Cisco Systems 6500 manual Webvpn gateway

Page 101

Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

webvpn gateway

webvpn gateway

To enter the gateway submode and define the virtual gateway, use the webvpn gateway command. Use the no form of this command to remove any commands that you have entered in the WebVPN subcommand mode from the configuration.

webvpn gateway gateway-name

Syntax Description

 

gateway-name

Name of the virtual gateway service.

 

 

 

 

Defaults

 

This command has no default settings.

Command Modes

Command History

Global configuration

Release

Modification

WebVPN Module

Support for this command was introduced on the Catalyst 6500 series

Release 1.1

switches.

 

 

Usage Guidelines The gateway-nameargument is case-sensitive.

After you enter the webvpn gateway command, the prompt changes to the following:

webvpn(config-webvpn-gateway)#

After you enter the gateway submode, there are commands available to configure the virtual gateway services. Table 2-9lists the virtual gateway submode commands.

Table 2-9 Virtual Gateway Submode Commands

 

Command

Purpose and Guidelines

Defaults

 

 

 

 

 

 

 

 

 

 

 

exit

Exits from the gateway configuration mode and returns to

 

 

 

 

 

 

 

 

the global configuration mode.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

hostname hostname

Specifies the name of the gateway that is used in the URL

 

 

 

 

 

 

 

 

and cookie mangling process. In the load-balancing

 

 

 

 

 

 

 

 

configuration, the hostname specified here is the virtual

 

 

 

 

 

 

 

 

gateway IP address configured on the LB device.

 

 

 

 

 

 

 

 

 

 

 

 

http-redirect [port port]

Specifies that the HTTP port is open and that any HTTP

port is 80.

 

 

connections to the virtual gateway is directed to use secure

 

 

 

 

 

 

 

 

HTTP (HTTPS).

 

 

 

 

 

 

 

 

port port—(Optional) Specifies the port number to be

 

 

 

 

 

 

 

 

redirected; valid values are from 1 to 65535.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

inservice

Enables the WebVPN gateway. Use the no form of this

 

 

 

 

 

 

 

no inservice

command to disable the WebVPN gateway.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

 

 

 

 

 

 

 

 

OL-7310-01

 

 

 

2-101

 

 

 

 

 

 

Page 100 Page 102
Image 101
Page 100 Page 102
Contents Commands for the Catalyst 6500 Series Switch WebVPN Module Command Modes Command History DefaultsClear webvpn nbns Release ModificationClear webvpn platform Webvpn# clear webvpn platform Clears the statistics for a specific context Clear webvpn sessionUser name Specifies the user nameCifs Clear webvpn statsMangle Port-forwardTerminal Crypto key export rsa pemUrl url 3desKey nametest-keys UsageGeneral Purpose Key General-keys Crypto key generateUsage-keys ExportableCrypto key generate rsa usage-keys This example shows how to generate special-usage RSA keysThis example shows how to generate general-purpose RSA keys Release Modification Crypto key import rsa pemPEM-formatted RSA key to the WebVPN Services Module Crypto pki authenticate trustpoint-label Crypto pki authenticateCrypto pki certificate Defaults Command Modes Command History Usage GuidelinesCrypto pki crl request name Wwbvpnconfig# crypto pki crl requestCrypto pki crl request Webvpnconfig# crypto pki enroll PROXY1 This example shows how to request a certificateCrypto pki enroll Crypto pki enroll trustpoint-labelCrypto pki export pem Related Commands crypto pki import pem Crypto pki export pkcs12 Wwbvpnconfig# crypto ca export TP1 pkcs12 scp sky is blue This example shows how to export a PKCS12 file using SCPInclude the full path in the pkcs12filename value PKCS12 fileCrypto pki import pem Usage Guidelines Examples Related Commands crypto pki export pemCrypto pki import pkcs12 Users/admin-1/pkcs12/TP2.p12 This example shows how to import a PKCS12 file using SCPCrypto pki profile enrollment label Webvpnconfig# crypto pki profile enrollment testCrypto pki profile enrollment Crypto pki trustpoint Command Purpose and Guidelines Defaults Period minutes-1 Enrollment http-proxymode ra retryPeriod minutes count count url url Count count-10Password password Certificate map mapname commandMatch certificate mapname map override SkipVrf vrf Subject-name lineUsage ike ssl-client ssl-server Debug webvpn Trace module module- FDU trace Event app next-hop tcp-Event debuggingEvents- Events Ca-pool- CA PoolCert- Certificate management This example shows how to turn on tunnel debugging Usage Guidelines Nbns-list name no nbns-list name Nbns-listExit Master timeoutNbns-server ipaddr Filter tunnel ip-acl Policy groupBanner value string Timeout idle Functions file-accessHide-url-bar Nbns-list nameWebvpnconfig-webvpn-group#svc address-pool ciscotunlpool Webvpnconfig# webvpn context ciscoSpecifies the default local port valid values are from 1 to Default local-portPort-forward Port-forward listname no port-forward listnameWebvpn context Related Commands url-listWebvpn# show web context tunnel Show webvpn contextShow webvpn context name Show webvpn dispatch algorithm member stats Show webvpn dispatchAlgorithm MemberSslvpn CLB Member Table Show webvpn gateway Webvpn# show webvpn gateway s1 Admin Status upShow webvpn gateway name Webvpn# show webvpn gatewayFile Show webvpn installCsd StatusWebvpn# show web install file \webvpn\stc\version.txt Show webvpn nbns context name all Show webvpn nbnsAll Show web nbns context allShow webvpn-platform buffers module all Show webvpn platform buffersShow webvpn-platform buffers module module Webvpn# show webvpn platform context tunnel Show webvpn platform contextShow webvpn platform context name module module OL-7310-01 Show webvpn platform crash-info brief details Show webvpn platform crash-infoBrief DetailsNvram Version This Core Didnt Crash Show webvpn platform gateway name debug module module Show webvpn platform gatewayDebug Module moduleVlan ID Show webvpn platform mac address This command has no default settingsShow webvpn platform mac address ModuleShow webvpn platform policy ssl tcp name Show webvpn platform policySsl TcpWebvpn# show webvpn platform version Show webvpn platform versionShow webvpn platform version Webvpn# show webvpn platform vlan Show webvpn platform vlanShow webvpn platform vlan vlan-id Show webvpn policy Related Commands webvpn policy sslGroup name Context name TcpContext name Show webvpn sessionUser name Webvpn# show webvpn session context c1Webvpn# show webvpn stats Show webvpn statsShow webvpn stats type Mangling statistics Relative urls 15705 Absolute urls 41850 DPD Page TCP VCs Active VCs Aborted Conns Webvpn# show web stats context tunnel DPD Snmp-server enable This example shows how to enable authentication traps This example shows how to enable Snmp informsThis example shows how to enable traps Command History Release Modification Command Modes WebVPN group context submodeSvc Dns-server primary secondaryCommand Purpose and Guidelines Default No rekey method Rekey method new-tunnel sslRekey time interval No rekey timeUrl-list listname no url-list listname Url-listHeading text Url-text text url-value url/exchageRelated Commands webvpn context Specifies AAA configuration parameters for context Aaa authentication domain domain-listDefault-group-policy default-policy-name Webvpn contextLogin-message string InserviceNo login-message Password-prompt promptAuthenticate verify -Specifies the SSL Ssl authenticate verify all nonePolicy group policy-name Policy ssl policy-nameColor Name Url-list listnameVrf-name vrf-name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Webvpnconfig-webvpn-context# url-list cisco 100 Webvpn gateway No policy ssl SecondaryNo policy tcp Context and enter the gateway submode Webvpnconfig# webvpn gateway commonWebvpnconfig-webvpn-gateway#ip address 172.21.65.71 port Webvpn policy ssl Timeout handshake timeout No session-cache enableTimeout session timeout absolute HelpThis example shows how to disable session-cache This example shows how to enable session-cacheWwbvpnconfig# webvpn policy ssl sslpl1 Wwbvpnconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHAWwbvpnconfig-ssl-policy#timeout session 30000 absolute This example shows how to print out a helpRelated Commands show webvpn stats Timeout reassembly is 60 seconds Tos carryover is disabled Timeout syn is 75 secondsDefault Exit Webvpn policy tcpDelay-ack-timeout Delayed-ack-thresholdNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsForm of this command to return to the default setting No timeout reassembly timeNo tos carryover Server to client connection, the server connection must be111 112
Related manuals
Manual 20 pages 62.17 Kb Manual 160 pages 24.26 Kb Manual 262 pages 31.67 Kb
Top Page Image Contents