Cisco GSS Administration Guide (Software Version 2.0)
Index
Downloads: This chapterpdf (PDF - 354.0KB) The complete bookPDF (PDF - 5.14MB) | Feedback

Index

Table Of Contents

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W -

Index

A

access lists

access-group command 5-7, 5-8

access-list command 5-4

adding rules to 5-8

associating with an interface 5-7

creating 5-4

destination port 5-5

disassociating from an interface 5-8

displaying 5-10

filtering traffic 5-1

ICMP traffic filtering 5-5

operator 5-5

overview 5-2

removing rules 5-9

source address 5-5

TCP traffic filtering 5-5

UDP traffic filtering 5-5

viewing 5-9

activating GSS devices 1-6

adding rules to access lists 5-8

administration password

changing 3-27, 3-28

restoring 3-28

administrator account, resetting 3-26

associating access list with interface 5-7

B

backup of GSSM

full backup procedure 7-3

overview 7-2

boot information, displaying 2-48

C

certificate

accepting 1-2

attributes, modifying 2-25

certificate set-attributes command 2-25

installing 1-2

keys, deleting 2-25

modifying 2-25

trusting 1-2

changing GSSM roles in GSS network 2-40

CLI

GSS device monitoring 8-2, 8-4

logging in 2-2

monitoring GSS network statistics 8-1

privileged EXEC mode, enabling 2-2

privilege level, specifying 3-2

resetting CLI administrator account 3-26

resetting password 3-15

TACACS+ server, authorization settings 4-9

user account, creating 3-2

CNR

CLI, accessing 2-9

installing 2-6

license file, acquiring 2-4

license file, installing 2-4

restricted CNR shell, invoking 2-11

cold restart, performing 2-28

copying

files 2-22

startup configuration to or from disk 2-14, 2-15

CPU or memory processes 2-49

D

database

monitoring status of 8-5

purging 9-15

records, purging 9-16

restoring GSSM from full backup 7-5

validating records 8-6

validation report 8-6

DDoS

license file, acquiring 2-4

license file, installing 2-4

debug log message 9-15

default

password 1-3

username 1-3

deleting files 2-23

deployment, GSS devices behind firewall 5-12

directory

current working directory, displaying 2-20

displaying files 2-20

disabling GSS software 2-29

disassociating access list from interface 5-8

disk

displaying information 2-50

specifying for log file destination 9-5

documentation

audience xi

caution and note overview xvi

conventions xiii, xv

organization xii

related xiii

set xiii

symbols and conventions xv

downgrading

GSS device software 7-8

order of operation 7-8

restoring earlier software version 7-9

E

enabling GSS software 2-29

Ethernet interface, segmenting traffic 5-9

exporting primary GSSM data 1-14

F

factory defaults, restoring 2-29

fatal error log message 9-15

files

deleting 2-23

displaying entire contents 2-19

displaying in directory 2-20

displaying last 10 lines 2-19

listing within directory 2-51

renaming 2-21

securely copying 2-22

filtering

GSS traffic 5-1

ICMP traffic 5-5

TCP traffic 5-5

traffic type 5-5

UDP traffic 5-5

firewall

configuring for GSS 5-16

deploying GSS devices 5-12

inbound traffic to GSS 5-12

inbound traffic to the GSS 5-13

outbound traffic from the GSS 5-14

full GSSM backup 7-3

G

Global Site Selector

activating from primary GSSM 1-6

CNR, installing 2-6

cold restart, performing 2-28

CPU or memory processes, displaying 2-49

deleting devices from primary GSSM 1-10

disabling GSS device 2-29

downgrading software 7-8

enabling GSS device 2-29

firewalls 5-12, 5-16

GSS-related port and protocols 5-3

hard disk information, displaying 2-50

inactivity timeout 2-24

inter-GSS communications 5-9

license data, displaying 2-46

license file, obtaining 2-4

logging levels 9-1, 9-5, 9-7

logically removing or replacing 1-11

login accounts 3-1

memory blocks and statistics, displaying 2-47

MIB files 6-9

modifying device configuration from primary GSSM 1-9

monitoring through CLI 8-2, 8-4

monitoring through GUI 8-4

online status and resource usage 8-2, 8-4

operating configuration, displaying for TAC 8-8

ports and protocols 5-2, 5-12

purging system log messages 9-15

recovering deregistered GSS 2-3

registering 1-6

renaming a file 2-21

replacing 2-39

reporting interval 1-14

restarting GSS software 2-28

running configuration 2-12, 2-14

services information, displaying 2-52

shutting down GSS software 2-27

software licenses 2-3

startup configuration 2-12, 2-14

status 2-51, 8-4

stopping GSS software 2-27

subsystem levels 9-1

subsystems 9-5, 9-7

system status, displaying 2-51, 8-4

UDI, displaying 2-50

user account, creating 3-2

user account, deleting 3-3

user account, modifying 3-3

version information 2-45

Global Site Selector Manager

activating 1-6

activating devices 1-6

backing up 7-2

changing role in GSS network 2-40

changing the GUI password 3-13

changing to standby 2-40

cold restart, performing 2-28

configuring, primary 4-29

configuring, standby 4-29

creating user account (GUI) 3-9

database, monitoring 8-5

default username and password 1-3

deleting GSS devices 1-10

disabling GSSM device 2-29

downgrading software 7-8

enabling GSSM device 2-29

exporting data 1-14

GUI, configuring 1-13

inactivity timeout 2-24

logging on 1-2

logically removing GSS or standby GSSM 1-11

login accounts 3-4

modifying devices 1-9

modifying user account (GUI) 3-12

monitoring device status from GUI 8-4

password 3-13

platform information 7-6

printing data 1-14

registering GSS devices 1-6

removing user account (GUI) 3-12

replacing 2-35, 2-37

restarting GSS software 2-28

restoring factory defaults 2-29

restoring full backup 7-5

reversing role in GSS network 2-43

role change 2-40

shutting down GSS software 2-27

stopping GSS software 2-27

TACACS+ server authorization 4-12

URL, secure HTTP 1-2, 1-5

verifying role prior to upgrading A-2

viewing system logs 9-13

gss.log file 9-10

gssm standby-to-primary command 2-32, 2-42

GSS network

changing GSSM role 2-40

GSS, logically removing 1-11

limiting network traffic 5-9

logically removing a GSS 1-11

monitoring through CLI 8-1

monitoring through GUI 8-4

primary GSSM, logically removing 1-11

reversing GSSM role 2-43

segmenting network traffic 5-9

standby GSSM, logically removing 1-11

URL 1-2, 1-5

GSS-related ports and protocols 5-3

GUI

configuration 1-13

default username and password 1-3

logging on 1-2

logging out 1-4

monitoring GSS device status 8-5

password 3-13

refreshing 1-14

session inactivity timeout 1-13

timeout 1-14

user account, creating 3-9

user account, modifying 3-12

user account, removing 3-12

user view, creating 3-16

GUI privilege level

administrator 3-5, 3-6

observer 3-5, 3-8

operator 3-5, 3-6

specifying 3-10

TACACS+ server authorization 4-12

H

host, specifying as log file destination 9-6

I

Info log message 9-15

inter-GSS communications 5-9

K

keepalives with TACACS+ server 4-22

L

licenses

CNR, installing 2-6

installing 2-5

obtaining 2-4

overview 2-3

Product Access Key 2-3

SWIFT application 2-4

uninstalling 2-5

loading startup configuration from external file 2-14

log files

destination, specifying disk 9-5

host destination, specifying 9-6

logging levels 9-1

rotating 9-12

subsystem 9-11

viewing from CiscoWorks RME Syslog Analyzer 9-18

logging

facility 9-8

follow command option 9-10

host destination, specifying 9-6

levels 9-1, 9-4

log activity, displaying 9-11

logging disk command 9-5, 9-6

logs, displaying 9-11

purging log records 9-15

subsystems 9-5, 9-7

syslog facility 9-8

system logging 9-4

system message log, displaying 9-11

tail command option 9-10

to a specific file on disk 9-5

to sys.log file, disabling 9-8

to sys.log file, enabling 9-6

turning off from disk 9-6, 9-7, 9-8

logging levels 9-1, 9-5, 9-7

logically removing

GSS from a network 1-11

GSS or standby GSSM from the network 1-11

standby GSSM from a network 1-11

log in

CLI 2-2

default GUI username and password 1-3

inactivity timeout, specifying 2-24

logging out 1-4

primary GSSM GUI 1-2

login accounts

creating on GSS 3-2

creating on GSSM 3-9

deleting 3-3

GSSM 3-4

managing 3-1

modifying 3-3, 3-12

removing 3-12

log out 1-4

M

memory blocks and statistics 2-47

messages

purging 9-15

system log 9-16

viewing 9-13

MIBs 6-2, 6-9

monitoring

database status 8-5

GSS network status 8-1

online status 8-2, 8-4

resource usage 8-2, 8-4

status of GSS devices by CLI 8-2

status of GSS devices from the GUI 8-5

N

network

See GSS network

O

operator range 5-5

P

packets

denying 5-4

permitting 5-4

Partner Initiated Customer Access

See PICA

password

changing default administration password 3-27, 3-28

CLI, resetting 3-15

CLI user account, creating 3-2

default (GUI) 1-3

GSSM GUI, changing 3-13

GUI, entering 1-3

GUI user account, changing password 3-13

GUI user account, creating 3-10

resetting CLI administrator account 3-26

restoring default administration password 3-28

PICA A-3

platform information

restoring 7-6

summary 7-6

ports and protocols 5-2, 5-3, 5-12

printing primary GSSM data 1-14

privileged EXEC mode, enabling 2-2

protocols and ports for GSS devices 5-3

purging system log messages 9-15

R

record

database records, validating 8-6

purging 9-15

refreshing the GUI 1-14

registering GSS devices 1-6

renaming a GSS file 2-21

replacing

flowchart 2-30

GSS 2-39

primary GSSM 2-35

standby GSSM 2-37

report, database validation creating 8-6

reset-gui-admin-password command 3-28

resetting

CLI administrator account 3-26

CLI password 3-15

password 3-26

restarting GSS software 2-28

restoring

default administration password 3-28

GSSM from full backup 7-5

GSSM platform information 7-6

overview 7-4

rotating log files 9-12

running configuration file

changing 2-13

copying 2-14

copying as startup-config file 2-13

displaying 2-15

overview 2-12

saving to startup configuration 2-13

summary 2-12, 2-14

S

segmenting GSS traffic by interface 5-9

session inactivity timeout 1-13

severity log message 9-15

show commands

show access-group command 5-11

show access-list command 5-9, 5-10

show boot-config command 2-48

show disk command 2-50

show inventory command 2-50

show license command 2-46

show logging command 9-11

show logs command 9-10

show memory command 2-47

show processes command 2-49

show services command 2-52

show system-status command 2-51, 8-4

show tacacs command 4-26

show tech-support command 8-8

show uptime command 2-50

show user command 2-23

show users command 2-23

show version command 2-45

shutting down GSS software 2-27

SNMP

configuring 6-2

configuring server information 6-4

disabling 6-3

enabling 6-2

MIB files, viewing 6-9

overview 6-2

port, changing 6-9

server notifications 6-5, 6-6

setup 6-2

snmp command 6-2

snmp-server command 6-4

specifying notification operation recipients 6-7

viewing status 6-8

SNMP notification operations

snmp-server host command 6-7

specifying recipients 6-7

SNMP server information

configuring 6-4

SNMP server notifications

enabling 6-5, 6-6

snmp-server enable traps command 6-5, 6-6

software

boot information, showing 2-48

disabling GSS device 2-29

downgrade, restoring earlier software version 7-9

downgrade procedure 7-8

enabling GSS device 2-29

restarting 2-28

shutting down 2-27

stopping 2-27

update, obtaining update file A-3

upgrade procedure A-1

version information, showing 2-45

software licenses

CNR, installing on GSS 2-6

installing 2-5

obtaining 2-4

overview 2-3

Product Access Key 2-3

SWIFT application 2-4

uninstalling 2-5

standby GSSM 1-11

changing to primary 2-40

logically removing 1-11

registering with primary GSSM 1-6

replacing 2-37

startup configuration

changing 2-12, 2-14

loading from external file 2-14

saving running configuration as startup configuration 2-13

startup configuration file

changing 2-13

copying 2-14

copying device startup configuration settings 2-15

copying running configuration file as 2-13

displaying 2-17

loading from external file 2-15

overview 2-12

stopping GSS software 2-27

subsystem log files

rotating 9-12

viewing 9-11

subsystems 9-1, 9-5, 9-7

SWIFT application 2-4

sys.log 9-6, 9-8

syslog, configuring 9-4

system

logging 9-4

message log 9-11

status, displaying 2-51, 8-4

system log

messages 9-16

purging 9-15

severity 9-15

typical messages 9-16

viewing 9-13

viewing from CiscoWorks RME Syslog Analyzer 9-18

viewing from GUI 9-14

system uptime, displaying 2-50

T

TAC

displaying GSS operating configuration 8-8

tech report 8-8

TACACS+

accounting overview 4-3

authentication overview 4-3

authorization overview 4-3

Cisco Secure Access Control Server (ACS) 4-5

disabling 4-28

GSS, disabling/enabling keepalives 4-22

GSS, specifying accounting 4-25

GSS, specifying authentication 4-23

GSS, specifying authorization 4-24

GSS, specifying server hosts 4-19

GSS, specifying server timeout 4-23

overview 4-2

primary GSSM GUI privilege level authorization 4-12

primary GSSM user view authorization 4-16

quick start 4-4

server, accounting settings 4-17

server, authentication settings 4-5

server, authorization settings 4-7

server, configuring 4-5

shared secret with GSS 4-20

statistics, clearing 4-28

statistics, displaying 4-26

tail command option 9-12

terminal screen line length, configuring 2-24

third-party software, viewing information 1-15

traffic

filtering 5-4

limiting 5-9

segmenting by interface 5-9

U

UDI 2-50

upgrading

GSS software A-1

obtaining update file A-3

sequence A-1

update file, obtaining A-3

verifying GSSM role prior to upgrading A-2

user

account, creating 3-9

account, modifying 3-12

account, removing 3-12

information, displaying 2-23

user account

CLI account, creating 3-2

CLI account, deleting 3-3

CLI account, modifying 3-3

CLI user, privilege levels 3-2

creating for GUI 3-9

creating with CLI 3-2

deleting 3-3

GUI user, privilege levels 3-5, 3-6, 3-8, 3-10

GUI user, views 3-11

GUI user account, changing password 3-13

GUI user account, creating 3-9

GUI user account, modifying 3-12

GUI user account, removing 3-12

modifying 3-3, 3-12

removing 3-12

view overview 3-15

username

default (GUI) 1-3

GUI, entering 1-3

GUI user account, creating 3-10

user roles 3-5, 3-10

user view

answers, adding 3-18

answers, removing 3-22

creating 3-16

deleting 3-25

general configuration 3-18

keepalives, adding 3-19

keepalives, removing 3-22

locations, adding 3-20

locations, removing 3-22

modifying 3-24

naming 3-18

overview 3-15

owners, adding 3-21

owners, removing 3-22

specifying 3-11

TACACS+ server authorization 4-16

V

validating database records 8-6

verifying GSSM role A-2

version information 2-45

viewing

access lists 5-9

gss.log file 9-10

MIB files 6-9

SNMP status 6-8

subsystem log files 9-11

system log 9-13

system logs from CiscoWorks RME Syslog Analyzer 9-18

system logs from GUI 9-14

third-party software information 1-15

W

warning log message 9-15