Translate from cisco commands to Huawei commands---Security Policy

Latest reply: Dec 29, 2018 13:40:12 124 1 6 0
Cisco   CommandsHuawei Commands
aaa   authentication login authentication-scheme-name group tacacs+ localauthentication-scheme   authentication-scheme-name
   
      authentication-mode hwtacacs local
aaa   authorization commands 0 authentication-scheme-name group tacacs+ noneauthorization-scheme authentication-scheme-name
   
      authorization-cmd 0 hwtacacs
aaa   authorization exec authentication-scheme-name group tacacs+ noneauthorization-scheme authentication-scheme-name
   
      authorization-mode hwtacacs none
access-class acl-number {in|out}acl acl-number {inbound|outbound}
access-class vty-acl in vrf-alsoaccess-class vty-acl inbound
access-list acl-number permit ip host source-address anyacl acl-number
    rule permit ip source source-address source-wildcard
authorization   commands privilege-level   consoleauthentication-scheme   authentication-scheme-name
   
       authorization-cmd privilege-level hwtacacs local
authorization   exec consoleauthentication-scheme   authentication-scheme-name
       authorization-mode hwtacacs local
crypto pki   certificate chain
     TP-self-signed-986141604
pki realm   realm-name  (建立KPI域)
    ca id TP-self-signed-986141604
login   authentication consoleauthentication-mode   aaa
permit tcp   any any eq portrule permit tcp   destination any source any destination-port eq port
permit tcp   any eq port anyrule permit tcp   destination any source any source-port eq port
dot1x   system-auth-controldot1x enable
dot1x   auth-mode chapdot1x   authentication-method chap
dot1x   server-timeout-max server-timeout-valuedot1x timer   server-timeout server-timeout-value
dot1x   probe-timer alive handshake-period-valuedot1x handshake
   
    dot1x timer handshake-period handshake-period-value
no ip   gratuitous-arpsundo arp   gratuitous-arp send enable
aaa group   server radius template-name
    server ip-address
radius-server   template template-name
    radius-server authorization
ip-address
    radius-server authentication ip ip-address
port
    radius-server accounting ip ip-address port
radius-server   host ip-addressradius-server   template template-name
    radius-server authorization
ip-address
    radius-server authentication ip ip-address port  
    radius-server accounting ip ip-address port
radius-server   host ip-address key key-stringradius-server   template template-name
    radius-server shared-key
key-string
    radius-server authorization
ip-address
    radius-server authentication ip-address
port
    radius-server accounting ip-address port
aaa group   server tacacs+ template-name
    server ip-address
hwtacacs-server   template template-name
    hwtacacs-server authorization
ip-address
    hwtacacs-server authentication
ip-address
    hwtacacs-server accounting ip-address
tacacs-server   host ip-addresshwtacacs-server   template template-name
    hwtacacs-server authentication
ip-address
    hwtacacs-server authorization
ip-address
    hwtacacs-server accounting ip-address
tacacs-server   host ip-address key key-stringhwtacacs-server   template template-name
    hwtacacs-server shared-key
key-string
    hwtacacs-server authentication
ip-address
    hwtacacs-server authorization
ip-address
    hwtacacs-server accounting ip-address
tacacs-server   key key-stringhwtacacs-server   shared-key simple key-string
tacacs-server   key 7 key-stringhwtacacs-server   shared-key cipher key-string
tacacs-server   timeout valuehwtacacs-server timer   response-timeout value
{deny|permit}   source-address source-wildcardrule {deny|permit} source-address source-wildcard
{deny|permit}   anyrule {deny|permit}   source any
access-list access-list-number   {deny|permit}  source-address source-wildcardacl number access-list-number
    rule {deny|permit} source source-address source-wildcard
access-list access-list-number {deny|permit} anyacl access-list-number
    rule {deny|permit} any
access-list access-list-number permit source-address source-wildcardacl number access-list-number
    rule permit source source-address source-wildcard
access-list access-list-number remark textacl number access-list-number
    description text
access-list number {deny|permit} ipacl number number
   
    rule {deny|permit} source ip 0
ip   access-list standard access-list-nameacl name access-list-number basic
ip   access-list standard access-list-numberacl number number
{deny|permit}   iprule {deny|permit}   source ip 0
{deny|permit}   ip source-address source-wildcard destination-address destination-wildcardrule {deny|permit} ip   source source-address source-wildcard destination destination-address destination-wildcard
{deny|permit}   ip source-address source-wildcard anyrule {deny|permit} ip   source source-address source-wildcard destination any
{deny|permit}   ip any destination-address destination-wildcardrule {deny|permit} ip   source any destination destination-address destination-wildcard
{deny|permit}   ip any anyrule {deny|permit} ip   source any destination any
access-list access-list-number {deny|permit} ip source-address source-wildcard destination-address destination-wildcardacl  access-list-number
    rule {deny|permit} ip source source-address source-wildcard destination destination-address destination-wildcard
access-list access-list-number {deny|permit} ip   any anyacl access-list-number
    rule {deny|permit} ip source any destination any
access-list number {deny|permit} icmp ip mask ip maskacl number number
   
    rule {deny|permit} icmp source ip mask   destination ip mask
access-list number {deny|permit} icmp ip mask anyacl number number
   
    rule {deny|permit} icmp source ip mask   destination any
access-list number {deny|permit} icmp ip mask host ipacl number number
   
    rule {deny|permit} icmp source ip mask   destination ip 0
access-list number {deny|permit} icmp any ip maskacl number number
   
    rule {deny|permit} icmp source any destination ip mask
access-list number {deny|permit} icmp any host ipacl number number
   
    rule {deny|permit} icmp source any destination ip 0
access-list number {deny|permit} icmp host ip ip maskacl number number
   
    rule {deny|permit} icmp source ip 0 destination ip mask
access-list number {deny|permit} icmp host ip anyacl number number
   
    rule {deny|permit} icmp source ip 0
access-list number {deny|permit} icmp host ip host ipacl number number
   
    rule {deny|permit} icmp source ip 0 destination ip 0
access-list number {deny|permit} ip ip mask anyacl number number
   
    rule {deny|permit} ip source ip mask   destination any
access-list number {deny|permit} ip ip mask host ipacl number number
   
    rule {deny|permit} ip source ip mask   destination ip 0
access-list number {deny|permit} ip any ip maskacl number number
   
    rule {deny|permit} ip source any destination ip mask
access-list number {deny|permit} ip any host ipacl number number
   
    rule {deny|permit} ip source any destination ip 0
access-list number {deny|permit} ip host ip ip maskacl number number
   
    rule {deny|permit} ip source ip 0 destination ip mask
access-list number {deny|permit} ip host ip anyacl number number
   
    rule {deny|permit} ip source ip 0
access-list number {deny|permit} ip host ip host ipacl number number
   
    rule {deny|permit} ip source ip 0 destination ip 0
access-list number permit icmp any ip mask echoacl number
   
    rule permit icmp source any destination ip mask   icmp-type echo
access-list number permit icmp any ip mask echo-replyacl number
   
    rule permit icmp source any destination ip mask   icmp-type echo-reply
access-list number permit icmp any ip mask packet-too-bigacl number
   
    rule permit icmp source any destination ip mask   icmp-type fragmentneed-DFset
access-list number permit icmp any ip mask port-unreachableacl number
   
    rule permit icmp source any destination ip mask   icmp-type port-unreachable
access-list number permit icmp any ip mask ttl-exceededacl number
   
    rule permit icmp source any destination ip mask   icmp-type ttl-exceeded
access-list number permit icmp any anyacl number
   
    rule permit icmp source any destination any
access-list number permit icmp any any fragmentsacl number
   
    rule permit icmp source any destination any fragment
access-list number permit tcp any any eq port rstacl number
   
    rule permit tcp source any destination any destination-port eq port   tcp-flag rst
access-list number permit tcp any any eq bgp rstacl number
   
    rule permit tcp source any destination any destination-port eq bgp tcp-flag   rst
ip   access-list extended access-list-nameacl name access-list-name advance
ip   access-list extended numberacl number number
{deny|permit}   icmp @param[1] @param[2] @param[3] @param[4] @param[5]rule {deny|permit}   icmp source @param @param destination @param @param icmp-type @param
{deny|permit}   icmp @param[1] @param[2] @param[3] @param[4] fragmentsrule {deny|permit}   icmp source @param @param destination @param @param fragment
{deny|permit}   icmp @param[1] @param[2] any @param[3]rule {deny|permit}   icmp source @param @param destination any icmp-type @param
{deny|permit}   icmp @param[1] @param[2] any fragmentsrule {deny|permit}   icmp source @param @param destination any fragment
{deny|permit}   icmp @param[1] @param[2] any packet-too-bigrule {deny|permit}   icmp source @param @param destination any icmp-type fragmentneed-DFset
{deny|permit}   icmp @param[1] @param[2] host @param[3] @param[4]rule {deny|permit}   icmp source @param @param destination @param 0 icmp-type @param
{deny|permit}   icmp @param[1] @param[2] host @param[3] fragmentsrule {deny|permit}   icmp source @param @param destination @param 0 fragment
{deny|permit}   icmp @param[1] @param[2] host @param[3] packet-too-bigrule {deny|permit}   icmp source @param @param destination @param 0 icmp-type fragmentneed-DFset
{deny|permit}   icmp any @param[1] @param[2] @param[3]rule {deny|permit}   icmp source any destination @param @param icmp-type @param
{deny|permit}   icmp any @param[1] @param[2] fragmentsrule {deny|permit}   icmp source any destination @param @param fragment
{deny|permit}   icmp any @param[1] @param[2] packet-too-bigrule {deny|permit}   icmp source any destination @param @param icmp-type fragmentneed-DFset
{deny|permit}   icmp any any @param[1]rule {deny|permit}   icmp source any destination any icmp-type @param
{deny|permit}   icmp any any fragmentsrule {deny|permit}   icmp source any destination any fragment
{deny|permit}   icmp any any packet-too-bigrule {deny|permit}   icmp source any destination any icmp-type fragmentneed-DFset
{deny|permit}   icmp any host @param[1] @param[2]rule {deny|permit}   icmp source any destination @param 0 icmp-type @param
{deny|permit}   icmp any host @param[1] fragmentsrule {deny|permit}   icmp source any destination @param 0 fragment
{deny|permit}   icmp any host @param[1] packet-too-bigrule {deny|permit}   icmp source any destination @param 0 icmp-type fragmentneed-DFset
{deny|permit}   icmp host @param[1] @param[2] @param[3] @param[4]rule {deny|permit}   icmp source @param 0 destination @param @param icmp-type @param
{deny|permit}   icmp host @param[1] @param[2] @param[3] fragmentsrule {deny|permit}   icmp source @param 0 destination @param @param fragment
{deny|permit}   icmp host @param[1] @param[2] @param[3] packet-too-bigrule {deny|permit}   icmp source @param 0 destination @param @param icmp-type fragmentneed-DFset
{deny|permit}   icmp host @param[1] any @param[2]rule {deny|permit}   icmp source @param 0 icmp-type @param
{deny|permit}   icmp host @param[1] any fragmentsrule {deny|permit}   icmp source @param 0 fragment
{deny|permit}   icmp host @param[1] any packet-too-bigrule {deny|permit}   icmp source @param 0 icmp-type fragmentneed-DFset
{deny|permit}   icmp host @param[1] host @param[2] @param[3]rule {deny|permit}   icmp source @param 0 destination @param 0 icmp-type @param
{deny|permit}   icmp host @param[1] host @param[2] fragmentsrule {deny|permit}   icmp source @param 0 destination @param 0 fragment
{deny|permit}   icmp host @param[1] host @param[2] packet-too-bigrule {deny|permit}   icmp source @param 0 destination @param 0 icmp-type fragmentneed-DFset
{deny|permit}   ip @param[1] @param[2] @param[3] @param[4] precedence @param[5] @param[0]rule {deny|permit} ip   source @param @param destination @param @param precedence @param
{deny|permit}   ip @param[1] @param[2] any precedence @param[3] @param[0]rule {deny|permit} ip   source @param @param destination any precedence @param
{deny|permit}   ip @param[1] @param[2] host @param[3] precedence @param[4] @param[0]rule {deny|permit} ip   source @param @param destination @param 0 precedence @param
{deny|permit}   ip ip mask ip maskrule {deny|permit} ip   source ip mask destination ip mask
{deny|permit}   ip ip mask anyrule {deny|permit} ip   source ip mask destination any
{deny|permit}   ip ip mask host iprule {deny|permit} ip   source ip mask destination ip 0
{deny|permit}   ip any @param[1] @param[2] precedence @param[3] @param[0]rule {deny|permit} ip   source any destination @param @param precedence @param
{deny|permit}   ip any ip maskrule {deny|permit} ip   source any destination ip mask
{deny|permit}   ip any anyrule {deny|permit} ip   source any destination any
{deny|permit}   ip any any precedence @param[1] @param[0]rule {deny|permit} ip   source any destination any precedence @param
{deny|permit}   ip any host @param[1] precedence @param[2] @param[0]rule {deny|permit} ip   source any destination @param 0 precedence @param
{deny|permit}   ip host @param[1] @param[2] @param[3] precedence @param[4] @param[0]rule {deny|permit} ip   source @param 0 destination @param @param precedence @param
{deny|permit}   ip host @param[1] any precedence @param[2] @param[0]rule {deny|permit} ip   source @param 0 precedence @param
{deny|permit}   ip host @param[1] host @param[2] precedence @param[3] @param[0]rule {deny|permit} ip   source @param 0 destination @param 0 precedence @param
{deny|permit}   ip host ip anyrule {deny|permit} ip   source ip 0 destination any
{deny|permit}   ip host ip host iprule {deny|permit} ip   source ip 0 destination ip 0
{deny|permit}   tcp @param[1] @param[2] eq @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   tcp source @param @param source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] eq @param[3] any range @param[4] @param[5]rule {deny|permit}   tcp source @param @param source-port eq @param destination any   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] eq @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param @param source-port eq @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] gt @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   tcp source @param @param source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] gt @param[3] any range @param[4] @param[5]rule {deny|permit}   tcp source @param @param source-port gt @param destination any   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] gt @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param @param source-port gt @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] lt @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   tcp source @param @param source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] lt @param[3] any range @param[4] @param[5]rule {deny|permit}   tcp source @param @param source-port lt @param destination any   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] lt @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param @param source-port lt @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] eq   @param[7]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param   @param destination-port eq @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] gt   @param[7]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param   @param destination-port gt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] lt   @param[7]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param   @param destination-port lt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] range   @param[7] @param[8]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param   @param destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] any eq @param[5]rule {deny|permit}   tcp source @param @param source-port range @param @param destination any   destination-port eq @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] any gt @param[5]rule {deny|permit}   tcp source @param @param source-port range @param @param destination any   destination-port gt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] any lt @param[5]rule {deny|permit}   tcp source @param @param source-port range @param @param destination any   destination-port lt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] any range @param[5]   @param[6]rule {deny|permit}   tcp source @param @param source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] host @param[5] eq @param[6]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param 0   destination-port eq @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] host @param[5] gt @param[6]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param 0   destination-port gt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] host @param[5] lt @param[6]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   tcp @param[1] @param[2] range @param[3] @param[4] host @param[5] range   @param[6] @param[7]rule {deny|permit}   tcp source @param @param source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp ip mask ip mask   range port1 port2rule {deny|permit}   tcp source ip mask destination ip mask destination-port range port1 port2
{deny|permit}   tcp ip mask any range port1 port2rule {deny|permit}   tcp source ip mask destination any   destination-port range port1 port2
{deny|permit}   tcp ip mask host ip range port1 port2rule {deny|permit}   tcp source ip mask destination ip 0 destination-port range port1 port2
{deny|permit}   tcp ip mask range port1 port2 ip maskrule {deny|permit}   tcp source ip mask source-port range port1 port2 destination ip mask
{deny|permit}   tcp ip mask range port1 port2   anyrule {deny|permit}   tcp source ip mask source-port range port1 port2 destination any
{deny|permit}   tcp ip mask range port1 port2   host iprule {deny|permit}   tcp source ip mask source-port range port1 port2 destination ip 0
{deny|permit}   tcp any ip mask range port1 port2rule {deny|permit}   tcp source any destination ip mask destination-port range port1 port2
{deny|permit}   tcp any any range port1 port2rule {deny|permit}   tcp source any destination any destination-port range port1 port2
{deny|permit}   tcp any eq @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source any source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp any eq @param[1] any range @param[2] @param[3]rule {deny|permit}   tcp source any source-port eq @param destination any destination-port range   @param @param
{deny|permit}   tcp any eq @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   tcp source any source-port eq @param destination @param 0 destination-port   range @param @param
{deny|permit}   tcp any gt @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source any source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp any gt @param[1] any range @param[2] @param[3]rule {deny|permit}   tcp source any source-port gt @param destination any destination-port range   @param @param
{deny|permit}   tcp any gt @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   tcp source any source-port gt @param destination @param 0 destination-port   range @param @param
{deny|permit}   tcp any host ip range port1 port2rule {deny|permit}   tcp source any destination ip   0 destination-port range port1 port2
{deny|permit}   tcp any lt @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source any source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp any lt @param[1] any range @param[2] @param[3]rule {deny|permit}   tcp source any source-port lt @param destination any destination-port range   @param @param
{deny|permit}   tcp any lt @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   tcp source any source-port lt @param destination @param 0 destination-port   range @param @param
{deny|permit}   tcp any range @param[1] @param[2] @param[3] @param[4]rule {deny|permit}   tcp source any source-port range @param @param destination @param @param
{deny|permit}   tcp any range @param[1] @param[2] @param[3] @param[4] eq @param[5]rule {deny|permit}   tcp source any source-port range @param @param destination @param @param   destination-port eq @param
{deny|permit}   tcp any range @param[1] @param[2] @param[3] @param[4] gt @param[5]rule {deny|permit}   tcp source any source-port range @param @param destination @param @param   destination-port gt @param
{deny|permit}   tcp any range @param[1] @param[2] @param[3] @param[4] lt @param[5]rule {deny|permit}   tcp source any source-port range @param @param destination @param @param   destination-port lt @param
{deny|permit}   tcp any range @param[1] @param[2] @param[3] @param[4] range @param[5]   @param[6]rule {deny|permit}   tcp source any source-port range @param @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp any range @param[1] @param[2] any eq @param[3]rule {deny|permit}   tcp source any source-port range @param @param destination any   destination-port eq @param
{deny|permit}   tcp any range @param[1] @param[2] any gt @param[3]rule {deny|permit}   tcp source any source-port range @param @param destination any   destination-port gt @param
{deny|permit}   tcp any range @param[1] @param[2] any lt @param[3]rule {deny|permit}   tcp source any source-port range @param @param destination any   destination-port lt @param
{deny|permit}   tcp any range @param[1] @param[2] any range @param[3] @param[4]rule {deny|permit}   tcp source any source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   tcp any range @param[1] @param[2] host @param[3] eq @param[4]rule {deny|permit}   tcp source any source-port range @param @param destination @param 0   destination-port eq @param
{deny|permit}   tcp any range @param[1] @param[2] host @param[3] gt @param[4]rule {deny|permit}   tcp source any source-port range @param @param destination @param 0   destination-port gt @param
{deny|permit}   tcp any range @param[1] @param[2] host @param[3] lt @param[4]rule {deny|permit}   tcp source any source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   tcp any range @param[1] @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source any source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp any range port1 port2 anyrule {deny|permit}   tcp source any source-port range port1 port2   destination any
{deny|permit}   tcp any range port1 port2 host iprule {deny|permit}   tcp source any source-port range port1 port2   destination ip 0
{deny|permit}   tcp host @param[1] eq @param[2] @param[3] @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param 0 source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp host @param[1] eq @param[2] any range @param[3] @param[4]rule {deny|permit}   tcp source @param 0 source-port eq @param destination any destination-port   range @param @param
{deny|permit}   tcp host @param[1] eq @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source @param 0 source-port eq @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp host @param[1] gt @param[2] @param[3] @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param 0 source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp host @param[1] gt @param[2] any range @param[3] @param[4]rule {deny|permit}   tcp source @param 0 source-port gt @param destination any destination-port   range @param @param
{deny|permit}   tcp host @param[1] gt @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source @param 0 source-port gt @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp host @param[1] lt @param[2] @param[3] @param[4] range @param[5] @param[6]rule {deny|permit}   tcp source @param 0 source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp host @param[1] lt @param[2] any range @param[3] @param[4]rule {deny|permit}   tcp source @param 0 source-port lt @param destination any destination-port   range @param @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] @param[4] @param[5] eq @param[6]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param @param   destination-port eq @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] @param[4] @param[5] gt @param[6]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param @param   destination-port gt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] @param[4] @param[5] lt @param[6]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param @param   destination-port lt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] @param[4] @param[5] range   @param[6] @param[7]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param @param   destination-port range @param @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] any eq @param[4]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination any   destination-port eq @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] any gt @param[4]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination any   destination-port gt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] any lt @param[4]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination any   destination-port lt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] any range @param[4] @param[5]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] host @param[4] eq @param[5]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param 0   destination-port eq @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] host @param[4] gt @param[5]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param 0   destination-port gt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] host @param[4] lt @param[5]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   tcp host @param[1] range @param[2] @param[3] host @param[4] range @param[5]   @param[6]rule {deny|permit}   tcp source @param 0 source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   tcp host ip ip mask range port1 port2rule {deny|permit}   tcp source ip 0 destination ip mask destination-port range port1 port2
{deny|permit}   tcp host ip any range port1 port2rule {deny|permit}   tcp source ip 0 destination   any destination-port range port1 port2
{deny|permit}   tcp host ip host ip range port1 port2rule {deny|permit}   tcp source ip 0 destination ip 0 destination-port range port1 port2
{deny|permit}   tcp host ip range port1 port2 ip maskrule {deny|permit}   tcp source ip 0 source-port   range port1 port2 destination ip mask
{deny|permit}   tcp host ip range port1 port2 anyrule {deny|permit}   tcp source ip 0 source-port   range port1 port2 destination any
{deny|permit}   udp @param[1] @param[2] eq @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   udp source @param @param source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] eq @param[3] any range @param[4] @param[5]rule {deny|permit}   udp source @param @param source-port eq @param destination any   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] eq @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   udp source @param @param source-port eq @param destination @param 0   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] gt @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   udp source @param @param source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] gt @param[3] any range @param[4] @param[5]rule {deny|permit}   udp source @param @param source-port gt @param destination any   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] gt @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   udp source @param @param source-port gt @param destination @param 0   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] lt @param[3] @param[4] @param[5] range @param[6]   @param[7]rule {deny|permit}   udp source @param @param source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] lt @param[3] any range @param[4] @param[5]rule {deny|permit}   udp source @param @param source-port lt @param destination any   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] lt @param[3] host @param[4] range @param[5] @param[6]rule {deny|permit}   udp source @param @param source-port lt @param destination @param 0   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] eq   @param[7]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param   @param destination-port eq @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] gt   @param[7]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param   @param destination-port gt @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] lt   @param[7]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param   @param destination-port lt @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] @param[5] @param[6] range   @param[7] @param[8]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param   @param destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] any eq @param[5]rule {deny|permit}   udp source @param @param source-port range @param @param destination any   destination-port eq @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] any lt @param[5]rule {deny|permit}   udp source @param @param source-port range @param @param destination any   destination-port lt @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] any range @param[5]   @param[6]rule {deny|permit}   udp source @param @param source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] host @param[5] eq @param[6]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param 0   destination-port eq @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] host @param[5] gt @param[6]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param 0   destination-port gt @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] host @param[5] lt @param[6]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   udp @param[1] @param[2] range @param[3] @param[4] host @param[5] range   @param[6] @param[7]rule {deny|permit}   udp source @param @param source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   udp ip mask ip mask   range port1 port2rule {deny|permit}   udp source ip mask destination ip mask destination-port range port1 port2
{deny|permit}   udp ip mask any range port1 port2rule {deny|permit}   udp source ip mask destination any   destination-port range port1 port2
{deny|permit}   udp ip mask host ip range port1 port2rule {deny|permit}   udp source ip mask destination ip 0 destination-port range port1 port2
{deny|permit}   udp ip mask range port1 port2 ip maskrule {deny|permit}   udp source ip mask source-port range port1 port2 destination ip mask
{deny|permit}   udp ip mask range port1 port2   anyrule {deny|permit}   udp source ip mask source-port range port1 port2 destination any
{deny|permit}   udp ip mask range port1 port2   host iprule {deny|permit}   udp source ip mask source-port range port1 port2 destination ip 0
{deny|permit}   udp any ip mask range port1 port2rule {deny|permit}   udp source any destination ip mask destination-port range port1 port2
{deny|permit}   udp any any range port1 port2rule {deny|permit}   udp source any destination any destination-port range port1 port2
{deny|permit}   udp any eq @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   udp source any source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   udp any eq @param[1] any range @param[2] @param[3]rule {deny|permit}   udp source any source-port eq @param destination any destination-port range   @param @param
{deny|permit}   udp any eq @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   udp source any source-port eq @param destination @param 0 destination-port   range @param @param
{deny|permit}   udp any gt @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   udp source any source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp any gt @param[1] any range @param[2] @param[3]rule {deny|permit}   udp source any source-port gt @param destination any destination-port range   @param @param
{deny|permit}   udp any gt @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   udp source any source-port gt @param destination @param 0 destination-port   range @param @param
{deny|permit}   udp any host ip range port1 port2rule {deny|permit}   udp source any destination ip   0 destination-port range port1 port2
{deny|permit}   udp any lt @param[1] @param[2] @param[3] range @param[4] @param[5]rule {deny|permit}   udp source any source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp any lt @param[1] any range @param[2] @param[3]rule {deny|permit}   udp source any source-port lt @param destination any destination-port range   @param @param
{deny|permit}   udp any lt @param[1] host @param[2] range @param[3] @param[4]rule {deny|permit}   udp source any source-port lt @param destination @param 0 destination-port   range @param @param
{deny|permit}   udp any range @param[1] @param[2] @param[3] @param[4] eq @param[5]rule {deny|permit}   udp source any source-port range @param @param destination @param @param   destination-port eq @param
{deny|permit}   udp any range @param[1] @param[2] @param[3] @param[4] gt @param[5]rule {deny|permit}   udp source any source-port range @param @param destination @param @param   destination-port gt @param
{deny|permit}   udp any range @param[1] @param[2] @param[3] @param[4] lt @param[5]rule {deny|permit}   udp source any source-port range @param @param destination @param @param   destination-port lt @param
{deny|permit}   udp any range @param[1] @param[2] @param[3] @param[4] range @param[5]   @param[6]rule {deny|permit}   udp source any source-port range @param @param destination @param @param   destination-port range @param @param
{deny|permit}   udp any range @param[1] @param[2] any eq @param[3]rule {deny|permit}   udp source any source-port range @param @param destination any   destination-port eq @param
{deny|permit}   udp any range @param[1] @param[2] any gt @param[3]rule {deny|permit}   udp source any source-port range @param @param destination any   destination-port gt @param
{deny|permit}   udp any range @param[1] @param[2] any lt @param[3]rule {deny|permit}   udp source any source-port range @param @param destination any   destination-port lt @param
{deny|permit}   udp any range @param[1] @param[2] any range @param[3] @param[4]rule {deny|permit}   udp source any source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   udp any range @param[1] @param[2] host @param[3] gt @param[4]rule {deny|permit}   udp source any source-port range @param @param destination @param 0   destination-port gt @param
{deny|permit}   udp any range @param[1] @param[2] host @param[3] lt @param[4]rule {deny|permit}   udp source any source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   udp any range @param[1] @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   udp source any source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   udp any range port1 port2 ip maskrule {deny|permit}   udp source any source-port range port1 port2   destination ip mask
{deny|permit}   udp any range port1 port2 anyrule {deny|permit}   udp source any source-port range port1 port2   destination any
{deny|permit}   udp any range port1 port2 host iprule {deny|permit}   udp source any source-port range port1 port2   destination ip 0
{deny|permit}   udp host @param[1] eq @param[2] any range @param[3] @param[4]rule {deny|permit}   udp source @param 0 source-port eq @param destination any destination-port   range @param @param
{deny|permit}   udp host @param[1] eq @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   udp source @param 0 source-port eq @param destination @param @param   destination-port range @param @param
{deny|permit}   udp host @param[1] gt @param[2] @param[3] @param[4] range @param[5] @param[6]rule {deny|permit}   udp source @param 0 source-port gt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp host @param[1] gt @param[2] any range @param[3] @param[4]rule {deny|permit}   udp source @param 0 source-port gt @param destination any destination-port   range @param @param
{deny|permit}   udp host @param[1] gt @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   udp source @param 0 source-port gt @param destination @param 0   destination-port range @param @param
{deny|permit}   udp host @param[1] lt @param[2] @param[3] @param[4] range @param[5] @param[6]rule {deny|permit}   udp source @param 0 source-port lt @param destination @param @param   destination-port range @param @param
{deny|permit}   udp host @param[1] lt @param[2] any range @param[3] @param[4]rule {deny|permit}   udp source @param 0 source-port lt @param destination any destination-port   range @param @param
{deny|permit}   udp host @param[1] lt @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   udp source @param 0 source-port lt @param destination @param 0   destination-port range @param @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] @param[4] @param[5] eq @param[6]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param @param   destination-port eq @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] @param[4] @param[5] gt @param[6]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param @param   destination-port gt @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] @param[4] @param[5] lt @param[6]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param @param   destination-port lt @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] @param[4] @param[5] range   @param[6] @param[7]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param @param   destination-port range @param @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] any eq @param[4]rule {deny|permit}   udp source @param 0 source-port range @param @param destination any   destination-port eq @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] any gt @param[4]rule {deny|permit}   udp source @param 0 source-port range @param @param destination any   destination-port gt @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] any lt @param[4]rule {deny|permit}   udp source @param 0 source-port range @param @param destination any   destination-port lt @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] any range @param[4] @param[5]rule {deny|permit}   udp source @param 0 source-port range @param @param destination any   destination-port range @param @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] host @param[4] eq @param[5]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param 0   destination-port eq @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] host @param[4] lt @param[5]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param 0   destination-port lt @param
{deny|permit}   udp host @param[1] range @param[2] @param[3] host @param[4] range @param[5]   @param[6]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param 0   destination-port range @param @param
{deny|permit}   udp host ip ip mask range port1 port2rule {deny|permit}   udp source ip 0 destination ip mask destination-port range port1 port2
{deny|permit}   udp host ip any range port1 port2rule {deny|permit}   udp source ip 0 destination   any destination-port range port1 port2
{deny|permit}   udp host ip host ip range port1 port2rule {deny|permit}   udp source ip 0 destination ip 0 destination-port range port1 port2
{deny|permit}   udp host ip range port1 port2 ip maskrule {deny|permit}   udp source ip 0 source-port   range port1 port2 destination ip mask
{deny|permit}   udp host ip range port1 port2 anyrule {deny|permit}   udp source ip 0 source-port   range port1 port2 destination any
{deny|permit}   udp host ip range port1 port2 host iprule {deny|permit}   udp source ip 0 source-port   range port1 port2 destination ip 0
{permit|deny}   icmp any anyrule {permit|deny}   icmp source any destination any
access-list number permit Protocol-number ip Wildcard ip Wildcardacl number
   
    rule permit Protocol-number source ip   Wildcard destination ip Wildcard
access-list number permit ospf any ip Wildcardacl number
   
    rule permit ospf source any destination ip Wildcard
access-list number permit ospf any host ipacl number
   
    rule permit ospf source any destination ip 0
access-list number permit tcp ip mask ip mask eq {ftp|ftp-data|telnet|www}acl number
   
    rule permit tcp source ip Wildcard   destination ip Wildcard destination-port eq   {ftp|ftp-data|telnet|www}
access-list number permit tcp ip mask ip mask eq portacl number
   
    rule permit tcp source ip Wildcard   destination ip Wildcard destination-port eq port
access-list number permit tcp ip mask eq port ip mask establishedacl number
   
    rule permit tcp source ip Wildcard   eq port destination ip Wildcard tcp-flag ack rst
access-list number permit tcp ip mask eq tacacs anyacl number
   
    rule permit tcp source ip Wildcard   eq tacacs destination any
access-list number permit tcp ip mask eq telnet ip mask   establishedacl number
   
    rule permit tcp source ip Wildcard   source-port eq telnet destination ip mask   tcp-flag ack rst
access-list number permit tcp any anyacl number
   
    rule permit tcp source any destination any
access-list number permit tcp any eq bgp  ip Wildcard   gt number establishedacl number
   
    rule permit tcp source any source-port eq bgp destination ip Wildcard destination-port gt unmber tcp-flag ack rst
access-list number permit tcp any gt port-number ip Wildcard eq bgpacl number
   
    rule permit tcp source any source-port gt unmber destination ip Wildcard   destination-port eq bgp
access-list number permit udp ip mask ip mask eq ntpacl number
   
    rule permit udp source ip Wildcard   destination ip mask destination-port eq ntp
access-list number permit udp ip mask ip mask eq snmpacl number
   
    rule permit udp source ip Wildcard   destination ip mask destination-port eq snmp
access-list number permit udp ip mask ip mask eq syslogacl number
   
    rule permit udp source ip Wildcard   destination ip mask destination-port eq syslog
access-list number permit udp any anyacl number
   
    rule permit udp source any destination any
access-list number permit udp any any eq portacl number
   
    rule permit udp source any destination any destination-port eq port
deny icmp   @param[1] @param[2] @param[3] @param[4] packet-too-bigrule {deny|permit}   icmp source @param @param destination @param @param icmp-type   fragmentneed-DFset
deny tcp host   @param[1] lt @param[2] host @param[3] range @param[4] @param[5]rule {deny|permit}   tcp source @param 0 source-port lt @param destination @param 0   destination-port range @param @param
deny udp   @param[1] @param[2] range @param[3] @param[4] any gt @param[5]rule {deny|permit}   udp source @param @param source-port range @param @param destination any   destination-port gt @param
deny udp any   eq bootpc any eq bootpsrule deny udp source   any source-port eq bootpc destination any destination-port eq bootps
deny udp any   range @param[1] @param[2] host @param[3] eq @param[4]rule {deny|permit}   udp source any source-port range @param @param destination @param 0   destination-port eq @param
deny udp host   @param[1] range @param[2] @param[3] host @param[4] gt @param[5]rule {deny|permit}   udp source @param 0 source-port range @param @param destination @param 0   destination-port gt @param
permit ip mask logrule permit source ip mask
permit icmp   any any echorule permit icmp   source any destination any icmp-type echo
permit icmp   any any echo-replyrule permit icmp   source any destination any icmp-type echo-reply
permit icmp   any any fragmentsrule permit icmp   source any destination any fragment
permit icmp   any any host-unreachablerule permit icmp   source any destination any icmp-type host-unreachable
permit icmp   any any packet-too-bigrule permit icmp   source any destination any icmp-type fragmentneed-DFset
permit icmp   any any port-unreachablerule permit icmp   source any destination any icmp-type port-unreachable
permit icmp   any any ttl-exceededrule permit icmp   source any destination any icmp-type ttl-exceeded
permit ip any   any precedence critical logrule permit ip source   any destination any precedence critical
permit ip any   any precedence flash logrule permit ip source   any destination any precedence flash
permit ip any   any precedence flash-override logrule permit ip source   any destination any precedence flash-override
permit ip any   any precedence immediate logrule permit ip source   any destination any precedence immediate
permit ip any   any precedence internet logrule permit ip source   any destination any precedence internet
permit ip any   any precedence priority logrule permit ip source   any destination any precedence priority
permit ip any   any precedence routine logrule permit ip source   any destination any precedence routine
permit ospf ip mask anyrule permit ospf   source ip mask destination any
permit ospf   any anyrule permit ospf   source any destination any
permit ospf   any host iprule permit ospf   source any destination ip 0
permit tcp ip mask eq domain host iprule permit tcp   source ip mask source-port eq domain   destination ip 0
permit tcp ip mask host ip   eq {port|ftp|ftp-data}rule permit tcp   source ip mask destination ip 0 destination-port eq {port|ftp|ftp-data}
permit tcp ip mask host ip   establishedrule permit tcp   source ip mask destination ip 0 tcp-flag ack rst
permit tcp   any any eq portrule permit tcp   source any destination any destination-port eq port
permit tcp   any any fragmentsrule permit tcp   source any destination any fragment
permit tcp   any eq port anyrule permit tcp   source any destination any source-port eq port
permit tcp   any host ip eq portrule permit tcp   source any destination ip 0   destination-port eq port
permit tcp   host ip eq bgp host ip gt portrule permit tcp   source ip 0 source-port eq bgp   destination ip 0   destination-port gt port
permit tcp   host ip gt port host ip eq bgprule permit tcp   source ip 0 source-port gt port destination ip 0 destination-port eq bgp
permit udp ip mask eq {tacacs|domain} host iprule permit udp   source ip mask source-port eq   {tacacs-ds|domain} destination ip 0
permit udp ip mask host ip   eq {snmp|snmptrap|syslog}rule permit udp   source ip mask destination ip 0 destination-port eq   {snmp|snmptrap|syslog}
permit udp ip mask host ip   eq portrule permit udp   source ip mask destination ip 0 destination-port eq port
permit udp ip mask host ip   eq tacacsrule permit udp   source ip mask destination ip 0 destination-port eq tacacs-ds
permit udp   any any eq {port|ntp|snmp|snmptrap|syslog}rule permit udp   source any destination any destination-port eq {port|ntp|snmp|snmptrap|syslog}
permit udp   any any eq fragmentsrule permit udp   source any destination any destination-port eq fragments
permit udp   any eq {port|ntp} anyrule permit udp   source any source-port eq {port|ntp} destination any
permit udp   any eq bootpc ip mask eq bootpsrule permit udp   source any source-port eq bootpc destination ip mask   destination-port eq bootps
permit udp   any host ip eq portrule permit udp   source any destination ip 0   destination-port eq port
permit udp   host ip eq ntp host iprule permit udp   source ip 0 source-port eq ntp   destination ip 0
permit udp   host ip host ip eq portrule permit udp   source ip 0 destination ip 0 destination-port eq port
permit udp   host ip range port1 port2 host ip   eq portrule permit udp   source ip 0 source-port range port1 port2 destination ip 0 destination-port eq port
remark stringdescription string
mac   access-list extended access-list-numberacl name access-list-number link
key chain keychain-namekeychain keychain-name
key key-idkey-id key-id
key-string 7   cipher cipher-textkey-string cipher cipher-text
aaa new-modelaaa
aaa   authentication dot1x default group radiusauthentication-scheme   default
    authentication-mode radius
aaa   authentication enable default group tacacs+ enable noneauthentication-scheme   default
    authentication-mode hwtacacs none
aaa   authentication login default group radiusauthentication-scheme   default
    authentication-mode radius
aaa   authentication login default group tacacs+authentication-scheme   default
    authentication-mode hwtacacs
aaa   authentication login default group tacacs+ local enableauthentication-scheme   default
    authentication-mode hwtacacs local
aaa   authorization commands privilege-level default group tacacs+ if-authenticatedauthorization-scheme   default
    authorization-cmd privilege-level hwtacacs
    authorization-mode hwtacacs local if-authenticated
aaa   authorization exec default group {radius|tacacs+}authorization-scheme   default
   
    authentication-mode {radius|hwtacacs}
aaa   authorization exec default group tacacs+authorization-scheme   default
    authorization-mode hwtacacs
aaa   authorization exec default group tacacs+ local if-authenticatedauthorization-scheme   default
    authorization-mode  hwtacacs local   if-authenticated
aaa   authorization network default group {radius|tacacs+}authorization-scheme   default
    authorization-mode {radius|hwtacacs}
aaa   authorization network default group tacacs+authorization-scheme   default
    authorization-mode hwtacacs
aaa   accounting exec default start-stop group {radius|tacacs+}accounting-scheme   default
    accounting-mode {radius|hwtacacs}
    recording-scheme
recording-scheme-name
    cmd recording-scheme recording-scheme-name
aaa   accounting exec default start-stop group tacacs+accounting-scheme   default
    accounting-mode hwtacacs
    recording-scheme
recording-scheme-name
    recording-mode hwtacacs
template-name
    cmd recording-scheme recording-scheme-name
aaa   accounting network default start-stop group {radius|tacacs+}accounting-scheme   default
    accounting-mode radius
    recording-scheme
recording-scheme-name
    cmd recording-scheme recording-scheme-name
aaa   accounting network default start-stop group tacacs+accounting-scheme   default
    accounting-mode hwtacacs
   
    recording-scheme
recording-scheme-name
   
    recording-mode hwtacacs
template-name
   
    cmd recording-scheme recording-scheme-name
username username password passwordlocal-user local-user password simple password
username local-user-name password 0 passwordlocal-user local-user-name password simple password
username local-user-name password 7 passwordlocal-user local-user-name password cipher password
username local-user-name privilege level password 0 passwordlocal-user local-user-name password simple password
    local-user local-user-name privilege level level
username local-user-name privilege level password 7 passwordlocal-user local-user-name password cipher password
    local-user local-user-name privilege level level
username local-user-name privilege level secret 0 passwordlocal-user local-user-name password simple password
    local-user local-user-name privilege level level
username local-user-name privilege level secret 5 passwordlocal-user local-user-name password cipher password
    local-user local-user-name privilege level level
username username privilege levellocal-user local-user privilege level level
ip http   authentication locallocal-user local-user-name service-type http
ip ftp   username namelocal-user name service-type ftp
ip dhcp relay   information option82dhcp option82 insert   enable
dot1x   port-control autodot1x enable
storm-control   {broadcast|multicast|unicast} pps max-rate-value min-rate-valuestorm-control   {broadcast|multicast|unicast} min-rate min-rate-value max-rate max-rate-value
storm-control   action shutdownstorm-control action   shutdown
storm-control   action trapstorm-control enable   trap
dot1x   port-control-mode port-basedot1x port-method   port
area area-id authentication   message-digestarea area-id
    authentication-mode md5
enable   services ssh-serverstelnet server enable
[no] ip   unreachables[undo] icmp   host-unreachable send

  • x
  • convention:

Finn92 Created Dec 29, 2018 13:40:12 Helpful(0) Helpful(0)

good sharing , it's for USG configuration translation , thanks a lot .
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

Login and enjoy all the member benefits

Login
Fast reply Scroll to top