Siemens SCALANCE S615 Instruction sheet
SCALANCE S615
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
SIMATIC NET
Industrial Ethernet Security
SCALANCE S615
Command Line Interface
Configuration Manual
06/2015
C79000
-G8976-C406-02
Preface
Description
1
Configuration
2
Functions specific to
SCALANCE
3
System time
4
Network structures
5
Network protocols
6
Load control
7
Layer 3 functions
8
Security and authentication
9
Diagnostics
10
Siemens AG
Division Process Industries and Drives
Postfach 48 48
90026 NÜRNBERG
GERMANY
Order number: C79000-G8976-C406
Ⓟ
07/2015 Subject to change
Copyright © Siemens AG 2015.
All rights reserved
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will
be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to
property damage.
Qualified Personnel
The product/system described in this documentation may be operated only by
personnel qualified
for the specific
task in accordance with the relevant documentation, in particular its warning notices and safety instructions.
Qualified personnel are those who, based on their training and experience, are capable of identifying risks and
avoiding potential hazards when working with these products/systems.
Proper use of Siemens products
Note the following:
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
documentation. If products and components from other manufacturers are used, these must be recommended
or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software
described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the
information in this publication is reviewed regularly and any necessary corrections are included in subsequent
editions.
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 3
Preface
Validity of the configuration manual
This Configuration Manual covers the following product:
●SCALANCE S615
This Configuration Manual applies to the following software version:
●SCALANCE S-615 firmware as of version V04.00
Purpose of the Configuration Manual
This Configuration Manual contains the CLI commands that are supported by the
SCALANCE S615. You will find the document on the supplied data medium.
Orientation in the documentation
Apart from the Configuration Manual you are currently reading, the following documentation
is also available on the topic of Remote Network:
●Configuration manual SCALANCE S615 Web Based Management
This document is intended to provide you with the information you require to commission
and configure SCALANCE S615 devices using the Web Based Management.
●Getting Started SCALANCE S615
Based on examples, this document explains the configuration of the SCALANCE S 615
device.
●Operating Instructions SINEMA RC Server
You will find this document on the Internet pages of Siemens Industry Online Support. It
contains information on the installation, configuration and operation of the application
SINEMA Remote Connect Server.
Preface
SCALANCE S615 Command Line Interface
4Configuration Manual, 06/2015, C79000-G8976-C406-02
SIMATIC NET manuals
You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online
Support:
●Using the search function:
Link to Siemens Industry Online Support
(http://support.automation.siemens.com/WW/view/en)
Enter the entry ID of the relevant manual as the search item.
●In the navigation panel on the left-hand side in the area "Industrial Communication":
Link to the area "Industrial Communication"
(http://support.automation.siemens.com/WW/view/en/10805878/130000)
Go to the required product group and make the following settings:
tab "Entry list", Entry type "Manuals"
You will find the documentation for the SIMATIC NET products relevant here on the data
storage medium that ships with some products:
●Product CD / product DVD
●SIMATIC NET Manual Collection
SIMATIC NET glossary
Explanations of many of the specialist terms used in this documentation can be found in the
SIMATIC NET glossary.
You will find the SIMATIC NET glossary here:
●SIMATIC NET Manual Collection or product DVD
The DVD ships with certain SIMATIC NET products.
●On the Internet under the following entry ID:
50305045 (http://support.automation.siemens.com/WW/view/en/50305045)
Security information
Siemens provides products and solutions with industrial security functions that support the
secure operation of plants, solutions, machines, equipment and/or networks. They are
important components in a holistic industrial security concept. With this in mind, Siemens’
products and solutions undergo continuous development. Siemens recommends strongly
that you regularly check for product updates.
For the secure operation of Siemens products and solutions, it is necessary to take suitable
preventive action (e.g. cell protection concept) and integrate each component into a holistic,
state-of-the-art industrial security concept. Third-party products that may be in use should
also be considered. For more information about industrial security, visit
http://www.siemens.com/industrialsecurity.
To stay informed about product updates as they occur, sign up for a product-specific
newsletter. For more information, visit http://support.automation.siemens.com.
Preface
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 5
Firmware
The firmware is signed and encrypted. This ensures that only firmware created by Siemens
can be downloaded to the device.
License conditions
Note
Open source software
Read the license conditions for open source software carefully before using the product.
You will find license conditions in the following documents on the supplied data medium:
●DOC_OSS-SCALANCE-S_74.pdf
●DC_LicenseSummaryScalanceS615_76.htm
Trademarks
The following and possibly other names not identified by the registered trademark sign ®are
registered trademarks of Siemens AG:
SCALANCE, SINEMA, C-PLUG, KEY-PLUG
Preface
SCALANCE S615 Command Line Interface
6Configuration Manual, 06/2015, C79000-G8976-C406-02
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 7
Table of contents
Preface ................................................................................................................................................... 3
1 Description............................................................................................................................................ 19
1.1 CLI modes...............................................................................................................................19
1.2 Working with the Command Line Interface (CLI)....................................................................22
1.3 The CLI command prompt ......................................................................................................23
1.4 Symbols of the CLI commands...............................................................................................24
1.5 Interface identifiers and addresses.........................................................................................25
1.5.1 Naming interfaces ...................................................................................................................25
1.5.2 Address types, address ranges and address masks..............................................................26
1.5.3 IPv4 address ...........................................................................................................................27
1.6 General CLI commands..........................................................................................................29
1.6.1 clear screen ............................................................................................................................29
1.6.2 do ............................................................................................................................................29
1.6.3 end ..........................................................................................................................................30
1.6.4 exit...........................................................................................................................................30
1.6.5 Help functions and supported input ........................................................................................31
1.6.5.1 help .........................................................................................................................................31
1.6.5.2 The command "?" ...................................................................................................................32
1.6.5.3 Completion of command entries .............................................................................................33
1.6.5.4 Abbreviated notation of commands ........................................................................................34
1.6.5.5 Reusing the last used commands...........................................................................................34
1.6.5.6 Working through a command sequence .................................................................................35
1.6.5.7 clear history.............................................................................................................................35
1.6.5.8 show history ............................................................................................................................36
2 Configuration ........................................................................................................................................ 37
2.1 System ....................................................................................................................................37
2.1.1 show commands .....................................................................................................................37
2.1.1.1 show cli-console-timeout.........................................................................................................37
2.1.1.2 show coordinates ....................................................................................................................38
2.1.1.3 show device information .........................................................................................................38
2.1.1.4 show interfaces .......................................................................................................................39
2.1.1.5 show im...................................................................................................................................40
2.1.1.6 show interface mtu..................................................................................................................41
2.1.1.7 show interfaces ... counters ....................................................................................................42
2.1.1.8 show lldp neighbors ................................................................................................................42
2.1.1.9 show lldp status ......................................................................................................................43
2.1.1.10 show ip interface .....................................................................................................................44
2.1.1.11 show versions .........................................................................................................................44
2.1.2 clear counters .........................................................................................................................45
2.1.3 configure terminal ...................................................................................................................46
2.1.4 clear line vty ............................................................................................................................47
2.1.5 disable.....................................................................................................................................48
Table of contents
SCALANCE S615 Command Line Interface
8Configuration Manual, 06/2015, C79000-G8976-C406-02
2.1.6 enable .................................................................................................................................... 48
2.1.7 logout ..................................................................................................................................... 49
2.1.8 ping ........................................................................................................................................ 49
2.1.9 Commands in the global configuration mode ........................................................................ 51
2.1.9.1 coordinates height.................................................................................................................. 51
2.1.9.2 coordinates latitude................................................................................................................ 52
2.1.9.3 coordinates longitude............................................................................................................. 52
2.1.9.4 interface ................................................................................................................................. 53
2.1.9.5 no interface ............................................................................................................................ 54
2.1.9.6 cli-console-timeout ................................................................................................................. 55
2.1.9.7 no cli-console-timeout ............................................................................................................ 56
2.1.9.8 system contact ....................................................................................................................... 56
2.1.9.9 system location ...................................................................................................................... 57
2.1.9.10 system name.......................................................................................................................... 58
2.1.10 Commands in the Interface configuration mode .................................................................... 58
2.1.10.1 alias........................................................................................................................................ 59
2.1.10.2 no alias................................................................................................................................... 59
2.1.10.3 duplex..................................................................................................................................... 60
2.1.10.4 no duplex................................................................................................................................ 61
2.1.10.5 lldp.......................................................................................................................................... 62
2.1.10.6 no lldp..................................................................................................................................... 63
2.1.10.7 negotiation.............................................................................................................................. 64
2.1.10.8 no negotiation......................................................................................................................... 64
2.1.10.9 mtu ......................................................................................................................................... 65
2.1.10.10 shutdown complete ................................................................................................................ 66
2.1.10.11 no shutdown........................................................................................................................... 67
2.1.10.12 speed ..................................................................................................................................... 68
2.2 Load and Save....................................................................................................................... 69
2.2.1 show commands .................................................................................................................... 69
2.2.1.1 show loadsave files................................................................................................................ 69
2.2.1.2 show loadsave tftp ................................................................................................................. 70
2.2.2 load tftp .................................................................................................................................. 70
2.2.3 save filetype ........................................................................................................................... 71
2.2.4 Commands in the global configuration mode ........................................................................ 72
2.2.4.1 loadsave................................................................................................................................. 72
2.2.5 Commands in the LOADSAVE configuration mode............................................................... 73
2.2.5.1 delete ..................................................................................................................................... 73
2.2.5.2 tftp filename............................................................................................................................ 74
2.2.5.3 tftp load .................................................................................................................................. 75
2.2.5.4 tftp save.................................................................................................................................. 76
2.2.5.5 tftp server ............................................................................................................................... 77
2.2.5.6 password................................................................................................................................ 78
2.2.5.7 no password........................................................................................................................... 79
2.3 Reset and Defaults ................................................................................................................ 80
2.3.1 restart ..................................................................................................................................... 80
2.4 Configuration Save & Restore ............................................................................................... 82
2.4.1 show running-config............................................................................................................... 82
2.4.2 write startup-config................................................................................................................. 84
2.4.3 Commands in the global configuration mode ........................................................................ 84
2.4.3.1 auto-save ............................................................................................................................... 85
2.4.3.2 no auto-save .......................................................................................................................... 86
Table of contents
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 9
3 Functions specific to SCALANCE.......................................................................................................... 87
3.1 PLUG ......................................................................................................................................87
3.1.1 show plug................................................................................................................................87
3.1.2 Commands in the global configuration mode .........................................................................88
3.1.2.1 plug .........................................................................................................................................88
3.1.3 Commands in the Plug Configuration mode ...........................................................................89
3.1.3.1 factoryclean.............................................................................................................................89
3.1.3.2 write.........................................................................................................................................90
3.2 WBM .......................................................................................................................................91
3.2.1 show web-session-timeout .....................................................................................................91
3.2.2 Commands in the global configuration mode .........................................................................91
3.2.2.1 web-session-timeout...............................................................................................................92
3.2.2.2 no web-session-timeout..........................................................................................................93
3.3 Digital input/output ..................................................................................................................94
3.3.1 show digital input ....................................................................................................................94
3.3.2 show digital output ..................................................................................................................95
3.3.3 Commands in the global configuration mode .........................................................................95
3.3.3.1 digital output close ..................................................................................................................95
3.3.3.2 digital output open...................................................................................................................96
3.4 SRS.........................................................................................................................................97
3.4.1 show srs overview...................................................................................................................97
3.4.2 Commands in the global configuration mode .........................................................................98
3.4.2.1 srs ...........................................................................................................................................98
3.4.3 Commands in the SRS configuration mode............................................................................99
3.4.3.1 interval ....................................................................................................................................99
3.4.3.2 logon .....................................................................................................................................100
3.4.3.3 logon addr .............................................................................................................................101
3.4.3.4 no logon ................................................................................................................................102
3.4.3.5 logon idx addr .......................................................................................................................103
3.4.3.6 logon idx group .....................................................................................................................104
3.4.3.7 logon idx name......................................................................................................................105
3.4.3.8 logon idx pw ..........................................................................................................................106
3.4.3.9 logon show-idx ......................................................................................................................107
3.4.3.10 shutdown...............................................................................................................................107
3.4.3.11 no shutdown..........................................................................................................................108
3.5 SINEMA RC ..........................................................................................................................109
3.5.1 Introduction to the SRC section ............................................................................................109
3.5.2 show sinemarc ......................................................................................................................109
3.5.3 Commands in the global configuration mode .......................................................................109
3.5.3.1 sinemarc ...............................................................................................................................110
3.5.4 Commands in the SINEMARC configuration mode..............................................................110
3.5.4.1 addr.......................................................................................................................................111
3.5.4.2 autofwnat ..............................................................................................................................112
3.5.4.3 no autofwnat .........................................................................................................................113
3.5.4.4 device id................................................................................................................................114
3.5.4.5 device pw ..............................................................................................................................115
3.5.4.6 port ........................................................................................................................................116
3.5.4.7 proxy .....................................................................................................................................117
3.5.4.8 no proxy ................................................................................................................................118
3.5.4.9 shutdown...............................................................................................................................119
Table of contents
SCALANCE S615 Command Line Interface
10 Configuration Manual, 06/2015, C79000-G8976-C406-02
3.5.4.10 no shutdown......................................................................................................................... 120
3.5.4.11 verification cacert ................................................................................................................. 121
3.5.4.12 verification fingerprint........................................................................................................... 122
4 System time.........................................................................................................................................123
4.1 System time setting.............................................................................................................. 123
4.1.1 show time ............................................................................................................................. 123
4.1.2 Commands in the global configuration mode ...................................................................... 123
4.1.2.1 time ...................................................................................................................................... 124
4.1.2.2 time set................................................................................................................................. 125
4.2 NTP client............................................................................................................................. 126
4.2.1 show ntp info ........................................................................................................................ 126
4.2.2 Commands in the global configuration mode ...................................................................... 126
4.2.2.1 ntp ........................................................................................................................................ 127
4.2.3 Commands in the NTP configuration mode......................................................................... 127
4.2.3.1 ntp server ............................................................................................................................. 127
4.2.3.2 no ntp server ........................................................................................................................ 128
4.2.3.3 ntp time diff........................................................................................................................... 129
4.3 SNTP client .......................................................................................................................... 131
4.3.1 show commands .................................................................................................................. 131
4.3.2 show sntp broadcast-mode status ....................................................................................... 131
4.3.3 show sntp status .................................................................................................................. 132
4.3.4 show sntp unicast-mode status............................................................................................ 132
4.3.5 Commands in the global configuration mode ...................................................................... 133
4.3.5.1 sntp ...................................................................................................................................... 133
4.3.6 Commands in the SNTP configuration mode ...................................................................... 134
4.3.6.1 sntp time diff......................................................................................................................... 134
4.3.6.2 sntp unicast-server ipv4 ....................................................................................................... 135
4.3.6.3 no sntp unicast-server ipv4 .................................................................................................. 136
4.3.6.4 sntp client addressing-mode................................................................................................ 137
5 Network structures ...............................................................................................................................139
5.1 VLAN.................................................................................................................................... 139
5.1.1 The "show" commands ........................................................................................................ 139
5.1.1.1 show subnet-vlan mapping .................................................................................................. 139
5.1.1.2 show vlan ............................................................................................................................. 140
5.1.1.3 show vlan device info........................................................................................................... 141
5.1.1.4 show vlan learning params .................................................................................................. 142
5.1.1.5 show vlan port config ........................................................................................................... 143
5.1.1.6 show vlan protocols-group ................................................................................................... 144
5.1.2 Commands in the global configuration mode ...................................................................... 144
5.1.2.1 base bridge-mode ................................................................................................................ 145
5.1.2.2 interface range ..................................................................................................................... 146
5.1.2.3 no interface range ................................................................................................................ 147
5.1.2.4 map protocol ........................................................................................................................ 148
5.1.2.5 no map protocol ................................................................................................................... 149
5.1.2.6 no protocol-vlan.................................................................................................................... 150
5.1.2.7 protocol-vlan......................................................................................................................... 151
5.1.2.8 subnet-vlan........................................................................................................................... 151
5.1.2.9 no subnet-vlan...................................................................................................................... 152
5.1.2.10 vlan....................................................................................................................................... 153
Table of contents
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 11
5.1.2.11 no vlan ..................................................................................................................................154
5.1.3 Commands in the interface configuration mode ...................................................................154
5.1.3.1 map subnet ...........................................................................................................................155
5.1.3.2 no map subnet ......................................................................................................................156
5.1.3.3 shutdown complete ...............................................................................................................157
5.1.3.4 no shutdown..........................................................................................................................158
5.1.3.5 switchport..............................................................................................................................159
5.1.3.6 no switchport.........................................................................................................................160
5.1.3.7 switchport pvid ......................................................................................................................161
5.1.3.8 no switchport pvid .................................................................................................................162
5.1.4 Commands in the VLAN configuration mode .......................................................................162
5.1.4.1 ip address .............................................................................................................................163
5.1.4.2 no ip address ........................................................................................................................164
5.1.4.3 name .....................................................................................................................................165
5.1.4.4 no name ................................................................................................................................166
5.1.4.5 ports ......................................................................................................................................166
5.1.4.6 no ports .................................................................................................................................168
5.1.4.7 tia interface ...........................................................................................................................169
6 Network protocols ............................................................................................................................... 171
6.1 IPv4 protocol .........................................................................................................................171
6.1.1 The "show" commands .........................................................................................................171
6.1.1.1 show ip dns ...........................................................................................................................171
6.1.1.2 show dcp forwarding .............................................................................................................172
6.1.1.3 show dcp server....................................................................................................................172
6.1.1.4 show ip route.........................................................................................................................173
6.1.1.5 show ip routing......................................................................................................................174
6.1.1.6 show ip static route ...............................................................................................................174
6.1.1.7 show ip telnet ........................................................................................................................175
6.1.2 Commands in the global configuration mode .......................................................................175
6.1.2.1 dcp server .............................................................................................................................176
6.1.2.2 no dcp server ........................................................................................................................176
6.1.2.3 ip echo-reply .........................................................................................................................177
6.1.2.4 no ip echo-reply ....................................................................................................................178
6.1.2.5 ip route ..................................................................................................................................178
6.1.2.6 no ip route .............................................................................................................................179
6.1.2.7 ip routing ...............................................................................................................................180
6.1.2.8 no ip routing ..........................................................................................................................181
6.1.2.9 telnet-server ..........................................................................................................................182
6.1.2.10 no telnet-server .....................................................................................................................182
6.1.3 Commands in the Interface configuration mode...................................................................183
6.1.3.1 ip address .............................................................................................................................183
6.1.3.2 ip address dhcp.....................................................................................................................184
6.1.3.3 no ip address ........................................................................................................................185
6.2 ARP.......................................................................................................................................186
6.2.1 show ip arp............................................................................................................................186
6.3 DHCP client ..........................................................................................................................187
6.3.1 show ip dhcp client................................................................................................................187
6.3.2 renew dhcp ...........................................................................................................................187
6.3.3 Commands in the global configuration mode .......................................................................188
6.3.3.1 ip dhcp config-file-request.....................................................................................................189
Table of contents
SCALANCE S615 Command Line Interface
12 Configuration Manual, 06/2015, C79000-G8976-C406-02
6.3.3.2 no ip dhcp config-file-request............................................................................................... 189
6.3.3.3 ip dhcp client mode .............................................................................................................. 190
6.4 DHCP server ........................................................................................................................ 191
6.4.1 show commands .................................................................................................................. 191
6.4.1.1 show ip dhcp-server bindings .............................................................................................. 191
6.4.1.2 show ip dhcp-server pools ................................................................................................... 192
6.4.2 Commands in the global configuration mode ...................................................................... 192
6.4.2.1 ip dhcp-server ...................................................................................................................... 193
6.4.2.2 no ip dhcp-server ................................................................................................................. 193
6.4.2.3 no ip dhcp-server icmp-probe .............................................................................................. 194
6.4.2.4 ip dhcp-server icmp-probe ................................................................................................... 195
6.4.2.5 ip dhcp-server pool .............................................................................................................. 195
6.4.2.6 no ip dhcp-server pool ......................................................................................................... 196
6.4.3 Commands in the DHCPPOOL configuration mode............................................................ 197
6.4.3.1 lease-time............................................................................................................................. 197
6.4.3.2 network................................................................................................................................. 198
6.4.3.3 option (IP address)............................................................................................................... 199
6.4.3.4 no option .............................................................................................................................. 200
6.4.3.5 option value-hex................................................................................................................... 201
6.4.3.6 pool-enable .......................................................................................................................... 202
6.4.3.7 no pool-enable ..................................................................................................................... 203
6.4.3.8 set-interface ......................................................................................................................... 204
6.4.3.9 static-lease mac ................................................................................................................... 205
6.4.3.10 no static-lease ...................................................................................................................... 206
6.5 DNS...................................................................................................................................... 207
6.5.1 The "show" commands ........................................................................................................ 207
6.5.1.1 show dnsclient information................................................................................................... 207
6.5.1.2 show ddnsclient information................................................................................................. 208
6.5.2 Commands in the global configuration mode ...................................................................... 208
6.5.2.1 Introductory sentence for the global configuration mode..................................................... 208
6.5.2.2 dnsclient ............................................................................................................................... 208
6.5.2.3 dnsproxy............................................................................................................................... 209
6.5.2.4 ddnsclient ............................................................................................................................. 210
6.5.3 Commands in the DNS CLIENT configuration mode........................................................... 210
6.5.3.1 manual srv............................................................................................................................ 211
6.5.3.2 no manual srv....................................................................................................................... 211
6.5.3.3 server type ........................................................................................................................... 212
6.5.3.4 shutdown.............................................................................................................................. 213
6.5.3.5 no shutdown......................................................................................................................... 214
6.5.4 Commands in the DNS PROXY configuration mode........................................................... 214
6.5.4.1 cachenxdomain .................................................................................................................... 215
6.5.4.2 no cachenxdomain............................................................................................................... 215
6.5.4.3 shutdown.............................................................................................................................. 216
6.5.4.4 no shutdown......................................................................................................................... 216
6.5.5 Commands in the DDNS Client configuration mode............................................................ 217
6.5.5.1 service.................................................................................................................................. 217
6.5.5.2 no service............................................................................................................................. 218
6.5.5.3 userhost ............................................................................................................................... 219
6.5.5.4 username ............................................................................................................................. 220
6.5.5.5 password.............................................................................................................................. 220
6.6 SNMP................................................................................................................................... 222
Table of contents
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 13
6.6.1 The "show" commands .........................................................................................................222
6.6.1.1 show snmp............................................................................................................................222
6.6.1.2 show snmp community .........................................................................................................223
6.6.1.3 show snmp engineID ............................................................................................................223
6.6.1.4 show snmp filter ....................................................................................................................224
6.6.1.5 show snmp group..................................................................................................................224
6.6.1.6 show snmp group access .....................................................................................................225
6.6.1.7 show snmp inform statistics..................................................................................................225
6.6.1.8 show snmp notif ....................................................................................................................226
6.6.1.9 show snmp targetaddr ..........................................................................................................226
6.6.1.10 show snmp targetparam .......................................................................................................227
6.6.1.11 show snmp tcp ......................................................................................................................227
6.6.1.12 show snmp user....................................................................................................................228
6.6.1.13 show snmp viewtree .............................................................................................................228
6.6.2 Commands in the global configuration mode .......................................................................229
6.6.2.1 snmpagent ............................................................................................................................229
6.6.2.2 no snmpagent .......................................................................................................................230
6.6.2.3 snmp agent version...............................................................................................................230
6.6.2.4 snmp access .........................................................................................................................231
6.6.2.5 no snmp access ....................................................................................................................232
6.6.2.6 snmp community index .........................................................................................................233
6.6.2.7 no snmp community index ....................................................................................................234
6.6.2.8 snmp filterprofile....................................................................................................................235
6.6.2.9 no snmp filterprofile...............................................................................................................236
6.6.2.10 snmp group ...........................................................................................................................237
6.6.2.11 no snmp group ......................................................................................................................238
6.6.2.12 snmp notify............................................................................................................................239
6.6.2.13 no snmp notify.......................................................................................................................240
6.6.2.14 snmp targetaddr....................................................................................................................241
6.6.2.15 no snmp targetaddr...............................................................................................................243
6.6.2.16 snmp targetparams ...............................................................................................................243
6.6.2.17 no snmp targetparams ..........................................................................................................245
6.6.2.18 snmp v1-v2 readonly.............................................................................................................246
6.6.2.19 no snmp v1-v2 readonly........................................................................................................246
6.6.2.20 snmp user .............................................................................................................................247
6.6.2.21 no snmp user ........................................................................................................................248
6.6.2.22 snmp view .............................................................................................................................249
6.6.2.23 no snmp view ........................................................................................................................250
6.7 HTTP server..........................................................................................................................251
6.7.1 show ip http server status .....................................................................................................251
6.7.2 Commands in the Global Configuration mode......................................................................251
6.7.2.1 ip http ....................................................................................................................................252
6.7.2.2 no ip http ...............................................................................................................................252
6.8 HTTPS server .......................................................................................................................254
6.8.1 show ip http secure server status .........................................................................................254
6.8.2 show ssl server-cert..............................................................................................................254
6.9 Proxy server..........................................................................................................................256
6.9.1 show proxyserver table.........................................................................................................256
6.9.2 Commands in the global configuration mode .......................................................................256
6.9.2.1 proxyserver ...........................................................................................................................256
6.9.3 Commands in the PROXYSERVER configuration mode .....................................................257
Table of contents
SCALANCE S615 Command Line Interface
14 Configuration Manual, 06/2015, C79000-G8976-C406-02
6.9.3.1 srv name .............................................................................................................................. 257
6.9.3.2 no srv ................................................................................................................................... 259
6.9.3.3 srv name addr ...................................................................................................................... 260
6.9.3.4 srv name auth ...................................................................................................................... 261
6.9.3.5 srv name port ....................................................................................................................... 261
6.9.3.6 srv name pw......................................................................................................................... 262
6.9.3.7 srv name type....................................................................................................................... 263
6.9.3.8 srv name user ...................................................................................................................... 264
6.9.3.9 srv show-names................................................................................................................... 265
6.10 SMTP client.......................................................................................................................... 266
6.10.1 show commands .................................................................................................................. 266
6.10.1.1 show events smtp-server ..................................................................................................... 266
6.10.1.2 show events sender email ................................................................................................... 266
6.10.1.3 show events smtp-port......................................................................................................... 267
6.10.2 Commands in the Events configuration mode ..................................................................... 267
6.10.2.1 sender mail-address ............................................................................................................ 268
6.10.2.2 no sender mail-address ....................................................................................................... 268
6.10.2.3 smtp-server .......................................................................................................................... 269
6.10.2.4 no smtp-server ..................................................................................................................... 270
6.10.2.5 smtp-port .............................................................................................................................. 271
6.10.2.6 no smtp-port......................................................................................................................... 272
6.10.2.7 send test mail....................................................................................................................... 273
6.11 SSH server........................................................................................................................... 274
6.11.1 show ip ssh .......................................................................................................................... 274
6.11.2 Commands in the Global Configuration mode..................................................................... 274
6.11.2.1 ssh-server ............................................................................................................................ 275
6.11.2.2 no ssh-server ....................................................................................................................... 276
7 Load control.........................................................................................................................................277
7.1 Flow control.......................................................................................................................... 277
7.1.1 show flow-control ................................................................................................................. 277
7.1.2 Commands in the interface configuration mode .................................................................. 278
7.1.2.1 flowcontrol ............................................................................................................................ 278
7.2 Dynamic MAC aging ............................................................................................................ 280
7.2.1 show commands .................................................................................................................. 280
7.2.1.1 show mac-address-table aging-time .................................................................................... 280
7.2.1.2 show mac-address-table aging-status ................................................................................. 281
7.2.2 Commands in the global configuration mode ...................................................................... 281
7.2.2.1 mac-address-table aging ..................................................................................................... 281
7.2.2.2 no mac-address-table aging ................................................................................................ 282
7.2.2.3 mac-address-table aging-time ............................................................................................. 283
8 Layer 3 functions .................................................................................................................................285
8.1 NAT ...................................................................................................................................... 285
8.1.1 The "show" commands ........................................................................................................ 285
8.1.1.1 show firewallnat masquerading............................................................................................ 285
8.1.1.2 show firewallnat napt ........................................................................................................... 286
8.1.1.3 show firewallnat netmap-map .............................................................................................. 286
8.1.1.4 show firewallnat src-nat ....................................................................................................... 287
8.1.2 Commands in the global configuration mode ...................................................................... 287
8.1.2.1 firewallnat ............................................................................................................................. 287
Table of contents
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 15
8.1.3 Commands in the FIREWALL NAT configuration mode.......................................................288
8.1.3.1 masquerading .......................................................................................................................289
8.1.3.2 no masquerading ..................................................................................................................289
8.1.3.3 napt type ipv4........................................................................................................................290
8.1.3.4 no napt ..................................................................................................................................292
8.1.3.5 no napt all .............................................................................................................................293
8.1.3.6 napt show-idx........................................................................................................................294
8.1.3.7 netmap destination type ipv4 ................................................................................................294
8.1.3.8 no netmap .............................................................................................................................295
8.1.3.9 no netmap all ........................................................................................................................297
8.1.3.10 netmap show-idx...................................................................................................................297
8.1.3.11 src-nat type ipv4....................................................................................................................298
8.1.3.12 no src-nat ..............................................................................................................................299
8.1.3.13 no src-nat all .........................................................................................................................300
8.1.3.14 src-nat show-idx....................................................................................................................301
9 Security and authentication ................................................................................................................. 303
9.1 User rights management ......................................................................................................303
9.1.1 show users............................................................................................................................303
9.1.2 show user-accounts ..............................................................................................................304
9.1.3 whoami..................................................................................................................................304
9.1.4 Commands in the global configuration mode .......................................................................305
9.1.4.1 user-account .........................................................................................................................305
9.1.4.2 no user-account ....................................................................................................................307
9.1.4.3 username ..............................................................................................................................307
9.2 Firewall..................................................................................................................................309
9.2.1 Introduction to the Firewall section .......................................................................................309
9.2.2 The "show" commands .........................................................................................................309
9.2.2.1 show firewall icmp-services ipv4...........................................................................................309
9.2.2.2 show firewall information.......................................................................................................310
9.2.2.3 show firewall ip-protocols......................................................................................................310
9.2.2.4 show firewall ip-rules ipv4.....................................................................................................311
9.2.2.5 show firewall pre-rules ipv4 ..................................................................................................311
9.2.2.6 show firewall ip-services .......................................................................................................312
9.2.3 Commands in the global configuration mode .......................................................................313
9.2.3.1 firewall...................................................................................................................................313
9.2.4 Commands in the FIREWALL configuration mode...............................................................313
9.2.4.1 icmp name ............................................................................................................................314
9.2.4.2 no icmp .................................................................................................................................315
9.2.4.3 icmp name set.......................................................................................................................316
9.2.4.4 icmp show-names .................................................................................................................317
9.2.4.5 icmp show-types-codes ........................................................................................................318
9.2.4.6 idle timeout icmp ...................................................................................................................318
9.2.4.7 idle timeout udp.....................................................................................................................319
9.2.4.8 idle timeout tcp......................................................................................................................320
9.2.4.9 ipv4rule .................................................................................................................................320
9.2.4.10 no ipv4 rule ...........................................................................................................................323
9.2.4.11 ipv4rule set action.................................................................................................................324
9.2.4.12 ipv4rule set dstip ...................................................................................................................325
9.2.4.13 ipv4rule set from ...................................................................................................................326
9.2.4.14 ipv4rule set log......................................................................................................................327
9.2.4.15 ipv4rule set prior ...................................................................................................................328
Table of contents
SCALANCE S615 Command Line Interface
16 Configuration Manual, 06/2015, C79000-G8976-C406-02
9.2.4.16 ipv4rule set service .............................................................................................................. 328
9.2.4.17 ipv4rule set srcip .................................................................................................................. 329
9.2.4.18 ipv4rule set to....................................................................................................................... 330
9.2.4.19 ipv4rule ipsec connection..................................................................................................... 331
9.2.4.20 ipv4rule show-rules .............................................................................................................. 332
9.2.4.21 prerule ipv4 show-int............................................................................................................ 332
9.2.4.22 prerule all ipv4...................................................................................................................... 333
9.2.4.23 prerule dhcp ipv4.................................................................................................................. 334
9.2.4.24 prerule dns ipv4.................................................................................................................... 335
9.2.4.25 prerule http ipv4 ................................................................................................................... 336
9.2.4.26 prerule https ipv4.................................................................................................................. 337
9.2.4.27 prerule ip ipv4....................................................................................................................... 338
9.2.4.28 prerule ipsec ipv4................................................................................................................. 339
9.2.4.29 prerule snmp ipv4................................................................................................................. 340
9.2.4.30 prerule ssh ipv4.................................................................................................................... 341
9.2.4.31 prerule telnet ipv4................................................................................................................. 342
9.2.4.32 prerule tftp ipv4 .................................................................................................................... 343
9.2.4.33 prerule ping ipv4................................................................................................................... 344
9.2.4.34 proto name ........................................................................................................................... 345
9.2.4.35 no proto ................................................................................................................................ 346
9.2.4.36 proto show-names ............................................................................................................... 347
9.2.4.37 service name........................................................................................................................ 348
9.2.4.38 no service............................................................................................................................. 349
9.2.4.39 service name set prot........................................................................................................... 350
9.2.4.40 service name set dst ............................................................................................................ 351
9.2.4.41 service name set src ............................................................................................................ 352
9.2.4.42 service show-names ............................................................................................................ 353
9.2.4.43 shutdown.............................................................................................................................. 353
9.2.4.44 no shutdown......................................................................................................................... 354
9.3 IPsec VPN............................................................................................................................ 355
9.3.1 The "show" commands ........................................................................................................ 355
9.3.1.1 show ipsec conn-authentication........................................................................................... 355
9.3.1.2 show ipsecvpn connections ................................................................................................. 355
9.3.1.3 show ipsec conn-phase1 ..................................................................................................... 356
9.3.1.4 show ipsec conn-phase2 ..................................................................................................... 356
9.3.1.5 show ipsecvpn information................................................................................................... 357
9.3.1.6 show ipsec remoteend ......................................................................................................... 357
9.3.2 Commands in the global configuration mode ...................................................................... 358
9.3.2.1 ipsec..................................................................................................................................... 358
9.3.3 Commands in the IPSEC configuration mode ..................................................................... 359
9.3.3.1 connection name.................................................................................................................. 359
9.3.3.2 no connection name............................................................................................................. 360
9.3.3.3 no connection all .................................................................................................................. 361
9.3.3.4 crl-policy ............................................................................................................................... 361
9.3.3.5 nat-keep-alive....................................................................................................................... 362
9.3.3.6 remote-end name................................................................................................................. 363
9.3.3.7 no remote-end name............................................................................................................ 364
9.3.3.8 no remote-end all ................................................................................................................. 364
9.3.3.9 no shutdown......................................................................................................................... 365
9.3.3.10 shutdown.............................................................................................................................. 366
9.3.4 Commands in the IPSEC REMOTE END configuration mode ............................................ 366
9.3.4.1 addr ...................................................................................................................................... 367
Table of contents
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 17
9.3.4.2 addr-mode.............................................................................................................................368
9.3.4.3 conn-mode ............................................................................................................................369
9.3.4.4 subnet ...................................................................................................................................369
9.3.4.5 vir-ip ......................................................................................................................................370
9.3.4.6 no vir-ip .................................................................................................................................371
9.3.5 Commands in the IPSEC CONNECTION configuration mode.............................................372
9.3.5.1 authentication........................................................................................................................372
9.3.5.2 k-proto...................................................................................................................................372
9.3.5.3 loc-subnet .............................................................................................................................373
9.3.5.4 rmend name..........................................................................................................................374
9.3.5.5 operation ...............................................................................................................................375
9.3.5.6 phase ....................................................................................................................................376
9.3.5.7 timeout ..................................................................................................................................376
9.3.5.8 vir-ip ......................................................................................................................................377
9.3.5.9 no vir-ip .................................................................................................................................378
9.3.6 Commands in the IPSEC AUTHENTICATION configuration mode .....................................379
9.3.6.1 auth cacert ............................................................................................................................379
9.3.6.2 auth psk ................................................................................................................................380
9.3.6.3 auth remcert..........................................................................................................................381
9.3.6.4 no auth ..................................................................................................................................381
9.3.6.5 local-id...................................................................................................................................382
9.3.6.6 no local-id..............................................................................................................................383
9.3.6.7 rem-id ....................................................................................................................................384
9.3.6.8 no rem-id...............................................................................................................................384
9.3.7 Commands in the IPSEC PHASE1 configuration mode.......................................................385
9.3.7.1 aggressive.............................................................................................................................385
9.3.7.2 no aggressive........................................................................................................................386
9.3.7.3 default-ciphers ......................................................................................................................387
9.3.7.4 no default-ciphers .................................................................................................................388
9.3.7.5 dpd ........................................................................................................................................388
9.3.7.6 no dpd ...................................................................................................................................389
9.3.7.7 dpd-period
.............................................................................................................................390
9.3.7.8 dpd-timeout ...........................................................................................................................391
9.3.7.9 ike-auth .................................................................................................................................391
9.3.7.10 ike-encryption........................................................................................................................392
9.3.7.11 ike-keyderivation ...................................................................................................................394
9.3.7.12 ike-keytries............................................................................................................................395
9.3.7.13 ike-lifetime.............................................................................................................................395
9.3.8 Commands in the IPSEC PHASE2 configuration mode.......................................................396
9.3.8.1 auto-fwrules ..........................................................................................................................396
9.3.8.2 no auto-fwrules .....................................................................................................................397
9.3.8.3 default-ciphers ......................................................................................................................398
9.3.8.4 no default-ciphers .................................................................................................................399
9.3.8.5 esp-auth ................................................................................................................................400
9.3.8.6 esp-encryption ......................................................................................................................400
9.3.8.7 esp-keyderivation..................................................................................................................402
9.3.8.8 lifetime...................................................................................................................................403
9.3.8.9 lifebyte...................................................................................................................................404
9.3.8.10 proto ......................................................................................................................................405
9.3.8.11 port........................................................................................................................................406
9.4 Certificates ............................................................................................................................407
9.4.1 Commands in the global configuration mode .......................................................................407
Table of contents
SCALANCE S615 Command Line Interface
18 Configuration Manual, 06/2015, C79000-G8976-C406-02
9.4.1.1 certificate.............................................................................................................................. 407
9.4.2 Commands in the CERT configuration mode ...................................................................... 408
9.4.2.1 show-idx ............................................................................................................................... 408
9.4.2.2 show-info.............................................................................................................................. 409
9.4.2.3 del ........................................................................................................................................ 410
10 Diagnostics ..........................................................................................................................................411
10.1 Event and fault handling ...................................................................................................... 411
10.1.1 The "show" commands ........................................................................................................ 411
10.1.1.1 show events config .............................................................................................................. 412
10.1.1.2 show events severity............................................................................................................ 412
10.1.1.3 show events faults config..................................................................................................... 413
10.1.1.4 show events faults status..................................................................................................... 414
10.1.1.5 show fault counter................................................................................................................ 414
10.1.1.6 show fwlog ........................................................................................................................... 415
10.1.1.7 show logbook ....................................................................................................................... 415
10.1.1.8 show power-line-state .......................................................................................................... 416
10.1.1.9 show seclog ......................................................................................................................... 417
10.1.2 clear fault counter................................................................................................................. 418
10.1.3 clear fwlog ............................................................................................................................ 419
10.1.4 clear logbook........................................................................................................................ 419
10.1.5 clear seclog .......................................................................................................................... 420
10.1.6 fault report ack ..................................................................................................................... 420
10.1.7 no logging console ............................................................................................................... 421
10.1.8 logging console .................................................................................................................... 422
10.1.9 Commands in the global configuration mode ...................................................................... 422
10.1.9.1 events................................................................................................................................... 423
10.1.10 Commands in the Events configuration mode ..................................................................... 423
10.1.10.1 add log ................................................................................................................................. 424
10.1.10.2 client config .......................................................................................................................... 424
10.1.10.3 no client config ..................................................................................................................... 425
10.1.10.4 event config.......................................................................................................................... 426
10.1.10.5 no event config..................................................................................................................... 428
10.1.10.6 link........................................................................................................................................ 429
10.1.10.7 no link................................................................................................................................... 430
10.1.10.8 severity................................................................................................................................. 431
10.1.10.9 no severity............................................................................................................................ 432
10.2 Syslog client ......................................................................................................................... 433
10.2.1 show events syslogserver.................................................................................................... 433
10.2.2 Commands in the Events configuration mode ..................................................................... 433
10.2.2.1 syslogserver......................................................................................................................... 434
10.2.2.2 no syslogserver.................................................................................................................... 435
Index ...................................................................................................................................................437
SCALANCE S615 Command Line Interface
Configuration Manual, 06/2015, C79000-G8976-C406-02 19
Description
1
1.1
CLI modes
Grouping of the commands in the various modes
The commands of the Command Line Interface are grouped according to various modes.
Apart from a few exceptions (help, exit), commands can only be called up in the mode to
which they are assigned. This grouping allows different levels of access rights for each
individual group of commands. The following graphic is an overview of the available modes.
Description
1.1 CLI modes
SCALANCE S615 Command Line Interface
20 Configuration Manual, 06/2015, C79000-G8976-C406-02
Privileged EXEC mode
In this mode, you can you display the configuration data and change it.
If you log with the "admin" user, you change directly to the Privileged EXEC mode.
To change from the User EXEC Mode to the Privileged EXEC mode, enter the enable
command. When the command executes, you will be prompted to enter the password for the
"admin" user. You are logged out with the exit command.
Other manuals for SCALANCE S615
3
Table of contents
Other Siemens Network Router manuals
Siemens
Siemens N 146 Service manual
Siemens
Siemens RUGGEDCOM M2100F User manual
Siemens
Siemens RUGGEDCOM RX1100 User manual
Siemens
Siemens SpeedStream 2105 User manual
Siemens
Siemens gigaset se 105 User manual
Siemens
Siemens SIMOTICS CONNECT 400 User manual
Siemens
Siemens RUGGEDCOM RX1500 User manual
Siemens
Siemens RUGGEDCOM RSL910 User manual
Siemens
Siemens SpeedStream 6515 User guide
Siemens
Siemens se5880 User manual
Siemens
Siemens SLI-5310 User manual
Siemens
Siemens SCALANCE XB-000 User manual
Siemens
Siemens ADSL C-110 User manual
Siemens
Siemens RUGGEDCOM M2200 User manual
Siemens
Siemens 5WG1146-1AB03 User manual
Siemens
Siemens SCALANCE M800 User manual
Siemens
Siemens SIMATIC NET RUGGEDCOM RX1400 User manual
Siemens
Siemens SCALANCE XB-200 User manual
Siemens
Siemens E-110 User manual
Siemens
Siemens PSFR-CP41 How to use
