NetScaler 10 Reference Material - Citrix.com Material ... Quick Start Guides ... You can refer to the following documentation for quick reference:

Reference Material

2015-05-18 16:58:51 UTC

2015 Citrix Systems, Inc. All rights reserved. Terms of Use | Trademarks | Privacy Statement

http://www.citrix.com/about/legal/legal-notice.htmlhttp://www.citrix.com/about/legal/brand-guidelines.htmlhttp://www.citrix.com/about/legal/privacy.html

Contents

Reference Material ........................................................................................... 15

Reference Material............................................................................... 16

Command Reference ....................................................................... 17

AAA Commands ........................................................................ 18

aaa ................................................................................. 19

aaa user ........................................................................... 20

aaa group ......................................................................... 25

aaa preauthenticationaction................................................... 29

aaa preauthenticationpolicy ................................................... 32

aaa stats........................................................................... 35

aaa session........................................................................ 36

aaa radiusParams ................................................................ 38

aaa ldapParams .................................................................. 41

aaa tacacsParams................................................................ 44

aaa certParams................................................................... 46

aaa parameter.................................................................... 48

aaa preauthenticationparameter.............................................. 50

aaa global ......................................................................... 52

Application Commands ............................................................... 54

AppFlow Commands................................................................... 56

appflow............................................................................ 57

appflow collector ................................................................ 58

appflow action ................................................................... 61

appflow policy.................................................................... 65

appflow policylabel.............................................................. 69

appflow param ................................................................... 73

appflow global ................................................................... 76

Application Firewall Commands .................................................... 78

appfw .............................................................................. 79

2

appfw fieldType.................................................................. 80

appfw profile ..................................................................... 83

appfw policy ...................................................................... 105

appfw policylabel ................................................................ 109

appfw confidField................................................................ 113

appfw stats ....................................................................... 116

appfw xmlerrorpage............................................................. 117

appfw htmlerrorpage............................................................ 120

appfw settings.................................................................... 123

appfw global...................................................................... 126

appfw learningsettings.......................................................... 128

appfw learningdata.............................................................. 132

appfw wsdl........................................................................ 135

appfw signatures................................................................. 137

appfw xmlschema................................................................ 140

appfw XMLContentType......................................................... 142

appfw archive .................................................................... 144

Audit Commands ...................................................................... 147

audit ............................................................................... 148

audit syslogAction ............................................................... 149

audit syslogPolicy ................................................................ 153

audit nslogAction ................................................................ 156

audit nslogPolicy ................................................................. 160

audit messageaction............................................................. 163

audit stats......................................................................... 166

audit messages ................................................................... 167

audit syslogParams .............................................................. 168

audit nslogParams ............................................................... 170

Authentication Commands........................................................... 172

authentication radiusAction.................................................... 173

authentication ldapAction...................................................... 179

authentication tacacsAction ................................................... 186

authentication negotiateAction ............................................... 190

authentication samlAction ..................................................... 193

authentication certAction ...................................................... 196

authentication localPolicy...................................................... 199

authentication radiusPolicy .................................................... 202

3

authentication certPolicy....................................................... 205

authentication ldapPolicy ...................................................... 208

authentication tacacsPolicy.................................................... 211

authentication negotiatePolicy................................................ 214

authentication samlPolicy ...................................................... 217

authentication vserver .......................................................... 220

Authorization Commands ............................................................ 227

authorization policy ............................................................. 228

authorization policylabel ....................................................... 231

Basic Commands....................................................................... 235

location............................................................................ 236

locationFile ....................................................................... 239

server .............................................................................. 241

service ............................................................................. 248

serviceGroup ..................................................................... 262

dbsMonitors ....................................................................... 275

locationData ...................................................................... 276

svcbindings........................................................................ 277

servicegroupbindings ............................................................ 278

serviceGroupMember............................................................ 279

configstatus....................................................................... 280

locationParameter............................................................... 281

vserver............................................................................. 283

uiinternal.......................................................................... 284

reporting .......................................................................... 286

nstrace ............................................................................ 288

Cache Commands...................................................................... 292

cache .............................................................................. 293

cache policy ...................................................................... 294

cache policylabel ................................................................ 299

cache contentGroup............................................................. 303

cache forwardProxy ............................................................. 314

cache selector.................................................................... 316

cache object...................................................................... 318

cache stats........................................................................ 321

cache global ...................................................................... 322

cache parameter................................................................. 324

4

CLI Commands ......................................................................... 327

config .............................................................................. 328

whoami ............................................................................ 329

exit................................................................................. 330

quit................................................................................. 331

man ................................................................................ 332

history ............................................................................. 333

help ................................................................................ 334

source.............................................................................. 336

batch............................................................................... 337

unalias ............................................................................. 338

alias ................................................................................ 339

cls .................................................................................. 340

cli attribute....................................................................... 341

cli prompt......................................................................... 342

cli mode ........................................................................... 344

Cluster Commands .................................................................... 346

cluster ............................................................................. 347

cluster instance .................................................................. 348

cluster node ...................................................................... 353

cluster files ....................................................................... 357

cluster sync ....................................................................... 358

Compression Commands.............................................................. 359

cmp ................................................................................ 360

cmp action ........................................................................ 361

cmp policy ........................................................................ 364

cmp policylabel .................................................................. 370

cmp stats.......................................................................... 374

cmp global ........................................................................ 375

cmp parameter................................................................... 378

Cache Redirection Commands....................................................... 381

cr policy ........................................................................... 382

cr vserver ......................................................................... 385

Content Switching Commands....................................................... 397

cs policy ........................................................................... 398

cs policylabel ..................................................................... 402

cs vserver ......................................................................... 406

5

cs parameter ..................................................................... 421

cs action........................................................................... 423

DB Commands.......................................................................... 427

DNS Commands ........................................................................ 430

dns ................................................................................. 432

dns aaaaRec ...................................................................... 433

dns addRec........................................................................ 436

dns txtRec......................................................................... 438

dns cnameRec .................................................................... 441

dns mxRec ........................................................................ 443

dns nsRec.......................................................................... 446

dns ptrRec ........................................................................ 448

dns srvRec......................................................................... 450

dns soaRec ........................................................................ 454

dns suffix.......................................................................... 458

dns nameServer .................................................................. 460

dns view ........................................................................... 464

dns policy ......................................................................... 466

dns zone........................................................................... 470

dns key ............................................................................ 474

dns proxyRecords ................................................................ 479

dns records ....................................................................... 480

dns stats........................................................................... 481

dns parameter.................................................................... 482

dns policylabel ................................................................... 485

dns global ......................................................................... 489

dns action ......................................................................... 491

dns nsecRec....................................................................... 495

DOS Commands ........................................................................ 496

dos ................................................................................. 497

dos policy ......................................................................... 498

dos stats........................................................................... 502

Filter Commands ...................................................................... 503

filter action....................................................................... 504

filter htmlinjectionvariable .................................................... 508

filter policy ....................................................................... 511

filter prebodyInjection.......................................................... 515

6

filter postbodyInjection......................................................... 517

filter htmlinjectionparameter ................................................. 519

filter global ....................................................................... 521

GSLB Commands ....................................................................... 523

gslb site ........................................................................... 524

gslb service ....................................................................... 529

gslb vserver ....................................................................... 538

gslb runningConfig ............................................................... 550

gslb domain ....................................................................... 551

gslb ldnsentries .................................................................. 552

gslb parameter ................................................................... 553

gslb ldnsentry .................................................................... 555

gslb config ........................................................................ 556

gslb syncStatus ................................................................... 558

HA Commands.......................................................................... 559

HA node ........................................................................... 560

HA sync ............................................................................ 565

HA files ............................................................................ 566

HA failover ........................................................................ 567

IPSec Commands....................................................................... 568

ipsec profile ...................................................................... 569

ipsec parameter.................................................................. 572

ipsec counters .................................................................... 574

LB Commands .......................................................................... 575

lb monitor......................................................................... 576

lb route............................................................................ 597

lb route6 .......................................................................... 599

lb vserver ......................................................................... 601

lb metricTable ................................................................... 624

lb monbindings ................................................................... 628

lb persistentSessions ............................................................ 629

lb group ........................................................................... 630

lb sipParameters ................................................................. 635

lb parameter...................................................................... 637

Networking Commands ............................................................... 640

arp ................................................................................. 642

channel ............................................................................ 645

7

fis................................................................................... 651

route ............................................................................... 654

vlan ................................................................................ 660

vrID................................................................................. 666

vrID6 ............................................................................... 672

route6 ............................................................................. 675

nd6 ................................................................................. 680

inat................................................................................. 683

bridgegroup....................................................................... 687

ipTunnel ........................................................................... 692

ip6Tunnel ......................................................................... 695

netbridge.......................................................................... 697

ipset ............................................................................... 700

linkset ............................................................................. 703

netProfile ......................................................................... 706

arpparam.......................................................................... 709

ci ................................................................................... 711

interface .......................................................................... 712

rnat ................................................................................ 720

bridgetable ....................................................................... 723

bridge.............................................................................. 725

lacp ................................................................................ 726

rnatparam......................................................................... 727

rnatip .............................................................................. 729

vrIDParam ......................................................................... 730

ipv6 ................................................................................ 732

ipTunnelParam ................................................................... 734

ip6TunnelParam.................................................................. 736

L2Param ........................................................................... 738

L3Param ........................................................................... 741

forwardingSession................................................................ 743

ptp ................................................................................. 746

rnat6 ............................................................................... 747

NS Commands .......................................................................... 751

shutdown.......................................................................... 753

reboot ............................................................................. 754

ns ................................................................................... 755

8

ns limitIdentifier ................................................................. 757

ns acl .............................................................................. 762

ns acl6 ............................................................................. 770

ns ip6 .............................................................................. 778

ns ip................................................................................ 784

ns simpleacl....................................................................... 792

ns simpleacl6 ..................................................................... 795

ns pbr .............................................................................. 799

ns xmlnamespace ................................................................ 806

ns tcpProfile ...................................................................... 809

ns httpProfile..................................................................... 816

ns stats ............................................................................ 822

ns ns.conf ......................................................................... 823

ns savedConfig ................................................................... 824

ns runningConfig ................................................................. 825

ns acls ............................................................................. 826

ns info ............................................................................. 828

ns license.......................................................................... 830

ns version ......................................................................... 831

ns config........................................................................... 832

ns param .......................................................................... 841

ns acls6 ............................................................................ 848

ns pbrs ............................................................................. 850

ns connectiontable .............................................................. 852

ns limitSessions................................................................... 854

ns hostName ...................................................................... 855

ns surgeQ.......................................................................... 857

ns feature ......................................................................... 858

ns mode ........................................................................... 860

ns dhcpParams ................................................................... 862

ns dhcpIp .......................................................................... 864

ns spParams....................................................................... 865

ns tcpbufParam .................................................................. 867

ns tcpParam ...................................................................... 869

ns httpParam ..................................................................... 873

ns weblogparam.................................................................. 875

ns diameter ....................................................................... 876

9

ns rateControl .................................................................... 878

ns rpcNode ........................................................................ 880

ns timeout ........................................................................ 883

ns hardware....................................................................... 886

ns events .......................................................................... 887

ns encryptionParams ............................................................ 888

ns rollbackcmd ................................................................... 890

ns memory ........................................................................ 891

ns pbr6............................................................................. 892

NTP Commands ........................................................................ 900

ntp server ......................................................................... 901

ntp sync ........................................................................... 905

ntp status ......................................................................... 906

ntp param......................................................................... 907

Policy Commands...................................................................... 909

policy expression................................................................. 910

policy map ........................................................................ 913

policy patset...................................................................... 916

policy dataset .................................................................... 919

policy httpCallout................................................................ 922

policy stringmap ................................................................. 926

PQ Commands.......................................................................... 930

pq .................................................................................. 931

pq policy .......................................................................... 932

pq stats............................................................................ 936

Protocol Commands................................................................... 937

protocol tcp ...................................................................... 938

protocol http ..................................................................... 939

protocol icmp..................................................................... 940

protocol ipv6 ..................................................................... 941

protocol icmpv6.................................................................. 942

protocol ip ........................................................................ 943

protocol udp ...................................................................... 944

protocol httpBand ............................................................... 945

Responder Commands ................................................................ 947

responder policy ................................................................. 948

responder action ................................................................. 953

10

responder policylabel ........................................................... 958

responder global ................................................................. 962

responder param................................................................. 964

responder htmlpage ............................................................. 966

Rewrite Commands ................................................................... 969

rewrite policy .................................................................... 970

rewrite action .................................................................... 975

rewrite policylabel .............................................................. 982

rewrite global .................................................................... 986

rewrite param .................................................................... 989

Router Commands..................................................................... 991

SC Commands .......................................................................... 992

sc ................................................................................... 993

sc policy ........................................................................... 994

sc stats ............................................................................ 999

sc parameter ..................................................................... 1000

SNMP Commands ...................................................................... 1002

snmp ............................................................................... 1003

snmp community................................................................. 1004

snmp manager.................................................................... 1007

snmp trap ......................................................................... 1011

snmp group ....................................................................... 1016

snmp view......................................................................... 1019

snmp user ......................................................................... 1022

snmp oid........................................................................... 1025

snmp stats ........................................................................ 1026

snmp alarm ....................................................................... 1027

snmp mib.......................................................................... 1036

snmp engineId .................................................................... 1038

snmp option ...................................................................... 1040

SSL Commands ......................................................................... 1042

ssl .................................................................................. 1044

ssl fipsKey......................................................................... 1045

ssl wrapkey ....................................................................... 1049

ssl certKey ........................................................................ 1051

ssl ciphersuite .................................................................... 1060

ssl cipher .......................................................................... 1061

11

ssl crl .............................................................................. 1066

ssl action .......................................................................... 1074

ssl policy .......................................................................... 1078

ssl policylabel .................................................................... 1082

ssl ocspResponder ............................................................... 1085

ssl rsakey.......................................................................... 1090

ssl pkcs12 ......................................................................... 1092

ssl pkcs8 ........................................................................... 1093

ssl dhParam ....................................................................... 1094

ssl dsaKey ......................................................................... 1095

ssl certLink........................................................................ 1096

ssl certReq ........................................................................ 1097

ssl cert............................................................................. 1099

ssl stats ............................................................................ 1102

ssl parameter..................................................................... 1103

ssl fips ............................................................................. 1106

ssl service ......................................................................... 1109

ssl serviceGroup.................................................................. 1115

ssl vserver......................................................................... 1119

ssl fipsSIMTarget ................................................................. 1125

ssl fipsSIMSource ................................................................. 1127

ssl global .......................................................................... 1129

Stream Commands .................................................................... 1131

stream selector .................................................................. 1132

stream identifier................................................................. 1135

stream session.................................................................... 1138

System Commands .................................................................... 1139

system ............................................................................. 1140

system cmdPolicy ................................................................ 1141

system user ....................................................................... 1144

system group ..................................................................... 1148

system session.................................................................... 1152

system cpu ........................................................................ 1154

system memory .................................................................. 1155

system entitydata................................................................ 1156

system entity ..................................................................... 1158

system globaldata ............................................................... 1159

12

system counters.................................................................. 1160

system countergroup ............................................................ 1161

system eventhistory ............................................................. 1162

system core ....................................................................... 1163

system dataSource............................................................... 1164

system global ..................................................................... 1165

system collectionparam......................................................... 1167

system parameter ............................................................... 1169

TM Commands ......................................................................... 1171

tm sessionPolicy.................................................................. 1172

tm sessionAction ................................................................. 1175

tm trafficPolicy .................................................................. 1179

tm formSSOAction ............................................................... 1182

tm trafficAction.................................................................. 1186

tm global .......................................................................... 1189

tm sessionParameter ............................................................ 1191

Transform Commands ................................................................ 1193

transform profile................................................................. 1194

transform action ................................................................. 1197

transform policy ................................................................. 1200

transform policylabel ........................................................... 1205

transform global ................................................................. 1209

Tunnel Commands..................................................................... 1211

tunnel trafficPolicy .............................................................. 1212

tunnel global ..................................................................... 1216

Utility Commands ..................................................................... 1219

nstrace ............................................................................ 1220

scp ................................................................................. 1222

shell................................................................................ 1223

install .............................................................................. 1224

grep ................................................................................ 1225

traceroute6 ....................................................................... 1227

traceroute ........................................................................ 1229

ping6 ............................................................................... 1231

ping ................................................................................ 1233

techsupport....................................................................... 1235

callhome .......................................................................... 1236

13

VPN Commands ........................................................................ 1238

vpn ................................................................................. 1239

vpn vserver ....................................................................... 1240

vpn intranetApplication......................................................... 1249

vpn nextHopServer .............................................................. 1251

vpn trafficPolicy ................................................................. 1253

vpn trafficAction................................................................. 1256

vpn formSSOAction .............................................................. 1259

vpn url ............................................................................. 1263

vpn sessionPolicy................................................................. 1266

vpn sessionAction ................................................................ 1269

vpn clientlessAccessPolicy...................................................... 1283

vpn clientlessAccessProfile..................................................... 1286

vpn stats .......................................................................... 1290

vpn icaConnection ............................................................... 1291

vpn global ......................................................................... 1292

vpn parameter ................................................................... 1295

WI Commands.......................................................................... 1303

wi site ............................................................................. 1304

wi package ........................................................................ 1311

Documentation Library .................................................................... 1313

Release Notes.......................................................................... 1314

Quick Start Guides .................................................................... 1315

Configuration Guides ................................................................. 1316

Reference Guides ..................................................................... 1317

Glossary ...................................................................................... 1318

14

15

Reference Material

You can refer to the following documentation for quick reference:

Command Reference

Documentation Library

Note: We are in the process of transitioning reference documentation to Citrix eDocs.The following reference documentation is available in Citrix Knowledge Center(http://support.citrix.com/productdocs/). When you click these links, you will leave thesite. We recommend that you book mark this site so you can easily return to it.

NetScaler Developer's Guide

NetScaler Log Message Reference

NetScaler SNMP OID Reference

NetScaler Glossary

http://support.citrix.com/proddocs/topic/ns-reference-map-10-1/netscaler-crg-gen-wrapper-con.htmlhttp://support.citrix.com/productdocs/http://support.citrix.com/article/CTX132367http://support.citrix.com/article/CTX132382http://support.citrix.com/article/CTX132381http://support.citrix.com/article/CTX132383

16

Command Reference

Provides basic information of the NetScaler command line interface and also provides thecommands to configure and retrieve details of the appliance.

17

Command Reference

Provides basic information of the NetScaler command line interface and also provides thecommands to configure and retrieve details of the appliance.

18

AAA Commands

This group of commands can be used to perform operations on the following entities:

aaa

aaa user

aaa group

aaa preauthenticationaction

aaa preauthenticationpolicy

aaa stats

aaa session

aaa radiusParams

aaa ldapParams

aaa tacacsParams

aaa certParams

aaa parameter

aaa preauthenticationparameter

aaa global

19

aaa

stat aaaSynopsis

stat aaa [-detail] [-fullValues] [-ntimes ] [-logFile ]

DescriptionDisplay aaa statistics

20

aaa user

[ add | rm | set | bind | unbind | show ]

add aaa userSynopsis

add aaa user {-password }

DescriptionAdd an AAA user.

ParametersuserName

The name of the user.

password

Enter this keyword to create or change the user's password. The entered password is notdisplayed. If no password is given for a new user then the user will be authenticatedexternally.

Example

add aaa user johndoe -password abcdadd aaa user johndoe -passwordThe above example adds user johndoe with password abcd for first case, password supplied on promptfor second case

Top

rm aaa userSynopsis

rm aaa user

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-add-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-rm-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-set-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-bind-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-unbind-aaa-userhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-user-ref.html#netscaler-crg-show-aaa-user

DescriptionRemove the AAA user.

ParametersuserName

The name of the AAA user.

Top

set aaa userSynopsis

set aaa user

DescriptionModify the parameters for the existing AAA user.

ParametersuserName

The name of the user.

password

Enter this keyword to create or change the user's password. The entered password is notdisplayed. If no password is given for a new user then the user will be authenticatedexternally.

Example

set aaa user johndoe password abcdThe above command sets the password for johndoe to abcd

Top

bind aaa userSynopsis

bind aaa user [-policy [-priority ]][-intranetApplication ] [-urlName ] [-intranetIP []]

aaa user

21

DescriptionBind the resources (policy/intranetip/intranetapplication/url) to a user.

ParametersuserName

The user name.

policy

the policy to be bound to aaa user.

intranetApplication

The intranet vpn application.

urlName

The intranet url

intranetIP

The IP address to be bound to this user and used to access the Intranet

Example

To bind intranetip to the user joe: bind aaa user joe -intranetip 10.102.1.123

Top

unbind aaa userSynopsis

unbind aaa user [-policy ] [-intranetApplication ] [-urlName] [-intranetIP []]

DescriptionUnbind the resource(policy/intranetip/intranetapplication/url) from an AAA user

ParametersuserName

The user name.

aaa user

22

policy

The policy to be unbound to an aaa user.

intranetApplication


urlName

The intranet url

intranetIP

The Intranet IP to be unbound

Example

unbind AAA user joe -intranetip 10.102.1.123

Top

show aaa userSynopsis

show aaa user [] [-loggedIn]

DescriptionDisplay the AAA user detail.

ParametersuserName

The user name.

loggedIn

The loggedin flag. When this flag is turned on, the system displays the names of alllogged-in users. If a user name is included, the system displays whether the user islogged in or not.

Example

Example> show aaa user joe UserName: joe IntranetIP: 10.102.1.123

aaa user

23

Bound to groups: GroupName: engg Done>

Top

aaa user

24

25

aaa group

[ add | rm | bind | unbind | show ]

add aaa groupSynopsis

add aaa group

DescriptionAdd an AAA group. To associate AAA users with an AAA group, use the command "bind AAAgroup ... -username ...". You can bind different policies to each AAA group. Use thecommand "bind AAA group ... -policy ...". You can also bind ranges of Intranet IP addressesto an AAA group. For example, the administrator may want to assign pools of Intranet IPaddresses to groups or departments.

ParametersgroupName

The name of the group.

Example

add aaa group group_ad

Top

rm aaa groupSynopsis

rm aaa group

DescriptionRemove an AAA group. To associate AAA users with an AAA group, use the command "bindAAA group ... -username ...". You can bind different policies to each AAA group. Use thecommand "bind AAA group ... -policy ...". You can also bind ranges of Intranet IP addressesto an AAA group. For example, the administrator may want to assign pools of Intranet IPaddresses to groups or departments.

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-add-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-rm-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-bind-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-unbind-aaa-grouphttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-group-ref.html#netscaler-crg-show-aaa-group

ParametersgroupName

The name of the group . Note: Any user sessions belonging to the group are removed.The user must log in again.

Top

bind aaa groupSynopsis

bind aaa group [-userName ] [-policy [-priority]] [-intranetApplication ] [-urlName ] [-intranetIP ]

DescriptionBind the resource(User/Intranet IP /Policy/Intranet Application) to a group. To associateAAA users with an AAA group, use the command "bind AAA group ... -username ...". You canbind different policies to each AAA group. Use the command "bind AAA group ... -policy ...".You can also bind ranges of Intranet IP addresses to an AAA group. For example, theadministrator may want to assign pools of Intranet IP addresses to groups or departments.

ParametersgroupName

The group name.

userName

The user that the group is bound to. If the user belongs to more than one group, thegroup expressions are evaluated at authorization to determine the appropriate action.

policy

The policy to be bound to an AAA group.

intranetApplication


urlName

The intranet url.

intranetIP

The ip-block or IP address to be bound with this group. This is the block or address thatwill be used when members of this group access Intranet resources.

aaa group

26

Example

To bind an Intranet IP to the group engg: bind aaa group engg -intranetip 10.102.10.0 255.255.255.0

Top

unbind aaa groupSynopsis

unbind aaa group [-userName ...] [-policy ][-intranetApplication ] [-urlName ] [-intranetIP ]

DescriptionUnbind the resource (User/Intranet IP/Policy/Intranet Application) from a group. Toassociate AAA users with an AAA group, use the command "bind AAA group ... -username...". You can bind different policies to each AAA group. Use the command "bind AAA group... -policy ...". You can also bind ranges of Intranet IP addresses to an AAA group. Forexample, the administrator may want to assign pools of Intranet IP addresses to groups ordepartments.

ParametersgroupName

The group name.

userName

The user to be unbound from the group.

policy

The policy to be unbound from the AAA group,

intranetApplication


urlName

The intranet url.

intranetIP

The Intranet IP to be unbound from the group

Example

aaa group

27

unbind aaa group engg -intranetip 10.102.10.0 255.255.255.0

Top

show aaa groupSynopsis

show aaa group [] [-loggedIn]

DescriptionDisplay details of the AAA group. To associate AAA users with an AAA group, use thecommand "bind AAA group ... -username ...". You can bind different policies to each AAAgroup. Use the command "bind AAA group ... -policy ...". You can also bind ranges ofIntranet IP addresses to an AAA group. For example, the administrator may want to assignpools of Intranet IP addresses to groups or departments.

ParametersgroupName

The group name.

loggedIn

The loggedin flag. When this flag is turned on, the system displays the names of the usersin a group if at least one user in the group is logged in. When used with a group name,the system lists the users in the group who are logged in.

Example

> show aaa group engg GroupName: engg

Bound AAA users: UserName: joe UserName: jane

Intranetip IP: 10.102.10.0 Netmask: 255.255.255.0 Done>

Top

aaa group

28

29


[ add | rm | set | unset | show ]

add aaa preauthenticationactionSynopsis

add aaa preauthenticationaction [] [-killProcess ][-deletefiles ]

DescriptionAdd actions for end point analysis (EPA) clients before authentication.

Parametersname

The name of the Preauthentication action.

preauthenticationaction

Deny or allow login after end point analysis results. Possible values: ALLOW, DENY

killProcess

Processes to be killed by the EPA tool.

deletefiles

Files to be deleted by EPA tool.

Top

rm aaa preauthenticationactionSynopsis

rm aaa preauthenticationaction

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-add-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-rm-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-set-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-unset-aaa-preauthenticationactionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationaction-ref.html#netscaler-crg-show-aaa-preauthenticationaction

DescriptionRemove a previously created Pre-authentication action. Note that an action cannot beremoved as long as it is configured in a policy.

Parametersname

The name of the action to be removed.

Top

set aaa preauthenticationactionSynopsis

set aaa preauthenticationaction [] [-killProcess ][-deletefiles ]

DescriptionChange properties of a Pre-authentication action.

Parametersname

The name of the Preauthentication action.

preauthenticationaction


killProcess

Processes to be killed by EPA tool.

deletefiles

Files to be deleted by EPA tool.

Top


30

unset aaa preauthenticationactionSynopsis

unset aaa preauthenticationaction [-killProcess] [-deletefiles]

DescriptionUse this command to remove aaa preauthenticationaction settings.Refer to the set aaapreauthenticationaction command for meanings of the arguments.

Top

show aaa preauthenticationactionSynopsis

show aaa preauthenticationaction []

DescriptionDisplay details of the configured Pre-authentication action(s).

Parametersname

The name of the RADIUS action.

Top


31

32


[ add | rm | set | show ]

add aaa preauthenticationpolicySynopsis

add aaa preauthenticationpolicy []

DescriptionAdd a Radius authentication policy. The policy defines expressions to be evaluated by theEPA tool.

Parametersname

The name to assign to the new Pre-authentication policy.

rule

The name of the rule or expression that the policy will use.

reqAction

The name of the RADIUS action the policy will use.

Top

rm aaa preauthenticationpolicySynopsis

rm aaa preauthenticationpolicy

DescriptionRemove a Pre-authentication policy.

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-add-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-rm-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-set-aaa-preauthenticationpolicyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationpolicy-ref.html#netscaler-crg-show-aaa-preauthenticationpolicy

Parametersname

The name of the Pre-authentication policy to remove.

Top

set aaa preauthenticationpolicySynopsis

set aaa preauthenticationpolicy [-rule ] [-reqAction ]

DescriptionChange the properties of a Pre-authentication policy.

Parametersname

The name of the policy.

rule

The new rule to be associated with the policy.

reqAction

The new Pre-authentication action to be associated with the policy.

Top

show aaa preauthenticationpolicySynopsis

show aaa preauthenticationpolicy []

DescriptionDisplay configured Pre-authentication policies.

Parametersname


33

The name of the policy. If this option is not provided, all of the configured RADIUSpolicies will be displayed.

Top


34

35

aaa stats

show aaa statsSynopsis

show aaa stats - alias for 'stat aaa'

Descriptionshow aaa stats is an alias for stat aaa

36

aaa session

[ show | kill ]

show aaa sessionSynopsis

show aaa session [-userName ] [-groupName ] [-intranetIP []]

DescriptionDisplay the connections initated by the user

ParametersuserName

The user name.

groupName

The group name.

intranetIP

Intranet IP address.

Example

> show aaa connection ClintIp (ClientPort) -> ServerIp(ServerPort) ------------------------- ----------------------------User Name: Joe

10.102.0.39 (2318 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2320 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2340 ) -> 10.102.4.245 (443 )

Done>

Top

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-session-ref.html#netscaler-crg-show-aaa-sessionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-session-ref.html#netscaler-crg-kill-aaa-session

kill aaa sessionSynopsis

kill aaa session [-userName ] [-groupName ] [-intranetIP []] [-all]

DescriptionKill the user sessions

ParametersuserName

The user name. The system will terminate the session initiated by the named user.

groupName

The group name. The system will terminate the sessions of all the users within thenamed group.

intranetIP

The Intranet IP address. The system will terminate all sessions using the named intranetIP address

all

Terminate the sessions of all users who are currently logged in.

Example

kill aaa session -user joe

Top

aaa session

37

38

aaa radiusParams

[ set | unset | show ]

set aaa radiusParamsSynopsis

set aaa radiusParams [-serverIP ] [-serverPort ] [-authTimeout] {-radKey } [-radNASip ( ENABLED | DISABLED )] [-radNASid ][-radVendorID ] [-radAttributeType ] [-radGroupsPrefix] [-radGroupSeparator ] [-passEncoding ] [-ipVendorID] [-ipAttributeType ] [-accounting ( ON | OFF )][-pwdVendorID ] [-pwdAttributeType ]

DescriptionModify the global variables for the RADIUS server. It will be used globally in SSL-VPN acrossall Vservers unless you create a vserver-specific configuration using authentication policies.

ParametersserverIP

The IP address of the RADIUS server.

serverPort

The port number on which the RADIUS server is running. Default value: 1812 Minimumvalue: 1

authTimeout

The maximum number of seconds the system will wait for a response from the RADIUSserver. Default value: 3 Minimum value: 1

radKey

The key shared between the client and the server. This information is required for thesystem to communicate with the RADIUS server.

radNASip

The option to send the NetScaler's IP address (NSIP) to the server as the "nasip" (NetworkAccess Server IP) part of the Radius protocol. Possible values: ENABLED, DISABLED

radNASid

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-set-aaa-radiusparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-unset-aaa-radiusparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-radiusparams-ref.html#netscaler-crg-show-aaa-radiusparams

The nasid (Network Access Server ID). If configured, this string will be sent to the RADIUSserver as the "nasid" part of the Radius protocol.

radVendorID

The Vendor ID for Radius group extraction. Minimum value: 1

radAttributeType

The Attribute type for Radius group extraction. Minimum value: 1

radGroupsPrefix

The groups prefix string that precedes the group names within a RADIUS attribute forRADIUS group extraction.

radGroupSeparator

The group separator string that delimits group names within a RADIUS attribute forRADIUS group extraction.

passEncoding

The option to encode the password in the Radius packets traveling from the NetScaler tothe Radius server. Possible values: pap, chap, mschapv1, mschapv2 Default value:AAA_PAP

ipVendorID

The vendor ID of the attribute in the RADIUS response. The vendor ID denotes theintranet IP. The value of 0 denotes that the attribute is not vendor-encoded.

ipAttributeType

The attribute type of the remote IP address attribute in a RADIUS response. Minimumvalue: 1

accounting

The state of the RADIUS server to receive accounting messages. Possible values: ON, OFF

pwdVendorID

Vendor ID of the attribute in the RADIUS response which will be used to extract the userPassword. Minimum value: 1

Example

To configure the default RADIUS parameters:set aaa radiusparams -serverip 192.30.1.2 -radkey sslvpn

Top

aaa radiusParams

39

unset aaa radiusParamsSynopsis

unset aaa radiusParams [-serverIP] [-serverPort] [-authTimeout] [-radNASip] [-radNASid][-radVendorID] [-radAttributeType] [-radGroupsPrefix] [-radGroupSeparator][-passEncoding] [-ipVendorID] [-ipAttributeType] [-accounting] [-pwdVendorID][-pwdAttributeType]

DescriptionUse this command to remove aaa radiusParams settings.Refer to the set aaa radiusParamscommand for meanings of the arguments.

Top

show aaa radiusParamsSynopsis

show aaa radiusParams

DescriptionDisplay the configured RADIUS parameters.

Example

> show aaa radiusparamsConfigured RADIUS parameters Server IP: 127.0.0.2 Port: 1812 key: secret Timeout: 10 Done>

Top

aaa radiusParams

40

41

aaa ldapParams


set aaa ldapParamsSynopsis

set aaa ldapParams [-serverIP ] [-serverPort ] [-authTimeout] [-ldapBase ] [-ldapBindDn ] {-ldapBindDnPassword }[-ldapLoginName ] [-searchFilter ] [-groupAttrName ][-subAttributeName ] [-secType ] [-svrType ( AD | NDS )][-ssoNameAttribute ] [-passwdChange ( ENABLED | DISABLED )][-nestedGroupExtraction ( ON | OFF )] [-maxNestingLevel ][-groupNameIdentifier ] [-groupSearchAttribute [-groupSearchSubAttribute]] [-groupSearchFilter ]

DescriptionSet the global variables for the LDAP server. It is used globally in SSL-VPN across allVservers unless you create a vserver-specific configuration using authentication policies.

ParametersserverIP

The IP address of the LDAP server. The default value is localhost.

serverPort

The port number on which the LDAP server is running. Default value: 389 Minimum value:1

authTimeout

The maximum number of seconds the system will wait for a response from the LDAPserver. Default value: 3 Minimum value: 1

ldapBase

The base or node where the ldapsearch should start. If the LDAP server is running locally,the default value of base is dc=netscaler, dc=com.

ldapBindDn

The full distinguished name that is used to bind to the LDAP server.

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-set-aaa-ldapparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-unset-aaa-ldapparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-ldapparams-ref.html#netscaler-crg-show-aaa-ldapparams

ldapBindDnPassword

The password used to bind to the LDAP server.

ldapLoginName

The name attribute used by the system to query the external LDAP server or an ActiveDirectory.

searchFilter

The String to be combined with the default LDAP user search string to form the value.For example, vpnallowed=true with ldaploginame "samaccount" and user-suppliedusername "bob" would yield the LDAP search string"(&(vpnallowed=true)(samaccount=bob)".

groupAttrName

The attribute name for group extraction from the LDAP server

subAttributeName

The Sub-Attribute name for group extraction from LDAP server

secType

The type of communication between the system and the LDAP server. The values are:PLAINTEXT: No encryption required. TLS: To use the TLS protocol to communicate. SSL:To use the SSL Protocol to communicate. Possible values: PLAINTEXT, TLS, SSL Defaultvalue: AAA_LDAP_PLAINTEXT

svrType

The type of LDAP server. Possible values: AD, NDS Default value:AAA_LDAP_SERVER_TYPE_DEFAULT

ssoNameAttribute

The attribute used by the system to query the external LDAP server (or an ActiveDirectory) for an alternate username to be used in Single Sign-On.

passwdChange

Enabling this option does not block password change request.Disabling would blockpassword change request. Possible values: ENABLED, DISABLED Default value: DISABLED

nestedGroupExtraction

Setting this option to ON enables the nested group extraction feature where the systemqueries the external LDAP server to determine if a group belongs to another groupPossible values: ON, OFF Default value: OFF

Example

aaa ldapParams

42

To configure authentication in the LDAP server running at 192.40.1.2:set aaa ldapparams -serverip 192.40.1.2 -ldapbase "dc=netscaler,dc=com" -ldapBindDN "cn=Manager,dc=netscaler,dc=com" -ldapBindDnPassword secret -ldaploginname uid

Top

unset aaa ldapParamsSynopsis

unset aaa ldapParams [-serverIP] [-serverPort] [-authTimeout] [-ldapBase] [-ldapBindDn][-ldapBindDnPassword] [-ldapLoginName] [-searchFilter] [-groupAttrName][-subAttributeName] [-secType] [-svrType] [-ssoNameAttribute] [-passwdChange][-nestedGroupExtraction] [-maxNestingLevel] [-groupNameIdentifier][-groupSearchAttribute] [-groupSearchSubAttribute] [-groupSearchFilter]

DescriptionUse this command to remove aaa ldapParams settings.Refer to the set aaa ldapParamscommand for meanings of the arguments.

Top

show aaa ldapParamsSynopsis

show aaa ldapParams

DescriptionDisplay the configured LDAP parameters.

Example

> show aaa ldapparamsConfigured LDAP parameters Server IP: 127.0.0.1 Port: 389 Timeout: 1 BindDn: cn=Manager,dc=florazel,dc=com login: uid Base: dc=florazel,dc=com Secure Type: PLAINTEXTDone>

Top

aaa ldapParams

43

44

aaa tacacsParams


set aaa tacacsParamsSynopsis

set aaa tacacsParams [-serverIP ] [-serverPort ] [-authTimeout] {-tacacsSecret } [-authorization ( ON | OFF )] [-accounting ( ON | OFF )][-auditFailedCmds ( ON | OFF )]

DescriptionSet the global variables for the TACACS+ server. It is used globally in SSL-VPN across allVservers unless a vserver-specific configuration is done using authentication policies.

ParametersserverIP

The IP address of the TACACS+ server.

serverPort

The port on which the TACACS+ server is running. Default value: 49 Minimum value: 1

authTimeout

The maximum number of seconds the system will wait for a response from the TACACS+server. Default value: 3 Minimum value: 1

tacacsSecret

The key shared between the client and the server. This information is required for thesystem to communicate with the TACACS+ server.

authorization

The option for streaming authorization for the TACACS+ server. Possible values: ON, OFF

accounting

The option for sending accounting messages to the TACACS+ server. Possible values: ON,OFF

auditFailedCmds

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-set-aaa-tacacsparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-unset-aaa-tacacsparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-tacacsparams-ref.html#netscaler-crg-show-aaa-tacacsparams

The option for sending accounting messages to the TACACS+ server. Possible values: ON,OFF

Example

To configure a TACACS+ server running at 192.168.1.20 set aaa tacacsparams -serverip 192.168.1.20 -tacacssecret secret

Top

unset aaa tacacsParamsSynopsis

unset aaa tacacsParams [-serverIP] [-serverPort] [-authTimeout] [-tacacsSecret][-authorization] [-accounting] [-auditFailedCmds]

DescriptionUse this command to remove aaa tacacsParams settings.Refer to the set aaa tacacsParamscommand for meanings of the arguments.

Top

show aaa tacacsParamsSynopsis

show aaa tacacsParams

DescriptionDisplay configured AAA TACACS+ server parameters.

Example

> sh aaa tacacsparamsConfigured TACACS parameter Server IP: 192.168.1.20 Port: 49 Timeout: 1 secsDone

Top

aaa tacacsParams

45

46

aaa certParams


set aaa certParamsSynopsis

set aaa certParams [-userNameField ] [-groupNameField ]

DescriptionSet the global variables for a certificate policy. It is used globally in SSL-VPN across allVservers unless vserver-specific configuration is done using authentication policies.

ParametersuserNameField

The field in the client certificate to extract the username from. Should be of the format. Allowed values for field are "Subject" and "Issuer".

groupNameField

The certificate field to extract the group from. Should be of the format .Allowed values for field are "Subject" and "Issuer".

Example

To configure the default certificate parameters: set aaa certparams -userNameField "Subject:CN" -groupNameField "Subject:OU"

Top

unset aaa certParamsSynopsis

unset aaa certParams [-userNameField] [-groupNameField]

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-set-aaa-certparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-unset-aaa-certparamshttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-certparams-ref.html#netscaler-crg-show-aaa-certparams

DescriptionUse this command to remove aaa certParams settings.Refer to the set aaa certParamscommand for meanings of the arguments.

Top

show aaa certParamsSynopsis

show aaa certParams

DescriptionDisplay the configured CERT parameters.

Top

aaa certParams

47

48

aaa parameter


set aaa parameterSynopsis

set aaa parameter [-enableStaticPageCaching ( YES | NO )] [-defaultAuthType] [-maxAAAUsers ] [-aaadnatIp ]

DescriptionSet the global AAA parameters. This will override the default authentication server setting.

ParametersenableStaticPageCaching

The default state of VPN Static Page caching. If nothing is specified, the default value isset to ON. Possible values: YES, NO Default value: STATIC_PAGE_CACHING_ENABLED

defaultAuthType

The default authentication server type. If nothing is specified, the default value is set toLocal. Possible values: LOCAL, LDAP, RADIUS, TACACS, CERT Default value: LOCAL_AUTH

maxAAAUsers

The maximum number of concurrent users allowed to login in to the system at any giventime. Minimum value: 1 Maximum value: 65535

aaadnatIp

The source ip to be used for the traffic going to authentication servers

Example

set aaa parameter -defaultAuthType RADIUS -maxAAAUSers 100

Top

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-set-aaa-parameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-unset-aaa-parameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-parameter-ref.html#netscaler-crg-show-aaa-parameter

unset aaa parameterSynopsis

unset aaa parameter [-enableStaticPageCaching] [-defaultAuthType] [-maxAAAUsers][-aaadnatIp]

DescriptionSet default aaa paramter.Refer to the set aaa parameter command for meanings of thearguments.

Top

show aaa parameterSynopsis

show aaa parameter

DescriptionDisplays the configured AAA parameters .

Example

> show aaa parameterConfigured AAA parameters DefaultAuthType: LDAP MaxAAAUsers: 5 Done>

Top

aaa parameter

49

50



set aaa preauthenticationparameterSynopsis

set aaa preauthenticationparameter [-preauthenticationaction ( ALLOW | DENY )] [-rule] [-killProcess ] [-deletefiles ]

DescriptionSets the default end point analysis (EPA) parameters before authentication.

Parameterspreauthenticationaction


rule

The name of the rule, or expression, to be evaluated by the EPA tool.

killProcess

Processes to be killed by the EPA tool.

deletefiles

Files to be deleted by the EPA tool.

Top

unset aaa preauthenticationparameterSynopsis

unset aaa preauthenticationparameter [-rule] [-preauthenticationaction] [-killProcess][-deletefiles]

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-set-aaa-preauthenticationparameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-unset-aaa-preauthenticationparameterhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-preauthenticationparameter-ref.html#netscaler-crg-show-aaa-preauthenticationparameter

DescriptionSet default end point analysis(EPA) parameters before authentication. .Refer to the set aaapreauthenticationparameter command for meanings of the arguments.

Top

show aaa preauthenticationparameterSynopsis

show aaa preauthenticationparameter

DescriptionDisplay details of the configured Pre-authentication parameter(s).

Top


51

52

aaa global

[ bind | unbind | show ]

bind aaa globalSynopsis

bind aaa global (-policy [-priority ])

DescriptionBinds the policy globally.

Parameterspolicy

The policy to be bound globally.

Example

bind aaa global -pol pol1

Top

unbind aaa globalSynopsis

unbind aaa global -policy

DescriptionUnbind the policy globally

Parameterspolicy

The policy to be unbound to the AAA user.

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-bind-aaa-globalhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-unbind-aaa-globalhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-aaa-global-ref.html#netscaler-crg-show-aaa-global

Top

show aaa globalSynopsis

show aaa global

DescriptionDisplay details of the configured policies aaa global.

Top

aaa global

53

54

Application Commands

[ import | export ]

import applicationSynopsis

import application [-appname ] [-deploymentFilename]

DescriptionImports application configuration information from an AppExpert application template file.You can specify a deployment file along with the template file. A template file containsapplication and variable definitions. A deployment file contains information about theservices, service groups, endpoints, and variables that were in the AppExpert applicationconfiguration at the time the template file was created. Template files are imported fromthe /nsconfig/nstemplates/applications/ directory on the appliance. Deployment files areimported from the /nsconfig/nstemplates/applications/ deployment_files directory. Youcannot change the source directories, so import the template file and deployment file totheir respective directories before you use the command.

ParametersapptemplateFilename

The name of the AppExpert application template file.

appname

The name with which you want the AppExpert application to function on the NetScalerappliance. If you do not provide a name, the appliance assigns the application the nameof the template file.

deploymentFilename

The name of the deployment file.

Example

import app application sampleapp -apptemplatefilename sampleapp.xml -deploymentfilename deploy.xml

Top

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-application-ref.html#netscaler-crg-import-applicationhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-application-ref.html#netscaler-crg-export-application

export applicationSynopsis

export application [-apptemplateFilename ][-deploymentFilename ]

DescriptionExports application configuration information to an AppExpert application template file. Adeployment file is created along with the template file. The template file containsapplication and variable definitions. The deployment file contains information about theservices, service groups, endpoints, and variables that are in the AppExpert applicationconfiguration. The template file is exported to the /nsconfig/nstemplates/applications/directory on the appliance. The deployment file is exported to the/nsconfig/nstemplates/applications/deployment_files directory.

Parametersappname

The name of the AppExpert application whose configuration you want to export to atemplate file.

apptemplateFilename

The name with which you want to save the template file. If you do not specify a name,the template file is saved with the name of the AppExpert application.

deploymentFilename

The name with which you want to save the deployment file. If you do not specify aname, the string _deployment is automatically appended to the name of the templatefile to create the name of the deployment file.

Top

Application Commands

55

56

AppFlow Commands

This group of commands can be used to perform operations on the following entities:

appflow

appflow collector

appflow action

appflow policy

appflow policylabel

appflow param

appflow global

57

appflow

stat appflowSynopsis

stat appflow [-detail] [-fullValues] [-ntimes ] [-logFile ]

DescriptionDisplay AppFlow statistics.

58

appflow collector

[ add | rm | rename | show ]

add appflow collectorSynopsis

add appflow collector -IPAddress [-port ] [-netProfile ]

DescriptionAdd a new AppFlow collector.

Parametersname

Name of the AppFlow collector.

IPAddress

The IPv4 address of the AppFlow collector.

port

The UDP port on which the AppFlow collector is listening. Default value: 4739

netProfile

The IP address associated with this netprofile will be used as source IP for appflow trafficto this collector

Example

add appflow collector collector1 -IPAddress 192.168.1.40 -port 2055

Top

rm appflow collectorSynopsis

rm appflow collector

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-add-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-rm-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-rename-appflow-collectorhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-collector-ref.html#netscaler-crg-show-appflow-collector

DescriptionRemove an AppFlow collector.

Parametersname

Name of an AppFlow collector.

Example

rm appflow collector collector1

Top

rename appflow collectorSynopsis

rename appflow collector @ @

DescriptionRename an AppFlow collector.

Parametersname

The name of an AppFlow collector.

newName

The new name of the AppFlow collector.

Example

rename appflow collector old_name new_name

Top

appflow collector

59

show appflow collectorSynopsis

show appflow collector []

DescriptionDisplay details of all the AppFlow collectors configured on the system. Alternatively, toview the details of a particular AppFlow collector, specify its name.

Parametersname

Name of an AppFlow collector.

Example

show appflow collector collector1

Top

appflow collector

60

61

appflow action

[ add | rm | set | unset | rename | show ]

add appflow actionSynopsis

add appflow action -collectors ... [-comment ]

DescriptionCreates an AppFlow action. The action thus created can be associated with an AppFlowpolicy by using the "add appflow policy" command.

Parametersname

Name of the AppFlow action to be added.

collectors

The names of AppFlow collectors associated with the AppFlow action.

comment

Comments associated with this AppFlow action.

Example

add appflow action appflow_action_1 -collectors col1 col2

Top

rm appflow actionSynopsis

rm appflow action

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-add-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-rm-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-set-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-unset-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-rename-appflow-actionhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-action-ref.html#netscaler-crg-show-appflow-action

DescriptionRemove a configured AppFlow action.

Parametersname

Name of an AppFlow action.

Example

rm appflow action appflow_action_1

Top

set appflow actionSynopsis

set appflow action [-collectors ...] [-comment ]

DescriptionModify an AppFlow action.

Parametersname

The name of the AppFlow action to be modified.

collectors

The names of AppFlow collectors associated with the AppFlow action.

comment

Comments associated with this AppFlow action.

Example

set appflow action appflow_action_1 -collectors col1 col2 col3

Top

appflow action

62

unset appflow actionSynopsis

unset appflow action -comment

DescriptionUse this command to remove appflow action settings.Refer to the set appflow actioncommand for meanings of the arguments.

Top

rename appflow actionSynopsis

rename appflow action @ @

DescriptionRename an AppFlow action.

Parametersname

The name of an AppFlow action.

newName

The new name of the AppFlow action.

Example

rename appflow action old_name new_name

Top

show appflow actionSynopsis

show appflow action []

appflow action

63

DescriptionDisplay configured AppFlow action(s).

Parametersname

Name of an AppFlow action.

Example

1. show appflow action 2. show appflow action appflow_action_1

Top

appflow action

64

65

appflow policy

[ add | rm | set | unset | rename | show ]

add appflow policySynopsis

add appflow policy [-comment ]

DescriptionAdd an AppFlow policy.

Parametersname

Name of the AppFlow policy.

rule

Expression to be used by the AppFlow policy. It has to be a boolean PI rule expression.

action

AppFlow action to be used by the policy.

comment

Comments associated with this AppFlow policy.

Example

add appflow policy appflow_pol "HTTP.REQ.HEADER(\\"header\\").CONTAINS(\\"qh3\\")" appflow_act

Top

rm appflow policySynopsis

rm appflow policy

http://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-add-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-rm-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-set-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-unset-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-rename-appflow-policyhttp://support.citrix.com/proddocs/topic/ns-reference-map/netscaler-crg-appflow-policy-ref.html#netscaler-crg-show-appflow-policy

DescriptionRemove an AppFlow policy.

Parametersname

Name of the AppFlow policy to be removed.

Example

Documents

NetScaler 10 Reference Material - Citrix.com Material ... Quick Start Guides ... You can refer to the following documentation for quick reference: