Manuals / Cisco Systems / Computer Equipment / Switch

Cisco Systems 6500 manual PEM-formatted RSA key to the WebVPN Services Module

Models: 6500

1 112

Download 112 pages 18.84 Kb

Page 12

Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

crypto key import rsa pem

Usage Guidelines The pass phrase can be any phrase including spaces and punctuation except for a question mark (?), which has special meaning to the Cisco IOS parser.

Pass-phrase protection associates a pass phrase with the key. The pass phrase is used to encrypt the key when it is exported. When this key is imported, you must enter the same pass phrase to decrypt it.

Examples	This example shows how to import a PEM-formatted RSA key from an external system and export the
	PEM-formatted RSA key to the WebVPN Services Module:

wwbvpn(config)# crypto key import rsa newkeys pem url scp: password

%Importing public key or certificate PEM file...

Address or name of remote host []? 7.0.0.7 Source username [ssl-proxy]? lab

Source filename [newkeys.pub]? test-keys.pub

Password:

Sending file modes:C0644 272 test-keys.pub

Reading file from scp://lab@7.0.0.7/test-keys.pub!

%Importing private key PEM file...

Address or name of remote host []? 7.0.0.7 Source username [ssl-proxy]? lab

Source filename [newkeys.prv]? test-keys.prv

Password:

Sending file modes:C0644 963 test-keys.prv

Reading file from scp://lab@7.0.0.7/test-keys.prv!% Key pair import succeeded.

wwbvpn(config)#

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

2-12	OL-7310-01

Image 12

Cisco Systems 6500 manual PEM-formatted RSA key to the WebVPN Services Module

Contents

Commands for the Catalyst 6500 Series Switch WebVPN Module Defaults Command Modes Command HistoryClear webvpn nbns Release ModificationClear webvpn platform Webvpn# clear webvpn platform Clear webvpn session Clears the statistics for a specific contextUser name Specifies the user nameClear webvpn stats CifsMangle Port-forwardCrypto key export rsa pem TerminalUrl url 3desKey nametest-keys UsageGeneral Purpose Key Crypto key generate General-keysUsage-keys ExportableThis example shows how to generate special-usage RSA keys This example shows how to generate general-purpose RSA keysCrypto key generate rsa usage-keys Crypto key import rsa pem Release ModificationPEM-formatted RSA key to the WebVPN Services Module Crypto pki authenticate Crypto pki authenticate trustpoint-labelDefaults Command Modes Command History Usage Guidelines Crypto pki certificateWwbvpnconfig# crypto pki crl request Crypto pki crl requestCrypto pki crl request name This example shows how to request a certificate Webvpnconfig# crypto pki enroll PROXY1Crypto pki enroll Crypto pki enroll trustpoint-labelCrypto pki export pem Related Commands crypto pki import pem Crypto pki export pkcs12 This example shows how to export a PKCS12 file using SCP Wwbvpnconfig# crypto ca export TP1 pkcs12 scp sky is blueInclude the full path in the pkcs12filename value PKCS12 fileCrypto pki import pem Related Commands crypto pki export pem Usage Guidelines ExamplesCrypto pki import pkcs12 This example shows how to import a PKCS12 file using SCP Users/admin-1/pkcs12/TP2.p12Webvpnconfig# crypto pki profile enrollment test Crypto pki profile enrollmentCrypto pki profile enrollment label Crypto pki trustpoint Command Purpose and Guidelines Defaults Enrollment http-proxymode ra retry Period minutes-1Period minutes count count url url Count count-10Certificate map mapname command Password passwordMatch certificate mapname map override SkipSubject-name line Usage ike ssl-client ssl-serverVrf vrf Debug webvpn Event app next-hop tcp-Event debugging Trace module module- FDU traceCa-pool- CA Pool Cert- Certificate managementEvents- Events This example shows how to turn on tunnel debugging Usage Guidelines Nbns-list Nbns-list name no nbns-list nameMaster timeout Nbns-server ipaddrExit Policy group Banner value stringFilter tunnel ip-acl Functions file-access Timeout idleHide-url-bar Nbns-list nameWebvpnconfig# webvpn context cisco Webvpnconfig-webvpn-group#svc address-pool ciscotunlpoolDefault local-port Specifies the default local port valid values are from 1 toPort-forward Port-forward listname no port-forward listnameRelated Commands url-list Webvpn contextShow webvpn context Show webvpn context nameWebvpn# show web context tunnel Show webvpn dispatch Show webvpn dispatch algorithm member statsAlgorithm MemberSslvpn CLB Member Table Webvpn# show webvpn gateway s1 Admin Status up Show webvpn gatewayShow webvpn gateway name Webvpn# show webvpn gatewayShow webvpn install FileCsd StatusWebvpn# show web install file \webvpn\stc\version.txt Show webvpn nbns Show webvpn nbns context name allAll Show web nbns context allShow webvpn platform buffers Show webvpn-platform buffers module moduleShow webvpn-platform buffers module all Show webvpn platform context Show webvpn platform context name module moduleWebvpn# show webvpn platform context tunnel OL-7310-01 Show webvpn platform crash-info Show webvpn platform crash-info brief detailsBrief DetailsNvram Version This Core Didnt Crash Show webvpn platform gateway Show webvpn platform gateway name debug module moduleDebug Module moduleVlan ID This command has no default settings Show webvpn platform mac addressShow webvpn platform mac address ModuleShow webvpn platform policy Show webvpn platform policy ssl tcp nameSsl TcpShow webvpn platform version Show webvpn platform versionWebvpn# show webvpn platform version Show webvpn platform vlan Show webvpn platform vlan vlan-idWebvpn# show webvpn platform vlan Related Commands webvpn policy ssl Show webvpn policyGroup name Context name TcpShow webvpn session Context nameUser name Webvpn# show webvpn session context c1Show webvpn stats Show webvpn stats typeWebvpn# show webvpn stats Mangling statistics Relative urls 15705 Absolute urls 41850 DPD Page TCP VCs Active VCs Aborted Conns Webvpn# show web stats context tunnel DPD Snmp-server enable This example shows how to enable Snmp informs This example shows how to enable trapsThis example shows how to enable authentication traps Command Modes WebVPN group context submode Command History Release ModificationSvc Dns-server primary secondaryCommand Purpose and Guidelines Default Rekey method new-tunnel ssl No rekey methodRekey time interval No rekey timeUrl-list Url-list listname no url-list listnameHeading text Url-text text url-value url/exchageRelated Commands webvpn context Aaa authentication domain domain-list Specifies AAA configuration parameters for contextDefault-group-policy default-policy-name Webvpn contextInservice Login-message stringNo login-message Password-prompt promptSsl authenticate verify all none Authenticate verify -Specifies the SSLPolicy group policy-name Policy ssl policy-nameUrl-list listname Vrf-name vrf-nameColor Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Color Name Webvpnconfig-webvpn-context# url-list cisco 100 Webvpn gateway Secondary No policy tcpNo policy ssl Webvpnconfig# webvpn gateway common Webvpnconfig-webvpn-gateway#ip address 172.21.65.71 portContext and enter the gateway submode Webvpn policy ssl No session-cache enable Timeout handshake timeoutTimeout session timeout absolute HelpThis example shows how to enable session-cache This example shows how to disable session-cacheWwbvpnconfig# webvpn policy ssl sslpl1 Wwbvpnconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHAThis example shows how to print out a help Related Commands show webvpn statsWwbvpnconfig-ssl-policy#timeout session 30000 absolute Timeout syn is 75 seconds Timeout reassembly is 60 seconds Tos carryover is disabledDefault Exit Webvpn policy tcpDelayed-ack-threshold Delay-ack-timeoutNo timeout fin-wait timeout-in-seconds No timeout inactivity timeout-in-secondsNo timeout reassembly time Form of this command to return to the default settingNo tos carryover Server to client connection, the server connection must be111 112