5.0200: Added the no form of the command
|
Example
|
switch (config) # banner logout Example
|
Related Commands
|
show banner
|
Notes
|
If more than one word is used (there is a space) quotation marks should be added (i.e., “xxxx xxxx”).
banner logout-local
|
banner logout-local <string>
no banner logout-local
Sets system logout local banner.
The no form of the command resets the banner to its default value.
|
Syntax Description
|
string
|
Text string
|
Default
|
""
|
Configuration Mode
|
config
|
History
|
3.5.0200
|
Example
|
switch (config) # banner logout-local Example
|
Related Commands
|
show banner
|
Notes
|
banner logout-remote
|
banner logout-remote <string>
no banner logout-remote
Sets system logout remote banner.
The no form of the command resets the banner to its default value.
|
Syntax Description
|
string
|
Text string
|
Default
|
""
|
Configuration Mode
|
config
|
History
|
3.5.0200
|
Example
|
switch (config) # banner logout-remote Example
|
Related Commands
|
show banner
|
Notes
|
banner motd
|
banner motd <string>
no banner motd
Configures the message of the day banner.
The no form of the command resets the system Message of the Day banner.
|
Syntax Description
|
string
|
Text string
|
Default
|
NVIDIA Switch
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # banner motd “My Banner”
|
Related Commands
|
show banner
|
Notes
|
show banner
|
show banner
Sets system logout remote banner.
The no form of the command resets the banner to its default value.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
3.5.0200
|
Updated example
|
3.6.6000
|
Updated example
|
3.9.3200
|
Updated example
|
Example
|
switch (config) # show banner Banners: Message of the Day (MOTD):
NVIDIA MLNX-OS Switch Management
Logout: Goodbye
|
Related Commands
|
banner login banner login-local banner login-remote banner logout banner logout-local banner logout-remote banner motd
|
Notes
SSH
ssh server enable
|
ssh server enable
no ssh server enable
Enables the SSH server.
The no form of the command disables the SSH server.
|
Syntax Description
|
N/A
|
Default
|
SSH server is enabled
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server enable
|
Related Commands
|
show banner
|
Notes
|
Disabling SSH server does not terminate existing SSH sessions, it only prevents new ones from being established.
ssh server host-key
|
ssh server host-key {<key-type> {private-key <private-key>| public-key <public-key>} | generate}
Configures host keys for SSH.
|
Syntax Description
|
key-type
|
|
private-key
|
Sets new private-key for the host keys of the specified type.
|
public-key
|
Sets new public-key for the host keys of the specified type.
|
generate
|
Generates new RSA and DSA host keys for SSH.
|
Default
|
SSH keys are locally generated
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.4.2300: Added notes
3.9.0300: Removed RSAv1
3.9.1000: Added a note
|
Example
|
switch (config) # ssh server host-key dsa2 private-key
|
Related Commands
|
show banner
|
Notes
|
RSA2 and a DSA2 host keys are generated by default. The RSA2 key can be used as SSH server and client, while DSA2 key can only be used as SSH client.
When the switch is a server, use RSA key to connect to the NVIDIA Onyx device.
When the switch is a client (e.g. downloading image or uploading logs), RSA key is recommended. DSA key is only for legacy devices and has been deprecated by OpenSSH starting with the 7.0 release.
ssh server listen
|
ssh server listen {enable | interface <inf>}
no ssh server listen {enable | interface <inf>}
Enables the listen interface restricted list for SSH. If enabled, and at least one non-DHCP interface is specified in the list, the SSH connections are only accepted on those specified interfaces.
The no form of the command disables the listen interface restricted list for SSH. When disabled, SSH connections are not accepted on any interface.
|
Syntax Description
|
enable
|
Enables SSH interface restrictions on access to this system.
|
interface
|
Adds interface to SSH server access restriction list. Possible interfaces are “lo”, and “mgmt0”.
|
Default
|
SSH listen is enabled
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server listen enable
|
Related Commands
|
show ssh server
|
Notes
ssh server login attempts
|
ssh server login attempts <number>
no ssh server login attempts
Configures maximum login attempts on SSH server.
The no form of the command resets the login attempts value to its default.
|
Syntax Description
|
number
|
Range: 3-100 attempts
|
interface
|
Adds interface to SSH server access restriction list. Possible interfaces are “lo”, and “mgmt0”.
|
Default
|
6 attempts
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.5.1000: Increased minimum number of attempts
3.9.0900: Added notes
|
Example
|
switch (config) # ssh server login attempts 5
|
Related Commands
|
show ssh server
|
Notes
|
ssh server login timeout
|
ssh server login timeout <time>
no ssh server login timeout
Configures login timeout on SSH server.
The no form of the command resets the timeout value to its default.
|
Syntax Description
|
time
|
Range: 1-600 seconds
|
Default
|
120 seconds
|
Configuration Mode
|
config
|
History
|
3.5.0200
|
Example
|
switch (config) # ssh server login timeout 130
|
Related Commands
|
show ssh server
|
Notes
ssh server login record-period
|
ssh server login record-period <days> no ssh server login record-period
Configures the amount of days for counting the number of successful logins.
The no form of the command disabled this function.
|
Syntax Description
|
Days
|
Range: 1-30 days
Default: 1 day
|
Default
|
Disabled
|
Configuration Mode
|
config
|
History
|
3.9.0300
3.9.0500: Changed "SSH server login record-period" default value to 1 day
|
Example
|
switch (config) # ssh server login record-period 1
|
Related Commands
|
show ssh server login record-period show ssh server
|
Notes
ssh server min-version
|
ssh server min-version <version>
no ssh server min-version
Sets the minimum version of the SSH protocol that the server supports.
The no form of the command resets the minimum version of SSH protocol supported.
|
Syntax Description
|
version
|
Possible versions are 1 and 2
|
Default
|
2
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server min-version 2
|
Related Commands
|
show ssh server
|
Notes
ssh server ports
|
ssh server ports {<port1> [<port2>...]}
Specifies which ports the SSH server listens on.
|
Syntax Description
|
port
|
Port number between [1-65535]
|
Default
|
22
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server ports 22
|
Related Commands
|
show ssh server
|
Notes
|
ssh server security strict
|
ssh server ports {<port1> [<port2>...]}
Enables strict security settings.
The no form of the command disables strict security settings.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.3.5060
3.6.4000
3.9.0300: Updated notes
|
Example
|
switch (config) # ssh server security strict
|
Related Commands
|
show ssh server
|
Notes
|
The following ciphers are disabled for SSH when strict security is enabled:
ssh server security strict
|
ssh server tcp-forwarding enable
Enables TCP port forwarding.
The no form of the command disables TCP port forwarding.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server tcp-forwarding enable
|
Related Commands
|
show ssh server
|
Notes
ssh server x11-forwarding
|
ssh server x11-forwarding enable
no ssh server x11-forwarding enable
Enables X11 forwarding on the SSH server.
The no form of the command disables X11 forwarding.
|
Syntax Description
|
N/A
|
Default
|
Disabled
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh server x11-forwarding enable
|
Related Commands
|
Notes
ssh client global
|
ssh client global {host-key-check <policy>} | known-host <known-host-entry>}
no ssh client global {host-key-check | known-host localhost}
Configures global SSH client settings.
The no form of the command negates global SSH client settings.
|
Syntax Description
|
host-key-check <policy>
|
Sets SSH client configuration to control how host key checking is performed. This parameter may be set in 3 ways.
|
known-host
|
Adds an entry to the global known-hosts configuration file
|
known-host-entry
|
Adds/removes an entry to/from the global known-hosts configuration file. The entry consist of “<IP> <key-type> <key>”.
|
Default
|
host-key-check – ask, no keys are configured by default
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh client global host-key-check no
|
Related Commands
|
show ssh client
|
Notes
ssh client user
|
ssh client user <username> {authorized-key sshv2 <public key> | identity <key type> {generate | private-key [<private key>] | public-key [<public key>]} | known-host <known host> remove}
no ssh client user admin {authorized-key sshv2 <public key ID> | identity <key type>}
Adds an entry to the global known-hosts configuration file, either by generating new key, or by adding manually a public or private key.
The no form of the command removes a public key from the specified user's authorized key list, or changes the key type.
|
Syntax Description
|
username
|
The specified user must be a valid account on the system. Possible values for this parameter are “admin”, “monitor”, “xmladmin”, and “xmluser”.
|
authorized-key sshv2 <public key>
|
Adds the specified key to the list of authorized SSHv2 RSA or DSA public keys for this user account. These keys can be used to log into the user's account.
|
identity <key type>
|
Sets certain SSH client identity settings for a user, dsa2 or rsa2.
|
generate
|
Generates SSH client identity keys for specified user.
|
private-key
|
Sets private key SSH client identity settings for the user.
|
public-key
|
Sets public key SSH client identity settings for the user.
|
known-host <known host> remove
|
Removes host from user's known host file.
|
Default
|
No keys are created by default
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # ssh client user admin known-host 172.30.1.116 remove
|
Related Commands
|
show ssh client
|
Notes
|
If a key is being pasted from a cut buffer and was displayed with a paging program, it is likely that newline characters have been inserted, even if the output was not long enough to require paging. One can specify “no cli session paging enable” before running the “show” command to prevent the newlines from being inserted.
slogin
|
slogin [<slogin options>] <hostname>
Invokes the SSH client. The user is returned to the CLI when SSH finishes.
|
Syntax Description
|
slogin options
|
-p
-c
-L
-l
-m
-R
-o
-1
-2
-4
-6
-g
-q
-V
-v
-x
-X
-Y
-y
-a
-A
|
-o flags (option allowed flags):
AdressFamily
BatchMode
CheckHostIP
Cipher
Ciphers
ConnectTimeout
ForwardAgent
ForwardX11
ForwardX11Trusted
HostKeyAlgorithms
KexAlgorithms
LogLevel
MACs
Port
PubkeyAcceptedKeyTypes
PubkeyAuthentication
StrictHostKeyChecking
TCPKeepAlive
User
VerifyHostKeyDNS
|
vrf_name
|
There are no restrictions on the VRF name, as long as the VRF exists in the switch.
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.10.1000: Updated the slogin options
|
Example
|
switch (config) # slogin 192.168.10.70
|
Related Commands
|
Notes
|
For more information about slogin options see the following: linux.die.net/man/1/ssh
show ssh client
|
show ssh client
Displays the client configuration of the SSH server.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.1.0000
|
Example
|
switch (config) # show ssh client
|
Related Commands
|
Notes
show ssh server
|
show ssh server
Displays SSH server configuration.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.1.0000
3.4.0000: Updated example
3.5.0200: Added SSH login timeout and max attempts
3.6.6000: Updated example
3.9.0300: Updated example—removed RSA v1 and added SSH server login record-period
3.9.0500: Changed "SSH server login record-period" default period to 1 day
|
Example
|
switch (config) # show ssh server
|
Related Commands
|
Notes
show ssh server host-keys
|
show ssh server host-keys
Displays SSH host key configuration.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.1.0000
3.6.6000: Updated example
3.9.0300: Updated example—removed RSA v1
|
Example
|
switch (config) # show ssh server host-keys
|
Related Commands
|
ssh server host-keys
|
Notes
show ssh server login record-period
|
show ssh server login record-period
Displays the amount of days for counting the number of successful logins.(Default: 30 days)
|
Syntax Description
|
N/A
|
Default
|
Disabled
|
Configuration Mode
|
Any command mode
|
History
|
3.9.0300
3.9.0500: Changed "SSH server login record-period" default value to 1 day
|
Example
|
switch (config) # show ssh server login record-period
SSH server login record-period: 1
|
Related Commands
|
ssh server login record-period
|
Notes
Remote Login
telnet
|
telnet
Logs into another system using telnet.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # telnet
telnet>
|
Related Commands
|
telnet-server
|
Notes
telnet-server enable
|
telnet-server enable
no telnet-server enable
Enables the telnet server.
The no form of the command disables the telnet server.
|
Syntax Description
|
N/A
|
Default
|
Telnet server is disabled
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # telnet-server enable
|
Related Commands
|
telnet-server
show telnet-server
|
Notes
show telnet-server
|
show telnet-server
Displays telnet server settings.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # show telnet-server
|
Related Commands
|
telnet-server
show telnet-server
|
Notes
web auto-logout
|
web auto-logout <mins>
no web auto-logout <mins>
Configures length of user inactivity before auto-logout of a web session.
The no form of the command disables the web auto-logout (web sessions will never logged out due to inactivity).
|
Syntax Description
|
mins
|
The length of user inactivity in minutes
"0" disables the inactivity timer (same as a “no web auto-logout” command)
|
Default
|
60 minutes
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web auto-logout 60
|
Related Commands
|
show web
|
Notes
|
The no form of the command does not automatically log users out due to inactivity.
web cache-enable
|
web cache-enable
no web cache-enable
Enables web clients to cache web pages.
The no form of the command disables web clients from caching web pages.
|
Syntax Description
|
N/A
|
Default
|
Enabled
|
Configuration Mode
|
config
|
History
|
3.4.1100
|
Example
|
switch (config) # no web cache-enable
|
Related Commands
|
show web
|
Notes
web client cert-verify
|
web client cert-verify
no web client cert-verify
Enables verification of server certificates during HTTPS file transfers.
The no form of the command disables verification of server certificates during HTTPS file transfers.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.2.3000
|
Example
|
switch (config) # web client cert-verify
|
Related Commands
|
Notes
web client ca-list
|
web client ca-list {<ca-list-name> | default-ca-list | none}
no web client ca-list
Configures supplemental CA certificates for verification of server certificates during HTTPS file transfers.
The no form of the command uses no supplemental certificates.
|
Syntax Description
|
ca-list-name
|
Specifies CA list to configure
|
default-ca-list
|
Configures default supplemental CA certificate list
|
none
|
Uses no supplemental certificates
|
Default
|
default-ca-list
|
Configuration Mode
|
config
|
History
|
3.2.3000
|
Example
|
switch (config) # web client ca-list default-ca-list
|
Related Commands
|
Notes
web enable
|
web enable
no web enable
Enables the web-based management console.
The no form of the command disables the web-based management console.
|
Syntax Description
|
N/A
|
Default
|
enable
|
Configuration Mode
|
config
|
History
|
3.1.0000
3.8.1000—Added note
|
Example
|
switch (config) # web enable
|
Related Commands
|
show web
|
Notes
|
Disabling WebUI or HTTPS blocks connected LCD tablet display of CS8500 modular switch.
web http
|
web http {enable | port <port-number> | redirect}
no web http {enable | port | redirect}
Configures HTTP access to the web-based management console.
The no form of the command negates HTTP settings for the web-based management console.
|
Syntax Description
|
enable
|
Enables HTTP access to the web-based management console.
|
port-number
|
Sets a port for HTTP access.
|
redirect
|
Enables redirection to HTTPS. If HTTP access is enabled, this specifies whether a redirect from the HTTP port to the HTTPS port should be issued to mandate secure HTTPS access.
|
Default
|
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web http enable
|
Related Commands
|
show web
web enable
|
Notes
|
Enabling HTTP is meaningful if the WebUI as a whole is enabled
web httpd
|
web httpd listen {enable | interface <ifName>}
no web httpd listen {enable | interface <ifName>}
Enables the listen interface restricted list for HTTP and HTTPS.
The no form of the command disables the HTTP server listen ability.
|
Syntax Description
|
enable
|
Enables Web interface restrictions on access to this system.
|
interface <ifName>
|
Adds interface to Web server access restriction list (i.e., mgmt0, mgmt1).
|
Default
|
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web httpd listen enable
|
Related Commands
|
show web
web enable
|
Notes
|
If enabled, and if at least one of the interfaces listed is eligible to be a listen interface, then HTTP/HTTPS requests will only be accepted on those interfaces. Otherwise, HTTP/HTTPS requests are accepted on any interface.
web https
|
web https {certificate {regenerate | name | default-cert} | enable | port <port number> | ssl ciphers {all | TLS | TLS1.2}}
no web https {enable | port <port number>}
Configures HTTPS access to the web-based management console.
The no form of the command negates HTTPS settings for the web-based management console.
|
Syntax Description
|
certificate regenerate
|
Re-generates certificate to use for HTTPS connections
|
certificate name
|
Configure the named certificate to be used for HTTPS connections
|
certificate default-cert
|
Configure HTTPS to use the configured default certificate
|
enable
|
Enables HTTPS access to the web-based management console
|
port
|
Sets a TCP port for HTTPS access
|
ssl ciphers {all | TLS | TLS1.2}
|
Sets ciphers to be used for HTTPS
|
Default
|
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
3.4.0000
|
Added “ssl ciphers” parameter
|
3.4.0010
|
Added TLS parameter to “ssl ciphers”
|
3.8.1000
|
Added note
|
Example
|
switch (config) # web https enable
|
Related Commands
|
show web
web enable
|
Notes
|
web https ssl renegotiation enable
|
web https ssl renegotiation enable
no web https ssl renegotiation enable
Enables SSL renegotiation flag in httpd web server.
The no form of the command disables SSL renegotiation flag in httpd web server.
|
Syntax Description
|
N/A
|
Default
|
|
Configuration Mode
|
config
|
History
|
3.6.8008
|
Example
|
switch (config) # web https ssl renegotiation enable
|
Related Commands
|
show web
web enable
|
Notes
web https ssl secure-cookie enable
|
web https ssl secure-cookie enable
no web https ssl secure-cookie enable
Enables SSL secure-cookie flag in httpd web server.
The no form of the command disables secure-cookie flag in httpd web server.
|
Syntax Description
|
N/A
|
Default
|
Enabled
|
Configuration Mode
|
config
|
History
|
3.6.8008
|
Example
|
switch (config) # web https ssl secure-cookie enable
|
Related Commands
|
show web
web enable
|
Notes
web proxy auth authtype
|
web proxy auth authtype <auth-type>
no web proxy auth authtype
Configures type of authentication to use with web proxy.
The no form of the command resets web proxy authentication type to its default.
|
Syntax Description
|
auth-type
|
Possible values:
|
Default
|
Basic authentication settings
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web proxy auth authtype basic
|
Related Commands
|
show web
web enable
|
Notes
web proxy auth basic
|
web proxy auth basic {password <password> | username <username>}
no web proxy auth basic {password | username}
Configures HTTP basic authentication settings for proxy.
The no form of the command clears password or username configuration.
|
Syntax Description
|
password
|
Sets plaintext password for HTTP basic authentication with web proxy
|
username
|
Sets username for HTTP basic authentication with web proxy
|
Default
|
N/A
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web proxy auth basic password 57R0ngP455w0rD
|
Related Commands
|
show web
web enable
|
Notes
web session timeout
|
web session timeout <number of minutes>
Configures time after which a session expires
|
Syntax Description
|
number of minutes
|
Number of minutes
|
Default
|
2 hr 30 min
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web session timeout 180
|
Related Commands
|
Notes
web session renewal
|
web session renewal <number of minutes>
Configures time before expiration to renew a session
|
Syntax Description
|
number of minutes
|
Number of minutes
|
Default
|
30 min
|
Configuration Mode
|
config
|
History
|
3.1.0000
|
Example
|
switch (config) # web session renewal 20
|
Related Commands
|
Notes
show web
|
show web
Displays WebUI configuration.
|
Syntax Description
|
N/A
|
Default
|
N/A
|
Configuration Mode
|
Any command mode
|
History
|
3.6.6000
3.6.8008—Updated example
|
Example
|
switch (config) # show web
Web caching enabled: no
|
Related Commands
|
web auto-logout
web cache-enable
web enable
web http
web httpd
web https
web https ssl renegotiation enable
web https ssl secure-cookie enable
web proxy auth authtype
web proxy auth basic
|
Notes