D-Link DSR-250, Cli Reference Manual

Page 1: ...Unified Services Router CLI Reference Guide Release 1 04 Building Networks for People http security dlink com Small Business Gateway Solution DSR 250 250N 500 500N 1000 1000N...

Page 2: ...CLI Reference Guide Unified Services Router D Link Corporation Copyright 2011 http www dlink com...

Page 3: ...fitness for any particular purpose The manufacturer reserves the right to revise this publication and to make changes from time to time in the content hereof without obligation of the manufacturer to...

Page 4: ...Packets 15 6 3 util system_check 15 6 4 util system_check dns_lookup 15 6 5 util system_check traceroute 15 Chapter 7 Configure commands used in CLI 17 Chapter 8 Configuration commands under branch NE...

Page 5: ...ile add prof_name 39 8 37 net wan wan1 pppoeprofile edit prof_name 40 8 38 net wan wan2 pppoeprofile edit prof_name 40 8 39 net wan wan1 pppoeprofile delete prof_name 41 8 40 net wan wan2 pppoeprofile...

Page 6: ...rity vpn_passthrough configure 53 9 28 security firewall ipv4 configure 53 Chapter 10 Configuration commands under branch SYSTEM 55 10 1 system logging facility configure facility 55 10 2 system loggi...

Page 7: ...olicy add edit 74 12 10 vpn sslvpn policy delete row_id 75 12 11 vpn sslvpn portal layouts add edit 75 12 12 vpn sslvpn portal layouts delete row_id 75 12 13 vpn sslvpn portforwarding appconfig add 76...

Page 8: ...Unified Services Router CLI Reference Guide 6...

Page 9: ...t be managed by the CLI Firmware Upgrade Configuration Backup Restore Certificate Generate Upload Power Savings mode configuration System Dashboard Resource Utilization Please access the web browser b...

Page 10: ...to completes syntax checks then executes a command If there is a syntax error then offending part of the command line will be highlighted and explained space Auto completes or if the command is alread...

Page 11: ...es Router CLI Reference Guide 9 2 5 ESCAPE SEQUENCES Substitute the last command line N Substitute the Nth command line absolute as per history command N Substitute the command line entered N lines be...

Page 12: ...1 CLI commands can be divided into 4 categories Global commands Show commands Utility commands Configuration commands 3 2 The router configuration is divided into 5 branches Net Network Settings Secur...

Page 13: ...xit Exit this session help Display an overview of the CLI syntax top Return to the default mode reboot Reboot the system history Display the current session s command line history Number of commands i...

Page 14: ...etup Display ipv4 lan configuration 10 show net port management setup Display port management configuration 11 show net radvd setup Display radvd configuration 12 show net routing mode setup Display r...

Page 15: ...ation 13 show security trusted_domains setup Display trusted domains configuration 14 show security vpn_passthrough setup Display VPN passthrough Configuration The command show system at the CLI promp...

Page 16: ...n sslvpn portal layouts Show SSLVPN portal layout settings 7 show vpn sslvpn portforwarding appconfig Show SSLVPN port forwarding application configuration 8 show vpn sslvpn portforwarding hostconfig...

Page 17: ...s 6 2 util system_check capturePackets Sl No Command Name Description Type and Description 1 download Download the packet capture to the host machine Download the packet capture to the host machine 2...

Page 18: ...Unified Services Router CLI Reference Guide 16 Sl No Command Name Description Type and Description between the destination IP address and this router IP address...

Page 19: ...four automatic_tunneling enable Six to four tunnel configuration mode 11 net lan dhcp reserved_ip add Dhcp reserved ip configuration mode 12 net lan dhcp reserved_ip delete Delete the configured dhcp...

Page 20: ...ecurity blocked_keywords enable blocked Keyword configuration mode 7 security content_filtering configure content filtering configuration mode 8 security custom_service add custom service configuratio...

Page 21: ...on mode 38 security trusted_domain add trusted domains configuration mode 39 security trusted_domain delete trusted domains configuration mode 40 security trusted_domain edit trusted domains configura...

Page 22: ...lete mode 12 vpn sslvpn portal layouts add SSLVPN portal layout add mode 13 vpn sslvpn portal layouts edit SSLVPN portal layout edit mode 14 vpn sslvpn portal layouts delete SSLVPN portal layout delet...

Page 23: ...of all the configuration commands in the branch dot11 which is as follows Sl No Command Name Purpose 1 dot11 access point configure 802 11 access point configuration mode 2 dot11 access point delete...

Page 24: ...4 minimum_rate Minimum Bandwidth provided by user Minimum Bandwidth provided by user 0 100000 5 name Unique Profile Name STRING profile name 6 priority Priority Priority type low medium high 7 save Sa...

Page 25: ...s Local end point address type LAN Other_IP 2 ipv4_address The local end point address if not the LAN IPv4 address IP Address The local end point address 3 subnet_prefix This is the 64 bit subnet pref...

Page 26: ...address Sl No Command Name Description Type and Description 1 mac_address Reserved mac address used to delete MAC address Reserved Mac address you want to delete 8 10 net lan group add name Sl No Comm...

Page 27: ...IP address System lan ipv6 address 2 static prefix_length Set prefix length Integer Prefix length 3 dhcp domain_name Set DHCP Server s Domain Name String Domain name 4 dhcp rebind_time Set system Lea...

Page 28: ...Unsigned integer Prefix length 4 cancel Roll back ipv6 pool configuration changes 5 exit Save ipv6 pool configuration changes and exit current mode 6 save Save ipv6 pool configuration changes 8 17 net...

Page 29: ...nfiguration changes 8 20 net radvd configure Sl No Command Name Description Type and Description 1 enable Enable the RADVD process here to allow stateless auto configuration of the IPv6 LAN network Bo...

Page 30: ...ype Option whether to select the prefix type as 6to4 or Global Local ISATAP IPv6 prefix type 6To4 Global Local ISATAP 5 sla_id The SLA ID Site Level Aggregation Identifier in the 6to4 address prefix i...

Page 31: ...to day day in which md5 authentication key validity ends Day in the format DD 01 31 14 first_key valid_to hour hour in which md5 authentication key validity ends HH 00 23 using 24 hour clock 15 first_...

Page 32: ...cation key validity ends Second in the format SS 00 59 32 second_key valid_to year year in which md5 authentication key validity ends Year valid range is 1970 to 2037 33 cancel Roll back rip configura...

Page 33: ...o Command Name Description Type and Description 1 name Unique route name String Route name 8 27 net routing static ipv6 configure name Sl No Command Name Description Type and Description 1 name Unique...

Page 34: ...LANCING AUTO_ROLLOVER 2 loadbalancing algo If Mode Type selected is LOAD_BALANCING this field gives you options to configure LOAD_BALANCING credentials Enter the type of LoadBalancing Algo Round Robbi...

Page 35: ...failover_method type Select the Fail Over detection method Set detection Type from None 0 DNS lookup Using WAN DNS 1 DNS lookup Using CUSTOM 2 Ping IP Addresses 3 17 rollover failover_method dns ipadd...

Page 36: ...ise Enter No and give valid static dns addresses Boolean Choice Y N Enter Yes to get dns dynamically from ISP otherwise Enter No and give valid static dns addresses 5 dhcpc primary_dns Valid primary D...

Page 37: ...make a connection with the ISP server IP address AAA BBB CCC DDD where each part is in the range 0 255 23 pptp password Enter the password to log in String Alphanumeric password 24 pptp server_address...

Page 38: ...e secret phrase to log into the server String Alphanumeric server secret phrase 7 l2tp server_address IP address of the L2TP server IP address AAA BBB CCC DDD where each part is in the range 0 255 8 l...

Page 39: ...anumeric username 28 threeg password Enter the password to log in String Alphanumeric password 29 threeg get_dns_from_isp Enter Yes to get dns dynamically from ISP otherwise Enter No and give valid st...

Page 40: ...onfiguration changes 12 Exit Save wan configuration changes and exit current mode 13 Save Save wan configuration changes 8 35 net wan wan1 pppoeprofile add prof_name Sl No Command Name Description Typ...

Page 41: ...ity_type Set connectivity type ISP Connectivity Types keepalive idletimeout 5 get_dns_from_isp Enter Yes to get dns dynamically from ISP otherwise Enter No and give valid static dns addresses Boolean...

Page 42: ...rver IP Address IP address Secondary dns 8 get_ip_from_isp Getting the ip mode type weather to get from ISP or static IP Boolean Choice Y N 9 static_ip Setting static ip address if not obtaining the I...

Page 43: ...sk if not obtaining from ISP IP address Subnet Mask 11 Service Setting optional service name String type 12 cancel Roll back wan configuration changes 13 exit Save wan configuration changes and exit c...

Page 44: ...configuration Boolean Choice Y N 3 isp type Set type of connection used static dhcpc PPPoE Isp type Static dhcpc PPPoE 4 Static gateway_address Set ipv6 gateway address IP Address Gateway address 5 s...

Page 45: ...Destination user String 3 Destination_Network Destination network type ANY SINGLE_ADDRESS ADDRESS_RANGE 4 Local_Gateway Local gateway type Type Dedicated WAN Configurable WAN 5 Service Available Serv...

Page 46: ...mand Name Description Type and Description 1 enable Enable or disable Dyndns to provide Dynamic DNS service Boolean Choice Enable Disable 2 hostname Set Hostname String 3 time_update_enable Set Timepe...

Page 47: ...stealthMode Enable or Disable Stealth Mode Enable Disable Stealth Mode Y N 6 tcp_block_enable tcpBlock Enable or Disable TCP Flood on WAN port Enable Disable TCP Flood on WAN Y N 7 udp_block_enable ud...

Page 48: ...escription Type and Description 1 enable status Enable Disable content Filtering Enable Disable content Filtering Y N 2 activex_enable activex enable disable activex enable disable activex Y N 3 cooki...

Page 49: ...Of the service to be deleted 9 9 security firewall ipv4 default_outbound_policy Sl No Command Name Description Type and Description 1 security firewall ipv4 default_outbound_policy_ena ble default_out...

Page 50: ...ource_address_start srcAddrStart Start IP of the Source user Start IP of the Source user 14 source_address_type srcType Type of the source user Type of user address Any Single Address Address Range 15...

Page 51: ...ble intrusionLogStatus Enable Disable intrusion logs Boolean choice Y N Enable Disable intrusion logs 3 save Save IDS configuration changes 4 exit Save IDS configuration changes and exit current mode...

Page 52: ...f the rule String Specifies an easily identifiable name for this rule 4 outgoing_start_port outPortStart start port number of the outgoing traffic Port number 0 65535 5 outgoing_end_port outPortEnd en...

Page 53: ...ours startSchedHours hours schedule time unit type 1 12 11 time_of_day start mins startSchedMins minutes minute in the format MM 00 59 12 time_of_day start meridiem startSchedMeridian meridiem Schedul...

Page 54: ...ings configuration changes 9 exit Save session settings configuration changes and exit current mode 9 22 security mac_filter source add edit Sl No Command Name Description Type and Description 1 addre...

Page 55: ...d Name Description Type and Description 1 security trusted_domain delete row_id Row Id Of the rule to be deleted Integer Row Id Of the rule to be deleted 9 27 security vpn_passthrough configure Sl No...

Page 56: ...for which a rule is to be added NORMAL CUSTOM 2 service service_custom Name of the custom service for which a rule is to be added custom name should already be added into custom service String Custom...

Page 57: ...width Limit logs Enable Disable Boolean Choice Y N 2 broadcast_or_multicast_traffic _logs broadcastOrMulticastTraffic All Broadcast Multicast Traffic logs Enable Disable Boolean Choice Y N 3 lan_wan_a...

Page 58: ...Set schedule meridiem Time in A M or P M Required only if unit is daily or weekly AM PM 8 schedule time time Set schedule time Schedule time Required only if unit is daily or weekly 0 00 1 00 2 00 3...

Page 59: ...mode 10 5 system radius delete radiusServer Sl No Command Name Description Type and Description 1 radiusServer IP address of RADIUS server to configure Radius server IP address AAA BBB CCC DDD where...

Page 60: ...No Command Name Description Type and Description 1 agent ip_address The IP address of the SNMP agent IP address AAA BBB CCC DDD where each part is in the range 0 255 2 community community The communit...

Page 61: ...s QoS configuration Mode String 6 Security Security configuration mode advanced_network Security advanced setup application_rules Application Rules Configuration setup Firewall Firewall rules setup Id...

Page 62: ...to use system default NTP servers Boolean Y N Enable Disable use of default NTP servers 6 cancel Roll back time configuration changes 7 exit Save time configuration changes and exit current mode 8 sa...

Page 63: ...traffic counter as either specific time or restart counter now Counter type SpecificTime RestartCounter 3 day_of_month dayMonth set day of month Calendar day of month 1 31 4 increase_limit_by incrLimi...

Page 64: ...for group Integer 10 14 system group edit row_id Sl No Command Name Description Type and Description 1 system group edit row id The rowid of the group to be edited Integer 10 15 system group delete ro...

Page 65: ...password user Sl No Command Name Description Type and Description 1 system users password user Password to be entered String User to edit configuration 10 20 system usb usb1 configure Sl No Command N...

Page 66: ...vated and available for use if enabled Hours 1 to 12 6 start_time meridian the meridian of the day when the AP is activated and available for use if enabled Meridiem am pm 7 start_time minute the minu...

Page 67: ...te ap_name mac_address Sl No Command Name Description Type and Description 1 ap_name Unique name of the access point String Access point name 2 mac_address MAC address to delete to ACL MAC address AA...

Page 68: ...from Index Index at which key is installed 1 2 3 4 passphrase to use to generate WEP Key 15 wpa authentication Set WPA authentication type WPA authentication type PSK RADIUS PSK RADIUS 16 wpa encrypt...

Page 69: ...escription 1 radio_num Radio to configure Unsigned integer Radio number 2 channel channel Set the channel used by radio Unsigned integer Channel number or Auto to let system select 3 channel_spacing v...

Page 70: ...String Ike policy name 12 4 vpn ipsec policy configure name Sl No Command Name Description Type and Description 1 name Unique vpn policy name String vpn policy name 2 general_policy_ty pe For manual p...

Page 71: ...an choice Y N 11 general_enable_ro llover Check this box to allow the VPN to rollover when WAN Mode is set to Auto Rollover on the WAN Mode page RollOver Boolean choice Y N 12 general_protocol Select...

Page 72: ...rsal Boolean Choice Y N 25 auto_phase1_nat_k eepalive_frequecy When NAT traversal is set to On use this option to control the keep alive frequency value Keep alive packets are sent at the mentioned ti...

Page 73: ...ic key to be shared with IKE peer 35 auto_phase1_dh_gr oup The Diffie Hellman algorithm is used when exchanging keys The DH Group sets the strength of the algorithm in bits None Group1 Group2 Group5 G...

Page 74: ...AES 192 AES 256 AES CCM AES GCM TWOFISH 128 192 256 BLOWFISH CAST128 47 manual_key_length BLOWFISH and CAST128 are variable length algorithms and so the key length field is required when using either...

Page 75: ...A2 384 SHA2 512 57 auto_phase2_enabl e_pfskeygroup Enable Perfect Forward Secrecy PFS to improve security While slower this protocol helps to prevent eavesdroppers by ensuring that a Diffie Hellman ex...

Page 76: ...D where each part is in the range 0 255 4 secondary_dns Secondary DNS Server IP address AAA BBB CCC DDD where each part is in the range 0 255 5 begin_clientaddress Client address range begin IP addres...

Page 77: ...layouts add edit Sl No Command Name Description Type and Description 1 portal_name Portal Layout Name String Max 128 characters and no or empty space or 2 portal_title Portal Site Title String Max 128...

Page 78: ...portforwarding hostconfig add Sl No Command Name Description Type and Description 1 serverip Local Server IP Address IP address AAA BBB CCC DDD where each part is in the range 0 255 2 domain_name Full...

Page 79: ...nge 0 255 4 mask_length Mask Length number in range of 0 to 32 5 start_port Begin port number Port number 6 end_port End port number Port number 7 icmp_block Block Icmp Boolean Y N 12 20 vpn sslvpn re...

Page 80: ...5 g authentication_se rver2 Second Authentication server address IP address AAA BBB CCC DDD where each part is in the range 0 255 6 authentication_se rver3 Third Authentication server address IP addr...

Page 81: ...se rver1 First Authentication server address IP address AAA BBB CCC DDD where each part is in the range 0 255 5 g authentication_se rver2 Second Authentication server address IP address AAA BBB CCC DD...

Page 82: ...ption 1 domainname Row id of domain to be deleted Unsigned integer Row number 12 26 vpn sslvpn users users login_policies user_row_id Sl No Command Name Description Type and Description 1 disable_logi...

Page 83: ...ow_id Row id of policy table to be deleted Unsigned integer Row number 12 29 vpn sslvpn users users browser_policies user_row_id Sl No Command Name Description Type and Description 1 allow_login_from_...