Coyote Point Systems Equalizer Especificações Página 144
- Página / 594
- Índice
- RESOLUÇÃO DE PROBLEMAS
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
Working in the CLI
Certificate Commands
Each SSL certificate installed on Equalizer has a CLI context that provides commands for managing the certificate
and its associated private key. Certificates, private keys, and CRLs (see the following section) are used by
Equalizer to provide SSL offloading for HTTPS clusters.
In SSL offloading, Equalizer terminates the SSL connection with the client, decrypts the client request using a
certificate and key, sends the request on to the appropriate server, and encrypts the server response before
forwarding it on to the client.
Certificates are uploaded to Equalizer and then associated with one or more clusters. Two types of certificates
may be used to authenticate HTTPS cluster connections:
l A
cluster certificate
is required to authenticate the cluster to the client and to decrypt the client request
(these are also called
server certificates
). For cluster certificates, both a certificate file and a private key file
must be uploaded to Equalizer.
l A cluster may also be configured to ask for, or require, a
client certificate
-- a certificate used to authenticate
the client to Equalizer. For client certificates, only a certificate file is uploaded to Equalizer(no keyfile is
used).
Supported certificate commands are shown in the following tables.
Using Certificate Commands in Global Context
Using Certificate Commands in Global Context
eqcli > certificate certname [cmd ...] : Create certname (req_cmds = *
commands below)
eqcli > certificate certname cmd ... : Modify certname (cmd = any commands
below)
eqcli > no certificate certname : Delete certname
eqcli > show certificate [certname] : Display all certificates or
certname
eqcli > certificate certname : Change to "cert-certname" context
(see below)
Using Certificate Commands in Certificate Context
Using Certificate Commands in Certificate Context
eqcli cert-certname> certfile {edit|url} : Upload SSL certificate
eqcli cert-certname> keyfile {edit|url} : Upload private key
eqcli cert-certname> show : Display the certificate
configuration.
The arguments to the certfile and keyfile commands are:
edit - Launch an editor to supply the content of the certificate or key file.
url - Download the certificate or key file from the ftp:// or http:// protocol URL supplied on the command line.
144
Copyright © 2013 Coyote Point Systems. A subsidiary of Fortinet, Inc.
- Equalizer 1
- Administration Guide 1
- Table of Contents 3
- Upgrading and Downgrading 57 4
- Licensing Equalizer 67 4
- Configuring Access 73 4
- Network Configuration 77 4
- Working in the CLI 127 5
- Using the GUI 191 7
- Servers 243 8
- Clusters 259 9
- Match Rules 317 10
- Logging 399 13
- Failover 423 13
- Alerts 483 14
- Using SNMP Traps 493 14
- User and Group Management 499 15
- Using Envoy 513 15
- Glossary 577 17
- Chapter 1 19
- Introduction 19
- Chapter Summary 20
- Using the WebHelp 22
- Glossary 24
- Server pools 25
- Typographical Conventions 26
- Where to Go for More Help 27
- Chapter 2 29
- Equalizer Overview 29
- About Equalizer 30
- Intelligent Load Balancing 30
- Load Balancing Configuration 31
- How a Server is Selected 33
- Server Selection Process Flow 35
- Persistence 37
- Geographic Load Balancing 39
- Sizing of Equalizer Objects 40
- Chapter 3 41
- Installation 41
- Warnings and Precautions 42
- Power Requirements 43
- Power Consumption 43
- Operating Environment 45
- Regulatory Certification 45
- Hardware Installation 46
- Chapter 4 49
- Chapter 5 57
- Upgrading and Downgrading 57
- Version 8.6 Upgrade Procedure 58
- Downgrading to Version 8.6 62
- Chapter 6 67
- Licensing Equalizer 67
- Removing Licenses 69
- Chapter 7 73
- Configuring Access 73
- Default Login 74
- Creating Additional Logins 74
- Serial Access 74
- Network Access 74
- VLAN Subnet Network Services 75
- Chapter 8 77
- Networking Conventions 78
- Networking Technologies 78
- Blank Configuration 82
- Single VLAN/Subnet 82
- Rules 4 and 5 84
- Dual VLAN/Network 85
- Rules 5 and 6 86
- Networks 95
- Configuring VLANs 100
- All Rights Reserved 101
- Configuring Subnets 103
- About Permitted Subnets 104
- Configuring Outbound NAT 105
- Managing Interface Ports 107
- Network Configuration 108
- Displaying Port Statistics 109
- Policy Routing 110
- Source Selection 113
- Source Routing Scenarios 115
- Source, Destination Specified 119
- Generated by Equalizer 120
- Enabling DNS 121
- Configuring NTP 121
- NTP and Plotting 122
- Default NTP Configuration 122
- Selecting an NTP Server 122
- Managing NTP 123
- Default Source Selection 124
- Source Routing Table 124
- IP Filter Rules 124
- Network Troubleshooting Tools 126
- Chapter 9 127
- Working in the CLI 127
- Starting the CLI 128
- Exiting the CLI 129
- Object Relationships 132
- Command Line Editing 133
- Enabling and Disabling Flags 134
- Queued Commands 137
- Context Help 138
- Global Parameters 139
- Context Command Summaries 140
- Global Commands 141
- Licensing Commands 143
- Certificate Commands 144
- Cluster Flags 150
- External Services Commands 155
- GeoCluster Context Commands 156
- Geosite Instance Flags 157
- GeoSite Commands 159
- Interface Commands 160
- TransmitCounters 161
- Receive Counters 161
- Object List Commands 163
- Peer Commands 164
- Peer Context Commands 165
- Peer Context Command Flags 165
- Responder Commands 166
- (quotes are optional) 167
- Server Commands 168
- Server Instance Flags 171
- Health Check Instance Flags 172
- Load Balancing Policies 173
- Aggressive Load Balancing 175
- Dynamic Weight Oscillations 175
- SNMP Commands 176
- Enabling SNMP (CLI) 177
- 172net:Default 178
- Tunnel Commands 179
- User Commands 180
- User-alertContext Commands 181
- User Alert Notify Type Flags 181
- User Flags 182
- Setting the Locale 182
- Creating a User 182
- Deleting a User 183
- User Passwords 183
- User Permissions 183
- Displaying User Information 185
- VLAN and Subnet Commands 186
- VLAN Subnet Flags 187
- VLAN and Subnet Command Notes 188
- VLAN Subnets 189
- VLAN IP Addresses 189
- VLAN Services 189
- Routing Between VLANs 189
- Chapter 11 191
- Using the GUI 191
- Logging In 192
- 1. Left Navigational Pane 193
- 2. Help Buttons/Options 195
- Global Settings 196
- Failover Section 197
- Global Service Settings Flags 198
- MIB Compliance 200
- Certificates 201
- Certificate Revocation Lists 202
- Events Log 205
- Export to CSV 206
- Filtering Status Details 206
- Remote Syslog 206
- External Services 207
- VLB Manager 208
- Maintenance 210
- Licensing 211
- Manage Software 211
- Current Boot Image 212
- EQ/OS Release Status 212
- Interfaces 215
- Modifying Port Settings 217
- Reporting 220
- Chapter 12 223
- Configuring an IPv6 Tunnel 223
- IPv6 Tunnel Overview 224
- Chapter 13 229
- Managing Server Pools 230
- Server Pool Summary (GUI) 233
- Adding Server Instances(GUI) 236
- Adding Server Instances (CLI) 239
- > context 240
- Deleting a Server Pool (GUI) 241
- Deleting a Server Pool (CLI) 242
- Chapter 14 243
- Spoof Controls SNAT 245
- How Spoof Influences Routing 245
- Managing Servers 246
- Layer 7 HTTPS 247
- "Maximum Connections 248
- Adding a Server (CLI) 249
- Modifying a Server (CLI) 249
- Server Summary Screen 250
- Server Software Configuration 250
- Adding a Server to a Cluster 251
- Processing 255
- Deleting a Server 257
- Chapter 15 259
- Clusters 259
- Cluster Connection Timeouts 261
- Layer 4 Connection Timeouts 265
- Application Server Timeouts 266
- Adding and Deleting Clusters 267
- Cluster Summary 270
- Customizing the Display 271
- "Configuring 274
- TCP Cluster Persistence 275
- TCP Cluster Timeouts 276
- Layer 7 TCP Cluster Settings 288
- Persistence Methods 291
- Cookie Parameters 292
- Source IP Parameters 293
- Layer 7 Cluster Reporting 296
- Server Name Indication 299
- Security > 300
- About Passive FTP Translation 303
- Enabling Sticky Connections 303
- HTTPS Header Injection 309
- FTP Cluster Configuration 311
- Chapter 16 317
- Match Rules 317
- Using Match Rules 318
- How Match Rules are Processed 319
- Match Rule Order 319
- Match Rule Expressions 321
- Match Bodies 323
- Match Rule Functions 324
- Match Rule Operators 327
- Match Rule Definitions 327
- /var/eq/eq.conf 328
- Match Rule Expression Notes 329
- Regular Expressions 330
- Supported Headers 330
- HTTPS Protocol Matching 331
- Supported Characters in URIs 331
- Managing Match Rules 332
- Creating a New Match Rule 333
- Modifying a Match Rule 336
- Removing a Match Rule 336
- Example Match Rules 337
- Selective SNAT Example 340
- Add Match Rule form 342
- Chapter 17 347
- Automatic Cluster Responders 347
- Overview 348
- Managing Responders 348
- Modifying a Responder 350
- More Responder Examples 356
- Responders and Hot Spares 356
- Chapter 18 359
- HTTP Multiplexing 360
- Outbound NAT 362
- Direct Server Return (DSR) 363
- /etc/sysctl: 366
- Chapter 19 369
- Server Health Check Probes 369
- Layer 3 ICMP Probes 370
- Requests 371
- L4 UDP Probes 372
- L4 TCP/IP Probes 373
- Enabling/Disabling ACV Probes 374
- Testing ACV Probes 375
- Simple Health Check Probes 378
- Server Agents 382
- Sample Server Agent 383
- VLB Health Check Probes 384
- Configure VLB Managers 386
- Add health checks 388
- Add Health Checks 392
- Health Check Timeouts 394
- Chapter 20 399
- Displaying Logs 400
- Remote System Logging 400
- Chapter 21 403
- CLI Term GUITerm Definition 405
- Statistics pane on the 409
- (CLI and GUI) 410
- Reporting tab to display 416
- Server Statistic Definitions 417
- Chapter 22 423
- Failover 423
- Understanding Failover 424
- Both Units Using EQ/OS 10 425
- Active/Passive Failover 432
- Active/Active Failover 432
- Failover Modes 433
- Failover Status display: 434
- Global Failover Parameters: 437
- Between Two EQ/OS 10 Systems 439
- 172net is displayed 442
- Perform Steps 1 and 2 on 443
- Equalizers 443
- Perform Step 3 on the 444
- Perform Steps 4 and 5 on the 445
- Perform Step 6 on the 446
- Perform Step 7 on 447
- Failover flag 451
- Perform Steps 7 on 453
- Failover is not configured.: 455
- Two EQ/OS 10 Systems 456
- Primary Equalizer 457
- Backup Equalizer 457
- 10 Systems 460
- Configuration 461
- Monitoring N+1 Failover 462
- Rebalancing 466
- Eq-B and Eq-C: 468
- Eq-A and Eq-B: 470
- Eq-A or Eq-B 470
- Eq-A, Eq-C, and Eq-D: 480
- Chapter 23 483
- Overview of Alerts 484
- Alert Object Names 484
- Alert Types and Object Types 484
- Alert Notification Types 485
- Configuring Alerts 486
- Configuring Alerts in the CLI 487
- Alert Parameters 488
- Server Instance Alerts 488
- Server Alerts 488
- AlertNotifications 489
- Displaying Notifications 490
- Setting the Interval 491
- Removing Notification Alerts 491
- Chapter 24 493
- Using SNMP Traps 493
- Setting Up SNMP Traps 494
- Enabling SNMP 495
- Enabling SNMP Traps 497
- Chapter 25 499
- User and Group Management 499
- Practices 500
- Object Permission Types 500
- Administrative Setup 507
- Chapter 26 513
- Using Envoy 513
- Balancing 514
- DNSConfiguration 515
- Using Envoy with NAT Devices 517
- Configuring GeoClusters 518
- Adding a GeoCluster (GUI) 521
- Deleting a GeoCluster (GUI) 522
- Adding a GeoCluster (CLI) 522
- Deleting a GeoCluster (CLI) 522
- Configuring GeoSites 526
- Adding a GeoSite (GUI) 527
- Deleting a GeoSite (GUI) 528
- Adding a GeoSite (CLI) 528
- Deleting GeoSite (CLI) 528
- GeoSite Instance Parameters 528
- Resources 534
- Name a GeoSite Resource (GUI) 536
- Name a GeoSite Resource (CLI) 537
- Chapter 27 541
- Backup and Restore 541
- Backup (GUI) 542
- Backup (CLI) 543
- Restore (GUI) 544
- Restore (CLI) 545
- Chapter 28 547
- Regular Expression Terms 548
- Learning About Atoms 548
- Creating a Bracket Expression 549
- Appendix A 553
- Physical Dimensions 553
- Appendix B 555
- Using the File Editor 555
- Editing Files 556
- Main and Submenu Commands 557
- Appendix C 559
- Conversion Process 560
- _000 and _001 561
- Migration Process 562
- Appendix D 567
- Equalizer OnDemand 567
- What is Equalizer OnDemand? 568
- OnDemand 570
- Licensing Equalizer OnDemand 573
- Upgrading Equalizer OnDemand 575
Manuais e produtos relacionados com Equalizadores Coyote Point Systems Equalizer
(22 páginas)© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.051 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais