Manuals
/
Citrix Systems
/
Computer Equipment
/
Network Router
Citrix Systems
CITRIX NETSCALER 9.3
manual
Preface
Models:
CITRIX NETSCALER 9.3
1
20
195
195
Download
195 pages
43.21 Kb
17
18
19
20
21
22
23
24
<
>
Install
Working with Charts
Configuring Alarms
Password
Advanced Configurations
Access Gateway URL
Built-in Command Policies
Setting the Engine ID
Safety
Getting Service and Support
Page 20
Image 20
Preface
20
Page 19
Page 21
Page 20
Image 20
Page 19
Page 21
Contents
Citrix NetScaler Administration Guide
Copyright and Trademark Notice
Page
Page
Contents
Snmp
Vii
Audit Logging
Web Server Logging
105
Advanced Configurations
Contents
Web Interface
AppFlow
Reporting Tool
Contents Xvi
Formatting Conventions Meaning Boldface
Formatting Conventions for NetScaler Documentation
This Preface
To view the documentation
Documentation Available on the NetScaler Appliance
Convention
To provide feedback at the Knowledge Center home
Getting Service and Support
NetScaler Documentation Feedback
Preface
Authentication and Authorization
Topics
Show system user Example
Configuring Users and Groups
Configuring User Accounts
Parameters for configuring a user account
Password Password
Timeout CLI Idle Session Timeout Secs
UserName User Name
Show system group Example
Configuring User Groups
To create a user group by using the NetScaler command line
Show system group groupName Example
Parameters for configuring a user group
Show system group groupName
GroupName Group Name
UserName
CLI Prompt CLI Idle Session Timeout Secs
Configuring Command Policies
Built-in Command Policies
Creating Custom Command Policies
Built-in Command Policies Policy name Allows
Except show runningconfig, show
Runningconfig, and sh gslb
Matches these commands
Command specification regular expression
Parameters for configuring a command policy
Sh system cmdPolicy Example
Policyname
Action
Binding Command Policies to Users and Groups
Parameters for binding a command policy to a user
Sh system user userName Example
Sh system user userName
Priority
Parameters for binding a command policy to a group
Sh system group groupName Example
Sh system group groupName
GroupName
Resetting the Default Administrator nsroot Password
To reset the nsroot password
Example of a User Scenario
Fsck /dev/ad0s1a Mount /dev/ad0s1a /flash
Configuration steps
Sample Values for Creating Entities Field
Configuring External User Authentication
Configuring Ldap Authentication
Bind DN
Examples of Base Distinguished Name Ldap server Base DN
Examples of Bind Distinguished Name Ldap server
Authentication Type, select LDAP. Next to Server, click New
Determining attributes in the Ldap directory
Authentication Type, select Radius
Configuring Radius Authentication
Choosing Radius authentication protocols
Configuring IP address extraction
Authentication Type, select Tacacs
Configuring TACACS+ Authentication
Configuring NT4 Authentication
Authentication Type, select NT4
Authentication and Authorization
Snmp
Importing MIB Files to the Snmp Manager and Trap Listener
Enabling or Disabling an Snmp Alarm
Enable snmp alarm alarm name Sh snmp alarm alarm name
Configuring Alarms
To configure an Snmp alarm by using the command line
Parameters for configuring Snmp alarms
Severity
To add an Snmp trap by using the NetScaler command line
Configuring Traps
To configure Snmp alarms by using the configuration utility
Parameters for configuring Snmp traps
To configure Snmp Traps by using the configuration utility
Enabling Unconditional Snmp Trap Logging
Configuring the NetScaler for Snmp v1 and v2 Queries
Specifying an Snmp Manager
Parameters for unconditional Snmp trap logging
SnmpTrapLogging Snmp Trap Logging
To add an Snmp manager by using the NetScaler command line
Show snmp manager
Parameters for configuring an Snmp manager
IPAddress
To add an Snmp manager by using the configuration utility
Parameters for configuring an Snmp community string
Specifying an Snmp Community
Sh snmp community
Permissions
Community String*-communityName
Configuring Snmp Alarms for Rate Limiting
Configuring an Snmp Alarm for Throughput or PPS
Show snmp alarm PF-RL-RATE-THRESHOLD
Show snmp alarm PF-RL-PPS-THRESHOLD
ThresholdValue
NormalValue
State
Configuring Snmp Alarm for Dropped Packets
Alarm Threshold-thresholdValue Normal Threshold-normalValue
Configuring the NetScaler for SNMPv3 Queries
Parameters for configuring an Snmp alarm for dropped packets
Setting the Engine ID
Configuring a View
To set the engine ID by using the NetScaler command line
Parameters for setting the engine ID
To set the engine ID by using configuration utility
To add an Snmp group by using the NetScaler command line
Configuring a Group
Parameters for configuring an Snmp view
Configuring a User
Parameters for configuring an Snmp group
To configure a user by using the NetScaler command line
SecurityLevel
Parameters for configuring an Snmp user
Citrix NetScaler Administration Guide
Snmp
Audit Logging
Audit Logging
Show audit syslogAction name
Configuring the NetScaler Appliance for Audit Logging
Configuring Audit Servers
Parameters for configuring auditing servers
Show audit nslogAction name
ServerIP
ServerPort
Log levels defined
To configure a Syslog policy by using the command line
Configuring Audit Policies
To configure an auditing server action
Rule
To configure an Nslog policy by using the command line
Parameters for configuring audit policies
To configure an audit server policy
Binding the Audit Policies Globally
Parameters for binding the audit policies globally
Name* name Server* action
Configuring Policy-Based Logging
Configuring an Audit Message Action
To globally bind the audit policy
Pre Requisites
LogtoNewnslog
BypassSafetyCheck
StringBuilderExpr
Installing and Configuring the Nslog Server
Binding Audit Message Action to a Policy
Software requirements
Installing Nslog Server on the Linux Operating System
Supported Platforms for the Nslog Server Operating system
Installing Nslog Server on the FreeBSD Operating System
Pkginfo grep NSaudserver
Pkgdelete NSaudserver
To install Nslog server on a Windows operating system
On the system, where you have downloaded the Nslog package
Nslog Server Command Options
To uninstall the Nslog server on a Windows operating system
Audserver -remove
Audserver -stop
To add the IP addresses of the NetScaler appliance
Audserver -remove Specifies
To start audit server logging
Verifying the Nslog Server Configuration File
Running the Nslog Server
To create a filter
Customizing Logging on the Nslog Server
Creating Filters
Specifying Log Properties
Default Settings for the Log Properties
Sample Configuration File audit.conf
Following is a sample configuration file
Web Server Logging
Configuring the NetScaler Appliance for Web Server Logging
Enabling or Disabling Web Server Logging
Modifying the Default Buffer Size
Parameter for modifying the buffer size
Sh weblogparam Example
Buffer Size
To modify the buffer size by using the configuration utility
Supported Platforms for the Nswl Client Operating system
Cp pathtocd/Utilities/weblog/Solaris/NSweblog.tar /tmp
Installing Nswl Client on a Solaris Operating System
Hardware requirements
Installing Nswl Client on a Linux Operating System
Cd /tmp
Tar xvf NSweblog.tar
Pkginfo grep NSweblog
To get more information about the NSweblog RPM file
Installing Nswl Client on a FreeBSD Operating System
To view the installed Web server logging files
Cp pathtocd/Utilities/weblog/macos/NSweblog.tgz /tmp
Installing Nswl Client on a Mac OS Operating System
Pkgdelete NSweblog
Installing Nswl Client on a Windows Operating System
To install the Nswl client on a Windows system
Installing Nswl Client on an AIX Operating System
To uninstall the Nswl client on a Windows system
Cp pathtocd/Utilities/weblog/AIX/NSweblog.rpm /tmp
Rpm -i NSweblog.rpm
Nswl Client Command Options
Nswl Command Options Nswl command Specifies
Nswl -addns -f directorypath \log.conf
Adding the IP Addresses of the NetScaler Appliance
To add the Nsip address of the NetScaler appliance
Verifying the Nswl Configuration File
To verify the configuration in the Nswl configuration file
Running the Nswl Client
Customizing Logging on the Nswl Client System
Parameters for Creating a Filter Specifies
On OFF
To create a filter for a virtual server
LogFormat Ncsa
Understanding the Ncsa and W3C Log Formats
Ncsa Common Log Format
W3C Extended Log Format
Ncsa Common Log Format Argument Specifies
Directive Descriptions
Entries
Directives
Fields
Identifiers
Prefix Descriptions Specifies
Examples
W3C Extended Log Format Identifiers No Prefix Required
Description
Field Description
Creating a Custom Log Format by Using the Nswl Library
Creating a Custom Log Format
To create the custom log format by using the Nswl Library
Creating a Custom Log Format Manually
Sample Configuration File
Creating Apache Log Formats
Ncsa
Arguments for Defining a Custom Log Format
11.Custom Log Format Argument Specifies
Foobari Foobaro
Formatt
Time Format Definition
12.Time Format Definition Argument Specifies
Argument Specifies
123
Web Server Logging 124
Advanced Configurations
Show ntp server Example
Configuring Clock Synchronization
To add an NTP server by using the NetScaler command line
Parameters for configuring an NTP server
ServerName
Minpoll
Maxpoll
Starting or Stopping the NTP Daemon
Configuring Clock Synchronization Manually
Enable ntp sync Disable ntp sync
Viewing the System Date and Time
Usr/sbin/ntpd -c /nsconfig/ntp.conf -l /var/log/ntpd.log
Show ns config Example
Configuring TCP Window Scaling
WSVal
Parameters for configuring window scaling
Show ns tcpParam Example
Configuring Selective Acknowledgment
Enabled
Clearing the Configuration
To enable Sack by using the Configuration Utility
Parameters for clearing a configuration
To clear a configuration by using the configuration utility
Viewing the Http Band Statistics
Level
ReqBandSize
RespBandSize
Configuring Http Profiles
To modify the band range by using the configuration utility
To add an Http profile by using the NetScaler command line
Built-in Http Profiles Built-in profile Description
Parameters for adding an Http profile
Built-in TCP Profiles Built-in profile Description
Configuring TCP Profiles
To add an Http profile by using the configuration utility
To add a TCP profile by using the NetScaler command line
Parameters for creating a TCP profile
To add a TCP profile by using the configuration utility
Specifying a TCP Buffer Size
Example
Parameters for setting the TCP buffer size in a TCP profile
BufferSize
Mss
Specifying the MSS Value in a TCP Profile
Parameters for specifying the MSS value in a TCP profile
Learn MSS for VServer
LearnVsvrMSS
Advanced Configurations 148
Web Interface
How Web Interface Works
Prerequisites
Installing the Web Interface
JRE tar file path
Configuring the Web Interface
Web Interface tar file path
Parameters for configuring Web interface sites
Gateway Direct Mode
Authentication Point
Access Gateway URL
Port
Configuring a Web Interface Site for LAN Users Using Http
XML Service Addresses
XML Service Port
Transport
A Web Interface Site Configured for LAN Users Using Http
Site Type Published Resource Type Kiosk Mode
Virtual Server Protocol select Https IP Address Port
Add service WILoopbackService 127.0.0.1 Http
Configuring a Web Interface Site for LAN Users Using Https
A Web Interface Site Configured for LAN Users Using Https
160
161
Add lb vserver Httpswi SSL 10.102.29.3
Configuring a Web Interface Site for Remote Users Using Agee
A Web Interface Site Configured for Remote Users Using Agee
165
166
AppFlow
How AppFlow Works
NetScaler Flow Sequence
Flow Records
Templates
Configuring the AppFlow Feature
Specifying a Collector
Enabling or Disabling the AppFlow Feature
To specify a collector by using the NetScaler command line
Configuring an AppFlow Action
To remove a collector by using the NetScaler command line
To specify a collector by using the configuration utility
Parameters for specifying a collector
Comment
Parameters for configuring an AppFlow action
Collectors
Configuring an AppFlow Policy
Show appflow policy name
Parameters for configuring an AppFlow policy
Rule Action
To add an expression by using the Add Expression dialog box
Http
Binding an AppFlow Policy
Show appflow global
Parameters for binding an AppFlow policy
GotoPriorityExpression
Invoke Invoke flag LabelType
LabelName
Enabling AppFlow for Virtual Servers
Click Apply Changes
Enabling AppFlow for a Service
Setting the AppFlow Parameters
AppFlow Parameters
HttpCookie
HttpReferer
HttpMethod
HttpHost
Reporting Tool
Working with Reports
Using the Reporting Tool
To invoke the Reporting tool
Using Built-in Reports
Creating and Deleting Reports
Modifying the Time Interval
Time Intervals Time interval Displays
Setting the Data Source and Time Zone
Exporting and Importing Custom Reports
Modifying a Chart
Working with Charts
Adding a Chart
Viewing a Chart
To change the graph type of a chart
To view numeric data for a graph
To change the color and graph type of a data set
Examples
Deleting a Chart
To export chart data to Excel
Stopping and Starting the Data Collection Utility
Limits on Entity Numbers Retrieved by nscollect Entity name
To stop nscollect
To start nscollect on the local system
Entity name Limit
Netscaler/nscollect stop
To start nscollect on the remote system
Netscaler/nscollect start
Top
Page
Image
Contents