| Standard. Configure a standard Access Control List (ACL) to permit or deny source IP addresses. |
| Extended. Configure an extended Access Control List (ACL) to permit or deny traffic based on source and destination IP addresses, IP protocol, and TCP/UDP ports. |
| Configure TACACS+ as the accounting method for recording information about user activities. |
| Configure an admin account for management access to ACOS. |
| Set lockout parameters for admin sessions. |
| Clear current ACOS admin sessions. |
| Create a static ARP entry. |
| Change the aging timer for dynamic ARP entries. |
| Configure command auditing. |
| Configure a console authentication type. |
| Configuration authentication of admin enable (Privileged mode) access. |
| Place admins into the CLI directly at the Privileged EXEC level following successful authentication. The admin does not need to navigate to the Privileged EXEC level from the User EXEC level. |
| Enable tiered authentication. |
| Configure support for multiple concurrent admin sessions using the same account. |
| Set the authentication method used to authenticate administrative access to ACOS. |
| Configure authorization for controlling access to functions in the CLI. The ACOS device can use TACACS+ for authorizing commands executed under a specified privilege level. This command also allows you to specify the level for authorization debugging. |
| Configure log backup options and save a backup of the system log. |
| Configure and save file access information for backup. When you back up system information, you can save typing by specifying the name of the store instead of the options in the store. |
| Back up the system. The startup-config file, and SSL certificates and keys will be backed up to a tar file. |
| Schedule periodic backups. |
| Set the banners to be displayed when an admin logs onto the CLI or accesses the Privileged EXEC mode. |
| Enables echo support for Bidirectional Forwarding Detection (BFD). |
| Globally enable BFD packet processing. |
| Configure BFD timers. |
| The commands in this section apply globally to the BGP process running on the ACOS device. |
| Specify the boot image location from which to load the system image the next time the Thunder Series is rebooted. |
| Repair the master boot record (MBR) on the hard drive or compact flash. |
| Configure a bridge VLAN group for VLAN-to-VLAN bridging. |
| This command configures DDoS packet capture so that the packets causing DDoS violations can be reviewed and analyzed. |
| Configure a class list. |
| Convert configuration profile from version 3.0/3.1 to 3.2. |
| Copy a running-config or startup-config. |
| Configure DDoS Mitigation settings. |
| Legacy debug command. It is recommended to use the AXdebug subsystem instead of these commands. |
| Delete an axdebug capture file. |
| Display a side-by-side comparison of the commands in a pair of locally stored configurations. |
| Disable fail-safe monitoring for software-related errors. |
| Disable management access to specific protocols on specific Ethernet interfaces. |
| Run a Privileged EXEC level command from a configuration level prompt, without leaving the configuration level. |
| Create a group of related configurations |
| Create a domain classification list. |
| Change the file size of core dumps. |
| Enable management access to specific protocols on specific Ethernet interfaces. |
| Set the enable password, which secures access to the Privileged EXEC level of the CLI. |
| Return to the Privileged EXEC level of the CLI. |
| Configure the temperature condition under which a log is generated. |
| Configure the hardware polling interval for fault detection and log generation. |
| Erase the startup-config file. This command returns the device to its factory default configuration after the next reload or reboot. |
| Return to the Privileged EXEC level of the CLI. |
| Export a file to a remote site using the specified transport method. |
| Export file to a remote site periodically. |
| Configure fail-safe automatic recovery. |
| Control fan speed setting. |
| Configure a Global Limit ID (GLID). A GLID is a set of traffic limits that can be used with other features, such as DDoS Mitigation. |
| Enable hard disk monitoring on your ACOS device. |
| Set the ACOS device’s hostname. |
| Configure ICMPv6 rate limiting for IPv6 to protect against denial-of-service (DoS) attacks. |
| Configure ICMP rate limiting, to protect against denial-of-service (DoS) attacks. |
| Get a file from a remote site. |
| Get files from a remote site periodically. |
| Access the CLI configuration level for an interface. |
| Configure global IP settings. |
| Configure Intelligent Platform Management Interface (IPMI) settings on the ACOS device. |
| Configure global IPv6 settings. |
| Configure a key chain for use by routing authentication features. |
| Configure an LACP tunnel for LACP passthrough. This feature allows the ACOS device to forward traffic on one trunk that originates on another trunk that is down. With this feature, if an LACP trunk goes down, the other trunk is used to continue connectivity for the traffic. |
| Set the Link Aggregation Control Protocol (LACP) priority. |
| Set Lightweight Directory Access Protocol (LDAP) parameters for authenticating administrative access to the ACOS device. |
| Link the “startup-config” token to the specified configuration profile. By default, “startup-config” is linked to “default”, which means the configuration profile stored in the image area from which the ACOS device most recently rebooted. |
| Enable the Link Layer Detection Protocol (LLDP). You can enable LLDP to either receive only, transmit only, or transmit and receive. |
| Specify the hostname or IP address and Ethernet interface to use as the management interface for the LLDP agent on the ACOS device. |
| Configure the interval between transmission of LLDP notifications during normal transmission periods. (In the IEEE 802.3AB specification, this the msgTxInterval parameter.) |
| Defines the alpha-numeric string that describes the system in the network. |
| Defines the string that will be assigned as the system name. |
| Set the initial value for the txFast variable, which determines the number of LLDP data packets that are transmitted during a fast transmission period. (In the IEEE 802.3AB specification, this the txFastInit parameter.) |
| Configure the LLDP PDU transmission interval for fast periods. (In the IEEE 802.3AB specification, this the msgFastTx parameter.) |
| Configure the time to live (TTL) transmission interval that is carried in LLDP frames during normal (non-fast) periods. (In the IEEE 802.3AB specification, this the msgTxHold parameter.) |
| Configure the LLDP packet transmit interval. (In the IEEE 802.3AB specification, this the msgTxInterval parameter.) |
| Configure the delay between a change to administrative “disabled” status of LDDP and reinitialization of the protocol. |
| Set the locale for the current terminal session. |
| Configure audit logging to an external server. |
| Configure the event log on the ACOS device. |
| Set the logging level for messages sent to the console. |
| Specify the email addresses to which to send event messages. |
| Configure log email settings. |
| Configure a filter for emailing log messages. |
| Send the messages that are in the event buffer to an external file server. |
| Enable logging facilities. |
| Specify a Syslog server to which to send event messages. |
| Set the logging level for messages sent to the terminal monitor. |
| Set the syslog logging level for events sent to the syslog host. |
| Set the logging level for traps sent to the SNMP host. |
| Configure a static MAC address. |
| Set the aging time for dynamic (learned) MAC entries. An entry that remains unused for the duration of the aging time is removed from the MAC table. |
| Change the maximum number of paths a route can have in the Forwarding Information Base (FIB). |
| Specify a port to receive copies of another port’s traffic. |
| Specify event thresholds for utilization of resources. |
| Enable simultaneous admin sessions. |
| Enable use of more than one CPU for control processing. |
| Specify the maximum amount of time ACOS can hold onto a NetFlow record packet in the queue before sending it to the NetFlow collector. ACOS holds a NetFlow packet in the queue until the packet payload is full of record data or until the queue timer expires. |
| Configures the algorithm that Netflow uses to sample traffic. The only option is the random algorithm. |
| Enable ACOS to act as a NetFlow exporter, for monitoring traffic and exporting the data to one or more NetFlow collectors for analysis. |
| Remove a configuration command from the running configuration. |
| Configure Network Time Protocol (NTP) parameters. |
| Get the status of the NTP servers. |
| Configure a remote tunnel endpoint for remote sites where protected objects reside. This can be used in conjunction with OSPF neighbor adjacency via GRE or VXLAN tunnels. |
| Deletes a self-signed certificate or the CSR file. |
| Set RADIUS parameters, for authenticating administrative access to the ACOS device. |
| Restore the startup-config, aFleX policy files, <<when aFlex support is added>> and SSL certificates and keys from a .tar file previously created by the backup command. The restored configuration takes effect following a reboot. |
| Configure router logging to a local file. |
| Sends router logs to the logging buffer. |
| Enter the configuration mode for a dynamic routing protocol. |
| Configure a route map. |
| Enable display of file information in the running-config. |
| Access the hardware diagnostics menu. |
| Configure parameters for sFlow packet sampling. |
| On the Thunder 14045 device with dual processing modules, this command causes all traffic to be processed by the master only. |
| Configure a Simple Mail Transfer Protocol (SMTP) server to use for sending emails from the ACOS device. |
| Configures the time to establish an SSH connection. |
| Perform an SSHD operation on the system. |
| Set the global traffic limits for all VLANs. The limit applies system-wide to all VLANs; collectively, all ACOS device VLANs cannot exceed the specified limit. |
| Enable logging for packet anomaly events. This type of logging applies to system-wide attacks such as SYN attacks. |
| Configures fail-safe parameters for the Layer 2/3 ASIC. |
| Enable logging for DDoS attacks. This type of logging applies to violations of DDoS Mitigation rules. |
