Cisco vs Huawei Essential Command Mapping


What I LIKE in Huawei after few weeks using it
-open SFP
that mean you can use any sfp brand, it will not complain, but I don’t know that will void warranty
in Aruba you can use 3rd party sfp but that will void warranty
in Ruckus open SFP as well but won’t void warranty
-1 year warranty
like Cisco
unlike Aruba and Ruckus which is limited lifetime warranty (the best in warranty, you can have 100 years warranty)
-price could be cheaper than anything else
that’s why most countries using it nowadays
-almost all the switches are L3 switch
if you want more feature such as vxlan, just add license
-telco in mind
you can have AC or DC power module in the back. if you want to change AC to DC, just add DC module
if you want more poe power just add two AC power modules
it has anti static port in the back

-save need in User mode
unlike Cisco that you type “do wr me” in config mode
unlike Aruba that you just type “wr me” in any mode
-who answer in forum is not technical enough compare to Cisco and Aruba forum

[no equivalent: shows the files used for startup]display startup (user mode)
bootboot bootrom
clear access-list countersreset acl counter all (user mode)
clear countersreset (user mode)
clear cryptoipsec sa
ike sa
clear interfacereset counters interface
clear ip bgpreset bgp all
clear ip cefreset ip fast-forwarding
clear ip route *reset ip routing-table statistics protocol all
conf tsystem-view
copy running-configsave filename
debug / no debugdebugging / undo debugging
debug pvc negodebug atm all (very dangerous – might crash router)
disablesuper 0 (number is privilege level from 0 to 3, where 3 is default and equivalent to “enable” on Cisco)
enable secret (conf mode)super pass cipher (system mode)
endreturn or ctrl+z
ip tacacshwtacacs nas-ip (this command doesn’t exist !!!)
router bgpbgp
router riprip
sendsend (user mode)
show atm pvcdisplay atm pvc-info
show clockdisplay clock
show controllerdisplay controller (but not relevant for non-modular chassis)
show crypto isakmp keydisplay ike peer
show crypto isakmp policedisplay ike proposal
show crypto isakmp sadisplay ike sa
show dsl int atm 0display dsl status interface atm 2/0
show flashdir flash: (user mode)
show frame-relay pvcdisplay fr pvc-info
show interfacesdisplay interface
show ip bgpdisplay bgp routing-table
show ip interfacedisplay ip interface
show ip nat translationdisplay nat session
show ip routedisplay routing-table
show loggingdisplay logbuffer
show policy-map interfacedisplay qos policy interface
show portdisplay port-mapping
show snmpdisplay snmp-agent statistics
show startupdisplay saved-configuration
show techdisplay diagnostic-information
show usersdisplay users
show versiondisplay version
snmp-servertftp-server (system mode)
tacacs-serverhwtacacs scheme (system mode)
terminal lengthscreen-length disable
undo screen-length disable
terminal monitorterminal debugging (user mode)
terminal no monitorundo terminal debugging (user mode)
write erasereset saved-configuration
write mem (or wr or copy run start)save
write terminal (sh run)display current-configuration

Ruckus ICX Rollback

I am curios on how to do rollback config in Ruckus when you didn’t cancel the job anything within 1hr.
That feature is standard in Juniper since long time a go
That is useful when you do remotely. In case you miss configure something like netmask that causing you disconnected and impossible for you to reconnect unless you console manually.

After post my question into Ruckus forum, Ruckus employee said that feature is not available.

Got an idea from how Aruba did rollback.
Two things I need to solve which are alias and cron job.
Smarter guy answer my post and here the steps although not perfect enough

to create an alias
#conf t
#alias bkup=copy flash flash file startup-config backup
#alias restor=copy flash flash file backup startup-config
to create a cron job
#conf t
#batch buffer 1 &
#restor &
#execute batch 1 after 00:00:01
#sh batch schedule
Batch buffer 1 will be executed 0 days 0 hours 0 minutes 52 seconds from now
NOTE:can’t put reload on batch

to reload after 2min
#reload 00:00:02
Those steps achieve my goal but almost perfect because
1. I can’t put reload in batch (see notes above), that’s why I need to put batch and reload in consecutive order

2. will be better if I can copy backup to running-config directly
I can do that but not affect current running-config
for example
current hostname SW1
wr me
copy startup-config to backup
change hostname to SW2
copy backup to running-config
those wont change my running hostname

Automatically backup config to scp or tftp when “write mem”

In Cisco, I can automatically backup config using scp or tftp to other location every time I issue “wr me”

How to achieve the same in other brand?

path scp://root:eve@$h










Option 43 DHCP

To give ip address info of wireless controller in DHCP.
We need to set it in Option 43.

Each Option 43 settings is different for Cisco, Ruckus or Ubiquity.

Cisco DHCP
ip dhcp pool yournet
  option 60 ascii “ArubaAP”
# 01: suboption
# 04: length of the payload (must be 4 bytes)
# in hex = c0a80001

result: option 43 hex 0104c0a80001

The same Option is used to Disable NetBios via DHCP
Mikrotik Disable Netbios via DHCP
/ip dhcp-server option
add code=43 name=OptionDisableNetBios value=0x010400000002
/ip dhcp-server network
add address= dhcp-option=OptionDisableNetBios dns-server=\ gateway=

Reset to Factory Default

Aruba AP:
Connect the serial console breakout adapter cable to the AP Ethernet port and your PC/Laptop
Power on the AP and get into apboot mode. You’ll see the option to go into AP boot mode when the AP is booting.
From the apboot prompt, enter the following commands
apboot> purge
apboot> save
apboot> reset or boot

Aruba Controller:
#write erase all
Switch will be factory defaulted. All the configuration and databases will be deleted. Press ‘y’ to proceed : y
Do you really want to restart the system(y/n): y


There are 3 methods of restoring system defaults.
Restoring Factory Defaults:
This option will reset all system settings, including the Setup Console password. To restore factory defaults, use the following CLI command:
SGOS# restore-defaults factory-defaultsRetaining Console Settings:
This option will retain settings like console username and password, front panel pin number, console enable password, SSH host keys, keyrings used by secure console services, RIP configurations, IP address, MTU size, TCP round trip time, and static routes. To restore defaults while retaining console settings, use the following CLI command:
SGOS# restore-defaults keep-consoleRestoring Defaults through the Management Console:
If you restore defaults through the Management Console, you will lose most settings because there is no “keep console” option. To restore defaults through the Management Console, select Maintenance > General, click the Restore button, then click OK to confirm.


#erase startup-config
that only delete config but not vlan.
vlan in vlan.dat
# delete flash:vlan.dat
Delete filename [vlan.dat]?
# reload

System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]

The difficulty with clearing a switch that is cabled to other switches is removing the VLANs. When the switch
is finished reloading, it is possible for it to relearn VLANs from another connected switch that is in VTP server
or client mode.
To determine if the VLANs have been relearned, use the show vlan command.
Switch# show vlan brief
However, if the show vlan command displays nondefault VLANs after you have deleted the vlan.dat file,
your switch has learned the VLANs dynamically from another switch.
Switch# show vlan brief
VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
10 OFFICE active
20 VOICE active
30 GUEST active
50 SERVERS active
100 MGMT active
200 TRANS active
900 NATIVE active
999 UNUSED active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

To eliminate these VLANS, shut down all interfaces and remove the existing VLANs.
Switch(config)# interface range FastEthernet 0/1 – 24
Switch(config-if-range) # shutdown
Switch(config-if-range)# interface range GigabitEthernet 0/1 – 2
Switch(config-if-range) # shutdown
Switch(config-if-range) # exit
Switch(config) # no vlan 2-999
to delete config.text (config and password) from ROMMON
1. press Mode button within 15s
switch>delete flash:config.text


(config)# configure factory-default

If you didn’t specify ip address, then inside interface ip address will be
Cisco CAPWAP/LWAP Access Point
rommon 1 > confreg 0x2142
You must reset or power cycle for new config to take effect
rommon 2 > reset
Would you like to enter the initial configuration dialog? [yes/no]: no
#copy start run
Destination filename [running-config]?
#conf t
(config)#enable secret cisco
(config)#config-register 0x2102
Proceed with reload? [confirm]Cyberoam:
If you forget Web and Console password, type RESET as password in console
Password: RESET
Please read this carefully:
You are about to reset the system back to factory default configuration.
* The new CLI password will be ‘admin’.
* All network interfaces will get up with the factory default configuration.
* Appliance registration will NOT be affected by this.
* Other firmware’s configuration will NOT be affected by this.
* Post reset, this will reboot the system.
Main Menu
1.  Reset configuration
2.  Reset configuration and signatures
3.  Reset configuration, signatures and reports
0.  Exit
Select Menu Number [0-3]: 1F5:

You may occasionally need to remove the current BIG-IP configuration and restore the system to the factory default setting. To do so, you can use the tmsh load sys config default command. The tmsh load sys config default command saves the currently-running configuration to the /var/local/scf/backup.scf file, and then loads the /defaults/defaults.scf file to restore the configuration to factory default settings.

Note: The tmsh load sys config default command retains certain configuration elements such as those that are necessary to maintain basic administrative functionality.

When you restore the BIG-IP configuration to factory default settings, the system performs the following tasks:

Removes all BIG-IP local traffic configuration objects
Removes all BIG-IP network configuration objects
Removes all non-system maintenance user accounts
Retains the management IP address
Removes system maintenance user account passwords (root and admin)
Retains the BIG-IP license file
Retains files in the /shared partition
Retains manually-modified bigdb database variables
To restore the BIG-IP configuration to the factory default setting, perform the following procedure.

Restoring the BIG-IP configuration to the factory default setting

Impact of procedure: This procedure removes all BIG-IP local traffic and network configuration objects.

scp /config/bigip.license to your pc first
(tmos)#load sys config default
Reset the system configuration to factory defaults? (y/n)y
(tmos)#save sys config partitions all
To restore config

(tmos)#load sys ucs test.ucs no-license

# execute factoryreset


The user can restore the factory default configuration either on the switch itself, or through the switch console.
To execute the factory default reset on the switch, perform these steps:
-Using pointed objects, simultaneously press both the Reset and Clear buttons on the front of the switch.
-Continue to press the Clear button while releasing the Reset button.
-When the Self Test LED begins to blink, release the Clear button.
-The switch will then complete its self test and begin operating with its configuration restored to the factory default settings.

To restore the factory default configuration using the console, execute the erase startup-config command from the console command prompt.


root@host# delete
root@host# load factory-default
root@host# set system root-authentication plain-text-password
root@host# commit and-quit
root@host> request system rebootMikrotik[admin@MikroTik] >/system reset-configurationMikrotik:
[admin@MikroTik] >/system reset-configurationPaloAlto:
1. Connect Console cable (9600,8,n,1) to Console port
2. Power on or reboot device
3. During the boot sequence, the screen should look like this
12-May 12.30.38
4. Type maint to enter maintenance mode.
12-May 12.32.16
5. In maintenance mode, this should appear on the screen:
12-May 12.33.25
6. Press enter and this menu should appear
12-May 12.35.27
7. Select Factory Reset and press enter:
12-May 12.36.16




1. set your pc ip to and connect ethernet cable to LAN
2. Unfold a paperclip and insert the end of the object into the hole where the reset button resides. The hole is located on the back of the appliance, usually positioned by the power switch or indicator lights.
Push and hold the reset button for 10 seconds, then navigate to in a web browser to reconfigure the appliance
Click the boot icon by “Current Firmware with Factory Default Settings” to restore the SonicWALL to its original configuration.
If the web-based configuration page prompts you to log in to the appliance, enter “admin” (without the quotations) into the Username field and “password” (without the quotations) into the Password field

Reset password

Aruba Controller:
Please login using console with a serial cable (e.g. you must be infront of the controller):
Login : password
Password: forgetme!

Then go into enable mode with pwd “enable”
#Config terminal
(config)#Mgmt-user admin root
#write memory
<hit enter to setup the new root password>
Once done logout and login back in with the new password.
– If you are looking to decrypt the wireless security key which you have setup for your wireless network. Please execute #encrypt disable and then execute #show run, under the config you will see the wireless key in clear text under your VAP profile section.
sometimes you have the admin password of the controller but not have the enable mode password so what to do?
Access the Controller via GUI And change the enable mode password in Controller Wizard.
Navigate to Configuration > Controller Wizard > Under Wizards > Configure Controller >Basic Info> Enter any Name of your choice, Password for User Admin, retype the same, Password for Enable mode Access here is the place where we can reset the enable mode password and retype the same click on Next

1. Connect Console cable
2. Reboot the router and press the Break key to interrupt the boot sequence.

For break key sequences

Software Platform Operating System Try This
Hyperterminal IBM Compatible Windows XP Ctrl-Break
Hyperterminal IBM Compatible Windows 2000 Ctrl-Break
Hyperterminal IBM Compatible Windows 98 Ctrl-Break
Hyperterminal (version 595160) IBM Compatible Windows 95 Ctrl-F6-Break
Kermit Sun Workstation UNIX Ctrl-\l
MicroPhone Pro IBM Compatible Windows Ctrl-Break
Minicom IBM Compatible Linux Ctrl-a f
ProComm Plus IBM Compatible DOS or Windows Alt-b
SecureCRT IBM Compatible Windows Ctrl-Break
Telix IBM Compatible DOS Ctrl-End
Telnet N/A N/A Ctrl-], then type send brk
Telnet to Cisco IBM Compatible N/A Ctrl-]
Teraterm IBM Compatible Windows Alt-b
Terminal IBM Compatible Windows Break
Tip Sun Workstation UNIX Ctrl-], then Break or Ctrl-c
VT 100 Emulation Data General N/A F16
Windows NT IBM Compatible Windows Break-F5
Shift-6 Shift-4 Shift-b (^$B)
Z-TERMINAL Mac Apple Command-b
N/A Break-Out Box N/A Connect pin 2 (X-mit) to +V for half a second
Cisco to aux port N/A Control-Shft-6, then b
IBM Compatible N/A Ctrl-Break

3. reset
rommon 1 > confreg 0x2142
You must reset or power cycle for new config to take effect
rommon 2 > reset

4. Change the password
Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure
Router> enable
Router# copy startup-config running-config
Destination filename [running-config]? (hit enter)
Building configuration…
Router# configure terminal
Router(config)# enable password cisco
Router(config)# enable secret cisco
Router(config)# line console 0
Router(config-line)# password cisco
Router(config)# username cisco privilege 15 secret cisco
Router(config)# config-register 0x2102
Router(config)# exit
Router# copy running-config startup-config
Destination filename [startup-config]? (hit enter)
Building configuration…
Router# reload

Netscaler MPX / VPX

Now from time to time you might come by this, you have a customer which has a Netscaler setup and they have forgotten the password for the device. What do you do ?
If you have a MPX you need to connect to the device using a serial cable and use for instance Putty to connect to the serial port. If you have an VPX you just need to open the console. Now when the device boots you need to press CTRL + C now on the VPX it is simple the boot menu appears


Then you just press 4 and go into single user mode. On the MPX we have to press CTRL + C simultaneously as well when the following appears in the console
Press [Ctrl-C] for command prompt, or any other key to boot immediately.
Booting [kernel] in 2 seconds…
Now to start the MPX in single-user mode you have to type either boot –s or reboot — -s torestart in single user mode. When you are in single user mode the console will look like this.


Next we have to mount the flash device since this is where the config file resides. Now on different devices this flash device has different names
For VPX this device is called /dev/ad0s1a
So first we have to check disk consistency first before we can mount the device.
fsck /dev/da0s1a (This checks disk consistency)
mount/dev/da0s1a/flash (This mounts the drive under the folder /flash )
df –l (List the devices and where they are mounted)


Next we need to change directory to the flash drive where the config file is located.
cd /flash/nsconfig from there


Next we use a grep command to create a new config file but without the line which contains the passoword string.
grep –v “set system user nsroot” ns.conf > new.conf
Next we need to rename the current config to another name
mv ns.conf old.ns.conf
mv new.conf ns.conf

After this is done we have a new config file without the password for nsroot and we can reboot.

At the boot screen, you will see “SYSLINUX 4.02 … Boot:”, write to the next “menu.c32”
Secondly, you can see a blue window. Move to “xe-serial” and press “tab”
Now, you can read command line start with “mboot.c32…..”. You have to change this part of the line “xencons=hvc console=hvc0” and write “console= ttySO,115200n8 single”.
And press “Enter”, the server continue the starting process.
Then you can see the command line interface, write “passwd” to change your root password

1. Connect Console cable and launch putty
2. Power on Cyberoam and continously press Enter until you see CRLoader
You are navigated to CRLoader screen. Go to Option 0 – CRLoader and Press Enter
Select Option 2 – Troubleshoot
Select Option 1 – Reset console password
This would reset the admin user password. Press “Ok” to continue
Select Option 5 – Reboot. This will reboot the appliance
Once Cyberoam is rebooted, Enter the Default Password as “admin” and then CLI access will be available

1. When booted press e
2. Change i.e
press Enter
press b

3. Changing password
After booted, # will appear
# mount -a
# passwd root
New BIG-IP password:
Retype new BIG-IP password:
SN: FGT-603907516189
L: maintainer
P: bcpbFGT-603907516189

1. Press Clear hole for 10s
Once you release the “Clear” button, only the password protection will be removed. All other configuration settings will remain intact, and the switch will not reboot
If you would like to disable the clear password button on the front of the HP Procurve switch then enter the following
>conf t
Switch(config)# no front-panel-security password-clear
You will also notice the reset button next to the clear button. To disable this button enter the following.
Switch(config)# no front-panel-security factory-reset
Both buttons are now disabled.If you would like to enable these buttons again, do so with the commands below.
Switch(config)# front-panel-security password-clear
Switch(config)# front-panel-security factory-reset

Finally if you are unsure of the status of the reset and clear buttons on the procurve switch then enter the following.
Switch(config)# show front-panel-securityJuniper:

1. Connect your Console cable with settings 9600/8/N/1
2. Power on the device and watch the screen for the line:
Hit [Enter] to boot immediately, or space bar for command prompt.
When you see that line, hit the SPACE BAR and you will receive an OK prompt.
3. At the OK prompt, you want to the system into single user mode by issuing the command
boot -s

4. The system will boot in single user mode and you will then be prompted if you want to enter the path name for shell or “recovery” for root password recovery. Since we are trying to recover the password, we will enter
5. The system will then boot and run a recovery script and place you in at the > prompt
> edit
# set system root-authentication plain-text-password
# commit
# exit
> exit
Reboot the system? [y/n] yRuckus:

StandAlone AP
Press Hard Reset hole in the back of AP for >12s
L: super
P: sp-admin

If you have a saved ZoneDirector backup or debug log, contact Ruckus Tech Support, who may be able to decipher the admin password from your files. Ruckus Technical Support will need to validate you are the legal administrator of the device before doing this.


VMWare ESXi:

-Download Live CD from
Kali Linux
or Ubuntu Desktop
1. Insert the CD or ISO
2. Boot ESXi from either CD above
In Dell is by pressing F2 on boot
If your ESXi is under VMWare Workstation, then click VM > Power > Power On to BIOS
3. if you using Ubuntu, click Try Ubuntu instead of Install Ubuntu.
If you using Kali Linux, you can see desktop right away
4. open Terminal
#mount /dev/sda5 /mnt
#cp /mnt/stage.tgz /tmp
#cd /tmp
#tar xzf state.tgz
#tar xzf local.tgz
#vi etc/shadow
this is just example
#tar czf local.tgz etc
#tar czf state.tgz local.tgz
#cp state.tgz /mnt
remove the cd
Now you can login using vSphere client as root without password