-
Cisco GSS Administration Guide (Software Version 1.2)
-
Index
-
Preface
-
Managing GSS Devices from the GUI
-
Managing the GSS from the CLI
-
Creating and Managing User Accounts
-
Managing GSS User Accounts Through a TACACS+ Server
-
Configuring Access Lists and Filtering GSS Traffic
-
Configuring SNMP
-
Backing Up and Restoring the GSSM
-
Viewing Log Files
-
Monitoring GSS Operation
-
Upgrading the GSS Software
-
Table Of Contents
A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - R - S - T - U - V - W -
Index
A
access lists
access-list command 5-4
adding rules to 5-8
associating with an interface 5-6
creating 5-4
destination port 5-5
disassociating from an interface 5-7
displaying 5-10
filtering traffic 5-1
ICMP traffic filtering 5-4
operator 5-4
overview 5-2
removing rules 5-8
source address 5-4
TCP traffic filtering 5-4
UDP traffic filtering 5-4
viewing 5-9
activating GSS devices 1-4
adding rules to access lists 5-8
administration password
restoring 3-28
administrator account, resetting 3-26
associating access list with interface 5-6
B
backup of GSSM
full backup procedure 7-3
overview 7-2
boot information, displaying 2-40
C
certificate
accepting 1-2
attributes, modifying 2-17
certificate set-attributes command 2-17
installing 1-3
keys, deleting 2-17
modifying 2-17
trusting 1-2
changing GSSM roles in GSS network 2-34
CLI
GSS device monitoring 9-2, 9-3
logging in 2-2
monitoring GSS network statistics 9-1
privileged EXEC mode, enabling 2-2
privilege level, specifying 3-2
resetting CLI administrator account 3-26
resetting password 3-15
TACACS+ server, authorization settings 4-9
user account, creating 3-2
cold restart, performing 2-20
community string (SNMP) 6-2
copying
files 2-13
startup configuration to or from disk 2-5, 2-6
CPU or memory processes 2-42
D
database
monitoring status of 9-5
purging 8-14
records, purging 8-15
restoring GSSM from full backup 7-6
validating records 9-6
validation report 9-6
debug log message 8-14
default
password 1-3
username 1-3
deleting files 2-14
deployment, GSS devices behind firewall 5-11
directory
current working directory, displaying 2-11
displaying files 2-11
disabling GSS software 2-21
disassociating access list from interface 5-7
disk
displaying information 2-42
specifying for log file destination 8-4
documentation
audience xiv
caution and note overview xviii
organization xiv
related xvi
set xvi
symbols and conventions xvii
downgrading
GSS device software 7-9
order of operation 7-9
restoring earlier software version 7-9
E
enabling GSS software 2-21
Ethernet interface, segmenting traffic 5-9
exporting primary GSSM data 1-12
F
factory defaults, restoring 2-21
fatal error log message 8-14
files
deleting 2-14
displaying entire contents 2-9
displaying in directory 2-11
displaying last 10 lines 2-9
listing within directory 2-43
renaming 2-12
securely copying 2-13
filtering
GSS traffic 5-1
ICMP traffic 5-4
TCP traffic 5-4
traffic type 5-4
UDP traffic 5-4
firewall
configuring for GSS 5-14
deploying GSS devices 5-11
inbound traffic to GSS 5-12
inbound traffic to the GSS 5-12
outbound traffic from the GSS 5-13
full GSSM backup 7-3
G
Global Site Selector
activating from primary GSSM 1-4
cold restart, performing 2-20
CPU or memory processes, displaying 2-42
deleting devices from primary GSSM 1-8
disabling GSS device 2-21
downgrading software 7-9
enabling GSS device 2-21
GSS-related port and protocols 5-3
hard disk information, displaying 2-42
inactivity timeout 2-15
inter-GSS communications 5-9
logically removing or replacing 1-9
login accounts 3-1
memory blocks and statistics, displaying 2-40
MIB files 6-4
modifying device configuration from primary GSSM 1-8
monitoring through CLI 9-2, 9-3
monitoring through GUI 9-4
online status and resource usage 9-2, 9-3
operating configuration, displaying for TAC 9-8
purging system log messages 8-14
registering 1-4
renaming a file 2-12
replacing 2-32
reporting interval 1-12
restarting GSS software 2-20
running configuration 2-3, 2-5
services information, displaying 2-44
shutting down GSS software 2-19
startup configuration 2-3, 2-5
stopping GSS software 2-19
subsystem levels 8-1
system status, displaying 2-43, 9-3
user account, creating 3-2
user account, deleting 3-3
user account, modifying 3-3
version information 2-38
Global Site Selector Manager
activating 1-4
activating devices 1-4
backing up 7-2
changing role in GSS network 2-34
changing the GUI password 3-13
changing to standby 2-34
cold restart, performing 2-20
configuring, primary 4-28
configuring, standby 4-28
creating user account (GUI) 3-9
database, monitoring 9-5
default username and password 1-3
deleting GSS devices 1-8
disabling GSSM device 2-21
downgrading software 7-9
enabling GSSM device 2-21
exporting data 1-12
GUI, configuring 1-11
inactivity timeout 2-15
logging on 1-2
logically removing GSS or standby GSSM 1-9
login accounts 3-4
modifying devices 1-8
modifying user account (GUI) 3-12
monitoring device status from GUI 9-4
password 3-13
platform information 7-7
printing data 1-12
registering GSS devices 1-4
removing user account (GUI) 3-12
restarting GSS software 2-20
restoring factory defaults 2-21
restoring full backup 7-6
reversing role in GSS network 2-36
role change 2-34
shutting down GSS software 2-19
stopping GSS software 2-19
TACACS+ server authorization 4-12
URL, secure HTTP 1-2
verifying role prior to upgrading A-2
viewing system logs 8-12
gss.log file 8-8
gssm standby-to-primary command 2-25, 2-35
GSS network
changing GSSM role 2-34
GSS, logically removing 1-9
limiting network traffic 5-9
logically removing a GSS 1-9
monitoring through CLI 9-1
monitoring through GUI 9-4
primary GSSM, logically removing 1-9
reversing GSSM role 2-36
segmenting network traffic 5-9
standby GSSM, logically removing 1-9
URL 1-2
GSS-related ports and protocols 5-3
GUI
configuration 1-11
default username and password 1-3
logging on 1-2
monitoring GSS device status 9-5
password 3-13
refreshing 1-12
session inactivity timeout 1-11
timeout 1-12
user account, creating 3-9
user account, modifying 3-12
user account, removing 3-12
user view, creating 3-16
GUI privilege level
specifying 3-10
TACACS+ server authorization 4-12
H
host, specifying as log file destination 8-6
I
Info log message 8-14
inter-GSS communications 5-9
K
keepalives with TACACS+ server 4-21
L
loading startup configuration from external file 2-5
log files
destination, specifying disk 8-4
host destination, specifying 8-6
logging levels 8-1
rotating 8-11
subsystem 8-10
logging
follow command option 8-8, 8-9
host destination, specifying 8-6
log activity, displaying 8-10
logs, displaying 8-10
purging log records 8-14
system logging 8-4
system message log, displaying 8-10
to a specific file on disk 8-4
to sys.log file, disabling 8-8
to sys.log file, enabling 8-6
turning off from disk 8-6, 8-7, 8-8
logically removing
GSS from a network 1-9
GSS or standby GSSM from the network 1-9
standby GSSM from a network 1-9
log in
CLI 2-2
default GUI username and password 1-3
inactivity timeout, specifying 2-15
primary GSSM GUI 1-2
login accounts
creating on GSS 3-2
creating on GSSM 3-9
deleting 3-3
GSSM 3-4
managing 3-1
removing 3-12
M
memory blocks and statistics 2-40
messages
purging 8-14
system log 8-16
viewing 8-12
monitoring
database status 9-5
GSS network status 9-1
status of GSS devices by CLI 9-2
status of GSS devices from the GUI 9-5
N
network
O
operator range 5-4
P
packets
denying 5-4
permitting 5-4
Partner Initiated Customer Access
password
changing default administration password 3-27, 3-28
CLI, resetting 3-15
CLI user account, creating 3-2
default (GUI) 1-3
GSSM GUI, changing 3-13
GUI, entering 1-3
GUI user account, changing password 3-13
GUI user account, creating 3-10
resetting CLI administrator account 3-26
restoring default administration password 3-28
PICA A-3
platform information
restoring 7-7
summary 7-7
ports and protocols 5-2, 5-3, 5-12
printing primary GSSM data 1-12
privileged EXEC mode, enabling 2-2
protocols and ports for GSS devices 5-3
purging system log messages 8-14
R
record
database records, validating 9-6
purging 8-14
refreshing the GUI 1-12
registering GSS devices 1-4
renaming a GSS file 2-12
replacing
flowchart 2-23
GSS 2-32
primary GSSM 2-28
standby GSSM 2-30
report, database validation creating 9-6
reset-gui-admin-password command 3-28
resetting
CLI administrator account 3-26
CLI password 3-15
password 3-26
restarting GSS software 2-20
restoring
default administration password 3-28
GSSM from full backup 7-6
GSSM platform information 7-7
overview 7-5
rotating log files 8-11
running configuration file
changing 2-4
copying 2-5
copying as startup-config file 2-4
displaying 2-6
overview 2-3
saving to startup configuration 2-4, 2-6
S
segmenting GSS traffic by interface 5-9
session inactivity timeout 1-11
severity log message 8-13
show commands
show access-group command 5-11
show access-list command 5-9, 5-10
show boot-config command 2-40
show disk command 2-42
show logging command 8-10
show logs command 8-8
show memory command 2-40
show processes command 2-42
show services command 2-44
show system-status command 2-43, 9-3
show tacacs command 4-26
show tech-support command 9-8
show uptime command 2-42
show user command 2-14
show users command 2-14
show version command 2-38
shutting down GSS software 2-19
SNMP
community string 6-2
configuring 6-2
contact information 6-3
disabling 6-3
enabling 6-2
location 6-3
MIB files, viewing 6-4
overview 6-2
port, changing 6-4
setup 6-2
snmp command 6-2
viewing status 6-3
software
boot information, showing 2-40
disabling GSS device 2-21
downgrade, restoring earlier software version 7-9
downgrade procedure 7-9
enabling GSS device 2-21
restarting 2-20
shutting down 2-19
stopping 2-19
update, obtaining update file A-3
upgrade procedure A-1
version information, showing 2-38
standby GSSM 1-9
changing to primary 2-34
logically removing 1-9
registering with primary GSSM 1-4
replacing 2-30
startup configuration
loading from external file 2-5
saving running configuration as startup configuration 2-4, 2-6
startup configuration file
changing 2-4
copying 2-5
copying device startup configuration settings 2-6
copying running configuration file as 2-4
displaying 2-7
loading from external file 2-6
overview 2-3
stopping GSS software 2-19
subsystem log files
rotating 8-11
viewing 8-10
syslog, configuring 8-4
system
logging 8-4
message log 8-10
system log
messages 8-16
purging 8-14
severity 8-13
typical messages 8-16
viewing 8-12
viewing from GUI 8-12
system uptime, displaying 2-42
T
TAC
displaying GSS operating configuration 9-8
tech report 9-8
TACACS+
accounting overview 4-3
authentication overview 4-3
authorization overview 4-3
Cisco Secure Access Control Server (ACS) 4-6
disabling 4-28
GSS, disabling/enabling keepalives 4-21
GSS, specifying accounting 4-25
GSS, specifying authentication 4-23
GSS, specifying authorization 4-24
GSS, specifying server hosts 4-19
GSS, specifying server timeout 4-22
overview 4-2
primary GSSM GUI privilege level authorization 4-12
primary GSSM user view authorization 4-16
quick start 4-4
server, accounting settings 4-17
server, authentication settings 4-6
server, authorization settings 4-7
shared secret with GSS 4-20
statistics, clearing 4-27
statistics, displaying 4-26
tail command option 8-10
terminal screen line length, configuring 2-16
third-party software, viewing information 1-13
traffic
filtering 5-4
limiting 5-9
segmenting by interface 5-9
U
upgrading
GSS software A-1
obtaining update file A-3
sequence A-1
update file, obtaining A-3
verifying GSSM role prior to upgrading A-2
user
account, creating 3-9
account, modifying 3-12
account, removing 3-12
information, displaying 2-14
user account
CLI account, creating 3-2
CLI account, deleting 3-3
CLI account, modifying 3-3
CLI user, privilege levels 3-2
creating for GUI 3-9
creating with CLI 3-2
deleting 3-3
GUI user, privilege levels 3-5, 3-6, 3-8, 3-10
GUI user, views 3-11
GUI user account, changing password 3-13
GUI user account, creating 3-9
GUI user account, modifying 3-12
GUI user account, removing 3-12
removing 3-12
view overview 3-15
username
default (GUI) 1-3
GUI, entering 1-3
GUI user account, creating 3-10
user view
answers, adding 3-18
answers, removing 3-22
creating 3-16
deleting 3-25
general configuration 3-18
keepalives, adding 3-19
keepalives, removing 3-22
locations, adding 3-20
locations, removing 3-22
modifying 3-24
naming 3-18
overview 3-15
owners, adding 3-21
owners, removing 3-22
specifying 3-11
TACACS+ server authorization 4-16
V
validating database records 9-6
verifying GSSM role A-2
version information 2-38
viewing
access lists 5-9
gss.log file 8-8
MIB files 6-4
SNMP status 6-3
subsystem log files 8-10
system log 8-12
system logs from GUI 8-12
third-party software information 1-13
W
warning log message 8-14