EXEC Mode Commands

Use the EXEC mode for setting, viewing, and testing system operations. In general, the user EXEC commands allow you to connect to remote devices, change terminal line settings on a temporary basis, perform basic tests, and list system information.

The EXEC mode is divided into two access levels: user and privileged.

The user EXEC mode is used by local and general system administrators, while the privileged EXEC mode is used by the root administrator. Use the enable and disable commands to switch between the two levels. Access to the user-level EXEC command line requires a valid password.

The user-level EXEC commands are a subset of the privileged-level EXEC commands. The user-level EXEC prompt is the hostname followed by a right angle bracket (>). The prompt for the privileged-level EXEC command line is the pound sign (#). To execute an EXEC command, enter the command at the EXEC system prompt and press the Return key.

note.gif

Noteblank.gif You can change the hostname using the hostname global configuration command.


The following example shows how to access the privileged-level EXEC command line from the user level:

WAE> enable
WAE#
 

To leave EXEC mode, use the exit command at the system prompt:

WAE# exit
WAE>
 
 

cd

To change from one directory to another directory in the WAAS software, use the cd EXEC command.

cd directoryname

 
Syntax Description

directoryname

Directory name.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use this command to navigate between directories and for file management. The directory name becomes the default prefix for all relative paths. Relative paths do not begin with a slash (/). Absolute paths begin with a slash (/).

Examples

The following example shows how to change to a directory using a relative path:

WAE(config)# cd local1
 

The following example shows how to change to a directory using an absolute path:

WAE(config)# cd /local1
 

 
Related Commands

deltree

dir

lls

ls

mkdir

pwd

 

clear arp-cache

To clear the ARP cache, use the clear arp-cache EXEC command.

clear arp-cache [ ipaddress | interface { GigabitEthernet slot/port | PortChannel index | Standby grpNumber | TenGigabitEthernet slot/port | InlinePort slot/grpnumber {lan | wan} }]

 
Syntax Description

ipaddress

(Optional) ARP entries for the IP address.

interface

(Optional) Clears all ARP entries on the designated interface.

GigabitEthernet slot/port

Clears the Gigabit Ethernet interface (slot/port).

PortChannel index

Clears the Port channel interface number (1-4).

Standby grpNumber

Clears the Standby group number (1-2).

TenGigabitEthernet slot/port

Clears the 10-Gigabit Ethernet interface (slot/port).

InlinePort slot/grpnumber {lan | wan}

Clears the inline port interface (slot/group). Specify lan for the LAN interface or wan for the WAN interface.

 
Defaults

No default behavior or values.

Note that on ISR-WAAS, the default-gateway (ISR host's interface address) cannot be cleared from ARP cache.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

Examples

The following example shows how to clear the ARP cache on the WAAS device:

WAE# clear arp-cache
 

 
Related Commands

license add

show interface

show license

show wccp

clear bmc

To clear the BMC logs and events, use the clear bmc EXEC command.

clear bmc [ event-log ]

 
Syntax Description

event-log

Clears BMC system events and logs.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

Examples

The following example shows how to clear the entries recorded in the BMC system event log on the WAAS device:

WAE# clear bmc event-log
 

 
Related Commands

show bmc

clear cache

To clear cached objects, use the clear cache EXEC command.

clear cache { dre}

clear cache http-metadatacache https {conditional-response | redirect-response | unauthorized-response }

clear cache http-metadatacache { all | conditional-response | redirect-response | unauthorized-response} [ url ]

 
Syntax Description

dre

Expires the DRE cache.

https

Clears cache entries for HTTPS metadata cache response types.

conditional-response

Clears cache entries for conditional responses (304).

redirect-response

Clears cache entries for redirect responses (301).

unauthorized-response

Clears cache entries for authorization required responses (401).

http-metadatacache

Clears the HTTP accelerator metadata cache.

all

Clears cache entries for all HTTP metadata cache response types.

url

Clears cache entries matching only the specified URL. If the URL string contains a question mark (?), it must be escaped with a preceding backslash (for example, \?).

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

After you use the clear cache dre command, the first 1 MB of data is not optimized. The Cisco WAAS software does not optimize the first 1 MB of data after a restart of the tcpproxy service. The data that is transmitted after the first 1 MB of data will be optimized according to the configured policy.

The clear cache dre command may cause the system to reboot, but you are asked to confirm before the command continues and you are given a chance to save any configuration changes that have been made to the running configuration.

The clear cache dre command does not delete the DRE cache contents but expires it by removing markers in the content to prevent reuse. If you want to delete the cache contents, use the disk delete-data-partitions command.

Examples

The following example shows how to clear the HTTP metadata cache for conditional responses:

WAE# clear cache http-metadatacache conditional-response
 

 
Related Commands

license add

show cache http-metadatacache

show interface

show license

show wccp

clear cache http-object-cache invalidate

To clear the object cache, use the clear cache http object-cache EXEC command.

clear cache http-object-cache invalidate

execmds-4.jpg
Command Default

No default behavior or values.

execmds-4.jpg
Command Modes

EXEC

execmds-4.jpg
Device Modes Default

application-accelerator

execmds-4.jpg
Usage Guidelines

This command clears all entries in the cache directory as a background task, but leaves entries up to 60 seconds prior to the command being given. It can take a few minutes to complete, but the CE is functional while the process is ongoing. Data on the disk remains and is not overwritten. Log entries appear indicating the beginning and end of the operation.

execmds-4.jpg
Examples

The following example shows how to clear the HTTP object cache:

WAE# clear cache http-object-cache invalidate

 

clear cdp

To clear Cisco Discovery Protocol statistics, use the clear cdp EXEC command.

clear cdp { counters | table }

 
Syntax Description

counters

Clears the CDP counters.

table

Clears the CDP tables.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to clear the CDP counter statistics on the WAAS device:

WAE# clear cdp counters
 

 
Related Commands

license add

show interface

show license

show wccp

clear connection

To reset one or more connections, use the clear connection EXEC command.

clear connection [ client-ip { ip_address | hostname } | client-port port | flow-id id | server-ip { ip_address | hostname } | server-port port]

 
Syntax Description

client-ip

Resets the connections with the specified client IP address or hostname.

ip_address

IP address of a client or server.

hostname

Hostname of a client or server.

client-port port

Resets the connections with the specified client port number. The port number is from 1 to 65535.

flow-id id

Resets the connection with the specified number identifier.

server-ip

Resets the connections with the specified server IP address or hostname.

server-port port

Resets the connections with the specified server port number. The port number is from 1 to 65535.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

Examples

The following example shows how to reset connection number 45 on the WAAS device:

WAE# clear connection flow-id 45
 

The following example shows how to reset connections with server port 80 on the WAAS device:

WAE# clear connection server-port 80
 

 
Related Commands

show statistics connection

clear dre

To clear DRE configurations, use the clear dre EXEC command.

clear dre auto-bypass [ { ip_address | hostname } port ]

 
Syntax Description

ip_address

(Optional) IP address of a server.

hostname

(Optional) Hostname of a server.

port

(Optional) A port number in the range from 1 to 65535.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

Examples

The following example shows how to clear all DRE auto-bypass entries :

WAE# clear dre auto-bypass
 

The following example shows how to clear the DRE auto-bypass entry for a specific port on a specific server :

WAE# clear dre auto-bypass server 1.2.3.4 17
 

 
Related Commands

show dre

clear ip

To clear IP access list statistics, use the clear ip EXEC command.

clear ip access-list counters [ acl-num | acl-name ]

 
Syntax Description

access-list

Clears the access list statistical information.

counters

Clears the IP access list counters.

acl-num

(Optional) Counters for the specified access list, identified using a numeric identifier (standard access list: 1–99; extended access list: 100–199).

acl-name

(Optional) Counters for the specified access list, identified using an alphanumeric identifier of up to 30 characters, beginning with a letter.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to clear the IP access list counters on the WAAS device:

WAE# clear ip access-list counters
 

 
Related Commands

license add

show interface

show license

show wccp

clear ipv6

To clear IPv6 neighbor cache entries, use the clear ipv6 neighbors EXEC command.

clear ipv6 neighbors {GigabitEthernet [slot number/port] | Portchannel [Etherchannel index] | standby [standby index] }

clear ipv6 neighbors virtual slot/port

 
Syntax Description

GigabitEthernet slot number/port

Clears the neighboring ipv6 cache entries for the GigabitEthernet interface.

PortChannel index

Clears the neighboring ipv6 cache entries for the EtherChannel device (1-4).

standby grpNumber

Clears the neighboring ipv6 cache entries for the standby device (1-2).

virtual

Clear neighboring ipv6 cache entries for Virtual Ethernet device (1-2)

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to clear the neighboring cache entries for a GigabitEthernet interface on the WAAS device:

WAE# clear ipv6 neighbors GigabitEthernet 0/0
vWAAS# clear ipv6 neighbors virtual 1/0

 
Related Commands

show ipv6

show interface

show license

show wccp

clear ip

clear license

To clear licensing configuration, use the clear license EXEC command.

clear license [ license-name ]

 
Syntax Description

license-name

Name of the software license to remove. The following license names are supported:

  • Transport—Enables basic DRE, TFO, and LZ optimization.
  • Enterprise—Enables the EPM, HTTP, MAPI, SSL, and Windows Print application accelerators, the WAAS Central Manager, and basic DRE, TFO, and LZ optimization. You cannot remove this license if the virtualization licenses are installed. You must remove both of those licenses first.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to clear the licensing configuration on the WAAS device:

WAE# clear license
 

 
Related Commands

license add

show interface

show license

show wccp

clear logging

To clear syslog messages saved in a disk file, use the clear logging EXEC command.

clear logging

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The clear logging command removes all current entries from the syslog.txt file but does not make an archive of the file. It puts a “Syslog cleared” message in the syslog.txt file to indicate that the syslog has been cleared.

Examples

The following example shows how to clear all entries in the syslog.txt file on the WAAS device:

WAE# clear logging
 
Feb 14 12:17:18 WAE# exec_clear_logging:Syslog cleared
 

 
Related Commands

license add

show interface

show license

show wccp

clear object-cache

To remove objects from object cache that match specified criteria, use the clear object-cache EXEC command.

clear object-cache [accelerator smb] all

 
Syntax Description

accelerator smb

(Optional) The name of the application accelerator specified, such as SMB.

all

Clears all objects from the object cache. If you specify all, you will be prompted to confirm this action. Note that for WAAS Version 6.0, all is used only with accelerator SMB.

 
Defaults

No default behavior or values.

execmds-4.jpg
Command Modes

EXEC

execmds-4.jpg
Device Modes Default

application-accelerator

execmds-4.jpg
Usage Guidelines

The clear object-cache command removes all objects from the object cache, or all objects from cache that match specified criteria,

execmds-4.jpg
Examples

The following example shows how to clear objects from object cache that match the criteria of the SMB AO and the URL www.sampletestdomain.com.

WAE# clear object-cache accelerator http url www.sampletestdomain.com

execmds-4.jpg
Related Commands

clear statistics accelerator http object-cache

clear service-policy

To clear class map and policy map counters for AppNav and optimization policies, use the clear service-policy EXEC command.

clear service-policy [ type { appnav | waas }] counters

 
Syntax Description

type

Specifies the type of counters to clear.

appnav

Clears AppNav class map and policy map counters.

waas

Clears WAAS optimization class map and policy map counters.

counters

Clears the class map and policy map counters.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

 
Usage Guidelines

When specified without the type keyword, this command clears counters for both AppNav and WAAS optimization class maps and policy maps.

Examples

The following example shows how to clear both AppNav and WAAS optimization class map and policy map counters:

WAE# clear service-policy counters
 

The following example shows how to clear only AppNav class map and policy map counters:

WAE# clear service-policy type appnav counters
 

 
Related Commands

show class-map

show policy-map

show statistics class-map

show statistics policy-sub-class

clear statistics

To reset statistics data, use the clear statistics EXEC command.

clear statistics { all | aoim | appnav-controller all | authentication | auto-discovery { all | blacklist } | class-map { appnav | waas } | datamover | dre [ global ] | exporter | filtering | flow monitor type performance-monitor tcpstat-v1 | generic-gre | icmp | inline | ip | ipv6 {internal} | pass-through | peer dre | punt | radius | service-insertion { appnav-controller ip_address | appnav-controller-group | data-path | service-context | service-node ip_address | service-node-group name } | snmp | synq | tacacs | tcp | tfo | udp | wccp | windows-domain | windows-print }

 
Syntax Description

all

Clears all statistics.

aoim

Clears all of the application accelerator information manager statistics.

appnav-controller all

Clears all of the AppNav Controller statistics.

authentication

Clears authentication statistics.

auto-discovery

Clears the auto-discovery statistics.

blacklist

Clears the auto-discovery statistics for the blacklist.

class-map

Clears all class map statistics.

appnav

Clears all statistics for AppNav class maps.

waas

Clears all statistics for WAAS class maps.

datamover

Clears all of the data mover statistics.

dre

Clears the Data Redundancy Elimination (DRE) statistics.

exporter

Clears the exporter statistics.

global

(Optional Clears the global DRE statistics.

filtering

Clears the filter table statistics.

flow

Clears the network traffic flow statistics.

monitor

Clears the monitor flow performance statistics.

tcpstat-v1

Clears the tcpstat-v1 collector statistics.

generic-gre

Clears the generic GRE statistics.

icmp

Clears the ICMP statistics.

inline

Clears the inline interception statistics.

ip

Clears the IP statistics.

ipv6

Clears IPv6 statistics.

pass-through

Clears all of the pass-through statistics.

peer dre

Clears all peer DRE statistics.

punt

Clears all the punt statistics.

radius

Clears the RADIUS statistics.

service-insertion

Clears AppNav service-insertion statistics.

appnav-controller ip_address

Clears statistics for the AppNav Controller with the specified IP address.

appnav-controller-group

Clears statistics for the AppNav Controller group.

data-path

Clears statistics for the data path.

service-context

Clears statistics for the service context.

service-node ip_address

Clears statistics for the service node (WN) with the specified IP address.

service-node-group name

Clears statistics for the service node group (WNG) with the specified name.

snmp

Clears the SNMP statistics.

synq

Clears the SynQ module statistics.

tacacs

Clears the TACACS+ statistics.

tcp

Clears the TCP statistics.

tfo

Clears the TCP flow optimization (TFO) statistics.

udp

Clears the UDP statistics.

wccp

Clears all of the WCCP statistics.

windows-domain

Clears the Windows domain statistics.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

The clear statistics command clears all statistical counters from the parameters given. Use this command to monitor fresh statistical data for some or all features without losing cached objects or configurations.

Not all command options are applicable for a device in central-manager mode.

Note that from software version 6.x onwards, clear statistics snmp does not clear all statistical counters due to net snmp implementation.

Examples

The following example shows how to clear all authentication, RADIUS and TACACS+ information on the WAAS device:

WAE# clear statistics radius
WAE# clear statistics tacacs
WAE# clear statistics authentication
 

 
Related Commands

clear statistics accelerator

clear statistics connection

clear statistics accelerator

To clear all global statistics, use the clear statistics accelerator EXEC command.

clear statistics accelerator { epm | generic | http | mapi | smb | ssl }

 
Syntax Description

epm

Clears the statistics for the EPM application accelerator.

generic

Clears the statistics for generic accelerator.

http

Clears the statistics for the HTTP application accelerator.

mapi

Clears the statistics for the MAPI application accelerator.

ssl

Clears the statistics for the SSL application accelerator.

smb

Clears the statistics for the SMB application accelerator, except for statistics on signed SMB bytes counters.

To clear statistics for signed SMB bytes (read from/written to LAN, read from/written to WAN), use clear statistics accelerator generic, which clears all accelerator statistics, including signed SMB bytes counters.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

Examples

The following example shows how to clear the statistics for the SMB application accelerator on the WAAS device:

WAE# clear statistics accelerator smb
 

 
Related Commands

clear statistics

clear statistics connection

clear statistics accelerator http object-cache

To clear object cache statistics for a WAAS device, use the clear statistics accelerator HTTP object-cache EXEC command.

clear statistics accelerator http object-cache

execmds-4.jpg
Syntax Description

This command has no arguments or keywords.

execmds-4.jpg
Command Default

No default behavior or values.

execmds-4.jpg
Command Modes

EXEC

execmds-4.jpg
Device Modes Default

application-accelerator

execmds-4.jpg
Usage Guidelines

Use this command to clear object cache statistics.

execmds-4.jpg
Example

The following example shows how to clear object cache statistics for a WAAS device.

WAE# clear statistics accelerator http object-cache

execmds-4.jpg
Related Commands

show statistics accelerator http object-cache

clear statistics connection

To clear connection statistics, use the clear statistics connection EXEC command.

clear statistics connection conn-id connection_id

clear statistics connection optimized [ client-ip { ip_address | hostname } | client-port port | { epm | http | ica | mapi | smb | ssl | tfo | wansecure } dre | peer-id peer_id | server-ip { ip_address | hostname } | server-port port]

 
Syntax Description

conn-id connection_id

Clears connection statistics for the connection with the specified number identifier.

optimized

Clears connection statistics for optimized connections.

client-ip

(Optional) Clears connection statistics for the client with the specified IP address or hostname.

ip_address

IP address of a client or server.

hostname

Hostname of a client or server.

client-port port

(Optional) Clears the connection statistics for the client with the specified port number. The port number is from 1 to 65535.

epm

(Optional) Clears connection statistics for connections optimized by the EPM application accelerator.

http

(Optional) Clears connection statistics for connections optimized by the HTTP application accelerator.

ica

(Optional) Clears connection statistics for connections optimized by the ICA application accelerator.

mapi

(Optional) Clears connection statistics for connections optimized by the MAPI application accelerator.

smb

(Optional) Clears connection statistics for connections optimized by the SMB application accelerator.

ssl

(Optional) Clears connection statistics for connections optimized by the SSL application accelerator.

tfo

(Optional) Clears connection statistics for connections optimized by the TFO application accelerator.

wansecure

(Optional) Clears connection statistics for connections optimized by the WAN secure application accelerator.

dre

(Optional) Clears connection statistics for connections optimized by the DRE feature.

peer-id peer_id

(Optional) Clears the connection statistics for the peer with the specified identifier. The peer ID is from 0 to 4294967295.

server-ip

(Optional) Clears the connection statistics for the server with the specified IP address or hostname.

server-port port

(Optional) Clears the connection statistics for the server with the specified port number. The port number is from 1 to 65535.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

Examples

The following example shows how to clear the connection 1 statistics on the WAAS device:

WAE# clear statistics connection conn-id 1
 

 
Related Commands

clear statistics

clear statistics accelerator

clear statistics monitor appnav-controller traffic

To clear traffic monitoring statistics for an AppNav Controller Interface Module, use the clear statistics monitor appnav-controller traffic EXEC command.

clear statistics monitor appnav-controller traffic

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

appnav-controller

Examples

The following example shows how to clear the traffic monitoring statistics:

ANC# clear statistics monitor appnav-controller traffic
 

 
Related Commands

monitor appnav-controller traffic

show statistics monitor appnav-controller traffic

clear statistics vn-service vpath

To clear VPATH statistics for your vWAAS device, use the clear statistics vn-service vpath EXEC command.

clear statistics vn-service vpath

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The clear statistics vn-service vpath command removes all current entries from the syslog.txt file but does not make an archive of the file. It puts a “Syslog cleared” message in the syslog.txt file to indicate that the syslog has been cleared.

Examples

The following example shows how to clear all VPATH entries in the syslog.txt file on the vWAAS device:

WAE# clear statistics vn-service vpath
 

 
Related Commands

show statistics vn-service vpath

(config) vn-service vpath

clear transaction-log

To archive a working transaction log file, use the clear transaction-log EXEC command.

clear transaction-log { accelerator | flow }

 
Syntax Description

accelerator

Clears the accelerator transaction log file.

flow

Clears the TFO transaction log.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

Examples

The following example shows how to archive t he flow transaction log file on the WAAS device:

WAE# clear transaction-log flow
 

 
Related Commands

license add

show interface

show license

show wccp

clear users

To clear user connections or to unlock users that have been locked out, use the clear users EXEC command.

clear users [ administrative | locked-out { all | username username }]

 
Syntax Description

administrative

(Optional) Clears the connections (logins) of administrative users authenticated through a remote login service.

locked-out

(Optional) Unlocks specified locked-out user accounts.

all

Specifies all user accounts.

username username

Specifies the account username.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The clear users administrative command clears the connections for all administrative users who are authenticated through a remote login service, such as TACACS. This command does not affect an administrative user who is authenticated through the local database. Only locally authenticated administrative users can run this command.

The clear users locked-out command unlocks user accounts that have been locked out. If a strong password policy is enabled (see the (config) authentication strict-password-policy command) a user account will be locked out if the user fails three consecutive login attempts. (This restriction does not apply to the admin account.)

Examples

The following example shows how to clear the connections of all authenticated users:

WAE(config)# clear users
 

The following example shows how to clear the connections of all administrative users authenticated through a remote login service (it does not affect administrative users authenticated through the local database):

WAE(config)# clear users administrative
 

The following example shows how to unlock all locked-out user accounts:

WAE(config)# clear users locked-out all
 

The following example shows how to unlock the account for username darcy:

WAE(config)# clear users locked-out username darcy
 

 
Related Commands

clear arp-cache

(config) authentication strict-password-policy

clear windows-domain

To clear Windows domain server information for a WAAS device, use the clear windows-domain EXEC command.

clear windows-domain encryption-service blacklist { identity tagName | service spn }

 
Syntax Description

identity tagName

Clears identity information.

service spn

Clears service information.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the clear windows-domain EXEC command to clear Windows domain server information.

Examples

The following example shows how to clear the Windows domain server information:

WAE(config)# clear windows-domain encryption-service blacklist identity some-id
 

 
Related Commands

show windows-domain

clear windows-domain-log

To clear the Windows domain server log file, use the clear windows-domain-log EXEC command.

clear windows-domain-log

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to clear all entries in the Windows domain log file on the WAAS device:

WAE# clear windows-domain-log
 

 
Related Commands

license add

show interface

show license

show wccp

clock

To set clock functions or update the calendar, use the clock EXEC command.

clock { read-calendar | set time day month year | update-calendar }

 
Syntax Description

read-calendar

Reads the calendar and updates the system clock.

set time day month year

Sets the time and date. Current time in hh:mm:ss format (hh: 00–23; mm: 00–59; ss: 00–59). Day of the month (1–31). Month of the year (January, February, March, April, May, June, July, August, September, October, November, December). Year (1993–2035).

update-calendar

Updates the calendar with the system clock.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

If you have an outside source on your network that provides time services (such as a NTP server), you do not need to set the system clock manually. When setting the clock, enter the local time. The WAAS device calculates the UTC based on the time zone set by the clock timezone global configuration command.

Two clocks exist in the system: the software clock and the hardware clock. The software uses the software clock. The hardware clock is used only at bootup to initialize the software clock.

The set keyword sets the software clock.

Examples

The following example shows how to set the software clock on the WAAS device:

WAE# clock set 13:32:00 01 February 2005
 

 
Related Commands

show clock

cms

To configure the Centralized Management System (CMS) embedded database parameters for a WAAS device, use the cms EXEC command.

cms { config-sync | deregister [ force ] | lcm { enable | disable } | maintenance { full | regular } | recover { identity word } | restore filename | validate }

cms database { backup {config} | create | delete

 
Syntax Description

config-sync

Sets the node to synchronize configuration with the WAAS Central Manager.

deregister

Removes the device registration record and its configuration on the WAAS Central Manager.

force

(Optional) Forces the removal of the node registration. This option is available only on WAEs and the standby Central Manager. If disk encryption is enabled, it is disabled and encrypted file systems are erased after a reload.

lcm

Configures local/central management on a WAAS device that is registered with the WAAS Central Manager.

enable

Enables synchronization of the WAAS network configuration of the device with the local CLI configuration.

disable

Disables synchronization of the WAAS network configuration of the device with the local CLI configuration.

maintenance

Cleans and reindexes the embedded database tables.

full

Specifies a full maintenance routine for the embedded database tables.

regular

Specifies a regular maintenance routine for the embedded database tables.

recover

Recovers the identity of a WAAS device.

identity word

Specifies the identity of the recovered device (identification key set on the Central Manager).

restore filename

Restores the database management tables using the backup local filename.

validate

Validates the database files.

database

Creates, backs up, deletes, restores, or validates the CMS-embedded database management tables or files.

backup

Backs up the database management tables.

config

Backs up only configuration tables.

create

Creates the embedded database management tables.

delete

Deletes the embedded database files.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the cms config-sync command to enable registered WAAS devices and standby WAAS Central Manager to contact the primary WAAS Central Manager immediately for a getUpdate (get configuration poll) request before the default polling interval of 5 minutes. For example, when a node is registered with the primary WAAS Central Manager and activated, it appears as Pending in the WAAS Central Manager GUI until it sends a getUpdate request. The cms config-sync command causes the registered node to send a getUpdate request at once, and the status of the node changes as Online.

Use the cms database create command to initialize the CMS database for a device that is already registered with the WAAS Central Manager. Then use the cms enable command to enable the CMS. For a device that is not registered with a WAAS Central Manager, use only the cms enable command to initialize the CMS database tables, register the node, and enable the CMS.

note.gif

Noteblank.gif For a vWAAS device, the model type must be configured before enabling management services.


Before a node can join a WAAS network, it must first be registered and then activated. Activate the node by using the WAAS Central Manager GUI.

The cms deregister command removes the node from the WAAS network by deleting registration information and database tables.

The cms deregister force command forces the removal of the node from the WAAS network by deleting registration information and database tables. If disk encryption is enabled on the device, it is disabled after you confirm this action. All data in encrypted file systems and imported certificates and private keys for the SSL accelerator are lost after a reload.

To back up the existing management database for the WAAS Central Manager, use the cms database backup command. For database backups, specify the following items:

  • Location, password, and user ID
  • Dump format in PostgreSQL plain text syntax

The naming convention for backup files includes the time stamp and the WAAS version number.

After the backup is complete, use the copy disk ftp command to move the backup file to a remote system.

note.gif

Noteblank.gif For information on the procedure to back up and restore the CMS database on the WAAS Central Manager, see the Cisco Wide Area Application Services Configuration Guide.


note.gif

Noteblank.gif Do not run multiple instances of the cms database backup command simultaneously on a device. If a backup is in progress, you must wait for it to finish before using the command again.


When you use the cms recover identity word command when recovering lost registration information, or replacing a failed node with a new node that has the same registration information, you must specify the device recovery key that you configured in the Modifying Config Property, System.device.recovery.key window of the WAAS Central Manager GUI.

note.gif

Noteblank.gif All CMS-related commands are disabled when running the cms restore command.


Use the lcm command to configure local/central management (LCM) on a WAE. The LCM feature allows settings that are configured using the device CLI or GUI to be stored as part of the WAAS network-wide configuration data (enable or disable).

When you enter the cms lcm enable command, the CMS process running on WAEs and the standby WAAS Central Manager detects the configuration changes that you made on these devices using CLIs and sends the changes to the primary WAAS Central Manager.

When you enter the cms lcm disable command, the CMS process running on the WAEs and the standby WAAS Central Manager does not send the CLI changes to the primary WAAS Central Manager. Settings configured using the device CLIs will not be sent to the primary WAAS Central Manager.

If LCM is disabled, the settings configured through the WAAS Central Manager GUI will overwrite the settings configured from the WAEs; however, this rule applies only to those local device settings that have been overwritten by the WAAS Central Manager when you have configured the local device settings. If you (as the local CLI user) change the local device settings after the particular configuration has been overwritten by the WAAS Central Manager, the local device configuration will be applicable until the WAAS Central Manager requests a full device statistics update from the WAEs (clicking the Force full database update button from the Device Dashboard window of the WAAS Central Manager GUI triggers a full update). When the WAAS Central Manager requests a full update from the device, the WAAS Central Manager settings will overwrite the local device settings.

Examples

The following example shows how to back up the cms database management tables on the WAAS Central Manager named waas-cm:

waas-cm# cms database backup
creating backup file with label `backup'
backup file local1/acns-db-9-22-2002-17-36.dump is ready. use `copy' commands to move the backup file to a remote host.
 

The following example shows how to validate the cms database management tables on the WAAS Central Manager named waas-cm:

waas-cm# cms database validate
Management tables are valid
 

 
Related Commands

(config) cms

show cms

cms secure-store

To configure secure store encryption, use the cms secure-store EXEC commands.

cms secure-store { init | open | change | clear | reset | mode { user-passphrase | auto-passphrase }}

 
Syntax Description

init

Initializes secure store encryption on the WAE device and opens the secure store. This option is valid only on WAE devices.

open

Activates secure store encryption (the WAAS device encrypts the stored data using secure store encryption). On WAEs, secure store encryption must already be initialized using the cms secure-store init command.

This option is valid on all types of devices. On the Central Manager, this command is valid only when in user-provided passphrase mode and it prompts you to enter the secure store encryption pass phrase.

change

Changes the secure store encryption pass phrase and encryption key. On the Central Manager, this command prompts you to enter the current pass phrase, new pass phrase, and confirm the new pass phrase. The WAAS device uses the pass phrase to generate the encryption key for secure disk encryption.
After this option is used, the Central Manager is in user-provided passphrase mode.
This option is valid only on the primary Central Manager and WAE devices.

clear

Disables secure store encryption. This option is valid only on WAE devices.

Note If a Windows Domain User Account Identity has been configured on the device or the device group for encrypted-mapi acceleration, you will not be able to clear the secure store on the device. You must remove the Windows domain user account identity configuration from the device or device group before you can clear secure store.

reset

Resets secure store to the uninitialized state. You must initialize but not open secure store encryption and you must be in user-provided passphrase mode, to use this option. This option is valid only on primary Central Manager devices.

mode

Sets the secure store mode of opening. This option is valid only on primary Central Manager devices.

user-passphrase

Sets secure store to require a user-provided pass phrase to open after a reboot.

auto-passphrase

Sets secure store to automatically open after a reboot by using a unique system-generated pass phrase.

 
Defaults

A new Central Manager is configured for auto-generated passphrase mode with the secure store open.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Secure store encryption provides strong encryption and key management for your WAAS system. The WAAS Central Manager and WAE devices use secure store encryption for handling passwords, managing encryption keys, and for data encryption.

On a new Central Manager, secure store is initialized and open and in auto-generated passphrase mode. The only options are to change the pass phrase (which sets the secure store to user-provided passphrase mode) or to change to user-provided passphrase mode. To change to user-provided passphrase mode, use the cms secure-store mode user-passphrase command.

note.gif

Noteblank.gif There may be a delay of a few minutes for the any changes you submit with the cms secure-store command to take effect. There may also be a delay for any changes to take effect if you submit changes at the WAAS CM Configure > Security > Secure Store Settings window.


For secure store on the Central Manager, the data is encrypted using a key encryption key generated from the pass phrase with SHA-1 hashing and an AES 256-bit algorithm. When you enable secure store on a WAE device, the data is encrypted using a 256-bit key encryption key generated by SecureRandom, a cryptographically strong pseudorandom number. You can use your own password to enable secure store, but it is not necessary in auto-generated passphrase mode (the default), where the Central Manager generates a unique password automatically. A user-supplied password must conform to the following rules:

  • Be 8 to 64 characters in length
  • Contain characters only from the allowed set: A-Za-z0-9~%'!#$^&*()|;:,"<>/
  • Contain at least one digit
  • Contain at least one lowercase and one uppercase letter

If you are using the user-provided passphrase mode, when you reboot the Central Manager, you must manually reopen secure store using the cms secure-store open command. Until you open the secure store, a critical alarm is displayed on the Central Manager and services that use encryption (such as the SSL application accelerator) are not available. If you are using the auto-generated passphrase mode (the default), the Central Manager automatically opens the secure store after a reboot by using its own generated pass phrase.

The secure store passphrase mode on the primary Central Manager is replicated to the standby Central Manager (within the standard replication time). If the primary Central Manager is switched to auto-generated passphrase mode, the standby Central Manager secure store changes to the open state. If the primary Central Manager is switched to user-provided passphrase mode or the passphrase is changed, the standby Central Manager secure store changes to the initialized but not open state and an alarm is raised. You must manually open the secure store on the standby Central Manager.

When you enable secure store on a WAE, the WAE initializes and retrieves a new encryption key from the Central Manager. The WAE uses this key to encrypt user passwords and dynamic share credentials stored on the WAE. When you reboot the WAE after enabling secure store, the WAE retrieves the key from the Central Manager automatically, allowing normal access to the data that is stored in the WAAS persistent storage. If key retrieval fails, an alarm is raised and secure store will be in the initialized but not open state. You must open secure store manually.

If you have made any other CLI configuration changes on a WAE within the datafeed poll rate time interval (5 minutes by default) before you entered the cms secure-store command, you will lose those prior configuration changes and you will need to redo them.

Use the cms secure-store reset command if you reload a Central Manager that is configured in user-provided passphrase mode and you forget the secure store password. This command deletes all encrypted data, certificate and key files, and key manager keys. The secure store is left in the open state using auto-generated passphrase mode. For the complete procedure for resetting the secure store, see the “Resetting Secure Store Encryption on a Central Manager” section on page 9-17 in the Cisco Wide Area Application Services Configuration Guide.

Examples

The following example shows how to change the pass phrase mode of the secure store encryption on the WAAS Central Manager:

waas-cm# cms secure-store mode user-passphrase
Stopping cms.
Do you wish to switch to User-provided passphrase mode? [yes]/no :y
 
 
The passphrase must adhere to the following rules
*******************************************************************
* 1) Must be between 8 to 64 characters in length *
* 2) Allowed character set is A-Za-z0-9~%'!#$^&*()|;:,"<>/*
* 3) Must contain at least one digit *
* 4) Must contain at least one lowercase and one uppercase letter *
*******************************************************************
 
Enter new passphrase:
Confirm passphrase:
 
Starting cms.
 

 
Related CommandsRelated Commands

show cms secure-store

configure

To enter global configuration mode, use the configure EXEC command. You must be in global configuration mode to enter global configuration commands.

configure

To exit global configuration mode, use the end or exit commands. You can also press Ctrl-Z to exit from global configuration mode.

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

Examples

The following example shows how to enable global configuration mode on a WAAS device:

WAE# configure
WAE(config)#
 

 
Related Commands

(config) end

(config) exit

show running-config

show startup-config

copy disk

To copy the configuration or image data from a disk to a remote location using FTP or to the startup configuration, use the copy disk EXEC command.

copy disk { ftp { hostname | ip-address } remotefiledir remotefilename localfilename | startup-config filename }

 
Syntax Description

ftp

Copies to a file on an FTP server.

hostname

Hostname of the FTP server.

ip-address

IP address of the FTP server.

remotefiledir

Directory on the FTP server to which the local file is copied.

remotefilename

Name of the local file once it has been copied to the FTP server.

localfilename

Name of the local file to be copied.

startup-config filename

Copies the existing configuration file from the disk to the startup configuration (NVRAM).

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy disk ftp EXEC command to copy files from a SYSFS partition to an FTP server. Use the copy disk startup-config EXEC command to copy a startup-configuration file to NVRAM.

Examples

The following example shows how to copy a startup-configuration file to NVRAM:

WAE# copy disk startup-config
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy ftp

To copy software configuration or image data from an FTP server, use the copy ftp EXEC command.

copy ftp disk { hostname | ip-address } remotefiledir remotefilename localfilename

copy ftp install { hostname | ip-address } remotefiledir remotefilename

copy ftp wow-recovery { hostname | ip-address } remotefiledir remotefilename

 
Syntax Description

disk

Copies a file to a local disk.

hostname

Hostname of the specific server.

ip-address

IP (IPV4/IPv6) address of the specific server.

remotefiledir

Directory on the FTP server where the image file to be copied is located.

remotefilename

Name of the file to be copied.

localfilename

Name of the copied file as it appears on the local disk.

install

Copies the file from an FTP server and installs the software release or firmware file to the local device.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy ftp disk EXEC command to copy a file from an FTP server to a SYSFS partition on the WAAS device. To show progress, this command prints a number sign (#) for each 1 MB of data that is copied.

Use the copy ftp install EXEC command to install an image file from an FTP server on a WAAS device. Part of the image goes to a disk and part goes to flash memory. This command can also be used to install a BIOS or other firmware update by specifying the appropriate update file.

You can also use the copy ftp install EXEC command to redirect your transfer to a different location. A username and a password have to be authenticated with a primary domain controller (PDC) before the transfer of the software release file to the WAAS device is allowed.

To show progress, this command prints a number sign (#) for each 1 MB of data that is copied.

Examples

The following example shows how to copy an image file from an FTP server and install the file on the local device:

WAE# copy ftp install 10.1.1.1 cisco/waas/4.1 WAAS-4.1.1-k9.bin
Enter username for remote ftp server:biff
Enter password for remote ftp server:*****
Initiating FTP download...
printing one # per 1MB downloaded
Sending:USER biff
10.1.1.1 FTP server (Version) Mon Feb 28 10:30:36 EST
2000) ready.
Password required for biff.
Sending:PASS *****
User biff logged in.
Sending:TYPE I
Type set to I.
Sending:PASV
Entering Passive Mode (128,107,193,244,55,156)
Sending:CWD //ftp-sj.cisco.com/cisco/waas/4.0
CWD command successful.
Sending PASV
Entering Passive Mode (128,107,193,244,55,156)
Sending:RETR WAAS-4.1.1-k9.bin
Opening BINARY mode data connection for ruby.bin (87376881 bytes).
###################################################################################
writing flash component:
.................................................................
The new software will run after you reload.
 

The following example shows how to upgrade the BIOS. All output is written to a separate file (/local1/.bios_upgrade.txt) for traceability. The hardware-dependent files that are downloaded from Cisco.com for the BIOS upgrade are automatically deleted from the WAAS device after the BIOS upgrade procedure has been completed.

WAE# copy ftp install upgradeserver /bios/update53/derived/ bios.bin
Enter username for remote ftp server:myusername
Enter password for remote ftp server:*****
Initiating FTP download...
.
.
.
Primary BIOS flashed successfully
Cleanup BIOS related files that were downloaded....
The new software will run after you reload.
WAE#
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy http

To copy configuration or image files from an HTTP server to the WAAS device, use the copy http EXEC command.

copy http install { hostname | ip-address } remotefiledir remotefilename [ port portnum ] [ proxy proxy_portnum ] [ username username password ]

 
Syntax Description

install

Copies the file from an HTTP server and installs the software release file to the local device.

hostname

Name of the HTTP server.

ip-address

IP (IPV4/IPv6) address of the HTTP server.

remotefiledir

Remote file directory.

remotefilename

Remote filename.

port portnum

(Optional) Specifies the port number (1–65535) to connect to the HTTP server (the default is 80).

proxy proxy_portnum

(Optional) Allows the request to be redirected to an HTTP proxy server. HTTP proxy server port number (1–65535).

username username password

(Optional) Specifies the username and password to access the HTTP proxy server.

 
Defaults

HTTP server port: 80

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy http install EXEC command to install an image file from an HTTP server and install it on a WAAS device. It transfers the image from an HTTP server to the WAAS device using HTTP as the transport protocol and installs the software on the device. Part of the image goes to a disk and part goes to flash memory. Use the copy http central EXEC command to download a software image into the repository from an HTTP server.

You can also use the copy http install EXEC commands to redirect your transfer to a different location or HTTP proxy server by specifying the proxy hostname | ip-address option. A username and a password have to be authenticated with a primary domain controller (PDC) before the transfer of the software release file to the WAAS device is allowed.

Examples

The following example shows how to copy an image file from an HTTP server and install the file on the WAAS device:

WAE# copy http install 10.1.1.1 //ftp-sj.cisco.com/cisco/waas/4.0 WAAS-4.0.0-k9.bin
Enter username for remote ftp server:biff
Enter password for remote ftp server:*****
Initiating FTP download...
printing one # per 1MB downloaded
Sending:USER biff
10.1.1.1 FTP server (Version) Mon Feb 28 10:30:36 EST
2000) ready.
Password required for biff.
Sending:PASS *****
User biff logged in.
Sending:TYPE I
Type set to I.
Sending:PASV
Entering Passive Mode (128,107,193,244,55,156)
Sending:CWD //ftp-sj.cisco.com/cisco/waas/4.0
CWD command successful.
Sending PASV
Entering Passive Mode (128,107,193,244,55,156)
Sending:RETR WAAS-4.0.0-k9.bin
Opening BINARY mode data connection for ruby.bin (87376881 bytes).
###################################################################################
writing flash component:
.................................................................
The new software will run after you reload.
 

The following example shows how to upgrade the BIOS. All output is written to a separate file (/local1/.bios_upgrade.txt) for traceability. The hardware-dependent files that are downloaded from Cisco.com for the BIOS upgrade are automatically deleted from the WAAS device after the BIOS upgrade procedure has been completed.

WAE# copy ftp install upgradeserver /bios/update53/derived/ bios.bin
Enter username for remote ftp server:myusername
Enter password for remote ftp server:*****
Initiating FTP download...
.
.
.

 
Related Commands

install

reload

show running-config

show startup-config

write

copy monitoring-log

To copy SMB statistics data to the local disk or an FTP server, use the copy monitoring-log EXEC command.

copy monitoring-log { disk filename | ftp { hostname | ip-address } remotefiledir remotefilename }

 
Syntax Description

disk filename

Copies the statistics in CSV format to the specified local disk file in the /local/local1 directory.

ftp

Copies the statistics in CSV format to the specified remote file on an FTP server.

hostname

Name of the FTP server.

ip-address

IP (IPV4/IPv6) address of the FTP server.

remotefiledir

Remote file directory.

remotefilename

Remote filename.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use this command to write the last 14 days of statistics data that has been collected by the stats-collector logging global configuration command. The data is written as a CSV file compressed in tar archive format.

Examples

The following example shows how to copy statistics data to an FTP server:

WAE# copy monitoring-log ftp 10.1.1.1 mydir mystats
 

 
Related Commands

(config) stats-collector logging

copy running-config

To copy a configuration or image data from the current configuration, use the copy running-config EXEC command.

copy running-config { disk filename | startup-config | tftp { hostname | ip-address } remotefilename }

 
Syntax Description

disk filename

Copies the current system configuration to a disk file. Specify the name of the file to be created on a disk.

startup-config

Copies the running configuration to startup configuration (NVRAM).

tftp

Copies the running configuration to a file on a TFTP server.

hostname

Hostname of the TFTP server.

ip-address

IP (IPV4/IPv6) address of the TFTP server.

remotefilename

Remote filename of the configuration file to be created on the TFTP server. Use the complete pathname.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy running-config EXEC command to copy the running system configuration of the WAAS device to a SYSFS partition, flash memory, or TFTP server. The copy running-config startup-config EXEC command is equivalent to the write memory EXEC command.

Examples

The following example shows how to copy the current system configuration to startup configuration (NVRAM):

WAE# copy running-config startup-config
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy scp

To securely copy configuration or image files from a source to a destination location, use the copy scp EXEC command.

copy scp { { disk { hostname | ip-address} remote_dir remote_file local_file} | { install { hostname | ip-address } remote_dir remote_file }}

 
Syntax Description

disk

Copies the current system configuration to a disk file.

hostname

Hostname of the SCP server.

ip-address

IP (IPV4/IPv6) address of the SCP server.

remote_dir

Remote directory where the system information file is to be created on the SCP server.

remote_file

Remote filename of the system information file to be created on the SCP server.

local_file

Name of the copied file as it appears on the local disk.

install

Copies the file from a source server and installs the software release or firmware file to the local device.

hostname

Hostname of the SCP server.

ip-address

IP address of the SCP server.

remote_dir

Remote directory where the system information file is to be created on the SCP server.

remote_file

Remote filename of the system information file to be created on the SCP server.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy scp disk EXEC command to copy a file from an SCP server to a SYSFS partition on the WAAS device.

Use the copy scp install EXEC command to install a software release or firmware file from an SCP server on a WAAS device.

Examples

The following example shows how to securely install the software release or firmware file from a source to a destination location:

WAE#copy scp install 2.43.65.21 /work/admin ruby.test.bin
Enter usename for remote scp server: admin
 
WARNING!!!
READ THIS BEFORE ATTEMPTING TO LOGON
 
This System is for the use of authorized users only. Individuals
using this computer without authority, or in excess of their
authority, are subject to having all of their activities on this
system monitored and recorded by system personnel. In the course
of monitoring individuals improperly using this system, or in the
course of system maintenance, the activities of authorized users
may also be monitored. Anyone using this system expressly
consents to such monitoring and is advised that if such
monitoring reveals possible criminal activity, system personnel
may provide the evidence of such monitoring to law enforcement
officials.
 
Cisco Acceptable Use Policy:
http://wwwin.cisco.com/infosec/policies/acceptableuse.shtml
 
admin@2.43.65.21's password:
ruby.test.bin 100% |*****************************| 432 MB 00:13
Backing up existing version WAAS 5.1.0-b67, built on 02:20:49 Nov 29 2012 by damaster
Converting Manifest files... Done
Rebuilding image based on current software... Done
Backing up flash configuration... Done
Reclaiming unused flash safe state sectors...SSMGR RETURNING: 4 (Success)
Done.
Detected OE594
Installing phase3 bootloader...
Installing WAE 64-bit image.
buildsysimg: short write on /swstore/comp.basesystem: Inappropriate ioctl for device
/swstore/default_ruby_installer.sh: problem running buildsysimg
Remove /swstore/backup to free up space.
Installing system image to flash... The new software will run after you reload.
 

 
Related Commands

install

copy sysreport

copy tech-support

copy secure-http

To securely copy configuration or image files from a source http server, use the copy secure-http EXEC command.

copy secure-http install {hostname | ip-address}

copy secure-http install usb filename

install

Copies the file from a source server and installs the software release or firmware file to the local device.

hostname

Hostname of the HTTP server.

ip-address

IP (IPV4/IPv6) address of the HTTP server.

usb filename

The filename on the USB flash drive installed in a WAVE or ENCS device.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy secure-http install EXEC command to copy and install a software release from a secure HTTP server on a WAAS device.

Examples

The following example shows how to securely install the software release or firmware file from a sourcehttp server to a destination location:

WAE#copy secure-http install 2.43.65.21 /work/admin ruby.test.bin
 
 

 
Related Commands

install

copy scp

copy tech-support

copy startup-config

To copy configuration or image data from the startup configuration, use the copy startup-config EXEC command.

copy startup-config { disk filename | running-config | tftp { hostname | ip-address } remotefilename }

 
Syntax Description

disk filename

Copies the startup configuration to a disk file. Specify the name of the startup configuration file to be copied to the local disk.

running-config

Copies the startup configuration to running configuration.

tftp

Copies the startup configuration to a file on a TFTP server.

hostname

Hostname of the TFTP server.

ip-address

IP (IPV4/IPv6) address of the TFTP server.

remotefilename

Remote filename of the startup configuration file to be created on the TFTP server. Use the complete pathname.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy startup-config EXEC command to copy the startup configuration file to a TFTP server or to a SYSFS partition.

Examples

The following example shows how to copy the startup configuration file to the running configuration:

WAE# copy startup-config running-config
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy sysreport

To copy system troubleshooting information from the device, use the copy sysreport EXEC command.

copy sysreport disk filename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]

copy sysreport ftp { hostname | ip-address } remotedirectory remotefilename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]

copy sysreport scp { hostname | ip-address } remotedirectory remotefilename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]

copy sysreport tftp { hostname | ip-address } remotefilename } [ start-date { day month | month day } year [ end-date { day month | month day } year ]]

copy sysreport usb filename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]

 
Syntax Description

disk filename

Copies system information to a disk file. Specify the name of the file to be created on a disk. Note that.tar.gz is appended to the filename that you specify.

ftp

Copies system information to a FTP server.

hostname

Hostname of the server.

ip-address

IP(IPV4/IPv6) address of the server.

remotedirectory

Remote directory where the system information file is to be created on the server.

remotefilename

Remote filename of the system information file to be created on the server.

scp

Copies system information to a SCP server.

hostname

Hostname of the server.

ip-address

IP address of the server.

remotedirectory

Remote directory where the system information file is to be created on the server.

remotefilename

Remote filename of the system information file to be created on the server.

start-date

(Optional) Specifies the start date of the information in the generated system report.

day month

Start date day of the month (1–31) and month of the year (January, February, March, April, May, June, July, August, September, October, November, December). You can alternately specify the month first, followed by the day.

year

Start date year (1993–2035).

end-date

(Optional) Specifies the end date of information in the generated system report. If omitted, this date defaults to today. The report includes files through the end of this day.

day month

End date day of the month (1–31) and month of the year (January, February, March, April, May, June, July, August, September, October, November, December). You can alternately specify the month first, followed by the day.

year

End date year (1993–2035).

tftp

Copies system information to a TFTP server.

start-date

(Optional) Specifies the start date of the information in the generated system report.

day month

Start date day of the month (1–31) and month of the year (January, February, March, April, May, June, July, August, September, October, November, December). You can alternately specify the month first, followed by the day.

year

Start date year (1993–2035).

end-date

(Optional) Specifies the end date of information in the generated system report. If omitted, this date defaults to today. The report includes files through the end of this day.

usb filename

Copies system information to a USB flash drive installed in a WAVE-294/594/694/7541/7571/8541 device. Specify the name of the file to be created on the USB flash drive. Note that.tar.gz is appended to the filename that you specify.

 
Defaults

If end-date is not specified, today is used.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

A system report is a comprehensive report, which you must generate before contacting Cisco technical support. The system report contains output from many commands and system logs, including show commands, network and other statistics, graphs, log content, and configuration settings.

note.gif

Noteblank.gif The copy sysreport command consumes significant CPU and disk resources and can adversely affect system performance while it is running. The system report can be from 30 MB to 100MB in size, or larger, depending on your system configuration.


  • Before you run the copy sysreport command:

blank.gif Before generating a system report, use the test command to run diagnostic tests, so that diagnostic information is also included in the system report.

blank.gif Before generating a system report on a WAAS CM or standby WAAS CM, make a database backup by using the cms database backup command.

  • To generate a system report and store it on an FTP server, use the following form of the sysreport command:

copy sysreport ftp server-ip

  • Generating the system report:

    When you run the copy sysreport disk command, the system report must be saved to the local1 directory.
note.gif

Noteblank.gif When you run the copy sysreport disk command, the system report save process differs depending on the version of WAAS you are running.

For WAAS versions 6.1.x and later, the copy sysreport disk command saves the system report to the present working directory. Therefore, you must be in the local1 directory path when you run the copy sysreport disk command. If you are not in the local1 directory, the error message “Could not generate sysreport in location your-current-location” is displayed.

To display your present working directory, use the pwd command. To change your directory, use the cd command.

For WAAS versions earlier than 6.1.x, the copy sysreport disk command saves the system report to the local1 directory, irregardless of your present working directory. Therefore, you can be in any system directory when you run the copy sysreport disk command, and the system report is saved to the local1 directory.


  • Storing the completed system report:

Because the system report is such a large file, after you run the copy sysreport disk command, move the report file out of the disk, to save significant disk space. To do this, follow these steps:

1. WAE# copy generatedSysreport-name ftp server-name
The generated system report is copied from the current disk location and a copy is stored to a non-current-disk destination.

2. WAE# delfile generatedSysreport-name
The original generated system report on the current disk is deleted.

Examples

The following example shows how to copy the system information to the file mysysinfo on the local WAAS device:

WAE# copy sysreport disk mysysinfo start-date 1 March 2016 end-date March 31 2016
 

The following example shows how to copy system information by FTP to the file myfile in the root directory of the FTP server named myserver:

WAE# copy sysreport ftp myserver / myfile start-date 1 March 2016 end-date March 31 2016

 
Related Commands

cms

pwd

show running-config

show startup-config

test

copy system-status

To copy status information from the system for debugging, use the copy system-status EXEC command.

copy system-status disk filename

 
Syntax Description

disk filename

Specifies the name of the file to be created on the disk.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy system-status EXEC command to create a file on a SYSFS partition that contains hardware and software status information.

Examples

The following example shows how to copy the system status to a disk file:

WAE# copy system-status disk file1
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy tech-support

To copy the configuration or image data from the system to use when working with Cisco TAC, use the copy tech-support EXEC command.

copy tech-support { disk filename | ftp { hostname | ip-address } remotedirectory remotefilename | scp { hostname | ip-address} remotedirectory remotefilename | tftp { hostname | ip-address } remotefilename }

 
Syntax Description

disk filename

Copies system information for technical support to a disk file. Specify the name of the file to be created on disk.

ftp

Copies system information for technical support to an FTP server.

hostname

Hostname of the server.

ip-address

IP (IPV4/IPv6) address of the server.

remotedirectory

Remote directory of the system information file to be created on the server. Use the complete pathname.

remotefilename

Remote filename of the system information file to be created on the server.

scp

Copies system information for technical support to an SCP server

hostname

Hostname of the server.

ip-address

IP address of the server.

remotedirectory

Remote directory of the system information file to be created on the server. Use the complete pathname.

remotefilename

Remote filename of the system information file to be created on the server.

tftp

Copies system information for technical support to a TFTP server.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Use the copy tech-support tftp EXEC command to copy technical support information to a TFTP server or to a SYSFS partition.

Examples

The following example shows how to copy system information for tech support to a disk file:

WAE# copy tech-support disk file1
 

 
Related Commands

install

reload

show running-config

show startup-config

write

copy tftp

To copy configuration or image data from a TFTP server, use the copy tftp EXEC command.

copy tftp disk { hostname | ip-address } remotefilename localfilename

copy tftp running-config { hostname | ip-address } remotefilename

copy tftp startup-config { hostname | ip-address } remotefilename

 
Syntax Description

disk

Copies an image from a TFTP server to a disk file.

hostname

Hostname of the TFTP server.

ip-address

IP (IPV4/IPv6) address of the TFTP server.

remotefilename

Name of the remote image file to be copied from the TFTP server. Use the complete pathname.

localfilename

Name of the image file to be created on the local disk.

running-config

Copies an image from a TFTP server to the running configuration.

startup-config

Copies an image from a TFTP server to the startup configuration.

 
Defaults

No default behaviors or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

Examples

The following example shows how to copy configuration or image data from a TFTP server to the running configuration:

WAE# copy tftp running-config
 

 
Related Commands

install

reload

show running-config

show startup-config

write

 

cpfile

To make a copy of a file, use the cpfile EXEC command.

cpfile oldfilename newfilename

 
Syntax Description

oldfilename

Name of the file to copy.

newfilename

Name of the copy to be created.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Only SYSFS files can be copied.

Examples

The following example shows how to create a copy of a file:

WAE# cpfile fe512-194616.bin fd512-194618.bin
 

 
Related Commands

deltree

dir

lls

ls

mkdir

pwd

rename

crypto delete

To remove SSL certificate and key files, use the crypto delete EXEC command.

crypto delete {ca-certificate filename | pkcs12 {filename | admin }}

 
Syntax Description

ca-certificate filename

Deletes a certificate authority certificate file.

pkcs12 filename

Deletes a PKCS12 format file. (PKCS12 files contain both the private encryption key and the public key certificate.)

admin

Deletes the certificate and key for the Central Manager admin service, if a custom certificate and key were installed. This option can be used only on the Central Manager.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the crypto delete EXEC command to remove a certificate from your WAE’s secure store. If you only want to disassociate a certificate from an accelerated service, use no server-cert-key in crypto ssl services accelerated-service mode.

If you use the crypto delete pkcs12 admin command to delete a custom certificate and key that were installed for the Central Manager admin service, the admin service uses its built-in self-signed certificate.

Examples

The following example shows how to delete the CA certificate file mycert.ca:

WAE# crypto delete ca-certificate mycert.ca
 

 
Related Commands

crypto export

crypto generate

crypto import

crypto export

To export SSL certificate and key files, use the crypto export EXEC command.

crypto export {ca-certificate filename | pkcs12 { factory-self-signed | admin | filename} {pem-cert-key | pem-cert-only | pem-key-only | pkcs12}}{disk pathname | ftp address | sftp address | terminal | tftp address}

 
Syntax Description

ca-certificate filename

Exports a certificate authority certificate file.

pkcs12

Exports a PKCS12 format file. (PKCS12 files contain both the private encryption key and the public key certificate.)

factory-self-signed

Specifies that the SSL PKCS file is to be self-signed.

admin

Specifies that the certificate and key are for the Central Manager admin service. This option can be used only on the Central Manager.

filename

Name of the PKCS12 file to be exported.

pem-cert-key

Exports both the certificate and key in PEM format.

pem-cert-only

Exports only the certificate in PEM format.

pem-key-only

Exports only the key in PEM format.

pkcs12

Exports both the certificate and key in PKCS12 format.

disk pathname

Exports to a disk. Type the disk filename including the full path.

ftp address

Exports to FTP. Type the FTP server’s IP address or hostname.

sftp address

Exports to secure FTP. Type the secure FTP server’s IP address or hostname.

terminal

Exports to a terminal. (Not available for crypto export pkcs12.)

tftp address

Exports to TFTP. Type the TFTP server’s IP address or hostname.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to export a CA certificate file named mycert.ca to an FTP server:

WAE# crypto export ca-certificate mycert.ca ftp 1.2.3.4 dir1 mycert.ca
 

The following example shows how to export the certificate and private key from a PKCS12 file named myfile.p12 to a PEM file on the local1 directory on the hard drive:

WAE# crypto export pkcs12 myfile.p12 pkcs12 disk /local1/myfile.p12
 

 
Related Commands

crypto delete

crypto generate

crypto import

crypto generate

To generate a self-signed certificate or a certificate signing request, use the crypt generate EXEC command.

crypto generate {csr rsa modulus {1024 | 1536 | 2048 | 512 | 768}{disk pathname | ftp address | sftp address | terminal | tftp address} | self-signed-cert filename [exportable] rsa modulus {1024 | 1536 | 2048 | 512 | 768}}

 
Syntax Description

csr rsa modulus

Generates a certificate signing request (CSR)

rsa modulus

Generates a self-signed certificate.

1024 | 1536 | 2048 | 512 | 768

Specifies the size (number of bits) used for the RSA modulus for a CSR or a self-signed certificate.

note.gif

Noteblank.gif The valid size for the RSA modulus for a self-signed certificate is dependent on the WAAS Version used. Refer to the crypto generate command Usage Guidelines for how to specify the RSA modulus size for WAAS Version 6.1.x and earlier, and for WAAS Version 6.2.x and later.


disk pathname

Generates the file to a disk. Type the disk filename including the full path.

ftp address

Generates the file to FTP. Type the FTP server’s IP address or hostname.

sftp address

Generates the file to secure FTP. Type the secure FTP server’s IP address or hostname.

terminal

Generates the file to a terminal.

tftp address

Generates the file to TFTP. Type the TFTP server’s IP address or hostname.

self-signed-cert filename

Generates a self-signed SSL encryption certificate. The filename of the self-signed certificate to be generated must have the.p12 file extension.

exportable

(Optional) Allows the self-signed certificate to be exported.

rsa modulus

Specifies the size of the RSA modulus to be used when generating the self-signed certificate.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

execmds-4.jpg
Usage Guidelines

The valid size (number of bits) for the RSA modulus for a self-signed certificate is dependent on the WAAS version:

  • For WAAS Version 6.1.x and earlier, the valid RSA module size is 512, 768, 1024, 1536, or 2048.
note.gif

Noteblank.gif A self-signed certificate on WAAS Version 6.1.x or earlier with an RSA modulus size of 512 is not compatible with Mozilla FireFox Version 39 and later, or with Google Chrome Version 48 and later. A self-signed certificate on WAAS Version 6.1.x or earlier with an RSA modulus size of 512 is compatible with Internet Explorer 8 and later.

If you have previously configured the RSA modulus size as 512: to access the WAAS CM with Mozilla FireFox Version 39 and later, or with Google Chrome Version 48 and later, you must regenerate the self-signed certificate with an RSA modulus size of 2048, and then upgade to the specified version of Mozilla FireFox or Google Chrome.


  • For WAAS Version 6.2.x and later, the valid RSA module size is 768, 1024, 1536, or 2048. The RSA module size 512 is not used with WAAS Version 6.2.x and later.

Examples

The following example shows how to create an exportable self-signed certificate. The certificate file is named myfile.p12 and is created using a 2048-bit RSA modulus.

WAE# crypto generate self-signed-cert myfile.p12 exportable rsa modulus 2048
Generating a 2048bit RSA private key
..........++++++++++++
...++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:US
State or Province Name (full name) [California]:<cr> (Press Enter to accept the default.)
Locality Name (eg, city) [San Jose]:San Jose
Organization Name (eg, company) [Cisco Systems]:
Organizational Unit Name (eg, section) [ADBU]:
Common Name (eg, YOUR name) [www.cisco.com]:
Email Address [tac@cisco.com]:
 
WAE#
 

 
Related Commands

crypto delete

crypto export

crypto import

crypto import

To import SSL certificates and key files, use the crypto import EXEC command.

crypto import ca-certificate filename {disk pathname | ftp host | http host | scep url | sftp host | terminal | tftp host}

crypto import pkcs12 {filename | admin} [exportable] [ignore-cert-chain-order] pem-cert-key {disk pathname | ftp host | http host | scep url | sftp host | terminal | tftp host}

crypto import pcsk12 {filename | admin} [exportable] [ignore-cert-chain-order] pkcs12 {disk pathname | ftp host | http host | sftp host | terminal | tftp host}

 
Syntax Description

ca-certificate filename

Imports a certificate authority certificate file. The name of the CA certificate file to be imported (PEM format) must have.ca extension.

pkcs12 filename

Specifies a certificate intended for the management or an accelerated service (PKCS12 format). A PKCS12 file contains both the private encryption key and the public key certificate. The name of the PKCS12 file to be imported must have a.p12 extension.

DSA-encoded certificates are not supported and will not be imported.

admin

Specifies that the certificate and key are for the Central Manager admin service. This option can be used only on the Central Manager.

exportable

(Optional) Configures the imported certificate to be exportable.

ignore-cert-chain-
order

(Optional) Allows the crypto import command to import a certificate chain that does not have a strict order.

pem-cert-key

Imports both the certificate and key in PEM format.

When you use the pem-cert-key keyword, you must specify the pathname and filename or the address and filename for both the certificate file and the key file for disk, ftp, sftp, and tftp.

pkcs12

Imports both the certificate and key in PKCS12 format.

disk pathname

Imports from a disk. Type the disk filename including the full path.

ftp address

Imports from FTP. Type the FTP server’s IP address or hostname.

sftp address

Imports from secure FTP. Type the secure FTP server’s IP address or hostname.

scep url

Imports from a SCEP server. Type the SCEP server’s IP address.

terminal

Imports from a terminal.

tftp address

Imports from TFTP. Type the TFTP server’s IP address or hostname.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The Central Manager admin service uses a self-signed certificate and key by default. You can use the crypto import pkcs12 admin command to import a custom certificate and key in PKCS12 or PEM format. If you delete the custom certificate and key, the self-signed certificate and key again become active.

note.gif

Noteblank.gif DSA certificates and keys cannot be imported.


Examples

The following example shows how to import a CA certificate file named mycert.ca from a TFTP server:

WAE# crypto import ca-certificate mycert.ca tftp 00.00.00.00
 

 
Related Commands

crypto delete

crypto export

crypto generate

crypto pki

To initialize the PKI managed store, use the crypto pki EXEC command.

crypto pki managed-store initialize

 
Syntax Description

managed-store

Specifies managed store commands.

initialize

Initializes the PKI managed store.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

Examples

The following example shows how to initialize the PKI managed store:

WAE# crypto pki managed-store initialize
 

 
Related Commands

crypto export

crypto generate

crypto import

debug aaa accounting

To monitor and record AAA accounting debugging, use the debug aaa accounting EXEC command. To disable debugging, use the undebug form of this command.

debug aaa accounting

undebug aaa accounting

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable AAA accounting debug monitoring:

WAE# debug aaa accounting
 

 
Related Commands

show debugging

debug aaa authorization

To monitor and record AAA authorization debugging, use the debug aaa authorization EXEC command. To disable debugging, use the undebug form of this command.

debug aaa authorization

undebug aaa authorization

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable AAA authorization debug monitoring:

WAE# debug aaa authorization
 

 
Related Commands

show debugging

debug accelerator

To monitor and record accelerator debugging, use the debug accelerator EXEC command. To disable debugging, use the undebug form of this command.

debug accelerator generic [ connection | misc | shell | stats | all ]

no debug accelerator generic [ connection | misc | shell | stats | all ]

debug accelerator http [ bypass-list | cli | conditional-response | connection | dre-hints | metadatacache | redirect-response | shell | subnet | supress-server-encoding | transaction | unauthorized-response | all ]

no debug accelerator http [ bypass-list | cli | conditional-response | connection | dre-hints | metadatacache | redirect-response | shell | subnet | supress-server-encoding | transaction | unauthorized-response | all ]

debug accelerator mapi [ all | Common-flow | DCERPC-layer | EMSMDB-layer | IO | ROP-layer | ROP-parser | RPCHTTP-layer | RCP-parser | shell | Transport | Utilities ]

no debug accelerator mapi [ all | Common-flow | DCERPC-layer | EMSMDB-layer | IO | ROP-layer | ROP-parser | RPCHTTP-layer | RCP-parser | shell | Transport | Utilities ]

debug accelerator ica [ all | ao-connectionmgr | ao-parser | cgp | connection | crypto | detectionparser | failure | hash | ica | initialization | io | main | pipe | shell ]

no debug accelerator ica [ all | ao-connectionmgr | ao-parser | cgp | connection | crypto | detectionparser | failure | hash | ica | initialization | io | main | pipe | shell ]

debug accelerator smb [ cli | cmd-close | cmd-create | cmd-lock | cmd-others | cmd-query-info | cmd-read | cmd-set-info | cmd-write | flow | large-data-flush | lock-manager | meta-data | named-pipe | not-found-cache | packeter | parser | read-ahead | shell | vfn | all ]

no debug accelerator smb [ cli | cmd-close | cmd-create | cmd-lock | cmd-others | cmd-query-info | cmd-read | cmd-set-info | cmd-write | flow | large-data-flush | lock-manager | meta-data | named-pipe | not-found-cache | packeter | parser | read-ahead | shell | vfn | all ]

debug accelerator ssl [ accelerated-svc | alarm | all | am | am-generic-svc | bio | ca | ca-pool | cipherlist | client-to-server | dataserver | flow-shutdown | generic | ocsp | oom-manager | openssl-internal | parser | peering-svc | session-cache | shell | sm-alert | sm-generic | sm-io | sm-pipethrough | synchronization | verify | waas-to-waas ]

no debug accelerator ssl [ accelerated-svc | alarm | all | am | am-generic-svc | bio | ca | ca-pool | cipherlist | client-to-server | dataserver | flow-shutdown | generic | ocsp | oom-manager | openssl-internal | parser | peering-svc | session-cache | shell | sm-alert | sm-generic | sm-io | sm-pipethrough | synchronization | verify | waas-to-waas ]

debug accelerator wansecure [ all | flow | mux | ocsp | shell | ssl ]

no debug accelerator wansecure [ all | flow | mux | ocsp | shell | ssl ]

 
Syntax Description

generic

Enables generic accelerator debugging.

connection

Enables accelerator connection debugging.

misc

Enables generic accelerator miscellaneous debugging.

shell

Enables accelerator shell debugging.

stats

Enables generic accelerator statistics debugging.

all

Enables all accelerator debugging of a specified type.

http

Enables HTTP accelerator debugging.

bypass-list

Enables HTTP accelerator bypass list debugging.

cli

Enables configuration CLI debugging.

conditional-response

Enables HTTP accelerator metadata cache conditional response debugging.

dre-hints

Enables HTTP accelerator DRE hinting debugging.

metadatacache

Enables HTTP accelerator metadata cache debugging.

redirect-response

Enables HTTP accelerator metadata cache redirect response debugging.

subnet

Enables HTTP accelerator subnet configuration debugging.

supress-server-encoding

Enables HTTP accelerator supress-server-encoding debugging.

transaction

Enables HTTP accelerator transaction debugging.

unauthorized-response

Enables HTTP accelerator metadata cache unauthorized response debugging.

ica

Enables ICA accelerator debugging.

ao-connectionmgr

Enables ICA AO-ConnectionMgr debugging.

ao-parser

Enables ICA AO-Parser debugging.

cgp

Enables ICA CGP debugging.

connection

Enables ICA AO-Connection debugging.

crypto

Enables ICA CRYPTO debugging.

detectionparser

Enables ICA detectionparser debugging.

failure

Enables ICA allocation failure debugging.

hash

Enables ICA HASH debugging.

ica

Enables ICA parsing debugging.

initialization

Enables ICA initialization debugging.

io

Enables ICA IO debugging.

main

Enables ICA main debugging.

pipe

Enables ICA pipe debugging.

shell

Enables ICA shell debugging.

mapi

Enables MAPI accelerator debugging.

Common-flow

Enables MAPI common flow debugging.

DCERPC-layer

Enables MAPI DCERPC layer flow debugging.

EMSMDB-layer

Enables MAPI EMSMDB layer flow debugging.

IO

Enables MAPI IO flow debugging.

ROP-layer

Enables MAPI ROP layer flow debugging.

ROP-parser

Enables MAPI ROP parser flow debugging.

RCP-parser

Enables MAPI RCP parser flow debugging.

RPCHTTP-layer

Enable MAPI RPCHTTP-layer flow debugs

shell

Enables MAPI shell flow debugging.

Transport

Enables MAPI transport flow debugging.

Utilities

Enables MAPI utilities flow debugging.

smb

Enables SMB accelerator debugging.

cmd-close

Enables SMB close commands debugging.

cmd-create

Enables SMB create commands debugging.

cmd-lock

Enables SMB lock commands debugging.

cmd-others

Enables SMB other commands debugging.

cmd-query-info

Enables SMB query-info commands debugging.

cmd-read

Enables SMB read commands debugging.

cmd-set-info

Enables SMB set-info commands debugging.

cmd-write

Enables SMB write commands debugging.

flow

Enables SMB flow debugging.

large-data-flush

Enables SMB large data flush debugging.

lock-manager

Enables SMB lock manager debugging.

meta-data

Enables SMB meta data debugging.

named-pipe

Enables SMB named pipe debugging.

not-found-cache

Enables SMB not-found metadata cache debugging.

packeter

Enables SMB packeter debugging.

parser

Enables SMB parser debugging.

read-ahead

Enables SMB read-ahead debugging.

shell

Enables SMB shell debugging.

vfn

Enables SMB VFN debugging.

ssl

Enables SSL accelerator debugging.

accelerated-svc

Enables accelerated service debugging.

alarm

Enables SSL AO alarm debugging.

am

Enables SSL auth manager debugging.

am-generic-svc

Enables SSL am generic service debugging.

bio

Enables SSL bio layer debugging.

ca

Enables SSL cert auth module debugging.

ca-pool

Enables SSL cert auth pool debugging.

cipherlist

Enables SSL cipher list debugging.

client-to-server

Enables SSL client-to-server datapath debugging.

dataserver

Enables SSL dataserver debugging.

flow-shutdown

Enables SSL flow shutdown debugging.

ocsp

Enables SSL ocsp debugging.

oom-manager

Enables SSL oom-manager debugging.

openssl-internal

Enables SSL openssl internal debugging.

parser

Enables SSL accelerator parser debugging.

peering-svc

Enables SSL peering service debugging.

session-cache

Enables SSL session cache debugging.

shell

Enables SSL shell debugging.

sm-alert

Enables SSL session manager alert debugging.

sm-generic

Enables SSL session manager generic debugging.

sm-io

Enables SSL session manager i/o debugging.

sm-pipethrough

Enables SSL session manager pipethrough debugging.

synchronization

Enables SSL synchronization debugging.

verify

Enables SSL certificate verification debugging.

waas-to-waas

Enables SSL waas-to-waas datapath debugging.

client-ip ip-addr

Specifies the client IP address.

server-ip ip-addr

Specifies the server IP address.

wansecure

Enables WANSECURE debugging.

flow

Enables WANSECURE flow debugging.

mux

Enables WANSECURE mux debugging.

ocsp

Enables WANSECURE ocsp debugging.

shell

Enables WANSECURE shell debugging.

ssl

Enables WANSECURE ssl debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

The output associated with the debug accelerator name module command for an application accelerator is written to the file name ao-errorlog.current, where name is the accelerator name. The accelerator information manager debug output is written to the file aoim-errorlog.current.

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all accelerator debug monitoring:

WAE# debug accelerator all
 

 
Related Commands

show debugging

debug accelerator http object-cache

To enable object-cache debugging, use the debug accelerator http object-cache EXEC command.

debug accelerator http object-cache {all | configuration | gate-keeper | logger | preposition | response-headers | statistics | traffic-plugin}

 

 
Syntax Description

all

Enable all object-cache debugging.

configuration

Enable configuration debugging.

gate-keeper

Enable gate keeper debugging.

logger

Enable logger debugging.

preposition

Enable cache prepositioning debugging.

response-headers

Enable debugging headers in HTTP response.

statistics

Enable statistics debugging.

traffic-plugin

Enable traffic plugin debugging.

execmds-4.jpg
Command Default

No default behavior or values.

execmds-4.jpg
Command Modes

EXEC

execmds-4.jpg
Device Modes Default

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the debug accelerator http object-cache EXEC command to enable debugging for all object-cache debugging, or to specifying debugging for a particular object-cache area, such as configuration, cache preposition, or statistics.

execmds-4.jpg
Examples

The following example shows how to enable debugging for all parameters for the HTTP object cache:

WAE# debug accelerator http object-cache all
 

debug accelerator mapi rpchttp-layer

To enable debugging of the MAPI RPC HTTP accelerator, use the debug accelerator mapi rpchttp EXEC command. To disable debugging, use the no form of this command.

debug accelerator mapi rpchttp-layer

no debug accelerator mapi rpchttp -layer

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the debug accelerator mapi rpchttp-layer EXEC command to enable debugging of the mapi RPC HTTP application accelerator.

Examples

The following example shows how to enable debugging for the MAPI object cache i/o:

WAE# debug accelerator mapi rpchttp-layer
 

 
Related Commands

debug accelerator

 

 

debug all

To monitor and record all debugging, use the debug all EXEC command. To disable debugging, use the undebug form of this command.

debug all

undebug all

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all debug monitoring:

WAE# debug all
 

 
Related Commands

show debugging

debug appnav-controller connection

To enable connection-specific debugging on an AppNav Controller Interface Module, use the debug appnav-controller connection EXEC command. To disable debugging, use the undebug form of this command.

debug appnav-controller connection access-list acl-name

undebug appnav-controller connection

 
Syntax Description

access-list acl-name

Enables access list connection debugging. Access list name is an alphanumeric identifier up to 30 characters, beginning with a letter.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

The ACL specified in this command is shared by the monitor appnav-controller traffic and packet-capture commands.

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable connection-specific debug monitoring for an AppNav Controller Interface Module:

WAE# debug appnav-controller connection access-list myacl
 

 
Related Commands

show debugging

debug appnav-controller drop capture

To enable debugging on an AppNav Controller Interface Module to capture dropped packets, use the debug appnav-controller drop capture EXEC command. To disable debugging, use the no form of this command.

debug appnav-controller drop capture index index limit limit

no debug appnav-controller drop capture

 
Syntax Description

index index

The number of the index; the default index value is 255.

limit limit

The maximum size of the packet capture file. The default limit is 65535.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

appnav-controller

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

To display the index, use the show controllers np counters direct-access drop command.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to a new log file in PCAP format.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to show dropped packets for the AppNav Controller Interface Module using an index of 20 and a limit of 500:

WAE# debug appnav-controller drop capture index 20 limit 500
WAE# show debugging
Appnav Controller Drop Capture enabled
Index = 20
Limit = 500
 

 
Related Commands

show debugging

debug authentication

To monitor and record authentication debugging, use the debug authentication EXEC command. To disable debugging, use the undebug form of this command.

debug authentication { user | windows-domain }

undebug authentication { user | windows-domain }

 
Syntax Description

user

Enables debugging of the user login against the system authentication.

windows-domain

Enables Windows domain authentication debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable user authentication debug monitoring, verify that it is enabled, and then disable debug monitoring:

WAE# debug authentication user
WAE# show debugging
Debug authentication (user) is ON
WAE# no debug authentication user
 

 
Related Commands

show debugging

debug auto-discovery

To trace connections in the auto discovery module, use the debug auto-discovery EXEC command. To disable debugging, use the undebug form of this command.

debug auto-discoveryconnection

undebug auto-discovery connection

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable auto discovery connection debugging:

WAE# debug auto-discovery connection
 

 
Related Commands

show debugging

debug buf

To monitor and record buffer manager debugging, use the debug buf EXEC command. To disable debugging, use the undebug form of this command.

debug buf { all | dmbuf | dmsg }

undebug buf { all | dmbuf | dmsg }

 
Syntax Description

all

Enables all buffer manager debugging.

dmbuf

Enables only dmbuf debugging.

dmsg

Enables only dmsg debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all buffer manager debug monitoring:

WAE# debug buff all
 

 
Related Commands

show debugging

debug cdp

To monitor and record CDP debugging, use the debug cdp EXEC command. To disable debugging, use the undebug form of this command.

debug cdp { adjacency | events | ip | packets }

undebug cdp { adjacency | events | ip | packets }

 
Syntax Description

adjacency

Enables CDP neighbor information debugging.

events

Enables CDP events debugging.

ip

Enables CDP IP debugging.

packets

Enables packet-related CDP debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable CDP events debug monitoring:

WAE# debug cdp events
 

 
Related Commands

show debugging

debug cli

To monitor and record CLI debugging, use the debug cli EXEC command. To disable debugging, use the undebug form of this command.

debug cli { all | bin | parser }

undebug cli { all | bin | parser }

 
Syntax Description

all

Enables all CLI debugging.

bin

Enables CLI command binary program debugging.

parser

Enables CLI command parser debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all CLI debug monitoring:

WAE# debug cli all
 

 
Related Commands

show debugging

debug cmm

To monitor and record cluster membership manager debugging, use the debug cmm EXEC command. To disable debugging, use the undebug form of this command.

debug cmm { all | cli | events | ipc | misc | packets | shell | timers }

undebug cmm { all | cli | events | ipc | misc | packets | shell | timers }

 
Syntax Description

all

Enables all cluster membership manager (CMM) debugging.

cli

Enables CMM CLI debugging.

events

Enables CMM state machine event debugging.

ipc

Enables CMM ipc message debugging.

misc

Enables CMM miscellaneous debugging.

packets

Enables CMM packet debugging.

shell

Enables CMM infra debugging.

timers

Enables CMM state machine timer debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all cmm debug monitoring:

WAE# debug cmm all
 

 
Related Commands

show debugging

debug cms

To monitor and record CMS debugging, use the debug cms EXEC command. To disable debugging, use the undebug form of this command.

debug cms{router-config | stats}

undebug cms

 
Syntax Description

router-config

Enables debug only router configuration from CM

stats

Enables debug only statistics

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable CMS debug monitoring:

WAE# debug cms
 

 
Related Commands

show debugging

debug connection

To enable connection-specific debugging, use the debug connection EXEC command. To disable debugging, use the undebug form of this command.

debug connection { all | access-list acl-name }

undebug connection { all | access-list acl-name }

 
Syntax Description

all

Enables all connection-specific debugging.

access-list acl-name

Enables access list connection debugging. Access list name is an alphanumeric identifier up to 30 characters, beginning with a letter.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all connection-specific debug monitoring:

WAE# debug connection all
 

 
Related Commands

show debugging

debug controllers

To monitor and record interface controller capture debugging, use the debug controllers EXEC command. To disable debugging, use the undebug form of this command.

debug controllers NP { crash-dump | dump-cfg }

undebug controllers NP { crash-dump | dump-cfg }

 
Syntax Description

crash-dump

Requests a crash dump that is saved to a file.

dump-cfg

Captures the NP configuration into NPSL format.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

appnav-controller

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to request a crash dump:

WAE# debug controllers NP crash-dump
 

 
Related Commands

show debugging

debug dataserver

To monitor and record data server debugging, use the debug dataserver EXEC command. To disable debugging, use the undebug form of this command.

debug dataserver { all | clientlib | server }

undebug dataserver { all | clientlib | server }

 
Syntax Description

all

Enables all data server debugging.

clientlib

Enables data server client library module debugging.

server

Enables data server module debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all data server debug monitoring:

WAE# debug dataserver all
 

 
Related Commands

show debugging

debug dhcp

To monitor and record DHCP debugging, use the debug dhcp EXEC command. To disable debugging, use the undebug form of this command.

debug dhcp

undebug dhcp

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable DHCP debug monitoring:

WAE# debug dhcp
 

 
Related Commands

show debugging

debug dre

To monitor and record DRE debugging, use the debug dre EXEC command. To disable debugging, use the undebug form of this command.

debug dre { aggregation | all | cache | chunking | connection { aggregation [ acl ] | cache [ acl ] | chunking [ acl ] | core [ acl ] | message [ acl ] | misc [ acl ] | acl } | core | lz | message | misc | nack | packet }

undebug dre { aggregation | all | cache | chunking | connection { aggregation [ acl ] | cache [ acl ] | chunking [ acl ] | core [ acl ] | message [ acl ] | misc [ acl ] | acl } | core | lz | message | misc | nack | packet }

 
Syntax Description

aggregation

Enables DRE chunk-aggregation debugging.

all

Enables the debugging of all DRE commands.

cache

Enables DRE cache debugging.

chunking

Enables DRE chunking debugging.

connection

Enables DRE connection debugging.

acl

ACL to limit connections traced.

core

Enables DRE core debugging.

lz

Enables DRE lz debugging.

message

Enables DRE message debugging for a specified connection.

misc

Enables DRE other debugging for a specified connection.

nack

Enables DRE NACK debugging.

packet

Enables DRE packet debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all DRE debug monitoring:

WAE# debug dre all
 

 
Related Commands

show debugging

debug egress-method

To monitor and record egress method debugging, use the debug egress-method EXEC command. To disable debugging, use the undebug form of this command.

debug egress-method connection

undebug egress-method connection

 
Syntax Description

connection

(Optional) Enables egress method connection debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all egress method debug monitoring:

WAE# debug egress-method connection
 

 
Related Commands

show debugging

debug encryption-service

To monitor and record encryption service debugging, use the debug encryption-service EXEC command. To disable debugging, use the undebug form of this command.

debug encryption-service { all | application-layer | cfgmgr | dcerpc-layer | gss | io | secure-store | server | shell | transport-lib | utilities }

undebug encryption-service { all | application-layer | cfgmgr | dcerpc-layer | gss | io | secure-store | server | shell | transport-lib | utilities }

 
Syntax Description

all

Enables debugging of all encryption services components.

application-layer

Enables debugging of the encryption services application layer.

cfgmgr

Enables debugging of the encryption services configuration manager.

dcerpc-layer

Enables debugging of the encryption services dcerpc layer.

gss

Enables debugging of the encryption services gss.

io

Enables debugging of the encryption services io.

secure-store

Enables debugging of the encryption services secure store.

server

Enables debugging of the encryption services server.

shell

Enables debugging of the encryption services shell.

transport-lib

Enables debugging of the encryption services transport library.

utilities

Enables debugging of the encryption services utilities.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable debugging of all encryption services components:

WAE# debug encryption-services all
 

 
Related Commands

show debugging

debug fda

To monitor and record flow distribution agent debugging, use the debug fda EXEC command. To disable debugging, use the undebug form of this command.

debug fda { all | events | infra | messages }

undebug fda { all | events | infra | messages }

 
Syntax Description

all

Enables all flow distribution agent debugging.

events

Enables only flow distribution agent event debugging.

infra

Enables only flow distribution agent infra debugging.

messages

Enables only flow distribution agent message debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all flow distribution agent debug monitoring:

WAE# debug fda all
 

 
Related Commands

show debugging

debug fdm

To monitor and record flow distribution manager debugging, use the debug fdm EXEC command. To disable debugging, use the undebug form of this command.

debug fdm { all | events | infra | messages }

undebug fdm { all | events | infra | messages }

 
Syntax Description

all

Enables all flow distribution manager debugging.

events

Enables only flow distribution manager event debugging.

infra

Enables only flow distribution manager infra debugging.

messages

Enables only flow distribution manager message debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all flow distribution manager debug monitoring:

WAE# debug fdm all
 

 
Related Commands

show debugging

debug filtering

To trace filtering connections setup, use the debug filtering EXEC command. To disable debugging, use the undebug form of this command.

debug filtering connection

undebug filtering connection

 
Syntax Description

connection

(Optional) Enables filtering module connection debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable filtering module connection debugging:

WAE# debug filtering connection
 

 
Related Commands

show debugging

debug flow

To monitor and record network traffic flow debugging, use the debug flow EXEC command. To disable debugging, use the undebug form of this command.

debug flow monitor type performance-monitor tcpstat-v1

undebug flow monitor type performance-monitor tcpstat-v1

 
Syntax Description

monitor

Enables monitor flow performance debugging commands.

tcpstat-v1

Enables tcpstat-v1 debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable network traffic flow debug monitoring:

WAE# debug flow monitor type performance-monitor tcpstat-v1
 

 
Related Commands

show debugging

debug generic-gre

To monitor and record generic GRE egress method debugging, use the debug generic-gre EXEC command. To disable debugging, use the undebug form of this command.

debug generic-gre

undebug generic-gre

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable generic GRE egress method debug monitoring:

WAE# debug generic-gre
 

 
Related Commands

show debugging

debug hw-raid

To monitor and record hardware RAID debugging, use the debug hw-raid EXEC command. To disable debugging, use the undebug form of this command.

debug hw-raid { all | cli | daemon }

undebug hw-raid { all | cli | daemon }

 
Syntax Description

all

Enables all hardware RAID debug commands.

cli

Enables hardware RAID CLI debugging.

daemon

Enables hardware RAID daemon debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all hardware RAID debug monitoring:

WAE# debug hw-raid all
 

 
Related Commands

show debugging

debug imd

To monitor and record interface manager debugging, use the debug imd EXEC command. To disable debugging, use the undebug form of this command.

debug imd { all | cli | infra | nprm | stats }

undebug fdm { all | cli | infra | nprm | stats }

 
Syntax Description

all

Enables all interface manager debugging.

cli

Enables only interface manager cli debugging.

infra

Enables only interface manager infra debugging.

nprm

Enables only interface manager nprm debugging.

stats

Enables only interface manager stats debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all interface manager debug monitoring:

WAE# debug imd all
 

 
Related Commands

show debugging

debug inline

To enable inline module debugging, use the debug inline EXEC command. To disable debugging, use the undebug form of this command.

debug inline { debug | info | warn }

undebug inline { debug | info | warn }

 
Syntax Description

debug

Sets the debug level to debug.

info

Sets the debug level to info.

warn

Sets the debug level to warn.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to set the log level for inline modules to warning level:

WAE# debug inline warn
 

 
Related Commands

show debugging

debug key-manager

To monitor and record key manager debugging, use the debug key-manager EXEC command. To disable debugging, use the undebug form of this command.

debug key-manager

undebug key-manager

 
Syntax Description

key-manager

(Optional) Enables key manager debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

central-manager (primary only)

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable monitoring API debug monitoring:

WAE# debug key-manager
 

 
Related Commands

show debugging

debug logging

To monitor and record logging debugging, use the debug logging EXEC command. To disable debugging, use the undebug form of this command.

debug logging all

undebug logging all

 
Syntax Description

all

Enables all logging debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all logging debug monitoring:

WAE# debug logging all
 

 
Related Commands

show debugging

debug monapi

To monitor and record monitor API debugging, use the debug monapi EXEC command. To disable debugging, use the undebug form of this command.

debug monapi

undebug monapi

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

central-manager (primary only)

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable monitoring API debug monitoring:

WAE# debug monapi
 

 
Related Commands

show debugging

debug nplogd

To monitor and record NP log daemon debugging, use the debug nplogd EXEC command. To disable debugging, use the undebug form of this command.

debug nplogd all

undebug nplogd all

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable NP log daemon debug monitoring:

WAE# debug nplogd all
 

 
Related Commands

show debugging

debug ntp

To monitor and record NTP debugging, use the debug ntp EXEC command. To disable debugging, use the undebug form of this command.

debug ntp

undebug ntp

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable NTP debug monitoring:

WAE# debug ntp
 

 
Related Commands

show debugging

debug object-cache database

To enable debugging of the object cache database, use the debug object-cache database EXEC command. To disable debugging, use the no form of this command.

debug object-cache database

no debug object-cache database

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the debug object-cache database EXEC command to enable debugging for the object cache database.

Examples

The following example shows how to enable debugging for the object cache database.

WAE# debug object-cache database
 

 
Related Commands

debug object-cache existence-cache

debug object-cache load-monitor

debug object-cache existence-cache

To enable debugging of the object cache existence cache database, use the debug object-cache existence-cache database EXEC command. To disable debugging, use the no form of this command.

debug object-cache existence-cache

no debug object-cache existence-cache

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the debug object-cache existence-cache EXEC command to enable debugging for the existence cache, which maintains information on whether or not an object is present in the object databases.

Examples

The following example shows how to enable debugging for the object cache existence cache.

WAE# debug object-cache existence-cache
 

 
Related Commands

debug object-cache database

 

debug object-cache load-monitor

To enable debugging of the object cache load monitor function, use the debug object-cache load-monitor enable EXEC command. To disable debugging, use the no form of this command.

debug object-cache load-monitor

no debug object-cache load-monitor

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the debug object-cache load-monitor EXEC command to enable debugging of the object cache load monitor function, which monitors disk load and usage.

Examples

The following example shows how to enable debugging for the object cache load monitor function.

WAE# debug object-cache load-monitor

 
Related Commands

debug object-cache database

debug object-cache existence-cache

debug punt

To monitor and record punt handler debugging, use the debug punt EXEC command. To disable debugging, use the undebug form of this command.

debug punt { all | module | packets | socket }

undebug punt { all | module | packets | socket }

 
Syntax Description

all

Enables all punt handler debugging.

module

Enables only punt handler module debugging.

packets

Enables only punt handler packet debugging.

socket

Enables only punt handler socket call debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

appnav-controller

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all punt handler debug monitoring:

WAE# debug punt all
 

 
Related Commands

show debugging

debug rbcp

To monitor and record RBCP debugging, use the debug rbcp EXEC command. To disable debugging, use the undebug form of this command.

debug rbcp

undebug rbcp

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable RBCP debug monitoring:

WAE# debug rbcp
 

 
Related Commands

show debugging

debug rmd

To monitor and record route manager debugging, use the debug rmd EXEC command. To disable debugging, use the undebug form of this command.

debug rmd { all | cli | infra | nprm }

undebug rmd { all | cli | infra | nprm }

 
Syntax Description

all

Enables all route manager debugging.

cli

Enables only route manager cli debugging.

infra

Enables only route manager infra debugging.

nprm

Enables only route manager nprm debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all route manager debug monitoring:

WAE# debug rmd all
 

 
Related Commands

show debugging

debug rpc

To monitor and record remote procedure calls (RPC) debugging, use the debug rpc EXEC command. To disable debugging, use the undebug form of this command.

debug rpc { detail | trace }

undebug rpc { detail | trace }

 
Syntax Description

detail

Displays RPC logs of priority detail or higher.

trace

Displays RPC logs of priority trace or higher.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable RPC detail debug monitoring:

WAE# debug rpd detail
 

 
Related Commands

show debugging

debug service-insertion

To trace connections in the service-insertion module, use the debug service-insertion EXEC command. To disable debugging, use the undebug form of this command.

debug service-insertion connection

undebug service-insertion connection

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all service-insertion module debug monitoring:

WAE# debug service-insertion connection
 

 
Related Commands

show debugging

debug service-policy

To monitor and record service policy debugging, use the debug service-policy EXEC command. To disable debugging, use the undebug form of this command.

debug service-policy type { appnav | waas }

undebug service-policy type { appnav | waas }

 
Syntax Description

appnav

Enables AppNav service policy debugging.

waas

Enables WAAS service policy debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable WAAS service policy debug monitoring:

WAE# debug service-policy waas
 

 
Related Commands

show debugging

debug snmp

To monitor and record SNMP debugging, use the debug snmp EXEC command. To disable debugging, use the undebug form of this command.

debug snmp { all | cli | main | mib | traps }

undebug snmp { all | cli | main | mib | traps }

 
Syntax Description

all

Enables all SNMP debug commands.

cli

Enables SNMP CLI debugging.

main

Enables SNMP main debugging.

mib

Enables SNMP MIB debugging.

traps

Enables SNMP trap debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all SNMP debug monitoring:

WAE# debug snmp all
 

 
Related Commands

show debugging

debug standby

To enable standby debugging, use the debug standby EXEC command. To disable debugging, use the undebug form of this command.

debug standby [all]

undebug standby [all]

 
Syntax Description

all

(Optional) Enables standby debugging using all debug features.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all standby debug monitoring:

WAE# debug standby all
 

 
Related Commands

show debugging

debug statistics

To monitor and record statistics debugging, use the debug statistics EXEC command. To disable debugging, use the undebug form of this command.

debug statistics { all | ao | client | collector | ipc | messages | serializer | sqm }

undebug statistics { all | ao | client | collector | ipc | messages | serializer | sqm }

 
Syntax Description

all

Enables all statistics debug commands.

ao

Enables statistics acceleration debugging.

client

Enables statistics client debugging.

collector

Enables statistics collector debugging.

ipc

Enables statistics IPC debugging.

messages

Enables statistics messages/buffers debugging.

serializer

Enables statistics serializer debugging.

sqm

Enables statistics computation debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

services-controller

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all statistics debug monitoring:

WAE# debug statistics all
 

 
Related Commands

show debugging

debug synq

To trace synq connections setup, use the debug synq EXEC command. To disable debugging, use the undebug form of this command.

debug synq connection

undebug synq connection

 
Syntax Description

c onnection

Enables synq module connection debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable synq module connection debugging:

WAE# debug synq connection
 

 
Related Commands

show debugging

debug tfo

To monitor and record TFO flow optimization debugging, use the debug tfo EXEC command. To disable debugging, use the undebug form of this command.

debug tfo {all | buffer-mgr | dre-flow | netio | scheduler }

undebug tfo {all | buffer-mgr | dre-flow | netio | scheduler }

 
Syntax Description

all

Enables all TFO debugging.

buffer-mgr

Enables TFO data-buffer from buffer manager debugging.

dre-flow

Enables TFO DRE flow debugging for all connections.

netio

Enables TFO connection debugging for the network input/output module.

scheduler

Enables TFO scheduler debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable all TFO flow optimization debug monitoring:

WAE# debug tfo all
 

 
Related Commands

show debugging

debug translog

To monitor and record transaction logging debugging, use the debug translog EXEC command. To disable debugging, use the undebug form of this command.

debug translog { detail | export | info }

undebug translog { detail | export | info }

 
Syntax Description

detail

Enables transaction log detailed debugging.

export

Enables transaction log FTP export debugging.

info

Enables transaction log high level debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable transaction logging detail debug monitoring:

WAE# debug translog detail
 

 
Related Commands

show debugging

debug wafs

To set the log level of the WAFS Device Manager component, use the debug wafs EXEC command. To disable debugging, use the undebug form of this command.

debug wafs manager { debug | error | info | warn }

undebug wafs manager { debug | error | info | warn }

 
Syntax Description

manager

Sets the logging level for the Device Manager.

debug

Specifies debug.

error

Specifies error.

info

Specifies info.

warn

Specifies warn.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to set the log level for all WAFS components to error level:

WAE# debug wafs manager error
 

 
Related Commands

show debugging

debug wccp

To monitor and record WCCP information debugging, use the debug wccp EXEC command. To disable debugging, use the undebug form of this command.

debug wccp { all | detail | error | events | keepalive | packets }

undebug wccp { all | detail | error | events | keepalive | packets }

 
Syntax Description

all

Enables all WCCP debugging functions.

detail

Enables the WCCP detail debugging.

error

Enables the WCCP error debugging.

events

Enables the WCCP events debugging.

keepalive

Enables the debugging for WCCP keepalives that are sent to the applications.

packets

Enables the WCCP packet-related information debugging.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

 
Usage Guidelines

Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.

If the watchdog utility is not running, the message “WAAS is not running” appears.

Use the show debugging command to display enabled debug options.

The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.

The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.

For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.

If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).

If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:

  • For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
  • For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
  • For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
  • For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.

Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.

We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.

Examples

The following example shows how to enable WCCP information debug monitoring:

WAE# debug wccp all
 

 
Related Commands

show debugging

delfile

To delete a file from the current directory, use the delfile EXEC command.

delfile filename

 
Syntax Description

filename

Name of the file to delete.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the delfile EXEC command to remove a file from a SYSFS partition on the disk drive of the WAAS device.

Examples

The following example shows how to delete a temporary file from the /local1 directory using an absolute path:

WAE# delfile /local1/tempfile
 

 
Related Commands

cpfile

dir

lls

ls

mkdir

pwd

rename

deltree

To remove a directory with all of its subdirectories and files, use the deltree EXEC command.

deltree directory

 
Syntax Description

directory

Name of the directory tree to delete.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the deltree EXEC command to remove a directory and all files within the directory from the WAAS SYSFS file system. No warning is given that you are removing the subdirectories and files.

note.gif

Noteblank.gif Make sure that you do not remove files or directories required for the WAAS device to function properly.


Examples

The following example shows how to delete the testdir directory from the /local1 directory:

WAE# deltree /local1/testdir
 

 
Related Commands

cpfile

dir

lls

ls

mkdir

pwd

rename

dir

To view details of one file or all files in a directory, use the dir EXEC command.

dir [ directory ]

 
Syntax Description

directory

(Optional) Name of the directory to list.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the dir EXEC command to view a detailed list of files contained within the working directory, including information about the file name, size, and time created. The lls EXEC command produces the same output.

Examples

The following example shows how to create a detailed list of all the files for the current directory:

WAE# dir
size time of last change name
------------- ------------------------- -----------
4096 Fri Feb 24 14:40:00 2006 <DIR> actona
4096 Tue Mar 28 14:42:44 2006 <DIR> core_dir
4096 Wed Apr 12 20:23:10 2006 <DIR> crash
4506 Tue Apr 11 13:52:45 2006 dbupgrade.log
4096 Tue Apr 4 22:50:11 2006 <DIR> downgrade
4096 Sun Apr 16 09:01:56 2006 <DIR> errorlog
4096 Wed Apr 12 20:23:41 2006 <DIR> logs
16384 Thu Feb 16 12:25:29 2006 <DIR> lost+found
4096 Wed Apr 12 03:26:02 2006 <DIR> sa
24576 Sun Apr 16 23:38:21 2006 <DIR> service_logs
4096 Thu Feb 16 12:26:09 2006 <DIR> spool
9945390 Sun Apr 16 23:38:20 2006 syslog.txt
10026298 Thu Apr 6 12:25:00 2006 syslog.txt.1
10013564 Thu Apr 6 12:25:00 2006 syslog.txt.2
10055850 Thu Apr 6 12:25:00 2006 syslog.txt.3
10049181 Thu Apr 6 12:25:00 2006 syslog.txt.4
4096 Thu Feb 16 12:29:30 2006 <DIR> var
508 Sat Feb 25 13:18:35 2006 wdd.sh.signed
 

The following example shows how to display the detailed information for only the logs directory:

WAE# dir logs
size time of last change name
------------- ------------------------- -----------
4096 Thu Apr 6 12:13:50 2006 <DIR> actona
4096 Mon Mar 6 14:14:41 2006 <DIR> apache
4096 Sun Apr 16 23:36:40 2006 <DIR> emdb
4096 Thu Feb 16 11:51:51 2006 <DIR> export
92 Wed Apr 12 20:23:20 2006 ftp_export.status
4096 Wed Apr 12 20:23:43 2006 <DIR> rpc_httpd
0 Wed Apr 12 20:23:41 2006 snmpd.log
4096 Sun Mar 19 18:47:29 2006 <DIR> tfo

 
Related Commands

lls

ls

disable

To turn off privileged EXEC commands, use the disable EXEC command.

disable

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the WAAS software CLI EXEC mode for setting, viewing, and testing system operations. This command mode is divided into two access levels, user and privileged. To access privileged-level EXEC mode, enter the enable EXEC command at the user access level prompt and specify the admin password when prompted for a password.

WAE> enable
Password:
 

The disable command places you in the user-level EXEC shell (notice the prompt change).

Examples

The following example shows how to enter the user-level EXEC mode from the privileged EXEC mode:

WAE# disable
WAE>
 

 
Related Commands

enable

disk

To configure disks on a WAAS device, use the disk EXEC command.

disk delete-partitions diskname

disk delete-data-partitions

disk delete-preserve-software

disk disk-name diskxx enable force

disk disk-name disk xx replace

disk insert diskname

disk recreate-raid

disk scan-errors diskname

 
Syntax Description

delete-partitions diskname

Deletes data on the specified logical disk drive. After using this command, the WAAS software treats the specified disk drive as blank. All previous data on the drive is inaccessible.

Specify the name of the disk from which to delete partitions (disk00, disk01). For RAID-5 systems, this option is not available because only one logical drive is available.

delete-data-partitions

Deletes all data partitions on all logical drives. Data partitions include the CONTENT, PRINTSPOOL, and GUEST partitions. These partitions include all DRE cache files and print spool files.

delete-preserve-software

Deletes all disk and data partitions and preserves current software version and CM registration details.

disk-name diskxx enable force

Reenables a defunct drive (with or without removing it) that has been previously shut down.

Note This option is available only on RAID-5 systems.

disk-name disk xx replace

Shuts down the physical disk with the name disk xx (disk00, disk01, etc.) so that it can be replaced in the RAID-5 array.

Note This option is available only on RAID-5 systems.

insert diskname

Instructs the SCSI host to rescan the bus to detect and mount the newly inserted disk. Specify the name of the disk to be inserted (disk00, disk01).

Note This option is available only on WAE-612 models.

recreate-raid

Recreates the RAID-5 array.

Note This option is available only on RAID-5 systems.

scan-errors diskname

Scans SCSI or IDE disks for errors and remaps the bad sectors if they are unused. Specify the name of the disk to be scanned (disk00, disk01).

For RAID-5 systems, this command scans the logical RAID device for errors. On these systems, there is no diskname option.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

  • The WAAS software supports hot-swap functionality for both failed disk replacement and scheduled disk maintenance. On the WAE-612, use the disk disk-name diskxx shutdown global configuration command to shut down a disk for scheduled disk maintenance. (For the scheduled disk maintenance procedure, see the chapter “Maintaining Your WAAS System” in the Cisco Wide Area Application Services Configuration Guide.)

blank.gif The disk hot-swap functionality automatically disables a failed disk if the system detects one critical disk alarm. The software removes the failed disk automatically regardless of the setting for disk error-handling.

blank.gif For WAE-612 models, when you replace a failed disk that was automatically disabled by the software, use the disk insert EXEC command to bring the disk back into service. For all other models, see the (config) disk disk-name command section.

  • To identify which disks have been identified as failed or bad, use the show disks failed-disk-id EXEC command. Do not reinsert any disk with a serial number shown in this list.
  • Use the disk delete-partitions EXEC command to remove all disk partitions on a single disk drive on a WAAS device or to remove the disk partition on the logical drive for RAID-5 systems.
caut.gif

Caution blank.gif Be careful when using the disk delete-partitions EXEC command because the WAAS software treats the specified disk drive as blank. All previous data on the drive will become inaccessible.

blank.gif The disk delete-data-partitions command deletes the DRE caches.

blank.gif After using the disk delete-data-partitions command, you must reload the device.

note.gif

Note After using the disk delete-data-partitions command, you must reload the device with a cold boot. If you reload the device with a warm boot, all data is not cleared, which may prevent the device from establishing connections.


The data partitions are automatically re-created and the caches are initialized, which can take several minutes. DRE optimization is not done until the DRE cache has finished initializing. The show statistics dre EXEC command reports “TFO: Initializing disk cache” until then. It is best not to interrupt DRE cache initialization by reloading the device again until after cache initialization has finished. However, if DRE cache initialization is interrupted, on the next reboot the disk is checked, which takes extra time, and DRE initialization is completed again.

  • When you upgrade to software version 6.1.1, and execute disk-delete-preserve-software command for the first time, all data and system partitions are re-created.

blank.gif Use the disk delete-preserve-software command if you want to delete all existing data and system partitions, and yet want to preserve the software version and the device registration details with the Central Manager. This changes the software store partition size from 1 GB to 2GB. This command is applicable for all vWAAS devices, ISR WAAS devices and SM-SRE devices.

Examples

The following example shows how to recreate the RAID-5 array:

WAE# disk recreate-raid
 

 
Related Commands

(config) disk disk-name

(config) disk error-handling

(config) disk object-cache extend

show disks

dnslookup

To resolve a host or domain name to an IP address(IPv4/IPv6), use the dnslookup EXEC command.

dnslookup { hostname | domainname| IPv4/IPv6 address }

 
Syntax Description

hostname

Name of DNS server on the network.

domainname

Name of domain.

ip-address

IPv4 or IPv6 address

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how the dnslookup command is used to resolve the hostname myhost to IP address172.31.69.11

WAE# dnslookup myhost
official hostname: myhost.abc.com
address: 172.31.69.11
 

The following example shows how the dnslookup command is used to resolve the hostname abd.com to IP address 192.168.219.25:

WAE# dnslookup abc.com
official hostname: abc.com
address: 192.168.219.25
 

The following example shows how the dnslookup command is used to resolve an IP address used as a hostname to 10.0.11.0:

WAE# dnslookup 10.0.11.0
official hostname: 10.0.11.0
address: 10.0.11.0
 

The following example shows how the dnslookup command is used to resolve an IP address to a hostname:

WAE# dnslookup 2012:3:3:3::8
official hostname: CM.cisco.com
address:2012:3:3:3::8

enable

To access privileged EXEC commands, use the enable EXEC command.

enable

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the WAAS software CLI EXEC mode for setting, viewing, and testing system operations. This command mode is divided into two access levels: user and privileged. To access privileged-level EXEC mode, enter the enable EXEC command at the user access level prompt and specify the admin password when prompted for a password.

If using TACACS+ authentication, there is an enable password feature in TACACS+ that allows an administrator to define a different enable password for each user. If a TACACS+ user enters the enable EXEC command to access privileged EXEC mode, that user must enter the admin password defined by the TACACS+ server.

The disable command takes you from privileged EXEC mode to user EXEC mode.

Examples

The following example shows how to access privileged EXEC mode:

WAE> enable
WAE#
 

 
Related Commands

disable

exit

exit

To terminate privileged-level EXEC mode and return to the user-level EXEC mode, use the exit command.

exit

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

All modes

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The exit EXEC command is equivalent to pressing Ctrl-Z or entering the end command. Entering the exit command in the user level EXEC shell terminates the console or Telnet session.

Examples

The following example shows how to terminate privileged-level EXEC mode and return to the user-level EXEC mode:

WAE# exit
WAE>
 

 
Related Commands

(config) exit

find-pattern

To search for a particular pattern in a file, use the find-pattern command in EXEC mode.

find-pattern {binary reg-express filename | count reg-express filename | lineno reg-express filename | match reg-express filename | nomatch reg-express filename | recursive reg-express filename }

find-pattern case { binary reg-express filename | count reg-express filename | lineno reg-express filename | match reg-express filename | nomatch reg-express filename | recursive reg-express filename }

 
Syntax Description

binary reg-express filename

Does not suppress the binary output. Specifies the regular expression to be matched and the filename.

count reg-express filename

Prints the number of matching lines. Specifies the regular expression to be matched and the filename.

lineno reg-express filename

Prints the line number with output. Specifies the regular expression to be matched and the filename.

match reg-express filename

Prints the matching lines. Specifies the regular expression to be matched and the filename.

nomatch reg-express filename

Prints the nonmatching lines. Specifies the regular expression to be matched and the filename.

recursive reg-express filename

Searches a directory recursively. Specifies the regular expression to be matched and the filename.

case

Matches a case-sensitive pattern.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to search a file recursively for a case-sensitive pattern:

WAE# find-pattern case recursive admin removed_core
-rw------- 1 admin root 95600640 Oct 12 10:27 /local/local1/core_dir/
core.3.0.0.b5.eh.2796
-rw------- 1 admin root 97054720 Jan 11 11:31 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.14086
-rw------- 1 admin root 96845824 Jan 11 11:32 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.14823
-rw------- 1 admin root 101580800 Jan 11 12:01 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.15134
-rw------- 1 admin root 96759808 Jan 11 12:59 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.20016
-rw------- 1 admin root 97124352 Jan 11 13:26 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.8095
 

The following example shows how to search a file for a pattern and print the matching lines:

WAE# find-pattern match 10 removed_core
Tue Oct 12 10:30:03 UTC 2004
-rw------- 1 admin root 95600640 Oct 12 10:27 /local/local1/core_dir/
core.3.0.0.b5.eh.2796
-rw------- 1 admin root 101580800 Jan 11 12:01 /local/local1/core_dir/
core.cache.3.0.0.b131.cnbuild.15134
 

The following example shows how to search a file for a pattern and print the number of matching lines:

WAE# find-pattern count 10 removed_core
3
 

 
Related Commands

cd

dir

lls

ls

help

To obtain online help for the command-line interface, use the help EXEC command.

help

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC and global configuration

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

You can obtain help at any point in a command by entering a question mark (?). If nothing matches, the help list will be empty, and you must back up until entering a ? shows the available options.

Two styles of help are provided:

  • Full help is available when you are ready to enter a command argument (for example, show ?) and describes each possible argument.
  • Partial help is provided when you enter an abbreviated command and you want to know what arguments match the input (for example, show stat?).

Examples

The following example shows how to display the output of the help EXEC command:

WAE# help
Help may be requested at any point in a command by entering a question mark '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options.
 
Two styles of help are provided:
1. Full help is available when you are ready to enter a command argument.
2. Partial help is provided when an abbreviated argument is entered.
 

 
Related Commands

(config) help

install

To install a new software image (such as the WAAS software) on the WAAS device, use the install EXEC command.

install filename

 
Syntax Description

filename

Specifies the name of the .bin file you want to install.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

The install command loads the system image into flash memory and copies the disk-based software component to the software file system (swfs) partition. This command can also be used to install a BIOS or other firmware update by specifying the appropriate update file.

note.gif

Noteblank.gif If you are installing a system image that contains optional software, make sure that an SWFS partition is mounted.


To install a system image, copy the image file to the SYSFS directory local1. Before executing the install command, change the present working directory to the directory where the system image resides. When the install command is executed, the image file is expanded. The expanded files overwrite the existing files on the WAAS device. The newly installed version takes effect after the system image is reloaded.

note.gif

Noteblank.gif The install command does not accept.pax files. Files should be of the type.bin (for example, cache-sw.bin). Also, if the release being installed does not require a new system image, then it may not be necessary to write to flash memory. If the newer version has changes that require a new system image to be installed, then the install command may result in a write to flash memory.


Close your browser and restart the browser session to the WAAS Central Manager, if you installed a new software image to the primary WAAS Central Manager.

Examples

The following example shows how to load the system image contained in the wae512-cache-300.bin file:

WAE# install wae512-cache-300.bin
 

 
Related Commands

copy disk

reload

less

To display a file using the Less application, use the less EXEC command.

less file_name

 
Syntax Description

file_name

Name of the file to be displayed.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Less is a pager application that displays text files one page at a time. You can use Less to view the contents of a file, but not edit it. Less offers some additional features when compared to conventional text file viewer applications such as Type. These features include the following:

  • Backward movement—Allows you to move backward in the displayed text. Use k, Ctrl-k, y, or Ctrl-y to move backward. See the summary of Less commands for more details; to view the summary, press h or H while displaying a file in Less.
  • Searching and highlighting—Allows you to search for text in the file that you are viewing. You can search forward and backward. Less highlights the text that matches your search to make it easy to see where the match is.
  • Multiple file support—Allows you to switch between different files, remembering your position in each file. You can also do a search that spans all the files you are working with.

Examples

The following example shows how to display the text of the syslog.txt file using the Less application:

WAE# less syslog.txt
 

 
Related Commands

type

license add

To add a software license to a device, use the license add EXEC command.

license add license-name

 
Syntax Description

license-name

Name of the software license to add. The following license names are supported:

  • Transport—Enables basic DRE, TFO, and LZ optimization.
  • Enterprise—Enables the EPM, HTTP, MAPI, SSL, and Windows Print application accelerators, the WAAS Central Manager, and basic DRE, TFO, and LZ optimization.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to install the enterprise license:

WAE# license add Enterprise
 

 
Related Commands

clear arp-cache license

show license

lls

To view a long list of directory names, use the lls EXEC command.

lls [ directory ]

 
Syntax Description

directory

(Optional) Name of the directory for which you want a long list of files.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The lls command provides detailed information about files and subdirectories stored in the present working directory (including the size, date, time of creation, SYSFS name, and long name of the file). This information can also be viewed with the dir command.

Examples

The following example shows how to display a detailed list of the files in the current directory:

WAE# lls
size time of last change name
-------------- ------------------------- -----------
4096 Fri Feb 24 14:40:00 2006 <DIR> actona
4096 Tue Mar 28 14:42:44 2006 <DIR> core_dir
4096 Wed Apr 12 20:23:10 2006 <DIR> crash
4506 Tue Apr 11 13:52:45 2006 dbupgrade.log
4096 Tue Apr 4 22:50:11 2006 <DIR> downgrade
4096 Sun Apr 16 09:01:56 2006 <DIR> errorlog
4096 Wed Apr 12 20:23:41 2006 <DIR> logs
16384 Thu Feb 16 12:25:29 2006 <DIR> lost+found
4096 Wed Apr 12 03:26:02 2006 <DIR> sa
24576 Sun Apr 16 23:54:30 2006 <DIR> service_logs
4096 Thu Feb 16 12:26:09 2006 <DIR> spool
9951236 Sun Apr 16 23:54:20 2006 syslog.txt
10026298 Thu Apr 6 12:25:00 2006 syslog.txt.1
4096 Thu Feb 16 12:29:30 2006 <DIR> var
508 Sat Feb 25 13:18:35 2006 wdd.sh.signed
 

 
Related Commands

dir

lls

ls

ls

To view a list of files or subdirectory names within a directory on the device hard disk, use the ls EXEC command.

ls [ directory ]

 
Syntax Description

directory

(Optional) Name of the directory for which you want a list of files.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the ls directory command to list the filenames and subdirectories within a particular directory.

Use the ls command to list the filenames and subdirectories of the current working directory.

Use the pwd command to view the present working directory.

Examples

The following example shows how to display the files and subdirectories that are listed within the root directory:

WAE# ls
actona
core_dir
crash
dbupgrade.log
downgrade
errorlog
logs
lost+found
sa
service_logs
spool
syslog.txt
syslog.txt.1
var
wdd.sh.signed
 

 
Related Commands

dir

lls

pwd

lsusb

To view a list of files or subdirectory names within a directory on a USB storage device, use the lsusb EXEC command.

lsusb [ directory ]

 
Syntax Description

directory

(Optional) Name of the directory for which you want a list of files.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the lsusb directory command to list the filenames and subdirectories within a particular directory on the USB device.

Use the lsusb command to list the filenames and subdirectories of the current working directory on the USB device.

This command is available only on WAAS devices that support external USB storage devices.

Examples

The following example shows how to display the files and subdirectories that are listed within the root directory of a USB device:

WAE# lsusb
directory1
afile.txt
bfile.txt
 

 
Related Commands

dir

lls

ls

pwd

mkdir

To create a directory, use the mkdir EXEC command.

mkdir directory

 
Syntax Description

directory

Name of the directory to create.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to create a new directory, oldpaxfiles :

WAE# mkdir /oldpaxfiles
 

 
Related Commands

cpfile

dir

lls

ls

pwd

rename

rmdir

mkfile

To create a new file, use the mkfile EXEC command.

mkfile filename

 
Syntax Description

filename

Name of the file that you want to create.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the mkfile EXEC command to create a new file in any directory of the WAAS device.

Examples

The following example shows how to create a new file, traceinfo, in the root directory:

WAE# mkfile traceinfo
 

 
Related Commands

cpfile

dir

lls

ls

mkdir

pwd

rename

monitor appnav-controller traffic

To enable traffic monitoring on an AppNav Controller Interface Module, use the monitor appnav-controller traffic EXEC command.

monitor appnav-controller traffic { access-list acl-name | disable }

 
Syntax Description

access-list acl-name

Name of the access list that determines which flows are monitored.

disable

Disables flow monitoring.

 
Defaults

Monitoring is disabled.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

appnav-controller

 
Usage Guidelines

Use this command to enable the AppNav Controller Interface Module to supply monitoring statistics for traffic flows that match the specified ACL. The ACL must be defined by the ip access-list global configuration command.

The ACL specified in this command is shared by the packet-capture and debug appnav-controller commands.

Use the show statistics monitor appnav-controller traffic EXEC command to display the monitoring statistics.

Use the show monitor EXEC command to display the status of traffic monitoring.

Examples

The following example shows how to enable traffic monitoring with an ACL:

ANC# monitor appnav-controller traffic access-list myacl
 

 
Related Commands

clear statistics monitor appnav-controller traffic

show monitor

show statistics monitor appnav-controller traffic

ntpdate

To set the software clock (time and date) on a WAAS device using an NTP server, use the ntpdate EXEC command.

ntpdate { hostname | ip-address } [ key { authentication-key }]

 
Syntax Description

hostname

NTP hostname.

ip-address

NTP server IP (IPV4/IPv6) address.

key

(Optional) Specifies to use authentication with the NTP server.

authentication-key

Authentication key string to use with the NTP server authentication. This value must be between 0 and 4294967295.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the ntpdate command to find the current time of day and set the current time on the WAAS device to match. You must save the time to the hardware clock using the clock save command if you want to restore the time after a reload.

Examples

The following example shows how to set the software clock on the WAAS device using a NTP server:

WAE# ntpdate 10.11.23.40
 

 
Related Commands

clock

(config) clock

(config) ntp

show clock

show ntp

packet-capture

To capture packets on a device interface, use the packet-capture EXEC command.

packet-capture all-interfaces { access-list { acl-name | acl-num } | destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port } [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]

packet-capture appnav-controller { access-list { acl-name | acl-num } | interface { GigabitEthernet slot/port | TenGigabitEthernet slot/port | PortChannel index | standby grpnumber } access-list { acl-name | acl-num }} [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]

packet-capture interface { GigabitEthernet slot/port | TenGigabitEthernet slot/port | PortChannel index | standby grpnumber } | virtual slot/port | { access-list { acl-name | acl-num } | destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port } [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]

packet-capture decode [ destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port ] [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]

packet-capture stop [file-size size [number-of-files num | stop-after-num-files num] ] | packet-size | nonencapsulated [ capture-filename ]

 
Syntax Description

all-interfaces

Specifies all interfaces as the source from which to capture packets.

appnav-controller

Capture packets on an AppNav Controller Interface Module interface.

access-list
acl-name | acl-num

Specifies an access list for which to capture packets on the specified interface. When used with packet-capture appnav-controller, the access-list specifies an access list for which to capture packets across all AppNav Controller Interface Module interfaces.

  • (Optional) acl-name—Access list name.
  • (Optional) acl-num—Access list numeric identifier (0–99 for standard access lists and 100–199 for extended access lists).

capture-filename

(Optional) Specifies the name of a file to which output is saved. If no file is specified, output is sent to the console.

decode

Decodes captured packets.

destination-ip hostname | ip-address

Captures packets matching the specified destination IP address.

  • hostname—The specified destination hostname.
  • ip-address—The specified destination IP address.

destination-port port

Captures packets matching the specified destination port.

file-size size

(Optional) Specifies the maximum file size for captured output, from 1–100000 KB. After a file fills to capacity, another output file is created according to the following keywords.

GigabitEthernet slot/port

Specifies a Gigabit Ethernet interface. The slot number and port number are separated with a forward slash character (/).

interface

Specifies the source interface from which to capture packets.

non-encapsulated

Capture packets that are not SIA encapsulated.

number-of-files num

(Optional) Specifies the maximum number of output files to create (1–500), after which earlier files are overwritten as needed for more captured data.

packet-size

The maximum number of capture bytes per packet.

PortChannel index

Specifies a port channel interface (1-4).

source-ip
hostname | ip-address

Captures packets matching the specified source IP address.

  • hostname—The specified source hostname.
  • ip-address—The specified source IP address.

source-port port

Capture packets matching the specified source port number.

standby grpnumber

Specifies a standby group (1-2).

stop

Stop automatically capturing packets.

stop-after-num-files num

(Optional) Specifies the maximum number of output files to create (1–500), after which packet capture is stopped.

TenGigabitEthernet slot/port

Specifies a 10-Gigabit Ethernet interface. The slot number and port number are separated with a forward slash character (/).

Virtual slot/port

Capture packets matching the specified virtual slot/port. The slot range is 1–2; the port range is 0.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

Note the following device mode usage for the packet-capture command:

  • application-accelerator device mode

blank.gif Used with packet-capture all-interfaces, packet-capture interface, packet-capture decode, and packet-capture stop.

  • appnav-controller device mode

blank.gif Used with packet-capture all-interfaces, packet-capture interface, packet-capture appnav-controller, packet-capture decode, and packet-capture stop.

  • central-manager device mode

blank.gif Used with packet-capture all-interfaces, packet-capture interface, packet-capture decode, and packet-capture stop.

 
Usage Guidelines

The following are usage guidelines for the packet-capture command:

  • Either packet capture or debug capture can be active, but not both simultaneously.

The packet-capture command is preferred over the deprecated commands tcpdump and tethereal, and is required to capture data plane traffic on an AppNav Controller Interface Module interface.

  • For WAAS Version 6.2.1 and later, you can run the packet-capture command in multiple sessions (telnet or ssh) on the same or different interfaces, up to a maximum of five sessions, that print in the WAE.

Examples

The following example shows how to capture packets on a general interface:

WAE(config)# ip access-list extended 100 permit tcp any range 23 35
WAE(config)# exit
WAE# packet-capture interface gig 0/1 access-list 100 mycapture
 

The following example shows how to capture packets on all interfaces on an AppNav Controller Interface Module:

WAE# packet-capture appnav-controller access-list 100 mycapture
 

 
Related Commands

tcpdump

tethereal

ping

To send echo packets for diagnosing basic network connectivity on networks, use the ping EXEC command.

ping [ management ] { hostname | ip-address }

 
Syntax Description

management

Uses the designated management interface for the ping.

hostname

Hostname of system to ping.

ip-address

IP address of system to ping.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

central-manager

 
Usage Guidelines

To use the ping command with the hostname argument, make sure that DNS functionality is configured on the WAAS device. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press Ctrl-C.

Examples

The following example shows how to send echo packets to a machine with address 172.19.131.189 to verify its availability on the network:

WAE# ping 172.19.131.189
PING 172.19.131.189 (172.19.131.189) from 10.1.1.21 : 56(84) bytes of
data.
64 bytes from 172.19.131.189: icmp_seq=0 ttl=249 time=613 usec
64 bytes from 172.19.131.189: icmp_seq=1 ttl=249 time=485 usec
64 bytes from 172.19.131.189: icmp_seq=2 ttl=249 time=494 usec
64 bytes from 172.19.131.189: icmp_seq=3 ttl=249 time=510 usec
64 bytes from 172.19.131.189: icmp_seq=4 ttl=249 time=493 usec
 
--- 172.19.131.189 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.485/0.519/0.613/0.047 ms
WAE#
 

 
Related Commands

traceroute

ping6

To send echo packets for diagnosing basic network connectivity on IPv6 networks, use the ping6 EXEC command.

ping6 { hostname | ip-address }[ management ]

 
Syntax Description

hostname

Hostname of system to ping.

ip-address

IPv6 address of system to ping.

management

Uses the designated management interface for the ping.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

To use the ping6 command with the hostname argument, make sure that DNS functionality is configured on the WAAS device. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press Ctrl-C.

When you use a device’s management interface to establish connectivity to another device, using ping6 command, and the management interface goes down, the communication will still succeed if the address of the end device is reachable from any other interface.

Examples

The following example shows how to send echo packets to a machine with address 2013:1:1:10::5

to verify its availability on the network:

WAE# ping 2013:1:1:10::5
 
PING 2013:1:1:10::5(2013:1:1:10::5) 56 data bytes
64 bytes from 2013:1:1:10::5: icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from 2013:1:1:10::5: icmp_seq=2 ttl=64 time=0.037 ms
64 bytes from 2013:1:1:10::5: icmp_seq=3 ttl=64 time=0.028 ms
64 bytes from 2013:1:1:10::5: icmp_seq=4 ttl=64 time=0.029 ms
64 bytes from 2013:1:1:10::5: icmp_seq=5 ttl=64 time=0.029 ms
 
--- 2013:1:1:10::5 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms
rtt min/avg/max/mdev = 0.018/0.028/0.037/0.006 ms
 

 
Related Commands

traceroute6

pwd

To view the present working directory on a WAAS device, use the pwd EXEC command.

pwd

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

Examples

The following example shows how to display the current working directory:

WAE# pwd
/local1
 

 
Related Commands

cd

dir

lls

ls

reload

To halt the operation and perform a cold restart on a WAAS device, use the reload EXEC command.

reload [ force | in m | cancel ]

 
Syntax Description

force

(Optional) Forces a reboot without further prompting.

in m

(Optional) Schedules a reboot after a specified interval (1-10080 minutes).

cancel

(Optional) Cancels a scheduled reboot.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

To reboot a WAAS device, use the reload command. If no configurations are saved to flash memory, you are prompted to enter configuration parameters upon a restart. Any open connections are dropped after you enter the reload command, and the file system is reformatted upon restart.

The reload command can include the option to schedule a reload of the software to take effect in a specified number of minutes. After entering this command, you are asked to confirm the reload by typing y and then confirm WCCP shutdown by typing y again (if WCCP is active).

You can use the cancel option to cancel a scheduled reload.

Examples

The following example shows how to halt the operation of the WAAS device and reboot with the configuration saved in flash memory. You are not prompted for confirmations during the process.

WAE# reload force
 

 
Related Commands

write

rename

To rename a file on a WAAS device, use the rename EXEC command.

rename oldfilename newfilename

 
Syntax Description

oldfilename

Original filename.

newfilename

New filename.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the rename command to rename any SYSFS file without making a copy of the file.

Examples

The following example shows how to rename the errlog.txt file to old_errlog.txt :

WAE# rename errlog.txt old_errlog.txt
 

 
Related Commands

cpfile

restore

To restore the device to its manufactured default status by removing the user data from the disk and flash memory, use the restore EXEC command.

restore { factory-default [ preserve basic-config ] | rollback }

 
Syntax Description

factory-default

Resets the device configuration and data to their manufactured default status.

preserve

(Optional) Preserves certain configurations and data on the device.

basic-config

(Optional) Selects basic network configurations.

rollback

Rolls back the configuration to the last functional software and device configuration.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the restore EXEC command to restore data on a disk and in flash memory to the factory default, while preserving particular time-stamp evaluation data, or to roll back the configuration to the last functional data and device configuration.

This command erases all existing content on the device; however, your network settings are preserved and the device is accessible through a Telnet and Secure Shell (SSH) session after it reboots.

Backing up the Central Manager Database

Before you use the restore factory-default command on your primary WAAS Central Manager or change over from the primary to a standby WAAS Central Manager, make sure that you back up the WAAS Central Manager database and copy the backup file to a safe location that is separate from the WAAS Central Manager. You must halt the operation of the WAAS Central Manager before you enter the backup and restore commands.

caut.gif

Caution blank.gif The restore command erases user-specified configuration information stored in the flash image and removes data from a disk, user-defined disk partitions, and the entire Central Manager database. User-defined disk partitions that are removed include the SYSFS, WAAS, and PRINTSPOOLFS partitions. The configuration that is removed includes the starting configuration of the device.

By removing the WAAS Central Manager database, all configuration records for the entire WAAS network are deleted. If you do not have a valid backup file or a standby WAAS Central Manager, you must reregister every WAE with the WAAS Central Manager because all previously configured data is lost.

If you used your standby WAAS Central Manager to store the database while you reconfigured the primary, you can register the former primary as a new standby WAAS Central Manager.

If you created a backup file while you configured the primary WAAS Central Manager, you can copy the backup file to this newly reconfigured WAAS Central Manager.

Rolling Back the Configuration

You can roll back the software and configuration of a WAAS device to a previous version using the restore rollback command. You would roll back the software only in cases in which a newly installed version of the WAAS software is not functioning properly.

The restore rollback command installs the last saved WAAS.bin image on the system disk. A WAAS.bin image is created during software installation and stored on the system disk. If the WAAS device does not have a saved version, the software is not rolled back.

note.gif

Noteblank.gif WAFS to WAAS migration is supported. Rollback from WAAS to WAFS is not supported.


Examples

The following examples show how to use the restore factory-default and restore factory-default preserve basic-config commands. Because configuration parameters and data are lost, prompts are given before initiating the restore operation to ensure that you want to proceed.

WAE# restore factory-default
This command will wipe out all of data on the disks
and wipe out WAAS CLI configurations you have ever made.
If the box is in evaluation period of certain product,
the evaluation process will not be affected though.
 
It is highly recommended that you stop all active services
before this command is run.
 
Are you sure you want to go ahead?[yes/no]
 
WAE# restore factory-default preserve basic-config
This command will wipe out all of data on the disks
and all of WAAS CLI configurations except basic network
configurations for keeping the device online.
The to-be-preserved configurations are network interfaces,
default gateway, domain name, name server and hostname.
If the box is in evaluation period of certain product,
the evaluation process will not be affected.
 
It is highly recommended that you stop all active services
before this command is run.
 
Are you sure you want to go ahead?[yes/no]
note.gif

Noteblank.gif You can enter basic configuration parameters (such as the IP address, hostname, and name server) at this point, or you can enter these parameters later through entries in the command-line interface.


The following example shows how to verify that the restore command has removed data from the SYSFS, WAAS, and PRINTSPOOLFS partitioned file systems:

WAE# show disks details
 
Physical disk information:
 
disk00: Normal (h00 c00 i00 l00 - DAS) 140011MB(136.7GB)
disk01: Normal (h00 c00 i01 l00 - DAS) 140011MB(136.7GB)
 
 
Mounted filesystems:
 
MOUNT POINT TYPE DEVICE SIZE INUSE FREE USE%
/ root /dev/root 35MB 30MB 5MB 85%
/swstore internal /dev/md1 991MB 333MB 658MB 33%
/state internal /dev/md2 3967MB 83MB 3884MB 2%
/disk00-04 CONTENT /dev/md4 122764MB 33MB 122731MB 0%
/local/local1 SYSFS /dev/md5 3967MB 271MB 3696MB 6%
.../local1/spool PRINTSPOOL /dev/md6 991MB 16MB 975MB 1%
/sw internal /dev/md0 991MB 424MB 567MB 42%
 
 
Software RAID devices:
 
DEVICE NAME TYPE STATUS PHYSICAL DEVICES AND STATUS
/dev/md0 RAID-1 NORMAL OPERATION disk00/00[GOOD] disk01/00[GOOD]
/dev/md1 RAID-1 NORMAL OPERATION disk00/01[GOOD] disk01/01[GOOD]
/dev/md2 RAID-1 NORMAL OPERATION disk00/02[GOOD] disk01/02[GOOD]
/dev/md3 RAID-1 NORMAL OPERATION disk00/03[GOOD] disk01/03[GOOD]
/dev/md4 RAID-1 NORMAL OPERATION disk00/04[GOOD] disk01/04[GOOD]
/dev/md5 RAID-1 NORMAL OPERATION disk00/05[GOOD] disk01/05[GOOD]
/dev/md6 RAID-1 NORMAL OPERATION disk00/06[GOOD] disk01/06[GOOD]
Currently content-filesystems RAID level is not configured to change.
 

The following example shows how to upgrade or restore an older version of the WAAS software. In the example, version Y of the software is installed (using the copy command), but the administrator has not switched over to it yet, so the current version is still version X. The system is then reloaded (using the reload command), and it verifies that version Y is the current version running.

The following example shows how to roll back the software to version X (using the restore rollback command), and reload the software:

WAE# copy ftp install server path waas.versionY.bin
WAE# show version
Cisco Wide Area Application Services Software (WAAS)
Copyright (c) 1999-2006 by Cisco Systems, Inc.
Cisco Wide Area Application Services Software Release 4.0.0 (build b340 Mar 25 2
006)
Version: oe612-4.0.0.340
 
Compiled 17:26:17 Mar 25 2006 by cnbuild
 
System was restarted on Mon Mar 27 15:25:02 2006.
The system has been up for 3 days, 21 hours, 9 minutes, 17 seconds.
 
WAE# show version last
Nothing is displayed.
WAE# show version pending
WAAS 4.0.1 Version Y
WAE# reload
...... reloading......
WAE# show version
Cisco Wide Area Application Services Software (WAAS)
...
WAE# restore rollback
WAE# reload
...... reloading......
 

Because flash memory configurations were removed after the restore command was used, the show startup-config command does not return any flash memory data. The show running-config command returns the default running configurations.

 
Related Commands

reload

show disks

show running-config

show startup-config

show version

rmdir

To delete a directory on a WAAS device, use the rmdir EXEC command.

rmdir directory

 
Syntax Description

directory

Name of the directory that you want to delete.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the rmdir EXEC command to remove any directory from the WAAS file system. The rmdir command only removes empty directories.

Examples

The following example shows how to delete the oldfiles directory from the local1 directory:

WAE# rmdir /local1/oldfiles
 

 
Related Commands

cpfile

dir

lls

ls

mkdir

pwd

rename

scp

To copy files between network hosts, use the scp command.

scp [ 4 ][ 6 ][ B ][ C ][ p ][ q ][ r ][ v ] [ c cipher ] [ F config-file ] [ i id-file ] [ o ssh_option ] [ P port ] [ S program ]
[[
user @ ] host : file ] [... ] [[ user-n @ ] host-n : file-n ]

 
Syntax Description

4

(Optional) Forces this command to use only IPv4 addresses.

6

(Optional) Forces this command to use only IPv6 addresses.

B

(Optional) Specifies the batch mode. In this mode, the scp command does not ask for passwords or passphrases.

C

(Optional) Enables compression. The scp command passes this option to the ssh command to enable compression.

p

(Optional) Preserves the following information from the source file: modification times, access times, and modes.

q

(Optional) Disables the display of progress information.

r

(Optional) Recursively copies directories and their contents.

v

(Optional) Specifies the verbose mode. Causes the scp and ssh commands to print debugging messages about their progress. This option can be helpful when troubleshooting connection, authentication, and configuration problems.

c cipher

(Optional) Specifies the cipher to use for encrypting the data being copied. The scp command directly passes this option to the ssh command.

F config-file

(Optional) Specifies an alternative per-user configuration file for Secure Shell (SSH). The scp command directly passes this option to the ssh command.

i id-file

(Optional) Specifies the file containing the private key for RSA authentication. The scp command directly passes this information to the ssh command.

o ssh_option

(Optional) Passes options to the ssh command in the format used in ssh_config5. See the ssh command for more information about the possible options.

P port

(Optional) Specifies the port to connect to on the remote host.

S program

(Optional) Specifies the program to use for the encrypted connection.

user

(Optional) Username.

host

(Optional) Hostname.

file

(Optional) Name of the file to copy.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The scp command uses SSH for transferring data between hosts.This command is enabled by default.

This command prompts you for passwords or pass phrases when needed for authentication.

 
Related Commands

ssh

script

To execute a script provided by Cisco or check the script for errors, use the script EXEC command.

script { check | execute } file_name

 
Syntax Description

check

Checks the validity of the script.

execute

Executes the script. The script file must be a SYSFS file in the current directory.

file_name

Name of the script file.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The script EXEC command opens the script utility, which allows you to execute Cisco-supplied scripts or check errors in those scripts. The script utility can read standard terminal input from the user if the script you run requires input from the user.

note.gif

Noteblank.gif The script utility is designed to run only Cisco-supplied scripts. You cannot execute script files that lack Cisco signatures or that have been corrupted or modified.


Examples

The following example shows how to check for errors in the script file test_script.pl :

WAE# script check test_script.pl
 

setup

To configure basic configuration settings (general settings, device network settings, interception type, disk configuration, and licenses) on the WAAS device or to complete basic configuration after upgrading to the WAAS software, use the setup EXEC command.

setup

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

For instructions on using the setup command, see the Cisco Wide Area Application Services Quick Configuration Guide.

For proper display of the setup command, leave the terminal length set to the default value of 24 lines.

show aaa accounting

To display the AAA accounting configuration information for a WAAS device, use the show aaa accounting EXEC command.

show aaa accounting

 
Syntax Description

This command has no arguments or keywords

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the show aaa accounting EXEC command to display configuration information for the following AAA accounting types:

  • Exec shell
  • Command (for normal users and superusers)
  • System

Examples

Table 3-1 describes the fields shown in the show aaa accounting command display.

 

Table 3-1 Field Descriptions for the show aaa accounting Command

Field
Description

Accounting Type

AAA accounting configuration for the following types of user accounts:

  • Exec
  • Command level 0
  • Command level 15
  • System

Record Event(s)

Configuration of the AAA accounting notice that is sent to the accounting server.

stop-only

WAAS device that sends a stop record accounting notice at the end of the specified activity or event to the TACACS+ accounting server.

start-stop

WAAS device that sends a start record accounting notice at the beginning of an event and a stop record at the end of the event to the TACACS+ accounting server.

The start accounting record is sent in the background. The requested user service begins regardless of whether the start accounting record was acknowledged by the TACACS+ accounting server.

wait-start

WAAS device that sends both a start and a stop accounting record to the TACACS+ accounting server. The requested user service does not begin until the start accounting record is acknowledged. A stop accounting record is also sent.

disabled

Accounting that is disabled for the specified event.

Protocol

Accounting protocol that is configured.

 
Related Commands

(config) aaa accounting

show aaa authorization

To display the AAA authorization configuration information for a WAAS device, use the show aaa authorization EXEC command.

show aaa authorization

 
Syntax Description

This command has no arguments or keywords

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the show aaa authorizaiton EXEC command to display configuration and state information related to AAA authorization.

Examples

Table 3-2 describes the fields shown in the show aaa authorization command display.

 

Table 3-2 Field Descriptions for the show aaa authorization Command

Field
Description

Authorization Type

AAA authorization configuration for the following types of user accounts:

  • Command level 0
  • Command level 15

Protocol

Authorization protocol that is configured.

 
Related Commands

(config) aaa authorization commands

show accelerator

To display the status and configuration of the application accelerators, use the show accelerator EXEC command.

show accelerator [ detail | epm | http [ debug ]| ica | interposer-ssl | mapi | smb | ssl | wansecure ]

 
Syntax Description

detail

(Optional) Displays the license information, configuration state, and operational state for all accelerators, and additional accelerator and policy engine configuration.

epm

(Optional) Displays the status for the EPM application accelerator.

http

(Optional) Displays the status for the HTTP application accelerator.

debug

(Optional) Displays more detailed status for the HTTP application accelerator.

ica

(Optional) Displays the status for the ICA application accelerator.

mapi

(Optional) Displays the status for the MAPI application accelerator.

smb

(Optional) Displays the status for the SMB application accelerator.

ssl

(Optional) Displays the status for the SSL application accelerator.

wansecure

(Optional) Displays the status for the WAN secure application accelerator.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

Examples

The following example displays the output for the show accelerator http command:

wae# show accelerator http
Accelerator Licensed Config State Operational State
----------- -------- ------------ -----------------
http Yes Enabled Running
 
HTTP:
Accelerator Config Item Mode Value
----------------------- ---- ------
Suppress Server Encoding Default Disabled
Access-List Default All
DRE Hints User Enabled
Access-List Default All
Metadatacache User Enabled
Access-List Default All
HTTPS Metadatacache User Enabled
Access-List Default All
MaxAge Default 86400
MinAge Default 60
Filter-extension Default All
Redirect Default Enabled
Unauthorized Default Enabled
Conditional Default Enabled
 
Policy Engine Config Item Value
------------------------- -----
State Registered
Default Action Use Policy
Connection Limit 200
Effective Limit 200
Keepalive timeout 5.0 seconds
 
The following example displays the output for the show accelerator smb command:
wae# show accelerator smb
 
Accelerator Licensed Config State Operational State
----------- -------- ------------ -----------------
smb Yes Enabled Running
 
SMB:
Accelerator Config Item Mode Value
----------------------- ---- ------
WanSecure Mode Default auto
MultiChannel Status Default Enabled
Encryption Status Default L7-opt-enable
Digital signing alarm Default Disabled
Change Notification size Default 10
DRE hints Default Enabled
Highest dialect Default smb3-02
Exceed action Default handoff
Matches dialect Default smb3-02
Action Default none
Named pipe optimization Default Enabled
Resp. cache lifetime (s) Default 20
Sess. cache lifetime (s) Default 30
NamedPipe-cache size (KB) Default 300 (default: 300
maximum: 900)
NF metadata cache opt Default Enabled
Max size (MB) Default 32
Aging (s) Default 30
Bypass patterns Default
SMB Print optimization Default Enabled
SMB Object Cache support Default Enabled
SMB Load-bypass support Default Enabled
SMB Object Cache Operational User Up
Microsoft Office optimization Default Enabled
SMB2 Read-caching opt Default Enabled
SMB2 Guestbit opt Default Enabled
SMB3 Read-caching opt Default Enabled
Optimization bypass pattern Default \\.pst |.ini
Smb2 Dir opt Default Enabled
Smb2-Dir-opt-cache size (MB) Default 55 (default: 55 maximum: 55)
Smb2-Dir-opt-pre-fetch Default Enabled
Read-ahead opt Default Enabled
Buffer size (MB) Default 110 (default: 110 maximum: 220)
Directory listing opt Default Enabled
SMB3 Async-write opt Default Enabled
Quota threshold (MB) Default 20
Quota aging time (s) Default 60
SMB2 Async-write opt Default Enabled
Quota threshold (MB) Default 20
Quota aging time (s) Default 60
Async-write opt Default Enabled
Quota threshold (MB) Default 20
Quota aging time (s) Default 60
Metadata-opt Default Enabled
Metadata-cache size (MB) Default 75 (default: 75 maximum: 75)
smb2-Batch-close-opt Default Enabled
smb2-Invalid-fid-opt Default Enabled
smb3-Batch-close-opt Default Enabled
smb3-Invalid-fid-opt Default Enabled
large-pkt Default Disabled
Iobuf size (MB) Default 50 (default: 50 maximum: 100)
Max iobuf size for 1 pkt(KB) Default 65
Directory aging time Default 30
Dynamic share Default
Oplock opt Default Enabled
Client OS patterns Default Mac OS
Signing opt Default Enabled
Unwrap opt Default Enabled
SMB Preposition DRE Default Disabled
 
Policy Engine Config Item Value
------------------------- -----
State Registered
Default Action Use Policy
Connection Limit 750
Effective Limit 740
Keepalive timeout 5.0 seconds
 
 

Table 3-3 describes the fields shown in the show accelerator command display for all application accelerators. Specific application accelerators display additional configuration status information.

 

Table 3-3 Field Description for the show accelerator Command

Field
Description

Accelerator

Name of the accelerator.

Licensed

Yes or No.

Config State

Accelerator is Enabled or Disabled.

Operational State

Shutdown, Initializing, Running, Cleaning Up, or Expired License.

Policy Engine Config Item: State

Registered (policy engine is communicating with the accelerator) or Not Registered (policy engine is not communicating with the accelerator; seen when the accelerator is disabled).

Policy Engine Config Item: Default Action

Drop or Use. Specifies the action to be taken if the accelerator refuses to handle the connection (because of overload or other reasons). Drop means the connection is dropped, and Use means the connection uses a reduced set of policy actions (such as TFO and DRE).

Policy Engine Config Item: Connection Limit

Connection limit. The limit configured by the accelerator which states how many connections may be handled before new connection requests are rejected.

Policy Engine Config Item: Effective Limit

Effective connection limit. The dynamic limit relating to how many connections may be handled before new connection requests are rejected. This limit is affected by resources that have been reserved, but not yet used.

Policy Engine Config Item: Keepalive timeout

Connection keepalive timeout in seconds. Keepalive messages are sent by each accelerator.

If you use the show accelerator http or the show accelerator smb command, the output contains an extra section called Accelerator Config Item, which appears before the Policy Engine Config Item section. In the Accelerator Config Item section, each item shows the status of an HTTP accelerator configuration item. The Mode column shows Default if the item is configured with the default setting or User if the item is configured with a different setting by the user. The Value column shows the current value of the item (Enabled, Disabled, or an alpha-numeric setting).

 
Related Commands

(config) accelerator epm

(config) accelerator http

(config) accelerator ica

(config) accelerator mapi

(config) accelerator smb

(config) accelerator smb

(config) accelerator ssl

show statistics accelerator

show accelerator http object-cache

To display HTTP object cache configuration and status information for a WAAS device, use the show accelerator http object-cache EXEC command.

show accelerator http object-cache

execmds-4.jpg
Syntax Description

This command has no arguments or keywords.

execmds-4.jpg
Command Default

No default behavior or values.

execmds-4.jpg
Command Modes

EXEC

execmds-4.jpg
Device Modes Default

application-accelerator

execmds-4.jpg
Usage Guidelines

Use the show accelerator http object-cache command to display HTTP object cache configuration and status information for a WAAS device.

execmds-4.jpg
Examples

The following example shows output from the show accelerator http object-cache command:

HTTP Object-cache Version

-------------------------------

Mode Value

---- ------

Object-cache User Enabled

Transparent Default Enabled

Connected Default Disabled

OTT Default Disabled

Default Profile Default standard

Host-profile-count Default 0

execmds-4.jpg
Related Commands

show statistics accelerator http object-cache

show alarms

To display information about various types of alarms, their status, and history on a WAAS device, use the show alarms EXEC command.

show alarms critical [ detail [ support ]]

show alarms detail [ support ]

show alarms history [ start_num [ end_num [ detail [ support ]]]] | critical [ start_num [ end_num [ detail [ support ]]]]

show alarms major [ start_num [ end_num [ detail [ support ]]]]

show alarms minor [ start_num [ end_num [ detail [ support ]]]]

show alarms status

 
Syntax Description

critical

Displays critical alarm information.

detail

(Optional) Displays detailed information for each alarm.

support

(Optional) Displays additional information about each alarm.

history

Displays information about the history of various alarms.

start_num

(Optional) Alarm number that appears first in the alarm history.

end_num

(Optional) Alarm number that appears last in the alarm history.

major

Displays information about major alarms.

minor

Displays information about minor alarms.

status

Displays the status of various alarms and alarm overload settings.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

The Node Health Manager in the WAAS software enables WAAS applications to raise alarms to draw attention in error/significant conditions. The Node Health Manager, which is the data repository for such alarms, aggregates the health and alarm information for the applications, services, and resources (for example, disk drives) that are being monitored on the WAAS device. For example, this feature gives you a mechanism to determine if a WAE is receiving overwhelming number of alarms. These alarms are referred to as WAAS software alarms.

The WAAS software uses SNMP to report error conditions by generating SNMP traps. The following WAAS applications can generate a WAAS software alarm:

  • Node Health Manager (alarm overload condition)
  • System Monitor (sysmon) for disk failures

The three levels of alarms in the WAAS software are as follows:

  • Critical—Alarms that affect the existing traffic through the WAE and are considered fatal (the WAE cannot recover and continue to process traffic).
  • Major—Alarms that indicate a major service (for example, the cache service) has been damaged or lost. Urgent action is necessary to restore this service. However, other node components are fully functional and the existing service should be minimally impacted.
  • Minor—Alarms that indicate that a condition that will not affect a service has occurred, but that corrective action is required to prevent a serious fault from occurring.

You can configure alarms using the snmp-server enable traps alarms global configuration command.

Use the show alarms critical EXEC command to display the current critical alarms being generated by WAAS software applications. Use the show alarms critical detail EXEC command to display additional details for each of the critical alarms being generated. Use the show alarms critical detail support EXEC command to display an explanation about the condition that triggered the alarm and how you can find out the cause of the problem. Similarly, you can use the show alarms major and show alarms minor EXEC commands to display the details of major and minor alarms.

Use the show alarms history EXEC command to display a history of alarms that have been raised and cleared by the WAAS software on the WAAS device since the last software reload. The WAAS software retains the last 100 alarm raise and clear events only.

Use the show alarms status EXEC command to display the status of current alarms and the alarm overload status of the WAAS device and alarm overload configuration.

Examples

Table 3-4 describes the fields shown in the show alarms history command display.

 

Table 3-4 Field Descriptions for the show alarms history Command

Field
Description

Op

Operation status of the alarm. Values are R–Raised or C–Cleared.

Sev

Severity of the alarm. Values are Cr–Critical, Ma–Major, or Mi–Minor.

Alarm ID

Type of event that caused the alarm.

Module/Submodule

Software module affected.

Instance

Object that this alarm event is associated with. For example, for an alarm event with the Alarm ID disk_failed, the instance would be the name of the disk that failed. The Instance field does not have predefined values and is application specific.

Table 3-5 describes the fields shown in the show alarms status command display.

 

Table 3-5 Field Descriptions for the show alarms status Command

Field
Description

Critical Alarms

Number of critical alarms.

Major Alarms

Number of major alarms.

Minor Alarms

Number of minor alarms.

Overall Alarm Status

Aggregate status of alarms.

Device is NOT in alarm overload state.

Status of the device alarm overload state.

Device enters alarm overload state @ 999 alarms/sec.

Threshold number of alarms per second at which the device enters the alarm overload state.

Device exits alarm overload state @ 99 alarms/sec.

Threshold number of alarms per second at which the device exits the alarm overload state.

Overload detection is ENABLED.

Status of whether overload detection is enabled on the device.

 
Related Commands

(config) alarm overload-detect

(config) snmp-server enable traps

show appnav-controller flow-distribution

To display ANC flow distribution information, use the show appnav-controller flow-distribution EXEC command.

show appnav-controller flow-distribution [ client-ip ip_address | client-port port | peer-id peer_id | server-ip ip_address | server-port port ]

 
Syntax Description

client-ip ip_address

(Optional) Displays the flow information for the client with the specified IP address.

client-port port

(Optional) Displays the flow information for the client with the specified port number (1–65535).

peer-id peer_id

(Optional) Displays the flow information for the peer with the specified identifier. The peer ID is from 0 to 4294967295 identifying a peer.

server-ip ip_address

(Optional) Displays the flow information for the server with the specified IP address.

server-port port

(Optional) Displays the flow information for the server with the specified port number (1–65535).

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

appnav-controller

 
Usage Guidelines

This command can be used to determine how a flow would be classified and redirected.

Examples

The following is sample output from the show appnav-controller flow-distribution command that shows how a flow would be redirected:

ANC# show appnav-controller flow-distribution peer-id 58:8d:01:02:04:3a client-ip 192.168.1.2 server-ip 192.168.5.2 server-port 443
WARNING: One or more inputs are wildcards. The flow distribution lookup may not
be accurate
Did not find existing application, session or connection
 
Policy lookup results
---------------------
 
Connection will be redirected
Matched class: class-default:HTTPS
Monitored Accl: SSL
Configured redirect SNG: WNG-Default
Selected SNG: WNG-Default
Bucket #: 4
Selected SN: 2.76.243.11

 
Related Commands

(config) service-insertion

show arp

To display the Address Resolution Protocol (ARP) table for a WAAS device, use the show arp EXEC command.

show arp

 
Syntax Description

This command has no arguments or keywords.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC

execmds-4.jpg
Device Modes

application-accelerator

central-manager

 
Usage Guidelines

Use the show arp command to display the Internet-to-Ethernet address translation tables of the Address Resolution Protocol. Without flags, the current ARP entry for the host name is displayed.

On an ISR-WAAS device, no ARP entries are present for IP addresses on the same subnet as the ISR-WAAS device; there is an entry only for the defined gateway.

The ARP cache is cleared based on the gc_stale_time; the default time is 60 seconds.

Cache entry states, described in Table 3-6, function as follows:

1.blank.gif An entry in the ARP table with a Reachable state is moved to the Stale state after the ReachableTime is exceeded, or an UnsolicitedNeighbor advertisement is received.

2.blank.gif After an entry in the ARP table is moved to the Stale state, it sends an ARP request and is moved to the Delay state. It remains in the Delay state until it receives an acknowledgment.

3.blank.gif Depending on the next action, the entry is then moved to the Reachable state or the Probe state:

blank.gif If the entry receives an acknowledgment on time, it is moved to the Reachable state.

blank.gif If the entry does not receive an acknowledgment on time, it is moved to the Probe state.

Examples

Table 3-6 describes the fields shown in the show arp command display.

 

Table 3-6 Field Descriptions for the show arp Command

Field
Description

Protocol

Type of protocol.

State

Cache entry state. There are five possible cache entry states: Incomplete, Reachable, Stale, Delay, and Probe.

  • Incomplete—Address resolution on the cache is in progress: a Neighbor Solicitation has been sent to the solicited-mode address of the target, but the corresponding Neighbor Advertisement has not yet been received.
  • Reachable—Within the last ReachableTime milliseconds, positive confirmation has been received that the forward path to the neighbor is functioning properly. While in Reachable state, no special action occurs as packets are sent.
  • Stale—Within the last ReachableTime milliseconds, no positive confirmation has been received that the forward path to the neighbor is functioning properly. While in Stale state, no action occurs until a packet is sent.
note.gif

Noteblank.gif The Stale state is entered after an unsolicited Neighbor Discovery message is received, which updates the cached linked-layer address. Receipt of this message does not confirm reachability. Reachability is verified only after the entry is actually used.

The Stale state ensures that reachability is verified quickly if the entry is actually being used.


  • Delay—More than the ReachableTime milliseconds has elapsed since receipt of the last positive confirmation that the forward path to the neighbor is functioning properly, and a packet was sent within the specified DELAY_FIRST_PROBE_TIME seconds. If no reachability confirmation is received within the DELAY_FIRST_PROBE_TIME seconds of entering the Delay state, a Neighbor Solicitation is sent, and the state is changed to the Probe state.
  • Probe—Neighbor Solicitations are retransmitted every RetransTime seconds to confirm reachability, until a reachability confirmation is received.

Address

IP address of the hostname.

Flags

Current ARP flag status.

Hardware Addr

Hardware IP address given as six hexadecimal bytes separated by colons.

Type

Type of wide-area network.

Interface

Name and slot/port information for the interface.

show authentication

To display the authentication configuration for a WAAS device, use the show authentication EXEC command.

show authentication { user | strict-password-policy}

 
Syntax Descriptions

user

Displays authentication configuration for user login to the system.

strict-password-policy

Displays strict password policy configuration information.

 
Defaults

No default behavior or values.

 
Command Modes

EXEC