Hardware Installation Guide
Page 18
... Document Title Cisco Content Services Switch Basic Configuration Guide Description Describes how to perform basic CSS configuration tasks, including: Services Owners Content rules Sticky parameters Source groups, Access Control Lists (ACLS), Extension Qualifier Lists (EQLs), Uniform Resource Locator Qualifier Lists (URQLs), Network Qualifier Lists (NQLs), and Domain Qualifier Lists (DQLs) HTTP header load balancing Content caching • • Cisco Content Services Switch Advanced...
... Document Title Cisco Content Services Switch Basic Configuration Guide Description Describes how to perform basic CSS configuration tasks, including: Services Owners Content rules Sticky parameters Source groups, Access Control Lists (ACLS), Extension Qualifier Lists (EQLs), Uniform Resource Locator Qualifier Lists (URQLs), Network Qualifier Lists (NQLs), and Domain Qualifier Lists (DQLs) HTTP header load balancing Content caching • • Cisco Content Services Switch Advanced...
Configuration Guide
Page 84
...ACL, boot, group, rmon, or owner configuration modes. Enter the SSL proxy list name as an SSL server. When you create and configure the entries in the CSS uses the virtual SSL servers to create the SSL proxy list, ssl_list1, enter: (config)# ssl-proxy-list ssl_list1 Create ssl-list , [y/n]: y Cisco Content Services Switch... SSL Configuration Guide 4-2 OL-5655-01 An SSL proxy list comprises one or more virtual SSL servers (related by index entry). Figure 4-1 SSL Termination Encrypted data Clear text 119567 Client CSS with an SSL ...
...ACL, boot, group, rmon, or owner configuration modes. Enter the SSL proxy list name as an SSL server. When you create and configure the entries in the CSS uses the virtual SSL servers to create the SSL proxy list, ssl_list1, enter: (config)# ssl-proxy-list ssl_list1 Create ssl-list , [y/n]: y Cisco Content Services Switch... SSL Configuration Guide 4-2 OL-5655-01 An SSL proxy list comprises one or more virtual SSL servers (related by index entry). Figure 4-1 SSL Termination Encrypted data Clear text 119567 Client CSS with an SSL ...
Configuration Guide
Page 138
After you create and configure the entries in a proxy list, you activate the service, the CSS transfers the data to an SSL content rule. Creating an SSL Proxy List An SSL proxy list is a group of related back-end SSL servers that are associated with... for ACL, boot, group, rmon, or owner configuration modes. To create an SSL proxy list, use this command from most configuration modes except for a single SSL proxy list. For example, to create the SSL proxy list, ssl_list1, enter: (config)# ssl-proxy-list ssl_list1 Create ssl-list , [y/n]: y Cisco Content Services Switch SSL ...
After you create and configure the entries in a proxy list, you activate the service, the CSS transfers the data to an SSL content rule. Creating an SSL Proxy List An SSL proxy list is a group of related back-end SSL servers that are associated with... for ACL, boot, group, rmon, or owner configuration modes. To create an SSL proxy list, use this command from most configuration modes except for a single SSL proxy list. For example, to create the SSL proxy list, ssl_list1, enter: (config)# ssl-proxy-list ssl_list1 Create ssl-list , [y/n]: y Cisco Content Services Switch SSL ...
Configuration Guide
Page 161
... you activate the service, the CSS transfers the configuration data to the SSL module. You can access the ssl-proxy-list configuration mode from most configuration modes except for ACL, boot, group, rmon, or owner configuration modes. OL-5655-01 Cisco Content Services Switch SSL Configuration Guide ...6-3 You can also use the ssl-proxy-list command. You can then add each SSL initiation service to access another SSL proxy ...
... you activate the service, the CSS transfers the configuration data to the SSL module. You can access the ssl-proxy-list configuration mode from most configuration modes except for ACL, boot, group, rmon, or owner configuration modes. OL-5655-01 Cisco Content Services Switch SSL Configuration Guide ...6-3 You can also use the ssl-proxy-list command. You can then add each SSL initiation service to access another SSL proxy ...
Administration Guide
Page 7
... Features 4-1 Logging Overview 4-2 CSS Logging Quick Start Table 4-4 Specifying Logging Buffer Size 4-6 Configuring Logging for a Subsystem 4-7 Enabling and Disabling Logging for a Subsystem 4-7 Configuring a Log Message for a Subsystem at a Logging Level 4-10 Logging ACL Activity 4-11 Sending Log Messages to an E-Mail Address 4-12 Specifying a Log File Destination 4-13 Specifying a Log ....log File on the Disk 4-14 Specifying a Host for a Log File Destination 4-16 Specifying a Line for a Log File Destination 4-17 Logging CLI Commands 4-18 Cisco Content Services Switch Administration Guide vii
... Features 4-1 Logging Overview 4-2 CSS Logging Quick Start Table 4-4 Specifying Logging Buffer Size 4-6 Configuring Logging for a Subsystem 4-7 Enabling and Disabling Logging for a Subsystem 4-7 Configuring a Log Message for a Subsystem at a Logging Level 4-10 Logging ACL Activity 4-11 Sending Log Messages to an E-Mail Address 4-12 Specifying a Log File Destination 4-13 Specifying a Log ....log File on the Disk 4-14 Specifying a Host for a Log File Destination 4-16 Specifying a Line for a Log File Destination 4-17 Logging CLI Commands 4-18 Cisco Content Services Switch Administration Guide vii
Administration Guide
Page 44
...the valid existing header-field group components of the running -config file. Displays access control list (ACL) information in which you configure the CSS. For information about a specific ACL, include its index number. • show running-config dql {dql name} - Displays the ...in the running-config file (such as a case-sensitive unquoted text string. • show running-config header-field-group ?. 1-10 Cisco Content Services Switch Administration Guide OL-5647-02 For information about a specific group, enter name as a case-sensitive unquoted text string. • show ...
...the valid existing header-field group components of the running -config file. Displays access control list (ACL) information in which you configure the CSS. For information about a specific ACL, include its index number. • show running-config dql {dql name} - Displays the ...in the running-config file (such as a case-sensitive unquoted text string. • show running-config header-field-group ?. 1-10 Cisco Content Services Switch Administration Guide OL-5647-02 For information about a specific group, enter name as a case-sensitive unquoted text string. • show ...
Administration Guide
Page 48
... address) • Interface - RMON history configurations • ACL - Configuration information relating to the CSS (for features in the same sequence as occurs in the startup-config file. 1-14 Cisco Content Services Switch Administration Guide OL-5647-02 Source group configurations • RMON Event - Owner name, content rule name, and content rules • Group - The ssl-proxy-list configuration...
... address) • Interface - RMON history configurations • ACL - Configuration information relating to the CSS (for features in the same sequence as occurs in the startup-config file. 1-14 Cisco Content Services Switch Administration Guide OL-5647-02 Source group configurations • RMON Event - Owner name, content rule name, and content rules • Group - The ssl-proxy-list configuration...
Administration Guide
Page 49
...When you use this command are found , the CSS displays the locations of its use of 10, the CSS tries to find the addresses from 192.168.1.1 through 192.168.1.10. A prefix length in all services, source groups, content rules, ACLs, the management port, the syslog, Application Peering ... Running-Config File To avoid IP address conflicts when you configure the CSS, you enter an IP address of 192.168.1.1 with the ip_or_host address. Enter a number from the prefix length. - VLAN1 Interface - 192.168.2.117. VLAN1 OL-5647-02 Cisco Content Services Switch Administration Guide 1-15
...When you use this command are found , the CSS displays the locations of its use of 10, the CSS tries to find the addresses from 192.168.1.1 through 192.168.1.10. A prefix length in all services, source groups, content rules, ACLs, the management port, the syslog, Application Peering ... Running-Config File To avoid IP address conflicts when you configure the CSS, you enter an IP address of 192.168.1.1 with the ip_or_host address. Enter a number from the prefix length. - VLAN1 Interface - 192.168.2.117. VLAN1 OL-5647-02 Cisco Content Services Switch Administration Guide 1-15
Administration Guide
Page 125
...acl, all ) and level (default warning). Specify the disk filename - IP address logging host of the syslog daemon on the 192.168.11.3 host or a host name logging host myhost.domain.com log line - Specify the disk size - CSS active session logging line vty1 OL-5647-02 Cisco Content Services Switch... Administration Guide 4-5 Chapter 4 Using the CSS Logging Features Logging Overview Table 4-2 Configuring and Enabling Logging Step Logging ...
...acl, all ) and level (default warning). Specify the disk filename - IP address logging host of the syslog daemon on the 192.168.11.3 host or a host name logging host myhost.domain.com log line - Specify the disk size - CSS active session logging line vty1 OL-5647-02 Cisco Content Services Switch... Administration Guide 4-5 Chapter 4 Using the CSS Logging Features Logging Overview Table 4-2 Configuring and Enabling Logging Step Logging ...
Administration Guide
Page 127
... logging for the chassis. (config)# logging subsystem chassis level critical-2 OL-5647-02 Cisco Content Services Switch Administration Guide 4-7 The CSS logs all CSS subsystems is set at a Logging Level • Logging ACL Activity • Sending Log Messages to log informational messages (info-6), the CSS also logs notice, warning, error, critical, alert, and fatal error levels. For example...
... logging for the chassis. (config)# logging subsystem chassis level critical-2 OL-5647-02 Cisco Content Services Switch Administration Guide 4-7 The CSS logs all CSS subsystems is set at a Logging Level • Logging ACL Activity • Sending Log Messages to log informational messages (info-6), the CSS also logs notice, warning, error, critical, alert, and fatal error levels. For example...
Administration Guide
Page 131
... debug-7 command in Table 4-4. Enter the ACL mode for all ACL clauses, enter: (config)# no logging subsystem acl OL-5647-02 Cisco Content Services Switch Administration Guide 4-11 Logging ACL Activity When you configure the CSS to 7, as shown in configuration mode. The CSS sends log information to enable logging. (config)# acl 7 (config-acl[7])# 2. Enable logging for: • A new clause, by using...
... debug-7 command in Table 4-4. Enter the ACL mode for all ACL clauses, enter: (config)# no logging subsystem acl OL-5647-02 Cisco Content Services Switch Administration Guide 4-11 Logging ACL Activity When you configure the CSS to 7, as shown in configuration mode. The CSS sends log information to enable logging. (config)# acl 7 (config-acl[7])# 2. Enable logging for: • A new clause, by using...
Administration Guide
Page 141
... for the show log-state command to display the state of logging for CSS facilities. Chapter 4 Using the CSS Logging Features Showing Log Files Showing the Log State Use the show log-state Command Field Subsystems: acl app boomerang buffer cdp chassis circuit csdpeer dhcp dql fac flowagent flowmgr fp-...FAC) Flow agent Flow manager subsystem Fathpath driver Header Field Group (HFG) Internet Protocol version 4 (IPv4) Keepalive NAT manager Network management OL-5647-02 Cisco Content Services Switch Administration Guide 4-21 For example: (config)# show log-state command output.
... for the show log-state command to display the state of logging for CSS facilities. Chapter 4 Using the CSS Logging Features Showing Log Files Showing the Log State Use the show log-state Command Field Subsystems: acl app boomerang buffer cdp chassis circuit csdpeer dhcp dql fac flowagent flowmgr fp-...FAC) Flow agent Flow manager subsystem Fathpath driver Header Field Group (HFG) Internet Protocol version 4 (IPv4) Keepalive NAT manager Network management OL-5647-02 Cisco Content Services Switch Administration Guide 4-21 For example: (config)# show log-state command output.
Administration Guide
Page 154
... ACL statement. The log message appears for the packet (certain source or destination ports do not create a flow). The log message appears for the Cisco 11500 series CSS. This table includes information on the possible cause and corrective action, if required. Log messages are divided by logging subsystem, with ICMP or RIP. 4-34 Cisco Content Services Switch...
... ACL statement. The log message appears for the packet (certain source or destination ports do not create a flow). The log message appears for the Cisco 11500 series CSS. This table includes information on the possible cause and corrective action, if required. Log messages are divided by logging subsystem, with ICMP or RIP. 4-34 Cisco Content Services Switch...
Administration Guide
Page 164
...a circuit but the circuit is still referenced by an ACL or to the deleted circuit. Verify the CSS configuration and make the necessary modifications to remove references to another configuration parameter. This log message indicates the CSS received a packet that is used only when traffic is ...] An mbuf is sent to send the packet up the VxWorks IP stack, the CSS had no remaining buffers. If you receive this message, contact Cisco Systems TAC. 4-44 Cisco Content Services Switch Administration Guide OL-5647-02 They are separate from those used for circuit 1015 not found...
...a circuit but the circuit is still referenced by an ACL or to the deleted circuit. Verify the CSS configuration and make the necessary modifications to remove references to another configuration parameter. This log message indicates the CSS received a packet that is used only when traffic is ...] An mbuf is sent to send the packet up the VxWorks IP stack, the CSS had no remaining buffers. If you receive this message, contact Cisco Systems TAC. 4-44 Cisco Content Services Switch Administration Guide OL-5647-02 They are separate from those used for circuit 1015 not found...
Administration Guide
Page 221
...Simple Network Management Protocol (SNMP) CSS MIBs Table 5-7 MIB Branches Under the CSS Enterprise MIB MIB Filename MIB Module Description Related CLI Commands aclExt.mib The CSS access control list (ACL) (config-acl)# ? (OID 1.3.6.1.4.1.9.9.368.1.23...cisco-apent.mib (OID 1.3.6.1.4.1.9.9.368.1) CSS Enterprise MIB branch hierarchy apIpv4.mib (OID 1.3.6.1.4.1.9.9.368.1.9.1) MIB support for IPv4 global information, box-to -box redundancy apIpv4Ospf.mib (OID 1.3.6.1.4.1.9.9.368.1.9.3.2) MIB support for the Open Shortest (config)# ospf ? OL-5647-02 Cisco Content Services Switch...
...Simple Network Management Protocol (SNMP) CSS MIBs Table 5-7 MIB Branches Under the CSS Enterprise MIB MIB Filename MIB Module Description Related CLI Commands aclExt.mib The CSS access control list (ACL) (config-acl)# ? (OID 1.3.6.1.4.1.9.9.368.1.23...cisco-apent.mib (OID 1.3.6.1.4.1.9.9.368.1) CSS Enterprise MIB branch hierarchy apIpv4.mib (OID 1.3.6.1.4.1.9.9.368.1.9.1) MIB support for IPv4 global information, box-to -box redundancy apIpv4Ospf.mib (OID 1.3.6.1.4.1.9.9.368.1.9.3.2) MIB support for the Open Shortest (config)# ospf ? OL-5647-02 Cisco Content Services Switch...
Administration Guide
Page 263
...As an example, the following commands configure an access control list (ACL): acl 98 clause 10 permit any any dest any apply circuit-(VLAN3) In another example, the following commands configure a CSS Ethernet interface: interface ethernet-6 bridge vlan 3 circuit VLAN3 ip address...CSS Creating XML Code 4. Many of the modes have commands allowing you can use in global configuration mode and its own set of the CLI commands in the XML file. Pay attention to the allowable CLI command conventions for syntax and variable argument in the XML file. OL-5647-02 Cisco Content Services Switch...
...As an example, the following commands configure an access control list (ACL): acl 98 clause 10 permit any any dest any apply circuit-(VLAN3) In another example, the following commands configure a CSS Ethernet interface: interface ethernet-6 bridge vlan 3 circuit VLAN3 ip address...CSS Creating XML Code 4. Many of the modes have commands allowing you can use in global configuration mode and its own set of the CLI commands in the XML file. Pay attention to the allowable CLI command conventions for syntax and variable argument in the XML file. OL-5647-02 Cisco Content Services Switch...
Administration Guide
Page 379
...6-17 ACLs disabling logging globally 4-11 logging activity 4-11 running-config, displaying in 1-10, 1-14 activating RMON alarm 6-21 RMON event 6-9 RMON history 6-26 active SCM, copying boot configuration record 2-16 ADI included on Cisco.com ...A-2 removing 1-24, A-13 unpacking 1-24 administrative password setting B-19 administrative username setting B-19 advanced options for Offline Diagnostic Monitor menu B-17 agent CSS as SNMP agent, defining 5-11 .... See ADI audience xxiv OL-5647-02 Cisco Content Services Switch Administration Guide IN-1
...6-17 ACLs disabling logging globally 4-11 logging activity 4-11 running-config, displaying in 1-10, 1-14 activating RMON alarm 6-21 RMON event 6-9 RMON history 6-26 active SCM, copying boot configuration record 2-16 ADI included on Cisco.com ...A-2 removing 1-24, A-13 unpacking 1-24 administrative password setting B-19 administrative username setting B-19 advanced options for Offline Diagnostic Monitor menu B-17 agent CSS as SNMP agent, defining 5-11 .... See ADI audience xxiv OL-5647-02 Cisco Content Services Switch Administration Guide IN-1
Administration Guide
Page 384
... destination, specifying 4-16 log activity 4-18 log state 4-21 restoring archived files 1-28 showing 4-18 sys.log 1-3 logging ACL activity 4-11 boot.bak 4-3 boot.log 4-3 CLI commands 4-18 commands 4-2 configuring from config mode 4-4 CSS line destination, specifying 4-17 disabling 4-17 disabling to sys.log file 4-14 enabling for a subsystem 4-7 enabling to sys... 4-18, 4-21 specifying disk buffer size 4-6 subsystem, disabling for 4-7 subsystem, enabling on 4-7 sys.log 4-3 to a specific file on disk 4-14 to host, disabling 4-17 IN-6 Cisco Content Services Switch Administration Guide OL-5647-02
... destination, specifying 4-16 log activity 4-18 log state 4-21 restoring archived files 1-28 showing 4-18 sys.log 1-3 logging ACL activity 4-11 boot.bak 4-3 boot.log 4-3 CLI commands 4-18 commands 4-2 configuring from config mode 4-4 CSS line destination, specifying 4-17 disabling 4-17 disabling to sys.log file 4-14 enabling for a subsystem 4-7 enabling to sys... 4-18, 4-21 specifying disk buffer size 4-6 subsystem, disabling for 4-7 subsystem, enabling on 4-7 sys.log 4-3 to a specific file on disk 4-14 to host, disabling 4-17 IN-6 Cisco Content Services Switch Administration Guide OL-5647-02