Chapter 2 Commands for the Catalyst 6500 Series Switch WebVPN Module

svc

Table 2-5 Tunnel-Mode Configuration Commands (continued)

Command

Purpose and Guidelines

Default

 

 

 

rekey method {new-tunnel ssl}

Specifies the rekey method. Entering the no form of this

If rekeying is

no rekey method

command disables rekeying.

enabled, the default

 

method is ssl.

 

new-tunnel—Terminates the existing tunnel and

 

 

 

requests a new tunnel.

 

 

ssl—Initiates an SSL rehandshake.

 

 

 

 

rekey {time interval}

Specifies when the VPN client rekeys the SSL tunnel. This

21600 seconds

no rekey time

interval is time-based. Entering the no form of this

(6 hours).

command disables the rekey-time interval.

 

 

 

 

interval—Valid values are from 0 to 43200 seconds.

 

 

 

 

split dns string

Specifies the split-tunnel parameters.

 

 

string— Name or IP address of the DNS server.

 

 

 

 

split exclude {ip-address netmask

Allows you to specify the traffic that is sent directly to an

 

local-lans}

external website without being tunneled through the

 

 

internal network; all other traffic is tunneled.

 

 

Note You can specify either the split include or the split

 

 

exclude command; you cannot specify both

 

 

keywords. You can specify up to 200 addresses for

 

 

either the split include or split exclude keyword by

 

 

entering the command multiple times.

 

 

ip-addressnetmask—Address of traffic that is not

 

 

tunneled.

 

 

local-lans—Specifies that the end user’s local LAN

 

 

traffic is not tunneled.

 

 

 

 

split include ip-address netmask

Allows you to specify the traffic that is tunneled; all other

 

 

traffic is not tunneled through the internal network.

 

 

Note You can specify either the split include or the split

 

 

exclude command; you cannot specify both

 

 

keywords. You can specify up to 200 addresses for

 

 

either the split include or split exclude keyword by

 

 

entering the command multiple times.

 

 

ip-addressnetmask—Address of traffic that is tunneled.

 

 

 

 

wins-server {primary secondary}

Specifies the primary or secondary WINS server.

 

ip-address

 

 

 

 

 

Catalyst 6500 Series Switch WebVPN Module Command Reference—Release 1.1

 

OL-7310-01

2-75

 

 

 

Page 75
Image 75
Cisco Systems 6500 Rekey method new-tunnel ssl, No rekey method, Rekey time interval, No rekey time, Split dns string