F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. ARX
  4. ARX CLI Reference Guide
  5. Running and Global-Configs
Manual Chapter : Running and Global-Configs

Applies To:

Show Versions Show Versions

ARX

  • 6.3.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>
33 
 
Running and Global-Configs
clear global-config
Purpose
* To be used for evaluations and emergency recovery procedures only. Contact your F5 representative for more information.*
Use the clear global-config command to erase all global-config parameters.
The global-config parameters are shared among both ARX peers in a redundant pair: primarily, namespaces and global servers. The traditional running-config applies only to the local switch.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax
clear global-config
Default(s)
None
Guidelines
This causes the switch to reboot. A prompt asks for confirmation before the CLI reboots the switch; enter yes to proceed.
If the switch is part of a redundant pair, you can only run this command on the senior switch. This reboots both switches in the pair.
Use this command to remove all namespaces, global servers, and other global-config parameters. This can be a useful alternative to delete startup-config, which deletes all running-config and global-config parameters. By preserving the running-config parameters, the network configuration remains intact; you can use the in-band (VLAN) management interfaces after clearing the global config.
However, this may leave back-end filers in a non-deterministic state. We strongly recommend using nsck ... destage on every active namespace before using this command.
Sample
bstnA# clear global-config
This removes all global configuration and reboots both chassis in the redundant pair in order to ensure services are removed properly.
 
Are you sure? [yes/no] yes
bstnA#
Broadcast message (Fri Sep 24 13:53:15 2004):
 
The system is going down for reboot NOW!
...
deletes all namespaces, global servers, and other shared parameters.
Related Commands
delete startup-config
nsck ... destage
copy global-config
Purpose
The global-config parameters are shared among both ARXes in a redundant pair. The traditional running-config applies only to the local switch. We recommend copying the global config to a remote server after any global-configuration change. Use the copy global-config command to copy the switchs global configuration to a local file, a remote server, an ARX volume, a remote ARX, or an email recipient.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax: FTP Upload
copy global-config ftp://[user[:password]@]server/file-name
 
ftp://[user[:password]@]server/file-name (1-1024 characters) is the syntax for uploading the startup-config:
user[:password]@ (optional) are the credentials for FTP access. If you omit them altogether, they default to the credentials set by the ip ftp-user command. If you enter the user but omit the password, the CLI prompts for the password before continuing.
server is the IP address or hostname for the FTP server.
file-name is the destination-file path. Lead with an extra slash (/) if the path is absolute (for example, ftp://10.1.1.5//var/cfgs/ac-gbl.cfg). Use only one slash if the path is local to the home directory for user (for example, ftp://10.1.1.5/ac-gbl.cfg).
Syntax: SCP Upload
copy global-config scp://user@server:dest-file [accept-host-key]
 
scp://user@server:dest-file (1-1024 characters) is the URL for the destination file:
user@ is the username to present to the other end of the SCP connection. This user must be valid at the remote host.
server: is the IP address or hostname for SCP host. End with a colon (:).
dest-file is the destination-file path. Lead with a slash (/) if the path is absolute (for example, scp://root@10.1.1.5:/var/configs/gblConf). Use no slash if the path is local to the home directory for user (for example, scp://root@10.1.1.5:myGlobal.cfg).
accept-host-key (optional) indicates that if the other end of the connection has an unknown SSH host key (that is, if it is new, or if its key has changed since the last time the host was contacted), the ARX should accept the new host key and continue with the upload. Otherwise, the ARX stops the upload if the host presents an unknown key.
Syntax: Sending to an ARX Volume
copy global-config {nfs|cifs} namespace vol file-name
 
nfs | cifs is a required choice. This chooses the protocol for the file transfer.
namespace (1-30 characters) identifies the namespace to hold the global-config file.
vol (1-1024 characters) is the volume name.
file-name (1-1024 characters) is the path to the config file, starting at the root of the volume.
Syntax: Sending to Another ARX
copy global-config ron remote-arx {configs|scripts} file-name
 
remote-arx (1-30 characters) is the hostname of the remote ARX to which you are sending the copy. This must be an ARX in the same Resilient-Overlay Network (RON); use show ron for a full list of hosts on the RON. The remote host checks your administrative credentials to confirm you have permission to copy the configuration file: the credentials are the ip ron-user, or the credentials you used to log into the CLI if no RON user is set.
configs | scripts is the destination directory at the remote host. This is a required choice.
file-name (1-1024 characters) is a destination-file name, for example, gblcfgbeta01.cfg, to which you copy/save the switchs global-configuration information.
Syntax: TFTP Upload
copy global-config tftp://server/file-name
 
tftp://server/file-name (1-1024 characters) is the URL for the global-config file:
server is the machine name (for example, mymachine.myco.com).
file-name is the desired path name for the file. Lead with an extra slash (/) if the path is absolute: for example, ...myserver//var/configs/gblConf specifies /var/configs/gblConf on myserver. Use only one slash if the path is local to the servers tftpboot directory. This conforms with the specification for FTP URLs in RFC 1738.
Syntax: Send in an Email
copy global-config smtp://[email-address/]file-name
 
smtp://[email-address/]file-name (1-1024 characters) is an email destination for the file:
smtp:// is required. This declares that the destination is an email address.
email-address (optional) is the recipient of the email in username@host format (for example, jsmith@myco.com). If you omit this, the CLI uses the default address set by the cfg-smtp to command.
file-name is the name of the global-config file. This is sent as an attachment to the outbound email message.
You must configure SMTP on the ARX before you use this syntax. Start with the smtp command in cfg mode.
Syntax: Local Copy
copy global-config {configs | diag-info | scripts} file-name
 
configs | diag-info | scripts is the destination directory. This is a required choice.
file-name (1-1024 characters) is a destination-file name, for example, gblcfgbeta01.cfg, to which you copy/save the switchs global-configuration information.
Default(s)
None
Guidelines
If you upload using SCP (a secure protocol), the CLI asks for a password. Provide a password for user. The user name and password must be valid at the SCP server. The CLI also prompts for a password if you use FTP and enter a user without a password.
Use this command to save the current global config to a file. The global-config contains all parameters that you set in gbl mode, such as namespaces, filers, and global servers. These parameters are shared between both peers in a redundant pair. You should make a copy of the global config after any change to these parameters. To save the global-config on a regular schedule, you can use this command with the at command.
 
You can use this file later to recreate the global configuration, if necessary; copy it to the scripts or config directory and use the run scripts config-file-name command.
Note: A global-config run changes the global config for both members of a redundant pair.
 
Use show directories to view all the local-directory listings.
To save all the local-config parameters, such as layer-2 and layer-3, use the copy running-config command. To save both running- and global-config into a single file, use copy startup-config.
To view the global config, use show global-config.
Note that this command, copy global-config, immediately creates the global-config file from the database and then copies it, so its date stamp is either the time you invoked the command or the time that the file was created at the remote server. This is different from copy configs boot-config, which copies a file that was created when the system was installed: the boot-config file may have a time stamp with the system-install time.
Samples
bstnA# copy global-config scripts ron.cfg
copies the global config into a new file, ron.cfg, in the scripts directory.
 
bstnA# copy global-config ftp://ftpuser:ftpuser@10.1.1.19/acopia-gbl.cfg
copies the global config to an FTP server at 10.1.1.19.
 
bstnA# copy global-config scp://juser@10.1.1.35:acopia-gbl.cfg
Password: jpasswd
copies the running config to an SCP server at 10.1.1.35.
Related Commands
copy ftp
copy scp
copy {nfs|cifs}
copy ron
copy tftp
copy smtp
run
ip ftp-user
ip ron-user
smtp
show directories
copy running-config
copy startup-config
show global-config
at
copy running-config
Purpose
The running-config is the parameters that apply to the local switch only, as opposed to a redundant peer. We strongly recommend saving the running-config after any configuration change. Use the copy running-config command to copy the switchs current running configuration to a local file, upload it to a remote server, place it into an ARX volume, or send it in an email message.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax: FTP Upload
copy running-config ftp://[user[:password]@]server/file-name
 
ftp://[user[:password]@]server/file-name (1-1024 characters) is the syntax for uploading the startup-config:
user[:password]@ (optional) are the credentials for FTP access. If you omit them altogether, they default to the credentials set by the ip ftp-user command. If you enter the user but omit the password, the CLI prompts for the password before continuing.
server is the IP address or hostname for the FTP server.
file-name is the destination-file path. Lead with an extra slash (/) if the path is absolute (for example, ftp://10.1.1.5//var/cfgs/ac-run.cfg). Use only one slash if the path is local to the home directory for user (for example, ftp://10.1.1.5/ac-run.cfg).
Syntax: SCP Upload
copy running-config scp://user@server:dest-file [accept-host-key]
 
scp://user@server:dest-file (1-1024 characters) is the URL for the destination file:
user@ is the username to present to the other end of the SCP connection. This user must be valid at the remote host.
server: is the IP address or hostname for SCP host. End with a colon (:).
dest-file is the destination-file path. Lead with a slash (/) if the path is absolute (for example, scp://root@10.1.1.5:/var/configs/runConf). Use no slash if the path is local to the home directory for user (for example, scp://root@10.1.1.5:myrun.cfg).
accept-host-key (optional) indicates that if the other end of the connection has an unknown SSH host key (that is, if it is new, or if its key has changed since the last time the host was contacted), the ARX should accept the new host key and continue with the upload. Otherwise, the ARX stops the upload if the host presents an unknown key.
Syntax: Sending to an ARX Volume
copy running-config {nfs|cifs} namespace vol file-name
 
nfs | cifs is a required choice. This chooses the protocol for the file transfer.
namespace (1-30 characters) identifies the namespace to hold the running-config file.
vol (1-1024 characters) is the volume name.
file-name (1-1024 characters) is the path to the config file, starting at the root of the volume.
Syntax: Sending to Another ARX
copy running-config ron remote-arx {configs|scripts} file-name
 
remote-arx (1-30 characters) is the hostname of the remote ARX to which you are sending the copy. This must be an ARX in the same Resilient-Overlay Network (RON); use show ron for a full list of hosts on the RON. The remote host checks your administrative credentials to confirm you have permission to copy the configuration file: the credentials are the ip ron-user, or the credentials you used to log into the CLI if no RON user is set.
configs | scripts is the destination directory at the remote host. This is a required choice.
file-name (1-1024 characters) is a destination-file name, for example, rnngcfgPrtlnd.cfg, to which you copy/save the switchs running-configuration information.
Syntax: TFTP Upload
copy running-config tftp://server/file-name
 
tftp://server/file-name (1-1024 characters) is the URL for the running-config file:
server is the machine name (for example, mymachine.myco.com).
file-name is the desired path name for the file. Lead with an extra slash (/) if the path is absolute: for example, ...myserver//var/configs/runConf specifies /var/configs/runConf on myserver. Use only one slash if the path is local to the servers tftpboot directory. This conforms with the specification for FTP URLs in RFC 1738.
Syntax: Send in an Email
copy running-config smtp://[e-mail-address/]file-name
 
smtp://[e-mail-address/]file-name (1-1024 characters) is an E-mail destination for the file:
smtp:// is required. This declares that the destination is an E-mail address.
e-mail-address (optional) is the recipient of the E-mail in username@host format (for example, jsmith@myco.com). If you omit this, the CLI uses the default address set by the cfg-smtp to command.
file-name is the name of the running-config file. This is sent as an attachment to the outbound E-mail message.
You must configure SMTP on the ARX before you use this syntax. Start with the smtp command in cfg mode.
Syntax: Local Copy
copy running-config {configs | diag-info | scripts} file-name
 
configs | diag-info | scripts is the destination directory. This is a required choice.
file-name (1-1024 characters) is a file name (for example, arxbeta02.cfg) to which you copy the switchs running-config information.
Default(s)
None
Guidelines
If you upload using SCP (a secure protocol), the CLI asks for a password. Provide a password for user. The user name and password must be valid at the SCP server. The CLI also prompts for a password if you use FTP and enter a user without a password.
Use this command to save the current running configuration to a file in the event you need to recreate the local configuration later. The running-config contains all of the parameters that you create under cfg mode, such as layer-2 and layer-3 configuration. These parameters apply only to the current switch, as opposed to a redundant peer. You should save a copy of the running config after any configuration change. To save the running-config on a regular schedule, you can use this command with the at command.
To copy global parameters to a file, such as namespaces and global servers, use the copy global-config command. To save both running- and global-config into a single file, use copy startup-config.
The show running-config command shows the config at the CLI prompt.
To recreate the running config (either on the same switch or a replacement switch), copy it to the scripts or config directory and use the run scripts config-file-name command.
Note that this command, copy running-config, immediately creates the running-config file from the database and then copies it, so its date stamp is either the time you invoked the command or the time that the file was created at the remote server. This is different from copy configs boot-config, which copies a file that was created when the system was installed: the boot-config file may have a time stamp with the system-install time.
Samples
bstnA# copy running-config config aco-run.cfg
copies the running config into the new aco-run.cfg file in the config directory.
 
bstnA# copy running-config ftp://10.1.1.19/acopia-run.cfg
copies the running config to an FTP server at 10.1.1.19.
 
bstnA# copy running-config smtp://jsmith@myco.com/ARX-run.cfg
sends the running config in an E-mail to jsmith@myco.com.
 
bstnA# copy running-config scp://juser@10.1.1.35:acopia-run.cfg
Password: jpasswd
copies the running config to an SCP server at 10.1.1.35.
Related Commands
copy ftp
copy scp
copy {nfs|cifs}
copy ron
copy tftp
copy smtp
run
ip ftp-user
ip ron-user
smtp
show configs
copy global-config
copy startup-config
show running-config
at
copy startup-config
Purpose
Use the copy startup-config command to copy the switchs full configuration (both running-config and global-config) to a specified directory and file. You can also use this command to upload the file to a remote server or send it in an E-mail message.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax: FTP Upload
copy startup-config ftp://[user[:password]@]server/file-name
 
ftp://[user[:password]@]server/file-name (1-1024 characters) is the syntax for uploading the startup-config:
user[:password]@ (optional) are the credentials for FTP access. If you omit them altogether, they default to the credentials set by the ip ftp-user command. If you enter the user but omit the password, the CLI prompts for the password before continuing.
server is the IP address or hostname for the FTP server.
file-name is the destination-file path. Lead with an extra slash (/) if the path is absolute (for example, ftp://10.1.1.5//var/cfgs/ac-start.cfg). Use only one slash if the path is local to the home directory for user (for example, ftp://10.1.1.5/ac-start.cfg).
Syntax: SCP Upload
copy startup-config scp://user@server:dest-file [accept-host-key]
 
scp://user@server:dest-file (1-1024 characters) is the URL for the destination file:
user@ is the username to present to the other end of the SCP connection. This user must be valid at the remote host.
server: is the IP address or hostname for SCP host. End with a colon (:).
dest-file is the destination-file path. Lead with a slash (/) if the path is absolute (for example, scp://root@10.1.1.5:/var/configs/startConf). Use no slash if the path is local to the home directory for user (for example, scp://root@10.1.1.5:mystart.cfg).
accept-host-key (optional) indicates that if the other end of the connection has an unknown SSH host key (that is, if it is new, or if its key has changed since the last time the host was contacted), the ARX should accept the new host key and continue with the upload. Otherwise, the ARX stops the upload if the host presents an unknown key.
Syntax: Sending to an ARX Volume
copy startup-config {nfs|cifs} namespace vol file-name
 
nfs | cifs is a required choice. This chooses the protocol for the file transfer.
namespace (1-30 characters) identifies the namespace to hold the startup-config file.
vol (1-1024 characters) is the volume name.
file-name (1-1024 characters) is the path to the config file, starting at the root of the volume.
Syntax: Sending to Another ARX
copy startup-config ron remote-arx {configs|scripts} file-name
 
remote-arx (1-30 characters) is the hostname of the remote ARX to which you are sending the copy. This must be an ARX in the same Resilient-Overlay Network (RON); use show ron for a full list of hosts on the RON. The remote host checks your administrative credentials to confirm you have permission to copy the configuration file: the credentials are the ip ron-user, or the credentials you used to log into the CLI if no RON user is set.
configs | scripts is the destination directory at the remote host. This is a required choice.
file-name (1-1024 characters) is a destination-file name, for example, strtUpBstn.cfg, to which you copy/save the switchs startup-configuration information.
Syntax: TFTP Upload
copy startup-config tftp://server/file-name
 
tftp://server/file.tgz (1-1024 characters) is the URL for the startup-config file:
server is the machine name (for example, mymachine.myco.com).
file-name is the desired path name for the file. Lead with an extra slash (/) if the path is absolute: for example, ...myserver//var/configs/startConf specifies /var/configs/startConf on myserver. Use only one slash if the path is local to the servers tftpboot directory. This conforms with the specification for FTP URLs in RFC 1738.
Syntax: Send in an E-Mail
copy startup-config smtp://[e-mail-address/]file-name
 
smtp://[e-mail-address/]file-name (1-1024 characters) is an E-mail destination for the file:
smtp:// is required. This declares that the destination is an E-mail address.
e-mail-address (optional) is the recipient of the E-mail in username@host format (for example, jsmith@myco.com). If you omit this, the CLI uses the default address set by the cfg-smtp to command.
file-name is the name of the startup-config file. This is sent as an attachment to the outbound E-mail message.
You must configure SMTP on the ARX before you use this syntax. Start with the smtp command in cfg mode.
Syntax: Local Copy
copy startup-config {configs | diag-info | scripts} file-name
 
configs | diag-info | scripts selects a local destination directory. You can run the file as a script later if you save it to the configs or scripts directory.
file-name (1-1024 characters) is a local-file name (for example, arxbeta02.cfg) to which you copy the switchs startup-config information.
Default(s)
None
Guidelines
If you upload using SCP (a secure protocol), the CLI asks for a password. Provide a password for user. The user name and password must be valid at the SCP server. The CLI also prompts for a password if you use FTP and enter a user without a password.
Use this command to save both the running-config and the global config to a file in the event you need to recreate the configuration. The running-config has all of the configuration parameters that apply to the current switch, and the global config has all the shared parameters for the redundant pair. To copy these configs individually, use copy running-config and/or copy global-config. After any configuration change, we recommend saving a copy of the changed configuration to an external server.
You can use this file later to recreate the full configuration, if necessary; copy it to the scripts directory and use the run scripts config-file-name command.
Note: A startup-config run changes the global config for both members of a redundant pair.
 
To erase all configuration parameters and restart the configuration, you can delete the startup-config file (delete startup-config) and reboot (reload). This brings you back to the initial-boot script.
Note that this command, copy startup-config, immediately creates the startup-config file from the database and then copies it, so its date stamp is either the time you invoked the command or the time that the file was created at the remote server. This is different from copy configs boot-config, which copies a file that was created when the system was installed: the boot-config file may have a time stamp with the system-install time.
Samples
bstnA# copy startup-config config aco-startup.cfg
copies the startup config into the config directory.
 
bstnA# copy startup-config ftp://10.1.1.19/aco-start.cfg
copies the startup config to an FTP server at 10.1.1.19.
 
bstnA# copy startup-config scp://juser@10.1.1.19:aco-start.cfg
Password: jpasswd
copies the startup config to an SCP server at 10.1.1.19.
Related Commands
copy ftp
copy scp
copy {nfs|cifs}
copy ron
copy tftp
copy smtp
copy running-config
copy global-config
run
ip ftp-user
ip ron-user
smtp
delete startup-config
show configs
show running-config
delete startup-config
Purpose
The startup-config contains all parameters in both the running config and the global config. When the switch starts up, it runs all of these CLI commands. Without this file, the switch has no network configuration (other than the OOB management interface) or global configuration (namespace, global servers, and so on). The only administrative users that remain are those with crypto-officer roles.
Use this command to delete the startup-config file.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax
delete startup-config
Default(s)
None
Guidelines
Before you delete the configuration, we recommend saving a copy with the copy startup-config command.
The CLI prompts for confirmation before deleting the startup-config file. Enter yes to continue.
After you delete the startup-config file, the chassis comes up from its next reboot with minimal configuration. You can use the reload command to invoke a reboot. Before the next reboot, you can use restore startup-config to recover a mistakenly-deleted startup-config.
Note that this deletes most of your network parameters, so you will only be able to log in through the OOB management port after reboot. To clear only namespaces, global servers, and other global parameters, you can use clear global-config instead.
To remove the remaining parameters and go back to the initial-boot script after the next reboot, you can also use delete configs boot-config. This eliminates the OOB management port, too, requiring you to log in through the Console port after reboot.
Sample
bstnA# delete startup-config
Related Commands
restore startup-config
copy ftp
copy scp
copy {nfs|cifs}
copy tftp
copy startup-config
show configs
show running-config
clear global-config
delete configs boot-config
restore startup-config
Purpose
The startup-config contains all parameters in both the running config and the global config. When the switch starts up, it runs all of these CLI commands. Without this information, the switch has no network configuration (other than the OOB management interface) or global configuration (namespace, global servers, and so on). The only administrative users that remain are those with crypto-officer roles. If the startup config was previously deleted, but no reboot has occurred since that delete, you can use this command to restore it.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax
restore startup-config
Default(s)
None
Guidelines
The CLI prompts for confirmation before restoring the startup-config file. Enter yes to continue.
This recreates the current configuration and expresses it as a series of CLI commands. You can use this command after you previously removed the startup-config with the delete startup-config command. This recovers from a mistakenly-deleted configuration. To confirm that the command was successful, you can use the show configs command and confirm that a new startup-config entry is in the listing.
If you run delete startup-config and reload before running this command, the chassis boots up without any configuration parameters. The restore startup-config command is no-longer useful after the chassis reboots.
Sample
bstnA# restore startup-config
 
Restore file 'startup-config' in directory 'configs'? [yes/no] yes
Related Commands
delete startup-config
show configs
copy startup-config
save boot-config
Purpose
The boot-config file contains all of the parameters that are set by the initial-boot script (described in the Hardware Installation Guides). If this file is absent when the switch boots, the switch reruns this script. Use the save boot-config command to ensure that the switch keeps its boot-config for the next reboot.
Mode
priv-exec
Security Role(s)
network-technician, network-engineer, storage-engineer, or crypto-officer
Syntax
save boot-config
Default(s)
None
Guidelines
After you delete the boot-config file (with delete configs boot-config) and reboot, the Console goes to the initial-boot script (described in the Hardware Installation Guides). The CLI starts after you answer all of the questions in the initial-boot script.
This command prevents re-running the initial-boot script. It creates a text file named boot-config, which you can see with the show configs command. You can use the copy command (copy ftp, copy scp, copy {nfs|cifs}, or copy tftp) to upload it to an external host, or to download a new boot-config script.
Sample
bstnA# save boot-config
Related Commands
delete configs boot-config
show configs
copy ftp
copy scp
copy {nfs|cifs}
copy tftp
show global-config
Purpose
Use the show global-config command to view an ordered list of CLI commands required to recreate the current global-config state.
Mode
(any)
Security Role(s)
crypto-officer, storage-engineer, network-engineer, network-technician, or operator
Syntax
show global-config
show global-config [filer|global-server|schedule|security|
config-replication]
show global-config archive [file-history-archive]
show global-config {nfs|cifs} [fqdn]
show global-config namespace [name [volume]]
 
filer | global-server | policy | security | config-replication are optional choices to focus on one section of the global-config report.
filer specifies external-filer details.
global-server specifies global-server configurations.
schedule specifies policy schedules.
security specifies security information such as management services authentication providers.
config-replication focuses the output on config-replication rules.
archive is an optional choice to focus on the archive section of the global-config report. This section has the configuration for every file-history archive on the ARX. Unless you specify a particular file-history-archive name, this shows the configurations for all of them.
file-history-archive (optional, 1-64 characters) identifies a particular archive.
nfs | cifs specifies that you want to focus on NFS or CIFS services only. Unless you include an fqdn, this shows all front-end services of the given type.
fqdn (optional, 1-128 characters) identifies a particular NFS or CIFS service (for example, www.medarcv.com). For a list of all NFS and CIFS services, use the show virtual service command.
namespace specifies that you want to focus on namespaces only. If you omit the name, all namespaces are shown.
name (optional, 1-30 characters) identifies a particular namespace (for example, medarcv). Use show namespace for a list of all namespaces.
volume (optional, 1-1024 characters) identifies a particular namespace volume (for example, /usr).
Default(s)
None
Guidelines
The output appears in table format by sections. The sections correspond to groups of commands for setting up major portions of the global configuration (such as namespaces, global servers, filers, policy, security, and so on).
The global-config parameters are shared among both peers in a redundant pair; they do not include parameters that apply to the current switch only. For parameters that apply to the local switch, such as layer 2 and 3 parameters, use show running-config.
After changes to the configuration, we recommend using copy global-config to save this text off to a file.
Later, to recreate a saved global-config, paste the text at the CLI prompt (from priv-exec mode) or copy the file from a remote server and use the run command to run it as a script.
Passwords and private SSH keys appear in encrypted form. Only the current switch (or a replacement for the current switch) can interpret and use this private information.
Note: A global-config run changes the global config for both members of a redundant pair.
Samples
bstnA> show global-config
shows the full global-config. Figure 33.1 shows a sample report.
 
bstnA> show global-config filer
shows all filer-configuration settings. See Figure 33.2 on page 33-36 for sample output.
 
bstnA> show global-config namespace wwmed
shows the CLI commands to recreate one namespace, wwmed. See Figure 33.3 on page 33-38 for sample output.
 
bstnA> show global-config cifs
shows all configuration settings for all front-end-CIFS services.
Related Commands
copy ftp
copy scp
copy {nfs|cifs}
copy tftp
copy global-config
show running-config
show virtual service
show namespace
Figure 33.1 Sample Output: show global-config
bstnA> show global-config
; ARX-4000
; Version 6.03.000.14755 (Jun 15 2012 20:15:33) [nbuilds]
; Database version: 603000.1
; Generated global-config Wed Jun 20 01:43:32 2012
;
terminal character-set unicode-utf-8
;================================ global =================================
global
kerberos health-check threshold 3500
nfs tcp timeout 30
;================================= user ==================================
user adm1 encrypted-password SJBTvfyAgjK+1KTc0VmTWklCBT9+0GbV+HjsqPjwtF0=
exit
 
user adm12 encrypted-password F2UeAvyAgjK+1KTc0VmTWklCBT9+0GbVHVx5DAjKXDInjHnMnlGCGA==
exit
 
user admin encrypted-password 9b6cfPyAgjK+1KTc0VmTWklCBT9+0GbVdk+GWbvyCEs=
exit
 
user newadmin encrypted-password FvbLkvyAgjK+1KTc0VmTWklCBT9+0GbVhtlm5b7fbnS9Zc5PZUaYYg==
exit
 
;================================= group =================================
group Administrators
role backup-operator
role crypto-officer
role network-engineer
role operator
role storage-engineer
windows-domain MEDARCH.ORG
exit
 
group "Backup Operators"
role backup-operator
role operator
windows-domain MEDARCH.ORG
exit
 
group "Domain Admins"
role backup-operator
role crypto-officer
role network-engineer
role operator
role storage-engineer
windows-domain MEDARCH.ORG
exit
 
group "Domain Users"
role operator
windows-domain MEDARCH.ORG
exit
 
group "Enterprise Admins"
role backup-operator
role crypto-officer
role network-engineer
role operator
role storage-engineer
windows-domain MEDARCH.ORG
exit
 
group admins
role storage-engineer
user adm1
user adm12
exit
 
group crypto-officer
user admin
user newadmin
exit
 
group operator
user admin
user newadmin
user adm1
user adm12
exit
 
;============================= radius-server =============================
radius-server 192.168.25.201
exit
 
radius-server 192.168.25.207
auth-port 5555
retries 4
timeout 10
exit
 
;============================= ntlm-auth-db ==============================
ntlm-auth-db ntlmMap2
user lab encrypted-password /ICCMr7UpNzRWZNaSUIFP37QZtVljtR/PsjEWYCYyWDBAZes
exit
 
;=========================== active-dir-forest ===========================
active-directory-forest MEDARCH.ORG
forest-root MEDARCH.ORG 192.168.25.102 preferred
forest-root MEDARCH.ORG 192.168.25.104 preferred
forest-root MEDARCH.ORG 192.168.25.111 preferred
forest-root MEDARCH.ORG 10.51.104.120 preferred
forest-root MEDARCH.ORG 192.168.25.109 preferred
forest-root MEDARCH.ORG 192.168.25.110 preferred
tree-domain bostonmed.org 172.16.74.89 preferred
tree-domain bostonmed.org 172.16.74.88 preferred
tree-domain fdtestnet.net 172.16.168.21 preferred
tree-domain fdtestnet.net 172.16.168.22 preferred
child-domain bostoncifs.fdtestnet.net 10.19.230.94 preferred
child-domain bostoncifs.fdtestnet.net 10.19.230.74 preferred
child-domain bostoncifs.fdtestnet.net 10.19.230.88 preferred
child-domain westcoast.medarch.org 192.168.202.9 preferred
child-domain westcoast.medarch.org 192.168.202.10 preferred
child-domain westcoast.medarch.org 192.168.202.11 preferred
child-domain westcoast.medarch.org 192.168.202.16 preferred
child-domain ma.ne.medarch.org 192.168.25.103 preferred
child-domain ma.ne.medarch.org 192.168.25.105 preferred
child-domain ne.medarch.org 172.16.124.73 preferred
child-domain ne.medarch.org 172.16.124.19 preferred
name-server MEDARCH.ORG 192.168.25.102
name-server MEDARCH.ORG 192.168.25.104
exit
 
active-directory-forest WELLS.ME.ORG
forest-root wells.me.org 172.16.108.136
forest-root wells.me.org 172.16.108.139
child-domain adk.wells.me.org 172.16.110.8
child-domain adk.wells.me.org 172.16.110.5
child-domain york.wells.me.org 172.16.120.22
child-domain york.wells.me.org 172.16.120.5
exit
 
active-directory-forest VT.COM
forest-root VT.COM 172.16.213.79
forest-root VT.COM 172.16.213.8
tree-domain ATLANTIC.ME.ORG 172.16.210.14
tree-domain ATLANTIC.ME.ORG 172.16.210.7
child-domain MCNIELS.VT.COM 172.16.240.70
child-domain MCNIELS.VT.COM 172.16.240.88
child-domain BSH.ATLANTIC.ME.ORG 172.16.110.11
child-domain BSH.ATLANTIC.ME.ORG 172.16.210.9
exit
 
active-directory forest-trust MEDARCH.ORG wells.me.org
;============================== proxy-user ===============================
proxy-user acoProxy1
description "jq's admin account"
user jqprivate encrypted-password OE8mnPyAgjK+1KTc0VmTWklCBT9+0GbVU/6HfY3inX6o7MV7/4TI3A==
windows-domain WWMEDNET.COM
exit
 
proxy-user acoProxy3
user jqtester encrypted-password gY6GL/yAgjK+1KTc0VmTWklCBT9+0GbV+XaHQh9/yJxJc0pjhFnFBw==
windows-domain FDTESTNET.COM pre-win2k-name BOSTONCIFS
exit
 
proxy-user cifs_admin
user Administrator encrypted-password 9b6cfPyAgjK+1KTc0VmTWklCBT9+0GbVdk+GWbvyCEs=
windows-domain MEDARCH.ORG
exit
 
proxy-user emc_admin
user nasadmin encrypted-password xNSGZfyAgjK+1KTc0VmTWklCBT9+0GbVmTdfhovzjtMuC99zoYWuBg==
exit
 
proxy-user nas_admin
user root encrypted-password 9b6cfPyAgjK+1KTc0VmTWklCBT9+0GbVdk+GWbvyCEs=
exit
 
proxy-user nas_admin2
user root encrypted-password 9b6cfPyAgjK+1KTc0VmTWklCBT9+0GbVdk+GWbvyCEs=
exit
 
proxy-user ny_admin
user jqpublic encrypted-password cIxRfPyAgjK+1KTc0VmTWklCBT9+0GbVI9DCs7SdYgs=
windows-domain WELLS.ME.ORG
exit
 
proxy-user acoProxy2
description "user with backup and admin creds on our servers"
user jqpublic encrypted-password cIxRfPyAgjK+1KTc0VmTWklCBT9+0GbVI9DCs7SdYgs=
windows-domain MEDARCH.ORG
exit
 
;============================== nis-domain ===============================
nis domain wwmed.com
ip address 192.168.25.201
ip address 192.168.25.204
ip address 192.168.25.205
exit
 
;============================ nfs-access-list ============================
nfs-access-list eastcoast
anonymous-gid 100
anonymous-uid 100
description "allowable subnets in MA, WELLS, & DC"
nis domain wwmed.com
permit 172.16.100.0 255.255.255.0 read-write root squash
permit 172.16.204.0 255.255.255.0 read-only root allow
permit 172.16.0.0 255.255.0.0 read-write root squash
permit netgroup surgeons read-write root allow
permit netgroup medtechs read-only root squash
deny 192.168.77.0 255.255.255.0
deny 192.168.202.0 255.255.255.0
permit 192.168.98.0 255.255.255.0 read-write root allow
permit 192.168.0.0 255.255.0.0 read-write root squash
exit
 
nfs-access-list westcoast
permit 172.209.3.0 255.255.255.0 read-write root squash
permit 172.214.1.0 255.255.255.0 read-write root squash
exit
 
;============================ external-filer =============================
external-filer das1
description "financial data (LINUX filer, rack 14)"
ip address 192.168.25.19
exit
 
external-filer das2
description "Solaris filer 2 (rack 16)"
ip address 192.168.25.22
exit
 
external-filer das3
description "Solaris filer 3 (rack 16)"
ip address 192.168.25.23
exit
 
external-filer das7
description "Redhat-LINUX filer 1"
ip address 192.168.25.24
exit
 
external-filer das8
description "Redhat-LINUX filer 2"
ip address 192.168.25.25
exit
 
external-filer fs1
cifs-port 445
description "misc patient records (Table 3)"
ip address 192.168.25.20
exit
 
external-filer fs2
cifs-port 445
description "bulk storage server (Table 3)"
filer-type windows port 80
ip address 192.168.25.27
proxy-user cifs_admin
manage snapshots
exit
 
external-filer fs3
cifs-port 445
description "Hematology lab server (Table 8)"
ip address 192.168.25.28
exit
 
external-filer fs4
cifs-port 445
description "prescription records (Table 3)"
ip address 192.168.25.29
exit
 
external-filer fs5
cifs-port 445
description "docs, invoices, for scanners (Table 7)"
ip address 192.168.25.71
exit
 
external-filer nas1
cifs-port 445
description "NAS filer 1 (rack 31)"
filer-type network-appliance management-protocol ssh
ip address 192.168.25.21
ip address 192.168.25.61 secondary
ip address 192.168.25.62 secondary
nfs tcp connections 16
proxy-user nas_admin2
manage snapshots
exit
 
external-filer nas10
cifs-port 445
description "NAS filer 10 (rack 38)"
filer-type network-appliance management-protocol rsh
ip address 192.168.25.49
proxy-user nas_admin
manage snapshots
exit
 
external-filer nas11
cifs-port 445
description "filer 11 (rack 38)"
filer-type network-appliance management-protocol rsh
ip address 192.168.25.48
proxy-user nas_admin
manage snapshots
exit
 
external-filer nas2
description "NAS filer 2 (rack 31)"
ip address 192.168.25.44
exit
 
external-filer nas3
description "NAS filer 3 (rack 32)"
ip address 192.168.25.47
exit
 
external-filer nasE1
cifs-port 445
description "NAS filer E1"
filer-type emc management-protocol ssh
ignore-name lost+found
ip address 192.168.25.51
ip address 192.168.25.52 management
proxy-user emc_admin
manage snapshots
exit
 
external-filer smb1
cifs connection-limit 500
description "Samba filer"
ip address 192.168.25.48
exit
 
;=============================== schedule ================================
schedule backupWindow
description "regular backup times"
duration 04:00:00
every 1 days
start 11/12/2006:13:00:00
exit
 
schedule daily4am
description "two hours between 4 and 6 AM"
duration 02:00:00
every 1 days
start 09/04/2005:04:00:00
stop 01/07/2015:04:00:00
exit
 
schedule hourly
every 1 hours
start 06/20/2012:00:45:00
exit
 
schedule weekly
start 05/06/1995:02:00:00
exit
 
;============================= global policy =============================
policy-filename-fileset website
path exact /www/xml/
name regexp not "\.(wmv|avi)$"
recurse
exit
 
policy-filename-fileset hiddenFiles
path regexp "/\.[^\.]"
exit
 
policy-filename-fileset xmlFiles
name match *.xml
recurse
exit
 
policy-filename-fileset fm_pdf
name regexp "\.(fm|pdf)$" ignore-case
recurse
exit
 
policy-filesize-fileset veryLarge
select-files larger-than-or-equal-to 5M
exit
 
policy-union-fileset bulky
from fileset fm_pdf
from fileset veryLarge
exit
 
policy-age-fileset dayOld
select-files older-than 1 days
Last Accessed
exit
 
policy-filename-fileset allDirs
recurse
exit
 
policy-cifs-attributes-fileset online
offline clear
exit
 
policy-intersection-fileset onlineDayOld
from fileset online
from fileset dayOld
exit
 
policy-age-fileset modThisMonth
select-files newer-than 1 months
exit
 
policy-age-fileset modEarlier
select-files older-than 1 months
exit
 
policy-age-fileset 2mo
select-files newer-than 2 months
exit
 
;============================= win-mgmt-auth =============================
windows-mgmt-auth fullAccess
permit all any
user juser windows-domain MEDARCH.ORG
user jquser windows-domain MEDARCH.ORG
exit
 
windows-mgmt-auth readOnly
permit session monitor
permit share monitor
permit snapshot monitor
user mhoward_md windows-domain MEDARCH.ORG
user zmarx_cpa windows-domain MEDARCH.ORG
user lfine_md windows-domain MEDARCH.ORG
user choward_md windows-domain MEDARCH.ORG
exit
 
windows-mgmt-auth snapViewers
permit snapshot monitor
user juser windows-domain MEDARCH.ORG
user jquser windows-domain MEDARCH.ORG
exit
 
;======================= namespace managed volumes =======================
namespace medco
protocol nfs3tcp
exit
 
;======================= namespace managed volumes =======================
namespace wwmed
protocol nfs3
protocol nfs3tcp
description "namespace for World-Wide Medical network"
volume /acct
metadata critical
modify
policy pause backupWindow
reimport-modify
reserve files 4000000
metadata share nas1 nfs3 /vol/vol2/meta1
share bills
import sync-attributes
policy freespace percent 2 resume-migrate 3
critical
filer das8 nfs /work1/accting
enable
exit
 
share bills2
import sync-attributes
policy freespace percent 2 resume-migrate 3
filer das3 nfs /exports/acct2
enable
exit
 
share budget
policy freespace percent 2 resume-migrate 3
filer das1 nfs /exports/budget
enable
exit
 
share it5
import sync-attributes
policy freespace percent 2 resume-migrate 3
filer das7 nfs /lhome/it5
enable
exit
 
share-farm fm1
share bills
share budget
share bills2
balance capacity
auto-migrate
enable
exit
 
place-rule docs2das8
report docsPlc verbose
inline report hourly docsPlc verbose
from fileset bulky
target share bills
limit-migrate 50G
enable
exit
 
volume-group 1
enable
exit
 
exit
 
;======================= namespace managed volumes =======================
namespace medarcv
protocol cifs
cifs authentication kerberos
cifs authentication ntlm
cifs authentication ntlmv2
cifs filer-signatures
proxy-user acoProxy2
windows-mgmt-auth readOnly
windows-mgmt-auth fullAccess
windows-mgmt-auth snapViewers
sam-reference fs2
volume /lab_equipment
cifs access-based-enum auto-enable
modify
reimport-modify
reserve files 4000000
snapshot directory display all-exports
snapshot privileged-access
snapshot vss-mode none
auto sync files
metadata share nas1 nfs3 /vol/vol2/meta6
no compressed-files
named-streams
persistent-acls
no sparse-files
unicode-on-disk
share backlots
import sync-attributes
policy freespace percent 3 resume-migrate 5
filer fs2 cifs backlot_records
enable
exit
 
share equip
import priority 1
import skip-managed-check
import sync-attributes
policy freespace percent 3 resume-migrate 5
filer nas10 cifs equipment
enable
exit
 
share equipSnap
replica-snap
filer nas11 cifs equipBkup
enable
exit
 
share leased
import priority 1
import sync-attributes
policy freespace percent 3 resume-migrate 5
filer nas10 cifs for_lease
enable
exit
 
share leasedSnap
replica-snap
filer nas11 cifs leasedBkup
enable
exit
 
share scanners
cifs access-based-enum exclude
import sync-attributes
policy freespace percent 3 resume-migrate 5
filer fs5 cifs xraysScanners
enable
exit
 
share-farm tier1
share equip
share leased
balance capacity
auto-migrate
enable
exit
 
share-farm tier2
share backlots
share scanners
balance capacity
enable
exit
 
snapshot rule hourlySnap
schedule hourly
report snap_hourly
enable
exit
 
snapshot rule dailySnap
schedule daily4am
report snap_daily
retain 7
enable
exit
 
snapshot replica-snap-rule mirrorSnap
schedule weekly
report snap_offsite_weekly
retain 52
enable
exit
 
snapshot rule labArchive
schedule daily4am
report FA_lab
archive fileRecordsMed
no contents user-data
contents volume-config metadata
enable
exit
 
place-rule busy2tier1
schedule daily4am
report leTier1 verbose delete-empty
inline report hourly leTier1 verbose
from fileset modThisMonth
target share-farm tier1
enable
exit
 
place-rule nonbusy2tier2
schedule daily4am
report leTier2 verbose delete-empty
from fileset modEarlier
target share-farm tier2
no inline notify
enable
exit
 
place-rule masterDirs2Tier1
from fileset allDirs match directories promote-directories
target share-farm tier1
enable
exit
 
volume-group 2
enable
exit
 
volume /rcrds
filer-subshares
modify
reimport-modify
reserve files 4000000
auto sync files
metadata share nas1 nfs3 /vol/vol2/meta3
compressed-files
named-streams
persistent-acls
sparse-files
unicode-on-disk
no cifs path-cache
share bulk
description "new server to hold big files (such as xrays)"
import sync-attributes
policy freespace percent 5 resume-migrate 6
sid-translation
filer fs2 cifs bulkstorage
enable
exit
 
share charts
description "various medical charts"
import sync-attributes
policy freespace percent 5 resume-migrate 6
filer fs1 cifs histories
enable
exit
 
share rx
description "prescriptions since 2002"
import sync-attributes
policy freespace percent 5 resume-migrate 6
critical
filer fs4 cifs prescriptions
enable
exit
 
share-farm medFm
share rx
share charts
balance latency
enable
exit
 
snapshot rule rcrdsArchive
schedule daily4am
report FA_rcrds
archive fileRecordsMed
no contents user-data
contents volume-config metadata
enable
exit
 
place-rule dailyArchive
schedule hourly
report daily_archive
from fileset onlineDayOld
target share bulk
no inline notify
migrate close-file
enable
exit
 
place-rule masterDirs2Rx
from fileset allDirs match directories promote-directories
target share rx
enable
exit
 
volume-group 2
enable
exit
 
exit
 
;======================= namespace managed volumes =======================
namespace insur
protocol cifs
protocol nfs3
protocol nfs3tcp
cifs authentication kerberos
cifs authentication ntlm
cifs authentication ntlmv2
cifs filer-signatures
description "WW Medical insurance claims and records"
proxy-user acoProxy2
windows-mgmt-auth readOnly
windows-mgmt-auth fullAccess
windows-mgmt-auth snapViewers
volume /claims
cifs oplocks-disable
freespace calculation dir-master-only
modify
reimport-modify
snapshot directory display all-exports
snapshot privileged-access
auto sync files
metadata share nas1 nfs3 /vol/vol2/meta2
no compressed-files
named-streams
persistent-acls
no sparse-files
unicode-on-disk
no auto reserve files
share shr1-next
ignore-sid-errors
import sync-attributes
sid-translation
no strict-attribute-consistency
filer nasE1 nfs /root_vdm_4/patient_records cifs patient_records
enable
exit
 
share shr1-old
freespace apparent-size 2579496960
import sync-attributes
sid-translation
import rename-directories rename-non-mappables
no strict-attribute-consistency
filer nas1 nfs /vol/vol2/insurance cifs insurance
enable
exit
 
filename-fileset images
path exact /images/
recurse
exit
 
snapshot rule mpHourlySnap
schedule hourly
report mp_snap_hourly
enable
exit
 
volume-group 10
enable
exit
 
exit
 
;======================= namespace direct volumes ========================
namespace medco
protocol nfs3tcp
volume /vol
direct
share corporate
critical
filer nas1 nfs /vol/vol2
attach vol1/notes to notes
attach vol1/corp to shr
enable
exit
 
share generic
filer nas3 nfs /exports
attach vol2 to data
enable
exit
 
share sales
filer nas2 nfs /vol/datavol1/direct
attach vol3/sales to export
attach vol3/mtgMinutes to mtgs
enable
exit
 
volume-group 9
enable
exit
 
exit
 
;======================= namespace direct volumes ========================
namespace medarcv
protocol cifs
cifs authentication kerberos
cifs authentication ntlm
cifs authentication ntlmv2
cifs filer-signatures
proxy-user acoProxy2
windows-mgmt-auth readOnly
windows-mgmt-auth fullAccess
windows-mgmt-auth snapViewers
sam-reference fs2
volume /test_results
cifs oplocks-disable auto
direct
compressed-files
named-streams
persistent-acls
sparse-files
unicode-on-disk
share 2005_charts
policy freespace percent 5 resume-migrate 6
managed-volume medarcv /rcrds
attach 2005charts to 2005
enable
exit
 
share chemistry
policy freespace percent 5 resume-migrate 6
filer fs1 cifs chem_results
attach chemLab to .
enable
exit
 
share hematology
policy freespace percent 5 resume-migrate 6
filer fs3 cifs hematology_results
attach hematologyLab to .
enable
exit
 
volume-group 2
enable
exit
 
exit
 
;================================ archive ================================
file-history archive fileRecordsMed
description "archive share for ARX file histories"
location filer fs4 cifs arx_file_archv proxy-user acoProxy2 path /
exit
 
;============================= global-server =============================
global server acopiaFiler
virtual server bstnA 192.168.25.12 255.255.255.0 vlan 25
enable
exit
 
enable
exit
 
global server ac1.MEDARCH.ORG
description "CIFS and NFS server for hospital insurance claims"
windows-domain MEDARCH.ORG
active-directory proxy-user acoProxy2
virtual server bstnA 192.168.25.15 255.255.255.0 vlan 25
wins 192.168.25.102
wins-name INSURANCE
active-directory alias fs1
active-directory alias fs2
active-directory alias fs5
active-directory alias insur
active-directory alias fs1.MEDARCH.ORG
active-directory alias fs2.MEDARCH.ORG
active-directory alias fs5.MEDARCH.ORG
active-directory alias insur
active-directory alias insur.MEDARCH.ORG
wins-alias INSUR_CLAIMS
enable
exit
 
enable
exit
 
;================================= cifs ==================================
cifs ac1.MEDARCH.ORG
description "insurance-claim records"
kerberos-creds ac1.MEDARCH.ORG MEDARCH.ORG z9JiGFvq/jLpunpPhGXNFA== ac1$ HOST/ac1.MEDARCH.ORG 2
signatures
dynamic-dns ac1
dynamic-dns fs1
dynamic-dns fs2
dynamic-dns fs5
dynamic-dns insur
browsing medarcv
browsing insur
export medarcv /rcrds as ARCHIVES description "2 year-old medical records"
export offline-access ARCHIVES none
export medarcv /rcrds/2005 as Y2005 filer-subshare
export medarcv /lab_equipment as labs description "lab equipment"
export medarcv /rcrds as bulkstorage description "big share, now merged thru ARX"
export medarcv /lab_equipment as xraysScanners description "scanners and xray machines"
export medarcv /test_results as chem_results description "chem-lab records"
export medarcv /rcrds/VIP_wing as CELEBS filer-subshare hidden
export medarcv /rcrds/2011/mp3downloads as MP3S filer-subshare
export medarcv /rcrds/2004 as Y2004 filer-subshare
export medarcv /rcrds/2010 as Y2010 filer-subshare
export insur /claims as CLAIMS description "insurance claims"
export insur /claims/specs as SPECS
export insur /claims/stats as STATS description "claim stats"
enable
exit
 
;================================== nfs ==================================
nfs acopiaFiler
export medco /vol as /vol
no nlm enable
enable
exit
 
nfs ac1.MEDARCH.ORG
description "insurance records for WW Medical"
export wwmed /acct as /acct access-list eastcoast
export wwmed /acct/wksheets as /acct/wksheets access-list eastcoast
export insur /claims as /claims access-list eastcoast
offline-behavior deny-access
offline-behavior namespace insur retry
offline-behavior namespace wwmed volume /acct path wksheets retry
enable
exit
 
;=========================== auto-diagnostics ============================
auto-diagnostics
additional-command "show global service"
additional-command "show share status"
mail-to juser@wwmed.com
schedule daily4am
exit
 
;=============================== statsmon ================================
stats-monitor ; This is a terminal beta configuration option.
notify cifs-service
trap response-time
trap errors
exit
 
notify nfs-service
trap response-time
trap errors
exit
 
notify filer-share cifs
trap response-time
trap errors
exit
 
notify filer-share nfs
trap response-time
trap errors
exit
 
exit
 
exit
Figure 33.2 Sample Output: show global-config filer
bstnA> show global-config filer
;============================ external-filer =============================
external-filer das1
description "financial data (LINUX filer, rack 14)"
ip address 192.168.25.19
exit
 
external-filer das2
description "Solaris filer 2 (rack 16)"
ip address 192.168.25.22
exit
 
external-filer das3
description "Solaris filer 3 (rack 16)"
ip address 192.168.25.23
exit
 
external-filer das7
description "Redhat-LINUX filer 1"
ip address 192.168.25.24
exit
 
external-filer das8
description "Redhat-LINUX filer 2"
ip address 192.168.25.25
exit
 
external-filer fs1
cifs-port 445
description "misc patient records (Table 3)"
ip address 192.168.25.20
exit
 
external-filer fs2
cifs-port 445
description "bulk storage server (Table 3)"
filer-type windows port 80
ip address 192.168.25.27
proxy-user cifs_admin
manage snapshots
exit
 
external-filer fs3
cifs-port 445
description "Hematology lab server (Table 8)"
ip address 192.168.25.28
exit
 
external-filer fs4
cifs-port 445
description "prescription records (Table 3)"
ip address 192.168.25.29
exit
 
external-filer fs5
cifs-port 445
description "docs, invoices, for scanners (Table 7)"
ip address 192.168.25.71
exit
 
external-filer nas1
cifs-port 445
description "NAS filer 1 (rack 31)"
filer-type network-appliance management-protocol ssh
ip address 192.168.25.21
ip address 192.168.25.61 secondary
ip address 192.168.25.62 secondary
nfs tcp connections 16
proxy-user nas_admin2
manage snapshots
exit
 
external-filer nas10
cifs-port 445
description "NAS filer 10 (rack 38)"
filer-type network-appliance management-protocol rsh
ip address 192.168.25.49
proxy-user nas_admin
manage snapshots
exit
 
external-filer nas11
cifs-port 445
description "filer 11 (rack 38)"
filer-type network-appliance management-protocol rsh
ip address 192.168.25.48
proxy-user nas_admin
manage snapshots
exit
 
external-filer nas2
description "NAS filer 2 (rack 31)"
ip address 192.168.25.44
exit
 
external-filer nas3
description "NAS filer 3 (rack 32)"
ip address 192.168.25.47
exit
 
external-filer nasE1
cifs-port 445
description "NAS filer E1"
filer-type emc management-protocol ssh
ignore-name lost+found
ip address 192.168.25.51
ip address 192.168.25.52 management
proxy-user emc_admin
manage snapshots
exit
 
external-filer smb1
cifs connection-limit 500
description "Samba filer"
ip address 192.168.25.48
exit
Figure 33.3 Sample Output: show global-config namespace wwmed
bstnA> show global-config namespace wwmed
;======================= namespace managed volumes =======================
namespace wwmed
protocol nfs3
protocol nfs3tcp
description "namespace for World-Wide Medical network"
volume /acct
metadata critical
modify
policy pause backupWindow
reimport-modify
reserve files 4000000
metadata share nas1 nfs3 /vol/vol2/meta1
share bills
import sync-attributes
policy freespace percent 2 resume-migrate 3
critical
filer das8 nfs /work1/accting
enable
exit
 
share bills2
import sync-attributes
policy freespace percent 2 resume-migrate 3
filer das3 nfs /exports/acct2
enable
exit
 
share budget
policy freespace percent 2 resume-migrate 3
filer das1 nfs /exports/budget
enable
exit
 
share it5
import sync-attributes
policy freespace percent 2 resume-migrate 3
filer das7 nfs /lhome/it5
enable
exit
 
share-farm fm1
share bills
share budget
share bills2
balance capacity
auto-migrate
enable
exit
 
place-rule docs2das8
report docsPlc verbose
inline report hourly docsPlc verbose
from fileset bulky
target share bills
limit-migrate 50G
enable
exit
 
volume-group 1
enable
exit
 
exit
show running-config
Purpose
The running-config applies to the local switch only; these parameters are not shared with the redundant peer. Use the show running-config command to view an ordered list of CLI commands required to recreate the current running-config state.
Mode
(any)
Security Role(s)
crypto-officer, storage-engineer, network-engineer, network-technician, or operator
Syntax
show running-config
Guidelines
The output is interspersed with comments that break it into sections. Each section is labeled in the comment. You can use copy running-config to save this text off to a file, or upload it to an FTP server.
The running-config parameters all apply to the current switch only. For parameters that are shared between redundant peers, such as namespace parameters, use show global-config.
Sample
bstnA> show running-config
shows the running-config. Figure 33.4 shows a sample report on an ARX-4000, Figure 33.5 on page 33-47 shows a sample report on an ARX-2500, Figure 33.6 on page 33-52 shows an ARX-2000 sample, Figure 33.7 on page 33-57 shows an example from an ARX-500, and Figure 33.8 on page 33-63 shows an example from an ARX-VE.
Related Commands
copy ftp
copy scp
copy {nfs|cifs}
copy tftp
copy running-config
show directories
show chassis
show global-config
Figure 33.4 Sample Output: show running-config (ARX-4000)
bstnA> show running-config
; ARX-4000
; Version 6.02.000.14335 (Feb 29 2012 20:11:44) [nbuilds]
; Database version: 602000.31
; Generated running-config Fri Mar 2 01:35:21 2012
; System UUID d9bdece8-9866-11d8-91e3-f48e42637d58
; ip private vlan internal 1010 metalog 1011 subnet 169.254.68.0 255.255.255.0
;
terminal character-set unicode-utf-8
;================================= vlan ==================================
config
vlan 25
description "personnel dept."
members 2/5 to 2/6
exit
 
exit
 
;============================ config-if-vlan =============================
config
interface vlan 25
ip address 192.168.25.5 255.255.255.0
no shutdown
exit
 
exit
 
;================================ system =================================
config
clock timezone America New_York
hostname bstnA
ip domain-list wwmed.com
ip domain-list MEDARCH.ORG
ip domain-list bigorg.org
ip ftp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
ip name-server 192.168.25.102
ip ron-user admin encrypted-password euTb0S+dkoPRvYvA021HzPOqUtD0FKF9H0nfBBv/vYo=
ip scp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
login-banner post-auth "Running-config last saved 1/7 by J. User"
nsm warm-restart
raid rebuild-rate 85
raid verification-mode manual
raid verification-rate 50
snmp-server community public read-only
snmp-server community private read-write
snmp-server contact "jpublic, jpublic@mycompawells.me.org"
snmp-server host 172.16.100.183 public
snmp-server host 10.1.1.68 public
snmp-server host 172.16.100.101 public
snmp-server location "2nd floor lab, row 3, bay 4, shelf 5"
snmp-server name arx1
snmp-server trusthost 10.1.1.68
snmp-server trusthost 172.16.100.183
ssh-host-key dsa encrypted-hostkey u9oFngi4v7vM94WNlfxoUKFY23fhmZ9JQuS6aEgd6cZip2E/2pxymSSnGfazI1hhJmiMq0IZPzk8GT21B01kcsXumKYR9kvXcmRSgz01EezA/5HN3YJXTksdLSFXTHQBmpe+FmGOZScDVIXfvTweqXCEhjmCbqO2z+3Pog8sWlHKMHu06YhlvCat4mRJAOScswlS1r4ofzBhTU+/JjZ9CGtUWadI0qX8eFq+JLXiBoEIAH8CNGBLvunHK5xjZComS7EP/Foi+21cC9QNe48oIkOZaTm7/VgoqH4om7bZv0xT/d9WaBHoi5XSPngBt1TszDtNbAWQU6bhron6epwNrsQ1S2kbXgdcb/e5AS+SCpsB+RjBNChG/KfIPC3bzrQ72luiYtJjwBEe+w1MEIuzw/X6s95k+ITvO85Ull4NS49DOJIac/QVNvIut3lbK+WxKZX1m4TbYgxkYKAjeRuW3+MXMrnpUiwbhwCxduhDBFk8fnkfSCjFQ0D6X6CNMEz8lfab2MiUUeY1QggCBu7iqRDPo7J6+cRiGpORxBoII9XnBOxYS09cy0oq5kZp5GKcnNqDgTTSuKF2E6Ztkr3SdRzltLpci7fnTp88JWhk9XDKfE+5VR49Yo1vfo4fZzHyUg2ujUDd/XrenaeSeoABuZJwSW2GnAsh04133T3088ZqasbKP/4GF8+08xJACOe5gIhSGT2y2u0jmbx/9DhcIhKtrX7mgAy2h4Fyb5Bxy/X0cwoeKXa7r8/RzjHwMDne7DuXPy7oa2Yp8orQABZlhgr5GZY5w9o1ljrFnfPbBzr07jRfJFcjMtuOz2IzrZc0N2yPLxqM49v8q8Tj/ZoMxXaCpc5p2lYq+Km+cQzyYpLvIYo5ltvLe1vY0IBOc6Gk
ssh-host-key rsa encrypted-hostkey u9oFngi4v7sheeATbx/2B1sFeka5+7R2rmsI4ZG504gQX2MkfHCXvPlsavRJb3wH0NfTBOKW4cOSYFMz1xokz3VZyuH37uA6fAArnWT4Ks0uy16VFI3P0vRk+aRwowHnhMFWbJr66CMkPBbB1YPL7ceyxMJqpJZboWbOwUT+BWuiObnFJ0xcSxVrHEK9soJWhKITRaTmuhIkdlQ0yR0V7NgSRMrUuanvgnm0NIEhfeLmNum2vlUA5LrPUEGM/S8YrmDCDmaXkm3eOc831c++i3p51Hy0p1QE+UpwAnGjR1V7WE/OKtiAzpzgorIGCmhN5R2/bpS9A9jmDmkjy2H5B7HejgyjOfKmMqFVqeuakX3JmrZcwpqDHyF1xyYqSwCxhqeyJJj34up19Xnmx90jD9XED5OjGB18V81HGATGs4AC6YEk+tsF6GTNdsNEY+dhiks2d6FbsqK6kiVvlhxxwQv3XlZINdQLb1csfaWPQd93fnUFjeDRyWpcaXiPQzS9UPtcBLpUASyR3ow/NDbKw5X2JatugUhRDSoKgHplIxH+RutAsYLpsCs9jLfCN7XCrJhyZ4z7Es/Ikfnc2jZ6cXNedfc/0zQLUCR02ag0jHH05CfiXNdvpnMZnMt+6pQjHaZ0IbM9fANIcf5Tju9czukySHnZCikT1qxnwMxJyLsyyLyfjEA7YinlgqWXxqKXUX1qbBQvd3qu7EuRyffhm38C0YIJy178vO7WR5Al1ssfytojd2dP4r1XnBZZUJmcIytYsI24R+6z/L5RdxcrKRQfQdefS3CfJuAMFvbA7v6a8mScmtJ60pzgpJGJttpM0TWcaDyDSdxgBdJibl7Z8bQFh/vyqpFtxZyFCDRYAsA5ypAyj8U6mKsklQrbCGp7NHOlr6xfDFjGBo4cBh6VHDHqbZ9UeDXbebVHSEPpEUd4pb+HHQkNkPDcN1u+E01P29vnmSQnTm3TpLzo6DLDgccLUdNDzMroyNfydmBHlkqjR6Yy+RLb6bvN/VF/Q4FSfAutJznnI5IEddLEO/eJc/CgOx+PQVSbh+KdjejGs4hjwfqv5EiI+00tfg8caiFLhBkpX0ovgT3RjFu2YAmiXMArC/X/8t/5V3PKgykMEDrMogYbP8/GpuEUMed4JROVpJdSCfwxH/cRprCv3sYVALJdffXkkt0OQviJVtWk+/S5amajaW6zq3V8x1I+wRVwgYY9IzHWSf0y1CcpTSAfp2Z1FFB4IF9cXOJvvFfz638wnkscLo8sqpkB+JAfNXo6GxqSWkcWVZxW4qXz5oJZDLVRK2H5BCdWqWlrU30sXA5kDM8UyyZrek/kBzRprN5TyZmbHFJJPKrjR2Nx/Oevt60bVEzYwkr9HWbpx7WqSzEQn+40XzpTreXcL4SzdAWiONJGKqLSFxMx2mVtCZ8qbHjiao5/ABdFSpCmzhW8qiJv5DSiqvPFZ0k/m+B0bPs+QS8xSwcEO08aOZN2ck/ES2lmoKSoyTeprb/RC3L/g4RitCiOFt1rFIU13EuC+hxF4lIwBJCCoW77gx1Ec58BS+NCxkT1LZaVxqX/Ko2s9pBztck54fwBEbtrv3zOzlyPEiRgJk6zcfPDdFtsijsNBWJzr8nxjTKZ10mWnQXRl5IUHpwZhFdub1V3jtTKQYriEPObocQLd+lBavxyAJsjMpymdyEteuN57vhPnbxxrFmWWqV3LgBUsVsrpcHMfCnKYMAQU/KvKAKIyP4K57dgpDFzxXbk3D98eSFm4HOzaQqi/VzfKTTVV1dR/Rfj3ckLiVA+WNX8cMm5GZRKEP7GhhTzXKvMFJfV7jPsCEq4jAYY846WtHkfgOv9Ku5SA3E9+1fXmVMOfugrIDyjKM8/GsQZ4Gs+jdOuM0eUt031179xNh0Psw3X7xk3qmnI5vFaqf6x/G55pI58Gt1CC3d+JxaZYLyCc3onQBlk3gfcXiuZH5eTF4+HqmKe71lAkjXEogMyo3Sxr3eXp8RKPVl58OlRrf0fNjwsdoTeU9ToIJropaFwP1N+nFxzEBT+DsIiYkDxXd1PKf28fl+S1KTczc1iTVRDT4XKGOIZaWNFsFUVabcL5qGl8RVUpwbIpwOVqAo71ZQdZzMr7ljoFk/x4vkj1cGJNrrgS4AiS+bY8gX/jY6axRcPxNhShe3DJOKjeMmk35/jdiJVMtat4rbk00q1nSYdB6dMOvB6OuGR4Y/rz/m17rF5U2JgyTSzRrLZ
ssh-host-key rsa1 encrypted-hostkey ufEEbrBkXmixIPlmxQ7i5umlhaKT0EL8QoodX9tvS6bl/NNsX5YmscWLkeDSuw9vX7+MrYp2l1Vz20G/qbKEHAoedUzNE38xkSOixY9rzQRdKV/Q5ffg2kw2PGUsoQcxY0o5A7wAq1Kf+tvQLhmwpbyoROrcXI01mQisK/eQ13kC7ffTQR8axb9NBlyJRs3CdLeJaqDJ/ob3+9v4f0szgmtoeVDgQKrkHRE+QUCn04aqWJGWP0y9JEIyWDHa7lg1i/ocM+1pmAxgHTdlba7hBVyeetxKBAQoUtnFKIjL5h9zX/2LUhH4xogpRJ4pdHkDOWrhdoN439X8Mbb1/GRBdhfxgojhWlWNTd2cFjJwz3AJxi7kHe78QUXJD9p666Q57QY/d4EFSLA8Rh1siDhSXYgMN9cYrIORBAkP4ExJxtV71dGED5zTgg7mqdBChe4yZQKGWj548Buj1BnpmKZiZ2DkhjM5LYconG0xFHJcSQhaf7miYp1D0YIHs13DzfGFxsON13CFYvu/RIyD4Qs94pk62NKeLBArtwIK/PWzpTWSXpbtZd60RtAAM4qRHgeLcFfLYe7xdfaAgWKY2uwKzRTnM6rQdmjlOv9JbijkVoegaTItTNcvC2QPKXI56pw0zqwzS3/6x0iXucC5GjneYADigpEs+nNzHEgORjj3xV94MOunbq2l8iAOohNW6JdZRlYmpSt4xQNu07QNjH5hZXdMkScVNsaTLtRY8p7CTenys+Jt2AVVj/cb/T7/t9/pIh/8dlqOIrusvocwh2nX+rFRsj4J/rdffWzG2fuwZYtv1MOe+py5+Yn3focG8yvdp6l2COgIAU7j3IS7CIup1DYCY8vXRo+qA/Y4T6eQ0xyy8tV4y6UtyKPOq5ffPw7bFZnKfXM7nBDGGyCBZ2SA9FFxa6nxVCCmSjjs+giamEn7wykyxtQmat9aHI6zXvaxap2ugNvNtOHH8fa43ocluMNuB4sOF+SxYasrFK5kaW0YHIvG6651j6xnZdZS/SaN1rEePbg39opEjUrykNYuev1sO7EHfbFOXH+rMH1sBnRp7SG91qfT6r982GQNedR9PxFOQGuE1uBwBWbGiB01KAOEsXaTTPlWpam+5ZU9+t9NAei3w6y/5Nzua3fLcLbhYbfIA83uqYvFwdNLXHukdupg1UJRjBxQKBvuCzgAz+Q5BmfeXfJjJ/PvMcbpsELvVxsg9CDABlrsfR3Te+5pK8XtnSkYMNqTuXAIlrxs03Xbt+hRAVKPj3ns1WZwG6mu0+oNfCIfiD8ne2yZbElH7w==
ip proxy-address 192.168.25.31 255.255.255.0 vlan 25 mac 1 processor 2.1
ip proxy-address 192.168.25.32 255.255.255.0 vlan 25 mac 2 processor 2.2
ip proxy-address 192.168.25.33 255.255.255.0 vlan 25 mac 3 processor 2.3
ip proxy-address 192.168.25.34 255.255.255.0 vlan 25 mac 4 processor 2.4
ip proxy-address 192.168.25.141 255.255.255.0 vlan 25 mac 5 processor 2.5
ip proxy-address 192.168.25.142 255.255.255.0 vlan 25 mac 6 processor 2.6
ip proxy-address 192.168.25.143 255.255.255.0 vlan 25 mac 7 processor 2.7
ip proxy-address 192.168.25.144 255.255.255.0 vlan 25 mac 8 processor 2.8
ip proxy-address 192.168.25.145 255.255.255.0 vlan 25 mac 9 processor 2.9
ip proxy-address 192.168.25.146 255.255.255.0 vlan 25 mac 10 processor 2.10
ip proxy-address 192.168.25.147 255.255.255.0 vlan 25 mac 11 processor 2.11
ip proxy-address 192.168.25.148 255.255.255.0 vlan 25 mac 12 processor 2.12
;=========================== management-access ===========================
management access console
authentication primary local
exit
 
management access telnet
authentication primary active-directory
authentication secondary radius
authentication tertiary local
permit all
exit
 
management access ssh
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access https
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access snmp
permit all
exit
 
management access http-api
authentication primary local
permit all
exit
 
management access https-api
authentication primary local
permit all
exit
 
;============================= spanning-tree =============================
spanning-tree
shutdown
exit
 
;============================ config-if-mgmt =============================
interface mgmt
ip address 10.1.1.7 255.255.255.0
no shutdown
exit
 
;========================= interface ten-gigabit =========================
interface ten-gigabit 2/1
spanning-tree shutdown
no shutdown
exit
 
interface ten-gigabit 2/2
spanning-tree shutdown
no shutdown
exit
 
;=========================== interface gigabit ===========================
interface gigabit 2/3
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/4
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/5
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/6
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/7
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/8
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/9
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/10
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/11
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/12
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 2/13
spanning-tree shutdown
exit
 
interface gigabit 2/14
spanning-tree shutdown
exit
 
;============================ event-severity =============================
email-severity auto-reboot level critical
email-severity cpu-failure level critical
email-severity server-offline level critical
;=============================== ip route ================================
ip route 0.0.0.0 0.0.0.0 192.168.25.1
ip route 192.168.78.0 255.255.255.0 192.168.25.2
ip route 0.0.0.0 0.0.0.0 10.46.16.218 255
;========================== ip route management ==========================
ip route 0.0.0.0 0.0.0.0 10.1.1.1 mgmt
;=============================== cfg-smtp ================================
smtp
from admin@wwmed.com
mail-server email1.wwmed.com
maximum age 30
retry interval 10
to juser@wwmed.com
exit
 
;============================== email-event ==============================
email-event chassis-monitor
description monitoring-chassis
mail-to alerts@lime.wwmed.com
group chassis event disk-failure
group chassis event temperature-failure
group chassis event disk-control-failure
group chassis event disk-control-status
group chassis event fan-failure
group chassis event fan-status
group chassis event kernel-nmi-error
group chassis event module-failure
group chassis event module-status
group chassis event nvram-battery-degraded
group chassis event nvram-battery-failure
group chassis event nvram-ecc-error
group chassis event system-bus-error
enable
exit
 
email-event noc3
description "support team at NOC3"
mail-to juser@wwmed.com
mail-to jqpublic@wwmed.com
group chassis
group metadata threshold-counter 5
group metadata event online threshold-counter 2
group storage event share-online threshold-counter 3
group storage event share-remove-complete
group redundancy event ha-pair-qd-offline
group policy event shadowmetadatasharefreespaceerrorraise threshold-counter 5
enable
exit
 
email-event tech-support
description Built-In
mail-to e-support@wwmed.com
group chassis
no enable
exit
 
;=========================== ntp server config ===========================
ntp server 192.168.25.201 version 4
;========================== logging destination ==========================
logging destination 172.16.202.8
;========================= at/scheduler commands =========================
at date 03/02/2012 00:50:00 every 5 minutes do "show sessions" report adminSessions
at date 03/03/2012 00:00:00 every 1 days do "copy startup-config ftp://root:rootpw@172.16.100.183//tmp/acocfg.conf"
at date 03/02/2012 05:00:00 every 1 days do "active-directory update forest WELLS.ME.ORG proxy-user ny_admin"
at date 03/02/2012 03:45:00 every 1 days do "active-directory update forest MEDARCH.ORG proxy-user acoProxy2"
at date 03/02/2012 00:43:00 every 1 days do "nis update"
at date 03/02/2012 03:30:00 every 89 days do "cifs rekey all"
at date 03/02/2012 01:16:00 every 1 days do "copy reports mp_snap* ftp://ftpuser:ftpuser@172.16.100.183//var/arxSnapRpts/ format xml"
at date 03/02/2012 00:57:00 every 1 days do "copy reports snap* ftp://ftpuser:ftpuser@172.16.100.183//var/arxSnapRpts/ format xml"
;============================ SSL Certificate ============================
ssl
cipher ssl-dhe-dss-export-with-des40-cbc-sha
cipher ssl-dhe-dss-with-3des-ede-cbc-sha
cipher ssl-dhe-dss-with-des-cbc-sha
cipher ssl-dhe-rsa-export-with-des40-cbc-sha
cipher ssl-dhe-rsa-with-3des-ede-cbc-sha
cipher ssl-dhe-rsa-with-des-cbc-sha
cipher ssl-rsa-export-with-des40-cbc-sha
cipher ssl-rsa-export-with-rc4-40-md5
cipher ssl-rsa-with-3des-ede-cbc-sha
cipher ssl-rsa-with-des-cbc-sha
cipher ssl-rsa-with-rc4-128-md5
cipher ssl-rsa-with-rc4-128-sha
cipher tls-dhe-dss-with-aes-128-cbc-sha
cipher tls-dhe-rsa-with-aes-128-cbc-sha
cipher tls-empty-renegotiation-info-scsv
cipher tls-rsa-with-aes-128-cbc-sha
ssl-key-store /u3+7QAAAAIAAAABAAAAAQAGdG9tY2F0AAABNGeqmKwAAAUCMIIE/jAOBgorBgEE
ssl-key-store ASoCEQEBBQAEggTq3QIWD1afIUWhI5w8HSsNeu1lMqwwIY4nulAyAZ3bnJt84+L7
ssl-key-store hhxtWA4qt/WC5ma7t+4D/7XlDSIGiHTwEO7plVkuMrq0lYdmrS33NLckZO/hToDP
ssl-key-store U+XS2fc2/iPxQN+9CyW5t7LYO7yjaCb+FJfbcXdmZcmIXDwR6OM1dG/kECKvztry
ssl-key-store E+uWeeuhDo2TTv3ORG106sAX+vTFqaddqmhosh4Y8UV270v4+67KYrXbQDcXlEbB
ssl-key-store 6l+nnYzTRSDTXQ59HtwddJ6+YOGOAWiO36p0aBquehlQh8KhaENKdvEg7RAAONMD
ssl-key-store 4zs+8fF3rSdi/SG4MNObPGLlynst/dKXy7rSC0jwNvn7QZ6XnOjl9B8yg1lKwIcJ
ssl-key-store Et+biIsWf1//uSI8u4OUFE6/79blICQp6egFFWyZQ42LsVNLidzjJYfaChSKyDqh
ssl-key-store r5ptoGxjBqfp81Ahr6JMEq0r0lhK+KHHBNDAWQv59KwqUD5Z6E6VRHP7Gj5fphJX
ssl-key-store IRaGMe0PYl9pgzUKBKb+T425HRTI/5uhm/ZQurFOVuwtXobACAyTBgBlmiMsV7rn
ssl-key-store XrlVul3EJ9dBVlo8JpS2TRXE/7g1BcnOkKfeje6Wr/C+++9i8th3JN8WLGLwdAH+
ssl-key-store EvjLe0voceKL/z/6Vkk8ytaVLpY0l7q2c70iImGs+ioArbIR5eG23rfbQFbcZyhW
ssl-key-store mTf/R6vlsMYFBuIooQTbWvoqIA+9mSwjvedwFvGXlnqxULgra1Ys2Ido5tXt4LPr
ssl-key-store oE/Pw2aFV7Ysa4850wycRboK+vIK4DFSFVR9yNpP4kcOS05JCHt0uzhOqjbQC77Q
ssl-key-store eVioDLFe9LDgXIBdfX7owU/HsmShfF+SZSIsddAYob1/3bN2BtqGUlUpXivwKUXA
ssl-key-store 8fZSjBQyvjRbm+cZPfYBS+anxknBoic93bVCX9J5jXirStxLWkqkWBxSPZhTwyRi
ssl-key-store lGAX32h5aJvWukn9jvM4CTsX9MPa9iRCZVpty7Q60EFgi9YQn1YvWvud1n2gLmkR
ssl-key-store Z2HCOQ/iqTesQFSa7BL8W+419ILno0++WcTOogzxJAu96di1k3aXU1TXYy8lEdml
ssl-key-store aOSVAGrLEpD7EnBvLlf6BNakbMRB96K2tg0H3d75nsw/Ay9gMcL7Ltqoh8y9LRkH
ssl-key-store z76idDynoPzptssroHhCvwhBtVmwHUBEcDN2CCqIhbOCqAR8FXc4CRkDoBbEYanZ
ssl-key-store S8CIGtNrtwwxhNmSd8sKuY2vnGq1nlJb2+hlRZSFwHzYUX+7HsIjPK+iXDWHlmZc
ssl-key-store U2FMAJydxRp3aYSgzxUIO7mgt9iBmuUgQgTE65WsRWka9SAj9jk3gCaOc05S6aTd
ssl-key-store M3kE3jphQhrGJ1PrKwJQPKFIjDpY13kjxDbY8tOXLJEJ1jOyf/1VLPob19bmXlPJ
ssl-key-store exc4eRjKC6rcbkS58Iwq7wB2O8PhZtxj1rRmVJxDLu7kNnsmqywnL5IZBBwpPlrW
ssl-key-store AwbMi8Q24G2lkitBrZu1+ev0kQZqfZJOtD3N4QFCMSMikewzUsyBzXYmxjPny4iT
ssl-key-store AKvxqCf1kUKt/IjSAzwNiN8uPr+IE6W2pCR5dGT/i95F47/wgVWlTK1wniFRM72n
ssl-key-store YF0Lz526MCvpSMio/C1zwNLDGOskYuQnTS4oK/9KKGetbnSPKmWRus4ql4c8Z8tc
ssl-key-store tWqr01CdBPOZQKVpW2dAARK3wCX1sQAAAAEABVguNTA5AAADjDCCA4gwggJwoAMC
ssl-key-store AQICBE7zoGgwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQI
ssl-key-store Ew1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5l
ssl-key-store dHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNvbHV0aW9uczEeMBwGA1UEAxMVbG9jYWxo
ssl-key-store b3N0LmxvY2FsZG9tYWluMB4XDTExMTIyMjIxMjYwMFoXDTEyMTIxNjIxMjYwMFow
ssl-key-store gYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQH
ssl-key-store EwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5ldHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNv
ssl-key-store bHV0aW9uczEeMBwGA1UEAxMVbG9jYWxob3N0LmxvY2FsZG9tYWluMIIBIjANBgkq
ssl-key-store hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIs0o/HvOO39qQekTYTqBu3XKLXQFGI1
ssl-key-store Qm2oCvpanp/LtAgxUSIDCTH6CZlemtNBG/TOHpYq3VnFYB7MdcQvGJyurtudPHLs
ssl-key-store XUUS616FDX52URQxg83kDpuTninYJVzh5TVQQVfnhVO0czLHcGZmtKQy28ZgKsFg
ssl-key-store +H66GHDbaVQImaj0haFNtnoZ0VkPX+RJFwvie/sSsbG46F2tVlTlEf7qEBUk6jxE
ssl-key-store kZF38yGhwxF/snSsM2tIZJxGe7AWoSTZY+d5ndAUMQ9zJ+6mAdedwNAqUQlS07ga
ssl-key-store OXCLzOVWju75xR+/VWp31PkUco0G7pckoO/2v+1//2oHoywGLfDzdQIDAQABMA0G
ssl-key-store CSqGSIb3DQEBBQUAA4IBAQCRQES3yS9t1j0HU+szSluEoYfCEGa0XwsrvuB04Uvl
ssl-key-store CvCZQRJgDYRsG6qVB2KlKL5ljLg4q+9KnNHDCoXlbvksvgg85+i6JQR+GJ7qSWAu
ssl-key-store 41FuTciq3WQYkc3a+G7UDL/LCQZbb8yNFi5h/Doj2hUMQfWe7SxSUNbu8BwmosOV
ssl-key-store ckk8d0PZ3TkFVL0QRuaA9aTtA/OGNLnxXoYA+191kWOw5uuLa1tyUcIXm+BGl7Gw
ssl-key-store mO1JPvpDACWXKXmQ0kydG9HNpByEXEOHT1Q5XZ9Z3f8pTdpdo8HqwVigalINHJPH
ssl-key-store LiPb0P9nGZMd8qjFnr9k5kHlBPYVV5rOqw/fYKM38Dm/BvHulvmVy9cofbYxKedP
ssl-key-store Ko3syUM=
exit
 
exit
Figure 33.5 Sample Output: show running-config (ARX-2500)
stoweA# show running-config
; ARX-2500
; Version 6.02.000.14335 (Feb 29 2012 20:11:44) [nbuilds]
; Database version: 602000.31
; Generated running-config Fri Mar 2 03:21:11 2012
; System UUID 05d5a0fa-f2fb-11df-8daf-af50d57e388e
; ip private subnet 169.254.98.0 255.255.255.0
; Resource Profile optimized
;
terminal character-set unicode-utf-8
;================================= vlan ==================================
config
vlan 90
description "personnel dept."
members 1/2 to 1/3
exit
 
exit
 
;============================ config-if-vlan =============================
config
interface vlan 90
ip address 192.168.90.26 255.255.255.0
no shutdown
ron tunnel toBoston
heartbeat failure 3
heartbeat interval 10
peer address 192.168.25.5
no shutdown
exit
 
exit
 
exit
 
;================================ system =================================
config
clock timezone America New_York
hostname stoweA
ip domain-list wwmed.com
ip domain-list MEDARCH.ORG
ip domain-list bigorg.org
ip ftp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
ip name-server 192.168.90.18
ip ron-user admin encrypted-password euTb0S+dkoPRvYvA021HzPOqUtD0FKF9H0nfBBv/vYo=
ip scp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
login-banner post-auth "Running-config last saved 1/7 by J. User"
snmp-server community public read-only
snmp-server community private read-write
snmp-server contact "jpublic, jpublic@mycompawells.me.org"
snmp-server host 172.16.100.183 public
snmp-server host 10.1.1.68 public
snmp-server host 172.16.100.101 public
snmp-server location "2nd floor lab, row 3, bay 4, shelf 5"
snmp-server name arx1
snmp-server trusthost 10.1.1.68
snmp-server trusthost 172.16.100.183
ssh-host-key dsa encrypted-hostkey u9oFngi4v7vM94WNlfxoUKFY23fhmZ9JQuS6aEgd6cb89iO5/+2ZI5aKIESNjbGvVvuhbPuubiNcCU8YcIN+r2PchCva8yjJYSPNyd6v4F4FMbkDZ2LlEWSKUis3oKl7Sr8dW5RApWXFQdDHrYuk+Ukf/iahRILxAOeDddrS/2ILqCxxykDTKJbex9vCVp5AEwPxi4EbnMYib9u2Xey5piqG5B+oc+Ul26YtnyagZyo1riv8ER3eh/umGPebXO9L/b9BQGnhfphpyDErFu9bV9LiH5dLDkX0n+zTiXVsHcG53/JS5N4RIATsKtPCwBBg6Qa9YcvdDsE+CzmmAv2dy8r1DPeeiZE3IiClD/GjLb7kJmXfuVqgYUUiEUgWjHT7ZdfJ76VTY32AeCUZ18jNmtb9kb0OVdqljDwjm+8seRvnD2nY7LVG4aQV8q0spy1P3D377mcIx7MGYWrl9Bd2j6D1VL3tSmGxsTIWGtFGq8wL2U+++ldLsGygURe1Pc6xMBDIqvB7hTL6g+P3xByCdb16GXiqaEpHoDnVgVyMq56k/eR3YeWocuTdPR2Xt/oCEz6idF96qJt4XC0vHfuOVTI6UZkx+LH3pARHlA+CnpsAPWfdeoRQnEXtcX0gC3WdSpv7ZSumC2tNEh0L3o5Nrhz4OuAYe10fThqlrbJXRhlhCejpsYFy7glL67+G5m6IyiAsogPnkUlnRUwKt2B0FSayW7M4ktzrVA3g9ncB3F1/bqGoo4moH3sclaisIRgu56oF+qgseBCDE6T3kmghooYmBl8ddeAZx4YBOjsyTE0dt61xeJZ0B+Pd2oOuMaKxRz7ZoAPuagh6uq3dspZOWL+sKNdg5+vuBoE6cmPMgDMvi7z72KzrtfnOF5z+xRfD
ssh-host-key rsa encrypted-hostkey u9oFngi4v7sheeATbx/2B1sFeka5+7R2rmsI4ZG504jqu6PjOe2iuV0J2GnFsayJ+jOhgGoHX4kt7Grm7pv/MY/xa7nCh+jBORENkHbDSKz2DE9T3U9HPylaTzO1SkKlyB0TqmekcXhd8xemkLpG8JObAOY33ykWHaXf2IBA0v9KTyOkaqgsQgFrfGUbAu2c/so1Kgj5hE52X/YSicOlcTpCYyvH6//4yF1RMs9TxQhP8e/yHODXpIR1pp/Ny6nU7wZfdYHFUZ/u1AWFCEHJh5Azfxq+bD5ZRATMRsu5iUsmmmz0jE+UaPIw5sSm2VrWs5T8sB8Q/WzoWYNHptKdmVgtldLec/Qe6yerlRCo+hECDrtxDbro+IhXpttJZszDwNzF0g5m3ueF4xIg+6RsGpLgJhcp1KkK4Zn9VTe0l/wd7+DpIBtZyaFC6qyIeqnSVzC2l6OGOKbkc1uqq/ADGFNu/zfQYDo++aWVlcOvECLDBfhXw48gTL1c2Oi1bS9GSO6CgSa/CMC0Lv1lkZH2t6iMxh1fezZsuqGgw1ts3osYrW7IzSPgftRznPoItcVzFTGP45W37UI0DZJrEBhjwE4Up57tKObH8Lj+ggdR8F6oydJd57qOGtxQgAsHVFGQ1iGkvBZU+hf4k7kT2TVUC0w1gCpn0hmWNfFPAjdcnymn+G2PNjGaDKuBG2WZ5H1rUjeJx/8TozWwWfRFGNs38Wj1zJgCtdC7k/Pi+iHWF9lIRmYKTwUReLWrECIg22Ex0hgK9wCpb9aHkgEghk4QtmpdtS2iptL0/RTrZHF5F32lHsZYhtxFHC4fQXWHYbCrgwLQAOKKZI1E5ub1UGcToefvHyfAUz2jrCO7C+wfXq3DPYNx0CAZhBeUh3cgt+8JDx7QLZqltorugAX2eONTsTsDUWG31XEBwJk4qOQxWVVFqv0qG6nTjo8sBTeHaKiwEY9AJ+rfJxvfEM9CsR9czeqgyoRayFpUTZQSOzfeMVd5Bh773rJmimdGqylqqq+cAQorMKyUZmHDfC7MRDOR9ECQPXag/aWCnRRw/MduX8nQpn/cQaoF23DxsU3c0LlugKnHh6KmeVQfj+YwLZ+EgPKKtgwzREiolT8VmOQ/TmXoffMA1j/7IIsygrZkWzC4Ohl+AOSsFuYzphda6vKkRW3ibPwNt+RMi9573CXnlVpZ/BnFMb+SBcVvs9bDkcKlJgGGPWt/UVb5CH1/dhh8p7heXNkfBuKPFd2k2dkcHyH9/Sfy58ko6UODK4ng6/ZN8KgGNEWOtVvIWk5PvL2JIkqQr+rg93G6OAfEXTwhSobGc/G5GP4n+TW+GnVICgRj96RRn7bh9xM90KvEWic2OqEF1gAnzdeA/GBIrhgtCxN9psozb4rnvvcuJaZfrTs/uxEIYHefmb9rGJO01aoAaRNPX3BVlVnDCr2sFJZP157PFdyJQtCcqZyEFBB7jpfH+c6PZE60A594IuBchZmoK4Asyrb879wRBZoLajJXq/tE97i4r75EzfPYdzRuUbxBE4aZ+XD0tIbqRqYnvhIfuUueWwA2bfGw/MiuJYNh/TXSTLIAKK15VU+M1CG6Vw7t/DKpQlBRbVgC4k5P90ddJyTpCDrJKhH22cNgXyHs5yFeZGFJIitVzjZ5uAO4eX2xu1ZQTot4eSjQ5T3wqbdRt/ztL4SwZXdYbeqsfj5Orinso7PtOnSf6PzwV1q8AXhYNUJ5rr556wc1VrJbzF3cNMisXpgn+faPf/4dT0JB05C0gO4EY5wSS+pk8j3BUnHmVUDXYxKI+s6Vb9pFNcxzS7ZdaQDZHSIZ7lSPW6TT7zCQ6rJ6RBV9YNyfly4tQq33giwBQUuWelknkLbngEu7AYU/UbWd6wSQTihZIVi2YyehIWkG3HQ73+4PrGDktv7f+mQsJ/baBHwHn1ORj9GcqEth+EDHYq+JwTwZRXUYpFbitN9pD4+YnJ/vuHK37vGWmR8meCOOBbL0Mf6kQRTe5sSEL64PgioGHyUg58i7yOHD46dbW6QX59f+CC/LEYN2YaoJDJA/BCSoIPAb3/tsNUAJDiTJPsg/M+JQq+DndhzdbvKfCF6vTag9uUVogUYE9O1hxb10l3Ryaojk6Gb6jB1ulb1HCkNVZwRvoxkOxce6/+XuZ/8InjBIP6Zk3oyb33hVoqqi/pOcVxi6jR76zLyUaXBfmMu6MjkrjM1Xl6BbckeiTkOu+lsLRzM4mZBg
ssh-host-key rsa1 encrypted-hostkey ufEEbrBkXmixIPlmxQ7i5umlhaKT0EL8QoodX9tvS6bl/NNsX5YmsYwV36+4pvANhRlEMiolqO/J+vsEJZ4YFwyqEjV0P5nDN5kme+1NarjEmnjISdaOW3ohsQBl9zSw1dMfj0TGW+uVqkEwLIlOpkw1U9+dom2hE92N1LLNPWdQiVABnyXg3ShJ4XTX3irNHqdMkwVE5Wo+UHXWlLfCYKoDtV3xQnDqu9igeuc6OYxwqMW/l1uWCcCAmszkxaPTcmwcP3Yf4m/mZDssgdIGbdt4y9fbVYxgUKi051koUMcUNjC1JPXT8tfCtAMjC05SfXNNKCb8K+SQW8PIvC6kB4jPoKSUcXqtTTZxskIcb5PEW1UcSpJ9fbw719hY+aKPb941PZ8LwGtESYQbl0ALW9DMrWSBQ7YNXSq8ZJ3HBtho8iRG3jxzhIfdX+UniP1Xh8V2F8l4y1alJ2r2i3BUBebPeJTDGA3nW4YHIyW16pAIeRB6SKQM1BJxUBP0yE1JOMWhwxcu/lzeICP7pibBQrRBpXdwjI7bp27brqrjtRNLF1bIcbDn3bRDA1CALD+GGjjyx35z2HVDC3LVOD3iFDpfH0Mp7f5b6paTVGelDV9lmhJt6aUR4xDTxIUj9kac3LOlhy+qV2hM4N6OUI5tB32+rEzRSie2rcKAtGiWlQzSTSNQ0alJ1regt9jumyiLH4TQ64slrAb/NZffV4RJn6CgHA+8s6rBj7YVfRK2/LNGEGo4BS8sNNGmD79w8RrWN0+z3KQQat5te3aNjRuflvRvF6XV/mRJ7CAU7PA855OV+rRCvgZsA7h+PlO/CmFJPmCzVkSEcglglphIWohr6+zjbdd952DSYG9Nfj0Xj3/r2EYp/psDfO+qLCsOFY+bKXriix5MjO2Ib+r9gUP/+m8hc/L/3nqgiM3GUDN0Xfm2lOWE5m+qCous+hdX8+cKWzOT02RUssu22d5XJ45H3jnXnUdwBcslAKeNuPzscoALprylLyCF0mP/lUnw66MbsSKwT3pW+xQgynaJdi1fD+y65cy64iMZr5O2bqn2fTSOylffioczgUz7vhGwLr/kT8H4MN0czO3jOKTPUltS+H0nxz44GvYD/4SKRUEt3oe0R18YJUrAPrCM9MWCtUTQd9+AIIsmniTocXtuaW9qVO00mOdYqwUz13WzN8dnYXvX7enYlSGt91HpwoMdpe5TRGK7f4fMmDvh55ynN81Nop7H0Y5CZj/WxhGEDWEen4mxzvmlh5GNPD/F8fM86ZTuHikWwXrdxebN81BamENKWQ==
ip proxy-address 192.168.90.31 255.255.255.0 vlan 90 processor 1.3
ip proxy-address 192.168.90.32 255.255.255.0 vlan 90 processor 1.4
ip proxy-address 192.168.90.33 255.255.255.0 vlan 90 processor 1.5
ip proxy-address 192.168.90.34 255.255.255.0 vlan 90
;=========================== management-access ===========================
management access console
authentication primary local
exit
 
management access telnet
authentication primary active-directory
authentication secondary radius
authentication tertiary local
permit all
exit
 
management access ssh
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access https
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access snmp
permit all
exit
 
management access http-api
authentication primary local
permit all
exit
 
management access https-api
authentication primary local
permit all
exit
 
;============================ config-if-mgmt =============================
interface mgmt
ip address 10.1.14.76 255.255.255.0
no shutdown
exit
 
;========================= interface ten-gigabit =========================
interface ten-gigabit 2/1
exit
 
interface ten-gigabit 2/2
exit
 
;=========================== interface gigabit ===========================
interface gigabit 1/2
no shutdown
exit
 
interface gigabit 1/3
no shutdown
exit
 
interface gigabit 1/4
no shutdown
exit
 
;============================ event-severity =============================
email-severity auto-reboot level critical
email-severity cpu-failure level critical
email-severity server-offline level critical
;=============================== ip route ================================
ip route 0.0.0.0 0.0.0.0 192.168.90.1
ip route 192.168.78.0 255.255.255.0 192.168.90.2
ip route 0.0.0.0 0.0.0.0 10.46.146.218 255
;========================== ip route management ==========================
ip route 0.0.0.0 0.0.0.0 10.1.38.1 mgmt
;=============================== cfg-smtp ================================
smtp
from DREW@wwmed.com
mail-server email1.wwmed.com
maximum age 30
retry interval 10
to juser@wwmed.com
exit
 
;============================== email-event ==============================
email-event chassis-monitor
description monitoring-chassis
mail-to alerts@lime.wwmed.com
group chassis event disk-failure
group chassis event temperature-failure
group chassis event disk-control-failure
group chassis event disk-control-status
group chassis event fan-failure
group chassis event fan-status
group chassis event kernel-nmi-error
group chassis event module-failure
group chassis event module-status
group chassis event nvram-battery-degraded
group chassis event nvram-battery-failure
group chassis event nvram-ecc-error
group chassis event system-bus-error
enable
exit
 
email-event noc3
mail-to juser@wwmed.com
group chassis
group metadata threshold-counter 5
group metadata event online threshold-counter 2
group storage event share-online threshold-counter 3
group storage event share-remove-complete
group redundancy event ha-pair-qd-offline
group policy event shadowmetadatasharefreespaceerrorraise threshold-counter 5
enable
exit
 
email-event power-supply-monitor
description "NSB power-supply monitoring"
mail-to jishan.zhang@wwmed.com
mail-to howley@wwmed.com
mail-to m.daniels@wwmed.com
group chassis event power-failure
enable
exit
 
email-event tech-support
description Built-In
mail-to e-support@wwmed.com
group chassis
no enable
exit
 
;=========================== ntp server config ===========================
ntp server 192.168.25.201 version 4
ntp server 192.168.90.18 version 4
;========================== logging destination ==========================
logging destination 172.16.202.8
;========================= at/scheduler commands =========================
at date 03/02/2012 03:29:00 every 5 minutes do "show sessions" report adminSessions
at date 03/03/2012 00:00:00 every 1 days do "copy startup-config ftp://root:rootpw@172.16.100.183//tmp/acocfg.conf"
at date 03/02/2012 05:00:00 every 1 days do "active-directory update forest WELLS.ME.ORG proxy-user ny_admin"
at date 03/02/2012 03:45:00 every 1 days do "active-directory update forest MEDARCH.ORG proxy-user acoProxy2"
at date 03/02/2012 03:30:00 every 89 days do "cifs rekey all"
at date 03/02/2012 03:27:00 do "show cifs-service user-sessions all" report cifsUsersGgh
;============================ SSL Certificate ============================
ssl
cipher ssl-dhe-dss-export-with-des40-cbc-sha
cipher ssl-dhe-dss-with-3des-ede-cbc-sha
cipher ssl-dhe-dss-with-des-cbc-sha
cipher ssl-dhe-rsa-export-with-des40-cbc-sha
cipher ssl-dhe-rsa-with-3des-ede-cbc-sha
cipher ssl-dhe-rsa-with-des-cbc-sha
cipher ssl-rsa-export-with-des40-cbc-sha
cipher ssl-rsa-export-with-rc4-40-md5
cipher ssl-rsa-with-3des-ede-cbc-sha
cipher ssl-rsa-with-des-cbc-sha
cipher ssl-rsa-with-rc4-128-md5
cipher ssl-rsa-with-rc4-128-sha
cipher tls-dhe-dss-with-aes-128-cbc-sha
cipher tls-dhe-rsa-with-aes-128-cbc-sha
cipher tls-empty-renegotiation-info-scsv
cipher tls-rsa-with-aes-128-cbc-sha
ssl-key-store /u3+7QAAAAIAAAABAAAAAQAGdG9tY2F0AAABNLiJr38AAAUCMIIE/jAOBgorBgEE
ssl-key-store ASoCEQEBBQAEggTqRf48agFQBaoSoFuujYxV7qTKrWvxWC3FHhfgAKQshmxYvHqT
ssl-key-store 14z2r+KLpl7D5fOqkE+VeIaV2goXZl9LqNKcXVrF4/0tWa3af3zReFdWsq1I+0pg
ssl-key-store 0kcNzBRzDFEEY+WVQasjhyCTfv/s/FAsUSR/55veG44p51gA0Nqo4g9ypK0RKh+i
ssl-key-store plk1NLADyMadhhwgT+dBMtR1OakmjbTfK6ntrpWFe737DI+iKIErvasI1wHbfQ4i
ssl-key-store y13Kme47X7u2+p05BrfjZofKCqJH6dnVSj9VRqDDOHrNOPQ4jyi/Fqg3yEkKQaOb
ssl-key-store 9h7Y7ATkFhGoxTdN69VSQtSFXzh7ndQSWO1pWiMcjz59E4rxAysFKuK4Q+uhdpck
ssl-key-store a/RXVe9lZ4B85MeBH7jI6IxV3LJSZwWxoAU+v1SycDOnKf85OVUdS4wKQujfak/0
ssl-key-store 3lvJLBHH5sSSljPYjWdSaBYRgRpbw3CTVg0nPfZFzUqU35sfka3GIBvNE28sMliB
ssl-key-store VpoiVrU15oEC76fJxdzt5flY8PTPnPh/J8w76kslfIEcFr+uKsHzf5K2ddxYHdTt
ssl-key-store MGsT6t/R36aFPNWTkS742R7w7MxNm5dH28YV5icQJtBABcfYi9i5duVRg1eJ1n0K
ssl-key-store Obp6xnXgQx14kK3DBsWTCwvDafYamybLUZB+PByuU/Bq20LZqc+uyQwbXeCk+QxV
ssl-key-store sHUtCabQr6yCGsYwSKXcXVO/+N8X9Q3oVRR7KTrgwHJGMapx3LVjOH/RO5jNGQ0f
ssl-key-store 6BY8Y32LpXsPpw+g2SeeLwEH4nRi08lKZdoDJFCpu6QqHpjS0M/dSIkpl+7RttjH
ssl-key-store z0/URx9GFn56lq7mv3/xs+iVWwmb779HtUEvIJDcOd6uJNpSLPX7tFRfxQCYymWG
ssl-key-store /demhpL9mHwsqTDrXREIzogWUi4jhK4vx6x5lsbe6TsdDyDkYfQWVIpcLDzEyEpV
ssl-key-store AfzbmocfoWWbgZaup4HgAHk4sVV26gp+hlfFoqAD0aPDGtVGv8z1W4rj9ewXBaBU
ssl-key-store OKDFOaFSib3/OjzqAL6RltgocyQN5vAIBW/7Wytl+b8zCojYeRG1pYkWqE2LjhKF
ssl-key-store jUk212lzB+sz2i2sYyu0IfdXCGW3ptibjYghnlPc+Cmm5g9dB5biMSEtxpSZVKur
ssl-key-store /Eo7AwnV9zzPM1SE6OgUQczkbS2a5zr2BJ/ExzWSm6Bj/WYmrnVIeZae54BBDQkW
ssl-key-store xy1PWd3KMQrxCwEaYbPUxXdnyqkkF2jM8rDu3FcLnHF+0VYK4wutLAYZ1aNtEk3v
ssl-key-store ehNuXVA8BgLzByWlb2LlJPcGSt6gNzlXehEn77ECtVzOIPc86ybs+R320jVgj2zH
ssl-key-store 2E6JU/n1BHH06J8PRoVjjO3fYZBZOECE9Uv3e4HjCctOwzQu9YGE+UMnAFN7hfX7
ssl-key-store rg7ZyaKvCZspoNZ/HkEImuTmNAVrO5Zd6M6DANQ6ORkseO/dN54ZslnmO1mLMxys
ssl-key-store 1GNKLwOPcaCDMma8u9hrjfAoNHgOXSM2cytgzaY9aFBXxt4MHkIPp5eMzoThdKuD
ssl-key-store wErJYxveFxLFWdAa2VQc9B2gBo1SEw0g/coi59PsPtKgs5O3VGJvloC30xUmTFMD
ssl-key-store 8SJpHbG4G93mSDyE2J4JZXSW5z9bYjY8YoD8RoR8MiUX7W/B4B4q+nuauBW7tNMH
ssl-key-store CBCBRbOnmLCgWNhepHKje40cFpspOAAAAAEABVguNTA5AAADjDCCA4gwggJwoAMC
ssl-key-store AQICBE8IVGUwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQI
ssl-key-store Ew1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5l
ssl-key-store dHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNvbHV0aW9uczEeMBwGA1UEAxMVbG9jYWxo
ssl-key-store b3N0LmxvY2FsZG9tYWluMB4XDTEyMDEwNzE0MTkxN1oXDTEzMDEwNjE0MTkxN1ow
ssl-key-store gYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQH
ssl-key-store EwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5ldHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNv
ssl-key-store bHV0aW9uczEeMBwGA1UEAxMVbG9jYWxob3N0LmxvY2FsZG9tYWluMIIBIjANBgkq
ssl-key-store hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiahtKdXZ1iq3ZcJ1++NHr+B7mIQ9+aJZ
ssl-key-store 2cjcN/pTAph4L2Jm2fd4fuSleL/qLrSCIsUCSynE9808hWRSJxLo6gtNB2sd4bzq
ssl-key-store quzkXTDL4afeOUqXRd1nqKGx+Zl9yuPO0qSFhb558LKq1zbMezCME9Rv6Vi9iLoc
ssl-key-store 7x/UMQftl5jY0rUBI+sxnO51m2fdh7c07G+OX07YsTsn5H5DDLdDybbKD9GzcHTw
ssl-key-store 9hQKz31HBux5WnzmB+JP+2fjLZs2JuW5SOZ885T0NWm3gbiwRIEu+s3c6ciKPS2B
ssl-key-store DvFb4G0Y/vwNm4v8Guhz6DqqAKU4EroDB7yfE6XoBiTnbHD49qYzswIDAQABMA0G
ssl-key-store CSqGSIb3DQEBBQUAA4IBAQBkEDAyVFRkhoEOJ5SyJmFRbj5z47ObpP7jRyLvut2e
ssl-key-store 2r63k+osd0BRtSqS69uX/bppOpmg2izFyGVstb67mxsQk+z85co5LepN84924bdz
ssl-key-store Fxsn6yewizygKP3jz4U1trQD/S0tRjZmXHfSaBrBUX7K99uSSlThYkNSRtkz3sk3
ssl-key-store 3vhXXO7Q2nEk5IZRcXebiTYp1n3c7Tq5mSZpAf3cJ8us2H2ti/DS1WQL/n9x8mJz
ssl-key-store u4kMrsee35gJZnqxGneajl0boJAhREMn6jFrmPbcQDlcC7TtIHWXa9VLMYZDOwGx
ssl-key-store iBlexYFgEtZu3FvKlKRjoAQZkcEVSu0eCh33NWkxBYi2zCnfxsg7Q9Whkx8RIgmU
ssl-key-store jGEFvIM=
exit
 
exit
Figure 33.6 Sample Output: show running-config (ARX-2000)
prtlndA> show running-config
; ARX-2000
; Version 6.02.000.14335 (Feb 29 2012 20:11:44) [nbuilds]
; Database version: 602000.31
; Generated running-config Fri Aug 12 02:27:58 2011
; System UUID 876616f6-79ac-11d8-946f-958fcb4e6e35
; ip private vlan internal 1008 metalog 1009 subnet 169.254.58.0 255.255.255.0
;
terminal character-set unicode-utf-8
;================================= vlan ==================================
config
vlan 74
description rtTestVlan
members 1/5 to 1/5
members 1/6 to 1/6
exit
 
exit
 
;============================ config-if-vlan =============================
config
interface vlan 74
ip address 192.168.74.66 255.255.255.0
no shutdown
ron tunnel toBoston
heartbeat failure 3
heartbeat interval 10
peer address 192.168.25.5
no shutdown
exit
 
ron tunnel toMinturn
heartbeat failure 3
heartbeat interval 10
peer address 192.168.81.22
no shutdown
exit
 
ron tunnel toGoffstown
heartbeat failure 3
heartbeat interval 10
peer address 192.168.158.147
no shutdown
exit
 
exit
 
exit
 
;================================ system =================================
config
clock timezone America New_York
hostname prtlndA
ip domain-list wwmed.com
ip name-server 192.168.25.201
nsm warm-restart
snmp-server community public read-only
snmp-server community private read-write
snmp-server contact Dude_your_gettin_an_Acopia
snmp-server host 172.16.100.183 public
snmp-server location "Training Camp"
snmp-server name BORGATA
ssh-host-key dsa encrypted-hostkey gNRZ3TE6lp97oVRHETyLGlTYotoz1uqVl+h2e1DveFiEV89hLnEPzIIqnzyys6Jnb7vNpoXze4LFUfuRvfjSiZz14NdYc2cNyfRaBzcUeAm1qjxY2fhz76iUTyeK4Gq4uGH7X/Tjn7jryIFsOUpfDK1zUiVhs93pRySC1UmPYP83Cv4hxd5cAP2qD+zMvG1ODQNemyj8L+1LIpNHagWQOtYdaBR0iND0SXbdZqdKl2waHroYgfU1iqVAFYSXMO+cXG4Ya156jKbyc/FeikRCpKLOCIq6L09GevX4fom+5IKQ+HOpxMF/cD0dBIW0jylTZ8yaDQNxvM8ghcPw9xS2nrMOJc/4EihXi9KUGwpcH7VDlaqo4lCV/6qx/CUhSbqXq0zEJG+sdNpxguN3LzqdCVia6PEaDxtsJLs9OMdaeFTK1g0bx7ev9lT7aWYOnGgdNeyJu5RV2+I1/dq7Yz6/1/Pe1jPJxpbVWRZWK3ndiYqDaUsROMsM62dLahuD3djQ+l7IVf32/AZyHMnGQeoELGddj735+aDMHyNIvwXyUQQNiSfnO9T+Ee7yv65BrPkIiVe9OLJXSFQ1xDhIP0uyoh8V2E7J9h8ShyjDSamTJJX2b30KhIgyxevsZTchFLE8j8budnSMe63ybTY4ftEMyqb+5YBGwpuGrBUoSWY5KCYs165r/+F64chD9J8I5FroL8pisaZQ3XIyB8qcorccsdcnTHCy1tK261IfdMI2Cf1+QOxPVQOIB4mv5dfL4FT0AsoP1NJjSrwssj6dY7/YUcNFpb5Zh7wRxl2QgaMtYQJbSx6tCs8WTwerg2FO0PIyZdGJIJUIbHdxHMZM/lw6/+lcmsXAqrD7tg9vX/mbTSRJ9zmFJI0oApws0Se32RPo
ssh-host-key rsa encrypted-hostkey gNRZ3TE6lp9ZY4xuVz//ReoemfZlmMf5L6WyVUO2dLQ4uas462uU5K0zQqTcOYzMhMRYVXiJEVJ93ae/1+ykLFwTc7TCi/1NBJGv80bf+ba2eLzl0FSfQ+kzAcfnz961G87WifW3QosII9cJ3cVK6u8WwIM2QkeefWAYmgyviVXBk7IZwrd9nB9HGHPe5BP3vQ++TCqTRdpvJ2EUCn4yaLFUycDPjBbKhSSHWZ5W/Ba7cEG2bjtxJS0XPk6axPCaEuxpgF8OJLxLlISueXnSZJWIX1z1p/vzMdPLuVOded5HSrTIRI5cpeHGZZk1CdrSQJEoJo/9Lj6zZPL/ojrEIdCL+Xw2Z67ECSeNuP9ic0S2SehLIxwEhclvPiyYHudp7CASLhIhafgVZ4ArHeWU+gwBmXp/uTeKp8jnElmd6WF+7LA0suFYu5ncdDu2JjgRirrWLY4ofC7fbgEOrFS6eawrYly3WyujeSi1TlvP27oprlOjHNlinZ6tHf/xcI4k7LmzkZjCtIsnsz784CpKw8j7ktVbWMG+AdcytHlf1cJ3mJcfA8FMHvsQUS7vhOcfLuCYvjP1odb8190Uh938GrHyK67BU8bioh3PF0eMUsbvN8DNEmH9tkyTSkIHpaoDnLKO5PO9+t4EbXSK1i8tkPiAVi0Z8DM2RIpOFOgQdJfYWAhOp3J5VRCNG6x6AIg7vwZQRgQdZoQVScVVV+3ayikkUCh1ZRSorxQ1vUi6cAsZSXOz+nDLAJnpK5HIJ/wGNvLkY18ZvKXvimYRB6dfRB3EnWRpkDsXA4aEb6srJlhLfphwJ5tOFwi62c/LEpqc3NUYsE7J/B944MXTSmxddIzYt4GQ9w5ZWfF19ZaHHoGeMTY9iWMIKn9Z6lSGEnOAlohcSn30zxUfXK6wjPEhIgdRESW0xDdD+6eshbqyQur8TdrIbReUWfgp4CUiFaqclpZeDjP7dJQIUzwApUnV3yGTPuTUXRalTc5s7dvuPgenKQ5k+GoPlrZRdb1AR9hp6bQHU8Shus1ljcG5U4hcvHQSoBbFd/nyNJK1TlDdDxnJ3WVD7ZV7g6DFekuKz5fmL2GhKcRDn6OmJxsunsxgzEMr+QOpB2mQJW3V6HQLf46/Rmz1P78cLrQtwozilDwqxDaNV4Qo4pWskGHUKuf8j2eb50FYqNZ3zFo95uWI8mgqLUwb7ct9bcoAUY+4Kw6zNr++AWOtjcUhk/u93aPHc/5DlAPhPq38RJP7uXajImQ52he007rAMurUP/TJgCaKrOIFP/PPjV9J7+GWCJgOuh4HjzfHSN8unoFxh/XAvZCvh9W1lABF08tg6kD1tQj9qLtm2rfNTHkfhlaicvgK+kzHdaR6s6nL73qXLnnrHjrHYF25gvNRR7ViHKSs3u8Lk8qL4ZinHQW0G2+22dcnVJQFW3i0pHzv9lClJ3t5F3RAL5K4H069EytiIpdpAtBb2lcgB9hkM6od7ipeCZCCO6aLskU1Lo9xPplj/68Vo17rohReORRsq9XntgC/IRh+PxV2qXNMijbUkaaniSVcMUVgVobhRBHaK3duIf/SCjm4tE1sJqS5TNllLAuECh8Eqb06Rt7ZbBGqL3gxEsyZ1/vzyJ/PFT3VCiMZHg24bPgbe9o7FtGhYBqjk2zMAP4wQYNTy9wVlXiU4B7xLbHlpcRpVUaMhjDMWplk/mJOhxy1AYgvhfpFPH+2hhQb37zfPjmvscwV929mky6kXL+yctEBT9VwB4q/EgqUAqBdFmiwuP5MvsNQ11a9KTwkvrePdx/EaxgJ0BVLSNqGtS/NCwgcF7CKNjNtlXYZ4qOmY5v4CMaJl87sEnl8V+GmlURlS5LLeWmHLDaeg+vrQ3pP9j1aUCPIT9M0O2kulu3CCDq4ks+4PkpGkotL6fMXi+WD1FSfFricIr5ek9Od/pGgckIuM5RNSkSsVasjgwIl27TLgRCRu2/TnB4NpAQS99Y4DIplnwy82bMRz9/wNKSm/wTiOKg3/dOW9F5wIhlspPe6/agzn0hqd/jTTEGKtYqWjp0Xv0jJyCiYh5OuT6oVs0Yo/RxQvvyeS9eyBbuLuSI1DYYGWJLJ0awR5BCGS5TlP9jqKf/6scj/GLLZ9n3+doZOLVHZVfP3JDi+qpNsd5bGEp3LVTUQ5DiqoLTLGkDHOx/ZQPcIGdoa2jAbvBpJF4q8HnXDMPdCR9Vtxqvbq+rhAR4dKEf8GJ7pAd0DsrU+
ssh-host-key rsa1 encrypted-hostkey 3bssB6t1aQ+hhd/J/koLVHL8ww9iofch87mbK0RnYTxtRSz/OZv4HwpqM3zfrD9pPnLBRpnNYM5ODq2xOtCTy2BO4YOBNSQNnCJja1+9AGEk9YDL0DIPQ/WcPSKNcZPJFt869TH71JbXeRYM62WmXG6uJXS+UBgWts4kSEFEp8EYE3Bz6oXAh/g5fhag3W2+IyUJQpDYnej77ZKq52p0tggPVC2XvsscCbkc58Ou+SsH++kbo6keI8/QpZcQ880n9h68QipAnr7HAsulEMNLh2HuKOfyX0khdCHGxmfsMXSD0CMWDxOOa11b7j5eAqHUQE4YX2H0dXmiTqFswE/u+/uDFwlklPOvOCk97ArUEpH/wPpJIylHFfGcT9QHubn1zyEK/tNm5VBTEF968QjKpvgdQsn3HxyLNF9U6/6wOI3XtTvmUgQSdqiGNRd9NA2hqSnxspBlIMcs+tQ4wd6xk0VvSdM5NuZFq94CdmkRt12vG+EjO/JxHGrz4kCYkuOhL0iR1cNkpLw2CfnbYCtV6pGtTQSEnDpDAWf8Z++/Nh/qArLxfsJOe4LpnNS3nzG3sA8zEs7ZVYrB5RfJONICnq1U9Brbgp6xd6Pk3qESeNnazuhZ3ZXYLbHUtWFRaMoJr10CALpxUaFZEieK48kggywu6pMcbpmRgER5LUA0RKs8zrNVWzv3msr6N7i4BPn8ANFdMUmxdbx2QyKumovVAm5hRATUYohpFNjkUIDaybPHlQHfP4JcCWliHAQ2HiW2pCwmeuXDffh76RG6DpLlZhP9gZQC9bnfrXECuzcdGVWBkema9mRNepA4vF3D9uw2BTbaZ316J3/1NsOcrfPcsG8dThPc8YFAF/I+MfreeYjUYlcJr8n0Fvr18SQ56avuOKMmcMMYM7vUAXtuxllRFpjdKkXu8HIPtYH6ZsKV1EyBEPeKXU5/Tek6eecuh0CMCIVY/qFdrtFJC1SXbs6w7wl72QD3i0BXI7FcnoNhPC/heiFhstItd2gBFkW1SZz/erbS1raO5M6A9IZetKFeEqKztu48z6pwJJcdeFmxpFjWWZS7/XFfGOLEXWEO5KHr0Ap0MqfNfSgFv9wzYfCKL5cJTGtyO/v+i0njOw/Bz9m4TUTAgofB5w5mQiS3eqdmUYFPFE+cjdhd6oBOjLsK3W7XWs+1c9DBJzh76dUoAHhV8ikp0Q423PSsMHr0+VFExN+B02cEoNJ+4qyYrFLT7ZX5Ko0xodYw2c7VVSwotUT7pcnrCYuAXjoC/FO/ImcxL//PpgBy5X5DUJ2U2pNb+g==
ip proxy-address 192.168.74.21 255.255.255.0 vlan 74 mac 1 processor 1.2
ip proxy-address 192.168.74.22 255.255.255.0 vlan 74 mac 2 processor 1.3
ip proxy-address 192.168.74.23 255.255.255.0 vlan 74 mac 3 processor 1.4
ip proxy-address 192.168.74.24 255.255.255.0 vlan 74 mac 4 processor 1.5
;=========================== management-access ===========================
management access console
authentication primary local
exit
 
management access ssh
authentication primary local
permit all
exit
 
management access https
authentication primary local
permit all
exit
 
management access snmp
permit all
exit
 
;============================= spanning-tree =============================
spanning-tree
shutdown
exit
 
;============================ config-if-mgmt =============================
interface mgmt
ip address 10.1.23.11 255.255.255.0
no shutdown
exit
 
;=========================== interface gigabit ===========================
interface gigabit 1/1
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/2
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/3
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/4
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/5
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/6
spanning-tree shutdown
no shutdown
exit
 
interface gigabit 1/7
spanning-tree shutdown
exit
 
interface gigabit 1/8
spanning-tree shutdown
exit
 
interface gigabit 1/9
spanning-tree shutdown
exit
 
interface gigabit 1/10
spanning-tree shutdown
exit
 
interface gigabit 1/11
spanning-tree shutdown
exit
 
interface gigabit 1/12
redundancy protocol
no shutdown
exit
 
;=============================== ip route ================================
ip route 0.0.0.0 0.0.0.0 192.168.74.1
ip route 192.168.78.0 255.255.255.0 192.168.74.2
;========================== ip route management ==========================
ip route 0.0.0.0 0.0.0.0 10.1.23.1 mgmt
;=========================== NSM Configuration ===========================
no nsm recovery
;=============================== cfg-smtp ================================
smtp
from BORGATA@wwmed.com
mail-server 192.168.96.53
to alerts@lime.wwmed.com
exit
 
;============================== email-event ==============================
email-event chassis-monitor
description monitoring-chassis
mail-to alerts@lime.wwmed.com
group chassis event disk-failure
group chassis event temperature-failure
group chassis event disk-control-failure
group chassis event disk-control-status
group chassis event fan-failure
group chassis event fan-status
group chassis event kernel-nmi-error
group chassis event module-failure
group chassis event module-status
group chassis event nvram-battery-degraded
group chassis event nvram-battery-failure
group chassis event nvram-ecc-error
group chassis event system-bus-error
enable
exit
 
email-event tech-support
description Built-In
mail-to e-support@wwmed.com
group chassis
no enable
exit
 
;=========================== ntp server config ===========================
ntp server 192.168.74.104 version 4
;============================ cfg-redundancy =============================
redundancy
peer 10.1.23.12
quorum-disk 192.168.74.83:/exports/quorum-disk/portland1 nfs2
critical route 0.0.0.0 0.0.0.0
enable
exit
 
exit
;============================ SSL Certificate ============================
ssl
cipher ssl-dhe-dss-export-with-des40-cbc-sha
cipher ssl-dhe-dss-with-3des-ede-cbc-sha
cipher ssl-dhe-dss-with-des-cbc-sha
cipher ssl-dhe-rsa-export-with-des40-cbc-sha
cipher ssl-dhe-rsa-with-3des-ede-cbc-sha
cipher ssl-dhe-rsa-with-des-cbc-sha
cipher ssl-rsa-export-with-des40-cbc-sha
cipher ssl-rsa-export-with-rc4-40-md5
cipher ssl-rsa-with-3des-ede-cbc-sha
cipher ssl-rsa-with-des-cbc-sha
cipher ssl-rsa-with-rc4-128-md5
cipher ssl-rsa-with-rc4-128-sha
cipher tls-dhe-dss-with-aes-128-cbc-sha
cipher tls-dhe-rsa-with-aes-128-cbc-sha
cipher tls-empty-renegotiation-info-scsv
cipher tls-rsa-with-aes-128-cbc-sha
ssl-key-store /u3+7QAAAAIAAAABAAAAAQAGdG9tY2F0AAABNawdrJIAAAUCMIIE/jAOBgorBgEE
ssl-key-store ASoCEQEBBQAEggTqVatRMfGcc/1i0yqSnJBS4eVRRufRoF3ck7TP71jU+YW3Fz1a
ssl-key-store zun0+NJJvt3lfe6GtmXJkkS/pQEQWL4laYrN9lv6o8TvJsHYTJ4nDhqsmPqyGt4l
ssl-key-store FyS7GTTuqtCq9VJVa69MAfjx9s18g+3uD8fsBpmLQDWBBot9R1YQ5FfZqTpaJEdt
ssl-key-store /+474QLt3kC3tqAcFF/0CJiVeWoCiaZjyf/8IvERnJlmxqT8EunYQS7i6tMHId3+
ssl-key-store SSys/LP5RT9awWmDbA7cqnh1z7RXa6EY+RfG4WKmJqSVr+MGSXUWT0BU4nQqWd4K
ssl-key-store V+jll5SHo+ndLn1e8uDh0IgCHgd/QaFAIZP5kENdwiln2yDffLhE7GB0VEGKHWVo
ssl-key-store P3ZApdhCXkd7sXPXZbq8l7DzKdtq2+vk8F20/GJm+qeIDGdjcNcYsuo6nAtmT5dp
ssl-key-store 3+dnXHtn/h6dkJvq9fO+GStsBk0152MfjVjgYsTY1TMpkw1T3OU3aY+O84c5tNUO
ssl-key-store E4/klAV8UgOZMtr18XC+mZJwPNPmTb6CQuiybntrbfBntsX2WtgOx4mJ/QuEA58R
ssl-key-store jlTRA1W2H3yBHWSEFcwyWKv3gppXYO7/d2awIbCS+DwNo30Shhs5nTNva+uMDsPx
ssl-key-store 9WEAbAqkni7EZHa24JFE+uJWkPEpX05mX2M9IcVZJ07pqk0rq0Y8GjTuAaeG/sYM
ssl-key-store 5LtVLeHnLgt9J37zItNWPiTTTuzlWQsb2lgLzUoNg5AEfm7f0PGOg62lDOByCuWJ
ssl-key-store nuOwZCgnq616NDqLtyh8JGL9/atYodGHUwmUCDrXx45H4fk/BADZaSMiKfPStVE4
ssl-key-store h4V0MUGk7X+0Vr2QOQWh3YRj/Mq8P9hJpdYSXf+sE13+MduoJkwxAyW+VoaboDRV
ssl-key-store J0ioNWB6jhByJyQG0feLOFShlHJI7C9kbjOBP77l3N3TKtFwv/wbHH91dahlYdYr
ssl-key-store WJpML9CXVNOukscggRYi7Sq9qYcorZtChs7KF55/+tmJxuDHGi1hjm5kSYEs1ib4
ssl-key-store MPctBJWxaIAPEa5zReg2DHqfOB9/XLGq4kNlLqJpt8031+yRxCcm5JVF98nSEK13
ssl-key-store 8j979mYf7BXRSfLjgV5GL55rf3ZXowZjGUuyTqzNKudoyUA2yNCFCHEMaBcQDerj
ssl-key-store jcOQDTMRBVmWG7CkrfwssLityJiRNcBZLEIENdtY8Ze+TlK0jAQiYyNhR32Ahe6i
ssl-key-store mJYxOL8rlJD4R7n/NbAf7PQ2j+IbMi3a4GPmaTTPiIFBa+B/SR2qYdzZqE42mcBb
ssl-key-store rHtjbdvJPHH9RbSnnSEUeV+uqgitzQhRjaXaa3DS+lP3fTfR1OK6Ch+bsVbk9tN6
ssl-key-store tt1aw/syMAv/BXhRNJ7nq/pW+BhLGenCA83E5AXrsf9ZbALTA830swEDgKbyOcum
ssl-key-store yR9M/QgkzC/5dK27zNpfeiD4Px5w2is6kwP4ifGnm7k02j3a2mlZSBjUVU6Rbx/V
ssl-key-store aUnEbonCVdj4ep6tf6wulIpbT0avnD47UpuiQNBljcgYx7bMQmkPfeCaryo5rxQw
ssl-key-store A4daSBUNcIrdvqnQAKzPpeEK68P5KXiqZlOkVhKjRcIsFLingvLoH5D6X7QrMCYi
ssl-key-store vywJjoZVOJqoGakPJd9JDyrjgUi0QEe+cnSsrlPh5D2INV7+SdfCeZD9M5TYhODV
ssl-key-store hPDEkNCu3wTUDvdJZHMBvZhqxN4KgQAAAAEABVguNTA5AAADjDCCA4gwggJwoAMC
ssl-key-store AQICBE9Gr4gwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQI
ssl-key-store Ew1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5l
ssl-key-store dHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNvbHV0aW9uczEeMBwGA1UEAxMVbG9jYWxo
ssl-key-store b3N0LmxvY2FsZG9tYWluMB4XDTEyMDIyMzIxMjg0MFoXDTEzMDIyMjIxMjg0MFow
ssl-key-store gYUxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQH
ssl-key-store EwZMb3dlbGwxFDASBgNVBAoTC0Y1IE5ldHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNv
ssl-key-store bHV0aW9uczEeMBwGA1UEAxMVbG9jYWxob3N0LmxvY2FsZG9tYWluMIIBIjANBgkq
ssl-key-store hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ1ZzhoDcs9BHzgyQAwlP4OCe/HjbDL5
ssl-key-store 1RATH1GiXSHdTZXGmjb0InH0RUhVP4iGO5PvJkySIZX3sqmCEtRkXq4M6lI37RHk
ssl-key-store EokX0eut0w3xn0ByxNJkiDS+4UC40RHmPDDIrLtfJyuZ3iKKq5qjZKzYiJPoRwk5
ssl-key-store pykBU+5IG7lbUPTVUF+HU4Ykr56m5p56pCOao6R/nzMVj5R+5S2MCZYvK8ExoGd0
ssl-key-store 1YydE4xc5GGsrp6pR/19wYRRGQTcrflr1yWqxf/S1iJUFsuGgR35n5nZyVPjCLuC
ssl-key-store aMJPpu8WHrt5bJ8WNTl9gcrnp8MpqgUQzeR6mmhUhSarxqMxlao1VwIDAQABMA0G
ssl-key-store CSqGSIb3DQEBBQUAA4IBAQCRUlT+hFbSoe+/5AfUABBf07CA6X5y0GFX5dTGIqU7
ssl-key-store vXzKOXULJS5B1LIQxzHWMhmqVAgH6/8PU9gwNO79EQU9zjkTbJAukK2Yj5WK3SFX
ssl-key-store FjIWFGwYANlpPnXvk2yAL9WWcpsnmmZtDOczpgVkG+IXMOY6OFV0nqWdSzb6kAFs
ssl-key-store cfPMuSHS6kEWcXyq9v8XMpVbhT7kMkRybY6fBwuFDvA9CVKqU58oniBbMT1Ojvio
ssl-key-store /AECOnjFajgTxSiULtw4UuGz8gBX4OBNjl7LXoIwSdTL/ybZJvIfNkDMQiF5+iXQ
ssl-key-store s/68ozKbhLYjlZiMs0bHYE9lc0eA844Aunp0GsMCGB895JLa3RajHY5C8glcpYAz
ssl-key-store /kVkJFU=
exit
 
exit
Figure 33.7 Sample Output: show running-config (ARX-500)
provA> show running-config
; ARX-500
; Version 6.02.000.14335 (Feb 29 2012 20:11:44) [nbuilds]
; Database version: 602000.31
; Generated running-config Fri Mar 2 02:31:21 2012
; System UUID db922942-876f-11d8-9110-8dtu78fc8329
; ip private vlan internal 1006 metalog 1007 subnet 169.254.127.0 255.255.255.192
;
terminal character-set unicode-utf-8
;================================= vlan ==================================
config
vlan 103
description "personnel dept."
exit
 
exit
 
;============================ config-if-vlan =============================
config
interface vlan 103
ip address 192.168.103.160 255.255.255.0
no shutdown
ron tunnel toBoston
heartbeat failure 3
heartbeat interval 10
peer address 192.168.25.5
no shutdown
exit
 
ron tunnel toNewport
heartbeat failure 3
heartbeat interval 10
peer address 192.168.8.106
no shutdown
exit
 
ron tunnel toGoffstown
heartbeat failure 3
heartbeat interval 10
peer address 192.168.158.147
no shutdown
exit
 
exit
 
exit
 
;================================ system =================================
config
clock timezone America New_York
hostname provA
ip domain-list wwmed.com
ip domain-list MEDARCH.ORG
ip domain-list bigorg.org
ip ftp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
ip name-server 192.168.90.18
ip ron-user admin encrypted-password euTb0S+dkoPRvYvA021HzPOqUtD0FKF9H0nfBBv/vYo=
ip scp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
login-banner post-auth "Running-config last saved 1/7 by J. User"
snmp-server community public read-only
snmp-server community private read-write
snmp-server contact "jpublic, jpublic@mycompawells.me.org"
snmp-server host 172.16.100.183 public
snmp-server host 10.1.1.68 public
snmp-server host 172.16.100.101 public
snmp-server location "2nd floor lab, row 3, bay 4, shelf 5"
snmp-server name arx1
snmp-server trusthost 10.1.1.68
snmp-server trusthost 172.16.100.183
ssh-host-key dsa encrypted-hostkey u9oFngi4v7vM94WNlfxoUKFY23fhmZ9JQuS6aEgd6cZip2E/2pxymcXAHYlrwQj1P4BAhGD6vxTxUKXQZ4kqgKuCFJpj96npQZ3hgvoOowZt08EawDGkLRbOM0RqeGaQa+O1sfShi2f7mPB4wY5w8vubG+OmLv26GxmtJpP6DZIXemQr8X8olJphzwJNEphH0COH0xlcK6MueVnolMVf7Pr54b7QPiw+5hbciSuhHER48rj50GwGOfNhsGjGhYizS6uZt84cyIU5LIft2X7QQ25zcSAn44VtefsqBEWF/q44jCbwM1fbz8E4Ichiv6vHbnn/basWK9UniOHEYdEOlo3ZGcax930CZvoFoupmkPfUEH/vK3ZPqh3BoQKyhUXZpnYqN6qTOJalxSy3aEaJpASnKMoMEbZAYZzMJAGM7+YLX/qe4OyK8EO3QzIS4YJicYxPxx2MOTh8C9TZ7XrwtTlT1KIHv9e2gkeq1jpwLij5oMiw0WphyB2Vdld6k6WV8GYtXv1PfxxBTEvw5yOqSbRG5+hfDu62gwIuL5Rftzbwwfk1aGqcQDPEGuLxbrb9y7XXGRccL5yR0iCojIVwnot4glU5j2LsIFEnKZKmZ1uMO4u5rZ+XvfZA4EjyJH+VShtCedJt4n4wdlS+AkF6RM+XWP7OkC3FBct/et/nkFji2Rjm3HdU6ALRmAyBmkTm08/X31B7OFpZsPzzUq2yZ8P81hb52yF/oJC5WYg1F0H76Tv0jpTE4MpZ7BrgVoiem3aGPySwYdDY0l1GAYKsLspH/Uo8sGseluqhgF+15SRQFS5UIzSXP151soXyHcYVB4j7g68jpFzakpSsKLEHEeGLmPK2a5pvRc1ACKm4/ZaZegg0iizYkyPljN5FbCh7
ssh-host-key rsa encrypted-hostkey u9oFngi4v7sheeATbx/2B1sFeka5+7R2rmsI4ZG504gQX2MkfHCXvPlsavRJb3wHT+XcXCsrIGEAe/QuuvHGKl9ni3RITqZBRFu3Z/71j8uv7c3iuYQ/7yhhNAlMboxrEmhP2rcaxex+EywOYV7yNhdHKOsoF/dcH3rsAu/Yk3WM8y1OkEN5/BPwl7hck21sM19BE+n9wpPcuJAGtifjycyk+aqSJUOv8Cxf2n4ht1e9jQcT/JqLecWvtoHG1bv6TqUXBqNpnunG1WZa3jyVRU/OMKu7zUUX5iAmQNAncZGnNz93Lw+e+p1xVGVZhE5rREnnCjVN0de6xiCeusjN8wJBs+Nqm7lfkiQTbMDS/3QDr5dk+LX0sXreVkHK6PSDR27T1dCtwF6Z0IBmOwzwMd/1uHco2VPLJwcBkmLIc8w1A8tbHsphocGo8ysxX/i4aG9UzqbaKHFwX9Ax4WspilK+3zE0GPyvS5eC76gvZ6Qbcf/hb+e/HEbKaavetaHDGbL5RIrqN8qF9Ow+RdNE+oi14AcOgtVnn3FHOzpf5RIBHpUPDcuANrcNQUEu+kp6vViIw37RWr4Ltz5oBRK5sVb4b4i81THAQPw3qxHtsgDuW4G1Q9Wq0ETsHr9XpPR6AZj6/JGBpbJWPlfcVAzeKxuppwquqic72a1qCtUyyIW9YMImwLJBF00ogcJYm+X+AM5nOPOm+Aw3sb9cwUCZ7Ff1u9AJ00IMrH+SgZ7hOcLu1tm4Bwc/CmPvQ+TfS1JJZWZpLUmELSAeTTFFjYB/+Udm28OTqHbrybwaxrE9AuAQ/Enae5hTdr80pjpalVoDdoTtDlvBFbGo8tOASvUZLfzqHm1PJqLeZmR+c3mM4fT36uF9mN0ud5WiV6Xp67DEXm36t33ZZfx5uXFQOaS6wnItnQ+yDlCqLsmHPk8Ou9Uh3boVJ95fSns8o+6+Z5z6U/QzW8FDjBgU1a/1l3UsvWT76dQXLhlFG1/YWpp7p2UHn5m6WqhxdfGf8J41Ey2TziR7roEsvUPAom40AIEadKtjSaeVaq02IflB2ceva/3ck/IVphP/ag5ELzBtU21nb+uDLL+cdWDHO8ZN0o6N9eE16pWdr7PqsA/CJmLRfa71yDdq6bU6JGWALjVYfjnvb2y+dicag5npVa1yLMzQFBoQOjgGel8WuMY2W4Hnk3C+zqe2GkRZVobxy6fF113OOCJlPl8EP7IQm40Hq5gNK27xWgSo4By5wBo12eMQbqfWacGct27BERneKfRk4+QNti+hrRztkqscN8NJ/Tl5jDpvFtSh3fOP+JOD2aAlYV09K3mxNeMGQjigD0an83sOm8FSAtVQ4G3lYDf7U08YMDa5CT1cV3GEGyw16l85ZFU2ZnIFHhCPHV8wvkNI9k01+hog8F8LsY60e8ISSjXzLGvgaRWQ0gN4iLNAkHAdCV6eYA2tiMX2rNldOg04qCT4JXw7O6OybWILrngPngIqbXum4kFxx814BbR8FgaivLzc2HxOCNvulb3a4A3fYmjjLswVP651BWiWkIf/w1N5nBQt8mrHAXQrRp2+6b98JSzRBFymFd9ZIPeD/D05opoUaqQFPIaOEAP3LylNbBiM4RbUwHTWnszbkFi9eoeUwqPztoVyYMX2jpzcNV+Hw+wmkdkOeTkM/W7tZ7FPqsRb33VLojrfkiXzkGEhVGsEeOIdYuiXftxLfeb4JhztqLrX55T0qxzwjI9Xm73srcg+CtOo63uggiXzH7qfBqdCBk+gEvYtTGZTc5Bt7R4SDZMA2+VyIBNqintayJZCqlKsVZCdHDt0JZgR8TqIG9llxSBwK9/MMSlQ0rfKM7EIFPbKkdGQ4g2i4xZsfrpEpCaZZ1+Z/KhWE6TJCuX4HWdPDNjDEtstw8+Z43blDX/tXGNyPG3IuKdh+VYU9zIr1eQj/RPKetKxfkFx/B9mpWChUX9/BwIu7FmeNMqaUxoVlDkNF3AXfRGzpjacia/4S+tzCZi0TCWVhfK0zIEmwaoCC0A+1WypRsUhlSV7B948MRicUisYvBuUvdF7IYf98uZSOfgkxbaQ+OLHbIJXoz+uQUpJjq7psxWLP58h8BxyB6eBqQbQjfc+Nk0M1tilH0VG080kYoAxXm6xxyDmtWOJ8aTDRyDCluMZVgFMqvNTTyaPRlia5LJzkCqy4P2mSXVSCEuu0a49lyh5AGCPibS7pTEhTZB5v+RvKJIVX6VK+H6c
ssh-host-key rsa1 encrypted-hostkey ufEEbrBkXmixIPlmxQ7i5umlhaKT0EL8QoodX9tvS6bl/NNsX5YmsWBYOzNLXh781hG5kXma/D1l9PCJcGvVfL6nTYtmmITDOrr2g978B25D1SbixPJBaew5TpyHqd0kJHFwLiTKlcGoSUl3vUEDrwj6AHyDFOn4e+hS+n0C1rRCvVw3vC466VB3lDRQJVJ5aBA49DY0uRhLmlz7FIbOkyzErnEgVOzfwYDLS6BUB3mxMVH8mJ9mi0pp3H9bjwTvtwS+/u5b5caij30rN44NQFrtzBbOEGuRrznbkqOdxgQCSH+axkdNMDQspCREAUSYnlxRrqyS+I8fpH6Nv9Vs0JD3WTt95dik+aux9fkxP5KGTCN8LtFbs0CsJjqQbP/0cfLXDVZReAQyFyNhgnTdeNECquEPknNiyQg64OXkVnGfmJPiASihEryX13PvYaf1VAEyWoKb0VZY6UuYAN9IDT5hFrDXxVOI6phoAVaZ6L10GbAcmoO7Os80OTmf2IQqOqXYXD6Plwv8fewyIv+AcVyjKj3Mjd41unG+4DbyoCDbjwWojWT2m2n2IhgnRR12DU8Cx2eEz75jmCRSWxBvYQeHMV698z8ZvllL4md0GfQv2oqZaiNil4RJw4G/7UgERykol7lxTayJi2kBlVgs4bNZo2TFtCgRBTXDAEcf7I8TA7wMWjhSHKFmqVBZlg2e4kWOXW/fXmpzVJieUj0q0pxwN3KkjD2abH/LRmCBgucySKtg8aZ13GKCGheAkiFv07ay4cFHnxWh59PXR+cxCCDdW5lq0EIYP6/pF8Cahn4RctcdXOL9Q5dy5L/mOQ0/A7oy3erjljZCNB06Cft6gLz/P3tdmf5cq1wG/yTrJBVjHmaEapW0koG651hlYZAMuiFjWjLJPF2LM9TbaTOooKA8w3GB0WfDPgvEd2kIkWmZkLDr/afgKybAYo0cju5Pt33CYC7UAfP76fU72un93SyFKJ2qWqXGaujPXDidOzDBD0NJC4gmSfBIy1+wojdQvCjpyfOwUg1mkKQqzBGeHH3DQws/789V8wbiW2Mldi/UfGCWWKgPvS290+mzJ9nCkJBY0efyzaG3P7Sc0NEaVo51V7vg358hphCQKKMu6FHHvvie6S3D8tGB01Q6XGrSZjlMnS0lqAtuk0BB/d0h0icqvmPqCaNpTQzbYoP7DDUwhr6/PNVZUbwfia4IeuUd09jFS6YQW75KuxTqzwfjd2KM0QeRPArLMvYILmulKB9WdbX41ws8wXDpXfeE1PAxux6QftYGJzcsrzHMxZROCg==
ip proxy-address 192.168.103.91 255.255.255.0 vlan 103 mac 1 processor 1.2
;=========================== management-access ===========================
management access console
authentication primary local
exit
 
management access telnet
authentication primary active-directory
authentication secondary radius
authentication tertiary local
permit all
exit
 
management access ssh
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access https
authentication primary active-directory
authentication secondary local
permit all
exit
 
management access snmp
permit all
exit
 
management access http-api
authentication primary local
permit all
exit
 
management access https-api
authentication primary local
permit all
exit
 
;============================ config-if-mgmt =============================
interface mgmt
ip address 10.1.38.19 255.255.255.0
no shutdown
exit
 
;=========================== interface gigabit ===========================
interface gigabit 1/1
no shutdown
exit
 
interface gigabit 1/2
exit
 
;============================ event-severity =============================
email-severity auto-reboot level critical
email-severity cpu-failure level critical
email-severity server-offline level critical
;=============================== ip route ================================
ip route 0.0.0.0 0.0.0.0 192.168.103.1
ip route 0.0.0.0 0.0.0.0 10.54.245.218 255
;========================== ip route management ==========================
ip route 0.0.0.0 0.0.0.0 10.1.38.1 mgmt
;=============================== cfg-smtp ================================
smtp
from admin@provmed.com
mail-server email1.wwmed.com
maximum age 30
retry interval 10
to juser@wwmed.com
exit
 
;============================== email-event ==============================
email-event chassis-monitor
description monitoring-chassis
mail-to alerts@lime.wwmed.com
group chassis event disk-failure
group chassis event temperature-failure
group chassis event disk-control-failure
group chassis event disk-control-status
group chassis event fan-failure
group chassis event fan-status
group chassis event kernel-nmi-error
group chassis event module-failure
group chassis event module-status
group chassis event nvram-battery-degraded
group chassis event nvram-battery-failure
group chassis event nvram-ecc-error
group chassis event system-bus-error
enable
exit
 
email-event noc3
mail-to juser@wwmed.com
group chassis
group metadata threshold-counter 5
group metadata event online threshold-counter 2
group storage event share-online threshold-counter 3
group storage event share-remove-complete
group redundancy event ha-pair-qd-offline
group policy event shadowmetadatasharefreespaceerrorraise threshold-counter 5
enable
exit
 
email-event tech-support
description Built-In
mail-to e-support@wwmed.com
group chassis
no enable
exit
 
;=========================== ntp server config ===========================
ntp server 192.168.25.201 version 4
ntp server 192.168.103.58 version 4
;========================== logging destination ==========================
logging destination 172.16.202.8
;========================= at/scheduler commands =========================
at date 03/02/2012 02:40:00 every 5 minutes do "show sessions" report adminSessions
at date 03/03/2012 00:00:00 every 1 days do "copy startup-config ftp://root:rootpw@172.16.100.183//tmp/acocfg.conf"
at date 03/02/2012 05:00:00 every 1 days do "active-directory update forest WELLS.ME.ORG proxy-user ny_admin"
at date 03/02/2012 03:45:00 every 1 days do "active-directory update forest MEDARCH.ORG proxy-user acoProxy2"
at date 03/02/2012 03:30:00 every 89 days do "cifs rekey all"
at date 03/02/2012 02:38:00 do "show cifs-service user-sessions all" report cifsUsersGgh
;============================ SSL Certificate ============================
ssl
cipher ssl-dhe-dss-export-with-des40-cbc-sha
cipher ssl-dhe-dss-with-3des-ede-cbc-sha
cipher ssl-dhe-dss-with-des-cbc-sha
cipher ssl-dhe-rsa-export-with-des40-cbc-sha
cipher ssl-dhe-rsa-with-3des-ede-cbc-sha
cipher ssl-dhe-rsa-with-des-cbc-sha
cipher ssl-rsa-export-with-des40-cbc-sha
cipher ssl-rsa-export-with-rc4-40-md5
cipher ssl-rsa-with-3des-ede-cbc-sha
cipher ssl-rsa-with-des-cbc-sha
cipher ssl-rsa-with-rc4-128-md5
cipher ssl-rsa-with-rc4-128-sha
cipher tls-dhe-dss-with-aes-128-cbc-sha
cipher tls-dhe-rsa-with-aes-128-cbc-sha
cipher tls-empty-renegotiation-info-scsv
cipher tls-rsa-with-aes-128-cbc-sha
ssl-key-store /u3+7QAAAAIAAAABAAAAAQAGdG9tY2F0AAABNVY7HT4AAAUBMIIE/TAOBgorBgEE
ssl-key-store ASoCEQEBBQAEggTpTA3cglh/TGaZ/wusnQXPilHBxc9l3CRS2VqorWi22epdyV93
ssl-key-store EV8Ro+fn/e/083y7y/CIhwF5I4dH0LjGn+muQslPftrtA2erOFGcrjQkbF94nF4R
ssl-key-store j87KBQiAcbGfzLOMfpywLxxfyWi2DZMofCgJneI9VHqpaaAciap1P0MD+3LskBAq
ssl-key-store OgkLgfA/Hul7m5GrYOLF8Kr1sosfmCMbEvzpwf/a3uBueKqhxfQmQcYVAQuS13Cm
ssl-key-store Pgu1ecdHITdyYABI+/FLU6BvOuPSpYjlEgZqKCT9GEA1jeYGgov0tS4sXXYtjaxJ
ssl-key-store UoJRkAQ/BuAdJCWFFV5W2UNr7SpK1ed8X3enZSfBQwZiHVLAk+Kbr/8qaqbNhfU5
ssl-key-store LfBDRFFaTXbnjHMi/077FH1FB0xTkbISBIIL/9wsVEU/H7e1lPCQM44Dl3eQCvSY
ssl-key-store p1XjJkdQwD2IiLq/HVCev/31GVj48i+CgUmD/9f9oa9JbwVMsCdn+xRzcdA1w/i1
ssl-key-store S7L0kM78pbqgh7o6rqJyrM2fSC1H2FT/gQdS75xHBstP4ooAnWYJWXVvMcNoBK7M
ssl-key-store 4lfWh0V77jByjogGVd/pbxO1/2GJw7naTobOYXY2C8OyBm57hEyx+Ngux1FCe/l7
ssl-key-store d1FHHgfLc+0sp2m9naMxHQ+9VgmVjV5HD9D7TANJ9qmImG80BEuyWQ6SNApGBB76
ssl-key-store RC12B9m6KS6jWyOARQoQ6KLtABhwg8jZ/kP/0cjpngcc/i0Kyaw5G3waZnrGUG6r
ssl-key-store tXLtwbjJpitKiqbsTLipK5K8d49jtv9WDgjuuyP3HOLiBX+99pPBgOlvVZCgca32
ssl-key-store WfOH//GId73u85Xsy2Ic9ZKhoCqen8puk3L0Mm51MsyewN+wcsPI3Dokmvc/WKs3
ssl-key-store XqjAjwtnZrdoqIuaTsWkHcgmV4q49V2U9km2foJYkETim5uOCq32/UnBCY8V4IE9
ssl-key-store 5i4bNbzaY3Q/e33ezIg9rUHWOWRAKkgsZ66w7DZtfdLRp/NNy+uRjcJ538Knh1oR
ssl-key-store LxbMsK/eYY2GU9YIlshr+3TB6PNMpxLE5tfuBSWMRBu+TK+eQqyRmoslI81CXbCw
ssl-key-store ubY5GcN1Jci+SM1/t0mODGJMbQGqe+jpVNiOLXaUEe+v0M1QIMCp/8rdLukk6Epk
ssl-key-store 8CWwWvkQEbAoy2pAcpPH0XZd+7rG9C0ht/2rcPNFv9UVv1b5zz5MqPneIDJI7oPa
ssl-key-store 73/FDGiBActv+YWqbby+pKDxVBOc+iLu/VEUmqqLqd/8qptLeyHVpb2B8dHlaCTx
ssl-key-store PBPqd7uBY+/17Y9/vq5tH9Zc9lhlnF/wGB7EQi5/Lq3Gs9RzEI75hKJjhi+50bAA
ssl-key-store P6bsohjpLxM2Jw+am2fQO2pnagvSZ7+DFtjxYVm2pJOrDj+jFZNX14SHHsUd5DL7
ssl-key-store ojLnAVKzzBlix+FUKHQds37uBL2kgHdNiJvwqHEOIlmCEGUWX7IXV8MYvrQi7EaK
ssl-key-store t6sOTDRY9CgDkRZfUE/9KOp+dBWOJTLM5rO3qWb6ekUvcg0feN53Z/+3bweKp8js
ssl-key-store uobOThuB+TJk2060FJhO98d0mEECoXlLkocSM25lMR8+SvUb8qA5ac6tUQ1LbPQE
ssl-key-store 5EqPB5jDTYjsCmducWfHR3RdV9ZYvSeAfSv5x1dEcEmbpA55jg0XYA1iegIlDxAa
ssl-key-store QxNGarg1XsmWNfmHvR3Okz9vi5xoAAAAAQAFWC41MDkAAAOMMIIDiDCCAnCgAwIB
ssl-key-store AgIETzCy+DANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMxFjAUBgNVBAgT
ssl-key-store DU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkxvd2VsbDEUMBIGA1UEChMLRjUgTmV0
ssl-key-store d29ya3MxFzAVBgNVBAsTDkRhdGEgU29sdXRpb25zMR4wHAYDVQQDExVsb2NhbGhv
ssl-key-store c3QubG9jYWxkb21haW4wHhcNMTIwMjA3MDUxMzI4WhcNMTMwMjA2MDUxMzI4WjCB
ssl-key-store hTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcT
ssl-key-store Bkxvd2VsbDEUMBIGA1UEChMLRjUgTmV0d29ya3MxFzAVBgNVBAsTDkRhdGEgU29s
ssl-key-store dXRpb25zMR4wHAYDVQQDExVsb2NhbGhvc3QubG9jYWxkb21haW4wggEiMA0GCSqG
ssl-key-store SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTu68hWUXPnfWjSso0+vlijqEHFaTS+M0z
ssl-key-store mS/P4LJGUTi2hjqMKqCJyVw0KKCeDFra77Gzhh+g7p4ppHPHcnF6KITy4R6ioiQu
ssl-key-store 39OIMU9BTP9wtttlJueBT5T/dZmublC3GIKvjgjwe6viZVGK+RR5R5i77D1tavXv
ssl-key-store vf2W6zqOhNTXyW93XzzHtpYiJR8S+urDcaKwUkkszKWH41zWzsumfl+9iG/9YU8/
ssl-key-store mWX6MXNbnCC5gbWBpIh0nRL8okAUdMk6GST5+hiMNLoZCyIc5OamPYE637L+8QAv
ssl-key-store dhkyqBRO+LNJMDRFpycrP2s/NS4wuRTkuREzKK7/hKxKg6iqM4NTAgMBAAEwDQYJ
ssl-key-store KoZIhvcNAQEFBQADggEBAIsl9z6JbiKUl9ELgX+Sebn9BsDtVa3DVNso9USQ2/SY
ssl-key-store XMjZEKwNP0bf0QTNA2ouL0LJPrLk+msKOHiKGfprx3AFMzJgjidNzK0Q4ijVKAC7
ssl-key-store m0CHV+/BdaMEBkvZJetGIk3KCvfTX8/arx5bS6mMKF5of+BkNHgJUkWD9go/tBks
ssl-key-store u3cl9zp68UY4JKzr1uhCgHFbDtGH5pm9nQiEZlhSmVHeXVpEqOzMg916eAnGqwKm
ssl-key-store RhRUDSdw+aVf53cM3FW+38gwaIJ+MJRiq9gQCLrxYv6c8vCs46t7EkohBy3emiod
ssl-key-store 9JrAuShS16qqDgajB6qG7FnUXXGvdoF2zSsG+jKYftkwK68S7rNi4klxmIL/PWOO
ssl-key-store ++f/YA==
exit
 
exit
Figure 33.8 Sample Output: show running-config (ARX-VE)
stkbrgA# show running-config
; ARX-VE
; Version 6.02.000.14335 (Feb 29 2012 20:11:44) [nbuilds]
; Database version: 602000.31
; Generated running-config Fri Mar 2 03:32:24 2012
; System UUID 8fa98111-55ec-d1c8-9380-8dtu78fab47d
; ip private subnet 169.254.219.0 255.255.255.0
;
terminal character-set unicode-utf-8
;============================ config-if-vlan =============================
config
interface vlan 1
ip address 192.168.66.62 255.255.255.0
no shutdown
ron tunnel toBoston
heartbeat failure 3
heartbeat interval 10
peer address 192.168.25.5
no shutdown
exit
 
exit
 
exit
 
;================================ system =================================
config
clock timezone America New_York
hostname stkbrgA
ip domain-list wwmed.com
ip domain-list MEDARCH.ORG
ip domain-list bigorg.org
ip ftp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
ip name-server 192.168.90.18
ip ron-user admin encrypted-password euTb0S+dkoPRvYvA021HzPOqUtD0FKF9H0nfBBv/vYo=
ip scp-user juser encrypted-password eX1Jci+dkoPRvYvA021HzPOqUtD0FKF9evZPY/lmFTCCjNunSe2tsA==
login-banner post-auth "Running-config last saved 1/7 by J. User"
management source vlan 1
snmp-server community public read-only
snmp-server community private read-write
snmp-server contact "jpublic, jpublic@mycompawells.me.org"
snmp-server host 172.16.100.183 public
snmp-server host 10.1.1.68 public
snmp-server host 172.16.100.101 public
snmp-server location "2nd floor lab, row 3, bay 4, shelf 5"
snmp-server name arx1
snmp-server trusthost 10.1.1.68
snmp-server trusthost 172.16.100.183
ssh-host-key dsa encrypted-hostkey u9oFngi4v7vM94WNlfxoUKFY23fhmZ9JQuS6aEgd6cb89iO5/+2ZIxP0zRUO8NkSKqf8XWyK70IHlveGwe47iiRqhF+fGGcR+TQve0jkkUVUHySq+Q3YP05KLie3vVgmMGJqjr/TSzfAYvafTwktJx7+KyMSkbOB+yqbhysnF2C2ya+TFaB0sXBvIF2dqta40HgdQMROw9puqOjNzjpoNMGhQYq421aRwAhqfUgYFAo1zf2U9R42szdJsJkcgRpekCiWj/Ijw5jpTzG+8hG73nq3bke5vOmZjIOisndjFVjUKb82KDjLhYQopaWX4V5eRdc2OX2zxBdi88+WVn/KG0h8nYS/Cj2gHSaGqK2XrQBX1qfNi7tswV170+RSBX/sKeoiATOCRiECM3qqsBEKv2oFGWgSNrxzFbDDGGAXzerGvhMriSDvXPMVSfFdrXxeQ7JJtE/n5tme2vZpNMxDVXR+6h0aKGXP9Tq9eqOLgsjxYjgF79kGOlRjibrD0BNvvKmq3GROh9wQGcgcItIjIUHv5D4/km8u/fBuQ26/Oe558geMNqQ0cimBn/b46Ag2MdlblAP4DTXOnfsR5cpkAja5dcFgnbg/OiVVKOzOjdr34iozVlTx3FJqC6q2YdRdccCTkPaR0YV1/LxVeTgXMsU9iFFMletOkv1rf0ipFPh3fUFzyoDJKqzHuPDhxb9Hi+LEKWVNXXfu0D3s5JV5yPmneL2R0xZF93f1QPW5g9q1DjJj8ZO8/AurZG0tm/UBPK7UaB7wDcFxJBYW1cjakKyjc84FAbW8CDAD32lAzuwB7rHs7xCadvlLWK9LGdJordSijgFJmgG6lgqcVq37mlwtxz2IXL4fU2XzWTPewpjGfG3ooLGaX3KQRYs0LEcA
ssh-host-key rsa encrypted-hostkey u9oFngi4v7sheeATbx/2B1sFeka5+7R2rmsI4ZG504gQX2MkfHCXvPlsavRJb3wHS96ebpUocUunaFv0xXu3qoOHX61p5BHrIZ2F7DUI8bX1UkuN88Qj1ON2fyKS87QYHXunnoCuKQqKOxyYHwzB1P03n+V/j9vfx0sLefJu83Gta+KpQTfRVec+72YwNHj9CdaicnF/1YkiLD+4JmGFLrmkOH78JrHMehWHgwaGaG67wRa/eJV0VabGt+KBrmxM5O7Rfy4IKVfYy7vJSnrhNvzN8L3mnTEcR250Fuui5/x0ZSEXOAuKbTVDUmmkuUzlOP4NlR+l02D+T9mACG0JrLRbiGniz8+MJ0cY4YLz9ICM+xKUw5yusYbViTzG1JlBLeeVTzfYfqNyJIZ0c1XgGkTIZhyYaVALj6NoFfAbJhAyPeZE9Zb9oBszFGs0NgWt2up7+gafPlPDkCFRWkKrpiEDfM4cuM7klMiWGgfeI0hIzDBnrKIIYRyTexgk8EdLISXjSkTUd5E741+iLG95usrlCm9vhrBMaSRmxadjeVsggVlGvobvPHrCz4Tepw4EwttbCZodYXJR1eS4hZ4ANWSyJ86MHDiSgyBbCwb1i4nlBJXUiRkHddKsrnFJz0rcEQ45uzQf5GhiQf5m73PkD8omGDw7Ud7GmOIxLzqhanYkx5ItC0Egx/th1qbFk6ZB/sj/OGFccNVGXpQvrPnoW2Z4tezOpdOz/ikPIAc6voJUGN9mlbWmc9wOPVEL1MBSR1T2gEgDTVkN0k2p+jUymj5qUhSQCchjmD/eA5pGEInjtzu8tykaTwO4/mcv3awahH5gVuOBGQzh9OANXVUkapVqH4Bp/x4SNIh+N0znwvipk/KN8M8/uQF3E07MyLjACIBwuBrXi5JYmVq84bVFd+0rDg8BkVOOmgfhFhrSkt5QIFF92qJQbhkpzNPQiXERJO6CenMJ5c4r+CFOWvtvISk4kj7q63DQ6sPMGFepUo2ocvzdTYQWYG1kRxntXdL4pHO13ZpRnzmZYd5ajaReXmMVBe9e1X/Qe/i3k2K/vtK6os6xiFJfCrXYi6Jn/0FXZwOw7nj59kuqci+O7Tvwgh4828VjD/JjGJXcvo0Z/eYkaDo6//eLlP7QD/gAuQtbH6j85Vnuvs0kysVHt46MT4zzQ92mQ6sopdUVW3EG2fi+IykdffeRZdrBhUVEOofNW+cScQ1bZQFK0j9wfvEsXPu8plRCjctjqW9xla91mtacmpA7/jIvN+5gtZpNSyPSIgij1HpHMLShatNY56ekHEQ/1ou04yAsn7ddAfQkezw4RmU5YZCM3vAqgTelhLqCBvsg0o8rWf06goQ5rzN64mAlakri4MTZgRTwncH1oFfATphhdghmxA0rsM/hpyjUsLTu2ykQe9RDBamvpTtlpQM1uI9rT5k1454v4geLwiP+zGUFCAM9C87d0RSen9gWTd4lBi4erjHpLG8MuXdlWZ/EEhERnZ2NM9Iwio79KiMvqukEiqaNIDw1V0dAcSs81fuMmVPtiunpl3AqOjVwJuEcVgNJ3sPAHHcMuUoLpk/pXp7lUi04Qs8n+fwqzXpiWSAg+6QOu1KlyEV36UX7RLrNH9T02QAAzGDf+xE0k10Ru5hsRAZLXaIZIVYMA/Yz9H3ytL89sdU1dToTbcVCHUOjWXBmXRwgNfUNFqFONPQ6YFo6eE85KpucvmHxywSW4sqiV9+fSo9TXsXK3G+RMkREsRXiLHg+H4BfdyclFUs41Yl7gs8i01ImjbzVpZsFVBxKnXDE3lUKY3vSfQYGIPqrqz0hdEGUTxi+BBqEENhbErUsIYLPJn7alRIbhlMSGyGTaC+7WhTRTo/ZVepTSEUlXnbXJf69G7lqTrqPtieC62/wVqPjyugN/ITAVUQDl05syVjg486pd3Gmx3goIwUXQ+G76Zrwy0J7l12GaFfP5mVawdoCk9/A8QOjRMs9HV2AVm0j0RR7Eoh/1bWbPNXindPNNp1lK7mtQ5SdCEjB/LWVkFT76W8oJsWN8zs7tK+BUrdD7RUoB8MIefVQRLb6pwuM4dxGKUoD6MMynx2/bnzmBdHIADMU4G7voRtZaKp/nhCQM7jIrX28MolDob9agcuKaT80SFSWav71tIOinFwwfCnwe5Bu6AIlbMRtfyCLJt/el1Avz2ZlQJpqWYwYEEHeK4l8Dnqucz0fXv0vJ02XqbFDbnzt80BQ3KeL
ssh-host-key rsa1 encrypted-hostkey ufEEbrBkXmixIPlmxQ7i5umlhaKT0EL8QoodX9tvS6bl/NNsX5YmsTE9+4p59VqbRdem/XPNI4KsryHTtqPWCcJSlms1OGEymzOCO775umWuRqE4NNjwil3QXRW61UZfNS3MI4Zeq6k+y0ds73v0nMsJJhDth7TeAxHjtmoQJkGOyrmppn/I8Qw/+S54oP44E99DpAHSdx0M8V5a7AecWHJ04moYEOTuVxbafb30NjjVHcfqyZ/n4jGfKQC+gX7436oVkubPXOirPzATBhckgjPeuo8nb2FTnHvLk+60JQuBvJaKEQS6864jCG9sVDXy76YHWQ1g4W++0SkGLrkEC71oK39nykqkZNNOUz/CnezDsBEzQtJCgiVFRpy8NJyfyLFTPJN1NFvV9ws6Qz2n+Jp6Qi1e/afv0e9jnU1SRs/bDmeNVB3zxMKKjVFOXn7COxXTLnkbezHsQUrwFTsVfJQIiSzCq9KRypUT1eY4DjSvsT9snubt3CjH2roKUBkysW+MTvUJP5mcwjW75RcipJGRNRYkelTAu8QGDgNKMp17XcUVIIbbhzDuK2qITqQOHHTIKoj5DydtZ0J8deidqivwdeB03v1DXvBelQ/6oPVwe7Netz1PK7g31MMgTXw8OY5iKRQ/MPIy1C8HqN/3qEiZP8G2EMECngzaTO+jyCR/4S5q2WtSE1Ck0MtdB0pssqDICoTrx803kESCyKmocWUae2t0AueUKWcZ6WLFfSv5XDMq6meDWyJ+9RpSQtRc8PLHUzhXEwz8xSAZpXkHUtLmPEIa/mlxPD/FspFOHezS1zAYoPgUXXglTxUWskJixbW8Asp61IbFlGhNgwoDRJtvDgkmRBGkycYc2wlo8+ZcLTh1Ndo+f+GLs66roEErw7kY9C9eDtY87rQvQjXqZtTOy5rtG9XgJgrnH13Wgb79yTC3qntHZsW0elPyoQO3UZXJJRIIcNpX3IOYAxAa/eYy6hfRZruxSm6IBVEMxaukDyaS68Id2CuTCe17oZREWRIcxdZwH3UDaXUIl6GDwssHQxiHkocF/F5siHpfFX3Aa6MqR9XDtgabjT8gbwsMGXVhBYBi8y4V99HXT18UjMBI1mrGqxkO7VCAzi04hgH1Lps4LXVIDq/8/xFKpu9jxf/VAMqg5R37Vgxx34za40YUfdPNfnlvgYBoYcm0dIpZz7qjQrUFdljDckgOdTsNRULqELCMj1A3aivxpylihAKEK7Zk1S6TxBsU7y076angHmB5TVS9zzLrm4edaCcIBfs75OgIfzpKrfXvccSaFA==
ip proxy-address 192.168.66.64 255.255.255.0 vlan 1 processor 1.2
;=========================== management-access ===========================
management access console
authentication primary local
exit
 
management access telnet
authentication primary active-directory
authentication secondary radius
authentication tertiary local
permit vlan
exit
 
management access ssh
authentication primary active-directory
authentication secondary local
permit vlan
exit
 
management access https
authentication primary active-directory
authentication secondary local
permit vlan
exit
 
management access snmp
permit vlan
exit
 
management access http-api
authentication primary local
permit vlan
exit
 
management access https-api
authentication primary local
permit vlan
exit
 
;=========================== interface gigabit ===========================
interface gigabit 1/1
no shutdown
exit
 
;============================ event-severity =============================
email-severity auto-reboot level critical
email-severity server-offline level critical
;=============================== ip route ================================
ip route 0.0.0.0 0.0.0.0 10.1.38.1
ip route 192.168.78.0 255.255.255.0 10.1.38.1
ip route 0.0.0.0 0.0.0.0 10.45.110.218 255
;=============================== cfg-smtp ================================
smtp
from CAGIVA@wwmed.com
mail-server email1.wwmed.com
maximum age 30
retry interval 10
to juser@wwmed.com
exit
 
;============================== email-event ==============================
email-event chassis-monitor
description monitoring-chassis
mail-to alerts@lime.wwmed.com
enable
exit
 
email-event noc3
mail-to juser@wwmed.com
group chassis
group metadata threshold-counter 5
group metadata event online threshold-counter 2
group storage event share-online threshold-counter 3
group storage event share-remove-complete
group policy event shadowmetadatasharefreespaceerrorraise threshold-counter 5
enable
exit
 
email-event tech-support
description Built-In
mail-to e-support@wwmed.com
group chassis
no enable
exit
 
;=========================== ntp server config ===========================
ntp server 192.168.25.201 version 4
ntp server 192.168.66.9 version 4
;========================== logging destination ==========================
logging destination 172.16.202.8
;========================= at/scheduler commands =========================
at date 03/02/2012 03:41:00 every 5 minutes do "show sessions" report adminSessions
at date 03/03/2012 00:00:00 every 1 days do "copy startup-config ftp://root:rootpw@172.16.100.183//tmp/acocfg.conf"
at date 03/02/2012 05:00:00 every 1 days do "active-directory update forest WELLS.ME.ORG proxy-user ny_admin"
at date 03/02/2012 03:45:00 every 1 days do "active-directory update forest MEDARCH.ORG proxy-user acoProxy2"
at date 03/02/2012 03:30:00 every 89 days do "cifs rekey all"
at date 03/02/2012 03:39:00 do "show cifs-service user-sessions all" report cifsUsersGgh
;============================ SSL Certificate ============================
ssl
cipher ssl-dhe-dss-export-with-des40-cbc-sha
cipher ssl-dhe-dss-with-3des-ede-cbc-sha
cipher ssl-dhe-dss-with-des-cbc-sha
cipher ssl-dhe-rsa-export-with-des40-cbc-sha
cipher ssl-dhe-rsa-with-3des-ede-cbc-sha
cipher ssl-dhe-rsa-with-des-cbc-sha
cipher ssl-rsa-export-with-des40-cbc-sha
cipher ssl-rsa-export-with-rc4-40-md5
cipher ssl-rsa-with-3des-ede-cbc-sha
cipher ssl-rsa-with-des-cbc-sha
cipher ssl-rsa-with-rc4-128-md5
cipher ssl-rsa-with-rc4-128-sha
cipher tls-dhe-dss-with-aes-128-cbc-sha
cipher tls-dhe-rsa-with-aes-128-cbc-sha
cipher tls-empty-renegotiation-info-scsv
cipher tls-rsa-with-aes-128-cbc-sha
ssl-key-store /u3+7QAAAAIAAAABAAAAAQAGdG9tY2F0AAABNXhrlnQAAAUBMIIE/TAOBgorBgEE
ssl-key-store ASoCEQEBBQAEggTpxvuf/B+6yAe7YflkQHonJ566sH8s7ua0IluJWuravUrzNkGO
ssl-key-store qcTXQwRh+nLCgwhPpKh0zSUC3RKkOIToTGwF9CzMof0EiSGbBzTaWXJ/yOvbOq5j
ssl-key-store LcbIdiQxrXKFskmE771o8L5QT58TDeFxEjyxoj7/NAUlxwTEF+wmbSaJW389RVx1
ssl-key-store cGElFyBkh5OB2PQ8pNPwijJamXx9rYOpbBjpb50Xg5kE0x1cJ0/2tX+q+EuIhG6v
ssl-key-store VHjxEnrrYv1zR8pzGsvYPYF1VBZs94W5Tgnte6Ln7cx3OyZF9DMQnwBVRNwfo/pH
ssl-key-store 3ej6Hfm9PE/+hglgn2ao/0VcSKuiHkDnErMqdbtuMGITOgmOxARFZuQSSoZ//UuZ
ssl-key-store OnidnjPv5YgWzSe0uOqGMCye5XaycWNJ9Cc7KBJqYKtMPRM6jwEUr8QLPQLVu4Kn
ssl-key-store SFs0PNHlRD5UVrG621VI3xvnjJqFNyseOtbQ2iZpARBXPsmHfs4t6oh2G6aI1Rxw
ssl-key-store xVGs7F4R1GhticBDkzEqxJ5QjYqt6VkuIyow672woem80JqZ/WBtABZPZR/Zo8tG
ssl-key-store eOMgNSrx2oF/207poU7E1bw+C8TNFvdYxxmZmSu81leATvNVDB23prP0CR8G+G0w
ssl-key-store P7TegyoCy7uQTpPxGBQjnyYJjtuGcfiGWKw2FxsyEUkF5ZYAre+6a9LmGrRNrGyV
ssl-key-store pD51/w02XBAKpBMKCGT+qLzuXNtdM8gsqpLaCJSCR1P6SQ43rSPoMxYcCf68doxx
ssl-key-store Pz/WNE96kdLhij21Nw/X4U7Fdm+4XWpXZRTUoIUXYl+U/H+hh8/gGJi/xMZcnJ3n
ssl-key-store /gvRp6luOLunyIjFbzeZLVBuydNbCTn8HpP5Lj9TCblV/P5kf7yRcOZUFn+MlzrC
ssl-key-store AQjXrXljWddt79qPfXlopZIIrImjVg7qqGrikD7c5ZLkx4F2N/F/SlDzgbCqxaOQ
ssl-key-store F0evnQosEGYMfgregAhnPmLhCyIdxd+2OCJXZMyg1+GztkrBbCdo7+2fzlwltu6+
ssl-key-store lVq3h2lHmMZv0qPcRmzdwBa7mdw5+1dVgN02T+4vgww08gxLvxR+bmSQLfW/OSmr
ssl-key-store o3dTND1nAqvWmfAKnJNyINME4mUhq0/VVD0RhCKOVUd8T6LbTyWgyabysrawx4E1
ssl-key-store 8qDHLhx49C+CvGb+7k24g83bwmmvIxvX3l7vMxNvQ4onL3RmWFwO+NDb/MdT4WtD
ssl-key-store 8xSK08Tem1ClccjDbQugPXnJr1YSDPfAzjAgbj1hmVfIsWw4yQXGzIB70H40hV4n
ssl-key-store CN7Aaga9Tuy4k4yGJ0Une9/7BZamcTx1dlB8YQ7nTGYR2BSX7+Syhg50c9q4Dkyn
ssl-key-store dCscpIgmu6pYKHreF58+ezoUmWFt+tihsIXpjrJEAE7pBD+npKKQRozsGjpWh5VN
ssl-key-store pE6boAvpc0v3Gb7uj4TyyikK8n8gqYCn0He3ybVWMXW718mO+QP6qVAIU0n1Auig
ssl-key-store D0RGJqWM0UiEF6Utez1Fmeqd39OT9vSWyuSmGmIdi6MEySqpGCR73Xq6+yYogF+v
ssl-key-store SVZszPe6Jw411Ot/aTRUhJIeZ0EEa6PZ+rTd0JOnDgxoTqCNqi1OLhdogTOhuHPM
ssl-key-store SCKrp3pOQ8ITsjwF3lWXtD5LVEfhagTQSxsTxoCd+gCTAwdw6RzW2rpkn8S4XcJj
ssl-key-store FWZcSSARsrQrXNjPgMAx3krHrb1XAAAAAQAFWC41MDkAAAPWMIID0jCCArqgAwIB
ssl-key-store AgIETzlzmzANBgkqhkiG9w0BAQUFADCBqjELMAkGA1UEBhMCVVMxFjAUBgNVBAgT
ssl-key-store DU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkxvd2VsbDEUMBIGA1UEChMLRjUgTmV0
ssl-key-store d29ya3MxFzAVBgNVBAsTDkRhdGEgU29sdXRpb25zMSYwJAYDVQQDEx1jYWdpdmEu
ssl-key-store ZW5nc21va2UuYWNvcGlhbmV0LmNvbTEbMBkGCSqGSIb3DQEJARYMYWRtaW5AZjUu
ssl-key-store Y29tMB4XDTEyMDIxMzIwMzMzMVoXDTEzMDIxMjIwMzMzMVowgaoxCzAJBgNVBAYT
ssl-key-store AlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZMb3dlbGwxFDAS
ssl-key-store BgNVBAoTC0Y1IE5ldHdvcmtzMRcwFQYDVQQLEw5EYXRhIFNvbHV0aW9uczEmMCQG
ssl-key-store A1UEAxMdY2FnaXZhLmVuZ3Ntb2tlLmFjb3BpYW5ldC5jb20xGzAZBgkqhkiG9w0B
ssl-key-store CQEWDGFkbWluQGY1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ssl-key-store AKIlIJc55xXDda1s5UZcdJSwRU8ZbrN1uqvJFTeAvdopTvaJGK05gvFhTIJRevVe
ssl-key-store Ui+KfuhrINQ3zLeflM9UUvjXwgLQdUJY553WLW2nJbsWTFbdKGG07BLs4KxBFJRa
ssl-key-store gYxdMPkMk3TIKaOsgzcUsO2WG+6Fta/+s2PNPpbMYZs7As4kF7X1NIpA33COYzLc
ssl-key-store ZmKo4xR9c+3c0aNPBgpfAa9UR2RKKb8m6yGsMvemrLpUCLTKAltfk/X3msoP8KrY
ssl-key-store y8r04gOdgZDSEXRNhQUlm9Wer4m/iL4KSMUCNCGHerdu25sA+NT1doc9axH695G+
ssl-key-store jJJOBeY6w3L50V+7wRMdvMUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAV1/q5eaN
ssl-key-store xOSG0F0/V28MG/F5Zvech1sXtf6usiKtGniNwAA34Pj+JgH4Fk6NQWzXFZ4MALFs
ssl-key-store 8ciuN/jBMbo/zRTIH99zjzVyRLQ5koznF8ODiEbdD+MZAEyQDkVlBzxZ16Y0vmCo
ssl-key-store g2+xR/ucCt+9gSEUMHS/QOcRjczFbKRuKjMb3R9KJ5IyUxmzKLud9Ys7CxP3mAV/
ssl-key-store XhGyBy3IjvVqfrEW95AHVdUJ3/GKa/22KsXapzAngV3uzP6D1V0daVa01OTMsPB2
ssl-key-store l6P9UWTbg2fcu3BsLdE9eJfOXmQ6jNpaqwgHbQcPKG47NGpdp22Hm41/eFvB39pG
ssl-key-store /qgNkGKyijbgkfwJTa3GqhGMcvZvXGjjpb6xVcSe
exit
 
exit
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information