Chapter 3 Commands Specific to the Content Switching Module with SSL

ssl-proxy vlan

Table 3-10

Proxy-VLAN Configuration Submode Command Descriptions (continued)

 

 

 

Syntax

 

Description

 

 

route {prefix mask} {gateway prefix}

Configures a gateway so that the Content Switching Module with SSL can

 

 

reach a nondirect connected subnetwork.

 

 

standby [group-number] {authentication

Configures redundancy on the VLAN. See the following commands for valid

text string} {delay minimum [min-delay]

values:

reload [reload-delay]} {ip [ip-address

standby authentication

[secondary]]} {mac-address mac-address}

standby delay minimum reload

{mac-refresh seconds} {name

group-name} {preempt [delay{minimum

standby ip

delay reload delay sync delay}]}

standby mac-address

{priority priority} {redirects [enable

 

 

disable] [timers advertisement holddown]

standby mac-refresh

[unknown]} {timers [msec] hellotime

standby name

[msec] holdtime} {track object-number

 

standby preempt

[decrement priority]}

standby priority

standby redirects

standby timers

standby track

standby use-bia

1.The gateway forward feature from the SSL Services Module does not work with CSM-S because the SSL daughter card only gets packets for connections that are being serviced by a VIP on the CSM.

You must remove the administration VLAN status of the current administration VLAN before you can configure a different administration VLAN.

An administration VLAN is used for communication with the certificate agent (PKI) and the management station (SNMP).

When configuring the gateway, the drop keyword allows the Content Switching Module with SSL to drop a packet if a virtual service cannot be found relating to the packet.

When configuring the gateway, the forward keyword allows the Content Switching Module with SSL to forward a packet to the gateway of the specified VLAN if a virtual service cannot be found relating to the packet.

The valid values for configuring HSRP are as follows:

group-number—(Optional) Group number on the interface for which HSRP is being activated; valid values are from 0 to 255. If you do not specify a group-number, group 0 is used.

ip ip-addr—Specifies the IP address of the HSRP interface.

priority priority— Specifies the priority for the HSRP interface. Increase the priority of at least one interface in the HSRP group. The interface with the highest priority becomes active for that HSRP group.

prempt —Enables preemption. When you enable preemption, if the local router has a hot standby priority that is higher than the current active router, the local router attempts to assume control as the active router. If you do not configure preemption, the local router assumes control as the active router only if it receives information indicating that no router is in the active state (acting as the designated router).

Catalyst 6500 Series Switch Content Switching Module with SSL Command Reference

 

OL-7029-01

3-75

 

 

 

Page 296 Page 298
Page 297
Image 297
Cisco Systems OL-7029-01 manual Standby authentication, Standby delay minimum reload, Standby ip, Standby mac-address
Page 296 Page 298
Top Page Image Contents