Cisco Catalyst 6500 Series Command Reference Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. 6500 - Catalyst Series 10 Gigabit EN Interface Module...
  6. Command reference manual
Cisco Catalyst 6500 Series Command Reference Manual

Cisco Catalyst 6500 Series Command Reference Manual

Ssl services module command reference
Hide thumbs Also See for Catalyst 6500 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Troubleshooting Manual, Reference Manual
Catalyst 6500 Series Switch
SSL Services Module Command Reference
Release 3.1
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Text Part Number: OL-9105-01

Advertisement

Table of Contents
loading

Related Manuals for Cisco Catalyst 6500 Series

Summary of Contents for Cisco Catalyst 6500 Series

  • Page 1 Catalyst 6500 Series Switch SSL Services Module Command Reference Release 3.1 Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 Text Part Number: OL-9105-01...
  • Page 2 OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco...

  • Page 3: Table Of Contents

    Using the No and Default Forms of Commands Using the CLI String Search Regular Expressions Alternation Anchoring Parentheses for Recall OL-9105-01 viii 1-10 1-10 1-11 Catalyst 6500 Series Switch SSL Services Module Command Reference C O N T E N T S xiii...
  • Page 4 Contents Commands for the Catalyst 6500 Series Switch SSL Services Module C H A P T E R clear ssl-proxy conn clear ssl-proxy content clear ssl-proxy session clear ssl-proxy stats crypto pki export pem crypto pki import pem crypto pki export pkcs12...
  • Page 5 N D E X OL-9105-01 2-72 2-75 2-77 2-82 2-84 2-85 2-86 2-87 2-89 2-90 2-91 2-93 2-94 2-95 2-96 2-97 2-99 2-101 2-103 2-104 2-105 2-107 2-109 2-111 2-113 2-115 2-116 Catalyst 6500 Series Switch SSL Services Module Command Reference Contents...
  • Page 6 Contents Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01...

  • Page 7: Preface

    Chapter 1 Chapter 2 Appendix A Related Documentation The Catalyst 6500 series switch Cisco IOS documentation set includes these documents: Release Notes for Catalyst 6500 Series Switch SSL Services Module Release 3.x • • Catalyst 6500 Series Switch SSL Services Module Configuration Note Catalyst 6500 Series Switch SSL Services Module System Message Guide •...

  • Page 8: Conventions

    < > !, # Catalyst 6500 Series Switch SSL Services Module Command Reference viii Description Commands, command options, and keywords are in boldface. Arguments for which you supply values are in italics. Elements in square brackets are optional.

  • Page 9: Obtaining Documentation

    The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com users (Cisco direct customers) can order a Product Documentation DVD (product number DOC-DOCDVD=) from Cisco Marketplace at this URL: http://www.cisco.com/go/marketplace/ OL-9105-01 Catalyst 6500 Series Switch SSL Services Module Command Reference Obtaining Documentation...

  • Page 10: Ordering Documentation

    If you prefer to see advisories and notices as they are updated in real time, you can access a Product Security Incident Response Team Really Simple Syndication (PSIRT RSS) feed from this URL: http://www.cisco.com/en/US/products/products_psirt_rss_feed.html Catalyst 6500 Series Switch SSL Services Module Command Reference or by fax at 1 408 519-5001 in the United States and Canada, Preface...

  • Page 11: Reporting Security Problems In Cisco Products

    ID and password. If you have a valid service contract but do not have a user ID or password, you can register at this URL: http://tools.cisco.com/RPF/register/register.do OL-9105-01 security-alert@cisco.com psirt@cisco.com Catalyst 6500 Series Switch SSL Services Module Command Reference Obtaining Technical Assistance...

  • Page 12: Submitting A Service Request

    You and Cisco will commit resources during normal business hours to restore service to satisfactory levels. Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations. Catalyst 6500 Series Switch SSL Services Module Command Reference Preface OL-9105-01...

  • Page 13: Obtaining Additional Publications And Information

    You can access Packet magazine at this URL: http://www.cisco.com/packet iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies • learn how they can use technology to increase revenue, streamline their business, and expand services.
  • Page 14 Preface Obtaining Additional Publications and Information Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01...

  • Page 15: Chapter 1 Command-Line Interface

    This chapter provides information for understanding and using the Catalyst 6500 series switch SSL Services Module software using the command-line interface (CLI). The CLI for the Catalyst 6500 series switch SSL Services Module is based on the Cisco IOS CLI. For information about Cisco IOS...

  • Page 16: How To Find Command Options

    To display keywords for a command, enter a question mark (?) at the configuration prompt or after entering part of a command followed by a space. The Catalyst 6500 series SSL Services Module software displays a list of available keywords along with a brief description of the keywords.
  • Page 17 Because a indicates that you must enter more information to complete the command. Catalyst 6500 Series Switch SSL Services Module Command Reference How to Find Command Options is not displayed, it <cr>...
  • Page 18 1 mode auto ? <cr> ssl-proxy(config-if)# ssl-proxy(config-if)# channel-group 1 mode auto ssl-proxy(config-if)# Catalyst 6500 Series Switch SSL Services Module Command Reference Chapter 1 Command-Line Interface Comment After you enter the group keyword, enter a ? to display what you must enter next on the command line.

  • Page 19: Understanding Command Modes

    (?) at the system prompt. When you start a session on the Catalyst 6500 series switch, you begin in user mode, often called EXEC mode. Only a limited subset of the commands are available in EXEC mode. In order to have access to all commands, you must enter privileged EXEC mode.

  • Page 20: Using The No And Default Forms Of Commands

    In these cases, the default form of the command enables the command and sets variables to their default values. This publication describes what the default form of a command does if the command is not the same as the no form. Catalyst 6500 Series Switch SSL Services Module Command Reference Prompt Exit Method...

  • Page 21: Using The Cli String Search

    Matches 0 or more sequences of the pattern. Matches 1 or more sequences of the pattern. Matches 0 or 1 occurrences of the pattern. Catalyst 6500 Series Switch SSL Services Module Command Reference Using the CLI String Search Table 1-4...
  • Page 22 [^a-dqsv] This example matches anything except a right square bracket (]) or the letter d: [^\]d] Catalyst 6500 Series Switch SSL Services Module Command Reference Special Meaning Matches the beginning of the string. Matches the end of the string.
  • Page 23 Matches 0 or more single- or multiple-character patterns. Matches 1 or more single- or multiple-character patterns. Matches 0 or 1 occurrences of the single- or multiple-character patterns. Catalyst 6500 Series Switch SSL Services Module Command Reference Using the CLI String Search Table 1-5...

  • Page 24: Alternation

    (^), the end of a string ($), parentheses ( ), space ( ), braces { }, comma (,), or underscore (_). With the underscore character, you can specify that a pattern exist anywhere in the string. Catalyst 6500 Series Switch SSL Services Module Command Reference 1-10 Description Matches the beginning of the string.

  • Page 25: Parentheses For Recall

    The regular expression can match aZbcTZT. The software remembers that character 1 is Z and character 2 is T and then uses Z and T again later in the regular expression. Catalyst 6500 Series Switch SSL Services Module Command Reference 1-11...
  • Page 26 Chapter 1 Command-Line Interface Using the CLI String Search Catalyst 6500 Series Switch SSL Services Module Command Reference 1-12 OL-9105-01...

  • Page 27: Chapter 2 Commands For The Catalyst 6500 Series Switch Ssl Services Module

    Commands for the Catalyst 6500 Series Switch SSL Services Module This chapter contains an alphabetical listing of commands for the Catalyst 6500 series switch SSL Services Module. For additional SSL Services Module information, refer to the following documentation: Catalyst 6500 Series Switch SSL Services Module Configuration Note •...

  • Page 28: Clear Ssl-Proxy Conn

    CPU • tcp2—TCP2 CPU • (Optional) Clears the connections for the specified service. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: context name • module module •...

  • Page 29: Clear Ssl-Proxy Content

    • fdu—FDU CPU • • ssl1—SSL1 CPU • tcp1—TCP1 CPU tcp2—TCP2 CPU • Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. Catalyst 6500 Series Switch SSL Services Module Command Reference clear ssl-proxy content...

  • Page 30: Clear Ssl-Proxy Session

    • tcp2—TCP2 CPU • (Optional) Clears the session cache for the specified service. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: context name • module module •...

  • Page 31: Clear Ssl-Proxy Stats

    Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module clear ssl-proxy stats To reset the statistics counters that are maintained in the different system components on the SSL Services Module, use the clear ssl-proxy stats command. clear ssl-proxy stats [context [name] | crypto | fdu | hdr | ipc | module [module] | pki | service |...
  • Page 32 Catalyst 6500 Series Switch SSL Services Module Command Reference Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: context name •...

  • Page 33: Crypto Pki Export Pem

    • Pass phrase that is used to protect the private key. Modification Support for this command was introduced on the Catalyst 6500 series switches. The syntax for this command changed from crypto ca to crypto pki. Catalyst 6500 Series Switch SSL Services Module Command Reference...
  • Page 34 % Do you really want to overwrite it? [yes/no]: yes !Writing file to tftp://10.1.1.1/tp99.crt! ssl-proxy(config)# Related Commands crypto pki import pem Catalyst 6500 Series Switch SSL Services Module Command Reference Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 35: Crypto Pki Import Pem

    Specifies that two special-usage key pairs should be generated, instead of one general-purpose key pair. Modification Support for this command was introduced on the Catalyst 6500 series switches. The syntax for this command changed from crypto ca to crypto pki.
  • Page 36 *Apr 11 15:11:29.901: %SYS-5-CONFIG_I: Configured from console by console Related Commands crypto pki export pem Catalyst 6500 Series Switch SSL Services Module Command Reference 2-10 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 37: Crypto Pki Export Pkcs12

    (Optional) Specifies the name of the PKCS12 file to import. Specifies the pass phrase of the PKCS12 file. Modification Support for this command was introduced on the Catalyst 6500 series switches. The syntax for this command changed from crypto ca to crypto pki.
  • Page 38 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module crypto pki export pkcs12 Examples This example shows how to export a PKCS12 file using SCP: ssl-proxy(config)# crypto pki export TP1 pkcs12 scp: sky is blue Address or name of remote host []? 10.1.1.1 Destination username [ssl-proxy]? admin-1 Destination filename [TP1]? TP1.p12...

  • Page 39: Crypto Pki Import Pkcs12

    (Optional) Specifies the name of the PKCS12 file to import. Specifies the pass phrase of the PKCS12 file. Modification Support for this command was introduced on the Catalyst 6500 series switches. The syntax for this command changed from crypto ca to crypto pki.
  • Page 40 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module crypto pki import pkcs12 Examples This example shows how to import a PKCS12 file using SCP: ssl-proxy(config)# crypto pki import TP2 pkcs12 scp: sky is blue Address or name of remote host []? 10.1.1.1 Source username [ssl-proxy]? admin-1 Source filename [TP2]? /users/admin-1/pkcs12/TP2.p12...

  • Page 41: Crypto Key Decrypt Rsa

    (Optional) Writes the configuration to the startup configuration. (Optional) Name of the key. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. Catalyst 6500 Series Switch SSL Services Module Command Reference crypto key decrypt rsa...

  • Page 42: Crypto Key Encrypt Rsa

    Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module (Optional) Writes the configuration to the startup configuration. (Optional) Name of the key. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. OL-9105-01...

  • Page 43: Crypto Key Export Rsa Pem

    Specifies the 56-bit DES-CBC encryption algorithm. (Optional) Specifies that the key can be exported. Pass phrase. Modification Support for this command was introduced on the Catalyst 6500 series switches. Catalyst 6500 Series Switch SSL Services Module Command Reference crypto key export rsa pem...
  • Page 44 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module crypto key export rsa pem Examples This example shows how to export a key from the SSL Services Module: ssl-proxy(config)# crypto key export rsa test-keys pem url scp: 3des password...

  • Page 45: Crypto Key Import Rsa Pem

    TFTP: file system (Optional) Specifies that the key can be exported. Pass phrase. Modification Support for this command was introduced on the Catalyst 6500 series switches. Catalyst 6500 Series Switch SSL Services Module Command Reference crypto key import rsa pem...
  • Page 46 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module crypto key import rsa pem Examples This example shows how to import a PEM-formatted RSA key from an external system and export the PEM-formatted RSA key to the SSL Services Module: ssl-proxy(config)# crypto key import rsa newkeys pem url scp: password % Importing public key or certificate PEM file...

  • Page 47: Crypto Key Lock Rsa

    OL-9105-01 (Optional) Name of the key. Pass phrase. Modification Support for this command was introduced on the Catalyst 6500 series switches. Catalyst 6500 Series Switch SSL Services Module Command Reference crypto key lock rsa 2-21...

  • Page 48: Crypto Key Unlock Rsa

    Catalyst 6500 Series Switch SSL Services Module Command Reference 2-22 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module (Optional) Name of the key. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. OL-9105-01...

  • Page 49: Debug Ssl-Proxy

    Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module debug ssl-proxy To turn on the debug flags in different system components, use the debug ssl-proxy command. Use the no form of this command to turn off the debug flags.
  • Page 50 Catalyst 6500 Series Switch SSL Services Module Command Reference 2-24 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: content type •...
  • Page 51 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Use the TCP debug commands only to troubleshoot basic connectivity issues under little or no load Note conditions (for instance, when no connection is being established to the virtual server or real server).
  • Page 52 Catalyst 6500 Series Switch SSL Services Module Command Reference 2-26 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module EXEC-level command to be executed. Modification Support for this command was introduced on the Catalyst 6500 series switches. OL-9105-01...

  • Page 53: Interface Ssl-Proxy

    [secondary] OL-9105-01 Subinterface ID; valid values are from 0 to 4294967295. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. This command replaces the ssl-proxy vlan command. Description Sets a command to its defaults.
  • Page 54 If it is configured to preempt, it becomes the active router but cannot provide adequate routing services. You can configure a delay before the preempting router actually preempts the currently active router. Catalyst 6500 Series Switch SSL Services Module Command Reference 2-28 Chapter 2...
  • Page 55 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module type time—Specifies the preemption type and delay; valid values are as follows: • minimum time—Specifies the minimum delay period in delay seconds; valid values are from 0 – to 3600 seconds (1 hour).

  • Page 56: Natpool

    Last IP address in the pool. Specifies the netmask address. Modification Support for this command was introduced on the Catalyst 6500 series switches. The natpool command (entered in context subcommand mode) replaces the ssl-proxy natpool command (entered in global subcommand mode).

  • Page 57: Policy Health-Probe Tcp

    OL-9105-01 TCP health probe policy name. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. Description (Optional) Allows you to set the interval between probes in seconds (from the end of the previous probe to the beginning of the next probe) when the server is healthy.
  • Page 58 Key Timestamp: 05:18:23 UTC Dec 30 2005 Serial Number: 12F332E200000000000D Root CA Certificate: Serial Number: 6522F512C30E078447D8AFC35567B101 Certificate chain complete Catalyst 6500 Series Switch SSL Services Module Command Reference 2-32 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Description (Optional) Allows you to set the maximum time to wait to establish a TCP connection.
  • Page 59 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module policy health-probe tcp Context name: ssl Context Id Admin Status: up Operation Status: down Proxy status: Health Probe Failed This example shows how to configure TCP health probe to check whether service at port 81 is up and running on server IP address 19.0.0.1:...

  • Page 60: Policy Http-Header

    Commands for the Catalyst 6500 Series SSL Services Module HTTP header policy name. Modification Support for this command was introduced on the Catalyst 6500 series switches. The policy http-header command (entered in context subcommand mode) replaces the ssl-proxy policy http-header command (entered in global subcommand mode).
  • Page 61 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Field To Insert ClientCert-Subject-CN ClientCert-Issuer-CN ClientCert-Certificate-Version ClientCert-Serial-Number ClientCert-Data-Signature-Algorithm ClientCert-Subject ClientCert-Issuer ClientCert-Not-Before ClientCert-Not-After ClientCert-Public-Key-Algorithm ClientCert-RSA-Public-Key-Size ClientCert-RSA-Modulus-Size ClientCert-RSA-Modulus ClientCert-RSA-Exponent ClientCert-X509v3-Authority-Key-Identifier ClientCert-X509v3-Basic-Constraints ClientCert-X509v3-Key-Usage ClientCert-X509v3-Subject-Alternative-Name ClientCert-X509v3-CRL-Distribution-Points ClientCert-X509v3-Authority-Information-Access ClientCert-Signature-Algorithm ClientCert-Signature Client Certificate in PEM format—When you specify client-cert pem, the SSL module sends the •...
  • Page 62 Table 2-3 HTTP Header Insertion Configuration Submode Command Descriptions Syntax alias user-defined-name standard-name client-cert [pem] Catalyst 6500 Series Switch SSL Services Module Command Reference 2-36 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Description The SSL session ID...
  • Page 63 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Table 2-3 HTTP Header Insertion Configuration Submode Command Descriptions (continued) Syntax client-ip-port custom custom-string prefix session Examples This example shows how to enter the HTTP header insertion configuration submode:...
  • Page 64 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module policy http-header In addition to the standard HTTP headers, the following header information is inserted: Note The alias name (My-Session-Cipher) is used instead of the standard name (session-cipher-name). SSL-OFFLOAD-Client-IP:7.100.100.1 SSL-OFFLOAD-Client-Port:59008 SSL-OFFLOAD-SOFTWARE VERSION:3.1(1)

  • Page 65: Policy Ssl

    Release 1.1(1) SSL Services Module Release 1.2(1) OL-9105-01 SSL policy name. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following subcommands: session-cache size size • timeout session timeout [absolute] •...
  • Page 66 [no] close-protocol {strict | none} default {cipher | close-protocol | session-cache | version} exit Catalyst 6500 Series Switch SSL Services Module Command Reference 2-40 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification This command was changed to add the following subcommands: cert-req empty •...
  • Page 67 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Table 2-4 SSL-Policy Configuration Submode Command Descriptions (continued) Syntax help renegotiation volume size renegotiation interval time renegotiation wait-time time renegotiation optional [no] session-cache session-cache size size timeout handshake timeout...
  • Page 68 SSL3.0, or TLS1.0) in the ClientHello message. Enter the tls-rollback [current | any] command if the SSL client uses the negotiated version instead of the maximum supported version (as specified in the ClientHello message). Catalyst 6500 Series Switch SSL Services Module Command Reference 2-42 Chapter 2...
  • Page 69 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module policy ssl When you enter the tls-rollback current command, the SSL protocol version can be either the maximum supported version or the negotiated version. When you enter the tls-rollback any command, the SSL protocol version is not checked at all.
  • Page 70 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module policy ssl Related Commands show ssl-proxy stats show ssl-proxy stats Catalyst 6500 Series Switch SSL Services Module Command Reference 2-44 OL-9105-01...

  • Page 71: Policy Tcp

    Release 3.1(1) OL-9105-01 TCP policy name. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the timeout reassembly time subcommand. This command was changed to add the tos carryover subcommand.
  • Page 72 [no] mss max-segment-size-in-bytes [no] nagle [no] timeout fin-wait timeout-in-seconds [no] timeout inactivity timeout-in-seconds [no] timeout syn timeout-in-seconds Catalyst 6500 Series Switch SSL Services Module Command Reference 2-46 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Description Allows you to configure the maximum size of the receive buffer share per connection;...
  • Page 73 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Table 2-5 Proxy-policy TCP Configuration Submode Command Descriptions (continued) Syntax [no] timeout reassembly time [no] tos carryover Usage Guidelines TCP commands that you enter on the SSL Services Module can apply either globally or to a particular proxy server.
  • Page 74 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module policy tcp This example shows how to define the maximum size for the receive buffer configuration: ssl-proxy (config-ctx-tcp-policy)# buffer-share rx 16384 ssl-proxy (config-ctx-tcp-policy)# This example shows how to define the maximum size for the transmit buffer configuration:...

  • Page 75: Policy Url-Rewrite

    • OL-9105-01 URL rewrite policy name. Modification Support for this command was introduced on the Catalyst 6500 series switches. The policy url-rewrite command (entered in context subcommand mode) replaces the ssl-proxy policy url-rewrite command (entered in global subcommand mode).
  • Page 76 80 sslport 443 redirectonly ssl-proxy(config-ctx-url-rewrite-policy# Related Commands show ssl-proxy policy Catalyst 6500 Series Switch SSL Services Module Command Reference 2-50 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 77: Pool Ca

    OL-9105-01 Certificate authority pool name. Modification Support for this command was introduced on the Catalyst 6500 series switches. The pool ca command (entered in context subcommand mode) replaces the ssl-proxy pool ca command (entered in global subcommand mode). Description Configures a certificate authority.

  • Page 78: Service

    SSL proxy name. (Optional) Allows you to configure the SSL-client proxy services. See the service client command. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following submode commands: authenticate •...
  • Page 79 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module In most cases, all of the SSL-server-proxy configurations that are performed are also valid for the SSL-client-proxy configuration, except for the following: You must configure a certificate for the SSL-server-proxy but you do not have to configure a •...
  • Page 80 This example shows how to configure the TCP policy for the specified virtual server: ssl-proxy (config-ctx-ssl-proxy)# virtual policy tcp tcppl1 ssl-proxy (config-ctx-ssl-proxy)# Catalyst 6500 Series Switch SSL Services Module Command Reference 2-54 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Description Applies an SSL policy with the client side of a proxy server.
  • Page 81 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module service This example shows how to configure a clear-text web server for the SSL Services Module to forward the decrypted traffic: ssl-proxy (config-ctx-ssl-proxy)# server ipaddr 207.50.0.50 protocol tcp port 80...

  • Page 82: Service Client

    Commands for the Catalyst 6500 Series SSL Services Module SSL proxy service name. Modification Support for this command was introduced on the Catalyst 6500 series switches. The service client command (entered in context subcommand mode) replaces the ssl-proxy service client command (entered in global subcommand mode).
  • Page 83 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Table 2-9 lists the commands that are available in proxy-client configuration submode. Table 2-9 Proxy-client Configuration Submode Command Descriptions Syntax certificate rsa general-purpose trustpoint trustpoint-name default {certificate | inservice | nat | server |...
  • Page 84 This example shows how to enable a NAT server address for the server connection of the specified service SSL offload: ssl-proxy (config-ctx-ssl-proxy)# nat server ssl-proxy (config-ctx-ssl-proxy)# Related Commands show ssl-proxy service Catalyst 6500 Series Switch SSL Services Module Command Reference 2-58 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 85: Show Interfaces Ssl-Proxy

    OL-9105-01 Subinterface ID; valid values are from 0 to 4294967295. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. Catalyst 6500 Series Switch SSL Services Module Command Reference show interfaces ssl-proxy 2-59...

  • Page 86: Show Ssl-Proxy Buffers

    Related Commands policy tcp Catalyst 6500 Series Switch SSL Services Module Command Reference 2-60 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification Support for this command was introduced on the Catalyst 6500 series switches. OL-9105-01...

  • Page 87: Show Ssl-Proxy Certificate-History

    Displays all certificate records of a proxy service and (optionally) for a specific proxy service. Modification Support for this command was introduced on the Catalyst 6500 series switches. Catalyst 6500 Series Switch SSL Services Module Command Reference show ssl-proxy certificate-history...
  • Page 88 Time of Key Generation:12:27:58 UTC Oct 30 2002 Subject Name:OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.9, OID.2.5.4.5 = B0FFF235 Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST = CA, C = US, EA =<16> simpson-pki@cisco.com Serial Number:5D3D1931000100000D99...
  • Page 89 Subject Name:CN = host1.cisco.com, OID.1.2.840.113549.1.9.2 = simpson5-2-ste.cisco.com, OID.1.2.840.113549.1.9.8 = 207.79.1.9, OID.2.5.4.5 = B0FFF235 Issuer Name:CN = SimpsonTestCA, OU = Simpson Lab, O = Cisco Systems, L = San Jose, ST = CA, C = US, EA =<16> simpson-pki@cisco.com Serial Number:24BC81B7000100000D85...

  • Page 90: Show Ssl-Proxy Conn

    Defaults This command has no default settings. Command Modes EXEC Catalyst 6500 Series Switch SSL Services Module Command Reference 2-64 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Displays the TCP connections for a specific address.
  • Page 91 No Bound Connection 2.50.50.132:443 No Bound Connection 2.50.50.132:443 No Bound Connection OL-9105-01 Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: context name • module module •...
  • Page 92 No Bound Connection 2.50.50.131:443 No Bound Connection 2.50.50.131:443 No Bound Connection 2.50.50.131:443 No Bound Connection Catalyst 6500 Series Switch SSL Services Module Command Reference 2-66 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Remote Address VLAN Conid 1.200.200.14:38814 58796 1.200.200.14:38815...

  • Page 93: Show Ssl-Proxy Context

    Context 'Default' has the following service(s) configured.. ssl-proxy# OL-9105-01 (Optional) Name of the context. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. : 65536 Catalyst 6500 Series Switch SSL Services Module Command Reference show ssl-proxy context...

  • Page 94: Show Ssl-Proxy Crash-Info

    (this process can take up to 10 minutes to complete printing). Modification Support for this command was introduced on the Catalyst 6500 series switches. ----------------------------- Commands for the Catalyst 6500 Series SSL Services Module...
  • Page 95 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module s0 :00000000, s1 :0024783C, s2 :00000000, s3 :00000000 s4 :00000001, s5 :0000003C, s6 :00000019, s7 :0000000F t8 :00000001, t9 :00000001, k0 :00400001, k1 :00000000 gp :0023AE80, sp :031FFF58, s8 :00000019, ra :00216894...

  • Page 96: Show Ssl-Proxy Mac Address

    STE MAC address: 00e0.b0ff.f232 ssl-proxy# Catalyst 6500 Series Switch SSL Services Module Command Reference 2-70 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification Support for this command was introduced on the Catalyst 6500 series switches. OL-9105-01...

  • Page 97: Show Ssl-Proxy Natpool

    Related Commands natpool OL-9105-01 (Optional) NAT pool name. (Optional) Context name. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the context name keyword. start-ip end-ip 207.57.110.1 207.57.110.8 Catalyst 6500 Series Switch SSL Services Module Command Reference...

  • Page 98: Show Ssl-Proxy Policy

    Displays the configured TCP policies. Displays the configured URL rewrite policies. (Optional) Policy name. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to include the http-header and url-rewrite keywords. This command was changed to add the health-probe tcp keyword.
  • Page 99 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module "g:" "h:" "i:" "j:" "k:" "l:" "m:" "n:" Usage count of this policy: 0 ssl-proxy# This example shows how to display policy information about a specific SSL policy that is configured on...
  • Page 100 Usage count of this policy: 1 Related Commands policy health-probe tcp policy http-header policy ssl policy tcp policy url-rewrite Catalyst 6500 Series Switch SSL Services Module Command Reference 2-74 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Clearport SSLport 8080 Usage-Count...

  • Page 101: Show Ssl-Proxy Service

    TCP Health Probe Policy: tcp-health OL-9105-01 (Optional) Service name. (Optional) Displays service information for the specifed context name. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the context name keyword. Context Name Admin...
  • Page 102 Context name: c1 Context Id Admin Status: up Operation Status: up ssl-proxy# Related Commands service service client Catalyst 6500 Series Switch SSL Services Module Command Reference 2-76 Chapter 2 : 167 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 103: Show Ssl-Proxy Stats

    See the “Usage Guidelines” section for additional information. Modification Support for this command was introduced on the Catalyst 6500 series switches. The output of the show ssl-proxy stats command was changed to include information about the session allocation failure and session limit-exceed table.
  • Page 104 Add ipcs Disable ipcs Unsolicited ipcs IOS broadcast pkts IOS total pkts ssl-proxy# Catalyst 6500 Series Switch SSL Services Module Command Reference 2-78 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module : 20636 Conns accepted : 28744...
  • Page 105 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module This example shows how to display the TCP statistics: ssl-proxy# show ssl-proxy stats tcp TCP Statistics: Connection related : Initiated Established Dropped before est Persist timeout drops : 0...
  • Page 106 Invalid Conn Entry URL Object Error 3xx URL Not Rewritten: 0 Scan Dbase not Init. : 0 Catalyst 6500 Series Switch SSL Services Module Command Reference 2-80 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Custom Headers Inserted : 0 Client Cert.
  • Page 107 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module This example shows how to display content statistics: ssl-proxy# show ssl-proxy stats content Scan object statistics in CPU: SSL1 Objects in use Obj alloc failures Max obj in use...

  • Page 108: Show Ssl-Proxy Status

    (Optional) Displays the SSL status. (Optional) Displays the TCP status. Modification Support for this command was introduced on the Catalyst 6500 series switches. The output of the show ssl-proxy status command was changed to include statistics that are displayed at a 5-second, 1-minute, and 5-minute traffic rate for CPU utilization.
  • Page 109 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module TCP cpu is alive! TCP cpu utilization: % process util proc cycles : 0x2E42C686 total cycles: 0x4E799DB3F5F8 % process util (5 sec) % process util (1 min) % process util (5 min)

  • Page 110: Show Ssl-Proxy Version

    System image file is "tftp://10.1.1.1/unknown" AP Version 3.1(1) ssl-proxy# Catalyst 6500 Series Switch SSL Services Module Command Reference 2-84 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Modification Support for this command was introduced on the Catalyst 6500 series switches. OL-9105-01...

  • Page 111: Show Ssl-Proxy Vlan

    CPU • tcp1—TCP1 CPU • Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the module module keyword. Catalyst 6500 Series Switch SSL Services Module Command Reference show ssl-proxy vlan...

  • Page 112: Snmp-Server Enable

    Enables ISAKMP traps. Enables SNMP traps. Enables SNMP SSL proxy notification traps. (Optional) Enables SSL proxy certificate-expiring notification traps. (Optional) Enables SSL proxy operation-status notification traps. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. OL-9105-01...

  • Page 113: Ssl-Proxy Context

    OL-9105-01 Name of the context. Modification Support for this command was introduced on the Catalyst 6500 series switches. Purpose and Guidelines Set a command to its defaults (Optional) Allows you to enter a short description for this context.
  • Page 114 80 ssl-proxy(config-ctx-tcp-probe)# exit ssl-proxy(config-context)# ssl-proxy(config-context)# description Example context ssl-proxy(config-context)# end ssl-proxy# Catalyst 6500 Series Switch SSL Services Module Command Reference 2-88 Chapter 2 Purpose and Guidelines Configures the HTTP header insertion policy. See “policy http-header” section on page Configures the SSL policy.

  • Page 115: Ssl-Proxy Crypto Selftest

    (Optional) Sets the time interval between test cases; valid values are from 1 to 8 seconds. Modification Support for this command was introduced on the Catalyst 6500 series switches. show ssl-proxy stats Catalyst 6500 Series Switch SSL Services Module Command Reference ssl-proxy crypto selftest crypto command.

  • Page 116: Ssl-Proxy Mac Address

    Catalyst 6500 Series Switch SSL Services Module Command Reference 2-90 Chapter 2 MAC address; see the “Usage Guidelines” section for additional information. Modification Support for this command was introduced on the Catalyst 6500 series switches. Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 117: Ssl-Proxy Pki

    Configures the check-expiring interval. Specifies the check-expiring interval; valid values are from 0 to 720 hours. Key and certificate history. Modification Support for this command was introduced on the Catalyst 6500 series switches. This command was changed to add the following keywords: authenticate •...
  • Page 118 This example shows how to enable PKI event-history: ssl-proxy (config)# ssl-proxy pki history ssl-proxy (config)# Related Commands show ssl-proxy stats Catalyst 6500 Series Switch SSL Services Module Command Reference 2-92 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 119: Ssl-Proxy Crypto Key Unlock Rsa

    OL-9105-01 Name of the key. Pass phrase. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. Catalyst 6500 Series Switch SSL Services Module Command Reference ssl-proxy crypto key unlock rsa 2-93...

  • Page 120: Ssl-Proxy Ip-Frag-Ttl

    Commands for the Catalyst 6500 Series SSL Services Module (Optional) Adjust the IP fragment reassembly timer; valid values are from 3 to 120 seconds. Modification Support for this command was introduced on the Catalyst 6500 series SSL Services Module. OL-9105-01...

  • Page 121: Ssl-Proxy Ssl Ratelimit

    This example shows how to allow new connections during overload conditions if memory is available: ssl-proxy (config)# no ssl-proxy ssl ratelimit ssl-proxy (config)# OL-9105-01 Modification Support for this command was introduced on the Catalyst 6500 series switches. Catalyst 6500 Series Switch SSL Services Module Command Reference ssl-proxy ssl ratelimit 2-95...

  • Page 122: Standby Authentication

    HSRP version. Specifies the authentication string, which can be up to eight characters. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.

  • Page 123: Standby Delay Minimum Reload

    We recommend that you use the standby delay minimum reload command if the standby timers command is configured in milliseconds or if HSRP is configured on a VLAN interface of a switch. In most configurations, the default values provide sufficient time for the packets to get through and configuring longer delay values is not necessary.
  • Page 124 (config-subif)# standby delay minimum 30 reload 120 ssl-proxy (config-subif)# Related Commands show standby delay standby preempt standby timers Catalyst 6500 Series Switch SSL Services Module Command Reference 2-98 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 125: Standby Ip

    (Optional) IP address of the hot standby router interface. (Optional) Indicates the IP address is a secondary hot standby router interface. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 126 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module standby ip Examples This example shows how to activate HSRP for group 1 on Ethernet interface 0. The IP address that is used by the hot standby group is learned using HSRP.

  • Page 127: Standby Mac-Address

    (Optional) Group number on the interface for which HSRP is being activated. The default is 0. MAC address. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 128 This example shows how to configure HSRP group 1 with the virtual MAC address: ssl-proxy (config-subif)# standby 1 mac-address 4000.1000.1060 ssl-proxy (config-subif)# Related Commands show standby standby version Catalyst 6500 Series Switch SSL Services Module Command Reference 2-102 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 129: Standby Mac-Refresh

    All other routers participating in HSRP on the FDDI ring receive the refresh packets, although the packets are intended only for the learning bridge or switch. Use this command to change the interval. Set the interval to 0 if you want to prevent refresh packets (if you have FDDI but do not have a learning bridge or switch).

  • Page 130: Standby Name

    Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module Name of the standby group. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.

  • Page 131: Standby Preempt

    (Optional) Specifies the preemption delay after a reload only. (Optional) Specifies the maximum synchronization period in delay seconds. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 132 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module standby preempt When you use group number 0, no group number is written to NVRAM, providing backward compatibility. IP-redundancy clients can prevent preemption from taking place. The standby preempt delay sync delay command specifies a maximum number of seconds to allow IP-redundancy clients to prevent preemption.

  • Page 133: Standby Priority

    1 to 255, where 1 denotes the lowest priority and 255 denotes the highest priority. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 134 This example shows how to change the router priority: ssl-proxy (config-subif)# standby priority 120 ssl-proxy (config-subif)# Related Commands standby track Catalyst 6500 Series Switch SSL Services Module Command Reference 2-108 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 135: Standby Redirects

    IP address that is contained in the packet is unknown in the HSRP table of real IP addresses and active virtual IP addresses. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 136 270 seconds on interface Ethernet 0: ssl-proxy (config-subif)# standby redirects timers 90 270 ssl-proxy (config-subif)# Related Commands show standby show standby redirect Catalyst 6500 Series Switch SSL Services Module Command Reference 2-110 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 137: Standby Timers

    Time (in seconds) before the active or standby router is declared to be down; see the “Usage Guidelines” section for valid values. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 138 50. interface ethernet 0 standby ip 172.18.10.1 standby timers msec 15 msec 50 Catalyst 6500 Series Switch SSL Services Module Command Reference 2-112 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 139: Standby Track

    (or incremented) when the tracked object goes down (or comes back up). Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.
  • Page 140 1 ip 10.1.0.1 standby 1 priority 100 standby 1 track 100 decrement 10 Related Commands standby preempt standby priority Catalyst 6500 Series Switch SSL Services Module Command Reference 2-114 Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module OL-9105-01...

  • Page 141: Standby Use-Bia

    (Optional) Specifies that this command is configured only for the subinterface on which it was entered, instead of the major interface. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.

  • Page 142: Standby Version

    Commands for the Catalyst 6500 Series SSL Services Module Specifies HSRP version 1. Specifies HSRP version 2. Modification Support for this command was introduced on the Catalyst 6500 series switches. The command mode for this command was changed from Proxy-VLAN to Subinterface.

  • Page 143: Appendix

    Bisync Block Serial Tunnel broadcast and unknown server bridge-group virtual interface content-addressable memory committed access rate Catalyst 6500 Series Switch SSL Services Module Command Reference A P P E N D I X...

  • Page 144: Appendix A Acronym

    CMNS COPS COPS-DS CPLD CUDD dCEF DISL DLSw Catalyst 6500 Series Switch SSL Services Module Command Reference Expansion context based access control circuit card assembly Cisco Discovery Protocol Cisco Express Forwarding Challenge Handshake Authentication Protocol committed information rate Common and Internal Spanning Tree...
  • Page 145 Firewall Services Module General Attribute Registration Protocol Gigabit Interface Converter GARP Multicast Registration Protocol GARP VLAN Registration Protocol Hot Standby Routing Protocol Inter-card Communication or interface controller card Catalyst 6500 Series Switch SSL Services Module Command Reference...
  • Page 146 IS-IS ISL VLANs LACP LACPDU LANE LAPB LECS Catalyst 6500 Series Switch SSL Services Module Command Reference Expansion International Code Designator Internet Control Message Protocol interface descriptor block initial domain part or Internet Datagram Protocol Intrusion Detection System Module IOS File System...
  • Page 147 Network Management Processor network service access point Network Time Protocol nonvolatile generation nonvolatile RAM Operation, Administration, and Maintenance order dependent merge Outgoing interface of a multicast {*,G} or {source, group} flow Catalyst 6500 Series Switch SSL Services Module Command Reference...
  • Page 148 PRID PVLANs PVST+ QM-SP Q-in-Q RACL RADIUS RGMP Catalyst 6500 Series Switch SSL Services Module Command Reference Expansion Open System Interconnection Optical Services Module open shortest path first port access entity Port Aggregation Protocol packet buffer daughterboard policy-based routing...
  • Page 149 Simple Multicast Routing Protocol Station Management Subnetwork Access Protocol Simple Network Management Protocol Switched Port Analyzer S-Record format, Motorola defined format for ROM contents Secure Sockets Layer Source Specific Multicast Cisco Shared Spanning Tree Catalyst 6500 Series Switch SSL Services Module Command Reference...
  • Page 150 VACL VINES VLAN VMPS VVID WCCP WRED Catalyst 6500 Series Switch SSL Services Module Command Reference Expansion Spanning Tree Protocol switched virtual circuit switched virtual interface Terminal Access Controller Access Control System Plus Target Identifier Address Resolution Protocol Ternary Content Addressable Memory...
  • Page 151 Appendix A Acronyms Table A-1 List of Acronyms (continued) Acronym OL-9105-01 Expansion weighted round-robin Xerox Network System Catalyst 6500 Series Switch SSL Services Module Command Reference...
  • Page 152 Appendix A Acronyms Catalyst 6500 Series Switch SSL Services Module Command Reference A-10 OL-9105-01...

  • Page 153: Appendix

    Acknowledgments for Open-Source Software The Cisco IOS software on the Catalyst 6500 series switches software pipe command uses Henry Spencer’s regular expression library (regex). Henry Spencer’s regular expression library (regex). Copyright 1992, 1993, 1994, 1997 Henry Spencer. All rights reserved. This software is not subject to any license of the American Telephone and Telegraph Company or of the Regents of the University of California.
  • Page 154 Appendix B Acronyms Catalyst 6500 Series Switch SSL Services Module Command Reference OL-9105-01...

  • Page 155: I N D E X

    Cisco Express Forwarding See CEF string search alternation anchoring 1-10 expressions filtering multiple-character patterns multipliers parentheses for recall searching outputs single-character patterns using Catalyst 6500 Series Switch SSL Services Module Command Reference I N D E X 2-51 1-10 1-11 IN-1...
  • Page 156 Ethernet over Multiprotocol Label Switching See EoMPLS EXEC-level commands issuing in other modes 2-26 expressions matching multiple expression occurrences Catalyst 6500 Series Switch SSL Services Module Command Reference IN-2 multiple-character patterns multiplying pattern occurrence single-character patterns specifying alternative patterns fast software upgrade...
  • Page 157 See MAC address table message digest 5 See MD5 message-of-the-day See MOTD MLSM multilayer switching for multicast 2-34 modes See command modes more commands filter search --More-- prompt filter search Catalyst 6500 Series Switch SSL Services Module Command Reference Index IN-3...
  • Page 158 2-91 disabling 2-91 enabling 2-91 policy-service configuration submode entering 2-52 privacy-enhanced mail Catalyst 6500 Series Switch SSL Services Module Command Reference IN-4 See PEM private VLANs See PVLANs privileged EXEC mode, summary prompts system Protocol Independent Multicast See PIM...
  • Page 159 2-34 Ternary Content Addressable Memory See TCAM 2-34 URL rewrite defining content policy displaying 2-86 policy information 2-86 entering Catalyst 6500 Series Switch SSL Services Module Command Reference Index 2-101 2-103 2-111 2-113 2-115 1-10 2-72 2-45 2-45 2-49 2-72...
  • Page 160 2-101 VLAN access control lists See VACL acronym for value mask result Web Cache Coprocessor Protocol See WCCP weighted random early detection See WRED weighted round robin See WRR Catalyst 6500 Series Switch SSL Services Module Command Reference IN-6 OL-9105-01...

Table of Contents