User login level - commands available are restricted according to assigned level.
Table M.117. user-level: User login level
Value | Description |
NOBODY | Unknown or not logged in user |
GUEST | Guest user |
USER | Normal unprivileged user |
ADMIN | System administrator |
DEBUG | System debugger |
Table M.118. ppp-dump: PPP dump format
Value | Description |
default | Mixed hex/decode |
decoded | Decoded only |
decoded+raw | Decoded + raw |
raw | Raw hex |
Table M.119. autoloadtype: Type of s/w auto load
Value | Description |
false | Do no auto load |
factory | Load factory releases |
beta | Load beta test releases |
alpha | Load test releases |
Table M.120. config-access: Type of access user has to config
Value | Description |
none | No access unless explicitly listed |
view | View only access (no passwords) |
read | Read only access (with passwords) |
demo | Full view and edit access but can only test config, not save |
test | Full view and edit access but must test save config first |
full | Full view and edit access |
Log severity - different loggable events log at different levels.
Table M.123. syslog-severity: Syslog severity
Value | Description |
EMERG | System is unstable |
ALERT | Action must be taken immediately |
CRIT | Critical conditions |
ERR | Error conditions |
WARNING | Warning conditions |
NOTICE | Normal but significant events |
INFO | Informational |
DEBUG | Debug level messages |
NO-LOGGING | No logging |
Syslog facility, usually used to control which log file the syslog is written to.
Table M.124. syslog-facility: Syslog facility
Value | Description |
KERN | Kernel messages |
USER | User level messges |
Mail system | |
DAEMON | System Daemons |
AUTH | Security/auth |
SYSLOG | Internal to syslogd |
LPR | Printer |
NEWS | News |
UUCP | UUCP |
CRON | Cron deamon |
AUTHPRIV | private security/auth |
FTP | File transfer |
12 | Unused |
13 | Unused |
14 | Unused |
15 | Unused |
LOCAL0 | Local 0 |
LOCAL1 | Local 1 |
LOCAL2 | Local 2 |
LOCAL3 | Local 3 |
LOCAL4 | Local 4 |
LOCAL5 | Local 5 |
LOCAL6 | Local 6 |
LOCAL7 | Local 7 |
Table M.125. http-mode: HTTP/HTTPS security mode
Value | Description |
http-only | No HTTPS access |
http+https | Both HTTP and HTTPS access |
https-only | No HTTP access |
redirect-to-https | HTTP accesses are redirected to use HTTPS |
redirect-to-https-if-acme | HTTP accesses are redirected to use HTTPS if ACME set up for hostname |
redirect-to-https-except-trusted | HTTP accesses are redirected to use HTTPS (except trusted IPs) |
Table M.126. radiuspriority: Options for controlling platform RADIUS response priority tagging
Value | Description |
equal | All the same priority |
strict | In order specified |
random | Random order |
calling | Hashed on calling station id |
called | Hashed on called station id |
username | Hashed on full username |
user | Hashed on username before @ |
realm | Hashed on username after @ |
prefix | Hashed on username initial letters and numbers only |
Table M.127. radiustype: Type of RADIUS server
Value | Description |
authentication | Authentication server |
accounting | Accounting server |
control | Allowed to send control (CoA/DM) |
Table M.128. month: Month name (3 letter)
Value | Description |
Jan | January |
Feb | February |
Mar | March |
Apr | April |
May | May |
Jun | June |
Jul | July |
Aug | August |
Sep | September |
Oct | October |
Nov | November |
Dec | December |
Table M.129. day: Day name (3 letter)
Value | Description |
Sun | Sunday |
Mon | Monday |
Tue | Tuesday |
Wed | Wednesday |
Thu | Thursday |
Fri | Friday |
Sat | Saturday |
Table M.130. port: Physical port
Value | Description |
0 | Port 0 (not valid) (deprecated) |
1 | Port 1 |
2 | Port 2 |
3 | Port 3 |
4 | Port 4 |
5 | Port 5 |
Physical port crossover configuration.
Table M.131. Crossover: Crossover configuration
Value | Description |
auto | Crossover is determined automatically |
MDI | Force no crossover |
Table M.132. LinkSpeed: Physical port speed
Value | Description |
10M | 10Mbit/sec |
100M | 100Mbit/sec |
1G | 1Gbit/sec |
auto | Speed determined by autonegotiation |
Table M.133. LinkDuplex: Physical port duplex setting
Value | Description |
half | Half-duplex |
full | Full-duplex |
auto | Duplex determined by autonegotiation |
Table M.134. LinkFlow: Physical port flow control setting
Value | Description |
none | No flow control |
symmetric | Can support two-way flow control |
send-pauses | Can send pauses but does not support pause reception |
any | Can receive pauses and may send pauses if required |
Table M.135. LinkClock: Physical port Gigabit clock master/slave setting
Value | Description |
prefer-master | Master status negotiated; preference for master |
prefer-slave | Master status negotiated; preference for slave |
force-master | Master status forced |
force-slave | Slave status forced |
Table M.136. LinkLED: LED settings
Value | Description |
Link/Activity | Use settings from link-activity item |
Off | Permanently off |
On | Permanently on |
Flash | Flash |
Table M.137. LinkPower: PHY power saving options
Value | Description |
none | No power saving |
full | Full power saving |
Table M.138. LinkFault: Link fault type to send
Value | Description |
false | No fault |
true | Send fault |
off-line | Send offline fault (1G) |
ane | Send ANE fault (1G) |
Table M.140. LEDBlink: LED blink speed
Value | Description |
Slow | 2Hz |
Medium | 4Hz |
Fast | 8Hz |
Linkspeed | 10M=2Hz,100M=4Hz,1G=8Hz |
Table M.141. sampling-protocol: Sampling protocol
Value | Description |
sflow | Use sFlow protocol |
ipfix-psamp | Use IPFIX/PSAMP protocol |
ipfix-legacy | Use legacy (Cisco-style) IPFIX |
Table M.142. trunk-mode: Trunk port mode
Value | Description |
false | Not trunking |
random | Random trunking |
l2-hash | L2 hashed trunking |
l23-hash | L2 and L3 hashed trunking |
l3-hash | L3 hashed trunking |
IPv6 route announcement mode and level
Table M.143. ramode: IPv6 route announce level
Value | Description |
false | Do not announce |
low | Announce as low priority |
medium | Announce as medium priority |
high | Announce as high priority |
true | Announce as default (medium) priority |
Table M.144. dhcpv6control: Control for RA and DHCPv6 bits
Value | Description |
false | Don't set bit or answer on DHCPv6 |
true | Set bit but do not answer on DHCPv6 |
dhcpv6 | Set bit and do answer on DHCPv6 |
BGP mode defines the default advertisement mode for prefixes, based on well-known community tags
Table M.145. bgpmode: BGP announcement mode
Value | Description |
false | Not included in BGP at all |
no-advertise | Not included in BGP, not advertised at all |
no-export | Not normally exported from local AS/confederation |
local-as | Not exported from local AS |
no-peer | Exported with no-peer community tag |
true | Exported as normal with no special tags added |
Table M.146. mqtt-brokers: Select MQTT brokers
Value | Description |
none | No broker |
mqtt | MQTT only |
mqtts | MQTTS only |
mqtt+mqtts | MQTT and MQTTS |
external | External only |
external+mqtt | External ant MQTT |
external+mqtts | External ant MQTTS |
all | All brokers |
Table M.147. sampling-mode: Sampling mode
Value | Description |
off | Don't perform sampling |
ingress | Sample incoming traffic |
egress | Sample outgoing traffic |
both | Sample incoming and outgoing traffic |
Table M.148. sfoption: Source filter option
Value | Description |
false | No source filter checks |
blackhole | Check replies blackholed |
nowhere | Check replies valid |
self | Check replies valid and not self |
true | Check replies down same port/vlan |
Table M.149. pppoe-mode: Type of PPPoE connection
Value | Description |
client | Normal PPPoE client connects to access controller |
bras-l2tp | PPPoE server mode linked to L2TP operation |
Table M.150. pppoe-calling: Additional prefix on PPPoE calling ID
Value | Description |
none | None |
mac | MAC |
vlan | VLAN |
mac-vlan | MAC and VLAN |
Table M.151. pdp-context-type: Type of IP connection
Value | Description |
ip | IPv4 only |
ip6 | IPv6 only |
ip4ip6 | IPv4/IPv6 dual stack |
ppp | End to end PPP |
Table M.152. ipsec-type: IPsec encapsulation type
Value | Description |
AH | Authentication Header |
ESP | Encapsulating Security Payload |
Table M.153. ipsec-auth-algorithm: IPsec authentication algorithm
Value | Description |
null | No authentication |
HMAC-MD5 | HMAC-MD5-96 (RFC 2403) |
HMAC-SHA1 | HMAC-SHA1-96 (RFC 2404) |
AES-XCBC | AES-XCBC-MAC-96 (RFC 3566) |
HMAC-SHA256 | HMAC-SHA-256-128 (RFC 4868) |
Table M.154. ipsec-crypt-algorithm: IPsec encryption algorithm
Value | Description |
null | No encryption (RFC 2410) |
3DES-CBC | 3DES-CBC (RFC 2451) |
blowfish | Blowfish CBC (RFC 2451) with 16-byte key |
blowfish-192 | Blowfish CBC (RFC 2451) with 24-byte key |
blowfish-256 | Blowfish CBC (RFC 2451) with 32-byte key |
AES-CBC | AES-CBC (Rijndael) (RFC 3602) with 16-byte key |
AES-192-CBC | AES-CBC (Rijndael) (RFC 3602) with 24-byte key |
AES-256-CBC | AES-CBC (Rijndael) (RFC 3602) with 32-byte key |
Peer type controls many of the defaults for a peer setting. It allows typical settings to be defined with one attribute that reflects the type of peer.
Table M.155. peertype: BGP peer type
Value | Description |
normal | Normal BGP operation |
transit | EBGP Mark received as no-export |
peer | EBGP Mark received as no-export, only accept peer AS |
customer | EBGP Allow export as if confederate, only accept peer AS |
internal | IBGP allowing own AS |
reflector | IBGP allowing own AS and working in route reflector mode |
confederate | EBGP confederate |
ixp | Internet exchange point peer on route server, soft routes EBGP only |
Table M.157. radius-nas: NAS IP to report
Value | Description |
false | Local LNS IP (deprecated) |
lns | Local LNS IP |
both | Send NAS IP twice (LAC then LNS) |
lac | Remote LAC IP |
true | Remote LAC IP (deprecated) |
Table M.158. ike-authmethod: authentication method
Value | Description |
Secret | Shared Secret |
Certificate | X.509 certificate |
EAP | Use EAP for authentication |
Table M.159. ike-mode: connection setup mode
Value | Description |
Wait | Wait for peer to initiate the connection |
On-demand | Bring up when needed for traffic |
Immediate | Always attempt to bring up connection |
Table M.160. ike-PRF: IKE Pseudo-Random Function
Value | Description |
HMAC-MD5 | HMAC-MD5 |
HMAC-SHA1 | HMAC-SHA1 |
AES-XCBC-128 | AES-XCBC with 128-bit key |
HMAC-SHA256 | PRF-HMAC-SHA-256 (rfc4868) |
Table M.161. ike-DH: IKE Diffie-Hellman group
Value | Description |
none | No D-H negotiation (only used with AH/ESP) |
MODP-1024 | 1024-bit Sophie Germain Prime MODP Group |
MODP-2048 | 2048-bit Sophie Germain Prime MODP Group |
Table M.162. ike-ESN: IKE Sequence Number support
Value | Description |
ALLOW-ESN | Allow Extended Sequence Numbers (64 bits) |
ALLOW-SHORT-SN | Allow short sequence numbers (32 bits) |
Table M.163. ipsec-encapsulation: Manually keyed IPsec encapsulation mode
Value | Description |
tunnel | IPsec tunnel |
transport | IPsec transport |
Manual setting control for profile
Table M.164. switch: Profile manual setting
Value | Description |
false | Profile set to OFF |
true | Profile set to ON |
control-switch | Profile set based on control switch on home page |
Table M.165. dynamic-graph: Type of dynamic graph
Value | Description |
false | No dynamic graph |
ip | Use source IP address |
mac | Use source MAC address |
Table M.166. firewall-action: Firewall action
Value | Description |
continue | Continue rule-set checking |
accept | Allow but no more rule-set checking |
reject | End all rule checking now and set to send ICMP reject |
drop | End all rule checking now and set to drop |
ignore | End all rule checking and ignore (drop) just this packet, not making a session |
Table M.167. voip-format: Number presentation format
Value | Description |
transparent | Unchanged |
international | Full international number |
int-no-plus | International without leading plus |
national | With nat/int prefix |
local | Local number/extension |
block | Do not use for calls |
Table M.168. uknumberformat: Number formatting option
Value | Description |
false | Don't format numbers for display |
true | Format numbers for display with spacing |
replace-zero | Format numbers for display with spacing and replacing zeros - may look clearer on some CLI devices |
Table M.169. recordoption: Recording option
Value | Description |
false | Don't automatically record calls |
in-only | Automatically record incoming calls |
out-only | Automatically record outgoing calls |
true | Automatically record all calls |
Table M.170. voip-screen: Call screen setting
Value | Description |
false | Non ACR (deprecated) |
no-calls | Reject all calls |
accepted | Only directory screen accept calls |
found | Only directory screen found calls |
non-rejected | All non rejected calls |
acr | All non withhled calls |
true | ACR (deprecated) |
Table M.171. ring-group-order: Order of ring
Value | Description |
strict | Order in config |
random | Random order |
cyclic | Cycling from last call |
oldest | Oldest used phone first |
Table M.172. ring-group-type: Type of ring when one call in queue
Value | Description |
all | All phones |
cascade | Increasing number of phones |
sequence | One phone at a time |