Ssl-proxy pki | Cisco Systems OL-7029-01 guide

Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy pki

ssl-proxy pki

To configure and define the PKI implementation on the Content Switching Module with SSL, use the ssl-proxy pki command.Use the no form of this command to disable the logging and clear the memory.

ssl-proxy pki {{authenticate {timeout seconds}} {cache {{size entries} {timeout minutes}}}

{certificate {check-expiring {interval hours}}} history}

		no ssl-proxy pki {authenticate cache certificate history}

Syntax Description		authenticate	Configures the certificate authentication and authorization.

		timeout seconds	Specifies the timeout in seconds for each request; valid values are from 1 to
			600 seconds.

		cache	Configures the peer-certificate cache.

		size entries	Specifies the maximum number of cache entries; valid values are from 0 to
			5000 entries.

		timeout minutes	Specifies the aging timeout value of entries; valid values are from 1 to 600
			minutes.

		certificate	Configures the check-expiring interval.

		check-expiring	Specifies the check-expiring interval; valid values are from 0 to 720 hours.
		interval hours

		history	Key and certificate history.


Defaults		The default settings are as follows:
		• timeout seconds—180 seconds
		• size entries—0entries
		• timeout minutes—15 minutes
		• interval hours—0hours, do not check

Command Modes		Global configuration

Command History		Release	Modification

		Cisco IOS Release	Support for this command was introduced on the Catalyst 6500 series
		12.1(13)E and	switches.
		SSL Services Module
		Release 1.1(1)

		SSL Services Module This command was changed to add the following keywords:
		Release 2.1(1)	•	authenticate
			•	authenticate
			•	cache
			•	certificate

CSM-S release 1.1(1) This command was introduced.

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

3-52	OL-7029-01

Image 274

Cisco Systems OL-7029-01 manual Ssl-proxy pki

Contents

Corporate Headquarters Text Part Number OL-7029-01Page N T E N T S Iii Hw-module csm standby config-sync2-21 Ip slb mode Map cookie Real Script file Show module csm static server Vii Vlan virtual server submode Viii Ssl-proxy policy url-rewrite Acronyms A-1 Organization AudienceChapter Title Description Boldface font ConventionsConvention Description Boldface Obtaining Documentation Related DocumentationXiii Cisco Ordering tool Cisco Marketplace Documentation FeedbackCisco Product Security Overview Xiv Obtaining Technical Assistance An emergency, you can also reach Psirt by telephone 877 408 Submitting a Service Request Xvi Obtaining Additional Publications and Information Xvii Xviii Using Content Switching Module Commands Command Task Command Modes # prompt is displayed Expression Meaning Submodes When you are in a submode, the prompt changes toRegular Expressions Zero or more characters Form-feed Ascii Alert AsciiBackspace Ascii Newline Ascii Content Switching Module with SSL Commands Vlan id Defaults Command Modes Command HistoryArp Release Modification Capp udp Syntax Description DefaultsCommand Modes Command History Capp udp No capp udp Related Commands port Capp UDP submode No options ipaddress Related Commands capp udpOptions Capp UDP submode Encryption MD5 Port portnum no port This example shows how to set the port for Capp connectionsPort Capp UDP submode Capp udp Secure Capp UDP submode Secure No secure Clear module csm Password No dfp password passwordDfp Related Commands show module csm dfp Dfp Agent DFP submodeManager DFP submode Show module csm dfp Manager port No manager Syntax Description Defaults Command ModesManager DFP submode Agent DFP submode Exit Exit Ft group group-id vlan vlan number Module CSM configuration submodeFt group No ft group Preempt fault tolerant submode Failover fault tolerant submodeHeartbeat-time fault tolerant submode Priority fault tolerant submode No failover Failover fault tolerant submodeFailover failover-time Ft group Ft group Heartbeat-time fault tolerant submodeHeartbeat-time heartbeat-timeno heartbeat-time Show module csm ft Related Commands ft group Preempt fault tolerant submodePreempt No preempt CSM Priority fault tolerant submodePriority value alt value No priority Alt Value Track fault tolerant submode Preempt fault tolerant submode Syntax Description Defaults Command Modes Command History Hw-module csm standby config-syncHw-module csm slot standby config-sync Ip address Vlan submode priority fault tolerant submode On the Catalyst 6500 series switch Ip slb modeIp slb mode csm rp no ip slb mode Csm Keyword to select the route processor Cisco IOS SLB mode Show ip slb mode Module csm Cookie-map policy submode Map cookieCookie Match protocol http cookie cookie map submode Cookie-value Match protocol http cookie cookie map submodeMap cookie Show module csm map Map dns DNS domains can be configured to a mapThis example shows how to group DNS domains Match protocol dns domain DNS map submode Match protocol dns domain DNS map submode SLB DNS map configuration submodeThis example shows how to add domains to a DNS map Name Names the DNS domain being mapped Header-map policy submode Map headerMap name header no map name Insert protocol http header header map submode Header-value value Insert protocol http header header map submodeHeader-map policy submode map header Show module csm map Header-value expression SLB header map configuration submodeMatch protocol http header header map submode Must be matched Map retcode Keyword to enter the return error code map submodeThis command has no default settings CSM module submode Map name retcode No map name Action count Map retcode SLB policy configuration submodeMatch protocol http retcode return code map submode Action log Url-map-name Map urlMap url-map-name url no map url-map-name Match protocol http url URL map submode Match protocol http url URL map submode SLB URL map configuration submodeUsage Guidelines Examples Related Commands Map url Show module csm map url-map policy submode Module csm Slot-number Slot number where the CSM residesIp slb mode Module csm slot-number No module csm slot-number Nat client serverfarm submode Natpool module CSM submodeNetmask netmask Show module csm natpool Variable module CSM submode Name Default Valid Values DescriptionVariable name value no variable name Switchoverrpaction AggregatebackupsfstatetovNoresetunidirectionalflows Advertiserhifreq Show module csm variable Billing-info owner submode OwnerOwner name no owner Contact-info owner submode Maxconns owner submode No billing-info Billing-info owner submodeBilling-infobilling-address-information Contact-info owner submode Contact-info string no contact-info Contact-info owner submodeString Owner’s information Number Number of maximum connections to the owner object Maxconns owner submodeMaxconns number no maxconns Accept further connections Policy policy-name no policy policy-name All policies should be configured with a server farmPolicy Show module csm owner No client-group Ip access-list standardClient-group policy submode Policy Show module csm owner No cookie-map Cookie-map policy submodeCookie-mapcookie-map-name Map cookie Header-map name No header-map Specified in the map header commandHeader-map policy submode Map header Static Nat client policy submodeNo nat client Natpool module CSM submode Serverfarm policy submode Policy Serverfarm virtual server submode Set ip dscp dscp-valueno set ip dscp Default is that the CSM does not store Dscp valuesSet ip dscp policy submode Dscp-value Range is from 0 to Sticky-group group-id No sticky-group This example shows how to configure a sticky groupSticky-group policy submode Show module csm owner Show module csm sticky Sticky Url-mapurl-map-name no url-map Default is no URL mapUrl-map policy submode Map url Probe Probe Show module csm probe Routed Address probe submodeNo address ip-address Probe This command is for Http probes Credentials username passwordSLB Http probe configuration submode Credentials probe submode Description line No description Description serverfarm submodeLine Description text Enter the no expect status 34 99 command Expect status probe submode Related Commands probe Failed probe submode Default value for the failed interval is 300 secondsThis command is used for all probe types Failed failed-interval no failed No header field-name Header probe submodeHeader field-name field-value Probe Show module csm probe Interval probe submode Interval seconds no interval Name probe submode SLB DNS probe configuration submodeName domain-name no name SLB HTTP/TCP/FTP/Telnet/SMTP probe configuration submode Open open-timeout no openDefault value for the open timeout is 10 seconds Open probe submode Port port-number no port Default value for the port number isPort probe submode Port-number Sets the port number This command is available for all probe types except TCP Receive receive-timeout no receiveDefault value for a receive timeout is 10 seconds Receive probe submode Default value is Recover probe submodeRecover recovervalue no recover This command is available for all probe types Method head Request probe submodeMethod get Url path Retries probe submode Default value for retries isRetries retry-count no retries Scriptname Specifies a probe script Script probe submodeScript scriptname Failed probe submode Real Default is no port translation for the real serverSLB serverfarm configuration submode Real ip-address port local No real ip-address port Cat6k-2config-slb-sfarm# real Cat6k-2config-slb-real# Name name Backup real real server submodeBackup real ip name name port no backup real Failaction serverfarm submode No health probe Health probe real server submodeHealth probe probe-nametag string Tag Command History Release Modification Inservice real server submodeInservice standby No inservice Standby Real Show module csm real Real server falls below Minconns Maxconns real server submodeMaxconns max-conns no maxconns Minconns real server submode Minconns min-consno minconns Default value is the set minumum number of connectionsMinconns real server submode Maxconns real server submode real Show module csm real Redirect-vserver name no redirect-vserver Redirect-vserver real server submodeTraffic is not redirected to the server Weighting value default is Weight real server submodeWeight weighting-value no weight Predictor serverfarm submode Redirect-vserver This example shows how to name the virtual serverRedirect-vserver name no redirect-vserver name Active Advertise redirect virtual server submodeAdvertise active no advertise Advertise virtual server submode Exclude SLB redirect virtual server configuration submodeClient redirect virtual server submode Optional Specifies that the IP address is disallowed No idle Idle redirect virtual server submodeIdle duration Redirect-vserver real server submode Inservice No inservice Inservice redirect virtual server submodeRedirect-vserver Show module csm vserver redirect Replicate csrp No replicate csrp Replicate csrp redirect virtual server submodeVserver Https Ssl redirect virtual server submodeNo ssl Ftp Redirect-vserver real server submode Virtual redirect virtual server submodeNo virtual vipaddress Show module csm vserver redirect Show module csm sticky Vlan redirect virtual server submodeSticky Sticky-group policy submode 301 Webhost backup redirect virtual server submodeWebhost backup backup-string301 No webhost backup 302 Webhost relocation redirect virtual server submode Reverse-sticky group-idno reverse-sticky Reverse-stickySticky Sticky-group policy submode Script file No script file Related Commands show module csm script Script name Script task100 Show module csm script Serverfarm Serverfarm serverfarm-name No serverfarm serverfarm-name Bindid bind-idno bindid SLB serverfarm configuration submodeBindid serverfarm submode Dfp This example shows how to add a description CSM release This command was introducedCat6k-2config-slb-sfarm#description Backup Server Farm Failaction purge reassign No failaction purge reassign Backup real real server submodeFailaction serverfarm submode Purge Dfp Script task Show module csm serverfarm Health serverfarm submode100 Nat client client-pool-name static Nat client serverfarm submode101 Source-mac Nat server serverfarm submodeNat server source-macno nat server 102 Predictor serverfarm submode 103 104 105 Probe serverfarm submode 106 Map retcode Retcode-map serverfarm submodeRetcode-mapretcodemapname no retcode-map Script task Show module csm serverfarm Real static NAT submode This example shows how to display static dataShow module csm Static Show module csm arp Mode rp onlyRelated Commands arp Show module csm slot arp Syntax Description Show module csm cappShow module csm capp udp details 110 111 State Explanation Show module csm conns112 Reqwait Related Commands module csmSynsrv 113 Agent WeightsShow module csm dfp Manager 115 Show module csm slot ft detail Mode rp onlyShow module csm ft 116 Header Show module csm mapUrl Name Map header map url module csm This example shows how to display return code mapsRelated Commands map cookie 118 Parse-length virtual server submode Show module csm memoryShow module csm slot memory vserver vserver-name detail 119 Show module csm slot natpool name pool-name detail Ip slb mode rp onlyShow module csm natpool Natpool module CSM submode Owner virtual server submode Show module csm ownerShow module csm slot owner name owner-name detail 121 Show module csm slot policy name policy-name Slb mode rp onlyShow module csm policy 122 Show module csm probe 123 Probe serverfarm submode 124 Probe serverfarm submode script probe submode Show module csm probe scriptShow module csm slot probe script name probe-name detail 125 126 Show module csm pvlanShow module csm slot pvlan Cat6k-2#show module csm 4 pvlan Sfarm Show module csm realShow module csm slot real sfarm sfarm-name detail This example shows Cisco IOS SLB real server data Field Description 128 129 Show module csm real retcodeShow module csm slot real retcode sfarm sfarm-name detail Cat6k-2#show module csm 5 real retcode Code Show module csm scriptShow module csm slot script name fullfileURL code 130 Show module csm slot script task index script-index detail This example shows how to display a running scriptShow module csm script task Index Show module csm slot serverfarm name serverfarm-name detail For ip slb mode rp onlyShow module csm serverfarm 132 133 FieldRedirect Bind id Cat6k-2#show mod csm 5 serverfarm detail Nat Show module csm staticDrop Virtual Pass-through Show module csm static server135 Real static NAT submode static 136 Show module csm slot stats This example shows how to display SLB statisticsShow module csm stats Statistics counters are 32-bit 3describes the fields in the display 138 Show module csm slot status This example shows how to display CSM statusShow module csm status 139 Groups Show module csm stickyShow module csm slot sticky groups client ipaddress 140 Sticky Sticky virtual server submode 4describes the fields in the display141 142 Show module csm tech-scriptShow module csm slot tech-script Cat6k-2#show module csm 4 tech-script Show module csm tech-support 143 144 Cat6k-2#show module csm 4 tech-support processor 145 Show module csm slot variable name name detail Variable commandShow module csm variable 146 147 Csm slot variable detail commandCat6k-2#show module csm 5 variable detail Server Show module csm vlanClient Vlan-id Related Commands vlan virtual server submode 149 Show module csm vserver redirect Redirect for ip slb mode rp onlyThis example shows how to display the CSM virtual servers Show module csm slot vserver redirect 151 Show module csm xml stats This example shows how to display the CSM XML statisticsRelated Commands xml-config Show module csm xml stats Active after detecting a failure in its fault tolerant peer Snmp enable traps slb ftSnmp enable traps slb ft no snmp enable traps slb ft This example shows how to enable fault tolerant traps Show module csm static StaticNat client serverfarm submode 154 Show module csm static SLB static NAT configuration submodeReal static NAT submode Static Sticky 156 Routerconfig-module-csm#variable Notimeoutipstickyentries Cat6k-2config-module-csm#sticky 5 header headername timeout157 Offset offset Cookie offset sticky submodeNo cookie offset Length length Cookie secondary name no cookie secondary This example shows how to specify a secondary sticky entryCookie secondary sticky submode Name Specifies a cookie name Offset value Header sticky submodeHeader offset value length value Length value Static sticky submode 161 Vserver 162 Redirect-vserver Advertise virtual server submodeServer as host route 163 Client virtual server submode Ip access-list standard164 Description virtual server submode Related Commands vserverCat6k-2config-slb-vserver#description Backup Server Farm 165 Domain virtual server submode This example shows how to set a domain name166 Idle virtual server submode This example shows how to specify an idle timer duration167 Virtual server is not in service Inservice virtual server submode168 Maxconns Owner virtual server submodeNo owner maxconns Advertise virtual server submode Parse-length bytes No parse-length Default is SLB virtual server configuration submodeParse-length virtual server submode Bytes Number of bytes the range is from 1 to Pending virtual server submode Pending timeout no pendingDefault pending timeout is 30 seconds 171 Persistent rebalance No persistent rebalance This example shows how to enable the Http 1.1 persistencePersistent rebalance virtual server submode 172 Connection Replicate csrp virtual server submodeSticky 173 Reverse-sticky group-id No reverse-sticky Reverse-sticky virtual server submode174 Serverfarm command BackupThreshold outservice realvalue inservice realvalue options Serverfarm virtual server submode Serverfarm policy submode Command176 No slb-policy policy-name Slb-policy virtual server submodeSlb-policypolicy-name priority priorityvalue 177 Offset Ssl-sticky virtual server submodeSsl-sticky offset X length Y No ssl-sticky Length Vservername Identifies the dependent virtual server Status-tracking virtual server submodeStatus-tracking vservername 179 Sticky virtual server submode 180 Reverse-sticky virtual server submode For connection coupling181 Related Commands show module csm vserver redirect No default unidirectionalDefault Unidirectional virtual server submode Predictor serverfarm submode Url-hash virtual server submode183 Virtual virtual server submode 184 185 186 Show module csm vlan Vlan virtual server submode Vlan virtual server submodeNo vlan 187 Client server VlanVlan vlan-numberclient server No vlan 188 Vlan Alias Vlan submodeAlias ip-address netmask No alias ip-address netmask Netmask Related Commands show module csm vlan vlan XML submode 190 Description Vlan submode Ip address Vlan submode SLB Vlan configuration submode191 Show module csm vlan Vlan virtual server submode Gateway Vlan submodeGateway ip-addressno gateway ip-address 192 Alt Ip address Vlan submodeNo ip address 193 Gw-ip-address Route Vlan submodeGateway 194 Client-group XML submode Xml-configXml-config no xml-config Credentials XML submode Vlan XML submode Client-group 1-99name Xml-configClient-group XML submode 196 No credentials user-name Credentials user-name passwordCredentials XML submode Client-group XML submode This example shows how to enable XML Inservice XML submodeDefaults Command Modes Xml-config No port Port XML submodePort port-number Port-number Sets the CSM port Vlan name Vlan XML submodeVlan id no vlan All VLANs are accepted Commands Specific to the Content Switching Module with SSL Service module Commands Submode Commands Ssl-proxy service Ssl-proxy vlan Ssl-proxy connection command without options Clear ssl-proxy conn service nameService name Clear ssl-proxy conn Clear ssl-proxy session service name Clear ssl-proxy session Clear ssl-proxy stats Des Crypto ca export pemTerminal 3des Importing CA certificate Exportable Crypto ca import pemUsage-keys Crypto ca export pem Tftp Crypto ca export pkcs12Pkcs12filename Page Crypto ca import pkcs12 Filename TP2? /users/admin-1/pkcs12/TP2.p12 This example shows how to import a PKCS12 file using SCPCrypto Keylabel Name of the key Crypto key export rsa pemOptional Specifies that the key can be exported Key nametest-keys UsageGeneral Purpose Key Null-Imports from the null file system Crypto key import rsa pemInstead of one general-purpose key pair System-Imports from the system file system Examples Debug ssl-proxy This example shows how to turn on IPC debugging This example shows how to turn on App debuggingThis example shows how to turn on FDU debugging This example shows how to turn on PKI debugging Ssl-proxy#debug ssl-proxy tcp This example shows how to turn on TCP debuggingThis example shows how to turn off TCP debugging Ssl-proxy#no debug ssl-proxy tcp Command EXEC-level command to be executed Do commandConfiguration mode Show ssl-proxy admin-info Show ssl-proxy admin-infoSsl-proxy#show ssl-proxy admin-info Show ssl-proxy buffers This command has no default settingsShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffers Optionally for a specific proxy service Show ssl-proxy certificate-history service nameService name Show ssl-proxy certificate-history Ssl-proxy# show ssl-proxy certificate-history Record 1, Timestamp000051, 163634 UTC Oct 31 Related Commands ssl-proxy service 4tuple Show ssl-proxy conn service nameShow ssl-proxy conn Remote Ssl-proxy#show ssl-proxy conn 200.200.1438814 58796 Brief Show ssl-proxy crash-infoShow ssl-proxy crash-info brief details Limited to processor registers Stack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy crash-info brief Module with SSL Show ssl-proxy mac addressShow ssl-proxy mac address Ssl-proxy#show ssl-proxy mac address Name Optional NAT pool name Show ssl-proxy natpoolShow ssl-proxy natpool name Ssl-proxy#show ssl-proxy natpool NP1 Http-header Show ssl-proxy policyShow ssl-proxy policy http-header ssl tcp url-rewrite name Url-rewrite MSS Name Optional Service name Show ssl-proxy serviceShow ssl-proxy service name Ssl-proxy#show ssl-proxy service Proxy status No Client VLAN, No Server Vlan Ssl-proxy# Show ssl-proxy stats type Show ssl-proxy statsStats This example shows how to display the PKI statistics Ssl-proxy#show ssl-proxy stats pki PKI Memory Usage Counters This example shows how to display the FDU statistics Ssl-proxy# show ssl-prox stats fdu Show ssl-proxy status Show ssl-proxy statusShow ssl-proxy status SSL cpu is alive Show ssl-proxy version Show ssl-proxy versionSsl-proxy#show ssl-proxy version Debug Show ssl-proxy vlanShow ssl-proxy vlan vlan-iddebug Optional Displays debug information Show ssl-proxy vts This command has no default settings Exec modeSsl-proxy#show ssl-proxy vlan Snmp-server enable Defaults Command Modes Command History Examples Ssl-proxy crypto selftest Seconds Global configurationThis example shows how to start a cryptographic self-test Time-interval Ssl-proxy mac address Related Commands show ssl-proxy mac addressSsl-proxy mac address mac-addr Related Commands show ssl-proxy natpool This example shows how to define a pool of IP addressesSsl-proxy natpool Ssl-proxy pki This example shows how to enable PKI event-history This example shows how to specify the cache sizeRelated Commands show ssl-proxy stats Ssl-proxy policy http-header http-header-policy-name Ssl-proxy policy http-headerHttp-header-policy-name Http header policy name Custom custom-string Ssl-proxy policy ssl ssl-policy-name Timeout session timeout absoluteSsl-proxy policy ssl Ssl-policy-name SSL policy name No session-cache enable RSAWITHRC4128SHA all No close-protocol enableDefault cipher close-protocol Timeout handshake timeout Ssl-proxy config# ssl-proxy policy ssl sslpl1 This example shows how to enable session-cacheThis example shows how to disable session-cache Ssl-proxyconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHA This example shows how to print out a help Ssl-proxy policy tcp Defaults are as followsTimeout reassembly is 60 seconds Ssl-proxy policy tcp tcp-policy-name No buffer-share rx buffer-limit-in-bytes No timeout syn timeout-in-secondsNo timeout reassembly time No buffer-share tx buffer-limit-in-bytes Related Commands show ssl-proxy policy Ssl-proxy policy url-rewrite Ssl-proxy policy url-rewrite url-rewrite-policy-name Ssl-proxy config# ssl-proxy policy url-rewrite test1 Ssl-proxyconfig-url-rewrite-policy# Ssl-proxy pool ca-pool-name This command has no arguments or keywordsSsl-proxy pool ca Ca-pool-name Certificate authority pool name Ssl-proxy service client command Ssl-proxy serviceSsl-proxy service ssl-proxy-nameclient Protocol protocol port portno subcommand Inservice Authenticate verify all signature-onlyDefault certificate inservice nat server Certificate rsa general-purpose trustpoint Ssl-proxy config-ssl-proxy# Related Commands show ssl-proxy service Exits from proxy-client configuration submode Ssl-proxy service clientDeclares a proxy client as administratively up Ssl-proxy config# ssl-proxy service S7 client Sslv2 keyword enables SSL versionApplies a URL rewrite policy to the proxy server Ssl-proxy config-ssl-proxy# server policy tcp tcppl1 Ssl-proxy ssl ratelimit Ssl-proxy config# ssl-proxy ssl ratelimitSsl-proxy config# no ssl-proxy ssl ratelimit Ssl-proxyy ssl ratelimit Ssl-proxy vlan vlan AdminSsl-proxy vlan Gateway prefix drop forward1 Standby ip Standby authenticationStandby delay minimum reload Standby mac-address Ssl-proxyconfig-vlan#route 210.0.207.0 255.0.0.0 gateway Ssl-proxyconfig-vlan#ipaddr 208.59.100.18Ssl-proxyconfig-vlan#ipaddr 10.1.0.20 Related Commands show ssl-proxy vlan Standby authentication Group-number is String is cisco Standby delay minimum reload Min-delay is 1 second Reload-delay is 5 seconds Show standby delay Ssl-proxyconfig-vlan#standby delay minimum 30 reload Standby ip Hsrp is disabled by defaultProxy-VLAN configuration submode Secondary Used by the hot standby group is learned using Hsrp No standby group-numbermac-address Standby mac-addressStandby group-numbermac-addressmac-address Mac-address MAC address That is used in the end nodes Ssl-proxyconfig-vlan#standby 1 mac-addressShow standby Standby mac-refresh Standby mac-refresh seconds no standby mac-refresh Standby name group-name No standby name group-name Hsrp is disabledStandby name Group-name Specifies the name of the standby group Reload delay DelayMinimum delay Sync delay Ssl-proxyconfig-vlan#standby preempt delay minimum Operation returns to the default behaviorLeaves any synchronization delay if it was configured Clients Standby group-numberpriority priority This example shows how to change the router priorityStandby priority No standby group-numberpriority priority Standby track Timers EnableDisable Standby redirects Ssl-proxyconfig-vlan#standby redirects timers 90 Related Commands show standbyShow standby redirect Standby timers Msec Interface ethernet Decrement priority Command commands and take action when the object changesStandby track Back up Related Commands standby preempt Router a ConfigurationRouter B Configuration Standby priority Standby use-bia scope interface No standby use-bia Standby use-biaScope interface OL-7029-01 Acronym Expansion CDP CbacCCA CEF Dscp DramDsap Dspu IDB ICDIcmp IDP Mdss MD5Mdix MFD Ospf OSIOSM PAE Rommon RmonROM RPC SVI STPSVC TACACS+ XNS Weighted round-robinWRR Xerox Network System OL-7029-01 Capp Capp UDPHttp IN-1 XML NATIN-2 IN-3 Gslb See FTPFTP IN-4 Secondary interface IN-5 Pool addresses ConfigurationIN-6 Gslb Http IN-7 Real server Backup Enabling IN-8 Smtp IN-9 URL TCPIN-10 IN-11 Credentials Enabling Port Statistics display Vlan IN-12