Reference Manual CLI Command Line Interface EAGLE One Rel
Contents
1. Figure 7 CLI screen after login Note The device allows you to configure the V 24 interface as a modem interface or as a terminal CLI interface However to have at least limited access to the CLI interface in modem mode you connect your terminal setting on terminal 9600 baud to the V 24 interface Press any key on your terminal keyboard a number of times until the login screen indicates the CLI mode RM CLI EAGLE One Release 5 3 09 2013 21 Access to CLI 2 3 CLI via the V 24 port RMCLI EAGLE One 22 Release 5 3 09 2013 Using the CLI 3 Using the CLI RM CLI EAGLE One Release 5 3 09 2013 23 Using the CLI 3 1 Mode based command hierarchy 3 1 Mode based command hierarchy In the CLI the commands are grouped in the related modes according to the type of the command Every command mode supports specific Hirschmann software commands The commands available to you as a user depend on your privilege level administrator guest They also depend on the mode in which you are currently working The commands of a specific mode are available to you when you switch to this mode The User Exec mode commands are an exception The CLI enables you to execute these commands in the Privileged Exec mode too The following figure shows the modes of the Command Line Interface RM CLI EAGLE One 24 Release 5 3 09 2013 Using the CLI 3 1 Mode based command hierarchy ROOT Log2. Further Support With the Hirschmann Competence Center you have decided against making any compromises Our client customized package leaves you free to choose the service components you want to use Internet http www hicomcenter com RMCLI EAGLE One 62 Release 5 3 09 2013 Further Support RM CLI EAGLE One Release 5 3 09 2013 63 fy HIRSCHMANN A BELDEN BRAND
3. You can access the user interface of the Command Line Interface with the freeware program PuTTY This program is located on the product CD Install PUTTY on your computer RM CLI EAGLE One 14 Release 5 3 09 2013 Access to CLI 2 2 CLI via SSH Secure Shell 2 2 CLI via SSH Secure Shell PuTTY appears with the login screen j amp PuTTY Configuration 3 xl Category Start the PuTTY program on your computer Session Basic options for your PuTTY session Logging E ma 3 Terminal Specify the destination you want to connect to H Keyboard lost Name or IP address Port Bel Em 22 Features Connection type Window C Raw Telnet C Rlogin SSH C Serial Appearance z Behaviour M Load save or delete a stored session Translation Saved Sessions Selection Colours Default Settings Load Connection Data Save Proxy Telnet Delete Rlogin SSH la Close window on exit C Always Never Only on clean exit About Help Figure 1 PuTTY input screen address of your device Inthe Host Name or IP address input field you enter the IP The IP address a b c d consists of 4 decimal numbers with values from 0 to 255 The 4 decimal numbers are separated by points RM CLI EAGLE One Release 5 3 09 2013 15 Access to CLI 2 2 CLI via SSH Secure Shell To se
4. copy config running config nv profile Execute the command by pressing the Enter key gt enable copy Copy configuration Copy eventlog firmware update Copy system information for service purpose Copy system information and event log copy config Copy configuration from ACA to NV memory Load configuration from NV memory Save running configuration copy config running config save running config to nv memory copy config running config nv Save configuration to profile Press Enter to execute the command copy config running config nv RMCLI EAGLE One Release 5 3 09 2013 51 Examples 4 3 Saving the Configuration 52 RM CLI EAGLE One Release 5 3 09 2013 Maintenance 5 Maintenance Hirschmann is continually working to improve and develop our software You should regularly check whether there is a new version of the software that provides you with additional benefits You will find software information and downloads on the product pages of the Hirschmann website RM CLI EAGLE One Release 5 3 09 2013 53 Maintenance 5 1 Service Shell 5 1 Service Shell A service technician uses the Service Shell function for maintenance of your functioning device If you need service support this function allows the service technician to access internal functions of your device from an external location Note The Service Shell function is for service purposes exclusively This function
5. fy HIRSCHMANN A BELDEN BRAND Reference Manual Command Line Interface CLI Industrial Ethernet Firewall EAGLE One RM CLI EAGLE One Technische Unterst tzung Release 5 3 09 2013 https hirschmann support belden eu com The naming of copyrighted trademarks in this manual even when not specially indicated should not be taken to mean that these names may be considered as free in the sense of the trademark and tradename protection law and hence that they may be freely used by anyone 2013 Hirschmann Automation and Control GmbH Manuals and software are protected by copyright All rights reserved The copying reproduction translation conversion into any electronic medium or machine scannable form is not permitted either in whole or in part An exception is the preparation of a backup copy of the software for your own use For devices with embedded software the end user license agreement on the enclosed CD DVD applies The performance features described here are binding only if they have been expressly agreed when the contract was made This document was produced by Hirschmann Automation and Control GmbH according to the best of the company s knowledge Hirschmann reserves the right to change the contents of this document without prior notice Hirschmann can give no guarantee in respect of the correctness or accuracy of the information in this document Hirschmann can accept no responsibility for damages resulting from the use
6. have the option of defining rules which support you in securing the access and administration The Command Line Interface provides IT specialists with a familiar environment for configuring IT devices As an experienced user or administrator you have knowledge about the basics and about using secure shell SSH connections The Command Line Interface reference manual gives you step by step information on using the Command Line Interface CLI and its commands The commands in the Command Line Interface of the EAGLE One Firewall can be divided into the following areas Authentication Delete Copy Denial of Service Device Status Interface Logging NAT Network Address Translation Network Packet Filter Profiles Signal contact SNMP Trap Simple Network Management Protocol SNTP Simple Network Time Protocol Users Display Serviceshell RM CLI EAGLE One 12 Release 5 3 09 2013 Access to CLI 2 Access to CLI RM CLI EAGLE One Release 5 3 09 2013 Access to CLI 2 1 Preparing the data connection 2 1 Preparing the data connection You find information about your EAGLE One Industrial Ethernet Firewall device in the User Manual Installation Information for configuring your EAGLE One Industrial Ethernet Firewall can be found in the Configuration user manual Connect your Firewall with the network Set the network parameters appropriately for the data connection to be successful
7. of the network components or the associated operating software In addition we refer to the conditions of use specified in the license contract You can get the latest version of this manual on the Internet at the Hirschmann product site www hirschmann com Printed in Germany Hirschmann Automation and Control GmbH Stuttgarter Str 45 51 72654 Neckartenzlingen Germany Tel 49 1805 141538 09 2013 13 11 13 Contents Contents 1 1 1 2 1 3 2 1 2 2 2 3 3 1 3 2 3 3 4 1 4 2 4 3 About this Manual Key Introduction Industrial Ethernet Firewall 1 1 1 Application areas 1 1 2 Operating Modes User interfaces Command Line Interface Access to CLI Preparing the data connection CLI via SSH Secure Shell CLI via the V 24 port Using the CLI Mode based command hierarchy Executing the commands 3 2 1 Syntax analysis 3 2 2 Command tree 2 3 Structure of a command roperties of the CLI 1 Input prompt 2 Key combinations 3 Data entry elements 4 Line length 3 P 3 3 3 3 Examples Change timeout default setting Login Banner Saving the Configuration RM CLI EAGLE One Release 5 3 09 2013 N OOO 0 Contents Maintenance Service Shell Readers Comments Index Further Support 53 54 57 59 61 RM CLI EAGLE One Release 5 3 09 2013 About this Manual About this Manual The Command Line Interface reference manual contains detaile
8. port number 22 DSA Fingespeinut for BER due UK TRUNK UR EUN Ogsrtfe0obr0bs2TISOISOcddift2 6l db fai0firdf 3b ll RSA RKinqerprelnt for BBE nw wk ee me eR 6dr40 06 c3 f898 2d ch 68 401 dc 09 7 b3 c2 d8 ee Access per Web HTTPS eee enabled Web Access port number HTTPS 443 SNMP Version Lig dig ewe ing disabled SNMP arp uUi 2 eu seg eg oe Rad NR ONT eR WRI IR AN disabled SNMP port Number nein u range 161 Inactivity timeout Web minutes 5 Inactivity timeout serial minutes 5 Inactivity timeout SSH minutes 120 Login pDreptoaeces a xk ea Hirschmann EAGLE One Hirschmann EAGLE One RM CLI EAGLE One 48 Release 5 3 09 2013 Examples 4 2 Login Banner 4 2 Login Banner This dialog allows you to enter a login banner The device displays the login banner when a user logs in to the user interface graphical user interface or CLI The login banner is up to 255 characters long The characters in the ASCII code range 0x20 space character to ASCII code 0x7E tilde are allowed with the exception of percent signs 96 0x25 You have the option of adding a fixed line break to the banner with n and a tab with t These sequences count as 2 characters Hirschmann EAGLE One login banner string Enter a user defined text max 255 characters Hirschmann EAGLE One flogin banner EXAMPLE n tEXAMPLE n t tEXAMPLE n t tE
9. the CLI 3 1 Mode based command hierarchy Hirschmann EAGLE One Hirschmann EAGLE One authentication config watchdog denial of service device status dhcp relay dhcp server exit flm help history interface lldp logging nat ntp packet filter packet forwarding ping radius redundancy save serviceshell show signal contact snmptrap sntp temperature traceroute user firewall users vpn configure config Configure an authentication list Configure the Auto Configuration Undo settings Configure denial of service flood protection parameters Configure the device status settings Modify DHCP Relay parameters Modify DHCP Server parameters Exit from current mode Controls the Firewall Learning Mode Display help for various special keys Show a list of previously run commands Configure the interface parameters Configure the LLDP settings Logging configuration Configure the NAT settings Configure NTP settings Configure the packet filter Configure transparent mode packet forwarding settings Send ICMP echo packets to a specified IP address Configure the RADIUS settings Configure the redundancy settings Save configuration Enter system mode Display device options and settings Configure the Signal Contact settings Configure SNMPv3 traps Configure SNTP settings Configure the temperature limits Trace route to a specified host Configure the user firew
10. to execute the command nat 1to1 add is the command name The parameters 1 512 i e the number of the NAT rule to be added internal net external net netmask and comment are optional 34 RM CLI EAGLE One Release 5 3 09 2013 Using the CLI 3 3 Properties of the CLI 3 3 Properties of the CLI 3 3 1 Input prompt Command mode With the input prompt the CLI shows you which of the three modes you are in Hirschmann EAGLE One User Exec mode Hirschmann EAGLE One Privileged Exec mode Hirschmann EAGLE One config Global Configuration mode Exclamation mark and asterisk Exclamation mark An exclamation mark in the first position of the input prompt shows you that the password for the user admin is still on the default setting Hirschmann EAGLE One Asterisk An asterisk in the first or second position of the input prompt shows you that the settings in the volatile memory and the settings in the non volatile memory are different In your configuration the device has detected modifications which have not been saved Hirschmann EAGLE One RM CLI EAGLE One Release 5 3 09 2013 35 Using the CLI 3 3 Properties ofthe CLI 3 3 2 Key combinations The following key combinations make it easier for you to work with the Command Line Interface Key combina
11. ttt nn ne 4duozxd urboq Op te seanuru HSS anoeura J AFJOLUI G seqnuru Terass qnosuty J A oLur Gs seqnutw q m 3noeura AyTargoeul pPOTAPSTP szesn TEIOT EA dWNS FO yne SNIdva petTqestp nn BurTsuung SdLLH 1940 dWNS a a rer iequnu 410d AWNS pertqesTp tcccss e n nn n n nn Z uots ea dWNS petqesTp tcccss e n n n nn I UOTSI A dWNS I cocotte SdLLH aequnu J od sseoov qeM porqeuot ttt ttrtrt nen S LLH qem zed sseooy 22 40 06 E6 20 08 EJ L6 EL 9Z O9 9p vO TE JI 9O To 7777 0 t tt 0t tt HSS 103 quradzebuTa YSA nLL 3G8 39 186 909 G50 9p 29 p9 G658 Id 0 G8P 69 82 9p HSS 103 JutTadzebutg YSA Zzgtttttt n ntt nn iequnu 41od sseoov HSS PoTgeust ttt tee m nnne HSS ied sseooy szejewezed urboT ursoT ous4 br3uoo euo ATOVA uueuuosarH i Release 5 3 09 2013 RM CLI EAGLE One Figure 13 Show login command with a line length of 80 characters 40 3 3 Properties ofthe CLI Using the CLI 5br3uoo euo AIOVA uuUeuyos TH i q4euueq ur 0oT 3duoad urboT aLXSL SIdWVS2N3NUNLXSL STAWWS3 3 U LXSL WIdAVS3NUNLXSL ATAWWSa 49UO WIOV4 UUPBUQuQOSJAIH QgL 9e seqnutw HSS Nosu AirAr3oeuI G thes seqnutw rerades 3noeura ATOLUL Gi ieg rs se3nuru q m ynoswtq JTATIDEUI potgestp szesn q eoo EA dWNS Fo yane sn avwa petqestp burq euunj SdLLH 1940 dWNS I9ptecee ee n nn 3equnu 310d aWNS PerQBSIpvst eser nego ie eg tz UOTSISA dWNS Dotges p tree ernenn
12. CLI EAGLE One Release 5 3 09 2013 19 Access to CLI 2 3 CLI via the V 24 port Connect the device to a terminal via V 24 Alternatively connect the device to a COM port of your PC using terminal emulation based on VT100 and press any key After the data connection has been set up successfully the device displays a window for entering the user name Copyright c 2007 2013 Hirschmann Automation and Control GmbH All rights reserved EAGLEONE Release ONE 05 3 00 Build date 2013 09 09 09 09 System Name EAGLEONE 000000 Netw Mode transparent Mgmt IP wo mcd Base MAC s 000211 22 33 44 55 System Time TUE SEP 17 10 10 10 2013 Hirschmann EAGLE One User Figure 6 Logging in to the Command Line Interface program Enter a user name The default setting for the user name is admin Press the Enter key Enter the password The default setting for the password is private Press the Enter key The device offers the possibility to change the user name and the password later in the Command Line Interface These entries are case sensitive The device displays the CLI start screen RM CLI EAGLE One 20 Release 5 3 09 2013 Access to CLI 2 3 CLI via the V 24 port NOTE Enter for Command Help Command help displays all options that are valid for the particular mode For the syntax of a particular command form please consult the documentation Hirschmann EAGLE One gt
13. Technical Questions Training Courses Transparent mode U User Exec mode User name V VT100 V 24 RM CLI EAGLE One Release 5 3 09 2013 30 61 26 49 17 17 10 26 14 10 12 15 44 38 61 61 10 26 17 20 11 12 19 59 Index 60 RM CLI EAGLE One Release 5 3 09 2013 Further Support C Further Support Technical Questions For technical questions please contact any Hirschmann dealer in your area or Hirschmann directly You will find the addresses of our partners on the Internet at http www hirschmann com Contact our support at https hirschmann support belden eu com You can contact us inthe EMEA region at Tel 49 0 1805 14 1538 E mail hac support belden com in the America region at Tel 1 717 217 2270 E mail inet support us belden com in the Asia Pacific region at Tel 65 6854 9860 E mail inet ap belden com Hirschmann Competence Center The Hirschmann Competence Center is ahead of its competitors Consulting incorporates comprehensive technical advice from system evaluation through network planning to project planning Training offers you an introduction to the basics product briefing and user training with certification The current technology and product training courses can be found at http www hicomcenter com Support ranges from the first installation through the standby service to maintenance concepts RM CLI EAGLE One Release 5 3 09 2013 61
14. XAMPLE Hirschmann EAGLE One RM CLI EAGLE One Release 5 3 09 2013 49 Examples 4 2 Login Banner login as admin a b c d s password Copyright c 2007 2013 Hirschmann Automation and Control GmbH All rights reserved EAGLEONE Release ONE 05 3 00 Build date 2013 09 09 09 09 System Name Netw Mode Mgmt IP Base MAC System Time EXAMPLE EXAMPLE EXAMPLE EXAMPLE NOTE Enter for Command Help EAGLEONE 000000 transparent a b c d 00 11 22 33 44 55 TUE SEP 10 10 10 10 2013 Command help displays all options that are valid for the particular mode For the syntax of a particular command form please consult the documentation Hirschmann EAGLE One gt enable 50 RMCLI EAGLE One Release 5 3 09 2013 Examples 4 3 Saving the Configuration 4 3 Saving the Configuration To ensure that your password settings and your other configuration changes are kept after the device is reset or after an interruption ofthe voltage supply you save the configuration To save your current configuration you proceed as follows Hirschmann EAGLE One Hirschmann EagleONE config eventlog firmware sysinfo sysinfoall Hirschmann EagleONE aca nv running config Hirschmann EagleONE nv Hirschmann EagleONE profile cr Hirschmann EagleONE Enter enable to switch to the Privileged Exec mode Enter the following command
15. a list of the available commands and a short description of the commands Hirschmann EAGLE One gt Turn on privileged commands Display help for various special keys Show a list of previously run commands enable help history logout ping show traceroute Exit this session Send ICMP echo packets to a specified IP address Display device options and settings Trace route to a specified host Figure 9 Commands in the User Exec mode RM CLI EAGLE One Release 5 3 09 2013 27 Using the CLI 3 1 Mode based command hierarchy Hirschmann EAGLE One gt enable Hirschmann EAGLE One clear configure copy debug exit help history login logout network ping profile reboot save serviceshell set show traceroute Clear several items Enter into global config mode Copy different kinds of items Service functions to find configuration errors Exit from current mode Display help for various special keys Show a list of previously run commands Set login parameters Exit this session Modify network parameters Send ICMP echo packets to a specified IP address Activate or delete configuration profiles Reset the device cold start Save configuration Enter system mode Set device parameters Display device options and settings Trace route to a specified host Figure 10 Commands in the Privileged Exec mode 28 RM CLI EAGLE One Release 5 3 09 2013 Using
16. ain the CLI provides you with a list of options logging logout Hirschmann EAGLE One Config log logging logout Possible commands parameters You can obtain a list of the commands or the possible parameters by entering help or for example by entering Hirschmann EAGLE One gt show When you enter the command displayed you get a list of the parameters available for the command show RM CLI EAGLE One 38 Release 5 3 09 2013 Using the CLI 3 3 Properties ofthe CLI When you enter the command without space character in front of the question mark the device displays the help text for the command itself Hirschmann EAGLE One Config show show Display device options and settings 3 3 4 Line length If you are using a terminal with a line length of 80 characters the help texts are split up as shown in the following screenshot see figure 13 For example for the help text for DSA Fingerprint for SSH the remainder df 3b 11 appears on the next line You avoid this effect by using a terminal emulation with a line length of 132 characters see figure 14 RM CLI EAGLE One Release 5 3 09 2013 39 3 3 Properties ofthe CLI Using the CLI 513uoo euo sxT15Vs uuewyosaty i LXAL WIdWVS3N3NUNLXSI WIdWVS3NaNUNLXHIL WIdWVS3NUNVLXWL WIdWVSu4 7777777777700 000000000000 ieuueq urboT OUO ATYA UUeUOSTTHA
17. all settings Manage Users and User Accounts Configure VPN settings Figure 11 Commands in the Global Configuration mode Note You will find information on the line feed of the help texts below see on page 39 Line length RM CLI EAGLE One Release 5 3 09 2013 29 Using the CLI 3 2 Executing the commands 3 2 Executing the commands 3 2 1 Syntax analysis After you login to the CLI session you enter the User Exec mode The CLI displays the prompt Hirschmann EAGLE One on the screen When you enter a command and press the Enter key the CLI starts the syntax analysis The CLI searches the command tree for the desired command If the command is outside the CLI command range a message informs you of the detected error Example The user wants to execute the show system info command but enters Info without f and presses the Enter key The CLI then displays a message Hirschmann EAGLE One gt show system ino Error Invalid command ino 3 2 2 Command tree The commands in the CLI are organized in a tree structure The commands and if applicable the related parameters branch down until the command is completely defined and therefore executable The CLI checks the input If you have entered the command and the parameters correctly and completely you execute the command with the Enter key After you have entered the command and the required parameters the other parameters en
18. allows the access on internal functions of the device In no case execute internal functions without service technician instructions Executing internal functions such as deleting the content of the NVM non volatile memory possibly leads to inoperability of your device To switch from the User Exec mode to the Privileged Exec mode enter enable Or en and a space and press the enter key To get a list of the commands available in this mode enter a question mark To start the Shell Service function enter serviceshell Or ser in the privileged exec mode and a space and then press the enter key To end the Shell Service function enter exit and then press the enter key RM CLI EAGLE One 54 Release 5 3 09 2013 Maintenance 5 1 Service Shell Hirschmann EAGLE One gt enable Hirschmann EAGLE One 4 clear configure copy debug exit help history login logout network ping profile reboot save serviceshell set show traceroute Clear several items Enter into global config mode Copy different kinds of items Service functions to find configuration errors Exit from current mode Display help for various special keys Show a list of previously run commands Set login parameters Exit this session Modify network parameters Send ICMP echo packets to a specified IP address Activate or delete configuration profiles Reset the device cold start Save configu
19. ce RM CLI EAGLE One Release 5 3 09 2013 Introduction 1 Introduction RM CLI EAGLE One 8 Release 5 3 09 2013 Introduction 1 1 Industrial Ethernet Firewall 1 1 Industrial Ethernet Firewall 1 1 1 Application areas The EAGLE One industrial firewall VPN system helps provide for the authentication security and confidentiality of communication within production networks but also beyond company boundaries The EAGLE One devices support the following network modes Transparent mode Router mode PPPoE mode 1 1 2 Operating Modes This device helps you protect the internal network 1 INTERN port from external influences 2 EXTERN port These influences can include deliberate attacks or unauthorized access attempts as well as interfering network events such as overloads State on delivery On delivery the device works in the Transparent Mode In this mode no network settings e g for subnetworks are required for operation The firewall is preconfigured so that the IP traffic from the internal network is possible however traffic from the external network to the internal network is not possible Thus the default settings already support security against attacks from the external network RM CLI EAGLE One Release 5 3 09 2013 9 Introduction 1 1 Industrial Ethernet Firewall Modes Transparent mode In transparent mode the Firewall transmits on level 2 of the ISO OSI layer model The IP address ranges befo
20. d information on using the Command Line Interface to operate the individual functions of the device The Configuration user manual contains the information you need to start operating the device Ittakes you step by step from the first startup operation through to the basic settings for operation in your environment The GUI Graphical User Interface reference manual contains detailed information on using the graphical user interface to operate the individual functions of the device The Installation user manual contains a device description safety instructions a description of the display and the other information that you need to install the device The Industrial HiVision Network Management Software provides you with additional options for smooth configuration and monitoring Simultaneous configuration of multiple devices Graphical user interface with network layout Auto topology discovery Event log Event handling Client server structure Browser interface ActiveX control for SCADA integration SNMP OPC gateway RM CLI EAGLE One Release 5 3 09 2013 5 About this Manual RM CLI EAGLE One 6 Release 5 3 09 2013 Key Key The designations used in this manual have the following meanings List Work step Subheading Link Cross reference with link Note A note emphasizes an important fact or draws your attention to a dependency Courier ASCII representation in user interfa
21. en nne T UOTSXOA WNS EUP en es SdLLH tequnu 410d sseoov qeM poTqeua ste tees e n n SALIH qoM zed sseooy HSS 303 quradaebur4 vsu HSS 10g quradaebuT4 YSA a ZZ asqunu 10d sseoov HSS perqeua stssemem nnn nnn Hos isd sous n09 q0 06 6 Z0 08 EF L6 ELI9Z 99 p PZI PE JT On uLL 39 39 86 99 G0 0P 08 P8 G8 14 10 0P 69 87 0Pu szejewezed urboTT urboT Mousg brjuoo euo xT15V3 UUeWYOSITH ij Figure 14 Show login command with a line length of 132 characters 41 RM CLI EAGLE One Release 5 3 09 2013 Using the CLI 3 3 Properties ofthe CLI 42 RM CLI EAGLE One Release 5 3 09 2013 Examples 4 Examples RM CLI EAGLE One Release 5 3 09 2013 43 Examples 4 1 Change timeout default setting 4 1 Change timeout default setting Task assignment The following example shows how you find and execute a command for changing the timeout value default setting for your SSH connection On delivery this value is set to 5 minutes After this time has elapsed the CLI logs the user out if no keys have been pressed You have the option of setting a value for this timeout in the range from 1 to 120 minutes Login to the CLI Login to the CLI as described above see on page 14 Preparing the data connection Finding the command mode You are in the User Exec mode see on page 24 Mode based command hierarchy Enter a question mark to get a list of the commands available in this
22. es serial flow return to root command prompt command line completion go to next lower command prompt list choices Figure 12 Listing the key combinations with the Help command RM CLI EAGLE One Release 5 3 09 2013 37 Using the CLI 3 3 Properties of the CLI 3 3 3 Data entry elements Command completion To facilitate making entries the CLI gives you the option of command completion Tab Completion Thus you are able to abbreviate key words Type in the beginning of a keyword If the characters entered identify a keyword the CLI will complete the keyword when you press the tab key or the space key If there is more than one option for completion enter the letter or the letters being necessary for uniquely identifying the keyword Press the tab key or the space key again After that the system completes the command or parameter If you make a non unique entry and press Tab or Space twice the CLI provides you with a list of options On a non unique entry and pressing Tab or Space the CLI completes the command up to the end of the uniqueness If several commands exist When you press Tab or Space again the CLI provides you with a list of options Example If you enter lo and Tab or Space Hirschmann EAGLE One Config lo the CLI completes the command up to the end of the uniqueness to log Hirschmann EAGLE One Config log When Tab or Space is pressed ag
23. faces lldp logging login nat network packet filter packet forwarding radius redundancy running config signal contact snmptraps sntp system temperature user firewall users vpn config show Display ordered methods for authentication lists how configuration onfigure the Auto Configuration Undo settings how denial of service parameters how the device status settings and the current evice status itself how DHCP Relay parameters how DHCP Server parameters how information about Firewall Learning Mode how interface parameters how the LLDP information isplay logging parameters how login parameters isplay the NAT settings how network data how the packet filter configuration how transparent mode packet forwarding settings how the RADIUS settings how the redundancy settings how the currently running configuration isplay Signal Contact settings isplay SNMPv3 traps how SNTP configuration parameters and nformation how system related items how temperature limits how the user firewall settings isplay users and user accounts information how VPN settings no nn nH n DI On nn nn non Un nn nnman nn Un RM CLI EAGLE One Release 5 3 09 2013 Then enter login to display your current login settings 47 Examples 4 1 Change timeout default setting Hirschmann EAGLE One show login Login parameters Access per SSH 3 2 2 Be ERBE enabled SSH Access
24. ffers the possibility to read the fingerprints of the device key with the CLI command show ssh or in the graphical user interface in the Security SSH Access dialog RM CLI EAGLE One 16 Release 5 3 09 2013 Access to CLI 2 2 CLI via SSH Secure Shell Note The OpenSSH Suite offers experienced network administrators a further option to access your device via SSH To set up the data connection enter the following command ssh admin 10 149 112 53 admin represents the user name 10 149 112 53 is the IP address of your device CLI appears on the screen with a window for entering the user name The device enables up to 5 users to have access to the Command Line Interface at the same time login as admin admin a b c d s password Figure 3 Login window in CLI a b c d is the IP address of your device Enter a user name The default setting for the user name is admin Press the Enter key Enter the password The default setting for the password is private Press the Enter key The device offers the possibility to change the user name and the password later in the Command Line Interface These entries are case sensitive The device displays the CLI start screen Note Change the password during the first startup procedure RM CLI EAGLE One Release 5 3 09 2013 17 Access to CLI 2 2 CLI via SSH Secure Shell Copyright c 2007 2013 Hirschmann Automation and Control GmbH All rights rese
25. in Logout Limited The User Exec functionality Commands are al available in the Privileged Exec Mode Enable Exit Basis functions basic settings Configure Exit Extended configurations Figure 8 Structure of the CLI RM CLI EAGLE One Release 5 3 09 2013 25 Using the CLI 3 1 Mode based command hierarchy The CLI supports the following modes User Exec mode When you login to the CLI you enterthe User Exec mode The User Exec mode contains a limited range of commands Command prompt Hirschmann EAGLE One gt Privileged Exec mode To access the entire range of commands you enter the Privileged Exec mode If you are authenticated as a privileged user by the login you are able to enter the Privileged Exec mode In the Privileged Exec mode you are able to execute the User Exec mode commands too Command prompt Hirschmann EAGLE One Global Config mode The Global Config mode allows you to perform modifications to the current configuration This mode groups general setup commands Command prompt Hirschmann EAGLE One config The following table shows the command modes the command prompts input request characters visible in the corresponding mode and the option with which you quit this mode Command Access method Quit or mode start next mode User Exec mode First access level Perform basic To quit you enter Logou
26. int The IP address 0 0 0 0 is a valid entry MAC address This parameter represents a valid MAC address The address consists of 6 hexadecimal numbers with values from 00 to FF The numbers are separated by a colon for example 00 F6 29 B2 81 40 string User defined text with a length in the specified range e g a maximum of 32 characters character string Use double quotation marks to indicate a character string e g System name with space character number Whole integer in the specified range e g 0 999999 date Date in format YYYY MM DD time Time in format HH MM SS Table 3 Parameter values in the Command Line Interface 32 RM CLI EAGLE One Release 5 3 09 2013 Using the CLI 3 2 Executing the commands Network addresses Network addresses are a requirement for establishing a data connection to a remote work station a server or another network You distinguish between IP addresses and MAC addresses The IP address is an address allocated by the network administrator Do not use duplicate addresses in one network area The MAC addresses are assigned by the hardware manufacturer MAC addresses are unique worldwide The following table shows the representation and the range of the address types Address Type Format Range Example IP Address nnn nnn nnn nnn nnn 0 to 255 decimal 192 168 11 110 MAC Address mm mm mm mm mm mm mm 00 to ff hexadecimal A7 C9 89 DD A9 B3 nu
27. kets are optional parameter Parameters in pointed brackets are obligatory parameter Parameters in square brackets are optional An ellipsis 3 points in sequence without spaces after an element indicates that you can repeat the element Choicel Choice2 A vertical line enclosed in brackets indicates a selection option Select one value Elements separated by a vertical line and enclosed in square brackets indicate an optional selection Option1 or Option2 or no selection list Curved brackets indicate that a parameter is to be selected from a list of options Choicel Choice2 Elements separated by a vertical line and enclosed in curved brackets indicate an obligatory selection option option1 or option2 paraml Choicel Choice2 Shows an optional parameter that contains an obligatory selection lt a b c d gt Small letters are wild cards You enter parameters with the notation a b c d with decimal points e g IP addresses lt cr gt You press the Enter key to create a line break carriage return Table 2 Parameter and command syntax The following list shows the possible parameter values within the Command Line Interface Value Description IP address This parameter represents a valid IPv4 address The address consists of 4 decimal numbers with values from 0 to 255 The 4 decimal numbers are separated by a decimal po
28. lect a connection type click on SSH under Connection type After selecting and setting the required parameters the device enables you to set up the data connection via SSH Click Open to set up the data connection to your device Depending on the device and the time at which SSH was configured setting up the connection takes up to a minute When you first login to your device towards the end ofthe connection setup PuTTY displays a security alert message and gives you the option of checking the fingerprint of the key PuTTY Security Alert E xl A WARNING POTENTIAL SECURITY BREACH The server s host key does not match the one PuTTY has cached in the registry This means that either the server administrator has changed the host key or you have actually connected to another computer pretending to be the server The new rsa key fingerprint is 1024 4e 62 99 32 56 07 26 1c0 05 39 55 e4 65 39 F9 6e If you were expecting this change and trust the new key hit Yes to update PuTTY s cache and continue connecting If you want to carry on connecting but without updating the cache hit No If you want to abandon the connection completely hit Cancel Hitting Cancel is the ONLY guaranteed safe choice Figure 2 Security alert prompt for the fingerprint Check the fingerprint to help protect yourself from unwelcome guests If the fingerprint matches that of the device key click Yes The device o
29. mber pairs Table 4 Format and range of network addresses Strings A string is indicated by quotation marks For example System name with space character Space characters are not valid user defined strings You enter a space character in a parameter between quotation marks Examples of commands Example 1 clear arp table Command for deleting dynamic entries in ARP Cache clear arp table is the command name The command does not require any other parameters and can be executed with Enter Example 2 signal contact monitor ACA removal Command for displaying the removal of the AutoConfiguration Adapter Hirschmann EAGLE One config signal contact monitor ACA removal enable Enable the option disable default Disable the option signal contact monitor ACA removal is the command name The parameter is required It can have the value enable or disable RM CLI EAGLE One Release 5 3 09 2013 33 Using the CLI 3 2 Executing the commands Example 3 nat 1to1 add Command for adding a 1 1 NAT rule Hirschmann EAGLE One 1 2512 internal net external net netmask conntrack comment invert direction double nat cr config nat 1tol add NAT rule number Internal network address External network address Network mask Protocol helper support Rule comment Invert direction of the rule change used interface Do NAT operation also on output dest and source NAT Press Enter
30. mode see figure 9 The corresponding command is located in a different mode The Privileged Exec mode provides a wider range of commands To switch to the Privileged Exec mode quickly and easily you enter en and a space The CLI completes the command to enable see on page 38 Data entry elements Execute the command with the Enter key The command prompt changes from Hirschmann EAGLE One gt ZU Hirschmann EAGLE One thus informing you that you are now in the Privileged Exec mode Hirschmann EAGLE One enable Hirschmann EAGLE One 4 RM CLI EAGLE One 44 Release 5 3 09 2013 Examples 4 1 Change timeout default setting Enter a question mark to get a list of the commands available in this mode The login command is used to perform this task Enter login lo and a space character is not sufficient here as it is not clear whether you want to execute the login or logout command However if you enter a space again you get a list of the commands that begin with lo Hirschmann EAGLE One lo login Set login parameters logout Exit this session Any unsaved changes are lost Finding completing and executing commands After login enter a question mark to display the additional branches of the command Hirschmann EAGLE One login access Set login access parameters timeout Set login time
31. of our product as possible as well as important information to assist you in the operation of this product Your comments and suggestions help us to further improve the quality of our documentation Your assessment of this manual Very Good Satisfactory Mediocre Poor Good Precise description O O O O O Readability O O O O O Understandability O O O O O Examples O O O O O Structure O O O O O Comprehensive O O O O O Graphics O O O O O Drawings O O O O O Tables O O O O O Did you discover any errors in this manual If so on what page RM CLI EAGLE One Release 5 3 09 2013 57 Readers Comments Suggestions for improvement and additional information General comments Sender Company Department Name Telephone number Street Zip code City E mail Date Signature Dear User Please fill out and return this page as a fax to the number 49 0 7127 14 1600 or per mail to Hirschmann Automation and Control GmbH Department 01RD NT Stuttgarter Str 45 51 72654 Neckartenzlingen 58 RM CLI EAGLE One Release 5 3 09 2013 Index B Index C Command tree F FAQ G Global Config mode Industrial HiVision L Login Banner O OpenSSH Suite P Password PPPoE mode Privileged Exec mode PuTTY R Router Mode Secure Shell Secure shell Secure shell SSH State on delivery T Tab Completion
32. out parameters The login timeout command is used to perform this task After login enter a t and a space The CLI automatically completes the command to login timeout After login timeout enter a question mark to display the additional branches of the command Hirschmann EAGLE One login timeout serial Set login timeout for serial line connections ssh Set login timeout for SSH connections web Set login timeout for web connections RM CLI EAGLE One Release 5 3 09 2013 45 Examples 4 1 Change timeout default setting The login timeout ssh command is used to perform this task After login timeout ssh enter a question mark to display the possible parameters for the command Hirschmann EAGLE One login timeout ssh lt 1 120 gt Enter a number in the given range After login timeout ssh enter the value desired in this case 120 to set the timeout to 120 minutes Hirschmann EAGLE One login timeout ssh 120 Execute the command by pressing the Enter key Checking the execution with the Show command Enter show to display the possible show commands RM CLI EAGLE One 46 Release 5 3 09 2013 Examples 4 1 Change timeout default setting Hirschmann EAGLE One authentication config config watchdog denial of service device status dhcp relay dhcp server flm inter
33. ration Enter system mode Set device parameters Display device options and settings Trace route to a specified host Hirschmann EAGLE One serviceshell exit Au revoir Hirschmann EAGLE One RM CLI EAGLE One Release 5 3 09 2013 55 Maintenance 5 1 Service Shell Permanently disabling the Service Shell If you disable the Service Shell function you maintain the device configuration option In this case the service technician has no possibilities to access internal functions of your device to call up additional required information Note Disabling the Service Shell function produces a permanent effect To reactivate the Service Shell function send the device back to the manufacturer To display the Service Shell function enter serviceshell or ser and a space and then a question mark To permanently deactivate the Shell Service function enter deactivate or d andaspace and press the enter key This process is irreversible Hirschmann EAGLE One enable Hirschmann EAGLE One serviceshell deactivate Disable the service shell access permanently Cannot be undone lt cr gt Press Enter to execute the command Hirschmann EAGLE One serviceshell deactivate RM CLI EAGLE One 56 Release 5 3 09 2013 Readers Comments A Readers Comments What is your opinion of this manual We are constantly striving to provide as comprehensive a description
34. re and after the Firewall are located in the same sub network The Firewall also allows you to access the device in the delivery state without configuring the IP address To do this use the address 192 168 1 1 24 Router Mode In router mode the Firewall transmits on level 3 of the ISO OSI layer model The IP address ranges before and afterthe Firewall are located in different subnetworks You will find a detailed description of the IP configuration in the Configuration user manual ofthe EAGLE One PPPoE mode In the PPPoE mode the device works like in the router mode However the device uses the PPPoE protocol on the 2 EXTERN This enables Internet connections via a DSL modem for example RM CLI EAGLE One Release 5 3 09 2013 Introduction 1 2 User interfaces 1 2 User interfaces The device provides you 3 user interfaces which you can access through different interfaces System monitor via the V 24 interface out of band Command Line Interface CLI via the V 24 connection out of band or via SSH in band Graphical user interface GUI via Ethernet in band RM CLI EAGLE One Release 5 3 09 2013 11 Introduction 1 3 Command Line Interface 1 3 Command Line Interface The Command Line Interface enables you to use the functions of the device through a local or remote connection This supports you with a secure administration of the firewall via V 24 or via the Secure Shell SSH protocol In addition you
35. rved EAGLEONE Release ONE 05 3 00 Build date 2013 09 09 09 09 System Name EAGLEONE 000000 Netw Mode transparent Mgmt IP c ca boc d Base MAC gt 00 11 22 33 44 55 System Time TUE SEP 17 10 10 10 2013 NOTE Enter for Command Help Command help displays all options that are valid for the particular mode For the syntax of a particular command form please consult the documentation Hirschmann EAGLE One Figure 4 Start screen of CLI Your Firewall appears with the input prompt Hirschmann EAGLE One gt RM CLI EAGLE One 18 Release 5 3 09 2013 Access to CLI 2 3 CLI via the V 24 port 2 3 CLI via the V 24 port The device provides a serial interface on the RJ11 socket V 24 interface for connecting an external management station VT100 terminal or PC with corresponding terminal emulation locally The interface enables you to set up a data connection to the Command Line Interface CLI and to the system monitor VT 100 terminal settings Speed 9600 Baud Data 8 bit Stopbit 1 bit Handshake off Parity none The socket housing is electrically connected to the housing of the device RJ11 DB9 Pin5 Pin 6 9 9 Pin 8 i Oo nd 99 Pin 1 CTS 1 n c 2 yo TX 3 3 CND 1 RX 5 5 RTS 6 Figure 5 Pin assignment of the V 24 interface and the DB9 connector You will find a description of the V 24 interface in the User Manual Installation RM
36. t tasks and list system information Hirschmann EAGLE One gt logout Are you sure Y N y Table 1 Command modes RMCLI EAGLE One 26 Release 5 3 09 2013 Using the CLI 3 1 Mode based command hierarchy Command mode Access method Quit or start next mode Privileged Exec mode From the User Exec mode you enter the command enable Hirschmann gt enable Hirschmann EAGL EAGL E One E One To quit the Privileged Exec mode and return to the User Exec mode you enter exit Hirschmann EAGLE One exit Hirschmann EAGLE One gt Global Configuration mode Hirschmann configure Hirschmann config EAGL EAGL E One E One From the Privileged Exec mode you enter the command configure To quit the Global Configuration mode and return to the Privileged Exec mode you enter exit Hirschmann EAGLE One config exit Hirschmann EAGLE One From the User Exec mode you enter To then quit the Privileged Exec the command enable and then in Privileged Exec mode enter the command Configure Hirschmann EAGLE One gt enable Hirschmann EAGLE One configure Hirschmann EAGLE One config ode and return to the User Exec ode you enter exit again Hirschmann EAGLE One exit Hirschmann EAGLE One gt Table 1 Command modes If you enter a question mark after the prompt the CLI displays
37. tered are treated as optional parameters If one of the parameters is unknown the CLI displays a syntax message RM CLI EAGLE One 30 Release 5 3 09 2013 Using the CLI 3 2 Executing the commands The command tree branches for the required parameters until the required parameters have reached the last branch in the structure With optional parameters the command tree branches until the required parameters and the optional parameters have reached the last branch in the structure Note The command show system commandtree lists the entire command tree for you 3 2 3 Structure of a command This section describes the syntax conventions and terminology and uses examples to represent them Format of commands Most of the commands include parameters If the command parameter is missing the CLI informs you about the detection of an incorrect command syntax This manual displays the commands and parameters in the Courier font Use them as shown in the manual see table 2 Parameters The sequence of the parameters is relevant for the correct syntax of a command Parameters are required values optional values selections or a combination of these things The representation see table 2 indicates the type of the parameter RM CLI EAGLE One Release 5 3 09 2013 31 Using the CLI 3 2 Executing the commands lt command gt Commands in pointed brackets lt gt are obligatory command Commands in square brac
38. tion Description CTRL H Delete previous character Backspace CTRL A Go to beginning of line CTRL E Go to end of line CTRL F Go forward one character CTRL B Go backward one character CTRL D Delete current character CTRL U X Delete to beginning of line CTRL K Delete to end of line CTRL W Delete previous word CTRL P Go to previous line in history buffer CTRL R Rewrite or paste the line CTRL N Go to next line in history buffer CTRL Q Enable serial flow CTRL S Disable serial flow CTRL Z Return to root command prompt Tab lt SPACE gt Command line completion Exit Go to next lower command prompt List choices Table 5 Key combinations in the Command Line Interface 36 RM CLI EAGLE One Release 5 3 09 2013 Using the CLI 3 3 Properties ofthe CLI The Help command displays the possible key combinations in CLI on the Screen EES help HELP Special keys Ctrl H BkSp Ctrl A Ctrl E Ctrl F Ctrl B CUrlI D s CUEIL US X Ctrl Ctrl W Ctrl P CUtrI R Ctrl N Ctrl Q Ctrl S Ctrl Z Tab lt SPACE gt Exit 2 EES delete previous character go to beginning of line go to end of line go forward one character go backward one character delete current character delete to beginning of line delete to end of line delete previous word go to previous line in history buffer rewrites or pastes the line go to next line in history buffer enables serial flow disabl
Download Pdf Manuals
Related Search