Tracing Ssl Traffic Using The Cli - Nortel Secure Network Access Switch 4050 User Manual

136 Chapter 4 Configuring the domain
The Server 1001 menu includes the following options:
/cfg/domain #/server
followed by:
port <port>
interface
<interface ID>
dnsname <name>
trace
ssl
adv

Tracing SSL traffic using the CLI

To verify connectivity and to capture information about SSL and TCP traffic
between clients and the portal server, use the following command:
/cfg/domain #/server/trace
320818-A
Specifies the port to which the portal server listens for
HTTPS communications.
• is an integer in the range 1–65534 that
port
indicates the TCP port number. The default is 443.
Specifies the backend interface used by the server.
• is an integer that indicates the
interface ID
interface number. The default is 0.
Assigns a DNS name to the portal IP address.
• is the fully qualified domain name (FQDN) of
name
the pVIP (for example, nsnas.example.com).
Generally, you need to specify a DNS name only if your
corporate DNS server is unable to perform reverse
lookups of the portal IP address.
When you press Enter after specifying the DNS name,
the system performs a check against the DNS server
included in the system configuration (see
) to verify that:
/cfg/sys/dns
• the FQDN is registered in DNS
• the resolved IP address corresponds to the pVIP
Accesses the Trace menu, in order to capture and
analyze SSL and TCP traffic between clients and the
portal server. For more information, see
traffic using the CLI" on page
Accesses the SSL Settings menu, in order to
configure SSL settings for the portal server (see
"Configuring SSL settings using the CLI" on page
Accesses the Advance settings menu, in order to
configure traffic log settings for a syslog server (see
"Configuring traffic log settings using the CLI" on
page 142).
"Tracing SSL
136.
139).