Ssl-proxy pool ca | Cisco Systems OL-7029-01 specification

Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy pool ca

ssl-proxy pool ca

To enter the certificate authority pool configuration submode, use the ssl-proxy pool ca command. In the certificate authority pool configuration submode, you can configure a certificate authority pool, which lists the CAs that the module can trust.

ssl-proxy pool ca-pool-name

Syntax Description		ca-pool-name	Certificate authority pool name.

Defaults		This command has no arguments or keywords.

Command Modes

Command History

Global configuration

Release	Modification
SSL Services Module	Support for this command was introduced on the Catalyst 6500 series
Release 2.1(1)	switches.

CSM-S release 1.1(1)	This command was introduced.

Usage Guidelines		Enter each certificate-authority pool configuration submode command on its own line.
		Table 3-7lists the commands that are available in certificate-authority pool configuration submode.
		Table 3-7	Proxy-policy TCP Configuration Submode Command Descriptions

		ca	Configures a certificate authority. The available subcommand is as follows:
			trustpoint ca-trustpoint-name—Configures a certificate-authority trustpoint.
			Use the no form of this command to return to the default setting.

		default	Sets a command to its default settings.

		exit	Exits from proxy-service configuration submode.

		help	Allows you to configure the connection-establishment timeout; valid values are
			from 5 to 75 seconds. Use the no form of this command to return to the default
			setting.


Examples		This example shows how to add a certificate-authority trustpoint to a pool:
		ssl-proxy (config)# ssl-proxy pool test1

ssl-proxy(config-ca-pool)# ca trustpoint test20 ssl-proxy(config-ca-pool)#

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

	OL-7029-01	3-65

Image 287

Cisco Systems OL-7029-01 manual Ssl-proxy pool ca-pool-name, Ca-pool-name Certificate authority pool name

Contents

Text Part Number OL-7029-01 Corporate HeadquartersPage Iii N T E N T S Hw-module csm standby config-sync2-21 Ip slb mode Map cookie Real Script file Vii Show module csm static server Viii Vlan virtual server submode Ssl-proxy policy url-rewrite Acronyms A-1 Chapter Title Description AudienceOrganization Boldface ConventionsConvention Description Boldface font Xiii Related DocumentationObtaining Documentation Xiv Documentation FeedbackCisco Product Security Overview Cisco Ordering tool Cisco Marketplace An emergency, you can also reach Psirt by telephone 877 408 Obtaining Technical Assistance Xvi Submitting a Service Request Xvii Obtaining Additional Publications and Information Xviii Command Task Using Content Switching Module Commands # prompt is displayed Command Modes Zero or more characters Submodes When you are in a submode, the prompt changes toRegular Expressions Expression Meaning Newline Ascii Alert AsciiBackspace Ascii Form-feed Ascii Content Switching Module with SSL Commands Release Modification Defaults Command Modes Command HistoryArp Vlan id Capp udp No capp udp Syntax Description DefaultsCommand Modes Command History Capp udp Related Commands port Capp UDP submode Encryption MD5 Related Commands capp udpOptions Capp UDP submode No options ipaddress Capp udp This example shows how to set the port for Capp connectionsPort Capp UDP submode Port portnum no port Secure No secure Secure Capp UDP submode Clear module csm Dfp No dfp password passwordPassword Related Commands show module csm dfp Manager DFP submode Show module csm dfp Agent DFP submodeDfp Agent DFP submode Syntax Description Defaults Command ModesManager DFP submode Manager port No manager Exit Exit No ft group Module CSM configuration submodeFt group Ft group group-id vlan vlan number Priority fault tolerant submode Failover fault tolerant submodeHeartbeat-time fault tolerant submode Preempt fault tolerant submode Ft group Failover fault tolerant submodeFailover failover-time No failover Show module csm ft Heartbeat-time fault tolerant submodeHeartbeat-time heartbeat-timeno heartbeat-time Ft group Preempt No preempt Preempt fault tolerant submodeRelated Commands ft group Value Priority fault tolerant submodePriority value alt value No priority Alt CSM Preempt fault tolerant submode Track fault tolerant submode Ip address Vlan submode priority fault tolerant submode Hw-module csm standby config-syncHw-module csm slot standby config-sync Syntax Description Defaults Command Modes Command History Keyword to select the route processor Cisco IOS SLB mode Ip slb modeIp slb mode csm rp no ip slb mode Csm On the Catalyst 6500 series switch Module csm Show ip slb mode Match protocol http cookie cookie map submode Map cookieCookie Cookie-map policy submode Map cookie Show module csm map Match protocol http cookie cookie map submodeCookie-value Match protocol dns domain DNS map submode DNS domains can be configured to a mapThis example shows how to group DNS domains Map dns Name Names the DNS domain being mapped SLB DNS map configuration submodeThis example shows how to add domains to a DNS map Match protocol dns domain DNS map submode Insert protocol http header header map submode Map headerMap name header no map name Header-map policy submode Header-map policy submode map header Show module csm map Insert protocol http header header map submodeHeader-value value Must be matched SLB header map configuration submodeMatch protocol http header header map submode Header-value expression Map name retcode No map name Keyword to enter the return error code map submodeThis command has no default settings CSM module submode Map retcode Action log Map retcode SLB policy configuration submodeMatch protocol http retcode return code map submode Action count Match protocol http url URL map submode Map urlMap url-map-name url no map url-map-name Url-map-name Map url Show module csm map url-map policy submode SLB URL map configuration submodeUsage Guidelines Examples Related Commands Match protocol http url URL map submode Module csm slot-number No module csm slot-number Slot-number Slot number where the CSM residesIp slb mode Module csm Show module csm natpool Natpool module CSM submodeNetmask netmask Nat client serverfarm submode Variable name value no variable name Name Default Valid Values DescriptionVariable module CSM submode Advertiserhifreq AggregatebackupsfstatetovNoresetunidirectionalflows Switchoverrpaction Show module csm variable Contact-info owner submode Maxconns owner submode OwnerOwner name no owner Billing-info owner submode Contact-info owner submode Billing-info owner submodeBilling-infobilling-address-information No billing-info String Owner’s information Contact-info owner submodeContact-info string no contact-info Accept further connections Maxconns owner submodeMaxconns number no maxconns Number Number of maximum connections to the owner object Show module csm owner All policies should be configured with a server farmPolicy Policy policy-name no policy policy-name Policy Show module csm owner Ip access-list standardClient-group policy submode No client-group Map cookie Cookie-map policy submodeCookie-mapcookie-map-name No cookie-map Map header Specified in the map header commandHeader-map policy submode Header-map name No header-map Natpool module CSM submode Nat client policy submodeNo nat client Static Serverfarm policy submode Serverfarm virtual server submode Policy Dscp-value Range is from 0 to Default is that the CSM does not store Dscp valuesSet ip dscp policy submode Set ip dscp dscp-valueno set ip dscp Show module csm owner Show module csm sticky Sticky This example shows how to configure a sticky groupSticky-group policy submode Sticky-group group-id No sticky-group Map url Default is no URL mapUrl-map policy submode Url-mapurl-map-name no url-map Probe Show module csm probe Probe Probe Address probe submodeNo address ip-address Routed Credentials probe submode Credentials username passwordSLB Http probe configuration submode This command is for Http probes Line Description text Description serverfarm submodeDescription line No description Expect status probe submode Enter the no expect status 34 99 command Related Commands probe Failed failed-interval no failed Default value for the failed interval is 300 secondsThis command is used for all probe types Failed probe submode Probe Show module csm probe Header probe submodeHeader field-name field-value No header field-name Interval seconds no interval Interval probe submode Name domain-name no name SLB DNS probe configuration submodeName probe submode Open probe submode Open open-timeout no openDefault value for the open timeout is 10 seconds SLB HTTP/TCP/FTP/Telnet/SMTP probe configuration submode Port-number Sets the port number Default value for the port number isPort probe submode Port port-number no port Receive probe submode Receive receive-timeout no receiveDefault value for a receive timeout is 10 seconds This command is available for all probe types except TCP This command is available for all probe types Recover probe submodeRecover recovervalue no recover Default value is Url path Request probe submodeMethod get Method head Retries retry-count no retries Default value for retries isRetries probe submode Failed probe submode Script probe submodeScript scriptname Scriptname Specifies a probe script Real ip-address port local No real ip-address port Default is no port translation for the real serverSLB serverfarm configuration submode Real Cat6k-2config-slb-sfarm# real Cat6k-2config-slb-real# Failaction serverfarm submode Backup real real server submodeBackup real ip name name port no backup real Name name Tag Health probe real server submodeHealth probe probe-nametag string No health probe Real Show module csm real Inservice real server submodeInservice standby No inservice Standby Command History Release Modification Minconns real server submode Maxconns real server submodeMaxconns max-conns no maxconns Real server falls below Minconns Maxconns real server submode real Show module csm real Default value is the set minumum number of connectionsMinconns real server submode Minconns min-consno minconns Traffic is not redirected to the server Redirect-vserver real server submodeRedirect-vserver name no redirect-vserver Predictor serverfarm submode Weight real server submodeWeight weighting-value no weight Weighting value default is Redirect-vserver name no redirect-vserver name This example shows how to name the virtual serverRedirect-vserver Advertise virtual server submode Advertise redirect virtual server submodeAdvertise active no advertise Active Optional Specifies that the IP address is disallowed SLB redirect virtual server configuration submodeClient redirect virtual server submode Exclude Redirect-vserver real server submode Idle redirect virtual server submodeIdle duration No idle Redirect-vserver Show module csm vserver redirect Inservice redirect virtual server submodeInservice No inservice Vserver Replicate csrp redirect virtual server submodeReplicate csrp No replicate csrp Ftp Ssl redirect virtual server submodeNo ssl Https Show module csm vserver redirect Virtual redirect virtual server submodeNo virtual vipaddress Redirect-vserver real server submode Sticky Sticky-group policy submode Vlan redirect virtual server submodeShow module csm sticky 302 Webhost backup redirect virtual server submodeWebhost backup backup-string301 No webhost backup 301 Webhost relocation redirect virtual server submode Sticky Sticky-group policy submode Reverse-stickyReverse-sticky group-idno reverse-sticky No script file Script file Related Commands show module csm script Show module csm script Script task100 Script name Serverfarm serverfarm-name No serverfarm serverfarm-name Serverfarm Dfp SLB serverfarm configuration submodeBindid serverfarm submode Bindid bind-idno bindid Cat6k-2config-slb-sfarm#description Backup Server Farm CSM release This command was introducedThis example shows how to add a description Purge Backup real real server submodeFailaction serverfarm submode Failaction purge reassign No failaction purge reassign 100 Health serverfarm submodeDfp Script task Show module csm serverfarm 101 Nat client serverfarm submodeNat client client-pool-name static 102 Nat server serverfarm submodeNat server source-macno nat server Source-mac 103 Predictor serverfarm submode 104 105 106 Probe serverfarm submode Script task Show module csm serverfarm Retcode-map serverfarm submodeRetcode-mapretcodemapname no retcode-map Map retcode Static This example shows how to display static dataShow module csm Real static NAT submode Show module csm slot arp Mode rp onlyRelated Commands arp Show module csm arp 110 Show module csm cappShow module csm capp udp details Syntax Description 111 112 Show module csm connsState Explanation 113 Related Commands module csmSynsrv Reqwait Manager WeightsShow module csm dfp Agent 115 116 Mode rp onlyShow module csm ft Show module csm slot ft detail Name Show module csm mapUrl Header 118 This example shows how to display return code mapsRelated Commands map cookie Map header map url module csm 119 Show module csm memoryShow module csm slot memory vserver vserver-name detail Parse-length virtual server submode Natpool module CSM submode Ip slb mode rp onlyShow module csm natpool Show module csm slot natpool name pool-name detail 121 Show module csm ownerShow module csm slot owner name owner-name detail Owner virtual server submode 122 Slb mode rp onlyShow module csm policy Show module csm slot policy name policy-name 123 Show module csm probe 124 Probe serverfarm submode 125 Show module csm probe scriptShow module csm slot probe script name probe-name detail Probe serverfarm submode script probe submode Cat6k-2#show module csm 4 pvlan Show module csm pvlanShow module csm slot pvlan 126 This example shows Cisco IOS SLB real server data Show module csm realShow module csm slot real sfarm sfarm-name detail Sfarm 128 Field Description Cat6k-2#show module csm 5 real retcode Show module csm real retcodeShow module csm slot real retcode sfarm sfarm-name detail 129 130 Show module csm scriptShow module csm slot script name fullfileURL code Code Index This example shows how to display a running scriptShow module csm script task Show module csm slot script task index script-index detail 132 For ip slb mode rp onlyShow module csm serverfarm Show module csm slot serverfarm name serverfarm-name detail Cat6k-2#show mod csm 5 serverfarm detail FieldRedirect Bind id 133 Virtual Show module csm staticDrop Nat 135 Show module csm static serverPass-through 136 Real static NAT submode static Statistics counters are 32-bit This example shows how to display SLB statisticsShow module csm stats Show module csm slot stats 138 3describes the fields in the display 139 This example shows how to display CSM statusShow module csm status Show module csm slot status 140 Show module csm stickyShow module csm slot sticky groups client ipaddress Groups 141 4describes the fields in the displaySticky Sticky virtual server submode Cat6k-2#show module csm 4 tech-script Show module csm tech-scriptShow module csm slot tech-script 142 143 Show module csm tech-support Cat6k-2#show module csm 4 tech-support processor 144 145 146 Variable commandShow module csm variable Show module csm slot variable name name detail Cat6k-2#show module csm 5 variable detail Csm slot variable detail command147 Vlan-id Show module csm vlanClient Server 149 Related Commands vlan virtual server submode Show module csm slot vserver redirect Redirect for ip slb mode rp onlyThis example shows how to display the CSM virtual servers Show module csm vserver redirect 151 Show module csm xml stats This example shows how to display the CSM XML statisticsRelated Commands xml-config Show module csm xml stats This example shows how to enable fault tolerant traps Snmp enable traps slb ftSnmp enable traps slb ft no snmp enable traps slb ft Active after detecting a failure in its fault tolerant peer 154 StaticNat client serverfarm submode Show module csm static Static SLB static NAT configuration submodeReal static NAT submode Show module csm static 156 Sticky 157 Cat6k-2config-module-csm#sticky 5 header headername timeoutRouterconfig-module-csm#variable Notimeoutipstickyentries Length length Cookie offset sticky submodeNo cookie offset Offset offset Name Specifies a cookie name This example shows how to specify a secondary sticky entryCookie secondary sticky submode Cookie secondary name no cookie secondary Length value Header sticky submodeHeader offset value length value Offset value 161 Static sticky submode 162 Vserver 163 Advertise virtual server submodeServer as host route Redirect-vserver 164 Ip access-list standardClient virtual server submode 165 Related Commands vserverCat6k-2config-slb-vserver#description Backup Server Farm Description virtual server submode 166 This example shows how to set a domain nameDomain virtual server submode 167 This example shows how to specify an idle timer durationIdle virtual server submode 168 Inservice virtual server submodeVirtual server is not in service Advertise virtual server submode Owner virtual server submodeNo owner maxconns Maxconns Bytes Number of bytes the range is from 1 to Default is SLB virtual server configuration submodeParse-length virtual server submode Parse-length bytes No parse-length 171 Pending timeout no pendingDefault pending timeout is 30 seconds Pending virtual server submode 172 This example shows how to enable the Http 1.1 persistencePersistent rebalance virtual server submode Persistent rebalance No persistent rebalance 173 Replicate csrp virtual server submodeSticky Connection 174 Reverse-sticky virtual server submodeReverse-sticky group-id No reverse-sticky Serverfarm virtual server submode BackupThreshold outservice realvalue inservice realvalue options Serverfarm command 176 CommandServerfarm policy submode 177 Slb-policy virtual server submodeSlb-policypolicy-name priority priorityvalue No slb-policy policy-name Length Ssl-sticky virtual server submodeSsl-sticky offset X length Y No ssl-sticky Offset 179 Status-tracking virtual server submodeStatus-tracking vservername Vservername Identifies the dependent virtual server 180 Sticky virtual server submode 181 For connection couplingReverse-sticky virtual server submode Unidirectional virtual server submode No default unidirectionalDefault Related Commands show module csm vserver redirect 183 Url-hash virtual server submodePredictor serverfarm submode 184 Virtual virtual server submode 185 186 187 Vlan virtual server submodeNo vlan Show module csm vlan Vlan virtual server submode 188 VlanVlan vlan-numberclient server No vlan Client server Netmask Alias Vlan submodeAlias ip-address netmask No alias ip-address netmask Vlan 190 Related Commands show module csm vlan vlan XML submode 191 Ip address Vlan submode SLB Vlan configuration submodeDescription Vlan submode 192 Gateway Vlan submodeGateway ip-addressno gateway ip-address Show module csm vlan Vlan virtual server submode 193 Ip address Vlan submodeNo ip address Alt 194 Route Vlan submodeGateway Gw-ip-address Credentials XML submode Vlan XML submode Xml-configXml-config no xml-config Client-group XML submode 196 Xml-configClient-group XML submode Client-group 1-99name Client-group XML submode Credentials user-name passwordCredentials XML submode No credentials user-name Xml-config Inservice XML submodeDefaults Command Modes This example shows how to enable XML Port-number Sets the CSM port Port XML submodePort port-number No port All VLANs are accepted Vlan XML submodeVlan id no vlan Vlan name Commands Specific to the Content Switching Module with SSL Service module Commands Submode Commands Ssl-proxy vlan Ssl-proxy service Clear ssl-proxy conn Clear ssl-proxy conn service nameService name Ssl-proxy connection command without options Clear ssl-proxy session Clear ssl-proxy session service name Clear ssl-proxy stats 3des Crypto ca export pemTerminal Des Importing CA certificate Usage-keys Crypto ca import pemExportable Crypto ca export pem Pkcs12filename Crypto ca export pkcs12Tftp Page Crypto ca import pkcs12 Crypto This example shows how to import a PKCS12 file using SCPFilename TP2? /users/admin-1/pkcs12/TP2.p12 Optional Specifies that the key can be exported Crypto key export rsa pemKeylabel Name of the key Key nametest-keys UsageGeneral Purpose Key System-Imports from the system file system Crypto key import rsa pemInstead of one general-purpose key pair Null-Imports from the null file system Examples Debug ssl-proxy This example shows how to turn on PKI debugging This example shows how to turn on App debuggingThis example shows how to turn on FDU debugging This example shows how to turn on IPC debugging Ssl-proxy#no debug ssl-proxy tcp This example shows how to turn on TCP debuggingThis example shows how to turn off TCP debugging Ssl-proxy#debug ssl-proxy tcp Configuration mode Do commandCommand EXEC-level command to be executed Ssl-proxy#show ssl-proxy admin-info Show ssl-proxy admin-infoShow ssl-proxy admin-info Ssl-proxy#show ssl-proxy buffers This command has no default settingsShow ssl-proxy buffers Show ssl-proxy buffers Show ssl-proxy certificate-history Show ssl-proxy certificate-history service nameService name Optionally for a specific proxy service Record 1, Timestamp000051, 163634 UTC Oct 31 Ssl-proxy# show ssl-proxy certificate-history Related Commands ssl-proxy service Remote Show ssl-proxy conn service nameShow ssl-proxy conn 4tuple Ssl-proxy#show ssl-proxy conn 200.200.1438814 58796 Limited to processor registers Show ssl-proxy crash-infoShow ssl-proxy crash-info brief details Brief Ssl-proxy#show ssl-proxy crash-info brief Stack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy mac address Show ssl-proxy mac addressShow ssl-proxy mac address Module with SSL Ssl-proxy#show ssl-proxy natpool NP1 Show ssl-proxy natpoolShow ssl-proxy natpool name Name Optional NAT pool name Url-rewrite Show ssl-proxy policyShow ssl-proxy policy http-header ssl tcp url-rewrite name Http-header MSS Ssl-proxy#show ssl-proxy service Show ssl-proxy serviceShow ssl-proxy service name Name Optional Service name Proxy status No Client VLAN, No Server Vlan Ssl-proxy# Stats Show ssl-proxy statsShow ssl-proxy stats type Ssl-proxy#show ssl-proxy stats pki PKI Memory Usage Counters This example shows how to display the PKI statistics Ssl-proxy# show ssl-prox stats fdu This example shows how to display the FDU statistics Show ssl-proxy status Show ssl-proxy statusShow ssl-proxy status SSL cpu is alive Ssl-proxy#show ssl-proxy version Show ssl-proxy versionShow ssl-proxy version Optional Displays debug information Show ssl-proxy vlanShow ssl-proxy vlan vlan-iddebug Debug Ssl-proxy#show ssl-proxy vlan This command has no default settings Exec modeShow ssl-proxy vts Defaults Command Modes Command History Examples Snmp-server enable Time-interval Seconds Global configurationThis example shows how to start a cryptographic self-test Ssl-proxy crypto selftest Ssl-proxy mac address mac-addr Related Commands show ssl-proxy mac addressSsl-proxy mac address Ssl-proxy natpool This example shows how to define a pool of IP addressesRelated Commands show ssl-proxy natpool Ssl-proxy pki Related Commands show ssl-proxy stats This example shows how to specify the cache sizeThis example shows how to enable PKI event-history Http-header-policy-name Http header policy name Ssl-proxy policy http-headerSsl-proxy policy http-header http-header-policy-name Custom custom-string Ssl-policy-name SSL policy name Timeout session timeout absoluteSsl-proxy policy ssl Ssl-proxy policy ssl ssl-policy-name Timeout handshake timeout RSAWITHRC4128SHA all No close-protocol enableDefault cipher close-protocol No session-cache enable Ssl-proxyconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHA This example shows how to enable session-cacheThis example shows how to disable session-cache Ssl-proxy config# ssl-proxy policy ssl sslpl1 This example shows how to print out a help Ssl-proxy policy tcp tcp-policy-name Defaults are as followsTimeout reassembly is 60 seconds Ssl-proxy policy tcp No buffer-share tx buffer-limit-in-bytes No timeout syn timeout-in-secondsNo timeout reassembly time No buffer-share rx buffer-limit-in-bytes Related Commands show ssl-proxy policy Ssl-proxy policy url-rewrite url-rewrite-policy-name Ssl-proxy policy url-rewrite Ssl-proxyconfig-url-rewrite-policy# Ssl-proxy config# ssl-proxy policy url-rewrite test1 Ca-pool-name Certificate authority pool name This command has no arguments or keywordsSsl-proxy pool ca Ssl-proxy pool ca-pool-name Protocol protocol port portno subcommand Ssl-proxy serviceSsl-proxy service ssl-proxy-nameclient Ssl-proxy service client command Certificate rsa general-purpose trustpoint Authenticate verify all signature-onlyDefault certificate inservice nat server Inservice Ssl-proxy config-ssl-proxy# Related Commands show ssl-proxy service Declares a proxy client as administratively up Ssl-proxy service clientExits from proxy-client configuration submode Applies a URL rewrite policy to the proxy server Sslv2 keyword enables SSL versionSsl-proxy config# ssl-proxy service S7 client Ssl-proxy config-ssl-proxy# server policy tcp tcppl1 Ssl-proxyy ssl ratelimit Ssl-proxy config# ssl-proxy ssl ratelimitSsl-proxy config# no ssl-proxy ssl ratelimit Ssl-proxy ssl ratelimit Gateway prefix drop forward1 AdminSsl-proxy vlan Ssl-proxy vlan vlan Standby mac-address Standby authenticationStandby delay minimum reload Standby ip Ssl-proxyconfig-vlan#ipaddr 10.1.0.20 Ssl-proxyconfig-vlan#ipaddr 208.59.100.18Ssl-proxyconfig-vlan#route 210.0.207.0 255.0.0.0 gateway Related Commands show ssl-proxy vlan Group-number is String is cisco Standby authentication Min-delay is 1 second Reload-delay is 5 seconds Standby delay minimum reload Ssl-proxyconfig-vlan#standby delay minimum 30 reload Show standby delay Secondary Hsrp is disabled by defaultProxy-VLAN configuration submode Standby ip Used by the hot standby group is learned using Hsrp Mac-address MAC address Standby mac-addressStandby group-numbermac-addressmac-address No standby group-numbermac-address Show standby Ssl-proxyconfig-vlan#standby 1 mac-addressThat is used in the end nodes Standby mac-refresh seconds no standby mac-refresh Standby mac-refresh Group-name Specifies the name of the standby group Hsrp is disabledStandby name Standby name group-name No standby name group-name Sync delay DelayMinimum delay Reload delay Clients Operation returns to the default behaviorLeaves any synchronization delay if it was configured Ssl-proxyconfig-vlan#standby preempt delay minimum No standby group-numberpriority priority This example shows how to change the router priorityStandby priority Standby group-numberpriority priority Standby track Standby redirects EnableDisable Timers Show standby redirect Related Commands show standbySsl-proxyconfig-vlan#standby redirects timers 90 Msec Standby timers Interface ethernet Back up Command commands and take action when the object changesStandby track Decrement priority Standby priority Router a ConfigurationRouter B Configuration Related Commands standby preempt Scope interface Standby use-biaStandby use-bia scope interface No standby use-bia OL-7029-01 Acronym Expansion CEF CbacCCA CDP Dspu DramDsap Dscp IDP ICDIcmp IDB MFD MD5Mdix Mdss PAE OSIOSM Ospf RPC RmonROM Rommon TACACS+ STPSVC SVI Xerox Network System Weighted round-robinWRR XNS OL-7029-01 IN-1 Capp UDPHttp Capp IN-2 NATXML IN-3 IN-4 See FTPFTP Gslb IN-5 Secondary interface IN-6 ConfigurationPool addresses IN-7 Gslb Http IN-8 Real server Backup Enabling IN-9 Smtp IN-10 TCPURL IN-11 IN-12 Credentials Enabling Port Statistics display Vlan