Upload
ngothien
View
265
Download
5
Embed Size (px)
Citation preview
Reference Material
2015-05-18 16:58:51 UTC
2015 Citrix Systems, Inc. All rights reserved. Terms of Use | Trademarks | Privacy Statement
http://www.citrix.com/about/legal/legal-notice.htmlhttp://www.citrix.com/about/legal/brand-guidelines.htmlhttp://www.citrix.com/about/legal/privacy.html
Contents
Reference Material ........................................................................................... 15
Reference Material............................................................................... 16
Command Reference ....................................................................... 17
AAA Commands ........................................................................ 18
aaa ................................................................................. 19
aaa user ........................................................................... 20
aaa group ......................................................................... 25
aaa preauthenticationaction................................................... 29
aaa preauthenticationpolicy ................................................... 32
aaa stats........................................................................... 35
aaa session........................................................................ 36
aaa radiusParams ................................................................ 38
aaa ldapParams .................................................................. 41
aaa tacacsParams................................................................ 44
aaa certParams................................................................... 46
aaa parameter.................................................................... 48
aaa preauthenticationparameter.............................................. 50
aaa global ......................................................................... 52
Application Commands ............................................................... 54
AppFlow Commands................................................................... 56
appflow............................................................................ 57
appflow collector ................................................................ 58
appflow action ................................................................... 61
appflow policy.................................................................... 65
appflow policylabel.............................................................. 69
appflow param ................................................................... 73
appflow global ................................................................... 76
Application Firewall Commands .................................................... 78
appfw .............................................................................. 79
2
appfw fieldType.................................................................. 80
appfw profile ..................................................................... 83
appfw policy ...................................................................... 105
appfw policylabel ................................................................ 109
appfw confidField................................................................ 113
appfw stats ....................................................................... 116
appfw xmlerrorpage............................................................. 117
appfw htmlerrorpage............................................................ 120
appfw settings.................................................................... 123
appfw global...................................................................... 126
appfw learningsettings.......................................................... 128
appfw learningdata.............................................................. 132
appfw wsdl........................................................................ 135
appfw signatures................................................................. 137
appfw xmlschema................................................................ 140
appfw XMLContentType......................................................... 142
appfw archive .................................................................... 144
Audit Commands ...................................................................... 147
audit ............................................................................... 148
audit syslogAction ............................................................... 149
audit syslogPolicy ................................................................ 153
audit nslogAction ................................................................ 156
audit nslogPolicy ................................................................. 160
audit messageaction............................................................. 163
audit stats......................................................................... 166
audit messages ................................................................... 167
audit syslogParams .............................................................. 168
audit nslogParams ............................................................... 170
Authentication Commands........................................................... 172
authentication radiusAction.................................................... 173
authentication ldapAction...................................................... 179
authentication tacacsAction ................................................... 186
authentication negotiateAction ............................................... 190
authentication samlAction ..................................................... 193
authentication certAction ...................................................... 196
authentication localPolicy...................................................... 199
authentication radiusPolicy .................................................... 202
3
authentication certPolicy....................................................... 205
authentication ldapPolicy ...................................................... 208
authentication tacacsPolicy.................................................... 211
authentication negotiatePolicy................................................ 214
authentication samlPolicy ...................................................... 217
authentication vserver .......................................................... 220
Authorization Commands ............................................................ 227
authorization policy ............................................................. 228
authorization policylabel ....................................................... 231
Basic Commands....................................................................... 235
location............................................................................ 236
locationFile ....................................................................... 239
server .............................................................................. 241
service ............................................................................. 248
serviceGroup ..................................................................... 262
dbsMonitors ....................................................................... 275
locationData ...................................................................... 276
svcbindings........................................................................ 277
servicegroupbindings ............................................................ 278
serviceGroupMember............................................................ 279
configstatus....................................................................... 280
locationParameter............................................................... 281
vserver............................................................................. 283
uiinternal.......................................................................... 284
reporting .......................................................................... 286
nstrace ............................................................................ 288
Cache Commands...................................................................... 292
cache .............................................................................. 293
cache policy ...................................................................... 294
cache policylabel ................................................................ 299
cache contentGroup............................................................. 303
cache forwardProxy ............................................................. 314
cache selector.................................................................... 316
cache object...................................................................... 318
cache stats........................................................................ 321
cache global ...................................................................... 322
cache parameter................................................................. 324
4
CLI Commands ......................................................................... 327
config .............................................................................. 328
whoami ............................................................................ 329
exit................................................................................. 330
quit................................................................................. 331
man ................................................................................ 332
history ............................................................................. 333
help ................................................................................ 334
source.............................................................................. 336
batch............................................................................... 337
unalias ............................................................................. 338
alias ................................................................................ 339
cls .................................................................................. 340
cli attribute....................................................................... 341
cli prompt......................................................................... 342
cli mode ........................................................................... 344
Cluster Commands .................................................................... 346
cluster ............................................................................. 347
cluster instance .................................................................. 348
cluster node ...................................................................... 353
cluster files ....................................................................... 357
cluster sync ....................................................................... 358
Compression Commands.............................................................. 359
cmp ................................................................................ 360
cmp action ........................................................................ 361
cmp policy ........................................................................ 364
cmp policylabel .................................................................. 370
cmp stats.......................................................................... 374
cmp global ........................................................................ 375
cmp parameter................................................................... 378
Cache Redirection Commands....................................................... 381
cr policy ........................................................................... 382
cr vserver ......................................................................... 385
Content Switching Commands....................................................... 397
cs policy ........................................................................... 398
cs policylabel ..................................................................... 402
cs vserver ......................................................................... 406
5
cs parameter ..................................................................... 421
cs action........................................................................... 423
DB Commands.......................................................................... 427
DNS Commands ........................................................................ 430
dns ................................................................................. 432
dns aaaaRec ...................................................................... 433
dns addRec........................................................................ 436
dns txtRec......................................................................... 438
dns cnameRec .................................................................... 441
dns mxRec ........................................................................ 443
dns nsRec.......................................................................... 446
dns ptrRec ........................................................................ 448
dns srvRec......................................................................... 450
dns soaRec ........................................................................ 454
dns suffix.......................................................................... 458
dns nameServer .................................................................. 460
dns view ........................................................................... 464
dns policy ......................................................................... 466
dns zone........................................................................... 470
dns key ............................................................................ 474
dns proxyRecords ................................................................ 479
dns records ....................................................................... 480
dns stats........................................................................... 481
dns parameter.................................................................... 482
dns policylabel ................................................................... 485
dns global ......................................................................... 489
dns action ......................................................................... 491
dns nsecRec....................................................................... 495
DOS Commands ........................................................................ 496
dos ................................................................................. 497
dos policy ......................................................................... 498
dos stats........................................................................... 502
Filter Commands ...................................................................... 503
filter action....................................................................... 504
filter htmlinjectionvariable .................................................... 508
filter policy ....................................................................... 511
filter prebodyInjection.......................................................... 515
6
filter postbodyInjection......................................................... 517
filter htmlinjectionparameter ................................................. 519
filter global ....................................................................... 521
GSLB Commands ....................................................................... 523
gslb site ........................................................................... 524
gslb service ....................................................................... 529
gslb vserver ....................................................................... 538
gslb runningConfig ............................................................... 550
gslb domain ....................................................................... 551
gslb ldnsentries .................................................................. 552
gslb parameter ................................................................... 553
gslb ldnsentry .................................................................... 555
gslb config ........................................................................ 556
gslb syncStatus ................................................................... 558
HA Commands.......................................................................... 559
HA node ........................................................................... 560
HA sync ............................................................................ 565
HA files ............................................................................ 566
HA failover ........................................................................ 567
IPSec Commands....................................................................... 568
ipsec profile ...................................................................... 569
ipsec parameter.................................................................. 572
ipsec counters .................................................................... 574
LB Commands .......................................................................... 575
lb monitor......................................................................... 576
lb route............................................................................ 597
lb route6 .......................................................................... 599
lb vserver ......................................................................... 601
lb metricTable ................................................................... 624
lb monbindings ................................................................... 628
lb persistentSessions ............................................................ 629
lb group ........................................................................... 630
lb sipParameters ................................................................. 635
lb parameter...................................................................... 637
Networking Commands ............................................................... 640
arp ................................................................................. 642
channel ............................................................................ 645
7
fis................................................................................... 651
route ............................................................................... 654
vlan ................................................................................ 660
vrID................................................................................. 666
vrID6 ............................................................................... 672
route6 ............................................................................. 675
nd6 ................................................................................. 680
inat................................................................................. 683
bridgegroup....................................................................... 687
ipTunnel ........................................................................... 692
ip6Tunnel ......................................................................... 695
netbridge.......................................................................... 697
ipset ............................................................................... 700
linkset ............................................................................. 703
netProfile ......................................................................... 706
arpparam.......................................................................... 709
ci ................................................................................... 711
interface .......................................................................... 712
rnat ................................................................................ 720
bridgetable ....................................................................... 723
bridge.............................................................................. 725
lacp ................................................................................ 726
rnatparam......................................................................... 727
rnatip .............................................................................. 729
vrIDParam ......................................................................... 730
ipv6 ................................................................................ 732
ipTunnelParam ................................................................... 734
ip6TunnelParam.................................................................. 736
L2Param ........................................................................... 738
L3Param ........................................................................... 741
forwardingSession................................................................ 743
ptp ................................................................................. 746
rnat6 ............................................................................... 747
NS Commands .......................................................................... 751
shutdown.......................................................................... 753
reboot ............................................................................. 754
ns ................................................................................... 755
8
ns limitIdentifier ................................................................. 757
ns acl .............................................................................. 762
ns acl6 ............................................................................. 770
ns ip6 .............................................................................. 778
ns ip................................................................................ 784
ns simpleacl....................................................................... 792
ns simpleacl6 ..................................................................... 795
ns pbr .............................................................................. 799
ns xmlnamespace ................................................................ 806
ns tcpProfile ...................................................................... 809
ns httpProfile..................................................................... 816
ns stats ............................................................................ 822
ns ns.conf ......................................................................... 823
ns savedConfig ................................................................... 824
ns runningConfig ................................................................. 825
ns acls ............................................................................. 826
ns info ............................................................................. 828
ns license.......................................................................... 830
ns version ......................................................................... 831
ns config........................................................................... 832
ns param .......................................................................... 841
ns acls6 ............................................................................ 848
ns pbrs ............................................................................. 850
ns connectiontable .............................................................. 852
ns limitSessions................................................................... 854
ns hostName ...................................................................... 855
ns surgeQ.......................................................................... 857
ns feature ......................................................................... 858
ns mode ........................................................................... 860
ns dhcpParams ................................................................... 862
ns dhcpIp .......................................................................... 864
ns spParams....................................................................... 865
ns tcpbufParam .................................................................. 867
ns tcpParam ...................................................................... 869
ns httpParam ..................................................................... 873
ns weblogparam.................................................................. 875
ns diameter ....................................................................... 876
9
ns rateControl .................................................................... 878
ns rpcNode ........................................................................ 880
ns timeout ........................................................................ 883
ns hardware....................................................................... 886
ns events .......................................................................... 887
ns encryptionParams ............................................................ 888
ns rollbackcmd ................................................................... 890
ns memory ........................................................................ 891
ns pbr6............................................................................. 892
NTP Commands ........................................................................ 900
ntp server ......................................................................... 901
ntp sync ........................................................................... 905
ntp status ......................................................................... 906
ntp param......................................................................... 907
Policy Commands...................................................................... 909
policy expression................................................................. 910
policy map ........................................................................ 913
policy patset...................................................................... 916
policy dataset .................................................................... 919
policy httpCallout................................................................ 922
policy stringmap ................................................................. 926
PQ Commands.......................................................................... 930
pq .................................................................................. 931
pq policy .......................................................................... 932
pq stats............................................................................ 936
Protocol Commands................................................................... 937
protocol tcp ...................................................................... 938
protocol http ..................................................................... 939
protocol icmp..................................................................... 940
protocol ipv6 ..................................................................... 941
protocol icmpv6.................................................................. 942
protocol ip ........................................................................ 943
protocol udp ...................................................................... 944
protocol httpBand ............................................................... 945
Responder Commands ................................................................ 947
responder policy ................................................................. 948
responder action ................................................................. 953
10
responder policylabel ........................................................... 958
responder global ................................................................. 962
responder param................................................................. 964
responder htmlpage ............................................................. 966
Rewrite Commands ................................................................... 969
rewrite policy .................................................................... 970
rewrite action .................................................................... 975
rewrite policylabel .............................................................. 982
rewrite global .................................................................... 986
rewrite param .................................................................... 989
Router Commands..................................................................... 991
SC Commands .......................................................................... 992
sc ................................................................................... 993
sc policy ........................................................................... 994
sc stats ............................................................................ 999
sc parameter ..................................................................... 1000
SNMP Commands ...................................................................... 1002
snmp ............................................................................... 1003
snmp community................................................................. 1004
snmp manager.................................................................... 1007
snmp trap ......................................................................... 1011
snmp group ....................................................................... 1016
snmp view......................................................................... 1019
snmp user ......................................................................... 1022
snmp oid........................................................................... 1025
snmp stats ........................................................................ 1026
snmp alarm ....................................................................... 1027
snmp mib.......................................................................... 1036
snmp engineId .................................................................... 1038
snmp option ...................................................................... 1040
SSL Commands ......................................................................... 1042
ssl .................................................................................. 1044
ssl fipsKey......................................................................... 1045
ssl wrapkey ....................................................................... 1049
ssl certKey ........................................................................ 1051
ssl ciphersuite .................................................................... 1060
ssl cipher .......................................................................... 1061
11
ssl crl .............................................................................. 1066
ssl action .......................................................................... 1074
ssl policy .......................................................................... 1078
ssl policylabel .................................................................... 1082
ssl ocspResponder ............................................................... 1085
ssl rsakey.......................................................................... 1090
ssl pkcs12 ......................................................................... 1092
ssl pkcs8 ........................................................................... 1093
ssl dhParam ....................................................................... 1094
ssl dsaKey ......................................................................... 1095
ssl certLink........................................................................ 1096
ssl certReq ........................................................................ 1097
ssl cert............................................................................. 1099
ssl stats ............................................................................ 1102
ssl parameter..................................................................... 1103
ssl fips ............................................................................. 1106
ssl service ......................................................................... 1109
ssl serviceGroup.................................................................. 1115
ssl vserver......................................................................... 1119
ssl fipsSIMTarget ................................................................. 1125
ssl fipsSIMSource ................................................................. 1127
ssl global .......................................................................... 1129
Stream Commands .................................................................... 1131
stream selector .................................................................. 1132
stream identifier................................................................. 1135
stream session.................................................................... 1138
System Commands .................................................................... 1139
system ............................................................................. 1140
system cmdPolicy ................................................................ 1141
system user ....................................................................... 1144
system group ..................................................................... 1148
system session.................................................................... 1152
system cpu ........................................................................ 1154
system memory .................................................................. 1155
system entitydata................................................................ 1156
system entity ..................................................................... 1158
system globaldata ............................................................... 1159
12
system counters.................................................................. 1160
system countergroup ............................................................ 1161
system eventhistory ............................................................. 1162
system core ....................................................................... 1163
system dataSource............................................................... 1164
system global ..................................................................... 1165
system collectionparam......................................................... 1167
system parameter ............................................................... 1169
TM Commands ......................................................................... 1171
tm sessionPolicy.................................................................. 1172
tm sessionAction ................................................................. 1175
tm trafficPolicy .................................................................. 1179
tm formSSOAction ............................................................... 1182
tm trafficAction.................................................................. 1186
tm global .......................................................................... 1189
tm sessionParameter ............................................................ 1191
Transform Commands ................................................................ 1193
transform profile................................................................. 1194
transform action ................................................................. 1197
transform policy ................................................................. 1200
transform policylabel ........................................................... 1205
transform global ................................................................. 1209
Tunnel Commands..................................................................... 1211
tunnel trafficPolicy .............................................................. 1212
tunnel global ..................................................................... 1216
Utility Commands ..................................................................... 1219
nstrace ............................................................................ 1220
scp ................................................................................. 1222
shell................................................................................ 1223
install .............................................................................. 1224
grep ................................................................................ 1225
traceroute6 ....................................................................... 1227
traceroute ........................................................................ 1229
ping6 ............................................................................... 1231
ping ................................................................................ 1233
techsupport....................................................................... 1235
callhome .......................................................................... 1236
13
VPN Commands ........................................................................ 1238
vpn ................................................................................. 1239
vpn vserver ....................................................................... 1240
vpn intranetApplication......................................................... 1249
vpn nextHopServer .............................................................. 1251
vpn trafficPolicy ................................................................. 1253
vpn trafficAction................................................................. 1256
vpn formSSOAction .............................................................. 1259
vpn url ............................................................................. 1263
vpn sessionPolicy................................................................. 1266
vpn sessionAction ................................................................ 1269
vpn clientlessAccessPolicy...................................................... 1283
vpn clientlessAccessProfile..................................................... 1286
vpn stats .......................................................................... 1290
vpn icaConnection ............................................................... 1291
vpn global ......................................................................... 1292
vpn parameter ................................................................... 1295
WI Commands.......................................................................... 1303
wi site ............................................................................. 1304
wi package ........................................................................ 1311
Documentation Library .................................................................... 1313
Release Notes.......................................................................... 1314
Quick Start Guides .................................................................... 1315
Configuration Guides ................................................................. 1316
Reference Guides ..................................................................... 1317
Glossary ...................................................................................... 1318
14
15
Reference Material
You can refer to the following documentation for quick reference:
Command Reference
Documentation Library
Note: We are in the process of transitioning reference documentation to Citrix eDocs.The following reference documentation is available in Citrix Knowledge Center(http://support.citrix.com/productdocs/). When you click these links, you will leave thesite. We recommend that you book mark this site so you can easily return to it.
NetScaler Developer's Guide
NetScaler Log Message Reference
NetScaler SNMP OID Reference
NetScaler Glossary
http://support.citrix.com/proddocs/topic/ns-reference-map-10-1/netscaler-crg-gen-wrapper-con.htmlhttp://support.citrix.com/productdocs/http://support.citrix.com/article/CTX132367http://support.citrix.com/article/CTX132382http://support.citrix.com/article/CTX132381http://support.citrix.com/article/CTX132383
16
Command Reference
Provides basic information of the NetScaler command line interface and also provides thecommands to configure and retrieve details of the appliance.
17
Command Reference
Provides basic information of the NetScaler command line interface and also provides thecommands to configure and retrieve details of the appliance.
18
AAA Commands
This group of commands can be used to perform operations on the following entities:
aaa
aaa user
aaa group
aaa preauthenticationaction
aaa preauthenticationpolicy
aaa stats
aaa session
aaa radiusParams
aaa ldapParams
aaa tacacsParams
aaa certParams
aaa parameter
aaa preauthenticationparameter
aaa global
19
aaa
stat aaaSynopsis
stat aaa [-detail] [-fullValues] [-ntimes ] [-logFile ]
DescriptionDisplay aaa statistics
20
aaa user
[ add | rm | set | bind | unbind | show ]
add aaa userSynopsis
add aaa user {-password }
DescriptionAdd an AAA user.
ParametersuserName
The name of the user.
password
Enter this keyword to create or change the user's password. The entered password is notdisplayed. If no password is given for a new user then the user will be authenticatedexternally.
Example
add aaa user johndoe -password abcdadd aaa user johndoe -passwordThe above example adds user johndoe with password abcd for first case, password supplied on promptfor second case
Top
rm aaa userSynopsis
rm aaa user
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-add-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-rm-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-set-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-bind-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-unbind-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-show-aaa-user
DescriptionRemove the AAA user.
ParametersuserName
The name of the AAA user.
Top
set aaa userSynopsis
set aaa user
DescriptionModify the parameters for the existing AAA user.
ParametersuserName
The name of the user.
password
Enter this keyword to create or change the user's password. The entered password is notdisplayed. If no password is given for a new user then the user will be authenticatedexternally.
Example
set aaa user johndoe password abcdThe above command sets the password for johndoe to abcd
Top
bind aaa userSynopsis
bind aaa user [-policy [-priority ]][-intranetApplication ] [-urlName ] [-intranetIP []]
aaa user
21
DescriptionBind the resources (policy/intranetip/intranetapplication/url) to a user.
ParametersuserName
The user name.
policy
the policy to be bound to aaa user.
intranetApplication
The intranet vpn application.
urlName
The intranet url
intranetIP
The IP address to be bound to this user and used to access the Intranet
Example
To bind intranetip to the user joe: bind aaa user joe -intranetip 10.102.1.123
Top
unbind aaa userSynopsis
unbind aaa user [-policy ] [-intranetApplication ] [-urlName] [-intranetIP []]
DescriptionUnbind the resource(policy/intranetip/intranetapplication/url) from an AAA user
ParametersuserName
The user name.
aaa user
22
policy
The policy to be unbound to an aaa user.
intranetApplication
The intranet vpn application.
urlName
The intranet url
intranetIP
The Intranet IP to be unbound
Example
unbind AAA user joe -intranetip 10.102.1.123
Top
show aaa userSynopsis
show aaa user [] [-loggedIn]
DescriptionDisplay the AAA user detail.
ParametersuserName
The user name.
loggedIn
The loggedin flag. When this flag is turned on, the system displays the names of alllogged-in users. If a user name is included, the system displays whether the user islogged in or not.
Example
Example> show aaa user joe UserName: joe IntranetIP: 10.102.1.123
aaa user
23
Bound to groups: GroupName: engg Done>
Top
aaa user
24
25
aaa group
[ add | rm | bind | unbind | show ]
add aaa groupSynopsis
add aaa group
DescriptionAdd an AAA group. To associate AAA users with an AAA group, use the command "bind AAAgroup ... -username ...". You can bind different policies to each AAA group. Use thecommand "bind AAA group ... -policy ...". You can also bind ranges of Intranet IP addressesto an AAA group. For example, the administrator may want to assign pools of Intranet IPaddresses to groups or departments.
ParametersgroupName
The name of the group.
Example
add aaa group group_ad
Top
rm aaa groupSynopsis
rm aaa group
DescriptionRemove an AAA group. To associate AAA users with an AAA group, use the command "bindAAA group ... -username ...". You can bind different policies to each AAA group. Use thecommand "bind AAA group ... -policy ...". You can also bind ranges of Intranet IP addressesto an AAA group. For example, the administrator may want to assign pools of Intranet IPaddresses to groups or departments.
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-add-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-rm-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-bind-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-unbind-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-show-aaa-group
ParametersgroupName
The name of the group . Note: Any user sessions belonging to the group are removed.The user must log in again.
Top
bind aaa groupSynopsis
bind aaa group [-userName ] [-policy [-priority]] [-intranetApplication ] [-urlName ] [-intranetIP ]
DescriptionBind the resource(User/Intranet IP /Policy/Intranet Application) to a group. To associateAAA users with an AAA group, use the command "bind AAA group ... -username ...". You canbind different policies to each AAA group. Use the command "bind AAA group ... -policy ...".You can also bind ranges of Intranet IP addresses to an AAA group. For example, theadministrator may want to assign pools of Intranet IP addresses to groups or departments.
ParametersgroupName
The group name.
userName
The user that the group is bound to. If the user belongs to more than one group, thegroup expressions are evaluated at authorization to determine the appropriate action.
policy
The policy to be bound to an AAA group.
intranetApplication
The intranet vpn application.
urlName
The intranet url.
intranetIP
The ip-block or IP address to be bound with this group. This is the block or address thatwill be used when members of this group access Intranet resources.
aaa group
26
Example
To bind an Intranet IP to the group engg: bind aaa group engg -intranetip 10.102.10.0 255.255.255.0
Top
unbind aaa groupSynopsis
unbind aaa group [-userName ...] [-policy ][-intranetApplication ] [-urlName ] [-intranetIP ]
DescriptionUnbind the resource (User/Intranet IP/Policy/Intranet Application) from a group. Toassociate AAA users with an AAA group, use the command "bind AAA group ... -username...". You can bind different policies to each AAA group. Use the command "bind AAA group... -policy ...". You can also bind ranges of Intranet IP addresses to an AAA group. Forexample, the administrator may want to assign pools of Intranet IP addresses to groups ordepartments.
ParametersgroupName
The group name.
userName
The user to be unbound from the group.
policy
The policy to be unbound from the AAA group,
intranetApplication
The intranet vpn application.
urlName
The intranet url.
intranetIP
The Intranet IP to be unbound from the group
Example
aaa group
27
unbind aaa group engg -intranetip 10.102.10.0 255.255.255.0
Top
show aaa groupSynopsis
show aaa group [] [-loggedIn]
DescriptionDisplay details of the AAA group. To associate AAA users with an AAA group, use thecommand "bind AAA group ... -username ...". You can bind different policies to each AAAgroup. Use the command "bind AAA group ... -policy ...". You can also bind ranges ofIntranet IP addresses to an AAA group. For example, the administrator may want to assignpools of Intranet IP addresses to groups or departments.
ParametersgroupName
The group name.
loggedIn
The loggedin flag. When this flag is turned on, the system displays the names of the usersin a group if at least one user in the group is logged in. When used with a group name,the system lists the users in the group who are logged in.
Example
> show aaa group engg GroupName: engg
Bound AAA users: UserName: joe UserName: jane
Intranetip IP: 10.102.10.0 Netmask: 255.255.255.0 Done>
Top
aaa group
28
29
aaa preauthenticationaction
[ add | rm | set | unset | show ]
add aaa preauthenticationactionSynopsis
add aaa preauthenticationaction [] [-killProcess ][-deletefiles ]
DescriptionAdd actions for end point analysis (EPA) clients before authentication.
Parametersname
The name of the Preauthentication action.
preauthenticationaction
Deny or allow login after end point analysis results. Possible values: ALLOW, DENY
killProcess
Processes to be killed by the EPA tool.
deletefiles
Files to be deleted by EPA tool.
Top
rm aaa preauthenticationactionSynopsis
rm aaa preauthenticationaction
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-add-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-rm-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-set-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-unset-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-show-aaa-preauthenticationaction
DescriptionRemove a previously created Pre-authentication action. Note that an action cannot beremoved as long as it is configured in a policy.
Parametersname
The name of the action to be removed.
Top
set aaa preauthenticationactionSynopsis
set aaa preauthenticationaction [] [-killProcess ][-deletefiles ]
DescriptionChange properties of a Pre-authentication action.
Parametersname
The name of the Preauthentication action.
preauthenticationaction
Deny or allow login after end point analysis results. Possible values: ALLOW, DENY
killProcess
Processes to be killed by EPA tool.
deletefiles
Files to be deleted by EPA tool.
Top
aaa preauthenticationaction
30
unset aaa preauthenticationactionSynopsis
unset aaa preauthenticationaction [-killProcess] [-deletefiles]
DescriptionUse this command to remove aaa preauthenticationaction settings.Refer to the set aaapreauthenticationaction command for meanings of the arguments.
Top
show aaa preauthenticationactionSynopsis
show aaa preauthenticationaction []
DescriptionDisplay details of the configured Pre-authentication action(s).
Parametersname
The name of the RADIUS action.
Top
aaa preauthenticationaction
31
32
aaa preauthenticationpolicy
[ add | rm | set | show ]
add aaa preauthenticationpolicySynopsis
add aaa preauthenticationpolicy []
DescriptionAdd a Radius authentication policy. The policy defines expressions to be evaluated by theEPA tool.
Parametersname
The name to assign to the new Pre-authentication policy.
rule
The name of the rule or expression that the policy will use.
reqAction
The name of the RADIUS action the policy will use.
Top
rm aaa preauthenticationpolicySynopsis
rm aaa preauthenticationpolicy
DescriptionRemove a Pre-authentication policy.
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-add-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-rm-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-set-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-show-aaa-preauthenticationpolicy
Parametersname
The name of the Pre-authentication policy to remove.
Top
set aaa preauthenticationpolicySynopsis
set aaa preauthenticationpolicy [-rule ] [-reqAction ]
DescriptionChange the properties of a Pre-authentication policy.
Parametersname
The name of the policy.
rule
The new rule to be associated with the policy.
reqAction
The new Pre-authentication action to be associated with the policy.
Top
show aaa preauthenticationpolicySynopsis
show aaa preauthenticationpolicy []
DescriptionDisplay configured Pre-authentication policies.
Parametersname
aaa preauthenticationpolicy
33
The name of the policy. If this option is not provided, all of the configured RADIUSpolicies will be displayed.
Top
aaa preauthenticationpolicy
34
35
aaa stats
show aaa statsSynopsis
show aaa stats - alias for 'stat aaa'
Descriptionshow aaa stats is an alias for stat aaa
36
aaa session
[ show | kill ]
show aaa sessionSynopsis
show aaa session [-userName ] [-groupName ] [-intranetIP []]
DescriptionDisplay the connections initated by the user
ParametersuserName
The user name.
groupName
The group name.
intranetIP
Intranet IP address.
Example
> show aaa connection ClintIp (ClientPort) -> ServerIp(ServerPort) ------------------------- ----------------------------User Name: Joe
10.102.0.39 (2318 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2320 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2340 ) -> 10.102.4.245 (443 )
Done>
Top
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-session-ref.html#netscaler-crg-show-aaa-sessionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-session-ref.html#netscaler-crg-kill-aaa-session
kill aaa sessionSynopsis
kill aaa session [-userName ] [-groupName ] [-intranetIP []] [-all]
DescriptionKill the user sessions
ParametersuserName
The user name. The system will terminate the session initiated by the named user.
groupName
The group name. The system will terminate the sessions of all the users within thenamed group.
intranetIP
The Intranet IP address. The system will terminate all sessions using the named intranetIP address
all
Terminate the sessions of all users who are currently logged in.
Example
kill aaa session -user joe
Top
aaa session
37
38
aaa radiusParams
[ set | unset | show ]
set aaa radiusParamsSynopsis
set aaa radiusParams [-serverIP ] [-serverPort ] [-authTimeout] {-radKey } [-radNASip ( ENABLED | DISABLED )] [-radNASid ][-radVendorID ] [-radAttributeType ] [-radGroupsPrefix] [-radGroupSeparator ] [-passEncoding ] [-ipVendorID] [-ipAttributeType ] [-accounting ( ON | OFF )][-pwdVendorID ] [-pwdAttributeType ]
DescriptionModify the global variables for the RADIUS server. It will be used globally in SSL-VPN acrossall Vservers unless you create a vserver-specific configuration using authentication policies.
ParametersserverIP
The IP address of the RADIUS server.
serverPort
The port number on which the RADIUS server is running. Default value: 1812 Minimumvalue: 1
authTimeout
The maximum number of seconds the system will wait for a response from the RADIUSserver. Default value: 3 Minimum value: 1
radKey
The key shared between the client and the server. This information is required for thesystem to communicate with the RADIUS server.
radNASip
The option to send the NetScaler's IP address (NSIP) to the server as the "nasip" (NetworkAccess Server IP) part of the Radius protocol. Possible values: ENABLED, DISABLED
radNASid
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-set-aaa-radiusparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-unset-aaa-radiusparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-show-aaa-radiusparams
The nasid (Network Access Server ID). If configured, this string will be sent to the RADIUSserver as the "nasid" part of the Radius protocol.
radVendorID
The Vendor ID for Radius group extraction. Minimum value: 1
radAttributeType
The Attribute type for Radius group extraction. Minimum value: 1
radGroupsPrefix
The groups prefix string that precedes the group names within a RADIUS attribute forRADIUS group extraction.
radGroupSeparator
The group separator string that delimits group names within a RADIUS attribute forRADIUS group extraction.
passEncoding
The option to encode the password in the Radius packets traveling from the NetScaler tothe Radius server. Possible values: pap, chap, mschapv1, mschapv2 Default value:AAA_PAP
ipVendorID
The vendor ID of the attribute in the RADIUS response. The vendor ID denotes theintranet IP. The value of 0 denotes that the attribute is not vendor-encoded.
ipAttributeType
The attribute type of the remote IP address attribute in a RADIUS response. Minimumvalue: 1
accounting
The state of the RADIUS server to receive accounting messages. Possible values: ON, OFF
pwdVendorID
Vendor ID of the attribute in the RADIUS response which will be used to extract the userPassword. Minimum value: 1
Example
To configure the default RADIUS parameters:set aaa radiusparams -serverip 192.30.1.2 -radkey sslvpn
Top
aaa radiusParams
39
unset aaa radiusParamsSynopsis
unset aaa radiusParams [-serverIP] [-serverPort] [-authTimeout] [-radNASip] [-radNASid][-radVendorID] [-radAttributeType] [-radGroupsPrefix] [-radGroupSeparator][-passEncoding] [-ipVendorID] [-ipAttributeType] [-accounting] [-pwdVendorID][-pwdAttributeType]
DescriptionUse this command to remove aaa radiusParams settings.Refer to the set aaa radiusParamscommand for meanings of the arguments.
Top
show aaa radiusParamsSynopsis
show aaa radiusParams
DescriptionDisplay the configured RADIUS parameters.
Example
> show aaa radiusparamsConfigured RADIUS parameters Server IP: 127.0.0.2 Port: 1812 key: secret Timeout: 10 Done>
Top
aaa radiusParams
40
41
aaa ldapParams
[ set | unset | show ]
set aaa ldapParamsSynopsis
set aaa ldapParams [-serverIP ] [-serverPort ] [-authTimeout] [-ldapBase ] [-ldapBindDn ] {-ldapBindDnPassword }[-ldapLoginName ] [-searchFilter ] [-groupAttrName ][-subAttributeName ] [-secType ] [-svrType ( AD | NDS )][-ssoNameAttribute ] [-passwdChange ( ENABLED | DISABLED )][-nestedGroupExtraction ( ON | OFF )] [-maxNestingLevel ][-groupNameIdentifier ] [-groupSearchAttribute [-groupSearchSubAttribute]] [-groupSearchFilter ]
DescriptionSet the global variables for the LDAP server. It is used globally in SSL-VPN across allVservers unless you create a vserver-specific configuration using authentication policies.
ParametersserverIP
The IP address of the LDAP server. The default value is localhost.
serverPort
The port number on which the LDAP server is running. Default value: 389 Minimum value:1
authTimeout
The maximum number of seconds the system will wait for a response from the LDAPserver. Default value: 3 Minimum value: 1
ldapBase
The base or node where the ldapsearch should start. If the LDAP server is running locally,the default value of base is dc=netscaler, dc=com.
ldapBindDn
The full distinguished name that is used to bind to the LDAP server.
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-set-aaa-ldapparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-unset-aaa-ldapparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-show-aaa-ldapparams
ldapBindDnPassword
The password used to bind to the LDAP server.
ldapLoginName
The name attribute used by the system to query the external LDAP server or an ActiveDirectory.
searchFilter
The String to be combined with the default LDAP user search string to form the value.For example, vpnallowed=true with ldaploginame "samaccount" and user-suppliedusername "bob" would yield the LDAP search string"(&(vpnallowed=true)(samaccount=bob)".
groupAttrName
The attribute name for group extraction from the LDAP server
subAttributeName
The Sub-Attribute name for group extraction from LDAP server
secType
The type of communication between the system and the LDAP server. The values are:PLAINTEXT: No encryption required. TLS: To use the TLS protocol to communicate. SSL:To use the SSL Protocol to communicate. Possible values: PLAINTEXT, TLS, SSL Defaultvalue: AAA_LDAP_PLAINTEXT
svrType
The type of LDAP server. Possible values: AD, NDS Default value:AAA_LDAP_SERVER_TYPE_DEFAULT
ssoNameAttribute
The attribute used by the system to query the external LDAP server (or an ActiveDirectory) for an alternate username to be used in Single Sign-On.
passwdChange
Enabling this option does not block password change request.Disabling would blockpassword change request. Possible values: ENABLED, DISABLED Default value: DISABLED
nestedGroupExtraction
Setting this option to ON enables the nested group extraction feature where the systemqueries the external LDAP server to determine if a group belongs to another groupPossible values: ON, OFF Default value: OFF
Example
aaa ldapParams
42
To configure authentication in the LDAP server running at 192.40.1.2:set aaa ldapparams -serverip 192.40.1.2 -ldapbase "dc=netscaler,dc=com" -ldapBindDN "cn=Manager,dc=netscaler,dc=com" -ldapBindDnPassword secret -ldaploginname uid
Top
unset aaa ldapParamsSynopsis
unset aaa ldapParams [-serverIP] [-serverPort] [-authTimeout] [-ldapBase] [-ldapBindDn][-ldapBindDnPassword] [-ldapLoginName] [-searchFilter] [-groupAttrName][-subAttributeName] [-secType] [-svrType] [-ssoNameAttribute] [-passwdChange][-nestedGroupExtraction] [-maxNestingLevel] [-groupNameIdentifier][-groupSearchAttribute] [-groupSearchSubAttribute] [-groupSearchFilter]
DescriptionUse this command to remove aaa ldapParams settings.Refer to the set aaa ldapParamscommand for meanings of the arguments.
Top
show aaa ldapParamsSynopsis
show aaa ldapParams
DescriptionDisplay the configured LDAP parameters.
Example
> show aaa ldapparamsConfigured LDAP parameters Server IP: 127.0.0.1 Port: 389 Timeout: 1 BindDn: cn=Manager,dc=florazel,dc=com login: uid Base: dc=florazel,dc=com Secure Type: PLAINTEXTDone>
Top
aaa ldapParams
43
44
aaa tacacsParams
[ set | unset | show ]
set aaa tacacsParamsSynopsis
set aaa tacacsParams [-serverIP ] [-serverPort ] [-authTimeout] {-tacacsSecret } [-authorization ( ON | OFF )] [-accounting ( ON | OFF )][-auditFailedCmds ( ON | OFF )]
DescriptionSet the global variables for the TACACS+ server. It is used globally in SSL-VPN across allVservers unless a vserver-specific configuration is done using authentication policies.
ParametersserverIP
The IP address of the TACACS+ server.
serverPort
The port on which the TACACS+ server is running. Default value: 49 Minimum value: 1
authTimeout
The maximum number of seconds the system will wait for a response from the TACACS+server. Default value: 3 Minimum value: 1
tacacsSecret
The key shared between the client and the server. This information is required for thesystem to communicate with the TACACS+ server.
authorization
The option for streaming authorization for the TACACS+ server. Possible values: ON, OFF
accounting
The option for sending accounting messages to the TACACS+ server. Possible values: ON,OFF
auditFailedCmds
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-set-aaa-tacacsparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-unset-aaa-tacacsparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-show-aaa-tacacsparams
The option for sending accounting messages to the TACACS+ server. Possible values: ON,OFF
Example
To configure a TACACS+ server running at 192.168.1.20 set aaa tacacsparams -serverip 192.168.1.20 -tacacssecret secret
Top
unset aaa tacacsParamsSynopsis
unset aaa tacacsParams [-serverIP] [-serverPort] [-authTimeout] [-tacacsSecret][-authorization] [-accounting] [-auditFailedCmds]
DescriptionUse this command to remove aaa tacacsParams settings.Refer to the set aaa tacacsParamscommand for meanings of the arguments.
Top
show aaa tacacsParamsSynopsis
show aaa tacacsParams
DescriptionDisplay configured AAA TACACS+ server parameters.
Example
> sh aaa tacacsparamsConfigured TACACS parameter Server IP: 192.168.1.20 Port: 49 Timeout: 1 secsDone
Top
aaa tacacsParams
45
46
aaa certParams
[ set | unset | show ]
set aaa certParamsSynopsis
set aaa certParams [-userNameField ] [-groupNameField ]
DescriptionSet the global variables for a certificate policy. It is used globally in SSL-VPN across allVservers unless vserver-specific configuration is done using authentication policies.
ParametersuserNameField
The field in the client certificate to extract the username from. Should be of the format. Allowed values for field are "Subject" and "Issuer".
groupNameField
The certificate field to extract the group from. Should be of the format .Allowed values for field are "Subject" and "Issuer".
Example
To configure the default certificate parameters: set aaa certparams -userNameField "Subject:CN" -groupNameField "Subject:OU"
Top
unset aaa certParamsSynopsis
unset aaa certParams [-userNameField] [-groupNameField]
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-set-aaa-certparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-unset-aaa-certparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-show-aaa-certparams
DescriptionUse this command to remove aaa certParams settings.Refer to the set aaa certParamscommand for meanings of the arguments.
Top
show aaa certParamsSynopsis
show aaa certParams
DescriptionDisplay the configured CERT parameters.
Top
aaa certParams
47
48
aaa parameter
[ set | unset | show ]
set aaa parameterSynopsis
set aaa parameter [-enableStaticPageCaching ( YES | NO )] [-defaultAuthType] [-maxAAAUsers ] [-aaadnatIp ]
DescriptionSet the global AAA parameters. This will override the default authentication server setting.
ParametersenableStaticPageCaching
The default state of VPN Static Page caching. If nothing is specified, the default value isset to ON. Possible values: YES, NO Default value: STATIC_PAGE_CACHING_ENABLED
defaultAuthType
The default authentication server type. If nothing is specified, the default value is set toLocal. Possible values: LOCAL, LDAP, RADIUS, TACACS, CERT Default value: LOCAL_AUTH
maxAAAUsers
The maximum number of concurrent users allowed to login in to the system at any giventime. Minimum value: 1 Maximum value: 65535
aaadnatIp
The source ip to be used for the traffic going to authentication servers
Example
set aaa parameter -defaultAuthType RADIUS -maxAAAUSers 100
Top
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-set-aaa-parameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-unset-aaa-parameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-show-aaa-parameter
unset aaa parameterSynopsis
unset aaa parameter [-enableStaticPageCaching] [-defaultAuthType] [-maxAAAUsers][-aaadnatIp]
DescriptionSet default aaa paramter.Refer to the set aaa parameter command for meanings of thearguments.
Top
show aaa parameterSynopsis
show aaa parameter
DescriptionDisplays the configured AAA parameters .
Example
> show aaa parameterConfigured AAA parameters DefaultAuthType: LDAP MaxAAAUsers: 5 Done>
Top
aaa parameter
49
50
aaa preauthenticationparameter
[ set | unset | show ]
set aaa preauthenticationparameterSynopsis
set aaa preauthenticationparameter [-preauthenticationaction ( ALLOW | DENY )] [-rule] [-killProcess ] [-deletefiles ]
DescriptionSets the default end point analysis (EPA) parameters before authentication.
Parameterspreauthenticationaction
Deny or allow login after end point analysis results. Possible values: ALLOW, DENY
rule
The name of the rule, or expression, to be evaluated by the EPA tool.
killProcess
Processes to be killed by the EPA tool.
deletefiles
Files to be deleted by the EPA tool.
Top
unset aaa preauthenticationparameterSynopsis
unset aaa preauthenticationparameter [-rule] [-preauthenticationaction] [-killProcess][-deletefiles]
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-set-aaa-preauthenticationparameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-unset-aaa-preauthenticationparameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-show-aaa-preauthenticationparameter
DescriptionSet default end point analysis(EPA) parameters before authentication. .Refer to the set aaapreauthenticationparameter command for meanings of the arguments.
Top
show aaa preauthenticationparameterSynopsis
show aaa preauthenticationparameter
DescriptionDisplay details of the configured Pre-authentication parameter(s).
Top
aaa preauthenticationparameter
51
52
aaa global
[ bind | unbind | show ]
bind aaa globalSynopsis
bind aaa global (-policy [-priority ])
DescriptionBinds the policy globally.
Parameterspolicy
The policy to be bound globally.
Example
bind aaa global -pol pol1
Top
unbind aaa globalSynopsis
unbind aaa global -policy
DescriptionUnbind the policy globally
Parameterspolicy
The policy to be unbound to the AAA user.
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-bind-aaa-globalhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-unbind-aaa-globalhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-show-aaa-global
Top
show aaa globalSynopsis
show aaa global
DescriptionDisplay details of the configured policies aaa global.
Top
aaa global
53
54
Application Commands
[ import | export ]
import applicationSynopsis
import application [-appname ] [-deploymentFilename]
DescriptionImports application configuration information from an AppExpert application template file.You can specify a deployment file along with the template file. A template file containsapplication and variable definitions. A deployment file contains information about theservices, service groups, endpoints, and variables that were in the AppExpert applicationconfiguration at the time the template file was created. Template files are imported fromthe /nsconfig/nstemplates/applications/ directory on the appliance. Deployment files areimported from the /nsconfig/nstemplates/applications/ deployment_files directory. Youcannot change the source directories, so import the template file and deployment file totheir respective directories before you use the command.
ParametersapptemplateFilename
The name of the AppExpert application template file.
appname
The name with which you want the AppExpert application to function on the NetScalerappliance. If you do not provide a name, the appliance assigns the application the nameof the template file.
deploymentFilename
The name of the deployment file.
Example
import app application sampleapp -apptemplatefilename sampleapp.xml -deploymentfilename deploy.xml
Top
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-application-ref.html#netscaler-crg-import-applicationhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-application-ref.html#netscaler-crg-export-application
export applicationSynopsis
export application [-apptemplateFilename ][-deploymentFilename ]
DescriptionExports application configuration information to an AppExpert application template file. Adeployment file is created along with the template file. The template file containsapplication and variable definitions. The deployment file contains information about theservices, service groups, endpoints, and variables that are in the AppExpert applicationconfiguration. The template file is exported to the /nsconfig/nstemplates/applications/directory on the appliance. The deployment file is exported to the/nsconfig/nstemplates/applications/deployment_files directory.
Parametersappname
The name of the AppExpert application whose configuration you want to export to atemplate file.
apptemplateFilename
The name with which you want to save the template file. If you do not specify a name,the template file is saved with the name of the AppExpert application.
deploymentFilename
The name with which you want to save the deployment file. If you do not specify aname, the string _deployment is automatically appended to the name of the templatefile to create the name of the deployment file.
Top
Application Commands
55
56
AppFlow Commands
This group of commands can be used to perform operations on the following entities:
appflow
appflow collector
appflow action
appflow policy
appflow policylabel
appflow param
appflow global
57
appflow
stat appflowSynopsis
stat appflow [-detail] [-fullValues] [-ntimes ] [-logFile ]
DescriptionDisplay AppFlow statistics.
58
appflow collector
[ add | rm | rename | show ]
add appflow collectorSynopsis
add appflow collector -IPAddress [-port ] [-netProfile ]
DescriptionAdd a new AppFlow collector.
Parametersname
Name of the AppFlow collector.
IPAddress
The IPv4 address of the AppFlow collector.
port
The UDP port on which the AppFlow collector is listening. Default value: 4739
netProfile
The IP address associated with this netprofile will be used as source IP for appflow trafficto this collector
Example
add appflow collector collector1 -IPAddress 192.168.1.40 -port 2055
Top
rm appflow collectorSynopsis
rm appflow collector
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-add-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-rm-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-rename-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-show-appflow-collector
DescriptionRemove an AppFlow collector.
Parametersname
Name of an AppFlow collector.
Example
rm appflow collector collector1
Top
rename appflow collectorSynopsis
rename appflow collector @ @
DescriptionRename an AppFlow collector.
Parametersname
The name of an AppFlow collector.
newName
The new name of the AppFlow collector.
Example
rename appflow collector old_name new_name
Top
appflow collector
59
show appflow collectorSynopsis
show appflow collector []
DescriptionDisplay details of all the AppFlow collectors configured on the system. Alternatively, toview the details of a particular AppFlow collector, specify its name.
Parametersname
Name of an AppFlow collector.
Example
show appflow collector collector1
Top
appflow collector
60
61
appflow action
[ add | rm | set | unset | rename | show ]
add appflow actionSynopsis
add appflow action -collectors ... [-comment ]
DescriptionCreates an AppFlow action. The action thus created can be associated with an AppFlowpolicy by using the "add appflow policy" command.
Parametersname
Name of the AppFlow action to be added.
collectors
The names of AppFlow collectors associated with the AppFlow action.
comment
Comments associated with this AppFlow action.
Example
add appflow action appflow_action_1 -collectors col1 col2
Top
rm appflow actionSynopsis
rm appflow action
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-add-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-rm-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-set-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-unset-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-rename-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-show-appflow-action
DescriptionRemove a configured AppFlow action.
Parametersname
Name of an AppFlow action.
Example
rm appflow action appflow_action_1
Top
set appflow actionSynopsis
set appflow action [-collectors ...] [-comment ]
DescriptionModify an AppFlow action.
Parametersname
The name of the AppFlow action to be modified.
collectors
The names of AppFlow collectors associated with the AppFlow action.
comment
Comments associated with this AppFlow action.
Example
set appflow action appflow_action_1 -collectors col1 col2 col3
Top
appflow action
62
unset appflow actionSynopsis
unset appflow action -comment
DescriptionUse this command to remove appflow action settings.Refer to the set appflow actioncommand for meanings of the arguments.
Top
rename appflow actionSynopsis
rename appflow action @ @
DescriptionRename an AppFlow action.
Parametersname
The name of an AppFlow action.
newName
The new name of the AppFlow action.
Example
rename appflow action old_name new_name
Top
show appflow actionSynopsis
show appflow action []
appflow action
63
DescriptionDisplay configured AppFlow action(s).
Parametersname
Name of an AppFlow action.
Example
1. show appflow action 2. show appflow action appflow_action_1
Top
appflow action
64
65
appflow policy
[ add | rm | set | unset | rename | show ]
add appflow policySynopsis
add appflow policy [-comment ]
DescriptionAdd an AppFlow policy.
Parametersname
Name of the AppFlow policy.
rule
Expression to be used by the AppFlow policy. It has to be a boolean PI rule expression.
action
AppFlow action to be used by the policy.
comment
Comments associated with this AppFlow policy.
Example
add appflow policy appflow_pol "HTTP.REQ.HEADER(\\"header\\").CONTAINS(\\"qh3\\")" appflow_act
Top
rm appflow policySynopsis
rm appflow policy
http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-add-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-rm-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-set-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-unset-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-rename-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-show-appflow-policy
DescriptionRemove an AppFlow policy.
Parametersname
Name of the AppFlow policy to be removed.
Example