Cisco Systems 6500 manual Delayed-ack-threshold, Delay-ack-timeout, No nagle

Page 109

Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

webvpn policy tcp

Table 2-11 Proxy-policy TCP Configuration Submode Command Descriptions (continued)

[no] buffer-share rx buffer-limit-in-bytes

Allows you to configure the maximum size of the receive buffer share per

 

connection; valid values are from 8192 to 262144. Use the no form of this

 

command to return to the default setting.

 

 

[no] buffer-share tx buffer-limit-in-bytes

Allows you to configure the maximum size of the transmit buffer share per

 

connection; valid values are from 8192 to 262144. Use the no form of this

 

command to return to the default setting.

 

 

delayed-ack-threshold

Allows you to specify the number of full-sized segments that must be

 

received before a window-update ACK is sent. Valid values for packets are

 

1 to 10; the default value is 2.

 

 

delay-ack-timeout

Allows you to specify the amount of time before a window-update ACK is

 

sent.

 

If the number of full-sized segments (as specified in the

 

delayed-ack-thresholdcommand) is not received before this timer expires,

 

then an ACK is sent acknowledging all data received up to this point, but

 

the window is not updated. Valid values for timer are 50 to 500

 

milliseconds; the default value is 200.

 

 

help

Provides a description of the interactive help system.

 

 

[no] mss max-segment-size-in-bytes

Allows you to configure the maximum segment size that the connection

 

identifies in the generated SYN packet; valid values are from 64 to 1460.

 

Use the no form of this command to return to the default setting.

 

 

[no] nagle

Allows you to enable the the Nagle algorithm.

 

When you enable the nagle keyword, small amounts of data that are written

 

by the application is queued into the connection-send queue, but is not sent

 

until one of the following situations occurs:

 

There is data pending and an ACK arrives that acknowledges the data

 

that was previously sent.

 

The application writes more data so that a full-sized segment is created

 

and sent.

 

When you disable the nagle keyword, queueing of data does not occur. All

 

data that is written by the application is sent immediately.

 

Nagle is enabled by default.

 

 

[no] timeout fin-wait timeout-in-seconds

Allows you to configure the FIN wait timeout; valid values are from 75 to

 

600 seconds. Use the no form of this command to return to the default

 

setting.

 

 

[no] timeout inactivity timeout-in-seconds

Allows you to configure the inactivity timeout; valid values are from 0 to

 

960 seconds. This command allows you to set the aging timeout for an idle

 

connection and helps protect the connection resources. Use the no form of

 

this command to return to the default setting.

 

 

[no] timeout syn timeout-in-seconds

Allows you to configure the connection establishment timeout; valid values

 

are from 5 to 75 seconds. Use the no form of this command to return to the

 

default setting.

 

 

 

 

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

 

 

 

 

 

 

OL-7310-01

 

 

2-109

 

 

 

 

 

Page 108 Page 110
Image 109
Page 108 Page 110
Contents Commands for the Catalyst 6500 Series Switch WebVPN Module Command Modes Command History DefaultsClear webvpn nbns Release ModificationClear webvpn platform Webvpn# clear webvpn platform Clears the statistics for a specific context Clear webvpn sessionUser name Specifies the user nameCifs Clear webvpn statsMangle Port-forwardTerminal Crypto key export rsa pemUrl url 3desKey nametest-keys UsageGeneral Purpose Key General-keys Crypto key generateUsage-keys ExportableThis example shows how to generate general-purpose RSA keys This example shows how to generate special-usage RSA keysCrypto key generate rsa usage-keys Release Modification Crypto key import rsa pemPEM-formatted RSA key to the WebVPN Services Module Crypto pki authenticate trustpoint-label Crypto pki authenticateCrypto pki certificate Defaults Command Modes Command History Usage GuidelinesCrypto pki crl request Wwbvpnconfig# crypto pki crl requestCrypto pki crl request name Webvpnconfig# crypto pki enroll PROXY1 This example shows how to request a certificateCrypto pki enroll Crypto pki enroll trustpoint-labelCrypto pki export pem Related Commands crypto pki import pem Crypto pki export pkcs12 Wwbvpnconfig# crypto ca export TP1 pkcs12 scp sky is blue This example shows how to export a PKCS12 file using SCPInclude the full path in the pkcs12filename value PKCS12 fileCrypto pki import pem Usage Guidelines Examples Related Commands crypto pki export pemCrypto pki import pkcs12 Users/admin-1/pkcs12/TP2.p12 This example shows how to import a PKCS12 file using SCPCrypto pki profile enrollment Webvpnconfig# crypto pki profile enrollment testCrypto pki profile enrollment label Crypto pki trustpoint Command Purpose and Guidelines Defaults Period minutes-1 Enrollment http-proxymode ra retryPeriod minutes count count url url Count count-10Password password Certificate map mapname commandMatch certificate mapname map override SkipUsage ike ssl-client ssl-server Subject-name lineVrf vrf Debug webvpn Trace module module- FDU trace Event app next-hop tcp-Event debuggingCert- Certificate management Ca-pool- CA PoolEvents- Events This example shows how to turn on tunnel debugging Usage Guidelines Nbns-list name no nbns-list name Nbns-listNbns-server ipaddr Master timeoutExit Banner value string Policy groupFilter tunnel ip-acl Timeout idle Functions file-accessHide-url-bar Nbns-list nameWebvpnconfig-webvpn-group#svc address-pool ciscotunlpool Webvpnconfig# webvpn context ciscoSpecifies the default local port valid values are from 1 to Default local-portPort-forward Port-forward listname no port-forward listnameWebvpn context Related Commands url-listShow webvpn context name Show webvpn contextWebvpn# show web context tunnel Show webvpn dispatch algorithm member stats Show webvpn dispatchAlgorithm MemberSslvpn CLB Member Table Show webvpn gateway Webvpn# show webvpn gateway s1 Admin Status upShow webvpn gateway name Webvpn# show webvpn gatewayFile Show webvpn installCsd StatusWebvpn# show web install file \webvpn\stc\version.txt Show webvpn nbns context name all Show webvpn nbnsAll Show web nbns context allShow webvpn-platform buffers module module Show webvpn platform buffersShow webvpn-platform buffers module all Show webvpn platform context name module module Show webvpn platform contextWebvpn# show webvpn platform context tunnel OL-7310-01 Show webvpn platform crash-info brief details Show webvpn platform crash-infoBrief DetailsNvram Version This Core Didnt Crash Show webvpn platform gateway name debug module module Show webvpn platform gatewayDebug Module moduleVlan ID Show webvpn platform mac address This command has no default settingsShow webvpn platform mac address ModuleShow webvpn platform policy ssl tcp name Show webvpn platform policySsl TcpShow webvpn platform version Show webvpn platform versionWebvpn# show webvpn platform version Show webvpn platform vlan vlan-id Show webvpn platform vlanWebvpn# show webvpn platform vlan Show webvpn policy Related Commands webvpn policy sslGroup name Context name TcpContext name Show webvpn sessionUser name Webvpn# show webvpn session context c1Show webvpn stats type Show webvpn statsWebvpn# show webvpn stats Mangling statistics Relative urls 15705 Absolute urls 41850 DPD Page TCP VCs Active VCs Aborted Conns Webvpn# show web stats context tunnel DPD Snmp-server enable This example shows how to enable traps This example shows how to enable Snmp informsThis example shows how to enable authentication traps Command History Release Modification Command Modes WebVPN group context submodeSvc Dns-server primary secondaryCommand Purpose and Guidelines Default No rekey method Rekey method new-tunnel sslRekey time interval No rekey timeUrl-list listname no url-list listname Url-listHeading text Url-text text url-value url/exchageRelated Commands webvpn context Specifies AAA configuration parameters for context Aaa authentication domain domain-listDefault-group-policy default-policy-name Webvpn contextLogin-message string InserviceNo login-message Password-prompt promptAuthenticate verify -Specifies the SSL Ssl authenticate verify all nonePolicy group policy-name Policy ssl policy-nameVrf-name vrf-name Url-list listnameColor Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Webvpnconfig-webvpn-context# url-list cisco 100 Webvpn gateway No policy tcp SecondaryNo policy ssl Webvpnconfig-webvpn-gateway#ip address 172.21.65.71 port Webvpnconfig# webvpn gateway commonContext and enter the gateway submode Webvpn policy ssl Timeout handshake timeout No session-cache enableTimeout session timeout absolute HelpThis example shows how to disable session-cache This example shows how to enable session-cacheWwbvpnconfig# webvpn policy ssl sslpl1 Wwbvpnconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHARelated Commands show webvpn stats This example shows how to print out a helpWwbvpnconfig-ssl-policy#timeout session 30000 absolute Timeout reassembly is 60 seconds Tos carryover is disabled Timeout syn is 75 secondsDefault Exit Webvpn policy tcpDelay-ack-timeout Delayed-ack-thresholdNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsForm of this command to return to the default setting No timeout reassembly timeNo tos carryover Server to client connection, the server connection must be111 112
Related manuals
Manual 20 pages 62.17 Kb Manual 160 pages 24.26 Kb Manual 262 pages 31.67 Kb
Top Page Image Contents