Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

webvpn policy ssl

webvpn policy ssl

To enter the SSL-policy configuration submode, use the webvpn policy ssl command. In the SSL-policy configuration submode, you can define the SSL policy for one or more SSL-proxy services.

webvpn policy ssl ssl-policy-name

Syntax Description

 

ssl-policy-name

SSL policy name.

 

 

 

 

 

Defaults

 

The defaults are as follows:

 

 

cipher is all.

 

 

 

close-protocol is enabled.

 

 

session-caching is enabled.

 

 

version is all.

 

session-cache size size is 262143 entries.

timeout session timeout is 0 seconds.

timeout handshake timeout is 0 seconds.

tls-rollback is disabled.

Command Modes

Command History

Global configuration

Release

Modification

WebVPN Module

Support for this command was introduced on the Catalyst 6500 series

Release 1.1

switches.

 

 

Usage Guidelines Each SSL-policy configuration submode command is entered on its own line.

Table 2-10lists the commands available in SSL-policy configuration submode.

Table 2-10 SSL-Policy Configuration Submode Command Descriptions

 

cipher-suite

Allows you to configure a list of cipher-suites acceptable to the proxy-server.

 

 

{RSA_WITH_3DES_EDE_CBC_SHA

 

 

 

 

RSA_WITH_DES_CBC_SHA

 

 

 

 

RSA_WITH_RC4_128_MD5

 

 

 

 

RSA_WITH_RC4_128_SHA all}

 

 

 

 

 

 

 

 

[no] close-protocol enable

Allows you to configure the SSL close-protocol behavior. Use the no form

 

 

 

 

of this command to disable close protocol.

 

 

 

 

 

default {cipher close-protocol

Sets a command to its default settings.

 

session-cache version}

 

 

 

 

 

 

 

 

 

 

 

 

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

 

 

 

 

2-104

 

 

OL-7310-01

 

 

 

 

 

Page 104
Image 104
Cisco Systems 6500 manual Webvpn policy ssl