Cisco Systems 6500 manual Command Purpose and Guidelines Default

Page 74

Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

svc

Table 2-5 Tunnel-Mode Configuration Commands (continued)

Command

Purpose and Guidelines

Default

 

 

 

dpd-interval {client timeout}

Specifies the dead peer detection (DPD) timeout values for

Disabled for the

{gateway timeout}

the gateway or the client, if tunnel-mode WebVPN is

gateway and the

 

enabled for the user or group. The DPD timer is used to

client.

 

determine if a DPD packet needs to be sent to the peer. The

 

 

DPD timer is reset every time a Cisco SSL Tunnel Protocol

 

 

(CSTP) frame is received from the peer.

 

 

gateway timeout—Specifies the DPD timeout values for

 

 

the SG; valid values are from 0 (disabled) to 3600 seconds.

 

 

client timeout—Specifies the DPD timeout values for the

 

 

client; valid values are from 0 (disabled) to 3600 seconds.

 

 

 

 

homepage url

Configures the URL of the web page to be displayed to the

No web page is

 

user upon login. The URL string specifies the path of the

specified.

 

URL. The maximum length for the URL string is 255

 

 

characters. Entering the no form of this command removes

 

 

the command from the configuration.

 

 

 

 

keep-client-installed

Keeps the SVC installed after the connection is closed.

 

 

 

 

msie-proxy exception {ip-address

Specifies the Microsoft Internet Explorer (MSIE) browser

Disabled.

dns-name}

proxy settings.

 

 

Note This command is supported only with the MSIE

 

 

browser.

 

 

The exception keyword specifies a single DNS name or IP

 

 

address for traffic that is not sent through a proxy.

 

 

 

 

msie-proxy server {ip-address

Specifies the Microsoft Internet Explorer (MSIE) browser

Disabled.

dns_name}[: port]

proxy settings.

 

 

Note This command is supported only with the MSIE

 

 

browser.

 

 

The server keyword specifies an IP address or DNS name,

 

 

optionally followed by a colon and port number, that is used

 

 

by all the proxy settings in the browser (HTTP, Secure, FTP,

 

 

Gopher) except Socks.

 

 

 

 

msie-proxy option {auto bypass-local

Specifies the Microsoft Internet Explorer (MSIE) browser

option none

none}

proxy settings.

 

 

Note This command is supported only with the MSIE

 

 

browser.

 

 

The option none keyword specifies that the browser does

 

 

not use a proxy.

 

 

The option auto keyword specifies that the browser proxy

 

 

settings are automatically detected.

 

 

The option bypass-localkeyword specifies that the local

 

 

addresses bypass the proxy.

 

 

 

 

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

2-74

OL-7310-01

 

 

Page 73 Page 75
Image 74
Page 73 Page 75
Contents Commands for the Catalyst 6500 Series Switch WebVPN Module Clear webvpn nbns DefaultsCommand Modes Command History Release ModificationClear webvpn platform Webvpn# clear webvpn platform User name Clear webvpn sessionClears the statistics for a specific context Specifies the user nameMangle Clear webvpn statsCifs Port-forwardUrl url Crypto key export rsa pemTerminal 3desKey nametest-keys UsageGeneral Purpose Key Usage-keys Crypto key generateGeneral-keys ExportableCrypto key generate rsa usage-keys This example shows how to generate special-usage RSA keysThis example shows how to generate general-purpose RSA keys Crypto key import rsa pem Release ModificationPEM-formatted RSA key to the WebVPN Services Module Crypto pki authenticate Crypto pki authenticate trustpoint-labelDefaults Command Modes Command History Usage Guidelines Crypto pki certificateCrypto pki crl request name Wwbvpnconfig# crypto pki crl requestCrypto pki crl request Crypto pki enroll This example shows how to request a certificateWebvpnconfig# crypto pki enroll PROXY1 Crypto pki enroll trustpoint-labelCrypto pki export pem Related Commands crypto pki import pem Crypto pki export pkcs12 Include the full path in the pkcs12filename value This example shows how to export a PKCS12 file using SCPWwbvpnconfig# crypto ca export TP1 pkcs12 scp sky is blue PKCS12 fileCrypto pki import pem Related Commands crypto pki export pem Usage Guidelines ExamplesCrypto pki import pkcs12 This example shows how to import a PKCS12 file using SCP Users/admin-1/pkcs12/TP2.p12Crypto pki profile enrollment label Webvpnconfig# crypto pki profile enrollment testCrypto pki profile enrollment Crypto pki trustpoint Command Purpose and Guidelines Defaults Period minutes count count url url Enrollment http-proxymode ra retryPeriod minutes-1 Count count-10Match certificate mapname map override Certificate map mapname commandPassword password SkipVrf vrf Subject-name lineUsage ike ssl-client ssl-server Debug webvpn Event app next-hop tcp-Event debugging Trace module module- FDU traceEvents- Events Ca-pool- CA PoolCert- Certificate management This example shows how to turn on tunnel debugging Usage Guidelines Nbns-list Nbns-list name no nbns-list nameExit Master timeoutNbns-server ipaddr Filter tunnel ip-acl Policy groupBanner value string Hide-url-bar Functions file-accessTimeout idle Nbns-list nameWebvpnconfig# webvpn context cisco Webvpnconfig-webvpn-group#svc address-pool ciscotunlpoolPort-forward Default local-portSpecifies the default local port valid values are from 1 to Port-forward listname no port-forward listnameRelated Commands url-list Webvpn contextWebvpn# show web context tunnel Show webvpn contextShow webvpn context name Algorithm Show webvpn dispatchShow webvpn dispatch algorithm member stats MemberSslvpn CLB Member Table Show webvpn gateway name Webvpn# show webvpn gateway s1 Admin Status upShow webvpn gateway Webvpn# show webvpn gatewayCsd Show webvpn installFile StatusWebvpn# show web install file \webvpn\stc\version.txt All Show webvpn nbnsShow webvpn nbns context name all Show web nbns context allShow webvpn-platform buffers module all Show webvpn platform buffersShow webvpn-platform buffers module module Webvpn# show webvpn platform context tunnel Show webvpn platform contextShow webvpn platform context name module module OL-7310-01 Brief Show webvpn platform crash-infoShow webvpn platform crash-info brief details DetailsNvram Version This Core Didnt Crash Debug Show webvpn platform gatewayShow webvpn platform gateway name debug module module Module moduleVlan ID Show webvpn platform mac address This command has no default settingsShow webvpn platform mac address ModuleSsl Show webvpn platform policyShow webvpn platform policy ssl tcp name TcpWebvpn# show webvpn platform version Show webvpn platform versionShow webvpn platform version Webvpn# show webvpn platform vlan Show webvpn platform vlanShow webvpn platform vlan vlan-id Group name Related Commands webvpn policy sslShow webvpn policy Context name TcpUser name Show webvpn sessionContext name Webvpn# show webvpn session context c1Webvpn# show webvpn stats Show webvpn statsShow webvpn stats type Mangling statistics Relative urls 15705 Absolute urls 41850 DPD Page TCP VCs Active VCs Aborted Conns Webvpn# show web stats context tunnel DPD Snmp-server enable This example shows how to enable authentication traps This example shows how to enable Snmp informsThis example shows how to enable traps Svc Command Modes WebVPN group context submodeCommand History Release Modification Dns-server primary secondaryCommand Purpose and Guidelines Default Rekey time interval Rekey method new-tunnel sslNo rekey method No rekey timeHeading text Url-listUrl-list listname no url-list listname Url-text text url-value url/exchageRelated Commands webvpn context Default-group-policy default-policy-name Aaa authentication domain domain-listSpecifies AAA configuration parameters for context Webvpn contextNo login-message InserviceLogin-message string Password-prompt promptPolicy group policy-name Ssl authenticate verify all noneAuthenticate verify -Specifies the SSL Policy ssl policy-nameColor Name Url-list listnameVrf-name vrf-name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Webvpnconfig-webvpn-context# url-list cisco 100 Webvpn gateway No policy ssl SecondaryNo policy tcp Context and enter the gateway submode Webvpnconfig# webvpn gateway commonWebvpnconfig-webvpn-gateway#ip address 172.21.65.71 port Webvpn policy ssl Timeout session timeout absolute No session-cache enableTimeout handshake timeout HelpWwbvpnconfig# webvpn policy ssl sslpl1 This example shows how to enable session-cacheThis example shows how to disable session-cache Wwbvpnconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHAWwbvpnconfig-ssl-policy#timeout session 30000 absolute This example shows how to print out a helpRelated Commands show webvpn stats Default Exit Timeout syn is 75 secondsTimeout reassembly is 60 seconds Tos carryover is disabled Webvpn policy tcpNo timeout fin-wait timeout-in-seconds Delayed-ack-thresholdDelay-ack-timeout No timeout inactivity timeout-in-secondsNo tos carryover No timeout reassembly timeForm of this command to return to the default setting Server to client connection, the server connection must be111 112
Related manuals
Manual 20 pages 62.17 Kb Manual 160 pages 24.26 Kb Manual 262 pages 31.67 Kb
Top Page Image Contents