secure-server
To enable the secure HTTP (HTTPS) server for a web user interface transport map, use the secure-server command in transport map configuration mode. To disable the HTTPS secure server for a web user interface transport map, use the no form of this command.
secure-server
no secure-server
Syntax Description
This command has no arguments or keywords.
Command Default
No server is enabled in a web user interface transport map by default.
Command Modes
Transport map configuration (config-tmap)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
This command is used to enable the secure HTTPS web server for web user interface traffic. The other choice is the server option, which configures HTTP as the web server. Both web servers can be configured at the same time.
When this command is entered, the router decides which port to use for HTTPS traffic based on the ip http secure-server or ip http secure-port configuration. Therefore, ip http secure-server , which configures the router to use the default port of 443 for HTTPS traffic, or ip http secure-port, which specifies a user-defined port for HTTPS traffic, must be configured when the secure-server command is used.
Examples
In the following example, the web user interface using the default HTTPS port is enabled:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip http secure-server
Router(config)# transport-map type persistent webui https-webui
Router(config-tmap)# secure-server
Router(config-tmap)# exit
Router(config)# transport type persistent webui input https-webui
*Apr 22 02:38:43.597: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to start
Related Commands
|
|
|
ip http secure-server |
Enables the HTTPS server on a router using the default HTTPS port. |
ip http secure-port |
Enables the HTTPS server on a router using a user-specified port. |
server (transport map) |
Enables the HTTP server for a persistent web user interface transport map. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a transport map and enters transport map configuration mode. |
server (transport map)
To enable the HTTP server for a web user interface transport map, use the server command in transport map configuration mode. To disable the HTTP server for a web user interface transport map, use the no form of this command.
server
no server
Syntax Description
This command has no arguments or keywords.
Command Default
No server is enabled in a web user interface transport map by default.
Command Modes
Transport map configuration (config-tmap)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
This command is used to enable the HTTP web server for web user interface traffic. The other choice is the secure-server option, which configures HTTPS as the web server. Both web servers can be configured at the same time.
When this command is entered, the router decides which port to use for HTTP traffic based on the ip http server or ip http port configuration. Therefore, ip http server , which configures the router to use the default port of 80 for HTTP traffic, or ip http port, which specifies a user-defined port for HTTP traffic, must be configured when the server command is used.
Examples
In the following example, the web user interface using the default HTTP port is enabled:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip http server
Router(config)# transport-map type persistent webui http-webui
Router(config-tmap)# server
Router(config-tmap)# exit
Router(config)# transport type persistent webui input http-webui
*Apr 22 02:43:55.798: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to start
Related Commands
|
|
|
ip http server |
Enables the HTTP server on a router using the default HTTP port. |
ip http port |
Enables the HTTP server on a router using a user-specified port. |
secure-server |
Enables the secure HTTP (HTTPS) server for a persistent web user interface transport map. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a transport map and enters transport map configuration mode. |
service exec-callback
To enable call back to clients who request a callback from the EXEC level, use the service exec-callback command in global configuration mode.
service exec-callback
Syntax Description
This command has no arguments or keywords.
Defaults
Callback is not enabled.
Command Modes
Global configuration
Command History
|
|
|
11.1 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command enables the Cisco IOS software to return a call to a device that dials in, connects to the EXEC, and requests callback.
Examples
The following example enables EXEC level callback:
Related Commands
|
|
|
arap callback |
Enables an ARA client to request a callback from an ARA client. |
debug callback |
Displays callback events when the router is using a modem and a chat script to call back on a terminal line. |
debug confmodem |
Displays information associated with the discovery and configuration of the modem attached to the router. |
ppp callback (PPP client) |
Enables a dialer interface that is not a DTR interface to function either as a callback client that requests callback or as a callback server that accepts callback requests. |
script arap-callback |
Specifies that a chat script start on a line when an ARA client requests a callback. |
username |
Establishes a username-based authentication system, such as PPP CHAP and PAP. |
service old-slip-prompts
To provide backward compatibility for client software scripts expecting Serial Line Internet Protocol (SLIP) and PPP dialogs to be formatted with Cisco IOS software Release 9.1 or earlier releases, use the service old-slip-prompt s command in global configuration mode. To disable this function, use the no form of this command.
service old-slip-prompts
no service old-slip-prompts
Syntax Description
This command has no arguments or keywords.
Defaults
The prompts and information sent by SLIP and PPP are formatted with the current release of Cisco IOS software.
Command Modes
Global configuration
Command History
|
|
|
11.1 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command provides backward compatibility for client software scripts expecting SLIP and PPP dialogs to be formatted with Cisco IOS software Release 9.1 or earlier releases.
Examples
The following example shows the output of a SLIP command after the service old-slip-prompts command is enabled:
Router# configure terminal
Router(config)# service old-slip-prompts
IP address or hostname: 10.2.2.2
Your IP address is 10.2.2.2. MTU is 1500 bytes
service pt-vty-logging
To log the X.121 calling address, Call User Data (CUD), and IP address assigned to a vty asynchronous connection, use the service pt-vty-logging command in global configuration mode. To disable this function, use the no form of this command.
service pt-vty-loggin g
no service pt-vty-logging
Syntax Description
This command has no arguments or keywords.
Defaults
This feature is disabled.
Command Modes
Global configuration
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command permits you to log the X.121 calling address, CUD, and IP address assigned to a vty asynchronous connection and direct this information to the console, an internal buffer, or a UNIX syslog server, depending on the logging configuration command you use. This authentication information can be used to associate an incoming packet assembler/disassembler (PAD) vty-asynchronous connection with an IP address.
Note
By default, the Cisco IOS software displays all messages to the console terminal.
Examples
The following example enables you to log the X.121 calling address, CUD, and IP address assigned to a vty asynchronous connection and save this information to a syslog server:
The following is sample output from the service pt-vty-logging command:
01:24:31: PAD18: call from 00011890 on LCI 10 PID 1 0 0 0 CUD "xyz"
Table 12 describes the fields shown in the output.
Table 12 service pt-vty-logging Field Descriptions
|
|
|
01:24:31: |
Time stamp. |
PAD18: |
Active vty line number using the PAD connection. |
00011890 |
The source or calling address. |
on LCI 10 |
Incoming call is initiated on Logical Channel 10. |
PID 1 0 0 0 |
The PAD Protocol Identifier is “01000000.” |
CUD “xyz” |
CUD “xyz.” If no CUD is available, this field will appear as follows:
|
Related Commands
|
|
|
logging |
Logs messages to a syslog server host. |
logging buffered |
Logs messages to an internal buffer. |
session-limit
To set the maximum number of terminal sessions per line, use the session-limit command in line configuration mode. To remove any specified session limit, use the no form of this command.
session-limit session-number
no session-limit
Syntax Description
session-number |
Specifies the maximum number of sessions. |
Defaults
The default and set session limits are displayed with the start-character EXEC command.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following example limits the number of sessions to eight on a ten-line range:
Related Commands
|
|
|
line vty |
Specifies a virtual terminal for remote console access. |
start-character |
Sets the flow control start character. |
session-timeout
To set the interval for closing the connection when there is no input or output traffic, use the session-timeout command in line configuration mode. To remove the timeout definition, use the no form of this command.
session-timeout minutes [ output ]
no session-timeout
Syntax Description
minutes |
Specifies the timeout interval in minutes. |
output |
(Optional) Specifies that when traffic is sent to an asynchronous line from the router (within the specified interval), the connection is retained. |
Defaults
The default interval is zero, indicating that the router maintains the connection indefinitely.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command sets the interval that the Cisco IOS software waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state.
If only the session timeout command is specified, the session timeout interval is based solely on detected input from the user.
If the session timeout command is specified with the output keyword, the interval is based on both input and output traffic. You can specify a session timeout on each port.
The session-timeout command behaves slightly differently on virtual (vty) terminals than on physical console, auxiliary (aux), and terminal (tty) lines. When a timeout occurs on a vty, the user session returns to the EXEC prompt. When a timeout occurs on physical lines, the user session is logged out and the line returned to the idle state.
You can use a combination of the exec-timeout and session-timeout line configuration commands, set to approximately the same values, to get the same behavior from virtual lines that the session-timeout command causes on physical lines.
Examples
The following example sets an interval of 20 minutes and specifies that the timeout is subject to traffic detected from the user (input only):
The following example sets an interval of 10 minutes, subject to traffic on the line in either direction:
session-timeout 10 output
Related Commands
|
|
|
absolute-timeout |
Sets the interval for closing the connection on a virtual terminal line. |
exec-timeout |
Sets the interval that the EXEC command interpreter waits until user input is detected. |
set (ruleset)
To unconditionally set one or more connection parameters to a fixed value for a translation ruleset, use the set command in translate ruleset configuration mode. To remove the ruleset, use one of the no forms of this command.
set [ # line-number ] { pad | telnet } variable-parameter [{ pad | telnet } variable-parameter [ ... ]]
no set { pad | telnet } variable-parameter [{ pad | telnet } variable-parameter [ ... ]]
no set # line-number [ ... ]
Syntax Description
# line-number |
(Optional) The line in the ruleset template the command should occupy. The # character must be entered. |
{ pad | telnet } |
Specifies the incoming or outgoing protocol, which controls the parameters that are available in the next element of this command. |
variable-parameter |
A parameter that varies depending upon the protocol selected, either pad or telnet, and its role, either incoming or outgoing. Protocol parameter values are available to modify the incoming or outgoing connection behavior during protocol translation session setup. Up to six parameters can be entered on one command line. Table 13 indicates the supported Telnet and PAD incoming and outgoing connection parameter keywords with an X. |
[ ... ] |
(Optional) Specifies that multiple entries can be made as follows:
- Up to six set specifications can be entered on one command line.
- Multiple line numbers can be specified using the second no form of this command.
|
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Up to six set specifications can be entered on one command line. The ellipses in the format shown above means multiple set statements can be specified.
When you use the first no form of this command, specify the full set of parameters and expressions in the command to be removed. The second no form must specify the correct set command and line number within the ruleset template.
Once an incoming connection has been matched for processing, the ruleset generates the protocol translation parameters using a template that unconditionally sets a value defined by a set statement. It is also possible that the incoming connection could conditionally set a value based on a test of parameter values using regular expressions. This is a test and set operation. The ruleset template could then substitute one parameter into another from a regular expression pattern match. These command combinations provide the network administrator with much flexibility in determining the protocol parameter values to use when establishing a protocol translation session.
As an example of set, test, and substitute command usage, an incoming TCP connection to an outgoing PAD connection might unconditionally set the PAD’s profile identifier as follows:
set pad profile Bldg-1-5ess
The incoming connection might conditionally set the profile identifier from a test of the destination information, as follows:
test telnet dest-addr \.11$ telnet dest-port ^10000$ set pad profile ess
Finally, the command might substitute a portion of the TCP destination port into the profile identifier, as follows:
substitute telnet dest-port ^1000(.)$ pad profile Bldg-1-5ess-\1
To combine the test and set commands, use the backslash character (\) to concatenate the command lines. The following statements test conditional parameters and then set appropriate parameters:
test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \
set pad pvc 1 telnet binary T
The protocol parameters for the incoming connection attempt are available for match expressions in the test, set and substitute statements. The values of the incoming connection attempt cannot be modified, though. For example, an incoming PAD connection has source and destination addresses that can be tested and used to modify other parameters, but the incoming connection addresses themselves cannot be modified.
Configuration errors are not detected when translation ruleset commands are entered. They are tested when the connection is attempted and the test (ruleset) command is used. In the following example, the translation ruleset set command unconditionally sets the PAD’s profile name to a profile that does not exist in the configuration:
set pad profile Bldg-1-5ess
This command would be accepted at the command-line interpreter, and validated only upon a connection attempt or with the test translate EXEC command. When the error is detected, the following messages display:
*%PT-3-PARAMRESULTERR: PT ruleset test protocol pad parameter profile parse error: Bldg-1-5ess.
-Process= "PAD InCall", ipl= 3, pid= 94
*PAD: ruleset translation not generated Cause: 9 Diag: 0
Table 13 lists the PAD and Telnet parameters that can be set, as indicated by an X. PAD outgoing service routing information (interface, CMNS MAC address, X.25 over TCP or XOT parameters, for example) are available for both switched virtual circuit (SVC) and permanent virtual circuit (PVC) service, and will take precedence over the X.25 routing table. If no routing information is specified, the X.25 routing table will be used. Entering an incomplete specification of routing information or the Connection-Mode Network Service (CMNS) MAC address, or omitting an interface specification for an Annex G data-link connection identifier (DLCI), will result in an error.
Table 13 Set Connection Parameter Keywords
|
|
|
|
|
|
|
authorize-method ASCII-string |
Connection authorization method to use that must match one of a fixed set of values. |
X |
— |
— |
X |
authorize-tag ASCII-string |
Connection authorization identity to supply, entered as an ASCII string. |
X |
— |
— |
X |
binary flag |
Flag that specifies whether 8-bit binary data is required, entered as one of the following characters to specify binary mode: Y, y, 1 – 9,
T, t. |
— |
X |
— |
X |
cud ASCII-string |
Call user data (CUD) that occurs after the protocol identification (PID). For X.29 service, this is the optional, user-specified text included in the command to place a call. |
— |
— |
X |
— |
dest-addr address |
Destination IP (Telnet) or X.121 (PAD) address. |
— |
X |
X |
— |
dest-addr-ext address |
Network service access point (NSAP) destination address extension. |
— |
— |
X |
— |
dest-port port |
Destination port entered as a decimal number from one to five digits long. |
— |
X |
— |
|
dlci number |
Frame Relay data-link connection identifier (DLCI) of an Annex G service entered as a number from one to seven digits in length, although a size of two to four digits is more likely, or the NULL string if not received on an Annex G service. |
— |
— |
X |
— |
eor specification |
A character set defining the End-of-Record (EOR) string for the protocol translation session, entered as an ASCII or hexadecimal specification from one to four bytes in length, aaa or 0x19, as examples. |
— |
X |
— |
X |
eor-insert flag |
Flag specifying that the EOR character set should be inserted for PAD data being forwarded to a Telnet session, and is entered as a single character. Use one of the following characters to specify EOR insertion: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
hostname address |
Destination host name for Domain Name System (DNS) resolution entered as an ASCII string. |
— |
X |
— |
— |
idle seconds |
Number of seconds the PAD connection can be idle before being cleared. |
X |
— |
X |
— |
interface type number |
Interface to be used for the circuit, entered using standard Cisco IOS interface designations; Serial1/0:1, for example. |
— |
— |
X |
— |
keepalive-period seconds |
Indicates the number of seconds between TCP keepalives for the X.25 over TCP (XOT) connection. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
keepalive-tries number |
Indicates the number of TCP keepalives to send before the XOT connection is declared dead. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
local flag |
Flag specifying that Telnet control sequences should be forwarded, not processed, and is entered as a single character. Use one of the following characters to specify local mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
mac address |
Connection-Mode Network Service (CMNS) service remote host MAC address entered as three hexadecimal numbers of four digits separated by a period, (0000.fc08.12ab, for example) or the NULL string if not received on a CMNS service. |
— |
— |
X |
— |
no-reset |
Suppress a PVC Reset packet at session startup. |
X |
— |
X |
— |
packetsize size |
X.25 maximum data packet sizes to request, entered as two numbers from the following choices: 16, 32, 64, 128, 256, 512, 1024, 2048, 4096. |
— |
— |
X |
— |
pid byte-string |
PID string specified in ASCII or hexadecimal. A hexadecimal PID must be prefixed by “0x.” For example, 0x01000000 is the standard PAD PID. Although it is available for specifying a nonstandard Call PID, this parameter is not restricted to the common PID length and can be used to specify the entire user data field. |
— |
— |
X |
— |
printer flag |
Printer access mode. Flag specifying that the outgoing connection should be brought up before the incoming connection is confirmed. Use one of the following characters to specify printer mode: Y, y, 1 – 9, T, t. An unsuccessful outgoing connection attempt results in the incoming connection to the ruleset being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the ruleset quiet keyword to be applied to the translation. |
X |
— |
— |
X |
profile name |
Named PAD profile to use. |
X |
— |
X |
— |
pvc circuit-number |
Permanent virtual circuit (PVC) entered as a number from 1 to 4095, or the null string if not a PVC. |
— |
— |
X |
— |
reverse |
Request reverse charging. |
— |
— |
X |
— |
reversed flag |
Flag to indicate whether a reverse charged Call is permitted. This flag applies to a switched virtual circuit (SVC) and is entered as a single character, Y or N, for yes or no. |
— |
— |
— |
— |
rotor |
Modifies the behavior of the host-name keyword by allowing one of the IP addresses defined by the ip host configuration command to be chosen randomly. If one address fails, another will be tried until a connection is made or all address choices are exhausted. |
— |
X |
— |
— |
source-addr address |
Source X.121 address. |
— |
— |
X |
— |
source-addr-ext address |
NSAP source address extension. |
— |
— |
X |
— |
source-ifc type number |
Interface from which to take the source IP address, entered using standard Cisco IOS interface designations, Loopback0, for example. |
— |
X |
X |
— |
stream flag |
Flag that specifies whether Telnet negotiation should be sent or accepted, entered as one of the following characters to specify stream mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
swap flag |
X.29 role reversal. Flag that indicates the PAD connection should not initiate X.29 commands when first connected. Use one of the following characters to swap behavior: Y, y, 1 – 9, T, t. This parameter enables incoming and outgoing PAD connections to be swapped so that a protocol translation is treated like a PAD when it accepts a call. By default, the protocol translation functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. |
X |
— |
X |
— |
use-map map |
Use the map defined for PAD service. |
— |
— |
X |
— |
windowsize size |
X.25 window sizes to request, entered as two numbers in a range from 1 to 127. |
— |
— |
X |
— |
xot-dest-addr address |
Destination IP address of an X.25 over TCP (XOT) service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
— |
— |
X |
— |
xot-source-addr address |
Source IP address of an XOT service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
— |
— |
— |
— |
Examples
The following example shows how to build a ruleset by writing a match statement, specifying protocol translation options, setting parameters for incoming Telnet connections, then testing and setting appropriate parameters for incoming PAD connections. Note use of the backslash character to combine the test and set statements.
translate ruleset customer-case-1 from telnet to pad
! Match an incoming Telnet attempt destined for IP addresses starting
! with 172.18., and a 5-digit port starting with 120 through 127
match dest-addr ^172\.18\..* dest-port ^12[0-7]..$
! Once the correct network is matched, specify that this ruleset is limited
! to ten concurrent users and requires a login exchange
options max-users 10 login
set telnet printer Y telnet binary Y
set pad profile cust-profile-one
! Test conditional parameters and make appropriate settings
test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \
set pad pvc 1 telnet binary T
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
show arap
To display information about a running AppleTalk Remote Access Protocol (ARAP) connection, use the show arap command in privileged EXEC mode.
show arap [ line-number | aux [ line-number ] | console [ line-number ] | vty [ line-number ] ]
Syntax Description
line-number |
(Optional) Number of the line on which an ARAP connection is established and active. |
aux line-number |
(Optional) Displays the ARAP auxiliary information for the specified line. |
console line-number |
(Optional) Displays the ARAP console information for the specified line. |
vty line-number |
(Optional) Displays the ARAP virtual terminal line information. |
Command Modes
Privileged EXEC (#)
Command History
|
|
|
10.0 |
This command was introduced. |
12.2(33)SRE |
This command was introduced in a release earlier than Cisco IOS Release 12.2(33)SRE. |
12.2(33)SXI |
This command was introduced in a release earlier than Cisco IOS Release 12.2(33)SXI. |
12.4(24)T |
This command was introduced in a release earlier than Cisco IOS Release 12.4(24)T. |
Cisco IOS XE 2.1 |
This command was integrated into Cisco IOS XE Release 2.1. |
Usage Guidelines
Use the show arap command with no arguments to display a summary of the ARAP traffic since the router was last booted.
Examples
The following is sample output from the show arap command:
Statistics are cumulative since last reboot
Total ARAP connections: 2
Total Appletalk packets output: 157824
Total Appletalk packets input: 12465
These fields refer to the sum of all the ARA connections since the device was last reloaded.
The following sample output displays information about ARA activity on a specific line (line 3):
"Unlimited time left" or "22 minutes left"
"Doing smartbuffering" or "Smartbuffering disabled"
Appletalk packets output: 157824
Appletalk packets input: 12465
Appletalk packets overflowed: 1642
Appletalk packets dropped: 586
V42bis compression efficiency (incoming/outgoing): {percentage/percentage}
MNP4 packets received: 864
MNP4 garbled packets received: 4
MNP4 out of order packets received: 0
Table 14 describes the significant fields shown in the display.
Table 14 show arap Field Descriptions
|
|
|
Active for integer minutes |
Number of minutes since ARAP started on the line. |
Unlimited time left or integer minutes left |
Remaining time limit on the line, if applicable on the line. |
Doing smartbuffering or Smartbuffering disabled |
Obsolete. Always says “Doing smartbuffering.” |
Appletalk packets output |
Number of AppleTalk packets that have been received from the Apple Macintosh and out to the network during this connection. |
Appletalk packets input |
Number of AppleTalk packets that have been received from the network and sent to the Apple Macintosh during this connection. |
Appletalk packets overflowed |
Number of packets from the network that have been dropped because the link to the Apple Macintosh was congested. |
Appletalk packets dropped |
Number of packets from the network that have been dropped because it was unnecessary to pass them (frequently RTMP). |
V42bis compression efficiency (incoming/outgoing) |
Performance of the v42 bis protocol underneath ARA, expressed as a percentage of incoming/percentage outgoing. If the efficiency is low, a network user is probably copying already compressed files across the link. Generally, low efficiency means slow performance. |
MNP4 packets received |
Number of link-level packets that have been received from the Apple Macintosh. |
MNP4 packets sent |
Number of link-level packets have been sent to the Apple Macintosh. |
MNP4 garbled packets received |
Number of garbled packets that have been received from the Apple Macintosh. |
MNP4 out of order packets received |
Number of out-of-order packets that have been received from the Apple Macintosh. |
MNP4 packets resent |
Number of times packets have been re-sent. |
MNP4 nobuffers |
Number of times MNP4 has run out of buffers. This field should be zero. |
show entry
To display the list of queued host-initiated connections to a router, use the show entry command in EXEC mode.
show entry
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
11.1 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
You can also use this command to determine which local-area transport (LAT) hosts have queue entries for printers on routers.
Examples
The following is sample output from the show entry command. The display shows that two LAT connections are waiting for access to port 5. The list is ordered so that the lower-numbered entry has been waiting longer, and will use the line next.
1 waiting 0:02:22 for port 5 from LAT node BLUE
2 waiting 0:00:32 for port 5 from LAT node STELLA
Table 15 describes the fields in the first line of output shown in the display.
Table 15 show entry Field Descriptions
|
|
|
1 |
Number assigned to the queued connection attempt. |
waiting 0:02:22 |
Interval (hours:minutes:seconds) during which the connection attempt has been waiting. |
for port 5 |
Port for which the connection attempt is waiting. |
from LAT node BLUE |
Name of the user (BLUE) attempting to make the connection. |
show keymap
To test for the availability of a keymap after a connection on a router takes place, use the show keymap command in EXEC mode.
show keymap [ keymap-name | all ]
Syntax Description
keymap-name |
(Optional) Name of the keymap. |
all |
(Optional) Lists the names of all defined keymaps. The name of the default keymap is not listed. |
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The Cisco IOS software searches for the specified keymap in its active configuration image and lists the complete entry if found. If the keymap is not found, an appropriate “not found” message appears.
If you do not use any arguments with the show keymap command, then the keymap currently used for the terminal is displayed.
Examples
The following is sample output from the show keymap command:
ciscodefault { clear = '^z'; flinp = '^x'; enter = '^m';\
synch = '^r'; reshow = '^v'; eeof = '^e'; tab = '^i';\
btab = '^b'; nl = '^n'; left = '^h'; right = '^l';\
up = '^k'; down = '^j'; einp = '^w'; reset = '^t';\
xoff = '^s'; xon = '^q'; escape = '^c'; ferase = '^u';\
pa1 = '^p1'; pa2 = '^p2'; pa3 = '^p3';\
pfk1 = '\E1'; pfk2 = '\E2'; pfk3 = '\E3'; pfk4 = '\E4';\
pfk5 = '\E5'; pfk6 = '\E6'; pfk7 = '\E7'; pfk8 = '\E8';\
pfk9 = '\E9'; pfk10 = '\E0'; pfk11 = '\E-'; pfk12 = '\E=';\
pfk13 = '\E!'; pfk14 = '\E@'; pfk15 = '\E#'; pfk16 = '\E$';\
pfk17 = '\E%'; pfk18 = '\E\^'; pfk19 = '\E&'; pfk20 = '\E*';\
pfk21 = '\E('; pfk22 = '\E)'; pfk23 = '\E_'; pfk24 = '\E+';\
Refer to the keymap command for more information about keyboard mappings and keymap entry structures.
Related Commands
|
|
|
keymap |
Defines specific characteristics of keyboard mappings. |
show lat advertised
To display the local-area transport (LAT) services a router offers to other systems running LAT on the network, use the show lat advertised command in EXEC mode.
show lat advertised
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Advertised services are created with the lat service commands. The display includes the service rating, rotary group if present, and whether the service is enabled for incoming connections.
Examples
The following is sample output from the show lat advertised command:
Router# show lat advertised
service Name Rating Rotary Flags
service1 4(Dynamic) None Enabled
Autocommand: telnet service1
Service2 0(Dynamic) 12 Enabled
Ident: service2 modem services
service3 4(Dynamic) None Enabled
The display shows output from a router named router1 that has three services defined: service1, service2, and service3.
Table 16 describes the fields shown in the display.
Table 16 show lat advertised Field Descriptions
|
|
|
Service Name |
Lists the LAT service name. |
Rating |
Lists the static service rating set, if any. |
Rotary |
Lists the associated rotary service. |
Flags |
Lists whether a service is enabled. |
Autocommand |
Defines the autocommand associated with the service. |
Ident |
Lists the advertised identification for the service. |
show lat groups
To display the groups that were defined in the Cisco IOS software with the lat group-list command, use the show lat groups command in EXEC mode.
show lat groups
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show lat groups command:
manufacturing 10 70 71 72
Table 17 describes the fields shown in the display.
Table 17 show lat groups Field Descriptions
|
|
|
Group Name |
Assigned group name. |
Len |
Size of internal data structure used to contain the group code map. |
Groups |
Group codes associated with the learned group. |
Related Commands
|
|
|
lat group-list |
Allows a name to be assigned to the group list, which is any combination of group names, numbers, or ranges. |
show lat nodes
To display information about all known local-area transport (LAT) nodes, use the show lat nodes command in EXEC mode.
show lat nodes
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show lat nodes command:
Node "service1", usage -1, Interface Ethernet0, Address 0000.0c01.0509
Timer 89, sequence 188, changes 131, flags 0x0, protocol 5.1
Facility 0, Product code 0, Product version 0
Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmit
Bad messages: 0, Bad slots: 0, Solicits accepted: 0
Solicits rejected: 0, Multiple nodes: 0
Node "service2", usage -1, Local
Timer 99, sequence 4, changes 151, flags 0x0, protocol 5.2
Facility 0, Product code 0, Product version 0
Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmit
Bad messages: 0, Bad slots: 0, Solicits accepted: 0
Solicits rejected: 0, Multiple nodes: 0
Node "service3", usage -1, Interface Ethernet0, Address 0000.0cff.c9ed
Timer 99, sequence 9, changes 159, flags 0x0, protocol 5.1
Facility 0, Product code 0, Product version 0
Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmit
Bad messages: 0, Bad slots: 0, Solicits accepted: 0
Solicits rejected: 0, Multiple nodes: 0
Node "service4", usage -1, Interface Ethernet0, Address 0000.0c02.c7c1
Timer -10351, sequence 1, changes 131, flags 0x40, protocol 5.2
Facility 0, Product code 0, Product version 0
Recv 0/0/0, Xmit 0/0/0, 0 Dups, 0 ReXmit
Bad messages: 0, Bad slots: 0, Solicits accepted: 0
Solicits rejected: 0, Multiple nodes: 0
Table 18 describes the significant fields shown in the display.
Table 18 show lat nodes Field Descriptions
|
|
|
Node |
The node name as reported by the host computer. |
usage |
The number of virtual circuits currently active to this node. |
Interface |
Node interface type and number. |
Address |
The MAC address of the Ethernet interface for the node. |
Timer |
The number of seconds remaining until the service advertisement message for this node will time out; this value is set to three times the nodes multicast timer value whenever a new service advertisement message is received. |
sequence |
The sequence number received in the last service advertisement message received. Nodes increment their sequence number when the contents of the service advertisement change. |
changes |
The internal representation of what changed in the multicast message the last time the sequence number changed. |
flags |
The internal representation of various state information about the node. |
protocol |
The LAT protocol version used by the node. |
Facility |
The remote facility number. |
Product code |
The remote product code. |
Product version |
The remote product version. |
Recv and Xmit |
The number of messages, slots, and bytes received or sent to the node. The number of messages is the number of LAT virtual circuit messages. Each virtual circuit message contains some number of slots, which contain actual terminal data or control information. Bytes is the number of data bytes (input or output characters) exchanged. |
Dups |
The number of duplicate virtual circuit messages received. |
ReXmit |
The number of virtual circuit messages resent. |
Bad messages |
The number of bad messages received. |
Bad slots |
The number of bad slots received. |
Solicits accepted |
The number of solicit-information requests accepted. |
Solicits rejected |
The number of solicit-information requests rejected. |
Multiple nodes |
The total of multiple nodes seen. |
Groups |
The list of group codes advertised by the service-advertisement message of the node. |
Service classes |
The number of service classes. |
show lat services
To display information about learned local-area transport (LAT) services in the Cisco IOS software, use the show lat services command in EXEC mode.
show lat services [ service-name ]
Syntax Description
service-name |
(Optional) Name of a specific LAT service. |
Command Modes
EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show lat services command:
Router# show lat services
Service Name Rating Interface Node (Address)
ABCDEFGHIJ 5 Ethernet0 SERVICE1(0000.0c00.391f)
GLAD 84 Ethernet0 SERVICE2 (aa00.0400.9205)
Ident: Welcome to Gateway
WHEEL 83 Ethernet0 SERVICE3 (aa00.0400.9005)
ZXYW 5 Ethernet0 SERVICE4 (0000.0c00.391f)
Table 19 describes the significant fields shown in the display.
Table 19 show lat services Field Descriptions
|
|
|
Service Name |
LAT service name. |
Rating |
Rating of the service. If a single service is provided by more than one host, the Cisco IOS software connects to the one with the highest rating. |
Interface |
Interface type. |
Node |
Connection address. |
(Address) |
Advertised identification for the service. |
Related Commands
|
|
|
show lat sessions |
Displays active LAT sessions. |
show resource-pool call |
Displays specific LAT learned services. |
show lat sessions
To display active local-area transport (LAT) sessions, use the show lat sessions command in EXEC mode.
show lat sessions [ line-number ]
Syntax Description
line-number |
(Optional) Displays an active LAT session on a specific line. |
Command Modes
EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show lat sessions command. In this example, information about all active LAT sessions is displayed. The output is divided into three sections for each session (in this case two sessions): TTY data, session data, and remote node data.
Router> show lat sessions
tty0, connection 1 to service TERM1
Name ”0”, Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Config flags: -FlowOut, -FlowIn, Parameter Info
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Name TERM1, Remote Id 1, Local Id 1
Remote credits 2, Local credits 0, Advertised Credits 2
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Node ”TERM1”, Address 0000.0C00.291F, usage 1
Timer 59, sequence 5, changes 159, flags 0x0, protocol 5.1
Recv 56/22/83, Xmit 41/23/14, 0 Dups, 0 ReXmit
tty10, connection 1 to service ENG2
Name ”10”, Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Config flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Name ENG2, Remote Id 1, Local Id 1
Remote credits 1, Local credits 0, Advertised Credits 2
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Node ”ENG2”, Address AA00.0400.34DC, usage 1
Timer 179, sequence 60, changes 255, flags 0x0, protocol 5.1
Recv 58/29/186, Xmit 50/36/21, 0 Dups, 0 ReXmit
The following sample output displays information about active LAT sessions on one line (line 10). The output is divided into three sections: TTY data, session data, and remote node data.
Router> show lat sessions 10
tty10, connection 1 to service ENG2
Name "10", Local usage 1/0, Remote usage disabled
Flags: Local Connects, Enabled
Config flags: -FlowOut, +FlowIn, Set Parameters, 0x40000000
Flow control ^S/^Q in ^S/^Q out, Mode Normal, Parity None, databits 8
Name ENG2, Remote Id 1, Local Id 1
Remote credits 1, Local credits 0, Advertised Credits 2
Max Data Slot 255, Max Attn Slot 255, Stop Reason 0
Node ”ENG2”, Address AA00.0400.34DC, usage 1
Timer 189, sequence 61, changes 247, flags 0x0, protocol 5.1
Recv 60/29/186, Xmit 52/36/21, 0 Dups, 0 ReXmit
Table 20 describes the fields shown in the displays.
Table 20 show lat sessions Field Descriptions
|
|
|
TTY data |
Summary of the LAT-oriented terminal-line-specific data. |
Name |
Name used for this port as a port identification string. The name is reported to remote systems, which can display it in some operating-system dependent manner. This value is also used for targets of host-initiated connections. Currently, this value is hard-wired to be the line number of the associated terminal line. |
Local/Remote usage |
Current status of the terminal. The number is reported as current/maximum, where current is the current number of sessions of a given type, and maximum is the maximum number of sessions allowed (or zero if there is no maximum). If a terminal is being used for outgoing sessions, the local usage is equal to the number of current LAT sessions. If the terminal is being used for incoming sessions, local usage is disabled, and the remote count and maximum is one. |
Flags |
Current state of the line, and whether there are any queued host-initiated connections. |
Type flags |
Report flags not used in the current software release. |
Config flags |
Current port state as reflected by the most recent configuration message exchange. |
Flow control |
Lists set flow control characters. |
Groups |
Group code list currently in use for the line. |
Session data |
Reports various parameters about the connection. |
Name |
For the outbound connection, the name of the remote service to which it is connected. For inbound connections, this field is currently unused. |
Remote/Local Id |
Slot IDs being used to uniquely identify the session multiplexed over the underlying LAT virtual circuit. |
Remote/Local/
Advertised Credits |
Number of flow control credits that the Cisco IOS software will be sending to the host as soon as possible. The advertised credits are the number of credits that have already been sent. |
Flags |
Transient conditions in the LAT-state machine dealing with the current connection status. |
Max Data Slot |
Maximum number of characters that can be sent in a single data slot. |
Max Attn Slot |
Maximum amount of data that can be sent in an attention message. Current LAT implementations only send 1-byte attention messages (attention messages are used to flush buffered output). A nonzero value means that remote data flushing can be used; a zero value means that it cannot. |
Stop Reason |
Reason the session was stopped, if it was stopped but not deleted. This value is usually zero, indicating that the session has not yet been stopped. If a session persists for a long time with a nonzero stop reason, there is probably a problem in the local LAT software. |
Remote Node data |
Reports information about the remote node. The data includes the same fields as those from the show lat nodes output. |
Node |
Node name as reported by the host computer. |
Address |
MAC address of the Ethernet interface for the node. |
usage |
Number of virtual circuits currently active to the node. |
Timer |
Number of seconds remaining until the service advertisement message for the node will time out; this value is set to three times greater than the node multicast timer value whenever a new service-advertisement message is received. |
sequence |
Sequence number received in the last service-advertisement message. Nodes increment their sequence number when the contents of the service-advertisement change. |
changes |
Internal representation of what changed in the multicast message the last time the sequence number changed. |
flags |
Internal representation of various state information about the node. |
protocol |
LAT protocol version used by the node. |
Recv and Xmit |
Number of messages, slots, and bytes received or sent to the node. The number of messages is the number of LAT virtual circuit messages. Each virtual circuit message contains some number of slots, which contain actual terminal data or control information. |
Dups |
Number of duplicate virtual circuit messages received. |
ReXmit |
Number of virtual circuit messages resent. |
Groups |
Group codes advertised by the service-advertisement message of the node. |
Related Commands
|
|
|
show lat services |
Displays information about learned LAT services in the Cisco IOS software. |
show resource-pool call |
Displays specific LAT learned services. |
show lat traffic
To display information about traffic and resource utilization statistics on all active lines, use the show lat traffic command in EXEC mode.
show lat traffic
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show lat traffic command:
0/100 circuits, 0/500 sessions, 1/500 services
100 sessions/circuit, circuit timer 80, keep-alive timer 5
Recv: 335535 messages (2478 duplicates), 161722 slots, 1950146 bytes
0 bad circuit messages, 3458 service messages (52 used)
Xmit: 182376 messages (2761 retransmit), 146490 slots, 36085 bytes
Total: 23 circuits created, 38 sessions
Table 21 describes the significant fields shown in the display.
Table 21 show lat traffic Field Descriptions
|
|
|
Local host statistics |
Information about the router. |
circuits |
Current number and maximum support number of virtual circuits. |
sessions |
Current and maximum number of sessions. |
services |
Current number of known remote services, and the maximum supported. |
sessions/circuit |
Number of sessions per virtual circuit supported by the software. |
circuit timer |
Value of the virtual circuit timer parameter defined by the lat vc-timer global configuration command. |
keep-alive timer |
Value defined by the lat ka-timer global configuration command. |
Recv |
Statistics about local node receive totals. |
messages |
Total count of virtual circuit messages received. |
duplicates |
Number of duplicate virtual circuit messages received. |
slots |
Number of slots received. |
bytes |
Number of data bytes received. |
bad circuit messages |
Count of invalid messages received. |
service messages |
Number of service advertisement multicast messages received. |
used |
Number of multicast messages that caused the local node information to be updated. |
Xmit |
Various transmission totals. |
messages |
Total number of virtual circuit messages sent. |
retransmit |
Number of virtual circuit messages resent due to the lack of an acknowledgment. |
slots |
Number of data and control slots sent. |
bytes |
Count of user data bytes sent. |
circuit timeouts |
Count of times that a virtual circuit timed out because the remote node stopped responding (due to a node failure or communications failure). |
Total |
Count of virtual circuits and sessions that have existed since the router booted or rebooted. |
show line
To display parameters of a terminal line, use the show line command in user EXEC or privileged EXEC mode.
show line [ line-number [ upper-line-number ] | [{ aux | console | vty } line-number [ upper-line-number ]] [ summary ]
Syntax Description
line-number |
(Optional) Absolute line number of the line for which you want to list parameters. |
upper-line-number |
(Optional) Specifies the upper limit of a range. |
aux |
(Optional) Auxiliary line. |
console |
(Optional) Primary terminal line. |
vty |
(Optional) Virtual terminal line. |
summary |
(Optional) Line status summary. |
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
11.3(1)T |
The summary keyword was added. |
12.0 |
The vty keyword was added. |
12.1 |
Output from this command was modified to show the transport method configured. |
12.2(13)T |
This command was modified to indicate when support for closed user group (CUG) security is enabled on the line. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
If Closed User Group (CUG) security is configured on a line, the show line command used with the line-number argument causes “CUG Security Enabled” to be displayed in the Capabilities field of the output.
The show line command used with the summary keyword provides line status summary details such as whether there were modem calls or character mode calls.
Examples
The following sample output from the show line vty4 command shows that virtual terminal line 4 has a send and receive rate of 9600 bits per second (bps). Also shown are the terminal screen width and length, modem state, preferred transport method, and other characteristics.
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns
22 VTY - - - - - 0 0 0/0 -
Line 22, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Capabilities: CUG Security Enabled
Special Chars: Escape Hold Stop Start Disconnect Activation
Timeouts: Idle EXEC Idle Session Modem Answer Session
Idle Session Disconnect Warning
Login-sequence User Response
Session limit is not set.
Time since activation: never
History is enabled, history size is 10.
DNS resolution in show commands is enabled
Full user help is disabled
Allowed input transports are none.
Allowed output transports are pad v120 telnet rlogin udptn.
Preferred transport is telnet.
No output characters are padded
No special data dispatching characters
Table 22 describes the significant fields shown in the report displayed by the show line command (and may not match the previous example).
Table 22 show line Field Descriptions
|
|
|
Tty |
Line number. |
Typ |
Type of line. In this case, a virtual terminal line, which is active, in asynchronous mode denoted by the preceding “A.” All possible values follow:
- VTY—virtual terminal line
- CTY—console
- AUX—auxiliary port
- TTY—asynchronous terminal port
- lpt—parallel printer
|
Tx/Rx |
Transmit rate/receive rate of the line. |
A |
Indicates whether autobaud has been configured for the line. A value of F indicates that autobaud has been configured; a hyphen indicates that it has not been configured. |
Modem |
Types of modem signals that have been configured for the line. Possible values follow:
- callin
- callout
- cts-req
- DTR-Act
- inout
- RIisCD
|
Roty |
Rotary group configured for the line, if set. |
AccO, AccI |
Output or input access list number configured for the line. |
Uses |
Number of connections established to or from the line since the system was restarted. |
Noise |
Number of times noise has been detected on the line since the system restarted. |
Overruns |
Hardware Universal Asynchronous Receiver/Transmitter (UART) overruns or software buffer overflows, both defined as the number of overruns or overflows that have occurred on the specified line since the system was restarted. Hardware overruns are buffer overruns; the UART chip has received bits from the software faster than it can process them. A software overflow occurs when the software has received bits from the hardware faster than it can process them. |
A (or I or *) |
An A at the upper left of the display indicates that the user is running an asynchronous interface; an I indicates that the line has an asynchronous interface available; an asterisk (*) indicates that the line is otherwise active (in character mode). |
Line |
Definition of the specified protocol and address of the line. |
Location |
Location of the current line. |
Type |
Type of line, as specified by the line global configuration command. |
Length |
Length of the terminal or screen display, in rows. |
Width |
Width of the terminal or screen display, in columns. |
Baud rate (TX/RX) |
Transmit rate/receive rate of the line, in bps. |
Status |
State of the line: ready or not, connected or disconnected, active or inactive, exit banner or no exit banner, asynchronous interface active or inactive. |
Capabilities |
Current terminal capabilities. |
Modem state |
Modem control state. Although the sample output shows the modem state Idle, this field should always say READY. |
Special Chars |
Current settings of special characters that were input by the user (or taken by default) from the following global configuration commands:
- escape-character
- hold-character
- stop-character
- start-character
- disconnect-character
- activation-character
|
Timeouts |
Current settings that were input by the user (or taken by default) from the following global configuration commands:
- exec-timeout
- session-timeout
- dispatch-timeout
- modem answer-timeout
- session-disconnect-warning
- timeout login response
- autoselect timeout
|
Session limit |
Maximum number of sessions. |
Time since activation |
Last time start_process was run. |
Editing |
Whether command-line editing is enabled. |
History |
Current history list size, set by the user (or taken by default) from the history configuration command. |
DNS resolution in show commands is |
Whether Open Shortest Path First (OSPF) is configured to look up Domain Name System (DNS) names for use in show EXEC command displays. |
Full user help |
Whether full user help has been set by the user with the terminal full-help EXEC command or by the administrator with the full-help line configuration command. |
Allowed input transports are |
Current set transport method, set by the user (or taken by default) from the transport input line configuration command. |
Allowed output transports are |
Current set transport method, set by the user (or taken by default) from the transport output line configuration command. |
Preferred transport is |
Current set transport method, set by the user (or taken by default) from the transport preferred line configuration command. |
...characters are padded |
Current set padding, set by the user (or taken by default) from the padding line configuration command. |
...data dispatching characters |
Current dispatch character set by the user (or taken by default) from the dispatch-character line configuration command. |
Modem type is unknown |
No modemcap has been applied to this line, that means either modem autoconfigure has not been configured for the line, or modem autoconfigure discovery is configured. Autoconfigure is unable to discover the modem type. |
Dispatch |
Displays the current configured dispatch-timeout value. |
The following sample output from the show line summary command shows line summary status for lines 1/3/36 through 1/3/102. Each row of output represents 36 lines, and the line status characters in groups of four for readability. For example, the first row represents information on rows 1/3/36 through 1/3/71, and the first line status character “U” corresponds to line 1/3/36.
Router# show line summary
1/3/36: U??? ---- ---- ---- ---- --u- ---- ????....
1/3/72: ---- ???? ---- ???? ???? MMMM MMMM MMMM MMMM
2 character mode users. (U)
31 lines used, but currently idle. (-)
4 lines do not exist. (.)
16 lines in use by modem management (M)
18 total lines in use, 1 not authenticated (lowercase)
Table 23 describes the possible line status characters that can be shown in output from the show line summary command.
Table 23 Line Status Character Descriptions
|
|
|
? |
Line has never been used. |
- |
Lines has been used but is currently idle. |
. |
Line does not exist. |
A |
Line in use by a packet mode user such as asynchronous PPP, Serial Line Internet Protocol (SLIP), Appletalk Remote Access Protocol (ARAP), or Serial Tunneling (STUN). |
D |
Line in use by a digit mode user such as V.110 or V.120. |
F |
Line in use by a TCP fast-stream user. |
M |
Line in use by modem management. |
U |
Line in use by character mode user, such as an EXEC user making an outbound packet connection using Telnet, rlogin, local-area transport (LAT), packet assembler/disassembler (PAD), or normal (nonfast-stream) TCP clear. |
V |
Line in use by a voice mode user. |
Related Commands
|
|
|
modem enable |
Enables backup dial capability through the console port (changes the console port into an auxiliary port). |
show line autodetect
To detect the type of device connected on the console line, use the show line autodetect command in user EXEC or privileged EXEC mode.
show line autodetect
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
|
12.2(13)ZG |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use this command to detect the type of device connected on the console line.
Examples
The following example shows the command used to configure console autodetect mode:
Router(config-line)# modem enable autodetect
Use the show line autodetect command to determine when a modem or a console has been detected:
Router# show line autodetect
Detection State: Feature not enabled
Router# show line autodetect
Detection State: Nothing Attached
Router# show line autodetect
Detection State: Init State
Router# show line autodetect
Detection State: Console Attached
Router# show line autodetect
Detection State: Modem Attached
Table 24 describes the significant fields shown in the display.
Table 24 show line autodetect Field Descriptions
|
|
|
Detection State: Feature not enabled |
No device connection is detected. |
Detection State: Nothing Attached |
No cable is attached to the EIA/TIA-232 port on the router. |
Detection State: Init State |
Autodetection has been enabled, but no changes have been detected. |
Detection State: Console Attached |
A DTE console or terminal device is attached. |
Detection State: Modem Attached |
A DCE asynchronous modem device is attached. |
Related Commands
|
|
|
modem enable |
Enables backup dial capability through the console port (changes the console port into an auxiliary port). |
show node
To display information about local-area transport (LAT) nodes, use the show node command in EXEC mode.
show node [ all | node-name ] [ counters | status | summary ]
Syntax Description
all |
(Optional) Specifies all nodes. |
node-name |
(Optional) Indicates the name of the node for which status is required. |
counters |
(Optional) Specifies the various node counters. |
status |
(Optional) Specifies detailed node status. This is the default if a node name is specified. |
summary |
(Optional) Specifies a status summary for the node. This is the default if no node name is specified. |
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Entering the show node command with no arguments is the same as entering the show node all summary command and shows a one-line summary of all known nodes.
You can enter the show node command with either a specific node name or the all keyword, but not both.
The show node command displays three different sets of information about a node: the node counters, the node status, or a one-line summary of the node status.
You can enter the show node command with only one of the counters, status, or summary keywords. If you enter show node and two of these keywords without specifying a node name, the first keyword is treated as a node name, causing an error. If you enter the show node node-name command and two of these keywords, the second keyword will be treated as ambiguous.
The show node command with a node-name argument but no counters, status, or summary keyword defaults to show node node-name status.
Examples
The following is sample output from the show node command with no further keywords (the same as the show node all summary command):
Node Name Status Identification
WHEEL Reachable Welcome to VAX/VMS V5.4-2
Table 25 describes the significant fields shown in the display.
Table 25 show node Field Descriptions
|
|
|
Node Name |
Lists the names of the nodes. |
Status |
Indicates whether the node is reachable or not. |
Identification |
Identification string for the node. |
The following is sample output from the show node output that defaults to show node chaos status. It results in a display of the detailed status of node chaos.
Node: CHAOS Address: 00-00-0C-01-05-09
LAT Protocol: V5.1 Data Link Frame Size: 1500
Service Name Status Rating Identification
Table 26 describes the significant fields shown in the display.
Table 26 show node status Field Descriptions
|
|
|
Node |
Lists the node name as reported by the host computer. |
Address |
Identifies the MAC address of the node Ethernet interface. |
LAT protocol |
Lists the version of the LAT protocol used by the node. |
Data Link Frame Size |
Lists the size of the largest packet that can be sent to the LAT host. |
Identification |
Lists the identification string for the node. |
Node Groups |
Lists the group code list that is advertised by the remote node, which comes from the service advertisement of the remote node. |
Service Name |
Lists the LAT service name. |
Status |
Indicates whether the node is currently available on the network. |
Rating |
Indicates the rating of the service: an integer from 0 to 255, with the highest number being the preferred service. Used for load balancing. |
The following sample output displays the counter information for a specific node:
Router> show node tarmac counters
Seconds Since Zeroed: 100 Multiple Node Addresses: 0
Messages Received: 0 Duplicates Received: 0
Messages Transmitted: 0 Messages Re-transmitted: 0
Slots Received: 0 Illegal Messages Received: 0
Slots Transmitted: 0 Illegal Slots Received: 0
Bytes Received: 0 Solicitations Accepted: 0
Bytes Transmitted: 0 Solicitations Rejected: 0
In the following sample command and output displays, the status keyword is treated as the node name:
Router> show node status counters
Local -710- Node STATUS not known
In the following example, the second keyword counters is treated as ambiguous:
Router> show node lager status counters
Local -702- Keyword "COUNTERS" not known or ambiguous
show platform software configuration access policy
To view the access policies and banners for users entering the router using Telnet, Secure Shell (SSH), or the console port, enter the show platform software configuration access policy command in priviliged EXEC and diag nostic mode.
show platform software configuration access policy
Syntax Description
This comand has no arguments or keywords.
Command Default
No default behavior or values.
Command Modes
Privileged EXEC (#)
Diagnostic (diag)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
Access policies for the console port, Telnet, and SSH are set through the use of transport maps. If no transport maps are applied for a particular access method, the router uses the default settings.
Transport maps are configured by entering the transport-map type command, then setting the configuration of the transport map in transport map configuration mode. Transport maps are then enabled using the transport type global configuration command.
Examples
In the following example, the connection policy and banners are set for a persistent Telnet transport map, and the transport map is enabled.
The show platform software configuration access policy output is given both before the new transport map is enabled and after the transport map is enabled so the changes to the Telnet configuration are illustrated in the output.
Router# show platform software configuration access policy
The current access-policies
Rule : wait with interrupt
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# transport-map type persistent telnet telnethandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
Welcome to Diagnostic Mode
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent telnet input telnethandler
Router# show platform software configuration access policy
The current access-policies
Rule : wait with interrupt
Welcome to Diagnostic Mode
Rule : wait with interrupt
In the following example, the connection policy and banners are set for a persistent SSH transport map, and the transport map is enabled.
The show platform software configuration access policy output is given both before the new transport map is enabled and after the transport map is enabled so the changes to the SSH configuration are illustrated in the output.
Router# show platform software configuration access policy
The current access-policies
Rule : wait with interrupt
Welcome to Diagnostic Mode
Rule : wait with interrupt
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# transport-map type persistent ssh sshhandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
Router(config-tmap)# rsa keypair-name sshkeys
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent ssh input sshhandler
Router# show platform software configuration access policy
The current access-policies
Rule : wait with interrupt
Welcome to Diagnostic Mode
Rule : wait with interrupt
Rule : wait with interrupt
Related Commands
|
|
|
banner (transport-map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
transport interface |
Applies the transport map settings to the interface. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a persistent transport map and enters transport map configuration mode. |
show service
To display specific local-area transport (LAT) learned services, use the show service command in EXEC mode.
show service [ service-name ]
Syntax Description
service-name |
(Optional) The name of a specific LAT service. |
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The show service command without a service name displays a list of known LAT learned services. When entered with the service-name argument, it displays a more-detailed status of the named service. If no LAT learned service by the specified name is known, then a lookup is done for an IP host of that name.
Examples
The following is sample output from the show service command:
Service Name Status Identification
BLUE Available Welcome to VAX/VMS V5.4
STELLA-BLUE Available Welcome to VAX/VMS V5.4
The following is sample output of the show service command for a specific service:
Router> show service blue
Node Name Status Rating Identification
BLUE reachable 84 Welcome to VAX/VMS V5.4
Table 27 describes the significant fields shown in the two previous displays.
Table 27 show service Field Descriptions
|
|
|
Service |
Name of the service. |
Node Name |
Name of the nodes advertising the service. |
Status |
Status of the service: Available or Unknown when a command is entered without a service name. Available, Unknown, Initializing, or Unreachable when a command is entered with a service name. |
Rating |
Rating of the service: An integer from 0 to 255, with the highest number being the preferred service. Used for load balancing. |
Identification |
Identification string. |
show terminal
To obtain information about the terminal configuration parameter settings for the current terminal line, use the show terminal command in EXEC mode.
show terminal
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show terminal command:
Line 2, Location: "", Type: ""
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Status: Ready, Active, No Exit Banner
Special Chars: Escape Hold Stop Start Disconnect Activation
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Session limit is not set.
Allowed transports are telnet rlogin. Preferred is telnet
No output characters are padded
Table 28 describes the fields in the first three lines of the show terminal output.
Table 28 show terminal Field Descriptions—First Three Lines of Output
|
|
|
Line 2 |
Current terminal line. |
Location: "" |
Location of the current terminal line, as specified using the location line configuration command. |
Type: "" |
Type of the current terminal line, as specified using the line global configuration command. |
Length: 24 lines |
Length of the terminal display. |
Width: 80 columns |
Width of the terminal display, in character columns. |
Baud rate (TX/RX) is 9600/9600 |
Transmit rate/receive rate of the line. |
The following line of output indicates the status of the line:
Status: Ready, Active, No Exit Banner
Table 29 describes possible values for the Status field.
Table 29 show terminal Field Descriptions—Status Field Values
|
|
|
Active |
A process is actively using the line. |
Autobauding |
The line is running the autobaud process. |
Carrier Dropped |
Some sense of “carrier” has been dropped, so the line process should be killed. |
Connected |
The line has at least one active connection. |
Dialing Out |
A dial-on-demand routing (DDR) asynchronous interface is dialing a remote site on this line. |
Echo Off |
The line is not echoing what the user types in (for example, because a password must be entered). |
Escape Started |
The first character of the escape sequence has been typed. |
Escape Typed |
Both characters of the escape sequence have been typed. |
Hanging Up |
The line state is “hanging up.” |
Hardware XON/XOFF |
The line uses a Universal Asynchronous Receiver/Transmitter (UART) that supports XON/XOFF flow control in hardware. (This does not mean that the line is currently using software flow control.) |
Hold Typed |
The user typed the “hold character” (and the line is paused). |
Idle |
The line modem state is “idle” (see modem state diagrams). |
Idle Timeout |
An idle timeout has occurred. |
Input Stopped |
The input has been turned off because of hardware flow control or overflow. |
No Exit Banner |
The normal exit banner will not be displayed on this line. |
PSI Enabled |
The line is paying attention to typed escape characters. |
Rcvd BREAK |
A BREAK sequence has been received on the line. |
Rcvd Command |
The line has received a special command sequence (for example, ^^B for send break). |
Rcvd CR |
The last character received was a carriage return. |
Ready |
The line state is “ready.” |
Ring Transition |
A transition has occurred on the RING signal of the line. |
Send Break Soon |
Send a BREAK on the line soon. |
Send XOFF Soon |
Buffers are full and an XOFF should be sent soon. |
Sending Break |
A BREAK sequence is being sent on the line. |
Sent XOFF |
Buffers were full, so an XOFF was sent. |
SLIP Mode |
The line is running SLIP or PPP. |
The following line of output indicates the status of the capabilities of the line. These capabilities correspond closely to configurable parameters that can be set using configuration commands.
Table 30 describes possible values for the Capabilities field.
Table 30 show terminal Field Descriptions—Capabilities Field Values
|
|
|
Autobaud Full Range |
Corresponds to the autobaud command. |
Character Padding |
At least one pad c x configuration command has been used. |
Enabled |
The user has “enabled” successfully. |
EXEC Suppressed |
Corresponds to the no exec command. |
Hangup on Last Close |
Corresponds to the autohangup command. |
Hardware Flowcontrol In |
Corresponds to the flowcontrol hardware in command. |
Hardware Flowcontrol Out |
Corresponds to the flowcontrol hardware out command. |
Insecure |
Corresponds to the insecure command. |
Lockable |
Corresponds to the lockable command. |
Modem Callin |
Corresponds to the modem callin command. |
Modem Callout |
Corresponds to the modem callout command. |
Modem CTS-Required |
Corresponds to the modem cts-required command. |
Modem DTR-Active |
Corresponds to the modem dtr-active command. |
Modem RI is CD |
Corresponds to the modem ri-is-cd command. |
No Login Banner |
Corresponds to the no exec-banner command. |
Notification Set |
Corresponds to the notify command. |
Output Non-Idle |
Corresponds to the session-timeout command. |
Permanent SLIP |
Corresponds to the slip-dedicated command |
Private Line |
Corresponds to the private command. |
Refuse Suppress-GA |
Corresponds to the telnet refuse command. |
Receives Logging Output |
Corresponds to the monitor command. |
Refuse Telnet Echo |
Corresponds to the telnet refuse command. |
Send BREAK on IP |
Corresponds to the telnet break-on-ip command. |
SLIP allowed |
Corresponds to the slip address command. |
Software Flowcontrol In |
Corresponds to the flowcontrol software in command. |
Software Flowcontrol Out |
Corresponds to the flowcontrol software out command. |
Telnet Transparent Mode |
Corresponds to the telnet transparent command. |
The following line of output indicates the modem state. Values include Autobauding, Carrier Dropped, Hanging Up, Idle, and Ready.
The following lines of output indicate the special characters that can be entered to activate various terminal operations. The none or hyphen (-) values imply that no special characters are set.
Special Chars: Escape Hold Stop Start Disconnect Activation
The following lines of output indicate the timeout values that have been configured for the line:
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
never never 0:00:15 not imp not set
Table 31 describes the fields in the preceding lines of output.
Table 31 show terminal Field Descriptions—Timeouts
|
|
|
Idle EXEC |
Interval that the EXEC command interpreter waits for user input before resuming the current connection; or if no connections exist, returning the terminal to the idle state and disconnecting the incoming session. This interval is set using the exec-timeout command. |
Idle Session |
Interval that the Cisco IOS software waits for traffic before closing the connection to a remote computer and returning the terminal to an idle state. This interval is set using the session-timeout command. |
Modem Answer |
Interval during which the software raises DTR in response to RING and the modem response to CTS. This interval is set using the modem answer-timeout command. |
Session |
Not implemented in this release. |
Dispatch |
Number of milliseconds the software waits after putting the first character into a packet buffer before sending the packet. This interval is set using the dispatch-timeout command. |
The following lines of output indicate how various options have been configured:
Session limit is not set.
Allowed transports are telnet rlogin. Preferred is telnet
No output characters are padded
show tn3270 ascii-hexval
To determine ASCII-hexadecimal character mappings, use the show tn3270 ascii-hexval command in EXEC mode.
show tn3270 ascii-hexval
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.3 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use the show tn3270 ascii-hexval command to display the hexadecimal value of a character on your keyboard. After you enter the show tn3270 ascii-hexval command, you will be prompted to press a key. The hexadecimal value of the ASCII character is displayed. This command is useful for users who do not know the ASCII codes associated with various keys or do not have manuals for their terminals.
Examples
The following is sample output from the show tn3270 ascii-hexval command:
Router> show tn3270 ascii-hexval
Press key> 7 - hexadecimal value is 0x37.
Router> show tn3270 ascii-hexval
Press key> f - hexadecimal value is 0x66.
Router> show tn3270 ascii-hexval
Press key> not printable - hexadecimal value is 0xD.
Related Commands
|
|
|
show tn3270 character-map |
Displays character mappings between ASCII and EBCDIC. |
tn3270 character-map |
Converts incoming EBCDIC characters into ASCII characters for TN3270 connections. |
show tn3270 character-map
To display character mappings between ASCII and EBCDIC, use the show tn3270 character-map command in EXEC mode.
show tn3270 character-map { all | ebcdic-in-hex }
Syntax Description
all |
Displays all nonstandard character mappings. |
ebcdic-in-hex |
Displays the ASCII mapping for a specific EBCDIC character. |
Command Modes
EXEC
Command History
|
|
|
11.1 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show tn3270 character-map command:
Router# show tn3270 character-map all
EBCDIC 0x81 <=> 0x78 ASCII
EBCDIC 0x82 <=> 0x79 ASCII
EBCDIC 0x83 <=> 0x7A ASCII
Refer to the tn3270 character-map command for more information about EBCDIC and ASCII character mappings.
Related Commands
|
|
|
show tn3270 ascii-hexval |
Displays ASCII-hexadecimal character mappings. |
tn3270 character-map |
Converts incoming EBCDIC characters into ASCII characters for TN3270 connections. |
show translate
To display translation sessions that have been configured, use the show translate command in privileged EXEC mode.
show translate
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
|
10.3 |
This command was introduced. |
12.3(2)T |
Output fields were added to display information about translation sessions configured to use an End-of-Record (EOR) marker. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The display from this command shows each translation session set up on the router. It shows the incoming device and virtual terminal protocol, and the outgoing device and protocol.
Examples
The following show translate sample output is based on the following translate command configuration:
translate x25 3131415912345 ppp ip-pool scope-name router1 keepalive 0
If the previous translate command is enabled, the following output is created by the show translate command:
Translate From: x25 3131415912345
To: PPP ip-pool scope-name router1 keepalive 0
1/1 users active, 1 peak, 1 total, 0 failures
Table 32 describes the significant fields shown in the display.
Table 32 show translate Field Descriptions—X.25 to IP Translation
|
|
|
Translate From: x25 3131415912345 |
Protocol (X.25) and address (3131415912345) of the incoming device. |
To: PPP |
The virtual terminal protocol (PPP). |
ip-pool |
Obtain an IP address from a DHCP proxy client or a local pool. |
scope-name router1 |
Specific local scope name (router1) from which to obtain an IP address. |
keepalive 0 |
Indicates that keepalive updates have been disabled for the current translation session. |
1/1 users active |
Number of users active over the total number of users. |
1 peak |
Maximum number of translate sessions up at any given time. |
1 total |
Total number of translation sessions. |
0 failures |
Number of failed translation attempts resulting from this configuration. |
The following show translate sample output is based on the following translate command configuration:
translate x25 31301234 PPP 192.168.14.23 ipx-client Loopback0
If the previous translate command is enabled, the following output is created by the show translate command:
Translate From: x25 31301234
To: PPP 192.168.14.23 ipx-client Loopback0
1/1 users active, 1 peak, 1 total, 0 failures
Table 33 describes the significant fields shown in the display.
Table 33 show translate Field Descriptions—X.25 to IPX Translation
|
|
|
Translate From: x25 31301234 |
Protocol (X.25) and address (31301234) of the incoming device. |
To: PPP 192.168.14.23 |
The virtual terminal protocol (PPP) and IP address of the outgoing device. |
ipx-client Loopback0 |
Indicates that loopback interface 0 has been configured in client mode. |
1/1 users active |
Number of users active over the total number of users. |
1 peak |
Maximum number of translate sessions up at any given time. |
1 total |
Total number of translation sessions. |
0 failures |
Number of failed translation attempts resulting from this configuration. |
The following show translate sample output is based on the following translate command configuration:
translate tcp 10.60.155.63 x25 12345678 pvc 3 dynamic eor 0x19 insert
If the previous translate command is enabled, the following output is created by the show translate command:
Translate From: TCP 10.60.155.63 Port 23
To: X25 12345678 Pvc 3 dynamic
1/1 users active, 1 peak, 1 total, 0 failures
Table 34 describes the significant fields shown in the display.
Table 34 show translate Field Descriptions—TCP to X.25 Translation
|
|
|
Translate From: TCP 10.60.155.63 Port 23 |
Protocol (TCP) and address (10.60.155.63) of the incoming device. |
To: X25 12345678 |
The virtual terminal protocol (X.25) and X.121 destination address of the outgoing device. |
Pvc 3 |
The outgoing connection is using permanent virtual circuit (PVC) 3. |
dynamic |
Terminate the TCP-to-X.25 PVC session when the interface goes down. |
EOR 0x19 Insert |
Indicates that EOR functionality is configured and that the EOR marker (0x19) will be inserted into the TCP stream after each received X.25 packet that does not contain the More-bit set. |
1/1 users active |
Number of users active over the total number of users. |
1 peak |
Maximum number of translate sessions up at any given time. |
1 total |
Total number of translation sessions. |
0 failures |
Number of failed translation attempts resulting from this configuration. |
show translate ruleset
To display a summary of a specific or of all configured translate rulesets, behavioral parameters, and usage statistics, use the show translate ruleset command in user or privileged EXEC mode.
show translate ruleset [ name ]
Syntax Description
name |
(Optional) Ruleset name. |
Defaults
Displays all one-line translate command and ruleset configuration and connection information.
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command is useful for maintaining and updating ruleset statements. The output of this command identifies match, skip, set, test, and substitute statement lines and numbers them. The line number can be used to reconfigure or remove any of these statements.
When the optional name argument is used, the display includes only the configured ruleset and does not include information about the standard one-line translate commands.
Examples
Specific Ruleset Information
The following example shows specific information about the ruleset named A:
Router# show translate ruleset A
PT ruleset A, from pad to telnet.
administrative locks: 2 (2 readers, 0 writers).
translations: 0 created, 0 active, 0 failed, 0 created for test.
#1 match on 1 pad test: dest-addr ^5555(.)$.
#2 skip on 1 pad test: dest-addr ^5555[89]$.
options: limited to 10 active sessions.
set/test/substitute lines: 3.
#1 set 1 parameter: telnet/dest-addr 10.2.2.1.
#2 substitute from: pad/dest-addr ^5555(.)$ into telnet/dest-port 200\1.
#3 test 1 parameter: telnet/dest-port 2004; to set 1: telnet/dest-port 2010.
Information About All Rulesets
The following example shows information about all protocol translation rulesets configured on the device:
Router# show translate ruleset
Protocol translation rulesets: 27 created, 25 deleted, 25 freed, 0 failed.
in/out: telnet 1/1, pad 1/1, ppp -/0, autocommand -/0, virtual-template -/0.
PT ruleset A, from telnet to pad.
administrative locks: 2 (2 readers, 0 writers).
translations: 2 created, 0 active, 0 failed, 4 created for test.
#1 match on 1 telnet test: dest-addr 10.2.2.3.
options: none configured.
set/test/substitute lines: 4.
#1 test 1 parameter: telnet/dest-addr 10.2.2.3; to set 1: pad/dest-addr 4444.
#2 test 1 parameter: pad/dest-addr 4444; to set 1: pad/source-addr-ext 11.2222.2.
#3 substitute from: pad/source-addr-ext 11.2222.2 into pad/source-addr-ext 11.2222.3.
#4 test 1 parameter: pad/source-addr-ext ^11.2222.3$; to set 1: telnet/binary 1.
PT ruleset B, from pad to telnet.
administrative locks: 2 (2 readers, 0 writers).
translations: 0 created, 0 active, 0 failed, 0 created for test.
#1 match on 1 pad test: dest-addr ^5555(.)$.
#2 skip on 1 pad test: dest-addr ^55551$
set/test/substitute lines: 3.
#1 set 1 parameter: telnet/dest-addr 10.2.2.1.
#2 substitute from: pad/dest-addr ^5555(.) into telnet/dest-port 2000.
#3 test 1 parameter: pad/dest-addr ^5555[6-9]
Table 35 describes all significant fields seen that may be reported by this command.
Table 35 show translate ruleset Field Descriptions
|
|
|
Protocol translation rulesets: |
Describes ruleset memory management statistics. In the sample output seen in the “Information About All Rulesets” section, there were 27 total translate rulesets created, 25 rulesets deleted from the configuration, 25 rulesets freed, and 0 ruleset creation failure. |
active ruleset: |
Total number of current configured ruleset (rulesets created - rulesets deleted). |
in/out: |
Ruleset translation protocol counts, by incoming and outgoing protocol. |
PT ruleset |
Shows the defined name of the ruleset. In the sample output seen in the “Information About All Rulesets” section, the ruleset named A is configured to translate from a Telnet connection to PAD a connection. |
administrative locks: |
Describes the total ruleset administrative locks. |
readers: |
Total count of administrative locks. |
writers: |
Total count of configuration editors (rulesets being edited). Note Editing a ruleset changes the behavior of the set as a whole; an incoming connection will not be processed against a ruleset with an editor lock. |
translations: |
Describes ruleset memory management statistics for the dynamic one-line translate command, generated for and used by the protocol translation operation. |
created: |
Total number of translation sessions created by this ruleset. |
test function translations: |
Total number of translations created by the test (ruleset) command. |
active: |
Total number of active connections through this translation. |
failed: |
Total number of attempted translation connections that failed. Example of failures: number of maximum users limit has reached, a destination host not responding, an access failure, login failure, no resources, and so on. |
(0 max-user): |
Total number of connections refused due to reaching maximum users limit; (zero, in this example). |
match/skip lines: |
Total number of match and skip lines configured for the ruleset. |
#1 match
#2 skip |
The line number within the block of match and skip commands. |
options: |
Options configured for ruleset processing. |
set/test/substitute lines: |
Total number of set, test, and substitute lines configured for the ruleset. |
#1 set
#2 substitute
#3 test |
Reports the line number within the block of set, substitute, and test commands and describes the commands configured for the ruleset. |
#line number substitute from: |
Reports the line number within the block of set, test, and substitute commands and describes the substitute command configured for the ruleset. |
#line number [set/test] parameter: |
Reports the line number within the block of set and test commands and describes the set and test parameters configured for the ruleset. |
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
show transport-map
To view the transport map configuration details on your router, enter the show transport-map EXEC or priviliged EXEC command.
show transport map [ all | name transport-map-name | type [ console | persistent [ ssh | telnet | webui ]]]
Syntax Description
all |
Specifies information on all transport maps. |
name transport-map-name |
Specifies information on a specific transport map, where transport-map-name is the name of the specific transport map. |
type [ console | persistent [ ssh | telnet | webui ] |
Specifies information on all transport maps of a specific type on the router. Options include:
- console —specifies information on all console port transport maps.
- persistent ssh —specifies information on all persistent ssh transport maps.
- persistent telnet —specifies information on all persistent telnet transport maps.
- persistent webui —specifies information on all web user interface transport maps.
|
Command Modes
EXEC (>)
Privileged EXEC (#)
Command Default
No default behavior or values.
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
This command is used to view information about transport map configurations.
If you are unable to access the IOS CLI in diagnostic mode and want transport map configuration information, the show platform software configuration access policy command is available in diagnostic mode and provides some of the information displayed in this command output for console port, Telnet, and SSH connections.
Examples
In the following example, the router has a console port transport map named consolehandler, a persistent SSH transport map named sshhandler, and a persistent Telnet transport map named telnethandler. The show transport-map all, show transport-map type, and show transport-map name command are all used throughout the example to gather information on the transport maps.
Router#show transport-map all
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Type: Persistent SSH Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Authentication retries: 5
Type: Persistent Telnet Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Type: Persistent Telnet Transport
Router#show transport-map type console
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Router#show transport-map type persistent ssh
Type: Persistent SSH Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Authentication retries: 5
Router#show transport-map type persistent telnet
Type: Persistent Telnet Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Type: Persistent Telnet Transport
Router#show transport-map name telnethandler
Type: Persistent Telnet Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Router#show transport-map name telnethandler1
% No transport map telnethandler1
Router#show transport-map name consolehandler
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Router#show transport-map name sshhandler
Type: Persistent SSH Transport
Wait option: Wait Allow Interruptable
Welcome to Diagnostic Mode
Authentication retries: 5
In the following example, a transport map that has enabled both the HTTP server and the secure HTTP server is viewed using this command.
Router# show transport-map type persistent webui
Type: Persistent Webui Transport
Table 36 show transport-map Field Descriptions
|
|
|
Name: |
Specifies the name of the transport map. A transport-map is named when the transport-map type command is entered in global configuration mode to create a transport map. |
Type: |
Specifies the type of transport map. The possibilities include Console Transport for console port transport maps, Persistent SSH for Persistent SSH transport maps, and Persistent Telnet for persistent Telnet transport maps, Persistent WebUI Transport for web user interface transport maps. |
Wait option: |
Displayed the connection policy. The connection policy is defined using the connection wait transport map configuration command, and can include allow (wait for an IOS vty line, or exit router if send break signal is sent), allow interruptable (wait for an IOS vty line, and enter diagnostic mode if a send break signal is sent), none (immediately enter diagnostic mode if no IOS vty line is available, or none disconnect (immediately leave router if no IOS vty line is available). |
Wait banner: |
Specifies the banner seen when a user is waiting for an IOS vty line. The wait banner is defined using the banner wait transport map configuration mode command. If no text is seen, there is no wait banner. |
Bshell banner: |
Specifies the banner seen when a user is waiting for an diagnostic mode. The wait banner is defined using the banner diagnostic transport map configuration mode command. If no text is seen, there is no wait banner. |
Interface: |
Specifies the interface where the transport map will be applied if it is enabled or once it is enabled. The interface is defined using the transport interface transport map configuration mode command. |
Timeout: |
The login SSH timeout value, in seconds. The login timeout value can be set for SSH transport maps using the time-out transport map configuration command and has a default of 120 seconds. |
Authentication-retries: |
The number of authentication retries before dropping the connection for a persistent SSH connection attempt. This value can be set using the authentication-retries transport map configuration command. |
RSA keypair: |
The RSA keypair name, which is set using the rsa keypair-name transport map configuration command. |
Server |
The HTTP server. This value tells users if the HTTP server is enabled or disabled when a particular web user interface transport map is used. |
Secure Server |
The secure HTTP (HTTPS) server. This value tells users if the secure HTTP server is enabled or disabled when a particular web user interface transport map is used. |
Related Commands
|
|
|
authentication-retries |
Specifies the number of SSH authentication retries before dropping the connection when a persistent SSH transport map is applied to the receiving interface. |
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
rsa keypair-name |
Names the RSA keypair to be used for persistent SSH connections. |
secure-server |
Enables the secure HTTP (HTTPS) server for a persistent web user interface transport map. |
server |
Enables the HTTP server for a persistent web user interface transport map. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
time-out |
Specifies the SSH timeout interval in seconds. |
transport interface |
Applies the transport map settings to the interface. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a persistent transport map and enters transport map configuration mode. |
show ttycap
To test for the availability of a ttycap after a connection on a router takes place, use the show ttycap command in EXEC mode.
show ttycap [ ttycap-name | all ]
Syntax Description
ttycap-name |
(Optional) Name of a ttycap. |
all |
(Optional) Lists the names of all defined ttycaps. The name of the default ttycap is not listed. |
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The Cisco IOS software searches for the specified ttycap in its active configuration image, and lists the complete entry if found. If it is not found, an appropriate “not found” message appears.
If you do not include any arguments with the show ttycap command, then the current keymap used for the terminal is displayed.
Examples
The following is sample output from the show ttycap command:
d0|vt100|vt100-am|vt100am|dec vt100:do=^J:co#80:li#24:\
cl=50^[[;H^[[2J:bs:am:cm=5^[[%i%d;%dH:nd=2^[[C:up=2^[[A:\
ce=3^[[K:so=2^[[7m:se=2^[[m:us=2^[[4m:ue=2^[[m:md=2^[[1m:\
me=2^[[m:ho=^[[H:xn:sc=^[7:rc=^[8:cs=^[[%i%d;%dr:
ttycap3 d0|vt100|vt100-am|vt100am|dec vt100
ttycap2 dl|vt200|vt220|vt200-js|vt220-js|dec vt200 series with jump scroll
ttycap1 ku|h19-u|h19u|heathkit with underscore cursor
Router# show ttycap ttycap1
ttycap1 ku|h19-u|h19u|heathkit with underscore cursor:\:vs@:ve@:tc=h19-b:\
:al=1*\EL:am:le=^H:bs:cd=\EJ:ce=\EK:cl=\EE:cm=\EY%+ %+\
:co#80:dc=\EN:\:dl=1*\EM:do=\EB:ei=\EO:ho=\EH\
:im=\E@:li#24:mi:nd=\EC:as=\EF:ae=\EG:\
:ms:pt:sr=\EI:se=\Eq:so=\Ep:up=\EA:vs=\Ex4:ve=\Ey4:\
:kb=^h:ku=\EA:kd=\EB:kl=\ED:kr=\EC:kh=\EH:kn#8:ke=\E>:ks=\E=:\
:k1=\ES:k2=\ET:k3=\EU:k4=\EV:k5=\EW:\
:l6=blue:l7=red:l8=white:k6=\EP:k7=\EQ:k8=\ER:\
:es:hs:ts=\Ej\Ex5\Ex1\EY8%+ \Eo:fs=\Ek\Ey5:ds=\Ey1:
Refer to the ttycap command for more information about keyboard mappings and keymap entry structures.
Related Commands
|
|
|
keymap |
Defines characteristics of a terminal emulation file. |
show users
To display information about the active lines on the router, use the show users command in privileged EXEC mode.
show users [ all ] [ lawful-intercept ]
Syntax Description
all |
(Optional) Specifies that all lines be displayed, regardless of whether anyone is using them. |
lawful-intercept |
(Optional) Displays lawful-intercept users. |
Command Modes
Privileged EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.3(7)T |
The lawful-intercept keyword was introduced. |
12.2(33)SRB |
The lawful-intercept keyword was integrated into Cisco IOS Release 12.2(33)SRB. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command displays the line number, connection name, idle time, hosts (including virtual access interfaces), and terminal location. An asterisk (*) indicates the current terminal session.
If the lawful-intercept keyword is issued, the names of all users who have access to a configured lawful intercept view will be displayed. To access the show users lawful-intercept command, you must be an authorized lawful-intercept-view user.
Examples
The following is sample output from the show users command:
Line User Host(s) Idle Location
* 2 vty 0 user1 idle 0 SERVICE1.CISCO.COM
The following is sample output identifying an active virtual access interface:
Line User Host(s) Idle Location
10 vty 0 Virtual-Access2 0 1212321
The following is sample output from the show users all command:
Line User Host(s) Idle Location
* 0 vty 0 user1 idle 0 SERVICE1.CISCO.COM
Table 37 describes the significant fields shown in the displays.
Table 37 show users Field Descriptions
|
|
|
Line |
Contains three subfields:
- The first subfield (0 in the sample output) is the absolute line number.
- The second subfield (vty in the sample output) indicates the type of line. Possible values follow:
con—console aux—auxiliary port tty—asynchronous terminal port vty—virtual terminal
- The third subfield (0 in the * sample output) indicates the relative line number within the type.
|
User |
User using the line. If no user is listed in this field, no one is using the line. |
Host(s) |
Host to which the user is connected (outgoing connection). A value of idle means that there is no outgoing connection to a host. |
Idle |
Interval (in minutes) since the user has entered something. |
Location |
Either the hard-wired location for the line or, if there is an incoming connection, the host from which incoming connection came. |
The following sample output from the show users lawful intercept command, shows three LI-View users on the system—li_admin, li-user1, and li-user2”:
Router# show users lawful-intercept
Related Commands
|
|
|
line |
Identifies a specific line for configuration and starts the line configuration command collection mode. |
li-view |
Creates a lawful intercept view. |
show line |
Displays the parameters of a terminal line. |
username |
Establishes a username-based authentication system. |
show x25 pad
To display information about current open connections, including packet transmissions, X.3 parameter settings, and the current status of virtual circuits, use the show x25 pad command in EXEC mode.
show x25 pa d
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following is sample output from the show x25 pad command:
tty2, Incoming PAD connection
Total input: 61, control 6, bytes 129. Queued: 0 of 7 (0 bytes).
Total output: 65, control 6, bytes 696.
Flags: 1, State: 3, Last error: 1
ParamsIn: 1:1, 2:0, 3:2, 4:1, 5:1, 6:0, 7:21,
8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:1,
16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,
ParamsOut: 1:1, 2:1, 3:2, 4:1, 5:0, 6:0, 7:4,
8:0, 9:0, 10:0, 11:14, 12:0, 13:0, 14:0, 15:0,
16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,
LCI: 1, State: D1, Interface: Serial0
Started 0:11:10, last input 0:00:16, output 0:00:16
Connected to 313700540651
Window size input: 7, output: 7
Packet size input: 512, output: 512
PS: 1 PR: 5 ACK: 5 Remote PR: 1 RCNT: 0 RNR: FALSE
Retransmits: 0 Timer (secs): 0 Reassembly (bytes): 0
Held Fragments/Packets: 0/0
Bytes 696/129 Packets 65/61 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0
Table 38 describes the fields shown in the display.
Table 38 show x25 pad Field Descriptions
|
|
|
Total input/output |
Number of packets received or sent for the connection. |
control |
Number of packets with Qbit set (X.29 control packets). |
bytes |
Number of bytes in each direction. |
Queued |
Number of unread packets waiting for the connection. |
Waiting to send |
Local data packet bit not sent (part of a line). |
Flags, State, Last error |
Displays data for detecting errors and tracing initialization status. Only useful to your Cisco-certified technical support personnel. |
ParamsIn |
Parameters read from the PAD at the start of the connection. |
ParamsOut |
Active X.3 parameters. |
LCI, State, Interface |
Status of the X.25 virtual circuit associated with the PAD connection. This is the same display that the show x25 vc command shows. |
skip (ruleset)
To identify a connection to ignore by the translation ruleset, use the skip command in translate ruleset configuration mode. To remove the test operation, use one of the two no forms of this command.
skip [ # line-number ] incoming-connection-parameter regular-expression [ # line-number incoming-connection-parameter regular-expression [ ... ]]
no skip incoming-connection-parameter regular-expression [ incoming-connection-parameter regular-expression [ ... ]]
no skip # line-number [ ... ]
Syntax Description
# line-number |
(Optional) The line in the translation ruleset to test for a skip operation. The # character must be entered. |
incoming-connection-parameter |
Incoming protocol parameter to test for; up to six skip tests can be written on one command line. Parameters are available for packet assembler/disassembler (PAD) and Telnet connections, and are listed in Table 39 and Table 40 . |
regular-expression |
Pattern with regular expression to test for ignoring. |
[ ... ] |
(Optional) Specifies that multiple entries can be made as follows:
- Up to six skip tests can be written on one command line.
- Multiple line numbers can be specified using the second no form of this command.
|
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Up to six skip tests can be written on one command line. The ellipses in the format shown above means multiple skip tests can be written in a translation ruleset statement.
For incoming connection attempts, a template is configured, and within the template a connection can be identified by tests written using Cisco regular expressions and a pattern that is ignored (skipped).
The translation ruleset templates have line numbers that can be displayed using the show translate ruleset EXEC command.
Cisco regular expressions are described in Appendix A, “Regular Expressions,” in the Cisco IOS Terminal Services Configuration Guide.
Table 39 and Table 40 list the protocol parameter keywords and arguments that can be specified in the skip statements for incoming PAD and Telnet connections.
Table 39 Skip Keywords for Incoming PAD Connections
|
|
|
cud ASCII-string |
Call user data (CUD) that occurs after the protocol identification (PID). For outgoing PAD connections, this is the optional, user-specified text included in the outgoing call request packet after the protocol identification bytes. The CUD is entered as an ASCII string. |
dest-addr address |
Destination X.121 address entered as a number from 0 to 15 digits long. |
dest-addr-ext address |
Network service access point (NSAP) destination address extension. |
dlci number |
Frame Relay data-link connection identifier (DLCI) of an Annex G service entered as a number from one to seven digits, although a size of two to four digits is more likely, or the NULL string if not received on an Annex G service. |
interface type number |
Interface to be used for the circuit, entered using standard Cisco IOS interface designations: Serial1/0:1, for example. |
mac address |
Connection-Mode Network Service (CMNS) service remote host MAC address entered as three hexadecimal numbers of four digits separated by a period, 0000.fc08.12ab, for example, or the NULL string if not received on a CMNS service. |
packetsize size |
X.25 maximum data packet sizes to request, entered as two numbers from the following choices: 16, 32, 64, 128, 256, 512, 1024, 2048, 4096. |
pid byte-string |
PID string specified in ASCII or hexadecimal. A hexadecimal PID must be prefixed by “0x.” For example, 0x01000000 is the standard PAD PID. Although it is available for specifying a nonstandard Call PID, this parameter is not restricted to the common PID length and can be used to specify the entire user data field. |
reversed flag |
Flag to indicate whether a reverse charged Call is permitted. This flag applies to a switched virtual circuit (SVC) and is entered as a single character, Y or N, for yes or no. |
source-addr address |
Source X.121 address. |
source-addr-ext address |
NSAP source address extension. |
windowsize size |
X.25 window sizes to request, entered as two numbers in a range from 1 to 127. |
xot-dest-addr address |
Destination IP address of an X.25 over TCP (XOT) service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
xot-source-addr address |
Source IP address of an XOT service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
Table 40 Skip Keywords for Incoming Telnet Connections
|
|
|
dest-addr address |
Destination IP address entered in standard IP address dotted decimal notation: 10.0.0.127, for example. |
dest-port port |
Destination port entered as a decimal number from one to five digits long. |
source-addr address |
Source IP address entered in standard IP address dotted decimal notation: 10.0.0.127, for example. |
Examples
The following example shows how to write match and skip tests to skip connection attempts from any subnetwork address starting with 10 or 11 and match only those with a specific IP address and destination port number:
translate ruleset customer-case-1 from telnet to pad
! Ignore an incoming Telnet attempt from any subnetwork address starting with 10
! Match an incoming Telnet attempt destined for an IP addresses starting
! with 172.18., and a 5-digit port starting with 10 or 11
match dest-addr ^172\.18\..* dest-port ^1[0-1]...$
! Or match an incoming Telnet attempt destined an IP addresses starting
! with 172.18., and a 5-digit port starting with 120 through 127
match dest-addr ^172\.18\..* dest-port ^12[0-7]..$
The following example shows how to write match and skip tests to skip connection attempts from destination 55554 and to match only those with destination addresses from 55550 to 55553 and from 55556 to 55559:
translate ruleset A from pad to telnet
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
slip
To start a serial connection to a remote host by using Serial Line Internet Protocol (SLIP), use the slip command in EXEC mode.
slip [ /default ] { remote-ip-address | remote-name } [ @ tacacs-server ] [ /routing ] [ /compressed ]
Syntax Description
/default |
(Optional) Makes a SLIP connection when a default address has been configured. |
remote-ip-address |
IP address of the client workstation or PC. |
remote-name |
Name of the client workstation or PC. |
@ tacacs-server |
(Optional) IP address or IP host name of the TACACS server to which your TACACS authentication request is sent. |
/routing |
(Optional) Indicates that the remote system is a router. Line must be configured for asynchronous routing using SLIP encapsulation. |
/compressed |
(Optional) Indicates that IP header compression should be negotiated. |
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced in a release prior to Cisco IOS Release 10.0. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
When you connect from a remote node computer to the EXEC facility on a router and want to connect from the router to a device on the network, issue the slip command.
If you specify an address for the TACACS server by using /default or tacacs-server arguments, the address must be the first parameter in the command after you enter slip. If you do not specify an address or enter /default, you are prompted for an IP address or host name. You can enter the /default keyword at this point.
If you do not use the tacacs-server argument to specify a TACACS server for SLIP address authentication, the TACACS server specified at login (if any) is used for the SLIP address query.
To optimize bandwidth on a line, SLIP enables compression of the SLIP packets using Van Jacobson TCP header compression as defined in RFC 1144.
Your system administrator must configure the system with the ip tcp header-compression passive command for the /compressed command option to be valid in EXEC mode. The ip tcp header-compression command forces header compression on or off. The default is to not compress the packets. The configuration file must have header compression on and the slip /compressed EXEC command must be entered for header compression to occur.
To terminate a session initiated with the slip command, disconnect from the device on the network using the command specific to that device. Then, exit from EXEC mode by using the exit command.
Examples
The following example makes a connection when a default IP address is assigned. Once a correct password is entered, you are placed in SLIP mode, and the IP address is displayed.
Your IP address is 192.168.7.28, MTU is 1524 bytes
The following example illustrates the prompts displayed and the response required when you use dynamic addressing to assign the SLIP address:
IP address or hostname? 192.168.6.15
Your IP address is 192.168.6.15, MTU is 1524 bytes
In the preceding example, the address 172.31.6.15 has been assigned as the default. Password verification is still required before SLIP mode can be enabled.
Your IP address is 192.168.6.15, MTU is 1524 bytes
The following example illustrates the implementation of header compression on the interface with the IP address 172.24.2.1:
Router> slip 172.24.2.1 /compressed
Interface IP address is 172.24.2.1, MTU is 1500 bytes.
Header compression will match your system.
In the preceding example, the interface is configured for the ip tcp header-compression passive command, which permits the user to enter the /compressed keyword at the EXEC mode prompt. The message “Header compression will match your system” indicates that the user specified compression. If the line was configured for the ip tcp header-compression on command, this line would read “Header compression is On.”
The following example specifies a TACACS server named server1 for address authentication:
Router> slip 10.0.0.1@server1
Interface IP address is 10.0.0.1, MTU is 1500 bytes
Header compression will match your system.
Related Commands
|
|
|
ip tcp header-compression |
Enables TCP header compression. |
substitute (ruleset)
To match an available protocol and substitute another in a translation ruleset, use the substitute command in translate ruleset configuration mode. To change or remove the substitution statement, use one of the no forms of this command.
substitute [ # line-number ] { pad | telnet } variable-parameter reg-exp-match [ # line-number { pad | telnet } variable-parameter reg-exp-match [...]] into { pad | telnet } variable-parameter [ reg-exp-write ]
no substitute { pad | telnet } variable-parameter reg-exp-match into { pad | telnet } variable-parameter [ reg-exp-write ]
no substitute # line-number [...]
Syntax Description
# line-number |
(Optional) The line in the translation ruleset to test for substitution. The # character must be entered. |
{ pad | telnet } |
Identifies the incoming or outgoing protocol and controls which parameters are available in the next element of this command. |
variable-parameter |
A parameter that varies depending upon the protocol selected, either pad or telnet, and its role, either incoming or outgoing. Protocol parameters that modify the incoming or outgoing connection behavior during protocol translation session setup are indicated in Table 41 with an X. |
reg-exp-match |
A standard Cisco regular expression match specification. |
into |
Makes the substitution into an available protocol parameter. |
reg-exp-write |
(Optional) A standard Cisco regular expression write specification that uses information from a match specification. |
[ ... ] |
(Optional) Specifies that multiple entries can be made as follows:
- Up to six substitute statements can be written on one command line.
- Multiple line numbers can be specified using the second no form of this command.
|
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Up to six substitute specifications can be entered on one command line. The ellipses in the format shown above means multiple substitute statements can be specified in a translation ruleset statement.
When you use the first no form of this command, specify the full set of parameters and expressions in the command to be removed. The second no form must specify the correct substitute command and line number within the translation ruleset template.
This command is used to substitute between protocol parameters using regular expressions to match elements with a test string, and to substitute parameters into another string that can take elements from the matched string.
Cisco regular expressions are described in Appendix A, “Regular Expressions,” in the Cisco IOS Terminal Services Configuration Guide.
A substitute … into statement will perform a regular expression match on any available protocol parameter and, if matched, substitute into any available protocol parameter. The regular expression write specification is optional. If the specification is omitted, the current value of the parameter will be taken as the regular expression write specification. This latter provision is a way of using multiple parameter values to set another parameter value. As an example, two successive substitute statements from a Telnet destination address and destination port into a packet assembler/disassembler (PAD) destination address could be specified using the following statements:
substitute telnet dest-addr ^10\.0\.0\.(.)$ into pad dest-addr 111100\1\\1
substitute telnet dest-addr ^10\.0\.0\.(..)$ into pad dest-addr 111100\1\\1
substitute telnet dest-port ^10(...)$ into pad dest-addr
If these successive substitutions were performed using an incoming Telnet connection from IP address 10.0.0.9/10234, the PAD destination address after the first substitution would be 111009\1, and after the second substitution would be 1111009234.
The following statements construct a switched virtual circuit (SVC) source address from the Telnet source information, starting with the source IP address in the form 172.18.#.##, which allows for a subsequent substitution of one field (notice the use of the backslash to concatenate the substitute and into statements):
substitute telnet source-addr ^172\.18\.(.)\.(..) \
into pad source-addr 98\1\2\\1
You can add in elements extracted from the Telnet destination port, where the rewrite pattern is taken from the current value of PAD source address, as follows:
substitute telnet dest-port ^.(...). into pad source-addr
Table 41 lists the PAD and Telnet parameters that can be set, as indicated by an X.
Table 41 Substitute Connection Parameter Keywords
|
|
|
|
|
|
|
authorize-method ASCII-string |
Connection authorization method to use that must match one of a fixed set of values. |
X |
— |
— |
X |
authorize-tag ASCII-string |
Connection authorization identity to supply, entered as an ASCII string. |
X |
— |
— |
X |
binary flag |
Flag that specifies whether 8-bit binary data is required, entered as one of the following characters to specify binary mode: Y, y, 1 – 9,
T, t. |
— |
X |
— |
X |
cud ASCII-string |
Call user data (CUD) that occurs after the protocol identification (PID). For X.29 service, this is the optional, user-specified text included in the command to place a call. |
X |
— |
X |
— |
dest-addr address |
Destination IP (Telnet) or X.121 (PAD) address. |
X |
X |
X |
X |
dest-addr-ext address |
Network service access point (NSAP) destination address extension. |
X |
— |
X |
— |
dest-port port |
Destination port entered as a decimal number from one to five digits long. |
— |
X |
— |
X |
dlci number |
Frame Relay data-link connection identifier (DLCI) of an Annex G service entered as a number from one to seven digits in length, although a size of two to four digits is more likely, or the NULL string if not received on an Annex G service. |
X |
— |
X |
— |
eor specification |
A character set defining the End-of-Record (EOR) string for the protocol translation session, entered as an ASCII or hexadecimal specification from one to four bytes in length, aaa or 0x19, as examples. |
— |
X |
— |
X |
eor-insert flag |
Flag specifying that the EOR character set should be inserted for PAD data being forwarded to a Telnet session, and entered as a single character. Use one of the following characters to specify EOR insertion: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
hostname address |
Destination host name for Domain Name System (DNS) resolution entered as an ASCII string. |
— |
X |
— |
— |
idle seconds |
Number of seconds the PAD connection can be idle before being cleared. |
X |
— |
X |
— |
interface type number |
Interface to be used for the circuit, entered using standard Cisco IOS interface designations; Serial1/0:1, for example. |
X |
— |
X |
— |
keepalive-period seconds |
A number that indicates the number of seconds between TCP keepalives for the X.25 over TCP (XOT) connection. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
keepalive-tries number |
A number that indicates the number of TCP keepalives to send before the XOT connection is declared dead. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
local flag |
Flag specifying that Telnet control sequences should be forwarded, not processed, and entered as a single character. Use one of the following characters to specify local mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
mac address |
Connection-Mode Network Service (CMNS) service remote host MAC address entered as three hexadecimal numbers of four digits separated by a period, (0000.fc08.12ab, for example) or the NULL string if not received on a CMNS service. |
X |
— |
X |
— |
no-reset |
Suppress a PVC Reset packet at session startup. |
X |
— |
X |
— |
packetsize size |
X.25 maximum data packet sizes to request, entered as two numbers from the following choices: 16, 32, 64, 128, 256, 512, 1024, 2048, 4096. |
X |
— |
X |
— |
pid byte-string |
PID string specified in ASCII or hexadecimal. A hexadecimal PID must be prefixed by “0x.” For example, 0x01000000 is the standard PAD PID. Although it is available for specifying a nonstandard Call PID, this parameter is not restricted to the common PID length and can be used to specify the entire user data field. |
X |
— |
X |
— |
printer flag |
Printer access mode. Flag specifying that the outgoing connection should be brought up before the incoming connection is confirmed. Use one of the following characters to specify printer mode: Y, y, 1 – 9, T, t. An unsuccessful outgoing connection attempt results in the incoming connection to the ruleset being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the ruleset quiet keyword to be applied to the translation. |
X |
— |
— |
X |
profile name |
Named PAD profile to use. |
X |
— |
X |
— |
pvc circuit-number |
Permanent virtual circuit (PVC) entered as a number from 1 to 4095, or the null string if not a PVC. |
— |
— |
X |
— |
reverse |
Request reverse charging. |
— |
— |
X |
— |
reversed flag |
Flag to indicate whether a reverse charged Call is permitted. This flag applies to a switched virtual circuit (SVC) and is entered as a single character, Y or N, for yes or no. |
X |
— |
— |
— |
rotor |
Modifies the behavior of the host-name keyword by allowing one of the IP addresses defined by the ip host configuration command to be chosen randomly. If one address fails, another will be tried until a connection is made or all address choices are exhausted. |
— |
X |
— |
— |
source-addr address |
Source X.121 address. |
X |
— |
X |
X |
source-addr-ext address |
NSAP source address extension. |
X |
— |
X |
— |
source-ifc type number |
Interface from which to take the source IP address, entered using standard Cisco IOS interface designations: Loopback0, for example. |
— |
X |
X |
— |
stream flag |
Flag that specifies whether Telnet negotiation should be sent or accepted, entered as one of the following characters to specify stream mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
swap flag |
X.29 role reversal. Flag that indicates the PAD connection should not initiate X.29 commands when first connected. Use one of the following characters to swap behavior: Y, y, 1 – 9, T, t. This parameter enables incoming and outgoing PAD connections to be swapped so that a protocol translation is treated like a PAD when it accepts a call. By default, the protocol translation functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. |
X |
— |
X |
— |
use-map map |
Use the map defined for PAD service. |
— |
— |
X |
— |
windowsize size |
X.25 window sizes to request, entered as two numbers in a range from 1 to 127. |
X |
— |
X |
— |
xot-dest-addr address |
Destination IP address of an X.25 over TCP (XOT) service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
X |
— |
X |
— |
xot-source-addr address |
Source IP address of an XOT service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
X |
— |
— |
— |
Examples
The following example shows how to build a translation ruleset template by starting with a match connection test, specifying protocol translation options, and setting specific parameters for incoming Telnet connections. The translation ruleset goes on to test and set appropriate parameters for incoming PAD connections, and to construct an SVC source address from Telnet information starting with the source IP address expressed using regular expression characters that allow for subsequent substitution in its last two fields. The translation ruleset is completed by adding in elements extracted from the Telnet destination port; the rewrite pattern is taken from the current value of PAD source address. Note use of the backslash character to construct the test... set and substitute... into statements.
translate ruleset customer-case-1 from telnet to pad
! Match an incoming Telnet attempt destined for IP addresses starting
! with 172.18., and a 5-digit port starting with the numbers 120 through 127.
match dest-addr ^172\.18\..* dest-port ^12[0-7]..$
! Once the correct network is matched, specify that this ruleset is limited
! to ten concurrent users and requires a login exchange.
options max-users 10 login
set telnet printer Y telnet binary Y
set pad profile cust-profile-one
! Test conditional parameters and make appropriate settings:
test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \
set pad pvc 1 telnet binary T
! Construct an SVC source address from the Telnet source information;
! start with the source IP address in the form 172.18.#.##, allowing
! for substitutions in the last two fields:
substitute telnet source-addr ^172\.18\.(.)\.(..) \
into pad source-addr 98\1\2\\1
! Now add in an extract from the Telnet destination port,
! where the rewrite pattern is taken from the current value of the PAD
substitute telnet dest-port ^.(...). into pad source-addr
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
telnet
To log in to a host that supports Telnet, use the telnet command in user EXEC or privileged EXEC mode.
telnet host [ port ] [ keyword ]
Syntax Description
host |
A hostname or an IP address. |
port |
(Optional) A decimal TCP port number, or port name; the default is the Telnet router port (decimal 23) on the host. |
keyword |
(Optional) One of the keywords listed in Table 42 . |
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
|
10.0 |
This command was introduced. |
12.0(21)ST |
The /ipv4 and /ipv6 keywords were added. |
12.1 |
The /quiet keyword was added. |
12.2(2)T |
The /ipv4 and /ipv6 keywords were added. |
12.0(22)S |
This command was integrated into Cisco IOS Release 12.0(22)S. |
12.2(14)S |
This command was integrated into Cisco IOS Release 12.2(14)S. |
12.2(28)SB |
This command was integrated into Cisco IOS Release 12.2(28)SB. |
12.2(25)SG |
This command was integrated into Cisco IOS Release 12.2(25)SG. |
12.2(33)SRA |
This command was integrated into Cisco IOS Release 12.2(33)SRA. |
12.2(33)SXH |
This command was integrated into Cisco IOS Release 12.2(33)SXH. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Table 42 lists the optional telnet command keywords.
Table 42 telnet Keyword Options
|
|
|
/debug |
Enables Telnet debugging mode. |
/encrypt kerberos |
Enables an encrypted Telnet session. This keyword is available only if you have the Kerberized Telnet subsystem. If you authenticate using Kerberos Credentials, the use of this keyword initiates an encryption negotiation with the remote server. If the encryption negotiation fails, the Telnet connection will be reset. If the encryption negotiation is successful, the Telnet connection will be established, and the Telnet session will continue in encrypted mode (all Telnet traffic for the session will be encrypted). |
/ipv4 |
Specifies version 4 of the IP protocol. If a version of the IP protocol is not specified in a network that supports both the IPv4 and IPv6 protocol stacks, IPv6 is attempted first and is followed by IPv4. |
/ipv6 |
Specifies version 6 of the IP protocol. If a version of the IP protocol is not specified in a network that supports both the IPv4 and IPv6 protocol stacks, IPv6 is attempted first and is followed by IPv4. |
/line |
Enables Telnet line mode. In this mode, the Cisco IOS software sends no data to the host until you press the Enter key. You can edit the line using the standard Cisco IOS software command-editing characters. The /line keyword is a local switch; the remote router is not notified of the mode change. |
/noecho |
Disables local echo. |
/quiet |
Prevents onscreen display of all messages from the Cisco IOS software. |
/route: path |
Specifies loose source routing. The path argument is a list of hostnames or IP addresses that specify network nodes and ends with the final destination. |
/source-interface |
Specifies the source interface. |
/stream |
Turns on stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process Telnet options and can be appropriate for connections to ports running UNIX-to-UNIX Copy Program (UUCP) and other non-Telnet protocols. |
port-number |
Port number. |
bgp |
Border Gateway Protocol. |
chargen |
Character generator. |
cmd rcmd |
Remote commands. |
daytime |
Daytime. |
discard |
Discard. |
domain |
Domain Name Service. |
echo |
Echo. |
exec |
EXEC. |
finger |
Finger. |
ftp |
File Transfer Protocol. |
ftp-data |
FTP data connections (used infrequently). |
gopher |
Gopher. |
hostname |
Hostname server. |
ident |
Ident Protocol. |
irc |
Internet Relay Chat. |
klogin |
Kerberos login. |
kshell |
Kerberos shell. |
login |
Login (rlogin). |
lpd |
Printer service. |
nntp |
Network News Transport Protocol. |
pim-auto-rp |
Protocol Independent Multicast (PIM) auto-rendezvous point (RP). |
node |
Connect to a specific Local-Area Transport (LAT) node. |
pop2 |
Post Office Protocol v2. |
pop3 |
Post Office Protocol v3. |
port |
Destination local-area transport (LAT) port name. |
smtp |
Simple Mail Transfer Protocol. |
sunrpc |
Sun Remote Procedure Call. |
syslog |
Syslog. |
tacacs |
Specifies TACACS security. |
talk |
Talk (517). |
telnet |
Telnet (23). |
time |
Time (37). |
uucp |
UNIX-to-UNIX Copy Program (540). |
whois |
Nickname (43). |
www |
World Wide Web (HTTP, 80). |
With the Cisco IOS implementation of TCP/IP, you are not required to enter the connect or telnet command to establish a terminal connection. You can enter only the learned hostname—as long as the following conditions are met:
- The hostname is different from a command word for the router.
- The preferred transport protocol is set to telnet.
To display a list of the available hosts, use the show hosts command. To display the status of all TCP connections, use the show tcp command.
The Cisco IOS software assigns a logical name to each connection, and several commands use these names to identify connections. The logical name is the same as the hostname, unless that name is already in use, or you change the connection name with the name-connection EXEC command. If the name is already in use, the Cisco IOS software assigns a null name to the connection.
The Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system-specific functions. To issue a special Telnet command, enter the escape sequence and then a command character. The default escape sequence is Ctrl-^ (press and hold the Ctrl and Shift keys and the 6 key). You can enter the command character as you hold down Ctrl or with Ctrl released; you can use either uppercase or lowercase letters. Table 43 lists the special Telnet escape sequences.
Table 43 Special Telnet Escape Sequences
|
|
|
Ctrl-^ b |
Break |
Ctrl-^ c |
Interrupt Process (IP and IPv6) |
Ctrl-^ h |
Erase Character (EC) |
Ctrl-^ o |
Abort Output (AO) |
Ctrl-^ t |
Are You There? (AYT) |
Ctrl-^ u |
Erase Line (EL) |
At any time during an active Telnet session, you can list the Telnet commands by pressing the escape sequence keys followed by a question mark at the system prompt:
Ctrl-^ ?
A sample of this list follows. In this sample output, the first caret (^) symbol represents the Ctrl key, and the second caret represents Shift-6 on your keyboard:
[Special telnet escape help]
You can have several concurrent Telnet sessions open and switch among them. To open a subsequent session, first suspend the current connection by pressing the escape sequence (Ctrl-Shift-6 then x [Ctrl^x] by default) to return to the system command prompt. Then open a new connection with the telnet command.
To terminate an active Telnet session, enter any of the following commands at the prompt of the device to which you are connecting:
- close
- disconnect
- exit
- logout
- quit
Examples
The following example establishes an encrypted Telnet session from a router to a remote host named host1:
router> telnet host1 /encrypt kerberos
The following example routes packets from the source system host1 to example.com, then to 10.1.0.11, and finally back to host1 :
router> telnet host1 /route:example.com 10.1.0.11 host1
The following example connects to a host with the logical name host1:
The following example suppresses all onscreen messages from the Cisco IOS software during login and logout:
router> telnet host2 /quiet
The following example shows the limited messages displayed when connection is made using the optional /quiet keyword:
Welcome to OpenVMS VAX version V6.1 on node CRAW
Last interactive login on Tuesday, 15-DEC-1998 11:01
Last non-interactive login on Sunday, 3-JAN-1999 22:32
User2 logged out at 16-FEB-2000 09:38:27.85
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
kerberos clients mandatory |
Causes the rsh, rcp, rlogin, and telnet commands to fail if they cannot negotiate the Kerberos Protocol with the remote server. |
name connection |
Assigns a logical name to a connection. |
rlogin |
Logs in to a UNIX host using rlogin. |
show hosts |
Displays the default domain name, the style of name lookup service, a list of name server hosts, and the cached list of hostnames and addresses. |
show tcp |
Displays the status of TCP connections. |
telnet break-on-ip
To cause the system to generate a hardware BREAK signal on the EIA/TIA-232 line that is associated with a reverse Telnet connection when a Telnet Interrupt-Process command is received on that connection, use the telnet break-on-ip command in line configuration mode.
telnet break-on-ip
Syntax Description
This command has no arguments or keywords.
Defaults
No hardware BREAK signal is generated when an Interrupt-Process command is received.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command causes the system to generate a hardware BREAK signal on the EIA/TIA-232 line that is associated with a reverse Telnet connection. It is useful when a Telnet Interrupt-Process command is received on that connection because it can control the translation of Telnet Interrupt-Process commands into X.25 BREAK indications. It is also a useful workaround in the following situations:
- Several user Telnet programs send an Interrupt-Process command, but cannot send a Telnet BREAK signal.
- Some Telnet programs implement a BREAK signal that sends an Interrupt-Process command.
- Some EIA/TIA-232 hardware devices use a hardware BREAK signal for various purposes.
A hardware BREAK signal is generated when a Telnet BREAK command is received.
Examples
In the following example, line 5 is configured with the telnet break-on-ip command. The location text notes that this line is the location of the high-speed modem. The telnet transparent command sets end-of-line handling.
location high-speed modem
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
telnet |
Logs in to a host that supports Telnet. |
telnet transparent |
Configures the Cisco IOS software to send a CARRIAGE RETURN (CR) as a CR followed by a NULL instead of a CR followed by a LINE FEED (LF). |
terminal telnet break-on-ip |
Causes the access server to generate a hardware Break signal on the EIA/TIA-232 line, which is associated with a reverse Telnet connection, for the current line and sessions. |
telnet refuse-negotiations
To set a line using Telnet to refuse to negotiate full-duplex, remote echo requests on incoming connections, use the telnet refuse-negotiations command in line configuration mode. To disable this function, use the no form of this command.
telnet refuse-negotiations
no telnet refuse-negotiations
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use this command on reverse Telnet connections to allow the Cisco IOS software to refuse full-duplex, remote echo option connection requests from the other end. This command suppresses negotiation of the Telnet Remote Echo and Suppress Go Ahead options.
This command does not apply to protocol translation configurations. It is intended for applications in which the router is functioning as a terminal server to allow terminal connections to remote devices through the asynchronous terminal ports of the router. Terminal server connections are those where the user types a command similar to the following to access network resources:
telnet access-server 2005
where access-server is the host name of the Cisco router functioning as a terminal server, and 2005 is the port number on the router to which the remote terminal is connected.
Examples
The following example shows how to set line 5 to refuse full-duplex, remote echo requests:
telnet refuse-negotiations
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
telnet |
Logs in to a host that supports Telnet. |
terminal telnet refuse-negotiations |
Sets the current line to refuse to negotiate full-duplex, remote echo options on incoming connections for current sessions. |
telnet speed
To allow negotiation of the transmission speed of the line to a connected device, use the telnet speed command in line configuration mode. To disable this function, use the no form of this command.
telnet speed default-speed maximum-speed
no telnet speed
Syntax Description
default-speed |
Line speed, in bits per second, that the Cisco IOS software will use if the device on the other end of the connection has not specified a speed. |
maximum-speed |
Maximum speed, in bits per second, that the device on the port will use. |
Defaults
No default behavior or values.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Negotiates speeds on reverse Telnet lines. You can match line speeds on remote systems in reverse Telnet, on host machines hooked up to a router used to access the network, or on a group of console lines hooked up to the router, when disparate line speeds are in use at the local and remote ends of the connection. Line speed negotiation adheres to the Remote Flow Control option defined in RFC 1080.
Examples
The following example allows a router to negotiate a bit rate on the line using the Telnet option. If no speed is negotiated, the line will run at 2400 bits per second (bps). If the remote host requests a speed of greater than 9600 bps, then 9600 will be used.
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
telnet |
Logs in to a host that supports Telnet. |
terminal telnet speed |
Allows the access server to negotiate transmission speed for the current line and session. |
telnet sync-on-break
To configure the Cisco IOS software to cause an incoming connection to send a Telnet Synchronize signal when it receives a Telnet BREAK signal, use the telnet sync-on-break command in line configuration mode. To disable this function, use the no form of this command.
telnet sync-on-break
no telnet sync-on-break
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command causes a reverse Telnet line to send a Telnet Synchronize signal when it receives a Telnet BREAK signal. This option is used very rarely to ensure the ordering of BREAK reception with respect to data characters sent after the BREAK.
Examples
The following example configures the AUX line with the telnet sync-on-break command:
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
telnet |
Logs in to a host that supports Telnet. |
terminal telnet sync-on-break |
Causes the access server to send a Telnet Synchronize signal when it receives a Telnet Break signal on the current line and session. |
telnet transparent
To configure the Cisco IOS software to send a CARRIAGE RETURN (CR) as a CR followed by a NULL instead of a CR followed by a LINE FEED (LF), use the telnet transparent command in line configuration mode. To return to the default setting, use the no form of this command.
telnet transparent
no telnet transparent
Syntax Description
This command has no arguments or keywords.
Defaults
CARRIAGE RETURN followed by a LINE FEED.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command is useful for coping with different interpretations of end-of-line handling in the Telnet protocol specification.
Examples
The following example causes the Cisco IOS software, when sending a CR, to send a CR followed by a NULL character:
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
telnet |
Logs in to a host that supports Telnet. |
terminal telnet transparent |
Causes the current terminal line to send a Return character (CR) as a CR followed by a NULL instead of a CR followed by a LINE FEED (LF) for the current session. |
terminal lat out-group
To temporarily define the list of services to which you or another user can connect, use the terminal lat out-group command in user EXEC mode.
terminal lat out-group group-number [ start-end ] { disabled | enabled }
Syntax Description
group-number |
Number of the group that has access to the system through the specified line. This number is identified by the system administrator. You also can specify a range of group numbers. Separate the beginning and end of the range with a hyphen. |
[ start-end ] |
(Optional) You can specify a range of group numbers for the group-number argument. Separate the beginning and end of the range with a hyphen. |
disabled |
Incrementally removes specified groups from a list. |
enabled |
Incrementally adds specified groups to a list. |
Command Modes
User EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
To temporarily define the list of services to which you or another user can connect, you define the group code lists used for connections from specific lines. You limit the connection choices for an individual line by defining the group code lists for an outgoing connection. When a user initiates a connection with a local-area transport (LAT) host, the line must share a common group number with the remote LAT host before a connection can be made.
The group code range entered in this command must fall within the group code range already configured for the line.
Examples
The following example defines a group code list for the outgoing group 4:
Router> terminal lat out-group 4, 6-189
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
l2f ignore-mid-sequence |
Specifies a connection to a particular LAT node that offers LAT services. |
terminal lat remote-modification
To set a line running local-area transport (LAT) to be remotely modifiable, use the terminal lat remote-modification command in privileged EXEC mode.
terminal lat remote-modification
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following example sets line 6 to be remotely modifiable:
Router# terminal lat remote-modification 6
Related Commands
|
|
|
connect |
Logs in to a host that supports Telnet, rlogin, or LAT. |
l2f ignore-mid-sequence |
Specifies a connection to a particular LAT node that offers LAT services. |
terminal transport preferred
To specify the preferred protocol to use for the current session when a command does not specify one, use the terminal transport preferred command in EXEC mode.
terminal transport preferre d { all | lat | mop | nasi | none | pad | rlogin | telnet | v120 }
Syntax Description
all |
Specifies all recognized protocols. |
lat |
Specifies the local-area transport (LAT) protocol. |
mop |
Specifies the Maintenance Operation Protocol (MOP). |
nasi |
Specifies the NetWare Asynchronous Services Interface (NASI) protocol. |
none |
Prevents any protocol selection on the line. The router default is that any unrecognized command is a host name. If the preferred protocol is set to none, the router will not attempt any connections if the command is not recognized. |
pad |
Specifies X.3 packet assembler/disassembler (PAD), which is used most often to connect a server product to X.25 hosts. |
rlogin |
Specifies UNIX rlogin. |
telnet |
Specifies the TCP/IP Telnet protocol. |
v120 |
Selects the V.120 protocol for incoming asynchronous connections over ISDN. |
Defaults
lat (if LAT is not supported, telnet)
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command first appeared in a release prior to Cisco IOS Release 10.0. |
11.2 |
The following keywords were added:
- all
- lat
- mop
- nasi
- pad
- preferred
- rlogin
- v120
|
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Examples
The following example configures the console so that it does not connect when an unrecognized command is entered:
Router# terminal transport preferred none
Related Commands
|
|
|
transport preferred |
Specifies the transport protocol that the Cisco IOS software uses if the user does not specify one when initiating a connection. |
test (ruleset)
To test parameter values in a translation ruleset using regular expressions, use the test command in translate ruleset configuration mode. To change or remove the specification, use one of the two no forms of this command.
test [ # line-number ] { pad | telnet } variable-parameter reg-exp-match [ { pad | telnet } variable-parameter reg-exp-match [...]] set { pad | telnet } variable-parameter
no test { pad | telnet } variable-parameter reg-exp-match [ { pad | telnet } variable-parameter reg-exp-match [...]] set { pad | telnet } variable-parameter
no test # line-number […]
Syntax Description
# line-number |
(Optional) The line in the translation ruleset to test for substitution. The # character must be entered. |
{ pad | telnet } |
Identifies the incoming or outgoing protocol and controls which parameters are available in the next element of this command. |
variable-parameter |
A parameter that varies depending upon the protocol selected, either pad or telnet, and its role, either incoming or outgoing. Protocol parameters are available to modify the incoming or outgoing connection behavior during protocol translation session setup. Up to six parameters can be entered on one command line. Table 44 indicates supported incoming and outgoing PAD and Telnet connection parameter keywords for the test command with an X. |
reg-exp-match |
A standard Cisco regular expression match specification. |
set |
Conditionally sets the specified protocol parameters to a fixed value. |
[ ... ] |
(Optional) Specifies that multiple entries can be made as follows:
- Up to six test statements can be written on one command line.
- Multiple line numbers can be specified using the second no form of this command.
|
Defaults
No default behavior or values
Command Modes
Translate ruleset configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Up to six test statements can be entered on one command line. The ellipses in the format shown above means multiple test statements can be specified in a translation ruleset template.
The test command is useful for working with conditional parameters.
A test … set … statement conditionally sets one or more connection parameters to a given value, but only after a successful comparison of one or more connection parameters against a regular expression.
Cisco regular expressions are described in Appendix A, “Regular Expressions,” in the Cisco IOS Terminal Services Configuration Guide.
When you use the first no form of this command, specify the full set of parameters and expressions in the command to be removed. The second no form must specify the correct test command and line number within the translation ruleset template.
Table 44 Test Connection Parameter Keywords
|
|
|
|
|
|
|
authorize-method ASCII-string |
Connection authorization method to use that must match one of a fixed set of values. |
X |
— |
— |
X |
authorize-tag ASCII-string |
Connection authorization identity to supply, entered as an ASCII string. |
X |
— |
— |
X |
binary flag |
Flag that specifies whether 8-bit binary data is required, entered as one of the following characters to specify binary mode: Y, y, 1 – 9,
T, t. |
— |
X |
— |
X |
cud ASCII-string |
Call user data (CUD) that occurs after the protocol identification (PID). For X.29 service, this is the optional, user-specified text included in the command to place a call. |
X |
— |
X |
— |
dest-addr address |
Destination IP (Telnet) or X.121 (PAD) address. |
X |
X |
X |
X |
dest-addr-ext address |
Network service access point (NSAP) destination address extension. |
X |
— |
X |
— |
dest-port port |
Destination port entered as a decimal number from one to five digits long. |
— |
— |
— |
X |
dlci number |
Frame Relay data-link connection identifier (DLCI) of an Annex G service entered as a number from one to seven digits in length, although a size of two to four digits is more likely, or the NULL string if not received on an Annex G service. |
X |
— |
X |
— |
eor specification |
A character set defining the End-of-Record (EOR) string for the protocol translation session, entered as an ASCII or hexadecimal specification from one to four bytes in length, aaa or 0x19, as examples. |
— |
X |
— |
X |
eor-insert flag |
Flag specifying that the EOR character set should be inserted for PAD data being forwarded to a Telnet session, and entered as a single character. Use one of the following characters to specify EOR insertion: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
hostname address |
Destination host name for Domain Name System (DNS) resolution entered as an ASCII string. |
— |
X |
— |
— |
idle seconds |
Number of seconds the PAD connection can be idle before being cleared. |
X |
— |
X |
— |
interface type number |
Interface to be used for the circuit, entered using standard Cisco IOS interface designations; Serial1/0:1, for example. |
X |
— |
X |
— |
keepalive-period seconds |
A number that indicates the number of seconds between TCP keepalives for the X.25 over TCP (XOT) connection. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
keepalive-tries number |
A number that indicates the number of TCP keepalives to send before the XOT connection is declared dead. TCP keepalive information applies only when a ruleset is configured to match an XOT destination address. Example: match dest-addr ^5555.$ xot-dest-addr 5.5.5.2 |
X |
— |
X |
— |
local flag |
Flag specifying that Telnet control sequences should be forwarded, not processed, and entered as a single character. Use one of the following characters to specify local mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
mac address |
Connection-Mode Network Service (CMNS) service remote host MAC address entered as three hexadecimal numbers of four digits separated by a period, (0000.fc08.12ab, for example) or the NULL string if not received on a CMNS service. |
X |
— |
X |
— |
no-reset |
Suppress a PVC Reset packet at session startup. |
X |
— |
X |
— |
packetsize size |
X.25 maximum data packet sizes to request, entered as two numbers from the following choices: 16, 32, 64, 128, 256, 512, 1024, 2048, 4096. |
X |
— |
X |
— |
pid byte-string |
PID string specified in ASCII or hexadecimal. A hexadecimal PID must be prefixed by “0x.” For example, 0x01000000 is the standard PAD PID. Although it is available for specifying a nonstandard Call PID, this parameter is not restricted to the common PID length and can be used to specify the entire user data field. |
X |
— |
X |
— |
printer flag |
Printer access mode. Flag specifying that the outgoing connection should be brought up before the incoming connection is confirmed. Use one of the following characters to specify printer mode: Y, y, 1 – 9, T, t. An unsuccessful outgoing connection attempt results in the incoming connection to the ruleset being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the ruleset quiet keyword to be applied to the translation. |
X |
— |
— |
X |
profile name |
Named PAD profile to use. |
X |
— |
X |
— |
pvc circuit-number |
Permanent virtual circuit (PVC) entered as a number from 1 to 4095, or the null string if not a PVC. |
— |
— |
X |
— |
reverse |
Request reverse charging. |
— |
— |
X |
— |
reversed flag |
Flag to indicate whether a reverse charged Call is permitted. This flag applies to a switched virtual circuit (SVC) and is entered as a single character, Y or N, for yes or no. |
X |
— |
— |
— |
rotor |
Modifies the behavior of the host-name keyword by allowing one of the IP addresses defined by the ip host configuration command to be chosen randomly. If one address fails, another will be tried until a connection is made or all address choices are exhausted. |
— |
X |
— |
— |
source-addr address |
Source X.121 address. |
X |
— |
X |
X |
source-addr-ext address |
NSAP source address extension. |
X |
— |
X |
— |
source-ifc type number |
Interface from which to take the source IP address, entered using standard Cisco IOS interface designations: Loopback0, for example. |
— |
X |
X |
— |
stream flag |
Flag that specifies whether Telnet negotiation should be sent or accepted, entered as one of the following characters to specify stream mode: Y, y, 1 – 9, T, t. |
— |
X |
— |
X |
swap flag |
X.29 role reversal. Flag that indicates the PAD connection should not initiate X.29 commands when first connected. Use one of the following characters to swap behavior: Y, y, 1 – 9, T, t. This parameter enables incoming and outgoing PAD connections to be swapped so that a protocol translation is treated like a PAD when it accepts a call. By default, the protocol translation functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. |
X |
— |
X |
— |
use-map map |
Use the map defined for PAD service. |
— |
— |
X |
— |
windowsize size |
X.25 window sizes to request, entered as two numbers in a range from 1 to 127. |
X |
— |
X |
— |
xot-dest-addr address |
Destination IP address of an X.25 over TCP (XOT) service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
X |
— |
X |
— |
xot-source-addr address |
Source IP address of an XOT service entered in standard IP address dotted decimal notation (10.0.0.127, for example) or the NULL string if not received on an XOT service. |
X |
— |
— |
— |
Examples
The following example shows how to integrate a test into a translation ruleset template. The translation ruleset begins with the required match connection test, specifies protocol translation options, and sets specific parameters for incoming Telnet connections. The translation ruleset goes on to test and set appropriate parameters for incoming PAD connections, and to construct an SVC source address from Telnet information, starting with the source IP address. The translation ruleset is completed by adding in elements extracted from the Telnet destination port; the rewrite pattern is taken from the current value of PAD source address. The backslash character is used to construct the test... set and substitute... into statements.
translate ruleset customer-case-1 from telnet to pad
! Match an incoming Telnet attempt destined for IP addresses starting
! with 172.18., and a 5-digit port starting with the numbers 120 through 127.
match dest-addr ^172\.18\..* dest-port ^12[0-7]..$
! Once the correct network is matched, specify that this ruleset is limited
! to ten concurrent users and requires a login exchange.
options max-users 10 login
set telnet printer Y telnet binary Y
set pad profile cust-profile-one
! Test conditional parameters and make appropriate settings:
test telnet dest-addr ^172\.18\.0\.* telnet dest-port ^10.00 \
set pad pvc 1 telnet binary T
! Construct an SVC source address from the Telnet source information;
! start with the source IP address in the form 172.18.#.##, allowing
! for a following substitute of one field:
substitute telnet source-addr ^172\.18\.(.)\.(..) \
into pad source-addr 98\1\2\\1
! Now add in an extract from the Telnet destination port,
! where the rewrite pattern is taken from the current value of the PAD
substitute telnet dest-port ^.(...). into pad source-addr
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
test translate
To display a trace of protocol translation behavior for a connection attempt, use the test translate command in user or privileged EXEC mode.
test translate { pad | telnet | parameter parameter } [ detail ]
Syntax Description
pad |
Tests a trace of a packet assembler/disassembler (PAD) connection attempt. |
telnet |
Tests a trace of a Telnet connection attempt. |
parameter parameter |
Tests one of the following translation ruleset parameters in interactive mode:
- boolean —Boolean expression parameter. True if at least one character is present and the first character is one of Y, y, 1 – 9, T, or t ; otherwise, false.
- hexstring —Hex string parameter. A standard hexadecimal string representation starting with 0x, such as 0x14000F0000.
- integer —Integer parameter. A standard decimal number from 0 to 65535.
- interface —Two-integer parameter. A character string, possibly with embedded white space, identifying an existing interface, such as Serial 1, on the router.
- ip —IP address parameter. A standard four-byte dotted decimal IP address such as 10.0.0.127.
- mac —MAC address parameter. A standard set of three 4-digit hexadecimal words in dotted MAC address form such as 0001.00a8.1f2c.
- nsap —Network service access point (NSAP) address parameter.
- string —String parameter. A null-terminated ASCII string.
- two-integer —Two-integer parameter.
- x121 —X.121 address parameter. A standard X.121 address from 1 to 15 decimal digits long.
|
detail |
(Optional) Provides a more detailed test report. |
Defaults
No default behavior or values
Command Modes
User EXEC
Privileged EXEC
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command will traverse the set of protocol translation configurations in the order they are listed in the translation ruleset, and report all events that take place. The detail keyword shows each line being evaluated and detailed translation test information.
The translation ruleset operations to test, set, and substitute protocol parameter values use strings, and the ruleset generates the set of protocol parameter values as a set of strings. When entered with the optional parameter keyword and parameter type, the test translate command becomes interactive and queries for incoming connection parameter values. For a given protocol parameter there may be additional validation tests that apply. If the application of a translation ruleset results in an invalid value for a parameter (whether a violation of the basic type rule or the more specific validation tests for the parameter), the protocol translation operation will fail with an informative message.
Configuration errors are not detected when translation ruleset commands are entered. They are tested when the connection is attempted or when you use the test (ruleset) command. In the following example, the set translation ruleset command unconditionally sets the PAD’s profile name to a profile that does not exist in the configuration:
set pad profile Bldg-1-5ess
This command would be accepted at the command-line interpreter, but not tested until a connection attempt or with the test translate EXEC command. When the error is detected, the following messages display:
*%PT-3-PARAMRESULTERR: PT ruleset test protocol pad parameter profile parse error: Bldg-1-5ess.
-Process= "PAD InCall", ipl= 3, pid= 94
*PAD: ruleset translation not generated Cause: 9 Diag: 0
Examples
The following example shows a sample of the self-explanatory report from the test translate command:
Router# test translate pad
dest-addr (X.121 address): 55555
Ruleset A match/skip line 1 compared: match
Ruleset A; pad parameter read:
telnet/dest-addr: 10.2.2.1
Translate From: PAD 55555
To: Telnet 10.2.2.1 Port 23
The following is a sample of a detailed report:
Router# test translate pad detail
PAD translate command 1 PVC match not required
dest-addr (X.121 address): 55555
Normalized PAD dest-addr: 55555
PAD translate command 1 skipped, destination address 55555 doesn't match 12345
PAD translate command 2 PVC match not required
PAD translate command 2 skipped, destination address 55555 doesn't match 55551
No PAD translate command matched
(Testing translate command A...)
Ruleset A match/skip line 1 compared: match
(processing set/test/substitute line 1)
(set/test/subst line 1, item 1, parameter dest-addr set to 10.2.2.1)
(parsed telnet parameter dest-addr: 10.2.2.1)
Ruleset A; pad parameter read:
telnet/dest-addr: 10.2.2.1
(translation requires 0 bytes variable-sized memory)
Translate From: PAD 55555
To: Telnet 10.2.2.1 Port 23
The following example tests the boolean translate ruleset parameter in interactive mode:
Router# test translate parameter boolean
Enter parameter value (boolean): Y
Enter encode buffer size (integer): 10
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
time-out
To specify the Secure Shell (SSH) login timeout interval in seconds for a persistent SSH connection, use the time-out command in transport map configuration mode command. To restore the default setting of 120 seconds, use the no form of the command.
time-out timeout-interval
no time-out
Syntax Description
timeout-interval |
Specifies the SSH login timeout interval in seconds. |
Command Default
The default timeout-interval is 120 seconds.
Command Modes
Transport map configuration (config-tmap)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
This command is used to specify the SSH timeout interval.
Examples
In the following example, a transport map is configured that applies the following settings to any users attempting to access the Management Ethernet port via SSH:
- Users using SSH waits for the IOS process to become active, but enters diagnostic mode if the attempt to access IOS is interrupted.
- The RSA keypair name is “sshkeys”.
- The connection allows one authentication retry.
- The banner “--Welcome to Diagnostic Mode--” appears if diagnostic mode is entered as a result of SSH handling through this transport map.
- The banner “--Waiting for IOS Process--” appears if the connection is waiting for the IOS process to be come active.
The transport map is then applied to the interface when the transport type persistent ssh input command is entered to enable persistent SSH.
Router(config)# transport-map type persistent ssh sshhandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# rsa keypair-name sshkeys
Router(config-tmap)# authentication-retries 1
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
X
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# time-out 30
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent ssh input sshhandler
Related Commands
|
|
|
authentication-retries |
Specifies the number of SSH authentication retries before dropping the connection when a persistent SSH transport map is applied to the receiving interface. |
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
rsa keypair-name |
Names the RSA keypair to be used for persistent SSH connections. |
transport interface |
Applies the transport map settings to the interface. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a persistent transport map and enters transport map configuration mode. |
tn3270
To begin a TN3270 session, use the tn3270 command in EXEC mode.
tn3270 host
Syntax Description
host |
Name or IP address of a specific host on a network that can be reached by the router. The default terminal emulation mode allows access using a VT100 emulation. |
Command Modes
EXEC
Command History
|
|
|
11.1 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Unlike Telnet and local-area transport (LAT) connections, you must enter the tn3270 command to make a connection to an IBM TN3278 host.
To terminate an active TN3270 session, enter the escape sequence ( Ctrl-Shift-6 then x [ Ctrl^x ] by default) and enter the disconnect command at the EXEC prompt. Or log off the remote system by issuing the command specific to that system (such as exit, logout, quit, close, or disconnect).
Examples
The following example establishes a terminal session with an IBM TN3270 host named finance:
tn3270 8bit display
To configure the Cisco IOS software to use the mask set by the data-character-bits { 7 | 8 } command in line configuration mode or the terminal data-character bits { 7 | 8 } EXEC command, use the tn3270 8bit display command in line configuration mode. To restore the default 7-bit mask used for TN3270 connections, use the no form of this command.
tn3270 8bit display
no tn3270 8bit display
Syntax Description
This command has no arguments or keywords.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use the tn3270-character-map command to map between extended EBCDIC or extended ASCII characters.
Examples
The following example configures the Cisco IOS software to use the mask set by the data-character-bits line configuration and EXEC commands on line 5:
Related Commands
|
|
|
data-character-bits |
Sets the number of data bits per character that are interpreted and generated by the Cisco IOS software. |
terminal data-character-bits |
Sets the number of data bits per character that are interpreted and generated by the Cisco IOS software for the current line and session. |
tn3270 8bit transparent-mode
To configure the Cisco IOS software to use the mask set by the data-character-bits { 7 | 8 } command in line configuration mode or the terminal data-character bits { 7 | 8 } EXEC command, use the tn3270 8bit transparent-mode command in line configuration mode. To restore the default 7-bit mask used for TN3270 connections, use the no form of this command.
tn3270 8bit transparent-mode
no tn3270 8bit transparent-mode
Syntax Description
This command has no arguments or keywords.
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command is needed if you are using a file transfer protocol such as Kermit in 8-bit mode or you are using 8-bit graphics, both of which rely on transparent mode.
Examples
The following example configures the software to use the mask set by the data-character-bits line configuration and EXEC commands on line 5:
tn3270 8bit transparent-mode
Related Commands
|
|
|
data-character-bits |
Sets the number of data bits per character that are interpreted and generated by the Cisco IOS software. |
terminal data-character-bits |
Sets the number of data bits per character that are interpreted and generated by the Cisco IOS software for the current line and session. |
tn3270 character-map
To convert incoming EBCDIC characters into ASCII characters, use the tn3270 character-map command in global configuration mode. To restore default character mappings, use the no form of this command.
tn3270 character-map ebcdic-in-hex ascii-in-hex
no tn3270 character-map { all | ebcdic-in-hex } [ ascii-in-hex ]
Syntax Description
ebcdic-in-hex |
Hexadecimal value of an EBCDIC character. |
ascii-in-hex |
Hexadecimal value of an ASCII character. |
all |
Indicates all character mappings. |
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use this command to print international characters that are EBCDIC characters not normally printed, including umlauts (¨) and tildes (~). The command first restores default mapping for both EBCDIC and ASCII characters. In the no form of the command, the all keyword resets all character mappings to Cisco defaults.
Table 45 shows the default character mappings between ASCII and EBCDIC in decimal and hexadecimal format.
To convert outgoing ASCII characters into EBCDIC characters, use the keymap command to modify the keymap structure with the tag ebcdic_xx=string, where xx is a hexadecimal value and string is the sequence of characters that send the EBCDIC character.
Table 45 Default ASCII, EBCDIC Character Mappings
|
|
|
|
|
|
! |
33 |
0x21 |
90 |
0x5a |
" |
34 |
0x22 |
127 |
0x7f |
# |
35 |
0x23 |
123 |
0x7b |
$ |
36 |
0x24 |
91 |
0x5b |
% |
37 |
0x25 |
108 |
0x6c |
& |
38 |
0x26 |
80 |
0x50 |
’ |
39 |
0x27 |
125 |
0x7d |
( |
40 |
0x28 |
77 |
0x4d |
) |
41 |
0x29 |
93 |
0x5d |
* |
42 |
0x2a |
92 |
0x5c |
+ |
43 |
0x2b |
78 |
0x4e |
, |
44 |
0x2c |
107 |
0x6b |
- |
45 |
0x2d |
96 |
0x60 |
. |
46 |
0x2e |
75 |
0x4b |
/ |
47 |
0x2f |
97 |
0x61 |
0 |
48 |
0x30 |
240 |
0xf0 |
1 |
49 |
0x31 |
241 |
0xf1 |
2 |
50 |
0x32 |
242 |
0xf2 |
3 |
51 |
0x33 |
243 |
0xf3 |
4 |
52 |
0x34 |
244 |
0xf4 |
5 |
53 |
0x35 |
245 |
0xf5 |
6 |
54 |
0x36 |
246 |
0xf6 |
7 |
55 |
0x37 |
247 |
0xf7 |
8 |
56 |
0x38 |
248 |
0xf8 |
9 |
57 |
0x39 |
249 |
0xf9 |
: |
58 |
0x3a |
122 |
0x7a |
; |
59 |
0x3b |
94 |
0x5e |
< |
60 |
0x3c |
76 |
0x4c |
= |
61 |
0x3d |
126 |
0x7e |
> |
62 |
0x3e |
110 |
0x6e |
? |
63 |
0x3f |
111 |
0x6f |
@ |
64 |
0x40 |
124 |
0x7c |
A |
65 |
0x41 |
193 |
0xc1 |
B |
66 |
0x42 |
194 |
0xc2 |
C |
67 |
0x43 |
195 |
0xc3 |
D |
68 |
0x44 |
196 |
0xc4 |
E |
69 |
0x45 |
197 |
0xc5 |
F |
70 |
0x46 |
198 |
0xc6 |
G |
71 |
0x47 |
199 |
0xc7 |
H |
72 |
0x48 |
200 |
0xc8 |
I |
73 |
0x49 |
201 |
0xc9 |
J |
74 |
0x4a |
209 |
0xd1 |
K |
75 |
0x4b |
210 |
0xd2 |
L |
76 |
0x4c |
211 |
0xd3 |
M |
77 |
0x4d |
212 |
0xd4 |
N |
78 |
0x4e |
213 |
0xd5 |
O |
79 |
0x4f |
214 |
0xd6 |
P |
80 |
0x50 |
215 |
0xd7 |
Q |
81 |
0x51 |
216 |
0xd8 |
R |
82 |
0x52 |
217 |
0xd9 |
S |
83 |
0x53 |
226 |
0xe2 |
T |
84 |
0x54 |
227 |
0xe3 |
U |
85 |
0x55 |
228 |
0xe4 |
V |
86 |
0x56 |
229 |
0xe5 |
W |
87 |
0x57 |
230 |
0xe6 |
X |
88 |
0x58 |
231 |
0xe7 |
Y |
89 |
0x59 |
232 |
0xe8 |
Z |
90 |
0x5a |
233 |
0xe9 |
[ |
91 |
0x5b |
173 |
0xad |
\ |
92 |
0x5c |
224 |
0xe0 |
] |
93 |
0x5d |
189 |
0xbd |
^ |
94 |
0x5e |
95 |
0x5f |
_ |
95 |
0x5f |
109 |
0x6d |
` |
96 |
0x60 |
121 |
0x79 |
a |
97 |
0x61 |
129 |
0x81 |
b |
98 |
0x62 |
130 |
0x82 |
c |
99 |
0x63 |
131 |
0x83 |
d |
100 |
0x64 |
132 |
0x84 |
e |
101 |
0x65 |
133 |
0x85 |
f |
102 |
0x66 |
134 |
0x86 |
g |
103 |
0x67 |
135 |
0x87 |
h |
104 |
0x68 |
136 |
0x88 |
i |
105 |
0x69 |
137 |
0x89 |
j |
106 |
0x6a |
145 |
0x91 |
k |
107 |
0x6b |
146 |
0x92 |
l |
108 |
0x6c |
147 |
0x93 |
m |
109 |
0x6d |
148 |
0x94 |
n |
110 |
0x6e |
149 |
0x95 |
o |
111 |
0x6f |
150 |
0x96 |
p |
112 |
0x70 |
151 |
0x97 |
q |
113 |
0x71 |
152 |
0x98 |
r |
114 |
0x72 |
153 |
0x99 |
s |
115 |
0x73 |
162 |
0xa2 |
t |
116 |
0x74 |
163 |
0xa3 |
u |
117 |
0x75 |
164 |
0xa4 |
v |
118 |
0x76 |
165 |
0xa5 |
w |
119 |
0x77 |
166 |
0xa6 |
x |
120 |
0x78 |
167 |
0xa7 |
y |
121 |
0x79 |
168 |
0xa8 |
z |
122 |
0x7a |
169 |
0xa9 |
{ |
123 |
0x7b |
192 |
0xc0 |
| |
124 |
0x7c |
79 |
0x4f |
} |
125 |
0x7d |
208 |
0xd0 |
~ |
126 |
0x7e |
161 |
0xa1 |
Examples
The following example creates a two-way binding between an EBCDIC character and an ASCII character:
tn3270 character-map 0x81 0x78
Related Commands
|
|
|
show tn3270 ascii-hexval |
Displays ASCII-hexadecimal character mappings. |
show tn3270 character-map |
Displays character mappings between ASCII and EBCDIC. |
tn3270 datastream
To enable the TN3270 extended datastream, use the tn3270 datastream command in global configuration mode. To return to the normal TN3270 datastream, use the no form of this command.
tn3270 datastream { extended | normal }
no tn3270 datastream
Syntax Description
extended |
Extended datastream. |
normal |
Normal datastream. |
Defaults
Normal datastream
Command Modes
Global configuration
Command History
|
|
|
10.3 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command causes an “-E” to be appended to the terminal type string sent to the IBM host, which allows you to use the extended TN3270 features.
Examples
The following example shows the supported TN3270 datastream options:
extended Use extended TN3270 datastream
normal Use normal TN3270 datastream
tn3270 null-processing
To specify how NULL signals are handled, use the tn3270 null-processing command in global configuration mode. To return to 7171 NULL processing, use the no form of this command.
tn3270 null-processing [ 3270 | 7171 ]
no tn3270 null-processing [ 3270 | 7171 ]
Syntax Description
3270 |
(Optional) NULLs are compressed out of the string, as on a 3278-x terminal. |
7171 |
(Optional) NULLs are converted to spaces, as on a 7171 controller. |
Defaults
7171 NULL processing
Command Modes
Global configuration
Command History
|
|
|
10.3 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
If a user enters data, uses an arrow key to move the cursor to the right on the screen, and then enters more data, the intervening spaces are filled with NULLs. To specify how NULLs are handled, enter the tn3270 null-processing command either with the 3270 argument, where NULLs are compressed out of the string (as on a real 3278-x terminal) or the 7171 argument, where NULLs are converted to spaces as on a 7171 controller. Enter this command in global configuration.
Examples
The following example shows the two available null processing methods:
3270 Use 3270-style null processing
7171 Use 7171-style null processing
tn3270 optimize-cursor-move
To increase performance between a remote user and a TN3270 host by limiting cursor movement information that is sent to user terminals, use the tn3270 optimize-cursor-move command in global configuration mode. To ensure that all cursor movement information is sent between the terminal and the TN3270 host, use the no form of this command.
tn3270 optimize-cursor-move
no tn3270 optimize-cursor-move
Syntax Description
This command has no arguments or keywords.
Defaults
Cursor movement escape strings are sent to the terminal.
Command Modes
Global configuration
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Issuing this command increases the speed of information transfer between users and TN3270 hosts through an access server.
If you do not issue this command, virtually every byte of information between the terminal and the TN3270 host is prepended and trailed by cursor-movement strings.
Examples
The following example disables status messages to users connected to 3278 terminals:
tn3270 optimize-cursor-move
Related Commands
|
|
|
tn3270 status-message |
Reenables the display of status messages after they have been disabled. |
tn3270 reset-required
To lock a terminal after input error until the user resets the terminal, use the tn3270 reset-required command in global configuration mode. To return to the default of no reset required, use the no form of this command.
tn3270 reset-required
no tn3270 reset-required
Syntax Description
This command has no arguments or keywords.
Defaults
No reset is required.
Command Modes
Global configuration
Command History
|
|
|
10.3 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
On a 3278-x terminal, the keyboard is locked and further input is not permitted after input error (due to field overflow, invalid entry, and so on) until the user presses the RESET key. Most TN3270 implementations leave the keyboard unlocked and remove any error message on the next key input after the error. Use this command to lock the keyboard until the user performs a reset.
Examples
The following example enables keyboard locking after an input error:
tn3270 status-message
To reenable the display of status messages after they have been disabled, use the tn3270 status-message command in global configuration mode. To save bandwidth on asynchronous lines by not displaying status messages, use the no form of this command.
tn3270 status-message
no tn3270 status-message
Syntax Description
This command has no arguments or keywords.
Defaults
Status messages appear.
Command Modes
Global configuration
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Status messages appear on the console by default. These messages include “System Locked,” “Field error,” and “System UnLocked” messages. These messages are sent back to the terminal via the TTY line on the access server.
Disabling status messages saves bandwidth on asynchronous lines, which have very low bandwidth.
Examples
The following example disables status messages to users connected to 3270 terminals:
Related Commands
|
|
|
tn3270 optimize-cursor-move |
Increases performance between a remote user and a TN3270 host by limiting cursor movement information that is sent to user terminals. |
tn3270 typeahead
To buffer keyboard data when a 3278 server is in locked mode, use the tn3270 typeahead command in global configuration mode. To disable the typeahead function, use the no form of this command.
tn3270 typeahead
no tn3270 typeahead
Syntax Description
This command has no arguments or keywords.
Defaults
Typeahead is disabled.
Command Modes
Global configuration
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
When typeahead is enabled, the TN3270 client implementation in the Cisco IOS software permits you to continue typing while the system is trying to obtain a response from the TN3270 server. Information you type while a “System Locked” message appears on the terminal is stored in a buffer. After the “System Locked” message disappears, the information is then used as though it were just typed.
Examples
The following example saves user information when “System Locked” messages appear on the screen:
Related Commands
|
|
|
tn3270 reset-required |
Locks a terminal after input error until the user resets the terminal. |
translate lat
To translate a connection request to another protocol connection type when receiving a local-area transport (LAT) request, use the translate lat command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate lat incoming-service-name [ incoming-options ] protocol outgoing-address [ outgoing-options ] [ global-options ]
no translate lat incoming-service-name [ incoming-options ] protocol outgoing-address [ outgoing-options ] [ global-options ]
Syntax Description
incoming-service-name |
A LAT service name. When used on the incoming portion of the command, incoming-service-name is the name of the service that users specify when trying to make a translated connection. This name can match the name of the final destination resource, but is not required to. This argument is useful when making remote translated connections. |
incoming-options |
(Optional) An incoming connection request option. For LAT, the only option currently supported is:
- unadvertised —Prevents service advertisements from being broadcast to the network. This keyword can be useful, for example, when you define translations for many printers, and you do not want these services advertised to other LAT terminal servers. (VMS systems will be able to connect to the service even though it is not advertised.)
|
protocol outgoing-address |
A protocol name followed by an address or host name. Protocol translation choices are: ppp, slip, tcp, and x25. Note The host name is resolved to an address during configuration, unless you are translating to TCP and use the host-name keyword, which allows the host name to be resolved at connection time instead of configuration time. See Table 48 for more information about the host-name keyword. Additional keywords that can be entered with the protocol are as follows:
- autocommand —Specifies an EXEC command for an outgoing connection. The command executes upon connection to a host. You can issue any EXEC command and any switch or host name as an argument to the autocommand command. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (“ ”) around the string.
|
|
If you want to enable AppleTalk Remote Access (ARA) on an outgoing connection, specify the autocommand arap keywords. These keywords are necessary for ARA because ARA does not use addressing, and this option permits you to invoke the ARA string.
|
outgoing-options |
(Optional) Outgoing connection request options. Choices depend upon the protocol or command entered. See Table 46 , Table 47 , Table 48 , and Table 49 for more information. |
global-options |
(Optional) One or more of the following translation options can be used by any connection type:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is an integer previously assigned to an access list. Standard access list numbers are in the range from1 to 99; expanded standard access lists numbers are in the range 1300 to 1999.
- local —Allows Telnet protocol negotiations to not be translated.
- login —Requires that the user log in before the outgoing connection is made. This type of login is specified on the virtual terminal lines with the login command.
- max-users number —Limits the number of simultaneous users of the translation to number (an integer you specify).
- quiet —Suppresses printing of user-information messages.
|
Defaults
No default translation parameters
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.1 |
The no-reset permanent virtual circuits (PVC) subkeyword was added to support outgoing PVCs. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
You define protocol translation connections by supplying a protocol keyword and the address, host name, or service name. A LAT protocol translation command can be as simple as the following example:
Router(config)# translate lat LAT-1 X.25 1236672
However, the Cisco IOS software provides a broad range of options that support protocol translations in many networking environments. Table 46 , Table 47 , Table 48 , and Table 49 list the translate lat translation options by protocol.
You can also use the Cisco IOS command-line interface to help you understand how these keywords are entered. In global configuration mode, begin entering the translate command and add a question mark at each portion of the command to display the options available. Some examples follow:
Router(config)# translate lat ?
Router(config)# translate lat LSVC ?
autocommand Associate a command with a translation on this connections
unadvertised Prevent service advertisements from being broadcast to the
virtual-template Associate a virtual template with virtual access interface
Router(config)# translate lat LSVC tcp ?
Hostname or A.B.C.D IP address
Router(config)# translate lat LSVC tcp 10.1.1.1 ?
access-class Allow access list parameters to be used by source hosts
binary Negotiate Telnet binary mode on the connection
host-name Store the host name rather than its IP address
local Allow Telnet protocol negotiations not to be translated
login Require that the user log in before the outgoing connection
max-users Limit the number of simultaneous users of the translation
multibyte-IAC Always treat multiple IACs as telnet command
quiet Suppress printing of user-information messages
source-interface Specify source interface
stream Treat telnet escape characters as data
Note If you plan to translate to X.25 on a permanent virtual circuit (PVC), see the description for the translate x25 command for important configuration notes.
Table 46 LAT-to-PPP Outgoing Translation Options
|
|
| ppp { ip-address | ip-pool [ scope-name name ]} Translates from LAT to virtual asynchronous PPP. Supply an IP address as a standard, four-part dotted decimal IP address. The ip-pool keyword obtains an IP address from a Dynamic Host Configuration Protocol (DHCP) proxy client or a local pool. If the optional scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. |
|
Outgoing PPP Connection Request Options
|
Add any of the following keywords to configure PPP connection requests:
- authentication { pap | chap } —Sets Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) authentication for PPP on virtual asynchronous interfaces. If you specify both keywords, order is significant; the system will try to use the first authentication type, then the second.
- header-compression —Implements header compression on IP packets only.
|
- ipx loopback number —Specifies the loopback interface to be created and permits clients running IPX-PPP to connect through virtual terminal lines on the router. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the virtual terminal line. The virtual terminal line is assigned to the loopback interface.
- keepalive number-of-seconds —Specifies the interval at which keepalive packets are sent on Serial Line Internet Protocol (SLIP) and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in more system:running-config or show translate command output.
- mtu bytes —Sets the interface maximum transmission unit (MTU) of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is from 64 to 1,000,000 bytes.
- routing —Permits routing updates between connections. This keyword is required if the destination device is not on a subnet connected to one of the interfaces on the router.
- use-tacacs —Uses TACACS to verify PPP authentications for CHAP or PAP on virtual asynchronous interfaces.
|
Table 47 LAT-to-SLIP Outgoing Translation Options
|
Outgoing SLIP Translation
|
| slip { ip-address | ip-pool [ scope-name name ]} Translates from LAT to v irtual asynchronous SLIP. Supply an IP address as a standard, four-part dotted decimal IP address. The ip-pool keyword obtains an IP address from a DHCP proxy client or a local pool. If the optional scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. Note The slip argument applies only to outgoing connections; SLIP is not supported on incoming protocol translation connections. |
|
Outgoing SLIP Connection Request Options
|
Add any of the following keywords to configure SLIP connection requests:
- header-compression [ passive ] —Implements header compression on IP packets only. The passive keyword permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive keyword) permits compression on all traffic.
- ipx loopback number —Specifies the loopback interface to be created and permits clients running IPX-PPP to connect through virtual terminal lines on the router. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the virtual terminal line. The virtual terminal line is assigned to the loopback interface.
- keepalive number-of-seconds —Specifies the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in more system:running-config or show translate command output.
- mtu bytes —Sets the interface MTU of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is from 64 to 1,000,000 bytes.
- routing —Permits routing updates between connections. This keyword is required if the destination device is not on a subnet connected to one of the interfaces on the router.
|
Table 48 LAT-to-TCP Outgoing Options
|
|
| tcp ip-address Translates LAT to TCP/IP Telnet. Supply an IP address as a standard, four-part dotted decimal IP address, the name of an IP host that can be resolved by the Domain Name System (DNS), or explicit specification in an ip host command (refer to the description for the host-name keyword in the “Outgoing TCP Connection Request Options” section). |
|
Outgoing TCP Connection Request Options
|
Any of the following optional keywords can be used to configure TCP connection requests:
- binary —Negotiates Telnet binary mode on the connection.
- host-name —Stores the host name rather than its IP address, thereby allowing the host name to be resolved at connection time instead of configuration time. There is also a rotor keyword suboption that you can use to modify the behavior of the host-name keyword by allowing one of the IP addresses defined by the ip host configuration command to be chosen randomly. If one address fails, another one will be tried, and so on until all address choices are exhausted. You can use the rotor keyword, therefore, to provide basic load sharing of the IP destinations.
- multibyte-IAC —Always treat multiple Interpret as Command (IAC) escape character codes as a Telnet command.
- port number —For outgoing connections, enter the number of the port to match. The default is port 23 (Telnet).
|
- source-interface —Specifies the source address used for Telnet connections initiated by the router.
- stream —Performs stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process or generate any Telnet options, and also prevents Telnet processing of the data stream. This keyword might be useful for connections to ports running the UNIX-to-UNIX Copy Program (UUCP) or other non-Telnet protocols, or to ports connected to printers. For ports connected to printers using Telnet, the stream keyword prevents some of the problems associated with using Telnet for printers, such as unusual events happening to carriage returns or line feeds and echoing of data back to VMS systems.
|
Table 49 LAT-to-X.25 Outgoing Translation Options
|
Outgoing X.25 Translation
|
x25 x.121-address Translates LAT to the X.25 protocol. Supply an X.121 address that conforms to the specifications provided in the CCITT 1984 Red Book, or the name of an X.25 host that can be resolved by the DNS, or explicit specification in an x25 host command. The address number generally consists of a portion that is administered by the public data network (PDN) and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses generally will be subaddresses of the X.121 address for the X.25 network interface. |
|
Outgoing X.25 Connection Request Options
|
Any of the following optional keywords can be used to configure X.25 connection requests:
- cud c-u-data —Sends the specified X.25 Call User Data (CUD) text as part of an outgoing call request after the protocol identification bytes.
- no-reverse —Specifies that outgoing calls not request the X.25 reverse charge facility, when the interface default is that all outgoing calls are reverse charged.
- profile profile —Sets the X.3 packet assembler/disassembler (PAD) parameters as defined in the profile created by the x29 profile command.
- pvc number [ interface serial number | packetsize in-size out-size | windowsize in-size out-size | no-reset ] —Specifies that the outgoing connection is actually a PVC. The number argument specifies the virtual circuit channel number of the connection, which must be less than the virtual circuits assigned to the switched virtual circuit (SVC).Only one session is allowed per PVC. Use the following optional keywords to further define the connection:
– interface serial number —Specifies a PVC interface on which to set up the PVC connection. – packetsize in-size out-size —Specifies the input packet size ( in-siz e) and output packet size ( out-size) for the PVC. Valid packet size values are: 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096. – windowsize in-size out-size —Specifies the packet count for input windows ( in-size) and output windows ( out-size) for the outgoing translation. Values of in-size and out-size range from 1 to 127 and must not be greater than the value set for the x25 modulo command. You must specify the same value for in-size and out-size. – no-reset —Causes the Cisco router to send a no Reset packet request at startup of a TCP or LAT to permanent virtual circuit (PVC) translation session. |
- reverse —Provides reverse charging for X.25 on a per-call rather than a per-interface basis. Requests reverse charges on a specified X.121 address, even if the serial interface is not configured to request reverse charge calls.
- use-map —Applies x25 map pad command entry options (such as CUD and idle) and facilities (such as packet in, packet out, win in, and win out) to the outgoing protocol translation call. When the use-map keyword is specified on the translate command, the Destination address and optional PAD Protocol Identification (PID), CUD, and facilities are checked against a configured list of x25 map pad entries. If a match is found, the map entry PID, CUD, and facilities are applied to the outgoing protocol translation call. The X.25 map facilities applied to the outgoing translation can be displayed with the show translation command throughout the duration of the translation session.
|
Examples
The following example illustrates incoming LAT to outgoing TCP translations. The unadvertised keyword prevents broadcast of service advertisements to other servers in the network. Outgoing translated packets are sent to IP host Host1, TCP port 4005.
translate lat pt-printer1 unadvertised tcp Host1 port 4005
The following example translates LAT on an incoming line to SLIP on an outgoing line. It uses header compression only if incoming TCP packets on the same interface are compressed.
translate lat Service1 slip 10.0.0.4 header-compression
The following example first shows how to disable keepalive packets on a PPP line using the translate lat command, then shows translated session output from the show translate EXEC command indicating keepalive packets have been turned off.
translate lat Service2 ppp 172.21.2.2 keepalive 0
Translate From: LAT Service2
To: PPP 172.21.2.2 keepalive 0
0/0 users active, 0 peak, 0 total, 0 failures
Related Commands
|
|
|
show translate |
Displays configured translation sessions. |
translate tcp |
Translates a TCP connection request automatically to another outgoing protocol connection. |
translate x25 |
Translates an X.25 connection request automatically to another outgoing protocol connection. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
translate ruleset
To define a unique name for a translation ruleset, specify the translated protocols, and enable translate ruleset configuration mode, use the translate ruleset command in global configuration mode. To remove the ruleset, use the no form of this command.
translate ruleset name from incoming-protocol to outgoing-protocol
no translate ruleset name from incoming-protocol to outgoing-protocol
Syntax Description
name |
Unique name for the protocol translation ruleset. |
from incoming-protocol |
Specifies the incoming protocol that will be translated, and can be one of the following:
- pad —X.25 PAD
- telnet —TCP/IP Telnet
|
to outgoing-protocol |
Specifies the outgoing protocol or option to translate the incoming protocol to, and can be one of the following:
- pad —X.25 PAD
- telnet —TCP/IP Telnet
|
Defaults
No default behavior or values
Command Modes
Global configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
This command places the shell into the translate ruleset configuration mode to create the ruleset template of protocol translation criteria.
The translation ruleset compares an incoming connection attempt to the set of criteria to determine whether it is eligible for protocol translation processing, then uses additional information to complete the transaction.
Existing one-line translate command protocol translation configurations (using the translate tcp and translate x25 commands, for example) take precedence over a protocol translation ruleset. This rule is reinforced when the configuration is generated by placing all one-line translate command protocol translation configurations before protocol translation ruleset configurations.
Some protocol translation options available with the one-line protocol translation commands are not available with this command.
An incoming PAD call with a standard protocol identification (PID) value that cannot be identified as PAD (for example, its first four bytes indicate IP encapsulation) will not be eligible for protocol translation.
Incoming TCP connections must be made on standard Telnet port 23; otherwise, the connection is not eligible for protocol translation.
If a ruleset is deleted, it will not affect an established protocol translation session, but a new, incoming connection attempt may terminate, depending upon how far along it is in the connection process.
Examples
The following example shows how to start the translate ruleset configuration mode:
Router(config)# translate ruleset Pad-Telnet from pad to telnet
Router(cfg-pt-ruleset)# ?
Protocol Translation ruleset configuration commands:
description User-specified description of the ruleset
exit Exit from PT ruleset configuration mode
match Define a pattern of input parameters for a connection to process
no Negate or set default values of a command
options Define the ruleset options
set Define parameter values
skip Define a pattern of input parameters for a connection to skip
substitute Define a parameter pattern match and substitute into another
test Define parameter pattern(s) to test for conditionally setting parameters
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation ruleset handling. |
translate lat (virtual access interfaces)
When receiving a local-area transport (LAT) connection request to a service name, to set up the Cisco router to automatically translate the request to another outgoing protocol connection type, use the translate lat command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate lat incoming-service-name [ incoming-options ] virtual-template number [ global-options ]
no translate lat incoming-service-name [ incoming-options ] virtual-template number [ global-options ]
Syntax Description
incoming-service-name |
A LAT service name. When used on the incoming portion of the translate lat command, service-name is the name of the service that users specify when trying to make a translated connection. This name can match the name of the final destination resource, but this match is not required. Such matches can be useful when making remote translated connections. |
incoming-options |
(Optional) An incoming connection request option. For LAT, the only keyword currently supported is:
- unadvertised —Prevents service advertisements from being broadcast to the network. This keyword can be useful, for example, when you define translations for many printers, and you do not want these services advertised to other LAT terminal servers. (VMS systems will be able to connect to the service even though it is not advertised.)
|
virtual-template number |
Applies the virtual interface template specified by the number argument in place of outgoing options. |
global-options |
(Optional) Translation options that can be used by any connection type and can be one or more of the following:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is an integer previously assigned to an access list. Standard access list numbers are in the range from1 to 99; expanded standard access lists numbers are in the range 1300 to 1999.
- max-users number —Limits the number of simultaneous users of the translation to number (an integer you specify).
- local —Allows Telnet protocol negotiations to not be translated.
- login —Requires that the user log in before the outgoing connection is made. This type of login is specified on the virtual terminal lines with the login command.
- quiet —Suppresses printing of user-information messages.
|
Defaults
No default translation parameters
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The command syntax documented here shows how to apply a virtual interface template in place of outgoing translate options. If you are using virtual templates for protocol translation, all outgoing options are defined in the virtual interface template. Table 50 lists all outgoing options and their corresponding interface configuration commands.
You define the protocol translation connections by choosing a protocol keyword and supplying the appropriate address, host name, or service name. The protocol connection information is followed by optional features for that connection, as appropriate. For example, the binary keyword is only appropriate with TCP/IP connections. The global options, in general, apply to all the connection types, but there are exceptions.
Rather than specifying outgoing translation options in the translate command, configure these options as interface configuration commands under the virtual interface template, then apply the virtual interface template to the translate command. Table 50 maps outgoing translate command options to interface commands you can configure in the virtual interface template.
Table 50 Mapping Outgoing translate lat Options to Interface Commands
|
translate lat Command Options
|
Corresponding Interface Configuration Command
|
ip-pool |
peer default ip address { ip-address | dhcp | pool [ poolname ]} |
header-compression |
ip tcp header compression [ on | off | passive ] |
routing |
ip routing or ipx routing |
mtu |
mtu |
keepalive |
keepalive |
authentication { chap | pap } |
ppp authentication { chap | pap } |
ppp use-tacacs |
ppp use-tacacs |
ipx loopback |
ipx ppp-client loopback number |
Examples
The following example configures PPP tunneling from a PC across a LAT network. The remote PC is given the IP address 10.12.118.12 when it dials in. The unadvertised keyword prevents broadcast of service advertisements to other servers.
interface Virtual-Template1
peer default ip address 10.12.118.12
translate lat pt-printer1 unadvertised virtual-template 1
Related Commands
|
|
|
show translate |
Displays configured translation sessions. |
translate tcp |
Translates a TCP connection request automatically to another outgoing protocol connection. |
translate x25 |
Translates an X.25 connection request automatically to another outgoing protocol connection. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
translate tcp
To translate a connection request to another protocol connection type when receiving a TCP connection request to a particular destination address or host name, use the translate tcp command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate tcp incoming-address [ incoming-options ] protocol outgoing-address [ outgoing-options ] [ global-options ]
no translate tcp incoming-address [ incoming-options ] protocol outgoing-address [ outgoing-options ] [ global-options ]
Syntax Description
incoming-address |
Standard IP address in standard, four-part dotted decimal notation. The IP address cannot be in use by other routers, and it should be on a connected subnet. |
incoming-options |
(Optional) An incoming connection request option. Choices are as follows:
- binary —Negotiates Telnet binary mode on the Telnet connection. (This was the default in previous versions of the protocol translation software and is set automatically when you enter a translate command in the previous format.)
- port number —The number of the port to match for incoming connections. The default is port 23 (Telnet). For outgoing connections, enter the number of the port to use. The default is port 23.
- printer—Supports local-area transport (LAT) and X.25 printing over a TCP network among multiple sites. This keyword causes the protocol translation software to delay the completion of an incoming Telnet connection until after the outgoing protocol connection (to LAT or X.25) has been established. An unsuccessful outgoing connection attempt results in the TCP connection to the router being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the global quiet keyword to be applied to the translation.
- stream —Performs stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process or generate any Telnet options, and also prevents Telnet processing of the data stream. This keyword might be useful for connections to ports running the UNIX-to-UNIX Copy Program (UUCP) or other non-Telnet protocols, or to ports connected to printers. For ports connected to printers using Telnet, the stream keyword prevents some of the problems associated with using Telnet for printers, such as unusual events happening to carriage returns or line feeds and echoing of data back to VPN/Security Management Solution (VMS) systems.
|
protocol outgoing-address |
A protocol name followed by an address or host name. Protocol translation choices are: lat, ppp, slip, and x25. Additional keywords that can be entered instead of a protocol name are as follows:
- autocommand —Specifies an EXEC command for an outgoing connection. The command executes upon connection to a host. You can issue any EXEC command and any switch or host name as an argument to the autocommand keyword. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (“ ”) around the string. If you want to enable AppleTalk Remote Access (ARA) on an outgoing connection, specify the autocommand arap keywords. These keywords are necessary for ARA because ARA does not use addressing, and this option permits you to invoke the ARA string.
- virtual-template — Associates a virtual template with a virtual access interface. See the translate tcp (virtual access interfaces) command description for more information.
|
outgoing-options |
(Optional) Outgoing connection request options. Choices depend upon the protocol or command entered. See Table 51 , Table 52 , Table 53 , and Table 54 for more information. |
global-options |
(Optional) One or more of the following translation options can be used by any connection type:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The number argument is an integer previously assigned to an access list. Standard access list numbers are in the range from 1 to 99; expanded standard access lists numbers are in the range from 1300 to 1999.
- authorize method-list tag —Enables authorization for protocol translation sessions. The method-list argument is the list of authorization methods defined by the aaa authorization command with the translate keyword. The method-list argument may have the value of the list-name argument or the default keyword. The tag argument is an alphanumeric string of up to 64 characters. The tag argument need not be unique; more than one instance of the translate command can specify identical values for the tag argument. The authorize option is available only if the outgoing protocol keyword is x25 or autocommand.
- eor marker [ insert ] —Defines the End-of-Record (EOR) marker for the translation session. The marker argument may be any set of characters from 1 to 4 in length. Nonprintable characters must be entered in hexadecimal format. Printable characters may be typed in. The insert keyword allows the EOR marker to be inserted into the TCP stream after each X.25 packet without a More-bit (M-bit) set is received.
- local —Allows Telnet protocol negotiations to not be translated.
- login —Requires that the user log in before the outgoing connection is made. This type of login is specified on the virtual terminal lines with the login command.
- max-users number —Limits the number of simultaneous users of the translation to number (an integer you specify).
- quiet —Suppresses printing of user-information messages.
- swap —Valid for TCP-to-X.25 translations only, and allows X.3 parameters to be set on the router by the host originating the X.25 call, or by an X.29 profile. This configuration enables incoming and outgoing X.25 connections to be swapped so that the device is treated like a packet assembler/disassembler (PAD) when it accepts a call. By default, the router functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. The swap keyword allows connections from an X.25 host that wants to connect to the router, and then treats it like a PAD.
|
Defaults
No default translation parameters
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.1 |
The no-reset permanent virtual circuits (PVCs) subkeyword was added to support outgoing PVCs. |
12.2(13)T |
The dynamic keyword was added to support a backup interface. |
12.3(2)T |
The authorize method-list tag keyword and arguments were added to support authorization of protocol translation sessions. The eor marker [ insert ] keywords and argument were added to support the EOR function for DCNs. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
You define protocol translation connections by supplying a protocol keyword and the address, host name, or service name. A TCP protocol translation command can be as simple as the following example:
Router(config)# translate tcp 10.1.1.1 x25 1236672
However, the Cisco IOS software provides a broad range of options that support protocol translations in many networking environments. Table 51 , Table 52 , Table 53 , and Table 54 list the translate tcp translation options by protocol.
You can also use the Cisco IOS command-line interface (CLI) to help you understand how these keywords are entered. In global configuration mode, begin entering the translate command and add a question mark at each portion of the command to display the options available. Some examples follow:
Router(config)# translate tcp ?
Hostname or A.B.C.D IP address
Router(config)# translate tcp 10.1.1.1 ?
autocommand Associate a command with a translation on this connections
binary Negotiate Telnet binary mode on the connection
printer Enable non-interactive (implies global quiet)
stream Enable stream processing
virtual-template Associate a virtual template with virtual access interface
Router(config)# translate tcp 10.1.1.1 lat LAT-1 ?
access-class Allow access list parameters to be used by source hosts
local Allow Telnet protocol negotiations not to be translated
login Require that the user log in before the outgoing connection is
max-users Limit the number of simultaneous users of the translation
quiet Suppress printing of user-information messages
unadvertised Prevent service advertisements from being broadcast to the
Note If you plan to translate to X.25 on a PVC, see the description for the translate x25 command for important configuration notes.
Table 51 TCP-to-LAT Outgoing Options
|
|
lat service-name Translates TCP to the LAT protocol.The software must learn the service name through LAT service advertisements before it can use the service. |
|
Outgoing LAT Connection Request Options
|
Any of the following optional keywords can be used to configure LAT connection requests:
- node name— Connects to the specified node that offers a LAT service. By default, the connection is made to the highest-rated node that offers the service.
- port name —Destination LAT port name in the format of the remote system. This parameter is usually ignored in most time-sharing systems, but is used by terminal servers that offer reverse-LAT services.
- unadvertised — Prevents LAT service advertisements from being broadcast to the network.
|
Table 52 TCP-to-PPP Outgoing Options
|
|
ppp { ip-address | ip-pool [ scope-name name ]} Translates from TCP to virtual asynchronous PPP. Supply an IP address as a standard, four-part dotted decimal IP address. The ip-pool keyword obtains an IP address from a Dynamic Host Configuration Protocol (DHCP) proxy client or a local pool. If the scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. |
|
Outgoing PPP Connection Request Options
|
Any of the following optional keywords can be used to configure PPP connection requests:
- authentication { pap | chap }— Sets Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) authentication for PPP on virtual asynchronous interfaces. If you specify both keywords, order is significant; the system will try to use the first authentication type, then the second.
- header-compression [ passive ]— Implements header compression on IP packets only. The passive keyword permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive keyword) permits compression on all traffic.
- ipx loopback number— Specifies the loopback interface to be created and permits clients running IPX-PPP to connect through vtys on the router. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the vty. The vty is assigned to the loopback interface.
|
- keepalive number-of-seconds— Specifies the interval at which keepalive packets are sent on Serial Line Internet Protocol (SLIP) and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in more system:running-config or show translate command output.
- mtu bytes— Sets the interface maximum transmission unit (MTU) of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is from 64 to 1,000,000 bytes.
- routing — Permits routing updates between connections. This keyword is required if the destination device is not on a subnet connected to one of the interfaces on the router.
- use-tacacs — Uses TACACS to verify PPP authentications for CHAP or PAP on virtual asynchronous interfaces.
|
Table 53 TCP-to-SLIP Outgoing Options
Outgoing SLIP Translation |
slip { ip-address | ip-pool [ scope-name name ]} Translates from TCP to v irtual asynchronous SLIP. Supply an IP address as a standard, four-part dotted decimal IP address. The ip-pool keyword obtains an IP address from a DHCP proxy client or a local pool. If the optional scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. Note The slip keyword applies only to outgoing connections; SLIP is not supported on incoming protocol translation connections. |
|
Outgoing SLIP Connection Request Options
|
Any of the following optional keywords can be used to configure SLIP connection requests:
- header-compression [ passive ]— Implements header compression on IP packets only. The passive keyword permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive keyword) permits compression on all traffic.
- ipx loopback number— Specifies the loopback interface to be created and permits clients running IPX-PPP over X.25 to connect through vtys on the router. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the vty. The vty is assigned to the loopback interface.
- keepalive number-of-seconds— Specifies the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To shut off keepalive packets, use a value of 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in more system:running-config or show translate command output.
|
- mtu bytes— Sets the interface MTU of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is from 64 to 1,000,000 bytes.
- routing— Permits routing updates between connections. This keyword is required if the destination device is not on a subnet connected to one of the interfaces on the router.
|
Table 54 TCP-to-X.25 Outgoing Options
Outgoing X.25 Translation |
x25 x.121-address Translates TCP to the X.25 protocol. Supply an X.121 address that conforms to the specifications provided in the CCITT 1984 Red Book, or the name of an X.25 host that can be resolved by the DNS, or explicit specification in an x25 host command. The address number generally consists of a portion that is administered by the public data network (PDN) and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses generally will be subaddresses of the X.121 address for the X.25 network interface. |
|
Outgoing X.25 Connection Request Options
|
Any of the following optional keywords can be used to configure X.25 connection requests:
- cud c-u-data— Sends the specified X.25 Call User Data (CUD) text as part of an outgoing call request after the protocol identification bytes.
- no-reverse —Specifies that outgoing calls not request the X.25 reverse charge facility, when the interface default is that all outgoing calls are reverse charged.
- profile profile— Sets the X.3 PAD parameters as defined in the profile created by the x29 profile command.
- pvc number [ interface serial number | packetsize in-size out-size | windowsize in-size out-size | no-reset | dynamic ] —Specifies that the outgoing connection is actually a PVC. The number argument specifies the virtual circuit channel number of the incoming connection, which must be less than the virtual circuits assigned to the switched virtual circuit (SVC).Only one session is allowed per PVC. Use the following optional keywords to further define the connection:
– interface serial number —Specifies a PVC interface on which to set up the PVC connection.
- packetsize in-size out-size —Specifies the input packet size ( in-siz e) and output packet size ( out-size) for the PVC. Valid packet size values are: 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096.
– windowsize in-size out-size —Specifies the packet count for input windows ( in-size) and output windows ( out-size) for the outgoing translation. Values of in-size and out-size range from 1 to 127 and must not be greater than the value set for the x25 modulo command. You must specify the same value for the in-size and out-size arguments. – no-reset —Causes the Cisco router to send a no reset packet request at startup of a TCP or LAT-to-PVC translation session. – dynamic —Causes the TCP-to-X25 PVC session to terminate when the interface goes down. The default behavior is to keep the PVC in existence as long as it is configured. |
- reverse —Provides reverse charging for X.25 on a per-call rather than a per-interface basis. Requests reverse charges on a specified X.121 address, even if the serial interface is not configured to request reverse charge calls.
- use-map —Applies x25 map pad command entry options (such as CUD and idle) and facilities (such as packet in, packet out, win in, and win out) to the outgoing protocol translation call. When the use-map keyword is specified on the translate command, the Destination address and optional PAD Protocol Identification (PID), CUD, and facilities are checked against a configured list of x25 map pad command entries. If a match is found, the map entry PID, CUD, and facilities are applied to the outgoing protocol translation call. The X.25 map facilities applied to the outgoing translation can be displayed with the show translation command throughout the duration of the translation session.
|
Examples
Dynamic PVCs to Support Primary and Secondary Interfaces Example
The following partial example shows how to configure the PVC dynamic option. The dynamic keyword allows an X.25 PVC to be created on a backup interface when the primary interface goes down. The example configures a primary serial interface (serial 0/0) for X.25 encapsulation and assigns a secondary serial interface (serial 1/1) as backup for the primary. Comments explain the configuration.
backup active interface Serial1/1
! Configure an X.25 route specifying the primary interface on which the router
! should create the dynamic PVCs.
x25 route ^10 interface serial 0/0
! Configure a second X.25 route specifying the secondary backup interface on which
! the router can recreate the PVCs should the primary go down.
x25 route ^10 interface serial 1/1
! Configure the translate commands with the PVC dynamic option.
translate tcp 10.60.150.128 port 1031 x25 10 pvc 1 dynamic
translate tcp 10.60.150.128 port 1036 x25 10 pvc 6 dynamic
When the primary interface serial 0/0 is the active link and it is operational (up), the PVCs will be created on that interface.
If the primary interface goes down, the following will occur:
- The TCP sessions associated with the X.25 PVCs on serial interface 0/0 will be terminated.
- The X25 PVCs created on serial interface 0/0 will be deleted.
- The primary link on serial interface 0/0 will go into the TESTING state.
- The backup link on serial interface 1/1 will change from the X.25 TESTING state to the UP state.
- This change of the interface state (from TESTING to UP) will cause the secondary link on serial interface 1/1 to become active.
- The X.25 PVCs will be recreated on the secondary link on serial interface 1/1 based on the configuration of the second x25 route command.
- Incoming TCP connections will be reestablished with the X.25 PVCs on serial interface 1/1.
TCP-to-X.25 PVC connections will remain on the backup secondary interface (serial 1/1) even when the primary interface (serial 0/0) becomes operational. Only when the backup interface (serial 1/1) fails does the process described repeat and move the TCP-to-X25 PVC connections back to the primary interface (serial 0/0).
Incoming TCP Connection to a Printer Example
The following example illustrates the use of the TCP incoming protocol printer keyword for an incoming TCP connection:
translate tcp 172.19.32.250 printer x25 5678
IPX-PPP Client Connects to a Server Running PPP Example
The following example permits clients running IPX-PPP to connect through the device virtual terminal lines to a server running PPP:
translate tcp 172.21.14.67 port 1234 ppp 10.0.0.2 ipx loopback0
Configuring the EOR Marker for a TCP-to-X.25 Protocol Translation Session Example
The following example configures a TCP-to-X.25 protocol translation session to insert an EOR marker in a TCP packet after each received X.25 packet that does not contain the M-bit set. The EOR marker in this example consists of nonprintable characters and is entered in hexadecimal format.
translate tcp 10.60.155.63 x25 12345678 pvc 3 dynamic eor 0x19 insert
Configuring Translation Authorization for a TCP-to-X.25 Protocol Translation Session Example
The following example uses an authorization method list named mygroup. Serial interfaces 2/0 and 2/1 connect to X.25 hosts, each of which provides multiple services at different X.25 subaddresses. Some of the translate statements specify unique authorization tags so the services can be individually controlled; others specify generic tags (perhaps because they are less critical, such as a monitoring service rather than one which permits configuration changes).
aaa authorization network mygroup group tacacs+
ip address 10.60.155.30 255.255.255.0
x25 route ^13033 interface Serial2/0
x25 route ^13133 interface Serial2/1
translate tcp 10.60.155.36 port 2001 x25 1303301 login authorize mygroup a-port01
translate tcp 10.60.155.36 port 2002 x25 1303302 login authorize mygroup a-port02
translate tcp 10.60.155.36 port 2003 x25 1303303 login authorize mygroup monitor
translate tcp 10.60.155.36 port 2004 x25 1303304 login authorize mygroup monitor
translate tcp 10.60.155.36 port 2005 x25 13033 pvc 1 login authorize mygroup a-admin01
translate tcp 10.60.155.36 port 2101 x25 1313301 login authorize mygroup b-port01
translate tcp 10.60.155.36 port 2102 x25 1313302 login authorize mygroup b-port02
translate tcp 10.60.155.36 port 2103 x25 1313303 login authorize mygroup monitor
translate tcp 10.60.155.36 port 2104 x25 1313304 login authorize mygroup monitor
With this configuration, the router accepts Telnet requests to 10.60.155.36 at any of the TCP ports listed. The user is required to log in, then the router sends an authorization request specifying “translate” as the value of the “service” AV pair, and the authorization tag from the corresponding translate command as the value of the “azn-tag” AV pair. The user id and remote address of the Telnet session are also included in the authorization request. If the authorization server approves the request, the connection to the specified X.25 address is attempted; if the request is denied, the Telnet connection is closed.
The authorization server would not be able to distinguish between connections to 10.60.155.36 port 2003 and 10.60.155.36 port 2104, because they specify the same authorization tag.
Related Commands
|
|
|
aaa authorization |
Sets parameters that restrict user access to a network. |
show translate |
Displays configured translation sessions. |
translate lat |
Translates a LAT connection request automatically to another outgoing protocol connection. |
translate x25 |
Translates an X.25 connection request automatically to another outgoing protocol connection. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
translate tcp (virtual access interfaces)
When receiving a TCP connection request to a particular destination address or host name, to set up the Cisco router to automatically translate the request to another outgoing protocol connection type, use the translate tcp command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate tcp incoming-address [ incoming-options ] virtual-template number [ global-options ]
no translate tcp incoming-address [ incoming-options ] virtual-template number [ global-options ]
Syntax Description
| incoming-address |
TCP/IP Telnet and a standard IP address or host name. The ip-address argument is a standard, four-part dotted decimal IP address or the name of an IP host that can be resolved by the Domain Name System (DNS) or explicit specification in an ip host command. |
| incoming-options |
(Optional) Incoming connection request options. These arguments can have the following values:
- binary —Negotiates Telnet binary mode on the Telnet connection. (This was the default in previous versions of the Cisco IOS software and is set automatically when you enter a translate command in the old format.)
- port number —For incoming connections, enter the number of the port to match. The default is port 23 (Telnet). For outgoing connections, enter the number of the port to use. The default is port 23.
- printer—Supports LAT and X.25 printing over a TCP network among multiple sites. This keyword causes the protocol translation software to delay the completion of an incoming Telnet connection until after the outgoing protocol connection (to LAT or X.25) has been successfully established. An unsuccessful outgoing connection attempt results in the TCP connection to the router being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the global quiet keyword to be applied to the translation.
- stream—Performs stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process or generate any Telnet options, and also prevents Telnet processing of the data stream. This keyword might be useful for connections to ports running the UNIX-to-UNIX Copy Program (UUCP) or other non-Telnet protocols, or to ports connected to printers. For ports connected to printers using Telnet, the stream keyword prevents some of the problems associated with using Telnet for printers, such as unusual events happening to carriage returns or line feeds and echoing of data back to VMS systems.
|
| virtual-template number |
Applies the virtual interface template specified by the number argument in place of outgoing options. |
| global-options |
(Optional) One or more of the following translation options can be used by any connection type:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is an integer previously assigned to an access list. Standard access list numbers are in the range from1 to 99; expanded standard access lists numbers are in the range 1300 to 1999.
|
| |
- local —Allows Telnet protocol negotiations to not be translated.
- login —Requires that the user log in before the outgoing connection is made. This type of login is specified on the virtual terminal lines with the login command.
- max-users number —Maximum number of simultaneous users of the translation.
- quiet —Suppresses printing of user-information messages.
- swap —Valid for TCP-to-X.25 translations only, and allows X.3 parameters to be set on the router by the host originating the X.25 call, or by an X.29 profile. This configuration enables incoming and outgoing X.25 connections to be swapped so that the device is treated like a PAD when it accepts a call. By default, the router functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. The swap keyword allows connections from an X.25 host that wants to connect to the router, and then treats it like a PAD.
|
Defaults
No default translation parameters
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The command syntax documented here shows how to apply a virtual interface template in place of outgoing translate options. If you are using virtual templates for protocol translation, all outgoing options are defined in the virtual interface template.
You define the protocol translation connections by choosing a protocol keyword and supplying the appropriate address, host name, or service name. The protocol connection information is followed by optional features for that connection, as appropriate. For example, the binary keyword is only appropriate with TCP/IP connections. The global options, in general, apply to all the connection types, but there are exceptions.
Examples
The following example illustrates the use of the TCP incoming printer keyword for an incoming TCP connection:
interface virtual-template1
peer default ip address 10.12.108.1
translate tcp 172.19.32.250 printer virtual-template1
Related Commands
|
|
|
show translate |
Displays configured translation sessions. |
translate tcp |
Translates a TCP connection request automatically to another outgoing protocol connection. |
translate x25 |
Translates an X.25 connection request automatically to another outgoing protocol connection. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
translate use telnet
To specify the required IP address in a Telnet-to-PAD protocol translation ruleset, use the translate use telnet command in global configuration mode. To disable the address, use the no form of this command.
translate use telnet ip-address
no translate use telnet ip-address
Syntax Description
ip-address |
Incoming Telnet IP address used by translation rulesets. |
Defaults
No default behavior or values
Command Modes
Global configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
An IP address must be specified for the protocol translator to respond to Address Resolution Protocol (ARP) attempts for that address. The IP address that the protocol translation software listens for must be on a connected subnet; it cannot be used by another interface unless you also specify a TCP port number, and there cannot be another host that responds to ARPs for that address.
Examples
The following example sets the IP address for a translation ruleset:
translate use telnet 10.10.1.5
translate ruleset T_to_P from telnet to pad
description Site1 10.10.1.5 Area Code 555 exchg 900
match dest-addr ^10.10.1.5$ dest-port ^[1-5]....$
substitute telnet dest-port ^1(....) into pad dest-addr 555900\1
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation rule set. |
match (ruleset) |
Identifies a connection for processing by the translation rule set. |
options (ruleset) |
Specifies protocol translation options in a translation rule set. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation rule set. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rule sets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation rule set. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation rule set. |
test (ruleset) |
Tests parameter values in a translation rule set using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation rule set, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 pvc translate ruleset |
Configures PVCs that are valid for protocol translation rule set handling. |
translate x25
To translate a connection request to another protocol connection type when receiving an X.25 connection request to a particular destination address or hostname, use the translate x25 command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate x25 incoming-address [ incoming-options [ pvc number [ pvc-options ]]] protocol outgoing-address [ outgoing-options ] [ global-options ]
no translate x25 incoming-address [ incoming-options [ pvc number [ pvc-options ]]] protocol outgoing-address [ outgoing-options ] [ global-options ]
Syntax Description
incoming-address |
An X.25 and X.121 address that conforms to specifications provided in the CCITT 1984 Red Book. This address generally consists of a portion that is administered by the public data network (PDN) and a portion that is locally assigned. You must be sure that the numbers you assign agree with the addresses assigned to you by the X.25 service provider. X.121 addresses are generally subaddresses of X.121 addresses for X.25 network interfaces. Typically, the interface address will be a 12-digit number. Any additional digits are interpreted as a subaddress. The PDN still routes these calls to the interface, and Cisco IOS software is responsible for interpreting the extra digits. Do not use the same address on the interface and for translation. |
incoming-options |
(Optional) An incoming connection request option with the following choices:
- accept-reverse —Accepts reverse charged calls on an X.121 address even if the serial interface is not configured to accept reverse charged calls.
- cud c-u-data —Specifies the Call User Data (CUD) field to match the X.25 Incoming Call packet. If the cud keyword is not configured, the CUD in the Incoming Call packet must be blank.
- hexcud —Indicates that the CUD will be interpreted in hexadecimal format.
|
|
- idle minutes —Specifies the number of minutes the virtual circuit is idle. This keyword enables the protocol translation function to clear a switched virtual circuit (SVC) after a set period of inactivity, where minutes is the number of minutes in the period. Calls either originated or terminated are cleared. The maximum value of the minutes argument is 255. The default value of the minutes argument is zero.
|
|
- printer —Supports local-area transport (LAT) and TCP printing over an X.25 network among multiple sites. Provides an “interlock mechanism” between the acceptance of an incoming X.25 connection and the opening of an outgoing LAT or TCP connection. This keyword causes the Cisco IOS software to delay the call confirmation of an incoming X.25 call request until after the outgoing protocol connection (to TCP or LAT) has been established. An unsuccessful outgoing connection attempt to the router results in the incoming X.25 connection being refused, rather than being accepted and then closed, which is the default behavior. Note that using this keyword will force the global quiet keyword to be applied to the translation.
- profile profile —Sets X.3 packet assembler/disassembler (PAD) parameters as defined in the profile created by the x29 profile command.
|
pvc number [ pvc-options ] |
(Optional) Specifies that the outgoing connection is actually a permanent virtual circuit (PVC). Only one session is allowed per PVC. Use the following options to further define the connection: – interface serial number —Specifies a PVC interface on which to set up the PVC connection. The number argument specifies the virtual circuit channel number of the connection, which must be less than the virtual circuits assigned to the SVC. – packetsize in-size out-size —Specifies the input packet size ( in-siz e) and output packet size ( out-size) for the PVC. Valid packet size values are 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096. – windowsize in-size out-size —Specifies the packet count for input windows ( in-size) and output windows ( out-size) for the outgoing translation. The size range is from 1 to 127 and must not be greater than the value set for the x25 modulo command. You must specify the same value for in-size and out-size arguments. Note When the incoming connection is a PVC, the login and authorize global options and the autocommand option for the outbound protocol are not available. |
protocol outgoing-address |
A protocol name followed by an address or hostname. Protocol translation choices are lat, ppp, slip, and tcp. Note The hostname is translated to an address during configuration, unless you are translating to TCP and using the host-name keyword, which allows the hostname to be resolved at connection time instead of configuration time. See Table 58 for more information about the host-name keyword. The following additional keywords can be entered instead of a protocol name:
- autocommand —Specifies an EXEC command for an outgoing connection. The command executes upon connection to a host. You can issue any EXEC command and any switch or hostname as an argument to the autocommand option. If the string following autocommand has one or more spaces as part of the string, you must place quotation marks (“ ”) around the string. If you want to enable AppleTalk Remote Access (ARA) on an outgoing connection, specify the autocommand and arap keywords. These keywords are necessary for ARA because ARA does not use addressing, and this option permits you to invoke the ARA string.
Note The autocommand option is not available when the incoming connection is a PVC.
- virtual-template — Associates a virtual template with a virtual access interface. See the translate x25 (virtual access interfaces) command description for more information.
|
outgoing-options |
(Optional) Outgoing connection request option. Choices depend on the protocol or command entered. See Table 55 , Table 56 , Table 57 , and Table 58 for a list of outgoing protocol translation options. |
global-options |
(Optional) One or more of the following translation options can be used by any connection type:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The number argument is an integer previously assigned to an access list. Standard access list numbers range from 1 to 99; expanded standard access list numbers range from 1300 to 1999.
- authorize method-list tag —Enables authorization for protocol translation sessions. The method-list argument is the list of authorization methods defined by the aaa authorization command with the translate keyword. The method-list argument may have the value of the list-name argument or the default keyword. The tag argument is an alphanumeric string of up to 64 characters. The tag argument need not be unique; more than one instance of the translate keyword can specify identical values for the tag argument.
Note The authorize option is not available when the incoming connection is a PVC.
- eor marker [ insert ]— Defines the End-of-Record (EOR) marker for the translation session. The marker argument may be any set of characters from 1 to 4 in length. Nonprintable characters must be entered in hexadecimal format. The insert keyword inserts the EOR marker into the TCP stream after each X.25 packet without a More-bit (M-bit) set is received.
- local —Specifies that the Telnet protocol negotiations not be translated.
- login —Requires that the user log in before establishing the outgoing connection. This type of login is specified on the virtual terminal lines with the login option.
Note The login option is not available when the incoming connection is a PVC.
- max-users number —Limits the number of simultaneous users of the translation to number (an integer you specify).
- quiet —Suppresses printing of user-information messages.
- swap —(Valid for only X.25-to-TCP translations.) Allows the host to set X.3 parameters on the router by initiating the X.25 call, or through an X.29 profile. This configuration swaps the incoming and outgoing X.25 connections and the device is treated like a PAD when it accepts a call. By default, the router functions like a PAD for the calls it initiates, and like an X.25 host for the calls it accepts. The swap keyword allows connections from an X.25 host that wants to connect to the router, and then treats the router like a PAD.
|
Command Default
No default translation parameters are set.
Command Modes
Global configuration (config)
Command History
|
|
|
10.0 |
This command was introduced. |
12.3(2)T |
The authorize method-list tag keyword and arguments were added to support authorization of protocol translation sessions. The eor marker [ insert ] keywords and argument were added to support the EOR function for Data Communication Networks (DCNs). |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
15.1(2)T |
This command was modified. The hexcud incoming-option keyword was added. This keyword allows you to enter and interpret the CUD in hexadecimal format. |
Usage Guidelines
You can define protocol translation connections by supplying a protocol keyword and the address, hostname, or service name. An X.25 protocol translation command can be as simple as the following example:
Router(config)# translate X.25 1236672 tcp 10.1.1.1
Cisco IOS software provides a broad range of options that support protocol translations in many networking environments. Table 55 , Table 56 , Table 57 , and Table 58 lists the translate x25 translation options by protocol.
You can also use the Cisco IOS command-line interface to help you understand how these keywords are entered. In global configuration mode, enter the translate command and add a question mark at the end of the command to display the available options. Here are some examples:
Router(config)# translate x25 ?
WORD X.121 Address pattern
Router(config)# translate x25 66666 ?
accept-reverse Accept reverse charge on a per-call basis
autocommand Associate a command with a translation on this connections
cud Specify the Call User Data (CUD)
idle Specify VC idle timer
printer Enable non-interactive (implies global quiet)
profile Use a defined X.3 profile
pvc An incoming connection is actually a PVC
virtual-template Associate a virtual template with virtual access interface
Router(config)# translate x25 66666 tcp 10.1.1.1 ?
access-class Allow access list parameters to be used by source hosts
binary Negotiate Telnet binary mode on the connection
host-name Store the host name rather than its IP address
local Allow Telnet protocol negotiations not to be translated
login Require that the user log in before the outgoing connection
max-users Limit the number of simultaneous users of the translation
multibyte-IAC Always treat multiple IACs as telnet command
quiet Suppress printing of user-information messages
source-interface Specify source interface
stream Treat telnet escape characters as data
swap Allow X.3 parameters to be set on the protocol translator
by the host originating the X.25 call
Table 55 X.25-to-LAT Outgoing Options
|
|
lat service-name Translates X.25 to the LAT protocol.The software must learn the service name through LAT service advertisements before it can use the service. |
|
Outgoing LAT Connection Request Options
|
Use the following options to configure LAT connection requests:
- node name— Connects to the specified node that offers a LAT service. By default, the connection is made to the highest-rated node that offers the service.
- port name —Specifies the destination LAT port name in the format of the remote system. This parameter is usually ignored in most time-sharing systems, but is used by terminal servers that offer reverse-LAT services.
- unadvertised — Prevents LAT service advertisements from being broadcast to the network.
|
Table 56 X.25-to-PPP Outgoing Options
|
|
ppp { ip-address | ip-pool [ scope-name name ]} Translates from X.25 to virtual asynchronous PPPs. Supply an IP address as a standard, four-part dotted-decimal IP address. The ip-pool keyword obtains an IP address from a DHCP proxy client or a local pool. If the scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. |
|
Outgoing PPP Connection Request Options
|
Use the following options to configure PPP connection requests:
- authentication { pap | chap }— Sets Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) authentication for PPP on virtual asynchronous interfaces. If you specify both options, the order is significant; the system will try to use the first authentication type, and then the second.
- header-compression — Configures header compression on IP packets only.
- ipx loopback number— Specifies the loopback interface to be created and permits clients running IPX-PPP over X.25 to connect through vtys on the router. A loopback interface must be created and configured with a Novell IPX network number before IPX-PPP can work on the vty. The vty is assigned to the loopback interface.
- keepalive number-of-seconds— Specifies the interval at which keepalive packets are sent on Serial Line Internet Protocol (SLIP) and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To disable keepalive packets, use the value 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in the more system:running-config or show translate command output.
|
- mtu bytes— Sets the interface MTU of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The range is from 64 to 1,000,000 bytes.
- routing —Permits routing updates between connections. This option is required if the destination device is not on a subnet connected to one of the interfaces on the router.
- use-tacacs —Uses TACACS to verify PPP authentications for CHAP or PAP on virtual asynchronous interfaces.
|
Table 57 X.25-to-SLIP Outgoing Options
|
Outgoing SLIP Translation
|
slip { ip-address | ip-pool [ scope-name name ]} Translates from X.25 to v irtual asynchronous SLIP. Supply an IP address as a standard, four-part dotted-decimal IP address. The ip-pool keyword obtains an IP address from a DHCP proxy client or a local pool. If the scope-name keyword is not specified, the address is obtained from a DHCP proxy client. If the scope-name keyword is specified, the IP address is obtained from the specified local pool. The scope-name keyword can specify a range of IP addresses. Note The slip command applies only to outgoing connections; SLIP is not supported on incoming protocol translation connections. |
|
Outgoing SLIP Connection Request Options
|
Use the following options to configure SLIP connection requests:
- header-compression [ passive ]— Implements header compression on IP packets only. The passive keyword permits compression on outgoing packets only if incoming TCP packets on the same virtual asynchronous interface are compressed. The default (without the passive keyword) permits compression on all traffic.
- ipx loopback number— Specifies the loopback interface to be created and permits clients running IPX-PPP over X.25 to connect through vtys on the router. A loopback interface must have been created and configured with a Novell IPX network number before IPX-PPP can work on the vty. The vty is assigned to the loopback interface.
- keepalive number-of-seconds— Specifies the interval at which keepalive packets are sent on SLIP and PPP virtual asynchronous interfaces. By default, keepalive packets are enabled and sent every 10 seconds. To shut off keepalive packets, use the value 0. The active keepalive interval is 1 through 32,767 seconds. When you do not change from the default of 10, the keepalive interval does not appear in the more system:running-config or show translate command output.
- mtu bytes— Sets the interface MTU of packets that the virtual asynchronous interface supports. The default MTU is 1500 bytes on a virtual asynchronous interface. The acceptable range is from 64 to 1,000,000 bytes.
- routing —Permits routing updates between connections. This keyword is required if the destination device is not on a subnet connected to one of the interfaces on the router.
|
Table 58 X.25-to-TCP Outgoing Options
|
|
tcp ip-address Translates X.25 to TCP/IP Telnet. Supply an IP address as a standard, four-part dotted-decimal IP address, or the name of an IP host that can be resolved by the DNS, or an explicit specification in an ip host command (see the description for the host-name keyword in the “Outgoing TCP Connection Request Options” section). |
|
Outgoing TCP Connection Request Options
|
Use the following options to configure TCP connection requests:
- binary —Negotiates Telnet binary mode on the connection.
- host-name —Stores the hostname rather than its IP address, thereby allowing the hostname to be resolved at connection time instead of configuration time. There is also a rotor keyword suboption that you can use to modify the behavior of the host-name keyword by randomly choosing one of the IP addresses defined by the ip host configuration command. If one address fails, another one will be tried until all addresses are exhausted. You can use the rotor keyword to provide basic load sharing of IP destinations.
- multibyte-IAC —Always treat multiple Interpret as Command (IAC) escape character codes as Telnet commands.
- port number —For incoming connections, enter the corresponding port number. The default is port for Telnet is 23.
- source-interface —Specifies the source address used for Telnet connections initiated by the router.
- stream —Performs stream processing, which enables a raw TCP stream with no Telnet control sequences. A stream connection does not process or generate any Telnet options, and also prevents Telnet’s processing of data stream. This option might be useful for connections to ports running UNIX-to-UNIX Copy Program (UUCP) or other non-Telnet protocols, or to ports connected to printers. For ports connected to printers using Telnet, the stream keyword prevents most problems associated with using Telnet for printers, such as unusual events happening to carriage returns or line feeds and echoing of data back to VPN/Security Management Solution (VMS) systems.
|
Protocol Translation and X.25 PVCs Functional Description
This section describes how the protocol translator works with X.25 PVCs. It will help you understand the overall behavior of incoming and outgoing X.25 PVCs associated with a translate command, enabling you to correctly configure protocol translator PVCs for your application.
Configuring X.25 PVCs
When the translate x25 command is configured with a PVC, an attempt is made to create the PVC. The following conditions can cause this attempt to fail:
- The PVC number in the translate x25 command is not within the range of logical channels defined for use by PVCs in the interface configuration.
- The PVC number in the translate x25 command is already in use.
- An X.25 destination in a translate x25 command is routed to X.25 over TCP/IP (XOT), Connection Mode Network Service (CMNS), or Annex G, which do not support translated PVCs.
PVC numbers must be unique across an X.25 connection; however, PVC 1 on serial interface 1/0 is different (and therefore unique) from PVC 1 on serial interface 2/1.
Once the translate x25 command is accepted, the X.25 interface on which the PVC is created goes down, the PVC enters an inactive state, the TCP or LAT connection is terminated, but the existing PAD context remains inactive.
An incoming TCP or LAT connection associated with an outgoing PVC (displaying a “P/Inactive message”) will be rejected by the protocol translator.
If any X.25 traffic is received while the corresponding TCP or LAT connection is terminated, and if a data packet is received in state D1, a reset with a diagnostic message will be displayed, similar to the following:
20:17:11.809: Serial2: X.25 O D1 Reset (5) 8 lci 4
20:17:11.809: Cause 29, Diag 113 (Network out of order (PVC)/Remote network problem)
The number of outgoing and incoming protocol translation PVCs is limited only by the number of vtys supported on the Cisco router. Remember that each protocol translation session uses a vty, which lowers the number of vtys available for Telnet sessions.
By default, the Cisco router sends a reset packet with the cause “PVC Network Operational” and diagnostic “Maintenance action” messages at the start of a TCP- or LAT-to-PVC translation session to announce that the connection is established and that the PVC is able to handle data traffic. To suppress the PVC reset packet at TCP or LAT session startup, configure the no-reset keyword as shown in the following example:
translate tcp 192.168.22.102 port 5 x25 333 pvc 5 no-reset profile tcl
Changing or Removing a translate Command PVC Configuration
Removing a translate command with an outgoing PVC specified is allowed only when no active connection is associated with the outgoing PVC. An attempt to remove an active translation results in the following message:
Translate: Can’t delete/add entry - Connection(s) are currently active
For example, if PVC 5 is assigned to a translate command as shown in the following example:
translate tcp 10.0.155.61 port 5 x25 5 pvc 5 interface Serial2/0
And you want PVC 5 to be assigned under an X.25 interface instead of the translate command, as shown in the following example:
x25 pvc 5 int s4/0 pvc 25
Perform the following steps to configure this reassignment:
Step 1 Check whether a PVC is associated with a serial connection using the show x25 EXEC command, as follows:
PVC 5, State:D1, Interface:Serial2/0
Line:230 vty 4 Location:Host:nmos3m1
connected to PAD <--> X25
Step 2 If the PVC is associated with a TCP connection, terminate the connection by disconnecting the TCP session or by using the clear line EXEC command, as shown in the following example:
Step 3 Enter configuration mode, delete the translate command, and reassign PVC 5 to an interface:
Router(config)# no translate tcp 10.0.155.61 port 5 x25 5 pvc 5 interface Serial2/0
Router(config)# interface serial2/0
Router(config-if)# x25 pvc 5 int s4/0 pvc 25
If you want to modify the translate command and change the PVC number from 5 to 12, follow Steps 1 and 2, and modify the translate command with PVC 12, as follows:
Router(config)# translate tcp 10.0.155.61 port 12 x25 12 pvc 12 interface Serial2/0
Understanding the X.25 Address and the PVC Interface Option on a translate Command
The protocol translator locates the X.121 destination address in the X.25 route table to determine the interface on which to establish the PVC. A more up-to-date, simpler approach uses the translate command with the interface keyword, which ignores the status of the interface by avoiding references to the X.25 route table.
For example, instead of configuring an x25 route command for each translated PVC, and entering a long X.121 address on the translate command, as shown in the following example:
x25 route ^32785223344502 interface Serial1/5
translate tcp 10.0.155.61 port 2502 x25 32785223344502 pvc 1
You can enter one translate command that links the IP port number with the X.121 address and specifies the interface on which to establish the PVC, as follows:
translate tcp 10.0.155.61 port 2502 x25 2502 pvc 1 interface Serial 1/5
This is the recommended approach and should be adopted in place of translate commands that cause the destination address to be looked up in the route table.
Examples
The following example shows how to use the translate global configuration command to translate from an X.25 PAD to a LAT device on Network A. It is applied to Router-A. The configuration example includes an access list that limits remote LAT access through Router-A to connections from PAD-C. This example typifies the use of access lists in the Cisco IOS software. The first two lines define the scope of access list 1. The first line specifies that access list 1 will permit all calls from the X.121 address 44444. The caret symbol (^) specifies that the first number 4 is the beginning of the address number. The second line of the definition explicitly denies calls from any other number. (Refer to the appendix “Regular Expressions” in the Cisco IOS Terminal Services Configuration Guide for information about the use of special characters in defining X.121 addresses.)
! Define X25 access list to only allow pad-c.
x29 access-list 1 permit ^44444
translate x25 1111101 lat LAT-A access-class 1
The following example shows a simple X.25-to-TCP translate x25 command. Packets coming in X.25 address 652365123 arrive via PVC 1 and are translated to TCP packets and sent out through the IP address 172.16.1.1.
translate x25 652365123 pvc 1 tcp 172.16.1.1
The following example shows a more complex configuration that calls an X.29 profile and swaps the default PAD operation of the router with that of an X.25 host. The name of the profile is fullpackets.
x29 profile fullpackets 2:0 3:0 4:100 7:21
translate x25 217536124 profile fullpackets tcp Host1 port 4006 swap
The following example shows the use of the X.25 incoming protocol printer keyword for an incoming X.25 connection:
translate x25 55555 printer tcp 172.16.1.1
The following example shows how to cause the protocol translator to try and connect to the IP address 172.16.1.1, and if that fails, to try all IP addresses listed in the ip host command:
ip host my-hosts 172.16.1.1 172.16.2.1 172.16.3.1
translate x25 55555 tcp my-hosts host-name
The following example shows how to use the rotor keyword to enable the protocol translator to randomly choose one of the IP addresses listed in the ip host command, and if it fails to connect, to try another IP address, until all IP addresses are exhausted:
ip host my-hosts 172.16.1.1 172.16.2.1 172.16.3.1
translate x25 55555 tcp my-hosts host1 rotor
The following example shows how to translate X.25 packets to PPP and enable routing updates between the two connections:
translate x25 12345678 ppp 10.0.0.2 routing
The following example shows how to permit clients running AppleTalk Remote Access (ARA) to connect through the virtual terminal lines of the device to an AppleTalk network:
translate x25 12345678 autocommand arap
arap require-manual-password
The following example shows how to specify a pool of IP addresses from a DHCP server named D-Server1. The example also shows how the incoming TCP traffic is translated to SLIP. The DHCP server will dynamically assign IP addresses to outgoing sessions.
ip address-pool dhcp-proxy-client
translate x25 5467835 ppp ip-pool scope-name D-Server1
The following example shows how to specify a local IP pool named Pool2 with IP addresses ranging from 172.18.10.10 to 172.18.10.110. The example also shows how incoming X.25 traffic can be translated to PPP. The local IP pool Pool2 will be used to dynamically assign IP addresses to outgoing sessions.
ip-pool Pool2 172.18.10.10 172.18.10.110
translate x25 1234567 ppp ip-pool scope-name Pool2
The following example shows how to set the idle timer. X.25 calls are cleared if they are idle for the configured time.
translate x25 1234 idle 2 lat Service3
The following example shows how to configure an X.25-to-TCP protocol translation session to insert an EOR marker in a TCP packet that does not contain the M-bit set. The EOR marker in this example consists of printable characters.
translate x25 12345678 pvc 3 tcp 10.60.155.63 eor AAA insert
The following example shows how to use the default authorization method list. Incoming PAD calls to the router on serial interface 1/1 are translated to Telnet calls for various destinations based on the X.25 subaddress. Use of the first two translate statements is restricted to users that are approved by the authorization server for access to group1; the third translate statement will complete the connection only if the authorization server grants access to group2.
aaa authorization network default group tacacs+
translate x25 555108801 tcp 10.60.155.1 login authorize default group1
translate x25 555108802 tcp 10.60.155.2 login authorize default group1
translate x25 555108803 tcp 10.60.155.3 login authorize default group2
Related Commands
|
|
|
aaa authorization |
Sets parameters that restrict user access to a network. |
show translate |
Displays configured translation sessions. |
translate lat |
Translates a LAT connection request automatically to another outgoing protocol connection. |
translate tcp |
Translates a TCP connection request automatically to another outgoing protocol connection. |
translate x25 (virtual access interfaces) |
Translates a connection request to an outgoing protocol connection type. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
translate x25 (virtual access interfaces)
When receiving an X.25 connection request to a particular destination address, to set up the Cisco router to automatically translate the request to another outgoing protocol connection type, use the translate x25 command in global configuration mode. To remove or change the translation request, use the no form of this command.
translate x25 incoming-address [ incoming-options [ pvc number [ pvc-options ]]] virtual-template number [ global-options ]
no translate x25 incoming-address [ incoming-options [ pvc number [ pvc-options ]]] virtual-template number [ global-options ]
Syntax Description
incoming-address |
An X.25 and X.121 address that conform to specifications provided in the CCITT 1984 Red Book. This address generally consists of a portion that is administered by the public data network (PDN) and a portion that is locally assigned. You must be sure that the numbers that you assign agree with the addresses assigned to you by the X.25 service provider. The X.121 addresses generally will be subaddresses of the X.121 address for the X.25 network interface. Typically, the interface address will be a 12-digit number. Any additional digits are interpreted as a subaddress. The PDN still routes these calls to the interface, and the Cisco IOS software is responsible for interpreting the extra digits. Do not use the same address on the interface and for translation. |
incoming-options |
(Optional) Incoming connection request keywords and arguments, as follows:
- accept-reverse —Accepts reverse charged calls on an X.121 address even if the serial interface is not configured to accept reverse charged calls. This is an incoming option only.
- cud c-u-data— Specifies the Call User Data (CUD) field to match in the X.25 Incoming Call packet. If not configured, the CUD in the Incoming Call packet must be blank.
|
|
- printer —Supports LAT and TCP printing over an X.25 network among multiple sites. Provides an “interlock mechanism” between the acceptance of an incoming X.25 connection and the opening of an outgoing LAT or TCP connection. The printer keyword causes the protocol translation software to delay the call confirmation of an incoming X.25 call request until the outgoing protocol connection (to TCP or LAT) has been successfully established. An unsuccessful outgoing connection attempt to the router results in the incoming X.25 connection being refused, rather than being confirmed and then cleared, which is the default behavior. Note that using this keyword will force the global quiet keyword to be applied to the translation.
|
|
- profile profile —Sets the X.3 PAD parameters as defined in the profile created by the x29 profile command.
|
pvc number [ pvc-options ] |
- pvc number [ interface serial number | packetsize in-size out-size | windowsize in-size out-size ] —Specifies that the outgoing connection is actually a PVC. The number argument specifies the virtual circuit channel number of the connection, which must be less than the virtual circuits assigned to the switched virtual circuit (SVC).Only one session is allowed per PVC. Use the following optional keywords and arguments to further define the connection:
– interface serial number —Specifies a PVC interface on which to set up the PVC connection. |
|
– packetsize in-size out-size —Specifies the input packet size ( in-siz e) and output packet size ( out-size) for the PVC. Valid packet size values are as follows: 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096. – windowsize in-size out-size —Specifies the packet count for input windows ( in-size) and output windows ( out-size) for the outgoing translation. Values of in-size and out-size range from 1 to 127 and must not be greater than the value set for the x25 modulo command. You must specify the same value for in-size and out-size. |
virtual-template number |
Applies the virtual interface template specified by the number argument in place of outgoing options. |
global-options |
(Optional) Translation options that can be used by any connection type and can be one or more of the following:
- access-class number —Allows the incoming call to be used by source hosts that match the access list parameters. The argument number is an integer previously assigned to an access list. Standard access list numbers are in the range from1 to 99; expanded standard access lists numbers are in the range 1300 to 1999.
- local —Allows Telnet protocol negotiations to not be translated.
- login —Requires that the user log in before the outgoing connection is made. This type of login is specified on the virtual terminal lines with the login command.
- max-users number —Limits the number of simultaneous users of the translation to number (an integer you specify).
- quiet —Suppresses printing of user-information messages.
- swap —Valid for X.25-to-TCP translations only, and allows X.3 parameters to be set on the router by the host originating the X.25 call, or by an X.29 profile. This keyword allows incoming and outgoing X.25 connections to be swapped so that the device is treated like a PAD when it accepts a call. By default, the router functions like a PAD for calls that it initiates, and like an X.25 host for calls it accepts. The swap keyword allows connections from an X.25 host that wants to connect to the router, and then treats it like a PAD.
|
Defaults
No default translation parameters.
Command Modes
Global configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The command syntax documented here shows how to apply a virtual interface template in place of outgoing translate x25 options. If you are using virtual templates for protocol translation, all outgoing options are defined in the virtual interface template. Table 59 lists all outgoing options and their corresponding interface configuration commands.
You define the protocol translation connections by choosing a protocol keyword and supplying the appropriate address or service name. The protocol connection information is followed by optional features for that connection, as appropriate. The global options, in general, apply to all the connection types, but there are exceptions. The swap keyword, for example, is for X.25- to-TCP translations only. See the example for more explanations on how to enter this command.
Rather than specifying outgoing translation options in the translate command, configure these options as interface configuration commands under the virtual interface template, then apply the virtual interface template to the translate command. Table 59 maps outgoing translate command options to interface commands you can configure in the virtual interface template.
Table 59 Mapping Outgoing translate x25 Options to Interface Commands
|
translate x25 Command Options
|
Corresponding Interface Configuration Command
|
ip-pool |
peer default ip address { ip-address | dhcp | pool [ poolname ]} |
header-compression |
ip tcp header compression [ on | off | passive ] |
routing |
ip routing or ipx routing |
mtu |
mtu |
keepalive |
keepalive |
authentication { chap | pap } |
ppp authentication { chap | pap } |
ppp use-tacacs |
ppp use-tacacs |
ipx loopback |
ipx ppp-client loopback number |
Examples
The following example shows a virtual template with PPP encapsulation specified by default (not explicit). It also specifies CHAP authentication and an X.29 access list.
x29 access-list 1 permit ^5555
interface Virtual-Template1
peer default ip address 172.16.2.129
translate x25 5555667 virtual-template 1 access-class 1
Related Commands
|
|
|
interface virtual-template |
Creates a virtual template interface that can be configured and applied dynamically in creating virtual access interfaces. |
show translate |
Displays configured translation sessions. |
translate lat |
Translates a LAT connection request automatically to another outgoing protocol connection type. |
translate tcp |
Translates a TCP connection request automatically to another outgoing protocol connection type. |
x29 access-list |
Limits access to the access server from certain X.25 hosts. |
x29 profile |
Creates a PAD profile script for use by the translate command. |
transport-map type console
To create and name a transport map for console port access and enter transport map configuration mode, use the transport-map type console command in global configuration mode. To delete a transport map for console port access that was previously created, use the no form of this command.
transport-map type console transport-map-name
no t ransport-map type console transport-map-name
Syntax Description
transport-map-name |
Specifies the name of the transport map. |
Command Default
No transport maps are configured by default.
Command Modes
Global configuration (config)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
The characteristics of the transport map are defined in transport map configuration mode.
The following options can be configured in transport map configuration mode:
- connection wait —Specifies how a persistent Telnet or persistent SSH connection will be handled using this transport map.
- banner [ diagnostic | wait ]—Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the persistent Telnet or persistent SSH configuration.
See the command references for the individual options for additional information on a specific option.
The transport map is not actively managing incoming console port connections until it is enabled using the transport type console console-line-number input transport-map-name global configuration command.
The connection and banner settings of the transport map applied to the console port can be seen by entering the show platform software configuration access policy command.
Examples
In the following example, a transport map to set console port access policies is created and attached to console port 0.
Router(config)# transport-map type console consolehandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
Welcome to diagnostic mode
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
Router(config-tmap)# exit
Router(config)# transport type console 0 input consolehandler
Related Commands
|
|
|
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
transport type console |
Applies an already-configured console port transport map to a console interface. |
transport-map type persistent
To create and name a transport map for persistent Telnet, SSH, or web user interface connections and enter transport map configuration mode, use the transport-map type persistent command in global configuration mode. To delete a previously created transport map for persistent Telnet, SSH, or web user interface connections, use the no form of this command.
transport-map type persistent [ ssh | telnet | webui ] transport-map-name
no trans port-map type persistent [ ssh | telnet | webui ] transport-map-name
Syntax Description
ssh |
Specifies a persistent SSH transport map. |
telnet |
Specifies a persistent Telnet transport map. |
webui |
Specifies a persistent web user interface transport map. |
transport-map-name |
Specifies the name of the transport map. |
Command Default
No transport maps are configured by default.
Command Modes
Global configuration (config)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
The characteristics of the transport map are defined in transport map configuration mode.
The following commands can be configured in persistent Telnet and SSH transport map configuration mode:
- connection wait —Specifies how a persistent Telnet or persistent SSH connection will be handled using this transport map.
- rsa keypair-name —Names the RSA keypair to be used for persistent SSH connections.
- banner [ diagnostic | wait ]—Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the persistent Telnet or persistent SSH configuration.
- time-out —Specifies the SSH timeout interval in seconds.
- transport interface — Applies the transport map settings to the interface. For the Cisco ASR 1000 Series Routers, transport maps for persistent Telnet or persistent SSH handling can only be attached to the Management Ethernet interface, so the only possible value for this option is transport interface gigabitethernet 0 . This is a required step for persistent SSH and persistent Telnet transport maps.
- authentication-retries —Specifies the number of authentication retries before dropping the connection.
The following commands can be configured in persistent web user interface transport map configuration mode:
- server —Enables the HTTP server for the transport map.
- secure-server —Enables the secure HTTP (HTTPS) server for the transport map.
The transport map is not actively managing incoming Telnet or SSH connections until it is applied to an interface and enabled. This command is used to apply a transport map to an interface, and the transport type persistent telnet input global configuration command is used to enable the transport map.
This command is currently only available for Cisco ASR 1000 Series Routers, and transport maps can be applied only to the Management Ethernet interface (interface gigabitethernet 0) on Cisco ASR 1000 Series Routers.
Examples
In the following example, a transport map that will make all Telnet connections wait for the IOS process to become active before connecting to the router, while also allowing the user to interrupt the process and enter diagnostic mode, is configured and applied to the Management Ethernet interface (interface gigabitethernet 0).
A diagnostic and a wait banner are also configured.
The transport map is then applied to the interface when the transport type persistent telnet input command is entered to enable persistent Telnet.
Router(config)# transport-map type persistent telnet telnethandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent telnet input telnethandler
In the following example, a transport map is configured that applies the following settings to any users attempting to access the Management Ethernet port via SSH:
- Users using SSH wait for the IOS process to become active, but enter diagnostic mode if the attempt to access IOS is interrupted.
- The RSA keypair name is “sshkeys.”
- The connection allows one authentication retry.
- The banner “--Welcome to Diagnostic Mode--” appears if diagnostic mode is entered as a result of SSH handling through this transport map.
- The banner “--Waiting for IOS Process--” appears if the connection is waiting for the IOS process to become active.
The transport map is then applied to the interface when the transport type persistent ssh input command is entered to enable persistent SSH.
Router(config)# transport-map type persistent ssh sshhandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# rsa keypair-name sshkeys
Router(config-tmap)# authentication-retries 1
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
X
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# time-out 30
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent ssh input sshhandler
In the following example, this command is used to create a web user interface transport map using the default HTTP port.
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip http server
Router(config)# transport-map type persistent webui http-webui
Router(config-tmap)# server
Router(config-tmap)# exit
Router(config)# transport type persistent webui input http-webui
*Apr 22 02:43:55.798: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to start
Related Commands
|
|
|
authentication-retries |
Specifies the number of SSH authentication retries before dropping the connection when a persistent SSH transport map is applied to the receiving interface. |
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
rsa keypair-name |
Names the RSA keypair to be used for persistent SSH connections. |
server (transport map) |
Enables the HTTP server for a persistent web user interface transport map. |
secure-server |
Enables the HTTPS server for a persistent web user interface transport map. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
time-out |
Specifies the SSH timeout interval in seconds. |
transport interface |
Applies the transport map settings to the interface. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport input
To define which protocols to use to connect to a specific line of the router, use the transport input command in line configuration mode. To change or remove the protocol, use the no form of this command.
transport input {all | none | [acercon] [lat] [mop] [nasi] [pad] [rlogin] [ssh] [telnet] [updtn] [v120]}
no transport input { all | none | [ acercon ] [ lat ] [ mop ] [ nasi ] [ pad ] [ rlogin ] [ ssh ] [ telnet ] [ udptn ] [ v120 ]}
Syntax Description
all |
Assigns the device or interface as the designated-gateway for the domain. |
none |
Prevents any protocol selection on the line. This makes the port unusable by incoming connections. |
acercon |
(Optional) Selects the remote console for Application Control Engine (ACE)-based blade. |
lat |
(Optional) Selects the digital local-area transport (LAT) protocol and specifies both incoming reverse LAT and host-initiated connections. |
mop |
(Optional) Selects Maintenance Operation Protocol (MOP). |
nasi |
(Optional) Selects NetWare Access Servers Interface (NASI) as the input transport protocol. |
pad |
(Optional) Selects X.3 packet assembler/disassembler (PAD) incoming connections. |
rlogin |
(Optional) Selects the UNIX rlogin protocol. |
ssh |
(Optional) Selects the Secure Shell (SSH) protocol. |
telnet |
(Optional) Specifies all types of incoming TCP/IP connections. |
udptn |
(Optional) Specifies the asynchronous data that is sent through UDP Telnet (UDPTN).
- Asynchronous data is encapsulated into UDP packets, and then this data is unreliably sent without establishing a connection with a receiving device. This process is referred to as UDPTN.
|
v120 |
(Optional) Selects the v120 protocol for incoming asynchronous connections over ISDN. |
Defaults
No protocols are allowed on the auxiliary (AUX), console, tty, and vty lines.
Command Modes
Line configuration (config-line)
Command History
|
|
|
10.0 |
This command was introduced. |
11.1 |
This command was modified. The none keyword was added. The action performed by the all option was replaced by the action performed by the none option as the command default action. |
12.3(4)T |
This command was modified. The ssh keyword was added and this command was integrated into Cisco IOS Release 12.3(4)T. |
Cisco IOS XE Release 2.1 |
This command was modified. The acercon keyword was added and this command was integrated into Cisco IOS XE Release 2.1. |
Usage Guidelines
Cisco devices do not accept incoming network connections to tty lines by default. You must specify an incoming transport protocol or specify the transport input all command before the line will accept incoming connections. For example, if you are using your device as a terminal server to make console-port connections to other devices, you will not be able to use Telnet to connect to these devices. You will receive the message "Connection Refused." This behavior is new as of Cisco IOS Release 15.4(3)M4. Previous to Cisco IOS Release 15.4(3)M4, the default was the transport input all command. If you are upgrading to a release later than Cisco IOS Release 15.4(3)M4, you must configure the transport input none command, or you will be locked out of your device.
You can specify one protocol, multiple protocols, all protocols, or no protocols. To specify multiple protocols, enter the keyword for each protocol, separated by a space. For example, the transport input acercon mop command form specifies the acercon and Maintenance Operation Protocol (MOP) protocols.
The transport input command can be useful in distributing resources among different types of users, or in making certain that only specific hosts can access a particular port. While doing the two-step protocol translation, you can use the transport input command to control the protocols that can be translated to other protocols.
Access lists for each individual protocol can be defined in addition to the allowances created by the transport input command. Any settings made with the transport input command override the settings made with the transport preferred command.
The rsh command allows you to run commands on remote machines, log in to other machines, and copy files between machines. Prior to Cisco IOS Release 12.4(24)T, to do an rsh to a router, you had to configure the transport input telnet command. However, in Cisco IOS Release 12.4(24)T and later releases, to do an rsh to the router, you need not configure the transport input telnet command.
Examples
The following example shows you how to set the incoming protocol for the vty lines 0 to 32 to Telnet:
Related Commands
|
|
|
line |
Identifies a specific line for configuration. |
transport output |
Determines the protocols that can be used for outgoing connections from a line. |
transport preferred |
Specifies the transport protocol that is used if the user does not specify one when initiating a connection. |
transport interface
To specify the interface where a transport map should be applied, use the transport interface command in transport map configuration mode command. To restore the default setting where no interface is associated with the transport map, use the no form of this command.
transport interface interface-type interface-number
no transport interface interface-type interface-number
Syntax Description
interface-type |
Specifies the type of interface where the transport map will be applied. For persistent Telnet and persistent SSH on the Cisco ASR 1000 Series Routers, transport maps can only be attached to the Management Ethernet interface (gigabitethernet 0). Therefore, gigabitethernet is the only available interface-type for persistent SSH and persistent Telnet on the Cisco ASR 1000 Series Routers. |
interface-number |
Specifies the interface number. For persistent Telnet and persistent SSH on the Cisco ASR 1000 Series Routers, transport maps can only be attached to the Management Ethernet interface (gigabitethernet 0). Therefore, 0 is the only available interface-number for persistent SSH and persistent Telnet on the Cisco ASR 1000 series routers. |
Command Default
No transport maps are associated with any interfaces by default.
Command Modes
Transport map configuration (config-tmap)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
For persistent SSH and persistent Telnet on the Cisco ASR 1000 Series Router, the only interface that can accept a persistent SSH or persistent Telnet transport map is gigabitethernet 0.
For a transport map to be associated with an interface, this command must specify the interface for the transport map, and the transport type persistent global configuration must be entered to enable the transport map. If this command is not used in a transport map, the transport map is not applied to any interface and therefore has no effect on the handling of any incoming persistent Telnet or persistent SSH traffic.
Examples
In the following example, a transport map that will make all Telnet connections wait for the IOS process to become active before connecting to the router, while also allowing the user to interrupt the process and enter diagnostic mode, is configured and applied to the Management Ethernet interface (interface gigabitethernet 0).
A diagnostic and a wait banner are also configured.
The transport map is then applied to the interface when the transport type persistent telnet input command is entered to enable persistent Telnet.
Router(config)# transport-map type persistent telnet telnethandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent telnet input telnethandler
In the following example, a transport map is configured that applies the following settings to any users attempting to access the Management Ethernet port via SSH:
- Users using SSH wait for the IOS process to become active, but enter diagnostic mode if the attempt to access IOS is interrupted.
- The RSA keypair name is “sshkeys”.
- The connection allows one authentication retry.
- The banner “--Welcome to Diagnostic Mode--” appears if diagnostic mode is entered as a result of SSH handling through this transport map.
- The banner “--Waiting for IOS Process--” appears if the connection is waiting for the IOS process to be come active.
The transport map is then applied to the interface when the transport type persistent ssh input command is entered to enable persistent SSH.
Router(config)# transport-map type persistent ssh sshhandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# rsa keypair-name sshkeys
Router(config-tmap)# authentication-retries 1
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
X
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# time-out 30
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent ssh input sshhandler
Related Commands
|
|
|
authentication-retries |
Specifies the number of SSH authentication retries before dropping the connection when a persistent SSH transport map is applied to the receiving interface. |
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
rsa keypair-name |
Names the RSA keypair to be used for persistent SSH connections. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
time-out |
Specifies the SSH timeout interval in seconds. |
transport type persistent |
Applies an already-configured persistent transport map to an interface. |
transport-map type persistent |
Creates and names a persistent transport map and enters transport map configuration mode. |
transport output
To determine the protocols that can be used for outgoing connections from a line, use the transport output command in line configuration mode. To change or remove the protocol, use the no form of this command.
transport output { all | lat | mop | nasi | none | pad | rlogin | telnet | v120 }
no transport output { all | lat | mop | nasi | none | pad | rlogin | telnet | v120 }
Syntax Description
all |
Selects all protocols. |
lat |
Selects the Digital LAT protocol, which is the protocol used most often to connect routers to Digital hosts. |
mop |
Selects Maintenance Operation Protocol (MOP). |
nasi |
Selects NetWare Access Server Interface (NASI) as the output transport protocol. |
none |
Prevents any protocol selection on the line. The system normally assumes that any unrecognized command is a host name. If the protocol is set to none, the system no longer makes that assumption. No connection will be attempted if the command is not recognized. |
pad |
Selects X.3 packet assembler/disassembler (PAD), used most often to connect routers to X.25 hosts. |
rlogin |
Selects the UNIX rlogin protocol for TCP connections. The rlogin setting is a special case of Telnet. If an rlogin attempt to a particular host has failed, the failure will be tracked, and subsequent connection attempts will use Telnet instead. |
telnet |
Selects the TCP/IP Telnet protocol. It allows a user at one site to establish a TCP connection to a login server at another site. |
v120 |
Selects the V.120 protocol for outgoing asynchronous connections over ISDN. |
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
11.1 |
The following keywords were added:
|
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
You can specify one protocol, multiple protocols, all protocols, or no protocols. To specify multiple protocols, enter the keyword for each protocol, separated by a space.
Any settings made with the transport output command override settings made with the transport preferred command.
Examples
The following example prevents any protocol selection:
Related Commands
|
|
|
transport input |
Defines which protocols to use to connect to a specific line of the router. |
transport preferred |
Specifies the transport protocol that the Cisco IOS software uses if the user does not specify one when initiating a connection. |
transport preferred
To specify the transport protocol that the Cisco IOS software uses if the user does not specify one when initiating a connection, use the transport preferred command in line configuration mode. To change or remove the protocol, use the no form of this command.
transport preferred { lat | mop | nasi | none | pad | rlogin | telnet | v120 }
no transport preferred { lat | mop | nasi | none | pad | rlogin | telnet | v120 }
Syntax Description
lat |
Selects the Digital LAT protocol, which is the protocol used most often to connect routers to Digital hosts. |
mop |
Selects Maintenance Operation Protocol (MOP). |
nasi |
Selects NetWare Access Server Interface (NASI) protocol. |
none |
Prevents any protocol selection on the line. The system normally assumes that any unrecognized command is a host name. If the protocol is set to none, the system no longer makes that assumption. No connection is attempted if the command is not recognized. |
pad |
Selects X.3 packet assembler/disassembler (PAD), used most often to connect routers to X.25 hosts. |
rlogin |
Selects the UNIX rlogin protocol for TCP connections. The rlogin setting is a special case of Telnet. If an rlogin attempt to a particular host has failed, the failure will be tracked, and subsequent connection attempts will use Telnet instead. |
telnet |
Selects the TCP/IP Telnet protocol. It allows a user at one site to establish a TCP connection to a login server at another site. |
v120 |
Selects the asynchronous protocols over ISDN. |
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
11.1 |
The following keywords were added:
|
12.4 |
The all keyword is no longer supported. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Specify the transport preferred none command to prevent errant connection attempts.
Any settings made with the transport input or transport output commands override settings made with the transport preferred command.
Examples
The following example sets the preferred protocol to Telnet on physical terminal line 1:
transport preferred telnet
Related Commands
|
|
|
terminal transport preferred |
Specifies the preferred protocol to use for the current session when a command does not specify one. |
transport input |
Defines which protocols to use to connect to a specific line of the router. |
transport output |
Determines the protocols that can be used for outgoing connections from a line. |
transport type console
To enable an already configured console port transport map, use the transport type console command in global configuration mode. To disable a previously enabled console port transport map, use the no form of this command.
transport type console console-line-number input transport-map-name
no transpor t type console console-line-number input
Syntax Description
console-line-number |
The console port or line number. |
input |
Specifies that the transport map settings are applied to traffic entering the interface.
Transport maps for console port handling are only applied in the input direction. |
transport-map-name |
Specifies the name of the transport map to attach to the interface. |
Command Default
No transport maps are configured or applied to interfaces by default.
Command Modes
Global configuration (config)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
A transport map is not actively managing incoming console port connections until it is enabled. This command enables the transport map.
Transport maps for console ports are created using the transport-map type console command. The transport-map-name in the transport -map type console command and this command must match in order to properly apply the transport map to the console interface.
Examples
In the following example, a transport map to set console port access policies is created and attached to console port 0.
Router(config)# transport-map type console consolehandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
Welcome to diagnostic mode
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
Router(config-tmap)# exit
Router(config)# transport type console 0 input consolehandler
Related Commands
|
|
|
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
transport-map type console |
Creates and names a transport map for the console port and enters transport map configuration mode. |
transport type persistent
To enable an already configured persistent Telnet, SSH, or web user interface transport map, use the transport type persistent command in global configuration mode. To disable a previously enabled persistent Telnet, SSH, or web user interface transport map, use the no form of this command.
transport type persistent [ ssh | telnet | webui ] input transport-map-name
no transport type persistent [ ssh | telnet | webui ] input
Syntax Description
ssh |
Specifies a persistent SSH transport map. |
telnet |
Specifies a persistent Telnet transport map. |
webui |
Specifies a persistent web user interface transport map. |
input |
Specifies that the transport map settings are only applied to traffic entering the interface.
Transport maps for persistent SSH or persistent Telnet handling are only applied in the input direction. |
transport-map-name |
Specifies the name of the transport map to attach to the interface. |
Command Default
No transport maps are configured or applied to interfaces by default.
Command Modes
Global configuration (config)
Command History
|
|
|
Cisco IOS XE Release 2.1 |
This command was introduced on the Cisco ASR 1000 Series Routers. |
Usage Guidelines
A transport map is not actively managing incoming Telnet, SSH, or web user interface traffic until it is enabled. This command enables the transport map.
Transport maps for persistent SSH, Telnet, or the web user interface are created using the transport-map type persistent command. The transport-map-name in the transport-map type persistent command and this command must match in order to properly apply the transport map to the interface.
For a persistent Telnet or SSH transport map to be active, the transport interface transport map configuration command must define the interface for the transport map, and this command must be entered to enable the transport map. The transport interface step is not part of the process for persistent web user interface transport maps.
This command is currently only available for Cisco ASR 1000 Series Routers, and transport maps can be applied only to the Management Ethernet interface (interface gigabitethernet 0) on Cisco ASR 1000 Series Routers.
Examples
In the following example, a transport map that will make all Telnet connections wait for the IOS process to become active before connecting to the router, while also allowing the user to interrupt the process and enter diagnostic mode, is configured and applied to the Management Ethernet interface (interface gigabitethernet 0).
A diagnostic and a wait banner are also configured.
The transport map is then applied to the interface when the transport type persistent telnet input command is entered to enable persistent Telnet.
Router(config)# transport-map type persistent telnet telnethandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent telnet input telnethandler
In the following example, a transport map is configured that applies the following settings to any users attempting to access the Management Ethernet port via SSH:
- Users using SSH wait for the IOS process to become active, but enter diagnostic mode if the attempt to access IOS is interrupted.
- The RSA keypair name is “sshkeys.”
- The connection allows one authentication retry.
- The banner “--Welcome to Diagnostic Mode--” appears if diagnostic mode is entered as a result of SSH handling through this transport map.
- The banner “--Waiting for IOS Process--” appears if the connection is waiting for the IOS process to become active.
The transport map is then applied to the interface when the transport type persistent ssh input command is entered to enable persistent SSH.
Router(config)# transport-map type persistent ssh sshhandler
Router(config-tmap)# connection wait allow interruptable
Router(config-tmap)# rsa keypair-name sshkeys
Router(config-tmap)# authentication-retries 1
Router(config-tmap)# banner diagnostic X
Enter TEXT message. End with the character 'X'.
--Welcome to Diagnostic Mode--
X
Router(config-tmap)# banner wait X
Enter TEXT message. End with the character 'X'.
--Waiting for IOS Process--
Router(config-tmap)# time-out 30
Router(config-tmap)# transport interface gigabitethernet 0
Router(config-tmap)# exit
Router(config)# transport type persistent ssh input sshhandler
In the following example, this command is used to enable a persistent web user interface transport map using the default HTTP port:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip http server
Router(config)# transport-map type persistent webui http-webui
Router(config-tmap)# server
Router(config-tmap)# exit
Router(config)# transport type persistent webui input http-webui
*Apr 22 02:43:55.798: %UICFGEXP-6-SERVER_NOTIFIED_START: R0/0: psd: Server wui has been notified to start
Related Commands
|
|
|
authentication-retries |
Specifies the number of SSH authentication retries before dropping the connection when a persistent SSH transport map is applied to the receiving interface. |
banner (transport map) |
Creates a banner message that will be seen by users entering diagnostic mode or waiting for the IOS process as a result of the transport map configuration. |
connection wait |
Specifies how an incoming connection will be handled. |
rsa keypair-name |
Names the RSA keypair to be used for persistent SSH connections. |
secure-server |
Enables the secure HTTP (HTTPS) server for a persistent web user interface transport map. |
server (transport map) |
Enables the HTTP server for a persistent web user interface transport map. |
show platform software configuration access policy |
Displays the access policy and banner settings for console, Telnet, and SSH connections. |
time-out |
Specifies the SSH timeout interval in seconds. |
transport interface |
Applies the transport map settings to the interface. |
transport-map type persistent |
Creates and names a persistent transport map and enters transport map configuration mode. |
ttycap
To define characteristics of a terminal emulation file, use the ttycap command in global configuration mode. To delete any named ttycap entry from the configuration file, the no form of this command.
ttycap ttycap-name termcap-entry
no ttycap ttycap-name
Syntax Description
ttycap-name |
Name of a file. It can be up to 32 characters long and must be unique. |
termcap-entry |
Commands that define the ttycap. Consists of two parts. (See the “Usage Guidelines” section for details.) |
Defaults
VT100 terminal emulation
Command Modes
Global configuration
Command History
|
|
|
10.3 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use the show ttycap EXEC command to test for the availability of a ttycap.
Note Do not type a ttycap entry filename “default” or the Cisco IOS software will adopt the newly defined entry as the default.
The termcap-entry argument consists of two parts: a name portion and a capabilities portion.
The name portion is a series of names that can be used to refer to a specific terminal type. Generally, these names should represent commonly recognized terminal names (such as VT100 and VT200). Multiple names can be used. Each name is separated by a vertical bar symbol (|). The series is terminated by a colon symbol (:).
The following example illustrates a name specification for a VT100 termcap:
d0|vt100|vt100-am|vt100am|dec vt100:
The capabilities portion of the termcap entry consists of a sequence of termcap capabilities. These capabilities can include Boolean flags, string sequences, or numeric sequences. Each individual capability is terminated using a colon symbol (:). A Boolean flag can be set to true by including the two-character capability name in the termcap entry. The absence of any supported flag results in the flag being set to false.
The following is an example of a backspace Boolean flag:
A string sequence is a two-character capability name followed by an equal sign (=) and the character sequence.
The following example illustrates the capability for homing the cursor:
The sequence \E represents the ESC character.
Control characters can be represented in string sequences by entering a two-character sequence starting with a caret symbol (^), followed by the character to be used as a control character.
The following example illustrates the definition of a control character.
In this example, the backspace is entered into the termcap entry as the string sequence as the characters “^h.”
A numeric sequence is a two-character capability name followed by a number symbol (#) and the number.
The following example represents the number of columns on a screen.
Use the backslash symbol ( \) to extend the definition to multiple lines. The end of the ttycap termcap entry is specified by a colon terminating a line followed by an end-of-line character and no backslash.
For the definitions of supported Boolean-flag ttycap capabilities, see Table 60 . For the definitions of supported string-sequence ttycap capabilities, see Table 61 . For the definitions of supported number-sequence ttycap capabilities, see Table 62 . For the definitions of supported color-sequence ttycap capabilities, see Table 63 .
Table 60 Definitions of ttycap Capabilities: Boolean Flags
|
|
|
am |
Automatic margin |
bs |
Terminal can backspace with bs |
ms |
Safe to move in standout modes |
nc |
No currently working carriage return |
xn |
NEWLINE ignored after 80 columns (Concept) |
xs |
Standout not erased by overwriting (Hewlett-Packard) |
Table 61 Definitions of ttycap Capabilities: String Sequences
|
|
|
AL |
Add line below with cursor sequence |
bc |
Backspace if not ^h |
bt |
Backtab sequence |
ce |
Clear to end of line |
cl |
Clear screen, cursor to upper left |
cm |
Move cursor to row number and column number |
cr |
Carriage return sequence |
cs |
Change scrolling region |
DL |
Delete the line the cursor is on |
ei |
End insert mode |
ho |
Home, move cursor to upper left |
ic |
Character insert |
im |
Begin insert mode |
is |
Initialization string (typically tab stop initialization) |
ll |
Move cursor to lower left corner |
md |
Turn on bold (extra bright) character attribute |
me |
Turn off all character attributes |
nd |
Nondestructive space |
nl |
Newline sequence |
pc |
Pad character if not NULL |
rc |
Restore cursor position |
rs |
Resets terminal to known starting state |
sc |
Save cursor position |
se |
End standout mode (highlight) |
so |
Start standout mode (highlight) |
ta |
Tab |
te |
End programs that use cursor motion |
ti |
Initialization for programs that use cursor motion |
uc |
Underline character at cursor |
ue |
End underline mode |
up |
Move cursor up |
us |
Begin underline mode |
vb |
Visual bell |
vs |
Visual cursor |
ve |
Normal cursor |
Table 62 Definitions of ttycap Capabilities: Number Sequences
|
|
|
li |
Lines on the screen |
co |
Columns on the screen |
sg |
Standout glitch, number of spaces printed when entering or leaving standout display mode |
ug |
Underline glitch, number of spaces printed when entering or leaving underline mode |
Table 63 Definitions of ttycap Capabilities: Color Sequences
|
|
|
x0 |
Black |
x1 |
Blue |
x2 |
Red or orange |
x3 |
Pink or purple |
x4 |
Green, which is the default color |
x5 |
Turquoise |
x6 |
Yellow |
x7 |
Gray or white |
The ttycap database uses these color sequences to translate IBM directives into screen drawing commands. These color sequences control only foreground terminal colors. They do not control background color, which is configured to black by default.
Examples
The following is an example of a ttycap file. Refer to the “Configuring Dial-In Terminal Services” chapter in the Cisco IOS Terminal Services Configuration Guide and the tn3270.examples file in the Cisco ftp@cisco.com directory for more examples.
d0|vt100|vt100-am|vt100am|dec vt100:do=^J:co#80:li#24:\
cl=50^[[;H^[[2J:bs:am:cm=5^[[%i%d;%dH:nd=2^[[C:up=2^[[A:\
ce=3^[[K:so=2^[[7m:se=2^[[m:us=2^[[4m:ue=2^[[m:md=2^[[1m:\
me=2^[[m:ho=^[[H:xn:sc=^[7:rc=^[8:cs=^[[%i%d;%dr:
Related Commands
|
|
|
keymap-type |
Specifies the keyboard map for a terminal connected to the line. |
terminal-type |
Specifies the type of terminal connected to a line. |
txspeed
To set the terminal transmit speed (how fast the terminal sends information to the modem), use the txspeed command in line configuration mode. To return to the default setting, use the no form of this command.
txspeed bps
no txspeed
Syntax Description
bps |
Baud rate, in bits per second (bps). The default value is 9600 bps. |
Command Modes
Line configuration
Command History
|
|
|
10.0 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Set the speed to match the baud rate of whatever device you have connected to the port. Some baud rates available on devices connected to the port might not be supported on the router. The Cisco IOS software will indicate if the speed you select is not supported.
Note If the line was previously configured for automatic baud rate detection (autobaud), disable autobaud by entering the no autobaud command before entering the txspeed command to fix the speed of the port.
Examples
The following example sets the transmit speed for line 5 to 2400 bps:
Related Commands
|
|
|
rotary-group |
Sets the terminal receive speed (how fast the terminal receives information from the modem). |
source template |
Sets the flow control start character. |
terminal txspeed |
Sets the terminal transmit speed (how fast the terminal can send information) on the current line and session. |
where
To list the open sessions, use the where command in EXEC mode.
where
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
|
|
|
10.0 |
This command was introduced in a release prior to Cisco IOS Release 10.0. |
12.2(33)SRA |
This command was integrated into Cisco IOS Release 12.2(33)SRA. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
The where command displays all open sessions associated with the current terminal line.
The break (Ctrl-Shift-6, x), where, and resume commands are available with all supported connection protocols.
Examples
The following is sample output from the where command:
Conn Host Address Byte Idle Conn Name
1 MATHOM 192.31.7.21 0 0 MATHOM
* 2 CHAFF 131.108.12.19 0 0 CHAFF
The asterisk (*) indicates the current terminal session.
Table 64 describes the fields shown in the display.
Table 64 where Field Descriptions
|
|
|
Conn |
Name or address of the remote host to which the connection is made. |
Host |
Remote host to which the router is connected through a Telnet session. |
Address |
IP address of the remote host. |
Byte |
Number of unread bytes for the user to see on the connection. |
Idle |
Interval (in minutes) since data was last sent on the line. |
Conn Name |
Assigned name of the connection. |
Related Commands
|
|
|
show line |
Displays information about all lines on the system or the specified line. |
show sessions |
Displays information about open LAT, Telnet, or rlogin connections. |
x25 pvc translate ruleset
To configure the permanent virtual circuits (PVCs) that are valid for protocol translation ruleset handling, use the x25 pvc translate ruleset command in interface configuration mode. To remove or change the configuration, use the no form of this command.
x25 pvc number translate ruleset [ name | x121-address | packetsize in-size out-size | windowsize in-size out-size ]
no x25 pvc number translate ruleset [ name | x121-address | packetsize in-size out-size | windowsize in-size out-size ]
Syntax Description
number |
PVC number to reserve for protocol translation ruleset handling. |
name |
(Optional) Ruleset name specified by the translate ruleset command that governs the PVC. |
x121-address |
(Optional) Destination host address. |
packetsize in-size out-size |
(Optional) Specifies the input packet size ( in-size) and output packet size ( out-size) for the PVC. Valid packet size values are: 16, 32, 64, 128, 256, 512, 1024, 2048, and 4096. |
windowsize in-size out-size |
(Optional) Specifies the packet count for input windows ( in-size) and output windows ( out-size) for the outgoing translation. Values of the in-size and out-size arguments range from 1 to 127 and must not be greater than the value set for the x25 modulo command. Note You must specify the same value for the in-size and out-size arguments. |
Defaults
No default behavior or values
Command Modes
Interface configuration
Command History
|
|
|
12.3(8)T |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
If the optional name or X.121 address is given, PVC usage is restricted to the translation ruleset of that name.
Examples
The following example shows how to reserve a PVC for protocol translation ruleset handling, and select the outbound X.25 serial interface and PVC number based on the IP port number:
x25 pvc 4 translate ruleset port_to_pvc
translate use telnet 10.10.1.6
translate ruleset port_to_pvc from telnet to pad
match dest-addr ^10.10.1.6$ dest-port ^[12]00[0-7][1-3]$
substitute telnet dest-port ^..0([0-7]) into pad interface serial 0/\1
substitute telnet dest-port ^....(.) into pad pvc \1
test telnet dest-port ^.0... set pad profile TEMS
test telnet dest-port ^.1... set pad profile SQAS
test telnet dest-port ^.2... set pad profile NMA
substitute telnet dest-port (.)$ into pad dest-addr 876543\1
x.29 profile TEMS 2:0 3:128 4:0
x.29 profile SQAS 2:0 3:128 4:0
x.29 profile NMA 2:0 3:128 4:0
Related Commands
|
|
|
description (ruleset) |
Adds a description about a translation ruleset. |
match (ruleset) |
Identifies a connection for processing by the translation ruleset. |
options (ruleset) |
Specifies protocol translation options in a translation ruleset. |
set (ruleset) |
Unconditionally sets one or more connection parameters to a fixed value for a translation ruleset. |
show translate ruleset |
Displays a summary of a specific or of all configured translation rulesets, behavioral parameters, and usage statistic. |
skip (ruleset) |
Identifies a connection for omission by the translation ruleset. |
substitute (ruleset) |
Matches an available protocol and substitutes another in a translation ruleset. |
test (ruleset) |
Tests parameter values in a translation ruleset using regular expressions. |
test translate |
Displays a trace of protocol translation behavior for a connection attempt. |
translate ruleset |
Defines a unique name for a translation ruleset, specifies translated protocols, and enters translate ruleset configuration mode. |
x25 subaddress
To append either a physical port number or a value specified for a line as a subaddress to the X.121 calling address, use the x25 subaddress command in line configuration mode. To disable subaddressing, use the no form of this command.
x25 subaddress { line | number } [ no-zero-pad ]
no x25 subaddress { line | number }
Syntax Description
line |
Physical port number for the indicated line to be appended to the X.121 address as the subaddress. |
number |
Numeric variable assigned to a specific line. |
no-zero-pad |
(Optional) Specifies that a leading zero should not be appended to subaddresses with a value of nine or lower (0–9). |
Defaults
No default behavior or values
Command Modes
Line configuration
Command History
|
|
|
11.2 F |
This command was introduced. |
12.3(2)T |
The no-zero-pad keyword was added. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
Use the x25 subaddress line command to create a unique X.121 calling address by adding either a physical port number or a numeric value for a line as a subaddress to the X.121 calling address.
Use the no-zero-pad option to eliminate the inclusion of a leading zero for subaddresses with a value of nine or lower (0–9).
Examples
The following example shows how to configure subaddressing on virtual terminal lines 10 through 20 by appending the line number as a subaddress to the X.121 calling address:
The following example shows how to configure subaddressing on the first five tty lines by appending the value 09 as a subaddress to the X.121 calling address of an X.28 connection originating on these lines:
The following example configures a subaddress of 6 for a set of vty lines, and specifies that a leading zero should not be appended to the subaddress value:
x25 subaddress 6 no-zero-pad
Related Commands
|
|
|
line |
Identifies a specific line for configuration and starts the line configuration command collection mode. |
x28
To enter X.28 mode and access an X.25 network or set X.3 packet assembler/disassembler (PAD) parameters, use the x28 command in EXEC mode. To exit X.28 mode, use the no form of this command.
x28 [ escape character-string ] [ noescape ] [ nuicud ] [ profile file-name ] [ reverse ] [ verbose ]
no x28 [ escape character-string ] [ noescape ] [ nuicud ] [ profile file-name ] [ reverse ] [ verbose ]
Syntax Description
escape character-string |
(Optional) Specifies a character string to use to exit X.28 mode and return to EXEC mode. The character string can be any string of alphanumeric characters. The Ctrl key can be used in conjunction with the character string. |
noescape |
(Optional) Specifies that no escape character string is defined (user cannot return to EXEC mode). On the console line, the noescape option is ignored, and the default escape sequence is used ( exit command). |
nuicud |
(Optional) Specifies the network user identification (NUI) data to not be placed in the NUI facility of the call request. Instead the data is placed in the Call User Data (CUD) area of the call request packet. |
profile file-name |
(Optional) Specifies using a user-configured profile of X.3 parameters. A profile is created with the x29 profile EXEC command. |
reverse |
(Optional) Specifies reverse charges for outgoing calls made from the local router to the destination device. |
verbose |
(Optional) Displays optional service signals such as the called DTE address, facility block, and CUD. |
Defaults
Disabled. X.28 mode uses standard X.28 command syntax.
Command Modes
EXEC
Command History
|
|
|
11.2 F |
This command was introduced. |
Usage Guidelines
If both the escape and noescape options are not set, the default escape sequence is used ( exit command).
X.28 mode is identified with an asterisk (*) router prompt. After you enter this mode, the standard X.28 user interface (with the exception of the escape sequence) is available. From this interface, you can configure a PAD device using X.3 parameters, or you can access an X.25 network.
In X.28 mode, you can set PAD command signals using standard or extended command syntax. For example, you can enter the clr command or clear command to clear a virtual call. A command specified with standard command syntax is merely an abbreviated version of the extended syntax version.
Table 65 lists the commands available in both standard and extended command syntax.
Table 65 Available PAD Command Signals
|
|
|
|
break |
|
Simulate an asynchronous break. |
call |
|
Place a virtual call to a remote device. |
clr |
clear |
Clear a virtual call. |
command-signal |
|
Specifies a call request without using a standard X.28 command, which is entered with the following syntax: facilities - x121-address D call-user-data. |
help |
|
Display help information. (See Table 67 .) |
iclr |
iclear |
Request the remote device to clear the call. |
int |
interrupt |
Send an Interrupt Packet. |
par?
par |
parameter
read |
Display the current values of local parameters. (See Table 66 .) |
prof |
profile file-name |
Load a standard or a named profile. |
reset |
|
Reset the call. |
rpar? |
rread |
Display the current values of remote parameters. |
rset? |
rsetread |
Set and then read the values of remote parameters. |
set |
|
Change the values of local parameters. (See Table 66 .) |
set? |
setread |
Change and then read the values of parameters. |
stat |
status |
Request the status of a connection. |
selection pad |
|
Set up a virtual call. |
Table 66 lists the different types of parameters you can set using the set parameter-number : new-value PAD command signal from X.28 mode. Refer to the “X.3 PAD Parameters” appendix in the Cisco IOS Terminal Services Configuration Guide for more complete information about these parameters. See Table 34 in this publication for a list of ASCII characters.
Table 66 Supported X.3 PAD Parameters
|
|
|
ITU-T X.3 and Cisco Values
|
1 |
PAD recall using a character |
Minimum value: 0; maximum value: 126; X.28 PAD user emulation mode default: 1. Note Not supported by PAD EXEC user interface. |
2 |
Echo |
Minimum value: 0; maximum value: 1; PAD EXEC mode and X.28 PAD user emulation mode default: 1. |
3 |
Selection of data forwarding character |
Minimum value: 0; maximum value: 255; PAD EXEC mode default: 2 (CR); X.28 PAD user emulation mode default: 126 (~). |
4 |
Selection of idle timer delay |
Minimum value: 0; maximum value: 255; PAD EXEC mode default: 1; X.28 PAD user emulation mode default: 0. |
5 |
Ancillary device control |
Minimum value: 0; maximum value: 2; PAD EXEC mode default: 0; X.28 PAD user emulation mode default: 1. |
6 |
Control of PAD service signals |
Minimum value: 0; maximum value: 255; PAD EXEC mode default: 0; X.28 PAD user emulation mode default: 2. Note Not supported by PAD EXEC user interface. |
7 |
Action upon receipt of a BREAK signal |
Minimum value: 0; maximum value: 31; PAD EXEC mode default: 4; X.28 PAD user emulation mode default: 2. |
8 |
Discard output |
Minimum value: 0; maximum value: 1; PAD EXEC mode and X.28 PAD user emulation mode default: 0. |
9 |
Padding after Return |
Minimum value: 0; maximum value: 255; PAD EXEC mode and X.28 PAD user emulation mode default: 0. |
10 |
Line folding |
Not supported. |
11 |
DTE speed (binary speed of start-stop mode DTE) |
Minimum value: 0; maximum value: 18; PAD EXEC mode and X.28 PAD user emulation mode default: 14. |
12 |
Flow control of the PAD by the start-stop DTE |
Minimum value: 0; maximum value: 1; PAD EXEC mode default: 0; X.28 PAD user emulation mode default: 1. |
13 |
Line feed insertion (after a Return) |
Minimum value: 0; maximum value: 7; PAD EXEC mode and X.28 PAD user emulation mode default: 0. |
14 |
Line feed padding |
Minimum value: 0; maximum value: 255; PAD EXEC mode and X.28 PAD user emulation mode default: 0. |
15 |
Editing |
Minimum value: 0; maximum value: 1; PAD EXEC mode and X.28 PAD user emulation mode default: 0. |
16 |
Character delete |
Minimum value: 0; maximum value: 127; PAD EXEC mode and X.28 PAD user emulation mode default: 127 (DEL). |
17 |
Line delete |
Minimum value: 0; maximum value: 127; PAD EXEC mode default: 21 (NAK or Ctrl-U); X.28 PAD user emulation mode default: 24 (CAN or Ctrl-X). |
18 |
Line display |
Minimum value: 0; maximum value: 127; PAD EXEC mode and X.28 PAD user emulation mode default: 18 (DC2 or Ctrl-R). |
19 |
Editing PAD service signals |
Minimum value: 0; maximum value: 126; PAD EXEC mode default: 0; X.28 PAD user emulation mode default: 2. Note Not supported by PAD EXEC user interface. |
20 |
Echo mask |
Minimum value: 0; maximum value: 255; PAD EXEC mode and X.28 PAD user emulation mode default: 0. Note Not supported by PAD EXEC user interface. |
21 |
Parity treatment |
Minimum value: 0; maximum value: 4; PAD EXEC mode and X.28 PAD user emulation mode default: 0. Note For additional values that can be selected for parameter 21, including parity treatment to conform to the French Transpac public switched data network and its technical specification and utilization of networks standards (STUR), see Appendix A, “X.3 PAD Parameters,” in the Cisco IOS Terminal Services Configuration Guide. |
Note Abbreviated X.121 addresses are not supported. Such addresses start with a period, are alphanumeric, and are mapped to a full X.121 address by the PAD.
Table 67 lists the options for the X.28 help command.
Table 67 X.28 help Options
|
|
|
help |
Describes the help PAD command. |
help command |
Displays the list of available PAD command signals. |
help parameter |
Displays the list of available X.3 PAD parameters. |
help parameter number |
Displays the specified X.3 PAD parameter and its current value. |
help list |
Lists the available help subjects. |
help profiles |
Lists available profiles. |
help profile name |
Displays the specified parameter name and current value. |
help any-PAD-command |
Describes the specified PAD command signal. |
You can issue call requests from X.28 mode without using standard X.28 commands by using the following command syntax:
facilities - x121-address D call-user-data
where:
| facilities |
Applies X.25 facilities to the outgoing call. The hyphen is mandatory. |
| x121-address |
Specifies the address of the remote X.25 device. |
| D |
Facility request code that specifies CUD for the outgoing call. |
| call-user-data |
Specifies the data that accompanies the call request packet sent to the remote X.25 device. |
The following rules apply to all call requests parsed in X.28 mode:
- When an X.121 address specified using standard command syntax is followed by an optional CUD field, the call is placed to the X.121 address.
- When standard command syntax is used, one or more facility request codes can be entered, followed by the code value. Additional facility request codes and values also can be entered. Separate each entry with a comma, followed by a dash. An X.121 address and optional CUD can follow this entry.
- If an X.28 command is not entered, a call request is assumed.
- Ensure that the call request begins with a facility code letter, and that it contains a hyphen (-) followed by a string of digits (the X.121 address). The call request can be terminated by an asterisk (*), a “P,” or a “D,” followed by some data.
- When using extended command syntax is used, the call command uses the facility codes and X.121 address as its operand.
- If facility codes are entered without an X.121 address, remember the codes for the next call. When a call is completed, forget the facility codes until they are once again set.
Table 68 shows examples of parsed call requests.
Table 68 Example X.28 Call Requests
|
|
|
123456789 |
Calls this X.121 address. |
123456789*userdata |
Calls this X.121 address, with specified data. |
123456789Puserdata |
Calls this X.121 address, with specified data. |
123456789Duserdata |
Calls this X.121 address, with specified data. |
Nabcd-123456789 |
Calls this X.121 address, with NUI set to abcd. |
Nabcd,R-123456789 |
Calls 123456789 with NUI of abcd, and with reverse charging. |
Examples
The following example uses the ? command to display the optional X.28 keywords:
debug Turn on Debug Messages for X28 Mode
escape Set the string to escape from X28 PAD mode
noescape Never exit x28 mode (use with caution)
nuicud All calls with NUI, are normal charge with the NUI placed in Call
profile Use a defined X.3 Profile
reverse All calls default to reverse charge
verbose Turn on Verbose Messages for X28 Mode
After you are in X.28 mode, use the call PAD signal command to place a virtual call:
The following example enters X.28 mode with the x28 EXEC command and configures a PAD with the set X.3 parameter command. The set command sets the idle time delay to 40 seconds.
x28 no-outgoing
To configure X.28 user emulation mode to prevent a network element from dialing out, use the x28 no-outgoing command in user EXEC, privileged EXEC, or line configuration mode. To disable the X.28 user emulation mode that is configured to prevent a network element from dialing out, use the no form of this command.
x28 no-outgoing
no x28 no-outgoing
Syntax Description
This command has no arguments or keywords.
Command Default
Network elements can dial out.
Command Modes
User EXEC
Privileged EXEC
Line configuration
Command History
|
|
|
12.3(11)YN |
This command was introduced. |
12.4(4)T |
This command was integrated into Cisco IOS Release 12.4(4)T. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
To configure X.28 user emulation mode on all lines connected to the router, use the x28 no-outgoing command in the user EXEC mode or the privileged EXEC mode.
The x28 no-outgoing command is used with the autocommand command in line configuration mode to configure the x28 user emulation mode on a per-line basis. See the "Examples" section.
Use of the x28 no-outgoing command on the console will lock the console. Unlock the console by logging in from a different tty or vty. If no line is available, reload the router.
Examples
The following example configures X.28 user emulation mode on all the lines connected to the router to prevent network elements from dialing out:
The following example configures X.28 user emulation mode only on line 33, when used with the autocommand command, to prevent network elements from dialing out through that line:
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config-line)# autocommand x28 no-outgoing
Router(config-line)# exit
Related Commands
|
|
|
autocommand |
Executes a command automatically when a user connects to a particular line. |
pad |
Logs in to a PAD. |
x3
To set X.3 packet assembler/disassembler (PAD) parameters, use the x3 command in EXEC mode.
x3 parameter : value
Syntax Description
parameter : value |
Sets the PAD parameters. (See Table 66 in the x28 command description.) |
Defaults
For outgoing connections, the X.3 parameters default to the following:
2:1, 3:2, 4:1, 7:4, 16:127, 17:21, 18:19
All other parameters default to zero, but can be changed using the /set switch keyword with either the resume command or the x3 command.
For incoming PAD connections, the software sends an X.29 SET PARAMETER packet to set only the following parameters:
For a complete description of the X.3 PAD parameters, see the appendix titled “X.3 PAD Parameters” in the Cisco IOS Terminal Services Configuration Guide.
Command Modes
EXEC
Command History
|
|
|
11.2 |
This command was introduced. |
12.2SX |
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware. |
Usage Guidelines
You can have several PAD connections open at the same time and switch between them. You can also exit a connection and return to the user EXEC prompt at any point.
To open a new connection, first suspend the current connection by pressing the escape sequence (Ctrl-Shift-6 then x [ Ctrl^x ] by default) to return to the system command prompt, then open the new connection with the pad command.
You can have several concurrent sessions open and switch between them. The number of PAD sessions that can be open is defined by the session-limit command.
To switch between sessions you must escape one session and resume a previously opened session. Use the Ctrl^x sequence to escape out of a connection, use the where EXEC command to check the connection number, and then use the resume command with the connection number to resume the suspended connection. These commands are available with all supported connection protocols.
You can issue any of the following commands to terminate a terminal session:
To display information about packet transmission and X.3 PAD parameter settings, use the show x25 pad command.
Examples
The following example shows how to change a local X.3 PAD parameter from a remote X.25 host using X.29 messages, which is a secure way to enable a remote host to gain control of local PAD. The local device is named Router-A. The remote host is named Router-B. The parameters listed in the ParamsIn field are incoming parameters, which are sent by the remote PAD. The parameters listed in the ParamsOut field are parameters sent by the local PAD.
tty0, connection 1 to host 123456
Total input: 12, control 3, bytes 35. Queued: 0 of 7 (0 bytes).
Total output: 10, control 3, bytes 64.
Flags: 1, State: 3, Last error: 1
ParamsIn: 1:0, 2:0, 3:0, 4:0, 5:0, 6:0, 7:0,
8:0, 9:0, 10:0, 11:0, 12:0, 13:0, 14:0, 15:0,
16:0, 17:0, 18:0, 19:0, 20:0, 21:0, 22:0,
ParamsOut: 1:1, 2:0, 3:2, 4:1, 5:1, 6:0, 7:21,
8:0, 9:1, 10:0, 11:14, 12:1, 13:0, 14:0, 15:0,
16:127, 17:21, 18:18, 19:0, 20:0, 21:0, 22:0,
Related Commands
|
|
|
resume (X.3 PAD) |
Sets X.3 parameters for PAD connections. |
Feedback