Dell 3-DNS Dokumentacja Strona 182
- Strona / 426
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Chapter 4: Configuring the High-Level Network
4-102
To specify invalid protocol versions using the Configuration
utility
1. In the navigation pane, click Proxies.
2. Click the Add button.
3. In the Client-side Connections Do Not Use These SSL Versions
box or the Server-side Connections Do Not Use These SSL
Versions box, check the appropriate check boxes.
4. Click Done.
To specify invalid SSL protocol versions from the command
line
Use the following syntax:
b proxy <ip>:<service> [clientssl] invalid [SSLv2] [SSLv3] [TLSv1]
b proxy <ip>:<service> serverssl invalid [SSLv2] [SSLv3] [TLSv1]
Specifying a list of trusted Certificate Authorities (CAs)
For both client-side and server-side SSL connections, you can specify
trusted certificate authorities (CAs). The proxy can then use this CA
specification to do the following:
• Build certificate chains
• Verify client certificates
• Advertise to clients the CAs that the server trusts
The following sections describe each of these uses of the trusted CAs list.
Building a certificate chain
Sometimes, a certificate that the SSL proxy uses to authenticate itself to a
peer is signed by an intermediate CA that is not trusted by that peer. In this
case, the proxy might need to build a certificate chain. The proxy allows you
to build a certificate chain by specifying the name of a specific certificate
chain file, either through the Configuration utility or from the command
line. Note that the certificate files that make up the chain file must be in
PEM format.
When attempting to access the specified chain file, the SSL proxy searches
for the file in the following manner:
1. The proxy looks to see that the specified file has a .chain extension.
2. If the file specification does not include a .chain extension, the
proxy appends that extension to the file and then searches for the
file.
3. If the file is not found, the proxy instead appends a .crt extension to
the file and searches again.
- BIG-IP® Reference Guide 1
- Product Version 2
- Legal Notices 2
- Standards Compliance 3
- Acknowledgments 3
- Table of Contents 5
- TableofContents 10
- Configuring SNMP 11
- BIG/db Configuration Keys 11
- Configuration Files 11
- Monitoring and Administration 11
- Additional Setup Options 12
- Glossary 12
- Introduction 13
- Getting started 15
- Using the Administrator Kit 16
- Stylistic conventions 17
- Identifying command syntax 18
- What’s new in version 4.2 19
- Newglobalvariables 20
- Enhanced rules support 20
- Enhanced interface statistics 21
- Health monitor enhancements 22
- Enhanced system logging 22
- Chapter Intro 24
- BIG-IP Overview 25
- What is a BIG-IP? 27
- Configuration 29
- Hardware configuration 30
- Base network configuration 30
- BIG-IP® Reference Guide 1-5 31
- Monitoring and administration 32
- The BIG-IP user interface 32
- BIG-IP® Reference Guide 1-7 33
- The bigip.conf file 35
- Chapter 1 36
- Using the Setup Utility 37
- BIG-IP® Reference Guide 2-1 39
- BIG-IP® Reference Guide 2-3 41
- Keyboard type 42
- Product selection 43
- Root password 43
- Host name 43
- Redundant system settings 44
- Assigning interfaces to VLANs 45
- Setting the time zone 47
- Configuring NTP support 48
- BIG-IP® Reference Guide 2-11 49
- Configuring RSH 51
- Configuring remote access 51
- Chapter 2 52
- Interfaces 56
- BIG-IP® Reference Guide 3-3 57
- Media type and duplex mode 58
- BIG-IP® Reference Guide 3-5 59
- Default VLAN configuration 60
- BIG-IP® Reference Guide 3-7 61
- Port-based access to VLANs 62
- Tag-based access to VLANs 62
- BIG-IP® Reference Guide 3-9 63
- Configuration procedures 64
- BIG-IP® Reference Guide 3-11 65
- BIG-IP® Reference Guide 3-13 67
- Creating VLAN groups 68
- To create a VLAN group 69
- Setting up security for VLANs 70
- Self IP addresses 72
- BIG-IP® Reference Guide 3-19 73
- Spanning Tree Protocol (STP) 74
- BIG-IP® Reference Guide 3-21 75
- Port Mirroring 77
- Chapter 3 78
- For example: 78
- Working with pools 83
- Pool Name 85
- Member specification 85
- Load balancing method 85
- Round Robin 86
- Dynamic ratio 86
- Least Connections 87
- Observed 87
- Predictive 87
- BIG-IP® Reference Guide 4-9 89
- 192.168.200.51 ratio = 3 90
- 192.168.200.52 ratio = 1 90
- BIG-IP® Reference Guide 4-11 91
- BIG-IP® Reference Guide 4-13 93
- BIG-IP® Reference Guide 4-15 95
- Configuring SNMP servers 96
- BIG-IP® Reference Guide 4-17 97
- BIG-IP® Reference Guide 4-19 99
- Persistence 101
- Types of persistence 102
- Persistence options 102
- Simple persistence 103
- Configuration utility 104
- HTTP cookie persistence 105
- Insert mode 105
- Rewrite mode 106
- Passive mode 107
- Hash mode 108
- SSL persistence 110
- SIP Call-ID persistence 111
- WTS persistence 113
- BIG-IP® Reference Guide 4-35 115
- HTTP redirection 117
- BIG-IP® Reference Guide 4-39 119
- Rewriting HTTP redirection 121
- HTTP header insertion 122
- BIG-IP® Reference Guide 4-43 123
- Type of Service (ToS) level 124
- Forwarding pools 127
- BIG-IP® Reference Guide 4-49 129
- Rule-based pool selection 130
- IP addresses 132
- Port numbers 132
- IP protocol numbers 132
- BIG-IP® Reference Guide 4-53 133
- Class types 135
- Predefined lists 136
- Rule-based HTTP redirection 137
- Rule statements 138
- Constant operands 139
- Variable operands (variables) 139
- Operators 141
- Configuring rules 142
- BIG-IP® Reference Guide 4-63 143
- Element Description 144
- Additional rule examples 145
- Cache rule 146
- AOL rule 146
- BIG-IP® Reference Guide 4-67 147
- Virtual servers 149
- Standard virtual servers 150
- Wildcard virtual servers 151
- Network virtual servers 155
- Forwarding virtual servers 156
- Virtual server options 157
- BIG-IP® Reference Guide 4-79 159
- Setting a connection limit 160
- BIG-IP® Reference Guide 4-83 163
- Deleting a virtual server 165
- The SSL Accelerator proxy 167
- BIG-IP® Reference Guide 4-89 169
- Configuring SSL-to-Server 170
- BIG-IP® Reference Guide 4-91 171
- Verifying server certificates 172
- BIG-IP® Reference Guide 4-93 173
- Per-session authentication 174
- Authentication depth 175
- A custom HTTP header 176
- A cipher specification 177
- Client certificate fields 178
- Client session IDs 179
- Configuring cipher lists 181
- Building a certificate chain 182
- Verifying certificates 183
- Advertising a Trusted CA list 184
- Rewriting the protocol name 186
- Rewriting the port number 186
- Selecting URIs to rewrite 186
- Configuring SSL session cache 187
- Configuring SSL shutdowns 190
- Forcing clean SSL shutdowns 190
- Resuming SSL sessions 191
- Disabling ARP requests 191
- The content converter proxy 192
- Additional proxy tasks 194
- Services 199
- To display service settings 201
- Configuring a SNAT manually 204
- [netmask <ip>] 205
- Configuring SNAT automapping 206
- ISPs and NAT-less firewalls 210
- To clear statistics 212
- Additional restrictions 214
- IP forwarding 215
- Health monitors 217
- Using icmp 219
- Using tcp_echo 220
- Using tcp 220
- Using http 221
- Using https 222
- Using ftp 222
- Using pop3 223
- Using smtp 223
- Using snmp_dca 224
- Using snmp_dca_base 224
- Using nntp 225
- Using sql 225
- Using imap 225
- Using radius 226
- Using ldap 226
- Configuring a monitor 227
- Monitor attributes 228
- Entering string values 229
- Setting destinations 230
- Testing SQL service checks 231
- Running user-added EAVs 232
- Using a simple association 235
- Using node and port aliasing 236
- Using transparent mode 237
- Using logical grouping 237
- Configuring Filters 241
- IP filters 244
- Rate filters and rate classes 245
- Commands for mirroring 253
- Mirroring SNAT connections 254
- Using gateway fail-safe 255
- Using network-based fail-over 257
- BIG-IP® Reference Guide 6-11 259
- BIG-IP® Reference Guide 6-13 261
- BIG-IP® Reference Guide 6-15 263
- Disabling automatic fail back 264
- BIG-IP® Reference Guide 6-17 265
- BIG-IP® Reference Guide 7-1 269
- BIG-IP® Reference Guide 7-3 271
- BIG-IP® Reference Guide 7-5 273
- BIG-IP® Reference Guide 7-7 275
- BIG-IP® Reference Guide 7-9 277
- BIG-IP® Reference Guide 7-11 279
- BIG-IP® Reference Guide 7-13 281
- BIG-IP® Reference Guide 7-15 283
- -h and -help 285
- Setting the media type 286
- Setting the duplex mode 286
- BIG-IP® Reference Guide 7-19 287
- BIG-IP® Reference Guide 7-21 289
- Creatingaportmirror 291
- Monitor template attributes 292
- BIG-IP® Reference Guide 7-25 293
- BIG-IP® Reference Guide 7-27 295
- BIG-IP® Reference Guide 7-29 297
- BIG-IP® Reference Guide 7-31 299
- BIG-IP® Reference Guide 7-33 301
- BIG-IP® Reference Guide 7-35 303
- Creatingarule 305
- Delete a rule 306
- Display rules 306
- BIG-IP® Reference Guide 7-39 307
- BIG-IP® Reference Guide 7-41 309
- BIG-IP® Reference Guide 7-43 311
- BIG-IP® Reference Guide 7-45 313
- BIG-IP® Reference Guide 7-47 315
- BIG-IP® Reference Guide 7-49 317
- BIG-IP® Reference Guide 7-51 319
- VLAN group is enabled 321
- Downloading the MIBs 325
- Setting up client access 327
- Configuring traps 329
- SNMP configuration files 330
- /etc/snmpd.conf 331
- /etc/snmptrap.conf 332
- BIG-IP® Reference Guide 8-9 333
- BIG-IP® Reference Guide 9-1 337
- Failover and cluster keys 338
- StateMirror keys 339
- Using Gateway Pinger keys 340
- Bigd keys 341
- Other keys 341
- Chapter 9 342
- Table 9.5 Other BIG/db keys 342
- BIG-IP configuration files 345
- Chapter 10 346
- Monitoring the BIG-IP 350
- To reset global statistics 355
- Monitoring NATs 357
- Monitoring SNATs 358
- Adding a user 359
- Using BIG/top command options 360
- Option Description 361
- Powering down the BIG-IP 362
- Viewing system statistics 365
- Printing the connection table 366
- Changing passwords 366
- Using the bigpipe db command 368
- Chapter 11 372
- ◆ Addressing routing issues 378
- Addressing routing issues 379
- Case 1: Same LAN 380
- Case 2: Different LANs 381
- Configuring DNS on the BIG-IP 382
- Configuring DNS proxy 383
- Configuring email 384
- Setting up Sendmail 385
- Glossary - 2 396
- Glossary - 4 398
- Glossary - 6 400
- Glossary - 8 402
- Glossary - 10 404
- Glossary - 12 406
- Glossary - 14 408
- Index - 14 426
Powiązane produkty i podręczniki dla Networking Dell 3-DNS
Networking Dell 3-DNS Dokumentacja
(165 strony)
(165 strony)
Networking Dell QLA2200 Przewodnik Instalacji
(82 strony)
(82 strony)
(132 strony)
Networking Dell EMC AX4-5 Przewodnik Instalacji
(47 strony)
(47 strony)
Networking Dell DCS-1130 Instrukcja Użytkownika
(58 strony)
(58 strony)
Networking Dell 53-1002116-01 Informacje Techniczne
(168 strony)
(168 strony)
Networking Dell System 220e Dokumentacja
(93 strony)
(93 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.037 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji