3Com Router User Manual

							Configuration File Management47
After the display version command is used, the information on the slot 
displays:
card name Driver need to be updated
On-line upgrading uses the upgrading program of other cards and this card will 
not be upgraded on-line. The Console displays the following prompt information:
%Error: File ID error!
If the on-line upgrading file is damaged, the card cannot be upgraded on-line. The 
Console displays the following prompt information:
%Error: File CRC error!
If another user on the same card is using the on-line upgrading command input, 
this user cannot execute the command. The Console displays the following 
prompt information:
The indicated board is at updating status
Configuration File 
ManagementThis section contains information on configuration file management.
Content and Format of 
the Configuration FileThe configuration file is a text file, with the following format:
■Saved in command format.
■To save space, only the parameters are saved but the defaults are not saved 
(Please refer to the following chapters for the default values of configuration 
parameters.).
■Commands are organized by views. Commands in the same view are organized 
together, forming a section, and sections are separated with a blank line or a 
comment line (beginning with “!”).
■Sections are usually arranged in the following order: global configuration, 
physical interface configuration, logical interface configuration, route protocol 
configuration, etc.
■Ended with “return”.
Download 
Configuration FileYou can edit the configuration files offline following the specified format and then 
load them onto the router. Three methods are available for loading configuration 
files, which are:
■XModem approach
■TFTP approach
■FTP approach
XModem Approach
With this approach, configuration files can be loaded using the download config 
command in the terminal emulation program after booting the router. This 
command can only be executed in the terminal emulation program. If executing 
the command in Telnet, the following prompt will be displayed:
Download can only be executed by the serial terminal client.
Perform the following command in system view. 
						

							48CHAPTER 3: SYSTEM MANAGEMENT
Ta b l e 21   Load configuration files
Follow these steps in the terminal emulation program:
1Enter the command and make the confirmation.
[Router] download config
Do you want really download the config.ini?(Y/N)y
2Set the binary transmission protocol to XModem/CRC.
Change Protocol to Xmodem,then Send the Selected File...
3Transmit the configuration files to the router in the binary format.
Downloading...CCC
4Save the loaded files into the Flash, if the loading operation is successful.
Download completed.
Writing to flash memory...
5Reboot the router as prompted to validate the configuration files.
Write completed, please reboot the router.
When performing offline editing and loading of configuration files, you are 
recommended to do it under the guidance of technical support personnel. If a 
wrong configuration file is loaded, restore the default configuration by erasing the 
configuration file in the Flash or NVRAM (depending on the equipment). 
TFTP Approach
With this approach, you can use the get command to download the configuration 
files from the TFTP server after booting the router.
Like the preparation done before loading the 3Com Router main program with 
TFTP, the TFTP server application should be enabled on the PC, and the transferring 
path for downloading the configuration files, IP address of the server host, and the 
number of the port to be used should be set. After all these preparation tasks have 
been completed, you can perform the following configuration on the router. For 
the procedure, refer to Upgrading with TFTP.
Perform the following command in system view.
Ta b l e 22   Download configuration files from a TFTP server
FTP Approach
The procedure of loading configuration files with FTP is the same as loading the 
main 3Com Router program software with FTP, except for the files to be loaded. 
When loading configuration files with FTP, however, the 
step 6 described in “FTP 
Approach”on page 41 should be modified as follows:
OperationCommand
Loads configuration filesdownload config
OperationCommand
Loads configuration files from a TFTP serverget tftp-server-ip-addr file-name 
config 
						

							Configuration File Management49
At the prompt of “ftp>”, use the put LocalFile [ RemoteFile ] command to 
upload the specified file to the router. RemoteFile should use the name of the 
config file on the router, and the name is case sensitive. You can use the 
ftp-server config-name command to modify the file name on the router. For 
details, refer to 
Configure FTP.
Back up Configuration 
FilesYou can back up configuration files in the following ways:
■The display current-configuration command output backup approach
■The TFTP approach
■The FTP approach
The display current-configuration command output backup approach
Executing the display current-configuration command displays all the 
configurations (except for the default configuration) of the router. In Hyper 
terminal, simply copying all the displayed configuration information to a text file 
will fulfill the purpose of backup. 
You can back up the configuration file by copying and saving the contents 
displayed below “Current configuration” into a text file.
TFTP approach
First of all, start the TFTP server application program on a PC (the router should be 
connected to the PC directly or indirectly, and ping operation can be performed 
between them), then set a path and use the 
copy command in the system view, 
thus, you can upload the configuration files to the TFTP server from the router. The 
method is often used in remote maintenance.
Perform the following command in system view.
Ta b l e 23   Upload configuration files to a TFTP server
FTP approach
The procedure of loading configuration files with FTP is the same as loading the 
main 3Com Router program software with FTP, except for the files to be loaded. 
See 
“FTP Approach” on page 41 for reference. When loading configuration files 
with FTP, however, the Step 6 described in “FTP Approach” on page 41 should be 
modified as follows:
At the prompt of ftp>, use the get RemoteFile [LocalFile] command to 
upload the specified file to the router. RemoteFile should use the same name of 
the config file on the router, and the name is case sensitive. You can use the 
ftp-server config-name command to modify the file name on the router. For 
details, refer to 
Configure FTPConfigure FTP.
ftp> get config config.bak
200 Port command okay.
150 Server okay , now transmit file .
OperationCommand
Upload configuration files to the TFTP server 
with a specified address and specify the 
name for the uploaded filecopy tftp-server-ip-addr 
file-name config 
						

							50CHAPTER 3: SYSTEM MANAGEMENT
226 file transmit success.
ftp: 735 bytes received in 0.06Seconds 12.25Kbytes/sec.
View Current and Saved 
Configuration of the 
RouterDuring the power-on of the router, read the configuration files from Flash (or 
NVRAM) to initialize the router. Therefore, the configuration file in Flash (or 
NVRAM) is called initial configuration. If there is no configuration file in Flash (or 
NVRAM), the router will use default parameters for initialization. Corresponding to 
initial configuration, the configuration immediately effective during the running 
process of the router is called current configuration.
In general, the initial configuration and current configuration should be the same. 
In the case of upgrading (such as upgrading the host software version or board), 
the initial configuration might be different from the current configuration. Then 
you should save the initial configuration in time to avoid the loss of some 
configuration commands.
The following commands can be used in all views.
Ta b l e 24   View router configuration
View and Select the 
Storage Media of 
Configuration FileThe the 3Com Router series has two kinds of media, i.e. Flash and NVRAM, to 
store configuration files. Either can be selected with the 
configfile command to 
serve as the storage media of configuration file. The current media can be viewed 
by the 
display current-configuration command.
Please use the following commands in corresponding views.
OperationCommand
View the initial configuration of the routerdisplay saved-configuration
View the current configuration of the routerdisplay current-configuration
View the current system configuration of the 
routerdisplay current-configuration 
global
View all the current interface configuration of 
the routerdisplay current-configuration 
interface type [ number ] 
View the current IP routing and routing policy 
configuration of the routerdisplay current-configuration ip 
{ route | route-policy }
View all the routing protocol configuration of 
the routerdisplay current-configuration 
protocol protocol 
View the current IKE proposal configuration of 
the routerdisplay current-configuration 
ike-proposal
View the current IPSec policy configuration of 
the routerdisplay current-configuration 
ipsec-policy
View the current IPSec proposal configuration of 
the routerdisplay current-configuration 
ipsec-proposal
View the current fr-class configuration of the 
routerdisplay current-configuration 
fr-class 
View the current voice configuration of the 
routerdisplay current-configuration 
voice { aaa | access-number | 
acct-method | cdr } 
						

							Configuration File Management51
Ta b l e 25   Select and view the storage media of configuration file
If there is only one type of storage media available, the configfile command will 
not be effective.
Modify and Save 
Current ConfigurationUsers can modify the current configuration of the router via the command line 
interface. To save the current configuration as initial configuration for the next 
power-on, use the 
save command to save the current configuration in Flash or 
NVRAM, which will be decided by the 
configfile command.
Please use the following command in system view.
Ta b l e 26   Save current configuration
Erase Configuration File 
in Storage MediaThe delete command can be used to delete the configuration file in Flash or 
NVRAM of the router. After deleting the configuration files, the router will use the 
default configuration parameters for initialization during the next power-on. The 
configuration file in Flash or NVRAM can be deleted in the following cases:
■After upgrading, if the router software does not match with the configuration 
file.
■If the configuration file in Flash or NVRAM is damaged, for example, the wrong 
configuration file is loaded.
Please use the following command in system view.
Ta b l e 27   Erase the configuration file in storage media.
Set the Flag Bit to Enter 
the Initial Setup Modefirst-config set is used to set the flag bit of the initial setup. After the flag bit 
is set, the router will delete the config files in Flash or NVRAM before the system 
enters setup mode, in case of powering off, and reset. The operation is similar to 
the 
delete command.
first-config reset is used to cancel the setting of the flag bit.
Do not use this command before the save command, which also cancels the 
setting of the flag bit.
Use these commands in system view.
OperationCommand
Select the storage media of configuration file (in system 
view)configfile { flash | 
nvram }
View the storage media type of current configuration file 
(in all view)display configfile
OperationCommand
Save current configurationsave
OperationCommand
Erase the configuration file in storage mediadelete 
						

							52CHAPTER 3: SYSTEM MANAGEMENT
Ta b l e 28   Set/clear the flag bit to enter the initial setup
By default, no flag bit for entering the initial setup mode is set.
Configure FTP FTP (File Transfer Protocol), which belongs to the application layer protocol in the 
TCP/IP protocol suite, mainly provides file transfer between remote hosts. Borne 
on TCP, FTP provides reliable and connection-oriented data transfer service but 
does not provide access authorization and authentication mechanism.
When the client originates control connection to a server (with port command) 
and establishes control connection with the server port numbered 21 via an 
arbitrarily allocated local protocol port number, this connection will be reserved 
until data transfer is complete. The server establishes data connection with the 
client via port 20 and transfer data.
The 3Com Router 1.x provides FTP service, that is, the router serves as the FTP 
server. Users can run the FTP client application and logon to the router to access 
files on the router.
Before using FTP, users need to install the FTP Client application. You need to 
purchase the FTP Client application as this is not supplied as part of the 3Com 
Router series.
Configure FTP ServerFTP server configuration includes:
■Configure authentication and authorization of the FTP server
■Start FTP server
■Upload the configuration file/program file
■Download the configuration file/program file
■Configure the running parameters of FTP server
Configure authentication and authorization of FTP server
1Set the authentication mode of the FTP server
The authorization information of the FTP server is the top-level working directory 
of FTP users. Only authenticated and authorized users can enjoy the service of the 
FTP server. The 3Com Router 1.x configures authentication and authorization of 
the FTP user using AAA. If no AAA is configured, the local user authentication is 
adopted by default.
When using AAA, the router cannot perform local accounting. Therefore, when 
using local authentication, you need to open the accounting option switch to 
disable the accounting function.
Please configure with the following commands in system view.
OperationCommand
Set the flag bit to enter initial setup modefirst-config set
Clear the flag bit of initial setup modefirst-config reset 
						

							Configure FTP53
Ta b l e 29   Set the authentication mode of FTP server
2Add FTP authorized user name and password
Input the following command in system view.
Ta b l e 30   Add FTP authorized user name and password
For a detailed introduction to the above command, please refer to the chapter 
“AAA and RADIUS Configuration” in the Security section of this manual.
Start FTP Server
The FTP server can be started after configuring the authentication and 
authorization of the FTP server. The FTP server supports multi-user access 
simultaneously. The remote FTP user sends a request to the FTP server, which will 
execute a corresponding action and return the execution result to the user.
Enter the following commands in system view.
Ta b l e 31   Start FTP server
Configure Parameters of FTP Service
Configure FTP service parameters according to system running status, so as to 
make proper use of system resources.
1Set the file name on FTP server
Before the file is uploaded or downloaded, the name of the 
program/configuration file should be set on the router.
Please enter the following commands in system view.
Ta b l e 32   Set the file name on FTP server
OperationCommand
Start AAA serveraaa-enable
Disable AAA serverundo aaa-enable
Turn on the accounting selection switchaaa accounting-scheme optional
Turn off the accounting selection switchundo aaa accounting-scheme 
optional
Set local authentication for PPP connectionaaa authentication-scheme login 
default local
OperationCommand
Add FTP authorized user name and 
passwordLocal-user username service-type ftp 
password {simple | cipher } password
Delete FTP userundo user username
OperationCommand
Start FTP serverftp-server enable
Disable FTP serverundo ftp-server
OperationCommand
Set the program file name on FTP serverftp-server system-name file-name
Set the configuration file name on FTP serverftp-server config-name file-name 
						

							54CHAPTER 3: SYSTEM MANAGEMENT
The names of the program/configuration file are “system” and “config” 
respectively by default. In the command, file-name is a character string with the 
length of 1 to 30.
2Set FTP update mode
When logging onto the FTP Server from a PC, you can use the put command to 
upload the file. The FTP Server adopts two update modes: fast update mode and 
normal update mode.
■Fast update mode: In this mode, after the FTP Server has received the files 
uploaded by the user, it will write the files into Flash. Even when the power is 
disconnected during the period of transmitting the files, the existing files in the 
router will not be destroyed.
■Normal update mode: In this mode, the FTP Server writes the files uploaded by 
the user into Flash as it receives the files. The existing files in the router may be 
destroyed due to power disconnection. Compared with fast update mode, the 
system demands less empty memory in the router when working in normal 
update mode.
Please perform the following configuration in system view.
Ta b l e 33   Set FTP update mode
By default, the FTP server adopts fast update mode.
3Set the connection time limit of FTP service.
To prevent illegal access by unauthorized users, if no service request from the FTP 
client is received within a certain period, connection with this FTP client will be 
disconnected.
Please enter the following command in system view.
Ta b l e 34   Set the connection time limit of FTP service
The connection time limit of FTP server is 600 seconds by default.
Force to shut down FTP process
In some cases (such as use of FTP by a malicious user), the administrator user 
logging from the Console port can use 
kill ftp command to disconnect the link 
from the FTP user to the router. Use caution when executing this command.
Please perform the following configuration in system view.
Ta b l e 35   Force to shut down FTP process
OperationCommand
Set FTP update modeftp-server update { fast | normal }
OperationCommand
Set the connection time limit of FTP serviceftp-server timeout seconds
OperationCommand
Force a shut down of the FTP processkill ftp 
						

							Configure FTP55
Display FTP ServerTa b l e 36   Display FTP server
OperationCommand
Display the configuration status of current FTP 
serverdisplay ftp-server
Display detailed information of the FTP userdisplay local-user 
						

							56CHAPTER 3: SYSTEM MANAGEMENT