User Guide for CiscoView Device Manager for the Cisco WebVPN Services Module 1.1
Getting Started with CVDM-WebVPN
Download this chapter
Getting Started with CVDM-WebVPNGetting Started with CVDM-WebVPN
Download the complete book
User Guide for CiscoView Device Manager for the Cisco WebVPN Services Module - Book PDFUser Guide for CiscoView Device Manager for the Cisco WebVPN Services Module - Book PDF (PDF - 3 MB)
give_us_feedback

Table Of Contents

Getting Started with CVDM-WebVPNSM 1.1

Key Features of CVDM-WebVPNSM

Starting CVDM-WebVPNSM

Installing the Java Plug-in

Navigating in CVDM-WebVPNSM

What Does the Home Page Show Me?

What Does the Setup Page Show Me?

Understanding the CVDM-WebVPNSM Desktop

Selector

Understanding the Action Buttons

Saving Startup Configurations

Editing Preferences

Viewing the Running Configuration Information for the Device

Viewing the Device Transport Log

Refreshing CVDM-WebVPNSM

Delivering CLI Commands to the Device


Getting Started with CVDM-WebVPNSM 1.1

CiscoView Device Manager for the Cisco WebVPN Services Module (CVDM-WebVPNSM) is an embedded device manager for setup, configuration, and monitoring of the WebVPN Services Module (WebVPNSM). CVDM-WebVPNSM allows you to manage your WebVPNSM (line card number WS-SVC-WEBVPN-K9) by providing functions for configuring network, public key infrastructure (PKI), virtual gateway, and virtual context settings. CVDM-WebVPNSM makes such configuration easier by allowing you to perform all these operations using one graphical user interface (GUI) tool.

You use wizards and dialog boxes to make your configurations; CVDM-WebVPNSM then designs best-practice command line interface (CLI) configurations based on your GUI configurations. You can view the CLI configurations generated by CVDM-WebVPNSM and deploy them to the device immediately or save them for future editing.

Note CVDM-WebVPNSM supports the deployment of native Cisco IOS commands only.

This chapter contains the following topics:

Key Features of CVDM-WebVPNSM

Starting CVDM-WebVPNSM

Navigating in CVDM-WebVPNSM

Saving Startup Configurations

Editing Preferences

Viewing the Running Configuration Information for the Device

Viewing the Device Transport Log

Refreshing CVDM-WebVPNSM

Delivering CLI Commands to the Device

Key Features of CVDM-WebVPNSM

The following table describes the key features of CVDM-WebVPNSM.

Table 1-1 Key Features 

Feature
Description

Setup wizards

CVDM-WebVPNSM provides wizards that simplify complex configuration tasks, such as setting up a WebVPNSM to operate in different modes and access private networks, as well as configuring a group policy for a set of users.

Global settings configuration

You can configure network, security, and connection policy settings for the WebVPNSM.

PKI configuration

You can configure the certificate Trustpoints and key pairs used to secure data transmissions to and from the WebVPNSM.

Virtual gateway configuration

You can create virtual gateways and configure settings such as the relevant IP address, assigned port, and associated Secure Socket Layer (SSL) and TCP policies.

Virtual context configuration

You can create virtual contexts and configure settings such as the default group policy for a virtual context, its administrative status, and the NAT address range used by the WebVPNSM to open server connections.

View statistics

You can view statistical information about the virtual contexts and group policies configured on the WebVPNSM.


Starting CVDM-WebVPNSM

Step 1 Open a web browser.

Step 2 In your browser, enter the IP address or DNS hostname of the device. The Enter Network Password dialog box appears (see Figure 1-1), prompting you for your level 15 credentials.

Figure 1-1 Enter Network Password Dialog Box

Step 3 Enter your username and password for level 15 access. If you do not have level 15 access to the device, CVDM-WebVPNSM will not start.

Note If enable password is used for HTTP authentication, use enable password only.

Step 4 Click OK. The device home page appears.

Step 5 Click the CVDM-WebVPNSM link on the device home page.

Step 6 The CVDM-WebVPNSM splash screen is displayed, and the Password Needed - Networking dialog box appears (see Figure 1-2).

Figure 1-2 Splash Screen and Password Needed - Networking Dialog Box

Note If you do not have Java Plug-in version 1.4.2_06, you will be prompted to install it. If you are not prompted, go to http://java.sun.com/products/archive/j2se/1.4.2_06/index.html and install the Java plug-in.

This website is Copyright © 1994-2005, Sun Microsystems, Inc.

The CVDM-WebVPNSM splash screen must remain open in order for the application to function properly. Do not close this window until you log out. CVDM-WebVPNSM will appear in a separate window.

Note It may take some time before CVDM-WebVPNSM appears.

Step 7 In the Password Needed - Networking dialog box, enter your username and password.

Note If enable password is used for HTTP authentication, use enable password only.

Step 8 Click Yes. The Warning - Security dialog box appears (see Figure 1-3).

Figure 1-3 Warning - Security Dialog Box

Step 9 To accept the security certificate and continue, click Yes. A dialog box appears (see Figure 1-4), prompting you for your username and password.

Figure 1-4 Enter Credentials for <IP Address> Dialog Box (Username and Password)

Step 10 If SSH is enabled on the device, enter your SSH username and password. If SSH is not activated on the device, you are prompted to authenticate using Telnet instead. Follow the prompts to enter your Telnet credentials; the application also asks if you want to enable SSH on the device. To enable SSH, follow the prompts provided by the application.

Step 11 Click OK.

If enable is not configured on the device, CVDM-WebVPNSM starts. Skip the remaining steps in this procedure.

If enable is configured on the device, a dialog box appears (see Figure 1-5), asking you to enter your enable password.

Figure 1-5 Enter Credentials for <IP Address> Dialog Box (Enable Password)

Step 12 Enter your enable password.

Step 13 Click OK. CVDM-WebVPNSM starts.

Installing the Java Plug-in

CVDM-WebVPNSM requires Java Plug-in version 1.4.2_06. The first time you invoke any Java Plug-in enabled window, you are alerted if the plug-in has not been installed. CVDM-WebVPNSM prompts you to download and install the plug-in files, using the installation screens or the procedure displayed. The next time you start the application, CVDM-WebVPNSM automatically uses the plug-in. Install the Java Plug-in 1.4.2_06 provided with CVDM-WebVPNSM (not from any other source).

Navigating in CVDM-WebVPNSM

Before you begin using CVDM-WebVPNSM, you must understand the basic operation of the user interface, including the login procedure and user interface elements. See the following sections for more information:

What Does the Home Page Show Me?

What Does the Setup Page Show Me?

Understanding the CVDM-WebVPNSM Desktop

Understanding the Action Buttons

What Does the Home Page Show Me?

The home page is the first screen that comes up when CVDM-WebVPNSM is started. It gives a quick overview of the services running on the device and a snapshot of the overall health of the system (see Figure 1-6).

Figure 1-6 CVDM-WebVPNSM Home Page Components and Descriptions

Figure 1-6 Reference
Location
Description

1

System Overview tab

Hostname

Hostname of the WebVPNSM.

Software Version

Current software version running on the WebVPNSM.

System Up Time

Indicates the amount of time the WebVPNSM has been running since it was last restarted.

Memory

Percentage of system memory currently in use.

NVRAM

Percentage of NVRAM currently in use.

Flash

Percentage of flash memory currently in use.

Last Refresh Time

Indicates when the WebVPNSM was last refreshed.

CPU Utilization (past 5 mins)

Utilization percentages (based on the past five minutes) for the following CPUs:

IOS

SSL

TCP

2

Certificate Dashboard tab: Certificate Expiry column

This Week

Number of certificates (CA and SSL) that will expire a week from today's date.

Next Week

Number of certificates that will expire two weeks from today's date.

Week 3

Number of certificates that will expire three weeks from today's date.

Week 4

Number of certificates that will expire four weeks from today's date.

Certificate Dashboard tab: CA Certificates column

Valid Certificates

Number of valid CA certificates.

Expired Certificates

Number of expired CA certificates.

Certificate Dashboard tab: SSL Certificates column

Valid Certificates

Number of valid SSL certificates.

Expired Certificates

Number of expired SSL certificates.

3

Service Dashboard tab: Virtual Contexts column

In Service

Number of virtual contexts that are currently in service.

Out of Service

Number of virtual contexts that are currently out of service.

VRF Aware Contexts

Number of virtual contexts on which the VRF-aware DNS feature is enabled.

Non-VRF Aware Contexts

Number of virtual contexts on which the VRF-aware DNS feature is disabled.

Service Dashboard tab: Virtual Gateways column

In Service

Number of virtual gateways that are currently in service.

Out of Service

Number of virtual gateways that are currently out of service.

HTTP Redirects

Number of virtual gateways with HTTP redirects to a nondefault port.

Service Dashboard tab: Certificates column

Complete Certificate Chains

Number of proxy services with a complete certificate chain.

Incomplete Certificate Chains

Number of proxy services with an incomplete certificate chain.

Service Dashboard tab: Connection Policies column

SSL Policies

Number of SSL policies configured on the WebVPNSM.

TCP Policies

Number of TCP policies configured on the WebVPNSM.

4

Connection Dashboard tab

Active User Sessions

Number of active user sessions.

Active User TCP Connections

Number of active user TCP connections.

Authentication Failures

Number of authentication failures.

Terminated User Sessions

Number of terminated user sessions.

Active SSL Connections

Number of active SSL connections.

Active SSL Sessions

Number of SSL session IDs currently in use.

Average SSL Connection Rate (past 5 mins)

The average rate at which SSL connections are being established.

SSL Handshake Failures (past 5 mins)

Number of handshake failures that have occurred in the past 5 minutes.

5

FAQ list and Go button

Contains frequently asked questions about using CVDM-WebVPNSM. Select a question from the list and click the Go button.


What Does the Setup Page Show Me?

The setup page allows you to view information about and configure WebVPNSM user group policies, virtual gateways, virtual contexts, and certificates. You can also edit your global settings from the setup page (see Figure 1-7).

Figure 1-7 CVDM-WebVPNSM Setup Page

Understanding the CVDM-WebVPNSM Desktop

This section describes the main GUI elements of the CVDM-WebVPNSM application (see Figure 1-8).

Figure 1-8 CVDM-WebVPNSM GUI Elements

Figure 1-8 Reference
Location
Description

1

Menu bar

Provides File, Edit, View, and Help options.

File

File > Save to Startup—Saves the configuration running on the module and on the service modules as the startup configuration. For more information, see Saving Startup Configurations.

File > Exit—Logs you out of CVDM-WebVPNSM and closes the application window.

Edit

Edit > Preferences...—Displays the Preferences dialog box, from which you can edit application preferences. See Editing Preferences for more information.

View

View > Home—Displays the Home page. See What Does the Home Page Show Me? for more information.

View > Setup—Displays the Setup page. See What Does the Setup Page Show Me? for more information.

View > Running Config > WebVPNSM...—Opens the Running Configuration of WebVPNSM dialog box, which displays information about the configuration running on the supervisor or module. See Viewing the Running Configuration Information for the Device for more information.

1 (continued)

Menu bar (continued)

View (continued)

View > Refresh—Collects the most recent module information and updates the CVDM-WebVPNSM data. See Refreshing CVDM-WebVPNSM for more information.

View > Transport Log...—Displays the transport log of the device. The transport log displays all communication between CVDM-WebVPNSM and the device. See Viewing the Device Transport Log for more information.

Help

Help > Help Topics—Displays online help.

Help > About CVDM-WebVPNSM...—Displays CVDM-WebVPNSM version information.

2

Task bar

Provides the following buttons:

Home—Displays the home page. See What Does the Home Page Show Me? for more information on the home page.

Setup—Displays the Setup page for accessing CVDM-WebVPNSM functions. See What Does the Setup Page Show Me? for more information on the Setup page.

Refresh—Collects the most recent module information and updates CVDM-WebVPNSM data.

Deliver—Opens the Deliver Configuration to Switch/Module(s) dialog box, from which you can send accumulated CLI commands to the module. See Delivering CLI Commands to the Device for more information.

Help—Displays context-sensitive help.

3

Page

CVDM-WebVPNSM working area in which you perform tasks.

4

Status bar

Provides the following information:

Application user and privilege level.

Icon showing the security level of the connection.

Time stamp showing the last time CVDM-WebVPNSM collected data.

5

Pane

One part of a divided page or dialog box.

6

Selector

Hierarchy of the groups and objects available in the Setup page that allows you to access specific functions for a switch or service object. See Selector for more information.

7

Left-most pane

Contains buttons on the Setup page that allow you to access WebVPNSM configuration functions.


Selector

The selector is a tree that appears on most Switch and Services pages. Figure 1-9 shows what the selector looks like when folders, subfolders, and objects are displayed. Not all selectors contain all of these elements.

Figure 1-9 Selector

Figure 1-9 Reference
Location
Description

1

Selector handle

Click the handle to open and close the selector, or click the handle and drag it to resize it.

2

Group folder

Displays a group of objects. Click the plus (+) symbol to see the contents of this folder.

3

Object

Displays the individual entity contained in the group or subgroup. Click an object to open the page for that object.


Understanding the Action Buttons

This section describes the action buttons that commonly appear in CVDM-WebVPNSM dialog boxes and wizards. For a description of the wizard action buttons, see Table 1-2; for a description of the dialog box action buttons, see Table 1-3.

Table 1-2 Wizard Action Buttons

Button
Action

Back

Takes you to the previous page.

Next

Takes you to the next page.

Finish

Takes you to the wizard Deliver page.

Cancel

Exits a wizard dialog box without making any changes.

Help

Displays context-sensitive online help.


Table 1-3 Dialog Box Action Buttons

Button
Action

OK

Saves your changes.

Cancel

Exits the dialog box without making any changes.

Help

Displays context-sensitive online help.


Note Some dialog boxes may contain additional buttons not described in this table.

Saving Startup Configurations

You can save your device configuration as the startup configuration.

Step 1 Select File > Save to Startup. A warning dialog box appears, asking if you want to continue.

Step 2 To proceed, click Yes. CVDM-WebVPNSM saves the configuration as your startup configuration.

Editing Preferences

Step 1 Select Edit > Preferences.... The Preferences dialog box appears.

Step 2 Edit the appropriate values.

GUI Element
Action

Show CLI Preview for Wizards check box

Select this check box if you want CVDM-WebVPNSM to display the CLI commands to be delivered to the device after you have completed a wizard. By default, this check box is deselected.

When this check box is selected, when you click Finish in a wizard, the Deliver Configuration to the Switch/Module(s) dialog box opens and displays the CLI commands. For more information, see Delivering CLI Commands to the Device.

Show CLI Preview on Delivery check box

Select this check box if you want CVDM-WebVPNSM to display the CLI commands to be delivered to the device. By default, this check box is selected.

When this check box is selected, if you click Deliver, the Deliver Configuration to Switch/Module(s) dialog box opens and displays the CLI commands. For more information, see Delivering CLI Commands to the Device.

Refresh After Delivery check box

Select this check box to automatically refresh CVDM-WebVPNSM after you deliver commands to the device. Refreshing CVDM-WebVPNSM allows you to obtain the latest service device information and update the CVDM-WebVPNSM data. By default, this check box is selected.

When this check box is deselected, when you click Finish in a wizard, CVDM-WebVPNSM prompts you to optionally refresh the application after delivering commands to the device. For more information, see Refreshing CVDM-WebVPNSM.

Confirm before Exiting check box

Select this check box if you want CVDM-WebVPNSM to ask you to confirm that you want to exit the application. By default, this check box is selected.

When this check box is selected, CVDM-WebVPNSM displays a dialog box asking you if you want to exit CVDM-WebVPNSM. From this dialog box, you can select the Always display this dialog box before exiting check box if you always want CVDM-WebVPNSM to confirm that you want to exit CVDM-WebVPNSM.


Viewing the Running Configuration Information for the Device

Select View > Running Config > WebVPNSM.... The Running Configuration of WebVPNSM dialog box appears. Information about the running configuration for the device is displayed.

You can click the Save to File... button to save this information as a text file.

Viewing the Device Transport Log

Step 1 Select View > Transport Log.... A warning dialog box appears.

Step 2 To proceed, click OK. The Transport Log dialog box appears, displaying information about communication between CVDM-WebVPNSM and the device. You can do the following:

Click Clear Log to clear the information in the transport log.

Click Save to File... to save the transport log information as a text file.

Refreshing CVDM-WebVPNSM

You can refresh CVDM-WebVPNSM at any time to obtain the latest device information and update the CVDM-WebVPNSM data.

Note You can specify that CVDM-WebVPNSM automatically refresh after you deliver commands to the device; see Editing Preferences for more information.

Step 1 Click Refresh at the top of the window or select View > Refresh from the Menu bar.

Step 2 A dialog box appears, asking if you want to proceed with the refresh. To proceed, click Yes. The most recent device information is collected and is populated in CVDM-WebVPNSM. If you do not deliver your accumulated commands, they are not saved by the application.

Delivering CLI Commands to the Device

Note You must deliver accumulated CLI commands to the device before any changes you make in CVDM-WebVPNSM will be applied.

Step 1 Click the Deliver button at the top of the window. The Deliver Configuration to Switch/Module(s) dialog box appears if you have configured CVDM-WebVPNSM to display the accumulated CLI commands when you click the Deliver button (for more information on configuring this option, see Editing Preferences).

Note The Deliver Configuration to Switch/Module(s) dialog box also appears when you click the Finish button in a wizard if you have configured CVDM-WebVPNSM to display the accumulated CLI commands after you have completed a wizard.

Step 2 Edit the appropriate values.

GUI Element
Action

Window

Displays the accumulated CLI commands to be delivered to the device.

Deliver button

Click to send the accumulated CLI commands to the device.

Save to File... button

Click to save the CLI commands as a text file.

Close button1

Close the dialog box without delivering any CLI commands.

Deliver Later button2

Click to deliver the wizard CLI commands to the device at a later time.

1 This button is available only in the Deliver Configuration to Switch/Module(s) dialog box that is displayed after you click Deliver at the top of the window.

2 This button is available only in the Deliver Configuration to Switch/Module(s) dialog box that is displayed after you click Finish in a wizard.


Note The Deliver Configuration to Switch/Module(s) dialog box displays all accumulated CLI commands that will be delivered to the module; therefore, any previous CLI commands that were not sent to the module are shown in this dialog box, as well as the CLI commands you have generated in this session.