Dell 3-DNS Spezifikationen Seite 178
- Seite / 426
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Chapter 4: Configuring the High-Level Network
4-98
To insert a cipher specification from the command line
Specify the cipher insert argument with the bigpipe proxy command, as
follows:
b proxy <ip>:<service> [clientssl] cipher insert <enable | disable>
Client certificate fields
When adding an SSL proxy, you can configure the proxy to insert into an
HTTP request a header for each field of a client certificate. This feature is
most useful when:
• You have configured the SSL proxy to authenticate clients with the
request option. For more information, see Configuring client-side
authentication, on page 4-93.
• You want to better control the load balancing of your network traffic. In
this case, you can create a rule that performs load balancing according to
the certificate information in the header. Figure 4.46 shows an example.
Table 4.18 shows the client certificate headers that the SSL proxy can insert
into a client request. For each header, the required format, description, and
keyword is shown.
if (exists http_header "SSLClientCertStatus") {
if (http_header "SSLClientCertStatus" contains "OK") {
use ( authenticated_pool )
}
else {
redirect to "<https://%h/authenticationfailed.html>"
}
}
else {
redirect to "<https://%h/servererror.html>"
}
Figure 4.46 A rule based on certificate status specified in an HTTP header
Header Name Required Format Description
Certificate status SSLClientCertStatus: [status] The status of the client certificate. The value of
[status] can be "NoClientCert", "OK", or "Error".
If status is "NoClientCert", only this header is
inserted into the request. If status is "Error", the
error is followed by a numeric error code.
Certificate version SSLClientCertVersion: [version] The version of the certificate.
Certificate serial
number
SSLClientCertSerialNumber: [serial] The serial number of the certificate.
Signature algorithm of
the certificate
SSLClientCert: [alg] The signature algorithm of the certificate.
Issuer of the certificate SSLClientCert: [issuer] The issuer of the certificate.
Table 4.18 Required formats of client certificate headers
- BIG-IP® Reference Guide 1
- Product Version 2
- Legal Notices 2
- Standards Compliance 3
- Acknowledgments 3
- Table of Contents 5
- TableofContents 10
- Configuring SNMP 11
- BIG/db Configuration Keys 11
- Configuration Files 11
- Monitoring and Administration 11
- Additional Setup Options 12
- Glossary 12
- Introduction 13
- Getting started 15
- Using the Administrator Kit 16
- Stylistic conventions 17
- Identifying command syntax 18
- What’s new in version 4.2 19
- Newglobalvariables 20
- Enhanced rules support 20
- Enhanced interface statistics 21
- Health monitor enhancements 22
- Enhanced system logging 22
- Chapter Intro 24
- BIG-IP Overview 25
- What is a BIG-IP? 27
- Configuration 29
- Hardware configuration 30
- Base network configuration 30
- BIG-IP® Reference Guide 1-5 31
- Monitoring and administration 32
- The BIG-IP user interface 32
- BIG-IP® Reference Guide 1-7 33
- The bigip.conf file 35
- Chapter 1 36
- Using the Setup Utility 37
- BIG-IP® Reference Guide 2-1 39
- BIG-IP® Reference Guide 2-3 41
- Keyboard type 42
- Product selection 43
- Root password 43
- Host name 43
- Redundant system settings 44
- Assigning interfaces to VLANs 45
- Setting the time zone 47
- Configuring NTP support 48
- BIG-IP® Reference Guide 2-11 49
- Configuring RSH 51
- Configuring remote access 51
- Chapter 2 52
- Interfaces 56
- BIG-IP® Reference Guide 3-3 57
- Media type and duplex mode 58
- BIG-IP® Reference Guide 3-5 59
- Default VLAN configuration 60
- BIG-IP® Reference Guide 3-7 61
- Port-based access to VLANs 62
- Tag-based access to VLANs 62
- BIG-IP® Reference Guide 3-9 63
- Configuration procedures 64
- BIG-IP® Reference Guide 3-11 65
- BIG-IP® Reference Guide 3-13 67
- Creating VLAN groups 68
- To create a VLAN group 69
- Setting up security for VLANs 70
- Self IP addresses 72
- BIG-IP® Reference Guide 3-19 73
- Spanning Tree Protocol (STP) 74
- BIG-IP® Reference Guide 3-21 75
- Port Mirroring 77
- Chapter 3 78
- For example: 78
- Working with pools 83
- Pool Name 85
- Member specification 85
- Load balancing method 85
- Round Robin 86
- Dynamic ratio 86
- Least Connections 87
- Observed 87
- Predictive 87
- BIG-IP® Reference Guide 4-9 89
- 192.168.200.51 ratio = 3 90
- 192.168.200.52 ratio = 1 90
- BIG-IP® Reference Guide 4-11 91
- BIG-IP® Reference Guide 4-13 93
- BIG-IP® Reference Guide 4-15 95
- Configuring SNMP servers 96
- BIG-IP® Reference Guide 4-17 97
- BIG-IP® Reference Guide 4-19 99
- Persistence 101
- Types of persistence 102
- Persistence options 102
- Simple persistence 103
- Configuration utility 104
- HTTP cookie persistence 105
- Insert mode 105
- Rewrite mode 106
- Passive mode 107
- Hash mode 108
- SSL persistence 110
- SIP Call-ID persistence 111
- WTS persistence 113
- BIG-IP® Reference Guide 4-35 115
- HTTP redirection 117
- BIG-IP® Reference Guide 4-39 119
- Rewriting HTTP redirection 121
- HTTP header insertion 122
- BIG-IP® Reference Guide 4-43 123
- Type of Service (ToS) level 124
- Forwarding pools 127
- BIG-IP® Reference Guide 4-49 129
- Rule-based pool selection 130
- IP addresses 132
- Port numbers 132
- IP protocol numbers 132
- BIG-IP® Reference Guide 4-53 133
- Class types 135
- Predefined lists 136
- Rule-based HTTP redirection 137
- Rule statements 138
- Constant operands 139
- Variable operands (variables) 139
- Operators 141
- Configuring rules 142
- BIG-IP® Reference Guide 4-63 143
- Element Description 144
- Additional rule examples 145
- Cache rule 146
- AOL rule 146
- BIG-IP® Reference Guide 4-67 147
- Virtual servers 149
- Standard virtual servers 150
- Wildcard virtual servers 151
- Network virtual servers 155
- Forwarding virtual servers 156
- Virtual server options 157
- BIG-IP® Reference Guide 4-79 159
- Setting a connection limit 160
- BIG-IP® Reference Guide 4-83 163
- Deleting a virtual server 165
- The SSL Accelerator proxy 167
- BIG-IP® Reference Guide 4-89 169
- Configuring SSL-to-Server 170
- BIG-IP® Reference Guide 4-91 171
- Verifying server certificates 172
- BIG-IP® Reference Guide 4-93 173
- Per-session authentication 174
- Authentication depth 175
- A custom HTTP header 176
- A cipher specification 177
- Client certificate fields 178
- Client session IDs 179
- Configuring cipher lists 181
- Building a certificate chain 182
- Verifying certificates 183
- Advertising a Trusted CA list 184
- Rewriting the protocol name 186
- Rewriting the port number 186
- Selecting URIs to rewrite 186
- Configuring SSL session cache 187
- Configuring SSL shutdowns 190
- Forcing clean SSL shutdowns 190
- Resuming SSL sessions 191
- Disabling ARP requests 191
- The content converter proxy 192
- Additional proxy tasks 194
- Services 199
- To display service settings 201
- Configuring a SNAT manually 204
- [netmask <ip>] 205
- Configuring SNAT automapping 206
- ISPs and NAT-less firewalls 210
- To clear statistics 212
- Additional restrictions 214
- IP forwarding 215
- Health monitors 217
- Using icmp 219
- Using tcp_echo 220
- Using tcp 220
- Using http 221
- Using https 222
- Using ftp 222
- Using pop3 223
- Using smtp 223
- Using snmp_dca 224
- Using snmp_dca_base 224
- Using nntp 225
- Using sql 225
- Using imap 225
- Using radius 226
- Using ldap 226
- Configuring a monitor 227
- Monitor attributes 228
- Entering string values 229
- Setting destinations 230
- Testing SQL service checks 231
- Running user-added EAVs 232
- Using a simple association 235
- Using node and port aliasing 236
- Using transparent mode 237
- Using logical grouping 237
- Configuring Filters 241
- IP filters 244
- Rate filters and rate classes 245
- Commands for mirroring 253
- Mirroring SNAT connections 254
- Using gateway fail-safe 255
- Using network-based fail-over 257
- BIG-IP® Reference Guide 6-11 259
- BIG-IP® Reference Guide 6-13 261
- BIG-IP® Reference Guide 6-15 263
- Disabling automatic fail back 264
- BIG-IP® Reference Guide 6-17 265
- BIG-IP® Reference Guide 7-1 269
- BIG-IP® Reference Guide 7-3 271
- BIG-IP® Reference Guide 7-5 273
- BIG-IP® Reference Guide 7-7 275
- BIG-IP® Reference Guide 7-9 277
- BIG-IP® Reference Guide 7-11 279
- BIG-IP® Reference Guide 7-13 281
- BIG-IP® Reference Guide 7-15 283
- -h and -help 285
- Setting the media type 286
- Setting the duplex mode 286
- BIG-IP® Reference Guide 7-19 287
- BIG-IP® Reference Guide 7-21 289
- Creatingaportmirror 291
- Monitor template attributes 292
- BIG-IP® Reference Guide 7-25 293
- BIG-IP® Reference Guide 7-27 295
- BIG-IP® Reference Guide 7-29 297
- BIG-IP® Reference Guide 7-31 299
- BIG-IP® Reference Guide 7-33 301
- BIG-IP® Reference Guide 7-35 303
- Creatingarule 305
- Delete a rule 306
- Display rules 306
- BIG-IP® Reference Guide 7-39 307
- BIG-IP® Reference Guide 7-41 309
- BIG-IP® Reference Guide 7-43 311
- BIG-IP® Reference Guide 7-45 313
- BIG-IP® Reference Guide 7-47 315
- BIG-IP® Reference Guide 7-49 317
- BIG-IP® Reference Guide 7-51 319
- VLAN group is enabled 321
- Downloading the MIBs 325
- Setting up client access 327
- Configuring traps 329
- SNMP configuration files 330
- /etc/snmpd.conf 331
- /etc/snmptrap.conf 332
- BIG-IP® Reference Guide 8-9 333
- BIG-IP® Reference Guide 9-1 337
- Failover and cluster keys 338
- StateMirror keys 339
- Using Gateway Pinger keys 340
- Bigd keys 341
- Other keys 341
- Chapter 9 342
- Table 9.5 Other BIG/db keys 342
- BIG-IP configuration files 345
- Chapter 10 346
- Monitoring the BIG-IP 350
- To reset global statistics 355
- Monitoring NATs 357
- Monitoring SNATs 358
- Adding a user 359
- Using BIG/top command options 360
- Option Description 361
- Powering down the BIG-IP 362
- Viewing system statistics 365
- Printing the connection table 366
- Changing passwords 366
- Using the bigpipe db command 368
- Chapter 11 372
- ◆ Addressing routing issues 378
- Addressing routing issues 379
- Case 1: Same LAN 380
- Case 2: Different LANs 381
- Configuring DNS on the BIG-IP 382
- Configuring DNS proxy 383
- Configuring email 384
- Setting up Sendmail 385
- Glossary - 2 396
- Glossary - 4 398
- Glossary - 6 400
- Glossary - 8 402
- Glossary - 10 404
- Glossary - 12 406
- Glossary - 14 408
- Index - 14 426
Verwandte Produkte und Handbücher für Vernetzung Dell 3-DNS
Vernetzung Dell 3-DNS Spezifikationen
(165 Seiten)
(165 Seiten)
Vernetzung Dell QLA2200 Installationsanleitung
(82 Seiten)
(82 Seiten)
Vernetzung Dell Precision JD964 Betriebsanweisung
(132 Seiten)
(132 Seiten)
Vernetzung Dell OPENMANAGE 7.6 Betriebsanweisung
(84 Seiten)
(84 Seiten)
Vernetzung Dell EMC AX4-5 Installationsanleitung
(47 Seiten)
(47 Seiten)
Vernetzung Dell DCS-1130 Bedienungsanleitung
(58 Seiten)
(58 Seiten)
Vernetzung Dell PowerEdge M420 Bedienungshandbuch
(121 Seiten)
(121 Seiten)
Vernetzung Dell Wyse C10LE Bedienungsanleitung
(26 Seiten)
(26 Seiten)
Vernetzung Dell 53-1002116-01 Technical Information
(168 Seiten)
(168 Seiten)
Vernetzung Dell PowerConnect 6024F Betriebsanweisung
(474 Seiten)
(474 Seiten)
Vernetzung Dell System 220e Spezifikationen
(93 Seiten)
(93 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.081 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern