Cisco Systems 6500 manual Dpd

Page 66

Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

show webvpn stats

Socket statistics:

 

 

 

 

 

Sockets in use

:

2

Sock

Usr Blocks in use

: 2

Sock Data Buffers in use :

0

Sock

Buf desc in use

: 0

Select timers in use

:

2

Sock

Select Timeouts

: 0

Sock Tx Blocked

:

49

Sock

Tx Unblocked

: 49

Sock Rx Blocked

:

0

Sock

Rx Unblocked

: 0

Sock UDP

Connects

:

0

Sock

UDP Disconnects

: 0

Sock Premature Close

:

0

Sock

Pipe Errors

: 5

Port Forward

statistics:

 

 

 

 

 

Client

 

 

 

 

Server

 

 

in pkts

 

:

0

out pkts

: 0

in bytes

 

:

0

out bytes

: 0

out

pkts

 

:

0

in pkts

: 0

out

bytes

 

:

0

in bytes

: 0

Tunnel Statistics:

 

 

 

 

 

Active connections

:

0

 

 

 

Peak connections

:

1

Peak

time

: 5d16h

Connect succeed

:

6

Connect failed

: 0

Reconnect succeed

:

1

Reconnect failed

: 0

DPD

timeout

:

0

 

 

 

Client

 

 

 

 

Server

 

 

in

CSTP

frames

:

23098

out IP pkts

: 23093

in

CSTP

data

:

23093

 

 

 

in

CSTP

control

:

5

 

 

 

in

CSTP

bytes

:

4956832

out IP bytes

: 4771852

out

CSTP

frames

:

32086

in

IP pkts

: 32084

out

CSTP

data

:

32084

 

 

 

out

CSTP

control

:

2

 

 

 

out

CSTP

bytes

:

16136526

in

IP bytes

: 16512477

webvpn#

Most of the counters are self-explanatory. The following descriptions are for the counters that are not self-explanatory:

User session statistics:

Terminated user sessions—Number of sessions that were logged out from the time last clear keyword was executed.

Session alloc failures—Indicates that the system is running out of memory.

Authentication failures—AAA responded with failure status for given username or password .

VPN session timeout—Number of sessions that were cleared because of session timeout expiry.

VPN idle timeout—Number of sessions that were cleared because of idle timeout expiry.

User cleared vpn sessions—Number of sessions that were cleared because of the clear webvpn session command.

Exceeded ctx user limit—Number of sessions that were rejected because of exceeding max-users limit configured under context.

Exceeded total user limit—Number of sessions that were rejected because of exceeding the system user limit (currently 8000).

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

2-66

OL-7310-01

 

 

Page 65 Page 67
Image 66
Page 65 Page 67
Contents Commands for the Catalyst 6500 Series Switch WebVPN Module Clear webvpn nbns DefaultsCommand Modes Command History Release ModificationClear webvpn platform Webvpn# clear webvpn platform User name Clear webvpn sessionClears the statistics for a specific context Specifies the user nameMangle Clear webvpn statsCifs Port-forwardUrl url Crypto key export rsa pemTerminal 3desKey nametest-keys UsageGeneral Purpose Key Usage-keys Crypto key generateGeneral-keys ExportableThis example shows how to generate special-usage RSA keys This example shows how to generate general-purpose RSA keysCrypto key generate rsa usage-keys Crypto key import rsa pem Release ModificationPEM-formatted RSA key to the WebVPN Services Module Crypto pki authenticate Crypto pki authenticate trustpoint-labelDefaults Command Modes Command History Usage Guidelines Crypto pki certificateWwbvpnconfig# crypto pki crl request Crypto pki crl requestCrypto pki crl request name Crypto pki enroll This example shows how to request a certificateWebvpnconfig# crypto pki enroll PROXY1 Crypto pki enroll trustpoint-labelCrypto pki export pem Related Commands crypto pki import pem Crypto pki export pkcs12 Include the full path in the pkcs12filename value This example shows how to export a PKCS12 file using SCPWwbvpnconfig# crypto ca export TP1 pkcs12 scp sky is blue PKCS12 fileCrypto pki import pem Related Commands crypto pki export pem Usage Guidelines ExamplesCrypto pki import pkcs12 This example shows how to import a PKCS12 file using SCP Users/admin-1/pkcs12/TP2.p12Webvpnconfig# crypto pki profile enrollment test Crypto pki profile enrollmentCrypto pki profile enrollment label Crypto pki trustpoint Command Purpose and Guidelines Defaults Period minutes count count url url Enrollment http-proxymode ra retryPeriod minutes-1 Count count-10Match certificate mapname map override Certificate map mapname commandPassword password SkipSubject-name line Usage ike ssl-client ssl-serverVrf vrf Debug webvpn Event app next-hop tcp-Event debugging Trace module module- FDU traceCa-pool- CA Pool Cert- Certificate managementEvents- Events This example shows how to turn on tunnel debugging Usage Guidelines Nbns-list Nbns-list name no nbns-list nameMaster timeout Nbns-server ipaddrExit Policy group Banner value stringFilter tunnel ip-acl Hide-url-bar Functions file-accessTimeout idle Nbns-list nameWebvpnconfig# webvpn context cisco Webvpnconfig-webvpn-group#svc address-pool ciscotunlpoolPort-forward Default local-portSpecifies the default local port valid values are from 1 to Port-forward listname no port-forward listnameRelated Commands url-list Webvpn contextShow webvpn context Show webvpn context nameWebvpn# show web context tunnel Algorithm Show webvpn dispatchShow webvpn dispatch algorithm member stats MemberSslvpn CLB Member Table Show webvpn gateway name Webvpn# show webvpn gateway s1 Admin Status upShow webvpn gateway Webvpn# show webvpn gatewayCsd Show webvpn installFile StatusWebvpn# show web install file \webvpn\stc\version.txt All Show webvpn nbnsShow webvpn nbns context name all Show web nbns context allShow webvpn platform buffers Show webvpn-platform buffers module moduleShow webvpn-platform buffers module all Show webvpn platform context Show webvpn platform context name module moduleWebvpn# show webvpn platform context tunnel OL-7310-01 Brief Show webvpn platform crash-infoShow webvpn platform crash-info brief details DetailsNvram Version This Core Didnt Crash Debug Show webvpn platform gatewayShow webvpn platform gateway name debug module module Module moduleVlan ID Show webvpn platform mac address This command has no default settingsShow webvpn platform mac address ModuleSsl Show webvpn platform policyShow webvpn platform policy ssl tcp name TcpShow webvpn platform version Show webvpn platform versionWebvpn# show webvpn platform version Show webvpn platform vlan Show webvpn platform vlan vlan-idWebvpn# show webvpn platform vlan Group name Related Commands webvpn policy sslShow webvpn policy Context name TcpUser name Show webvpn sessionContext name Webvpn# show webvpn session context c1Show webvpn stats Show webvpn stats typeWebvpn# show webvpn stats Mangling statistics Relative urls 15705 Absolute urls 41850 DPD Page TCP VCs Active VCs Aborted Conns Webvpn# show web stats context tunnel DPD Snmp-server enable This example shows how to enable Snmp informs This example shows how to enable trapsThis example shows how to enable authentication traps Svc Command Modes WebVPN group context submodeCommand History Release Modification Dns-server primary secondaryCommand Purpose and Guidelines Default Rekey time interval Rekey method new-tunnel sslNo rekey method No rekey timeHeading text Url-listUrl-list listname no url-list listname Url-text text url-value url/exchageRelated Commands webvpn context Default-group-policy default-policy-name Aaa authentication domain domain-listSpecifies AAA configuration parameters for context Webvpn contextNo login-message InserviceLogin-message string Password-prompt promptPolicy group policy-name Ssl authenticate verify all noneAuthenticate verify -Specifies the SSL Policy ssl policy-nameUrl-list listname Vrf-name vrf-nameColor Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Webvpnconfig-webvpn-context# url-list cisco 100 Webvpn gateway Secondary No policy tcpNo policy ssl Webvpnconfig# webvpn gateway common Webvpnconfig-webvpn-gateway#ip address 172.21.65.71 portContext and enter the gateway submode Webvpn policy ssl Timeout session timeout absolute No session-cache enableTimeout handshake timeout HelpWwbvpnconfig# webvpn policy ssl sslpl1 This example shows how to enable session-cacheThis example shows how to disable session-cache Wwbvpnconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHAThis example shows how to print out a help Related Commands show webvpn statsWwbvpnconfig-ssl-policy#timeout session 30000 absolute Default Exit Timeout syn is 75 secondsTimeout reassembly is 60 seconds Tos carryover is disabled Webvpn policy tcpNo timeout fin-wait timeout-in-seconds Delayed-ack-thresholdDelay-ack-timeout No timeout inactivity timeout-in-secondsNo tos carryover No timeout reassembly timeForm of this command to return to the default setting Server to client connection, the server connection must be111 112
Related manuals
Manual 20 pages 62.17 Kb Manual 160 pages 24.26 Kb Manual 262 pages 31.67 Kb
Top Page Image Contents