- action
- attach
- attribute
- banner motd
- boot
- cd
- cdp
- clear accounting
- clear ac-driver
- clear bootvar
- clear cdp
- clear cli
- clear cores
- clear counters
- clear debug-logfile
- clear frame
- clear fs-daemon
- clear inspect
- clear install
- clear ip adjacency statistics
- clear ip arp
- clear ip arp data
- clear ip arp ethernet
- clear ip arp loopback
- clear ip arp mgmt
- clear ip arp port-channel
- clear ip arp statistics
- clear ip arp vrf
- clear ip igmp event-history
- clear ip igmp snooping
- clear ip interface
- clear ip route
- clear ip traffic
- clear ipv6 adjacency statistics
- clear ipv6 icmp interface statistics
- clear ipv6 icmp mld groups
- clear ipv6 icmp mld route
- clear ipv6 nd interface statistics
- clear line
- clear logging
- clear ntp
- clear nvram
- clear pktmgr client
- clear pktmgr interface
- clear policy-engine
- clear processes
- clear rmon
- clear role
- clear routing *
- clear routing A.B.C.D
- clear routing A.B.C.D/LEN
- clear routing event-history
- clear routing ip *
- clear routing ip A.B.C.D
- clear routing ip A.B.C.D/LEN
- clear routing ip event-history
- clear routing ip unicast
- clear routing ipv4
- clear routing ipv6
- clear routing vrf
- clear routing vrf default
- clear routing vrf management *
- clear routing vrf management
- clear routing vrf management
- clear routing vrf management ip
- clear routing vrf management ipv4
- clear routing vrf management ipv6
- clear routing vrf management unicast
- clear scheduler
- clear screen
- clear service-path
- clear snmp
- clear sockets
- clear ssh
- clear system internal ac application
- clear system internal ac ipc-stats
- clear user
- cli
- clock set
- condition
- configure
- copy bootflash:
- copy core:
- copy debug:
- copy ftp:
- copy log:
- copy modflash:
- copy nvram:
- copy running-config
- copy scp:
- copy sftp:
- copy startup-config
- copy system:
- copy tftp:
- copy volatile:
- debug logfile
- debug logging
- delete
- dir
- echo
- end
- event
- event-log service-path
- exit
- find
- gunzip
- gzip
- install
- interface
- ip
- line
- logging
- match
- mkdir (VSG)
- ntp sync-retry (VSG)
- object-group
- password strength-check
- policy
- pwd
- reload
- reload module
- restart
- rmdir (VSG)
- role
- rule
- run-script (VSG)
- send
- setup
- sleep
- snmp-server
- ssh
- ssh key
- system clis
- system cores
- system default switchport
- system hap-reset
- system health
- system heartbeat
- system internal
- system jumbomtu
- system memlog
- system memory-thresholds
- system pss
- system redundancy
- system standby
- system startup-config
- system statistics
- system switchover
- system trace
- system watchdog kdgb
- tail
- telnet
- terminal alias
- terminal color
- terminal dont-ask
- terminal edit-mode
- terminal event-manager
- terminal history
- terminal length
- terminal log-all
- terminal monitor
- terminal output
- terminal redirection-mode
- terminal session-timeout
- terminal terminal-type
- terminal tree-update
- terminal verify-only
- terminal width
- test policy-engine
- test-policy-engine simulate-pe-req policy
- traceroute
- username name password
- where
- write erase
- zone
Cisco Virtual Security Gateway Commands
This chapter provides information about Cisco Virtual Security Gateway (VSG) commands.
action
To specify the actions to be executed when traffic characteristics match with an associated rule, use the action command. To remove the binding of the action with the given rule, use the no version of this command.
action {drop | permit | log | inspection protocol-type}
Syntax Description
Command Default
None
Command Modes
Policy configuration (config-policy)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
Use the action command to specify the actions to be executed when traffic characteristics match with the associated rule. The command can be entered multiple times until the upper bound limit is reached.
Examples
This example shows how to specify that the policy is to drop packets.
vsm(config-policy)# action drop
Related Commands
|
|
|
|---|---|
rule |
Enters the rule configuration submode. |
attach
To access a module or the console of a module, use the attach command.
attach {console module module-number | module module-number}
Syntax Description
console module |
Specifies the console. |
module-number |
Module number. The range is from 1 to 66. |
module |
Specifies a module. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to attach to a module:
VSG# attach module 1
Attaching to module 1 ...
To exit type 'exit', to abort type '$.'
Cisco Nexus Operating System (NX-OS) Software
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2010, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
vsg#
Related Commands
|
|
|
|---|---|
show terminal |
Displays information about the terminal. |
attribute
To specify the particular attribute characteristics of a policy that is to be tested, use the attribute command.
attribute attr-seq-num attr-name value attr-value
Syntax Description
Command Default
None
Command Modes
Test policy-engine (test-policy-engine)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Examples
This example shows how to specify an attribute for a policy.
vsg(test-policy-engine)# attribute 1 src.vm.name value engg
vsg(test-policy-engine)# attribute 2 src.net.ip-address value 10.10.10.1
vsg(test-policy-engine)# exit
Result: DROP, Policy: p1, Rule: r1
Related Commands
|
|
|
|---|---|
test policy-engine simulate-pe-req policy |
Enters the test policy-engine submode. |
banner motd
To configure a message of the day (MOTD) banner, use the banner motd command.
banner motd [delimiting-character message delimiting-character]
no banner motd [delimiting-character message delimiting-character]
Syntax Description
Defaults
"User Access Verification" is the default message of the day.
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
The MOTD banner is displayed on the terminal before the login prompt whenever you log in.
The message is restricted to 40 lines and 80 characters per line.
To create a multiple-line MOTD banner, press Enter before typing the delimiting character to start a new line. You can enter up to 40 lines of text.
Follow these guidelines when choosing your delimiting character:
•
Do not use the delimiting-character in the message string.
•Do not use " and % as delimiter.
Examples
This example shows how to configure and then display a banner message with the text, "Testing the MOTD:"
vsg# configure
vsg(config)# banner motd #Testing the MOTD#
vsg(config)# show banner motd
Testing the MOTD
This example shows how to configure and then display a multiple-line MOTD banner:
vsg(config)# banner motd #Welcome to authorized users.
> Unauthorized access prohibited.#
vsg(config)# show banner motd
Welcome to authorized users.
Unauthorized access prohibited.
This example shows how to revert to the default MOTD banner:
vsg# configure
vsg(config)# no banner motd
vsg(config)# show banner motd
User Access Verification
Related Commands
|
|
|
|---|---|
show banner motd |
Displays the MOTD banner. |
boot
To configure boot images, use the boot command. To revert to default settings, use the no form of this command.
boot {asm-sfn | auto-copy | kickstart bootflash | ssi | system bootflash}
no boot {asm-sfn | auto-copy | kickstart bootflash | ssi | system bootflash}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to configure a boot variable:
vsg# configure
vsg(config)# boot asm-sfn bootflash module 6
Related Commands
|
|
|
|---|---|
show boot |
Displays the current boot variables. |
cd
To change to a different directory, use the cd command.
cd {bootflash: | volatile:}
Syntax Description
bootflash: |
Specifies the bootflash directory. |
volatile: |
Specifies the volatile directory. |
Defaults
bootflash:
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Use the pwd command to verify the name of the directory you are currently working in.
Examples
This example shows how to change to the volatile directory:
vsg# cd volatile
vsg#
Related Commands
|
|
|
|---|---|
pwd |
Displays the name of the directory you are currently working in. |
cdp
To configure the Cisco Discovery Protocol (CDP), use the cdp command. To remove the CDP configuration, use the no form of this command.
cdp {advertise {v1 | v2} | enable | format device-id | holdtime seconds | timer seconds}
no cdp {advertise | enable | format device-id | holdtime seconds | timer seconds}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set CDP Version 1 as the version to advertise:
vsg(config)#cdp advertise v1
This example shows how to remove CDP Version 1 as the version to advertise:
vsg(config)#no cdp advertise v1
Related Commands
|
|
|
|---|---|
show cdp global |
Displays the CDP configuration. |
clear accounting
To clear the accounting log, use the clear accounting command.
clear accounting log
Syntax Description
log |
Clears the accounting log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the accounting log:
vsg# clear accounting log
Related Commands
|
|
|
|---|---|
show accounting log |
Displays the accounting log. |
clear ac-driver
To clear Application Container (AC) driver statistics, use the clear ac-driver command.
clear ac-driver statistics
Syntax Description
statistics |
Clears AC driver statistics. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear AC driver statistics:
vsg# clear ac-driver statistics
Related Commands
|
|
|
|---|---|
show ac-driver statistics |
Displays AC driver statistics. |
clear bootvar
To clear the boot variables log, use the clear bootvar command.
clear bootvar log
Syntax Description
log |
Clears the boot variables log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the boot variables log:
vsg# clear bootvar log
Related Commands
|
|
|
|---|---|
show bootvar log |
Displays the accounting log. |
clear cdp
To clear Cisco Discovery Protocol (CDP) information, use the clear cdp command.
clear cdp {counters [interface {ethernet slot-number / port-number [. subinterface-number]}] | mgmt 0}] | table [interface {ethernet slot-number / port-number [. subinterface-number]}]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear CDP counters on all interfaces:
vsg# clear cdp counters
Related Commands
|
|
|
|---|---|
show cdp all |
Displays all interfaces that are CDP enabled. |
show cdp entry |
Displays CDP information. |
clear cli
To clear command line interface (CLI) command history, use the clear cli command.
clear cli history
Syntax Description
history |
Clears the CLI command history. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the CLI command history:
vsg# clear cli history
Related Commands
|
|
|
|---|---|
show cli history |
Displays the CLI command history. |
clear cores
To clear the core files, use the clear cores command.
clear cores [archive file file-name]
Syntax Description
archive file |
(Optional) Clears the archived core files. |
file-name |
Core filename. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all core files:
vsg# clear cores
Related Commands
|
|
|
|---|---|
show cores |
Displays the core filename. |
clear counters
To clear interface loopback counters, use the clear counters command.
clear counters [interface {all | data | ethernet slot / port [.{sub-interface}] | loopback virtual-interface-number | mgmt 0 | port-channel port-channel-number}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a counter on a specific Ethernet interface:
vsg# clear counters ethernet 2/1
Related Commands
|
|
|
|---|---|
show interface counters |
Displays the interface status, which includes the counters. |
clear debug-logfile
To clear the contents of the debug log, use the clear debug-logfile command.
clear debug-logfile log-name
Syntax Description
log-name |
Name of the debug log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the debug log:
vsg# clear debug-logfile syslog_debug
Related Commands
|
|
|
|---|---|
show debug logfile |
Displays the contents of the debug logfile. |
clear frame
To clear Layer 2 traffic statistics, use the clear frame command.
clear frame statistics
Syntax Description
statistics |
Clears Layer 2 traffic statistics. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the Layer 2 traffic statistics:
vsg# clear frame statistics
Related Commands
|
|
|
|---|---|
show vlan |
Displays VLAN information. |
i
clear fs-daemon
To clear the file sharing (FS) daemon log, use the clear fs-daemon command.
clear fs-daemon log
Syntax Description
log |
Clears the FS daemon log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the FS daemon log:
vsg# clear fs-daemon log
Related Commands
|
|
|
|---|---|
show logging |
Displays the logging configuration and the contents of the log file. |
clear inspect
To clear the File Transfer Protocol (FTP) inspection statistics, use the clear inspect command.
clear inspect ftp statistics [svs-domain-id domain-id module module-number]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the FTP inspection statistics:
vsg# clear inspect ftp statistics svs-domain-id 2 module 63
Related Commands
|
|
|
|---|---|
show vsg |
Displays Cisco VSG information. |
clear install
To clear the installation log, use the clear install command.
clear install {all failed-standby | failure-reason | status}
Syntax Description
all failed-standby |
Clears all the installation logs. |
failure-reason |
Clears the installation failure reason log. |
status |
Clear the installation status log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all the installation logs:
vsg# clear install all failed-standby
Related Commands
|
|
|
|---|---|
show install all status |
Displays the status of the current or last installation. |
clear ip adjacency statistics
To clear IP address adjacency statistics, use the clear ip adjacency statistics command.
clear ip adjacency statistics
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IP adjacency statistics:
vsg# clear ip adjacency statistics
Related Commands
|
|
|
|---|---|
show ipv6 adjacency |
Displays IP information. |
clear ip arp
To clear specific Address Resolution Protocol (ARP) IP address statistics, use the clear ip arp command.
clear ip arp ip-address [vrf {vrf-name | all | default | management}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a specific ARP IP address in EXEC mode:
vsg# clear ip arp 209.165.200.229
This example shows how to clear a specific ARP IP address in configuration mode:
vsg# configure
vsg#(config) clear ip arp 209.165.200.229
Related Commands
|
|
|
|---|---|
show ip arp |
Displays IP ARP information. |
clear ip arp data
To clear Address Resolution Protocol (ARP) IP address statistics on the data 0 interface, use the clear ip arp data command.
clear ip arp data 0 [vrf {vrf-name | all | default | management}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all ARP IP address statistics on data 0 interface:
vsg# clear ip arp data 0 all
Related Commands
|
|
|
|---|---|
show ip arp |
Displays IP ARP information. |
clear ip arp ethernet
To clear Address Resolution Protocol (ARP) IP address statistics on Ethernet interfaces, use the clear ip arp ethernet command.
clear ip arp ethernet slot-number / port-number [. | vrf vrf-name]
Syntax Description
slot-number |
Slot number. |
port-number |
Port number. |
vrf |
(Optional) Clears VRF ARP IP address statistics. |
vrf-name |
VRF name. The range is from 1 to 32. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ARP IP address statistics on an Ethernet interface:
vsg# clear ip arp ethernet 1 / 1
Related Commands
|
|
|
|---|---|
show ip arp |
Displays IP ARP information. |
clear ip arp loopback
To clear Address Resolution Protocol (ARP) IP address statistics on loopbacks, use the clear ip arp loopback command.
clear ip arp loopback loopback-number [vrf vrf-name]
Syntax Description
loopback-number |
Loopback number. |
vrf |
(Optional) Clears VRF ARP IP address statistics. |
vrf-name |
VRF name. The range is from 1 to 32. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ARP IP address statistics on a loopback:
vsg# clear ip arp loopback 10
Related Commands
|
|
|
|---|---|
show ip arp |
Displays ARP IP address information. |
clear ip arp mgmt
To clear Address Resolution Protocol (ARP) IP address statistics on the management interface, use the clear ip arp mgmt command.
clear ip arp mgmt 0 [vrf {vrf-name} | all | default | management}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ARP IP address statistics on the management interface:
vsg# clear ip arp mgmt all
Related Commands
|
|
|
|---|---|
show ip arp |
Displays IP ARP information. |
clear ip arp port-channel
To clear Address Resolution Protocol (ARP) IP address statistics on port channels, use the clear ip arp port-channel command.
clear ip arp port-channel port-channel-number [. sub-interface | vrf vrf-name]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ARP IP address statistics on a port channel:
vsg# clear ip arp port-channel 2
Related Commands
|
|
|
|---|---|
show port-channel |
Displays port-channel information. |
clear ip arp statistics
To clear Address Resolution Protocol (ARP) IP address statistics, use the clear ip arp statistics command.
clear ip arp statistics {data 0 | ethernet | loopback | mgmt | port-channel | vrf}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ARP IP address statistics on data 0:
vsg# clear ip arp statistics data 0
Related Commands
|
|
|
|---|---|
show ip |
Displays IP information. |
clear ip arp vrf
To clear Address Resolution Protocol (ARP) Virtual Routing and Forwarding (VRF) IP address statistics, use the clear ip arp vrf command.
clear ip arp vrf {vrf-name | all | default | management}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IP ARP VRF IP address statistics:
vsg# clear ip arp vrf vrf1
Related Commands
|
|
|
|---|---|
show vrf |
Displays VRF information. |
clear ip igmp event-history
To clear Internet Group Management Protocol (IGMP) IP address event history entries, use the clear ip igmp event-history command.
clear ip igmp event-history {cli | debugs | events | ha | igmp-internal | mtrace | policy | vrf}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear HA IGMP IP address event history entries:
vsg# clear ip igmp event-history ha
Related Commands
|
|
|
|---|---|
show ip igmp |
Displays the IGMP status and the IGMP configuration. |
clear ip igmp snooping
To clear Internet Group Management Protocol (IGMP) IP address snooping entries, use the clear ip igmp snooping command.
clear ip igmp snooping {event-history [VPC | igmp-snoop-internal | mfdm | mfdm-sum | vlan | vlan-events] | explicit-tracking vlan vlan-id | statistics vlan [vlan-id | all]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IGMP IP address snooping entries:
vsg# clear ip igmp snooping all
Related Commands
|
|
|
|---|---|
show ip igmp |
Displays IGMP status and configuration. |
clear ip interface
To clear IP address statistics on interfaces, use the clear ip interface command.
clear ip interface statistics [data 0 | ethernet slot-number / port-number [. sub-interface-number] | loopback loopback-number | mgmt | port-channel port-channel-number
[. sub-interface-number]]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IP address statistics on an Ethernet interface:
vsg# clear ip interface statistics ethernet 1 / 2
Related Commands
|
|
|
|---|---|
show ip interface |
Displays IP interface information. |
clear ip route
To clear IP routing information, use the clear ip route command.
clear ip route {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot / port | loopback loopback-number | port-channel portchannel-number}] | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot / port | loopback loopback-number | port-channel portchannel-number}] | vrf {vrf-name | default | management 0}}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IP routing information:
vsg# clear ip route *
Related Commands
|
|
|
|---|---|
show routing |
Displays routes. |
clear ip traffic
To clear global IP statistics, use the clear ip traffic command.
clear ip traffic [vrf {vrf-name | default | management}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear global IP statistics:
vsg# clear ip traffic
Related Commands
|
|
|
|---|---|
show ip traffic |
Displays IP traffic information. |
clear ipv6 adjacency statistics
To clear IPv6 address adjacency statistics, use the clear ipv6 adjacency statistics command.
clear ipv6 adjacency statistics
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IPv6 address adjacency statistics:
vsg# clear ipv6 adjacency statistics
Related Commands
|
|
|
|---|---|
show ipv6 adjacency |
Displays IPv6 statistics. |
clear ipv6 icmp interface statistics
To clear Internet Control Management Protocol (ICMP) IPv6 interface statistics, use the clear ipv6 icmp interface statistics command.
clear ipv6 icmp interface statistics [data 0 | ethernet slot-number / port-number
[. sub-interface-number] | loopback virtual-interface-number | port-channel port-channel-number [. sub-interface-number] ]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear ICMP IPv6 Ethernet interface statistics:
vsg# clear ipv6 icmp interface statistics ethernet 1 / 2 . 3
Related Commands
|
|
|
|---|---|
show ipv6 icmp |
Displays ICMPv6 information. |
clear ipv6 icmp mld groups
To clear Internet Control Message Protocol (ICMP) Multitask Listener Discovery (MLD) group IPv6 statistics, use the clear ipv6 icmp mld groups command.
clear ipv6 icmp mld groups {* [vrf {vrf-name | all | default | management}] | A:B::C:D | A:B::C:D/LEN}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all ICMP MLD group IPv6 statistics:
vsg# clear ipv6 icmp mld groups *
Related Commands
|
|
|
|---|---|
show ipv6 icmp |
Displays ICMPv6 information. |
clear ipv6 icmp mld route
To clear Internet Control Message Protocol (ICMP) Multitask Listener Discovery (MLD) routes, use the clear ipv6 icmp mld route command.
clear ipv6 icmp mld route {* [vrf {vrf-name | all | default | management}] | A:B::C:D | A:B::C:D/LEN}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IPv6 ICMP MLD routes:
vsg# clear ipv6 icmp mld route *
Related Commands
|
|
|
|---|---|
show ipv6 icmp |
Displays ICMPv6 information. |
clear ipv6 nd interface statistics
To clear Neighbor Discovery (ND) IPv6 interface statistics, use the clear ipv6 nd interface statistics command.
clear ipv6 nd interface statistics [data 0 | ethernet slot-number / port-number
[. sub-interface-number] | loopback virtual-interface-number | port-channel port-channel-number [. sub-interface-number] ]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IPv6 ND interface statistics:
vsg# clear ipv6 nd interface statistics ethernet 2 / 3 . 4
Related Commands
|
|
|
|---|---|
show ipv6 nd |
Displays Neighbor Discovery interface statistics. |
clear line
To end a session on a specified Virtual Teletype (VTY), use the clear line command.
clear line vty-name
Syntax Description
vty-name |
VTY name. The range is from 1 to 64. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to end a session on a specified VTY:
vsg# clear line VTY100
Related Commands
|
|
|
|---|---|
show users |
Displays active user sessions. |
clear logging
To clear logfile messages and logging sessions, use the clear logging command.
clear logging {logfile | session}
Syntax Description
logfile |
Clears log file messages. |
session |
Clears logging sessions. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear messages from the logging file:
vsg# clear logging logfile
Related Commands
|
|
|
|---|---|
show logging logfile |
Displays the contents of the log file. |
clear ntp
To clear the Network Time Protocol (NTP) sessions and statistics, use the clear ntp command.
clear ntp {session | statistics {all-peers | io | local | memory}}
Syntax Description
session |
Clears NTP sessions. |
statistics |
Clears NTP statistics. |
all-peers |
Clears all statistics. |
io |
Clears IO statistics. |
local |
Clears local statistics. |
memory |
Clears memory statistics. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all NTP statistics:
vsg# clear ntp statistics all-peers
Related Commands
|
|
|
|---|---|
show ntp peers |
Displays information about NTP peers. |
clear nvram
To clear the nonvolatile RAM (NVRAM), use the clear nvram command.
clear nvram
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the NVRAM:
vsg# clear nvram
Related Commands
|
|
|
|---|---|
show system resources |
Displays system resources. |
clear pktmgr client
To clear packet manager client counters, use the clear pktmgr client command.
clear pktmgr client [client-counter-uuid]
Syntax Description
client-counter-uuid |
(Optional) Client counter user identification. The range is from 0 to 4294967295. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a packet manager client counter:
vsg# clear pktmgr client 100
Related Commands
|
|
|
|---|---|
clear routing |
Clears routing information. |
clear pktmgr interface
To clear packet manager interface information, use the clear pktmgr interface command.
clear pktmgr interface [data 0 | ethernet slot-number / port-number [. sub-interface-number] | loopback virtual-interface-number | mgmt 0 | port-channel [. sub-interface-number]]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear packet manager interface information:
vsg# clear pktmgr interface ethernet 10 / 11 . 12
Related Commands
|
|
|
|---|---|
clear pktmgr client |
Clears the packet manager client. |
clear policy-engine
To clear policy engine statistics, use the clear policy-engine command.
clear policy-engine {policy-name stats | stats}
Syntax Description
policy-name |
Policy engine name. |
stats |
Clears policy engine statistics. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear policy engine statistics:
vsg# clear policy-engine stats
Related Commands
|
|
|
|---|---|
show policy-engine |
Displays the policy engine. |
clear processes
To clear process logs, use the clear processes command.
clear processes {log {all | archive [archive-name] | pid pid-number} | vdc vdc-name {all | pid pid-number}}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all process logs:
vsg# clear processes log all
Related Commands
|
|
|
|---|---|
show processes |
Displays all processes. |
clear rmon
To clear Remote Monitoring (RMON) logs, use the clear rmon command.
clear rmon {alarms | all-alarms | events | hcalarms}
Syntax Description
alarms |
Clears RMON alarms. |
all-alarms |
Clears all RMON alarms. |
events |
Clears RMON events. |
hcalarms |
Clears HC RMON alarms. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear RMON alarms:
vsg# clear rmon alarms
Related Commands
|
|
|
|---|---|
show rmon |
Displays RMON information. |
clear role
To clear role session information, use the clear role command.
clear role session
Syntax Description
session |
Clears the role session information. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear role session information:
vsg# clear role session
Related Commands
|
|
|
|---|---|
show role |
Displays role information. |
clear routing *
To clear all routes, use the clear routing * command.
clear routing *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all routes:
vsg# clear routing *
Clearing ALL routes
vsg#
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing A.B.C.D
To clear specific routes, use the clear routing A.B.C.D command.
clear routing ip-address [ip-address {data 0 | ethernet slot-number / port-number [.{sub-interface-number}] | loopback virtual-interface-number | port-channel port-channel-number}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear routes on the data 0 interface:
vsg# clear routing 209.165.200.228 data 0
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing A.B.C.D/LEN
To clear specific routes, use the clear routing A.B.C.D command.
clear routing ip-address [ip-address {data 0 | ethernet slot-number / port-number [.{sub-interface-number}] | loopback virtual-interface-number | port-channel port-channel-number}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear routes on the data 0 interface:
vsg# clear routing 209.165.200.228 data 0
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing event-history
To clear routing event histories, use the clear routing event-history command.
clear routing event-history {add-route | cli | delete-route | errors | general | loop-detection | modify-route | notifications | recursive-next-hop | summary | udfm | udfm-summary}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the loop-detection routes event history:
vsg# clear routing event-history loop-detection
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ip *
To clear all IP routes, use the clear routing ip * command.
clear routing ip *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IP routes:
vsg# clear routing ip *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ip A.B.C.D
To clear IP routing statistics, use the clear routing ip command.
clear routing ip ip-address [data 0 | ethernet slot-number / port-number [. sub-interface-number] | loopback virtual-interface-number | mgmt 0 | port-channel [. sub-interface-number]]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IP routes on slot 2, port 3:
vsg# clear routing ip ethernet 2 / 3
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ip A.B.C.D/LEN
To clear routing, use the clear routing ip A.B.C.D/LEN command.
clear routing ip ip-address [ip-address {data 0 | ethernet slot-number / port-number [.{sub-interface-number}] | loopback virtual-interface-number | port-channel port-channel-number}]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear IP routes:
vsg# clear routing ip 209.165.200.228
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ip event-history
To clear routing event histories, use the clear routing ip event-history command.
clear routing ip event-history {add-route | cli | delete-route | errors | general | loop-detection | modify-route | notifications | recursive-next-hop | summary | udfm | udfm-summary}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the notifications routes event history:
vsg# clear routing ip event-history notifications
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ip unicast
To clear unicast routing entries, use the clear routing ip unicast command.
clear routing ip unicast {* | A.B.C.D | A.B.C.D/LEN | event-history}
Syntax Description
* |
Clears all IP unicast routes. |
A.B.C.D |
Clears a specific IP unicast route. |
A.B.C.D/LEN |
Clears a specific IP unicast route. |
event-history |
Clears the IP unicast event history. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IP unicast routes:
vsg# clear routing ip unicast *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ipv4
To clear IPv4 route entries, use the clear routing ipv4 command.
clear routing ipv4 {* | A.B.C.D | A.B.C.D/LEN | event-history | unicast}
Syntax Description
* |
Clears all IPv4 routes. |
A.B.C.D |
Clears a specific IPv4 route. |
A.B.C.D/LEN |
Clears a specific IPv4 route. |
event-history |
Clears the IPv4 routing event history. |
unicast |
Clears IPv4 unicast routes. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IPv4 routes:
vsg# clear routing ipv4 *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing ipv6
To clear IPv6 route entries, use the clear routing ipv6 command.
clear routing ipv6 {* | A:B::C:D | A:B::C:D/LEN | event-history | unicast}
Syntax Description
* |
Clears all IPv6 routes. |
A:B::C:D |
Clears a specific IPv6 route. |
A:B::C:D/LEN |
Clears a specific IPv6 route. |
event-history |
Clears the IPv6 routing event history. |
unicast |
Clears IPv6 unicast routes. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IPv6 routes:
vsg# clear routing ipv6 *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf
To clear virtual routing and forwarding (VRF) routes, use the clear routing vrf command.
clear routing vrf vrf-name
Syntax Description
vrf-name |
VRF name. The range is from 1 to 32. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear VRF routes:
vsg# clear routing vrf vrfTest
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf default
To clear virtual routing and forwarding (VRF) routes, use the clear routing vrf default command.
clear routing vrf default {* | A.B.C.D | A.B.C.D/LEN | ip | ipv4 | ipv6 | unicast}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear VRF routes:
vsg# clear routing vrf default *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management *
To clear all virtual routing and forwarding (VRF) management routes, use the clear routing vrf management * command.
clear routing vrf management *
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all VRF management routes:
vsg# clear routing vrf management *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management
To clear specific virtual routing and forwarding (VRF) management routes, use the clear routing vrf management command.
clear routing vrf managment ethernet-address [ethernet-address {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a specific set of Ethernet routes:
vsg# clear routing vrf management 209.165.200.226 209.165.200.236 ethernet 2 / 4
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management
To clear specific virtual routing and forwarding (VRF) management routes, use the clear routing vrf management command.
clear routing vrf management ethernet-address [ethernet-address {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a specific set of Ethernet routes:
vsg# clear routing vrf management 209.165.200.226 209.165.200.236 ethernet 2 / 4
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management ip
To clear virtual routing and forwarding (VRF) IP management routes, use the clear routing vrf management ip command.
clear routing vrf management ip {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all IP unicast routes:
vsg# clear routing vrf management ip unicast *
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management ipv4
To clear IPv4 virtual routing and forwarding (VRF) management routes, use the clear routing vrf management ipv6 command.
clear routing vrf management ipv4 {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear an IPv4 VRF management route:
vsg# clear routing vrf management ipv4 209:165::200:229
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management ipv6
To clear IPv6 virtual routing and forwarding (VRF) management routes, use the clear routing vrf management ipv6 command.
clear routing vrf management ipv6 {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | unicast [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear an IPv6 VRF management route:
vsg# clear routing vrf management ipv6 209:165::200:225
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear routing vrf management unicast
To clear unicast virtual routing and forwarding (VRF) management routes, use the clear routing vrf management unicast command.
clear routing vrf management unicast {* | A.B.C.D [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]} | A.B.C.D/LEN [A.B.C.D {data 0 | ethernet slot-number / port-number [. sub-interface] | loopback loopback-number | port-channel port-number [. sub-interface]}]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a specific unicast route:
vsg# clear routing vrf management unicast 209.165.200.225
Related Commands
|
|
|
|---|---|
show routing |
Displays the IP route table. |
clear scheduler
To clear the scheduler log, use the clear scheduler command.
clear scheduler logfile
Syntax Description
logfile |
Clears the scheduler log. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the scheduler log file:
vsg# clear scheduler logfile
Related Commands
|
|
|
|---|---|
show scheduler logfile |
Displays the scheduler log file. |
clear screen
To clear the screen, use the clear screen command.
clear screen
Syntax Description
This command has no key words or arguments.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the screen:
vsg# clear screen
Related Commands
|
|
|
|---|---|
show terminal |
Displays terminal configuration parameters. |
clear service-path
To clear service path information, use the clear service-path command.
clear service-path {connection | statistics [svs-domain-id id module module-number]}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear service path statistics:
vsg# clear service-path statistics
Related Commands
|
|
|
|---|---|
show service-path statistics |
Displays service path statistics. |
clear snmp
To clear Simple Network Management Protocol (SNMP) information, use the clear snmp command.
clear snmp {counters | hostconfig}
Syntax Description
counters |
Clears the SNMP counters. |
hostconfig |
Clears the SNMP host list. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear SNMP counters:
vsg# clear snmp counters
Related Commands
|
|
|
|---|---|
show snmp community |
Displays SNMP community strings. |
clear sockets
To clear socket statistics, use the clear sockets command.
clear sockets {all | raw | raw6 | tcp | tcp6 | udp | udp6}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear socket statistics:
vsg# clear sockets all
Related Commands
|
|
|
|---|---|
show sockets statistics |
Displays TCP socket statistics. |
clear ssh
To clear the Secure Shell (SSH) host session, use the clear ssh command.
clear ssh hosts
Syntax Description
hosts |
Clears the SSH host session. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear all SSH host sessions:
vsg# clear ssh hosts
Related Commands
|
|
|
|---|---|
show ssh |
Displays SSH information. |
clear system internal ac application
To clear application containers, use the clear system internal ac application command.
clear system internal ac application application-name instance instance-number [fe fe-name]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear an application container:
vsg# clear system internal ac application core instance 1
Related Commands
|
|
|
|---|---|
show system internal ac application |
Displays application container information. |
clear system internal ac ipc-stats
To clear application container Instructions per Cycle (IPC) statistics, use the clear system internal ac ipc-stats command.
clear system internal ac ipc-stats fe {attribute-manager | inspection-ftp | inspection-rsh | inspection-tftp | service-path}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear application container IPC statistics:
vsg# clear system internal ac ipc-stats
vsg#
Related Commands
|
|
|
|---|---|
show system internal ac application |
Displays application container information. |
clear user
To clear a user session, use the clear user command.
clear user user-id
Syntax Description
user-id |
User identification number. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear a user session:
vsg# clear user user1
Related Commands
|
|
|
|---|---|
show users |
Displays user session information. |
cli
To define a command line interface (CLI) variable for a terminal session, use the cli command. To remove the CLI variable, use the no form of this command.
cli var name variable-name variable-text
cli no var name variable-name
Syntax Description
Defaults
None
Command Modes
EXEC
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
You can reference a CLI variable using the following syntax:
$(variable-name)
Instances where you can use variables are as follows:
•Command scripts
•Filenames
You cannot reference a variable in the definition of another variable.
You can use the predefined variable, TIMESTAMP, to insert the time of day. You cannot change or remove the TIMESTAMP CLI variable.
You must remove a CLI variable before you can change its definition.
Examples
This example shows how to define a CLI variable:
vsg# cli var name testinterface interface 2/3
vsg#
This example shows how to reference the TIMESTAMP variable:
vsg# copy running-config > bootflash:run-config-$(TIMESTAMP).cnfg
vsg#
This example shows how to remove a CLI variable:
vsg# cli no var name testinterface interface 2/3
vsg#
Related Commands
|
|
|
|---|---|
show cli variables |
Displays the CLI variables. |
clock set
To manually set the clock, use the clock set command.
clock set time day month year
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Use the clock set command when you cannot synchronize your device with an outside clock source, such as a Network Time Protocol (NTP) server.
Examples
This example shows how to manually set the clock:
vsg# clock set 9:00:00 29 January 2011
vsg#
Related Commands
|
|
|
|---|---|
show clock |
Displays the clock time. |
condition
To specify a condition statement used in a rule or zone, use the condition command. To remove the condition statement for a rule or zone, use the no form of this command
condition attribute-name {eq | neq | gt | lt | prefix | contains | in-range | member-of | not-in-range | not-member-of} attribute-value1 [attribute-value2]
Syntax Description
Command Default
None
Command Modes
Policy configuration (config-policy)
Zone configuration (config-zone)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
Use the condition command to specify a condition statement that is used in a rule. Each condition statement supports one of the virtual machine (VM), zone, network, or environment attributes. When multiple condition statements are used in a rule, all conditions are considered to be AND'd during a policy evaluation.
The following operators must have at least two attribute values:
•prefix—When applied against an IP address (for example, prefix 10.10.10.1 255.255.255.0)
•in-range—For all types of attribute values (for example, range 10.10.10.1 10.10.10.200)
•not-in-range—For all types of attribute values (for example, not-in-range 10.10.10.1 10.10.10.200)
Attribute values can be any of the following:
•Integer
•Integer range
•IP address and a netmask
•IP address range
•String
•Name of an object-group
Note•Attributes used in rule conditions are mostly directional attributes.
•Attributes usd in zone conditions are all neutral attributes.
Examples
This example shows how to set up conditions for a web server zone:
VSG(config)# zone web_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.1 10.10.1.20
VSG(config-zone# exit
This example shows how to set up conditions for an app server zone:
VSG(config)# zone app_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.21 10.10.1.40
VSG(config-zone)# exit
This example shows how to set up conditions for a database server zone:
VSG(config)# zone db_servers
VSG(config-zone)# condition 1 net.ip-address range 10.10.1.41 10.10.1.60
VSG(config-zone)# exit
Related Commands
|
|
|
|---|---|
rule |
Enters the rule configuration submode. |
zone |
Enters the zone configuration submode. |
configure
To enter configuration mode, use the configure command.
configure
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
network-admin
network operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enter configuration mode:
vsg# configure
Enter configuration commands, one per line. End with CNTL/Z.
vsg(config)#
Related Commands
|
|
|
|---|---|
interface data 0 |
Enters interface configuration mode. |
copy bootflash:
To copy files from the bootflash directory, use the copy bootflash: command.
copy bootflash://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy a file from a remote bootflash directory to a local bootflash directory:
vsg# copy bootflash://jsmith@209.193.10.10/ws/jsmith-sjc/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy volatile: |
Copies files from the volatile: directory. |
copy core:
To copy files from the core directory, use the copy core: command.
copy core: //file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
None
Examples
This example shows how to copy a file from a remote core directory to a local volatile directory:
vsg# copy core://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Related Commands
|
|
|
|---|---|
copy log: |
Copies files from the log directory. |
copy debug:
To copy files from the debug directory, use the copy debug: command.
copy debug: //file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy a file from a remote debug directory to a local volatile directory:
vsg# copy debug://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Related Commandsv
|
|
|
|---|---|
copy bootflash: |
Copies files from the bootflash directory. |
copy ftp:
To copy files from the file transfer protocol (FTP) directory, use the copy ftp: command.
copy ftp://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to transfer a file from a remote FTP directory to a local bootflash directory:
vsg# copy ftp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy sftp: |
Copies the files from the SFTP directory. |
copy log:
To copy files from the log directory, use the copy log: command.
copy log://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote log directory to a local volatile directory:
vsg# copy log://user@209.193.10.11/ps/user-rtg/vsgLog.txt volatile:/
Related Commands
|
|
|
|---|---|
copy debug: |
Copies files from the debug directory. |
copy modflash:
To copy files from the modflash directory, use the copy modflash: command.
copy modflash: //file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote modflash directory to a local volatile directory:
vsg# copy modflash://user@209.193.10.10/ws/user-sjc/vsg-mod.bin volatile:/
Related Commands
|
|
|
|---|---|
copy nvram: |
Copies files from the NVRAM directory. |
copy nvram:
To copy files from the nonvolatile RAM (NVRAM) directory, use the copy nvram: command.
copy nvram://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote NVRAM directory to a local volatile directory:
vsg# copy nvram://user@209.193.10.10/ws/user-sjc/vsg-ram.bin volatile:/
Related Commands
|
|
|
|---|---|
copy modflash: |
Copies files from a modflash directory. |
copy running-config
To copy the running configuration, use the copy running-config command.
copy running-config destination-address [all-vdc]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy the running configuration to the bootflash directory:
vsg# copy running-config bootflash:
Related Commands
|
|
|
|---|---|
copy startup-config |
Copies a startup configuration to a specified destination. |
copy scp:
To copy files from the Secure Control Protocol (SCP) directory, use the copy scp: command.
copy scp://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote SCP directory to a local volatile directory:
vsg# copy scp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin volatile:/
Related Commands
|
|
|
|---|---|
copy sftp: |
Copies files from the SFTP directory. |
copy sftp:
To copy files from the Secure File Transfer Protocol (SFTP) directory, use the copy sftp: command.
copy sftp://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to transfer a file from a remote SFTP directory to a local bootflash directory:
vsg# copy sftp://jjones@209.193.10.11/ps/jjones-rtg/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy tftp: |
Copies files from the Trivial File Transfer Protocol (TFTP) directory. |
copy startup-config
To copy the startup configuration, use the copy startup-config command.
copy startup-config destination-address [all-vdc]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy the startup configuration to the bootflash directory:
vsg# copy startup-config bootflash:
Related Commands
|
|
|
|---|---|
copy running-config |
Copies a running configuration to a specified destination. |
copy system:
To copy files from the file directory, use the copy system: command.
copy system: //file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote file directory to a local bootflash directory:
vsg# copy system://pkim@209.193.10.12/ps/pkim-rich/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy bootflash: |
Copies files to the bootflash directory. |
copy tftp:
To copy files from the Trivial File Transfer Protocol (TFTP) directory, use the copy tftp: command.
copy tftp://file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote TFTP directory to a local bootflash directory:
vsg# copy tftp://user@209.193.10.11/ps/user-rtg/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy sftp: |
Copies files from the SFTP directory. |
copy volatile:
To copy files from the volatile directory, use the copy volatile: command.
copy volatile: //file-address destination-address
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy files from a remote volatile directory to a local bootflash directory:
vsg# copy volatile://user@209.193.10.10/ws/user-sjc/vsg-dplug.bin bootflash:/
Related Commands
|
|
|
|---|---|
copy bootflash: |
Copies files from the bootflash directory. |
debug logfile
To direct the output of the debug command to a specified file, use the debug logfile command. To revert to the default, use the no form of the command.
debug logfile filename [size bytes]
no debug logfile filename [size bytes]
Syntax Description
Defaults
Default filename: syslogd_debugs
Default file size: 10485760 bytes
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
The logfile is created in the log: file system root directory.
Use the dir log: command to display the log files.
Examples
This example shows how to specify a debug logfile:
vsg# debug logfile debug_log
This example shows how to revert to the default debug logfile:
vsg# no debug logfile debug_log
Related Commands
|
|
|
|---|---|
dir |
Displays the contents of a directory. |
show debug |
Displays the debug configuration. |
show debug logfile |
Displays the debug logfile contents. |
debug logging
To enable debug command output logging, use the debug logging command. To disable debug logging, use the no form of this command.
debug logging
no debug logging
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enable the output logging for the debug command:
vsg# debug logging
This example shows how to disable the output logging for the debug command:
vsg# no debug logging
Related Commands
|
|
|
|---|---|
debug logfile |
Configures the logfile for the debug command output. |
delete
To delete the contents of a directory, use the delete command.
delete {bootflash: | debug: | log: | modflash: | volatile:}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to delete the contents of the bootflash directory:
vsg# delete bootflash:
Related Commands
|
|
|
|---|---|
copy |
Copies files to directories. |
dir
To display the contents of a directory or file, use the dir command.
dir [bootflash: | debug: | log: | modflash: | volatile:]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Use the pwd command to identify the directory you are currently working in.
Use the cd command to change the directory you are currently working in.
Examples
This example shows how to display the contents of the bootflash: directory:
vsg# dir bootflash:
Related Commands
|
|
|
|---|---|
cd |
Changes the current working directory. |
pwd |
Displays the current working directory. |
echo
To echo an argument back to the terminal screen, use the echo command.
echo [backslash-interpret] [text]
Syntax Description
Defaults
Displays a blank line.
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
You can use this command in a command script to display information while the script is running.
Table 1 lists the formatting keywords that you can insert in the text when you include the backslash-interpret keyword.
Examples
This example shows how to display a blank line at the command prompt:
vsg# echo
vsg#
This example shows how to display a line of text at the command prompt:
vsg# echo Script run at $(TIMESTAMP).
Script run at 2008-08-12-23.29.24.
vsg#
This example shows how to use a formatting option in the text string:
vsg# echo backslash-interpret This is line #1. \nThis is line #2.
This is line #1.
This is line #2.
vsg#
Related Commands
|
|
|
|---|---|
run-script |
Runs command scripts. |
end
To return to EXEC mode from any lower-level mode, use the end command.
end
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enter VNMC policy agent mode and then how to return to EXEC mode:
vsg# configure
VSG(config)# vnm-policy-agent
VSG(config-vnm-policy-agent)#
vsg(config-vnm-policy-agent)# end
vsg#
Related Commands
|
|
|
|---|---|
configure |
Enters configuration mode. |
event
To clear the event counter, use the event command.
event manager clear counter counter-name
Syntax Description
Defaults
Displays a blank line.
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to clear the event counter:
vsg# event manager clear counter default
Related Commands
|
|
|
|---|---|
show event |
Displays event information. |
event-log service-path
To enable logging debugs for the service-path process, use the event-log service-path command. To disable this feature, use the no form of this command.
event-log service-path {ac {error | info | inst-error | inst-info} | fm {debug | error | info} | sp {error | info | pkt-detail | pkt-error | pkt-info | vptah-lib-error | vpath-lib-info | vpath-lib-frag} [terminal]
no event-log service-path {ac {error | info | inst-error | inst-info} | fm {debug | error | info} | sp {error | info | pkt-detail | pkt-error | pkt-info | vpath-lib-error | vpath-lib-info | vpath-lib-frag} [terminal]
Syntax Description
Defaults
None
Command Modes
EXEC
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was modified to include sp {vpath-lib-error | vpath-lib-info | vpath-lib-frag} |
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Event logs are written to the process buffer and can be viewed by the show system internal event-log service-path command. When the terminal option is entered, the event logs are displayed on the terminal.
Examples
This example shows how to display on the terminal the event logs for the service-path vPath library errors:
vsg# event-log service-path sp vpath-lib-error terminal
vsg#
Related Commands
exit
To exit the current mode, use the exit command.
exit
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to exit the current mode:
vsg(config)# exit
vsg#
Related Commands
|
|
|
|---|---|
end |
Places you in EXEC mode. |
find
To find file names that begin with a character string, use the find command.
find filename-prefix
Syntax Description
filename-prefix |
First part or all of a filename. The filename prefix is case sensitive. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
The find command searches all subdirectories under the current working directory. You can use the cd and pwd commands to navigate to the starting directory.
Examples
This example shows how to find a file name that has a prefix of "a":
vsg# find a
Related Commands
|
|
|
|---|---|
pwd |
Lists the directory you are currently in. |
gunzip
To uncompress a compressed file, use the gunzip command.
gunzip filename
Syntax Description
filename |
Name of the file. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
The compressed filename must have the .gz extension.
You do not have to enter the .gz extension as part of the filename.
The Cisco NX-OS software uses Lempel-Ziv 1977 (LZ77) coding for compression.
Examples
This example shows how to uncompress a compressed file:
vsg# gunzip run_cnfg.cfg
Related Commands
|
|
|
|---|---|
dir |
Displays the directory contents. |
gzip |
Compresses a file. |
gzip
To compress a file, use the gzip command.
gzip filename
Syntax Description
filename |
File name. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
After you use this command, the file is replaced with the compressed filename that has the .gz extension.
The Cisco NX-OS software uses Lempel-Ziv 1977 (LZ77) coding for compression.
Examples
This example shows how to compress a file:
vsg# gzip run_cnfg.cfg
Related Commands
|
|
|
|---|---|
dir |
Displays the directory contents. |
gunzip |
Uncompresses a compressed file. |
install
To install an image upgrade, use the install command.
install all {iso | kickstart}
Syntax Description
iso |
Specifies an ISO image. |
kickstart |
Specifies a kickstart image. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to install an ISO image upgrade:
vsg# install all iso bootflash://smith@209.165.200.226/test
Related Commands
|
|
|
|---|---|
show install |
Displays the software installation impact between two images. |
interface
To configure an interface on the Cisco VSG, use the interface command. To remove an interface, use the no form of the command.
interface {data number | ethernet slot/port | loopback number | mgmt number | port-channel channel-number}
no interface {data number | ethernet slot/port | loopback number | mgmt number | port-channel channel-number}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to configure an interface:
vsg# interface data 0
This example shows how to remove an interface:
vsg# no interface data 0
Related Commands
|
|
|
|---|---|
show interface |
Displays the interface and IP details, including Rx and Tx packets or bytes. |
ip
To configure IP details, use the ip command. To revert to the default settings, use the no form of this command.
ip {access-list match-local-traffic | arp timeout seconds | domain-list name | domain-lookup | host name | igmp | name-server | route | routing event-history | tcp | tftp path-mtu-discovery}
no ip {access-list match-local-traffic | arp timeout seconds | domain-list name | domain-lookup | host name | igmp | name-server | route | routing event-history | tcp | tftp path-mtu-discovery}
Syntax Description
Defaults
1500
Command Modes
Global configuration
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows the ip command being used to configure IP details:
vsg# configure
vsg(config)# ip host testOne 209.165.200.231
Related Commands
|
|
|
|---|---|
show ip |
Displays IP details. |
line
To specify the line configuration, use the line command.
line {com1 | console | vty}
Syntax Description
Command Default
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enter the COM1 port configuration mode:
vsg(config)# line com1
vsg(config-com1)#
This example shows how to enter the console port configuration mode:
vsg(config)# line console
vsg(config-console)#
This example shows how to enter the line configuration mode:
vsg(config)# line vty
vsg(config-line)#
Related Commands
|
|
|
|---|---|
show line |
Displays information about the COM1 port, console port configuration, and the line configuration. |
logging
To configure logging, use the logging command.
logging {abort | commit | console severity-level | distribute | event | level | logfile name | module severity-level | monitor severity-level | server | source-interface loopback number | timestamp time-type}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to discard logging a CFS distribution session in progress:
vsg# configure
vsg(config)# logging abort
vsg(config)#
Related Commands
|
|
|
|---|---|
show logging |
Displays logging information. |
match
T o specify a condition used in an object-group, use the match command. To remove a condition in an object group, use the no form of this command.
match {eq | gt | lt | prefix | contains | in-range | neq | not-in-range} attribute-value1 [attribute-value2]
Syntax Description
Command Default
None
Command Modes
Policy configuration (config-policy)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
When multiple condition statements are used in an object-group, all conditions are considered to be OR'd during policy evaluation. The following operators require at least two attribute values:
•prefix—When applied against a subnet mask (for example, prefix 10.10.10.1 255.255.255.0)
•in-range—For all types of attribute values (for example, in-range 10.10.10.1 10.10.10.200)
•not-in-range—For all types of attribute values (for example, not-in-range 10.10.10.1 10.10.10.200)
Attribute values can be any of the following:
•Integer
•Integer range
•IP address, or a netmask
•IP address range
•String
Examples
This example shows how to set conditions to be used in an object group:
vsg(config-policy)# match 1 eq 80
vsg(config-policy)# match 2 eq 443
vsg(config-policy)# exit
vsg(config)#
Related Commands
|
|
|
|---|---|
object-group |
Enters the object-group configuration submode. |
mkdir (VSG)
To create a new directory, use the mkdir command.
mkdir {bootflash: | debug: | modflash: | volatile:}
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
4.0(4)SV1(1) |
This command was introduced. |
4.2(1)VSG1(1) |
This command was introduced for the Cisco VSG. |
Examples
This example shows how to create the bootflash: directory:
vsg# mkdir bootflash:
Related Commands
|
|
|
|---|---|
cd |
Changes the current working directory. |
dir |
Displays the directory contents. |
pwd |
Displays the name of the current working directory. |
ntp sync-retry (VSG)
To retry synchronization with configured servers, use the ntp sync-retry command. To stop this process, use the no form of this command.
ntp sync-retry
no ntp sync-retry
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced for the Cisco VSG. |
Examples
This example shows how to enable the Network Time Protocol (NTP) synchronization retry:
vsg# ntp sync-retry
This example shows how to disable the NTP synchronization retry:
vsg# no ntp sync-retry
Related Commands
|
|
|
|---|---|
show clock |
Displays the time and date. |
object-group
To reduce the number of rule configurations to accommodate the "or" conditions for the HTTP/HTTPS ports, use the object-group command. To remove the given object group object and all the relevant configurations, use the no form of this command.
object-group group-name attribute-name
Syntax Description
group-name |
Name of the object group. |
attribute-name |
Attribute designated for the group. The attribute used in an object group must be a neutral attribute. |
Command Default
None
Command Modes
Cisco VSG global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
This command enters the object-group submode. This command can be used to build a group of attribute values so the group can be used in a condition statement later on with the operator member.
Examples
This example shows how to use the object-group command:
vsg(config)# object-group http_ports net.port
vsg(config-object-group)#
Related Commands
|
|
|
|---|---|
match |
Specifies a condition used in an object group. |
password strength-check
To enable password strength checking, use the password strength-check command. To disable the password strength checking, use the no form of this command.
password strength-check
no password strength-check
Syntax Description
This command has no arguments or keywords.
Defaults
This feature is enabled by default.
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enable the checking of the password strength:
vsg# config t
vsg(config)# password strength-check
vsg(config)#
This example shows how to disable the checking of the password strength:
vsg# config t
vsg(config)# no password strength-check
vsg(config)#
Related Commands
policy
To enter the policy configuration submode for constructing a firewall policy on the Cisco VSG, use the policy command. To remove the given policy object and all its bindings with other policy objects, use the no form of this command.
policy policy-name
Syntax Description
policy-name |
Policy-map object. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
Use the policy command to enable the policy configuration subcommand mode when the variable policy-name is used to specify the policy-map object.
The policy command configuration submode provides the following functions:
•Binding rules to a given policy.
•Creating rank or precedence among all the bound rules.
•Binding zones to a given policy.
Examples
This example shows how to set a 3-tiered policy object:
vsg(config)# policy 3-tiered-policy
vsg(config-policy)# rule inet_web_rule order 10
vsg(config-policy)# rule office_app_ssh_rule order 20
vsg(config-policy)# rule web_app_rule order 40
vsg(config-policy)# rule app_db_rule order 50
vsg(config-policy)# rule default_deny_rule order 60
vsg(config-policy)# exit
vsg(config)#
Related Commands
|
|
|
|---|---|
rule |
Configures the binding of the policy with a given rule. |
zone |
Configures the binding of the policy with a given zone. |
pwd
To view the current directory, use the pwd command.
pwd
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.0(4)SV1(1) |
This command was introduced. |
4.2(1)VSG1(1) |
This command was introduced for the Cisco VSG. |
Examples
This example shows how to view the current directory:
vsg# pwd
bootflash:
vsg#
Related Commands
|
|
|
|---|---|
cd |
Changes the current directory. |
reload
To reboot both the primary and secondary Cisco VSG in a redundant pair, use the reload command.
reload
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
4.0(4)SV1(1) |
This command was introduced. |
4.2(1)VSG1(1) |
This command was introduced for the Cisco VSG. |
Usage Guidelines
To reboot only one of the Cisco VSGs in a redundant pair, use the reload module command instead.
Before reloading, use the copy running-configuration to startup-configuration command to preserve any configuration changes made since the previous reboot or restart.
After reloading it, you must manually restart the Cisco VSG.
Examples
This example shows how to reload both the primary and secondary Cisco VSG:
vsg(config)#reload
!!!WARNING! there is unsaved configuration!!!
This command will reboot the system. (y/n)? [n] y
2010 Dec 20 11:33:35 bl-vsg %PLATFORM-2-PFM_SYSTEM_RESET: Manual system restart from Command Line Interface
Related Commands
|
|
|
|---|---|
reload module |
Reloads the specified Cisco VSG (1 or 2) in a redundant pair. |
reload module
To reload one of the Cisco VSGs in a redundant pair, use the reload module command.
reload module module [force-dnld]
Syntax Description
module |
Module number (use 1 for the primary Cisco VSG or 2 for the secondary Cisco VSG). |
force-dnld |
(Optional) Reboots the specified module to force NetBoot and image download. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.0(4)SV1(1) |
This command was introduced. |
4.2(1)VSG1(1) |
This command was introduced for the Cisco VSG. |
Usage Guidelines
To reboot both the Cisco VSGs in a redundant pair, use the reload command instead.
Before reloading, use the copy running-configuration to startup-configuration command to preserve any configuration changes made since the previous reboot or restart.
After reloading it, you must manually restart the Cisco VSG.
Examples
This example shows how to reload Cisco VSG 2, the secondary Cisco VSG in a redundant pair:
vsg# reload module 2
!!!WARNING! there is unsaved configuration!!!
This command will reboot the system. (y/n)? [n] y
2010 Dec 20 11:33:35 bl-vsg %PLATFORM-2-PFM_SYSTEM_RESET: Manual system restart from Command Line Interface
Related Commands
|
|
|
|---|---|
show version |
Displays information about the software version. |
reload |
Reboots both the primary and secondary Cisco VSG. |
restart
To manually restart a component, use the restart command. To disable manual restart, use the no form of this command.
restart
no restart
Syntax Description
This command has no arguments or keywords.
Command Default
Disabled
Command Modes
EXEC
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Do not use this command unless you are absolutely certain that there is no one else using the system.
Examples
This example shows how to restart the Cisco VSG:
vsg# restart
Related Commands
|
|
|
|---|---|
reload |
Reboots the entire device. |
rmdir (VSG)
To remove a directory, use the rmdir command.
rmdir {bootflash: | debug: | modflash: | volatile:}
Syntax Description
bootflash: |
Deletes the bootflash: directory. |
debug: |
Deletes the debug: directory. |
modflash: |
Deletes the modflash: directory. |
volatile: |
Deletes the volatile: directory. |
Defaults
Removes the directory from the current working directory.
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to remove the bootflash directory:
vsg# rmdir bootflash:
Related Commands
|
|
|
|---|---|
cd |
Changes the current working directory. |
dir |
Displays the directory contents. |
pwd |
Displays the name of the current working directory. |
role
To configure a user role, use the role command. To delete a user role, use the no form of this command.
role {feature-group feature-group-name | name {name | network-observer}}
no role { feature-group name | [name name | network-observer] }
Syntax Description
Defaults
This feature is enabled by default.
Command Modes
Global configuration
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to configure a user role for a feature group:
vsg# configure
vsg(config)# role feature-group name abc
vsg(config-role-featuregrp)#
Related Commands
|
|
|
|---|---|
show role |
Displays the role configuration. |
role name |
Names a user role and places you in role configuration mode for that role. |
rule
To enter the configuration submode to build a firewall rule that consists of multiple conditions and actions, use the rule command. To remove the given rule object and all the relevant configurations, use the no form of this command.
rule rule-name
Syntax Description
rule-name |
Specifies a rule object. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
Use the rule comand to enter the rule configuration submode. The rule-name variable is used to specify the rule object that is to be configured.
Examples
This example shows how to build firewall rules on the Cisco VSG:
vsg(config)# rule inet_web_rule
vsg(config-rule)# condition 1 dst.zone.name eq web_servers
vsg(config-rule)# condition 2 dst.net.port member_of http_ports
vsg(config-rule)# action permit
vsg(config-rule)# exit
vsg(config)# rule office_app_ssh_rule
vsg(config-rule)# condition 1 dst.zone.name eq app_servers
vsg(config-rule)# condition 2 src.net.ip-address prefix 192.10.1.0 \
255.255.255.0
vsg(config-rule)# condition 3 dst.net.port eq 22
vsg(config-rule)# action permit
vsg(config-rule)# exit
vsg(config)# rule web_app_https_rule
vsg(config-rule)# condition 1 src.zone.name eq web_servers
vsg(config-rule)# condition 2 dst.zone.name eq app_servers
vsg(config-rule)# condition 3 dst.net.port member_of http_ports
vsg(config-rule)# action permit
vsg(config-rule)# exit
vsg(config)# rule app_db_rule
vsg(config-rule)# condition 1 src.zone.name eq app_servers
vsg(config-rule)# condition 2 dst.zone.name eq db_servers
vsg(config-rule)# action permit
vsg(config-rule)# exit
vsg(config)# rule default_deny_rule
vsg(config-rule)# action 1 deny
vsg(config-rule)# action 2 log
vsg(config-rule)# exit
Related Commands
|
|
|
|---|---|
condition |
Specifies a condition statement used in a rule. |
action |
Specifies the actions to be executed when traffic characteristics match with the associated rule. |
run-script (VSG)
To run a command script that is saved in a file, use the run-script command.
run-script [bootflash: [> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | >> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | | [cut | diff | egrep | grep | head | human | last | less | no-more | sed | sort | sscp | tr | uniq | vsh | wc | xml | begin | count | end | exclude | include] | volatile: [> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | >> [bootflash: | ftp: | scp: | sftp: | tftp: | volatile:] | | [cut | diff | egrep | grep | head | human | last | less | no-more | sed | sort | sscp | tr | uniq | vsh | wc | xml | begin | count | end | exclude | include] ] [filename]
Syntax Description
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to run a command script that is saved in a file called Sample:
vsg(config)#run-script volatile:Sample
Related Commands
|
|
|
|---|---|
cd |
Changes the current working directory. |
copy |
Copies files. |
dir |
Displays the contents of the working directory. |
pwd |
Displays the name of the present working directory (pwd). |
send
To send a message to an open session, use the send command.
send {message | session device message}
Syntax Description
message |
Message. |
session |
Specifies a specific session. |
device |
Device type. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to send a message to an open session:
vsg# send session sessionOne testing
vsg#
Related Commands
|
|
|
|---|---|
show banner |
Displays a banner. |
setup
To use the basic system configuration dialog for creating or modifying a configuration file, use the setup command.
setup
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
The Basic System Configuration Dialog assumes the factory defaults.
All changes made to your configuration are summarized for you at the completion of the setup sequence with an option to save the changes or not.
You can exit the setup sequence at any point by pressing Ctrl-C.
Examples
This example shows how to use the setup command to create or modify a basic system configuration:
vsg# setup
Enter the domain id<1-4095>: 400
Enter HA role[standalone/primary/secondary]: standalone
[########################################] 100%
---- Basic System Configuration Dialog ----
This setup utility will guide you through the basic configuration of
the system. Setup configures only enough connectivity for management
of the system.
*Note: setup is mainly used for configuring the system initially,
when no configuration is present. So setup always assumes system
defaults and not the current system configuration values.
Press Enter at anytime to skip a dialog. Use ctrl-c at anytime
to skip the remaining dialogs.
Would you like to enter the basic configuration dialog (yes/no): y
Create another login account (yes/no) [n]: n
Configure read-only SNMP community string (yes/no) [n]: n
Configure read-write SNMP community string (yes/no) [n]: n
Enter the vsg name : vsg
Continue with Out-of-band (mgmt0) management configuration? (yes/no) [y]:
Mgmt0 IPv4 address :
Configure the default gateway? (yes/no) [y]: n
Configure advanced IP options? (yes/no) [n]:
Enable the telnet service? (yes/no) [y]:
Enable the ssh service? (yes/no) [n]:
Configure the ntp server? (yes/no) [n]:
Configure vem feature level? (yes/no) [n]:
Configure svs domain parameters? (yes/no) [y]:
Enter SVS Control mode (L2 / L3) : l2
Invalid SVS Control Mode
Enter SVS Control mode (L2 / L3) : L2
Enter control vlan <1-3967, 4048-4093> : 400
Enter packet vlan <1-3967, 4048-4093> : 405
The following configuration will be applied:
vsgname vsg
telnet server enable
no ssh server enable
svs-domain
svs mode L2
control vlan 400
packet vlan 405
domain id 400
vlan 400
vlan 405
Would you like to edit the configuration? (yes/no) [n]:
Use this configuration and save it? (yes/no) [y]: n
vsgvsgvsg#
Related Commands
|
|
|
|---|---|
show running-config |
Displays the running configuration. |
sleep
To set a sleep time, use the sleep command.
sleep time
Syntax Description
time |
Sleep time, in seconds. The range is from 0 to 2147483647. |
Defaults
Sleep time is not set.
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
When you set time to 0, sleep is disabled.
Examples
This example shows how to set a sleep time:
vsg# sleep 100
vsg#
This example shows how to disable sleep:
vsg# sleep 0
vsg#
Related Commands
|
|
|
|---|---|
reload |
Reboots the Cisco VSG. |
snmp-server
To configure the Simple Network Management Protocol (SNMP) values, use the snmp-server command. To revert to default, use the no form of this command.
snmp-server {aaa-user cache-timeout seconds | community word | contact | context word | counter | enable traps | globalEnforcePriv | host | location name | mib community-map name | protocol | source-interface | tcp-session auth | user name}
no snmp-server {aaa-user cache-timeout seconds | community word | contact | context word | counter | enable traps | globalEnforcePriv | host | location name | mib community-map name | protocol | source-interface | tcp-session auth | user name}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to configure the AAA user synchronization timeout value:
vsg# configure
vsg(config)# snmp-server aaa-user cache-timeout 6000
vsg(config)#
Related Commands
|
|
|
|---|---|
show snmp |
Displays information about SNMP. |
ssh
To create a Secure Shell (SSH) session, use the ssh command.
ssh {hostname| connect | name}
Syntax Description
Defaults
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Cisco NX-OS software supports SSH version 2.
Examples
This example shows how to start an SSH session:
vsg# ssh 10.10.1.1 vrf management
The authenticity of host '10.10.1.1 (10.10.1.1)' can't be established.
RSA key fingerprint is 9b:d9:09:97:f6:40:76:89:05:15:42:6b:12:48:0f:d6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.10.1.1' (RSA) to the list of known hosts.
User Access Verification
Password:
Related Commands
|
|
|
|---|---|
clear ssh session |
Clears SSH sessions. |
ssh server enable |
Enables the SSH server. |
ssh key
To generate a secure-shell (SSH) session key with a specific security configuration, use the ssh key command.
ssh key {dsa | rsa}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Cisco NX-OS software supports SSH version 2.
Examples
This example shows how to generate an SSH session key:
vsg# configure
vsg(config)# ssh key rsa 770
Related Commands
|
|
|
|---|---|
clear ssh session |
Clears SSH sessions. |
ssh server enable |
Enables the SSH server. |
system clis
To generate an event history, use the system clis command. To disable the event history, use the no form of this command.
system clis event-history {client | errors | ha | nvdb | parser}
no system clis event-history {client | errors | ha | nvdb | parser}
Syntax Description
Command Default
None
Command Modes
Global configuration (config)
network-administrator
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to generate an error event history log:
vsg# system clis event-history errors
Related Commands
|
|
|
|---|---|
show system clis event-history |
Displays the event history of the ClI servers. |
system cores
To copy cores to a destination, use the system cores command. To disable, use the no form of the command.
system cores tftp: //server@ip-address
no system cores tftp: //server@ip-address
Syntax Description
tftp: |
Specifies the Trivial File Transfer Protocol (TFTP) protocol. |
server |
Destination server. |
ip-address |
Destination IP address. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy cores to a destination:
vsg# system cores tftp://jjones@209.165.200.229
Related Commands
|
|
|
|---|---|
show system cores |
Displays the core transfer option. |
system default switchport
To return to system-level default values, use the system default switchport command. To disable the default switchport feature, use the no form of this command.
system default switchport [shutdown]
no system default switchport [shutdown]
Syntax Description
shutdown |
(Optional) Shuts down the admin state. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to return to system-level default values:
vsg# system default switchport shutdown
Related Commands
|
|
|
|---|---|
show system resources |
Displays system resources. |
system hap-reset
To reset local or remote supervisors after a high-availability (HA) failure, use the system hap-reset command. To disable the hap-reset feature, use the no form of the command.
system hap-reset
system no hap-reset
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to switch over to the standby supervisor:
vsg# system hap-reset
Related Commands
|
|
|
|---|---|
show system redundancy |
Displays the system redundancy status. |
system health
To check the system health, use the system health command.
system health check bootflash
Syntax Description
check |
Runs a consistency check on the compact flash. |
bootflash |
Checks the internal bootflash. |
Command Default
None
Command Modes
EXEC
network-admin
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to check the system health:
vsg# system health check bootflash
Related Commands
|
|
|
|---|---|
show system resources |
Displays system resources. |
system heartbeat
To enable the system heartbeat, use the system heartbeat command. To disable the system heartbeat, use the no form of the command.
system heartbeat
system no heartbeat
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enable the system heartbeat:
vsg# system heartbeat
Related Commands
|
|
|
|---|---|
system health |
Checks the system health status. |
system internal
To generate debug snapshots for services, use the system internal command.
system internal snapshot service service-name
Syntax Description
snapshot |
Generates debug snapshots. |
service |
Generates a debug snapshot for a service. |
service-name |
Service name. |
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to generate debug snapshots for services:
vsg# system internal snapshot service
Related Commands
|
|
|
|---|---|
show system internal |
Displays all internal commands. |
system jumbomtu
To set the maximum transmission units (MTU) to jumbo, use the system jumbomtu command.
system jumbomtu 9000
Syntax Description
9000 |
MTU size. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the MTU size to jumbo:
vsg# system jumbomtu 9000
Related Commands
|
|
|
|---|---|
show system resources |
Displays the system resource details. |
system memlog
To generate a memory log in bootflash, use the system memlog command.
system memlog
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to generate a memory log in bootflash:
vsg# system memlog
Related Commands
|
|
|
|---|---|
show system memory-alerts-log |
Displays a detailed log for memory alerts. |
show system memory-status |
Displays memory status information. |
system memory-thresholds
To set system memory thresholds, use the system memory-thresholds command.
system memory-thresholds {minor minor-memory-threshold severe severe memory-threshold critical critical-memory-threshold | threshold critical no-process-kill}
Syntax Description
Command Default
None
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the memory threshold:
vsg# system memory-thresholds minor 60
Related Commands
|
|
|
|---|---|
show system resources |
Displays the system resources. |
system pss
To shrink PSS files, use the system pss command.
system pss shrink
Syntax Description
shrink |
Shrinks the PSS files. |
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to shrink PSS files:
vsg# system shrink pss
Related Commands
|
|
|
|---|---|
show system pss |
Displays the PSS shrink status. |
system redundancy
To set a system redundancy policy, use the system redundancy command.
system redundancy role {primary | secondary | standalone}
Syntax Description
role |
Sets the redundancy role. |
primary |
Specifies the primary redundant Cisco VSG. |
secondary |
Specifies the secondary redundant Cisco VSG. |
standalone |
Specifies no redundant Cisco VSG. |
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the redundancy role:
vsg# system redundancy role primary
Related Commands
|
|
|
|---|---|
show system redundancy |
Displays the system redundancy status. |
system standby
To enable a system standby manual boot, use the system standby command. To disable a system standby manual boot, use the no form of this command.
system standby manual-boot
no system standby manual-boot
Syntax Description
manual-boot |
Specifies to perform a manual boot. |
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set a system standby manual boot:
vsg# system standby manual-boot
Related Commands
|
|
|
|---|---|
show system standby |
Displays the system standby manual boot option. |
system startup-config
To initialize or unlock the system startup configuration, use the system startup-config command.
system startup-config {init | unlock lock id}
Syntax Description
init |
Initializes the startup configuration. |
unlock |
Unlocks the startup configuration. |
lock id |
Lock identification number. The range is from 0 to 65536. |
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to unlock the system startup configuration:
vsg# system startup-config unlock 1324
Related Commands
|
|
|
|---|---|
show startup-config |
Displays startup system information. |
system statistics
To reset the system statistics, use the system statistics command.
system statistics reset
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to reset the system statistics:
vsg# system statistics reset
Related Commands
|
|
|
|---|---|
show system redundancy |
Displays the system redundancy status. |
system switchover
To switch over to the standby supervisor in EXEC mode, use the system switchover command.
system switchover
To configure a system switchover in configuration mode, use the system switchover command.
system switchover {ha | warm}
Syntax Description
ha |
Enables high availability. |
warm |
Enables a warm switchover. |
Command Default
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to switch over to the standby supervisor:
vsg# system switchover
Related Commands
|
|
|
|---|---|
show redundancy |
Displays the system redundancy status. |
system trace
To configure the system trace level, use the system trace command.
system trace {mask}
Syntax Description
mask |
Mask name. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to configure the system trace level:
vsg# system trace dc1
Related Commands
|
|
|
|---|---|
system default |
Configures system-level default values. |
system watchdog kdgb
To enable a system watchdog, use the system watchdog command. To disable a system watchdog, use the no form of this command.
system watchdog kdgb
no system watchdog kdgb
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
EXEC
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to enable watchdog:
vsg# system watchdog
Related Commands
|
|
|
|---|---|
system default |
Configures system-level default values. |
tail
To display the end of a file, use the tail command.
tail {bootflash: filename [number] | debug: filename [number] | modflash: filename [number] | volatile: filename [number]}
Syntax Description
Defaults
10 lines
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to display the last 10 lines of a file:
vsg# tail bootflash:startup.cfg
ip arp inspection filter marp vlan 9
ip dhcp snooping vlan 13
ip arp inspection vlan 13
ip dhcp snooping
ip arp inspection validate src-mac dst-mac ip
ip source binding 10.3.2.2 0f00.60b3.2333 vlan 13 interface Ethernet2/46
ip source binding 10.2.2.2 0060.3454.4555 vlan 100 interface Ethernet2/10
logging level dhcp_snoop 6
logging level eth_port_channel 6
This example shows how to display the last 20 lines of a file:
vsg# tail bootflash:startup.cfg 20
area 99 virtual-link 1.2.3.4
router rip Enterprise
router rip foo
address-family ipv4 unicast
router bgp 33.33
event manager applet sdtest
monitor session 1
monitor session 2
ip dhcp snooping vlan 1
ip arp inspection vlan 1
ip arp inspection filter marp vlan 9
ip dhcp snooping vlan 13
ip arp inspection vlan 13
ip dhcp snooping
ip arp inspection validate src-mac dst-mac ip
ip source binding 10.3.2.2 0f00.60b3.2333 vlan 13 interface Ethernet2/46
ip source binding 10.2.2.2 0060.3454.4555 vlan 100 interface Ethernet2/10
logging level dhcp_snoop 6
logging level eth_port_channel 6
Related Commands
|
|
|
|---|---|
cd |
Changes the current working directory. |
copy |
Copies files. |
dir |
Displays the directory contents. |
pwd |
Displays the name of the current working directory. |
telnet
To create a Telnet session, use the telnet command.
telnet {ipv4-address | hostname} [port-number | vrf vrf-name]
Syntax Description
Defaults
Port 23
Default VRF
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to start a Telnet session:
vsg# telnet 10.10.1.1 vrf management
Related Commands
|
|
|
|---|---|
clear line |
Clears Telnet sessions. |
telnet server enable |
Enables the Telnet server. |
terminal alias
To display a terminal alias, use the terminal alias command. To disable the terminal alias, use the no form of this command.
terminal alias word persist
no terminal alias word persist
Syntax Description
word |
Name of the alias. |
persist |
Alias configuration saved. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to displays an alias for engineering:
vsg# terminal alias engineering
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal color
To enable colorization of the command prompt, command line, and output, use the terminal color command. To disable terminal color, use the no form of this command.
terminal color evening persist
no terminal color evening persist
Syntax Description
evening |
Designator that sets the screen background to black. |
persist |
Designator that saves the configuration. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the colorization of the command line:
vsg# terminal color evening persist
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal dont-ask
To turn off the "Are you sure?" questions when a command is entered, use the terminal dont-ask command. To disable the terminal don't ask question, use the no form of this command.
terminal dont-ask persist
no terminal dont-ask persist
Syntax Description
persist |
Designator that saves the configuration. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to turn off the "Are you sure?" question when a command is entered:
vsg# terminal dont-ask persist
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal edit-mode
To set the edit mode to vi, use the terminal edit-mode command. To return the edit mode to emacs, use the no form of this command.
terminal edit-mode vi
no terminal edit-mode vi
Syntax Description
vi |
Sets the edit mode to vi. |
Defaults
emacs
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the command line edition keys:
vsg# terminal edit-mode vi
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal event-manager
To bypass the CLI event manager, use the terminal event-manager command.
terminal event-manager bypass
Syntax Description
bypass |
Bypasses the CLI event manager. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to bypass the CLI event manager:
vsg# terminal event-manager bypass
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal history
To disable the recall of EXEC mode commands when in configuration mode, use the terminal history command. To enable recall, use the no form of this command.
terminal history no-exec-in-config
no terminal history no-exec-in-config
Syntax Description
no-exec-in-config |
Disables the recall of EXEC mode commands when in configuration mode. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set terminal history properties:
vsg# terminal history no-exec-in-config
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal length
To set the number of lines that appear on the terminal screen, use the terminal length command.
terminal length number
Syntax Description
number |
Number of lines. The range of valid values is 0 to 511. |
Defaults
28 lines
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Set number to 0 to disable pausing.
Examples
This example shows how to set the number of lines that appear on the screen:
vsg# terminal length 60
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal log-all
To log all commands including the show commands, use the terminal log-all command.
terminal log-all
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to log all commands:
vsg# terminal log-all
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal monitor
To copy syslog output to the current terminal line, use the terminal monitor command.
terminal monitor
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to copy syslog output to the current terminal line:
vsg# terminal monitor
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal output
To display show command output in XML, use the terminal output command. To display show command output in text, use the no form of this command.
terminal output xml
no terminal output xml
Syntax Description
xml |
Displays show command output in XML. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to display show command output in XML:
vsg# terminal output xml
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal redirection-mode
To set the redirection mode, use the terminal redirection-mode command.
terminal redirection-mode {ascii | zipped}
Syntax Description
ascii |
Sets the redirection mode to ASCII. |
zipped |
Sets the redirection mode to zipped. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the redirection mode to ASCII:
vsg# terminal redirection-mode ascii
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal session-timeout
To set the terminal session timeout, use the terminal session-timeout command.
terminal session-timeout time
Syntax Description
time |
Timeout time, in seconds. The range is from 0 to 525600. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Set time to 0 to disable terminal session timeout.
Examples
This example shows how to set the terminal session timeout:
vsg# terminal session-timeout 100
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal terminal-type
To specify the terminal type, use the terminal terminal-type command.
terminal terminal-type type
Syntax Description
type |
Terminal type. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to specify the terminal type:
vsg# terminal terminal-type vt100
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal tree-update
To update the main parse tree, use the terminal tree-update command.
terminal tree-update
Syntax Description
This command has no arguments or keywords.
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to update the main parse tree:
vsg# terminal tree-update
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal verify-only
To verify commands, use the terminal verify-only command.
terminal verify-only username word
Syntax Description
username |
Specifies the username for AAA authorization. |
word |
Username. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to verify commands:
vsg# terminal verify-only
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
terminal width
To set the terminal width, use the terminal width command.
terminal width width
Syntax Description
width |
Sets the number of characters on a single line. The range is from 24 to 511. |
Defaults
102 columns
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set the terminal width:
vsg# terminal width 60
Related Commands
|
|
|
|---|---|
show terminal |
Displays the terminal configuration. |
test policy-engine
To test the policy engine on a RADIUS server or in a server group, use the test policy-engine command.
test policy-engine {simulate-pe-req | simulate-zone-req}
Syntax Description
|
|
|
simulate-zone-req |
Simulates the policy engine zone. |
Defaults
None
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to test the policy engine:
vsg# test policy-engine simulate-zone-req
Related Commands
|
|
|
|---|---|
show policy-engine |
Displays policy-engine statistics. |
test-policy-engine simulate-pe-req policy
To enter the policy-engine configuration submode for unit testing or verification of a policy configuration, use the test-policy-engine simulate-pe-req policycommand is used.
test-policy-engine simulate-pe-req policy policy-name
Syntax Description
policy-name |
Policy to be tested or verified for configuration parameters. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Examples
This example shows how to test the ext-company policy.
vsm(config)# test policy-engine simulate-pe-req policy ext-company
Related Commands
|
|
|
|---|---|
attribute |
Specifies the particular attribute to be tested in the policy configuration. |
traceroute
To discover routes, use the traceroute command.
traceroute {A.B.C.D. | host-name} [source src-ipv4-addr | vrf vrf-name | show-mpls-hops]
Syntax Description
Defaults
Uses the default VRF.
Does not show the MPLS hops.
Uses the management IPv4 address for the source address.
Command Modes
EXEC
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
Use the traceroute6 command to use IPv6 addressing for discovering the route to a device.
Examples
This example shows how to discover a route to a device:
vsg# traceroute 172.28.255.18 vrf management
traceroute to 172.28.255.18 (172.28.255.18), 30 hops max, 40 byte packets
1 172.28.230.1 (172.28.230.1) 0.746 ms 0.595 ms 0.479 ms
2 172.24.114.213 (172.24.114.213) 0.592 ms 0.51 ms 0.486 ms
3 172.20.147.50 (172.20.147.50) 0.701 ms 0.58 ms 0.486 ms
4 172.28.255.18 (172.28.255.18) 0.495 ms 0.43 ms 0.482 ms
Related Commands
|
|
|
|---|---|
traceroute6 |
Discovers the route to a device using IPv6 addressing. |
username name password
To set a password for the username, use the username name password command.
username name password {0 password | 5 password | password}
Syntax Description
Defaults
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to set a password for the username:
vsg# configure
vsg(config)# username admin password 5 q0w9e8R7
Usage Guidelines
The Cisco VSG does not support multiple user accounts. It supports only the default admin user account.
Related Commands
|
|
|
|---|---|
show users |
Displays users. |
where
To display your current context, use the where command.
where [detail]
Syntax Description
detail |
(Optional) Displays detailed context information. |
Defaults
Displays summary context information.
Command Modes
EXEC
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Examples
This example shows how to display summary context information:
vsg# where
admin@firewall
vsg#
Related Commands
|
|
|
|---|---|
pwd |
Displays what directory you are in. |
write erase
To erase configurations in persistent memory areas, use the write erase command.
write erase [boot | debug]
Syntax Description
boot |
(Optional) Erases the boot variable and management 0 interface configurations. |
debug |
(Optional) Erases only the debug configuration. |
Defaults
Erases all configuration in persistent memory except for the boot variable, mgmt0 interface, and debug configuration.
Command Modes
Global configuration (config)
network-admin
network-operator
Command History
|
|
|
|---|---|
4.2(1)VSG1(1) |
This command was introduced. |
Usage Guidelines
When information is corrupted or unusable, use the write erase command to erase the startup configuration in the persistent memory. Entering this command returns the device to its initial state, except for the boot variable, mgmt0 interface, and debug configurations. To erase those configurations, specifically use the boot and debug options.
Examples
This example shows how to erase the startup configuration:
vsg(config)# write erase
Warning: This command will erase the startup-configuration.
Do you wish to proceed anyway? (y/n) [n] y
This example shows how to erase the boot variable and mgmt0 interface configuration in the persistent memory:
vsg(config)# write erase boot
This example shows how to erase the debug configuration in the persistent memory:
vsg(config)# write erase debug
Related Commands
|
|
|
|---|---|
copy running-config startup-config |
Copies the running configuration to the startup configuration. |
show running-config |
Displays the startup configuration. |
zone
To configure a zone definition that is used to build VM-to-zone mapping on the control plane, use the zone command to enter the zone configuration submode. To disable this feature, use the no form of this command.
zone zone-name
Syntax Description
zone-name |
Zone object that is to be configured. |
Command Default
None
Command Modes
Global configuration (config)
network-admin
Command History
|
|
|
|---|---|
4.2(1)VSG1(2) |
This command was introduced. |
Usage Guidelines
Use the zone command to enter the zone configuration submode. The zone-name variable specifies a zone object.
The no option removes the given zone object and all relevant configurations (for example, condition statements).
Note Attributes used in a zone condition are all neutral attributes.
Examples
This example shows how to enter the zone configuration submode:
vsg(config)# zone zone-name
vsg(config-zone)#
Related Commands
|
|
|
|---|---|
condition |
Specifies the parameters and rules for the security zone. |
Feedback