Manuel d'utilisation / d'entretien du produit 6500 du fabricant Cisco
Aller à la page of 160
Corporate He adquarters Cisc o Syst ems , Inc . 170 West Ta sman Drive San Jos e, CA 95 134-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553- NETS (638 7) Fax: 408 526-4100 Catalyst 650 0 Series S witc h SSL S erv ices Module Command Reference R ele ase 3.
THE SPECIFICATIONS AND INFORMATION REGARDING TH E PRODUCTS IN THIS MANUAL ARE SUBJE CT TO CHANGE WITHOUT NO TICE. ALL STATEMENT S, INFORMATI ON, AND RECOMMENDA TIONS IN T HIS MANUAL ARE BELIEVED TO BE ACCURATE BU T ARE PRESEN TED WITHOUT WARRANTY OF ANY KIND, EXPRE SS OR IMPLIED.
iii Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 CONTENTS Preface vi i Audienc e vii Organi zation vi i Relat ed D ocum ent atio n vii Conv enti ons viii Obtain ing Docu mentati on ix Cisco.
Cont ent s iv Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 CHAPTER 2 Commands f or the Cataly st 6500 Seri es Switch SSL Servi ces Module 2-1 clea r ssl-pr oxy conn.
Content s v Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 show ssl- prox y policy 2-72 show ssl- prox y service 2-75 show ssl- prox y stats 2-77 show ssl- prox y sta.
Cont ent s vi Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01.
vii Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Preface This pr eface d escrib es the audie nce, o rganizatio n, an d conventions of this pu blicat ion, a nd provide s information on how to obtain relate d documentation.
viii Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Preface Conv ent ions The Ci sco IO S docu mentati on se t incl udes t hese documen ts: • Configuration Fund amen tals Co nfiguration Guid e • Command Ref er ence For information about M IBs, refer to this URL: http://www .
ix Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Pre face Obtaining Documentat ion Notes us e the follo wing con ventions: Note Means r eader t ake no te . N otes co ntai n helpf ul sugg est ions or refer ences to materi al not cov ere d in the publicatio n.
x Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Preface Docum entation Fe edback Ordering Docume ntation Beginning June 30 , 2005, regist ered Cisco.com use rs may order Ci sco docum entati on at the Pro duct Documen tation S tore in the Cisco M arke tplace at this URL: http://www .
xi Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Pre face Obtaining Technical Assistance Reporting Se curity Problems in Cisco P roducts Cisco is comm itted to delive ring sec ure produ cts. W e test our products i nterna lly before we relea se them, and we str iv e to correct all vul nerabilities q uickly .
xii Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Preface Obtain ing Techni cal Ass istance Note Us e the Cisco Product Ident ification (CPI) to ol to locate your product ser ial numb er b efore su bmitt ing a web or phon e request for service.
xiii Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Pre face Obtaining Additional Publications and Information Obtaining Ad ditional Publication s and Informatio n Informa tion ab out Cisco pro ducts, t echnologi es, and ne twork soluti ons is av ailable from various online and printe d source s.
xiv Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Preface Obtainin g Addi tional Pub lications and Informat ion.
C HAPTER 1-1 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 1 Command-Line Interface This chap ter provides info rmati on for unders tandin g and using th e Catalyst 650 0 series swit ch SSL Services Module softw are using the c ommand-line in terface ( CLI).
1-2 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface How to Fi nd Command Opti ons This exam ple sh ows how to obtain a li st of com.
1-3 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 1 Comm and-Lin e Interface How to Find Com mand Options Ta b l e 1 - 2 shows e xampl es of how you can use t he question mark ( ? ) t o assist you in entering comma nds.
1-4 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface How to Fi nd Command Opti ons ssl-proxy(config-if)# channel-group group ? <1.
1-5 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 1 Comm and-Lin e Interface Understa nding Com mand Modes Understandin g Comma nd Modes This se ction contai ns descr iptions of th e comm and mod es fo r the Cisco I OS user interfac e.
1-6 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface Using the No and De fault Forms of Commands For more inf ormation on command m odes, refe r to the “Using th e Command L ine Interf ace” c hapter of the Configur ation F undam entals C onfiguration G uide .
1-7 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 1 Comm and-Lin e Interface Using the CLI String Search Using the CLI String Search The pat tern in th e command output is r eferred to as a string .
1-8 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface Using the CLI String Sea rch T o enter th ese spe cial char acters a s single -cha racter p atterns, remo ve th e special m eaning by preceding each ch aracter with a backs lash ( ).
1-9 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 1 Comm and-Lin e Interface Using the CLI String Search Multiple-Characte r Patterns When crea ting re gular e xpressions, you c an also spe cify a p attern conta ining multiple charac ters.
1-10 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface Using the CLI String Sea rch T o use multipliers with mult iple-characte r patterns, you enclo se the pattern in parenth eses.
1-11 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 1 Comm and-Lin e Interface Using the CLI String Search For exam pl e, _1300_ matc hes an y string that has 1 300 s ome whe re in the str ing. The s tring ’ s 1300 can be prec eded by or end with a spa ce, brac e, comm a, or unde rscore.
1-12 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapt er 1 Command -Line Int erface Using the CLI String Sea rch.
C HAPTER 2-1 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 2 Commands for the Catalyst 6500 Series Switch SSL Services Module This c hapter contai ns an alphabe tical listin g of co mman ds for the C atalyst 6500 series switch SSL Services M odule.
2-2 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module clear ss l-prox y conn clear ssl-proxy conn T o clear all TCP con nections on the entir e system, use th e clear ssl-proxy c onn command.
2-3 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule clear ssl- proxy cont ent clear ssl-proxy content T o clear all TCP con nections on the entir e system, use th e clear ssl-proxy c onn command.
2-4 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module clear ss l-prox y sess ion clear ssl-proxy session T o clear all entr ies from the se ssion cac he, use the clear ssl-pr oxy ses sion comm and.
2-5 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule clear ss l-proxy stats clear ssl-proxy stats T o .
2-6 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module clear ss l-prox y stats Comma nd H ist ory U.
2-7 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule cryp to pki exp ort pe m crypto pki export pem T o export priv acy-enhan ced ma il (PEM ) files from the SSL Servic es Module , use the crypto pki ex port pem comma nd.
2-8 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto pk i ex port pem Y ou ca n chan ge the defau lt file extensions wh en prom pted. The default file exten sions are a s follows: • public key (.
2-9 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule crypto pki import pem crypto pki import pem T o import a PEM-f ormatted f ile to the SSL Services Mo dule, use th e crypto pki impo rt pem co mmand .
2-10 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto pk i impor t pem The crypto pki import pem comman d im ports only t he priv ate key (.p rv), the se rver ce rtificat e (.
2-11 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule crypto pki export pkcs12 crypto pki export pkcs1 2 T o expo rt a PKCS1 2 file from the SSL Servic es Modu le, us e th e crypto pki export pkcs12 command .
2-12 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto pk i ex port pkc s12 Exam ples Th is.
2-13 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule crypto pki import pkcs12 crypto pki import pkcs12 T o import a PKCS12 file to the SSL Services Module, use the c rypto pki im port pkcs12 comm and.
2-14 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto pk i impor t pkcs12 Exam ples Th is .
2-15 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule cryp to k ey de cry pt rs a crypto key decryp t rsa T o d elete the e ncryp ted key an d leave only t he une ncry pted key , use the crypt o key de crypt r sa comm and.
2-16 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto ke y encry pt rsa crypto key encryp t rsa T o encrypt the RSA ke ys, use the cr ypto key encr ypt r sa command .
2-17 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule cryp to k ey ex por t rsa pem crypto key export rsa p em T o expor t a PEM-fo rmat ted RSA key to th e SSL Servi ces Mo dule, u se the crypto key expo rt rsa pem comm and.
2-18 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto ke y expor t rsa pem Exam ples Th is.
2-19 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule cryp to k ey im por t rsa pem crypto key import rsa pem T o im port a PEM- format ted RSA key from an external syste m, use the crypto key import rs a pem comm and.
2-20 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto ke y impor t rsa pem Exam ples Th is.
2-21 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule crypt o key lock rsa crypto key lock rsa T o lock the en crypte d pri v ate k ey , use the crypto ke y lock rs a command.
2-22 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module crypto ke y unlo ck rsa crypto key unlock rsa T o unl ock the e ncryp ted private ke y , use the crypt o key unlock rsa comman d.
2-23 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule debug ssl- proxy debug s sl-proxy T o tu rn on th e debug flag s in differen t system compone nts, use the deb ug ssl-p r oxy command .
2-24 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module debug s sl-proxy Comma nd H ist ory Usage G.
2-25 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule debug ssl- proxy Note Use the TCP de bug command.
2-26 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module do do T o execu te EXEC -level comma nds f rom g lobal configurati on m ode or other configurat ion mo des or submodes, use the do comman d.
2-27 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule inte rface ssl -pro xy interface ssl-proxy T o enter the subinterf ace conf iguratio n submode, use the interf ace ssl-pr oxy co mmand .
2-28 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module interface s sl-proxy The valid values for c.
2-29 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule inte rface ssl -pro xy • type time —Sp ecif .
2-30 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module natpool natpool T o de fine a poo l of IP a ddresses, whic h the SSL Services M odul e uses fo r impl emen ting the client NA T , use the natpool command .
2-31 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy health-probe tcp policy health-probe tc p T o enter the TCP health probe conf iguration submode, use the policy he alth-pr obe comm and.
2-32 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy h ealth-pro be t cp Exam ples Th is example shows how to configure TCP healt h probe to c heck whet her service at port 80 is up and running on server IP address 19.
2-33 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy health-probe tcp Context name: ssl Contex.
2-34 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy h ttp-head er policy ht tp-header T o enter the HTTP he ader inser tion conf igura tion submod e, use the policy http-header comma nd.
2-35 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy http-header • Client Certif icate i n PEM format—When you specify cli ent-cert pem , the SSL module sends the entire client certif icate in PEM format.
2-36 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy h ttp-head er • SSL Ses sion—Session heade rs, inc luding th e sessio n ID, are use d to c ache cli ent cer tifi cates th at are based on the session ID.
2-37 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy http-header Exam ples Th is example shows.
2-38 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy h ttp-head er In addition to the sta.
2-39 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy ssl policy ssl T o ent er t he SSL-po licy configurati on subm ode, use the policy ssl com mand.
2-40 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy s sl Usage Guid elines Each SSL-polic y conf iguration submode command is entere d on its own line.
2-41 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy ssl Y ou can def ine the SSL p olic y tem.
2-42 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy s sl When y ou enter the close-n oti.
2-43 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy ssl When yo u enter th e tls-ro llback curr ent command, th e SSL prot ocol version c an be e ither t he maxi mum supporte d version or the negotiated version.
2-44 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy s sl Relat ed Comma nds show ssl-pr .
2-45 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy tcp policy tcp T o ent er the proxy policy TCP configurati on submode , use the policy t cp comma nd.
2-46 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy t cp Usage Guid elines After you de fine the TCP policy , you can associ ate the TC P policy with a pr oxy server using the proxy-pol icy TCP configurat ion submod e comm ands.
2-47 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy tcp Usage Guid elines TCP comma nds that you enter on the SSL Servi ces Modu le can ap ply eithe r globall y or to a particula r proxy server .
2-48 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy t cp This exampl e shows ho w to def.
2-49 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule policy url-rewrite policy url-rewrite T o e nter the URL r e write configurat ion subm ode, use the policy url-r ewrite comm and.
2-50 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module policy u rl-rew rite clearp ort por t-numb er —(Optional) Specif ies the port portion of the URL lin k that is to be rewrit ten; valid values are from 1 to 65 535.
2-51 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule pool ca pool ca T o enter the certi fica te authority pool configu ration submode, use the pool ca comman d.
2-52 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module servi ce service T o e nter t he proxy -serv ice configura tion su bmode, use the servi ce command.
2-53 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule service In most ca ses, all of the SSL- serv er .
2-54 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module servi ce Both secu red and bridge mode betwe en the Con tent Switchi ng Module (CSM ) and th e SSL Services Module i s supp orted.
2-55 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule service This exam ple sh ows how to configure a cl ear-text web server f or t he SSL Se rvice s Mod ule to forwar d the decry pted traf f ic: ssl-proxy (config-ctx-ssl-proxy)# server ipaddr 207.
2-56 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module service cl ient service client T o ente r the cl ient pro xy-servi ce co nfiguration sub mode, use the servic e clien t command.
2-57 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule servic e client Ta b l e 2 - 9 lists the commands that ar e av ailable in proxy-client con figurat ion submode.
2-58 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module service cl ient Exam ples Th is example sho.
2-59 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show i nterfaces ssl-proxy show interfaces ssl-proxy T o display inf ormation about t he conf igured subi nterfac es, use the sho w interface s ssl-proxy command .
2-60 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy buff ers show ssl-proxy buffers T o display in format ion abou t TCP bu ff er usage, use the sho w ssl-p ro xy b uffers co mmand.
2-61 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-proxy certificate-history show ssl-prox.
2-62 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show s sl-proxy certificate -history Exam p.
2-63 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-proxy certificate-history This e xample.
2-64 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy conn show ssl-proxy c onn T o displ ay the TCP conn ecti ons from the SSL Serv ices Modul e, use the show ssl-proxy conn comm and.
2-65 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl- proxy conn Comma nd H ist ory Exam ple.
2-66 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy conn ssl-proxy# show ssl-proxy conn 4tuple remote ip 1.
2-67 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-pr oxy context show ssl-proxy c ontext T o display contex t information, use the show ssl-proxy context comman d.
2-68 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy cras h-info show ssl-proxy c rash-info T o collect informatio n about th e softwa re-forced reset f rom the SSL Services Module, use the show ssl-proxy crash-info comman d.
2-69 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-proxy c rash-i nfo s0 :00000000, s1 :00.
2-70 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy ma c address show ssl-proxy mac ad dress T o displa y the curren t MA C addr ess, use the show ssl-proxy mac address comma nd.
2-71 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-pr oxy natpool show ssl-proxy n atpool T o display informat ion about the N A T pool, use the show ssl-proxy natpool comm an d.
2-72 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy poli cy show ssl-proxy policy T o displ ay the con figured SSL proxy po licies, us e the show ssl-proxy policy co mmand.
2-73 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-pro xy policy 6 "g:" 7 ".
2-74 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ssl -proxy poli cy This e xample shows.
2-75 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-pr oxy service show ssl-proxy service T o display information ab out the conf igured SSL virtu al service, use the sho w ssl-proxy service comm and.
2-76 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ss l-pr oxy ser vice Nat pool: n2 rsa-.
2-77 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-prox y stats show ssl-proxy stats T o display information ab out the statistics counter , use the show ssl-proxy stats command.
2-78 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ss l-pr oxy st ats • module module .
2-79 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-prox y stats This example sho ws how to.
2-80 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ss l-pr oxy st ats Response timeout: 0.
2-81 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-prox y stats This exa mple shows ho w t.
2-82 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ss l-pr oxy st atus show ssl-proxy status T o d isplay i nforma tion abo ut the SSL Ser vices Module proxy st atus, use th e show ssl-proxy status comm and.
2-83 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-pr oxy status TCP cpu is alive! TCP cpu.
2-84 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module show ss l-pr oxy ver sion show ssl-proxy version T o display th e curren t image v ersion, use the show ssl-proxy vers ion command.
2-85 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule show ssl-prox y vlan show ssl-proxy vlan T o display VLAN informatio n, use the show ssl-proxy vlan comm and.
2-86 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module snmp- server ena ble snmp-server enable T o conf igure the SNMP traps an d infor ms, use the snmp- serv er enable command.
2-87 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule ssl-pr oxy cont ext ssl-proxy context T o e nter the SSL c ontext su bmode a nd define t he vir tual SSL context, u se t he ssl-proxy c ontext comm and.
2-88 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module ssl-proxy cont ext Exam ples Th is example shows ho w to configure th e context “hubb le”: ssl-proxy# configure terminal Enter configuration commands, one per line.
2-89 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule ssl-proxy cryp to selftest ssl-proxy crypto selftest T o initiate a c ryptograp hic self-te st, use th e ssl-proxy crypto se lftest command .
2-90 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module ssl-proxy mac addres s ssl-proxy mac address T o conf igure a MA C addr ess, use the ssl-proxy mac addr ess comman d.
2-91 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule ssl-pr oxy pki ssl-proxy pki T o configur e and define t he PKI implem entatio n on the SSL Serv ices M odule, u se the ssl-proxy pki co mman d.
2-92 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module ssl-p roxy pk i Usage Guid elines The ssl-p.
2-93 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule ssl-proxy crypto key unl ock rsa ssl-proxy crypto key unlock rsa T o unlock th e k ey aut omaticall y after a reload, use the ssl-proxy crypto key unlock rsa comm and .
2-94 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module ssl-p roxy ip-fr ag-tt l ssl-proxy ip-frag-ttl T o adjust the IP fragment rea ssembly timer , use the ssl-proxy ip-f rag-ttl command .
2-95 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule ssl-prox y ssl rateli mit ssl-proxy ssl ratelimit T o p rohi bit new con nections duri ng overload condit ions, u se th e ssl-proxy ssl ratelimit command.
2-96 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby aut hentica tion standby authentica tion T o conf igure an authenticatio n string for HSRP , use the standby authentication comm and.
2-97 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby del ay minimum reload standby delay minimum reloa d T o conf igure a delay before th e HSRP groups are initia lized, use the standby delay minimum r eload comm and.
2-98 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby del ay min imum reload Exam ples Th.
2-99 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule stand by ip standby ip T o acti va te HSRP , use the standby ip command. Us e the no fo rm of this command to disable HSRP .
2-100 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby ip Exam ples This example sho ws ho w to acti va te HSRP for group 1 on Ethernet interf ace 0.
2-101 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby ma c-address standby mac-add ress T o specify a vir tual MA C address f or HSRP , use the s tand by mac- addr ess comm and.
2-102 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby m ac-add ress In an APPN network, an end no de is typica lly co nfigured with the MA C addre ss of the adja cent network node.
2-103 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby mac-refr esh standby mac-re fresh T o change th e interv al at which pac ket s are sent to refresh the MA C cache when HSRP is runn ing ov er FDDI, use the standby mac-r efr esh command .
2-104 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby nam e standby name T o con figure the na me of the st andby group, u se the standby name command.
2-105 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby pr eempt standby preempt T o c onfigure HSR P pree mption and pr eempt ion dela y , use the standby preempt command.
2-106 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby pre empt When you us e group nu mber 0, no grou p number is written to NVRAM , providing bac kward compatibilit y .
2-107 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby pri ority standby priority T o conf igure the priority for HSRP , use the standby priority command.
2-108 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby pri ority Exam ples Th is exam ple.
2-109 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby re directs standby redirects T o ena ble H SRP filtering of Int ernet Co ntrol Message Protocol (ICMP) redir ect messa ges, use the standby redir ects comma nd.
2-110 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby red irect s The no standby redir ects command is the s ame as the st andby redir ects disable comm and.
2-111 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby timers standby t imers T o conf igure t.
2-112 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby ti mers The standby timers comma nd c onfigures t he time be tween st andby hel lo pa ckets an d th e time befo re other router s declar e t he active or standby r outer to be down.
2-113 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule stan dby t rac k standby track T o co nfigure HSRP t o track an ob ject and c hange t he hot stand by priorit y based on t he state of the obj ect, use the standby track command .
2-114 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby tr ack When you us e group nu mber 0, no grou p number is written to NVRAM , providing bac kward compatibilit y .
2-115 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 Chapter 2 Commands for the Catalyst 6500 Series SSL Serv ices Mod ule standby use- bia standby use-b ia T o conf igur.
2-116 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Chapter 2 Comman ds for the Cat alyst 6500 Series SSL Servic es Module standby versi on standby version T o ch an.
A- 1 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 APPEND IX A Acronyms Ta b l e A - 1 defines t he acron yms th at are u sed in th is publica tion.
A- 2 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x A Acr ony ms CB A C conte xt base d access co ntrol CCA circuit card assembly CDP Cis co Di scovery Pro.
A-3 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Append ix A Acronym s dot1q 8 02.1Q dot1x 8 02.1x DRAM dynami c RAM DRiP D ual Ri ng Protocol DSAP de stination ser.
A- 4 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x A Acr ony ms ICD I nternat ional Co de De signator ICMP Inte rnet C ontrol M essage Protocol IDB int er.
A-5 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Append ix A Acronym s MD 5 message diges t 5 MD I X media-dependent interf ace cross ov er M D SS Multicast Dis tri.
A- 6 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x A Acr ony ms OSI Ope n Sys tem Int erconn ect ion OSM O ptica l Services M odule OSPF open short est pa.
A-7 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Append ix A Acronym s R M O N remot e netw or k moni tor R OM r ead-on ly m emory R OMMON R OM monitor RP rout e pr.
A- 8 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x A Acr ony ms STP Spa nnin g T ree Pr otoc ol SVC s witche d virtua l circ uit SVI switched virtual in t.
A-9 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 Append ix A Acronym s WRR we ighted rou nd-rob in XNS Xerox Network System T able A -1 List of A cr on yms (continu.
A-10 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x A Acr ony ms.
B-1 Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01 APPEND IX B Acknowledgments for Open-Source Software The Cisc o IOS software on the Cataly st 6500 seri es switches soft ware pipe comm and use s Henry Spence r’ s re gul ar exp ressi on libr ary (re gex).
B-2 Catalyst 6500 S eries Swit ch SSL Service s Module Command R eference OL-9105-01 Appe ndi x B Acr ony ms.
IN-1 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 INDEX Symbols # ch aract er (pri vile ged EX EC m ode p rompt) 1-5 $ char acter 1-8, 1-10 * (aster isk) 1-7 + (plus sign) 1-7 .
Index IN-2 Catalyst 6500 Series S witch SSL Services Module Command Referenc e OL-9105-01 comm and-l ine i nte rfac e See CLI comm and m odes acce ssing 1-5 exiting 1- 5 underst anding 1-5 comm ands m.
Inde x IN-3 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 configuring secondary interface 2-99 initiali zation de lay period 2-97 enab lin g 2-99 filtering of ICMP r.
Index IN-4 Catalyst 6500 Series S witch SSL Services Module Command Referenc e OL-9105-01 Multilayer Switch Feature Card See MSFC Multilayer Switching See MLS multiple- character patter ns 1-9 Multipl.
Inde x IN-5 Catalyst 6500 Serie s Switch SSL Serv ices Module C ommand Referen ce OL-9105-01 ROM mo nitor mode, summary 1-6 Route Proce ssor Redunda ncy See RPR Route Proce ssor Redunda ncy+ See RPR+ .
Index IN-6 Catalyst 6500 Series S witch SSL Services Module Command Referenc e OL-9105-01 config uration subm ode 2-49 user EX EC mode , sum mary 1-5 V value mask result See VMR virtual MAC addre ss 2.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté Cisco 6500 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du Cisco 6500 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation Cisco 6500, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le Cisco 6500 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le Cisco 6500, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du Cisco 6500.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le Cisco 6500. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei Cisco 6500 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.