2.ICLI Basics

The following list shows the key ICLI characteristics:

• It is modal (certain operations are possible or impossible in specific modes)

• It is line-based (there are no screen editing features)

• It executes commands instantly upon end-of-line

• It is privilege-based (certain operations require the user to have a certain privilege level to succeed)

• It implements industrial de-facto behavior for network equipment CLIs (structurally and behaviorally, it resembles CLIs found on other equipment while still possessing unique characteristics in some areas)

The ICLI can be accessed directly using the serial console, or over the network through telnet or ssh. In each case, the user has to log in before ICLI commands can be executed. This begins a session that lasts until logout. Multiple sessions can co-exist at the same time, each providing separate environments: logged-in user ID, privilege level, command history, mode, and session settings. It is therefore perfectly possible for the same user to control several concurrent sessions, such as one serial console session and one ssh session. The user database is either local or provided by a RADIUS or TACACS+ server. In case of a local user database, passwords and privilege levels are maintained on the device.