Manuals / Cisco Systems / Computer Equipment / Switch

Cisco Systems OL-7029-01 manual Ssl-proxy service ssl-proxy-nameclient

Models: OL-7029-01

1 342

Download 342 pages 1.49 Kb

Page 288

Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy service

ssl-proxy service

To enter the proxy-service configuration submode, use the ssl-proxy-servicecommand.

ssl-proxy service ssl-proxy-name[client]

Syntax Description	ssl-proxy-name	SSL proxy name.
	client	(Optional) Allows you to configure the SSL-client proxy services. See the
		ssl-proxy service client command.

Defaults

Command Modes

Command History

Server NAT is enabled, and client NAT is disabled.

Global configuration

Release	Modification
Cisco IOS Release	Support for this command was introduced on the Catalyst 6500 series
12.1(13)E and	switches.
SSL Services Module
Release 1.1(1)

SSL Services Module	This command was changed to include the following keywords:
Release 2.1(1)	• authenticate—Configures the certificate verification method.

	• client—Configures the SSL-client proxy services.
	• policy urlrewrite—Applies a URL rewrite policy to a proxy server.
	• sslv2—Enables SSL version 2; see the server ipaddr ip-addr
	protocol protocol port portno subcommand.
	• trusted-caca-pool-name—Applies the trusted certificate authority
	configuration to a proxy server.

CSM-S release 1.1(1)	This command was introduced.

Usage Guidelines In proxy-service configuration submode, you can configure the virtual IP address and port that is associated with the proxy service and the associated target IP address and port. You can also define TCP and SSL policies for both the client side (beginning with the virtual keyword) and the server side of the proxy (beginning with the server keyword).

In client proxy-service configuration submode, you specify thattheproxy serviceacceptclear-texttraffic, encryptitinto SSL traffic,and forward itto theback-end SSL server.

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

3-66	OL-7029-01

Image 288

Cisco Systems OL-7029-01 manual Ssl-proxy service ssl-proxy-nameclient, Ssl-proxy-name SSL proxy name

Contents

Corporate Headquarters Text Part Number OL-7029-01Page N T E N T S IiiHw-module csm standby config-sync2-21 Ip slb mode Map cookie Real Script file Show module csm static server ViiVlan virtual server submode ViiiSsl-proxy policy url-rewrite Acronyms A-1 Audience OrganizationChapter Title Description Conventions Convention DescriptionBoldface font BoldfaceRelated Documentation Obtaining DocumentationXiii Documentation Feedback Cisco Product Security OverviewCisco Ordering tool Cisco Marketplace XivObtaining Technical Assistance An emergency, you can also reach Psirt by telephone 877 408Submitting a Service Request XviObtaining Additional Publications and Information XviiXviii Using Content Switching Module Commands Command TaskCommand Modes # prompt is displayedSubmodes When you are in a submode, the prompt changes to Regular ExpressionsExpression Meaning Zero or more charactersAlert Ascii Backspace AsciiForm-feed Ascii Newline AsciiContent Switching Module with SSL Commands Defaults Command Modes Command History ArpVlan id Release ModificationSyntax Description Defaults Command Modes Command HistoryCapp udp Capp udp No capp udpRelated Commands port Capp UDP submode Related Commands capp udp Options Capp UDP submodeNo options ipaddress Encryption MD5This example shows how to set the port for Capp connections Port Capp UDP submodePort portnum no port Capp udpSecure Capp UDP submode Secure No secureClear module csm No dfp password password PasswordDfp Related Commands show module csm dfp Agent DFP submode DfpManager DFP submode Show module csm dfp Syntax Description Defaults Command Modes Manager DFP submodeManager port No manager Agent DFP submodeExit ExitModule CSM configuration submode Ft groupFt group group-id vlan vlan number No ft groupFailover fault tolerant submode Heartbeat-time fault tolerant submodePreempt fault tolerant submode Priority fault tolerant submodeFailover fault tolerant submode Failover failover-timeNo failover Ft groupHeartbeat-time fault tolerant submode Heartbeat-time heartbeat-timeno heartbeat-timeFt group Show module csm ftPreempt fault tolerant submode Related Commands ft groupPreempt No preempt Priority fault tolerant submode Priority value alt value No priority AltCSM ValueTrack fault tolerant submode Preempt fault tolerant submodeHw-module csm standby config-sync Hw-module csm slot standby config-syncSyntax Description Defaults Command Modes Command History Ip address Vlan submode priority fault tolerant submodeIp slb mode Ip slb mode csm rp no ip slb mode CsmOn the Catalyst 6500 series switch Keyword to select the route processor Cisco IOS SLB modeShow ip slb mode Module csmMap cookie CookieCookie-map policy submode Match protocol http cookie cookie map submodeMatch protocol http cookie cookie map submode Cookie-valueMap cookie Show module csm map DNS domains can be configured to a map This example shows how to group DNS domainsMap dns Match protocol dns domain DNS map submodeSLB DNS map configuration submode This example shows how to add domains to a DNS mapMatch protocol dns domain DNS map submode Name Names the DNS domain being mappedMap header Map name header no map nameHeader-map policy submode Insert protocol http header header map submodeInsert protocol http header header map submode Header-value valueHeader-map policy submode map header Show module csm map SLB header map configuration submode Match protocol http header header map submodeHeader-value expression Must be matchedKeyword to enter the return error code map submode This command has no default settings CSM module submodeMap retcode Map name retcode No map nameMap retcode SLB policy configuration submode Match protocol http retcode return code map submodeAction count Action logMap url Map url-map-name url no map url-map-nameUrl-map-name Match protocol http url URL map submodeSLB URL map configuration submode Usage Guidelines Examples Related CommandsMatch protocol http url URL map submode Map url Show module csm map url-map policy submodeSlot-number Slot number where the CSM resides Ip slb modeModule csm Module csm slot-number No module csm slot-numberNatpool module CSM submode Netmask netmaskNat client serverfarm submode Show module csm natpoolName Default Valid Values Description Variable module CSM submodeVariable name value no variable name Aggregatebackupsfstatetov NoresetunidirectionalflowsSwitchoverrpaction AdvertiserhifreqShow module csm variable Owner Owner name no ownerBilling-info owner submode Contact-info owner submode Maxconns owner submodeBilling-info owner submode Billing-infobilling-address-informationNo billing-info Contact-info owner submodeContact-info owner submode Contact-info string no contact-infoString Owner’s information Maxconns owner submode Maxconns number no maxconnsNumber Number of maximum connections to the owner object Accept further connectionsAll policies should be configured with a server farm PolicyPolicy policy-name no policy policy-name Show module csm ownerIp access-list standard Client-group policy submodeNo client-group Policy Show module csm ownerCookie-map policy submode Cookie-mapcookie-map-nameNo cookie-map Map cookieSpecified in the map header command Header-map policy submodeHeader-map name No header-map Map headerNat client policy submode No nat clientStatic Natpool module CSM submodeServerfarm policy submode Policy Serverfarm virtual server submodeDefault is that the CSM does not store Dscp values Set ip dscp policy submodeSet ip dscp dscp-valueno set ip dscp Dscp-value Range is from 0 toThis example shows how to configure a sticky group Sticky-group policy submodeSticky-group group-id No sticky-group Show module csm owner Show module csm sticky StickyDefault is no URL map Url-map policy submodeUrl-mapurl-map-name no url-map Map urlProbe Probe Show module csm probeAddress probe submode No address ip-addressRouted ProbeCredentials username password SLB Http probe configuration submodeThis command is for Http probes Credentials probe submodeDescription serverfarm submode Description line No descriptionLine Description text Enter the no expect status 34 99 command Expect status probe submodeRelated Commands probe Default value for the failed interval is 300 seconds This command is used for all probe typesFailed probe submode Failed failed-interval no failedHeader probe submode Header field-name field-valueNo header field-name Probe Show module csm probeInterval probe submode Interval seconds no intervalSLB DNS probe configuration submode Name probe submodeName domain-name no name Open open-timeout no open Default value for the open timeout is 10 secondsSLB HTTP/TCP/FTP/Telnet/SMTP probe configuration submode Open probe submodeDefault value for the port number is Port probe submodePort port-number no port Port-number Sets the port numberReceive receive-timeout no receive Default value for a receive timeout is 10 secondsThis command is available for all probe types except TCP Receive probe submodeRecover probe submode Recover recovervalue no recoverDefault value is This command is available for all probe typesRequest probe submode Method getMethod head Url pathDefault value for retries is Retries probe submodeRetries retry-count no retries Script probe submode Script scriptnameScriptname Specifies a probe script Failed probe submodeDefault is no port translation for the real server SLB serverfarm configuration submodeReal Real ip-address port local No real ip-address portCat6k-2config-slb-sfarm# real Cat6k-2config-slb-real# Backup real real server submode Backup real ip name name port no backup realName name Failaction serverfarm submodeHealth probe real server submode Health probe probe-nametag stringNo health probe TagInservice real server submode Inservice standby No inservice StandbyCommand History Release Modification Real Show module csm realMaxconns real server submode Maxconns max-conns no maxconnsReal server falls below Minconns Minconns real server submodeDefault value is the set minumum number of connections Minconns real server submodeMinconns min-consno minconns Maxconns real server submode real Show module csm realRedirect-vserver real server submode Redirect-vserver name no redirect-vserverTraffic is not redirected to the server Weight real server submode Weight weighting-value no weightWeighting value default is Predictor serverfarm submodeThis example shows how to name the virtual server Redirect-vserverRedirect-vserver name no redirect-vserver name Advertise redirect virtual server submode Advertise active no advertiseActive Advertise virtual server submodeSLB redirect virtual server configuration submode Client redirect virtual server submodeExclude Optional Specifies that the IP address is disallowedIdle redirect virtual server submode Idle durationNo idle Redirect-vserver real server submodeInservice redirect virtual server submode Inservice No inserviceRedirect-vserver Show module csm vserver redirect Replicate csrp redirect virtual server submode Replicate csrp No replicate csrpVserver Ssl redirect virtual server submode No sslHttps FtpVirtual redirect virtual server submode No virtual vipaddressRedirect-vserver real server submode Show module csm vserver redirectVlan redirect virtual server submode Show module csm stickySticky Sticky-group policy submode Webhost backup redirect virtual server submode Webhost backup backup-string301 No webhost backup301 302Webhost relocation redirect virtual server submode Reverse-sticky Reverse-sticky group-idno reverse-stickySticky Sticky-group policy submode Script file No script fileRelated Commands show module csm script Script task 100Script name Show module csm scriptServerfarm Serverfarm serverfarm-name No serverfarm serverfarm-nameSLB serverfarm configuration submode Bindid serverfarm submodeBindid bind-idno bindid DfpCSM release This command was introduced This example shows how to add a descriptionCat6k-2config-slb-sfarm#description Backup Server Farm Backup real real server submode Failaction serverfarm submodeFailaction purge reassign No failaction purge reassign PurgeHealth serverfarm submode Dfp Script task Show module csm serverfarm100 Nat client serverfarm submode Nat client client-pool-name static101 Nat server serverfarm submode Nat server source-macno nat serverSource-mac 102Predictor serverfarm submode 103104 105 Probe serverfarm submode 106Retcode-map serverfarm submode Retcode-mapretcodemapname no retcode-mapMap retcode Script task Show module csm serverfarmThis example shows how to display static data Show module csmReal static NAT submode StaticMode rp only Related Commands arpShow module csm arp Show module csm slot arpShow module csm capp Show module csm capp udp detailsSyntax Description 110111 Show module csm conns State Explanation112 Related Commands module csm SynsrvReqwait 113Weights Show module csm dfpAgent Manager115 Mode rp only Show module csm ftShow module csm slot ft detail 116Show module csm map UrlHeader NameThis example shows how to display return code maps Related Commands map cookieMap header map url module csm 118Show module csm memory Show module csm slot memory vserver vserver-name detailParse-length virtual server submode 119Ip slb mode rp only Show module csm natpoolShow module csm slot natpool name pool-name detail Natpool module CSM submodeShow module csm owner Show module csm slot owner name owner-name detailOwner virtual server submode 121Slb mode rp only Show module csm policyShow module csm slot policy name policy-name 122Show module csm probe 123Probe serverfarm submode 124Show module csm probe script Show module csm slot probe script name probe-name detailProbe serverfarm submode script probe submode 125Show module csm pvlan Show module csm slot pvlan126 Cat6k-2#show module csm 4 pvlanShow module csm real Show module csm slot real sfarm sfarm-name detailSfarm This example shows Cisco IOS SLB real server dataField Description 128Show module csm real retcode Show module csm slot real retcode sfarm sfarm-name detail129 Cat6k-2#show module csm 5 real retcodeShow module csm script Show module csm slot script name fullfileURL codeCode 130This example shows how to display a running script Show module csm script taskShow module csm slot script task index script-index detail IndexFor ip slb mode rp only Show module csm serverfarmShow module csm slot serverfarm name serverfarm-name detail 132Field Redirect Bind id133 Cat6k-2#show mod csm 5 serverfarm detailShow module csm static DropNat VirtualShow module csm static server Pass-through135 Real static NAT submode static 136This example shows how to display SLB statistics Show module csm statsShow module csm slot stats Statistics counters are 32-bit3describes the fields in the display 138This example shows how to display CSM status Show module csm statusShow module csm slot status 139Show module csm sticky Show module csm slot sticky groups client ipaddressGroups 1404describes the fields in the display Sticky Sticky virtual server submode141 Show module csm tech-script Show module csm slot tech-script142 Cat6k-2#show module csm 4 tech-scriptShow module csm tech-support 143144 Cat6k-2#show module csm 4 tech-support processor145 Variable command Show module csm variableShow module csm slot variable name name detail 146Csm slot variable detail command 147Cat6k-2#show module csm 5 variable detail Show module csm vlan ClientServer Vlan-idRelated Commands vlan virtual server submode 149Redirect for ip slb mode rp only This example shows how to display the CSM virtual serversShow module csm vserver redirect Show module csm slot vserver redirect151 This example shows how to display the CSM XML statistics Related Commands xml-configShow module csm xml stats Show module csm xml statsSnmp enable traps slb ft Snmp enable traps slb ft no snmp enable traps slb ftActive after detecting a failure in its fault tolerant peer This example shows how to enable fault tolerant trapsStatic Nat client serverfarm submodeShow module csm static 154SLB static NAT configuration submode Real static NAT submodeShow module csm static StaticSticky 156Cat6k-2config-module-csm#sticky 5 header headername timeout Routerconfig-module-csm#variable Notimeoutipstickyentries157 Cookie offset sticky submode No cookie offsetOffset offset Length lengthThis example shows how to specify a secondary sticky entry Cookie secondary sticky submodeCookie secondary name no cookie secondary Name Specifies a cookie nameHeader sticky submode Header offset value length valueOffset value Length valueStatic sticky submode 161Vserver 162Advertise virtual server submode Server as host routeRedirect-vserver 163Ip access-list standard Client virtual server submode164 Related Commands vserver Cat6k-2config-slb-vserver#description Backup Server FarmDescription virtual server submode 165This example shows how to set a domain name Domain virtual server submode166 This example shows how to specify an idle timer duration Idle virtual server submode167 Inservice virtual server submode Virtual server is not in service168 Owner virtual server submode No owner maxconnsMaxconns Advertise virtual server submodeDefault is SLB virtual server configuration submode Parse-length virtual server submodeParse-length bytes No parse-length Bytes Number of bytes the range is from 1 toPending timeout no pending Default pending timeout is 30 secondsPending virtual server submode 171This example shows how to enable the Http 1.1 persistence Persistent rebalance virtual server submodePersistent rebalance No persistent rebalance 172Replicate csrp virtual server submode StickyConnection 173Reverse-sticky virtual server submode Reverse-sticky group-id No reverse-sticky174 Backup Threshold outservice realvalue inservice realvalue optionsServerfarm command Serverfarm virtual server submodeCommand Serverfarm policy submode176 Slb-policy virtual server submode Slb-policypolicy-name priority priorityvalueNo slb-policy policy-name 177Ssl-sticky virtual server submode Ssl-sticky offset X length Y No ssl-stickyOffset LengthStatus-tracking virtual server submode Status-tracking vservernameVservername Identifies the dependent virtual server 179Sticky virtual server submode 180For connection coupling Reverse-sticky virtual server submode181 No default unidirectional DefaultRelated Commands show module csm vserver redirect Unidirectional virtual server submodeUrl-hash virtual server submode Predictor serverfarm submode183 Virtual virtual server submode 184185 186 Vlan virtual server submode No vlanShow module csm vlan Vlan virtual server submode 187Vlan Vlan vlan-numberclient server No vlanClient server 188Alias Vlan submode Alias ip-address netmask No alias ip-address netmaskVlan NetmaskRelated Commands show module csm vlan vlan XML submode 190Ip address Vlan submode SLB Vlan configuration submode Description Vlan submode191 Gateway Vlan submode Gateway ip-addressno gateway ip-addressShow module csm vlan Vlan virtual server submode 192Ip address Vlan submode No ip addressAlt 193Route Vlan submode GatewayGw-ip-address 194Xml-config Xml-config no xml-configClient-group XML submode Credentials XML submode Vlan XML submodeXml-config Client-group XML submodeClient-group 1-99name 196Credentials user-name password Credentials XML submodeNo credentials user-name Client-group XML submodeInservice XML submode Defaults Command ModesThis example shows how to enable XML Xml-configPort XML submode Port port-numberNo port Port-number Sets the CSM portVlan XML submode Vlan id no vlanVlan name All VLANs are acceptedCommands Specific to the Content Switching Module with SSL Service module Commands Submode Commands Ssl-proxy service Ssl-proxy vlanClear ssl-proxy conn service name Service nameSsl-proxy connection command without options Clear ssl-proxy connClear ssl-proxy session service name Clear ssl-proxy sessionClear ssl-proxy stats Crypto ca export pem TerminalDes 3desImporting CA certificate Crypto ca import pem ExportableUsage-keys Crypto ca export pem Crypto ca export pkcs12 TftpPkcs12filename Page Crypto ca import pkcs12 This example shows how to import a PKCS12 file using SCP Filename TP2? /users/admin-1/pkcs12/TP2.p12Crypto Crypto key export rsa pem Keylabel Name of the keyOptional Specifies that the key can be exported Key nametest-keys UsageGeneral Purpose Key Crypto key import rsa pem Instead of one general-purpose key pairNull-Imports from the null file system System-Imports from the system file systemExamples Debug ssl-proxy This example shows how to turn on App debugging This example shows how to turn on FDU debuggingThis example shows how to turn on IPC debugging This example shows how to turn on PKI debuggingThis example shows how to turn on TCP debugging This example shows how to turn off TCP debuggingSsl-proxy#debug ssl-proxy tcp Ssl-proxy#no debug ssl-proxy tcpDo command Command EXEC-level command to be executedConfiguration mode Show ssl-proxy admin-info Show ssl-proxy admin-infoSsl-proxy#show ssl-proxy admin-info This command has no default settings Show ssl-proxy buffersShow ssl-proxy buffers Ssl-proxy#show ssl-proxy buffersShow ssl-proxy certificate-history service name Service nameOptionally for a specific proxy service Show ssl-proxy certificate-historySsl-proxy# show ssl-proxy certificate-history Record 1, Timestamp000051, 163634 UTC Oct 31Related Commands ssl-proxy service Show ssl-proxy conn service name Show ssl-proxy conn4tuple RemoteSsl-proxy#show ssl-proxy conn 200.200.1438814 58796 Show ssl-proxy crash-info Show ssl-proxy crash-info brief detailsBrief Limited to processor registersStack top Printing 1024 bytes from stack top Ssl-proxy#show ssl-proxy crash-info briefShow ssl-proxy mac address Show ssl-proxy mac addressModule with SSL Ssl-proxy#show ssl-proxy mac addressShow ssl-proxy natpool Show ssl-proxy natpool nameName Optional NAT pool name Ssl-proxy#show ssl-proxy natpool NP1Show ssl-proxy policy Show ssl-proxy policy http-header ssl tcp url-rewrite nameHttp-header Url-rewriteMSS Show ssl-proxy service Show ssl-proxy service nameName Optional Service name Ssl-proxy#show ssl-proxy serviceProxy status No Client VLAN, No Server Vlan Ssl-proxy# Show ssl-proxy stats Show ssl-proxy stats typeStats This example shows how to display the PKI statistics Ssl-proxy#show ssl-proxy stats pki PKI Memory Usage CountersThis example shows how to display the FDU statistics Ssl-proxy# show ssl-prox stats fduShow ssl-proxy status Show ssl-proxy statusShow ssl-proxy status SSL cpu is alive Show ssl-proxy version Show ssl-proxy versionSsl-proxy#show ssl-proxy version Show ssl-proxy vlan Show ssl-proxy vlan vlan-iddebugDebug Optional Displays debug informationThis command has no default settings Exec mode Show ssl-proxy vtsSsl-proxy#show ssl-proxy vlan Snmp-server enable Defaults Command Modes Command History ExamplesSeconds Global configuration This example shows how to start a cryptographic self-testSsl-proxy crypto selftest Time-intervalRelated Commands show ssl-proxy mac address Ssl-proxy mac addressSsl-proxy mac address mac-addr This example shows how to define a pool of IP addresses Related Commands show ssl-proxy natpoolSsl-proxy natpool Ssl-proxy pki This example shows how to specify the cache size This example shows how to enable PKI event-historyRelated Commands show ssl-proxy stats Ssl-proxy policy http-header Ssl-proxy policy http-header http-header-policy-nameHttp-header-policy-name Http header policy name Custom custom-string Timeout session timeout absolute Ssl-proxy policy sslSsl-proxy policy ssl ssl-policy-name Ssl-policy-name SSL policy nameRSAWITHRC4128SHA all No close-protocol enable Default cipher close-protocolNo session-cache enable Timeout handshake timeoutThis example shows how to enable session-cache This example shows how to disable session-cacheSsl-proxy config# ssl-proxy policy ssl sslpl1 Ssl-proxyconfig-ssl-policy#cipher RSAWITH3DESEDECBCSHAThis example shows how to print out a help Defaults are as follows Timeout reassembly is 60 secondsSsl-proxy policy tcp Ssl-proxy policy tcp tcp-policy-nameNo timeout syn timeout-in-seconds No timeout reassembly timeNo buffer-share rx buffer-limit-in-bytes No buffer-share tx buffer-limit-in-bytesRelated Commands show ssl-proxy policy Ssl-proxy policy url-rewrite Ssl-proxy policy url-rewrite url-rewrite-policy-nameSsl-proxy config# ssl-proxy policy url-rewrite test1 Ssl-proxyconfig-url-rewrite-policy#This command has no arguments or keywords Ssl-proxy pool caSsl-proxy pool ca-pool-name Ca-pool-name Certificate authority pool nameSsl-proxy service Ssl-proxy service ssl-proxy-nameclientSsl-proxy service client command Protocol protocol port portno subcommandAuthenticate verify all signature-only Default certificate inservice nat serverInservice Certificate rsa general-purpose trustpointSsl-proxy config-ssl-proxy# Related Commands show ssl-proxy service Ssl-proxy service client Exits from proxy-client configuration submodeDeclares a proxy client as administratively up Sslv2 keyword enables SSL version Ssl-proxy config# ssl-proxy service S7 clientApplies a URL rewrite policy to the proxy server Ssl-proxy config-ssl-proxy# server policy tcp tcppl1 Ssl-proxy config# ssl-proxy ssl ratelimit Ssl-proxy config# no ssl-proxy ssl ratelimitSsl-proxy ssl ratelimit Ssl-proxyy ssl ratelimitAdmin Ssl-proxy vlanSsl-proxy vlan vlan Gateway prefix drop forward1Standby authentication Standby delay minimum reloadStandby ip Standby mac-addressSsl-proxyconfig-vlan#ipaddr 208.59.100.18 Ssl-proxyconfig-vlan#route 210.0.207.0 255.0.0.0 gatewaySsl-proxyconfig-vlan#ipaddr 10.1.0.20 Related Commands show ssl-proxy vlan Standby authentication Group-number is String is ciscoStandby delay minimum reload Min-delay is 1 second Reload-delay is 5 secondsShow standby delay Ssl-proxyconfig-vlan#standby delay minimum 30 reloadHsrp is disabled by default Proxy-VLAN configuration submodeStandby ip SecondaryUsed by the hot standby group is learned using Hsrp Standby mac-address Standby group-numbermac-addressmac-addressNo standby group-numbermac-address Mac-address MAC addressSsl-proxyconfig-vlan#standby 1 mac-address That is used in the end nodesShow standby Standby mac-refresh Standby mac-refresh seconds no standby mac-refreshHsrp is disabled Standby nameStandby name group-name No standby name group-name Group-name Specifies the name of the standby groupDelay Minimum delayReload delay Sync delayOperation returns to the default behavior Leaves any synchronization delay if it was configuredSsl-proxyconfig-vlan#standby preempt delay minimum ClientsThis example shows how to change the router priority Standby priorityStandby group-numberpriority priority No standby group-numberpriority priorityStandby track Enable DisableTimers Standby redirectsRelated Commands show standby Ssl-proxyconfig-vlan#standby redirects timers 90Show standby redirect Standby timers MsecInterface ethernet Command commands and take action when the object changes Standby trackDecrement priority Back upRouter a Configuration Router B ConfigurationRelated Commands standby preempt Standby priorityStandby use-bia Standby use-bia scope interface No standby use-biaScope interface OL-7029-01 Acronym Expansion Cbac CCACDP CEFDram DsapDscp DspuICD IcmpIDB IDPMD5 MdixMdss MFDOSI OSMOspf PAERmon ROMRommon RPCSTP SVCSVI TACACS+Weighted round-robin WRRXNS Xerox Network SystemOL-7029-01 Capp UDP HttpCapp IN-1NAT XMLIN-2 IN-3 See FTP FTPGslb IN-4Secondary interface IN-5Configuration Pool addressesIN-6 Gslb Http IN-7Real server Backup Enabling IN-8Smtp IN-9TCP URLIN-10 IN-11 Credentials Enabling Port Statistics display Vlan IN-12