Useful First Generation NetVanta 2000 Series CLI Commands

The CLI (Command Line Interface) on the first generation NetVanta 2000 Series is built on Unix technology, so if you are familiar with Unix commands, you should be able to browse through the menus very easily. If not, a simple command list is displayed below to navigate through the unit.

• help – displays a list of available commands and directories in the current directory
• ls – works pretty much the same as help, it is a Unix command for displaying current content.
• list – It displays current settings on unit. It only works on certain directories, such as config/ip to display Ethernet Configuration and status.
• cd – changes directory. If going back one directory, type cd .. (if you type in the directory name, it also takes you into that directory)
• You can also go to multiple subdirectories by typing a forward slash (/) in between directory names. (i.e NetVanta:/> config/ip/)
• If you don’t know what a specific command does, simply type in the command and the NetVanta should tell you the required format as well as the information needed to make the command work. Messages in brackets < >. (i.e.  address <ifname> static -ip <ipaddr>/<mask|bits>> means: type address, enter the interface name, type static –ip, enter the IP address, type /, enter the subnet mask.

Obviously, the easiest way to set the unit up is via the Web Interface. If you run into a situation where there is not a way you can configure the unit via the web interface, then you can use the following commands to set the unit up for HTTP access and admin login, so that you can set it up from your PC over the Internet.

Setting up a static WAN IP address and Subnet Mask.

Note: WAN interface is represented by Interface ETH1. LAN interface is represented by Interface ETH0.  You should already have access on the LAN interface to do this.

1.      Type the following command:  config/ip and press Enter.

2.      You should now be at the NetVanta:/> config/ip/ prompt.

3.      Type the following command: list

4.      This command should give you information about your Network Interface such as WAN and LAN IP addresses, along with MAC addresses and other information about the interfaces.

5.      The unit requires the following format:

address <ifname> static -ip <ipaddr>/<mask|bits>>  [-rip <enable/disable>]

address <ifname> dynamic [-rip <enable/disable>] [-treatstatic]

address <ifname> pppoe -user <username> -password <password> [-service <servicen

ame>] [-acname <acname>] [-rip <enable/disable>] [-treatstatic]

1.   Type in the following command to set a Static IP address on the WAN interface (eth1):  address eth1 static –ip 10.100.12.103/255.255.255.0
2.    If the command is not accepted, the unit returns the format required for the command to work.
3.   Go back to the NetVanta:/> prompt by typing the following command twice: cd ..

Setting up the Default Gateway (Static Route) and enabling HTTP access and Admin Login.

After you have setup the WAN ip address, you will need to setup the DGW to be able to access the Internet and be able to allow Admin login to access the unit remotely.

1.      At the NetVanta:/> prompt, type in the following command: config/firewall and press Enter.

2.      We want to Enable HTTP access and Admin Login. The Unit requires the following format:

enable <logint/pingint/logext/httpext/pingext/telnetext/logdmz/pingdmz>

1.       Type in the following command to enable HTTP access: enable httpext and press Enter.
2.       Type in the following command to enable Admin Login: enable logext and press Enter.
3.       Return one directory by typing: cd ..
4.       Go into the Route directory by typing: route
5.       You know should be in the NetVanta:/config/ip/route directory
6.       The unit requires the following format:

add  <ipaddr|default> gw <ipaddr> mask <ipaddr> iface <name> metric <value>

1.       To add a Default Route with a Destination of 0.0.0.0, Netmask of 0.0.0.0 and Gateway of 10.100.12.1 on the WAN Interface, type the following command:

add 0.0.0.0|default gw 10.100.12.1 mask 0.0.0.0 iface eth1 metric 1

1.   Go back to the NetVanta:/> prompt by typing the following command twice: cd ..
2.   To logout, type the following command: logout

Troubleshooting commands

By enabling IKE tracing, you can see the status of Main or Aggressive mode and Quick Mode being completed. If you don’t see Main or Aggressive mode complete, then there may be a problem with the IKE setup. If Main or Aggressive mode completes, but Quick Mode does not, then there may be a problem with the IPSec, Inbound or Outbound Policies.

Enabling Trace for IKE

1.      At the NetVanta:/> prompt, type in the following command: traceenable IKE and press Enter.

2.      At the NetVanta:/> prompt, type in the following command: tracestart and press Enter.

Disabling Trace for IKE

1.     At the NetVanta:/> prompt, type in the following command: tracestop and press Enter.

At the NetVanta:/> prompt, type in the following command: tracedisable IKE and press Enter.

Netstat

netstat is a useful tool for checking your network configuration and activity. It displays the total number of associations or sessions on the unit. The unit has a maximum of 650 outbound simultaneous sessions.