Intel A31032-001 manual

C H A P T E R 1

How to Use this Book

•Appendix E: Terms and Conditions contains the software license and terms and conditions of user of this product.

•Glossary defines terms appearing in this User Guide.

1-5

Image 15

Intel A31032-001 manual Glossary defines terms appearing in this User Guide

Contents

Version Intel NetStructure 7110/7115 e-Commerce Accelerator Trademarks Copyright Table of Contents Theory of Operation Scenarios Remote Management Alarms and Monitoring Troubleshooting Appendix a Front Panel List of Figures Xii About this User Guide Introduction Remote Management New in This Release Before You Begin Who Should Use this Book How to Use this Book Glossary defines terms appearing in this User Guide Page Installation and Initial Configuration Rack Installation Installing the 7110/7115 Free- Standing or in a Rack Network Connections Free-Standing Installation Inline LED Admin Terminal ConnectionStatus Check Network and Server LEDs HyperTerminal§ Paste Operations Troubleshooting Continuing ConfigurationServer and Network LEDs Theory of Operation SecuritySingle Server Acceleration Multiple Servers 7110/7115 in Single Server Configuration Positioning 7110/7115 between ITM Device and Client Network Working with Internet Traffic Management ITM Devices Positioning 7110/7115 between ITM Device and Server Scalability and CascadingSpilling and Throttling Availability Keys and Certificates Cutting and Pasting with HyperTerminal§ Intel 7115 create sign ProcedureCreate a key Type the create key command at the prompt Create a Certificate Signing Request Certificate REQUEST----- lines Intel 7115 export sign mywebserverAsciix Enter Enter Typically, the CSR will look something like this Save the configuration when the server has been mapped Exporting a Key/Certificate from a ServerApache Interface to Open SSL§ modssl Apache SSL§ Stronghold§ Importing into the 7110/7115Intel 7115 import key mywebserver Save the configuration when the server has been mapped Intel 7115 create cert mywebserver Enter the create cert command with the keyIDCreating a new Key/Certificate on the 7110/7115 Create a key as follows Overview Global Site Certificates Global Site Certificate Paste Procedure ExampleIntel 7115 import cert keyID Intel 7115 set redirect A P T E R Redirection Clients and Unsupported Ciphers Intel 7115 set redirect 2 none Intel 7115 show redirect Client AuthenticationTo disable a redirect URL for a mapping Intel 7115 show redirect Intel 7115 import clientca Next, import the client CA certificate for Map ID Creating a Client CA Certificate using OpenSSL§ Generate the client CA certificateGenerate a certificate signing request SSL Processing MappingAutomapping Manual mapping Automapping with user-specified key and certificateAutomapping with multiple port combinations Deleting automapping entries Combining automapping and manual mapping Use the show block command to verify Subnet IP, Specific Port All IPs, Specific PortUse show block to verify Use the show block command to confirm the block Delete a BlockIntel 7115 delete block Failure Conditions, Fail-safe, and Fail-through Scenarios Syntax Procedure for Scenario Manual ConfigurationScenario 1-Single Server Intel 7115delete map 1 Intel 7115list maps Scenario 2-Multiple Servers This scenario shows how to configure two or more servers ID KeyID Assumptions Scenario 3-Multiple 7110/ 7115s, Cascaded Multiple Cascaded 7110/7115s Intel 7115 export config Save the configuration Intel 7115 import configAfter verification y or refusal n, the prompt reappears Intel 7115set egressmac none To reverse this process Online Help Command Reference Abbreviation to Uniqueness Command Line InterfaceUser Authentication Command Line Prompt A P T E R Command Line Interface Input Editing Commands Command HistoryMoving the Insertion Point Cut and Paste Command Summary Command Command Options Import Nic Password RebootInline List Command Command Options Set Command Command Options Show Ttychar SetsnmpShowsnmp Status Command Reference Help CommandsStatus Command Import key SSL CommandsCommand Description Create key Delete key Command Description Export key Show keyList keys Export cert Command Description Create certDelete cert Import cert Set ciphers Command Description Show certDisplay the expanded certificate including PEM format Displays all certificates Command Description Set redirect Show redirectShow clientca Command Description Import clientca Delete clientcaCreate sign Command Description Delete sign Export signShow sign keyID Field Command Description Set defcertIssuer e-mail address. You can change all, some or none Display the default certificate creation information Show clienttmo Command Description Set kstrengthShow kstrength Set clienttmo Show servertmo Command Description Set servertmoDisplays the currently specified server timeout value Client request is rejected Show block Port Mapping CommandsCommand Definition Create block Delete block Command Definition Create permit Delete permitShow permit List maps Command Definition Create mapDelete map mapID Show map Operational Commands Command Description BypassInline Show spill Command Description Set spill Remote Management Commands Command Description Set ipMaxremotesessions Command Description Set telnet Show telnetSet telnetport Set sshport Command Description Show telnetportSet ssh Show ssh Command Description Setsnmp snmp Showsnmp snmpSetsnmp snmpinfo CommandDescription SnmpcommunityDelete Snmp community strings Command Description Setsnmp trapauthen TrapcommunityList trapcommunity Intel 7115 delete trapcommunity Delete trapcommunity Delete Snmp trap community strings Set rscwindow Alarms and Monitoring CommandsCommand Description Set alarms Show alarms Command Description Show rscwindow Set utlwindowSet utlhighwater Show utllowwater Command Description Set utllowwaterShow utlwindow Show utlhighwater Intel 7115 show ovlwindow CommandDescription Show ovlwindow Configuration Commands Command Description Show configDisplay current volatile configuration settings Intel 7115 show config default Default configuration Config save Command Description Config compareConfig reset Config default Import a configuration file paste, xmodem, uudecode Command Description Export configConfiguration specifics are displayed Import config Command Description Import upgrade Import patchList system Returns to factory configuration settings Command Description Factorydefault Set date Administration CommandsCommand Description Password Show info Set idleto Command Description Set egressmacSet ether Show ether Set serial Command Description Set moreNic Set prompt Exit Logging CommandsCommand Description Show serial Command Description List logs Command Description Delete logDelete saved log/trace files from /flash/logs All deletes all logs Overview Remote Management Limitations Remote Management CLI Commands A P T E R Overview Local Serial Console Remote Telnet Sessions Unix-prompttelnet Remote Console, TelnetChanging the Telnet Port To display the Telnet port Disabling Telnet To verify Telnet disableEnable remote SSh sessions Remote SSh Sessions Changing the SSh Port Unix-promptssh -1 adminPasswordpassword Remote Console, SSh To display the SSh port To verify SSh disableIntel 7115 set ssh disable Disabling SSh Intel MIB Tree Standards Compliance Ceo-header.my Where to find MIB FilesSupported MIBs Management Information Base-II MIB-II Intel Enterprise MIBs Following is a summary of the 7110/7115 private MIB Enterprise Private MIB SummaryPage Snmp ThrottlesPerSec Number of throttles per second Snmp Trap Summary Standard Snmp TrapsPrivate Traps in ssl-appliance-mib.my Intel 7115 setsnmp snmp enable Intel 7115 showsnmp snmp Intel 7115 setsnmp snmp disable Intel 7115 showsnmp snmpEnabling Snmp Intel 7115 showsnmp snmpinfo Specifying Snmp Information Intel 7115 delete snmpcommunity Community String Trap Community String Use CLI commands, setsnmp trapcommunity, list Access Control Page Alarms Monitoring Set alarms All, esc, rsc, utl, ovl, nls None Show alarms CLI commands for alarm configuration are For example Alarm TypesESC Encryption Status Change Alarm Alarm Modifiers and Messages Extended Data RSC Alarm CLI CommandsTo set Overload Alarm time window RSC Refused SSL Connections Intel 7115 set rscwindow Intel 7115 show rscwindow UTL Utilization Threshold AlarmTo display Overload Alarm time window This alarm monitors three utilization threshold values To set Utilization Threshold Alarm low-water value UTL Alarm CLI commandsTo set Utilization Threshold Alarm time window To set Utilization Threshold Alarm high-water value Intel 7115 set ovlwindow Intel 7115 show ovlwindow OVL Overload AlarmOVL Alarm CLI Commands Intel 7115 set ovlwindow seconds Range NLS Network Link Status Alarm Alarm Logging Intel 7115 status Respend Inline Ip 10.1.11.34 netmask Intel 7115 status alarms Example, status alarms command Monitor report format Report ConfigurationMonitoring Monitoring Reports Intel 7115 set monitoringfields Monitoring Reports CLI Commands Intel 7115 show monitoringfields Intel 7115 set monitoring enable Intel 7115 show monitoringPage Software Updates Using Windows§ HyperTerminal§ Press y for yes at the Continue with upgrade? promptIntel 7115 import upgrade Connect the serial cable to the 7110/7115 auxiliary console Command import patch Intel 7115import upgrade To send the uuencoded file use the ~ command Intel 7115import patch Page Troubleshooting Intel 7115 set clienttmo See Global Site Certificates Error message Intermediate Different media Error message ServerSettings Then use the nic command to force LEDs Front Panel Processing Buttons and SwitchesPress to physically force bypass mode bypass 7110/7115 Front Panel LEDs Overload See Appendix B, Failure Connectors Failure/Bypass Modes Enable 7110/7115 processing Bypass Button Fail-through Switch Security Level P E N D I X B Fail-through Switch Security Level Page Cipher Strength Supported Ciphers SSL Version Level RC464 RC2 SSLv2RC2128 RC4-64 SSLv2Page Taiwan Class a EMI Statement Regulatory Information FCC Part 15 Compliance Statement Vcci Statement CE Compliance Statement Canada Compliance Statement Industry Canada Vcci Class a Japan Australia Cispr 22 Statement Avertissement Warnung Advertencias Wichtige Sicherheitshinweise Wichtige Sicherheitshinweise Page END User Terms and Conditions of Sale and Software License Terms and Conditions and Software LicensePage P E N D I X E Page Year warranty Process of being installed Export Law Regulations Page Glossary Glossary-2 Glossary-3 Glossary-4 Japan only Support ServicesWorldwide Access to Technical Support North America only Support-2 Intel NetStructure 7110/7115 e-Commerce Accelerator User Support-4 Index D E Index-3 Index-4