Command Line Reference for DXOS
Contents
1. Syntax set server compression msoffice lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression octetstream Description Disables or enables compression for application octet stream This command does not take effect until after a write operation Syntax set server compression octetstream lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx Mode s Global Configuration set server compression optimization Description Disables or enables compression for compression optimization No slide This command does not take effect until after a write operation Syntax set server compression optimization lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x Mode s Global Configuration set server compression Commands m 287 Command Line Reference Guide for DXOS set server compression pdf Description Syntax Roles Mode s Disables or enables compression for application pdf This command does not take effect until after a write operation set server compression pdf lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration2. Statistic Description A Number of A record requests made to the resolver NS Number of NS record requests made to the resolver CNAME Number of CNAME record requests made to the resolver SOA Number of SOA record requests made to the resolver PTR Number of PTR record requests made to the resolver MX Number of MX record requests made to the resolver Other Number of other valid DNS requests made to the resolver Syntax show gslb resolver lt name gt stats lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Server Load Balancer show gslb Commands m 421 Command Line Reference Guide for DXOS show gsIb resolver group stats Description Shows the statistics for a specific GSLB group To view a line of statistics every N seconds specify the number of seconds Table 17 GSLB Group Statistics Statistic Description Total Requests Number of A or CNAME requests handled by the group Pending Requests Pending requests generally waiting for an RTT response Total Replies Total number of DNS replies generated by this group Normal Replies Number of DNS answers with members in them FailIP Replies Number of DNS answers containing only the failure IP address Empty Replies Number of empty DNS answers Errors Number of internal errors Syntax show gslb resolver lt name gt group lt name gt stats lt seconds gt Roles Network N
3. clear activeN Commands on page 27 Clear the member IP address or statistics for an ActiveN group remove a complete ActiveN group disassociate a blade from a group or clear the statistics for a blade clear admin Commands on page 30 Clear administrative settings such as TFTP SCP Syslog E Mail interface TSDump TCPDump and logging clear authentication cache on page 38 Clear the authentication cache Optional Features m 7 Command Line Reference Guide for DXOS Command Description clear cache on page 38 Clear statistics and cached objects for one or all 3G caches clear cluster aaa authentication Commands on page 39 Clear cluster authentication options and certificate files clear cluster apprule ruleset on page 43 Clear cluster authentication options and certification files clear cluster cache on page 44 Clear the cached objects for a cluster clear cluster compression on page 44 Clear the compression settings for a cluster to the global settings clear cluster customiplogheader on page 44 Clear the logging HTTP header for a cluster to the global setting clear cluster description on page 45 Clear a cluster description clear cluster forwardclientcert headername on page 45 Clear the client SSL certificate for a cluster to the global setting clear cluster health request on pa
4. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap anonymous Description Syntax Roles Mode s Enables or disables anonymous access to the LDAP database Before disabling anonymous access you must define at least one bind user This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap anonymous lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap base dn Description Syntax Sets the root Distinguished Name DN This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap base dn lt string gt 150 pn setcluster aaa authentication Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap bind password Description Syntax Roles Mode s Sets the bind user password This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap bind password lt password gt Network Network Security Security Target Admin Admin Operator Admin
5. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking Enable or disable SSL health check on Layer 4 connections This command does not take effect until after a write operation set cluster lt name gt health connect ssl lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health connect timeout Description Syntax Roles Mode s 176 m set cluster health Commands Maximum number of seconds 1 to 60 that the DX waits to establish a connection during a Layer 4 connection check Default is 2 seconds This command does not take effect until after a write operation set cluster lt name gt health connect timeout lt 1 60 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking Chapter 3 Set Commands set cluster health request lt disabled enabled gt Description Syntax Roles Mode s Disables or enables content health checks This command does not take effect until after a write operation set cluster lt name gt health request lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request interval Description Syntax Roles Mode s Interval
6. show slb failover Displays the failover status 480 m
7. cee eeeentteeeeees 122 set admin log method health memory eye 123 set admin log method health syslog Tac 123 set admin log method health syslog eye 123 set admin log method system email level 124 set admin log method system memory level i eeeeeeeetteeeeees 124 set admin log method system syslog oct 124 set admin log method system syslog level 125 setadmin remoteauth Commands ere ae ege 125 set admin remoteauth ldap base dn eect teeteettteeeeeeeeeeeees 125 set admin remoteauth Idap bind po ssword nano cnnnnnns 125 set admin remoteauth ldap bind user dn cinco 126 set admin remoteauth ldap server lt 1 I3sip 126 set admin remoteauth ldap server lt 1 2 gt pont 126 set admin remoteauth ldap uid cece tttettttteeeeeeeeeeeeees 127 set admin remoteauth ldap version 127 set admin remoteauth protocol seseesessssssssssssssssrrrrrrrrrerreerrrerrrere 127 set admin remoteauth radius server 1l2sip 128 set admin remoteauth radius server lt 1 2 gt port 128 set admin remoteauth radius server key 128 set admin remoteauth radius Server retries 0 0 0 cece ee eeeeeey 129 set admin remoteauth radius server tiMeQUt 0 cece eee eeey 129 Table of Contents m XI XII Command Line Reference Guide for DXOS m Table of Contents setadmin TEMOTEAUTM StALUS parra iaa 129 settadmin temoteauth USEPCOlEs os yena Eet ae E E EA ER 130 s t admin scp Commands iier peir e E aE 130 AAA A 130 se
8. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear ntp server m 65 Command Line Reference Guide for DXOS clear redirector description Description Clears a description from a redirector This command does not take effect until after a write operation Syntax clear redirector lt name gt description Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector host Description Clears the setting for the redirector host This command does not take effect until after a write operation Syntax clear redirector lt name gt host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector listen ssl certfile Description Clears the redirector listen SSL certfiles This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 66 m clear redirector Commands Chapter 2 Add Through Reset Config Commands clear redirector listen ssl cipherfile Description Clears the redirector listen SSL cipherfiles This command does not take effect until after a write op
9. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Configuration set cluster httpmethod webdav Description Syntax Roles Mode s Disables or enables support for the WebDAV methods This command does not take effect until after a write operation set cluster lt name gt httpmethod webdav lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen Commands Use the set cluster lt name gt listen command to set properties for cluster listen traffic between the appliance and the client browser This establishes a virtual IP address netmask port or SSL configuration for a server s cluster listen traffic The Instant Redirect feature redirect lt url gt works only with HTTP clusters not HTTPS The settings made by this command will only take effect after a write operation set cluster listen port Description Syntax Sets the cluster listen port default is 80 This command does not take effect until after a write operation set cluster lt name gt listen port lt port number gt set cluster listen Commands m 181 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration set cluster listen qos
10. 1 for ether1 and 2 for ether2 N is the interface number such as 0 or 1 This command does not take effect until after a write operation set failover vmac ether lt N all gt id lt 1 254 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover set forwarder Commands 220 m set forwarder Commands A forwarder is used to forward non HTTP TCP traffic such as SMTP traffic m Use the set forwarder lt name gt listen command to set the address or port for forwarder listening m Use the set forwarder lt name gt name command to rename a forwarder m Use the set forwarder lt name gt target command to establish a target host and or enable or disable that host m Use the set forwarder lt name gt weblog command to set the host or logging for a forwarder The description is limited to 512 characters of free form text but cannot include new lines This allows administrators to fully describe forwarder usage contact information warnings or any other pertinent information they deem necessary Chapter 3 Set Commands Load balancing options are Round Robin All the servers in the list are used sequentially for every new TCP session For example if there are three servers S1 S2 and S3 the first request goes to S1 the second request goes to S2 and the third request goes to 53 The list wraps around when it reaches the end
11. 351 show cluster aaa authentication radius Server cece eeeeeeeeeeeeeeeeeeeees 351 show cluster aaa authentication realm 351 show cluster aaa authentication redirerct eeeeeeeteeeeeeeeeeeees 351 show cluster aaa authentication response 352 show cluster aaa authentication se0o cece teeteeettetteteeeeeeeeeeeees 352 show cluster aaa authentication SSO COOKIE 0c eeeeeteeeeeeeeeeeeeees 352 show cluster aaa authentication sso cookie NaMe 353 show cluster aaa authentication sso cookie Umeout coonnnnnnnnininicicccnns 353 show cluster aaa authentication SSO domaim 353 show cluster aaa authentication SSO status 353 show cluster apprule Commandes 354 show cluster oppe eege A ett enn A 354 show cluster apprule lili len anda 354 show cluster apprule ruleset ooooooooooiccccccccccccccccnnnnnnnnnnnnnnnnnnnorrrncnrnncnos 354 Show cluster apprule Stats sconce East ege See dake Seed ena ss 355 show cluster apprule stats pte A ol iS fold Eege es 355 show cluster apprule stats pth ege ida os 355 show clusterapprule stats Eege e idee E ee 356 show cluster apprule tit Ti ee 356 show cluster apprule status ista ta ie li e Ge 356 show cluster DalanCe visas att a td e eto dotado ade Sedat kesh ets e dd ae 356 show cl ster cache Copal ege eneen Zeie 357 show cluster Cachaca Aen do de el 357 show clustericache Stats dla be shea olds A done ds 357 show cluster compression Commandes 358 Show cluster COMPLE e do Ud se 358 show
12. Atlantic South_Georgia Europe Simferopol Africa Bangui merica Godthab Arctic Longyearbyen Atlantic St_Helena Europe Skopje Africa Banjul merica Goose_Bay Asia Aden Atlantic Stanley Europe Sofia Africa Bissau merica Grand_Turk Asia Almaty Australia Adelaide Europe Stockholm Africa Blantyre merica Grenada Asia Amman Australia Brisbane Europe Tallinn Africa Brazzaville merica Guadeloupe Asia Anadyr Australia Broken_Hill Europe Tirane Africa Bujumbura merica Guatemala Asia Aqtau Australia Darwin Europe Uzhgorod Africa Cairo merica Guayaquil Asia Aqtobe Australia Hobart Europe Vaduz Africa Casablanca merica Guyana Asia Ashgabat Australia Lindeman Europe Vatican Africa Ceuta merica Halifax Asia Baghdad Australia Lord_Howe Europe Vienna Africa Conakry merica Havana Asia Bahrain Australia Melbourne Europe Vilnius A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A A Africa Dakar merica Hermosillo Asia Baku Australia Perth Europe Warsaw Africa Dar_es_Salaam merica Indianapolis Asia Bangkok Australia Sydney Europe Zagreb Africa Djibouti merica Inuvik Asia Beirut Etc GMT Europe Zaporozhye Africa Douala merica Iqaluit Asia Bishkek Etc GMT 0 Europe Zurich Africa El_Aaiun merica J
13. Description Syntax 262 m setgslb resolver Commands Sets the resolver s virtual IP for listening to public DNS requests The VIP can be a real IP address a floating VIP the administration VIP or its own independent VIP If set to an independent VIP it must not conflict with a VIP used by a cluster forwarder redirector or the WebUI This command does not take effect until after a write operation set gslb resolver lt name gt listen vip lt ip gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gsib resolver target Description Sets the target DNS server where DNS requests that are not load balanced are sent Enter the IP address and port of a DNS server in the network or enter localdns to use the internal DNS server This command does not take effect until after a write operation Syntax set gslb resolver lt name gt target lt ip port localdns gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set health Commands Use the set health command to set parameters relating to connectivity failover and scriptable health checking The set health script lt script_name gt testrun command lets you verify that a health script is behaving properly You can use debug messages to trace the script
14. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover add Commands m 17 Command Line Reference Guide for DXOS add floatingvip Description Syntax Roles Mode s add forwarder Description Syntax Roles Mode s Example add fwlb group Description Syntax 18 m add Commands Adds a floating VIP This command requires an ActiveN license before it can be used This command does not take effect until after a write operation add floatingvip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN Adds a new forwarder This command does not take effect until after a write operation add forwarder lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration add forwarder Add a new forwarder without a specified name The response will be dx add forwarder Created forwarder lt default name gt E dx2 You can then set the attributes of the forwarder Adds a new firewall load balancing group The firewall balancer group name is an alphanumeric value maximum of 32 characters The name may be a virtual IP address and port combination vip port format or a network virtual IP address and port combination networkvip port format Wildcards may be used If no value is entered a d
15. Roles Mode s clear user role Description Syntax Roles Mode s Examples Clears the name for the sync group s override file This command does not take effect until after a write operation clear sync group lt name gt override filename Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Use the clear user command to remove one or more roles from one or all users This command will not modify the default admin user or the user with the administrator s role who is making the changes The roles are administrator network_administrator network_operator security_administrator security_operator user target_host_operator This command takes place immediately no write command is needed clear user lt username gt role lt rolel role2 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Clear user bmartino role administrator security_administrator Removes the administrator and security_administrator roles from user bmartino clear user role m 75 Command Line Reference Guide for DXOS clear vian Commands clear vian all Description Syntax Roles Mode s clear vlan default Description Syntax Roles Mode s clear vlan ip Description Syntax Roles Mode s 76 m clear vian Commands U
16. Table of Contents m XXXI Command Line Reference Guide for DXOS TCPGUIMP Commands enero rta deel Ee EE EES 469 TEP AQUI Piers ere a Ne sate Oa alias a e Gabi stacked alate 470 Ieper esther lt N Starter gees sett det ld eg 470 AR aare 470 UD eo dee Ee letal dle alent do paa tal 471 Une le 471 Wl eebe dee Ahh eren 472 WOOD ri lao dae dl les Jefe ahd 472 WA e o phi A o EN ban SR RN 472 EE 472 Appendix A Glossary 473 Appendix B Cipher Suites 477 Appendix C Service Failover Commands 479 XXXII Table of Contents List of Tables Tables TTT 5 Table 2 CL Command SUMMARY ien stier tubes Puck went neh attack coed lada eiii 7 Table 3 Target Application Tune Optons eeeeeeeeeeeeenees 203 Table 4 Target Web Server Tuning Option 203 Table 5 NTLM Authentication Tuning Options cere 204 Table 6 Web Log Field Definitions ee ceeeteeeteeeeeeeeennneeees 206 Tables ho TIME ZONES EEN Ee 308 F ble 8 activen HIE iiss Meese lias ee ee 315 Table 9 show admin Options ccc cece cece cece ee tetetettneneeeeeeseeeeeees 319 Table tTO BrOWSELS a ee 378 Table E MENOd S EE ENEE 379 Fables 2 TE EEN 379 Fable Reguest VEIA lass eet ENNEN een etn atid 379 Fablest 42 Content Types ics ege EE eck 380 Table 15 GSLB Resolver Statistics Shown for TCP UDP and Totals 421 Tables 18 GEES 460 Table TIOS EE 473 Table 20 SSE Ciphersuites EEN die 477 List of Tables m XXXIII Command Line Reference Guide for
17. cl Possible matches clear cls User defined names such as cluster names are not part of the command syntax check and must be specified in full Using Online Help and Command Abbreviations m 3 Command Line Reference Guide for DXOS Applying and Saving Configuration Changes When you enter a set or clear command to change the DX configuration in most cases a prefix is added to the command line prompt to indicate that the change does not take effect until the configuration is saved To apply and save the configuration changes enter the command dx write If you have not entered the write command you can discard your changes by reloading the active configuration dx reload The following commands take effect immediately without entering a write command m Adding and removing users setting user parameters and setting the administrative password m Setting the DX server up or down m Setting a service up or down such as SNMP Telnet Secure Socket Shell SSH or the Web User Interface WebUl m Setting the Simple Object Access Protocol SOAP server up or down m Enabling or disabling ActiveN Unified Failover or Server Load Balancer SLB a NOTE Changes that take effect immediately must also be saved with a write command if you want to retain the changes after the next reboot In some cases a reload command may cause the loaded configuration to be out of sync with the run time con
18. show admin remoteauth Commands mM 325 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show admin remoteauth radius server Description Syntax Roles Mode s Shows all the global RADIUS settings including the authentication key the number of retries the IP address and port number of both servers 1 and 2 and the timeout value You can also view a specific setting show admin remoteauth radius server 1 2 key retries timeout Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show admin remoteauth status Description Syntax Roles Mode s Shows whether Administrator Remote Authentication is disabled or enabled show admin remoteauth status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show admin remoteauth userrole Description Syntax Roles Mode s Shows the default role for remote users show admin remoteauth userrole Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration 326 m show admin remoteauth Commands Chapter 4 Show Through Write Commands show admin scp Commands Use the show admin scp commands to sho
19. show forwarder Commands on page 410 Show the configuration and statistics for forwarding non HTTP TCP traffic show fwlb Commands on page 417 Show the configuration and statistics for the firewall load balancer show gslb Commands on page 418 Show the Global Server Load Balancing GSLB configuration show health Commands on page 422 Show the configuration and statistics for health checking show hostname on page 424 Show the DX host name show license Commands on page 424 Show the current licensed features and license key data show log Commands on page 425 Show the audit AppRule health and system logs show loginbanner on page 426 Show the login banner show ntp on page 426 Show the NTP configuration show ntpq on page 427 Show the results of an NTP server query show redirector Commands on page 427 Show the configuration and statistics for a redirector show route on page 434 Show the default route for the DX show server on page 435 Show the configuration for the DX server show server compression Commands on page 435 Show the server compression settings show server customiplogheader on page 440 Show the custom header name added to client requests show server forwardclientcert on page 440 Show the SSL client certificate HTTP head
20. Description set cluster listen ssl Description Syntax Roles Mode s Sets the DSCP ToS values on traffic sent to clients see set qos Commands on page 268 Use set cluster lt name gt listen ssl command to establish properties for a cluster s SSL listen traffic The ephemeral key is a debugging aid for export ciphers The ephemeral keyfile must be a 512 bit RSA key in OpenSSL PEM base 64 format and if encoded must match the password The 512 bit RSA key must reside in the file usr rl etc cluster ephpass pem The SSL key pass phrase keypass is not copied as part of the configuration file on the new partition during an upgrade You can import the keypass by typing the command set cluster lt n gt listen ssl keypass lt key password gt Supported cipher suites are shown in Cipher Suites on page 477 This command does not take effect until after a write operation set cluster lt name gt listen ssl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl autochain Description Syntax 182 m set cluster listen Commands Enables or disables SSL autochaining for cluster listen connections When enabled this command also sets the root certificate settings This command does not take effect until after a write operation set cluster lt name gt listen ssl autochain lt disabled enabled ro
21. Roles Mode s 236 m set forwarder Commands Allows only the highest security cipher suites that are suitable for use in the United States This command does not take effect until after a write operation set forwarder lt name gt target ssl ciphersuite strong Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set forwarder target ssl keyfile Description Syntax Roles Mode s Specifies the SSL keyfile for forwarder target connections This command does not take effect until after a write operation set forwarder lt name gt target ssl keyfile lt file gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder target ssl keypass Description Syntax Roles Mode s Specifies the SSL key pass phrase for forwarder target connections This command does not take effect until after a write operation set forwarder lt name gt target ssl keypass Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder target ssl protocol Description Syntax Roles Mode s Specifies the SSL protocol type for forwarder target traffic m sslv2 SSL Version 2 only m sslv23 SSL Version 2 SSL Version 3 TLS Version 1 m sslv3 SSL Ver
22. Roles Mode s Sets the SNMP read only community name This command does not take effect until after a write operation set admin snmp community name lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin snmp community netmask Description Syntax Roles Mode s Sets the netmask to allow SNMP connections from the specified network This command does not take effect until after a write operation set admin snmp community netmask lt netmask gt set admin snmp contact Description Syntax Roles Mode s 132 m set admin snmp Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the SNMP system contact MIB II This command does not take effect until after a write operation set admin snmp contact lt contact gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin snmp Description Syntax Roles Mode s Disables or enables SNMP support enabled by default Chapter 3 Set Commands This command takes effect immediately Enter a write command to retain the change after the next reboot set admin snmp lt down up gt set admin snmp location Description Syntax Roles Mode s Network Network
23. none E gzip m 2 deflate Syntax show cluster lt name gt compression force show cluster compression Commands m 359 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression http10 Description Shows if HTTP 1 0 is being compressed Syntax show cluster lt name gt compression http10 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression javascript Description Shows if application x javascript will be compressed Syntax show cluster lt name gt compression javascript Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression msoffice Description Shows if MS Office documents will be compressed Syntax show cluster lt name gt compression msoffice Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 360 show cluster compression Commands Chapter 4 Show Through Write Commands show cluster compression octetstream Description Shows if application octet stream will be compressed Syntax show cluster lt name gt compression octetstream Roles
24. on page 468 Show the collected VLAN settings sync group on page 469 Synchronize the configuration settings across a group of DXs tcpdump Commands on page 469 Captures a dump of the TCP traffic going through the DX traceroute on page 470 Shows the route of packets sent to a specific host name or IP address tsdump on page 471 Send a technical service dump to an SCP or TFTP server or to a configured E mail address unconfigure on page 471 Restores the DX to the its original manufacturing configuration wall on page 472 Send a message to all logged in users who on page 472 Display the users who are currently logged in whoami on page 472 Display the current user name write on page 472 Save the configuration 14 m CLI Command Summary Chapter 2 Add Through Reset Config Commands add Commands add activen blade Description Syntax Roles Mode s add activen group Description Syntax This chapter describes the add through reset config CLI commands Use the add command to create a new ActiveN blade group cluster forwarder redirector user server load balancer or a route Adds a new ActiveN blade An index is returned For additional information see the ActiveN chapter of the Installation and Administration Guide for DXOS This command requires an ActiveN license before it can be us
25. show forwarder lt name gt sticky Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show forwarder sticky clientip Description Syntax Roles Mode s 414 m show forwarder Commands Shows the clients currently associated with each target host the sticky entries the sticky timeout the cluster forwarder or SLB group that leads this forwarder and the clusters forwarders and SLB groups that follow this forwarder You can also show just the sticky entries timeout leader or followers When a leader is configured a client IP is bound to follows the same target host as another cluster forwarder or SLB group This allows client applications with multiple protocol flows such as TCP and UDP to be load balanced to the same target host The sticky method must be clientip show forwarder lt name gt sticky clientip entries followers leader timeout Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Chapter 4 Show Through Write Commands show forwarder sticky failover status Description Syntax Roles Mode s Shows the status of stateful failover for a the specified Forwarder service including whether stateful failover is enabled or disabled the address of the primary standby DX and the start and end times for the most recent fu
26. the address of the primary standby DX and the start and end times for the most recent full and delta synchronization procedures Note that this information is not displayed on a cluster or group basis show failover stateful status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Unified Failover show failover stateful syncinterval Description Syntax Roles Mode s show failover stats Description Syntax Roles Mode s 408 m show failover Commands Shows the currently configured interval at which the standby DX is synchronized with the master DX show failover stateful syncinterval Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Unified Failover Shows the general or advanced Unified Failover statistics including the supported services and the amount of time spent in each mode master standby discovery and idle show failover stats advanced Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover show failover status Description Syntax Roles Mode s show failover vmac Description Syntax Roles Mode s show file Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Shows whether Unified Failover is enabled the amount of time running th
27. 438 m show server compression Commands Chapter 4 Show Through Write Commands show server compression optimization Description Shows if compression optimization is enabled Syntax show server compression optimization Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression policy Description Shows if compression is enabled set to zero Syntax show server compression policy Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression shockwave Description Shows if application x shockwave Flash will be compressed Syntax show server compression shockwave Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression lt text_ gt Description Disables or enables compression for each type of text CSS HTML and plain text are enabled by default This command does not take effect until after a write operation Syntax show server compression lt text_css text_html text_plain text_xcomponent text_xml gt lt disabled enabled gt show server compression Commands m 439 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Opera
28. 60 m clear gslib Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslb remotenode encryption key Description Removes the encryption key for the remote node This command does not take effect until after a write operation Syntax clear gslb remotenode lt name gt encryption key Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslib remotenode stats Description Clears the GSLB statistics for the specified remote node This command does not take effect until after a write operation Syntax clear gslb remotenode lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslib resolver group failip Description Removes the IP address that is sent to the local DNS when all DX nodes in a group are unavailable This command does not take effect until after a write operation Syntax clear gslb resolver lt name gt group lt name gt failip clear gslo Commands m 61 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server
29. Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl keyfile Description Clears the listen side SSL keyfile for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl keypass Description Clears the listen side SSL keypass pass phase for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl keypass 48 m clear cluster listen ssl Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster sacompat advanced url Description Clears the URLs defined for the DX to operate with the Juniper Secure Access SSL VPN SA solution You cannot clear all three URLs URL must remain configured with its default value at a minimum This command does not take effect until after a write operation Syntax clear cluster lt name gt sacompat advanced url lt 1 2 3 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X Mode s Global Configuration clear cluster stats Descripti
30. Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the default VLAN parameters show vlan default Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the VLAN parameters for a specific IP address or all IP addresses show vlan ip lt ip all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Chapter 4 Show Through Write Commands show vlan range Description Shows the VLAN parameters for a range of IP addresses or all IP addresses Syntax show vlan lt startip endip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration sync group Description Synchronizes the configuration settings across a group of DXs You can synchronize all settings or just the GSLB settings Before entering this command you must define the synchronization group and configure the SOAP server When adding members to the synchronization group the local DX must be added along with all remote DXs that need to receive the group configuration Starting with software release 4 1 15 the sync group lt name gt command is disabled on the DX 3670 This command takes effect immediately Syntax sync group lt name gt lt all gslb gt Roles Network Network Secur
31. Chapter 3 Set Commands set cluster aaa authentication redirect protocol Description Syntax Roles Mode s This command is used to set the protocol to use when retrieving the password change custom page The default is http This command does not take effect until after a write operation set cluster lt name gt aaa authentication redirect protocol lt http https gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication redirect url Description Syntax Roles Mode s This command is used to redirect to a URL when the Idap server or active directory sends a password change flag The default is auth shtml This command does not take effect until after a write operation set cluster lt name gt aaa authentication redirect url auth shtml lt user provided url gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication response text Description Syntax Roles Mode s This command is used to set the authentication HTML message used for the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication response text lt string gt Network Network Security Security Target Admin Admin Operator Admin Operator User Opera
32. Description Syntax Clears the Application Rules statistics for one or all clusters clear cluster lt n all gt apprule stats This command does not take effect until after a write operation clear cluster apprule ruleset m 43 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Overdrive Application Rules clear cluster cache Disassociates the cached objects from a cluster so the cluster has no cache This command does not take effect until after a write operation Security Admin Security Operator Target User Operator Description Syntax clear cluster lt name gt cache Roles Network Network Admin Admin Operator X X Mode s 3G Cache clear cluster compression Description Resets the compression settings for a cluster to the global settings This command does not take effect until after a write operation Syntax clear cluster lt name gt compression lt cmt lt 1 2 3 gt flushthreshold gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster customiplogheader Description Resets the logging HTTP header for a cluster to the global setting This command does not take effect until after a write operation Syntax 44 m clear cluster cache clear cluster lt name gt customiplogh
33. Global Configuration set redirector protocol https Description Redirects requests to use HTTPS protocols default is https This command does not take effect until after a write operation Syntax set redirector lt name gt protocol https Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector target qos Description Sets the DSCP ToS values on traffic sent to host servers see set qos Commands on page 268 set redirector urlmethod custom Description Redirects requests to a custom page as defined in customur1 This command does not take effect until after a write operation Syntax set redirector lt name gt urlmethod custom set redirector Commands m 281 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set redirector urlmethod request Description Syntax Roles Mode s set route default Description Syntax Roles Mode s set server Description Syntax 282 m set route default Redirects to the same page as the original request default is request This command does not take effect until after a write operation set redirector lt name gt urlmethod request Network Network Security Security Target Admin Admin Operator Admin Operator User Operator
34. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group metric targethostavailability Description Syntax Roles Mode s Specifies the minimum percentage 0 to 100 of target hosts that must be available on the GSLB node and the relative weight 0 to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the percentage of target hosts available drops below the specified value the IP addresses associated with the node are taken out of rotation This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric targethostavailability lt min lt N gt weight lt N gt gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group name Description Syntax Roles Mode s Changes the name of a GSLB group This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt name lt new_name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group servicecheck Description Syntax Enables or disables the service check feature default is e
35. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Configuration set cluster aaa audit Commands Description Use the set cluster lt name gt aaa audit commands to disable and enable or configure HTTP S authentication auditing set cluster aaa audit Description Syntax Roles Mode s 148 m set clock This command disables or enables HTTP S authentication auditing A license is required for the audit option This command does not take effect until after a write operation set cluster lt name gt aaa audit lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication Chapter 3 Set Commands set cluster aaa audit level Description Syntax Roles Mode s This command sets the level at which authentication messages are written into the audit log If a11 is selected all authentication messages are shown If failure is selected only authentication failures are shown This command does not take effect until after a write operation set cluster lt name gt aaa audit level all failures Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Commands Use the set cluster lt name gt aaa authentication commands to set the HTTP S authenticatio
36. Refers to the historical behavior of allowing the client to connect and then subsequently closing down the connection with a FIN m blackhole Refers to the current behavior of dropping all packets sent to the cluster that has all of its target hosts down H redirect lt url gt Refers to the new behavior of redirecting clients with an HTTP302 reply to the new location specified in lt url gt The URL is specified as http s lt server gt port path resource Syntax show cluster lt name gt listen targetsdown show cluster listen Commands Mm 375 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster listen vip Description Shows the cluster s Virtual IP address Syntax show cluster lt name gt listen vip Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster owa Description Shows whether Outlook Web Access OWA is enabled for the cluster Syntax show cluster lt name gt owa status Roles Network Network Security Admin Admin Operator Admin Security Operator Target User Operator X X X Mode s Global Configuration show cluster sacompat Commands Use the show cluster lt name gt sacompat advanced commands to view whether the Juniper Secure Access
37. Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster target ssl ciphersuite strong Description Allows only the highest security cipher suites that are suitable for use in the United States This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl ciphersuite strong Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 200 m set cluster target Commands set cluster target ssl Description Syntax Roles Mode s Disables or enables SSL for cluster target traffic This command does not take effect until after a write operation set cluster lt name gt target ssl lt disabled enabled gt Chapter 3 Set Commands set cluster target ssl keyfile Description Syntax Roles Mode s set cluster target ssl keypass Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Specifies the SSL keyfile for cluster target connections This command does not take effect until after a write operation set cluster lt name gt target ssl keyfile lt file gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configu
38. SSO is enabled for the cluster Syntax show cluster lt name gt aaa authentication sso status show cluster aaa authentication Commands mM 353 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster apprule Commands Use the show cluster lt name gt apprule commands to view an OverDrive AppRule ruleset for a specific cluster show cluster apprule Description Shows all of the AppRule configuration settings for a particular cluster Syntax show cluster lt name gt apprule Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule limit Description Displays the AppRule retrypost limit Syntax show cluster lt name gt apprule limit retrypost Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule ruleset Description Shows the AppRule ruleset for a particular cluster Syntax show cluster lt name gt apprule ruleset 354 Em show cluster apprule Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show clust
39. XXII m Table of Contents Nee 317 show activen group Sticky entries E a E 317 show activen group sticky failover stage 318 Nee EE 318 Ne 318 Ne 318 shOow activen Str y HMC Ud 319 SHOW admin Commands mers rae ibid ET 319 OA ee ES 320 show admin cli sessionExXpireTiMe ooooociccccccccccnnnnnnnnnnonnnnnnnnnn nin rnrarnnns 320 SHOW ele ue UE 320 SHOW IMITA tin dc ah dann esha edadh ce pada na TAT 321 show admin log Commandes 321 show admin log maitre 321 show admin log method apprules memory eye 321 show admin log method apprules syslog Tac 321 show admin log method apprules syslog level 322 show admin log method audit ShOWCMG onnncnnccccccccccccncccnann nano ncccnccnnns 322 show admin log method audit syslog Tac 322 show admin log method audit syslog level 323 show admin log method health memory Jee 323 show admin log method health syslog facility 323 show admin log method health syslog eye 323 show admin log method system email level 324 show admin log method system memory level ono 324 show admin log method system syslog oct 324 show admin log method system syslog eye 324 SHOW ele ne EE 325 show admin remoteauth Commands c 0ooccccccccccccononnnnnnnnnnncnnnnncnnonnnnnnnnnnnncnc ns 325 show admin nee EE 325 show admin remoteauth ldap oo cccceeeeteeeettttetetetteteeeeeeeeeseees 325 show admin remoteauth protocoO non rrrrnrnnans 325 show admin remoteauth radius server 326 show admin remoteauth Status dic 3
40. is 125 000 000 bytes second You can specify kb or mb to indicate kilobytes or megabytes This command does not take effect until after a write operation Syntax set gslb resolver lt name gt group lt name gt metric byterate lt max lt N gt kb mb weight lt N gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gsib resolver group metric connections Description Specifies the maximum number of connections allowed on a GLSB node and the relative weight 0 to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the number of connections exceeds the specified value the IP addresses associated with the node are taken out of rotation The connection count includes all client and target connections for all clusters forwarders and redirectors but excludes health checking connections and SLB sessions This command does not take effect until after a write operation Syntax set gslb resolver lt name gt group lt name gt metric connections lt max lt N gt weight lt N gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Server Load Balancer set gslb resolver Commands m 257 Command Line Reference Guide for DXOS set gsib resolver group metric cpuus
41. lt ip port all gt stats history http bytesout Description Shows the number of bytes sent to users sorted by content type as shown in Table 14 Syntax show cluster lt name gt target host lt ip port all gt stats history http bytesout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats history http content Description Shows the types of content handled sorted by content type as shown in Table 14 Syntax show cluster lt name gt target host lt ip port all gt stats history http content Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats history http responsecode Description Shows the quantity of each type of response code handled Response Code 101 etc Syntax show cluster lt name gt target host lt ip port all gt stats history http responsecode 390 mum show cluster target Commands Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Performance Monitoring show cluster target host lt ip port all gt stats history http target decompression Description Syntax Roles Mode s Shows the h
42. lt name gt listen port lt port number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen qos Description Sets the DSCP ToS values on traffic sent to clients see set qos Commands on page 268 set redirector listen ssl certfile Description Specifies the SSL certfile for redirector s listen connection This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl certfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector Commands m 273 Command Line Reference Guide for DXOS set redirector listen ssl cipherfile Description Syntax Roles Mode s Specifies the name of the user defined file containing a list of cipher suites that conform to the OpenSSL standard This command does not take effect until after a write operation set redirector lt name gt listen ssl cipherfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set redirector listen ssl ciphersuite all Description Syntax Roles Mode s Allows all support SSL cipher suites for redirector s listen traffic Supported cipher suites are shown in
43. priority maximum connections and weight for the specified target host You can also view a specific setting Syntax show cluster lt name gt target host lt ip port gt maxconns status weight Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Server Load Balancer 456 pg show slb Commands Chapter 4 Show Through Write Commands show sib group target host lt ip port all gt session Description Displays the current sessions for one or all target hosts in one or all groups Syntax show slb group lt name all gt target host lt ip port all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show sib group target host lt ip port all gt stats Description Displays statistics for one or all target hosts in one or all groups Syntax show slb group lt name all gt target host lt ip port all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group target qos Description Shows the ToS DSCP settings for the traffic sent to the target hosts Syntax show slb group lt name gt target qos Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Server Load Balan
44. s logic and check the health logs to see if the health check status is being communicated properly When the script finishes it might not finish if it is a run once script you can check the exit status to see if it ran successfully After you test a script you can enable it for automatic execution set health remotehost Description Disables or enables connectivity failover This command does not take effect until after a write operation Syntax set health remotehost lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health Commands m 263 Command Line Reference Guide for DXOS set health remotehost host Description Adds an IP address to health check This command does not take effect until after a write operation Syntax set health remotehost host lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health remotehost interval Description Sets the health check interval how often to send health checks This command does not take effect until after a write operation Syntax set health remotehost interval lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X
45. set server compression policy Description Syntax Roles Mode s Disables or enables server compression O Enable default 1 Disable This command does not take effect until after a write operation set server compression policy lt 0 1 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set server compression sharepoint Description Syntax Roles Mode s Disables or enables compression for application x vermeer rpc This command does not take effect until after a write operation set server compression sharepoint lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration 288 m set server compression Commands Chapter 3 Set Commands set server compression shockwave Description Syntax Roles Mode s Compresses application x shockwave Flash This command does not take effect until after a write operation set server compression shockwave lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set server compression lt text_ gt Description Syntax Roles Mode s Disables or enables compression for each type of text CSS HTML and plain text are enabled by default This command does not take eff
46. show admin soap ssl keyfile oo cceceeeeeeeeeeeeeteetnntnnteeeeees 334 show admin soap ssl KeypaSS ooooocncccnnnnccccoooonnnnnnnccnccnonononnnn nan n nn nncnnccnnns 334 show admin SOAP status 0 eee cece ee eeec cece cette teat eeeeeettetteeneeeeeeeeeeeees 335 SOW SEH tds 335 show admin stats history status 335 SNOW admin Syslog cece anena ern eea aA aa nA a aiao in bini 335 show admin tcpdump Commande 336 SNOW admin Lcpdump nn non nn nn nn nn nn nn nn nn nn nn nninnnnnnos 336 show admin tcpdump CapturesiZe cooooccccccccccccccccccnnnnnononnnnnnnnnnnnnnnininnnncns 336 SOW AGIMIM FEIER E AARSE deed Sei 337 SHOW KAATE RE 337 show admin tsdump Commande 337 ShOW adMin Term cca tenet eee did 337 show admin tsdump filename 0 cccccecceeeeeeeeeeeeeeetetteteeeeeeeeeeeeeeeeeees 338 show admin tSdump Transport 338 show admin upgrade Commands mociones 338 SHOW admin upgraden E 338 show admin upgrade filename nerina t ENE EA E ER 339 show admin upgrade transport ee i E E ai 339 show admin Vip WEE 339 show admin webui Commandes 340 Ginen Te nn EE 340 show admin webui Poltica li AEen 340 show admin webui SessionEXpireTiMe 0 nono cnnnn conc rinrncnnns 340 show adan WeDULSSh tats A es 341 show admin webui ssl cerfile cee TES 341 showsadmin webui sslReytile oido biocidas 341 le Elauter RTE 341 show admin webui ssl eraus 342 show admin Web i SERIES eegen dd a a le e Ae 342 show authentication Commandes 342 SHOW
47. show cluster target ssl cipherlist Description Shows the cluster listen SSL cipherlist actual list of cipher suites that are being used Showing the cipherlist will print out a detailed line for each cipher suite showing the name version key exchange authentication encryption and hash methods Syntax show cluster lt name gt target ssl cipherlist Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration 394 m show cluster target Commands show cluster target ssl ciphersuite Description Shows the target server SSL cipher suite Syntax show cluster lt name gt target ssl ciphersuite Roles Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target ssl keyfile Description Shows the target server SSL keyfile Syntax show cluster lt name gt target ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target ssl protocol Description Shows the target server SSL protocol Syntax show cluster lt name gt target ssl protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target ssl stat
48. 01_01 added E dx2 Adds a new cluster For additional information on naming conventions see Naming Conventions on page 6 This command does not take effect until after a write operation add cluster lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Examples add ether subnet Description Syntax Roles Mode s add failover peer Description Syntax Roles Mode s Chapter 2 Add Through Reset Config Commands add cluster marketing Add a new cluster with the name marketing The response will be dx add cluster marketing Created cluster marketing dx2 add cluster marketing Error duplicate name marketing You can then set the attributes of the cluster add cluster Add a new cluster without a specified name a default name will be assigned The response will be dx add cluster Created cluster lt default name gt E dx2 You can then set the attributes of the cluster Adds a subnet to an interface This command does not take effect until after a write operation add ether lt id gt subnet lt ip gt lt netmask gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration Adds a static DX peer for Unified Failover This command does not take effect until after a write operation add failover peer lt ip gt
49. 142 Set admin tsdump transportes aea dead dsd do 142 Seb adimin upgrade eet LEE 143 Set admin upgrade Detailer indus 143 Set admimupsrade transport ett leal dat lasts 143 SOt AGM EE 144 Sebadmin Web COMmMANCS reirse Ee tale dee 144 set admin webui lt down EE 144 Setcad Mins WeDU PO Eege a a ee 144 set admin webui sessionbxvpirelime eee ettetteteeeeeeeeeees 145 ele nie ee 145 Giele ale ee 146 Set ddmin ee 146 SEE DOOU tate a ante E 146 Table of Contents Set cache Commands eessen ed bedeckt 147 seticache TAX ODJECES nek scx cette bane lnnte teas ated oc salty sms radares 147 SER CACHESIZE ai SAS 147 S IER eerste Seele g e ege eege eg E adele ol T R 148 set cluster aaa audit Commandes 148 set cluster ada AU CIEL ee eg eege rep 148 Set cluster ada audiencias 149 set cluster aaa authentication Commandes 149 set Cluster aaa authentication oo ccc ttttttttttttteneeeeeeeeeees 149 set cluster aaa authentication cache 149 set cluster aaa authentication Cache Maxage oo eee eeeeeeeeteeeeees 150 set cluster aaa authentication Idap ANONYMOUS 1 0 0 0 eee eeeees 150 set cluster aaa authentication Idap base dn eee eeeeeeeeeeeeeeeeeeeeeeeees 150 set cluster aaa authentication ldap bind po ssword 151 set cluster aaa authentication ldap bind user dn cc eeeeeeeeeeeeeeeeees 151 set cluster aaa authentication ldap gid 151 set cluster aaa authentication dap server lt N gt Ip 152 set cluster aaa authentication dap serv
50. Access SSL VPN SA solution compatibility for one or more clusters show cluster stats Commands on page 377 Show statistics for one or all clusters show cluster sticky Commands on page 386 Show bindings between clients and target severs show cluster target Commands on page 388 Show the target host settings for a cluster show cluster transparency on page 396 Show whether client IP transparency is enabled show cluster weblog Commands on page 397 12 m CLI Command Summary Show the cluster Web log settings Chapter 1 Using the Command Line Interface CLI Command Description show commands on page 403 Show a hierarchical list of all CLI commands show config on page 403 Show all configuration settings show dashboard on page 403 Show a summary of the DX health and performance show dns Commands on page 404 Show the DNS server addresses and the name service domain show ether on page 404 Show the Ethernet addresses subnets media MTU and netmask show failover Commands on page 405 Show the Unified Failover configuration and statistics show file on page 409 Show the contents of a file show flash on page 410 Show the total used and available Flash disk space on the active partition show floatingvip on page 410 Show the floating VIP addresses
51. Admin Admin Operator Admin Operator User Operator x X Mode s Server Load Balancer Configuration set sib group sticky leader Description Specifies whether a client IP is bound to follows the same target host as another cluster forwarder or SLB group the default is none This creates a sticky group so that client applications with multiple protocol flows such as TCP and UDP can be load balanced to the same target host This command does not take effect until after a write operation Syntax set slb group lt name gt sticky leader lt none lt cluster forwarder slb group gt lt name gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Server Load Balancer Configuration set slb group sticky softpause override Description Specifies whether the sticky feature is used when traffic is softpaused disabled by default This command does not take effect until after a write operation Syntax set slb group lt name all gt sticky softpause override lt disabled enabled gt 298 m set sib Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set sib group sticky timeout Description Sets the maximum number of minutes 1 to 43200 between consecutive client requests that are bound to the same target host f
52. Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set admin upgrade Commands Description Use the set admin upgrade commands to configure the filename and transport for the DX pac file used to upgrade the firmware The TFTP server or the SCP server must be configured before the upgrade To configure the TFTP or SCP server use the command set admin tftp server lt tftp server gt or set admin scp server lt scp_server gt If you are using SCP you need to set the SCP username using the command set admin scp username lt name gt before entering this command For additional information see set admin scp Commands on page 130 set admin upgrade filename Description Syntax Roles Mode s Sets the filename of the firmware that will be used for the upgrade This command does not take effect until after a write operation set admin upgrade filename lt filename for the firmware gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin upgrade transport Description Syntax Roles Mode s Configures the transport method to use either SCP or TFTP to upgrade or install new firmware This command does not take effect until after a write operation set admin upgrade transport lt scp tftp gt Network Network Security Security Target Admin Admin Operator Admin Oper
53. Admin Operator Admin Operator User Operator X X Mode s ActiveN clear activen group blade Description Disassociates one or all blades from one or all ActiveN groups This command does not take effect until after a write operation Syntax clear activen group lt name all gt blade lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s ActiveN 28 m clear activeN Commands Chapter 2 Add Through Reset Config Commands clear activen group healthcheck interval Description Resets the healthcheck interval settings to the default values for one or all ActiveN groups This command does not take effect until after a write operation Syntax clear activen group lt name all gt healthcheck interval lt down syn up gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s ActiveN clear activen group healthcheck maxtries Description Resets the maximum number of healthcheck retries to the default values for one or all ActiveN groups This command does not take effect until after a write operation Syntax clear activen group lt name all gt healthcheck maxtries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s ActiveN clear activen group session timeout Description Resets the timeout settings to the
54. Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin soap ssl keyfile Description Sets the SSL key file for the SOAP server default is demokey This command does not take effect until after a write operation Syntax set admin soap ssl keyfile lt filename gt 136 m set admin soap Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin soap ssl keypass Description Sets the SSL key password for the SOAP server This command does not take effect until after a write operation Syntax set admin soap ssl keypass lt password gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin ssh Description Enables or disables Secure Shell SSH access to the DX This command takes effect immediately Enter a write command to retain the change after the next reboot Syntax set admin ssh lt down up gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x x Mode s Global Configuration set admin stats history Description Enables or disables collection of historical statistics for forwarders clusters and target hosts based on the installed license This command takes effect immediately Enter a write command to
55. Admin Operator Admin Operator User Operator X X X X X Global Configuration show redirector Commands Description show redirector Description Syntax Roles Mode s Use the show redirector lt name gt commands to show the configuration for a specific redirector Shows the complete redirector configuration show redirector lt name gt show redirector customurl Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows the custom URL setting for the redirector show redirector lt name gt customurl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show redirector description Description Syntax Shows the description for the redirector show redirector lt name gt description showntpq m 427 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector dsr Description Shows the DSR status i e if DSR is disabled or enabled Syntax show redirector lt name gt dsr Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector host Description S
56. Admin Operator User Operator X X X ActiveN set admin Commands The set admin commands are used to set administrator configuration options set admin cli sessionExpireTime Description Syntax Roles Mode s Sets the time out for the CLI session If no activity occurs before this time the user is logged out Setting the sessionExpireTime to zero causes the session to never expire The default 600 seconds set admin sessionExpireTime lt seconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin email defaultmailto Description Syntax Roles Mode s A default address is used when email addresses are not set Specific email addresses for log TCPDump and TSDump if set will override the default email address This command does not take effect until after a write operation set admin email defaultmailto lt default address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin email from Description Syntax 118 m set admin Commands The sender s address This command does not take effect until after a write operation set admin email from lt from address gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s
57. Commands m 189 Command Line Reference Guide for DXOS set cluster listen targetdown Description Syntax Roles Mode s set cluster listen vip Description Syntax Roles Mode s set cluster name Description Syntax 190 m set cluster name Sets the behavior when all targets are down blackhole Refers to the current behavior of dropping all packets sent to the cluster that has all of its target hosts down m finclient Refers to the historical behavior of allowing the client to connect and then subsequently closing down the connection with a FIN m redirect lt url gt Redirects clients with an HTTP 302 reply to the new location specified in lt url gt The URL is specified as follows http lt server gt port path resource This command does not take effect until after a write operation set cluster lt name gt listen targetdown lt blackhole finclient redirect gt lt url gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the cluster listen Virtual IP address This command does not take effect until after a write operation set cluster lt name gt listen vip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Changes the name of a cluster This command does not take effect until after a write operation s
58. Configuration clear admin syslog host ip Description Clears the first or second Syslog host IP address This command does not take effect until after a write operation Syntax clear admin syslog host lt 1 2 gt ip 36 m clear admin Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin tcpdump Description Clears the first or second email address for TCPDump This command does not take effect until after a write operation Syntax clear admin tcpdump lt mailtol mailto2 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin tftp server Description Clears the TFTP server This command does not take effect until after a write operation Syntax clear admin tftp server Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin tsdump Description Clears the first or second email address for TSDump This command does not take effect until after a write operation Syntax clear admin tsdump lt mailtol mailto2 gt clear admin Commands mM 37 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Ope
59. Configuration show admin tcpdump Commands Description Use the show admin tcpdump command to show the TCPDump configuration show admin tcpdump Description Displays the TCPDump configuration Syntax show admin tcpdump Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin tcpdump capturesize Description Displays the value used to calculate the total size of the admin filesystem Syntax show admin tcpdump capturesize Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 336 m show admin tcpdump Commands Chapter 4 Show Through Write Commands show admin telnet Description Shows whether the Telnet service is up or down Syntax show admin telnet status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin tftp Description Use the show admin tftp command to display the TFTP configuration Syntax show admin tftp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin tsdump Commands Description Use the show admin tsdump command to display the Technical Services Dump configuration show admin tsdump D
60. DXOS XXXIV pn List of Tables Chapter 1 Using the Command Line Interface CLI The following topics describe how to use the command line interface CLI to configure DX devices m Accessing the CLI on page 1 m Using Online Help and Command Abbreviations on page 3 m Applying and Saving Configuration Changes on page 4 m Managing User Access on page 5 m Naming Conventions on page 6 m Typographical Conventions on page 6 m Optional Features on page 7 CLI Command Summary on page 7 The DX also supports a web interface known as the Web User Interface WebUI For more information about the WebUI see the Installation and Administration Guide for DXOS Accessing the CLI The following sections describe the different ways to access the CLI m Using SSH to Access the CLI on page 2 m Using Telnet to Access the CLI on page 2 m Using the Console Port to Access the CLI on page 2 Accessing the CLI m 1 Command Line Reference Guide for DXOS Using SSH to Access the CLI The DX can be accessed through a Secure Shell SSH client SSH encrypts all traffic between you and the DX You must have an SSH client or application installed on the client computer and the SSH service must be enabled on the DX 1 If you are using a command line SSH client type the following command ssh admin lt IP address of DX gt If you are using a terminal emulator application that supports SSH configure it to connect to the IP address of the DX When you are promp
61. Description Displays all SSL statistics for the server Syntax show server stats ssl show server stats Commands m 449 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show server status Description Shows if the server is up or down Syntax show server status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show slb Commands Use the show slb commands to view the configuration and statistics for the Server Load Balancer SLB The SLB statistics include m Active The number of active sessions m Total The total number of sessions successfully terminated Close The number of sessions in closewait state waiting to be closed m SYNWait The number of sessions in synwait state a client sent a SYN and is waiting for a SYN ACK from the server or a server sent a SYN ACK and is waiting for an ACK from the client show slib Description Displays all SLB configuration settings Syntax show slb Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer 450 m show slib Commands Chapter 4 Show Through Write Commands show slb advanced Description Displays whether a reset is sent to the client and server w
62. Load Balancer clear gslib resolver group member stats Description Clears the GSLB statistics for a specific group member This command does not take effect until after a write operation Syntax clear gslb resolver lt name gt group lt name gt member lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gsib resolver group stats Description Clears a GSLB group s statistics This command does not take effect until after a write operation Syntax clear gslb resolver lt name gt group lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslib resolver stats Description Clears a resolver s statistics This command does not take effect until after a write operation Syntax clear gslb resolver lt name gt stats 62 m clear gslb Commands Roles Mode s Chapter 2 Add Through Reset Config Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer clear health Commands Use these commands to remove an IP address from Connectivity Failover Health Check or to clear the statistics for a health script clear health remotehost host Description Syntax Roles Mode s clear health script Description
63. Mode s Disables or enables Administrator Remote Authentication disabled by default This command does not take effect until after a write operation set admin remoteauth status disabled enabled Network Network Security Security Admin Admin Operator Admin Operator User X Target Operator Global Configuration set admin remoteauth Commands m 129 Command Line Reference Guide for DXOS set admin remoteauth userrole Description Sets the default role for remote users default is user This command does not take effect until after a write operation Syntax set admin remoteauth userrole lt role gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set admin scp Commands Description Use the set admin scp commands to configure the SCP server and username and to import and export user information The settings made by this command will only take effect after a write operation The SCP server or TFTP server can be used for the following operations m Upgrading the firmware Importing and exporting configurations m Exporting the audit trail m Exporting the event log m Sending the TCPDump data captured m Sending the Technical Service Dump TSDump data to the Juniper Networks Support organization Syntax set admin scp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User
64. Mode s Connectivity Failover and Scriptable Health Checking set health remotehost minhostsfailing Description Sets the count for minimum number of hosts failing This command does not take effect until after a write operation Syntax set health remotehost minhostsfailing lt count gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking 264 m set health Commands Chapter 3 Set Commands set health remotehost retry Description Sets the maximum number of attempts before health check considers the host down This command does not take effect until after a write operation Syntax set health remotehost retry lt count gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health remotehost startupdelay Description Sets the number of seconds after a reboot before health checking begins default is 90 This command does not take effect until after a write operation Syntax set health remotehost startupdelay lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health remotehost timeout Description Sets the number of seconds the DX waits for a health
65. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster weblog Commands Use the set cluster lt name gt weblog commands to configure Web log settings The DX can be configured to transmit the logs to the Syslog server in one of two ways The default configuration is Immediate mode where the DX immediately writes a User Datagram Protocol UDP packet containing a web log to the configured Syslog server for each client request Immediate mode can create a significant amount of extra network activity and does not allow the ability to save logs set cluster transparency m 205 Command Line Reference Guide for DXOS The alternative is Web Log Batch mode In Web Log Batch mode web logs are saved on the DX and then copied off in bulk format The user can select the log format from one of these five options common This is the Apache Common Logging Format CLF The information included in the log is remotehost remotelogname authuser date request status bytes combined This is a modification of CLF common format and adds the values of the Referer and User Agent HTTP headers in quotes remotehost remotelogname authuser date request status bytes Referer User Agent common_cn This is a modification of CLF common format with the cluster name prepended to the CLF format clustername remotehost remotelogname authuser date
66. Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Use the 1ist commands to display a list of saved configurations or user files on the DX Displays the list of saved configurations on the DX list config Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X xX X X X Global Configuration Displays the list of user files certs and keys stored on the DX list file list Commands m 103 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration list tcpdump Description Displays the TCPDump file as configured in the TCPDump destination Syntax list tcpdump Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration netstat Commands Description Use the netstat command to show network statistics These statistics include active internet connection information such as send and receive queues local and foreign addresses and states netstat shows all network statistics netstat N Description Where N is an integer this command shows network statistics every N seconds Syntax netstat N Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Ope
67. Palau America Asuncion merica Rio_Branco Asia Pontianak Europe Bratislava Pacific Yap America Barbados A A A A A A A A A A A A A A A A A A A A A A merica Santiago Asia Pyongyang Europe Brussels Pacific Pitcairn America Belem America Santo_Domingo Asia Qatar Europe Bucharest Pacific Ponape America Belize A merica Sao_Paulo Asia Qyzylorda Europe Budapest Pacific Port_Moresby America Boa_Vista America Scoresbysund Asia Rangoon Europe Chisinau Pacific Rarotonga America Bogota merica Shiprock Asia Riyadh Europe Copenhagen Pacific Saipan America Boise merica St_Johns Asia Saigon Europe Dublin Pacific Tahiti America Buenos_Aires merica St_Kitts Asia Sakhalin Europe Gibraltar Pacific Tarawa America Cambridge_Bay merica St_Lucia Asia Samarkand Europe Helsinki Pacific Tongatapu America Cancun merica St_Thomas Asia Seoul Europe Istanbul Pacific Truk America Caracas merica St_Vincent Asia Shanghai Europe Kaliningrad Pacific Wake America Catamarca merica Swift_Current Asia Singapore Europe Kiev Pacific Wallis America Cayenne merica Tegucigalpa Asia Taipei Europe Lisbon SystemV AST4 America Cayman merica Thule Asia Tashkent Europe Ljubljana SystemV AST4AD America Chicago merica Thunder_Bay Asia T
68. Pauses or unpauses traffic to a target host default is unpaused A hard pause terminates all existing traffic while a soft pause does not affect existing traffic This command does not take effect until after a write operation Syntax Roles set forwarder lt name gt target host lt ip port gt lt hardpaused softpaused unpaused gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration 232 m set forwarder Commands Chapter 3 Set Commands set forwarder target host lt ip port gt maxconnections Description Sets the maximum number of concurrent connections for a target host A zero indicates no limit the default Syntax This command takes place immediately no write command is needed Enter a write command to retain the change after the next reboot set forwarder lt name gt target host lt ip port gt maxconnections lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder target host lt ip port gt weight Description Sets the weight of a target host default is 1 If weighted round robin is enabled the larger the weight the higher the probability of the target host being used Syntax This command takes place immediately no write command is needed Enter a write command to retain the change after the next
69. Reference Guide for DXOS Roles Mode s clear admin log method apprules syslog level Description Syntax Roles Mode s clear admin log method audit syslog facility Description Syntax Roles Mode s clear admin log method audit syslog level Description Syntax Roles Mode s 32 m clear admin Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the log level for apprules logs sent to a syslog server clear admin log method apprules syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the syslog facility for audit logs clear admin log method audit syslog facility Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the log level for audit logs sent to a syslog server clear admin log method audit syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 2 Add Through Reset Config Commands clear admin log method health memory level Description Syntax Roles Mode s Clears the log level for scriptable health logs sent to memory clear admin log method health memory level clear admin log method health syslog facility Description Synta
70. Roles Mode s show gslib resolver Description Syntax Roles Mode s Shows one or all remote node definitions on the GSLB master show gslb remotenode lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx x X Global Server Load Balancer Shows the configuration for one or all resolvers on the GSLB master show gslb resolver name Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Server Load Balancer show gslb Commands m 419 Command Line Reference Guide for DXOS show gslb resolver group servicecheck Description Shows the basic configuration parameters for servicechecking These parameters include servicecheck status mode and TCP ports Syntax show gslb resolver lt name gt group lt name gt servicecheck Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Server Load Balancer show gslb resolver group servicecheck mode Description Shows whether the servicecheck mode is set to ICMP or TCP Syntax show gslb resolver lt name gt group lt name gt servicecheck mode Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Server Load Balancer show gslb resolver group servicecheck status Description Shows whether the servic
71. Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target name Description Clears the cluster target name This command does not take effect until after a write operation Syntax clear cluster lt name gt target name 50 HE clear cluster target Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target ssl certfile Description Clears the target side SSL certfile for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt target ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target ssl cipherfile Description Clears the target side SSL cipherfile for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt target ssl cipherfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target ssl keyfile Description Clears the target side SSL keyfile for the cluster This command does not take effect until after a write operation Syntax clear
72. S Authentication show cluster aaa authentication Idap uid Description This command shows the user ID for the cluster Syntax show cluster lt name gt aaa authentication ldap uid show cluster aaa authentication Commands m 349 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap version Description This command shows the LDAP protocol version that is in use Syntax show cluster lt name gt aaa authentication ldap version Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication method Description Shows the method of authentication that will be used for the cluster Syntax show cluster lt name gt aaa authentication method Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication password Description This command shows the aaa authentication password or whether null passwords are accepted the maximum time a password can be used or the maximum password length Syntax show cluster lt name gt aaa authentication password empty_allowed maxage maxlength Roles Network Network Security Security
73. S authentication and authorization settings for a cluster show cluster apprule Commands on page 354 Show an OverDrive AppRule ruleset for a cluster show cluster balance on page 356 Show the load balancing policy for a cluster show cluster cache Commands on page 357 Show the caches for a cluster or the cache statistics show cluster compression Commands on page 358 Show compression settings between the DX and target web servers show cluster connbind on page 363 Show whether connection binding is enabled for a cluster show cluster convert302protocol on page 363 Show whether HTTP302 responses are converted from HTTP to HTTPS or from HTTPS to HTTP show cluster description on page 363 Show the descriptive text for a cluster show cluster dsr on page 364 Show whether Direct Server Return DSR is enabled show cluster health Commands on page 364 Show the content health check settings for target servers show cluster httpmethod on page 369 Show the HTTP methods enabled for the Forward Proxy Accelerator show cluster listen Commands on page 369 Show the settings for cluster listen traffic between the DX and the client browser show cluster owa on page 376 Show whether support for Outlook Web Access OWA is enabled show cluster sacompat Commands on page 376 Show Juniper Secure
74. SSL VPN SA solution compatibility is configured for one or more clusters as well as URL configuration show cluster lt name gt sacompat status Description Shows whether SA compatibility is enabled and the URL values Syntax show cluster lt name gt sacompat status 376 m show cluster owa Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster lt name gt sacompat advanced Description Shows the values of the URLs used for SA compatibility Syntax show cluster lt name gt sacompat advanced Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster lt name gt sacompat advanced url 1 2 3 Description Shows the values of the specified URL or all URLs used for SA compatibility Syntax show cluster lt name gt sacompat advanced url 1 2 3 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster stats Commands Use the show cluster stats commands to view statistics for one or all clusters show cluster stats Description Shows all statistics for one or all clusters Syntax show cluster lt name all gt stats Roles Network Network Security Security Target
75. Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the SNMP system location MIB II This command does not take effect until after a write operation set admin snmp location lt location gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin snmp trap Description Syntax Roles Mode s Enables or disables sending authentication failure enterprise specific or generic SNMP traps all are disabled by default This command does not take effect until after a write operation set admin snmp trap lt authfailure enterprise generic gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set admin snmp Commands m 133 Command Line Reference Guide for DXOS set admin snmp trap host lt 1 2 gt community Description Syntax Roles Mode s Defines the community string for each trap host This command does not take effect until after a write operation set admin snmp trap host lt 1 2 gt community lt community string gt set admin snmp trap host lt 1 2 gt ip Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Defines the IP address for eac
76. Security Security Target Admin Admin Operator Admin Operator User Operator xX X HTTP S Authentication set cluster aaa authentication Idap ssl cacertfile Description Syntax Roles Mode s Sets the certificate authority CA certfile for SSL This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap ssl cacertfile lt string gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap ssl uri Description Syntax Sets the URI to the domain name specified in the certificate authority CA certfile for SSL The format is http lt domain_name gt This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap ssl uri lt string gt set cluster aaa authentication Commands m 153 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap uid Description Syntax Roles Mode s This command is used to set the name of the attribute that holds the user information in the LDAP server database The username entered in the browser s authentication dialog is assigned to a uid attribute This can be any attribute for example
77. Service checking mode must be set to TCP for ports to be checked Syntax add gslb resolver lt name gt group lt name gt servicecheck tcp port lt port gt 20 m add Commands Roles Mode s add health script Description Syntax Roles Mode s add redirector Description Syntax Roles Mode s add route Description Chapter 2 Add Through Reset Config Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer Adds a new health script This command does not take effect until after a write operation add health script lt script_name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Health Checking Adds a new redirector This command does not take effect until after a write operation add redirector lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Adds a static route The default is set to 255 255 255 255 which represents a host route This command does not take effect until after a write operation add Commands m 21 Command Line Reference Guide for DXOS Syntax Roles Mode s add sib group Description Syntax Roles Mode s add snat group Description Syntax Roles Mode s add sync group Description 22 m add Commands add rout
78. Set Commands m Sending the TCP dump data captured Sending Technical Service Dump TSDump data to the Juniper Networks Support organization TFTP transport cannot be used to export Audit Trail or Event logs This command takes effect immediately Enter a write command to retain the change after the next reboot set admin tftp server lt hostname ip address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin tsdump Commands Description Use the set admin tsdump commands to set options relating to technical service dumps Technical service dump information is used by Juniper Networks personnel to troubleshoot the DX These parameters must be set before running the tsdump command m An email address TFTP server or SCP server m A filename for storing the TSDump if you are using TFTP or SCP If you are using SCP you need to set the SCP username using the command set admin scp username lt name gt before entering this command For additional information see set admin scp Commands on page 130 set admin tsdump filename Description Syntax Roles Mode s Sets the remote filename for the TSDump This command does not take effect until after a write operation set admin tsdump filename lt tsdump filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X
79. Shows the port number for the SOAP server show admin soap port Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Configuration Synchronization show admin soap ssl Description Syntax Shows all of the SSL configuration parameters for the SOAP server show admin soap ssl show admin soap Commands mM 333 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Configuration Synchronization show admin soap ssl certfile Description Shows the SSL certificate filename for the SOAP server Syntax show admin soap ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Configuration Synchronization show admin soap ssl keyfile Description Shows the SSL key file for the SOAP server Syntax show admin soap ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Configuration Synchronization show admin soap ssl keypass Description Shows the SSL key password for the SOAP server Syntax show admin soap ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Configuration Synchronization 334 m show admin soap Commands Chapter 4 show admin soap status Description Sy
80. Specify the DX time zone set user Commands on page 310 Manage user accounts roles and passwords set vlan Commands on page 312 Specify VLAN parameters show activen Commands on page 315 Show the ActiveN configuration show admin Commands on page 319 Show the CLI idle timeout default email settings the interface used for admin traffic and whether show commands are logged show admin remoteauth Commands on page 325 Show the administrator remote authentication settings show admin scp Commands on page 327 Show the SCP server and username used to import and export software upgrades TCP dumps and other information show admin snmp Commands on page 328 Show the SNMP configuration show admin soap Commands on page 333 Show the Simple Object Access Protocol SOAP server used to synchronize configurations show admin ssh on page 335 Show the status of the SSH interface show admin stats history status on page 335 Show whether collection of historical statistics for forwarders clusters and target hosts services is enabled show admin syslog on page 335 Show the Syslog configuration CLI Command Summary m 11 Command Line Reference Guide for DXOS Command Description show admin tcpdump Commands on page 336 Shows where TCP dumps are sent email address SCP server or TFTP server sho
81. Syntax 344 m show capacity Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X 3G Cache Displays cache usage statistics for a named cache To monitor the cache usage specify the number of seconds between each new row of statistics Note that long URLs will be truncated show cache lt name gt stats lt seconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X 3G Cache lt details gt Shows detailed statistics based on the specified criteria The LRU is the Least Recently Used element and the MRU is the Most Recently Used element Where the commands take an optional lt number gt argument the lt number gt limits the count of records The valid range for lt number gt is 1 100 and defaults to 100 show cache lt name gt stats detail number summary object_size content_type hit_count number MRU number LRU number Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X 3G Cache Shows the DX CPU and memory usage and the amount of interface and network traffic To view the system capacity specify the number of seconds between new rows of statistics The values shown are averaged over the previous 60 seconds show capacity lt seconds gt Roles Mode s show clock Description Syntax Roles show cluster
82. The total number of packets received by all clients Flushed The total number of connections that have been flushed by ActiveN Once the appliance receives a RST or a FIN from the client for an active connection it then waits a number of seconds and flushes the connection The counter is then incremented syn The total number of SYNs sent by all clients rst The total number of RSTs sent by all clients fin The total number of FINs sent by all clients Current Sessions Active The current number of established TCP sessions Fin The current number of FINs sent by the client prior to ActiveN flushing Reset The current number of RSTs sent by the client prior to ActiveN flushing Troubleshooting these parameters depends upon the nature of the problem that is occurring For instance if the active session count is really high and increasing but the flushed count is low and not increasing this could imply there are slow client or target hosts or there could be high latency on transactions with the DX By knowing what these values mean you can keep track of what is going on in your site primarily from the client side to the DX Dividing these numbers by time can give you an average occurrence count of each variable in the ActiveN statistics show activen Commands Mm 315 Command Line Reference Guide for DXOS show activen Description Shows the basic ActiveN configuration parameters S
83. This command does not take effect until after a write operation set failover nodeid lt N gt auto Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover Enables or disables failover communication with one or all static peers enabled by default To add a remote peer see add failover peer on page 17 This command does not take effect until after a write operation set failover peer lt ip all gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover Chapter 3 Set Commands set failover peer listen port Description Syntax Roles Mode s set failover stateful Description Syntax Roles Mode s Sets the port number used by one or all remote static peers to listen for ADFP Active and Standby packets default is port 9500 To add a remote peer see add failover peer on page 17 This command does not take effect until after a write operation set failover peer lt ip all gt listen port lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover Enables or disables sticky failover on the DX Unified Failover must be enabled see set failover on page 215 for this command to have an effect Sticky failover is disabled by default This command d
84. X Global Configuration Shows the cluster listen SSL cipherlist file name show cluster lt name gt listen ssl cipherfile Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen ssl cipherlist Description Syntax Roles Mode s Shows the cluster listen SSL cipherlist actual list of cipher suites that are being used The list includes he name version key exchange authentication encryption and hash methods for each cipher suite show cluster lt name gt listen ssl cipherlist show cluster listen ssl ciphersuite Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the cluster listen SSL cipher suite show cluster lt name gt listen ssl ciphersuite Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen Commands m 371 Command Line Reference Guide for DXOS show cluster listen ssl clientauth Description Use the show cluster lt name gt listen ssl clientauth commands to show the configuration of the SSL client authentication parameters for a specific cluster show cluster lt name gt listen ssl clientauth shows the SSL client authentication configuration Syntax show cluster lt name gt listen ssl client
85. X X X Mode s Global Configuration show admin snmp Commands m 329 Command Line Reference Guide for DXOS show admin snmp status Description Syntax Roles Shows whether the SNMP is up or down show admin snmp status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap Description Syntax Roles Use the show admin snmp trap command to display options related to sending SNMP traps show admin snmp trap Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap authfailure Description Syntax Roles Displays the status of authentication failure trap sending show admin snmp trap authfailure Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap enterprise Description Syntax 330 m show admin snmp Commands Displays the status of enterprise specific trap sending show admin snmp trap enterprise Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap generic Description Displays the status of the generic trap s
86. Xx X Global Configuration Sets the default route This command takes effect immediately Enter a write command to retain the change after the next reboot set route default lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Enables or disables the DX server This command takes effect immediately Enter a write command to retain the change after the next reboot set server lt up down gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration set server compression Commands Use the set server compression commands to configure server compression set server compression 2k_padding Description Disables or enables 2 KByte padding for compression to correct a problem with Internet Explorer IE 5 x clients when gzip compression is enabled as Accept encoding disabled by default This problem was fixed in IE 6 x This command does not take effect until after a write operation Syntax set server compression 2k_padding lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression browser Description Sets the compression option for a specific browser default is recommended Thi
87. a given name surname cn etc It is best to use uid as it is normally a unique attribute for each person The authentication will fail if multiple matches are found The default value is uid This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap uid lt string gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap version Description Syntax Roles Mode s This command is used to set the LDAP protocol version The default is LDAPv3 This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap version lt 2 3 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication method www Description Syntax This command is used to set the method of authentication used for the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication method www 154 m set cluster aaa authentication Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s HTTP S Authentication set cluster aaa authentication password empty_allowed Description Enables
88. aaa authentication sso cookie Umeout cc eeeeeeeeeeeeeees 160 set cluster aaa authentication SSO 0 ccc tteeeetttteteeeeeeeeeeeees 160 set cluster aaa authentication SSO domaine 161 Set cluster dpprule Commands cata eset le STEE 161 Set Cluster apprule een dest Dee dE babes 161 set cluster apprule limit retryPOSt uens ai sorore cece eee a ei 161 set cluster apprule Tulesetirca2 3 92 Segoe ee Mahe init 162 set cluster balance Commande 162 set cluster balance polla emeten ene n a bara abel 163 set cluster balance policy urlhash lt urllen zs 163 set cluster cache Commands liceo ito Sue deen 163 Set Cl ster cache wade cece sient ets ed aldo SEENEN 163 set cluster cache lt disabled enabled ze 164 Table of Contents m XIII Command Line Reference Guide for DXOS XIV m Table of Contents set cluster Compression Commande 164 set Cluster compression ZR PAdGIN Gis seor mks ii 164 set cluster compression browser global 164 set cluster compression browser ines 165 Set ClUSTEL COMPLESSION CME eaea atan col ght ohne lens ue ease 165 set cluster compression cmt disabled enabled Global 2 ssh meanest 165 set cluster compression flushthreshold 0 0 cc ccsseeeeeeeeeeeeeeeeeeeeeeeeeees 166 Set cluster compression forGEsi ageet Eed bo teatre 166 set cluster compression global 166 set cluster compression bpi10 167 set cluster compression jaVASCTIPE 0 0 ee eet tttttttteeeeeeeeeeeees 167 set cluster
89. are Table 5 NTLM Authentication Tuning Options Options Action No Selecting this option disables connection binding for this cluster Yes Selecting this option enables connection binding for this cluster The settings made by this command will only take effect after a write operation set cluster lt name gt target tune Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration An example of a typical tuning tool session is shown below The default answer for each of the questions is marked with an asterisk set cluster 1 target tune This will help optimize the communication with the Target Hosts within this cluster It will help ensure that functionality is maintained while providing the most possible benefit Please answer the following questions Enter Control C at any time to exit without modification D D 2 3 4 5 6 Please select the Target Application Other PeopleSoft Domi no5 Domi no6 JDE OWA Enter Selection 1 2 1 2 3 Please select the Target Web Server Type Other Apache IIS4 Enter Selection 1 3 N Y Is NTLM Authentication used No 639 Yes Enter Selection n You have selected Target Application Other Target Web Server Other NTLM Authentication No Chapter 3 Set Commands Continue using these selections N No Start Over Y Yes Use the
90. both units should have the same Virtual IP settings A forwarder is a mechanism for forwarding traffic on to a set of servers It listens for incoming traffic on a specific virtual IP address and port and distributes it over the target hosts Unlike a cluster a forwarder blindly forwards incoming traffic on to its target hosts These typically are not web servers and the forwarder does not attempt to accelerate the outgoing traffic This is for non HTTP traffic the forwarder simply passes the traffic through without examining it The fully qualified DNS name for the Accelerator Key file for SSL traffic Password for the SSL key Checks whether the target hosts are available by periodically sending an HTTP request to a specific URL on the target hosts 473 Command Line Reference Guide for DXOS 474 m Table 19 Glossary Layer 7 Health Check Request Interval Layer 7 Health Check Request URL Path Layer 7 Health Check Retry Threshold Layer 7 Health Check Resume Threshold Layer 7 Health Check Status Code Layer 7 Health Check Page Size Layer 7 Health Check Expect String Listen Port Listen IP Address Listen IP Netmask Log Host Logging Media MTU Netmask NTP RADIUS Redirector Redirector Host Redirector Port Redirector Protocol The number of seconds separating each health check request sent to the the target hosts The alid range of values is 1 60 seconds The URL path that is re
91. browser version as shown in Table 13 on page 379 show server stats history http listen version Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history http target Description Syntax Roles Mode s Show the historical target statistics for the server show server stats history http target Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history http target bytesin Description Syntax Roles Mode s Shows the target bytes from servers sorted by content type as shown in Table 14 on page 380 show server stats history http target bytesin Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history http target bytesout Description Syntax Shows the target bytes sent to users sorted by content type as shown in Table 14 on page 380 show server stats history http target bytesout show server stats Commands m 445 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http target content Description Shows the types of content handled sorted b
92. cacertfile Description Syntax Roles Mode s Sets the advertised Certificate Authority CA file as a lt filename gt for the cluster The lt filename gt must contain a list of one or more valid CA certificates that are self signed or signed by m A well known trusted CA m ACA listed in the trusted CA certificate file All certificate entries in this file must be in base64 encoded format This command does not take effect until after a write operation set cluster lt name gt listen ssl clientauth cacertfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl clientauth cacrlfile Description Syntax Roles Mode s 186 m set cluster listen Commands Sets the CA Certificate Revocation List CRL as a lt filename gt for the cluster The lt filename gt must be a list of one or more valid CRLs containing certificates signed by one of the CA s listed in the trusted CA certificate file All CRL entries not corresponding to an entry in the trusted CA certificate file are ignored All CRLs listed in the file must be in base64 encoded format This command does not take effect until after a write operation set cluster lt name gt listen ssl clientauth cacrlfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global
93. changed and the peers assume that the new IP address is for a different interface on the same DX This command does not take effect until after a write operation Syntax set failover discovery interface ether lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Unified Failover 216 m set failover Commands Chapter 3 Set Commands set failover discovery port Description Syntax Roles Mode s Sets the port number used to discover peers enabled for Unified Failover default is 9500 The ADFP Discovery packets are sent to this port This command does not take effect until after a write operation set failover discovery port lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover set failover forcemaster Description Syntax Roles Mode s set failover linkfail Description Syntax Roles Mode s Enables or disables a device as the master disabled by default You can force a standby node to become the master at any time If forcemaster is set on multiple peers the peer with the lowest node ID becomes the master This command does not take effect until after a write operation set failover forcemaster lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unifie
94. cluster lt name gt target ssl keyfile clear cluster target Commands m 51 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target ssl keypass Description Clears the target side SSL keypass pass phrase for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt target ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster weblog Commands Use these commands to configure the Weblog feature clear cluster weblog batch copy time Description Clears one of the three times for the Web Log to be transmitted to the configured Syslog server This command does not take effect until after a write operation Syntax clear cluster lt name gt weblog batch copy time lt 1 2 3 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Statistics clear cluster weblog batch scp keyfile Description Clears the non password protected private key This command does not take effect until after a write operation Syntax clear cluster lt name gt weblog batch scp keyfile 52 wm clear cluster weblog Commands Roles Mode s Chapter 2 Add Through Reset C
95. cluster compression 2k padding 358 show cluster compression DFOWSET ee eee cece eeeeeeeeeeetetttetteneeeeeeeeeees 358 Show cluster COMPFESSION mt 358 show cluster compression CME status 359 show cluster compression flushthreshold 0 cece eceeeeeeeeeeeeeeeeeeeeeees 359 show cluster compression Torce eettteetttetneeeeeeeeeeeees 359 show cluster compression bp 360 show cluster compression J vascrtpt tttetttteeeeeeeeeees 360 show cluster compression MSOFFICE 00 0 teteteteeeeeeeeeeeeeeees 360 show cluster compression OCLELStTEAM 2 22 2 eteteeeeeeeeeeeeeeeeeeeeees 361 Table of Contents show cluster compression OptiMiZatiOn cece eteeteeeeeeeeeeeeeees 361 show cluster COMPpressi0n POLICY cee eee ece eee eeetettetttteeeeeees 361 show cluster compression SHOCKWAVE ccccceceeeeeeteeeetttetteteeeneeeeeees 361 show cluster compression targetcompression encoding ee 362 show cluster compression targetcompression mode 362 show cluster compression text zs 362 shoW cluster con rectal desea pe rd ads creia 363 show cluster CONVErt3O2Protocol cc ceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeaeneenes 363 show cluster customiplogheader ooooocoocccccccccccoconona nono nn ncccccnco conan nano nnnncnnccnnns 363 Show cluster description ici ltd ins 363 O A Ree Ee ees 364 show cluster health Commande 364 show cluster bealn nono rais iA Er CEER non narnia 364 show cluster
96. compression MSOFfiCE 0 0 eettetttttteeeeeeeeeeeeeees 167 set Cluster COMPpression ocCtetstream 168 set cluster compression OPtiMiZAatiON ee ee eee nono orar orar 168 set cluster compression of 168 set cluster COMPFESSION POLICY eee nn nncccncnnnnonann nan n nc nnccnnns 169 set cluster compression sharepoint eect eteteeteeeeeeeeeeeeeeeees 169 set cluster compression SHOCKWAVE oooiocccccccccccccnnononnnnnnnnn nono nnonrncnnnnnos 169 set cluster compression targetcompression encoding ees 170 set cluster compression targetcompression Mode occoiccicoccnnnnnnnnnnccc no 170 set Cluster COMPTEssiON lt teEX ze 171 Set cluster GEO eegene EES 171 set cluster convert 02 protocols anini ii aie ade 171 set cluster customiploghcad enee ja dane ee 174 Set cluster GESCri PON tt A ao 174 SEC CUEROS ege EE ain eas ates Doles ees 174 set cluster forwardclientcert headername ee ceeeeececeee cece eect teen nneees 175 set cluster health Compass 175 set cluster health connect Internal 176 set cluster health connect eg 176 set cluster health connect timeout ENNEN ENEE 176 set cluster health request lt disabled enabled ze 177 set cluster health request Internal 177 set cluster health request res E ar a aa a E EEE OED e 177 set cluster health request returncode eseeeeeeesesessisirirrrrrrreerrrrrrrrrs 178 set cl ster el UE 178 set cluster health request String cuina tii ci tain as 178 set cluster health request O
97. connbind on page 171 Enable or disable connection binding set cluster convert302protocol on page 171 Enable or disable the conversion of HTTP302 responses from HTTP to HTTPS or from HTTPS to HTTP set cluster customiplogheader on page 174 Specify a custom header for the IP log set cluster description on page 174 Specify descriptive text for a cluster set cluster dsr on page 174 Enable or disable Direct Server Return DSR set cluster forwardclientcert headername on page 175 Set the header name of the client s authentication certificate when client authentication is performed over SSL set cluster health Commands on page 175 Specify the content health check parameters for target servers set cluster httpmethod Commands on page 180 Enable or disable the Forward Proxy Accelerator set cluster listen Commands on page 181 Specify properties for cluster listen traffic between the DX and the client browser set cluster name on page 190 Change a cluster name set cluster owa on page 191 Enable or disable support for Outlook Web Access OWA set cluster sacompat Commands on page 191 Enable or disable DX compatibility with the Juniper Secure Access SSL VPN SA solution set cluster stats history on page 192 Enable or disable the collection of cluster statistics history set cluste
98. cookie Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication 352 m show cluster aaa authentication Commands Chapter 4 Show Through Write Commands show cluster aaa authentication sso cookie name Description This command is used to show the Single Sign On SSO cookie name for the cluster Syntax show cluster lt name gt aaa authentication sso cookie name Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication sso cookie timeout Description This command is used to show the Single Sign On SSO cookie timeout configuration setting for the cluster Syntax show cluster lt name gt aaa authentication sso cookie timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication sso domain Description This command is used to show the Single Sign On SSO domain for the cluster Syntax show cluster lt name gt aaa authentication sso domain Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication sso status Description This command is used to show whether Single Sign On
99. deflate Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression global Description Resets all the cluster compression settings to the global defaults This command does not take effect until after a write operation Syntax set cluster lt name gt compression browser global 166 m set cluster compression Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression http10 Description Disables or enables compression for HTTP 1 0 Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression htt10 lt disabled enabled global gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression javascript Description Disables or enables compression for application x javascript Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression javascript lt disabled enabled global gt Roles Network Network Security Secur
100. gslb Commands show gslb agent Description Syntax Roles Mode s Use the show gs1b command to show the Global Server Load Balancer GSLB configuration Shows the GSLB agent configuration or just the specified setting show gslb agent encryption key status listen port vip show gslib agent stats Description Syntax Roles Mode s show gslib localdns Description Syntax 418 m show gslib Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Server Load Balancer Shows the GSLB agent statistics show gslb agent stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Server Load Balancer Shows the internal DNS server configuration on the GSLB master show gslb localdns Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Server Load Balancer show gslib localdns domain Description Syntax Roles Mode s Shows the configuration of one or all domains in the internal DNS server on the GSLB master show gslb localdns domain lt domain gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Server Load Balancer show gslib remotenode Description Syntax
101. gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Application Rules import snapshot system Description Syntax Roles Mode s 100 m import Commands Imports a system snapshot onto the DX from a remote location via SCP only This command does not take effect until after a write operation import snapshot system lt src gt Network Operator Network Admin Admin Security Admin Security Operator Target User Operator X Global Configuration Chapter 2 Add Through Reset Config Commands import ssh authorized_keys Description Syntax Roles Mode s Allows any user to import their own public SSH key to the DX appliance import ssh authorized_keys path Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration import user ssh authorized _keys Description Syntax Roles Mode s import users Description Syntax Roles Mode s Imports the public SSH key for a specific user The file you import will be renamed to authorized_keys on the DX appliance import user name ssh authorized_keys path Network Operator Network Admin Security Admin Security Operator User Target Admin Operator Xx Global Configuration Imports user accounts to the DX from a remote location via TFTP or
102. health connect 0 eee eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeetteeeeeeeseeeees 365 show cluster health connect Internal 365 show cluster health connect sl 365 show cluster health connect timeOut 0 cece etteeenteeeeeeeeeees 365 show cluster health request interval eseesserereressisisirirrrrrrrrerrrerrre 366 show cluster health request resume 0 cece ccceeeeeeteeeeettttteeeeeeeeeeeees 366 show cluster health request returncode coococcccccccccccccccnnononnnnnnnnnnnnonoiiins 366 show cluster health request Size 0 eee eee e cece cece cece eee tetttnteteeeeeeeeeees 367 show cluster health request status 367 show cluster health request timeOut ooooocicccccccccccccccnnnononnnnnnnnnnnnniorannnns 367 show cluster health request urlpath eee ceeeeeeeeeeentetttteeeeees 368 show cluster health request USeragent 0 00 cece eee eeeeeteettteeeeeeees 368 show cluster Health retry scsi aot neal awed es Ne 368 show cluster httpmethod 02 nicis ueri ie ate Ate es ota Bes 369 show cluster listen Commandes 369 show cluster EE 369 show cluster listen Interface 369 Show cluster listen PO mii a a dida 370 show cluster listen qos Show Gluten ad ea Ma lA DO leo show clusterilistenssl Gerthile eh eener 370 show cluster listen ssl ciphiertile scsi tssk etiolated este Ae Non ee tele 371 show cluster listen ssl cpberher no cnrrnrrrnnnnnrrorarnrnnns 371 show cluster listen ssl ciphersuite 0 0 0 cee eettretettttteeeeeeeeeee
103. is used to forward non HTTP TCP traffic such as SMTP traffic show forwarder Description Shows information for one or all forwarders Syntax show forwarder lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration 410 m show flash Chapter 4 Show Through Write Commands show forwarder balance Description Shows all information related to the current load balancing policy for the forwarder Syntax show forwarder lt name gt balance Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show forwarder balance policy Description Shows the current load balancing policy for the forwarder Syntax show forwarder lt name gt balance policy Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show forwarder description Description Shows the description information for a forwarder Syntax show forwarder lt name gt description Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X show forwarder dsr Description Shows the Direct Server Return DSR mode for a forwarder Direct Server Return DSR A configuration where requests from the DX to the server are returned by the server directly to the cl
104. lt all Ip pott gt ritos 196 set cluster target host lt ip port gt lt disabled enabled gt ooo 196 set cluster target host lt all ip port gt lt hardpaused softpaused UN PAUSE ET 196 Set clustertargetloGalipos EE 197 set cluster target name lt dns name 197 set cluster target OSes geed al elen 197 SEL leegen eeben ie de EA aah ere 198 Set cluster t rgetsska tochain in nenn i lios 198 set cluster t rgetssl Eegen eae E A E EA E NOE 198 set cluster target Ssi cipherle io it e 199 set cluster target ssl ciphersuite all 199 set cluster target ssl ciphersuite COMMON coooccccoccccccccccccccninana conc cnn ncnnccn n 199 set cluster target ssl ciphersuite exvport eee cece eeteetetteeeeees 200 set cluster target ssl ciphersuite fie 200 set cluster target ssl ciphersuite Strong oooicnnnnnonnccccccccccccnccnonan cnn nn nn ncncnnno 200 TEE 201 Set Cluster target ssl TE 201 Set Cluster target ssl keep ergeet 201 Table of Contents m XV Command Line Reference Guide for DXOS seticluster target Ssl proto Col cats 202 SEECIUSLEF tarSet SSETIMEOUE E 202 SEE CIUSIEP LALCEE DEET 202 SEE CIUSKED transparenty Aperi beniren a n idad ld 205 Street COMMAN OS knrn a a 205 SEE CIUSLER WEDIO S aen RR 207 set cluster weblog batch COMpresSiOn cooiccnccccoconcccccccccnccnonannnnnn nn nnccnnns 207 set cluster weblog batch copy Copwvngow 207 set cluster weblog batch copy Internal 208 set cluster weblog batch Copy size 208 set cluster
105. lt name gt nat Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show sIb group nat port Description Displays the start or end of the range pf ports that are subject to NAT Syntax show slb group lt name gt nat port lt end start gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group policy Description Displays the load balancing policy for the group Syntax show slb group lt name gt policy Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb Commands m 453 Command Line Reference Guide for DXOS show slb group priority Description Displays whether priority based load balancing is enabled for the group Syntax show slb group lt name gt priority Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slib group protocol Description Displays the protocol used for the group TCP or UDP Syntax show slb group lt name gt priority Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group service Description Displays the service type for the g
106. m Global Server Load Balancing GSLB To use Unified Failover you must disable the individual failover configurations for each service the two failover methods are mutually exclusive When Unified Failover is activated failover is enabled for each active service that supports it currently the DX server SLB GSLB and ActiveN The Appliance Discovery and Failover Protocol ADFP is used to dynamically discover all DX peers in the same network that are enabled for Unified Failover Peers on remote networks such as remote GSLB nodes can be defined manually as static peers A master node can be designated manually or negotiated among the peers The master node aliases the VIPs floating VIPs and VMACs for the other peers which remain in standby mode Whenever the master fails over two SNMP traps are generated failoverStateMaster by the new master and failoverStateStandby by the previous master Most services run only on the master However if you activate both the DX server and ActiveN to do load balancing across multiple nodes the server runs on each node and Unified Failover monitors only ActiveN After Unified Failover is disabled each service can be enabled or disabled manually and rebooting the DX will start all enabled services Enables or disables Unified Failover disabled by default Enabling failover initiates failover processing Disabling failover on a DX stops the failover processing if the DX is the master a
107. max_blades Description Syntax Roles Mode s Sets the maximum number of blades in the system 1 to the licensed limit The max_blades option can be set only when ActiveN is disabled This command does not take effect until after a write operation set activen max_blades lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen session timeout Description Syntax Roles Mode s Sets the global purge timers for idle sessions These commands do not take effect until after a write operation set activen session timeout lt ackwait active closewait gt lt seconds gt m ackwait Three way TCP handshake has not completed default is 10 seconds m active Active sessions default is 100 seconds m closewait Sessions terminated by the client default is 25 seconds Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen sticky timeout Description Syntax Sets the timeout value for client IP sticky The default value is 120 minutes the minimum is one minute and the maximum is 30 days These commands do not take effect until after a write operation set activen sticky timeout lt minutes gt set activen Commands 8 117 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator
108. name gt stats history http target bytesin Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring 382 m show cluster stats Commands Chapter 4 Show Through Write Commands show cluster stats history http target bytesout Description Shows the target bytes sent to users sorted by content type as shown in Table 14 Syntax show cluster lt name gt stats history http target bytesout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http target content Description Shows the types of content handled sorted by content type as shown in Table 14 Syntax show cluster lt name gt stats history http target content Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http target decompression Description Shows historical statistics for decompression Syntax show cluster lt name gt stats history http target decompression performed failure hour day month year Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http target responsecode Description Shows the quantity of eac
109. not take effect until after a write operation Syntax clear slb group name all gt healthcheck maxtries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear sib group session timeout Description Resets the session timeouts to the default values for one or all SLB groups This command takes effect immediately Enter a write command to retain the change after the next reboot Syntax clear slb group lt name all gt session timeout lt ackwait active closewait gt clear slb Commands m 71 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear slb group stats Description Clears the statistics for one or all groups This command does not take effect until after a write operation Syntax clear slb group lt name all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer clear slb group sticky entry Description Clears one or all entries associating client IP addresses with target hosts This command does not take effect until after a write operation Syntax clear slb group lt name gt sticky entry lt ip all gt Roles Network Network Security Security Target Adm
110. numtries gt ip lt ip_of_other_DX gt type icmp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall Load Balancer set fwlb group listen Description This command is used to identify the interface on which the firewall load balancer should listen for traffic Specifying the virtual IP address VIP port and netmask is sufficent normally however if you are using a wildcard VIP you must also specify the interface and VLAN set fwlb Commands m 239 Command Line Reference Guide for DXOS Syntax Roles Mode s The following defaults apply Setting Default Value VIP NULL port 0 netmask 0 0 0 0 ether 0 VLAN 0 This command does not take effect until after a write operation set fwlb group lt name gt listen vip lt ip gt port lt port gt netmask lt netmask gt ether lt ether_id gt vlan lt vlan_id gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Firewall Load Balancer set fwlb group session timeout Description This command is used to specify the maximum amount of time a session may be idle before the session is closed by the firewall load balancer The default is 30 minutes This command does not take effect until after a write operation Syntax set fwlb group lt name gt session timeout lt time_in_sec gt Roles Network Network Security Se
111. of Contents m XXIX Command Line Reference Guide for DXOS XXX wn Table of Contents show server compression OptiMiZatiONn ee eee etteteeeeeeeeeeees 439 show server COMPFESSION Doten 439 show server compression SHOCKWAVE ccc cece eee eeeeeretetttttttneeeeeeeeeeees 439 Show Server COMPressiON lt teEXt ze 439 lee eene ET 440 SHOW SEFVEL LallOVED aotearoa de taria 440 show server een 440 DN EE e CTT 441 show server reversepath Commandes 441 SNOW server reversepath nono nnnnn nn nn oran nn irnnannos 441 show server reversepath entree 441 show server reversepath MaxTQutES coooococcccccccccccccnnnnonononnonnnnnnnnnniniiiinns 442 show server reversepath Umeout teetteeetttttteeeeeeeeeeeees 442 show server stats Commandes 442 STEIER een As oran ii acabe Se EE 442 show server stats au 443 show Server Stats bistonm ooooocnooncccccccccccccconoann ono non nnoncnonononnann anna nn nn nnccnnns 443 show server stats history http Ieren 443 show server stats history http listen browser ee eeeeeettteeeeees 443 show server stats history http listen method 000oocccnnnnnnnninnccccccnncccccn nn 444 show server stats history http listen req err oo eee eeeeeeees 444 show server stats history http listen request ee eeeeeeeeeeees 444 show server stats history http listen version 445 show server stats history http orger eeee cere conan cnc cnnccnnno 445 show server stats history http target Dvtesi
112. or disables the acceptance of empty null passwords disabled by default By default AAA authentication fails if the password has a null value This command does not take effect until after a write operation Syntax set cluster lt name gt aaa authentication password empty_allowed lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s HTTP S Authentication set cluster aaa authentication password maxage Description Sets the maximum number of days a password can be used Syntax set cluster lt name gt aaa authentication password maxage lt days gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication set cluster aaa authentication password maxlength Description Sets the maximum number of characters in a password Syntax set cluster lt name gt aaa authentication password maxlength lt number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication set cluster aaa authentication Commands m 155 Command Line Reference Guide for DXOS set cluster aaa authentication protocol Description Syntax Roles Mode s This command is used to set the authentication protocol used for the cluster This command does not take effect until after a
113. reboot set forwarder lt name gt target host lt ip port gt weight lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder target localip Description Sets the local IP address to be used for communication with all the target hosts in this forwarder This command does not take effect until after a write operation Syntax set forwarder lt name gt target localip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder Commands m 233 Command Line Reference Guide for DXOS set forwarder target qos Description Sets the DSCP ToS values on traffic sent to target hosts see set qos Commands on page 268 set forwarder target ssl Description Disables or enables SSL for forwarder target traffic This command does not take effect until after a write operation Syntax set forwarder lt name gt target ssl lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder target ssl autochain Description Enables or disables SSL autochaining for forwarder target connections When enabled this command also sets the root certificate settings This command does not take effect until after a wri
114. retain the change after the next reboot Syntax set admin stats history up down set admin ssh m 137 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set admin syslog Commands Description Use the set admin syslog command to set up one or two Syslog hosts for logging purposes The Syslog facility is used when the set admin log syslog level is set For additional information see set admin log Commands on page 119 set admin syslog facility Description Syntax Roles Mode s Sets the Syslog facility The default LOG_USER This command does not take effect until after a write operation set admin syslog facility lt LOG_LOCALO LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4 LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_USER gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin syslog host lt 1 2 gt ip Description Syntax Roles Mode s 138 m set admin syslog Commands Sets the IP address or hostname for the first or second Syslog server This command does not take effect until after a write operation set admin syslog host lt 1 2 gt lt ip address hostname gt Network Network Security Security Target Admin Admin Operator Admin Operator User Ope
115. set activen failover vmac id lt id gt show activen failover U o Used to assign the Virtual MAC Address VMAC to the specified ID S hows the ActiveN only failover settings Server Commands set server failover lt disabled enabled gt Use the set server failover command to disable or enable the DX server failover The first server established with failover is the active server the second is the standby server Disabling the server failover command will also disable the server failover vmac commnad if it was enabled set server failover linkfail count Failover link failure count The default is 4 set server failover linkfail pollinterval Failover link failure poll interval in milliseconds The default is 500 set server failover vmac lt disabled enabled gt Disables or enables the failover with a Virtual MAC vmac option Available only on the Ethernet 0 interface set server failover vmac id Failover Virtual MAC vmac ID The valid range is 1 to 254 The default is O show server failover lt blank gt Shows the failover server show server failover linkfail lt blank gt Shows all link fail information show server failover linkfail count Shows the number of failures that have occurred m 479 Command Line Reference Guide for DXOS Table 21 Service Specific Failover Commands Command Description show server failover linkfail pollin
116. set admin log method health memory level lt info gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin log method health syslog facility Description Sets the syslog facility for scriptable health logs Syntax set admin log method health syslog facility lt LOG_LOCALO LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4 LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_USER gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Mode s Global Configuration set admin log method health syslog level Description Sets the log level for scriptable health logs sent to a syslog server Syntax set admin log method health syslog level lt info gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin log Commands m 123 Command Line Reference Guide for DXOS set admin log method system email level Description Syntax Roles Mode s Sets the log level for system logs sent by email Sends a log message to the configured email address es when an event greater than or equal to the selected level occurs This command does not take effect until after a write operation set admin log method system email level lt ALERT EMERG gt Network Network Security Security Target Admin A
117. set cluster lt name gt apprule limit retrypost lt int gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Application Rules set cluster apprule ruleset Description Sets the filename for the AppRule ruleset for a specific cluster This command does not take effect until after a write operation Syntax set cluster lt name gt apprule ruleset lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Application Rules set cluster balance Commands Description Use the set cluster lt name gt balance commands to set the load balancing policy for a cluster The following types of load balancing are available m Fewest Outstanding Requests A new incoming connection will be assigned to the cluster with the fewest outstanding connections m Round Robin All the servers in the list are used sequentially for every new TCP session For example if there are three servers S1 S2 and S3 the first request goes to S1 the second request goes to S2 and the third request goes to 53 The list wraps around when it reaches the end URL Hash Used to improve caching efficiency in clusters that use caching It causes the DX to hash on the URL If you always direct requests for the same URL to the same cluster then only that cluster needs to cache objects for that URL instead of having all the clust
118. shall be governed by the laws of the State of California without reference to its conflicts of laws principles For any disputes arising under this Agreement the Parties hereby consent to the personal and exclusive jurisdiction of and venue in the state and federal courts within Santa Clara County California This Agreement constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software and supersedes all prior and contemporaneous agreements relating to the Software whether oral or written including any inconsistent terms contained in a purchase order except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in writing by the party to be charged If any portion of this Agreement is held invalid the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement If you have any questions about this agreement contact Juniper Networks at the following address Juniper Networks Inc 1194 North Mathilda Avenue Sunnyvale CA 94089 USA Attn Contracts Administrator Table of Contents Chapter 1 Using the Command Line Interface CLI 1 ACCESSING INE Cll ai AAA GR SOAS os 1 Using SSH to Access E na
119. the maximum time in seconds that the DX will wait for the last byte of the HTTP response measured from the time that the Get request was sent default is 15 seconds If this timeout is exceeded the target will be marked as down with a new status code RT Layer 7 Down Response Timed Out This command does not take effect until after a write operation set cluster lt name gt health request timeout lt 1 60 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request urlpath Description Syntax Roles Mode s The URL path that the DX will send to target servers for health checks The URL path must begin with a This command does not take effect until after a write operation set cluster lt name gt health request urlpath lt url path gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request useragent Description Syntax Sets the user agent for health check requests The default is Mozilla 4 0 but is compatible with Microsoft Internet Explorer 5 5 and Windows NT This command does not take effect until after a write operation set cluster lt name gt health request useragent lt default n gt set cluster health Commands m 179 Command Line Reference Guide for DXOS Roles Mode s Network Networ
120. the weblog settings for the cluster show cluster lt name gt weblog Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster weblog batch Description Syntax Roles Mode s Shows all of the configuration parameters associated with the Web Log batch feature show cluster lt name gt weblog batch Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster weblog batch compression Description Syntax Roles Mode s Shows whether the Web Log will be sent to the Syslog host in compressed form or native format show cluster lt name gt weblog batch compression Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster weblog batch copy Description Syntax Shows both the copy size and the copy time for Web Log batch storage show cluster lt name gt weblog batch copy show cluster weblog Commands mM 397 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch copy interval Description Shows the intervals at which the Web Log will be sent to the Syslog host Syn
121. to import these configuration settings m User names and passwords for all users m Network settings including static routes and admin interface bindings m SSL keys and certificates m Current active server configuration m State of the services including m Server status m Telnet m SSH SNMP WebUI After the import operation you will be prompted to save the configurations using the write operation Admin services e g server WebUI SSH etc will also be 102 m install Syntax Roles Mode s list Commands list config list file Description Syntax Roles Mode s Description Syntax Chapter 2 Add Through Reset Config Commands prompted to start accordingly based upon their state before the instal operation was executed NOTE During an install the configuration files are copied to the non active partition If you reboot to the alternate partition immediately then the most recent configuration files are used and no problems should be encountered However you may choose to install the software and then reboot the DX at a later time to limit network impact If changes are made to the configuration between the install time and the reboot time the configuration files on the alternate boot partition are no longer current You must then do another install just before rebooting the unit in order to have updated configuration files on the alternate boot partition install Network
122. trap Deet adede da dea e 36 Clear admin syslog facility wick Sil deele hee 36 clear adimiriSVsloS Deet ee Gen Eege E a eise 36 Clear ad Mit tE AUN Lo ate RERE 37 clear admin EELER Servei eer dono geo do 37 clear ACMI ts du Pi toda et ot a eo O et 37 Clear admin webui Gel pass cutis 38 clear authentication Geleet eege Ze Ee 38 cear Ebene Eelere Gees 38 clear cluster aaa authentication Commandes 39 clear cluster aaa authentication Idap base dn 0c cceceeeeeeeeeeeeeeeeeeeeees 39 clear cluster aaa authentication ldap gd 39 clear cluster aaa authentication ldap Server occ 39 clear cluster aaa authentication ldap ssl cacertfle cc eeeeeeeeeeeeees 40 clear cluster aaa authentication ldap Uid ooo o roninininns 40 clear cluster aaa authentication radius server 40 clear cluster aaa authentication radius Server key 41 clear cluster aaa authentication Team 41 clear cluster aaa authentication redirect boer 41 clear cluster aaa authentication redirect protocol 42 clear cluster aaa authentication redirect ot 42 VI m Table of Contents Table of Contents clear cluster aaa authentication response Text 42 clear cluster aaa authentication SSO domaine 43 clear cluster apprule rules tras 43 clear cluster GER aset ergi deiere gesi Sieg eebe E EE ei e 43 clear cluster caceria ll ellas Meets 44 clear cluster compressed abastos 44 clear cluster cust omiplosheddetn re eaei Eege deehge eege 4
123. under this limited warranty is that Juniper at its option will repair or replace the media containing the Software or provide a refund provided that Customer makes a proper warranty claim to Juniper in writing within the warranty period Nothing in this Agreement shall give rise to any obligation to support the Software Any such support shall be governed by a separate written agreement To the maximum extent permitted by law Juniper shall not be liable for any liability for lost profits loss of data or costs or procurement of substitute goods or services or for any special indirect or consequential damages arising out of this Agreement the Software or any Juniper or Juniper supplied software In no event shall Juniper be liable for damages arising from unauthorized or improper use of any Juniper or Juniper supplied software EXCEPT AS EXPRESSLY PROVIDED HEREIN OR IN SEPARATE DOCUMENTATION PROVIDED FROM JUNIPER AND TO THE EXTENT PERMITTED BYLAW JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE WHETHER EXPRESS IMPLIED STATUTORY OR OTHERWISE INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT IN NO EVENT DOES JUNIPER WARRANT THAT THE SOFTWARE OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE WILL OPERATE WITHOUT ERROR ORINTERRUPTION OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK 9 Termination Any breach of this Agreement or failure by Customer to pay any a
124. until after a write operation Syntax set health script lt script_name gt testrun Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking 266 m set health Commands Chapter 3 Set Commands set health script vip Description Syntax Roles Mode s set hostname Description Syntax Roles Mode s Sets the Script VIP For this command the DX will determine the most appropriate interface to alias the IP address This command does not take effect until after a write operation set health script lt script_name gt vip lt vip gt set ntp Commands set ntp Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Connectivity Failover and Scriptable Health Checking Sets the host name of the DX device This command does not take effect until after a write operation set hostname lt hostname gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the set ntp command to configure support for NTP Disables or enables NTP support enabled by default This command does not take effect until after a write operation set ntp lt down up gt Network Network Security Security Target Admin Admin Operator Admin Operator User O
125. weblog status show cluster weblog Commands m 401 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster weblog syslog Description Shows all parameters for the Web Log Syslog function Syntax show cluster lt name gt weblog syslog Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog syslog host Description Shows cluster Web Log Syslog log host address Syntax show cluster lt name gt weblog syslog host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog syslog port Description Shows cluster Web Log Syslog port Syntax show cluster lt name gt weblog syslog port Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring 402 m show cluster weblog Commands show commands Description Syntax Roles Mode s show config Description Syntax Roles Mode s show dashboard Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Shows a hierarchical list of all CLI commands show commands Network Network Security Se
126. zero serverwide Domino 6 This option sets Standing Connection sc to two serverwide JDE OneWorld This option makes the following settings m Enable compression of MS Office documents serverwide m Turn off the use of 2k default value E Set a custom MIME type for application pdf serverwide m Enable use of custom MIME types serverwide m Disable the use of the HTTP Vary header serverwide OWA This option makes the following settings m Enable Extended HTTP Methods for this cluster m Enable WebDAV HTTP Methods for this cluster m Enable Connection Binding m Enable compression of unauthorized responses for this cluster m Enable compression of MIME type text xml serverwide m Enable compression of MIME type text x component serverwide Fwd Proxy This option sets the type of forward proxy Apache 1154 or Other The tuning options for the Target Web Server type are Table 4 Target Web Server Tuning Options Options Action Other Selecting this option disables protected TelnetClient tc3 support serverwide Apache Selecting this option enables protected TelnetClient tc3 support serverwide 1154 Selecting this option enables protected Internet Information Server support serverwide set cluster target tune m 203 Command Line Reference Guide for DXOS Syntax Roles Mode s Example 204 m set cluster target tune The tuning options for the NTLM Authentication
127. 219 set failover stateful Syncinterval ici dp 219 Set fallovervinac ethernet die 220 set fallovervimac ether deta Neel 220 ee eet 220 Set forwarder balance Policy dioenean ene a A e a 221 Set forwarder descriptio fi eioen e a a 221 set FOR Ar EE Ee tl A a ista 221 set forwarder health connect Internal 222 set forwarder health connect timeOut eee cece eeeettteteeeeeeees 222 Set forwarder Health retry coil Age gees 222 Set forwarder listen Port eben deg dese 223 Set Forwarder listen leede aioe lo EENS 223 XVI m Table of Contents Table of Contents set forwarder listen ssl eertfile crucis escritorio celda deed stane 223 set forwarder listen ssl ciphersuite all 224 set forwarder listen ssl ciphersuite Commom ccc eeeeeeeeeeeeeeeeeeeeeeees 224 set forwarder listen ssl ciphersuite EXPoOrt 2 00 eee eeeeteeeeeeeeeeeeeeeeees 224 set forwarder listen ssl ciphersuite file 225 set forwarder listen ssl ciphersuite strong eee eeeeeeteeeeeeees 225 set forwarder listen ssl ClientauUth 2 0 0 0 ieee a a a aaa a 225 set forwarder listen ssl clientauth autbtwvpe ee eeeeeeeeees 226 set forwarder listen ssl clientauth cacertfile 00 eeeees 226 set forwarder listen ssl clientauth acte 227 set forwarder listen ssl clientauth catrustfile 0 eee eees 227 Set forwarder listemissl a cr deene ee ee eer 227 set forwarder listen ssl AUCOCNAIN 20000 cece cece cece eetenttttteeeeeees 228 set forwarder listen ssl epbhkevftle ec eee eee c
128. 22 m set forwarder Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Health Checking set forwarder listen port Description Sets the forwarder s listen port the default is 80 This command does not take effect until after a write operation Syntax set forwarder lt name gt listen port lt port number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Configuration set forwarder listen qos Description Sets the DSCP ToS values on traffic sent to clients see set qos Commands on page 268 set forwarder listen ssl certfile Description Specifies the SSL certfile for forwarder listen connections This command does not take effect until after a write operation Syntax set forwarder lt name gt listen ssl certfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder listen ssl cipherfile Description Specifies the name of the user defined file containing a list of cipher suites that conform to the OpenSSL standard This command does not take effect until after a write operation Syntax set forwarder lt name gt listen ssl cipherfile lt filename gt set forwarder Commands m 223 Command Line Reference Guide for
129. 26 show admin remoteauth userrole ooccnnnnnnnicocococcccccccccnccconann nn nono ncncnnno 326 show admin scp COM Eege eet Gielen Eben 327 show el 327 ShO WAI SEP OVER e et Eesen 327 shOW adan EE Eat das Cello bad alice 327 show ad Oe nen EE 328 SAO WA SNMP EE 328 show admin SNMP Community 328 show admin snmp Community Ip 328 show admin snmp community NAME eee cece eee eetettteteeeeees 328 show admin snmp community netmask cece eeeeeeeteeeeeeees 329 SNOW admin SNMP CONTAC oo eee e cece cece cece ee ee tees eeeeeaeeeeattenteeeeeeeeeeeees 329 Show admin snmp location eee cece cece cece cece eee etttttneneeeeeeeeeeeeees 329 SNOW admin SNMP status 330 showadmin SNIMP AP indir ln its 330 show admin snmp trap authfailure ono 330 show admin snmp trap enterprise 0 2 2 cece eeeeeeeeteeeeeeeeeeeeeeeees 330 show admin snmp trap SENeTIC 0 sinea a e a e 331 show admin snmp trap OSC eee cccceteeeteeeeereettetttteeeeeeeeeeeeeeeeeees 331 show admin snmp trap host NEO RE 351 Table of Contents show admin snmp trap host 1 2 community o 332 show admin snmp trap EE 332 show admin snmp trap host 1 2 version 332 show admin snmp trap threshold ooccccccccccccccccnnonnnnnnnnnnnnnnrnrrrnnnnnos 332 show admin soap Commandes 333 SNOW admin SO a Mat d n Seege denned 333 SNOW admin SOAP Dot 333 SHOW e ue e EE 333 show admin soap ssl certfile 0 cece cece eee c cece eee e eee eeeettntneneeneneees 334
130. 4 clear cluster descripta atole 45 clear cluster forwardclientcert headername oocoonnincccccccnnnncccncccnononannn nn nnncnccnns 45 clear cluster health request iesise takers rccccnccnccncnnncnn nono no nnnonnnnnns 45 clear cluster listen ssl Commandes 46 clear cluster listen ssl certfilez oi mahea ieron aia hadaii benii 46 clear cluster listen ssl cipherfile 00 0 tttttttteneneenees 46 clear cluster listen ssl clientauth cacertfile oe eeeeeeteteeeeeees 46 clear cluster listen ssl clientauth cacrlfile coccion 47 clear cluster listen ssl clientauth cause 47 clear cluster listen ssl epbkevftle cece eeeeeeeeereentttteteeerees 47 clear cluster listen ssl epbkevpass eeeeeeeeeeeeeeneetttteeeeees 48 clear cluster listen ssl kevftle cece reeeeeteeeeeereettntttteeerees 48 clear cluster listen ssl KeypaSS 00oooooocccccnnnnccococonannnnnnnoncccnnnnnononann nan nnncnnnnn 48 clear cluster sacompat advanced url 49 clear clusterstal a e ESE IES 49 cleat clustet sticky Glientip Entry IA AA 49 cleat cluster target Commands eieiei tie SE EN 50 clear cluster target NOS AN ay eco tn eases 50 clear cluster target Totali ais aii E 50 clear Cluster LEET Re gid eat hs 50 clear cluster target ssl Geleet tense nei ai tessa 51 clear cluster target ssl ciphertil iaa A AE 51 clear cluster target ssl Keyfile iia a o 51 clear cluster target ssl Eugene ias 52 clear clustet weblog Command csi Een 52 clear cluster weblog batch COpy THM elitista 52 clear cluster
131. 4 1 15 the set sync group command is disabled on the DX 3670 Shows all of the settings for one or all synchronization groups show sync group name show sync group description Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Shows the description for a synchronization group show sync group lt name gt description Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show sync group Commands m 463 Command Line Reference Guide for DXOS show sync group member Description Syntax Roles Mode s Shows the username and password for the named synchronization group member or all synchronization group members show sync group lt name gt member lt id all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show sync group override Description Syntax Roles Mode s Shows whether the group override file is enabled and the file name You can also view just one setting show sync group lt name gt override filename status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show sync group timeout Description Syntax Roles Mode s Shows the time
132. Admin Admin Operator Admin Operator User Operator X X X X X show cluster stats Commands mM 377 Command Line Reference Guide for DXOS show cluster stats auth Description Displays the authentication statistics for one or all clusters Syntax show cluster lt name all gt stats auth Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats health Description Shows the health status information for the cluster For additional information see show cluster stats history on page 378 Syntax show cluster lt name gt stats health Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history Description Shows the statistics history for a specific cluster The statistics collected are in the categories as shown in Table 10 Table 11 Table 12 Table 13 and Table 14 Table 10 Browsers Browsers IE 6 0 Netscape 6 IE 5 5 Mozilla IE 5 1 Opera IE 5 0 Konquerer IE 4 x Safari IE Other None Netscape 4 Other 378 m show cluster stats Commands Table 11 Methods Chapter 4 Show Through Write Commands Methods GET COPY SEARCH LABEL HEAD MOVE SUBSCRIBE MERGE POST LOCK UNSUBSCRIBE BASELINE CONTROL PUT UNLOCK X MS ENUMATTS MKAC
133. Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster target name Description Shows the target cluster name Syntax show cluster lt name gt target name Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster target qos Description Shows the ToS DSCP settings for traffic sent to the cluster Syntax show cluster lt name gt target qos Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster target Commands m 393 Command Line Reference Guide for DXOS show cluster target ssl Description Use the show cluster lt name gt target ssl commands to show the SSL target configuration of a cluster show cluster lt name gt target ssl shows the target server SSL configurations Supported cipher suites are shown in Cipher Suites on page 477 Syntax show cluster lt name gt target ssl Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target ssl certfile Description Shows the target server SSL certfile Syntax show cluster lt name gt target ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration
134. Admin Operator User Operator X X X X Global Configuration show admin log method health syslog level Description Syntax Roles Mode s Shows the log level for scriptable health logs sent to a syslog server show admin log method health syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration show admin log Commands m 323 Command Line Reference Guide for DXOS show admin log method system email level Description Shows the log level for system logs sent by email Syntax show admin log method system email level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin log method system memory level Description Shows the log level for system logs to memory Syntax show admin log method system memory level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin log method system syslog facility Description Shows the syslog facility for system logs Syntax show admin log method system syslog facility Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin log method system syslog level Description Shows the log level for system logs sent t
135. Agreement 6 Confidentiality The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper As such Customer shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence which at a minimum includes restricting access to the Software to Customer employees and contractors having a need to use the Software 7 Ownership Juniper and Juniper s licensors respectively retain ownership of all right title and interest including copyright in and to the Software associated documentation and all copies of the Software Nothing in this Agreement constitutes a transfer or conveyance of any right title or interest in the Software or associated documentation or a sale of the Software associated documentation or copies of the Software 8 Warranty Limitation of Liability Disclaimer of Warranty If the Software is distributed on physical media such as CD Juniper warrants for 90 days from delivery that the media on which the Software is delivered will be free of defects in material and workmanship under normal use This limited warranty extends only to the Customer Except as may be expressly provided in separate documentation from Juniper no other warranties apply to the Software and the Software is otherwise provided AS IS Customer assumes all risks arising from use of the Software Customer s sole remedy and Juniper s entire liability
136. Cipher Suites on page 477 This command does not take effect until after a write operation set redirector lt name gt listen ssl ciphersuite all Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set redirector listen ssl ciphersuite common Description Syntax Roles Mode s 274 m set redirector Commands Allows only the fastest cipher suites from both the strong and export groups This command does not take effect until after a write operation set redirector lt name gt listen ssl ciphersuite common Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set redirector listen ssl ciphersuite export Chapter 3 Set Commands Description Allows for the lower security cipher suites that are suitable for export This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl ciphersuite export Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl ciphersuite file Description Allows a user defined list of SSL cipher suites to be used to configure a redirector This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl ciphersuite file Roles Net
137. Configuration Chapter 3 Set Commands set cluster listen ssl clientauth catrustfile Description Syntax Roles Mode s Sets the CA Trusted Certificate file to lt filename gt for the cluster The lt filename gt must be a file containing a valid list of one or more root or intermediate CA certificates each certificate is encoded in base64 format If the certificate is an intermediate certificate its root CA certificate must also be present in either a catrustfile or the cacertfile This command does not take effect until after a write operation set cluster lt name gt listen ssl clientauth catrustfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl clientauth forwardclientcert Description Syntax Roles Mode s Disables or enables forwarding of client certificates to the target host as an HTTP header default is disabled This command does not take effect until after a write operation set cluster lt name gt listen ssl clientauth forwardclientcert lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl clientauth forwardclientcert format Description Syntax Roles Mode s Sets the format of the certificate to be forwarded as an HTTP header Th
138. Configures the maximum number of routes that can be added with reversepath The minimum number is one and the maximum is 500 The default is 20 This command does not take effect until after a write operation Syntax set server reversepath maxroutes lt number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X x Mode s Global Configuration set server reversepath timeout Description Configures the timeout value for the entries added by reversepath Routes will be deleted after this interval of inactivity The minimum timeout value is one second and the maximum value is 5 000 seconds default is 45 seconds This command does not take effect until after a write operation Syntax set server reversepath timeout lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set server reversepath Commands m 291 Command Line Reference Guide for DXOS set sib Commands set sib Description Syntax Roles Mode s Use the set slb commands to configure the internal Server Load Balancer SLB The set slb disabled and set slb enabled options take effect immediately however a write operation is needed to make the change persistent The other SLB settings take effect only after a write operation See the Server Load Balancing chapter of the DX Application Acceleration Plat
139. DX Application Acceleration Platform Command Line Reference for DXOS Release 5 3 Juniper Networks Inc 1194 North Mathilda Avenue Sunnyvale CA 94089 USA 408 745 2000 www juniper net Part Number 540 021499 01 Revision 1 0 This product includes the Envoy SNMP Engine developed by Epilogue Technology an Integrated Systems Company Copyright 1986 1997 Epilogue Technology Corporation All rights reserved This program and its documentation were developed at private expense and no part of them is in the public domain This product includes memory allocation software developed by Mark Moraes copyright 1988 1989 1993 University of Toronto This product includes FreeBSD software developed by the University of California Berkeley and its contributors All of the documentation and software included in the 4 4BSD and 4 4BSD Lite Releases is copyrighted by the Regents of the University of California Copyright 1979 1980 1983 1986 1988 1989 1991 1992 1993 1994 The Regents of the University of California All rights reserved GateD software copyright 1995 the Regents of the University All rights reserved Gate Daemon was originated and developed through release3 0 by Cornell University and its collaborators Gated is based on Kirton s EGP UC Berkeley s routing daemon routed and DCN s HELLO routing protocol Development of Gated has been supported in part by the National Science Foundation Portions of the G
140. DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl ciphersuite all Description Syntax Roles Mode s Allows all supported SSL cipher suites for forwarder listen traffic This command does not take effect until after a write operation set forwarder lt name gt listen ssl ciphersuite all Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration set forwarder listen ssl ciphersuite common Description Syntax Roles Mode s Allows only the most commonly used cipher suites from both the strong and export groups This command does not take effect until after a write operation set forwarder lt name gt listen ssl ciphersuite common Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl ciphersuite export Description Syntax 224 m set forwarder Commands Allows only the lower security cipher suites that have been traditionally available for export This command does not take effect until after a write operation set forwarder lt name gt listen ssl ciphersuite export Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operato
141. Description Syntax Roles Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the time and date The output of the show clock command is in the following format lt YYYY MM DD HH MM SS TZ gt Where YYYY year MM month DD day HH hour MM minute SS second TZ timezone show clock Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Shows the cluster configuration for one or all clusters You can see only the cluster information allowed by your role show cluster name Network Operator Network Admin Security Admin Security Operator User Target Admin Operator X X show cluster aaa audit Description Syntax Shows whether HTTP S authentication auditing is disabled or enabled show cluster lt name gt aaa audit show clock m 345 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Commands Use the show cluster lt name gt aaa authentication commands to view the HTTP S authentication and authorization settings for a cluster show cluster aaa authentication Description Shows all of the authentication parameters that have be
142. E EES tral casan llos eidele 394 show cluster target Ssi cortle ra usina ar alerta ie 394 show cluster tafget Ssl EES drechen geess rege ech egent tenes 394 show cluster target ssl Ciphersuite ee cece aaea iaa a 395 Ne EE 395 show cluster target ssl pGrotocol eee cece eeeeeeetenttttteeeeeeees 395 show cluster target ssl Status 00ooooocncnnnnnnccccooaonn conc ncncncnono conan conc cnn ncccccnnns 395 show cluster target ssl tiMEOUt 0oococnnnnnnnocococonnnnnnncccconononinann nn nn nr nn ccccnnnns 396 show cluster target Status ooooooooncccoccccccccococononananonnnnnnncnnncnnononnn nan nn TAT 396 show cluster transparency cooocccccococonnnnnccnononononon nono nono nnnnnccnnononnnn arc nn nn nncncnnn 396 show cluster weblog Commandes 397 show Cluster Weblog s aniei aaraa daraa Airea dah nonnnncncnccnnonann nn nano SERA TUET 397 show cluster weblog batch ncnccccnnonononnnn nn n cnn ncnccnnns 397 show cluster weblog batch compression cnn nc nnnccnnns 397 show cluster weblog batch COPY 00oooccccconnccccocoonnonononcnonccnononann non n nn ncncnnns 397 show cluster weblog batch copy Internal 398 show cluster weblog batch Copy size 398 show cluster weblog batch copy me 398 show cluster weblog batch failure ce cece cece eee eeeettteeeeeeees 399 show cluster weblog batch failure retryinterval ees 399 show cluster weblog batch boer 399 show cluster weblog batch Spee 399 show cluster weblog batch scp directo
143. Global Configuration set admin email server Description The IP address or host name for the SMTP server This command does not take effect until after a write operation Syntax set admin email server lt smtp server gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin interface ether Description Sets the Ethernet interface to use for administration traffic lt N gt 0 1 2 N The specified interface will support SSH Telnet SNMP the Web UI and configuration synchronization SOAP This command does not take effect until after a write operation Syntax set admin interface ether lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin log Commands Description Use the set admin log command to set parameters for logging to various destinations including the memory of the DX email and the Syslog The severity levels are in the following order m EMERG Highest level m ALERT Lowest level set admin log Commands m 119 Command Line Reference Guide for DXOS If you set your alert level to ALERT you will get both EMERG and ALERT notices If you set your alert level to EMERG you will only get EMERG notices If neither the mai1to1 or the mai1to2 addresses are set the address set using the set admin email comman
144. Global Configuration set admin tsdump Commands m 141 Command Line Reference Guide for DXOS set admin tsdump mailto1 lt first gt Description Syntax Roles Mode s The first email address where the TSDump should be sent This command does not take effect until after a write operation set admin tsdump mailtol lt email address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin tsdump mailto2 lt second gt Description Syntax Roles Mode s The second email address where the TSDump should be sent This command does not take effect until after a write operation set admin tsdump mailto2 lt email address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin tsdump transport Description Syntax Roles Mode s 142 m set admin tsdump Commands Sends TSDump information via selected transport Any of the options SCP SMTP or TFTP can be set but only one at a time This command does not take effect until after a write operation set admin tsdump transport lt scp smtp tftp gt m Sends TSDump information via the pre configured SCP host m Sends TSDump information via pre configured email addresses m Sends TSDump information via the pre configured TFTP host Network Network Security Security Target Admin
145. IP fails to respond to three pings in a row it is removed from rotation until it responds to three consecutive pings weightedroundrobin Same as round roundrobin except that the weight assigned to each IP determines the number of times the IP is served for consecutive requests before the next IP is served This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt lba policy lt roundrobin weightedroundrobin random forward metric gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gslb resolver group Iba sticky Description Syntax 254 m setgslb resolver Commands Enables or disables the assignment of the same DX address to consecutive requests from the same local DNS if the requests occur within a specified number of seconds disabled by default This affects all load balancing policies except forward The minimum timeout is one second Disabling this policy may not be effective immediately due to the LDNS cache To specify the timeout refer to set gslb resolver group lba sticky timeout on page 255 If the GSLB sticky option is enabled you must set the set gslb resolver group dns answermode command to answermode single For more information see set gslb resolver group dns answermode on page 251 This command does not take effect until after a write o
146. LERT EMERG gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin remoteauth Commands Use the set admin remoteauth commands to configure remote authorization set admin remoteauth Idap base dn Description Syntax Roles Mode s Sets the Distinguished Name DN of the node in the LDAP Directory Information Tree under which the users have to be searched This command does not take effect until after a write operation set admin remoteauth ldap base dn lt base dn gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set admin remoteauth Idap bind password Description Syntax Roles Mode s Sets the password for the LDAP admin user This command does not take effect until after a write operation set admin remoteauth ldap bind password lt password gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set admin remoteauth Commands m 125 Command Line Reference Guide for DXOS set admin remoteauth Idap bind user dn Description Sets the Distinguished Name DN of the LDAP admin user This command does not take effect until after a write operation Syntax set admin remoteauth ldap bind userdn lt user dn gt Roles Network Network Security Sec
147. Log to be transmitted to the configured Syslog server The format of time is HH MM Up to three times can be configured for each day This command does not take effect until after a write operation set cluster lt name gt weblog batch copy time lt 1 2 3 gt lt time gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog batch failure retryinterval Description Sets the retry interval in seconds in case of copy failure The range is 30 to 200 seconds default is 60 seconds This command does not take effect until after a write operation Syntax set cluster lt name gt weblog batch failure retryinterval lt val gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog batch host Description Sets the host where the Web Log will be copied This command does not take effect until after a write operation Syntax set cluster lt name gt weblog batch host lt server gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog batch scp connecttest Description This command is used to test the connection copies a one byte test file This command does
148. Mode s Clears the log level for system logs sent to a syslog server clear admin log method system syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear admin remoteauth Idap Description Syntax Roles Mode s Clears the LDAP server settings This command does not take effect until after a write operation clear admin remoteauth ldap lt base dn bind password bind user dn server lt 1 2 gt ip uid gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration clear admin remoteauth radius server Description Syntax 34 m clear admin Commands Clears the key used for the RADIUS server s or the IP address for RADIUS server 1 or RADIUS server 2 This command does not take effect until after a write operation clear admin remoteauth radius server lt 1 2 gt ip lt key gt Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration clear admin remoteauth userrole Description Resets the default role for remote users default is user This command does not take effect until after a write operation Syntax clear admin remoteauth userrole Roles Network Network Security Security Target Admin Admin Op
149. Mode s This command is used to enable or disable Single Sign On SSO for the cluster enabling users to access applications in the same domain without repeatedly providing credentials An SSO domain must be specified before you can enable this function for a cluster By default SSO is disabled This command does not take effect until after a write operation set cluster lt name gt aaa authentication sso lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication 160 m set cluster aaa authentication Commands Chapter 3 Set Commands set cluster aaa authentication sso domain Description Syntax Roles Mode s This command is used to specify the Single Sign On SSO domain for the cluster An SSO domain must be specified before you can enable this function for a cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication sso lt domain name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X HTTP S Authentication set cluster apprule Commands set cluster apprule Description Syntax Roles Mode s Use the set cluster lt name gt apprule command to bind an OverDrive AppRule ruleset to a specific cluster and disable or enable ruleset operations on that cluster For the retry_request action
150. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen ssl ephkeyfile Description Syntax Roles Mode s Shows the ephemeral key file name show cluster lt name gt listen ssl ephkeyfile Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen ssl keyfile Description Syntax Shows the cluster listen SSL keyfile show cluster lt name gt listen ssl keyfile 374 m show cluster listen Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl protocol Description Shows the cluster listen SSL protocol Syntax show cluster lt name gt listen ssl protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl status Description Shows the cluster listen SSL status Syntax show cluster lt name gt listen ssl status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen targetsdown Description Shows the method used when all target hosts are down Notes m finclient
151. Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression optimization Description Shows if compression optimization is enabled Syntax show cluster lt name gt compression optimization Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression policy Description Shows if compression is enabled set to zero Syntax show cluster lt name gt compression policy Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression shockwave Description Shows if application x shockwave Flash will be compressed Syntax show cluster lt name gt compression shockwave show cluster compression Commands m 361 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster compression targetcompression encoding Description Syntax Roles Mode s Shows the Target Server Compression Encoding method show cluster lt name gt compression targetcompression encoding Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X
152. Note the following m Names are case sensitive up to 32 characters m The names all cache and NULL cannot be used as cluster names m Names can consist of letters and or numbers plus the following special characters no spaces A 0 1 lt gt _ m Names must be unique among clusters redirectors and forwarders but the same name can be used for a cluster redirector and forwarder m Ifa cluster redirector or forwarder is created without a name the lowest available integer is assigned as the name For example if you add three clusters without names the clusters 1 2 and 3 are created If you delete cluster 2 the other cluster names do not change If you add another cluster without a name the assigned name will be 2 Configuration exports from previous releases contain the number of the cluster in the add command and the remaining cluster configuration commands in the export depend on the implied numerical identifier Using the next available integer as the implied name for a cluster mimics the behavior in previous releases This way imports of configurations from previous releases continue to function As an additional assistance for identification and purpose of clusters redirectors and forwarders a description can be applied to individual clusters This description is limited to 512 characters and is expected to be free form text but may not include new
153. OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN YOU AS CUSTOMEROR IF YOU ARE NOT THE CUSTOMER AS A REPRESENTATIVE AGENT AUTHORIZED TO BIND THE CUSTOMER CONSENT TO BE BOUND BY THIS AGREEMENT IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN THEN A DO NOT DOWNLOAD INSTALL OR USE THESOFTWARE AND B YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS 1 The Parties The parties to this Agreement are Juniper Networks Inc and its subsidiaries collectively Juniper and the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license s for use of the Software Customer collectively the Parties 2 The Software In this Agreement Software means the program modules and features of the Juniper or Juniper supplied software and updates and releases of such software for which Customer has paid the applicable license or support fees to Juniper or an authorized Juniper reseller 3 License Grant Subject to payment of the applicable fees and the limitations and restrictions set forth herein Juniper grants to Customer anon exclusive and non transferable license without right to sublicense to use the Software in executable form only subject to the following use restrictions a Customer shall use the Software solely as embedded in and for execution on Juniper equipment originally purchased by Customer from Juniper or an authori
154. OS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog syslog host Description Sets the cluster log host address This command does not take effect until after a write operation Syntax set cluster lt name gt weblog syslog host lt ip address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog syslog port Description Sets the port where the Web Log will be sent The default port is 514 This command does not take effect until after a write operation Syntax set cluster lt name gt weblog syslog port lt port gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set dns Commands Use these commands to set the DNS domain name and DNS servers set dns domain Description Sets the name service domain This command does not take effect until after a write operation Syntax set dns domain lt dns name gt 212 m set dns Commands Roles Mode s set dns server Description Syntax Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the n
155. Operator X X Mode s Firewall load balancer clear fwlb group target host stats Description Clears all target host statistics associated with a firewall load balancing group This command does not take effect until after a write operation Syntax clear fwlb group lt name gt target host lt ip all gt stats 58 HE clear fwlb Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall load balancer clear fwlb group session Description Clears one or all sessions on a given firewall load balancer group This command does not take effect until after a write operation Syntax clear fwlb group lt name all gt session Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall load balancer clear fwlb group stats Description Clears one or all statistics for a specified firewall load balancing group This command does not take effect until after a write operation Syntax clear fwlb group lt name all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall load balancer clear fwlb group sticky Description Clears one or all associations between a particular firewall and the specified firewall load balancer group Traffic from a particular firewall may no
156. Operator X X set admin scp server Description Configures the SCP server IP address or hostname This command does not take effect until after a write operation Syntax set admin scp server lt hostname ip address gt 130 m set admin scp Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Mode s Global Configuration set admin scp username Description Configures the username to use for the SCP operation This command does not take effect until after a write operation Syntax set admin scp username lt scp username gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin snmp Commands Use the set admin snmp command to set the SNMP configuration Setting the SNMP service up or down takes effect immediately The SNMP agent supports only read operations no write operations set admin snmp community ip Description Sets the network to allow SNMP connections This command does not take effect until after a write operation Syntax set admin snmp community ip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin snmp Commands Mm 131 Command Line Reference Guide for DXOS set admin snmp community name Description Syntax
157. Operator Admin Operator User Operator X Mode s Global Configuration set admin remoteauth radius server key Description Sets the RADIUS server password This command does not take effect until after a write operation Syntax set admin remoteauth radius server key lt key gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration 128 m set admin remoteauth Commands Chapter 3 Set Commands set admin remoteauth radius server retries Description Syntax Roles Mode s Sets the maximum number of times the DX resends authentication requests when the RADIUS server does not respond default is 3 This command does not take effect until after a write operation set admin remoteauth radius server retries lt count gt Network Network Security Security Target Admin Admin Operator Admin Operator User X Operator Global Configuration set admin remoteauth radius server timeout Description Syntax Roles Mode s Sets the number of seconds the DX waits for a response from the RADIUS server default is 10 This command does not take effect until after a write operation set admin remoteauth radius server timeout lt seconds gt Network Network Security Security Admin Admin Operator Admin Operator User X Target Operator Global Configuration set admin remoteauth status Description Syntax Roles
158. Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch scp username Description Shows the remote SCP username Syntax show cluster lt name gt weblog batch scp username Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring 400 m show cluster weblog Commands show cluster weblog delimiter Description Syntax Roles Mode s Shows the delimiter used for the Web Log show cluster lt name gt weblog delimiter Chapter 4 Show Through Write Commands show cluster weblog destination Description Syntax Roles Mode s show cluster weblog format Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Performance Monitoring Shows the destination for the Web Log show cluster lt name gt weblog destination Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring Shows the currently selected format for the Web Log show cluster lt name gt weblog format Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster weblog status Description Syntax Shows if cluster logging is disabled or enabled show cluster lt name gt
159. Operator User Operator xX X HTTP S Authentication set cluster aaa authentication Idap bind user dn Description Syntax Roles Mode s Sets the bind user Distinguished Name DN This command does not take effect until after a write operation set cluster lt name gt aaa authentication bind user dn lt user dn gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap gid Description Syntax Sets the name of the attribute that holds the group information in the LDAP server database This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap gid lt string gt set cluster aaa authentication Commands m 151 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication idap server lt N gt ip Description Syntax Roles Mode s Sets the IP address of the LDAP server used for the cluster N can be either 1 or 2 This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap server lt N gt ip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X HTTP S Authentica
160. SCP The import users command takes effect immediately and does not require a write operation import users lt src gt Network Operator Network Admin Security Admin Security Operator User Target Admin Operator X Global Configuration import Commands m 101 Command Line Reference Guide for DXOS install Description Use the install command to download and install new firmware to a non active partition The instal procedure preserves the current version of the firmware and downloads the firmware to the non active partition The TFTP or SCP server and the filename to install from must be set as set admin tftp server lt tftp server gt or set admin scp server lt scp server gt set admin scp username lt scp user gt set admin upgrade filename lt pac file filename gt If your active partition is currently partition 1 the instal command will install the new firmware into partition 2 This lets you test the new firmware and revert to the original firmware stored in partition 1 if required The install operation will preserve the following information m SSH keys m User names and passwords for the administrative users m Generated certificates m Network settings including static routes m AppRule rulesets on appliances that have an OverDrive license The install operation also allows the option to preserve the following configuration settings On first boot to a new partition you can choose
161. Set Commands set gslb remotenode encryption Description Syntax Roles Mode s Enables or disables message encryption to match the remote node disabled by default This command does not take effect until after a write operation set gslb remotenode lt name gt encryption lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb remotenode encryption key Description Syntax Roles Mode s Enables or disables message encryption to match the GSLB agent setting on the remote node refer to set gslb agent encryption key on page 244 You are prompted to enter the key twice This command does not take effect until after a write operation set gslb remotenode lt name gt encryption key Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib remotenode metricinterval Description Syntax Roles Mode s Specifies the number of seconds between requests for metrics sent from the GSLB master to each remote GSLB agent This command does not take effect until after a write operation set gslb remotenode lt name gt metricinterval lt seconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb remoteno
162. Syntax Roles Mode s Removes an IP address from Connectivity Failover health check This command does not take effect until after a write operation clear health remotehost host Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Connectivity Failover and Scriptable Health Checking Clears the statistics for the named health script or all health scripts This command does not take effect until after a write operation clear health script lt script_name all gt stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Connectivity Failover and Scriptable Health Checking clear health Commands m 63 Command Line Reference Guide for DXOS clear log Commands clear log apprule Description Syntax Roles Mode s clear log audit Description Syntax Roles Mode s Use these commands to clear entries from the Audit Apprule Health and System logs Clears the Application Rule log This command does not take effect until after a write operation clear log apprule clear log health script Description Syntax Roles Mode s 64 m clear log Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Application Rules Clears the Audit Log This command does not take effect until after a write operation clea
163. Syntax show health script lt script_name all gt name Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover show health script lt script_name all gt stats Description Shows the statistics for the named script or all scripts Syntax show health script lt script_name all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover show health script lt script_name all gt status Description Shows the status of the named script or all scripts disabled or enabled Syntax show health script lt script_name all gt status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X show health Commands m 423 Command Line Reference Guide for DXOS Mode s Connectivity Failover show health script lt script_name all gt vip Description Syntax Roles Mode s show hostname Description Syntax Roles Mode s Shows the VIP address for the named script or all scripts show health script lt script_name all gt vip Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Connectivity Failover Shows the DX host name show hostname Network Network Security Security Target Admin Admin Operator Admin Operator U
164. TIVITY DELETE BCOPY VERSION CONTROL BIND TRACE BDELETE REPORT MKRESOURCE OPTIONS BMOVE CHECKOUT ORDERPATCH CONNECT BPROPFIND CHECKIN ACL PROPFIND BPROPPATCH UNCHECKOUT Other PROPPATCH NOTIFY MKWORKSPACE MKCOL POLL UPDATE Table 12 Request Errors Request Errors Illegal request line too long Illegal header line too long Illegal method Illegal PUT no length Illegal 0 9 method Illegal PUT length lt 0 Illegal POST no length Illegal PUT length 0 Illegal POST length lt 0 Disallowed HTTP Method Illegal POST length 0 Disallowed WebDAV Method Illegal Header Table 13 Request Version Versions HTTP 1 1 HTTP 1 0 Other show cluster stats Commands mM 379 Command Line Reference Guide for DXOS Table 14 Content Types Content Types GIF OCTET STREAM JPEG MS WORD HTML MS EXCEL CSS MS POWERPOINT XML Custom 1 PLAIN Custom 2 X COMPONENT Custom 3 JAVASCRIPT Other FLASH Syntax show cluster lt name all gt stats history Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history export Description Shows the name of file used for the exported statistics for a cluster Syntax show cluster lt name gt stats history export Roles Network Network Security Security Target Admin Admin Ope
165. TP protocol enabling this set cluster connbind m 171 Command Line Reference Guide for DXOS Description Syntax Roles Mode s option will cause the DX to convert the HTTP302 responses sent back to the client into HTTPS protocol This is useful when SSL acceleration is enabled on the listen side and the target side remains set to clear traffic When the target server sends an HTTP 302 response the DX will automatically convert the HTTP302 response back to the client using HTTPS protocols The convert302protocol does not remove the port number as part of the conversion For example a request to http ww myserver com 80 salesdesk will be converted to https www myserver com 80 salesdesk If you need the port number scrubbed write an AppRule Figure 1 shows a simple interaction diagram demonstrating how the convert302protocol feature operates A client is communicating with a DX over a secure SSL connection The DX is communicating with the origin server over a clear channel The convert302protocol feature dynamically rewrites the protocol field in the URL of outbound location headers such that it correctly indicates HTTPS instead of HTTP The commands to enable convert302protocol are add cluster lt cluster_name gt set cluster listen vip lt ip_address gt set cluster listen port lt tcp_port gt set cluster listen ssl enabled set cluster target host lt ip port gt set cluster target host enabled set cluster c
166. Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication 350 Hu show cluster aaa authentication Commands Chapter 4 Show Through Write Commands show cluster aaa authentication protocol Description Shows the authentication protocol Syntax show cluster lt name gt aaa authentication protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication radius server Description Shows all the RADIUS settings for the cluster including the authentication key the number of retries the IP address and port number of both servers 1 and 2 and the timeout value You can also view a specific setting Syntax show cluster lt name gt aaa authentication radius server 1 2 key retries timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication realm Description Shows realm name displayed in the login dialog box Syntax show cluster lt name gt aaa authentication realm Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication redirect Description Shows all the redirect settings used when a password change flag is
167. This command does not take effect until after a write operation Syntax set server forwardclientcert headername lt header gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set server failover The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to set failover Commands on page 215 set server maxconns Description Sets the maximum number of simultaneous connections that the DX can support This command does not take effect until after a write operation Syntax set server maxconns lt value gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 290 m set server forwardclientcert headername Chapter 3 Set Commands set server reversepath Commands Use the set server reversepath commands to configure the reversepath feature set server reversepath Description Disables or enables the reversepath feature default This command does not take effect until after a write operation Syntax set server reversepath lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set server reversepath maxroutes Description
168. User Operator X X X X X Mode s Health Checking show cluster health request string Description Shows the expected string of the health check response Syntax show cluster lt name gt health request string Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health request timeout Description Shows the Layer 7 timeout value the maximum time in seconds that the DX will wait for the last byte of the HTTP response measured from the time that the Get Request was sent Syntax show cluster lt name gt health request timeout show cluster health Commands mM 367 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health request urlpath Description Shows the URL path to use for health check Syntax show cluster lt name gt health request urlpath Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X X X Mode s Health Checking show cluster health request useragent Description Shows the user agent for health check requests Syntax show cluster lt name gt health request useragent Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Check
169. X Global Configuration show cluster compression targetcompression mode Description Syntax Roles Mode s Shows the Target Server Compression mode show cluster lt name gt compression targetcompression mode Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster compression lt text_ gt Description Syntax Roles Mode s Disables or enables compression for each type of text CSS HTML and plain text are enabled by default This command does not take effect until after a write operation show cluster lt name gt compression lt text_css text_html text_plain text_xcomponent text_xml gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration 362 m show cluster compression Commands Chapter 4 Show Through Write Commands show cluster connbind Description Shows whether connection binding for the cluster is enabled Syntax show cluster lt name gt connbind status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster convert302protocol Description Shows whether http302protocol conversion is enabled Syntax show cluster lt name gt convert302protocol Roles Network Network Security S
170. X Mode s Global Configuration set cluster target localip Description Sets the local IP to be used for communication with all the target hosts in this cluster This command does not take effect until after a write operation Syntax set cluster lt name gt target localip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster target name lt dns name gt Description Sets the cluster target name This command does not take effect until after a write operation Syntax set cluster lt name gt target name lt dns name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster target qos Description Sets the DSCP ToS values on traffic sent to host servers see set qos Commands on page 268 set cluster target Commands m 197 Command Line Reference Guide for DXOS set cluster target ssl Description Syntax Roles Mode s Use the set cluster lt name gt target ssl command to establish SSL properties of target servers Supported cipher suites are shown in Cipher Suites This command does not take effect until after a write operation set cluster lt name gt target ssl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configurati
171. X X Global Configuration Deletes one or all routes Use the show route command to view the current routes the destination IP address is shown in the first column This command does not take effect until after a write operation delete route lt destination_ip all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Deletes one or all Server Load Balancer SLB groups This command does not take effect until after a write operation delete slb group lt name all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Deletes a Source Network Address Translation SNAT group This command does not take effect until after a write operation delete snat group lt name gt Roles Mode s Chapter 2 Add Through Reset Config Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration delete ssh authorized_keys Description Syntax Roles Mode s delete sync group Description Syntax Roles Mode s Removes the user s public SSH key from the DX The user executing this command will have their public SSH key deleted delete ssh authorized_keys Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Conf
172. X X Mode s Global Configuration set cluster compression lt text_ gt Description Disables or enables compression for each type of text CSS HTML and plain text are enabled by default Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression lt text_css text_html text_plain text_xcomponent text_xml gt lt disabled enabled global gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster connbind Description Use the set cluster lt name gt connbind command to disable or enable connection binding This command does not take effect until after a write operation Syntax set cluster lt name gt connbind lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster convert302protocol Description Use the set cluster lt name gt convert302protocol command to enable or disable the conversion of HTTP302 responses from HTTP to HTTPS or from HTTPS to HTTP Enabling this option will cause the DX to convert the HTTP302 responses from the target server from HTTP to HTTPS or from HTTPS to HTTP For example if the HTTP302 responses from the target server are in the HT
173. a sticky on page 254 This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt dns answermode lt multiple single gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gslb resolver Commands m 251 Command Line Reference Guide for DXOS set gsib resolver group dns authdomainname Description Syntax Roles Mode s Sets the fully qualified domain name FQDN for the GSLB group s authoritative domain name This optional setting helps the local DNS identify authoritative name servers The server and domain name see the next command of the authoritative server are used in the Authority section of the DNS response and a record is added to the Additional section of the DNS response specifying the GSLB resolver s VIP and the IP address associated with authoritative server name This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt dns authdomainname lt FQDN gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group dns authservername Description Syntax Roles Mode s Sets the fully qualified hostname FQHN for GSLB group s authoritative server name This optional setting helps the local DNS identi
174. age Description Syntax Roles Mode s Specifies the maximum percentage of CPU usage allowed 0 to 100 before a GSLB node is considered to be unavailable default is 80 and the relative weight O to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the CPU usage exceeds the specified value the IP addresses associated with the node are taken out of rotation This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric cpuusage lt max lt N gt weight lt N gt gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb resolver group metric defaults Description Syntax Roles Mode s Resets all metrics to the default values This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric defaults Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group metric memusage Description Syntax Roles Mode s 258 pn setgslb resolver Commands Specifies the maximum percentage of memory usage allowed 0 to 100 before a GSLB node is considered to be unavailable default is 80 and the relative weight 0 to 100 of the metric
175. ailto Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 2 Add Through Reset Config Commands clear admin interface Description Clears the administrator Ethernet interface settings Clearing the admin interface also clears the admin VIP This command does not take effect until after a write operation Syntax clear admin interface Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin log lt mailto1 mailto2 gt Description Clears the first or second mail to address for log messages This command does not take effect until after a write operation Syntax clear admin log lt mailtol mailto2 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin log method apprules memory level Description Clears the log level for apprules logs sent to memory Syntax clear admin log method apprules memory level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin log method apprules syslog facility Description Clears the syslog facility for apprules logs Syntax clear admin log method apprules syslog facility clear admin Commands m 31 Command Line
176. al Configuration set forwarder listen ssl Description Syntax Disables or enables SSL for forwarder listen traffic This command does not take effect until after a write operation set forwarder lt name gt listen ssl lt disabled enabled gt set forwarder Commands m 227 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl autochain Description Syntax Roles Mode s Enables or disables SSL autochaining for forwarder listen connections When enabled this command also sets the root certificate settings This command does not take effect until after a write operation set forwarder lt name gt listen ssl autochain lt disabled enabled rootcert gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl ephkeyfile Description Syntax Roles Mode s Specifies the SSL ephemeral keyfile The ephemeral key is a debugging aid for export ciphers The ephemeral keyfile must be a 512 bit RSA key in OpenSSL PEM base 64 format and if encoded must match the password The 512 bit RSA key must reside in the file usr r1 etc forwarder ephpass pem This command does not take effect until after a write operation set forwarder lt name gt listen ssl ep
177. amaica Asia Brunei Etc GMT 1 Indian Antananarivo Africa Freetown merica Jujuy Asia Calcutta Etc GMT 10 Indian Chagos Africa Gaborone merica Juneau Asia Choibalsan Etc GMT 11 Indian Christmas Africa Harare merica La_Paz Asia Chongging Etc GMT 12 Indian Cocos Africa Johannesburg merica Lima Asia Colombo Etc GMT 2 Indian Comoro Africa Kampala merica Los_Angeles Asia Damascus Etc GMT 3 Indian Kerguelen Africa Khartoum merica Louisville Asia Dhaka Etc GMT 4 Indian Mahe Africa Kigali merica Maceio Asia Dili Etc GMT 5 Indian Maldives Africa Kinshasa merica Managua Asia Dubai Etc GMT 6 Indian Mauritius Africa Lagos merica Manaus Asia Dushanbe Etc GMT 7 Indian Mayotte Africa Libreville merica Martinique Asia Gaza Etc GMT 8 Indian Reunion Africa Lome merica Mazatlan Asia Harbin Etc GMT 9 Pacific Apia Africa Luanda merica Mendoza Asia Hong_Kong Etc GMT 0 Pacific Auckland Africa Lubumbashi merica Menominee Asia Hovd Etc GMT 1 Pacific Chatham Africa Lusaka merica Merida Asia Irkutsk Etc GMT 10 Pacific Easter Africa Malabo merica Mexico_City Asia Istanbul Etc GMT 11 Pacific Efate Africa Maputo merica Miquelon Asia Jakarta Etc GMT 12 Pacific Enderbury Africa Maseru merica Monterrey Asia Jayapura Etc GMT 13 Pacific Fakaofo 308 m set timezone Table 7 Time Zones continued Chapter 3 Set Commands Time Zones Africa Mbabane merica Montevideo Asia Jerusalem Etc GMT 14 Pacific Fi
178. ame service N 1 2 or 3 This command does not take effect until after a write operation set dns server lt N gt lt ip address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set ether Commands Description set ether ip Description Syntax Roles Mode s Use the set ether lt n gt commands to set the IP address media MTU and netmask where n is O or 1 The administrative interface can be all interfaces or those specified by the set admin interface command The setting for media must exactly match the switch to which the DX is attached If the switch is managed and has explicit settings choose the exact speed and setting If the switch is un managed choose auto negotiate The Maximum Transmission Unit MTU should be set to 1500 for Ethernet DO NOT change this value unless your switch and network are configured to work with a different MTU Sets the ether n IP address This command does not take effect until after a write operation set ether lt n gt ip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set ether Commands m 213 Command Line Reference Guide for DXOS set ether lt n gt media Description Syntax Roles Mode s set ether mtu Description Syntax Roles Mode s set ether netmask Descriptio
179. amed cache The minimum number is 1024 and the maximum is 32 768 The default value is 8 192 The value for max_objects can be abbreviated with a K suffix to indicate how many thousands e g 1K 1000 objects This command does not take effect until after a write operation set cache lt name gt max_objects lt integer gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X 3G Cache The minimum number is 1 048 576 1 Mbyte and the maximum is 104 857 600 100 Mbytes The default value is 10 485 760 10 Mbytes The actual size of the cache can be somewhat larger than this The value for max_objects can be abbreviated with an M suffix to indicate a megabyte e g 1 048 576 bytes 1 M This command does not take effect until after a write operation set cache lt name gt size lt integer gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X 3G Cache set cache Commands m 147 Command Line Reference Guide for DXOS set clock Description Syntax Roles Mode s Use the set clock command to set the date and time on the DX If an NTP server is being used enter set ntp down before using this command This command does not take effect until after a write operation set clock lt YYYY MM DD HH MM SS gt m YYYY Year MM Month m DD Day m HH Hour m MM Minute m SS Second
180. and does not take effect until after a write operation set cluster lt name gt cache lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X X 3G Cache set cluster cache Commands m 163 Command Line Reference Guide for DXOS set cluster cache lt disabled enabled gt Description Disables or enables caching for a cluster disabled by default This command does not take effect until after a write operation Syntax set cluster lt name gt cache lt name gt lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s 3G Cache set cluster compression Commands Use the set cluster lt name gt compression commands to override the global compression settings for a specific cluster To change the global compression settings refer to set server compression Commands on page 283 set cluster compression 2k_padding Description Disables or enables 2 KByte padding for compression to correct a problem with Internet Explorer IE 5 x clients when gzip compression is enabled as Accept encoding disabled by default This problem was fixed in IE 6 x Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression 2k_padding lt disabled enabled glo
181. ar client to a server default is 120 minutes This command does not take effect until after a write operation Syntax set slb sticky timeout lt minutes gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set snat Commands Use the set snat command to configure a Source Network Address Translation SNAT group or to add a member to a group 302 m set snat Commands Chapter 3 Set Commands set snat group member Description Adds a new member to a SNAT group The name is optional If a name is not provided a name starting from 1 will be allocated This command does not take effect until after a write operation Syntax set snat group lt name gt member name Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set snat group member ip Description Sets a SNAT group members IP address This command does not take effect until after a write operation Syntax set snat group lt name gt member ip lt ip address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Mode s Global Configuration set snat group member netmask Description Sets a SNAT group members IP netmask This command does not take effect until after a write operation Syntax set snat group lt name gt member ne
182. assive SLB is enabled for failover and is the backup switch show slb status Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb sticky timeout Description Displays the sticky idle timeout Syntax show slb sticky timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show snat Commands show snat Description Shows the maximum number of connections and maximum idle time for Source Network Address Translation SNAT You can also view just one setting Syntax show snat maxconn idletime Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show snat group Description Lists one or all SNAT groups Syntax show snat group name Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show snat Commands m 461 Command Line Reference Guide for DXOS show snat group member Description Syntax Roles Mode s Shows all the members in a group show snat group lt name gt member lt name all gt show snat group member ip Description Syntax Roles Mode s show snat
183. ateD software copyright 1988 Regents of the University of California All rights reserved Portions of the GateD software copyright 1991 D L S Associates This product includes software developed by Maker Communications Inc Copyright 1996 1997 Maker Communications Inc Juniper Networks the Juniper Networks logo NetScreen NetScreen Technologies the NetScreen logo NetScreen Global Pro ScreenOS and GigaScreen are registered trademarks of Juniper Networks Inc in the United States and other countries The following are trademarks of Juniper Networks Inc ERX ESP E series Instant Virtual Extranet Internet Processor J2300 J4300 J6300 J Protect J series J Web JUNOS JUNOScope JUNOScript JUNOSe M5 M7i M10 M10i M20 M40 M40e M160 M320 M series MMD NetScreen 5GT NetScreen 5XP NetScreen 5XT NetScreen 25 NetScreen 50 NetScreen 204 NetScreen 208 NetScreen 500 NetScreen 5200 NetScreen 5400 NetScreen IDP 10 NetScreen IDP 100 NetScreen IDP 500 NetScreen Remote Security Client NetScreen Remote VPN Client NetScreen SA 1000 Series NetScreen SA 3000 Series NetScreen SA 5000 Series NetScreen SA Central Manager NetScreen Secure Access NetScreen SM 3000 NetScreen Security Manager NMC RX SDX Stateful Signature T320 T640 T series and TX Matrix All other trademarks service marks registered trademarks or registered service marks are the property of their respective owners All specifications are subject to
184. ator X X Mode s Global Configuration 188 m set cluster listen Commands Chapter 3 Set Commands set cluster listen ssl keyfile Description Syntax Roles Mode s Specifies the SSL keyfile for cluster listen traffic This command does not take effect until after a write operation set cluster lt name gt listen ssl keyfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ss keypass Description Syntax Roles Mode s Specifies the SSL key pass phrase for cluster listen traffic This command does not take effect until after a write operation set cluster lt name gt listen ssl keypass Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl protocol Description Syntax Roles Mode s Specifies the SSL protocol type for cluster listen traffic m sslv2 SSL Version 2 only m sslv23 SSL Version 2 SSL Version 3 TLS Version 1 m sslv3 SSL Version 3 only m tlsvil TLS Version 1 only This command does not take effect until after a write operation set cluster lt name gt listen ssl protocol lt sslv2 sslv23 sslv3 tlsv1 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen
185. ator Admin Operator User Operator X X Global Configuration Assigns a VLAN tag to all the packets sent to or from an IP address This command does not take effect until after a write operation set vlan ip lt ip address gt lt tag gt Roles Mode s set vlan range Description Syntax Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Assigns a VLAN tag to all the packets sent to or from a range of IP addresses This command does not take effect until after a write operation set vlan range lt startip endip all gt lt tag gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration set vlan Commands m 313 Command Line Reference Guide for DXOS 314 m set van Commands Chapter 4 Show Through Write Commands This chapter describes all the DX show commands show activen Commands Description Use the show activen commands to show the ActiveN configuration These options require an ActiveN license before they can be used The statistics shown by the show activen stats command are cumulative for all running ActiveN groups The statistics displayed are shown in Table 8 Table 8 activen Statistics Statistic Description Total Statistics Bytes The total byte count received by all clients Packets
186. ator User Operator X X Global Configuration set admin upgrade Commands m 143 Command Line Reference Guide for DXOS set admin vip Description Syntax Roles Use the set admin vip command to set the admin IP address This command does not take effect until after a write operation set admin vip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X set admin webui Commands Description Use the set admin webui command to change settings for the Web User Interface WebUI This command takes effect immediately Enter a write command to retain the change after the next reboot set admin webui lt down up gt Description Syntax Roles Mode s Enables or disables the Web User Interface set admin webui lt down up gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set admin webui port Description Syntax 144 m zer admin vip Sets the TCP port for accessing the WebUI default port is 8090 It is possible to configure WebUI to listen on an IP 10 0 20 0 for example and use port 8090 At the same time a cluster of target hosts may be configured to use the same IP and port 10 0 20 0 8090 When a configuration change is made that requires a restart of the multiplexing engine a WebUI administrator page could be displayed To prevent this from oc
187. ault weight for the firewall is one This command does not take effect until after a write operation Syntax set fwlb group lt name gt target host lt ip gt maxconns lt N gt weight lt 0 10 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Firewall Load Balancer set fwlb group target host type Description This command is used to specify the type of firewall systems that are to be load balanced by the given firewall load balancer group Firewalls may be transparent or non transparent The type of firewalls must be set prior to specifying other settings for the firewalls This command does not take effect until after a write operation Syntax set fwlb group lt name gt target host type transparent nontransparent Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall Load Balancer set fwlb Commands m 241 Command Line Reference Guide for DXOS set gslb agent Commands Use the set gslb agent commands to configure the agent to collect performance statistics for Global Server Load Balancing GSLB GSLB provides load balancing across multiple data centers based on any combination of the following performance metrics collected from the participating DX devices nodes m Client connections m SLB sessions m Client throughput m Memory usage m CPU usage m Target host
188. auth Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl clientauth authtype Description Shows the type of authentication being used Syntax show cluster lt name gt listen ssl clientauth authtype Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl clientauth cacertfile Description Shows the setting for the CA cert file Syntax show cluster lt name gt listen ssl clientauth cacertfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl clientauth cacrlfile Description Shows the setting for the CA CRL file Syntax show cluster lt name gt listen ssl clientauth cacrlfile 372 m show cluster listen Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssi clientauth catrustfile Description Shows the setting for the CA trusted certificate file Syntax show cluster lt name gt listen ssl clientauth catrustfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mod
189. authentication aicinn ode ele 342 show authentication Cache lei gesend een Gene dl er ad 342 show authentication Cache stars 343 le 343 Show cache Commands eene Ae 343 inte e 343 SNOW Cache Stats EE 344 show cache Stats details 344 leet 344 SHOW GlOCK ees Fis ceca chs neat e Ee Steere ne Me neue A et 345 NA O n e a a a oee 345 Show cluster daa audit is sce nee d EE EE eoe 345 Table of Contents m XXIII Command Line Reference Guide for DXOS XXIV um Table of Contents show cluster aaa authentication Commande 346 show cluster aaa autbentication nano nnrncnnnnns 346 show cluster aaa authentication Cache 346 show cluster aaa authentication Cache Maxag eect eres 347 show cluster aaa authentication cache status 347 show cluster aaa authentication ldap ccc ceeeeeeteteeteeeeeeeeeeeeeeeees 347 show cluster aaa authentication ldap anonyMous e eee 347 show cluster aaa authentication Idap base dn ec eceeceeeeeeeeeeeeeeeeeeees 348 show cluster aaa authentication Idap Lindos 348 show cluster aaa authentication ldap gid 348 show cluster aaa authentication Idap server 349 show cluster aaa authentication ldap server De 349 show cluster aaa authentication ldap sel 349 show cluster aaa authentication Idap od 349 show cluster aaa authentication Idap verston 350 show cluster aaa authentication method 350 show cluster aaa authentication G ssword 350 show cluster aaa authentication Grotoco
190. availability Number of target host connections m Round Trip Time RTT to the local DNS server LDNS You can assign a relative weight to each metric you want to use If a site is unavailable GLSB automatically removes the site from consideration until it becomes available Note the following key terms Term Description GSLB master DX that acts as a DNS name server to reorder DNS responses based on the selected load balancing algorithm Collects performance metrics from other GSLB nodes May also be a GSLB node GSLB node Provides performance metrics to the GSLB master including the Round Trip Time RTT to the local DNS server GSLB agent Runs on every DX that collects GSLB performance metrics GSLB group DNS hostname that can resolve to several IP addresses The returned IP address depends on the selected load balancing algorithm GSLB resolver Answers DNS requests received by the GSLB master Can be configured to host DNS records or pass non loadbalanced requests to another DNS server in the network Local DNS LDNS A client s master DNS server or its immediate upstream proxy Target DNS DNS server where non loadbalanced requests are forwarded May be a standard DNS server in the network or an internal DNS server on the GSLB master Metric based load balancing Load balancing based on the current DX performance metrics including load network bandwidth and avai
191. b group target host lt ip port all gt stars 457 Show slb group target oos 457 show slb Nealthichechs see aie ta i eain ih a AaS 457 SHOW SIO SESSION E 458 show slb Session Umeout ttrt rrr rnnest tere EErt 458 RE NEE 458 SNOW lb Stats emorg eee cece eee aE A EA AA AATAS 459 show slb stats healthcheckK 00 0 cece ceeeeteeeeeeeeeeeeeenentennsreeeeeess 459 Show Slb StatS MEMOTY 00 ccc eeecee idre Taa a E an A ADEA aT A ENE 459 Show slb Stats sticky 459 SHOW SID Stat Dinar shade aoe tegen ables Accs sete had ee EA 460 SHOW SID Stats tlt Pesca geste eee tai 460 SHOW SID EE 460 Show sb Sticky MEU Ed A A AA Aaa 461 SHOW stat COMME 461 SNOW SHA EE 461 SHOW GESEIS EE aa aa E 461 SHOW GES Croup MED een 462 show SES Group member Ip Neger NEEN 462 show snat group member netmask cece eeceeeeeeeeeeeeeeeeetetttteeeeees 462 SHOW SNAL SLOUP EE 462 SHOW EE EE 463 show syne group Command S eeneg aren Madara E EA 463 SHOW SYNC GLOUP ET 463 SHOW SYNC SOUP description EE 463 SHOW SYNC SrOUP nn 464 shOW SYnNC BTOUP Override E 464 shOW SsyYnc Broup Meco de eelere 464 ShowW System de DUB ios ts lalo tii 464 NN A Oe eech Ee EA 465 See EIN do elses Pala dial at nevis Ae 465 SHOW Meza ET 465 SHOW EE 466 le 466 show USEF sshvauthorized RE EE 467 show user ssh authorized_Keys raw 467 SHOWAVELSIOMN EE 467 show vlam Commands cadrete 468 SOW MIAN EE 468 lee Re 468 SNOW vlan EE 468 SNOW E e e 469 leie EE 469
192. bal Configuration clear redirector listen ssl keyfile Description Clears the redirector listen SSL keyfiles This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector listen ssl keypass Description Clears the redirector listen SSL keypass pass phrase This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 68 m clear redirector Commands Chapter 2 Add Through Reset Config Commands clear redirector stats Description Clears the redirector statistics This command does not take effect until after a write operation Syntax clear redirector lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear server Commands Use the clear server commands to clear server compression statistics a custom IP log header or reverse path entries clear server compression Description Clears server compression options This command does not take effect until after a write operation Syntax clear ser
193. bal gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression browser global Description Resets the cluster s browser compression settings to the global defaults This command does not take effect until after a write operation Syntax set cluster lt name gt compression browser global 164 m set cluster compression Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression browser lt type gt Description Syntax Roles Mode s Sets the compression option for a specific browser default is recommended This command does not take effect until after a write operation set cluster lt name gt compression browser lt ie4 ie50 ie51 ie55 ie6 ie7 ieother konqueror ns4 ns6 opera other safari gt lt 0 3 gt 0 no 1 gzip 2 deflate 3 recommended Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression cmt Description Syntax Roles Mode s Sets the Custom MIME Type to 1 2 or 3 This command does not take effect until after a write operation set cluster lt name gt compression cmt lt 1 2 3 gt lt header gt Network Network S
194. bilisi Europe London SystemV CST6 America Chihuahua merica Tijuana Asia Tehran Europe Luxembourg SystemV CST6CDT America Cordoba merica Tortola Asia Thimphu Europe Madrid SystemV EST5 America Costa_Rica merica Vancouver Asia Tokyo Europe Malta SystemV EST5EDT A A A A A A A A A A A A A set timezone m 309 Command Line Reference Guide for DXOS Table 7 Time Zones continued Time Zones America Cuiaba America Whitehorse Asia Ulaanbaatar Europe Minsk SystemV HST10 America Curacao America Winnipeg Asia Urumgi Europe Monaco SystemV MST7 America Dawson America Yakutat Asia Vientiane Europe Moscow SystemV MST7MDT America Danmarkshavn America Yellowknife Asia Vladivostok Europe Nicosia SystemV PST8 America Dawson_Creek Antarctica Casey Asia Yakutsk Europe Oslo SystemV PST8PDT America Denver Antarctica Davis Asia Yekaterinburg Europe Paris SystemV YST9 America Detroit Antarctica DumontDUrville Asia Yerevan Europe Prague SystemV YST9YDT set user Commands set user Description Syntax Roles Mode s set user class Description Syntax Roles Mode s 310 m set user Commands Use the set user name commands to define a user s role enable or disable a user and set or change a user s password Disables or enables a user This command takes effect immediately Changes are automatically retained after the next reboot set user lt name all gt lt di
195. cacertfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication Idap uid Description Clears the User ID used for the cluster authentication This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication ldap uid Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication radius server Description Clears the IP address of the RADIUS server for the cluster N is either 1 or 2 This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication radius server lt N gt ip 40 m clear cluster aaa authentication Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication radius server key Description Clears the authentication key for the RADIUS server used by the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication radius key Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication cl
196. can specify DSCP ToS values for each cluster forwarder redirector and SLB group This feature is included in the SLB license of the product Chapter 3 Set Commands set gos mark outgoing Description Syntax Roles Mode s Sets the type of QoS marking for client listen or server target traffic for a specific cluster forwarder redirector or SLB group default is none This command does not take effect until after a write operation set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp tos none Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set qos mark outgoing dscp phb assured Description Syntax Roles Mode s Sets the Per Hop Behavior PHB Assured Forwarding class and drop precedence for client listen or server target traffic for a specific cluster forwarder redirector or SLB group These settings override the other PHB settings This command does not take effect until after a write operation set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp phb assured class lt class1 class2 class3 class4 gt set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp phb assured drop_precedence lt low medium high gt Network Netw
197. cccccccccccncnnnnononnnnnnnnnnnnninioinnnnnns 291 SEL Server reversepath timeo senina ebe ed 291 Set slb COMMAND 292 SEE leed E EE 292 lee 292 EE lb lte eeng eut eeh Ee e ee 292 set slb Group GEL IERT nterne tias 293 set slb group lt hardpaused softpaused unpaused ze 293 set slb group healthcheck Ipoterval eee eect ee teeeeteteeeeeees 293 set slb group healthcheck mavtrtes cece rete conan cnn nnncccnno 294 set slb group healthcheck Sitpa iieaeoe a eaea Noea aea 294 Set SID Sro p listen EE 294 Set SID group MIOS ES uc eina a A e r aa al 294 le ee uaa o ir 295 set Slb Soup Nab portira a e A e a E 295 Set Slb Sro p Mee 295 Table of Contents lee eet LEET 296 SEET EE Protocols getest ee deser geet tie veer 296 SEESID BroUp Ser cedros e AA e A 297 SEESID SrOUP SESSION CUMEOUE dare iii aa e a dees 297 lee Eeer aa EE 297 Set SID group Sticky TallOVer eieiei eessen uecht tee 298 set SID CrOUp SUCK lead semenn hoea a a aaa aa 298 set slb group sticky softpause override occincccoccccccccccccconocnnnn nano nnnnnccnnno 298 set slb group Sticky tiMeEoUt anie eee a aa a iaai ER hE SE 299 Set SID SrOUP target best erni eara e Nee ennaa saisan banas 299 set slb group target host lt hardpaused softpaused unpaused gt 299 set slb group target host MAXCONNS cee cece cece eet eettttteeeeeeees 300 set slb group target host priority eee cece erent no nano nn rnnccnnno 300 set slb group target host weight 301 Set SID group
198. cer show slb healthcheck Displays the group health check intervals when target hosts are down for TCP SYN and for when target hosts are up and the maximum number of retries before a target is assumed to be down You can also view a specific setting Syntax set slb group lt name gt healthcheck interval lt down syn up gt maxtries show slb Commands m 457 Command Line Reference Guide for DXOS Roles Mode s show slIb session Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Displays the current sessions show slb session Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show slb session timeout Description Syntax Roles Mode s show slb stats Description Syntax Roles Mode s 458 m show slb Commands Displays all the global purge timeouts for SLB sessions or just the specified timeout show slb session timeout ackwait active closewait Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X Server Load Balancer Displays the overall statistics for the DX and all of error healthcheck memory sticky FTP and TFTP stats displayed with the other show s1b stats commands Statistics are cumulative except for memory and current session
199. change without notice Command Line Reference for DXOS Release 5 3 Copyright 2007 Juniper Networks Inc All rights reserved Printed in USA Revision History 22 Jun 07 First Release The information in this document is current as of the date listed in the revision history Juniper Networks assumes no responsibility for any inaccuracies in this document Juniper Networks reserves the right to change modify transfer or otherwise revise this publication without notice Products made or sold by Juniper Networks including the ERX 310 ERX 705 ERX 710 ERX 1410 ERX 1440 M5 M7i M10 M10i M20 M40 M40e M160 M320 and T320 routers T640 routing node and the JUNOS and SDX 300 software or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks U S Patent Nos 5 473 599 5 905 725 5 909 440 6 192 051 6 333 650 6 359 479 6 406 312 6 429 706 6 459 579 6 493 347 6 538 518 6 538 899 6 552 918 6 567 902 6 578 186 and 6 590 785 YEAR 2000 NOTICE Juniper Networks hardware and software products are Year 2000 compliant The JUNOS software has no known time related limitations through the year2038 However the NTP application is known to have some difficulty in the year 2036 End User License Agreement READ THIS END USER LICENSE AGREEMENT AGREEMENT BEFORE DOWNLOADING INSTALLING OR USING THE SOFTWARE BY DOWNLOADING INSTALLING OR USING THE SOFTWARE
200. check response default is 10 This command does not take effect until after a write operation Syntax set health remotehost timeout lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health Commands m 265 Command Line Reference Guide for DXOS set health script Description Disables or enables a script for Scriptable Health Check This command does not take effect until after a write operation Syntax set health script lt script_name gt lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s Connectivity Failover and Scriptable Health Checking set health script interval Description Sets the script execution interval If a zero is set the script will only run once A value greater than zero specifies the run interval in seconds The maximum value that can be set is 86 400 seconds This command does not take effect until after a write operation Syntax set health script lt script_name gt interval lt value gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover and Scriptable Health Checking set health script testrun Description Performs a test run of the health script This command does not take effect
201. cky clientip entries Description Shows the clients currently associated with each target host Syntax show cluster lt name gt sticky clientip entries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster sticky cookie Description Shows all the cookie based sticky configuration settings or just the expire time mask or passheader Syntax show cluster lt name gt sticky cookie expire mask passheader Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster sticky failover status Description Shows the status of stateful failover for a the specified Cluster service including whether stateful failover is enabled or disabled the address of the primary standby DX and the start and end times for the most recent full and delta synchronization on this Cluster Syntax show cluster lt name gt sticky failover status show cluster sticky Commands mM 387 Command Line Reference Guide for DXOS Roles Mode s show cluster sticky method Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Unified Failover Shows the sticky method configuration show cluster lt name gt sticky method Network Network Security Se
202. clientcert Tomat 187 set cluster listen hit cher cae eer an tale tapes ere EE 188 set cluster listen ssl epbkevftle cee cece eeeeeeeeettttnrteeeeees 188 set cluster listen ssl epbkevpass eeeeeeeeeeeeenentttteeeeees 188 set cluster listen ssl bkevftle eeeeeeeeeeeetenttnttetieeeees 189 set cluster listen ssl KeypaSS oooooooonncnnnnnnncccconanonnnnnonoccconononnnnn cnn nn nn ncncnnns 189 set cluster listen ssl protocol eee cece eee ee cece cece cette eee eeeeeetttteeeeeeeseeeees 189 set Cluster listen targetdOwn wo cece ececeeteeeeeeeeeeeeeeeeennttntteeeeees 190 AA ES A seston ee Sa ee Caen ee Cate eR ON nee Le 190 set cluster MAME ENEE ee 190 SEUCIUSLER Wir AE act nah e E eh 191 set cluster Sacompat Commandes 191 GE La ul EECH 191 set cluster sacompat advanced url 192 set cluster sacompat advanced defaults rererere rrer 192 Set cluster stats MSI Vit AA EE 192 Set clUSter stickyY COMMANA Sci seadeus Gids 193 set cluster sticky clientip leader imita aay ii 193 set cluster sticky cllientip TIME ita id 193 set cluster sticky COOKIE ENTENTE EE 193 set cluster sticky cookie mask iponly eee cece cece eeeettttteeeeeeees 194 set cluster sticky Cookie Mask iPPOTt ee eee e cece cere etttttteeeeeees 194 set cluster sticky cookie passheade 0 2 02 cece eceeeee eee eeeettttttteeeeees 194 Set cluster sticky Talent eased izda 195 set cluster sticky Feulen dee Een 195 Set cluster target Commands eer ocios 196 set cluster target host
203. command does not take effect until after a write operation Syntax set admin tcpdump mailtol lt email address gt set admin tcpdump Commands m 139 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin tcpdump mailto2 lt second gt Description The second email address where the TCPDump should be sent This command does not take effect until after a write operation Syntax set admin tcpdump mailto2 lt email address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin telnet Description Use the set admin telnet command to turn Telnet access on or off This command takes effect immediately Enter a write command to retain the change after the next reboot Syntax set admin telnet lt down up gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration set admin tftp server Description Use the set admin tftp server command to set TFTP server information The TFTP server can be used for the following operations m Upgrading the firmware Importing and exporting configurations m Exporting the audit trail m Exporting the event log 140 m set admin telnet Syntax Roles Mode s Chapter 3
204. configured to use the same IP and port 10 0 20 0 8090 When a configuration change is made that requires a restart of the multiplexing engine a WebUI administrator page could be displayed To prevent this from occurring you should NOT use the administrator port as a cluster port The default listen port 8090 Syntax show admin webui port Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui sessionExpireTime Description Shows the timeout for WebUI administration sessions Syntax show admin webui sessionExpireTime Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 340 m show admin webui Commands show admin webui ssl Chapter 4 Show Through Write Commands Description Shows all SSL information for the WebUI administration server Syntax show admin webui ssl Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui ssl certfile Description Shows the SSL certificate filename for the WebUI Syntax show admin webui ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui ssl keyfile Descr
205. ct eee e eee ttttteeeeeeeeeeeees 283 set server compression browser defaulte 284 Set Server COMPFESSION cm 284 Set Server COMPFESSION cm 284 set server compression defaultS 0 eeetetetetttteeeeeeeeeeeees 285 set server compression flushthreshold oi nnccccccccccnrororornnnos 285 Set Server COMPTEssiON Torce coooocooooocococccococccnnnnnonononnnononnnn non oran inician 285 set server compression bmpi0 nn noncncnnnnnos 286 set server COMpression javascript piinaa e naet eee E AT S 286 set server Compression Jevel cece ee eee nttttnteneeeeeeeeeees 286 set server Compression MSOFfICE oo ccc ttrtttttttttteeeeeeeeeeeees 287 set server COMPFESSION OCtetStreaM 00 0 eee cc eeeeeeeece see teeeeeeeeeaneeeeees 287 set server Compression OPtIMIZATION 00 eee cece tenes eeeeeeeeaneeeeees 287 set Server COMPTESSION of 288 set server Compression POLICY ccc E TE 288 set server Compression Sharepoint oiccoccccccccccccncnnnnnnononnnnnnno nana rnrannnos 288 set Server compression SHOCKWAVE oooooccccccccccccccccnnnnnnnnnnnnnnnnn canon onacnnnos 289 Set server COMPLESSION eet Ari E 289 set Server c stomipl gheader eege Seid de lilas 289 set server forwardclientcert headername eee eee eeeececceeeeeee tees nnnnnnnnnns 290 Set Server falo eege e da od IN 290 Set Server MAXCONNS inicie ati Se tes 290 set server reversepath Commande 291 A A A ath tl idols sabe latnace alacc at taal e baka tet 291 set server reversepath MaxrQuteS ooooococccc
206. ctiveN settings set admin Commands on page 118 Set the CLI idle timeout default email settings the interface used for admin traffic and whether show commands are logged set admin log Commands on page 119 Set the logging parameters set admin remoteauth Commands on page 125 Set the remote authentication settings set admin scp Commands on page 130 Configure the SCP server and username used to import and export software upgrades TCP dumps and other information set admin snmp Commands on page 131 Configure support for SNMP set admin soap Commands on page 135 Configure the Simple Object Access Protocol SOAP server used to synchronize configurations set admin ssh on page 137 Enable or disable the SSH interface set admin stats history on page 137 Enable or disable collection of historical statistics for forwarders clusters and target hosts set admin syslog Commands on page 138 Configure support for one or two Syslog servers set admin tcpdump Commands on page 139 Specify where TCP dumps are sent email address SCP server or TFTP server set admin telnet on page 140 Enable or disable the Telnet interface set admin tftp server on page 140 Configure the TFTP server and username used to import and export software upgrades TCP dumps and other information set admin tsdump Commands on page 141 Specify where t
207. curity Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN delete Commands m 81 Command Line Reference Guide for DXOS delete activen group Description Syntax Roles Mode s delete cache Description Syntax Roles Mode s delete cluster Description Syntax Roles Mode s 82 m delete Commands Deletes an ActiveN group Using all deletes all groups This command requires an ActiveN license before it can be used This command does not take effect until after a write operation delete activen group lt name all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN Deletes the named cache You cannot delete a cache that is being used by a cluster This command does not take effect until after a write operation delete cache lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X 3G Cache Deletes a specific cluster or all clusters This command does not take effect until after a write operation delete cluster lt cluster name all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration delete config Chapter 2 Add Through Reset Config Commands Description Deletes a previously saved configuration This command does not take effect u
208. curity Security Target Admin Operator User Operator X Global Configuration set sync group timeout Description Syntax Roles Mode s set timezone Description Syntax Roles Mode s Set a synchronization group s per member timeout This command does not take effect until after a write operation set sync group lt name gt timeout lt time gt Network Network Admin Admin Operator Security Security Target Admin Operator User Operator X Global Configuration Use the set timezone command to set the server s time zone Time zone settings are shown in Table 7 This command does not take effect until after a write operation set timezone lt timezone gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set timezone m 307 Table 7 Time Zones Command Line Reference Guide for DXOS Time Zones Africa Adibjan merica Dominica Antarctica Mawson Atlantic Azores Europe Riga Africa Accra merica Edmonton Antarctica McMurdo Atlantic Faeroe Europe Rome Africa Addis_Ababa merica Eirunepe Antarctica Palmer Atlantic Jan_Mayen Europe Samara Africa Algiers merica El_Salvador Antarctica South_Pole Atlantic Madeira Europe San_Marino Africa Asmera merica Fortaleza Antarctica Syowa Atlantic Reykjavik Europe Sarajevo Africa Bamako merica Glace_Bay Antarctica Vostok
209. curity Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder health connect interval Description Number of seconds between Layer 4 connection checks 1 to 3600 Default is one second Note that Layer 4 connection checks can mark a target host as down but only the Layer 7 health checks can mark a target host as up Layer 4 connection checks cannot be disabled This command does not take effect until after a write operation Syntax set forwarder lt name gt health connect interval lt interval gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Health Checking set forwarder health connect timeout Description Maximum number of seconds 1 to 60 that the DX waits to establish a connection during a Layer 4 connection check Default is two seconds This command does not take effect until after a write operation Syntax set forwarder lt name gt health connect timeout lt 1 60 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Health Checking set forwarder health retry Description Number of consecutive failed health checks required 1 to 20 before the target server is marked as down The default is 2 This command does not take effect until after a write operation Syntax set forwarder lt name gt health retry lt 1 20 gt 2
210. curity Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster target Commands show cluster target Description Syntax Roles Mode s Use the set cluster lt name gt target commands to view the target host settings for a cluster Shows the cluster target configuration and local IP show cluster lt name gt target Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster target host lt ip port gt Description Syntax Shows the status maximum connections and weight for the specified target host You can also view just the status maximum connections or weight show cluster lt name gt target host lt ip port gt maxconnections status weight 388 m show cluster target Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster target host lt ip port all gt stats Description Use the show cluster lt name gt target host lt ip port all gt stats command to display the I O HTTP or SSL statistics for a specific target host or for all target hosts in a cluster Syntax show cluster lt name gt target host lt ip port all gt stats Roles Network Network Security Security Target Admin Admin Operator Ad
211. curity Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration Shows the configuration in memory show config Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Shows a summary of the overall health and performance of the DX including VIP and target server health status connections count and byte savings show dashboard Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show commands m 403 Command Line Reference Guide for DXOS show dns Commands Use the show dns commands to show the Domain Name Service DNS options show dns domain Description Shows the name service domain Syntax show dns domain Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show dns server Description Shows the IP addresses of all three name servers or a specific server Syntax show dns server 1 3 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show ether Description Shows all interface settings for one or all Ethernet interfaces or just one setting for a specific interface The following is a sample output for the ether 0 interface dx show et
212. curity Target Admin Admin Operator Admin Operator User Operator Xx X Mode s Firewall Load Balancer set fwlb group sticky Description This command is used to enable or disable the firewall load balancer to maintain session persistence When this feature is enabled the internal and external DX pair performing the firewall load balancing ensures that traffic coming through a particular firewall returns through that same firewall This feature is disabled by default and the timeout is set to 120 minutes This command does not take effect until after a write operation Syntax set fwlb group lt name gt sticky disabled enabled timeout lt time_in_min gt 240 m setfwlb Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall Load Balancer set fwlb group target host Description This command is used to identify the specific firewall systems that are to be load balanced by the given firewall load balancer group Firewalls may be transparent or non transparent Note that the type of firewall must match the address information provided by this command IP address The type of firewalls in this firewall load balancer group must be set prior to specifying other settings for the firewalls See set fwlb group target host type on page 241 The default for the maximum number of connections allowed on the firewall is zero The def
213. curring you should not use the administrator port as a Cluster port This command does not take effect until after a write operation set admin webui port lt port number gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin webui sessionExpireTime Description Sets the time out for the WebUI session If no activity occurs before this time the user must re authenticate This command does not take effect until after a write operation Syntax set admin webui sessionExpireTime lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin webui ssl certfile Description Specifies the SSL certfile for accessing the WebUI over SSL This command does not take effect until after a write operation Syntax set admin webui ssl certfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin webui ssl Description Disables or enables Web User Interface access via SSL This command does not take effect until after a write operation Syntax set admin webui ssl disabled enabled set admin webui Commands m 145 Command Line Reference Guide for DXOS Roles Netwo
214. d Failover Enables or disables failover for one or all links when a link fails enabled for all links by default When the master detects that a monitored link is down the master fails over to ensure that a second master is not activated when the standby peers detect that the master is unavailable When a failover starts a warning is shown if any links are down This command does not take effect until after a write operation set failover linkfail ether lt all N gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover set failover Commands m 217 Command Line Reference Guide for DXOS set failover listen port Description Syntax Roles Mode s set failover nodeid Description Syntax Roles Mode s set failover peer Description Syntax Roles Mode s 218 m set failover Commands Sets the port number used to listen for ADFP Active and Standby packets default is port 9500 This command does not take effect until after a write operation set failover listen port lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover Sets the node ID for the device Enter auto to generate an ID from the IP address default is auto Unless forcemaster is set on one of the peers the peer with the lowest node ID becomes the master
215. d SSL cipher suites for cluster target traffic This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl ciphersuite all Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration set cluster target ssl ciphersuite common Description Allows only the fastest cipher suites from both the strong and export groups This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl ciphersuite common Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster target Commands m 199 Command Line Reference Guide for DXOS set cluster target ssl ciphersuite export Description Allows only the lower security cipher suites that are suitable for export This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl ciphersuite export Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster target ssl ciphersuite file Description Allows a user defined list of SSL cipher suites to be used to configure an SSL target This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl ciphersuite file
216. d in a period it is not fully qualified the name server appends the domain name to it when responding to queries There can be multiple aliases for a host in a domain This command does not take effect until after a write operation set gslb localdns domain lt domain gt cname lt host gt lt alias gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib localdns domain contact Description Syntax Sets the contact email address for the domain The contact email is not used by the name server but is returned on request by DNS clients The clients can then contact the administrator using this email address The format is name domain with the replaced by a period the default is jnpr dx hostname This command does not take effect until after a write operation set gslb localdns domain lt domain gt contact lt email gt set gslb localdns Commands m 245 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gslib localdns domain mx Description Adds a mail exchange record that specifies the name of the mail server for a domain When the sub domain or mail server does not end in a period is not fully qualified the name server appends the domain name when responding to queries T
217. d takes place immediately no write command is needed set slo Commands m 299 Command Line Reference Guide for DXOS set slb group lt name gt target host lt ip port gt lt hardpaused softpaused unpaused gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X X Mode s Server Load Balancer Configuration set sib group target host maxconns Description Sets the maximum number of concurrent connections per target host when the maxconn load balancing policy is in effect Range is from 0 to 20000 Setting to zero indicates an unlimited number of concurrent connections are allowed This command does not take effect until after a write operation Syntax set slb group lt name all gt target host lt ip port all gt maxconns lt number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s Server Load Balancer Configuration set sib group target host priority Description If load balancing by priority is enabled refer to set slb group priority on page 296 and all the target hosts are available load balancing is applied only to the target hosts with the highest priority highest priority is 1 the default If some target hosts are unavailable lower priority hosts are used to meet the specified minimum number of target hosts set slb group minhosts on page 294 This command does no
218. d will be used For additional information see set admin email defaultmailto on page 118 These commands do not take effect until after a write operation set admin log Description Disables or enables the logging function This command does not take effect until after a write operation Syntax set admin log lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin log mailto1 Description First email address where the log should be sent This command does not take effect until after a write operation Syntax set admin log mailtol lt first email address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin log mailto2 Description Second email address where the log should be sent This command does not take effect until after a write operation Syntax set admin log mailto2 second email address gt 120 mn set admin log Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method apprules memory level Description Syntax Roles Mode s Sets the log level for apprule logs sent to memory Sends a log message to memory when an event greater than or eq
219. de Commands m 249 Command Line Reference Guide for DXOS set gslib remotenode name Description Syntax Roles Mode s Changes the name of the remote DX node This command does not take effect until after a write operation set gslb remotenode lt name gt name lt new_name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib remotenode port Description Syntax Roles Mode s Specifies the port number used by the GSLB agent on a remote DX node refer to set gslb agent listen port on page 244 This command does not take effect until after a write operation set gslb remotenode lt name gt port lt N gt Network Network Security Security Admin Admin Operator Admin Operator User X X Target Operator Global Server Load Balancer set gslib remotenode timeout Description Syntax Roles Mode s Specifies the number of seconds that the GSLB master waits for a response from the remote GSLB agent If the timeout is exceeded the node is assumed to be unavailable and its metrics score is set to zero This command does not take effect until after a write operation set gslb remotenode lt name gt timeout lt seconds gt Network Network Security Security Admin Admin Operator Admin Operator User X X Target Operator Global Server Load Balancer 250 pn set gslb remoten
220. default values for one or all ActiveN groups This command does not take effect until after a write operation Syntax clear activen group lt name all gt session timeout lt ackwait active closewait gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s ActiveN clear activeN Commands m 29 Command Line Reference Guide for DXOS clear activen group stats Description Syntax Roles Mode s clear activen stats Description Syntax Roles Mode s Clears the statistics for an ActiveN group This command does not take effect until after a write operation clear activen group lt name all gt stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN Clears overall ActiveN statistics This command does not take effect until after a write operation clear activen stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN clear admin Commands Use the clear admin commands to clear admin settings such as TFTP SCP Syslog E Mail interface TSDump TCPDump and logging clear admin email defaultmailto Description Syntax Roles Mode s 30 m clear admin Commands Clears the default email address for sending logs This command does not take effect until after a write operation clear admin email defaultm
221. dmin Operator Admin Operator User Operator X X Global Configuration set admin log method system memory level Description Syntax Roles Mode s Sets the log level for system logs sent to memory Sends a log message to memory when an event greater than or equal to the selected level occurs The default is ALERT This command does not take effect until after a write operation set admin log method system memory level lt ALERT EMERG gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method system syslog facility Description Syntax Roles Mode s 124 m set admin log Commands Sets the syslog facility for system logs set admin log method system syslog facility lt LOG_LOCALO LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4 LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_USER gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set admin log method system syslog level Description Syntax Roles Mode s Sets the log level for system logs sent to a syslog server Sends a log message to the configured Syslog host s when an event greater than or equal to the selected level Occurs This command does not take effect until after a write operation set admin log method system syslog level lt A
222. dmin Operator User Operator x x Mode s Global Configuration set forwarder target ssl ciphersuite common Description Allows only the fastest cipher suites from both the strong and export groups This command does not take effect until after a write operation Syntax set forwarder lt name gt target ssl ciphersuite common Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder Commands m 235 Command Line Reference Guide for DXOS set forwarder target ssl ciphersuite export Description Syntax Roles Mode s Allows only the lower security cipher suites that are suitable for export This command does not take effect until after a write operation set forwarder lt name gt target ssl ciphersuite export Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder target ssl ciphersuite file Description Syntax Roles Mode s Allows a user defined list of SSL cipher suites to be used to configure an SSL target This command does not take effect until after a write operation set forwarder lt name gt target ssl ciphersuite file Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder target ssl ciphersuite strong Description Syntax
223. dmin log method audit showcmd Roles show admin log method audit syslog facility Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration Description Shows the syslog facility for audit logs Syntax show admin log method audit syslog facility Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration 322 m show admin log Commands Chapter 4 Show Through Write Commands show admin log method audit syslog level Description Syntax Roles Mode s Shows the log level for audit logs sent to a syslog server show admin log method audit syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration show admin log method health memory level Description Syntax Roles Mode s Shows the log level for scriptable health logs sent to memory show admin log method health memory level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration show admin log method health syslog facility Description Syntax Roles Mode s Shows the syslog facility for scriptable health logs show admin log method health syslog facility Network Network Security Security Target Admin Admin Operator
224. does not take effect until after a write operation Syntax set cluster lt name gt sticky cookie expire set cluster sticky Commands m 193 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sticky cookie mask iponly Description Uses only the IP address to identify a target server This command does not take effect until after a write operation Syntax set cluster lt name gt sticky cookie mask iponly Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sticky cookie mask ipport Description Uses both the IP address and the port to identify a target server This command does not take effect until after a write operation Syntax set cluster lt name gt sticky cookie mask ipport Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sticky cookie passheader Description Instructs the DX to remove the sticky cookie from the request headers If enabled the default the cookie is passed through If disabled the cookie is stripped This command does not take effect until after a write operation Syntax set cluster lt name gt sticky cookie passheader lt disabled enabled gt 194 m se
225. domain com 8090 Turn SSL on or off for the administration web server WebUI The first time this must be performed in the Command Line Interface CLI and you will be prompted to generate a certificate Appendix B Cipher Suites The Cipher Suites that are supported are shown in Table 20 This information can also be found in the Setting up the DX for SSL Traffic chapter of the Installation and Administration Guide for DXOS Table 20 SSL Ciphersuites Cipher Suite Description Common SSL Ciphers The fastest cipher suites from both the Strong and Export groups m RC4 MD5 m RC4 SHA EXP RC4 MD5 EXP RC2 CBC MD5 EXP1024 RC4 MD5 EXP1024 RC2 CBC MD5 Strong SSL Ciphers The highest security cipher suites that are suitable for use in USA RC4 MD5 RC4 SHA AES256 SHA AES128 SHA IDEA CBC SHA IDEA CBC MD5 Export SSL Ciphers Lower security cipher suites that are suitable for export EXP RC4 MD5 EXP RC2 CBC MD5 EXP1024 RC4 MD5 EXP1024 RC2 CBC MD5 DES CBC MD5 DES CBC SHA a 477 Command Line Reference Guide for DXOS 478 m Table 20 SSL Ciphersuites Cipher Suite Description All SSL Ciphers Strong and Export RC4 MD5 RC4 SHA DES CBC MD5 DES CBC SHA DES CBC3 MD5 DES CBC3 SHA AES256 SHA AES128 SHA IDEA CBC SHA IDEA CBC MD5 EXP RC4 MD5 EXP RC2 CBC MD5 EXP1024 RC4 MD5 EXP1024 RC2 CBC MD5 Appendix C Service Failover Commands Table 21 lists the service specific fa
226. e Syntax show cluster lt name gt weblog batch failure retryinterval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch host Description Shows the host where the Web Log will be copied Syntax show cluster lt name gt weblog batch host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch scp Description Shows all of the configuration parameters associated with the remote SCP target directory Syntax show cluster lt name gt weblog batch scp show cluster weblog Commands m 399 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster weblog batch scp directory Description Shows the remote SCP target directory Syntax show cluster lt name gt weblog batch scp directory Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch scp keyfile Description Shows the non password protected private key Syntax show cluster lt name gt weblog batch scp keyfile Roles Network Network Security Security Target Admin Admin
227. e lt destination gt lt gateway gt netmask m destination The IP address of the destination network m gateway The IP address of the router you want to use m netmask An optional parameter It is used to set the netmask for the route that you want to use Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Adds a new Server Load Balancer SLB group with optional name VIP and port This command does not take effect until after a write operation add slb group lt name gt lt ip port gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Adds a new Source Network Address Translation SNAT group The name is optional If a name is not provided a name starting from 1 will be allocated This command does not take effect until after a write operation add snat group name Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Creates a synchronization group Starting with software release 4 1 15 the add sync group command is disabled on the DX 3670 Application Acceleration Platform Syntax Roles Mode s Chapter 2 Add Through Reset Config Commands This command does not take effect until after a write operation add sync group lt name gt Network Network Security Security Ta
228. e AGENtip eee nnnnnnnononconannn nano nnnnnccnnns 248 set gslb remotenode encryption oocccccccccccccononnnnnoncnnncnononononnnnnnn nn cnnccnnns 249 set gslb remotenode encryption key 249 set gslb remotenode metricinterval ooooonnnnnnococcnccccccicncnnnan nano norcnccnnno 249 set gsib remotenode TEE A asis 250 Set gslb remotenode port ia A AA tee 250 set gslb remotenode timeOUl ici is 250 set eslb resolver Commands o A AAN TS 251 set BSID TES VE gedet eS isis 251 set gslb resolver group dns anSwermMode ooooooccccccccccccccccnonn nono no nononcccnnns 251 set gslb resolver group dns authdomainname occcninciccconcnnnnnnnnncncccnnno 252 set gslb resolver group dns authservernaMe ooooocccccccccccicooonannnnnnnnncncccnnno 252 set gslb resolver group dns bostmame cc cece cece eee nano nan nnncccccn ns 252 Set oslb resolver group dns ttl etnies dias 253 set eslb resolver Broup failip 07 SEENEN NEEN EEN 253 set gslb resolver group Iba Doten 254 set gslb resolver group Iba sticky 254 set gslb resolver group lba sticky man 255 set gslb resolver group Iba sticky netmask ee ceeeeeeeeeeeees 255 set gslb resolver group Iba sticky tiMeOut cece eteeeeeeees 255 set gslb resolver group Member ip 256 set gslb resolver group member reMotenode eee ee tees 256 set gslb resolver group member weight 256 set gslb resolver group metric Dyterate 0 eect eeeeeeetttteeeeees 257 set gslb resolver group Metric CONNECTIONS cece eetttttteeeeeees 257
229. e a target is assumed to be down You can also view a specific setting Syntax show slb group lt name gt healthcheck interval lt down syn up gt maxtries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group healthcheck smtp Description Shows whether SMTP health checking for a group is enabled Syntax show slb group lt name gt healthcheck smtp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show slb group listen qos Description Shows the ToS DSCP settings for client traffic from the SLB group Syntax show slb group lt name gt listen qos Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show slib group minhosts Description Displays the minimum number of target hosts used for load balancing by priority Syntax show slb group lt name gt minhosts 452 m show slb Commands Roles Mode s show sIb group nat Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Displays whether full or half Network Address Translation NAT is enabled show slb group
230. e audit log By default the show commands are excluded disabled The settings made by this command will only take effect after a write operation The show commands will only be logged once a write operation has been performed set admin log method audit showcmd lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method audit syslog facility Description Syntax Roles Mode s Sets the syslog facility for audit logs set admin log method audit syslog facility lt LOG_LOCALO LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4 LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_USER gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method audit syslog level Description Syntax 122 m set admin log Commands Sets the log level for audit logs sent to a syslog server Sends a log message to the syslog server when an event greater than or equal to the selected level occurs set admin log method audit syslog level ALERT EMERG Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Mode s Global Configuration set admin log method health memory level Description Sets the log level for scriptable health logs sent to memory Syntax
231. e commands to clear a CA certificate file CA CRL file a CA trusted certificate an ephemeral key filename or ephemeral key password clear cluster listen ssl certfile Description Clears the listen side SSL certificate file for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl cipherfile Description Clears the listen side SSL cipher file for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl cipherfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl clientauth cacertfile Description Clears the value of the CA certificate file making this field empty This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl clientauth cacertfile 46 m clear cluster listen ssl Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl clientauth cacrlfile Description Clears the value of the CA CRL
232. e default is X509 certificate in DER format base 64 encoded DERBase64 This command does not take effect until after a write operation set cluster lt name gt listen ssl clientauth forwardclientcert format DERBase64 PEM Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Global Configuration set cluster listen Commands m 187 Command Line Reference Guide for DXOS set cluster listen ssl Description Disables or enables SSL for cluster listen traffic This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl ephkeyfile Description Specifies the SSL ephemeral keyfile This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ephkeyfile lt ephkeyfile gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ss ephkeypass Description Specifies the ephemeral key pass phrase This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ephkeypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Oper
233. e node ID and the current mode master standby discovery or idle show failover status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover Shows the VMAC status enabled disabled and VMAC ID for one or all interfaces N is the number of the interface such as O or 1 show failover vmac ether lt N gt id ether lt N gt status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover Shows the contents of a file Same as the display file command show file lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show fie m 409 Command Line Reference Guide for DXOS show flash Description Shows the total used and available Flash disk storage for the active partition Syntax show flash Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show floatingvip Description Shows all of the floating VIP addresses Syntax show floatingvip Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show forwarder Commands Use the show forwarder commands to show the forwarder configuration A forwarder
234. e s Global Configuration set redirector listen ssl autochain Description Enables or disables SSL autochaining for redirector listen connections When enabled this command also sets the root certificate settings This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl autochain lt disabled enabled rootcert gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl ephkeyfile Description Specifies the SSL ephemeral keyfile for redirector listen traffic The ephemeral key is a debugging aid for export ciphers The ephemeral keyfile must be a 512 bit RSA key in OpenSSL PEM base 64 format and if encoded must match the password This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl ephkeyfile lt ephkeyfile gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl ephkeypass Description Specifies the ephemeral key pass phrase for redirector listen traffic This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl ephkeypass 278 m set redirector Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Adm
235. e s Global Configuration show cluster listen ssi clientauth forwardclientcert Description Shows all of the settings for the client authentication forwardclientcert feature Syntax show cluster lt name gt listen ssl clientauth forwardclientcert Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen ssl clientauth forwardclientcert format Description Shows all of the settings for the client authentication forwardclientcert format Syntax show cluster lt name gt listen ssl clientauth forwardclientcert format Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen Commands Mm 373 Command Line Reference Guide for DXOS show cluster listen ssi clientauth forwardclientcert status Description Syntax Roles Mode s Shows all of the settings for the client authentication forwardclientcert headername show cluster lt name gt listen ssl clientauth forwardclientcert status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen ssi clientauth status Description Syntax Roles Mode s Shows the listen SSL clientauth status show cluster lt name gt listen ssl clientauth forwardclientcert status
236. e s Performance Monitoring show cluster target host lt ip port all gt stats http Description Displays the HTTP statistics for a target host or for all target hosts in a cluster Syntax show cluster lt name gt target host lt ip port all gt stats http Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats io Description Displays the I O statistics for a target host or for all target hosts in a cluster Syntax show cluster lt name gt target host lt ip port all gt stats io Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats ssl Description Displays the SSL statistics for a target host or for all target hosts in a cluster Syntax show cluster lt name gt target host lt ip port all gt stats ssl 392 m show cluster target Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Performance Monitoring show cluster target localip Description Shows the local IP setting for the cluster Syntax show cluster lt name gt target localip Roles Network Network Security Security Target Admin
237. each route in the routing table Syntax show route 434 m show route Roles Mode s show server Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows the server configuration show server Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration show server compression Commands Use the show server compression commands to view the server compression settings show server compression Description Syntax Roles Mode s show server compression 2k_padding Description Syntax Shows the server compression settings show server compression Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows whether 2k padding is enabled for compression show server compression 2k_padding show server Mm 435 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression browser Description Shows the compression setting for all web browsers or a specific browser type Syntax show server compression browser ie4 ie5 ie51 ie55 ie6 ie7 ieoth
238. eader Roles Mode s Chapter 2 Add Through Reset Config Commands clear cluster description Description Syntax Roles Mode s clear cluster forwardclientcert headername Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears a description associated with a cluster This command does not take effect until after a write operation clear cluster lt name gt description Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Resets the client SSL certificate for a cluster to the global setting This command does not take effect until after a write operation clear cluster lt name gt forwardclientcert headername Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear cluster health request Description Clears the string or size requirement for a successful health check This command does not take effect until after a write operation Syntax clear cluster lt name gt health request lt size string gt clear cluster description m 45 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Health Checking clear cluster listen ssl Commands Use thes
239. ear activeN Commands Use the clear activen commands to clear ActiveN server settings This includes resetting the member IP Address or statistics for a group and removing a complete ActiveN group This command can also be used to disassociate a blade from a group or to clear the statistics for a blade These commands require an ActiveN license before they can be used clear activen blade stats Description Clears the statistics for a blade This command does not take effect until after a write operation clear activeN Commands m 27 Command Line Reference Guide for DXOS Syntax clear activen blade lt ip gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s ActiveN clear activen failover bindaddr Description The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to set failover Commands on page 215 clear activen group advanced burst_max Description Clears the maximum number of timed out sessions that are purged in one timer interval for one or all ActiveN groups which causes all timed out sessions to be purged in each timer cycle This command does not take effect until after a write operation Syntax clear activen group lt name all gt advanced burst_max Roles Network Network Security Security Target Admin
240. ear cluster aaa authentication realm Description This command is used to reset the realm name that is displayed in the login pop up dialog box This command does not take effect until after a write operation Syntax clear cluster aaa authentication realm Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication redirect host Description Resets the redirect host to its default value This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication redirect host clear cluster aaa authentication Commands m 41 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication redirect protocol Description Resets the redirect protocol to its default value This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication redirect protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication redirect url Description Resets the redirect URL to its default value This command does not take effect until after a write operation Syntax clear cluste
241. echecking feature is enabled or disabled Syntax show gslb resolver lt name gt group lt name gt servicecheck status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Server Load Balancer show gslib resolver group servicecheck tcp port Description Shows the ports included in the TCP service check Syntax show gslb resolver lt name gt group lt name gt servicecheck tcp port 420 m show gslib Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Server Load Balancer show gslb resolver stats Description Shows the statistics for a resolver on the GSLB master The statistics include the requests replies and errors for TCP UDP and both combined as well as the number of each type of DNS request To view a line of statistics every N seconds specify the number of seconds Table 15 GSLB Resolver Statistics Shown for TCP UDP and Totals Statistic Description Requests Number of requests received from a local DNS Replies Replies from the resolver to the local DNS and target DNS Forwards Requests forwarded to the target DNS server Replies from DNS server Replies from the target DNS server Errors DNS error messages generated by the resolver Table 16 DNS Request Types
242. echnical service dumps are sent email address SCP server or TFTP server CLI Command Summary m 9 Command Line Reference Guide for DXOS Command Description set admin upgrade Commands on page 143 Specify the file name and SCP or TFTP server for the DX pac file used to upgrade the DX software set admin vip on page 144 Set the virtual IP address used to administer the DX set admin webui Commands on page 144 Configure the Web user interface set boot on page 146 Set the partition used for the next reboot set cache Commands on page 147 Configure a 3G cache set clock on page 148 Set the date and time manually on the DX set cluster aaa audit Commands on page 148 Configure HTTP S authentication auditing set cluster aaa authentication Commands on page 149 Configure HTTP S authentication and authorization parameters for a cluster set cluster apprule Commands on page 161 Specify an OverDrive AppRule ruleset for a cluster and enable or disable ruleset operations set cluster balance Commands on page 162 Specify the load balancing policy for a cluster set cluster cache Commands on page 163 Specify a cache for a cluster and enable or disable caching set cluster compression Commands on page 164 Configure compression between the DX and target web servers set cluster
243. ect ssesseseerrrrrrrrieeerrererer 113 SEET le Tieren sene Sne Eege A tel tenet hac 113 set activen group blade lt hardpaused softpaused unpaused gt 113 set activen group lt hardpaused softpaused unpaused gt ooo 114 set activen group healthcheck Internal 114 set activen group healthcheck MaxtrilS oooonininocncccccccccccinonann cnn cnn cncccn ns 114 set activen group SESSION Umeout eee terete eeeeeeeeeeees 115 SELACTIVETNGTOUP STEEN cacareado dada reinas 115 set activen group Sticky Tailover conan o nn cnnccnnn 116 set activen healthcheck mterval nan nnncncccnnno 116 set activen healthcheck maxtries nn nn nrnncccccnnns 116 SEL ACHVEN e EE 117 set activen SESSION Umeout nren annaas iaei neiaa 117 set activen Sticky CiMEOUE eee cece nono nnnnncncnononnnn anno nnnncnnccn ns 117 SEC admi Renn 118 set admin cli SeSSIONEXPirETIME ee eter tttetttteeeeeeeeeees 118 set admin email defaultmailto 0 eect eeeeeeeeettttneeeeeees 118 setadmin email ITON Ee A EE 118 setadmin email SEENEN e Een 119 el le Bing Lee 119 set admin log COMINO EH 119 SEELEN EE EE 120 settadmin log mailto enee ee ege 120 setadmin Tog lO EE 120 set admin log method apprules memory eye 121 set admin log method apprule syslog Tac 121 set admin log method apprule syslog level 121 set admin log method audit sbowcmd cece cert etttttteteeeees 122 set admin log method audit syslog Tac 122 set admin log method audit syslog level
244. ect until after a write operation set server compression text Ces text_html text_plain text_xcomponent text_xml gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set server customiplogheader Description Syntax Use the set server customiplogheader command to set the custom HTTP header that will be added along with the client s original IP at the client s request The header can either be a literal or a custom field in which the DX will insert the origin client s IP address For additional information see the Logging chapter of the Installation and Administration Guide for DXOS Setting cusomiplogheader to X Forwarded For allows you to override the REMOTE_ADDR HTTP variable that BEA Weblogic uses to look up client IP addresses To do so set X Forwarded For to the client s IP address then set the customiplogheader to X Forwarded For This command does not take effect until after a write operation set server customplogheader lt header gt set server customiplogheader m 289 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set server forwardclientcert headername Description Sets the custom HTTP header used for SSL client certificate forwarding
245. ector listen ssl Description Shows the redirector listen SSL configuration Supported cipher suites are shown in Cipher Suites on page 477 Syntax show redirector lt name gt listen ssl show redirector Commands m 429 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl certfile Description Shows the redirector listen SSL certfile Syntax show redirector lt name gt listen ssl certfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl cipherfile Description Shows the cluster listen SSL cipherlist file name Syntax show redirector lt name gt listen ssl cipherfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl cipherlist Description Shows the cluster listen SSL cipherlist actual list of cipher suites that are being used Showing the cipherlist will print out a detailed line for each cipher suite showing the name version key exchange authentication encryption and hash methods Syntax show redirector lt name gt listen ssl cipherlist Roles Network Network Security Security Target Admin Admin Operator Adm
246. ecurity Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression cmt disabled enabled global Description Syntax Disables or enables Custom MIME Type compression disabled by default Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation set cluster lt name gt compression cmt lt disabled enabled global gt set cluster compression Commands m 165 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression flushthreshold Description Flush compression buffers for the first N bytes of response This command does not take effect until after a write operation Syntax set cluster lt name gt compression flushthreshold lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression force Description Forces the use of one or all compression algorithms default is all Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression force lt 0 1 2 global gt 0 all 1 gzip 2
247. ecurity Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Unified Failover show failover Commands m 405 Command Line Reference Guide for DXOS set failover discovery Description Shows the interface and port used to discover the other peers enabled for Unified Failover or just the interface or port Syntax show failover discovery interface port Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Unified Failover show failover forcemaster Description Shows whether the forcemaster setting is enabled Syntax show failover forcemaster Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Unified Failover show failover linkfail Description Shows whether failover is triggered by a link failure on one or all interfaces Syntax show failover linkfail ether lt N gt status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Unified Failover show failover listen Description Shows the port used to listen for Active and Standby packets Syntax show failover listen port 406 m show failover Commands Roles Mode s Chapter 4 Show Through Write Commands show failover nodeid Description Syntax Roles Mode s show failover peer Description Syntax Rol
248. ecurity Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster customiplogheader Description Shows the logging HTTP header Syntax show cluster lt name gt customiplogheader Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster description Description Shows the description information for the cluster Syntax show cluster lt name gt description lt description gt show cluster connbind m 363 Command Line Reference Guide for DXOS Roles Mode s show cluster dsr Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows the cluster Direct Server Return DSR status show cluster lt name gt dsr Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster health Commands show cluster health Description Syntax Roles Mode s 364 m show cluster dsr Use the show cluster lt name gt health commands to view the content health check settings for target servers Shows all health check settings show cluster lt name gt health Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Health Checki
249. ed This command does not take effect until after a write operation add activen blade lt real ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN Adds a new ActiveN group with optional name and VIP and port For additional information see the ActiveN chapter of the Installation and Administration Guide for DXOS This command requires an ActiveN license before it can be used This command does not take effect until after a write operation add activen group name lt ip port gt add Commands mM 15 Command Line Reference Guide for DXOS Roles Mode s add cache Description Syntax Roles Mode s Examples add cluster Description Syntax Roles Mode s 16 m add Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN Adds a named cache The name can be up to 32 characters long and can be any valid character string and may be integer only Reserved DXSHELL keywords such as all none and are considered invalid This command does not take effect until after a write operation add cache lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X 3G Cache add cache secureImages 01_01 Adds a 3G Cache named securelmages 01_01 dx add cache secureImages 01_01 Cache secureImages
250. ed enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration 284 m set server compression Commands set server compression defaults Chapter 3 Set Commands Description Resets the compression options to their default values This command does not take effect until after a write operation Syntax set server compression defaults Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression flushthreshold Description Flush compression buffers for the first N bytes of response This command does not take effect until after a write operation Syntax set server compression flushthreshold lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression force Description Forces the use of one or all compression algorithms default is all This command does not take effect until after a write operation Syntax set server compression force lt 0 1 2 gt 0 all 1 gzip 2 deflate Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression Commands m 285 Command Line Reference Guide for DXOS set server compression h
251. ed you will be prompted to enter one The username must be between four and sixteen characters long Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Shows the ARP table arp Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X X X Global Configuration capture Commands 24 m arp Use the capture command to capture data entered on the screen into a file on the DX This command is used to capture login banners SSL keys or certificates or license information from the terminal into the DX This operation is used for capturing login banners SSL keys SSL Certificates and the license key for the DX into a file To capture the file you paste the contents of the file into the console and then end the file with a period on a blank line The login banner allows for some print style substitutions as follows h hostname d date s system Juniper Networks v product version b product build id show the percent character When the banner display encounters one of these substitution strings it extracts the information from the appropriate place in the operating system and displays it This information cannot be changed by the user capture file Description Syntax Roles Mode s Example Chapter 2 Add Through Reset Config Commands Note that you can put HTML in yo
252. ee ee eR ee dee E 98 fiagi STOLA ASII i eA ia cate act eadtd casters Sr oath ae satel ieee mei 99 import health Gert ue eA on ai ah a ee 99 import Nealth Seript EE 99 IMport lia wy Gna A er he 100 IMPOLt TUNES tic a deed 100 import Sna psht SYSTE sta a Deedee dae anaes 100 import Sshi authOriZed RE 101 import user ssh aucbortzed bes 101 TIMP ORL USET S a reegen Gage AE 101 O le tee Ee EE Teen 102 lst COMMAND ENEE 103 SECO use 103 UE 103 list tepd ump tee eher degt elen 104 NEtStat COMMANAS Aviaries ees ited A eld dl naa 104 le EE 104 netstat EE 104 Nesta EE 105 netstat Torreon n E A E E E a E E EE ES 105 EUR 105 UE 106 LEDOOU reese Reeder Ee ee E O AEe 106 O NA 106 DEET eech ere eee 107 Chapter 3 Set Commands 109 Set activen Commands visi soto 109 Set acto tes mand Heda tds 109 set activen advanced D rst Ice ninia ENEE Seed leds 109 set activ nsadvanced pol Vta das 110 set activen advanced FER eene leese EE dees elen 110 set activen advanced synflood_protect cece eee cece eee eeeettteeeeeees 110 set activen blade lt hardpaused softpaused unpaused ze 111 settactiven CleaniInG interval anta sthetesch det ege 111 GEET Eleonora tl elen rh ass 111 X wn Table of Contents Table of Contents set activen group advanced burst max 112 set activen group advanced Policy ra erei ia i S aE a E ER 112 set activen group advanced TESEU tiup iti ih i a EAE 112 set activen group advanced synflood_prot
253. eeeereenennenteees 265 E LE EE 266 set health script interval oo eee cece cece cece eect eee eeeeteteeteeeeeeeeeeeeeeeees 266 set health Script teStrun sisseseade keee cnn nono nn eee spate rini kesigi 266 SEAS Edel WEE 267 SEENOSEMAMIC EEN 267 SEE NEP COMUMANGS ue e laa 267 SEL EE 267 SEL TIED SEVE 7 5 andes E ET Ea 268 SEL PASSWOLG ee dE EEN 268 SECOS Commands il ege 268 SEE ve QOS Ee yest eee Poss EEE aint Deng es E eae bss 269 set gos mark outgoing dscp phb assured oo eee eeeeees 269 set gos mark outgoing dscp phb class 269 set gos mark outgoing dscp phb class 270 Set QOS Mark Outgoing ASCP TIW aaen 270 set qos mark outgoing tos ip precedence oe eeeeeeeeeeees 270 EE OS MATK OULZOING toa a ete 271 SEL redirector Commands eneco teeter A as 271 set redirector CUSTOMUTL a A ad 271 Set redirector descriptio sieren eiiiai a EEN 272 Set FECHTEN eege dad ad 272 Set ECHTEN en el LIO UN a N 272 Set redirector Stee ido 273 Set redirector listen port ekserisi Ee itt oS ate NS 273 Set redirector listen gOS x ieir ei e eel oido aS 273 Set redirector listen ellene ere a Ls 273 setredirector listen Sskeipherfile eerie socia nasa e e SS 274 set redirector listen ssl ciphersuite all 274 set redirector listen ssl ciphersuite Common cc ceeeeeseeeeeeeeeeeeeeeees 274 set redirector listen ssl ciphersuite eeport eee eeeeeeeeeeeeeeeeeeeeeees 275 set redirector listen ssl ciphersuite file 275 set redirector listen ssl c
254. eeees 431 show redirector listen ssl chientauth 431 show redirector listen ssl ephkeyfile 2 00 0 cece eeeteteeeeeeees 431 show redirector listen ssl keyfile 0 0 0 cece cece eee a a 431 show redirector listen ssl protocol 00 00 0000 cceeeeeeeeeeetteetttttteeeeeeeeeeeees 432 show redirector listen ssl status 432 Show redirector listen Vip cani tete eine ed 432 show redirector EE 432 Silent 433 ShOW TEAITECION ET 433 show redirect r Stats10 E 433 show redirector Stats EE 434 show TeGirectOr ERT 434 show redirector urlrmethod eii ote dido ete ds 434 SNOW TOO dl ect e etal la ah eee tdo aa dl e sad 434 SNOW SCIVER EE 435 show server compression Commande 435 show Server COMPTESSION EE 435 show server compression 2k padding 435 show Server compression DIOWSET doociccccccccccccccccccnonnnnnnnnnnnnnnnnnnn conca 436 SNOW Server COMPTESSION mt 436 show server compression CME status 436 show server compression flushthreshold 2 cc ceeeeeeeeeeeeeeeeeeeeeeeeees 437 show Server COMPpressiOn Torce occ cece cece cece eee e teen eee tteteeteeeeeeeeeees 437 show server compression brpi0 437 show server compression jaVASCTIPE 0 0 eet tttttteeeeeeeeeees 437 show server compression level oo eee eee cec cece cece tees ee eeeeeeettntneneeeeeeees 438 show server compression MSOFfICE ooooicccccccccccccccccccnnonononnnnnnnn caninos 438 show server COMpression ocCtetstream eee eect eteeteeteeeeeeeeeees 438 Table
255. eereess 422 Show Health Commands TE 422 show health remote OS tota talent do e A e r aE A 422 show health script lt script name all gt Internal 423 show health script lt script name all gt name 423 show health script lt script_name all gt stars 423 show health script lt script_name all gt status iieii 423 show health script lt script_name all gt vip 424 le Ve 424 XXVIII m Table of Contents Table of Contents show license Commands irme sestencat alicia 424 SHOW MCEMSE ns usha als O deed EE 424 SHOW e EE 425 SHOW E ET 425 SHOW LOG ap PIULS TE TEE 425 le le MET 425 SHOW le Ge E E EE 425 Ree SYSTERN EE EE 426 SHOW JOSIMNBAMMER des ete fallen dente NEE da DR oe ane eet 426 SOW MUP WEE 426 SHOW MEO DEE 427 show redirector Commande 427 IN O sche ek A ed en Ma 427 Show redirector customur e cette eee aeeeeetttnteneeeeeeeeeees 427 Show redirector description 427 SNOW redirector dsi cas neous esoe AE eege 428 show redirector boer 428 Show redirector Westen 428 show redirector listen interface 0 0 0 0 eter tteettttttteeeeeeeeeeeees 429 Show redirector listen port 429 Show redirector listen oos 429 show redirector listen sl 429 show redirector listen ssl certfile 0 eeeeteereetttttteetteneeeees 430 show redirector listen ssl cdpberfile 0 eee eeeeeeeteeeeteeeeeeeeeeeees 430 show redirector listen ssl cdpberiert ono rro 430 show redirector listen ssl ciphersuite 0 0 0 eee eeteteeeeeeeeeee
256. ees 371 show cluster listen ssl dlientauch tttetttteeeeeeeeeees 372 show cluster listen ssl clientauth authtype 0 i eeeeeeteeeeees 372 show cluster listen ssl clientauth cacertfile ee eeeeeeeeeeeeeeeeees 372 show cluster listen ssl clientauth caclfle eeeeteeeeeeeeeeeeees 372 show cluster listen ssl clientauth catrustfile ocios 373 show cluster listen ssl clientauth forwardclientcert ccoo 373 show cluster listen ssl clientauth forwardclientcert format 373 show cluster listen ssl clientauth forwardclientcert status 374 show cluster listen ssl clientauth status 374 show cluster listen ssl ephkeyfile ooooonnnninnnnninnnnnnncnininnccoconaan corn cccccnnno 374 Ree E ER UE 374 show cluster listen ssl Protocol eee eeeeeeeetttttettteteteeeeeeeeeeeees 375 show cluster listen SSI status 375 show cluster listen targetsdOWNii isiende a a ena nana nc ee 375 sh w cl ster EA EE 376 SHOW cluster Owan e eeh Eed EE e 376 Table of Contents m XXV Command Line Reference Guide for DXOS XXVI H Table of Contents show cluster sacompat Commandes 376 show cluster lt name gt sacompat Status 0 cece ee eeeeeeeeeeeeeeeeeeeeeeees 376 show cluster lt name gt sacompat aduvanmced occccncococnonnc conc nnnnnn conc 377 show cluster lt name gt sacompat advanced url 1 2 3 377 show cluster stats COMMANAS EE 377 Giele ET 377 Show Cluster stats El EE 378 showscluster stats health
257. efault name is assigned This command does not take effect until after a write operation add fwlb group lt name gt Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall load balancer add gslib localdns domain Description Adds a domain to the DNS Server This adds a start of authority record for the specified domain This command does not take effect until after a write operation Syntax add gslb localdns domain lt domain gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer add gslib remotenode Description Adds a remote node on the GSLB master If you omit the name a name is generated automatically The keywords all and internal are reserved The maximum number of remote GSLB nodes is determined by the DX license The name can be changed with a set command This command does not take effect until after a write operation Syntax add gslb remotenode lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer add gslib resolver Description Adds a resolver on the GSLB master If you omit the name a name is generated automatically The name can be changed with a set command This command does
258. en rewritten to https which correctly reflects the SSL communications between the DX and the client Figure 1 Convert302 Operation set cluster convert302protocol m 173 Command Line Reference Guide for DXOS set cluster customiplogheader Description Syntax Roles Mode s Use the set cluster lt name gt customiplogheader command to add a logging HTTP header This command does not take effect until after a write operation set cluster lt name gt customiplogheader lt description gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster description Description Syntax Roles Mode s set cluster dsr Description Syntax 174 m set cluster customiplogheader Use the set cluster lt name gt description command to add a descriptive note to a cluster This description is limited to 512 characters of free form text but cannot include new lines This command does not take effect until after a write operation set cluster lt name gt description lt description gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the set cluster lt name gt dsr command to enable or disable Direct Server Return DSR This reduces traffic by allowing web servers to send HTTP responses directly back to the requesting client thus bypassing t
259. en set for the cluster The stats aaa commands require an Authentication LDAP license Syntax show cluster lt name gt aaa authentication Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication cache Description Shows all of the authentication cache parameters that have been set for the cluster Syntax show cluster lt name gt aaa authentication cache Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication 346 m show cluster aaa authentication Commands Chapter 4 Show Through Write Commands show cluster aaa authentication cache maxage Description Syntax Roles Mode s Shows the maximum time that an authentication cache entry will be stored show cluster lt name gt aaa authentication cache maxage show cluster aaa authentication cache status Description Syntax Roles Mode s show cluster aaa authentication Idap Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X HTTP S Authentication Shows the status of authentication cache disabled or enabled show cluster lt name gt aaa authentication cache status Network Network Security Security Target Admin Admin Operator Admin Op
260. enabled by default This overrides the global SLB setting refer to set slb advanced reset on page 292 The global option is the same as enabled This command does not take effect until after a write operation Syntax set slb group lt name gt advanced reset lt client server gt lt disabled enabled global gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set sib group lt hardpaused softpaused unpaused gt Description Pauses or unpauses traffic for the slb group default is unpaused A hard pause terminates all existing traffic while a soft pause does not affect existing traffic Syntax This command takes place immediately no write command is needed set slb group lt name gt lt hardpaused softpaused unpaused gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Server Load Balancer Configuration set sib group healthcheck interval Overrides the global health check intervals for when target hosts are down default is 10 seconds for TCP SYN default is 5 seconds or for when target hosts are up default is 20 seconds This command does not take effect until after a write operation Syntax set slb group lt name gt healthcheck interval lt down lt seconds gt syn lt seconds gt up lt seconds
261. ename gt must contain a list of one or more valid CA certificates that are self signed or signed by m A well known trusted CA m ACA listed in the trusted CA certificate file All certificate entries in this file must be in base64 encoded format This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl clientauth cacertfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl clientauth cacrlfile Description Sets the CA Certificate Revocation List CRL as lt filename gt for the redirector The lt filename gt must be a list of one or more valid CRLs containing certificates signed by one of the CA s listed in the trusted CA certificate file All CRL entries not corresponding to an entry in the trusted CA certificate file are ignored All CRLs listed in the file must be in base64 encoded format This command does not take effect until after a write operation 276 m set redirector Commands Chapter 3 Set Commands Syntax set redirector lt name gt listen ssl clientauth cacrlfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl clientauth catrustfile Description Sets the CA Trusted Certificate file to lt f
262. ending Syntax show admin snmp trap generic Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap host Description Displays SNMP host settings for IP addresses community strings and the version configured Syntax show admin snmp trap host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap host 1 2 Description Displays the SNMP host setting for each trap host Syntax show admin snmp trap host 1 2 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp Commands mM 331 Command Line Reference Guide for DXOS show admin snmp trap host 1 2 community Description Displays the SNMP community string for each trap host Syntax show admin snmp trap host 1 2 community Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap host 1 2 ip Description Displays the IP address for each SNMP trap host Syntax show admin snmp trap host 1 2 ip Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X M
263. entauth authtype Description Syntax Roles Mode s Disables or enables client authentication for forwarder lt name gt The default is local and provides local authorization If none is specified the local and remote authentication are disabled The option none may be used in situations where a client certificate needs to be forwarded to the target host This command does not take effect until after a write operation set forwarder lt name gt listen ssl clientauth authtype lt local none gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl clientauth cacertfile Description Syntax Roles Mode s 226 m set forwarder Commands Sets the advertised Certificate Authority CA file as a lt filename gt for the forwarder The lt filename gt must contain a list of one or more valid CA certificates that are self signed or signed by m A well known trusted CA m A CA listed in the trusted CA certificate file All certificate entries in this file must be in base64 encoded format This command does not take effect until after a write operation set forwarder lt name gt listen ssl clientauth cacertfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set forwarder listen ssl clienta
264. er show server maxconns on page 441 Show the maximum number simultaneous of server connections show server reversepath Commands on page 441 Show the configuration for reverse path routing show server stats Commands on page 442 how the server statistics show slb Commands on page 450 how the configuration and statistics for Server Load Balancing SLB show snat Commands on page 461 how the Source Network Address Translation SNAT configuration show sync group Commands on page 463 how the synchronization configuration for a DX group show system debug on page 464 show system info on page 465 how the DX hardware model and current software version show tcpdump on page 465 how the collected TCP dump information show timezone on page 465 how the current time zone on the DX or a list of all time zones traceroute on page 470 how the route of packets sent to a specified destination show ua on page 466 S S S S Show system debug information S S S S S how the End User License Agreement show user on page 466 Show the role and status of one or all users CLI Command Summary m 13 Command Line Reference Guide for DXOS Command Description show version on page 467 Show the software version on the active partition show vlan Commands
265. er konqueror ns4 ns6 opera other safari Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression cmt Description Shows the CMT setting 1 2 or 3 Syntax show server compression cmt 1 2 3 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression cmt status Description Shows the compress CMT status disabled or enabled Syntax show server compression cmt status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 436 m show server compression Commands Chapter 4 Show Through Write Commands show server compression flushthreshold Description Shows if flush threshold compression is enabled Syntax show server compression flushthreshold Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression force Description Shows if the compression algorithm is forced O none m 1 gzip m 2 deflate Syntax show server compression force Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configura
266. er lt N gt port 152 set cluster aaa authentication Idap server type 00 eee eeeees 152 set cluster aaa authentication ldap sel 153 set cluster aaa authentication Idap ssl cacertfle cc eeeeeeeeeeeeeeees 153 set cluster aaa authentication ldap ssl ut 153 set cluster aaa authentication ldap ug 154 set cluster aaa authentication Idap version 0c cceeeeceeeeeeeeeeeeeeeeeeees 154 set cluster aaa authentication method www 154 set cluster aaa authentication password empty allowed 155 set cluster aaa authentication password Maxae eeeeeeeeeeteeeeees 155 set cluster aaa authentication password maxlength ees 155 set cluster aaa authentication DrotocOl eeteeeeeeeeeeeeeeeeeeees 156 set cluster aaa authentication radius Server ip 156 set cluster aaa authentication radius Server Dot 156 set cluster aaa authentication radius server key 157 set cluster aaa authentication radius Server retrieS cc eeeeeeeeeeeees 157 set cluster aaa authentication radius server Umeout 00 eeeeeeeee 157 set cluster aaa authentication realm nn 158 set cluster aaa authentication redirect 1 0 0 0 eeteeeeeeteteeteeeeeeeeeees 158 set cluster aaa authentication redirect boer 158 set cluster aaa authentication redirect Drotocol 159 set cluster aaa authentication redirect url 159 set cluster aaa authentication response Text 159 set cluster aaa authentication sso Cookie name ccc ceeeeeeeeeeeeeeeeeeees 160 set cluster
267. er Operator X X X 3G Cache show cluster cache stats Description Syntax Roles Mode s Shows target host like statistics relating to the traffic a cluster is routing to a cache If http is specified only the HTTP statistics are shown If i0 is specified only the I O statistics are shown If neither is specified both sets are shown show cluster lt name gt cache stats http io Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X 3G Cache show cluster cache Commands mM 357 Command Line Reference Guide for DXOS show cluster compression Commands Use the show cluster lt name gt compression targetcompression commands to view compression settings on the link between the DX and the target web servers show cluster compression Description Shows all the server compression settings Syntax show cluster lt name gt compression Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression 2k_padding Description Shows whether 2k padding is enabled for compression Syntax show cluster lt name gt compression 2k_padding Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression browser Description Shows the compres
268. er apprule stats Description Shows all AppRule statistics for the specified cluster Syntax show cluster lt name gt apprule stats all Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule stats ptc Description Shows the Page Translator Content PTC statistics for the specified cluster Syntax show cluster lt name gt apprule ptc Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule stats pth Description Shows the Page Translator Header PTH statistics for the specified cluster Syntax show cluster lt name gt apprule pth lt N gt all N represents the rule number Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule Commands m 355 Command Line Reference Guide for DXOS show cluster apprule stats rs Description Shows the Request Sentry RS statistics for the specified cluster Syntax show cluster lt name gt apprule rs M all M represents the rule number Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule stats rth Description Shows the Request Trans
269. er group servicecheck tcp port 86 deleteNhealthiscript sc cscs tae tee Bechen Maal ested de Rint cod tht al lacks be 87 delete eent 87 deleteredirector ii tad estes 87 delete route dt lan ios aloe 88 delete sb Erop aisia de ce do Ee 88 delete nat BroUpP anida td 88 delete Ssiauthorize dk Sera 89 delete Syne group telas oleo arco delle 89 delete syne group Meme 89 delete tcpdump de atodos odia te cod elle bol lo del et 90 delete Us a dee dede lalo 90 delete user ssh authorized KEYS Masai 90 display Commands egen tee ee e Dee ei 91 display EE eet Eegen clit hens Set DEE 91 display E 91 Eegenen eege det Ge ee cline hes set Cages ela 91 Elei 91 GE 92 Table of Contents W IX Command Line Reference Guide for DXOS EXPOLt COMMANAS 22s setaee erageet AER Saat etal tend Y 92 export cluster stats DIST Vostro talca 93 EXPO CONO rta dee ege dh sde ett er 93 exportlos AP te EE 94 EE audits ito leete 94 exportlog Neal Scripte Gugsa Regaler eier y 94 export log SYSTEM Masih tives ege enstinn 95 EXPOLPUlESEE 1 A O 95 export snapshot Systemi A ah een ge de ETA 95 EXPOLUUSCIS case eects ere eaten ers WAM EE EE 95 GEM Command O KEE 96 A ee 96 SOMES AD ee Net Mie ag oe NS AEs SR e 96 DEM KEV acts Ree EE EE 97 BESS Cte sitll A ie at NR et Malls oes AEs SR se ede ied An 97 Belt sae Pn E EE EE 97 Oe ane a an ean OA EAA ee Ee 98 STO ER EE te eee ARE a aie SRM ds oe Sea Hahah aa ee 98 IMPOLECOMMANAS AAA eee ed ote Had cae t
270. er of pings that each GSLB node sends to the local DNS to calculate the round trip time the default is 3 Pings are sent one second apart and the average RTT is used Note that the RTT count and timeout settings affect the response time of the GSLB master which must wait for the pings to be completed This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric rtt count lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Server Load Balancer set gslib resolver group metric rtt netmask Description Syntax Specifies a netmask so that different local DNSs within the netmask are assumed to have the same RTT value The default is 255 255 255 0 the RTT is calculated for each LDNS This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric rtt netmask lt netmask gt set gslb resolver Commands m 259 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group metric rtt timeout Description Syntax Roles Mode s Specifies the number of milliseconds the GSLB master waits for an RTT value from a GSLB node the default is 15 The minimum value is 10 This command does n
271. eration Syntax clear redirector lt name gt listen ssl cipherfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector listen ssl clientauth Description Clears the redirector listen SSL client authentication parameters This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl clientauth lt cacertfile cacrlfile catrustfile gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector listen ssl ephkeyfile Description Clears the redirector listen SSL ephemeral keyfiles This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl ephkeyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear redirector Commands mM 67 Command Line Reference Guide for DXOS clear redirector listen ss ephkeypass Description Clears the redirector listen SSL ephemeral keypass pass phrase This command does not take effect until after a write operation Syntax clear redirector lt name gt listen ssl ephkeypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Glo
272. erator Admin Operator User Operator X Mode s Global Configuration clear admin scp server Description Clears the server name or IP address for SCP transfers This command does not take effect until after a write operation Syntax clear admin scp server Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin scp username Description Clears the username used for SCP transfers This command does not take effect until after a write operation Syntax clear admin scp username clear admin Commands mM 35 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin snmp trap host Description Clears the first or second SNMP trap host This command does not take effect until after a write operation Syntax clear admin snmp trap host lt 1 2 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear admin syslog facility Description Sets the Syslog facility settings back to the default value This command does not take effect until after a write operation Syntax clear admin syslog facility Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global
273. erator User Operator X X X Mode s Global Configuration set activen group healthcheck interval Description Overrides the global health check intervals for one or all groups This command does not take effect until after a write operation Syntax set activen group lt name all gt healthcheck interval lt down syn up gt lt seconds gt m down Number of seconds a blade must be unresponsive before it is taken out of rotation default is 20 m syn Number of seconds between consecutive health probes when no response is received default is 10 up Number of seconds a blade has to respond to the health check probe before it is considered unresponsive default is 45 seconds Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN set activen group healthcheck maxtries Description Overrides the global ActiveN value for maximum number of health check tries for one or all groups default is 3 This command does not take effect until after a write operation Syntax set activen group lt name all gt healthcheck maxtries lt number gt 114 m setactiven Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen group session timeout Description Syntax Roles Mode s Overrides the global purge timers for idle s
274. erator User Operator X X X X X HTTP S Authentication This command shows all parameters related to the LDAP show cluster lt name gt aaa authentication ldap Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X HTTP S Authentication show cluster aaa authentication Idap anonymous Description Syntax show cluster lt name gt aaa authentication ldap anonymous This command shows whether anonymous access to the LDAP database is allowed show cluster aaa authentication Commands 8 347 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap base dn Description This command shows the root Distinguished Name DN Syntax show cluster lt name gt aaa authentication ldap base dn Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap bind dn Description This command shows the bind user Distinguished Name DN Syntax show cluster lt name gt aaa authentication ldap bind dn Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap gid Description This command sh
275. ere eettttteeeeeees 228 set forwarder listen ssl ephkeypaSS cece eee ceee eee eeeeeetttneeeeeeess 228 set forwarder listen ssl keyfile 00 000 eeeeeeeeeereettttnrteeeeees 229 set forwarder listen ssl KeypaSS oooonnnnnnnnicccooconnncnccocccoconinanan anna nn nc nccccnns 229 set forwarder listen ssl orotocol nono n nn cnnccnnno 230 set forwarder listen vip 230 SECO Ward name Ee aaia ge EE Eed ee 230 set forwarder sticky Clientip leader cece eee eeteeettteeeeeeees 231 set forwarder sticky Clientip tiMeQUt cece cece eettttteeeeeeees 231 set forwarder stick y tallo Vai A mee zio 231 set forwarder sticky Method nacos 232 Set forwarder target Most enee ege A TS 232 set forwarder target host lt ip port gt lt hardpaused softpaused lie UE EE 232 set forwarder target host lt ip port gt MaxconnectiONS ee 233 set forwarder target host lt ip port gt weight 233 set forwarder target locali isos 233 Set forwarder target qos e 234 Set forwarder target Sii ee e 234 set forwarder target ssl autochain cece E EE 234 set forwarder target ssl certtile A leche aer 234 set forwarder target ssl dpbertile n E EA ARA 235 set forwarder target ssl ciphersuite al 235 set forwarder target ssl ciphersuite COMMON cece eeeeees 235 set forwarder target ssl ciphersuite evport eeeeeteeeeees 236 set forwarder target ssl ciphersuite file 236 set forwarder target ssl ciphersuite Strong oo ee eeeeetteeeee terres 236 set f
276. erial port to access the box again Are you sure you want to continue y n y Resetting the DX to the factory default settings does not delete the user accounts To delete all user accounts use the command delete user all Syntax reset config Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration reset config m 107 Command Line Reference Guide for DXOS 108 m reset config Chapter 3 Set Commands This chapter describes all the set commands for the administrative function and the various DX features such as ActiveN clusters SLB and GSLB set activen Commands set activen Description Syntax Roles Mode s Use the set activen command to disable or enable the ActiveN feature or to change ActiveN parameters Note that ActiveN requires an ActiveN license Enables or disables the ActiveN feature When disabled is selected the switch is stopped and all configuration information is deleted only from the Kernel not from the configuration file default is disabled This command takes effect immediately Enter a write command to retain the change after the next reboot set activen disabled enabled Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X ActiveN set activen advanced burst_max Description Syntax Sets the maximum number of timed out sessions tha
277. ers and users display Commands on page 91 Display the login banner the contents of a file or the CLI commands required to create the current configuration exit on page 92 End the session export Commands on page 92 Export configurations logs system snapshots AppRule rulesets and user accounts to a remote server via TFTP or SCP gen Commands on page 96 Generate an SSL private key an SSL certificate signing request or an SSL self signed certificate halt on page 97 Turn off the device in preparation for disconnecting the power help on page 98 Display online help for CLI commands history on page 98 Display command history import Commands on page 98 Import a license configurations system snapshots health scripts AppRule rulesets and user accounts via TFTP or SCP install on page 102 Download and install new firmware to a non active partition list Commands on page 103 Display a list of files or saved configurations on the DX netstat Commands on page 104 Show network statistics ping on page 105 Verify connectivity with other network devices quit on page 106 End the session reboot on page 106 Restart the device reload on page 106 Discard all changes since the last write command reset config on page 107 Reset the configuration to the factory defaults set activen Commands on page 109 Enable or disable ActiveN or change A
278. ers cache all objects m Weighted Round Robin The servers are chosen semi sequentially A server is chosen based on its weight The larger the weight the higher the probability of the server being chosen 162 m set cluster balance Commands Chapter 3 Set Commands set cluster balance policy Description Syntax Roles Mode s This command is used to set the load balancing policy for a cluster See Description above This command does not take effect until after a write operation set cluster lt name gt balance policy lt fewestoutstandingrequests roundrobin urlhash weightedroundrobin gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer set cluster balance policy urlhash lt urllen gt Description Syntax Roles This command is used to set the length of the URL that will be hashed This command does not take effect until after a write operation set cluster lt name gt balance policy urlhash lt urllen gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X set cluster cache Commands set cluster cache Description Syntax Roles Mode s Use the set cluster lt name gt cache command to associate or disassociate a cluster with a specific 3G cache or to disable or enables caching for a cluster Associates a cluster with a named 3G cache This comm
279. erssH authorized REN stoner rata ES 27 clear activeN COMMAndS Tartas soii geht Leda 27 cl atrractivenblade Stat ral E eh ebessi 27 clear activen Toilette cdta catar teresa 28 clear activen group advanced burst man 28 Clear activenserOUpi Hlade cti criar eel 28 clear activen group healthcheck Internal 29 clear activen group healthcheck Maxtri8S ooooonnnnnncccoccnccccccccccconannnnnnnnncnno 29 clear activen group SESSION Umeout ne ettee terete eeeeees 29 clear activen group Stats caia tica Poodle ee 30 a ENEE 20 Clear admin Commande 30 clear admin email defaultmailto cece eee eeeeetettttttteeeeeees 30 league A Dee E 31 clear admin log lt mailtol mailtO2 zs 31 clear admin log method apprules memory eye 31 clear admin log method apprules syslog Tac 31 clear admin log method apprules syslog eye 32 clear admin log method audit syslog Tac 32 clear admin log method audit syslog level 0 eeeeetteeeeees 32 clear admin log method health memory eye 33 clear admin log method health syslog facility 33 clear admin log method health syslog evi 33 clear admin log method system email Ievel eeeeeees 33 clear admin log method system syslog Tac 34 clear admin log method system syslog level 34 clear admin remoteauth dap 34 clear admin remoteauth radius server 34 clear admin remoteauth userrole nanii cece eee EERE ERE 35 clear admin S p Server AA E R A E E T 35 cl ar ddmin scp Username Seed ein E E 35 clear admiri samp
280. erver reversepath entry lt ip all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the server s I O HTTP and SSL statistics This command does not take effect until after a write operation clear server stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Chapter 2 Add Through Reset Config Commands clear slb Commands Use the clear s1b commands to clear the Server Load Balancer SLB settings and statistics clear slb failover The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to set failover Commands on page 215 clear slb group healthcheck interval Description Resets the healthcheck interval settings to the default values for one or all SLB groups This command does not take effect until after a write operation Syntax clear slb group lt name all gt healthcheck interval lt down syn up gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear slb group healthcheck maxtries Description Resets the maximum number of healthcheck retries to the default values for one or all SLB groups This command does
281. es Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover Shows the node ID setting a number or auto show failover nodeid Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover Shows the listen port number and status for one or all remote static peers or just the port or status of a specific peer show failover peer lt ip gt listen status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Xx Unified Failover show failover stateful stats Description Syntax Roles Mode s Shows runtime statistics and information for a DX including the total number of packets received and sent successfully for both full and delta synchronization and the total number of full synchronization requests sent and received successful and unsuccessful show failover stateful stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Unified Failover show failover Commands m 407 Command Line Reference Guide for DXOS show failover stateful status Description Syntax Roles Mode s Shows a high level view of stateful failover for a DX It displays whether stateful failover is enabled or disabled the services that being synchronized ActiveN SLB Server
282. escription Displays the TSDump configuration Syntax show admin tsdump Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin telnet m 337 Command Line Reference Guide for DXOS show admin tsdump filename Description Displays the remote filename for the TSDump Syntax show admin tsdump filename Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin tsdump transport Description Displays the transport method used to send the TSDump information The transport method can be any of SMTP TFTP or SCP Syntax show admin tsdump transport Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin upgrade Commands Description Use the show admin upgrade command to show the filename of the DX pac file firmware to be upgraded show admin upgrade Description Shows the upgrade information Syntax show admin upgrade Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 338 m show admin upgrade Commands show admin upgrade filename Description Syntax Roles Mode s Shows the filename of the upgrade pac file sh
283. eses late a eet Eet ee ee dorain ME ear gslb remotenode encryption key ear gslb remotenode stat ear gslb resolver group failip cnn a adai eia ear gslb resolver group Member Stats ooocconnnniniccoconnnnnnnccccnccnnconananannnnno ear gslb resolver group stat car gslb resolver SLATS aserat aerasi ideed ar iaar ia net Rdee reads Ee nn ear health remotehost boer Car MealthySCript ax ee EE MAT NAAA Eeer carlos e ele DEENEN ee EE c r l g health dE gar log Syste EE NEP SEVE be ee ee ee Ee redirector Commands A AA AA A A AAA carrredirector customURL ii tdi A car TedirectOr descripta da Ear redirector MO ia A dt Sa ear redirector listen Ssl Certe aaa ear redirector listen ssl cipherfile 00 0c eeceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeees ear redirector listen ssl ClientauUth 00 eeeeeeeeeeeeenennnees ear redirector listen ssl epbhkevfile cee eteeeeeeeetnennnees ear redirector listen ssl ephkevpass cece eeeeeeeeeeeeenenenees ar redirector listen Ssl keyfile suis aac SEENEN EEN as ear redirector listen ssl Key D reg italia ear redirector EE ele ue EE car Server COMPLeSSION Eeer eet Mee car Server compression CMs ear ege ege Eesen car server customiplogneader ici car Server reversepath Entry asiatica esta ds Car server Stats rele lla tica fisio SEET e o tials eben a car Sib Larei eegen eeneg a la libre ear slb group healthcheck mtenval cece eeeeeeeeeeeeenenenes ear slb group healthcheck Maxtri8S cece eeeeeeeeeeseneennees car
284. essions for one or all groups These commands do not take effect until after a write operation set activen group lt name all gt session timeout lt ackwait active closewait gt lt seconds gt m ackwait Three way TCP handshake has not completed default is 10 seconds m active Active sessions default is 100 seconds m closewait Sessions terminated by the client default is 25 seconds Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen group sticky Description Syntax Roles Mode s Enables or disables the Client IP Sticky feature where the load balancer selects the same server for multiple TCP connections from the same client The command set activeN sticky timeout is not per group but rather it is a global command that affects all the groups This command does not take effect until after a write operation set activen group lt name all gt sticky lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X ActiveN set activen Commands mM 115 Command Line Reference Guide for DXOS set activen group sticky failover Description Syntax Roles Mode s Enables or disables sticky failover for the specified ActiveN group When Unified Failover is also enabled the standby DX takes on communications for the ActiveN group These commands do not
285. et cluster lt name gt name lt newname gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster owa Description Use the set cluster owa command to disable or enable support for Outlook Web Access OWA This command does not take effect until after a write operation Syntax set cluster lt name gt owa lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sacompat Commands Use the set cluster lt name gt sacompat commands to enable or disable DX compatibility with the Juniper Secure Access SSL VPN SA solution and to define any required URLs set cluster sacompat Description Enables or disables the ability of a specified DX cluster to provide Juniper SA solution Network Connect Protocol NCP compatibility The default is disabled This command does not take effect until after a write operation Syntax set cluster lt name gt sacompat lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration set cluster owa m 191 Command Line Reference Guide for DXOS set cluster sacompat advanced url Description Syntax Roles Mode s Specifies one of th
286. et cluster weblog Commands Chapter 3 Set Commands Table 6 Web Log Field Definitions continued Field Definition clustername Name of the cluster that received the request method Request method url Request URL request bytes Length of request content body This is applicable for POST PUT and certain WebDAV requests precomp bytes Content length of the response document before compression postcomp bytes Content length of the response document after compression cachehit Number of Juniper cache hits or cache misses set cluster weblog Description Disables or enables cluster logging This command does not take effect until after a write operation Syntax set cluster lt name gt weblog lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Mode s Historical Rates and Statistics set cluster weblog batch compression Description Disables or enables the use of GZIP compression for Syslog entries sent in batch mode enabled by default This command does not take effect until after a write operation Syntax set cluster lt name gt weblog batch compression lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog batch copy copynow Description Forces an immediate copy
287. ets the user name for a synchronization group member default is juniper This command does not take effect until after a write operation set sync group lt name gt member lt memberid gt username lt username gt set sync group name Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Renames a synchronization group member This command does not take effect until after a write operation set sync group lt name gt name lt newname gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set sync group override Description Syntax Roles Mode s 306 m set sync group Commands Enables or disables the use of a group override file disabled by default This command does not take effect until after a write operation set sync group lt name gt override lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x Global Configuration set sync group override filename Description Syntax Roles Mode s Chapter 3 Set Commands Sets the name for the group override file This command does not take effect until after a write operation set sync group lt name gt override filename lt filename gt Network Network Admin Admin Operator Se
288. etwork Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen group advanced reset Description Syntax Roles Mode s 112 m set activen Commands Disables or enables the sending of resets to the client or server when active sessions are purged default is enabled This command does not take effect until after a write operation set activen group lt name all gt advanced reset lt client server gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN Chapter 3 Set Commands set activen group advanced synflood_protect Description Enables or disables the purging of a connection if the client does not send the final ACK in the three way TCP handshake The synflood_protect option is used to enable protection against SYN flood attacks default is enabled This command does not take effect until after a write operation Syntax set activen group lt name all gt advanced synflood_protect lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s ActiveN set activen group blade Description Used to add a blade as a member of a group Using the keyword all in the group argument results in the blade being added to all the groups Similarly using all in the blade argument
289. etwork Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Server Load Balancer show health Commands Description Use the show health command to show parameters relating to connectivity failover show health remotehost Description Shows all of the configurable parameters associated with remote host health check or just the target hosts the health check interval the minimum number of hosts to fail before starting failover the retry count the health checking delay after a reboot the status enabled disabled and the timeout for a response to a health check Syntax show health remotehost lt host interval minhostsfailing retry startupdelay status timeout gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover 422 m show health Commands Chapter 4 Show Through Write Commands show health script lt script_name all gt interval Description Shows the interval at which the named script or all scripts is set to run Syntax show health script lt script_name all gt interval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Connectivity Failover show health script lt script_name all gt name Description Shows the name of the named script or the names of all currently installed scripts
290. etwork Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration show admin cli sessionExpireTime Description Syntax Roles Mode s show admin email Description Syntax Roles Mode s 320 m show admin Commands Shows the administrator Command Line Interface CLI expiration time show admin cli sessionExpireTime Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Use the show admin email command to show the main default email configuration This command shows the default email configuration but not individually configurable email settings such as those set with the set admin log set admin tcpdump and set admin tsdump commands show admin email Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Chapter 4 Show Through Write Commands show admin interface Description Use the show admin interface command to show admin interface settings Syntax show admin interface Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin log Commands Use the show admin log commands to show logging configuration show admin log mailto Description Shows the email address es that have been set up to
291. every n seconds Syntax show server stats n Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 442 m show server stats Commands Chapter 4 Show Through Write Commands show server stats auth Description Syntax Roles Mode s Displays the server authentication statistics including the number of password changes and failed authentications show server stats auth Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration show server stats history Description Syntax Roles Mode s Use the show server stats history command to display the history statistics for the server show server stats history Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history http listen Description Syntax Roles Mode s Shows the historical listen statistics for the server show server stats history http listen Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history http listen browser Description Syntax This option shows the connections by the type of browser The browsers monitored are shown in Table 10 on page 378 show server stats
292. figuration For example if you stop the DX server dx set server down DX server stopped dx show server status Server down And then enter a reload command while the server is down dx reload dx show server status Server down loaded config up The server is down but since the currently loaded and saved configuration indicates that the server is enabled rebooting the DX will restart the server 4 m Applying and Saving Configuration Changes Chapter 1 Using the Command Line Interface CLI Managing User Access The CLI commands that a user can execute depends on the role assigned to the user s account by the administrator In addition the effect of various commands is also limited by the user s role For example users can import or export only the configuration settings that they are allowed to view or change Table 1 describes the available user roles Table 1 User Roles Role Description and Tasks Performed administrator Can execute all commands on the DX Only administrators can add new users and change user attributes network_administrator Can execute all commands except those related to SSL and user accounts network_operator Can view all configuration settings except those related to SSL and can enable or disable the following Target servers cannot change SLB State of services Server Web Administration Server SSH 8 E 8 E Telnet E 8 E SNMP security_ad
293. figuration set redirector listen vip Description Sets the redirector s listen Virtual IP address This command does not take effect until after a write operation Syntax set redirector lt name gt listen vip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector name Description Changes the name of a redirector from lt name gt to lt new name gt This command does not take effect until after a write operation Syntax set redirector lt name gt name lt new name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector port Description Sets the port for redirect requests The default is port 443 This command does not take effect until after a write operation Syntax set redirector lt name gt port lt port number gt 280 m set redirector Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector protocol http Description Redirects requests to use HTTP protocols This command does not take effect until after a write operation Syntax set redirector lt name gt protocol http Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s
294. file making this field empty This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl clientauth cacrlfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl clientauth catrustfile Description Clears the value of the CA Trusted file making this field empty This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl clientauth catrustfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl ephkeyfile Description Clears the listen side SSL ephemeral key file for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl ephkeyfile clear cluster listen ssl Commands m 47 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster listen ssl ephkeypass Description Clears the listen side SSL ephemeral key password for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt listen ssl ephkeypass Roles Network Network Security Security Target
295. for Layer 7 health check requests in seconds 1 to 3600 The default is 15 seconds The interval should be equal to or a multiple of the Layer 4 connection interval refer to set cluster health connect interval on page 176 This command does not take effect until after a write operation set cluster lt name gt health request interval lt interval gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request resume Description Syntax Roles Mode s Number of health checks with good responses before declaring the target server as operational 1 to 20 The default is 1 This command does not take effect until after a write operation set cluster lt name gt health request resume lt resume number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health Commands m 177 Command Line Reference Guide for DXOS set cluster health request returncode Description Syntax Roles Mode s Expected return code The default is 200 This command does not take effect until after a write operation set cluster lt name gt health request returncode lt return code gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request size De
296. form Installation and Administration Guide for complete information on Server Load Balancing policies Disables or enables the Server Load Balancer disabled by default This command takes effect immediately Enter a write command to retain the change after the next reboot set slb lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set sib advanced reset Description Syntax Roles Mode s set sib failover 292 m set sib Commands When active sessions are purged a reset can be sent to the client and or server to indicate that the connection has been terminated enabled by default This command does not take effect until after a write operation set slb advanced reset lt client server gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to set failover Commands on page 215 Chapter 3 Set Commands set sib group advanced reset Description When active sessions in the specified group are purged a reset can be sent to the client and or server to indicate that the connection has been terminated
297. form h instead of the substitution form hostname display loginbanner Network Operator Network Admin Security Admin Admin Security Operator Target User Operator Xx Global Configuration Displays the commands needed to recreate user accounts display users display Commands m 91 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration exit Description Use the exit command to end a session same as the quit command Syntax exit Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration export Commands Use the export commands to export configurations and user accounts from the DX to a remote server via TFTP or SCP Notes The format of lt dst gt is tftp tftp_server filename or scp username scp_server filename Double quotes must be used if the filename has spaces tftp tftp_server dx config The lt scp_server gt name is a host name or an IP address The lt filename gt is an absolute path of the file where you would like to export the configuration The directory specified for the filename must exist The System Snapshot can only be exported to an SCP server E NOTE When exporting a configuration or a snapshot it is a good practice to give t
298. fy authoritative name servers see the previous command This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt dns authservername lt FQHN gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group dns hostname Description Syntax Roles Mode s 252 pn setgslb resolver Commands Sets the fully qualified hostname FQHN for the GSLB group This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt dns hostname lt FQDN gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer Chapter 3 Set Commands set gslib resolver group dns ttl Description Sets the Time to Live TTL for the DNS record returned in response to a hostname lookup request 1 through 2147483647 seconds The default is 300 This command does not take effect until after a write operation Syntax set gslb resolver lt name gt group lt name gt dns ttl lt seconds gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Server Load Balancer set gslib resolver group failip Description Sets a failure IP address to send to the local DNS when all the GSLB nodes in the group are u
299. g data Turns logging on or off Remember that logging always exacts a performance penalty Media is the mode in which an ethernet interface etherO and ether1 operates Maximum Transmission Unit MTU is the largest number of bytes of payload data a frame can carry not counting the frame s header and trailer The MTU should be set to 1500 for Ethernet DO NOT change this value unless your switch and network are configured to work with a different MTU A mask to filter out addresses that should not access the device Network Time Protocol Specifies whether or not the Accelerator should listen for your NTP server Remote Authentication Dial In User Service A redirector is mechanism for redirecting requests to a single web server It listens for incoming web requests on a specific virtual IP address and port and redirects the client to that web server Unlike a cluster a redirector does not allow web traffic to pass through the Accelerator Instead for every web request a redirector receives the redirector sends the client back a redirect URL and forces it to resend its HTTP request to that URL The host portion of the redirect URL sent by the redirector That is this is the web server to which the client should be redirected The redirector host may be specified as either a hostname or an IP address The port portion of the redirect URL sent by the redirector The protocol portion of the redirect URL sent by the redirect
300. g system lt dst gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Description Exports the OverDrive AppRule ruleset from the DX to a remote location via TFTP or SCP Syntax export ruleset lt dst gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Application Rules export snapshot system Description Exports a system snapshot from the DX to a remote location via SCP only Syntax export snapshot system lt dst gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration export users Description Syntax Exports user accounts from the DX to a remote location via TFTP or SCP export users lt dst gt export Commands m 95 Command Line Reference Guide for DXOS Roles Mode s gen Commands gen cac Description Syntax Roles Mode s gen csr Description Syntax Roles Mode s 96 m gen Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Use the gen commands to generate an SSL private key an SSL certificate signing request or an SSL self signed certificate The gen csr gen key and gen ssc commands are disabled on the DX 3650 FIPS You will be prompted f
301. ge 299 This command does not take effect until after a write operation set slb group lt name gt minhosts lt number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set sib group nat Description Syntax Roles Mode s Chapter 3 Set Commands Sets the full or half Network Address Translation NAT policy for the switch group default is full This command does not take effect until after a write operation set slb group lt name gt nat lt full half gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Server Load Balancer Configuration set sib group nat port Description Syntax Roles Mode s set sib group policy Description Syntax Sets the range of ports 1 to 65535 for an SLB group that are subject to NAT Since the L4 switch can operate in DSR mode where it may not see the packets going from the target host to the client the L4 switch uses a timer to purge the sessions The default port range is 1024 to 65535 This command does not take effect until after a write operation set slb group lt name gt nat port lt end start gt lt port gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration Sets the load balancing policy for the switch g
302. ge 45 Clear the string or size requirement for a successful health check clear cluster listen ssl Commands on page 46 Clear a CA certificate file CA CRL file a CA trusted certificate an ephemeral key filename or ephemeral key password clear cluster sacompat advanced url on page 49 Clear the URLs used with the Juniper Secure Access SSL VPN SA solution clear cluster stats on page 49 Clear the statistics for a cluster clear cluster sticky clientip entry on page 49 Clear entries associating clients with target hosts clear cluster target Commands on page 50 Clear the target settings for a cluster clear cluster weblog Commands on page 52 Clear the Weblog settings for a cluster clear dns server on page 53 Clear one or all DNS servers clear failover stats on page 53 Clear all failover statistics clear forwarder Commands on page 54 Clear a forwarder s description statistics SSL settings target hosts target address or target SSL settings clear fwlb Commands on page 58 Clear the firewall load balancer settings for a group clear gslb Commands on page 60 Clear the GSLB settings for a group clear health Commands on page 63 Clear an IP address from Connectivity Failover Health Check or the statistics for a health script clear log Commands on page 64 Clear entries fro
303. get Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp community ip Description Shows the network SNMP connection status Syntax show admin snmp community ip Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp community name Description Shows the SNMP community name Syntax show admin snmp community name 328 m show admin snmp Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp community netmask Description Shows the netmask used to allow SNMP connections from the specified network Syntax show admin snmp community netmask Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp contact Description Shows the SNMP system contact Syntax show admin snmp contact Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp location Description Shows the SNMP system location Syntax show admin snmp location Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X
304. group member netmask Description Syntax Roles Mode s show snat group vip Description Syntax Roles Mode s 462 m show snat Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows a SNAT group membere IP address show snat group lt name gt member lt name gt ip Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows a SNAT group members IP netmask show snat group lt name gt member lt name gt netmask Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the Virtual IP address for the group show snat group lt name gt vip Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show snat sessions Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Shows the current SNAT sessions show snat sessions Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show sync group Commands Description show sync group Description Syntax Roles Mode s Use the show sync group commands to show the configuration of a synchronization group for configuration synchronization Starting with software release
305. gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set slo Commands m 293 Command Line Reference Guide for DXOS set sib group healthcheck maxtries Description Syntax Roles Mode s Overrides the global maximum number of health checks default is 3 This command does not take effect until after a write operation set slb group lt name gt healthcheck maxtries lt number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set sib group healthcheck smtp Description Syntax Roles Mode s Enables or disables SMTP health checking for a group disabled by default This command does not take effect until after a write operation set slb group lt name all gt healthcheck smtp lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Server Load Balancer Configuration set slb group listen qos Sets the DSCP ToS values on traffic sent to clients see set qos Commands on page 268 set sib group minhosts Description Syntax Roles Mode s 294 m set sib Commands Sets the minimum number of target hosts used for load balancing by priority To set the target host priorities refer to set slb group target host on pa
306. guration Examples capture loginbanner Unauthorized access to or use of this system is prohibited All access and use may be monitored and recorded Sets the login banner to Unauthorized access to or use of this system is prohibited All access and use may be monitored and recorded dx capture loginbanner Enter banner End with on a blank line h hostname h d date d s system s v version v b build id b Banner saved 26 m capture Commands dx show loginbanner h hostname dx5 juniper net Chapter 2 Add Through Reset Config Commands d date Tue Mar 24 19 18 32 PDT 2006 s system Juniper Networks v version 5 1 0 b build id 0 Sets the login banner to show critical parameters capture ssh authorized_keys Description Syntax Roles Mode s Captures the user s public SSH key to a file on the DX and names the file authorized_keys capture ssh authorized_keys Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration capture user ssh authorized __keys Description Syntax Roles Mode s Captures the specified user s public SSH key and saves the file to the DX The file name is authorized_keys capture user name ssh authorized_keys Network Network Admin Admin Operator Security Security Target Admin Operator User Operator X Global Configuration cl
307. h trap host This command does not take effect until after a write operation set admin snmp trap host lt 1 2 gt ip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set admin snmp trap host lt 1 2 gt version Description Syntax Roles Mode s 134 m set admin snmp Commands Defines the SNMP version for each trap host to be either Version 1 or Version 2 This command does not take effect until after a write operation set admin snmp trap host lt 1 2 gt version lt 1 2 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Chapter 3 Set Commands set admin snmp trap threshold connection Description Sets the percentage of the maximum number of client side connections that generates a connection threshold trap default is 100 This command does not take effect until after a write operation Syntax set admin snmp trap threshold connection lt threshold in gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s Global Configuration set admin snmp trap threshold loginfail Description Sets the percentage of login failures that triggers an authentication failure trap default is 20 This command does not take effect until after a write operation Syntax set admin snmp
308. h type of response code handled Response Code 101 etc Syntax show cluster lt name gt stats history http target responsecode show cluster stats Commands mM 383 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history io listen Description Shows the client side I O statistics for the cluster including m Bytes In requests from clients m Bytes Out responses to clients Current Client Connections m Total Client Connections m Refused Client Connections Syntax show cluster lt name gt stats history io listen Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history io target Description Shows the server side I O statistics for the cluster including Bytes In requests from clients and Bytes Out responses to clients Syntax show cluster lt name gt stats history io target Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring 384 m show cluster stats Commands Chapter 4 Show Through Write Commands show cluster stats history ssl Description Shows the SSL statistics for the cluster including the number of m New Sessions m Re used Sessio
309. hat will be used for the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication radius server key lt shared key gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication radius server retries Description Syntax Roles Mode s This command is used to set the number of retries of the RADIUS server that will be used for the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication radius server retries lt integer gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication radius server timeout Description Syntax Roles Mode s This command is used to set the timeout value of the RADIUS server that will be used for the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication radius server timeout lt integer gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Commands m 157 Command Line Reference Guide for DXOS set cluster aaa authentication realm Description Syntax Roles Mode s This c
310. he file a name that describes the function and identifies the version For example ex_4 1 B14_ssl_server_8 25 2003 The export config command exports the actual set commands from the CLI to recreate the configuration however it only exports those commands that are 92 m exit Chapter 2 Add Through Reset Config Commands allowed by the current role The export config operation does not export the following information m Set commands take effect immediately These commands include the state of the various services m Server m SSH Service m Telnet Service m SNMP Service m Web User Interface Service m Administrative passwords m All SSL private keys key passwords certificates and self signed certificates m User accounts Because the export config command does not cover these cases the export audit export log export ruleset and export users commands were added Note that to use SCP you must first configure the environment using the commands set admin scp username lt user gt and set admin scp server lt servername gt export cluster stats history Description Exports statistics for one or all clusters via TFTP or SCP Syntax export cluster lt name all gt stats history lt dst gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration export config Description Exports a configuration from the DX to a remote loca
311. he load balancer in the response path For additional information see DSR in the Installation and Administration Guide for DXOS This command does not take effect until after a write operation set cluster lt name gt dsr lt disabled enabled gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster forwardclientcert headername Description Use the set cluster lt name gt forwardclientdert headername command to add a header name to the client s certificate when client authentication is performed over SSL Refer to the Installation and Administration Guide for DXOS for more details This command does not take effect until after a write operation Syntax set cluster lt name gt forwardclientcert headername lt header gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster health Commands Use the set cluster lt name gt health command to set the content health check parameters for target servers The DX verifies the health of the target server by sending Layer 4 connection requests and Layer 7 HTTP Get requests to all the target servers in the cluster at a pre configured interval The DX assumes all target hosts are down when Layer 7 health checking is turned on and only logs state transitions Thi
312. hen a connection is terminated You can also view just the client or server setting Syntax show slb advanced reset lt client server gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb failover The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to show failover Commands on page 405 show slib group Description Displays the SLB settings for one or all groups Syntax show slb group lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Server Load Balancer show slib group advanced Description Displays whether a reset is sent to the client and server when a connection is terminated for the group You can also view just the client or server setting Syntax show slb group lt name gt advanced reset lt client server gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb Commands m 451 Command Line Reference Guide for DXOS show sIb group healthcheck Displays the group health check intervals when target hosts are down for TCP SYN and for when target hosts are up and the maximum number of retries befor
313. her 0 ether0 IP address 10 0 61 150 netmask 255 255 255 0 ether0 Broadcast 10 0 61 255 ether0 MAC 00 30 48 72 58 34 VMAC unconfigured MTU 1500 ether0 media autoselect 100baseTX full duplex Status active ether0 supported media options 1 10baseT UTP 2 10baseT UTP full duplex 3 100baseTX 4 100baseTX full duplex 5 1000baseTX full duplex 6 1000baseTX 7 autoselect The Maximum Transmission Unit MTU should be set to 1500 for the Ethernet DO NOT change this value unless your switch and network are configured to work with a different MTU 404 m show dns Commands Chapter 4 Show Through Write Commands Syntax show ether lt n gt ip mac media mtu netmask subnet vmac Where lt n gt is the interface number such as 0 or 1 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show failover Commands Use the show failover commands to show the Unified Failover settings show failover Description Shows all configuration settings for Unified Failover Syntax show failover Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Unified Failover show failover advanced Description Shows one or all advanced settings Syntax show failover advanced missedcount pollinterval serviceinterval Roles Network Network S
314. here can be multiple mail exchange records for a domain with different priorities Priority is a positive integer with zero being the highest priority This command does not take effect until after a write operation Syntax set gslb localdns domain lt domain gt mx lt mailserver gt lt priority gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Server Load Balancer set gslib localdns domain ns Description Adds a name server record for the specified domain When the sub domain or server name does not end in a period is not fully qualified the name server appends the domain name when responding to queries There can be multiple name server records for a domain This command does not take effect until after a write operation Syntax set gslb localdns domain lt domain gt ns lt servername gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer 246 m setgslb localdns Commands Chapter 3 Set Commands set gslb localdns domain ptr Description Syntax Roles Mode s Adds a pointer record for reverse DNS lookup for an IP in the specified domain If the host parameter does not end in a period it is not fully qualified the server name appends the domain name to it when responding to queries There can be only one pointer record for an IP in a d
315. his command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt member lt name gt remotenode lt name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb resolver group member weight Description 256 pn setgslb resolver Commands If you use weighted roundrobin load balancing the weight 0 to 100 indicates the number of times the member address is served before the next address is used If the member weight is 0 the member is removed from rotation If it is non zero the normal load balancing calculation is performed Weights are also used for metric based load balancing This command does not take effect until after a write operation Chapter 3 Set Commands Syntax set gslb resolver lt name gt group lt name gt member lt name gt weight lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Server Load Balancer set gsib resolver group metric byterate Description Specifies the maximum allowable data rate bytes second on a GSLB node and the relative weight 0 to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the byte rate is exceeded the IP addresses associated with the node are taken out of rotation The default rate
316. history http listen browser show server stats Commands m 443 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http listen method Description This option shows the request method The methods that are monitored are shown in Table 11 on page 379 Syntax show server stats history http listen method Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http listen req err Description This option shows the illegal requests The illegal requests are shown in Table 12 on page 379 Syntax show server stats history http listen req err Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http listen request Description Number of active client requests Syntax show server stats history http listen request Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 444 m show server stats Commands Chapter 4 Show Through Write Commands show server stats history http listen version Description Syntax Roles Mode s Shows the client
317. hkeyfile lt ephkeyfile gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl ephkeypass Description 228 m set forwarder Commands Specifies the ephemeral key pass phrase The SSL key pass phrase keypass is not copied as part of the configuration file on the new partition during an upgrade You can import the keypass by typing the command set forwarder lt n gt listen ssl ephkeypass lt key password gt Syntax Roles Mode s Chapter 3 Set Commands Supported cipher suites are shown in Cipher Suites on page 477 This command does not take effect until after a write operation set forwarder lt name gt listen ssl ephkeypass Network Network Security Security set forwarder listen ssl keyfile Description Syntax Roles Mode s set forwarder listen ssl keypass Description Syntax Roles Mode s Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Specifies the SSL keyfile for forwarder listen traffic This command does not take effect until after a write operation set forwarder lt name gt listen ssl keyfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Global Configuration Specifies the SSL keypass phrase for forwarder listen traffic This command does not take effec
318. hod m 369 Command Line Reference Guide for DXOS show cluster listen port Description Syntax Roles Mode s Shows the cluster listen port show cluster lt name gt listen port Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster listen qos Description Syntax Roles Mode s Shows the ToS DSCP settings for client traffic from the cluster show cluster lt name gt listen qos Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster listen ssl Description Syntax Roles Mode s Shows the configuration of the SSL listen parameters for a specific cluster Supported cipher suites are shown in Cipher Suites on page 477 show cluster lt name gt listen ssl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration show cluster listen ssl certfile Description Syntax Shows the cluster listen SSL certfile show cluster lt name gt listen ssl certfile 370 m show cluster listen Commands Roles Mode s Chapter 4 Show Through Write Commands show cluster listen ssl cipherfile Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X
319. host lt ip port all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder target localip Description Removes the local IP setting for the forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt target localip clear forwarder Commands mM 57 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder target ssl Description Clears the target side SSL certfile cipherfile keyfile or keypass pass phrase for a forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt target ssl lt certfile cipherfile keyfile keypass gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear fwlb Commands clear fwlb group target host Description Clears one or all target hosts from a firewall load balancing group This command clears all parameters related to the target hosts This command does not take effect until after a write operation Syntax clear fwlb group lt name gt target host lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User
320. how cluster sticky chentip Cntries ii ds ls 387 show cluster sticky coi td adel A do 387 show cluster sticky failover status 387 show cluster sticky Method meca illinois 388 leed Een 388 Sale Ee TEE 388 show cluster target hOst lt iip pOrt tii leads de 388 show cluster target host lt ip port all gt stars 389 show cluster target host lt ip port all gt stats history ee 389 show cluster target host lt ip port all gt stats history bp 389 show cluster target host lt ip port all gt stats history http bytesin 390 show cluster target host lt ip port all gt stats history http bytesout 390 show cluster target host lt ip port all gt stats history http content 390 show cluster target host lt ip port all gt stats history http LESPONSECOD EA tent eects headin Lunada da e dns loto 390 show cluster target host lt ip port all gt stats history http target ASCOMPTESSO it a dalla tii 391 show cluster target host lt ip port gt stats history jo 391 show cluster target host lt ip port all gt stats history sl 391 show cluster target host lt ip port all gt stats bp 392 show cluster target host lt ip port all gt stateio ees 392 show cluster target host lt ip port all gt stats Ssl 392 Table of Contents show cluster target loCalip TE 393 SHOW cl ster target nam eysens reaa i aa Seah lease ti 393 SHOW cl ster target QOS ax sess candado ara elsa ELSE 393 SHOW ClUSEE
321. hows the redirect host name or IP address for the redirector Syntax show redirector lt name gt host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector listen Description Shows the redirector listen configuration Syntax show redirector lt name gt listen Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 428 m show redirector Commands Chapter 4 Show Through Write Commands show redirector listen interface Description Shows the redirector listen interface Syntax show redirector lt name gt listen interface Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector listen port Description Shows the redirector listen port Syntax show redirector lt name gt listen port Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector listen qos Description Shows the ToS DSCP settings for client traffic from the redirector Syntax show redirector lt name gt listen qos Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redir
322. icky commands to set client to target sever bindings set cluster sticky clientip leader Description Specifies whether a client IP is bound to follows the same target host as another cluster forwarder or SLB group the default is none This creates a sticky group so that client applications with multiple protocol flows such as TCP and UDP can be load balanced to the same target host The sticky method must be clientip see set cluster sticky method on page 195 This command does not take effect until after a write operation Syntax set cluster lt name gt sticky clientip leader lt none lt lt cluster forwarder slb group gt lt name gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sticky clientip timeout Description Sets the number of minutes 1 to 43200 a client IP is bound to a target host The default value is 120 This command does not take effect until after a write operation Syntax set cluster lt name gt sticky clientip timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster sticky cookie expire Description Sets the number of minutes a cookie is valid The range is 1 minute to 3 000 000 minutes 5 71 years Setting the value to zero means the cookies never expire This command
323. ient rather than using the DX to pass the response to the client Syntax show forwarder lt name gt dsr show forwarder Commands m 411 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Global Configuration show forwarder health Description Shows the Layer 7 health check settings Syntax show forwarder lt name gt health Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show forwarder health connect Description Shows the Layer 4 connection check settings Syntax show forwarder lt name gt health connect Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show forwarder health connect interval Description Shows the Layer 4 connection check interval Syntax show forwarder lt name gt health connect interval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking 412 m show forwarder Commands Chapter 4 Show Through Write Commands show forwarder health connect timeout Description Syntax Roles Mode s Shows the Layer 4 timeout value the maximum time in seconds that the DX will wait to complete a connection check show forwarder lt na
324. ier fete tealt TE 378 show Cluster Stats NiStOry viatura nenien Ma aier ia iia ie ehi Eos 378 show cluster stats history EXPOTE 0ooocoonncccccooooonnnnnnnnnccncnonoconnnn nan n cnn nnccnnn 380 show cluster stats history http Ieren 380 show cluster stats history http listen DroWSer ooocccnnnnniicicoccacnnonccncccc no 381 show cluster stats history http listen method 381 show cluster stats history http listen reg emr 0 0 eeeeeees 381 show cluster stats history http listen request 0 ee eeeeeeeeeeees 381 show cluster stats history http listen version 382 show cluster stats history http target ce cece cece eeeeeetteteeeeeees 382 show cluster stats history http target b ytesin eee eeeees 382 show cluster stats history http target DyteSOUt oe eres 383 show cluster stats history http target Content 383 show cluster stats history http target decompression c0 cee 383 show cluster stats history http target responsecode ees 383 show cluster stats history io lesten 384 show cluster stats history iO Lorger eeeeeeeeeeeeeenetteseeeeeees 384 show cluster stats histoty Selina ia 385 show cluster Stats history Status oooononncccccoooconnnnnnnoncccncncconan anar nn nn nnncn ns 385 ShOW cluster stats DD lit eee ea ae ane es 385 show cluster Stats Oi A A aos 386 show cluster Stats Sl it A a TRAN 386 show cluster sticky Commandes 386 SHOW clustet Sticky it A A EA 386 show cluster stioky ClentiD iaa a OE EEN 386 s
325. iguration Deletes one or all synchronization groups Starting with software release 4 1 15 the delete sync group command is disabled on the DX 3670 This command does not take effect until after a write operation delete sync group lt name all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration delete sync group member Description Syntax Removes a member from the synchronization group lt memberid gt is either lt hostname gt or lt ip gt Starting with software release 4 1 15 the delete sync group command is disabled on the DX 3670 This command does not take effect until after a write operation delete sync group lt name gt member lt memberid gt delete Commands m 89 Command Line Reference Guide for DXOS Roles Mode s delete tcpdump Description Syntax Roles Mode s delete user Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Deletes one or all TCP dump files from the DX This command takes place immediately no write command is needed delete tcpdump tcpdumpfile all Network Operator Network Admin Security Admin Security Operator Target Admin User Operator X Global Configuration Deletes one or all users from the DX This command takes place
326. ilename gt for the redirector The lt filename gt must be a file containing a valid list of one or more root or intermediate CA certificates each certificate is encoded in base64 format If the certificate is an intermediate certificate its root CA certificate must also be present in either a catrustfile or the cacertfile This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl clientauth catrustfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl clientauth Description Disables or enables SSL client authentication for listen traffic This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl clientauth lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl Description Disables or enables SSL for redirector listen traffic This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl lt disabled enabled gt set redirector Commands m 277 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mod
327. ilover commands that have been replaced by the commands for Unified Failover You should disable failover for ActiveN the DX server and SLB and configure Unified Failover for all supported services refer to set failover Commands on page 215 Table 21 Service Specific Failover Commands Command Description ActiveN Commands clear activen failover bindaddr Clears the failover bind address for ActiveN set activen failover disabled enabled Used to disable or enable the failover mechanism set activen failover bindaddr lt ip gt Used to set the bind address for the failover mechanism default is not configured set activen failover forcemaster lt disabled enabled gt Used to force a device to be the master if it s node ID is lower than the current master default is disabled set activen failover mcastaddr lt ip gt eS sed to set the multicast address for the failover mechanism set activen failover nodeid lt number auto gt sed to set the nodeid of the ActiveN failover unit Setting nodeid to auto will result in a nodeid being generated automatically default is auto set activen failover port peer lt port gt c sed to set the port for failover communication default is 9200 set activen failover vmac disabled enabled sed to disable or enable the Virtual MAC default is disabled Available nly on the Ethernet 0 interface
328. immediately no write command is needed delete user lt user_name all gt delete user ssh authorized_keys Description Syntax Roles Mode s 90 m delete Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Removes the specified user s public SSH key from the DX delete user lt name gt ssh authorized_keys Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration display Commands display config Description Syntax Roles Mode s display file Description Syntax Roles Mode s display loginbanner Description Syntax Roles Mode s display users Description Syntax Chapter 2 Add Through Reset Config Commands Use the display commands to display the CLI commands required to create the current configuration or contents of a file Displays the CLI commands to re create the current working configuration display config Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Displays the contents of the specified file display file lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Displays the banner in its raw form Substitution strings are shown in their normal
329. in Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear sib group sticky timeout Description Resets the sticky timeout to the default value for one or all SLB groups This command takes effect immediately Enter a write command to retain the change after the next reboot Syntax clear slb group name all gt sticky timeout 72 m clear slo Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear slb group target host Description Removes the specified target host s from one or all groups This command does not take effect until after a write operation Syntax clear slb group lt name all gt target host lt ip port all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear slb group target host lt ip port all gt stats Description Clears the target host statistics This command does not take effect until after a write operation Syntax clear slb group name all gt target host lt ip port all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration clear sib stats Description Clears all sta
330. in Admin Operator Admin Operator User Operator X X X X X show server stats history ssl listen Description Shows all of the server SSL listen historical statistics or the statistics for the specified time frame Syntax show server stats history ssl listen day hour minute month second year Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 448 m show server stats Commands Chapter 4 Show Through Write Commands show server stats history ssl target Description Shows all of the server SSL target historical statistics or the statistics for the specified time frame Syntax show server stats history ssl target day hour month year Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats http Description Displays all HTTP statistics for the server Syntax show server stats http Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats io Description Displays all I O statistics for the server Syntax show server stats io Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats ssl
331. in Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl keyfile Description Specifies the SSL keyfile for redirector listen traffic This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl keyfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl keypass Description Specifies the SSL key pass phrase for redirector listen traffic This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl protocol Description Specifies the SSL protocol types for redirector listen traffic m sslv2 SSL Version 2 only m sslv23 SSL Version 2 SSL Version 3 TLS Version 1 m ssl3 SSL Version 3 only m evi TLS Version 1 only This command does not take effect until after a write operation set redirector Commands m 279 Command Line Reference Guide for DXOS Syntax set redirector lt name gt listen ssl protocol sslv2 sslv23 sslv3 tlsv1 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Con
332. in Operator User Operator X X X Mode s Global Configuration 430 m show redirector Commands show redirector listen ssl ciphersuite Description Shows the redirector listen SSL cipher suite Chapter 4 Show Through Write Commands Syntax show redirector lt name gt listen ssl ciphersuite Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl clientauth Description Shows the listen SSL clientauth settings Syntax show redirector lt name gt listen ssl clientauth Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen sel ephkeyfile Description Shows the redirector listen SSL ephemeral keyfile Syntax show redirector lt name gt listen ssl ephkeyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl keyfile Description Shows the redirector listen SSL keyfile Syntax show redirector lt name gt listen ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector Commands 8 431 Command Line Reference Guide for DXOS show redirector listen ss protocol Description Shows the red
333. in Operator User Operator X X X X X X Mode s Global Configuration show forwarder target status Description Shows the status of each target host in a forwarder Syntax show forwarder lt name gt target status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Global Configuration show fwlb Commands Use the show fwlb commands to view the Firewall Load Balancer configuration show fwlb group Description Displays selected or all configuration information for Firewall Load Balancer groups Firewalls associated with a specified group statistics for the specified group active sessions and their persistence status for the group balance policy used and health check configuration can all be presented together or individually Syntax show fwlb group lt name gt balance policy healthcheck session session timeout stats sticky sticky timeout target host Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Xx X X X X Mode s Global Configuration show fwlb Commands m 417 Command Line Reference Guide for DXOS show fwlb status Description Syntax Roles Mode s Shows the status of the Firewall Load Balancer show fwlb status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration show
334. in the modes None Standard Target and Target_en Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Configuration set cluster compression targetcompression mode Description Syntax Sets target compression modes This command does not take effect until after a write operation set cluster lt name gt compression targetcompression mode lt none standard target target_en gt m None No target compression default If this is set then the encoding configuration is not considered m Standard Target compression enabled Performs standard multiplexing processing Applicable for both standard and browser encoding configurations m Target Target compression enabled Any responses from target are not touched Encoded responses are not cached but un encoded responses are cached PTC is not run This is only applicable for encoding configurations of the browser m Target_en Target compression enabled Encoded responses from target are not touched Un encoded responses are compressed following the standard multiplexing logic for compression Encoded responses are not cached but un encoded responses are cached PTC is not run This is only applicable for encoding browser configurations 170 m setcluster compression Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator
335. ing show cluster health retry Description Shows the number of health check retries Syntax show cluster lt name gt health retry Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Health Checking 368 m show cluster health Commands Chapter 4 Show Through Write Commands show cluster httpmethod Description Shows which HTTP methods are enabled for the Forward Proxy Accelerator or whether a specific method is enabled Syntax show cluster lt name gt httpmethod connect extended webdav Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster listen Commands Use the show cluster lt name gt listen commands to view the settings for cluster listen traffic between the appliance and the client browser show cluster listen Description Shows the cluster listen configuration Syntax show cluster lt name gt listen Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster listen interface Description Shows the cluster listen interface Syntax show cluster lt name gt listen interface Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster httomet
336. ion gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Configuration set redirector Description Disables or enables the redirector This command does not take effect until after a write operation Syntax set redirector lt name gt lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector dsr Description Disables or enables the use of Direct Server Return DSR This command does not take effect until after a write operation Syntax set redirector lt name gt dsr lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 272 m set redirector Commands Chapter 3 Set Commands set redirector host Description Sets the redirector request host name or IP address This command does not take effect until after a write operation Syntax set redirector lt name gt host lt hostname ip address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen port Description Sets the redirector s listen port The default is port 80 This command does not take effect until after a write operation Syntax set redirector
337. iphersuite stong 275 set redirector listen ssl clientauth authtype eee eeeees 276 set redirector listen ssl clientauth cacertfile occ 276 set redirector listen ssl clientauth cacrlfile ereere 276 set redirector listen ssl clientauth catrustfile occ 277 set redirector listen ssl clientauth anah a r eia 277 Set redirector listadas 277 set redirector listen ssl autochaim cece a a 278 set redirector listen ssl epbkewvftle eee a 278 set redirector listen ssl epbkeunass ee a e at 278 set redirector listen ssl KE yl ccoo 279 Table of Contents m XIX Command Line Reference Guide for DXOS XX wg Table of Contents set tedirector listen ssl REYDASS cr traia 279 set redirector listen ssl Protocol secies eiye uias 279 setreditector SiO Vipi eden acess aleve Sea ellas 280 SEE LECIFECTOR EE eseou 280 SCL reditector Porieen ineei ena e e a n E Se 280 set redirector protocol NUP x a aggeedgefe dien a ie e e aniei 281 set redirector protocol Nttps 0 cece a ei 281 SEE PECIFECIOM TAL E 281 set redirector urlmethod CUSTOM 0 0 00 cece eeeee eter eeteettttteeeeeeess 281 set redirector urlmethod request coooocccccccccccccccccccnnnnnonononnnnnnnnnanininannnnns 282 SEE TOUTE detal EE Ne te 282 EE 282 set server Compression Commande ccc ceeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeenanes 283 set server compression 2k Daddimg cece eet etettteeeeeeeees 283 set Server COMPFeSSiON DFOWSET eee cece cece cece cece ee
338. iption Shows the SSL key file for the WebUI Syntax show admin webui ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui ssl keypass Description Shows the SSL key password for the WebUI Syntax show admin webui ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui Commands 341 Command Line Reference Guide for DXOS show admin webui ssl status Description Shows whether the WebUI administration server is using SSL Syntax show admin webui ssl status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui status Description Shows whether the WebUI administration server is down disabled or up enabled Syntax show admin webui status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show authentication Commands Use the show authentication commands to show the configuration and statistics for the authentication cache show authentication Description Shows all information regarding the authentication feature Syntax show authentication Roles Network Network Security Security Target Admi
339. irector listen SSL protocol Syntax show redirector lt name gt listen ssl protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen ssl status Description Shows the redirector listen SSL status Syntax show redirector lt name gt listen ssl status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show redirector listen vip Description Shows the redirector Virtual IP address Syntax show redirector lt name gt listen vip Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector port Description Shows the port where requests will be redirected Syntax show redirector lt name gt port 432 m show redirector Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector protocol Description Shows the protocol that will be used to redirect requests Syntax show redirector lt name gt protocol Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector sta
340. is command does not take effect until after a write operation set admin remoteauth ldap version lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set admin remoteauth protocol Description Syntax Roles Mode s Sets the authentication protocol to use for Administrator Remote Authentication This command does not take effect until after a write operation set admin remoteauth protocol lt ldap radius gt Network Network Security Security Admin Admin Operator Admin Operator X Target User Operator Global Configuration set admin remoteauth Commands m 127 Command Line Reference Guide for DXOS set admin remoteauth radius server lt 1 2 gt ip Description Sets the IP address for the RADIUS server 1 or RADIUS server 2 This command does not take effect until after a write operation Syntax set admin remoteauth radius server lt 1 2 gt ip lt ip address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set admin remoteauth radius server lt 1 2 gt port Description Sets the port for the RADIUS server 1 or RADIUS server 2 This command does not take effect until after a write operation Syntax set admin remoteauth radius server lt 1 2 gt port lt port gt Roles Network Network Security Security Target Admin Admin
341. istorical statistics for Decompression for a specific target host show cluster lt name gt target host lt ip port all gt stats history http target decompression performed failure seconds minutes Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Performance Monitoring show cluster target host lt ip port gt stats history io Description Syntax Roles Mode s Shows all the I O statistics for a cluster s target host or just the statistics for last 60 minutes or seconds show cluster lt name gt target host lt ip port gt stats history io minutes seconds Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Performance Monitoring show cluster target host lt ip port all gt stats history ssl Description Shows the SSL statistics for the target host including the number of m New Sessions m Reused Sessions m Sessions with Strong Encryption Sessions with Export Encryption m Sessions using Version SSLv2 m Sessions using Version SSLv3 show cluster target Commands m 391 Command Line Reference Guide for DXOS m Sessions using Version TLSv1 m Sessions using Version Other Syntax show cluster lt name gt target host lt ip port all gt stats history ssl Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mod
342. it must not conflict with a VIP used by a cluster forwarder redirector or the Web console This command does not take effect until after a write operation Syntax set gslb agent listen vip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer 244 m set gslb agent Commands Chapter 3 Set Commands set gslib localdns Commands Use the set gslb localdns commands to configure the internal DNS server for GSLB set gsib localdns domain a Description Syntax Roles Mode s Adds an address record for a host in the domain When the host parameter does not end in a period it is not fully qualified the name server appends the domain name to it when responding to queries There can be only one address record for a host in a domain however you can have multiple aliases This command does not take effect until after a write operation set gslb localdns domain lt domain gt a lt host gt lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib localdns domain cname Description Syntax Roles Mode s Adds an alias for a host i e add a canonical name record for alias in the domain The host must be one of the hosts for which an address record is already configured If either of the host or alias does not en
343. ity Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration tcpdump Commands The tcpdump command consists of information useful for troubleshooting You must configure the mechanism to deliver the dump and filename for storing the TCPDump if you are using TFTP or SCP before executing this command set admin tcpdump filename lt filename gt only needed for TFTP set admin tcpdump transport scp smtp tftp Prior to Release 2 3 the TCPDump collected by the DX was encoded in base64 Beginning with Release 2 3 the TCPDump collected is in a binary format To view the TCPDump online show tcpdump sync group m 469 Command Line Reference Guide for DXOS tcpdump Description Syntax Roles Mode s TCPDumps collected prior to Release 2 3 can be viewed offline by decoding it from the base64 format using a standard utility such as uudecode Once decoded it can then be viewed with a standard TCPDump utility with the r option TCcPDumps collected with Release 2 3 or later can be viewed directly with a standard TCPDump utility Running a new TCPDump will overwrite the prior dump collected To copy the TCPDump from the DX for analysis use the copy tcpdump command For additional information see copy tcpdump on page 81 Executes the tcpdump command and collects the dump information into a file tcpdump Network Network Security Security Target Admin Admin Operator Admin O
344. ity Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Use the quit command to end a CLI session same as the exit command quit Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Use the reboot command to reboot the DX reboot Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the reload command to back out your configuration changes before a write operation This command discards all changes since the last write reload Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration Chapter 2 Add Through Reset Config Commands reset config Description Use the reset config command to reset the DX to factory settings Connectivity will be lost if you are connected to the DX remotely You must set the appropriate network settings prior to the write operation if you want to have remote access after reset config and write operations You do not have to perform a write operation after the reset config command to have the changes take effect Instead a warning message will be displayed as follows dx reset config Executing this command will reset all configurations including network settings If you continue you will need to connect to the console s
345. ity Target Admin Admin Operator Admin Operator User Operator x Mode s Global Configuration set cluster compression msoffice Description Disables or enables compression for MS Office i e application msword application vnd ms excel application vnd ms powerpoint application vnd ms project and application vnd visio Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression msoffice lt disabled enabled global gt set cluster compression Commands m 167 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression octetstream Description Disables or enables compression for application octet stream Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression octetstream lt disabled enabled global gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression optimization Description Disables or enables compression for compression optimization No slide Use the global argument to return the compression value t
346. ji Africa Mogadishu merica Montreal Asia Kabul Etc GMT 2 Pacific Funafuti Africa Monrovia merica Montserrat Asia Kamchatka Etc GMT 3 Pacific Galapagos Africa Nairobi merica Nassau Asia Karachi Etc GMT 4 Pacific Gambier Africa Ndjamena merica New_ York Asia Kashgar Etc GMT 5 Pacific Guadalcanal Africa Niamey merica Nipigon Asia Katmandu Etc GMT 6 Pacific Guam Africa Nouakchott merica Nome Asia Krasnoyarsk Etc GMT 7 Pacific Honolulu Africa Ouagadougou merica Noronha Asia Kuala_Lumpur Etc GMT 8 Pacific Johnston Africa Porto Novo merica Panama Asia Kuching Etc GMT 9 Pacific Kiritimati Africa Sao_Tome merica Pangnirtung Asia Kuwait Etc GMTO Pacific Kosrae Africa Timbuktu merica Paramaribo Asia Macau Etc UCT Pacific Kwajalein Africa Tripoli merica Phoenix Asia Magadan Etc Greenwich Pacific Majuro Africa Tunis merica Port au Prince Asia Makassar Etc Universal Pacific Marquesas Africa Windhoek merica Port_of_Spain Asia Manila Etc Zulu Pacific Midway America Adak merica Porto_Velho Asia Muscat Europe Amsterdam Pacific Nauru America Anchorage merica Puerto_Rico Asia Nicosia Europe Andorra Pacific Niue America Anguilla merica Rainy_River Asia Novosibirsk Europe Athens Pacific Norfolk America Antigua merica Rankin_Inlet Asia Omsk Europe Belfast Pacific Noumea America Araguaina merica Recife Asia Oral Europe Belgrade Pacific Pago_Pago America Aruba merica Regina Asia Phnom_Penh Europe Berlin Pacific
347. k Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health retry Description Syntax Roles Mode s Number of consecutive failed health checks required 1 to 20 before the target server is marked as down The default is 2 This command does not take effect until after a write operation set cluster lt name gt health retry lt retry number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster httpmethod Commands Use the set cluster lt name gt httpmethod command to disable or enable the Forward Proxy Accelerator Set cluster httpmethod connect Description Syntax Roles Mode s Disables or enables support for the connect method This command does not take effect until after a write operation set cluster lt name gt httpmethod connect lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration 180 m set cluster httomethod Commands Chapter 3 Set Commands set cluster httpmethod extended Description Syntax Roles Mode s Disables or enables support for the extended methods i e delete and trace options This command does not take effect until after a write operation set cluster lt name gt httpmethod extended lt disabled enabled gt
348. k interval Syntax show cluster lt name gt health request interval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health request resume Description Shows the number of times the health check failed before the DX declares the target server down Syntax show cluster lt name gt health request resume Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X X X Mode s Health Checking show cluster health request returncode Description Shows the expected health check returncode Syntax show cluster lt name gt health request returncode Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Health Checking 366 mum show cluster health Commands Chapter 4 Show Through Write Commands show cluster health request size Description Shows the expected size of the health check response Syntax show cluster lt name gt health request size Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health request status Description Shows the status of health checking Syntax show cluster lt name gt health request status Roles Network Network Security Security Target Admin Admin Operator Admin Operator
349. l after a write operation delete floatingvip lt ip all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Deletes a specific forwarder or all forwarders This command does not take effect until after a write operation delete forwarder lt forwarder name all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration delete fwlb group Chapter 2 Add Through Reset Config Commands Description Deletes a specific firewall load balancing group This command does not take effect until after a write operation Syntax delete fwlb group lt name all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration delete gslib localdns domain Description Deletes a fully qualified domain name and all its records This command does not take effect until after a write operation Syntax delete gslb localdns domain lt domain gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer delete gslib remotenode Description Deletes one or all remote node definitions on a GSLB master This command does not take effect until after a write operation Syntax delete gslb group lt name gt remotenode lt name all gt Roles Network Network Sec
350. lability Proximity based load balancing Metric based load balancing using the lowest RTT measured between each DX and the client s LDNS Use the following procedure to configure GSLB for metric based load balancing 1 Configure the GSLB agent on each remote DX that acts as a GSLB node 2 On the DX acting as the GSLB master do the following a Configure the GSLB agent 242 m set gslb agent Commands set gelb agent Description Syntax Roles Mode s Chapter 3 Set Commands b Optionally configure the internal DNS server c Define each of the remote GSLB nodes d Configure a GSLB resolver e Add a GSLB group to the resolver for each hostname to be load balanced Each group specifies m The DX IP addresses associated with each GSLB node and the GSLB master m The load balancing policy for the hostname and metric load balancing parameters if any Enables or disables the agent to respond to metrics requests from the GSLB master disabled by default This command does not take effect until after a write operation set gslb agent lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib agent encryption Description Syntax Roles Mode s Enables or disables the encryption of GSLB messages disabled by default This command does not take effect until after a write o
351. lator Header RTH statistics for the specified cluster Syntax show cluster lt name gt apprule rth M all M represents the rule number Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster apprule status Description Shows the AppRule status for a particular cluster disabled or enabled Syntax show cluster lt name gt apprule status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Mode s Application Rules show cluster balance Description Shows all the balancing policy settings for the cluster or just the balancing policy or the length of the URL that will be hashed to determine load balancing Syntax show cluster lt name gt balance policy urlhash 356 pg show cluster balance Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show cluster cache Commands show cluster cache Description Syntax Roles Mode s Use the show cluster lt name gt cache commands to view the caches associated with a cluster and the cache statistics Shows the caches associated with a cluster show cluster lt name gt cache Network Network Security Security Target Admin Admin Operator Admin Operator Us
352. lines This allows administrators to fully describe a cluster s usage contact information warnings or any other information deemed necessary Typographical Conventions This following typographical conventions are used for the command syntax Convention Meaning Example lt gt Used to enclose variables for which a specific To add a named cache value must be substituted add cache lt name gt Used to enclose command options To add a forwarder the name can be omitted a name will be assigned automatically add forwarder lt name gt Used to separate options where only one can To clear one or all caches be specified clear cache name all gt 6 m Naming Conventions Optional Features Chapter 1 Using the Command Line Interface CLI Some DX features are optional such as OverDrive 3G Caching and Global Server Load Balancing GSLB They are enabled through the use of a license key If you wish to enable any optional features contact your Juniper Sales Representative For more information about licensing see the Installation and Administration Guide for DXOS CLI Command Summary Table 2 provides a summary of the available CLI commands Table 2 CLI Command Summary Command Description add activen blade on page 15 Add an ActiveN blade add activen group on page 15 Add an ActiveN group add cache on page 16 Add a named cache add c
353. listen or server target traffic for a specific cluster forwarder redirector or SLB group default is zero This setting overrides the Per Hop Behavior PHB settings This command does not take effect until after a write operation Syntax set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp raw lt 0 63 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set qos mark outgoing tos ip precedence Description Sets the ToS IP precedence value 0 7 for client listen or server target traffic for a specific cluster forwarder redirector or SLB group default is zero This command does not take effect until after a write operation Syntax set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing tos ip precedence lt 0 7 gt 270 m set qos Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set qos mark outgoing tos dtrc Description Sets the ToS DTRC value Delay Throughput Reliability Cost for client listen or server target traffic for a specific cluster forwarder redirector or SLB group The default is normal 0000 indicating that DTRC is not used This command does not take effect un
354. ll and delta synchronization on this Forwarder show forwarder lt name gt sticky failover status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Unified Failover show forwarder sticky method Description Syntax Roles Mode s Shows the sticky method configuration show forwarder lt name gt sticky method Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show forwarder target Description Syntax Roles Mode s Displays the local IP address SSL configuration and QoS setting used for all target hosts in a forwarder as well as the status weight and maximum connections for each target host show forwarder lt name gt target Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration show forwarder target host Description Syntax Shows the status maximum connections and weight for one or all target hosts in a forwarder You can also view just the status maximum connections or weight show forwarder lt name gt target host lt ip port gt all maxconnections status weight show forwarder Commands m 415 Command Line Reference Guide for DXOS Roles Mode s show forwarder target host stats Description Syntax Roles Mode s Netw
355. luster on page 16 Add a new cluster add ether subnet on page 17 Add a subnet to an interface add failover peer on page 17 Add a static peer for Unified Failover add floatingvip on page 18 Add a floating virtual IP address VIP add forwarder on page 18 Add a new forwarder add fwlb group on page 18 Add a firewall load balancer group add gslb localdns domain on page 19 Add a domain to the local DNS server add gslb remotenode on page 19 Add a remote DX node to the GSLB master add gslb resolver on page 19 Add a resolver to the GSLB master add gslb resolver group on page 20 Add a group to a resolver on the GSLB master add gslb resolver group member on page 20 Add a member to a GSLB group add health script on page 21 Add a health script add redirector on page 21 Add a redirector add route on page 21 Add a static route add slb group on page 22 Add a Server Load Balancing SLB group add snat group on page 22 Add a Source Network Address Translation SNAT group add sync group on page 23 Add a synchronization group and group members add user on page 23 Add a user name arp on page 24 Show the ARP table capture Commands on page 24 Capture displayed information and save in a file
356. m ee eeees 445 show server stats history http target Dvtesout eee eeeees 445 show server stats history http target Content 446 show server stats history http target decompression cee 446 show server stats history http target responsecode ees 446 SHOW Server Slats NIStOLY Oia a eades via EL 447 show server stats history i0 lesten 447 show server Stats history iO target cece nn e a 447 Show Server stats Mistory ssl cria tido de 448 show server stats history ssl leten corn rrccccnns 448 show server stats history Ssl target oooonnnnnnnnnncccnncccccccccccnonannnn nano A 449 show server stats OP dido std 449 SHOW Server stats lO idas 449 le EE 449 le VE 450 Glen an te ET 450 SHOW SD EE 450 lee ee 451 lee Bee 451 SHOW SID OTOU TEE 451 show slb Croup advanced EE 451 show slb group Healthcheck zeien guid e cities 452 show slb group healthcheck emp 452 show slb group Meter OS mos lero rito E enee 452 SHOW eelere 452 Ree Ee e EE 453 lee Ee die 453 Ree Egal eet 453 SNOW SID Ee eege 454 Show slb Groupsprotocol teta ii 454 Table of Contents Nee Ee e 454 SNOW SID S ee 454 show slb group SESSION CHMEOUE taion tionn a a aaea 455 SNOW SID rOup stats TEE 455 Nee Ee ee AT 455 show slb 8roup sticky TE 456 show slb group sticky failover stage 456 show slb group target host lt ip pOrt gt 0 cece cece eeeeeteettteeeees 456 show slb group target host lt ip port all gt session ooo 457 show sl
357. m HTTP to HTTPS or from HTTPS to HTTP A special header to annotate the log showing the session that is being logged in an easily identifiable way This is custom HTTP header that will be added with the client s origin IP to the client s request Also known as the Gateway this is the IP address of the machine the Accelerator talks with in order to access the outside world Reduces the outgoing traffic channeled through a load balancer by allowing web servers to send their HTTP responses directly back to the requesting client without passing back through the load balancer Enable this option on the Accelerator if the target web servers are configured to use DSR Also known as the Domain Suffix this will be used to resolve unqualified host names The IP address of the primary name server for the Accelerator This is the machine the Accelerator queries to resolve host names into IP addresses This is the primary ethernet port of the Accelerator and the interface through which web traffic travels Also known as the heartbeat port Ethernet 1 is used to communicate with a second Accelerator configured as a cold standby fail over unit A set of web clusters typically with each cluster serving a different purpose This specifies whether or not the Accelerator should act as a cold standby fail over unit for another Accelerator on the network NOTE both the active and the stand by DX units should have this option enabled and
358. m Weighted Round Robin The servers are chosen semi sequentially A server is chosen based on its weight The larger the weight the higher the probability of the server being chosen set forwarder balance policy Description Syntax Roles Mode s This command is used to set the load balancing policy for a cluster default is roundrobin For additional information see the Notes for command set forwarder Commands on page 220 This command does not take effect until after a write operation set forwarder lt name gt balance policy lt roundrobin weightedroundrobin gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder description Description Syntax Roles Mode s set forwarder dsr Description Syntax Adds a description to the forwarder lt name gt This command does not take effect until after a write operation set forwarder lt name gt description lt description gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Disables or enables Direct Server Return DSR for the named forwarder This command does not take effect until after a write operation set forwarder lt name gt dsr lt disabled enabled gt set forwarder Commands m 221 Command Line Reference Guide for DXOS Roles Network Network Security Se
359. m the Audit Apprule Health and System logs clear ntp server on page 65 Clear one or all NTP servers clear redirector Commands on page 65 Clear redirector options or the certificate files passwords and keyfiles associated with a redirector s SSL traffic clear server Commands on page 69 Clear server compression statistics a custom IP log header or reverse path entries clear slb Commands on page 71 Clear Server Load Balancer SLB settings and statistics clear snat group member on page 74 Clear one or all members from a Source Network Address Translation SNAT group clear sync group Commands on page 74 Clear a synchronization group s description or override file name clear user role on page 75 Clear one or more roles from one or all users clear vlan Commands on page 76 Clear virtual LAN settings cls on page 78 Clear the screen configure on page 78 Run the initial configuration prompts copy Commands on page 78 8 m CU Command Summary Copy configurations files and captured TCPDump information Chapter 1 Using the Command Line Interface CLI Command Description delete Commands on page 81 Delete clusters forwarders redirectors routes configurations files login banners server load balancers firewall load balanc
360. mands on page 263 Configure scriptable health checking set hostname on page 267 Set the host name of the DX device set ntp Commands on page 267 Enable or disable NTP support and identify up to three NTP servers set password on page 268 Allows users to change their own password set qos Commands on page 268 Configure QoS ToS DSCP settings for client and server traffic set redirector Commands on page 271 Configure redirection properties set route default on page 282 Set the default route set server on page 282 Enable or disable the DX server set server compression Commands on Configure DX server compression page 283 set server customiplogheader on page 289 Specify the custom header name added to client requests set server forwardclientcert headername on Specify the custom HTTP header used for SSL client certificate forwarding page 290 set server maxconns on page 290 Specify the maximum number of simultaneous server connections set server reversepath Commands on page 291 Configure DX server reverse path feature set slb Commands on page 292 Configure the Server Load Balancing SLB properties set snat Commands on page 302 Configure a Source Network Address Translation SNAT group or to add members to a group set sync group Commands on page 305 Specify a group of DX devices for configuration synchronization set timezone on page 307
361. me gt health request timeout show forwarder health retry Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Health Checking Shows the number of health check retries show forwarder lt name gt health retry Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Health Checking show forwarder listen Description Syntax Roles Mode s Displays the entire listen configuration for the forwarder or just the specified setting show forwarder lt name gt listen interface port qos ssl certfile cipherfile cipherlist ciphersuite clientauth ephkeyfile keyfile protocol status vip Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration show forwarder Commands m 413 Command Line Reference Guide for DXOS show forwarder stats Description Syntax Roles Mode s Displays all statistics for one or all forwarders or just the I O or SSL statistics show forwarder lt name all gt stats io ssl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration show forwarder sticky Description Syntax Roles Mode s Shows the entire sticky configuration for the forwarder
362. meout caracas 179 set cluster health request Urlpath esst a Bieta ns 179 set cluster health request useragent ccc eee eeeeeeeeettttteeeeeeees 179 SEL CIUSTER Health retry vi er Seel edel 180 set cluster httpmethod Commande 180 Set cluster AttpmethOd GIE ease eene do de ee de 180 set cluster httpmethod extended 0 cece teeetetttteeeeeeeeeeeees 181 set cluster httpmethod webdav ieina t NRR 181 set Cl ster listen COMMAN Setas 181 Set cl ster lister porteren e a a eai ee 181 AR IE AAA 182 Gelueft es 182 set Clusterlisten ssl autocad ebe tent tate dos 182 set Clusterilisten ssl certeros 183 set cluster listen ssl cipherfile 0 0 cocoa 183 set cluster listen ssl ciphersuite al 183 set cluster listen ssl ciphersuite Common 184 Table of Contents set cluster listen ssl ciphersuite evport cece eeeeteetteteeeeeeeeeeeeees 184 set cluster listen ssl ciphersuite file 184 set cluster listen ssl ciphersuite Strong 0 cece cece eeeeteettteeeeeeees 185 set cluster listen Ssliclientauthy enri aina geg deiere Ee 185 set cluster listen ssl clientauth authtype wo eee eeeeeeteeeeees 185 set cluster listen ssl clientauth cacertfile 0 ee eeeeeeeeees 186 set cluster listen ssl clientauth cacrlfile cece eeeeettttteeeees 186 set cluster listen ssl clientauth catrustfile eee eeeeeeeeeees 187 set cluster listen ssl clientauth forwardclientcert ees 187 set cluster listen ssl clientauth forward
363. min Operator User Operator Xx x X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats history Description Use the show cluster lt name gt target host lt ip port all gt stats history command to display the history statistics for a specific target host or for all target hosts Syntax show cluster lt name gt target host lt ip port all gt stats history Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster target host lt ip port all gt stats history http Description Shows all of the HTTP statistics for a cluster s target host Syntax show cluster lt name gt target host lt ip port all gt stats history http Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster target Commands m 389 Command Line Reference Guide for DXOS show cluster target host lt ip port all gt stats history http bytesin Description Shows the number of bytes from the target host sorted by content type as shown in Table 14 Syntax show cluster lt name gt target host lt ip port all gt stats history http bytesin Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Performance Monitoring show cluster target host
364. ministrator Can execute commands for SSL features only security_operator Can view the SSL configuration and statistics but cannot change the configuration related to those features user Can view all status information and statistics except SSL related information and cannot make any configuration changes or service state changes to the DX target_operator Same capabilities as a user but can also pause or unpause a target host within a cluster or SLB group Access to the DX is controlled by a unique user name and password Note the following m User names and passwords are case sensitive m User names must be 4 to 16 characters passwords must be 5 to 128 characters m The word all is a reserved word and cannot be a user name m Users can change their own password using the set password command m Pressing the password reset button at the back of the DX clears the password for the default admin account m An ALERT event is sent if a user fails to log in on three consecutive attempts Passwords and user information are not exported by the export configuration command To export user information use the export user command refer to export users on page 95 Managing User Access m 5 Command Line Reference Guide for DXOS Naming Conventions You can name a cluster redirector or forwarder at creation or after it is created You can also rename an existing cluster redirector or forwarder
365. mmand to display the login name of the current user whoami Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Use the write command to save the configuration Use reload to revert back to the previous configuration and discard any changes that you have made since the last write command write Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Appendix A Glossary Table 19 Glossary Term Certfile Cipher Ciphersuite Cluster Convert302protocol Customiplogheader Custom Header Default Route Direct Server Return DSR DNS Domain DNS Nameserver Ethernet 0 ether0 Ethernet 1 ether1 Farm Fail over Forwarder Hostname Keyfile Keypass Layer 7 Health Checking Description Certification file for SSL traffic Cryptographic algorithm for a server and client to authenticate each other transmit certificates and establish session keys A set of ciphers A cluster is a set of web servers to be accelerated It listens for incoming web traffic on a specific virtual IP address and port distributes it over the target hosts web servers in the cluster and then accelerates the outgoing web traffic Typically all the web servers in a particular cluster serve identical content that is each cluster usually represents a distinct website or property Converts the 302 responses fro
366. mote location is equivalent to exporting a configuration This can also be performed by entering the command export config for additional information see export Commands on page 92 78 m cis copy config Description Syntax Chapter 2 Add Through Reset Config Commands m Displaying the CLI commands needed to re create the configurations can be performed by entering the command display config for additional information see display config on page 91 m To reset all configurations back to factory defaults enter the command reset config for additional information see reset config on page 107 WARNING Executing this command resets the network configuration If you are logged in using Secure Socket Shell SSH or WebUI you will lose contact with the DX m To display the contents of a file enter the command display file for additional information see display file on page 91 m To capture an SSL key or certificate onto a file on the DX enter the command capture file for additional information see add user on page 23 m In order to use SCP you must first configure the environment using the commands set admin scp username lt user gt and set admin scp server lt servername gt Use copy config command to Copy configurations from the DX to a remote location or from a remote location to the DX via TFTP or SCP m Display the CLI commands needed to re create the co
367. n Syntax 214 m set ether Commands Sets media parameters Supported media options are 10baseT UTP 10baseT UTP full duplex m 100baseTX m 100baseTX full duplex m 1000baseTX DX 36xx models only m 1000baseTX full duplex DX 36xx models only m autoselect This command does not take effect until after a write operation set ether lt n gt media media description or gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the interface Maximum Transmission Unit MTU This command does not take effect until after a write operation set ether lt n gt mtu lt mtu gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the netmask This command does not take effect until after a write operation set ether lt n gt netmask lt ip mask gt Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration set failover Commands set failover Description Syntax Use the set failover commands to configure Unified Failover Unified Failover lets you specify a single failover configuration that applies to each of the following services m ActiveN m Forward Proxy Accelerator also called the DX server m Server Load Balancing SLB
368. n Admin Operator Admin Operator User Operator X X X X X Mode s HTTP s Authentication show authentication cache Description Shows information regarding the authentication cache Syntax show authentication cache 342 m show authentication Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s HTTP s Authentication show authentication cache stats Description Shows the statistics for the authentication cache Syntax show authentication cache stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP s Authentication show boot Description Shows the boot partition information Syntax show boot Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cache Commands Use the show cache lt name gt command to show the configuration for a named cache If no name is specified all caches are displayed show cache Shows the configuration for one or all caches Syntax show cache lt name gt show boot m 343 Command Line Reference Guide for DXOS Roles Mode s show cache stats Description Syntax Roles Mode s show cache stats Description Syntax Roles Mode s show capacity Description
369. n and authorization parameters for a cluster For additional information about HTTP S authentication see the Installation and Administration Guide for DXOS The protocol must be set LDAP and RADIUS before the 1dap and radius options can be set set cluster aaa authentication Description Syntax Roles Mode s Enables or disables authentication This command does not take effect until after a write operation set cluster lt name gt aaa authentication lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication cache Description Syntax This command disables or enables authentication caching This command does not take effect until after a write operation set cluster lt name gt aaa authentication cache lt disabled enabled gt set cluster aaa authentication Commands m 149 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication cache maxage Description Syntax Roles Mode s Sets the maximum number of minutes to store an authentication cache entry default is 60 This command does not take effect until after a write operation set cluster lt name gt aaa authentication cache maxage lt minutes gt
370. n group for configuration synchronization For each command lt memberid gt is either the lt hostname port gt or an lt ip port gt Starting with software release 4 1 15 the set sync group command is disabled on the DX 3670 set sync group description Description Adds a description for a synchronization group This command does not take effect until after a write operation Syntax set sync group lt name gt description lt description gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x Mode s Global Configuration set sync group member password Description Prompts you to enter the password for a synchronization group member This command does not take effect until after a write operation Syntax set sync group lt name gt member lt memberid gt password Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx Mode s Global Configuration set sync group member port Description Sets the port for a synchronization group member This command does not take effect until after a write operation Syntax set sync group lt name gt member lt memberid gt port Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx set sync group Commands mM 305 Command Line Reference Guide for DXOS set sync group member username Description Syntax Roles Mode s S
371. nZAyE Rb1p6dmJ BNZY tOMaXAgMBAAGj geswgegwHQY MnFJOsgvF3B4HuaX9fBBDk9xMIG4BgNVHSMEgbAwga2AFCCeMn 9FfBBDk9xo0YGRpIGOMIGLMQswCQYDVQQGEwJ YWDESMBAGA1U MRIWEAYDVQQHEw1 ERULPIE9OTFkKxEjAQBgNVBAoTCURFTU8gT CxMJREVNTyBPTkxZMRIWEAYDVQQDEw1 ERULPIE9OTFkxGDAW CURFTU8gTO5MWY IBADAMBgNVHRMEBTADAQH MAOGCSqGSIb L8dbydfkNbydH3wHcF5uUuLG5 rajGzput7GrQEjKUmKEB bI VIRbPQ WOFOiR7MsY64y5cbpMoGrfZ2qNgNKF i 6WL 1mT h4 1tKi CMnhTRP hivbsYqwBdOFwrkqAUapuUDwctaAxV2pwJos4710 dx list file democert demokey my_key capture Commands m 25 Command Line Reference Guide for DXOS capture license Description Captures the license key for the DX The source can be the console Telnet or SSH This command does not take effect until after a write operation Syntax capture license Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration Example capture license Installs the license key for the appliance by capturing the license key text The key text can be typed in or pasted from the console telnet or SSH capture loginbanner Description Captures a custom login banner The maximum size that can be captured is 2000 characters including newline characters This command does not take effect until after a write operation Syntax capture loginbanner Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Confi
372. nabled set gslb resolver lt name gt group lt name gt servicecheck disabled enabled set gslb resolver Commands m 261 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group servicecheck mode Description Syntax Roles Mode s Sets the service check mode to either ICMP ping or TCP connect default is ICMP In some cases an IP address may respond to a ping even though the actual service a client is trying to connect to may be down In this situation it may be beneficial to switch to using TCP for service checking because you can specify the ports you want checked for availability set gslb resolver lt name gt group lt name gt servicecheck mode lt icmp tcp gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsIb resolver listen port Description Syntax Roles Mode s Sets the resolver s port number up to 65535 The default port is 53 the standard DNS port This command does not take effect until after a write operation set gslb resolver lt name gt listen port lt n gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gsIb resolver listen vip
373. name gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set forwarder sticky clientip leader Description Specifies whether a client IP is bound to follows the same target host as another cluster forwarder or SLB group the default is none This creates a sticky group so that client applications with multiple protocol flows such as TCP and UDP can be load balanced to the same target host The sticky method must be clientip see set forwarder sticky method on page 232 This command does not take effect until after a write operation Syntax set forwarder lt name gt sticky clientip leader lt none lt lt cluster forwarder slb group gt lt name gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder sticky clientip timeout Description Sets the maximum number of minutes 1 to 43200 between consecutive client requests that are bound to the same target host default is 120 This command does not take effect until after a write operation Syntax set forwarder lt name gt sticky clientip timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder sticky failover Description Enables or disables s
374. name gt stats history http listen req err Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http listen request Description Shows the number of active client requests Syntax show cluster lt name gt stats history http listen request show cluster stats Commands 8 381 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster stats history http listen version Description Syntax Roles Mode s Shows the client browser version as shown in Table 13 show cluster lt name gt stats history http listen version Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster stats history http target Description Syntax Roles Mode s Shows the HTTP target statistics for the named cluster show cluster lt name gt stats history http target Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Performance Monitoring show cluster stats history http target bytesin Description Syntax Roles Mode s Shows the target bytes from servers sorted by content type as shown in Table 14 show cluster lt
375. navailable or fail the health checks Note the following Ifa group has no members configured the resolver forwards requests to the upstream authoritative DNS server and returns the response to the client m Ifall member IPs fail the health checks and there is no failure IP set for the group the resolver responds to queries with an answer containing no A records This command does not take effect until after a write operation Syntax set gslb resolver lt name gt group lt name gt failip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Server Load Balancer set gslb resolver Commands m 253 Command Line Reference Guide for DXOS set gsib resolver group Iba policy Description Syntax Roles Mode s Sets the load balancing policy for a GSLB group The default is roundrobin The following table describes the available load balancing policies Policy Description fixed IPs are returned in a fixed order no load balancing forward Requests are forwarded to the target DNS no load balancing metric Performance metrics collected from each GSLB node are used to determine which IPs to return random IPs are returned in a random order roundrobin IPs in the group are returned in a sequential fashion with each request getting the next IP in the group Pings are sent to each IP in the group one per second If the
376. ne Reference Guide for DXOS Roles Mode s show log system Description Syntax Roles Mode s show loginbanner Description Syntax Roles Mode s show ntp Description Syntax Roles Mode s 426 m show loginbanner Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Application Rules Shows the System log show log system Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Application Rules Use the show loginbanner command to the display the current login banner with the appropriate substitutions This banner must be previously set using the command capture loginbanner on page 26 show loginbanner Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Shows all Network Time Protocol NTP settings the IP address or host name of one or all servers or just the NTP status up or down show ntp server 1 3 status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show ntpq Description Syntax Roles Mode s Chapter 4 Show Through Write Commands Shows the results of an NTP server query Uses a mode 6 control message format show ntpq Network Network Security Security Target Admin
377. nfiguration on the terminal screen m Reset the configuration to factory defaults copy config tftp tftp_server filename scp Lusername scp_server filename memory active terminal factory local filename tftp tftp_server filename scp username scp_server filename memory active terminal factory local filename copy Commands m 79 Command Line Reference Guide for DXOS The format of lt src gt and lt dst gt is m Remote location tftp tftp_server filename or scp usernameQ scp_server filename Local location m memory Configuration currently stored in memory m active Configurations currently on Flash m terminal The CLI terminal screen m factory The factory default configuration m local filename Creates a named configuration stored locally Either lt src gt or lt dst gt must be in the memory Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration copy file Description Use copy file command to m Display the contents of the file on the terminal screen m Capture a SSL key or certificate as a file onto the DX The format of lt src gt and lt dst gt is Local filename m Remote filename tftp tftp_server filename or scp usernameQ scp_server filename m Terminal the CLI terminal The following are invalid copy file operations m Remote file to the terminal m Remote file
378. ng Chapter 4 Show Through Write Commands show cluster health connect Description Shows the Layer 4 health check settings Syntax show cluster lt name gt health connect Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health connect interval Description Shows the Layer 4 connection check interval Syntax show cluster lt name gt health connect interval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health connect ssl Description Shows whether SSL health checking is enabled or disabled Syntax show cluster lt name gt health connect ssl status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health connect timeout Description Shows the Layer 4 timeout value the maximum time in seconds that the DX will wait to complete a connection check Syntax show cluster lt name gt health request timeout show cluster health Commands mM 365 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Health Checking show cluster health request interval Description Shows the Layer 7 health chec
379. not take effect until after a write operation Syntax add gslb resolver lt name gt add Commands m 19 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer add gslib resolver group Description Adds a GSLB group to a resolver If you omit the group name a name is generated automatically The group name can be changed with a set command This command does not take effect until after a write operation Syntax add gslb resolver lt name gt group lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer add gslb resolver group member Description Adds a member to a GSLB group Each member represents a DX node to be load balanced If you omit the member name a name is generated automatically The maximum number of members per group is determined by the DX License This command does not take effect until after a write operation Syntax add gslb resolver lt name gt group lt name gt member lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer add gslib resolver group servicecheck tcp port Description Determines the ports included in the TCP service check Port range is from 1 to 65535
380. not take effect until after a write operation Syntax set cluster lt name gt weblog batch scp connecttest set cluster weblog Commands m 209 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch scp directory Description Syntax Roles Mode s Sets the remote scp target directory This command does not take effect until after a write operation set cluster lt name gt weblog batch scp directory lt directory gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch scp keyfile Description Syntax Roles Mode s Sets the non password protected private key The private key must then be captured using the capture command For additional information see capture Commands on page 24 This command does not take effect until after a write operation set cluster lt name gt weblog batch scp keyfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch scp username Description Syntax 210 m set cluster weblog Commands Sets the remote scp username This command does not take effect until after a w
381. ns m Sessions with Strong Encryption Sessions with Export Encryption m Sessions using Version SSLv2 m Sessions using Version SSLv3 m Sessions using Version TLSv1 Sessions using Version Other Syntax show cluster lt name gt stats history ssl Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history status Description Shows the status of the historical statistics feature disabled or enabled Syntax show cluster lt name gt stats history status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats http Description Displays the HTTP statistics for one or all clusters Syntax show cluster lt name all gt stats http Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X show cluster stats Commands mM 385 Command Line Reference Guide for DXOS show cluster stats io Description Syntax Roles Displays the I O HTTP and SSL statistics for one or all clusters show cluster lt name all gt stats io show cluster stats ssl Description Syntax Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Displays the SSL statistics for one or all cluste
382. ntax Roles Mode s show admin ssh Description Syntax Roles Mode s Shows the status of the SOAP server show admin soap status Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X xX Configuration Synchronization Shows whether Secure Shell SSH access to the DX is enabled show admin ssh status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show admin stats history status Description Syntax Roles Mode s Shows whether collection of historical statistics for forwarders clusters and target hosts services is enabled It also shows the number of services enabled and the maximum number allowed show admin stats history status Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show admin syslog Description Syntax Shows the Syslog facility and the IP address and port number of the two Syslog servers 1 and 2 You can also view just the Syslog facility or the IP address and port of one server show admin syslog facility host 1 2 show admin ssh m 335 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global
383. ntil after a write operation Syntax delete config lt saved_config gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X x Mode s Global Configuration delete ether subnet Description Deletes an existing subnet from an interface This command does not take effect until after a write operation Syntax delete ether lt id gt subnet lt ip gt lt netmask gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration delete failover peer Description Deletes one or all remote static peers defined for Unified Failover This command does not take effect until after a write operation Syntax delete failover peer lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X x X Mode s Unified Failover delete Commands m 83 Command Line Reference Guide for DXOS delete file Description Syntax Roles Mode s delete floatingvip Description Syntax Roles Mode s delete forwarder Description Syntax Roles Mode s 84 m delete Commands Deletes the specified file This command takes effect immediately delete file lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Deletes a floating VIP This command does not take effect unti
384. o a syslog server Syntax show admin log method system syslog level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration 324 m show admin log Commands Chapter 4 Show Through Write Commands show admin log status Description Shows whether logging is enabled or disabled on the DX Syntax show admin log status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin remoteauth Commands Use the show admin remoteauth commands to show the configuration for Administrator Remote Authentication show admin remoteauth Description Shows all configuration settings for Administrator Remote Authentication Syntax show admin remoteauth Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration show admin remoteauth idap Description Shows all the LDAP settings or just the specified setting Syntax show admin remoteauth ldap base dn bind server 1 2 uid version Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration show admin remoteauth protocol Description Shows the authentication protocol used for Administrator Remote Authentication Syntax show admin remoteauth protocol
385. o its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression optimization lt disabled enabled global gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set cluster compression pdf Description Disables or enables compression for application pdf Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation Syntax set cluster lt name gt compression octetstream lt disabled enabled global gt 168 m set cluster compression Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression policy Description Syntax Roles Mode s Disables or enables server compression O Enable default 1 Disable global Return the compression value to its global setting This command does not take effect until after a write operation set cluster lt name gt compression policy lt 0 1 global gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression sharepoint Description Syntax Roles Mode s Disables or enables compre
386. ode Commands Chapter 3 Set Commands set gslib resolver Commands set gslb resolver Description Syntax Roles Mode s Use the set gslb resolver commands to configure the resolver on the GSLB master The resolver works as a DNS proxy filter and can be configured to point to an external standalone DNS server or to the internal DNS server Multiple resolvers can be created each listening on its own virtual IP Enables or disables a GLSB resolver disabled by default This command does not take effect until after a write operation set gslb resolver lt name gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group dns answermode Description Syntax Roles Mode s Specifies whether one or multiple IP addresses are returned with each DNS request If set to multiple the order of the IPs depends on the load balancing policy If the load balancing policy is roundrobin or weightedroundrobin the order is a snapshot of the current roundrobin ordering If random is selected the order is random If forward is selected this parameter is ignored and the response is determined by the target DNS If metric is selected the order is determined by each member s metric score If the GSLB sticky option is enabled you must specify answermode as single see set gslb resolver group lb
387. ode s Global Configuration show admin snmp trap host 1 2 version Description Displays the SNMP version configured for each trap host Syntax show admin snmp trap host 1 2 version Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin snmp trap threshold Description Displays the percentage of the maximum number of client side connections that generates a connection threshold trap and the percentage of login failures that triggers an authentication failure trap You can also view just one threshold Syntax show admin snmp trap threshold connection loginfail 332 m show admin snmp Commands Roles Mode s Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show admin soap Commands show admin soap Description Syntax Roles Mode s Use the show admin soap command to show the configuration of the Simple Object Access Protocol SOAP server The SOAP server is used with configuration synchronization Shows all of the configuration parameters for the SOAP server show admin soap show admin soap port Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Configuration Synchronization
388. oes not take effect until after a write operation set failover stateful lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover set failover stateful syncinterval Description Syntax Roles Mode s Specifies the interval at which state information on the standby DX is synchronized with that on the master DX Valid values range from one second to 3600 seconds The default value is one second This command does not take effect until after a write operation set failover stateful syncinterval lt interval gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Unified Failover set failover Commands m 219 Command Line Reference Guide for DXOS set failover vmac ether Description Syntax Roles Mode s Enables or disables the use of a VMAC address on one or all interfaces enabled by default N is the interface number such as 0 or 1 This command does not take effect until after a write operation set failover vmac ether lt N all gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Unified Failover set failover vmac ether id Description Syntax Roles Mode s Sets a VMAC ID 1 to 254 for one or all interfaces that determines the VMAC address default is
389. oes not take effect until after a write operation set slb group lt name all gt session timeout lt ackwait active closewait gt lt seconds gt m ackwait Three way TCP handshake has not completed default is 6 seconds m active Active sessions default is 90 seconds m closewait Sessions terminated by the client default is 12 seconds Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration Enables stickiness of a particular client to a server within a group disabled by default Stickiness results in the client always being connected to the same server if reconnected before timeout This command does not take effect until after a write operation set slb group lt name gt sticky lt disabled enabled gt set slb Commands m 297 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set slb group sticky failover Description Enables or disables sticky failover for the specified SLB group When Unified Failover is also enabled the standby DX takes on communications with the SLB group This command does not take effect until after a write operation Syntax set slb group lt name gt sticky failover lt disabled enabled gt Roles Network Network Security Security Target
390. of the Web Logs to the configured Syslog server This command does not take effect until after a write operation Syntax set cluster lt name gt weblog batch copy copynow set cluster weblog Commands m 207 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch copy interval Description Syntax Roles Mode s Sets a periodic interval for the Web Logs to be sent to the configured Syslog server This command does not take effect until after a write operation set cluster lt name gt weblog batch copy interval lt minutes gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch copy size Description Syntax Roles Mode s Sets the size of the compressed file to copy the size of the two data buffers The range is 1 to 50 MByte default is 10 MBytes This command does not take effect until after a write operation set cluster lt name gt weblog batch copy size lt val gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Historical Rates and Statistics set cluster weblog batch copy time Description Syntax 208 m set cluster weblog Commands Sets the times for the Web
391. omain Note that for reverse lookups to work properly a reverse IN ADDR ARPA domain must be created that has subdomains for each network based on network number that are listed in reverse For example to do a reverse lookup for 192 168 0 32 add domain 0 168 192 in addr arpa and add a pointer record to it add gslb localdns domain 0 168 192 in addr arpa set gslb localdns domain 0 168 192 in addr arpa ptr 192 168 0 32 www foo com Now LDNSs can look up the host name for 192 168 0 32 This command does not take effect until after a write operation set gslb localdns domain lt domain gt ptr lt ip gt lt host gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gslib localdns domain sequence autoincrement Description Syntax Roles Mode s Enable or disable the incrementation of the sequence number each time the domain is changed enabled by default This command does not take effect until after a write operation set gslb localdns domain lt domain gt sequence autoincrement lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Server Load Balancer set gslib localdns domain sequence number Description Syntax Sets the sequence number for the domain default is 1 This command does not take effect until after a write opera
392. ommand is used to set the realm name that is displayed in the login pop up dialog box This command does not take effect until after a write operation set cluster lt name gt aaa authentication realm lt string gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication redirect Description Syntax Roles Mode s This command disables or enables redirect on a password change flag set You need to specify a custom page to redirect users to when a password change flag is received This command does not take effect until after a write operation set cluster lt name gt aaa authentication redirect lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication redirect host Description Syntax Roles Mode s This command is used to set the remote host from where this URL will be retrieved By default the file is local and the host is the IP address of the cluster This command does not take effect until after a write operation set cluster lt name gt aaa authentication redirect host lt ip address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication 158 m set cluster aaa authentication Commands
393. on set cluster target ssl autochain Description Syntax Roles Mode s Enables or disables SSL autochaining for cluster target connections When enabled this command also sets the root certificate settings This command does not take effect until after a write operation set cluster lt name gt target ssl autochain lt disabled enabled rootcert gt set cluster target ssl certfile Description Syntax Roles Mode s 198 m set cluster target Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Specifies the SSL certfile for cluster target connection This command does not take effect until after a write operation set cluster lt name gt target ssl certfile lt file gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set cluster target ssl cipherfile Description Specifies the name of the user defined file containing a list of cipher suites that conform to the OpenSSL standard This command does not take effect until after a write operation Syntax set cluster lt name gt target ssl cipherfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration set cluster target ssl ciphersuite all Description Allows all supporte
394. on Clears the statistics for a cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster sticky clientip entry Clears one or all entries associating client IP addresses with target hosts for the Description specified cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt sticky clientip entry lt ip all gt m 49 clear cluster sacompat advanced url Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target Commands Use these commands to clear cluster target parameters clear cluster target host Description Clears one or all target hosts for a cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt target host lt ip port all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear cluster target localip Description Removes the local IP setting for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt target localip
395. onally available in the United States This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ciphersuite strong Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl clientauth Description Disables or enables SSL Client Certificate Authentication This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl clientauth lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl clientauth authtype Description Disables or enables client authentication for cluster lt name gt The default is local and provides local authorization If none is specified local and remote authentications are disabled The option none may be used in situations where a client certificate needs to be forwarded to the target host This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl clientauth authtype local none gt set cluster listen Commands m 185 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster listen ssl clientauth
396. onfig Commands clear cluster weblog syslog host Description Syntax Roles Mode s clear dns server Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Statistics Clears the Web Log host for a specific cluster This command does not take effect until after a write operation clear cluster lt name gt weblog syslog host Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Statistics Clears one or all DNS servers This command does not take effect until after a write operation clear dns server 1 3 all Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear failover stats Description Syntax Clears the general and advanced Unified Failover statistics including the supported services and the amount of time spent in each mode master standby discovery and idle This command does not take effect until after a write operation clear failover stats advanced clear dns server m 53 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Unified Failover clear forwarder Commands Use these commands to clear the description statistics SSL settings or target hosts for a for
397. onvert302 enabled Disables the convert302protocol This command does not take effect until after a write operation set cluster lt name gt convert302protocol lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration 172 m set cluster convert302protocol Chapter 3 Set Commands GET cgi bin location cgi HTTP 1 1 Host 10 0 123 102 User Agent fetch libfetch 2 0 Connection close Process Request Insert Via header to request Change Connection header to Keep Alive GET cgi bin location cgi HTTP 1 1 Host 10 0 123 102 User Agent fetch libfetch 2 0 Connection Keep Alive Via 1 1 tx120 HTTP 1 1 302 Found Date Mon 10 Jan 2005 20 10 22 GMT Server Apache 2 0 47 Unix Content Length 283 Keep Alive timeout 15 Connection Keep Alive Content Type text html charset iso 8859 1 Location http 192 168 40 168 Convert Location header http to https Since communication with origin server is clear the Location header has its protocol as http instead of https HTTP 1 1 302 Found Date Mon 10 Jan 2005 20 10 22 GMT Server Apache 2 0 47 Unix Content Length 283 Connection close Content Type text html charset iso 8859 1 Via 1 1 tx120 Location https 192 168 40 168 The Location header http has now be
398. or Valid values are HTTP and HTTPS Table 19 Glossary Redirector URL Method RMMP Route Default Server SSL SSL Protocol Version SSL Ciphersuite SSL Certfile SSL Keyfile SSL Keypass Sticky Sticky Load Balancing Target Host Port Target Name The manner by which the redirector specifies the path portion of the redirect URL If the request method is selected then the redirector will construct the redirect URL using the same URL path as the original request If the custom method is selected then the redirector will construct the redirect URL using a custom URL path You must specify a custom URL path if the custom method is selected and the custom URL path must begin with a slash For instance if the request method is selected and the redirector receives a request for a page at path page html then the redirect URL will look something like http my redirect host path page html However if the custom method is selected and the custom URL path is set to custom script cgi a b then the redirect URL will look something like http my redirect host custom script cgi a b for any request received by the redirector Redundancy Multicast Messaging Protocol This messaging protocol enables health checking between appliances Also known as the Gateway This is the IP address of the machine the Accelerator talks with in order to access the outside world Accelerator service Secure Sockets Laye
399. or X X X X X Global Configuration show server stats history io listen Description Syntax Roles Mode s Shows all of the server I O listen historical statistics or the statistics for the specified time frame show server stats history io listen day hour minute month second year Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show server stats history io target Description Syntax Shows the server side I O cluster statistics or the statistics for the specified time frame The statistics include m Bytes in requests from clients Bytes out response to clients current active server connections show server stats history io target day hour month year show server stats Commands m 447 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history ssl Description Shows the SSL statistics for the cluster including the number of m New Sessions m Reused Sessions m Sessions with Strong Encryption Sessions with Export Encryption m Sessions using Version SSLv2 m Sessions using Version SSLv3 m Sessions using Version TLSv1 m Sessions using Version Other Syntax show server stats history ssl Roles Network Network Security Security Target Adm
400. or information such as country state department etc for the certificate For additional information see the Setting up the DX for SSL Traffic chapter of the Installation and Administration Guide for DXOS This command does not take effect until after a write operation Generates a self signed CA Root Certificate This command does not take effect until after a write operation gen cac Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Generates an SSL Certificate Signing Request Input to the command is a 1024 bit RSA private key file and the output is a CSR file key_file and csr_file are optional parameters and will be prompted on the command line if not provided This command does not take effect until after a write operation gen csr key file csr file Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration gen key Description Syntax Roles Mode s gen ssc Description Syntax Roles Mode s halt Description Syntax Roles Mode s Chapter 2 Add Through Reset Config Commands Generates a 1024 bit RSA SSL private key This command does not take effect until after a write operation gen key lt key file gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Config
401. or one or all groups default is 120 This overrides the SLB global timeout This command does not take effect until after a write operation Syntax set slb group lt name all gt sticky timeout lt minutes gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Server Load Balancer Configuration set sib group target host Description Sets a new target host with a real IP address If load balancing by priority is enabled refer to set slb group priority on page 296 and all the target hosts are available load balancing is applied only to the target hosts with the highest priority highest priority is 1 the default If some target hosts are unavailable lower priority hosts are used to meet the specified minimum number of target hosts set slb group minhosts on page 294 This command does not take effect until after a write operation Syntax set slb group lt name gt target host lt ip port gt priority lt 1 10 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer Configuration set sib group target host lt hardpaused softpaused unpaused gt Description Pauses or unpauses traffic for a target host default is unpaused A hard pause terminates all existing traffic while a soft pause does not affect existing traffic Syntax This comman
402. ork Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows the I O statistics for one or all target hosts in a forwarder show forwarder lt name gt target host lt ip port all gt stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show forwarder target localip Description Syntax Roles Mode s Shows the local IP address used for communication with all target hosts in this forwarder show forwarder lt name gt target localip show forwarder target qos Description Syntax Roles Mode s 416 m show forwarder Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X Global Configuration Shows the ToS DSCP settings for traffic sent to the target hosts show forwarder lt name gt target qos Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Chapter 4 Show Through Write Commands show forwarder target ssl Description Shows the SSL configuration for all target hosts in a forwarder or a specific SSL setting Syntax show forwarder lt name gt target ssl certfile cipherfile cipherlist ciphersuite keyfile protocol status timeout Roles Network Network Security Security Target Admin Admin Operator Adm
403. ork Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set qos mark outgoing dscp phb class Description Syntax Sets the PHB Class Selector 0 7 for client listen or server target traffic for a specific cluster forwarder redirector or SLB group default is zero This setting overrides the other PHB settings This command does not take effect until after a write operation set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp phb class lt 0 7 gt set qos Commands m 269 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set qos mark outgoing dscp phb class Description Sets PHB Expedited Forwarding for client listen or server target traffic for a specific cluster forwarder redirector or SLB group This setting overrides the other PHB settings This command does not take effect until after a write operation Syntax set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing dscp phb expedited Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set qos mark outgoing dscp raw Description Sets a raw DSCP value 0 63 for client
404. orwarder GSE see ere Ee edel 411 show forwarder bealh nono nncccnncncononnn nn nn nn rcnccn ns 412 show forwarder health connect 412 show forwarder health connect Ipnterval ccc eeee eee eeeteeteteeeeees 412 show forwarder health connect Omeout cece eeeeeeteeeeeees 413 show forwarder health rem 413 Show forwarder list n nesinori uaia ir ioiai mdna hia 413 show lee 414 show forwarder sticky 414 show forwarder Sticky Clio E A E Ei 414 show forwarder sticky failover status 415 show forwarder sticky method 415 Nee 415 Show forwarder target Jet en tee peta ea ENGEN 415 show forwarder target host Stats 00 0 eeeeeeeeeenenttttteeeeeeees 416 show torwarder target local nuit a iaa ati 416 SNOW lorWwarder target OS a ic ENEE 416 Show forwarder EE 417 Show TOrwarder target SSES eege 417 Show fwb Commands yess ee eee ets tip ana IAE EN 417 SHOW EWID STOU as kes A A A T 417 SNOW WID status id 418 show Sslb Cerpen An eege een leede das 418 SHOW SID ET 418 leen 418 SHOW SID Ate ET 418 show gslb localdas dra bie 419 SHOW SSID FEMOLEN ODE ci eo luce as 419 SHOW SSID EE 419 show gslb resolver group servicecheck ccc eeeeeeeeeeetentteeeeeees 420 show gslb resolver group servicecheck mode 0 0 0 0 eeeeeetteeeeeeees 420 show gslb resolver group servicecheck stane 420 show gslb resolver group servicecheck tcp port 420 show SID resolVer Stats EE 421 show gslb resolver group Stats eect cece eeeeeeeeneenetteeee
405. orwarder target ssl Keylile ocacion ot 237 s et forwarder target Seege leste 237 set forwarder target Ss protocol imei ide de EN 237 Set forwarder target timeouts ius ll 238 Set TWD Commands e Dei deele ded EE 238 SEU DA eher edil al 238 set Dal group Dalane POli y n enen ee aa Ee 238 set fwlb group healthcheck cuca 239 Set Al group listen usa btt la 239 set fwlb group SESSION Umeout 0oooccccncccccccoooonnnnnnncnnnnnnnononann conc cnn ncccnccnns 240 Set TWID Bron p Stic tits bits 240 set DW group t rget OS yecto eege Ee 241 set fwlb group target host type occ eee eeeeeeeeetentettrteeeeees 241 Table of Contents m XVII Command Line Reference Guide for DXOS s t gsp agent COMMAMAS riders italia ire 242 A teen deht e e e eaaa gege ef 243 SEU CSID agent entry LION reed ara Gd Ae LA staht 243 setrgslb agent encr plo REV deeg lt ells rte 244 set gslb agentlsten POPES reido id 244 SE CSIP agent STEM ViDa terna Mei deet et engt ee 244 setyesib localdis COMMANAS errada ltd 245 Set gslbsloGaldnns dOimal i EE 245 set gslb localdns domain CNAME 20 0 eee eee eeeee ee eettttttteeeeees 245 set gslb localdns domain Contact 245 set gslb localdns doMain ms 246 set gslb localdns domain ns 246 set gslb localdns domain pr 247 set gslb localdns domain sequence autoincreMent eee ees 247 set gslb localdns domain sequence number 247 set gslb localdns domaine 248 set gslb remotenode Commandes 248 set gslb remotenod
406. ory history Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X xX X X X Global Configuration Use the import commands to import configurations and user accounts to the DX via TFTP or SCP The import config and import license commands require a write operation in order to have the changes take effect In addition export config operations do not export user accounts Use export users to export user accounts The format of lt src gt is tftp tftp_server filename or scp usernameQ scp_server filename Double quotes must be used if the filename has spaces For example tftp tftp_server dx config It is important to note that the SSL keys and certificates are not exported during an export config operation When importing a configuration you must either make sure that the required SSL keys and certificates are already installed on the DX or install them before use Chapter 2 Add Through Reset Config Commands import config Description Imports a configuration to the DX from a remote location via TFTP or SCP This command does not take effect until after a write operation Syntax import config lt src gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration import health certfile Description Imports a certificate file for scriptable health checking to the DX from a rem
407. ot take effect until after a write operation set gslb resolver lt name gt group lt name gt metric rtt timeout lt milliseconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group metric sessions Description Syntax Roles Mode s Specifies the maximum number of SLB sessions allowed on a GLSB node and the relative weight 0 to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the number of SLB sessions exceeds the specified value the IP addresses associated with the node are taken out of rotation This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric sessions lt max lt N gt weight lt N gt gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gslb resolver group metric smoothing Description Syntax 260 m setgslb resolver Commands Specifies the extent to which the collected statistics are smoothed out to alleviate the effects of sudden spikes in the data This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric smoothing lt low medium high gt Roles Mode s Chapter 3 Set Commands
408. otcert gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl certfile Description Specifies the SSL certfile for cluster listen connections This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl certfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl cipherfile Description Specifies the name of the user defined file containing a list of cipher suites that conform to the OpenSSL standard This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl cipherfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl ciphersuite all Description Allows all supported SSL cipher suites for cluster listen traffic This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ciphersuite all set cluster listen Commands m 183 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configura
409. ote location via TFTP or SCP This is required for LDAP over TLS health check This command does not take effect until after a write operation Syntax import health certfile lt src gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Health Checking import health script Description Imports a license to the DX from a remote location via the TFTP or SCP This command does not take effect until after a write operation Syntax import health script lt src gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Health Checking import Commands m 99 Command Line Reference Guide for DXOS import license Description Syntax Roles Mode s import ruleset Description Syntax Roles Mode s Imports a license to the DX from a remote location via TFTP or SCP This command does not take effect until after a write operation import license lt src gt Network Operator Network Admin Admin Security Admin Security Operator Target User Operator X Global Configuration Imports an AppRule ruleset onto the DX from a remote location via the TFTP or SCP The import ruleset command takes effect immediately and does not require a write operation The ruleset is checked for correct syntax and then saved on the device import ruleset lt src
410. otect Description Syntax 110 m setactiven Commands ActiveN operates in DSR mode and cannot track if the three way TCP handshake completed successfully To protect itself from an attack the ActiveN purges a connection if the client does not send the final ACK for the handshake The synflood_protect option is used to enable protection against syn flood attacks default is enabled This command does not take effect until after a write operation set activen advanced synflood_protect lt disabled enabled gt Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen blade lt hardpaused softpaused unpaused gt Description Syntax Roles Mode s Halts or resumes client traffic to one or all DX blades A hard pause terminates all existing traffic while a soft pause does not affect existing traffic This command takes place immediately no write command is needed set activen blade lt ip all gt lt hardpaused softpaused unpaused gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration set activen cleaning_interval Description Syntax Roles Mode s set activen failover The ActiveN switch uses a timer to purge expired sessions The cleaning_interval option is used to set the interval bet
411. oups The output is different depending on whether the command is run on the master or passive ActiveN failover device The group name VIP Port Sticky status enabled disabled and Blade index and real IP address are shown in both cases When this command is executed on the master device the output also displays the following additional information the total number of blades the number of active blades and the status up down whether the device is local yes no and the MAC address for each blade Syntax show activen group lt name all gt Roles Network Operator Network Admin Security Admin Admin Security Operator Target User Operator X X X X Mode s ActiveN Configuration show activen group sticky entries Description Shows the clients currently associated with the specified ActiveN group Syntax show activen group lt name gt sticky entries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s United Failover show activen Commands m 317 Command Line Reference Guide for DXOS show activen group sticky failover status Description Shows the status of stateful failover for a the specified ActiveN group including whether stateful failover is enabled or disabled the address of the primary standby DX and the start and end times for the most recent full and delta synchronization on this ActiveN group Syn
412. out value for the group show sync group lt name gt timeout Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration show system debug Description Syntax 464 m show system debug Shows debugging information show system debug Roles Mode s show system info Description Syntax Roles Mode s show tcpdump Description Syntax Roles Mode s show timezone Description Syntax Chapter 4 Show Through Write Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the DX hardware model and current software version show system info Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the TCP dump information for the specified TCP dump file If the file is encrypted use the s option The user can then be prompted for an optional keyfile password The tcpdump command must be executed first see tcpdump Commands on page 469 show tcpdump lt tcpdumpfile gt s keyfile Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration Shows the time zone on the DX or a list of all time zones To set the time zone see set timezone on page 307 show timezone list show sy
413. ow admin upgrade filename Chapter 4 Show Through Write Commands show admin upgrade transport Description Syntax Roles Mode s show admin vip Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Shows the transport method used to install the new firmware show admin upgrade transport Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Use the show admin vip command to show the Virtual IP Address VIP of the DX show admin vip Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show admin vip m 339 Command Line Reference Guide for DXOS show admin webui Commands Use the show admin webui commands to show the settings for the Web User Interface WebUND show admin webui Description Shows the WebUI configuration Syntax show admin webui Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin webui port Description Shows the WebUI administration server listen port It is possible to configure WebUI administrator to listen on an IP 10 0 20 0 for example and use port 8090 At the same time a cluster of target hosts may be
414. ows the Group ID for the cluster Syntax show cluster lt name gt aaa authentication ldap gid Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication 348 m show cluster aaa authentication Commands Chapter 4 Show Through Write Commands show cluster aaa authentication Idap server Description This command shows the IP address and port of the named LDAP server server 1 or server 2 that will be used for the cluster Syntax show cluster lt name gt aaa authentication ldap server lt 1 2 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap server type Description This command shows the server type used for aaa authentication password management Syntax show cluster lt name gt aaa authentication ldap server type Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication Idap ssl Description Shows the LDAP SSL status cacertfile and URI for the specified cluster Syntax show cluster lt name gt aaa authentication ldap ssl cacertfile status uri Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP
415. path Description Displays the current configuration of the Reversepath Routing feature Syntax show server reversepath Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show server reversepath entries Description Displays the current entries that are created in the system Syntax show server reversepath entries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show server maxconns mM 441 Command Line Reference Guide for DXOS show server reversepath maxroutes Description Displays the maximum number of routes that are allowed Syntax show server reversepath maxroutes Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show server reversepath timeout Description Displays the current timeout value Syntax show server reversepath timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show server stats Commands Use the show server stats commands to view server statistics show server stats Description Displays all server statistics including I O HTTP and SSL statistics for the server Typing a number n here repeatedly displays all server statistics
416. peration set gslb agent encryption lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb agent Commands m 243 Command Line Reference Guide for DXOS set gslb agent encryption key Description Specifies a key used to encrypt GSLB messages sent via UDP Repeat this command to specify multiple keys For example if there are two GSLB masters using this remote node each master can use a different key You are prompted to enter the key twice This command cannot be exported This command does not take effect until after a write operation Syntax set gslb agent encryption key Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gslb agent listen port Description Specifies the port number used to listen for GSLB requests default is 3587 This command does not take effect until after a write operation Syntax set gslb agent listen port lt number gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gsib agent listen vip Description Specifies the IP address used to listen for GSLB requests It can be a real IP a floating VIP the administration VIP or its own independent VIP If set to an independent VIP
417. peration set gslb resolver lt name gt group lt name gt lba sticky lt disabled enabled gt Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb resolver group Iba sticky max Description Syntax Roles Mode s Specifies the concurrent maximum number of sticky entries the DX can save If the limit is reached the older entry is removed This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt lba sticky max lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsib resolver group Iba sticky netmask Description Syntax Roles Mode s Specifies a netmask so that consecutive requests from different local DNSs within the netmask are given the same IP address if the requests occur within the specified timeout The default is 255 255 255 255 each local DNS is treated individually This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt lba sticky netmask lt netmask gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gsIb resolver group Iba sticky timeout Description Syn
418. perator X X Global Configuration set hostname m 267 Command Line Reference Guide for DXOS set ntp server Description Syntax Roles Mode s set password Description Syntax Roles Mode s Specifies the hostname or IP address for up to three NTP servers This command does not take effect until after a write operation set ntp server lt 1 3 gt lt hostname ip address gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the set password command to set the logged in user s password Individual users are only allowed to change their own password The Administrator is allowed to change any user s password using the set user lt name gt command For additional information see set user Commands on page 310 You are prompted for the old password before you are allowed to set the new password No asterisks will be displayed This command takes effect immediately Enter a write command to retain the change after the next reboot set password Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration set qos Commands 268 m set password Use the set qos commands to set the Differentiated Services Code Point Type of Service DSCP ToS values on traffic sent to the client listen traffic and traffic sent to the target servers You
419. perator User Operator X X Global Configuration tcpdump i ether lt N gt Description Syntax Roles Mode s traceroute Description Syntax Roles Mode s 470 m traceroute Collects HTTP traffic passing between the DX and a target host on one or more interfacesusing the optional filtering criteria The print option displays the file on screen rather than sending it to a file tcpdump i etherN print filter Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Shows the route of packets sent to a specific host name or IP address traceroute lt hostname ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration tsdump Description Syntax Roles unconfigure Description Syntax Roles Chapter 4 Show Through Write Commands Use the tsdump command to send the technical service dump to a SCP or TFTP server or to the email address configuration Technical Service dumps consist of information useful for remote troubleshooting You must configure the mechanism to deliver the dump and filename for storing the technical service dump if you are using TFTP before executing this command set admin tsdump filename lt filename gt only needed for TFTP set admin tsdump transport scp smtp tftp tsdump Network Network Sec
420. port gt Description Adds a target host to cluster all can be specified instead of ip and or port This command does not take effect until after a write operation Syntax set cluster lt name gt target host lt all lt ip port gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s Global Configuration set cluster target host lt ip port gt lt disabled enabled gt Description Disables or enables the cluster target host This command does not take effect until after a write operation Syntax set cluster lt name gt target host lt all lt ip port gt lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration set cluster target host lt all ip port gt lt hardpaused softpaused unpaused gt Description Pauses or unpauses traffic to one or all target hosts default is unpaused A hard pause terminates all existing traffic while a soft pause does not affect existing traffic Syntax This command takes place immediately no write command is needed set cluster lt name gt target host lt all lt ip port gt lt hardpaused softpaused unpaused gt 196 m set cluster target Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X
421. pplicable fees due shall result in automatic termination of the license granted herein Upon such termination Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customer s possession or control 10 Taxes All license fees for the Software are exclusive of taxes withholdings duties or levies collectively Taxes Customer shall be responsible for paying Taxes arising from the purchase of the license or importation or use of the Software 11 Export Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign agency or authority and not to export or re export the Software or any direct product thereof in violation of any such restrictions laws or regulations or without all necessary approvals Customer shall be liable for any such violations The version of the Software supplied to you may contain encryption or other capabilities restricting your ability to export the Software without an export license 12 Commercial Computer Software The Software is commercial computer software and is provided with restricted rights Use duplication or disclosure by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227 7201 through 227 7202 4 FAR 12 212 FAR 27 405 b 2 FAR 52 227 19 or FAR 52 227 14 ALT III as applicab o 13 Miscellaneous This Agreement
422. priority disabled by default To set the target host priorities refer to set slb group target host on page 299 This command does not take effect until after a write operation set slb group lt name gt priority lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set sib group protocol Description Syntax Roles Mode s 296 m set sib Commands Sets the protocol for the switch group default is TCP This command does not take effect until after a write operation set slb group lt name gt protocol lt tcp udp gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration Chapter 3 Set Commands set sib group service Description Syntax Roles Mode s Specifies the service type for the group the default is default This command does not take effect until after a write operation set slb group lt name gt service lt default none ftp tftp gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set sib group session timeout Description Syntax Roles Mode s set slb group sticky Description Syntax Overrides the global session purge timeouts for one or all SLB groups This command d
423. ption of each of the following roles refer to Managing User Access on page 5 administrator network _administrator m network_operator security_administrator security_operator m target_operator m user This command has no effect on the default admin account or the administrative user who is making the changes set user Commands m 311 Command Line Reference Guide for DXOS Syntax Roles Mode s This command takes effect immediately Changes are automatically retained after the next reboot set user lt username gt role lt rolel role2 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x Global Configuration set vian Commands set vian default Description Syntax Roles Mode s set vian ip Description Syntax 312 m set vian Commands Use the set vlan command to set the virtual LAN parameters A tag added with a specific IP address takes precedence over a range For example if you add set vlan range 192 168 10 100 192 168 10 200 10 set vlan ip 192 168 10 34 456 The tag for 192 168 10 34 is 456 not 10 If a conflict occurs between the tag for the source IP and destination IP the tag for the destination IP takes precedence Sets the default VLAN This command does not take effect until after a write operation set vlan default lt tag gt Network Network Security Security Target Admin Admin Oper
424. quested on a target host with each health check The URL path must begin with a slash The number of times a health check must fail before the target host is considered unavailable The valid range of values is 1 20 5 he number of times a health check must succeed before the target host is considered available The valid range of values is 1 20 he HTTP response status code expected from a target host in response to a health check For ypical use the status code should be set to 200 a The page size expected from a target host in response to a health check This is the number of bytes in the body of the HTTP response as it would be indicated in an HTTP Content Length header This is an optional setting to disable this setting use the value 1 A string expected to appear somewhere in the HTTP response given to a health check The expect string is searched for in the non header portion of the HTTP response It is case sensitive and must be enclosed in double quotes if there is whitespace in the string The maximum length of the string is 64 bytes This setting only applies to health check responses with the following MIME types text html text css text plain and text xml This is an optional setting The port on which the Accelerator listens for incoming web traffic it is typically set to 80 See Virtual IP Address See Virtual IP Netmask The IP address of the server to which the Accelerator will be sending loggin
425. r SSL is a protocol that defines a way for two network devices to communicate securely You can enable SSL on the listen side to communicate with clients securely You can enable SSL on the target side to communicate with the target hosts securely There are three versions of SSL protocol SSL version 1 SSLv1 SSL version 2 SSLv2 and Transport Layer Security version 1 TLSv1 There are four SSL protocol modes in which the Accelerator can operate Em sslv2 Use SSLv2 only Em sslv3 Use SSLv3 only E sslv23 Use SSLv2 SSLv3 and TLSv1 m tslv1 Use TLSv1 only A collection of cryptographic algorithms used by two network devices to authenticate one another transmit certificates and establish session keys There are four categories of cipher suites used by the DX m all Allow all supported SSL cipher suites m common Allow only the fastest cipher suites from both the strong and export groups E export Allow only the low security cipher suites suitable for export E strong Allow only the highest security cipher suites suitable for use in the U S A The certificate file used when establishing SSL communication The key file used when establishing SSL communication The password for the SSL Keyfile Ties a client to a server via the cookie or the client s IP address A method of load balancing that binds a client to a server via a cookie or the client s IP address It ensures that all subsequent requests made by a client a
426. r X X Global Configuration set forwarder listen ssl ciphersuite file Description Syntax Roles Mode s Allows a user defined list of SSL cipher suites to be used to configure an SSL forwarder This command does not take effect until after a write operation set forwarder lt name gt listen ssl ciphersuite file Network Network Security Security Admin Admin Operator Admin Operator User X X Target Operator Global Configuration set forwarder listen ssl ciphersuite strong Description Syntax Roles Mode s Allows only the highest security cipher suites that have only been traditionally available in the United States This command does not take effect until after a write operation set forwarder lt name gt listen ssl ciphersuite strong Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl clientauth Description Syntax Disables or enables SSL client authentication for the listen traffic This command does not take effect until after a write operation set forwarder lt name gt listen ssl clientauth lt disabled enabled gt set forwarder Commands m 225 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl cli
427. r lt name gt aaa authentication redirect url Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication response text Description Clears the response string added to HTTP401 responses This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication response text 42 m clear cluster aaa authentication Commands Roles Mode s Chapter 2 Add Through Reset Config Commands clear cluster aaa authentication sso domain Description Syntax Roles Mode s clear cluster apprule ruleset Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X AAA Authentication Clears the Single Sign On SSO domain for the cluster This command does not take effect until after a write operation clear cluster lt name gt aaa authentication sso domain Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X AAA Authentication Clears the Application Rules filename setting for a cluster This command does not take effect until after a write operation clear cluster lt name gt apprule ruleset Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Overdrive Application Rules clear cluster apprule
428. r log audit Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the Scriptable Health Check Script log This command does not take effect until after a write operation clear log health script Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking clear log system Description Syntax Roles Mode s clear ntp server Description Syntax Roles Mode s Chapter 2 Add Through Reset Config Commands Clears the System log This command does not take effect until after a write operation clear log system Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clear a specific NTP server or all NTP servers This command does not take effect until after a write operation clear ntp server lt 1 3 all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear redirector Commands Use these commands to clear redirector options or the certificate files passwords and keyfiles associated with a redirector s SSL traffic clear redirector customURL Description Syntax Roles Mode s Clears the URL for redirecting This command does not take effect until after a write operation clear redirector lt name gt customURL
429. r own public key Syntax show user name ssh authorized_keys Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show user ssh authorized_keys raw Description Shows the specified user s public SSH key Unlike the show user ssh authorized_keys command this command does not insert newlines when showing the key Admin level users can execute this command to view the public key for any other user but non admin users can only execute this command to view their own public key Syntax show user name ssh authorized_keys raw Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show version Description Shows the version of the firmware in the active partition of the DX Syntax show version Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X show version m 467 Command Line Reference Guide for DXOS show vlan Commands show vlan Description Syntax Roles Mode s show vlan default Description Syntax Roles Mode s show vlan ip Description Syntax Roles Mode s 468 m show vlan Commands Use the show vlan commands to show virtual LAN settings Shows all VLAN parameters show vlan Network Network Security Security Target
430. r sticky Commands on page 193 Specify bindings between clients and target severs set cluster target Commands on page 196 Specify target host settings for a cluster set cluster target tune on page 202 Tune target host application settings for a cluster set cluster transparency on page 205 Enable or disable IP transparency set cluster weblog Commands on page 205 Configure the cluster Web log settings set dns Commands on page 212 Set the DNS domain name and DNS servers set ether Commands on page 213 Set the Ethernet IP address media MTU and netmask set failover Commands on page 215 Configure Unified Failover set forwarder Commands on page 220 10 m CLI Command Summary Configure forwarding of non HTTP TCP traffic Chapter 1 Using the Command Line Interface CLI Command Description set fwlb Commands on page 238 Configure firewall load balancing set gslb agent Commands on page 242 Configure the agent for Global Server Load Balancing GSLB set gslb localdns Commands on page 245 Configure the internal DNS server on the GSLB master set gslb remotenode Commands on page 248 Identify each remote node on the GSLB master set gslb resolver Commands on page 251 Configure a resolver on the GSLB master set health Com
431. ration Syntax clear forwarder lt name gt listen ssl clientauth lt cacertfile cacrifile catrustfile gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Xx Mode s Global Configuration clear forwarder listen ssl ephkeyfile Description Clears the listen side SSL ephemeral key for the forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt listen ssl ephkeyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder listen ssl ephkeypass Description Clears the listen side SSL ephemeral key password pass phrase for the forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt listen ssl ephkeypass clear forwarder Commands Mm 55 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder listen ssl keyfile Description Clears the listen side SSL keyfile for the forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt listen ssl keyfile Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear fo
432. ration Specifies the SSL key pass phrase for cluster target connections This command does not take effect until after a write operation set cluster lt name gt target ssl keypass Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X Global Configuration set cluster target Commands m 201 Command Line Reference Guide for DXOS set cluster target ssl protocol Description Syntax Roles Mode s Specifies the SSL protocol type for cluster target traffic m sslv2 SSL Version 2 only m sslv23 SSL Version 2 SSL Version 3 TLS Version 1 m ssilv3 SSL Version 3 only m evi TLS Version 1 only This command does not take effect until after a write operation set cluster lt name gt target ssl protocol sslv2 sslv23 sslv3 tlsv1 Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster target ssl timeout Description Syntax Roles Mode s Timeout in number of minutes default is 1440 minutes This command does not take effect until after a write operation set cluster lt name gt target ssl timeout lt minutes gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster target tune Description 202 m set cluster target tune Use the set cluster lt name gt target tune command to star
433. rator X X Global Configuration Chapter 3 Set Commands set admin syslog host lt 1 2 gt port Description Sets the destination port for the first or second Syslog server default is 514 This command does not take effect until after a write operation Syntax set admin syslog host lt 1 2 gt port lt port gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin tcpdump Commands Description Use the set admin tcpdump command to set options relating to TCPDump Before running the tcpdump command an email address TFTP server or SCP server must be specified For additional information see tsdump on page 471 If you are using SCP you need to set the SCP username using the command set admin scp username lt name gt before entering this command For additional information see set admin scp Commands on page 130 set admin tcpdump capturesize Description The size from 10 MB to 75 MB of the admin filesystem for TCPDump files The default is 10 MB This command does not take effect until after a write operation Syntax set admin tcpdump capturesize Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin tcpdump mailto1 lt first gt Description The first email address where the TCPDump should be sent This
434. rator X X X X X Mode s Global Configuration netstat a Description Shows active connections Syntax netstat a 104 m netstat Commands Roles Mode s netstat s Description Syntax Roles Mode s netstat r Description Syntax Roles Mode s ping Description Syntax Chapter 2 Add Through Reset Config Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration Shows network statistics netstat s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration Shows Routing Tables netstat r Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Global Configuration Use the ping command to ping another network node The following option may be entered after the ping command lt IP Address gt lt DNS name gt This command is typically used in troubleshooting and during installation Common tasks are to ping the target host or the default gateway to verify that the configuration used at the time of installation was correct ping ping m 105 Command Line Reference Guide for DXOS Roles Mode s Description Syntax Roles Mode s reboot Description Syntax Roles Mode s Description Syntax Roles Mode s 106 m quit Network Network Security Secur
435. rator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http listen Description Shows the HTTP listen statistics for a cluster Syntax show cluster lt name gt stats history http listen Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring 380 m show cluster stats Commands Chapter 4 Show Through Write Commands show cluster stats history http listen browser Description Shows all statistics by the type of browser or the statistics for the specified time frame The browsers monitored are shown in Table 10 Syntax show cluster lt name gt stats history http listen browser day hour minute month second year Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http listen method Description Shows the request method The methods that are monitored are shown in Table 11 Syntax show cluster lt name gt stats history http listen method Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster stats history http listen req err Description Shows the illegal requests The illegal requests are shown in Table 12 Syntax show cluster lt
436. rator User Operator X X Global Configuration clear admin webui ssl keypass Description Syntax Roles Mode s Clears the SSL keypass pass phrase for accessing the WebUI using SSL This command does not take effect until after a write operation clear admin webui ssl keypass Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear authentication cache Description Syntax Roles Mode s clear cache Description Syntax 38 um clear authentication cache Use the clear authentication command to clear the authentication cache This command does not take effect until after a write operation clear authentication cache Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication Clear statistics and cached objects for a named cache or all caches Use the stats option to clear just the statistics This command does not take effect until after a write operation clear cache lt name all gt stats Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s 3G Cache clear cluster aaa authentication Commands Use the clear cluster lt name gt aaa authentication commands to clear cluster authentication options or certfiles clear cluster aaa a
437. re directed to the same server that handled the initial request This is the IP address and accompanying port of the web server that the Accelerator will accelerate Depending upon the Accelerator model you may be able to enter IP addresses and ports for up to eight Target Hosts This is the fully qualified host name which clients use to reach your website or the servers you are accelerating 475 Command Line Reference Guide for DXOS 476 m Table 19 Glossary Accelerator Statistics Virtual IP Address Virtual IP Netmask WebUI Port WebUI SSL The following Accelerator statistics are available m Uptime The elapsed time since the Accelerator was turned on m Sessions active total The number of TCP sessions that the Accelerator has handled m Requests active total The number of HTTP requests the Accelerator has received m Bytes in out The total amount in bytes of data the Accelerator has received from target hosts and the total amount of data that the Accelerator has sent out to clients This is the IP address to which all incoming web traffic should be routed It should be different from the IP address es you specified on the Network Settings page The proper subnet mask for a device with the given Virtual IP Address This is the port on which the administration web server WebUI listens For example if you set this to 8090 you can connect to the DX by typing something like http junipername your
438. receive logs To configure the DX to send logs to an email address refer to command XXXXX Syntax show admin log mailtol or show admin log mailto2 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin log method apprules memory level Description Shows the log level for apprules logs sent to memory Syntax show admin log method apprules memory level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin log method apprules syslog facility Description Shows the syslog facility for apprules logs Syntax show admin log method apprules syslog facility show admin log Commands m 321 Command Line Reference Guide for DXOS Roles show admin log method apprules syslog level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration Description Shows the log level for apprules logs sent to a syslog server Syntax show admin log method apprules syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin log method audit showcmd Description Shows whether the show commands entered on the CLI should be logged in the audit log Syntax show a
439. received from the LDAP or Active Directory server You can also view a specific setting Syntax show cluster lt name gt aaa authentication redirect host protocol status url show cluster aaa authentication Commands m 351 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication response Description This command is used to show the authentication HTML message that will be used for the cluster Syntax show cluster lt name gt aaa authentication response Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication sso Description This command is used to show the Single Sign On SSO configuration for the cluster including SSO status domain cookie name and expiration setting Syntax show cluster lt name gt aaa authentication response Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s HTTP S Authentication show cluster aaa authentication sso cookie Description This command is used to show the Single Sign On SSO cookie configuration for the cluster including the cookie name and timeout settings Syntax show cluster lt name gt aaa authentication sso
440. red a client IP is bound to follows the same target host as another cluster forwarder or SLB group This allows client applications with multiple protocol flows such as TCP and UDP to be load balanced to the same target host The sticky method must be clientip Syntax show slb group lt name gt sticky leader followers timeout show slb Commands m 455 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Server Load Balancer show slb group sticky entries Description Shows the clients currently associated with each target host Syntax show slb group lt name gt sticky entries Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Server Load Balancer show slb group sticky failover status Description Shows the status of stateful failover for a the specified SLB group including whether stateful failover is enabled or disabled the address of the primary standby DX and the start and end times for the most recent full and delta synchronization on this SLB group Syntax show slb group lt name gt sticky failover status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Unified Failover show slb group target host lt ip port gt Description Shows the status
441. ree URLs used for SA compatibility If a URL is configured the DX determines if the specified cluster should drop into forwarder mode The first URL defaults to dana j This command does not take effect until after a write operation set cluster lt name gt sacompat advanced url lt 1 2 3 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set cluster sacompat advanced defaults Description Syntax Roles Mode s Returns the three URLs settings used for SA compatibility to their default value The first URL defaults to dana j The second and third URL default to an empty string This command does not take effect until after a write operation set cluster lt name gt sacompat advanced defaults Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X X Global Configuration set cluster stats history Description Syntax Roles Mode s 192 m set cluster stats history Disables or enables the collection of statistics history This command does not take effect until after a write operation set cluster lt name gt stats history lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Chapter 3 Set Commands set cluster sticky Commands Use the set cluster lt name gt st
442. request status bytes combined_cn This is a modification of the combined format with the cluster name prepended to the combined format clustername remotehost remotelogname authuser date request status bytes Referer User Agent perf1 This is a proprietary format that lets you easily monitor the performance of the DX compression and cache The information included in the log is remotehost date method url version status request bytes precomp bytes postcomp bytes cachehit perf2 This is a proprietary format that lets you troubleshoot performance problems The information included in the log is ip_port from result transactionID T1 T2 T3 T4 Granularity Information fields included in the logs are shown in Table 6 Table 6 Web Log Field Definitions Field Definition remotehost Remotehost name or IP address if the DNS hostname is not available or if the DNS Lookup is off remotelogname Remote logname of the user authuser Username with which the user authenticated himself date Date and time of the request inside brackets request Request line exactly as it came from the client inside quotes status HTTP status code returned to the client bytes Content length of the document transferred for response referer Value of the Referer header inside quotes user agent Value of the User Agent header inside quotes 206 m s
443. results in adding all the blades into the group This command does not take effect until after a write operation Syntax set activen group lt name all gt blade lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN set activen group blade lt hardpaused softpaused unpaused gt Description Halts or resumes client traffic to one or all DX blades in one or all groups A hard pause terminates all existing traffic a soft pause does not affect existing traffic Syntax This command takes place immediately no write command is needed set activen group lt name all gt blade lt ip all gt lt hardpaused softpaused unpaused gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration set activen Commands mM 113 Command Line Reference Guide for DXOS set activen group lt hardpaused softpaused unpaused gt Description Halts or resumes client traffic to the blades in one or all groups A hard pause terminates all existing traffic a soft pause does not affect existing traffic Syntax This command takes place immediately no write command is needed set activen group lt name all gt lt hardpaused softpaused unpaused gt Roles Network Network Security Security Target Admin Admin Operator Admin Op
444. rget Admin Admin Operator Admin Operator User Operator X Global Configuration add sync group member Description Syntax Roles Mode s add user Description Adds a member to the synchronization group lt memberid gt is either a lt hostname gt or an lt ip gt Starting with software release 4 1 15 the add sync group command is disabled on the DX 3670 Application Acceleration Platform This command does not take effect until after a write operation add sync group lt name gt member lt memberid gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Use the add user command to add a new user for managing the DX After adding the new user you must assign a role set the password and enable the user account A default user role is none and can access only the following commands cls exit help history quit set password show cluster show commands show forwarder show hostname show redirector show servers show support show ua show version who whoami This command takes effect immediately Enter a write command to retain the change after the next reboot add Commands mM 23 Command Line Reference Guide for DXOS Syntax Roles Mode s Description Syntax Roles Mode s add user name Adds a new user for managing the DX with the lt username gt specified If a username is not suppli
445. rget Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set slib healthcheck maxtries Description Syntax Roles Mode s Sets the global maximum number of health checks before giving up default is 3 This command does not take effect until after a write operation set slb healthcheck maxtries lt number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set slb Commands m 301 Command Line Reference Guide for DXOS set sib session timeout Description Sets the global purge timeouts for SLB sessions This command does not take effect until after a write operation Syntax set slb session timeout lt ackwait active closewait gt lt seconds gt m ackwait Three way TCP handshake has not completed default is 6 seconds m active Active sessions default is 90 seconds m closewait Sessions terminated by the client default is 12 seconds Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Server Load Balancer Configuration set slb sticky timeout Description Sets the global maximum number of minutes 1 to 43200 between consecutive client requests that are bound to the same target host default is 120 This value can be overridden for specific SLB groups Sets the global timeout for the stickiness of a particul
446. rite operation set cluster lt name gt weblog batch scp username lt user gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog delimiter Description Sets the delimiter in the Web Log to be either a comma or a space This command does not take effect until after a write operation Syntax set cluster lt name gt weblog delimiter lt comma space gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog destination Description Specifies whether Web Log entries are sent to the Syslog server immediately syslog or in a batch batch The default is syslog This command does not take effect until after a write operation Syntax set cluster lt name gt weblog destination lt batch syslog gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Historical Rates and Statistics set cluster weblog format Description Sets the format for the Web Log This command does not take effect until after a write operation Syntax set cluster lt name gt weblog format lt combined combined_cn common common_cn perf1 perf2 gt set cluster weblog Commands m 211 Command Line Reference Guide for DX
447. rk Network Security Security Target Admin Admin Operator Admin Operator User Operator xX x Mode s Global Configuration set admin webui ssl keyfile Description Specifies the SSL for accessing the WebUI over SSL This command does not take effect until after a write operation Syntax set admin webui ssl keyfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x x Mode s Global Configuration set admin webui ssl keypass Description Specifies the SSL key pass phrase for accessing the WebUI over SSL This command does not take effect until after a write operation Syntax set admin webui ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration set boot Description Use the set boot command to set the boot partition 1 or 2 for the next reboot This command takes place immediately Syntax set boot lt 1 2 gt 146 m set boot Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cache Commands Description Use the set cache command to set the parameters for the named 3G cache set cache max_objects Description Syntax Roles Mode s set cache size Description Syntax Roles Mode s Sets the total number of objects that can be stored in the n
448. roup Syntax show slb group lt name gt service Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slib group session Description Displays the current sessions for one or all groups Syntax show slb group lt name all gt session 454 m show slib Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slib group session timeout Description Displays all the global purge timeouts for group sessions or just the specified timeout Syntax show slb session timeout ackwait active closewait Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group stats Description Displays the statistics for one or all groups Syntax show slb group lt name all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer show slb group sticky Description Shows the sticky timeout the cluster forwarder or SLB group that leads this SLB group and the clusters forwarders and SLB groups that follow this SLB group You can also show just the timeout leader or followers When a leader is configu
449. roup default is roundrobin This command does not take effect until after a write operation set slb group lt name all gt policy lt backupchain revert leastconns maxconns roundrobin weightedleastconns weightedroundrobin gt Policy Description backupchain revert Selects the first active target host in the cluster Target hosts must be added in order of decreasing importance The revert option returns to the more important target hosts when they become available leastconns Selects the target host with the fewest outstanding requests maxconns Selects a target host sequentially based on the specified maximum number of concurrent connections set slo Commands m 295 Command Line Reference Guide for DXOS Roles Mode s Policy Description roundrobin Selects the next active target host in the cluster So if there are three new requests and three active target hosts in the cluster each target host services one request weightedleastconns Selects a target host based on the weight and current load weightedroundrobin Selects a target host based on the weight The larger the weight the higher the probability of the server being chosen Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Server Load Balancer Configuration set slb group priority Description Syntax Roles Mode s Enables or disables load balancing by
450. rs show cluster lt name all gt stats ssl Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X xX X show cluster sticky Commands show cluster sticky Description Syntax Roles Mode s Use the set cluster lt name gt sticky commands to view bindings between clients and target severs Shows the entire sticky configuration for the cluster show cluster lt name gt sticky Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration show cluster sticky clientip Description Shows the sticky timeout the cluster forwarder or SLB group that leads this cluster and the clusters forwarders and SLB groups that follow this cluster You can also show just the timeout leader or followers When a leader is configured a client IP is bound to follows the same target host as another cluster forwarder or SLB group This allows client applications with multiple protocol flows such as TCP and UDP to be load balanced to the same target host The sticky method must be clientip 386 wm show cluster sticky Commands Chapter 4 Show Through Write Commands Syntax show cluster lt name gt sticky clientip leader followers timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster sti
451. rwarder listen ssl keypass Description Clears the listen side SSL keypass pass phrase for the forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt listen ssl keypass Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder stats Description Clears the statistics for a forwarder This command does not take effect until after a write operation Syntax clear forwarder lt name gt stats 56 EH clear forwarder Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration clear forwarder sticky clientip entry Description Clears one or all entries associating client IP addresses with target hosts This command does not take effect until after a write operation Syntax clear forwarder lt name gt sticky clientip entry lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder target host Description Removes one or all target hosts from a forwarder This command clears all parameters related to the target hosts This command does not take effect until after a write operation Syntax clear forwarder lt name gt target
452. ry eet eeetttteeeeeees 400 show cluster weblog batch scp keyfile cece eeeeeeeteeeeeeeees 400 show cluster weblog batch scp USEIMAME eee etettetteeeeeeeees 400 show cluster weblog delimiter ic eer NEES 401 show cluster weblog destinati0N oooonnnnnccconococnnncccncccnonononnn cnn conc nnncnnns 401 show cluster Weblog forn dd 401 show cluster Weblog Status a id dE 401 show cluster Weblog EE 402 show cluster weblog syslog Nostic i thi ssid o EE 402 show cluster weblog syslog port cuneta de Ee 402 lee 403 lee Mi ile dla dll ae a 403 show das DEE misil ta da lib 403 lee ne ET 404 SHOW GENS domaie EE 404 lee 404 SHOW Eter onte ea eiat eA a n E NE E E a N a 404 Show failover Command tias 405 SHOW failo EE 405 le Ve ele e 405 Seb failover discover eg bereede Es 406 show failover TOrCEMASTOL terracota ci dee Ee 406 show failover lala rt ctokes seceded e nacida 406 show failover EE 406 SNOW failover le e EE 407 SNOW failover EE 407 show failover EI 407 show failover stateful status 408 show failover stateful svncintenal ec eee cece eeteetenttsteeeeees 408 Table of Contents m XXVII Command Line Reference Guide for DXOS Show failover TT 408 SHOWStAIOVET TE a A E E AET 409 SHOW failover vma 0s cas eni ete t E 409 Geet 409 SHOW E RA 410 SHOW TlOAUN TEE 410 Show forwarder e 410 SNOW LOLWALG ET E 410 show FOE ele Nee 411 show forwarder balance Doten 411 show forwarder description 411 SHOW f
453. s show slb stats Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Chapter 4 Show Through Write Commands show slb stats errors Description Syntax Roles Mode s Displays error statistics for the SLB service such as target host unavailable and connection timeouts Statistics are cumulative show slb stats errors Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show slb stats healthcheck Description Syntax Roles Mode s Displays healthcheck statistics for the SLB service such as total probes responses and timeouts Statistics are cumulative show slb stats healthcheck Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show slb stats memory Description Syntax Roles Mode s Displays memory Statistics for the SLB service including the current usage for NAT NAT ports and session memory as well as the number of times memory allocation failed show slb stats memory Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer show slb stats sticky Description Syntax Displays client IP sticky statistics for the SLB service including the number of insertions and deletion
454. s command does not take effect until after a write operation Syntax set server compression browser lt ie4 ie50 ie51 ie55 ie6 ie7 ieother konqueror ns4 ns6 opera other safari gt lt 0 3 gt O no 1 gzip 2 deflate 3 recommended Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set server compression Commands m 283 Command Line Reference Guide for DXOS set server compression browser defaults Description Syntax Roles Mode s Resets all the browser compression options to recommended This command does not take effect until after a write operation set server compression browser default set server compression cmt Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Sets the Custom MIME Type to 1 2 or 3 This command does not take effect until after a write operation set server compression cmt lt 1 2 3 gt lt header gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set server compression cmt Description Syntax Roles Mode s Disables or enables compression Custom MIME Type disabled by default This command does not take effect until after a write operation set server compression cmt lt disabl
455. s means that with two servers to be checked when we turn on Layer 7 Health Checking one down and one up the server that is up will be logged in the system log as Server A Passed L7 Health Check but the server that is down will not be mentioned in the logs until it comes up For example m Server 0 0 31 20 is Normal It responds to both a ping and an HTTP request the machine is up the web server is up m Server 10 0 31 10 is in a Semi Bad State It responds to a ping but not an HTTP request the machine is up the web server is down In this state when Layer 7 health checking is first enabled you will never see 10 0 31 10 marked as bad by the Layer 7 health check This is because it was never seen as up by the DX and therefore there was never a transition to record set cluster forwardclientcert headername m 175 Command Line Reference Guide for DXOS set cluster health connect interval Description Syntax Roles Mode s Number of seconds between Layer 4 connection checks 1 to 3600 Default is 1 second Note that Layer 4 connection checks can mark a target host as down but only the Layer 7 health checks and mark a target host as up Layer 4 connection checks cannot be disabled This command does not take effect until after a write operation set cluster lt name gt health connect interval lt interval gt set cluster health connect ssl Description Syntax Roles Mode s
456. s that have been made into the sticky table and the number of paused or down target hosts Statistics are cumulative show slb stats sticky show slb Commands m 459 Command Line Reference Guide for DXOS Roles Mode s show slb stats ftp Description syntax Roles Mode s show slb stats tftp Description Syntax Roles Mode s show slb status Description Syntax 460 m show slib Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Displays FTP statistics for the SLB service including the number of times PORT PASV EPSV and EPRT commands and PASV and EPSV responses are issued Statistics are cumulative show slb stats ftp Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Displays TFTP statistics for the SLB service including the number of read RRQ and write WRQ requests issued Statistics are cumulative show slb stats tftp Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Displays the SLB switch status as shown in Table 18 Table 18 SLB Switch Status Switch Status Meaning Disabled SLB is off Enabled active SLB is enabled for failover and is the active switch Enabled stand alone SLB is in stand alone mode Enabled p
457. sa ati Bataites 2 Using Telnet to Access the Cll aii aia 2 Using the Console Port to Access bel 2 Using Online Help and Command Abbreviations oooooooccccccccccccncccnnann nono noncncnnns 3 Applying and Saving Configuration Changes oooonninnnnnccococoncccccccncconinnann nan nnnnnnnno 4 Managing User ACCESS cornisa der eed a EE an 5 Naming CONVENIOS lr 6 Typographical CONVENTO Sum bd 6 OPINA o a Rato an 7 CLT Command Summary Es 7 Chapter 2 Add Through Reset Config Commands 15 Elo A NS 15 add activen DIAS ivi ti ns dile ss 15 add Lee Ee EE 15 AACICACN EE 16 GEES ae ad E Eier 16 add Ee 17 add Failover peer EE 17 AGC HOAUNGVIP E eer 18 AGOMOLW Are EE 18 AGCEWID e 18 addedslb localdns domain veria neien 19 add esibi TEMOLENOGE deiere seed DEE se oaks a 19 add SSID TESTET honie aa e a o o ee E A a E 19 ele ee Brain 20 add gslb resolver group member ciens etsia Ma a e A 20 add gslb resolver group servicecheck tcp port ssssssssrrrrrrrrrerrrssereerrer 20 addi Health EK EE 21 A RN 21 add de ET 21 AGO SIBD CLOUP EE 22 add sat E EE 22 add SYNE CLOUD eelst See eh rio ica 23 ee eene ER ee EE ER EUR ege deefe en eebe eer ON 24 Capture sCOMMAanS isi dor serait dares eri tad led ld Dea ate dto EE acd e 24 EEN 25 SEET bd ve kates all edie eech eege Suttle de 26 capture lo Hanner As See geass e etleche 26 Table of Contents m V Command Line Reference Guide for DXOS GEIER EE EIERE deet eegene deele eeh ee 27 capture s
458. sabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Sets the class attribute of a user for Administrator Remote Administration This command takes effect immediately Changes are automatically retained after the next reboot set user lt name all gt class lt local remote gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Chapter 3 Set Commands set user mustchange Description Syntax Roles Mode s set user password Description Syntax Roles Mode s set user role Description The password for the account must be changed the next time that the user logs in This command takes effect immediately Changes are automatically retained after the next reboot set user lt name all gt mustchange Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Changes the password of a user The password must be at least five characters This command takes effect immediately Changes are automatically retained after the next reboot set user lt name all gt password Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Assigns one or more additional roles to a user For a descri
459. scription Syntax Roles Mode s Expected size of the response This is the number of bytes in the body of the response as would be reflected in an HTTP Content Length header The default is zero This command does not take effect until after a write operation set cluster lt name gt health request size lt size of response gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request string Description Syntax 178 m set cluster health Commands Searches for the string in the non header portion of the HTTP response This option only applies to the following MIME types m text html m text css m text plain m text xml The string is case sensitive and the maximum length of the string is 64 bytes When typing the command from the Command Line Interface CLI the string must be enclosed in double quotes if there is white space in the string The string must NOT be enclosed in double quotes when being entered from the WebUI This command does not take effect until after a write operation set cluster lt name gt health request string lt string gt Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Health Checking set cluster health request timeout Description Syntax Roles Mode s The timeout value is
460. se the clear vlan command to clear virtual LAN parameters Clears all tags This command does not take effect until after a write operation clear vlan all Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the default VLAN This command does not take effect until after a write operation clear vlan default Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the assignment of a VLAN tag to all packets going to or from one or all IP addresses This command does not take effect until after a write operation clear vlan ip lt ip all gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Example clear vlan range Description Syntax Roles Mode s Example clear vian tag Description Syntax Roles Mode s Chapter 2 Add Through Reset Config Commands clear vlan ip 192 168 10 100 Clears the assignment of a VLAN tag to all the packets going to or from the IP address 192 168 10 100 Clears the assignment of VLAN tags to packets going from or to this range of IP addresses This command does not take effect until after a write operation clear vlan range lt startip endip all gt Network Network Security Security Target Admin Admin Operator Admin Opera
461. se values Enter Selection y Tuning based on your selections Done E dx5 set cluster transparency Description Syntax Roles Mode s Use the set cluster lt name gt transparency command to enable or disable IP transparency DXs operate in a secure reverse proxy mode In this mode all incoming client requests are terminated at the DX and multiplexed to a pool of predefined target hosts that serve the content When the DX provides connection multiplexing the Source IP SIP is replaced by the IP of the DX before the request is forwarded to the target host This is required to provide the connection multiplexing capability in the DX However this may create unintended side effects m The target host logs do not have the client s IP address any longer m Since to the target host all requests look to originate from a single IP it may perceive it as an attack and close connections The set cluster lt name gt transparency command allows you to enable or disable client IP transparency capability for a cluster configuration Enabling transparency allows the target hosts to see the source IP address of the originating connection For more information see Client IP Transparency in the Integrating the DX Introduction chapter of the Installation and Administration Guide for DXOS This command does not take effect until after a write operation set cluster lt name gt transparency lt disabled enabled gt
462. ser Operator X X X X X X X Global Configuration show license Commands Description show license Description Syntax Roles Mode s 424 m show hostname Use the show license command to show the data needed for license key generation Shows details about the DX license show license Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Global Configuration Chapter 4 Show Through Write Commands show license data Description Shows the data needed for license key generation Syntax show license data Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X show log Commands Description show log apprule Use the show log commands to show entries from the Apprule Audit and System logs Description Shows events from the Apprule log Syntax show log apprule Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Application Rules show log audit Description Shows administrative actions recorded in the Audit log Syntax show log audit Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Application Rules show log health script Description Shows events logged from health scripts Syntax show log health script show log Commands m 425 Command Li
463. set gslb resolver group Metric CpUUSABE c 0oooooccccccccccccocccnonn cnn conc nncnccccinnns 258 set gslb resolver group metric defaults ccooconooccccccnincccccoonannn cnn cnn nnncccnns 258 set gslb resolver group metric memmusage coooooocccccccccccccccnonn conan ocn nncccccnnns 258 Set gell resolver group metric Ttt narios e EENRREAERdAENE 259 set gslb resolver group Metric rtt COUNT cece teetetteeeeeteees 259 set gslb resolver group metric rtt netmask etter eens 259 set gslb resolver group Metric rtt tIMEOUE eect eeeeeees 260 set gslb resolver group Metric SESSIONS cece e eect teetetteteeeeees 260 set gslb resolver group metric SMOOTHING eee etter eees 260 set gslb resolver group metric targethostavailability ooo 261 set eslb resolver Sroup Miu big 261 set gslb resolver group servicecheck cnn a ia 261 XVIII m Table of Contents Table of Contents set gslb resolver group servicecheck mode 262 seteslb resolv r listen polvillo rada 262 setresibir solvEr e EE 262 SEU CSID TESOIVER targeta crei 263 Set health enen TE 263 ebe chend teen Eengel dees a 263 Set healtheremolenOse Most toros 264 set health remotehost interval e 2s eheskestedensetepeiaseclaptiseseaetebied 264 set health remotehost minhostsfailing ccc eceeeeeeteeeeeseeeeees 264 Set health remoOtehOst retry cock A de ersanbaceapheseeses 265 set health remotehost startupdelay ccc eceeeeeeeneteetteeeeeeeees 265 set health remotehost Omeout eeeeeeeee
464. shown in Table 9 can be entered after the show admin command Table 9 show admin Options Options Description See cli Shows the settings for the Command Line Interface CLI page 320 email Shows email server and email address information page 320 interface Shows admin interface settings page 321 log Shows all logging settings page 321 remoteauth Shows the settings for Administrator Remote Authorization page 325 scp Shows whether SCP is enabled page 327 snmp Shows SNMP information page 328 snmp trap Shows SNMP trap information page 330 soap Shows SOAP server information page 333 ssh Shows whether SSH is enabled page 335 syslog Shows Syslog settings page 335 tcpdump Shows TCPDump settings page 336 telnet Shows whether Telnet is enabled page 337 tftp Shows TFTP server settings page 337 tsdump Shows TSDump settings page 337 upgrade Shows upgrade filenames page 338 show admin Commands m 319 Command Line Reference Guide for DXOS show admin cli Description Syntax Roles Mode s Table 9 show admin Options continued Options Description See vip Shows admin VIP settings page 339 webui Shows admin WebUI information page 340 Use the show admin cli command to show the configuration for the Command Line Interface CLI show admin cli shows the administrator Command Line Interface CLI settings show admin cli Network N
465. sion 3 only m evi TLS Version 1 only This command does not take effect until after a write operation set forwarder lt name gt target ssl lt sslv2 sslv23 sslv3 tlsv1 gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder Commands m 237 Command Line Reference Guide for DXOS set forwarder target ssl timeout Description Syntax Roles Mode s Sets the SSL session timeout in minutes for the forwarder s target traffic This command does not take effect until after a write operation set forwarder lt name gt target ssl timeout lt time gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set fwlb Commands set fwlb Description Syntax Roles Mode s A firewall load balancer is used to manage and control traffic that crosses a network boundary It provides a means for securing resources on a trusted network from access by untrusted sources Both transparent and non transparent firewalls are supported Use the following commands to configure and manage firewall load balancers on the DX To add a firewall load balancer group see add fwlb group on page 18 This command is used to enable or disable the firewall load balancer Firewall load balancing is disabled by default This command does not take effect until after a wri
466. sion setting for all web browsers or a specific browser type Syntax show cluster lt name gt compression browser ie4 ie5 ie51 ie55 ie6 ie7 ieother konqueror ns4 ns6 opera other safari Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression cmt Description Shows the CMT setting 1 2 or 3 Syntax show cluster lt name gt compression cmt 1 2 3 358 m show cluster compression Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression cmt status Description Shows the compress CMT status disabled or enabled Syntax show cluster lt name gt compression cmt status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression flushthreshold Description Shows if flush threshold compression is enabled Syntax show cluster lt name gt compression flushthreshold Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster compression force Description Shows if the compression algorithm is forced a jo ll
467. slb group SessiontimeoU Eibar Cat SID GROUP Stats tati o sar Cart sib REEL Sticky EV is ear Slb group StekY TIMEOUE cit toas bit carislb group target hOSt cs brida ear slb group target host lt ip port all gt starte Carl a e dd io s t group MEMDE aneri a de tad s Table of Contents Gletscher 74 clear syne eroUp descrita 74 clear sync group override Tlename conc e 75 clear POLE e tennt ed ace S ien Mahl tele eh seess 75 Clear Viari COMMANGS tee onesies outlet hac dee ee 76 Clear Vian dlls ad ed o Me elos la coil Sort 76 clearvlan detal tte dape ista dels 76 CA O O Aekt dls Pini du ie athd wsles hak 76 clear Van TAG EE 77 cear VIA LAG E 77 CIS eats etal cet RAN ee ee 78 EELSTEN EE doe tate hat a iN tne 78 COPY GOMMMANGS ea BEE en cscs Ee 78 COPY COMA rd A uate ER ite dil et MEAN asta nerds 79 e 80 COPY TEPAMDA a a e a a lehetek Danana Tn A 81 delete commands seia aaien aaan SA iae S e aAA SER ENET E ENR iaoi 81 ele 81 delete activen group 82 A A E NN NO 82 Aclantis A AAA E IR 82 CeleteCONl Gs it at Se dann nee 83 delete ether SUD is AAA AN 83 delete failover peer Nie do id 83 CA E 84 delete Hoi SREL 84 delete forwarder onetan te inea E ARA 84 delete wl groupn ie e N a ER 85 delete gslb localdns dni a a 85 del te gslb TemOtenOde sis eerste ee eee ERE ER 85 delete elt TESSA A 86 delete gelt resolvet SEO ege e e a a 86 delete gslb resolver group member vssmtecrtis lleida adhesin 86 delete gslb resolv
468. ssion for application x vermeer rpc Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation set cluster lt name gt compression sharepoint lt disabled enabled global gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression shockwave Description Syntax Compresses application x shockwave Flash Use the global argument to return the compression value to its global setting This command does not take effect until after a write operation set cluster lt name gt compression shockwave lt disabled enabled global gt set cluster compression Commands m 169 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration set cluster compression targetcompression encoding Description Syntax Roles Mode s Sets the target compression standards This command does not take effect until after a write operation set cluster lt name gt compression targetcompression encoding lt standard browser gt standard MUX Content Encoding header is sent Standard encoding is applicable in either None or Standard modes default m browser Browser Content Encoding header is sent Browser encoding is applicable
469. standby peer if any becomes the new master This command does not take effect until after a write operation set failover lt disabled enabled gt set failover Commands m 215 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Unified Failover set failover advanced Description Changes the defaults for the following settings m pollinterval Number of seconds between polls used to verify the availability of the other peers default is five seconds m missedcount Number of consecutive polls with no response that indicate a peer is unavailable default is three m serviceinterval Number of seconds that a service can be down before a failover occurs default is eight seconds This command does not take effect until after a write operation Syntax set failover advanced lt missedcount lt N gt pollinterval lt seconds gt serviceinterval lt seconds gt gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Unified Failover set failover discovery interface Description Sets the interface used to discover the other peers enabled for Unified Failover default is etherO The IP address of the discovery interface is used as the source IP address on all outgoing discovery protocol traffic If the discovery interface is changed the source IP is
470. stem info m 465 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show ua Description Shows the DX End User License Agreement Syntax show ua Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Global Configuration show user Description Shows the status and role of one or all users Only users with an administrator role may display this information For example dx show user User Class Status SSH Keys Roles admin local Enabled no administrator userl local Enabled no administrator user2 local Enabled no network_administrator user3 local Enabled no network_operator user4 local Enabled no security_administrator user5 local Enabled no security_operator user6 local Enabled no user user7 local Enabled no none user8 local Enabled no target_host_operator Syntax show user username Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X 466 m show ua Chapter 4 Show Through Write Commands show user ssh authorized_keys Description Shows the specified user s public SSH key in a newline delimited format Admin level users can execute this command to view the public key for any other user but non admin users can only execute this command to view thei
471. t admin Sep username its ee Seet Set pes Miete E 131 set admin SAMP Command Snn e anota En 131 EE ad munsshimp COMMUNICV APs dee aana tegt deet AEE 131 set admin snmp Community n m 132 set admin snmp community netmask cece cere eeeeetteeeeeeees 132 SCL ACMINESNIMP CN ee Een de Ee 132 AN O E 133 RA O E 133 NN A A E 133 set admin snmp trap host lt 1 2 gt COMMUNIY oooocinnicnninnonininconinn 134 set admin snmp trap heslo 134 set admin snmp trap host lt 1 2 gt Version cn 134 set admin snmp trap threshold Connection 135 set admin snmp trap threshold loginfail o o onnnnnnnnnnniccccoccccccnn 135 set admin soap Commande 135 set admin soap lt down Up EE 135 S t adMin SOAP POL E 136 setadmin soap ssl Certfle tte 136 set admin soap ssl Reville ii AS 136 settad min soap REECH 137 SECA A A AAA AA TO 137 Setra dad stats NIStOLY a id 137 setiadmirl sy ee IEN 138 setadmin Syslog ee Uer 138 set admin syslog host DEE 138 set admin syslog host lt 1 2 gt EEN 139 set admin tcpdump Commande 139 set admin tcpdump CapturesiZe oooooocccccccccccccccccnnnnnnnnonnnnnnnnnnn nano inrncannnnos 139 set admin tcpdump mailtol lt first zs 139 set admin tcpdump mailto2 seconds 140 setadaun TEM et e EE dee 140 Setz MU tp Severa ege dnd do dl ind ao ll e e E 140 Setcadmin tsdump ComMandS tute dede e daa led odo 141 set admin tsdump filename ee E elen da 141 set admin tsdump mailtol frais 142 set admin tsdump mailto2 lt seconds
472. t are purged in one timer interval Setting burst_max to zero purges all timed out sessions in one timer cycle default is 7 000 This command does not take effect until after a write operation set activen advanced burst_max lt number gt set activen Commands m 109 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN set activen advanced policy Description Syntax Roles Mode s Sets the switching policy to round robin or least connection default is roundrobin This command does not take effect until after a write operation set activen advanced policy lt leastconns roundrobin gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X X ActiveN set activen advanced reset Description Syntax Roles Mode s When active sessions are purged a reset can be sent to the client and or server to indicate that the connection has been terminated This command is used to disable or enable sending of resets to the client or server default is enabled This command does not take effect until after a write operation set activen advanced reset lt client server gt lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen advanced synflood_pr
473. t be processed by the firewall load balancer and returned to that firewall potentially causing this traffic to be dropped This command does not take effect until after a write operation Syntax clear fwlb group lt name all gt sticky clear fwlb Commands m 59 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall load balancer clear gslib Commands Use these commands to clear Global Server Load Balancing GSLB settings clear gslb agent encryption key Description Removes the Nth encryption key for the GSLB agent This command does not take effect until after a write operation Syntax clear gslb agent encryption key lt N gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslib agent stats Description Clears the GSLB agent statistics This command does not take effect until after a write operation Syntax clear gslb agent stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer clear gslb localdns domain Description Clears the specified DNS records for the local DNS This command does not take effect until after a write operation Syntax clear gslb localdns domain lt a cname mx ns ptr gt
474. t cluster sticky Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster sticky failover Description Syntax Roles Mode s Enables or disables sticky failover for the specified cluster When Unified Failover is also enabled the standby DX takes on communications for the specified cluster This command does not take effect until after a write operation set cluster lt name gt sticky failover lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Global Configuration set cluster sticky method Description Syntax Roles Mode s Specifies whether cookies or client IP addresses are used to bind clients to a target host the default is none This command does not take effect until after a write operation set cluster lt name gt sticky method lt clientip cookie none gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set cluster sticky Commands m 195 Command Line Reference Guide for DXOS set cluster target Commands Use the set cluster lt name gt target command to set a target name or target host tune a target host and or to disable or enable the target host set cluster target host lt all ip
475. t take effect until after a write operation Syntax set slb group lt name gt target host lt ip port gt priority lt 1 10 gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer Configuration 300 m set slib Commands Chapter 3 Set Commands set slb group target host weight Description Syntax Roles Mode s Sets the weight of the target host default is 1 Weights are used if weight based load balancing is enabled refer to set slb group policy on page 295 This command does not take effect until after a write operation set slb group lt name gt target host lt ip port gt weight lt N gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Server Load Balancer Configuration set sib group target qos Description Sets the DSCP ToS values on traffic sent to clients see set qos Commands on page 268 set sib healthcheck interval Syntax Roles Mode s Sets the global health check intervals for when target hosts are down default is 10 seconds for TCP SYN default is 5 seconds or for when target hosts are up default is 20 seconds This command does not take effect until after a write operation set slb healthcheck interval lt down lt seconds gt syn lt seconds gt up lt seconds gt gt Network Network Security Security Ta
476. t the target tuning tool The purpose of the target tuning tool is to enable you to easily set up the interaction within the target hosts and to properly set up the cluster system behavior for a custom environment The target tuning tool is a single CLI command that sets a number of configuration variables using a question and answer format The set cluster lt name gt target tune command prompts you for the options shown in Table 3 Table 4 and Table 5 Chapter 3 Set Commands Table 3 Target Application Tune Options Options Action Other Selecting this option resets all the setting changes made by the other selections for this item to their default value The settings that it affects are Disable Extended HTTP Methods Disable WebDAV HTTP Methods Disable Connection Binding Disable compression of unauthorized responses Disable compression of MIME type text xml Disable compression of MIME type text x component Enable compression of MIME type text plain Set Standing Connection sc to six Disable compression of MS Office documents Reset the custom MIME type for application pdf Disable use of custom MIME types Enable the use of the HTTP Vary header PeopleSoft This option disables compression of MIME type text plain serverwide Domino 5 This option makes the following settings m Enable Connection Binding for this cluster m Set Standing Connection sc to O
477. t until after a write operation set forwarder lt name gt listen ssl keypass Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Configuration set forwarder Commands m 229 Command Line Reference Guide for DXOS set forwarder listen ssl protocol Description Syntax Roles Mode s Specifies the SSL protocol type for forwarder listen traffic m sslv2 SSL Version 2 only m sslv23 SSL Version 2 SSL Version 3 TLS Version 1 m sslv3 SSL Version 3 only m evi TLS Version 1 only This command does not take effect until after a write operation set forwarder lt name gt listen ssl protocol sslv2 sslv23 sslv3 tlsv1 Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen vip Description Syntax Roles Mode s set forwarder name Description Syntax Roles Mode s 230 m set forwarder Commands Sets the forwarder s Virtual IP address This command does not take effect until after a write operation set forwarder lt name gt listen vip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Renames a forwarder from lt name gt to lt new name gt This command does not take effect until after a write operation set forwarder lt name gt name lt new
478. take effect until after a write operation set activen group lt name gt sticky failover lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen healthcheck interval Description Syntax Roles Mode s Sets the global health check intervals for ActiveN This command does not take effect until after a write operation set activen healthcheck interval lt down syn up gt lt seconds gt m down Number of seconds a blade must be unresponsive before it is taken out of rotation default is 20 m syn Number of seconds between consecutive health probes when no response is received default is 10 m up Number of seconds a blade has to respond to the health check probe before it is considered unresponsive default is 45 seconds Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen healthcheck maxtries Description Syntax 116 m setactiven Commands Sets the global ActiveN value for maximum number of health check tries before giving up default is 3 This command does not take effect until after a write operation set activen healthcheck maxtries lt number gt Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen
479. target oos 301 set slb healthcheck Internal 301 set slb healthcheck maxtrtes nono ncncncncncnocnnnann non n nn nnncnno 301 set SID SESSION Omeout ia E A n anadi di banis 302 Set SID Sticky Omeout a raa i iaa niani aai i kani 302 SEESMAlCOMMANS EE 302 set snat alten ue 303 set snat group member Pr A Ee 303 set snat group member netiiasko iere ioen ia eeta E eiii 303 JS GEELEN 304 SES Oe e E is 304 SEL SNAL TMAX te a atk id ees 304 set syne group Commands ee cece ite top See a ge ea Sarasa tes 305 SEL Sync group IER 305 set sync group member PASSWOTT 0 0 2 eee cece cece ee teetetteteeeeeeees 305 SEL SYNC group memper Port ENEE ENEE 305 set Sync group Member usermmame eee eee e eee ee eee eteetttteteeeeeees 306 set Sy ne Prop E AA ES 306 Set MIEL override eae lll de dd do id 306 SEL Sync group overde Mena tdt bl ed 307 Set syn group ETH eisene ida EA 307 set CIMEZONCG le Seet Gei AE 307 Set user Commands kepit a Ee eee Aen 310 SOUUSE Rise tacos EEA E EE eege lee 310 A A NO 310 SEtUSEr IMUSTCMAN GES toldos 311 A A EE 311 SEH EE Egeter Beete ete let led aL 311 Sekvan Commands ET 312 set vVandefatlta eer eelere lee A 312 Servan APs EE 312 Ee 313 Chapter 4 Show Through Write Commands 315 Glen Lu e 315 SHOW EIER ee Ee Ae e NEE 316 SHOW activen advanced ge dal cies 316 SHOW le 316 show activen blade lt ip all gt EEN 316 SNOW activer e e 317 Table of Contents m XXI Command Line Reference Guide for DXOS
480. tax Specifies the maximum number of seconds that can occur between consecutive requests from the same local DNS for both requests to receive the same DX address the default is zero This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt lba sticky timeout lt seconds gt set gslb resolver Commands m 255 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslb resolver group member ip Description Syntax Roles Mode s Specifies the IP address of each DX node member associated with a specified group on a GSLB master These are the load balanced IP addresses that are returned in response to DNS queries This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt member lt name gt ip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer set gslib resolver group member remotenode Description Syntax Roles Mode s Specifies the name of the DX node used to gather performance metrics for the specified member Specify local to indicate the GSLB master otherwise the name must match the name of a remote node refer to add gslb remotenode on page 19 T
481. tax show activen group lt name gt sticky failover status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Mode s Unified Failover show activen group stats Description Shows the group statistics for one or all groups Syntax show activen group lt name all gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show activen stats Description Used to show the overall statistics for the switch Syntax show activen stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show activen status Description Used to display the state of the switch Syntax show activen status 318 m show activen Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show activen sticky timeout Description Used to display the sticky timeout entries Syntax show activen sticky timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show admin Commands Description Use the show admin command to show the administrative services configuration The options
482. tax show cluster lt name gt weblog batch copy interval Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch copy size Description Shows the size of the compressed file to copy the size of the two data buffers and the total remaining memory available for Web Log batch storage Syntax show cluster lt name gt weblog batch copy size Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch copy time Description Shows the times when the Web Log will be transmitted to the configured Syslog server Syntax show cluster lt name gt weblog batch copy time Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring 398 mum show cluster weblog Commands Chapter 4 Show Through Write Commands show cluster weblog batch failure Description Shows the Web Log failure settings for the cluster Syntax show cluster lt name gt weblog batch failure Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Performance Monitoring show cluster weblog batch failure retryinterval Description Shows the retry interval in seconds in case of copy failur
483. te operation Syntax set forwarder lt name gt target ssl autochain lt disabled enabled rootcert gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set forwarder target ssl certfile Description Specifies the SSL certfile for forwarder target connections This command does not take effect until after a write operation Syntax set forwarder lt name gt target ssl certfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration 234 m set forwarder Commands Chapter 3 Set Commands set forwarder target ssl cipherfile Description Specifies the name of the user defined file containing a list of cipher suites that conform to the OpenSSL standard This command does not take effect until after a write operation Syntax set forwarder lt name gt target ssl cipherfile lt filename gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration set forwarder target ssl ciphersuite all Description Allows all supported SSL cipher suites for forwarder target traffic This command does not take effect until after a write operation Syntax set forwarder lt name gt target ssl ciphersuite all Roles Network Network Security Security Target Admin Admin Operator A
484. te operation set fwlb disabled enabled Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Firewall Load Balancer set fwlb group balance policy Description Syntax 238 m setfwlb Commands This command is used to specify the load balancing protocol used by the firewall load balancer The default is Round Robin Refer to the administrator guide for descriptions of these load balancing policies This command does not take effect until after a write operation set fwlb group lt name gt balance policy roundrobin leastconns weightedleastconns backupchain maxconnections weightedroundrobin gt Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Firewall Load Balancer set fwlb group healthcheck Description This command is used to specify the interval at which health checks are made the type of health check the maximum number of times to attempt a health check without receiving a response and the address of the other DX in a load balanced pair The following defaults apply Setting Default Value interval with target up 20 seconds interval with target down 10 seconds maxtries 3 type ICMP This command does not take effect until after a write operation Syntax set fwlb group lt name gt healthcheck interval up down lt time_in_sec gt maxtries lt
485. ted for the username enter admin for the default account or the name of a user account that you have created 2 Enter the password for the DX The prompt indicates that you have reached the Juniper Networks DXSHELL 3 To disconnect from DXSHELL at any time enter the exit or quit command Using Telnet to Access the CLI The DX can be accessed through a standard Telnet client You must have a Telnet client or application installed on the client computer and the Telnet service must be enabled on the DX 1 If you are using a command line Telnet client type the following command telnet lt IP address of DX gt If you are using a PC with a terminal emulator application configure the emulator to connect to the IP address of the DX 2 You will be prompted for a username and password Enter the username and password that you set for the DX 3 You will see the prompt that indicates that you have reached the Juniper Networks DXSHELL 4 To disconnect from DXSHELL at any time enter the exit or quit command Using the Console Port to Access the CLI The DX can be accessed through a direct serial connection to the console port on the back of the unit The console connection must be used for the first time configuration 1 Connect one end of the supplied null modem cable to the serial console port on the rear of the unit 2 Connect the other end of the cable to the COM port of a PC running terminal emulation sof
486. terval Shows the link failure polling interval in milliseconds show server failover vmac Shows the Virtual MAC address show server failover vmac id Shows the Virtual MAC Address assigned to the specified ID SLB Commands clear slb failover bindaddr Clears the failover bind address set slb failover lt disabled enabled gt Disables or enables the failover mechanism set slb failover bindaddr lt ip gt Sets the bind address for the failover mechanism set slb failover forcemaster lt disabled Enabling the forcemaster allows a switch to snatch the active status from enabled gt another switch of higher nodeid Disables or enables the forcemaster The default is disabled set slb failover mcastaddr lt ip addr gt Sets the multicast address for the failover mechanism set slb failover nodeid lt number auto gt Sets the nodeid of the SLB failover unit Setting nodeid to auto results in the nodeid being generated automatically The default is auto set slb failover port peer lt port gt Sets the port for failover communication The default is 9200 set slb failover vmac lt disabled enabled gt Enables or disables the use of Virtual MAC on the interface disabled by default Available only on the Ethernet 0 interface set slb failover vmac id lt id gt Sets the Virtual Router ID of the failover unit The parameter ID is a number between one and 254 both inclusive The default is 1
487. ticky failover for the specified forwarder When Unified Failover is also enabled the standby DX takes on communications for the specified forwarder This command does not take effect until after a write operation Syntax set forwarder lt name gt sticky failover lt disabled enabled gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration set forwarder Commands m 231 Command Line Reference Guide for DXOS set forwarder sticky method Description Specifies whether consecutive requests from the same client IP address within the specified timeout can be bound to the same target host default is none This command does not take effect until after a write operation Syntax set forwarder lt name gt sticky method lt clientip none gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Configuration set forwarder target host Description Adds the IP address and the port for the forwarder target This command does not take effect until after a write operation Syntax set forwarder lt name gt target host lt ip port gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X X Mode s Global Configuration set forwarder target host lt ip port gt lt hardpaused softpaused unpaused gt Description
488. til after a write operation Syntax set cluster forwarder redirector slb group lt name gt lt listen target gt qos mark outgoing tos dtrc lt delay throughput reliability cost normal gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector Commands Use the set redirector commands to set properties for the redirector Note that the redirector must be enabled before requests will be redirected set redirector customurl Description Sets the URL for redirecting Only used when the URL method is set to custom This command does not take effect until after a write operation Syntax set redirector lt name gt customurl lt url string gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector Commands m 271 Command Line Reference Guide for DXOS set redirector description Description Add a description to redirector lt name gt The description is limited to 512 characters of free form text but cannot include new lines This allows administrators to fully describe the redirector s usage contact information warnings or any other pertinent information they deem necessary This command does not take effect until after a write operation Syntax set redirector lt name gt description lt descript
489. tion set gslb localdns domain lt domain gt sequence number lt N gt set gslb localdns Commands m 247 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer set gslib localdns domain ttl Description Sets the Time to Live TTL for the specified domain TTL configures how long a DNS record will be cached before it needs to be removed This TTL is used for all the Resource Records in a domain The default TTL is 300 seconds This command does not take effect until after a write operation Syntax set gslb localdns domain lt domain gt ttl lt secs gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Server Load Balancer set gslib remotenode Commands Use the set gslb remotenode commands to identify the remote DX nodes on the GSLB master set gslb remotenode agentip Description Specifies the listen IP address used by the GSLB agent on a remote DX node refer to set gslb agent listen vip on page 244 This command does not take effect until after a write operation Syntax set gslb remotenode lt name gt agentip lt ip gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x x Mode s Global Server Load Balancer 248 m set gslb remotenode Commands Chapter 3
490. tion set cluster aaa authentication Idap server lt N gt port Description Syntax Roles Mode s Sets the port number of the LDAP server used for the cluster N can be either 1 or 2 This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap server lt N gt port lt port number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap server type Description Syntax Sets the type of the LDAP server s used for the cluster The available server types are Active Directory Server ADS iPlanet Directory Server IPLANET or Netscape Directory Server NDS This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap server type lt ADS IPLANET NDS gt 152 w set cluster aaa authentication Commands Roles Mode s Chapter 3 Set Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication Idap ssl Description Syntax Roles Mode s Enables or disables LDAP authentication over SSL default is disabled This command does not take effect until after a write operation set cluster lt name gt aaa authentication ldap ssl lt disabled enabled gt Network Network
491. tion set cluster listen ssl ciphersuite common Description Allows only the most commonly used cipher suites from both the strong and export groups This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ciphersuite common Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl ciphersuite export Description Allows only the lower security suites that have been traditionally available for export This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ciphersuite export Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl ciphersuite file Description Allows a user defined list of SSL cipher suites to be used to configure an SSL cluster This command does not take effect until after a write operation Syntax set cluster lt name gt listen ssl ciphersuite file 184 m set cluster listen Commands Chapter 3 Set Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set cluster listen ssl ciphersuite strong Description Allows only the highest security cipher suites that have only been traditi
492. tion show server compression http10 Description Shows if HTTP 1 0 is being compressed Syntax show server compression http10 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server compression javascript Description Shows if application x javascript will be compressed Syntax show server compression javascript show server compression Commands 8 437 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show server compression level Description Shows the compression level Syntax show server compression level Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show server compression msoffice Description Shows if MS Office documents will be compressed Syntax show server compression msoffice Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show server compression octetstream Description Shows if application octet stream will be compressed Syntax show server compression octetstream Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration
493. tion via TFTP or SCP Syntax export config lt dst gt export Commands m 93 Command Line Reference Guide for DXOS Roles Mode s export log apprule Description Syntax Roles Mode s export log audit Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration Exports the Apprule Event log from the DX to a remote location via SCP only export log apprule lt dst gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Application Rules Exports the Audit Event log from the DX to a remote location via SCP only export log audit lt dst gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Global Configuration export log health script Description Syntax Roles Mode s 94 m export Commands Exports the Health Script log from the DX to a remote location via TFTP or SCP export log health script lt dst gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Health Checking export log system Description Syntax Roles Mode s export ruleset Chapter 2 Add Through Reset Config Commands Exports the System Event log from the DX to a remote location via SCP only export lo
494. tistics for SLB This command takes effect immediately and does not require a write operation Syntax clear slb stats clear slb Commands m 73 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Server Load Balancer Configuration clear snat group member Removes one or all members from a Source Network Address Translation SNAT Description group This command does not take effect until after a write operation Syntax clear snat group lt name gt member lt name all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Direct Server Return clear sync group Commands Use the clear sync group lt name gt commands to clear a synchronization group s description or override file name Starting with software release 4 1 15 the clear sync group command is disabled on the DX 3670 clear sync group description Description Clears the description for the named sync group This command does not take effect until after a write operation Syntax clear sync group lt name gt description Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration 74 m clear snat group member Chapter 2 Add Through Reset Config Commands clear sync group override filename Description Syntax
495. tmask lt netmask gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set snat Commands m 303 Command Line Reference Guide for DXOS set snat group vip Description Syntax Roles Mode s set snat idletime Description Syntax Roles Mode s set snat maxconn Description Syntax Roles 304 m set snat Commands Sets the VIP for a SNAT group This command does not take effect until after a write operation set snat group lt name gt vip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the maximum idle time in seconds up to 24 hours The default is 500 seconds This command does not take effect until after a write operation set snat idletime lt time in seconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Sets the maximum number of connections 1 to 1000 The default is 1000 This command does not take effect until after a write operation set snat maxconn lt number of connections gt Network Admin Admin Network Operator Security Admin Security Operator Target User Operator X X Chapter 3 Set Commands set sync group Commands Use the set sync group command to configure a synchronizatio
496. to a remote file 80 m copy Commands Syntax Roles Mode s copy tcpdump Description Syntax Roles Mode s delete Commands m Terminal to a remote file m Terminal to the terminal Chapter 2 Add Through Reset Config Commands copy file local filename tftp tftp_server filename scp Lusername scp_server filename terminal local filename tftp tftp_server filename scp username scp_server filename terminal Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the copy tcpdump command to send the specified TCPDump file via email SMTP SCP or TFTP as configured in the TCPDump destination copy tcpdump lt tcpdumpfile gt lt tftp tftp_server filename scp username scp_server filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Use the delete command to delete clusters forwarders redirectors routes configurations files login banners server load balancers and users delete activen blade Description Syntax Roles Mode s Deletes an ActiveN blade specified by the index Using all deletes all blades This command requires an ActiveN license before it can be used This command does not take effect until after a write operation delete activen blade lt ip all gt Network Network Se
497. to work correctly with Page Translation Content PTC the factory setting fcl must be explicitly enabled it is disabled by default Contact your administrator or Juniper Technical Support for assistance Disables or enables AppRule operations for a specific cluster This command does not take effect until after a write operation set cluster lt name gt apprule lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Application Rules set cluster apprule limit retrypost Description Sets a value that acts as a high water mark for the number of bytes that will be stored for a POST request to be retried If the POST data exceeds this value then the data is released and the retry mechanism is disabled for this request The original request will proceed If a value of zero is specified then there is no limit imposed on the POST data amount This is VERY DANGEROUS since it allows a single user to issue a single request and use all of the resources on the box The default value is 32 Bytes Most POST requests are typically less than 2 KBytes so there should not be any problems set cluster apprule Commands m 161 Command Line Reference Guide for DXOS with the default range limits An upper limit of 100 MBytes is provided for installations that demand maximum flexibility This command does not take effect until after a write operation Syntax
498. tor X X HTTP S Authentication set cluster aaa authentication Commands m 159 Command Line Reference Guide for DXOS set cluster aaa authentication sso cookie name Description Syntax Roles Mode s This command is used to optionally specify the name of Single Sign On SSO cookie for the cluster The default cookie name is DXAUTH This command does not take effect until after a write operation set cluster lt name gt aaa authentication sso cookie name lt string gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication sso cookie timeout Description Syntax Roles Mode s This command is used to optionally specify the amount of time before the Single Sign On SSO cookie expires for the cluster requiring users to provide credentials each time they access applications in the specified SSO domain The timeout value must be between zero and 525600 minutes 24 hours inclusive The default cookie timeout is zero causing the cookie to expire with the browser This command does not take effect until after a write operation set cluster lt name gt aaa authentication sso cookie timeout lt integer gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication sso Description Syntax Roles
499. tor Admin Operator User Operator X Mode s Global Configuration show server customiplogheader Description Shows the custom header name that will be added to the client s request with the client s original IP address Syntax show server customiplogheader Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server failover The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to show failover Commands on page 405 show server forwardclientcert Description Shows the custom SSL client certificate HTTP header Syntax show server forwardclientcert Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 440 m show server customiplogheader Chapter 4 Show Through Write Commands show server maxconns Description Shows the maximum number of simultaneous connections that the DX can support Syntax show server maxconns Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server reversepath Commands Use the show server reversepath commands to view the reverse path routing settings show server reverse
500. tor User Operator X X Global Configuration clear vlan range 192 168 10 100 192 168 10 200 Clears the assignment of VLAN tags to all the packets going to or from the range of IP addresses 192 168 10 100 to 192 168 10 200 Clears the VLAN with the named tag This command does not take effect until after a write operation clear vlan tag lt tag gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear vlan Commands m 77 Command Line Reference Guide for DXOS cls Description Use the cls command to clear the screen Syntax cls Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X x x X X X X Mode s Global Configuration configure Description Use the configure command to rerun the configuration walk through This command does not take effect until after a write operation Syntax configure Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration copy Commands Use the copy command to copy configurations files and captured TCPDump information Copying configurations from a remote location is equivalent to importing a configuration This can also be performed by entering the command import config for additional information see import config on page 99 m Copying configurations to a re
501. trap threshold loginfail lt threshold in gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X X Mode s Global Configuration set admin soap Commands Description Use the set admin soap commands to enable or configure the Simple Object Access Protocol SOAP server used for configuration synchronization set admin soap lt down up gt Description Disables or enables the SOAP server This command takes effect immediately Enter a write command to retain the change after the next reboot Syntax set admin soap lt down up gt set admin soap Commands 8 135 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator x X Mode s Global Configuration set admin soap port Description Sets the port number for the SOAP server default is 8070 This command does not take effect until after a write operation Syntax set admin soap port lt portnum gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set admin soap ssl certfile Description Sets the SSL certificate filename for the SOAP server default is democert This command does not take effect until after a write operation Syntax set admin soap ssl certfile lt filename gt Roles Network Network Security Security Target Admin
502. ts Description Shows the I O and SSL statistics for the redirector Syntax show redirector lt name gt stats Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector stats io Description Shows the I O statistics for the redirector Syntax show redirector lt name gt stats io Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show redirector Commands 8 433 Command Line Reference Guide for DXOS show redirector stats ssl Description Shows the SSL statistics for the redirector Target User Operator Syntax show redirector lt name gt stats ssl Roles Network Network Admin Admin Operator X X X X X Mode s Global Configuration show redirector status Description Shows the status of the redirector i e if the redirector is disabled or enabled Syntax show redirector lt name gt status Roles Network Network Target Admin Admin Operator User Operator X X X X X Mode s Global Configuration show redirector urlmethod Description Shows the URL method setting of the redirector Syntax show redirector lt name gt urlmethod Roles Network Network Target Admin Admin Operator User Operator X X X X X Mode s Global Configuration show route Description Shows the destination IP address gateway address and netmask of
503. ttp10 Description Syntax Roles Mode s Disables or enables compression for HTTP 1 0 This command does not take effect until after a write operation set server compression htt10 lt disabled enabled gt set server compression javascript Description Syntax Roles Mode s set server compression level Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Disables or enables compression for application x javascript This command does not take effect until after a write operation set server compression javascript lt disabled enabled gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Sets the compression level This command does not take effect until after a write operation set server compression level lt 1 9 gt 3 compress with level 3 Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration 286 m set server compression Commands Chapter 3 Set Commands set server compression msoffice Description Disables or enables compression for MS Office i e application msword application vnd ms excel application vnd ms powerpoint application vnd ms project and application vnd visio This command does not take effect until after a write operation
504. tware or any standard RS 232 terminal Use 9600 baud 8 bits no parity 3 Open the terminal session and press Enter 2 m Accessing the CLI Chapter 1 Using the Command Line Interface CLI 4 You will be prompted for a username and a password Enter the username and password for the DX If this is the first time that you have logged in use the default account with the username admin and the password admin You will see the prompt that indicates that you have reached the Juniper Networks DXSHELL a custom command line interface 5 To disconnect from DXSHELL at any time enter the exit or quit command Using Online Help and Command Abbreviations To view the online help for a command type help before the command or type after it Type just help or at the command prompt to view the list of high level commands Enter show commands to view a hierarchical list of all commands Pressing the tab key will complete a partially typed keyword display the valid keywords with the same initial characters or show all the options for an incomplete command Commands can be abbreviated provided that you enter enough characters to identify each keyword For example the full command used to check health interval for cluster 1 is show cluster 1 health connect interval The abbreviated command equivalent is sh clu 1 he ci If a keyword is ambiguous the possible matches are displayed cl cluster Ambiguous keyword
505. ual to the selected level occurs This command does not take effect until after a write operation set admin log method apprules memory level ALERT EMERG Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method apprule syslog facility Description Syntax Roles Mode s Sets the syslog facility for apprule logs set admin log method apprules syslog facility lt LOG_LOCALO LOG_LOCAL1 LOG_LOCAL2 LOG_LOCAL3 LOG_LOCAL4 LOG_LOCAL5 LOG_LOCAL6 LOG_LOCAL7 LOG_USER gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method apprule syslog level Description Syntax Sets the log level for apprule logs sent to a syslog server Sends a log message to the syslog server when an event greater than or equal to the selected level occurs This command does not take effect until after a write operation set admin log method apprules syslog level ALERT EMERG set admin log Commands m 121 Command Line Reference Guide for DXOS Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set admin log method audit showcmd Description Syntax Roles Mode s Disables or enables the logging of show commands entered on the CLI in th
506. ur login banner and it will display correctly on the WebUI However the DX does not parse out HTML code when displaying the banner on the Command Line Interface CLI so the HTML code will be displayed along with the desired banner This command does not take effect until after a write operation Captures displayed information and saves it to a file on the DX This is typically used for capturing SSL keys and certificates but can be used to create any kind of file capture file lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration capture file my_key Start by capturing an SSL Key from the terminal and name it my_key You will need to paste the content of the file and end the file with a period on a blank line An example of the output is dx capture file my_key Enter file End with period on a blank line MIIDejCCAUOgAwIBAgIBADANBgkqhkiG9wOBAQQFADCBi ZELMAKGA EjJAQBgNVBAgTCURFTU8gTO5MWTESMBAGA1UEBXMJREVNTyBPT Ew ERULPIE9OTFkKxEjAQBgNVBASTCURFTU8gTOSMWTESMBAGAL TkxZMRgwFgYJKoZIhvcNAQkBFglERU1PIE9OTFkwHhcNMDIwMzA1 MDIwMzA2MjM1MzAxWjCBi ZELMAKGALUEBhMCWFgxEjAQBgNVBA WTESMBAGA1UEBxMJREVNTyBPTkxZMRIwEAYDVQQKEwlERU1P BAsTCURFTU8gTO5MWTESMBAGA1UEAXMJREVNTyBPTkxZMRgw FglERU1PTIE9OTFkwgZ8wDQYJKoZIhvcNAQEBBQADgYOAMIGJAOG HkubHFrpC1tub2CEANVBJsXfk n8rle J1XCm2Gv1085Fk6pWh8P597r gQE 1xBaSEwJ v4GuVPt fcGyG8PJmAkoO0d OkYsYH1ZIJG7aIMmJB1 mFIgT9EJ7
507. uration Generates an SSL Self Signed Certificate Input to the command is a 1024 bit RSA private key file and the output is a CSR file This command does not take effect until after a write operation gen ssc lt key file gt lt ssc file gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration The halt command provides a graceful mechanism for powering down the DX This command reduces the possibility of file system corruption After you enter the halt command a confirmation message is displayed Warning This device will now shutdown Are you sure you want to continue y n n y Shutting Down Please wait 30 seconds before unplugging the power cord once the DX is halted halt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration hat m 97 Command Line Reference Guide for DXOS help Description Syntax Roles Mode s history Description Syntax Roles Mode s import Commands 98 m help Enter the help command by itself to display a description of the top high level commands Enter help before a command to view a list of all sub commands help sub command Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X xX X X X Global Configuration Use the history command to display the command hist
508. urity Security Target Admin Admin Operator Admin Operator User Operator X x Mode s Global Server Load Balancer delete Commands m 85 Command Line Reference Guide for DXOS delete gslib resolver Description Deletes one or all resolvers on a GSLB master This command does not take effect until after a write operation Syntax delete gslb group lt name gt resolver lt name all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer delete gslib resolver group Description Deletes one or all groups on a GSLB master This command does not take effect until after a write operation Syntax delete gslb resolver lt name gt group lt name all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer delete gslib resolver group member Description Deletes a member from a GSLB group This command does not take effect until after a write operation Syntax add gslb resolver lt name gt group lt name gt member lt name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancer delete gslib resolver group servicecheck tcp port Description Removes all or specified ports from the TCP service check Syntax delete gslb resolver name group name ser
509. urity Security Target Admin Admin Operator Admin Operator User Operator Xx X Use the unconfigure command to restore a DX to the its original manufacturing configuration Some of the actions it performs include m Restoring the default configuration deleting the current one m Deleting any new keys and certificates m Deleting any new apprule files e g not nitro tune m Deleting any new configuration synchronization override files m Deleting all health check scripts m Deleting all but the default user m Resetting the password of the default user m Deleting the login banner Resetting the first boot flag forcing acceptance of the user agreement m Rebooting the DX unconfigure Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X tsdump m 471 Command Line Reference Guide for DXOS wall Description Syntax Roles who Description Syntax Roles whoami Description Syntax Roles write Description Syntax Roles 472 m wall Use the wal command to send a message to all users who are currently logged in wall Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Use the who command to display a list of users who are currently logged in who Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X X X Use the whoami co
510. urity Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set admin remoteauth Idap server lt 1 2 gt ip Description Sets the IP address for the LDAP server 1 or LDAP server 2 This command does not take effect until after a write operation Syntax set admin remoteauth ldap server lt 1 2 gt ip lt ip address gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration set admin remoteauth Idap server lt 1 2 gt port Description Sets the port for the LDAP server 1 or LDAP server 2 This command does not take effect until after a write operation Syntax set admin remoteauth ldap server lt 1 2 gt port lt port gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration 126 m set admin remoteauth Commands Chapter 3 Set Commands set admin remoteauth Idap uid Description Syntax Roles Mode s Sets the attribute name that uniquely identifies the user in LDAP database This command does not take effect until after a write operation set admin remoteauth ldap uid lt uid gt set admin remoteauth Idap version Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Global Configuration Sets the version of LDAP used by the LDAP servers Th
511. us Description Shows the target server SSL status Syntax show cluster lt name gt target ssl status show cluster target Commands m 395 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target ssl timeout Description Shows the target server SSL timeout Syntax show cluster lt name gt target ssl timeout Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Global Configuration show cluster target status Description Shows the health of the target server based upon Layer 7 health check Syntax show cluster lt name gt target status Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show cluster transparency Description Shows whether client IP transparency is enabled Syntax show cluster lt name gt transparency Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 396 m show cluster transparency Chapter 4 Show Through Write Commands show cluster weblog Commands show cluster weblog Description Syntax Roles Mode s Use the show cluster lt name gt weblog commands to view the Web log settings Shows
512. used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the memory usage exceeds the specified value the IP addresses associated with the node are taken out of rotation This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric memusage lt max lt N gt weight lt N gt gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Server Load Balancer Chapter 3 Set Commands set gsib resolver group metric rtt Description Syntax Roles Mode s Specifies the maximum acceptable RTT time in seconds between the GSLB node and the local DNS calculated by ICMP pings and the relative weight 0 to 100 of the metric used in the load balancing calculation If the weight is zero the metric is not used for load balancing If the RTT time is exceeded the IP addresses associated with the node are taken out of rotation The default time is 15 seconds This command does not take effect until after a write operation set gslb resolver lt name gt group lt name gt metric rtt lt max lt seconds gt weight lt N gt gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator xX X Global Server Load Balancer set gslib resolver group metric rtt count Description Syntax Roles Mode s Specifies the numb
513. uth cacrlfile Description Syntax Roles Mode s Sets the CA Certificate Revocation List CRL as a lt filename gt for the forwarder The lt filename gt must be a list of one or more valid CRLs containing certificates signed by one of the CA s listed in the trusted CA certificate file All CRL entries not corresponding to an entry in the trusted CA certificate file are ignored All CRLs listed in the file must be in base64 encoded format This command does not take effect until after a write operation set forwarder lt name gt listen ssl clientauth cacrlfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration set forwarder listen ssl clientauth catrustfile Description Syntax Roles Mode s Sets the CA Trusted Certificate file to a lt filename gt for the forwarder The lt filename gt must be a file containing a valid list of one or more root or intermediate CA certificates each certificate is encoded in base64 format If the certificate is an intermediate certificate its root CA certificate must also be present in either a catrustfile or the cacertfile This command does not take effect until after a write operation set forwarder lt name gt listen ssl clientauth catrustfile lt filename gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Glob
514. uthentication Idap base dn Description Clears the root Distinguished Name DN user for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication ldap base dn Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication Idap gid Description Clears the Group ID used for the cluster This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication ldap gid Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication Idap server Description Clears the LDAP server IP address N is either 1 or 2 This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication ldap server lt N gt ip clear cluster aaa authentication Commands m 39 Command Line Reference Guide for DXOS Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s AAA Authentication clear cluster aaa authentication Idap ssl cacertfile Description Clears the cacert file for SSL This command does not take effect until after a write operation Syntax clear cluster lt name gt aaa authentication ldap ssl
515. uthorized copies of the Software except as necessary for backup purposes c rent transfer or grant any rights in and to any copy of the Software in any form to any third party d remove any proprietary notices labels or marks on or in any copy of the Software e distribute any copy of the Software to any third party including as may be embedded in Juniper equipment sold in the secondhand market f use any locked or key restricted feature function or capability without first purchasing the applicable license s and obtaining a valid key from Juniper even if such feature function or capability is enabled without a key g distribute any key for the Software provided by Juniper to any third party h use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper reseller i use the Software on non Juniper equipment where the Juniper documentation does not expressly permit installation on non Juniper equipment j use the Software or make it available for use on Juniper equipment that the Customer did not originally purchase from Juniper or an authorized Juniper reseller or k use the Software in any manner other than as expressly provided herein 5 Audit Customer shall maintain accurate records as necessary to verify compliance with this Agreement Upon request by Juniper Customer shall furnish such records to Juniper and certify its compliance with this
516. ver compression Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration clear server compression cmt Description Clears Custom Mime Types 1 2 or 3 This command does not take effect until after a write operation Syntax clear server compression cmt 1 2 3 Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration clear server Commands m 69 Command Line Reference Guide for DXOS clear server customiplogheader Description Syntax Roles Mode s Clears the HTTP header for reporting client IPs to the target server This command does not take effect until after a write operation clear server customiplogheader Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear server reversepath entry Description Syntax Roles Mode s clear server stats Description Syntax Roles Mode s 70 m clear server Commands Clears an entry created by reversepath routing If you have a packet from a gateway that is not your default gateway you will never get a response unless you configure your routing tables to send the packet back through the right gateway route Reversepath does this automatically This command does not take effect until after a write operation clear s
517. vicecheck tcp port port all 86 m delete Commands Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Server Load Balancing delete health script Description Deletes a health script configuration node This command does not take effect until after a write operation Syntax delete health script lt script_name gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s Health Checking delete loginbanner Description Deletes a previously set login banner This command does not take effect until after a write operation Syntax delete loginbanner Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X Mode s Global Configuration delete redirector Description Deletes a specific redirector or all redirectors This command does not take effect until after a write operation Syntax delete redirector lt name all gt delete Commands m 87 Command Line Reference Guide for DXOS Roles Mode s delete route Description Syntax Roles Mode s delete sib group Description Syntax Roles Mode s delete snat group Description Syntax 88 m delete Commands Network Network Security Security Target Admin Admin Operator Admin Operator User Operator
518. w admin telnet on page 337 Show the status of the Telnet interface show admin tftp on page 337 Shows the TFTP server and username used to import and export software upgrades TCP dumps and other information show admin tsdump Commands on page 337 Shows where technical service dumps are sent email address SCP server or TFTP server show admin upgrade Commands on page 338 Show the file name and SCP or TFTP server for the DX pac file used to upgrade the DX software show admin vip on page 339 Show the virtual IP address used to administer the DX show admin webui Commands on page 340 Show the Web user interface configuration show authentication Commands on page 342 Show the configuration and statistics for the authentication cache show boot on page 343 Show the status of the boot partitions show cache Commands on page 343 Show the configuration and statistics for a 3G cache show capacity on page 344 Show CPU and memory usage and the amount of network and interface traffic in and out of the DX show clock on page 345 Show DX date and time show cluster on page 345 Show the configuration for one or all clusters show cluster aaa audit on page 345 Show whether HTTP S authentication auditing is enabled show cluster aaa authentication Commands on page 346 Show the HTTP
519. w the SCP configuration show admin scp Description Displays the SCP server address and user name Syntax show admin scp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin scp server Description Displays the SCP server IP address or host name Syntax show admin scp server Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin scp username Description Displays the user name for the SCP operation Syntax show admin scp username Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show admin scp Commands mM 327 Command Line Reference Guide for DXOS show admin snmp Commands Use the show admin snmp commands to show the configuration of the Simple Network Management Protocol SNMP show admin snmp Description Use the show admin snmp command to show the entire SNMP configuration Syntax show admin snmp Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s Global Configuration show admin snmp community Description Shows the SNMP community configuration Syntax show admin snmp community Roles Network Network Security Security Tar
520. warder You can also clear the target address and SSL settings clear forwarder description Description Syntax Roles Mode s Clears the description associated with a forwarder This command does not take effect until after a write operation clear forwarder lt name gt description Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear forwarder listen ssl certfile Description Syntax Roles Mode s Clears the listen side SSL certfile for the forwarder This command does not take effect until after a write operation clear forwarder lt name gt listen ssl certfile Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear forwarder listen ssl cipherfile Description Syntax 54 Eu clear forwarder Commands Clears the listen side SSL cipherfile for the forwarder This command does not take effect until after a write operation clear forwarder lt name gt listen ssl cipherfile Chapter 2 Add Through Reset Config Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration clear forwarder listen ssl clientauth Description Clears the listen side SSL client authentication parameters This command does not take effect until after a write ope
521. weblog batch Copy me 208 set cluster weblog batch failure retryinterval eee eeeeees 209 set cluster weblog batch Post 209 set cluster weblog batch scp CONNECItESE eee cece ee eettttttteeeeees 209 set cluster weblog batch scp directory eee eee eeeeteetttteeeeees 210 set cluster weblog batch scp keyfile 2 0 0 cee eee eee eeetentttteeeeees 210 set cluster weblog batch Scp usemame cece eeee eee eetettetteeeeees 210 set cluster weblog delimiter ccc eect eeeeeeeeenetnnttteeeeerees 211 set cluster weblog AestinatiON oooooccccnnnnccccooonnnnoncnccccononononan acc n nn nn nnncnnns 211 set Cluster weblog Tomat 211 set cluster Weblog syslog NOSE mia ds 212 set cluster weblog syslog POr luminaria 212 set dns Commands ee eee Ae eye 212 SEC ONS COMA Sites todavia tae ee tunel Ee 212 SEC ONS SEU la mea ee A A E 213 Set ether COMMAS seniri ee 213 set STEIER 213 set ether lt n gt MEA ia alee i toa 214 set ether tUa eet ee 214 set ethernetmMaSk tee ee Eeer Ee 214 Set failover COmMandS ee EENS nds ce 215 SEC TAU OVER EE 215 Set failover ne 216 set failover discovery interlace ii e ele cs 216 Set failover discovery DOE ee eene eelste 217 set failover torcemaster trae nied esate seb eles ab ans 217 Set failover link tacita da 217 set Tallover listen D ETAT etki a ello dat edo 218 Set fallOVEr nod dai eee es ada das 218 set Tallo e 218 set fail ver peer listen port dd do 219 set falloverstatetUl encinas dich
522. weblog batch scp keyfile cece aea aeaa 52 clear cluster weblog Syslog Nostra deen 53 clear ONS Servet too ee A sane EEN 53 clear failover ET 53 clear forwarder Commands eie a e sh dinbabebnasets 54 clear forwarder description mii dido dead Ee 54 clear forwarder listen ssl cortle cido i 54 clear forwarder listen ssl cipherfile 0 0 0 0 irienner a 54 clear forwarder listen ssl Clientauth uneen aena a 55 clear forwarder listen ssl ephkevftle ccc ce cece ee eeeeetttsteeeeees 55 clear forwarder listen ssl ephkeypass oooonnnininccccocccnccccccccoconanna nan n nn ncnccnns 55 clear forwarder listen ssl deel cional 56 clear forwarder listen ssl KeypaSS oooonnnnninicicocococnnnccccccncononann anar o nn ncncnnno 56 CleattOrwarder Stats seein de tada 56 clear forwarder sticky Clientip Entry oooonnnnninococcccccccccccccninnonana nn non nn nccccnnno 57 clear forwarder tareas betas 57 Cleatforwarder target locallP ies cicccicecodeoneate Srns tatecaes Sg 57 e ee EE 58 lee Lage 58 Cleat twlb group target OS Etna eege deen 58 clear fwlb group target NOSt estate 58 Table of Contents m VII Command Line Reference Guide for DXOS Vill H Table of Contents CH clear 000000000 clear clear Leger SI e Se AA e GLO c clear ear WID BrOUP SESSION enye E E a tia ear IWID r GUP Stats wur hanan ud tiles car IwIb B oup StR V ressanar tele S oSI COMUMMANAS trate E a ear Bslb agent encryption temas a A Cal OslbcdGeMt Stats ege a r
523. ween purges default is 13 seconds This command does not take effect until after a write operation set activen advanced cleaning_interval lt seconds gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to set failover Commands on page 215 set activen Commands m 111 Command Line Reference Guide for DXOS set activen group advanced burst_max Description Syntax Roles Mode s Sets the maximum number of timed out sessions that are purged in one timer interval for the specified group Setting burst_max to zero purges all timed out sessions in one timer cycle default is 7 000 This command does not take effect until after a write operation set activen group lt name all gt advanced burst_max lt number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X ActiveN set activen group advanced policy Description Syntax Roles Mode s Sets the switching policy for the specified group to round robin or least connection default is roundrobin This command does not take effect until after a write operation set activen group lt name all gt advanced policy lt leastconns roundrobin gt N
524. work Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl ciphersuite strong Description Allows only the highest security cipher suites that are suitable for use in the United States This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl ciphersuite strong Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector Commands m 275 Command Line Reference Guide for DXOS set redirector listen ssl clientauth authtype Description Disables or enables client authentication for the redirector lt name gt The default is local and provides local authorization If none is specified the local and remote authentications are disabled The option none may be used in situations where a client certificate needs to be forwarded to the target host This command does not take effect until after a write operation Syntax set redirector lt name gt listen ssl clientauth authtype local none Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Mode s Global Configuration set redirector listen ssl clientauth cacertfile Description Sets the advertised Certificate Authority CA file as a lt filename gt for the redirector The lt fil
525. write operation set cluster lt name gt aaa authentication protocol lt ldap radius gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication set cluster aaa authentication radius server ip Description Syntax Roles Mode s This command is used to set the IP address of the RADIUS server that will be used for the cluster N can be either 1 or 2 This command does not take effect until after a write operation set cluster lt name gt aaa authentication radius server N ip lt ip gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator Xx X HTTP S Authentication set cluster aaa authentication radius server port Description Syntax Roles Mode s This command is used to set the port number of the RADIUS server that will be used for the cluster N can be either 1 or 2 This command does not take effect until after a write operation set cluster lt name gt aaa authentication radius server N port lt port number gt Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X HTTP S Authentication 156 m set cluster aaa authentication Commands Chapter 3 Set Commands set cluster aaa authentication radius server key Description Syntax Roles Mode s This command is used to set the authentication key of the RADIUS server t
526. x Roles Mode s clear admin log method health syslog level Description Syntax Roles Mode s clear admin log method system email level Description Syntax Roles Mode s Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the syslog facility for scriptable health logs clear admin log method health syslog facility Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the log level for scriptable health logs sent to a syslog server clear admin log method health syslog level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration Clears the log level for system logs sent by email clear admin log method system email level Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear admin Commands mM 33 Command Line Reference Guide for DXOS clear admin log method system syslog facility Description Syntax Roles Mode s Clears the syslog facility for system logs clear admin log method system syslog facility Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X Global Configuration clear admin log method system syslog level Description Syntax Roles
527. y content type as shown in Table 14 on page 380 Syntax show server stats history http target content Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http target decompression Description Shows the historical statistics for decompression Syntax show server stats history http target decompression performed failure day hour month year Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration show server stats history http target responsecode Description Shows the quantity of each type of response code handled Syntax show server stats history http target responsecode Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X X Mode s Global Configuration 446 m show server stats Commands Chapter 4 Show Through Write Commands show server stats history io Description Syntax Roles Mode s Shows all of the client side I O statistics for the cluster including m Bytes In Req from Clients m Bytes Out Resp to Clients m Current Client Connections m Total Client Connections m Refused Client Connections show server stats history io Network Network Security Security Target Admin Admin Operator Admin Operator User Operat
528. yntax show activen Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s ActiveN Configuration show activen advanced Description Shows the advanced configuration parameters Syntax show activen advanced Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show activen blade Description Used to display the blade characteristics Using all will display all blades Syntax show activen blade lt ip all gt Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X X Mode s ActiveN Configuration show activen blade lt ip all gt stats Description Used to display the blade statistics Using all will display all blades Syntax show activen blade lt ip all gt stats 316 m show activen Commands Chapter 4 Show Through Write Commands Roles Network Network Security Security Target Admin Admin Operator Admin Operator User Operator X X X Mode s ActiveN Configuration show activen failover The service specific failover commands are listed in Service Failover Commands on page 479 These commands have been replaced by the commands for Unified Failover refer to show failover Commands on page 405 show activen group Description Shows the ActiveN configuration for one or all gr
529. zed Juniper reseller unless the applicable Juniper documentation expressly permits installation on non Juniper equipment b Customer shall use the Software on a single hardware chassis having a single processing unit or as many chassis or processing units for which Customer has paid the applicable license fees c Other Juniper documentation for the Software such as product purchase documents documents accompanying the product the Software user manual s Juniper s website for the Software or messages displayed by the Software may specify limits to Customer s use of the Software Such limits may restrict use to a maximum number of seats concurrent users sessions subscribers nodes or transactions or require the purchase of separate licenses to use particular features functionalities or capabilities or provide temporal or geographical limits Customer s use of the Software shall be subject to all such limitations and purchase of all applicable licenses The foregoing license is not transferable or assignable by Customer No license is granted herein to any user who did not originally purchase the applicable license s for the Software from Juniper or an authorized Juniper reseller 4 Use Prohibitions Notwithstanding the foregoing the license provided herein does not permit the Customer to and Customer agrees not to and shall not a modify unbundle reverse engineer or create derivative works based on the Software b make una
Download Pdf Manuals
Related Search