citrix netscaler application switch

NS9000_CRG_6.1.bookCommand Reference Guide
Citrix Systems, Inc.
© CITRIX SYSTEMS, INC., 2005. ALL RIGHTS RESERVED. NO PART OF THIS DOCU- MENT MAY BE REPRODUCED OR TRANSMITTED IN ANY FORM OR BY ANY MEANS OR USED TO MAKE DERIVATIVE WORK (SUCH AS TRANSLATION, TRANSFORMA- TION, OR ADAPTATION) WITHOUT THE EXPRESS WRITTEN PERMISSION OF CITRIX SYSTEMS, INC.
ALTHOUGH THE MATERIAL PRESENTED IN THIS DOCUMENT IS BELIEVED TO BE AC- CURATE, IT IS PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IM- PLIED. USERS MUST TAKE ALL RESPONSIBILITY FOR THE USE OR APPLICATION OF THE PRODUCT(S) DESCRIBED IN THIS MANUAL.
CITRIX SYSTEMS, INC. OR ITS SUPPLIERS DO NOT ASSUME ANY LIABILITY THAT MAY OCCUR DUE TO THE USE OR APPLICATION OF THE PRODUCT(S) DESCRIBED IN THIS DOCUMENT. INFORMATION IN THIS DOCUMENT IS SUBJECT TO CHANGE WITH- OUT NOTICE. COMPANIES, NAMES, AND DATA USED IN EXAMPLES ARE FICTITIOUS UNLESS OTHERWISE NOTED.
The following information is for FCC compliance of Class A devices: This equipment has been test- ed and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a res- idential area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense.
Modifying the equipment without Citrix' written authorization may result in the equipment no longer complying with FCC requirements for Class A digital devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to correct any interference to radio or television communications at your own expense.
You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the NetScaler Request Switch™ 9000 Series equipment. If the NetScaler equipment causes interference, try to correct the interference by using one or more of the following measures:
Move the NetScaler equipment to one side or the other of your equipment.
Move the NetScaler equipment farther away from your equipment.
Plug the NetScaler equipment into an outlet on a different circuit from your equipment. (Make sure the NetScaler equipment and your equipment are on circuits controlled by different circuit breakers or fuses.)
Modifications to this product not authorized by Citrix Systems, Inc., could void the FCC approval and negate your authority to operate the product.
BroadCom is a registered trademark of BroadCom Corporation. Fast Ramp, NetScaler, and NetScal- er Request Switch are trademarks of Citrix Systems, Inc. Linux is a registered trademark of Linus
Torvalds. Internet Explorer, Microsoft, PowerPoint, Windows and Windows product names such as Windows NT are trademarks or registered trademarks of the Microsoft Corporation. NetScape is a registered trademark of Netscape Communications Corporation. Red Hat is a trademark of Red Hat, Inc. Sun and Sun Microsystems are registered trademarks of Sun Microsystems, Inc. Other brand and product names may be registered trademarks or trademarks of their respective holders.
Software covered by the following third party copyrights may be included with this product and will also be subject to the software license agreement: Copyright 1998 © Carnegie Mellon University. All rights reserved. Copyright © David L. Mills 1993, 1994. Copyright © 1992, 1993, 1994, 1997 Henry Spencer. Copyright © Jean-loup Gailly and Mark Adler. Copyright © 1999, 2000 by Jef Pos- kanzer. All rights reserved. Copyright © Markus Friedl, Theo de Raadt, Niels Provos, Dug Song, Aaron Campbell, Damien Miller, Kevin Steves. All rights reserved. Copyright © 1982, 1985, 1986, 1988-1991, 1993 Regents of the University of California. All rights reserved. Copyright © 1995 Tatu Ylonen, Espoo, Finland. All rights reserved. Copyright © UNIX System Laboratories, Inc. Copyright © 2001 Mark R V Murray. Copyright 1995-1998 © Eric Young. Copyright © 1995,1996,1997,1998. Lars Fenneberg. Copyright © 1992. Livingston Enterprises, Inc. Copyright © 1992, 1993, 1994, 1995. The Regents of the University of Michigan and Merit Network, Inc. Copyright © 1991-2, RSA Data Security, Inc. Created 1991. Copyright © 1998 Juniper Networks, Inc. All rights reserved. Copyright © 2001, 2002 Networks Associates Technology, Inc. All rights reserved. Copyright (c) 2002 Networks Associates Technology, Inc. Copyright 1999-2001© The Open LDAP Foundation. All Rights Reserved. Copyright © 1999 Andrzej Bialecki. All rights reserved. Copyright © 2000 The Apache Software Foundation. All rights reserved. Copyright (C) 2001-2003 Robert A. van Engelen, Genivia inc. All Rights Reserved. Copyright (c) 1997-2004 Uni- versity of Cambridge. All rights reserved. Copyright (c) 1995. David Greenman. Copyright (c) 2001 Jonathan Lemon. All rights reserved. Copyright (c) 1997, 1998, 1999. Bill Paul. All rights reserved. Copyright (c) 1994-1997 Matt Thomas. All rights reserved. Copyright © 2000 Jason L. Wright. Copyright © 2000 Theo de Raadt. Copyright © 2001 Patrik Lindergren. All rights reserved.
Part No. NS-CRG-61-1105
Command Reference Guide
AAA Commands .....................................................................2-1
stat aaa 2-2 show aaa stats 2-4 add aaa user 2-5 rm aaa user 2-6 set aaa user 2-7 show aaa user 2-8 add aaa group 2-10 rm aaa group 2-11 show aaa group 2-12 bind aaa user 2-14 unbind aaa user 2-15 bind aaa group 2-16 unbind aaa group 2-18 set aaa radiusparams 2-19
show aaa radiusparams 2-21 set aaa ldapparams 2-23 show aaa ldapparams 2-25 set aaa tacacsparams 2-27 show aaa tacacsparams 2-29 set aaa nt4params 2-30 show aaa nt4params 2-31 set aaa certparams 2-32 show aaa certparams 2-33 set aaa parameter 2-34 show aaa parameter 2-35 show aaa session 2-36 kill aaa session 2-38
Auditing Commands...............................................................3-1
stat audit 3-2 show audit stats 3-3 add audit syslogaction 3-4 rm audit syslogaction 3-5 show audit syslogaction 3-6 add audit syslogpolicy 3-7 rm audit syslogpolicy 3-8
show audit syslogpolicy 3-9 set audit syslogpolicy 3-10 set audit syslogparams 3-11 show audit syslogparams 3-12 unset audit syslogparams 3-13 show audit messages 3-14
i
Contents
ii
Authorization Commands.......................................................5-1
Base Commands ....................................................................6-1
sync 6-2 add server 6-3 disable server 6-4 enable server 6-5 rm server 6-6 show server 6-7
add service 6-8 bind service 6-12 disable service 6-13 enable service 6-14 rm service 6-15 set service 6-16
Contents
show service 6-19 unbind service 6-23 stat service 6-24 add monitor 6-26 bind monitor 6-30 enable monitor 6-31 disable monitor 6-32 rm monitor 6-33 set monitor 6-34 show monitor 6-38 unbind monitor 6-42 add vlan 6-43 bind vlan 6-44 rm vlan 6-46 show vlan 6-47 stat vlan 6-49 unbind vlan 6-51 clear interface 6-52 disable interface 6-53 enable interface 6-54
reset interface 6-55 set interface 6-56 show interface 6-58 stat interface 6-63 show channel 6-66 add channel 6-70 set channel 6-72 bind channel 6-74 unbind channel 6-75 rm channel 6-76 add location 6-77 show location 6-78 rm location 6-80 set locationparameter 6-81 show locationparameter 6-83 add locationfile 6-85 show locationfile 6-86 rm locationfile 6-87 clear locationdata 6-88 install 6-89
Integrated Caching Commands..............................................7-1
add cache policy 7-2
rm cache policy 7-4 show cache policy 7-5 bind cache global 7-7 unbind cache global 7-8 show cache global 7-9 add cache contentgroup 7-11 rm cache contentgroup 7-15 set cache contentgroup 7-16 show cache contentgroup 7-21 expire cache contentgroup 7-25 flush cache contentgroup 7-26 show cache forwardProxy 7-27
add cache forwardProxy 7-28
rm cache forwardProxy 7-29 show cache object 7-30 expire cache object 7-34 flush cache object 7-35 set cache parameter 7-36 show cache parameter 7-38 show cache stats 7-39 stat cache 7-40
iii
Contents
CLI Commands ......................................................................8-1
help 8-2 man 8-4 quit 8-5 exit 8-6 set cli mode 8-7 show cli mode 8-8 set cli prompt 8-9 clear cli prompt 8-10 show cli prompt 8-11
iv
@ 8-12 alias 8-13 builtins 8-14 end 8-15 history 8-16 unalias 8-17 while 8-18 config 8-19
Compression Commands........................................................9-1
stat cmp 9-2 show cmp stats 9-5 add cmp action 9-6 rm cmp action 9-8 show cmp action 9-9 add cmp policy 9-11
rm cmp policy 9-13 show cmp policy 9-14 set cmp policy 9-16 bind cmp global 9-18 unbind cmp global 9-20 show cmp global 9-21
Cache Redirection Commands..............................................10-1
add cr policy 10-2 rm cr policy 10-4 show cr policy 10-6 add cr vserver 10-8 bind cr vserver 10-11 set cr vserver 10-12
rm cr vserver 10-15 enable cr vserver 10-16 disable cr vserver 10-17 show cr vserver 10-18 unbind cr vserver 10-22 unset cr vserver 10-23
Content Switching Commands .............................................11-1
add cs policy 11-2 rm cs policy 11-4 show cs policy 11-5 set cs policy 11-7 add cs vserver 11-8
bind cs vserver 11-10 set cs vserver 11-11 rm cs vserver 11-13 enable cs vserver 11-14 disable cs vserver 11-15
DNS Commands ...................................................................12-1
stat dns 12-2 show dns stats 12-6 add dns addRec 12-7 rm dns addRec 12-8 show dns addRec 12-9 add dns cnameRec 12-10 rm dns cnameRec 12-11 show dns cnameRec 12-12 add dns mxRec 12-13 rm dns mxRec 12-14 set dns mxRec 12-15 show dns mxRec 12-16 add dns nsRec 12-18 rm dns nsRec 12-19
show dns nsRec 12-20 set dns parameter 12-21 show dns parameter 12-22 add dns soaRec 12-23 set dns soaRec 12-25 rm dns soaRec 12-27 show dns soaRec 12-28 add dns suffix 12-30 rm dns suffix 12-31 show dns suffix 12-32 add dns nameserver 12-33 rm dns nameserver 12-34 show dns nameserver 12-35 flush dns proxyRecords 12-36
DoS Commands....................................................................13-1
Filter Commands..................................................................14-1
add filter action 14-2 rm filter action 14-4 show filter action 14-5 add filter policy 14-7 rm filter policy 14-9
show filter policy 14-10 set filter policy 14-12 bind filter global 14-14 unbind filter global 14-15 show filter global 14-16
GSLB Commands..................................................................15-1
v
Contents
rm gslb site 15-5 show gslb site 15-6 add gslb service 15-8 set gslb service 15-11 rm gslb service 15-13 show gslb service 15-14 add gslb vserver 15-17 set gslb vserver 15-20 rm gslb vserver 15-23 enable gslb vserver 15-24 disable gslb vserver 15-25 show gslb vserver 15-26
vi
bind gslb vserver 15-29 unbind gslb vserver 15-30 set gslb parameter 15-31 show gslb parameter 15-32 add gslb policy 15-33 rm gslb policy 15-34 set gslb policy 15-35 show gslb policy 15-36 add gslb action 15-37 rm gslb action 15-38 set gslb action 15-39 show gslb action 15-40
Load Balancing Commands ..................................................16-1
bind lb group 16-2 show lb group 16-3 set lb group 16-5 unbind lb group 16-7 add lb vserver 16-8 bind lb vserver 16-13 enable lb vserver 16-14 disable lb vserver 16-15
set lb vserver 16-16 rm lb vserver 16-20 show lb vserver 16-21 stat lb vserver 16-26 unbind lb vserver 16-28 show lb route 16-29 add lb route 16-30 rm lb route 16-31
NetScaler Commands...........................................................17-1
stat ns 17-2 stat ns bridge 17-27 stat ns node 17-28 show ns stats 17-33 add ns arp 17-34 disable ns arp 17-35 enable ns arp 17-36 rm ns arp 17-37 send ns arp 17-38 show ns arp 17-39
show ns bridgetable 17-41 set ns bridgetable 17-42 save ns config 17-43 set ns config 17-44 unset ns config 17-46 show ns config 17-47 show ns ns.conf 17-49 clear ns config 17-50 config ns 17-51 show ns runningconfig 17-52
Contents
add ns acl 17-53 rm ns acl 17-55 enable ns acl 17-56 disable ns acl 17-57 set ns acl 17-58 show ns acl 17-60 clear ns acls 17-62 apply ns acls 17-63 stat ns acl 17-64 force ns failover 17-66 force ns sync 17-67 disable ns feature 17-68 enable ns feature 17-69 show ns feature 17-70 show ns info 17-71 add ns ip 17-72 show ns ip 17-75 set ns ip 17-78 enable ns ip 17-81 disable ns ip 17-82 rm ns ip 17-83 disable ns mode 17-84 enable ns mode 17-85 show ns mode 17-86 add ns fis 17-87 bind ns fis 17-88 unbind ns fis 17-89 rm ns fis 17-90 show ns fis 17-91 show ns ci 17-92
bind ns node 17-93 unbind ns node 17-94 add ns node 17-95 set ns node 17-96 rm ns node 17-98 show ns node 17-99 show ns license 17-101 show ns rnat 17-102 set ns rnat 17-103 clear ns rnat 17-104 add ns route 17-105 set ns route 17-107 unset ns route 17-109 clear ns route 17-111 rm ns route 17-112 show ns route 17-113 set ns spparams 17-115 show ns spparams 17-116 set ns tcpbufparam 17-117 show ns tcpbufparam 17-118 show ns version 17-119 set ns weblogparam 17-120 show ns weblogparam 17-121 set ns rateControl 17-122 show ns rateControl 17-123 reboot 17-124 shutdown 17-125 set ns rpcnode 17-126 show ns rpcnode 17-127
Policy Commands.................................................................18-1
add policy expression 18-2 set policy expression 18-3 rm policy expression 18-4
show policy expression 18-5 add policy map 18-6 rm policy map 18-8
vii
Contents
Performance Queuing Commands........................................19-1
show pq binding 19-2 add pq policy 19-3 rm pq policy 19-5
set pq policy 19-6 show pq policy 19-8
Protocols Commands ...........................................................20-1
stat protocol tcp 20-2 stat protocol http 20-9 stat protocol icmp 20-12
stat protocol ip 20-15 stat protocol udp 20-19
Routing Commands..............................................................21-1
vtysh 21-2 set router ospf 21-3 unset router ospf 21-5 show router ospf 21-7 set router rip 21-8 unset router rip 21-9 show router rip 21-10 set router bgp 21-11
show router bgp 21-13 unset router bgp 21-14 add router bgp 21-16 clear router bgp 21-18 add router map 21-19 set router map 21-20 unset router map 21-21 show router map 21-22
SureConnect Commands ......................................................22-1
set sc parameter 22-2 show sc parameter 22-3 add sc policy 22-4
rm sc policy 22-6 set sc policy 22-7 show sc policy 22-8
SNMP Commands.................................................................23-1
stat snmp 23-2 show snmp stats 23-4 enable snmp alarm 23-5 disable snmp alarm 23-6
set snmp alarm 23-7 unset snmp alarm 23-9 show snmp alarm 23-10 add snmp community 23-11
Contents
rm snmp community 23-12 show snmp community 23-13 add snmp manager 23-14 rm snmp manager 23-15 show snmp manager 23-16 set snmp mib 23-17
show snmp mib 23-18 add snmp trap 23-20 rm snmp trap 23-21 show snmp trap 23-22 show snmp oid 23-23
SSL Commands ....................................................................24-1
stat ssl 24-2 show ssl stats 24-9 create ssl cert 24-10 add ssl certkey 24-13 bind ssl certkey 24-15 link ssl certkey 24-17 rm ssl certkey 24-18 show ssl certkey 24-19 unbind ssl certkey 24-22 unlink ssl certkey 24-24 update ssl certkey 24-25 show ssl certlink 24-27 create ssl certreq 24-28 add ssl cipher 24-30 bind ssl cipher 24-32
rm ssl cipher 24-34 show ssl cipher 24-35 create ssl crl 24-37 add ssl crl 24-39 rm ssl crl 24-42 set ssl crl 24-43 show ssl crl 24-46 create ssl dhparam 24-49
create ssl dsakey 24-50 set ssl fips 24-52 reset ssl fips 24-54 show ssl fips 24-55 create ssl fipskey 24-57 rm ssl fipskey 24-58 show ssl fipskey 24-59 import ssl fipskey 24-61 export ssl fipskey 24-63 create ssl rsakey 24-64 convert ssl pkcs12 24-66 convert ssl pkcs8 24-68 set ssl service 24-69 show ssl service 24-75 set ssl vserver 24-79
show ssl vserver 24-84 create ssl wrapkey 24-88 rm ssl wrapkey 24-89 show ssl wrapkey 24-90 init ssl fipsSIMsource 24-91 init ssl fipsSIMtarget 24-92 enable ssl fipsSIMtarget 24-93 enable ssl fipsSIMsource 24-94
System Commands ..............................................................25-1
batch 25-2
ping 25-3
ix
Contents
traceroute 25-5 grep 25-7 shell 25-9 scp 25-10 add system cmdPolicy 25-11 rm system cmdPolicy 25-12 set system cmdPolicy 25-13 show system cmdPolicy 25-14 add system user 25-15 set system user 25-16 rm system user 25-17
x
show system user 25-18 bind system user 25-19 unbind system user 25-20 add system group 25-21 rm system group 25-22 show system group 25-23 bind system group 25-24 unbind system group 25-25 bind system global 25-26 unbind system global 25-27 show system global 25-28
Tunnel Commands ...............................................................26-1
add tunnel trafficpolicy 26-2 rm tunnel trafficpolicy 26-3 show tunnel trafficpolicy 26-4 set tunnel trafficpolicy 26-6
bind tunnel global 26-7 unbind tunnel global 26-8 show tunnel global 26-9
SSLVPN Commands..............................................................27-1
stat vpn 27-2 show vpn stats 27-4 add vpn vserver 27-5 show vpn vserver 27-7 set vpn vserver 27-10 rm vpn vserver 27-11 enable vpn vserver 27-12 disable vpn vserver 27-13 bind vpn vserver 27-14 unbind vpn vserver 27-15 add vpn intranetapplication 27-16 show vpn intranetapplication 27-18 rm vpn intranetapplication 27-20 bind vpn global 27-21 unbind vpn global 27-22
show vpn global 27-23 add vpn trafficpolicy 27-24 rm vpn trafficpolicy 27-25 show vpn trafficpolicy 27-26 set vpn trafficpolicy 27-27 add vpn trafficaction 27-28 rm vpn trafficaction 27-29 show vpn trafficaction 27-30 add vpn url 27-31 rm vpn url 27-32 show vpn url 27-33 add vpn sessionpolicy 27-34 rm vpn sessionpolicy 27-35 show vpn sessionpolicy 27-36 set vpn sessionpolicy 27-37
Contents
add vpn sessionaction 27-38 rm vpn sessionaction 27-43 show vpn sessionaction 27-44 set vpn parameter 27-48 unset vpn parameter 27-53 show vpn parameter 27-56
Introduction
Welcome to the Command Reference Guide. This reference covers all aspects of using the Command Line Interface in the configuration and operation of the system. For information on accessing your system's Command Line Interface, please refer to the installation chapter in the Installation and Configuration Guide before continuing on from this point.
1.1 How to use This Reference This command reference is organized in two chapters:
• Chapter 1: The Command Line Overview which explains how to use the Command Line Interface.
• Chapter 2: Alphabetically ordered descriptions of all of the commands.
If you are unfamiliar with using the system, you should start with the CLI usage chapter to familiarize yourself with the interface after reviewing the following section on document conventions. Otherwise, this document serves as the primary source of information on the commands available in the NSCLI and may be accessed at any arbitrary point as your needs dictate.
1.2 Command Conventions These conventions are used to describe the commands in this guide.
Convention Alerts You To
command Command and argument names can be entered in any combination of upper and lower case characters. In this document command and argument names are sometimes displayed in upper and lower case. This is for readability and does not reflect the way in which the commands must be entered.
command argument This typeface represents a command argument.
screen text Text with this typeface represents information on a screen, as well as the names of directories, files, and commands.
Command Reference Guide 1-1
Introduction
Note When entering the argument, neither the brackets nor the vertical bars are included.
1.3 Command Line Overview This section discusses the usage of the Command Line Interface. The discus- sion is broken up in to two sections, basic and advanced CLI usage. The basic section covers all of the rudimentary aspects of the CLI which provides the information necessary for basic CLI usage. The advanced usage section expands on the remaining features of the Command Line Interface which allow you to further control and enhance your sessions but are not required for day to day operation.
1.3.1 Basic Command Line Usage
This section discusses the essential instruction necessary for basic command line usage with the system. Start with this section if you are unfamiliar with the CLI.
1.3.1.1 Understanding the Command Structure
Most commands adhere to the general format shown here.
action groupname entity <entityname> [-parameter]
An action is the task that the command is performing such as an add or set action. The groupname is the functional area or feature where the action is being taken such as dns or lb. An entity is the specific type of object such as a vserver that the command is being issued against. The entityname is the name given to an entity instance that the command is being issued upon. If an entity instance is being created with the issued command, such as with the add action, the entityname will be a name of your choosing. Lastly, the parameters
<key name>+<key name> Keyboard key names appear within angle brackets. A plus sign appears between keys you must press simultaneously.
text in italics Italic type emphasizes text or indicates new terms.
Square Brackets ( [ ] ) Arguments that are contained within square brackets are optional. Arguments that are not contained within brackets are required
Angle Brackets (< >) Arguments within angle brackets are variable place holders. Replace these with values appropriate for your configuration.
Vertical Bars ( | ) When arguments are separated by vertical bars, either argument can be specified.
1-2 Command Reference Guide
Introduction
applicable to the command are listed. The actual number and type of available parameters will vary by command.
1.3.1.2 Getting Help in the CLI
The help command offers a quick way to get more information on commands. The command can return help on specific commands, groups of commands, or the entire set of nscli commands.
By typing help alone on the command line, the system will print a brief general help message as shown here.
> help
Try :
help <groupName> for brief usage of a group of commands
help -all for brief usage of all nscli commands
The command groups are:
basic aaa authentication
>
And by entering help help, you will see the following output which shows the syntax for the help command.
> help help
Done
>
If you need help on using a specific command or command group, utilize the syntax shown above substituting that command or group name you need help for.By specifying the command name, the CLI feedback will provide you with a full listing of the command's syntax along with an expansion on those parameters with limited sets of options.If you enter a group name, the CLI will print a full list of the commands that belong to that group. The output below shows an example of using this help method for the add vserver command.
> help add vserver
<port> -range <positive_integer>] [-cacheType <cacheType>]
[-backupVServerName <string>] [-redirectURL <URL>]
[-soMethod ( CONNECTION | NONE )]
[-soPersistence ( ENABLED | DISABLED )]
SSL_TCP | NNTP | DNS | DHCPRA | ANY )
<cacheType> = ( TRANSPARENT | REVERSE | FORWARD )
>
The question mark <?> can also be used to get help in the CLI. By typing a question mark alone, the system will print out a listing of all the actions available from the top level command structure.
1.3.1.3 Getting Help with Man Pages
The command line interface has it’s own set of man pages similar to those tra- ditionally found in UNIX and UNIX like operating systems. This system returns the same command reference information as is found in this guide. To use this help feature, issue the man command using the name of the command you wish to view information on as the argument.
Once the first screen is displayed, you may scroll through the page either a screen at a time or line by line. To advance line by line, press the <Enter> key. To advance to the next screen use the space bar.
When viewing commands with man, to exit the page before reaching the end of it, press the <Q> key.
1.3.1.4 Using Command Completion
When working on the command line, you can use both the <Tab> key or the <?> key for command completion and assistance. For example, typing show e followed by entering the <Tab> key will complete the command as show expression. If, after typing <Tab> once and no completion is displayed, then hit <Tab> once more and the system will offer you a set of possible completions.After the output is displayed, you are returned to the prompt with the portion of the command that was previously entered so that you may continue where you left off at.
Using the question mark key offers a slightly different completion options.You may enter a question mark at any point on the command line and the system will provide you with a list of all possible completions that are recognized from that point forward. The following example illustrates this usage with the enable command.
> enable <?>
> enable
Once the possible completions are printed, you are again returned to the command line with your previous entry still at the prompt for you to work with. Note that the question mark you type is not echoed at the CLI prompt.
Any entries in the output that are followed by the ellipsis, such as the ssl command shown in the previous example’s output, have further command completion levels beyond this point in the hierarchy.
1.3.1.5 Utilizing Command Abbreviations and Shortcuts
Another way to shorten command line input is to use command abbreviations. The CLI command abbreviation feature allows you to enter partial commands. To use this feature, you need only enter enough of the command's key words such that each of them is uniquely identifiable by the CLI. For example, to shorten the command add lb vserver, you may enter as little as ad lb vs and the CLI will correctly interpret your command.
Note however, that for command group names you may not abbreviate them. In many cases you may leave them out entirely though. This is possible wher- ever command usage makes the group implicit, such as with the snmp and system group names when the entity type being acted upon is unique to the group. For example, there are no other entities of the community type outside of the snmp command group so issuing the add community command, rather than add snmp community, implicitly places this command in the snmp command group.
This behavior is also illustrated with the system group and its entities. The user entity type exists in the system command group as well as the aaa command group therefore the user entity is not unique to the system group. So if you are issuing an action against a system user, such as an add command, you must specify the system group type so that the CLI will interpret your command as being directed at a system user, not an aaa user. The CLI will alert you in those cases where the group type is omitted incorrectly with an "ERROR: No such command" message.
More examples of using these shortcuts are shown in Table 1.1
Table 1-1 Sample Command Abbreviations.
Abbreviated Command CLI Interpreted Command
cl r clear ns rnat
sh ve show ns version
se vpn p set vpn parameters
f f force ns failover
rm mx rm dns mxRec
ad lb vs add lb vserver
ad pol exp
1.3.1.6 Navigating Command Output
Often times, you will find that the screen output from the NSCLI will span multiple screens. When an output stream pauses at the first screen’s worth of output with --More-- displayed, you can navigate the remaining output with keystrokes.
• To cancel viewing the remaining output, press the <Q> key or use <Ctrl>+<C> to abort the command.
• To stream the remaining output without pauses, press the <C> key. • To advance through the output one screen at a time press any other key.
1.3.1.7 Understanding Error Feedback
When a CLI command is entered with invalid arguments, an error message is displayed, possibly preceded by an indication of the location of the error within the command line. After most errors, a short version of the command usage is also displayed.
For example, typing the following command at the prompt:
> add vserver vs 1 htto 10.101.4.99 80
Returns the following error messages:
add vserver vs1 htto 10.101.4.99 80
^^^^
ERROR: invalid argument value [serviceType, htto]
The carats ("^^^^"), if present, indicate the location of the error in the command line.
Note The CLI will alert you if you try to configure a disabled or unlicensed feature. If you attempt to configure disabled features, your configurations will be applied, however they will have no effect on the runtime behavior of the system until the feature is enabled. If you attempt to configure an unlicensed feature, the system will return an error.
1.3.1.8 Accessing the Command History
The command line maintains a per user command entry history across sessions. This history maintains the last 100 user entered commands. Note that the history does not record sequentially duplicated commands. You may loop through the history on the command line by using the up and down arrow keys on your keyboard. You can recall the entire history log using the history command. A sample of the history log output is shown here.
> history
3 21:31 builtins
>
You can also recall specific entries from within the history using the exclama- tion mark, or bang character (!). Use the ! in combination with either the desired history event number or an offset from the current event number to recall a specific history entry.
1.3.2 Advanced Command Line Usage
This section illustrates the remaining advanced features of the Command Line Interface.
1.3.2.1 Understanding NSCLI Built-ins
The Command Line Interface has several tools, or builtins, at your disposal for use within CLI sessions. To view these builtins use the builtins command. In addition to the previously mentioned history builtin tool, the use of other builtins can be used as discussed in the following sections.
1.3.2.2 Compounding CLI Commands
The nscli supports using the semicolon (;) character to enter multiple commands. To use this function, simply enter a semicolon between commands on the command line. The commands will be executed in order of entry.
1.3.2.3 Using grep, more, and the Pipe Operator
To help in managing and navigating command output the nscli supports the standard UNIX grep and more commands as well as the pipe operator ( | ). For the grep and more commands refer to the man pages in the nscli for complete usage details.
The pipe operator is used in the nscli as it is on standard UNIX shells to redi- rect command output into another command, commonly with the grep and more commands.
1.3.2.4 Applying Formatting Options
In the nscli, most show commands have an implicit –format argument. This argument formats the command’s output in one of three ways.
Normally the show server command outputs to the screen as shown here.
> show server
2 servers:
State: ENABLED
State: ENABLED
>
With the -format input option, the show server command prints in the command form that it would be input to the CLI, as shown here.
> show server -format input
>
The second formatting option, -format hierarchical, prints in a Cisco-like hierarchical format.
> show server -format hierarchical
>
And the third type of formatting option, -format xhierarchical, prints the output in a Juniper-like hierarchical format
1.3.2.5 Creating and Using Aliases
In order to allow you to customize your own command shortcuts, the system supports using aliases. To create a command alias you will need to use the alias command followed by the desired alias name and the command you wish to alias. For example, to create an alias for the show system users command you would enter the command as shown below.
> alias users show system users
To use the new alias, specify it as you would any other command.
> users
>
And to view the established aliases, use the alias command alone on the command line.
> alias
> unalias users
1.3.2.6 Customizing the CLI Prompt
By default for all users, the CLI prompt is marked by the > character. You may customize the prompt to display differently using the set cli prompt command. The possible settings and parameters are listed in the following table followed by an example use of the command.
Table 1-2 Prompt Settings
Done
[22:23] [email protected]>
Notice that you need to enclose the parameter in double quotes. You may chain multiple parameters together in addition to arbitrary strings and spaces to further customize the prompt. To do this, just include the desired string and parameters within a single double quoted string, as shown in the above example. If you would like to reset the prompt back to the system default, use the clear cli prompt command.
To ensure that your prompt setting is retained across sessions, save your configuration once your desired prompt is set. This command prompt setting will apply only to the current system user.
1.3.2.7 Using the @ Range Operator
Many CLI commands allow for the creation and manipulation of a range of entities. Any command that has the @ symbol in its parameter listing is one of these commands. The presence of the range operator means that the argument it follows may be used with a range specification in order to act on a
Parameter Prompt Displays
%d Current date
Introduction
consecutive array of entities. To use these arguments with a range, you simply specify the argument normally and follow it with a bracketed range.
For example, the command for creating a range of five load balancing vservers would use the following syntax:
> add lb vserver httpvserve[1-5] http 192.168.1.1[1-5] 80
Notice that the IP address argument also specifies an address range. When adding a range of entities as shown here, dependant arguments must have a matching range specified as well. The command will return an error if the ranges differ. When you use an add command with the range option as shown here, the system will create 5 vservers with IP addresses ranging from 192.168.1.11 to 192.168.1.15.
When alternately deleting a range of entities, the same methodology applies. To remove the range of vservers created in this example, you would issue the following command:
> rm vserver httpvserve[1-5]
>
Note If a range of entities created with the range operation is somehow broken, such as via the manual removal of one or more of the entities, using the correspond- ing rm or set commands with a range operation against the range will not complete successfully.
1.3.2.8 Executing Looped Commands
The nscli allows for the use of UNIX shell style loops for repeated execution of commands. The example here uses this functionality to create ten http vservers with IP addresses 1.1.1.25 to 1.1.1.34.
> @ n = 10
> @ x = 25
> while ($n)
@ n--
@ x++
end
Done
Done
Done
>
The primary keywords available in the nscli for using this feature are while, end, and the @ operator. More details on these keywords are available in the respective man pages for each of them as well as their Command Reference descriptions in this reference.
Description This command displays aaa statistics
Counters
Authentication failures (authfails) Count of authentication failures
Authentication successes (authsucc) Count of authentication successes
Non HTTP authorization failures (atznonhtpf) Count of non HTTP connections that failed authorization
HTTP authorization failures (atzhtpf) Count of HTTP connections that failed authorization
Non HTTP authorization successes (atznonhtps) Count of non HTTP connections that succeeded authorization
HTTP authorization successes (atzhtps) Count of HTTP connections that succeeded authorization
AAA sessions (totsess) Count of all AAA sessions
Timed out AAA sessions (totsessto) Count of AAA sessions that have timed out
Current AAA sessions (totcursess) Count of current AAA sessions
Description show aaa stats is an alias for stat aaa
Related Commands stat aaa
Synopsis add aaa user <userName> [-password <string>]
Description This command adds a user and the authorization compound expression for the user to the LDAP/RADIUS server.
Arguments
userName Specifies the name of the user.
password Specifies the password of the user. If the password option is not provided then the CLI will prompt the user to enter the password. The password entered by this method is not displayed to the user. Currently, the hidden password is not implemented. If the password is not specified the username is taken as the default password.
Example add expression p4port VPNPORT == 1666 add expression whizbangport VPNPORT == 7676 add expression only_finance_url URL == /finance* add expression only_finance_svc VPNIP == 10.100.3.44 add aaa user johndoe -HttpRule "only_finance_svc && only_finance_url" -ActionHttp allow -NonHttpRule "p4port || whizbangport" -ActionNonHttp allow The above examples provide the following privileges to user johndoe HTTP: Only access to URLs prefixed with /finance are allowed and access is restricted to finance application server with IP address 10.100.3.44. Non-HTTP: Only access to Perforce and Whizbang Â applications is allowed
Related Commands rm aaa user set aaa user show aaa user
Synopsis rm aaa user <userName>
Description This command removes a user from the LDAP server added by the add aaa user CLI command.
Arguments
userName Specifies the name of the user in the LDAP server.
Related Commands add aaa user set aaa user show aaa user
Description This command sets the password for an existing user
Arguments
userName Specifies the name of the user.
password Specifies the password of the user. If the password option is not provided then the CLI will prompt the user to enter the password. The password entered by this method is not displayed to the user. Currently, the hidden password is not implemented. If the password is not specified the username is taken as the default password.
Example set aaa user johndoe password abcd The above command sets johndoe password to abcd
Related Commands add aaa user rm aaa user show aaa user
Synopsis show aaa user [<userName>] [-loggedin]
Description This command displays the AAA users who have been added using the add aaa user command.
Arguments
userName Specifies the user name. When user name is specified the CLI displays the LDAP or the RADIUS user entry details and groups to which the user belongs.
loggedin Specifies the loggedin flag. When this flag is turned on, the CLI displays the names of all logged in users.When used with a user name, the CLI displays whether the user is logged in or not.
Output
groupName
policy
priority
urlName Specifies the intranet url.
netmask Specifies the netmask for the Intranet IP
Example Example > show aaa user joe UserName: joe IntranetIP: 10.102.1.123 Bound to groups: GroupName: engg Done >
Related Commands add aaa user rm aaa user set aaa user
Synopsis add aaa group <groupName>
Description This command adds a group and the authorization compound expression for the group to the LDAP/RADIUS server.
Arguments
groupName Specifies the name of the group.
Example To add a group group_ad and set the HTTP rule and action to deny HTTP access in the 192.30.*.* network: add aaa group group_ad -HttpRule exp_source -ActionHttp deny
Related Commands rm aaa group show aaa group
Synopsis rm aaa group <groupName>
Description This command removes a group from the LDAP server added by the add aaa group CLI command.
Arguments
groupName Specifies the name of the group in the LDAP server. Note:The user sessions belonging to the group will be removed. The user has to login again.
Related Commands add aaa group show aaa group
Synopsis show aaa group [<groupName>] [-loggedin]
Description This command displays the AAA group that have been added using the add aaa group command.
Arguments
groupName Specifies the group name. When the group name is specified the CLI displays the LDAP or the RADIUS group entry details and the users bound to the group.
loggedin Specifies the loggedin flag. When this flag is turned on, the CLI displays the names of groups which has atleast one user logged in.When used with a group name, the CLI lists the users, within the group, who are logged in.
Output
userName
policy
priority
urlName Specifies the intranet url
netmask Specifies the netmask for the Intranet IP
Example > show aaa group engg GroupName: engg Bound AAA users: UserName: joe UserName: jane Intranetip IP: 10.102.10.0 Netmask: 255.255.255.0 Done >
Related Commands add aaa group rm aaa group
Synopsis bind aaa user <userName> [-policy <string> [-priority <positive_integer>]] [-intranetApplication <string>] [-urlName <string>] [-intranetip <ip_addr> [<netmask>]]
Description This command is used to bind a policy or intranetip or intranetapplication or url to an user.
Arguments
policy Specifies a policy to be bound to aaa user.
intranetApplication Specifies the intranet vpn application.
intranetip Specifies the IP address to be bound to this user which will be used for Intranet access
Example To bind intranetip to the user joe: bind aaa user joe -intranetip 10.102.1.123
Related Commands unbind aaa user
Synopsis unbind aaa user <userName> [-policy <string>] [-intranetApplication <string>] [-urlName <string>] [-intranetip <ip_addr> [<netmask>]]
Description This command is used to unbind a policy or intranetip or intranetapplication or url from an user
Arguments
policy Specifies a policy to be unbound to aaa user.
intranetip Specifies the Intranet IP to be unbound
Example unbind aaa user joe -intranetip 10.102.1.123
Related Commands bind aaa user
Synopsis bind aaa group <groupName> [-userName <string>] [-policy <string> [-priority <positive_integer>]] [-intranetApplication <string>] [-urlName <string>] [-intranetip <ip_addr> <netmask>]
Description This command is used to bind an User or Intranet IP or Policy or Intranet Application to a group.
Arguments
groupName Specifies the group name.
userName Specifies user to with whom the group is bound. If the user belongs to multiple groups, during authorization of a service all the group expressions are evaluated to take a suitable action.
policy Specifies a policy to be bound to aaa group.
intranetip Specifies the ip-block or the IP address to be bound with this group which will be used by the users belong to this group while accessing Intranet resources
Example To bind Intranet IP to the group engg: bind aaa group engg -intranetip 10.102.10.0 255.255.255.0
Synopsis unbind aaa group <groupName> [-userName <string> ...] [-policy <string>] [-intranetApplication <string>] [-urlName <string>] [-intranetip <ip_addr> <netmask>]
Description This command is used to unbind an User or Intranet IP or Policy or Intranet Application from a group.
Arguments
userName Specifies user to be unbound from the group.
policy Specifies the policy to be unbound from aaa group,
intranetip Specifies the Intranet IP to be unbound from the group
Example unbind aaa group engg -intranetip 10.102.10.0 255.255.255.0
Related Commands bind aaa group
Synopsis set aaa radiusparams [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] -radKey <string> [-radNASip ( ENABLED | DISABLED )] [-radNASid <string>] [-radVendorID <positive_integer>] [-radAttributeType <positive_integer>] [-passEncoding <passEncoding>]
Description This command sets the global variables for the RADIUS server. It is used globally in SSL-VPN across all Vservers unless a vserver specific configuration is done using authentication policies.
Arguments
serverip Specifies the IP address of the RADIUS server.
serverport Specifies the port number on which the RADIUS server is running. The default port number is 1812. Default value: 1812
authTimeout Specifies the maximum number of seconds for which NetScaler 9000 system would wait for a response from the RADUIS server. Default value: 3
radKey Specifies the key shared between the client and the server. This information is required for the Netscaler system to communicate with the RADIUS server.
radNASip If enabled, the Netscaler's IP address (NSIP) is sent as the "nasip" as part of the Radius protocol to the server. Possible values: ENABLED, DISABLED
set aaa radiusparams
radNASid If configured, this string will be sent to the RADIUS server as the "nasid" as part of the Radius protocol.
radVendorID Specifies the Vendor ID for Radius group extraction.
radAttributeType Specifies the Attribute type for Radius group extraction.
passEncoding This option specifies how password should be encoded in the radius packets from the netscaler to the radius server.Valid options are PAP default, CHAP, MSCHAPv1, MSCHAPv2. Possible values: pap, chap, mschapv1, mschapv2 Default value: PAP
Example To configure the default RADIUS parameters: set aaa radiusparams -serverip 192.30.1.2 -radkey sslvpn
Related Commands add authentication radiusaction set aaa ldapparams set aaa parameter show aaa radiusparams
Arguments
Output
serverip
serverport
radKey
groupAuthName
authTimeout
radNASip
radNASid
IPAddress
Example > show aaa radiusparams Configured RADIUS parameters Server IP: 127.0.0.2 Port: 1812 key: secret Timeout: 10 Done >
Related Commands set aaa radiusparams
Synopsis set aaa ldapparams [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] [-ldapBase <string>] [-ldapBindDn <string>] [-ldapBindDnPassword <string>] [-ldapLoginName <string>] [-searchFilter <string>] [-groupAttrName <string>] [-subAttributeName <string>] [-secType <secType>]
Description This command sets the global variables for the LDAP server. It is used globally in SSL-VPN across all Vservers unless a vserver specific configuration is done using authentication policies.
Arguments
serverip Specifies the IP address of the LDAP server. The default value is localhost.
serverport Specifies the port number on which the LDAP server is running. The default port number for LDAP server is 389. Default value: 389
authTimeout Specifies the maximum number of seconds for which the NetScaler system would wait for a response from the LDAP server. Default value: 3
ldapBase Specifies the base or the node from where the ldapsearch should start. If the LDAP server is running locally, the default value of base is dc=netscaler, dc=com.
ldapBindDn Specifies the full distinguished name that is used to bind to the LDAP server.
ldapBindDnPassword Specifies the password that is used to bind to the LDAP server.
set aaa ldapparams
ldapLoginName Specifies the name attribute used by the Netscaler system to query the external LDAP server or an Active Directory.
searchFilter String to be combined with the default LDAP user search string to form the value. For example, vpnallowed=true with ldaploginame "samaccount" and user-supplied username "bob" would yield the LDAP search string "(&(vpnallowed=true)(samaccount=bob)".
groupAttrName Specifies the Attribute name for group extraction from LDAP server
subAttributeName Specifies the Sub-Attribute name for group extraction from LDAP server
secType Specifies if the communication between the NetScaler 9000 and the LDAP server should encrypted or not. The following values for this parameter: PLAINTEXT: No encryption required. TLS: For using TLS protocol to communicate. SSL: For using SSL Protocol to communicate. Possible values: PLAINTEXT, TLS, SSL Default value: PLAINTEXT
Example To configure authentication in the LDAP server running at 192.40.1.2: set aaa ldapparams -serverip 192.40.1.2 -ldapbase "dc=netscaler,dc=com" -ldapBindDN "cn=Manager,dc=netscaler,dc=com" -ldapBindDnPassword secret -ldaploginname uid
Related Commands add authentication ldapaction set aaa radiusparams set aaa parameter show aaa ldapparams
Arguments
Output
serverip
serverport
authTimeout
ldapBindDn
ldapLoginName
ldapBase
secType
searchFilter
groupAttrName Specifies the Attribute name for group extraction from LDAP server
subAttributeName Specifies the Sub-Attribute name for group extraction from LDAP server
groupAuthName
Example > show aaa ldapparams Configured LDAP parameters Server IP: 127.0.0.1 Port: 389 Timeout: 1 BindDn: cn=Manager,dc=florazel,dc=com login: uid Base: dc=florazel,dc=com Secure Type: PLAINTEXT Done >
Related Commands set aaa ldapparams
Synopsis set aaa tacacsparams [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] [-tacacsSecret <string>] [-authorization ( ON | OFF )] [-accounting ( ON | OFF )]
Description This command sets the global variables for the TACACS+ server. It is used globally in SSL-VPN across all Vservers unless a vserver specific configuration is done using authentication policies.
Arguments
serverip Specifies the IP address of the TACACS+ server.
serverport Specifies the port on which the TACACS+ server is running. The default port is 49. Default value: 49
authTimeout Specifies the maximum number of seconds for which the NetScaler system would wait for a response from the TACACS+ server. Default value: 3
tacacsSecret Specifies the key shared between the client and the server. This information is required for the Netscaler system to communicate with the TACACS+ server.
authorization Specifies whether this TACACS+ server should be used for streaming authorization. Possible values: ON, OFF
accounting Specifies weahter this TACACS+ server should be sent accounting messages. Possible values: ON, OFF
set aaa tacacsparams
Example To configure a TACACS+ server running at 192.168.1.20 set aaa tacacsparams -serverip 192.168.1.20 -tacacssecret secret
Related Commands add authentication tacacsaction set aaa radiusparams set aaa parameter show aaa tacacsparams
Arguments
Output
serverip
serverport
authTimeout
tacacsSecret
authorization
accounting
Example > sh aaa tacacsparams Configured TACACS parameter Server IP: 192.168.1.20 Port: 49 Timeout: 1 secs Done
Related Commands set aaa tacacsparams
Description This command sets defines an NT4 authentication server.
Arguments
nt4ServerName The name of the NT4 server
nt4DomainName The domain name of the NT4 server
nt4AdminUser Username of an NT4 Domain Administrator
nt4AdminPasswd Password of the NT4 Domain Administrator
Example To configure a NT4 server running at 192.168.1.21 set aaa nt4params -serverip 192.168.1.21
Related Commands show aaa nt4params
Output
serverip
nt4ServerName
nt4DomainName
nt4AdminUser
nt4AdminPasswd
Synopsis set aaa certparams [-userNameField <string>] [-groupNameField <string>]
Description This command sets the global variables for a certificate policy. It is used globally in SSL-VPN across all Vservers unless a vserver specific configuration is done using authentication policies.
Arguments
userNameField Specifies which field in the client certificate to extract the username from. Should be of the format <field:subfield>. Allowed values for field are "Subject" and "Issuer".
groupNameField Specifies which field in the certificate to extract the group from. Should be of the format <field:subfield>. Allowed values for field are "Subject" and "Issuer".
Example To configure the default certificate parameters: set aaa certparams -userNameField "Subject:CN" -groupNameField "Subject:OU"
Related Commands add authentication certaction set aaa parameter show aaa certparams
Arguments
Output
twoFactor Specifies whether two factor authentication is on.
userNameField Specifies which field in the certificate to extract the username from.
groupNameField Specifies which field in the certificate to extract the group from.
Related Commands set aaa certparams
Synopsis set aaa parameter [-defaultAuthType <defaultAuthType>] [-maxAAAUsers <positive_integer>]
Description This command sets the global AAA parameters. Use this command to override the default LDAP authentication.
Arguments
defaultAuthType Specifies the default type of authentication server. If nothing is specified the default value is set to LDAP. Possible values: LOCAL, LDAP, RADIUS, TACACS, NT4, CERT
maxAAAUsers Specifies the maximum number of concurrent users allowed to login into the NetScaler 9000 at any given instant of time. The default number of users is 5.
Example set aaa parameter -defaultAuthType RADIUS -maxAAAUSers 100
Related Commands show aaa parameter
Synopsis show aaa parameter
Description This command displays the AAA parameters which have been configured using the set aaa parameter command.
Arguments
Output
defaultAuthType
maxAAAUsers
Related Commands set aaa parameter
Description This command displays the connections initated by the user
Arguments
userName Specifies the user name. When the group name is specified the CLI lists the connections initiated by the specified user.
groupName Specifies the group name. When the group name is specified the CLI lists the connections initiated by the all the logged-in user within the group.
intranetip Intranet IP address. The command lists all connections whose sessions are using the named intranet IP address
Output
publicPort Client's public port
IPAddress Netscaler's IP address
privatePort Client's private/mapped port
destIP Destination IP address
Example > show aaa connection ClintIp (ClientPort) -> ServerIp(ServerPort) ------------------------- ---------------------------- User Name: Joe 10.102.0.39 (2318 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2320 ) -> 10.102.4.245 (443 ) 10.102.0.39 (2340 ) -> 10.102.4.245 (443 ) Done >
Related Commands kill aaa session
Description This command kills the user sessions
Arguments
userName Specifies the user name. The system will terminate the session initiated by the named user.
groupName Specifies the group name. The system will terminate the sessions of all the users within the named group.
intranetip Intranet IP address. The system will terminate all sessions using the named intranet IP address
all The system will terminate the sessions of all the users, who are currently logged in.
Example kill aaa session -user joe
Related Commands show aaa session
Description This command displays audit statistics
Counters
Audit logs sent to syslog server(s) (LogSnd) Count of audit log messages sent to all the configured syslog servers.
Audit log messages generated (LogGen) Count of audit log messages generated.
NAT allocation failed (Ernatpcb) NAT allocation failed
Nsb allocation failed (Ernsb) Nsb allocation failed
Memory allocation failed (Ermem) Memory allocation for audit context failed
Port allocation failed (Erport) Port allocation failed.
NAT lookup failed (Hshmiss) NAT lookup failed.
Context not found (Ctxntfnd) Context not found.
Related Commands
Description show audit stats is an alias for stat audit
Related Commands stat audit
Arguments
name The name of the SYSLOG action to be added.
serverip The IP address of the syslog server.
serverport The port on which Syslog Server is running. Default value: 514
logLevel Specifies the audit log level.
dateformat Specifies the date format. Possible values: MMDDYYYY, DDMMYYYY Default value: MMDDYYYY
Related Commands rm audit syslogaction show audit syslogaction
Synopsis rm audit syslogaction <name>
Description Use this to remove a previously created syslog action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
Related Commands add audit syslogaction show audit syslogaction
Synopsis show audit syslogaction
Description Use this command to display details of the configured SYSLOG action(s).
Arguments
Output
Synopsis add audit syslogpolicy <name> <rule> <action>
Description Use this command to add a SYS LOG policy. The policy defines the conditions under which the specified SYS LOG server is to be used for logging.
Arguments
name The name to assign to the new SYS LOG policy.
rule The name of the rule, or expression, the policy is to use.
action The name of the SYS LOG action the policy is to use.
Related Commands rm audit syslogpolicy show audit syslogpolicy set audit syslogpolicy
Description Use this to remove an audit SYS LOG policy.
Arguments
name The name of the SYS LOG policy to remove.
Related Commands add audit syslogpolicy show audit syslogpolicy set audit syslogpolicy
Description Use this to display configured SYS LOG policies.
Arguments
name The name of the policy to display. If this option is not provided, all the configured SYS LOG policies will be displayed.
Output
name
rule
action
Related Commands add audit syslogpolicy rm audit syslogpolicy set audit syslogpolicy
Synopsis set audit syslogpolicy <name> [-rule <expression>] [-action <string>]
Description Use this command to change properties of a SYS LOG policy.
Arguments
rule The new rule to be associated with the policy.
action The new SYS LOG action to be associated with the policy.
Related Commands add audit syslogpolicy rm audit syslogpolicy show audit syslogpolicy
Description Use this command to set default SYS LOG parameters
Arguments
serverip The IP address of the syslog server. Default value: 127.0.0.1
serverport The port on which Syslog Server is running. Default value: 514
dateformat Specifies the date format. Possible values: MMDDYYYY, DDMMYYYY Default value: MMDDYYYY
logLevel Specifies the audit log level for which messages should be logged. Default value: EMERGENCY ALERT CRITICAL ERROR WARNING NOTICE INFORMATIONAL
Related Commands show audit syslogparams unset audit syslogparams
Arguments
Output
serverip
serverport
dateformat
Related Commands set audit syslogparams unset audit syslogparams
Description Use this command to unset syslog parameters
Arguments
serverip Unsets the IP address of the syslog server.
serverport Unsets the port of the syslog server to default 514.
logLevel Unsets the audit log level, so no message is logged.
Related Commands set audit syslogparams show audit syslogparams
Synopsis show audit messages [-logLevel <logLevel> ...] [-numOfMesgs <positive_integer>]
Description Use this command to display the most recent audit log messages
Arguments
logLevel The log level filter.
numOfMesgs Specifies the number of log messages to be printed. The default is 20. Maximum value can be 256 Default value: 20
Output
Synopsis add authentication radiusaction <name> [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] -radKey <string> [-radNASip ( ENABLED | DISABLED )] [-radNASid <string>] [-radVendorID <positive_integer>] [-radAttributeType <positive_integer>] [-passEncoding <passEncoding>]
Description Use this command to add a profile for a RADIUS server. The profile contains all the configuration data necessary to communicate with a RADIUS server.
Arguments
name The name of the RADIUS action to be added.
serverip The IP address of the RADIUS server.
serverport The port on which RADIUS Server is running. The default is 1812. Default value: 1812
authTimeout The maximum number of seconds for which NetScaler system will wait for a response from the RADIUS server. Default value: 3
radKey The key shared between the client and the server. This information is required for the NetScaler system to communicate with the RADIUS server.
radNASip If enabled, the Netscaler's IP address (NSIP) is sent as the "nasip" according to the RADIUS protocol to the server. Possible values: ENABLED, DISABLED
add authentication radiusaction
radNASid If configured, this string is sent to the RADIUS server as the "nasid" according to the RADIUS protocol.
radVendorID The Vendor ID for using RADIUS group extraction.
radAttributeType The Attribute type for using RADIUS group extraction.
passEncoding This option specifies how password should be encoded in the radius packets from the netscaler to the radius server.Valid options are PAP default, CHAP, MSCHAPv1, MSCHAPv2. Possible values: pap, chap, mschapv1, mschapv2 Default value: PAP
Related Commands rm authentication radiusaction show authentication radiusaction
Synopsis rm authentication radiusaction <name>
Description Use this to remove a previously created RADIUS action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
Related Commands add authentication radiusaction show authentication radiusaction
Synopsis show authentication radiusaction
Description Use this command to display details of the configured RADIUS action(s).
Arguments
Output
Synopsis add authentication ldapaction <name> [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] [-ldapBase <string>] [-ldapBindDn <string>] [-ldapBindDnPassword <string>] [-ldapLoginName <string>] [-searchFilter <string>] [-groupAttrName <string>] [-subAttributeName <string>] [-secType <secType>]
Description Use this command to add a profile for an LDAP server. The profile contains all the configuration data necessary to communicate with the LDAP server..
Arguments
name The name for the new LDAP action.
serverip The IP address of the LDAP server. The default value is localhost.
serverport The port number on which the LDAP server is running. The default port number is 389. Default value: 389
authTimeout The maximum number of seconds for which the NetScaler system will wait for a response from the LDAP server. Default value: 3
ldapBase The base, or node, from where the ldapsearch should start. If the LDAP server is running locally, the default value of base is dc=netscaler, dc=com.
ldapBindDn The full distinguished name that is used to bind to the LDAP server. The default value of the bindDN is cn=Manager,dc=netscaler,dc=com.
add authentication ldapaction
ldapBindDnPassword The password that is used to bind to the LDAP server.
ldapLoginName The name attribute used by the NetScaler system to query the external LDAP server or an Active Directory.
searchFilter String to be combined with the default LDAP user search string to form the value. For example, vpnallowed=true with ldaploginame "samaccount" and user-supplied username "bob" would yield the LDAP search string "(&(vpnallowed=true)(samaccount=bob)".
groupAttrName The Attribute name for group extraction from LDAP server.
subAttributeName The Sub-Attribute name for group extraction from LDAP server.
secType Thisn option specifies if communication between the NetScaler 9000 system and the authentication server should be encrypted or not. The following values for this parameter are valid: PLAINTEXT: No encryption required. TLS: For using TLS protocol to communicate. SSL: For using SSL Protocol to communicate. Possible values: PLAINTEXT, TLS, SSL Default value: PLAINTEXT
Related Commands rm authentication ldapaction show authentication ldapaction
Synopsis rm authentication ldapaction <name>
Description Use this command to remove an LDAP action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
name The name of the LDAP action to be removed.
Related Commands add authentication ldapaction show authentication ldapaction
Synopsis show authentication ldapaction
Description Use this to display details of the configured LDAP action(s).
Arguments
Output
ldapBindDn
ldapLoginName
ldapBase
searchFilter
groupAttrName
subAttributeName
secType
Synopsis add authentication tacacsaction <name> [-serverip <ip_addr>] [-serverport <port>] [-authTimeout <positive_integer>] [-tacacsSecret <string>] [-authorization ( ON | OFF )] [-accounting ( ON | OFF )]
Description Use this command to add a profile for a TACACS+ server. The profile contains all the configuration data necessary to communicate with the TACACS+ server.
Arguments
name The name for the new TACACS+ action.
serverip The IP address of the TACACS+ server.
serverport The port on which the TACACS+ server is running. The default port is 49. Default value: 49
authTimeout The maximum number of seconds for which the NetScaler system will wait for a response from the TACACS+ server. Default value: 3
tacacsSecret The key shared between the client and the server. This information is required for the NetScaler system to communicate with the TACACS+ server.
authorization Specifies whether this TACACS+ server should be used for streaming authorization. Possible values: ON, OFF
accounting Specifies whether this TACACS+ server should be sent accounting messages. Possible values: ON, OFF
Related Commands rm authentication tacacsaction show authentication tacacsaction
Synopsis rm authentication tacacsaction <name>
Description Use this to remove a TACACS+ action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
Related Commands add authentication tacacsaction show authentication tacacsaction
Synopsis show authentication tacacsaction
Description Use this to display details of the configured TACACS+ action(s).
Arguments
Output
tacacsSecret
authorization Specifies whether this TACACS+ server should be used for streaming authorization.
accounting Specifies weahter this TACACS+ server should be sent accounting messages.
Related Commands add authentication tacacsaction rm authentication tacacsaction
Synopsis add authentication nt4action <name> [-serverip <ip_addr>] [-nt4ServerName <string>] [-nt4DomainName <string>] [-nt4AdminUser <string>] [-nt4AdminPasswd <string>]
Description Use this command to add a profile for an NT4 server. The profile contains all the configuration data necessary to communicate with the NT4 server.
Arguments
nt4ServerName The name of the NT4 server
nt4DomainName The domain name of the NT4 server
nt4AdminUser The username of an NT4 Domain Administrator
nt4AdminPasswd The password of the NT4 Domain Administrator
Related Commands rm authentication nt4action show authentication nt4action
Synopsis rm authentication nt4action <name>
Description Use this to remove an NT4 action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
name The name of the NT4 action to be removed.
Related Commands add authentication nt4action show authentication nt4action
Description This command adds a certificate action.
Arguments
name The name of the CERT action to be added.
twoFactor Specifies whether two factor authentication is on. Two factor authentication means client certificate authentication followed by password authentication. Possible values: ON, OFF Default value: OFF
userNameField Specifies which field in the client certificate to extract the username from. Should be of the format <field:subfield>. Allowed values for field are "Subject" and "Issuer".
Example add authentication certaction -twoFactor ON -userNameField "Subject:CN" -groupNameField "Subject:OU"
Related Commands add aaa certparam add authentication certpolicy show authentication certaction rm authentication certaction
Description This command displays the details of configured CERT action(s).
Arguments
Output
twoFactor Specifies whether two factor authentication is on.
userNameField Specifies which field in the certificate to extract the username from.
groupNameField Specifies which field in the certificate to extract the group from.
Related Commands add authentication certaction rm authentication certaction
Synopsis rm authentication certaction <name>
Description Use this to remove an cert action. Note that an action cannot be removed as long as it is configured in a policy.
Arguments
name The name of the NT4 action to be removed.
Related Commands add authentication certaction show authentication certaction
Synopsis show authentication nt4action
Description Use this to display the details of the configured NT4 action(s).
Arguments
Output
nt4ServerName
nt4DomainName
nt4AdminUser
Synopsis add authentication localpolicy <name> <rule>
Description Use this command to add an authentication LOCAL policy. The policy defines the conditions under which the kernel will authenticate the user.
Arguments
name The name to assign to the new authentication LOCAL policy.
Related Commands rm authentication localpolicy show authentication localpolicy set authentication localpolicy
Description Use this to remove an authentication LOCAL policy.
Arguments
Related Commands add authentication localpolicy show authentication localpolicy set authentication localpolicy
Description Use this to display configured LOCAL policies.
Arguments
name The name of the policy to display. If this option is not provided, all the configured LOCAL policies will be displayed.
Output
name
rule
Synopsis set authentication localpolicy <name> [-rule <expression>]
Description Use this command to change properties of a LOCAL policy.
Arguments
Related Commands add authentication localpolicy rm authentication localpolicy show authentication localpolicy
Synopsis add authentication radiuspolicy <name> <rule> [<reqAction>]
Description Use this command to add an authentication RADIUS policy. The policy defines the conditions under which the specified RADIUS server is to be used for authentication.
Arguments
name The name to assign to the new authentication RADIUS policy.
reqAction The name of the RADIUS action the policy is to use.
Related Commands rm authentication radiuspolicy show authentication radiuspolicy set authentication radiuspolicy
Description Use this to remove an authentication RADIUS policy.
Arguments
Related Commands add authentication radiuspolicy show authentication radiuspolicy set authentication radiuspolicy
Description Use this to display configured RADIUS policies.
Arguments
name The name of the policy to display. If this option is not provided, all the configured RADIUS policies will be displayed.
Output
name
rule
reqAction
Synopsis set authentication radiuspolicy <name> [-rule <expression>] [-reqAction <string>]
Description Use this command to change properties of a RADIUS policy.
Arguments
reqAction The new RADIUS action to be associated with the policy.
Related Commands add authentication radiuspolicy rm authentication radiuspolicy show authentication radiuspolicy
Synopsis add authentication certpolicy <name> <rule> [<reqAction>]
Description Use this command to add an authentication cert policy. The policy defines the conditions under which the specified cert action is to be used for authentication.
Arguments
name The name for the new policy.
reqAction The cert action to associate with the policy.
Related Commands set authentication certpolicy show authentication certpolicy rm authentication certpolicy
Synopsis set authentication certpolicy <name> [-rule <expression>] [-reqAction <string>]
Description Use this command to change the properties of a CERT policy.
Arguments
reqAction The new cert action to associate to the policy.
Related Commands add authentication certpolicy show authentication certpolicy rm authentication certpolicy
Description Use this to display configured CERT policies.
Arguments
name The name of the policy to display. If this option is not provided, all of the configured policies are shown.
Output
reqAction The cert action associated with the policy.
Related Commands add authentication certpolicy set authentication certpolicy rm authentication certpolicy
Description Use this to remove an CERT authentication policy.
Arguments
name The name of the CERT policy to be removed.
Related Commands add authentication certpolicy set authentication certpolicy show authentication certpolicy
Synopsis add authentication ldappolicy <name> <rule> [<reqAction>]
Description Use this command to add an authentication LDAP policy. The policy defines the conditions under which the specified LDAP server is to be used for authentication.
Arguments
name The name for the new policy.
reqAction The LDAP action to associate with the policy.
Related Commands rm authentication ldappolicy show authentication ldappolicy set authentication ldappolicy
Description Use this to remove an LDAP authentication policy.
Arguments
name The name of the LDAP policy to be removed.
Related Commands add authentication ldappolicy show authentication ldappolicy set authentication ldappolicy
Description Use this to display configured LDAP policies.
Arguments
name The name of the policy to display. If this option is not provided, all of the configured policies are shown.
Output
name
rule
reqAction
Description Use this to change properties of an LDAP policy.
Arguments
reqAction The new LDAP action to associate with the policy.
Related Commands add authentication ldappolicy rm authentication ldappolicy show authentication ldappolicy
Synopsis add authentication tacacspolicy <name> <rule> [<reqAction>]
Description Use this command to add an authentication TACACS+ policy. The policy defines the conditions under which the specified TACACS+ server is to be used for authentication.
Arguments
name The name of the new TACACS+ policy.
reqAction The name of the TACACS+ action to be associated with the policy.
Related Commands rm authentication tacacspolicy show authentication tacacspolicy set authentication tacacspolicy
Description Use this command to remove a TACACS+ policy.
Arguments
name The name of the TACACS+ policy to be removed.
Related Commands add authentication tacacspolicy show authentication tacacspolicy set authentication tacacspolicy
Description Use this to display the configured TACACS+ policies.
Arguments
name The name of the TACACS+ policy to display. If this option is not given, all of the configured TACACS+ policies are shown.
Output
name
rule
reqAction
Synopsis set authentication tacacspolicy <name> [-rule <expression>] [-reqAction <string>]
Description Use this command to change the properties of a TACACS+ policy.
Arguments
reqAction The new TACACS+ action to associate to the policy.
Related Commands add authentication tacacspolicy rm authentication tacacspolicy show authentication tacacspolicy
Synopsis add authentication nt4policy <name> <rule> [<reqAction>]
Description Use this command to add an authentication NT4 policy. The policy defines the conditions under which the specified NT4 server is to be used for authentication.
Arguments
name The name for the new NT4 policy.
reqAction The NT4 action the policy is to use.
Related Commands rm authentication nt4policy show authentication nt4policy set authentication nt4policy
Description Use this command to remove an NT4 policy.
Arguments
Description Use this command to display NT4 policies.
Arguments
name The name of the NT4 policy to be displayed. If this option is not given, all the configured NT4 policies will be shown.
Output
name
rule
reqAction
Synopsis set authentication nt4policy <name> [-rule <expression>] [-reqAction <string>]
Description Use this command to change the properties of an NT4 policy.
Arguments
name The name of the NT4 policy to be modified.
rule The name of the new rule to be associated with the policy.
reqAction The name of the NT4 action to be associated with the policy.
Related Commands add authentication nt4policy rm authentication nt4policy show authentication nt4policy
Synopsis add authorization policy <name> <rule> <action>
Description Use this command to add an authorization policy. Authorization policies are used to authorize access to resources for AAA users and AAA groups through the SSL VPN. By default, the SSLVPN is configured to allow access to all resources. Authorization policies can be used to alter this default action. (This can be modified for a SSLVPN session through vpn session policy. See "add vpn sessionpolicy"). Access to some resources can selectively be altered to DENY by binding one (or more) authorization policies to the AAA user (or AAA group). Once bound, an authorization policy acts on all incoming AAA user requests for resources. If the authorization policy's rule is evaluated to TRUE, the associated action (ALLOW/DENY) is applied. If the rule is evaluated to be FALSE, negation of the action applied implicitly. Multiple authorization policies may also be bound to AAA users and AAA groups and with different priorities (see "bind aaa user/ group"). If the policies are of different priorities the policies are sorted internally according to the priority in descending order. During evaluation of those policies the following principles are applied: 1. DENY has the highest priority and takes effect immediately. 2. ALLOW has next highest priority. It waits for any other DENY (explicit) from a authorization policy of same priority. 3. Implicit DENY has 3rd. highest priority. It waits for both explicit ALLOW/DENY of *any* priority. 4. Implicit ALLOW has lowest priority, waits for explicit ALLOW/DENY of any priority and Implict DENY of same priority.
Arguments
name The name for the new authorization policy.
rule The rule or expression for conditional evaluation of the policy. This rule can be an expression specified by "add policy expression." or it may be an inline expression.
add authorization policy
action The action to be taken when the expression is satisfied. The allowed actions are ALLOW or DENY.
Example Example: Consider the following authorization policy, "author-policy", add authorization policy author-policy "URL == /*.gif" DENY bind aaa user foo -policy author-policy If the user "foo" now logs in through the SSL VPN and makes any other request except "gif", the rule will be evaluated to FALSE, and the negetion of DENY, i.e. ALLOW, will be applied. So all those resource will implicitly be allowed to access. If "foo" tries to accesss "abc.gif" this access will be denied.
Related Commands rm authorization policy show authorization policy set authorization policy
Description Use this command to remove a configured authorization policy.
Arguments
name The name of the authorization policy to be removed.
Related Commands add authorization policy show authorization policy set authorization policy
Description Use this command to display all the configured authorization policies .
Arguments
Output
rule Rule of the policy.
action Authorization action associated with the policy. It can be either ALLOW or DENY.
Related Commands add authorization policy rm authorization policy set authorization policy
Synopsis set authorization policy <name> [-rule <expression>] [-action <string>]
Description Use this command to modify the rule or action value of a configured authorization policy.
Arguments
name The name of the authorization policy to be modified.
rule The new rule to be associated with the authorization policy.
action The new action to be associated with the authorization policy.
Related Commands add authorization policy rm authorization policy show authorization policy
Synopsis sync [<Mode> ...]
Description The sync command is used to synchronize SSL Certificates, SSL CRL lists, and SSL VPN bookmarks from the primary node to the secondary node in a high-availability pair. The node in primary state is always considered authoritative. Files are copied from primary to secondary overwriting all differences, even when the command is invoked from a node in secondary state. The sync command su

citrix netscaler application switch

Documents

XenDesktop With Citrix NetScaler

Integrating Cleafy with Citrix NetScaler · Cleafy Integration to Citrix NetScaler Install Guide Installation script Installing the Cleafy integration with Citrix NetScaler requires

Citrix NetScaler 1000V Release Notes, Release 10.5-61 · Citrix NetScaler 1000V Release Notes Citrix NetScaler 10.5-61.11 First Published: 2016-02-18. THE SPECIFICATIONS AND INFORMATION

Citrix NetScaler 1000V Release Notes, Release 11.0-66 · Citrix NetScaler 1000V Release Notes Citrix NetScaler 11.0-66.11 First Published: 2016-05-31 ... the NetScaler web application

Citrix NetScaler Access Gateway - Deepnet Security Netscaler... · Configure Citrix Receiver ... Register DualShield Radius Server 1. Log into the Citrix NetScaler ... Navigate to

NetScaler Data Sheet - Citrix

Citrix Netscaler

Why Citrix NetScaler Beats F5

Citrix Netscaler Deployment Document

Citrix Hybrid Cloud - IT Conferencesitconferences.net/wp-content/uploads/2016/11/Citrix-Hybrid-Cloud.pdf · Citrix Hybrid Cloud ... NetScaler NetScaler ADC NetScaler SD WAN Xen Family

Basic Administration for Citrix NetScaler 9.2. 1. Introducing and Deploying Citrix NetScaler 1.1. Introduction to the NetScaler System 1.1.1. NetScaler

Citrix NetScaler Application Firewall - Insight · Citrix NetScaler Application Firewall Datasheet citrix.com Citrix NetScaler Application Firewall Delivers PCI-DSS v.1.2 (section

Citrix netscaler-deployment-guide

Citrix Netscaler Gateway 10 - kb.swivelsecure.com

Citrix Netscaler Application Firewall Datasheet

Citrix NetScaler Load Balancer Configuration - Cisco · Citrix NetScaler Load Balancer Configuration • IntroductiontoCitrixNetScalerLoadBalancer,page1 • BasicConfiguration,page4

Citrix NetScaler courses india

Citrix Netscaler Intro

Citrix NetScaler - NDM Technologies · Citrix NetScaler Datasheet citrix.com Citrix NetScaler Make web applications run five times better. Citrix® NetScaler® is a web application

Citrix SCOM Management Pack for NetScaler User … 3 Chapter 1: Quick introduction About NetScaler Management Pack Citrix SCOM Management Pack for NetScaler (NetScaler Management Pack)

Integrating PingFederate with Citrix NetScaler as SAML SP · Citrix NetScaler as SAML SP ... Integrating PingFederate with Citrix NetScaler as SAML SP ... PingFederate by enabling

Nine reasons why Citrix NetScaler beats F5 · citrix.com/USgovernment Why Citrix NetScaler beats F5 | White Paper Nine reasons why Citrix NetScaler beats F5 An ADC solutions guide

Centralized Citrix NetScaler Management 1

NetScaler SDX 10 - Citrix Docs · Uploading NetScaler .Xva Images..... 77 Adding a NetScaler Instance ... REST Web Services ..... 152 System APIs ... The Citrix NetScaler SDX appliance

Installing Citrix workspace software - NetScaler AAA...Citrix SD-WAN (NetScaler SD-WAN) Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Citrix Web App Firewall (NetScaler AppFirewall)

CNS-205 Citrix NetScaler 10.5 Essentials and Networking · 2016. 7. 22. · CNS-205 Citrix NetScaler 10.5 Essentials and Networking Course Overview The objective of the Citrix NetScaler

Integrate Citrix NetScaler - EventTracker · 3 Integrate Citrix NetScaler Introduction The Citrix NetScaler makes applications run five times better, reduces web application ownership

Citrix Netscaler SD WAN

Citrix NetScaler 1000V ReleaseNotes...Citrix NetScaler 1000V ReleaseNotes Citrix NetScaler 11. - . 1 First Published: 201 -0 - THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS

Advanced Troubleshooting of Citrix NetScaler

Citrix NetScaler 1000V Release Notes, Release 10 · Citrix NetScaler 1000V Release Notes Citrix NetScaler 10.1 April 10, 2015. THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS

Citrix Systems, Inc. NetScaler Application Switch with Access

Integrate Citrix NetScaler

Citrix NetScaler 1000V Command Reference · citrix netscaler 1000v command reference citrix netscaler 10.1 october 3, 2013. the specifications and information regarding the products

8 reasons why Citrix NetScaler beats F5assets.citrix.com/.../ASSETS/Why_Citrix_NetScaler_Beats_F5.pdf · Citrix NetScaler White Paper 8 reasons why Citrix NetScaler beats F5