May 23, 2016

debug menu

ASA command reference page does not include a detailed explanation for the debug menu command, therefore I collected the details from a device CLI. It's not recommended to use this command without TAC supervision, but some of them are really useful (check debug menu ssh). Some options might not be available on the OS version that you are running.

WARNING: These utilities are intended for troubleshooting purposes only.
Use of these utilities can severely impact performance and the proper operation of the device.


debug menu aaa

AAA commands are:
------------------------
1) Store AAA parameters
2) Authentication <username> <password>
3) Display Attribute Dictionary
4) Test Accounting Start <server group>
5) Test Accounting Stop (async) <server group>
6) AAA FSM debugging next <n> sessions (current: 0)
7) Console login <user> <paswd>
40) Print structure sizes
41) Show SDI server table
42) Clear SDI node secret <ip addr>
43) Show all Uauths
44) Show pending uxlates
45) Show http_client sessions
50) Set flag <n>
51) Clr flag <n>
52) Show flags
53) Enable/disable socket debug flag
60) Dump AAA Session Info
61) Dump in-use AAA Session Handles
62) Dump free AAA Session Handles
63) Dump AAA Session Handle Info

debug menu ak47

AK47 commands are:
-----------------------
1) Create an AK47 instance
2) Destroy an AK47 instance
3) Generate an crashinfo with an OCCAM frame overrun
4) Generate a crashinfo with fiber stack overflow
5) Generate a crashinfo with a local variable overflow
6) Generate a crashinfo after an exception has been thrown

debug menu bgpshim

usage: debug menu bgpshim [-lh]
-?                    - help info
-h                    - Help on keyword usage
-l <interface>        - List listen contexts on an interface

debug menu callstack

Callstack commands are:
------------------------
1) Display status of call stack debugging
2) Initialized call stack debugging
3) Enable/Disable call stack debugging
4) Display call stack output by index [optionally specifies minimum threshold]

debug menu config-history

debug menu config-history <command> <context-id>
Config-history commands are:
-----------------------------
1) Dump ccmHistoryTable.
2) Dump ccmCLIHistoryTable.
3) Dump Statistics.
4) Clear Context table.

debug menu coredump

Coredump commands are:
-----------------------
1) Output coredump config variables
2) Cause a coredump - illegal access
3) Mount a coredump filesystem (based on CLI)
4) Unmount a coredump filesystem (based on CLI)
5) Mount query - what is currently mounted & some other stuff
6) Output the CDH/coredump config
7) Output Flash Model & linux memory information
8) Coredump Filesystem IS NOT TOUCHED executing 'clear config all'
9) Coredump Filesystem IS REMOVED executing 'clear config all'
10) Output effect 'clear config all' will have on
    the Coredump Filesystem
11) View Coredump Compression option
12) Toggle Coredump Compression option

debug menu crashinfo

Crashinfo commands are:
------------------------
200) set crashinfo parameters
201) set magic for multi-level dereference struct dump
202) set magic for far offset struct dump
203) always call check routine tied to magic
210) Display all registered magic value and their setting

debug menu ctm

CTM commands are:
-----------------------
1) Create crypto session <session type> <priority> <sw/hw>
2) Load crypto session <encr alg> <encr mode> <hash alg>
                       <auth alg> <auth key len>
3) Dump crypto session context
4) Destroy crypto session
5) Get crypto environment
6) Enable CTM reaper functionality
8) Get DMA/CTM memory statistics
9) Enable/Disable DMA/CTM memory statistics

Raw Crypto Operations
------------------------
10) Generate a random number <length>
11) Encrypt/decrypt data <IV type>
12) Hash data
13) Authenticate (HMAC) data
14) Compress/decompress data <algorithm>
15) Generate symmetric key <hash alg> <key type> <key length>
16) Test SHA2 (256, 384, 512) via well known test vectors
17) Test SHA2 HMAC(256, 384, 512) via well known test vectors

Public Key Operations
------------------------
20) Generate Diffie-Hellman secret <group>
21) Generate RSA key pair <modulus length>
22) RSA encrypt/decrypt <rsa key type> <rsa alg>
23) RSA sign/verify <rsa alg> <hash alg>
26) Verify DH SW vs HW <group>
27) Init DH cache <group>
28) Dump DH cache stats <group>
29) Init ECC parameters

IPsec Operations
------------------------
30) Create IPsec SA <case> <ipsec mode>
31) Update IPsec SA
32) Dump IPsec SA
33) Destroy IPsec SA <destroy flag>
34) Process inbound packet
35) Process outbound packet
36) Enable/Disable CTM IPSec debug
37) Dump IPsec global statistics
38) Dump IPsec SA <handle>

SSL Operations
------------------------
40) Create SSL context
41) Update SSL context <SC ID>
42) Dump SSL context <SC ID>
43) Destroy SSL context <SC ID>
44) Process inbound record <SC ID>
45) Process outbound record <SC ID>

Nitrox Lite Debug Operations
-----------------------
90) Dump PCI configuration space
91) Dump the number of available ctm handles
92) Read NLite CSR from engine
93) Write NLite CSR to engine
94) Dump data structure lengths
95) Dump descriptor ring info for a particular HW engine
96) Change IPsec max frame count
97) Change admin max frame count
98) Clear high water marks
99) Dump hardware error address
100) Dump Crypto HW Registers & Nlite Monitor Info
101) Output Crypto SSH Error Detection Counter(s)
102) Output Crypto SCB Handle Double Free Counter
103) Output Crypto Archive File
104) Manually Generate a Crypto Archive File
120) Show flush counters
121) Clear flush counters
122) Display RSA Verify Statistics. Max, Min and Avg
123) Display RSA Verify Statistics detailed
124) Reset RSA Verify Statistics

debug menu cts

CTS Env Data commands are:
------------------------
1) Show test sg tables
2) apply table <N>
3) apply N entry table <N>
4) register notification callback
5) unregister notification callback

CTS PAC commands are:
------------------------
6) Parse Encrypted PAC file <filename> <password>
9) Display error codes

ISE interoperability:
------------------------
11) cts task <N> [value]
    0 = display expiration time [value]
    1 = display cts task environment data [value]
    2 = display cts task history [value]
    3 = clear cts task history
    4 = enable/disable cts task history
    5 = set PAC expiration warning threshhold to <value>
    6 = set STG expiration backoff to <value> seconds
    7 = clear sgt table checksum
    8 = syslog test
    9 = sgi test [value]
   10 = set syslog interval (seconds, 0 = restore default)

debug menu dap

DAP commands are:
------------------------
1) dump dap XML file
2) dump dap LUA translation
3) Show acl permit/deny count <access-list name>
4) run lua file <file name>

debug menu dhcprelay

DHCP relay commands are:
------------------------
1) Print DHCP relay monitor status
2) Start DHCP relay monitor
3) Stop DHCP relay monitor
4) Start auto reset
5) Stop auto reset
6) Enable force auto reset
7) Disable force auto reset
8) Print interface DHCP relay servers information
9) Reset DHCP relay on all interfaces
10) Reset DHCP relay on an interface
11) Delete divert rules of all interfce DHCP relay servers on an interface
12) Delete divert rule of an interface DHCP relay server on an interface
13) Delete divert rules of an interafce DHCP relay server on all interfaces

debug menu e1000

e1000 commands are:
------------------------
 peek: Dump device registers[args: (1)port num (2)register name ]

debug menu eem
debug menu eem syslog <syslog_id>
debug menu eem timers

debug menu email

email proxy commands are:
------------------------
 1. Display Email Proxy session table [type]
 2. Get/Set Email proxy Print [0..3]
 3. Clear Email Proxy IMAP4S session [key]

debug menu fw   

debug fw <command>
---------------------
1. Start FW Timer <num> [1 - Keepalive, 2 - Failover]
2. Stop FW Timer <num>  [1 - Keepalive, 2 - Failover]
3. Display FW Msg Queue
4. Dump from Stored Buffer <nbytes>
5. FW IGW <-> ISS message debug
6. Print the VPIF for a given <IP>
7. Print VPIF, IP, MAC of interface used for IGW <-> ISS msgs
8. Print Global Config

debug menu ike-common

IKE Common commands are:
------------------------

Show commands
------------------------
1) Show Current Tunnel Manager Entries
2) Show IKECMN timers
3) Show IKECMN counters summary
4) Show IKECMN counters all

Clear commands
------------------------
10) Clear Current Tunnel Manager Entries
11) Clear Current Tunnel Manager Entries older than the given age (in seconds)

debug menu ikev1

IKE commands are:
------------------------

Show commands
------------------------
1) List all IKE SAs
2) List IKE SA(s) by peer address <IP address>
3) List IKE SA(s) by cookie <cookie (0x)>
4) List all IKE connection entries
5) List IKE connection entr(y/ies) by peer address <IP address>
6) List IKE centries by msg id <Msg Id (0x)>
7) List IKE centries by SPI <SPI (0x)>
8) List IKE SA stats
9) List IKE connection entry stats
10) List connection entry stats followed by connection entries

Clear commands
------------------------
11) Delete all IKE SAs
12) Delete IKE SA specified by remote public address <ip addr>
13) Delete IKE SA specified by local public address <ip addr>

14) Clear connection entry stats
15) Clear IKE SA stats

FSM debugging
------------------------
16) List FSM debug flags
17) Enable FSM debugging by state machine
         [arg1] = All=255 (default), MM=1, AM=2, QM=4, TM=8
         [arg2] = starting SA (defaults to 1)
         [arg3] = SAs to enable (defaults to 1)
18) Enable FSM debugging by IP address <IP addr> <Subnet Mask>

Action commands
------------------------
28) Simultaneous IKE P1 Connections Info
   [arg1] = 1 - Get IKE simultaneous P1 connections count
   [arg1] = 2, [arg2] = val - Set MAX IKE simultaneous P1 connections count
29) Rekey SA
   [arg1] = DsId
   [arg2] = (optional) 1 to rekey all centries
30) Rekey Connection Entry <arg = Msg ID (in HEX ex. AABBCCDD)>
31) Initiate an IPsec SA <invpif> <outvpif> <src ip> <dest ip>
40) Print Easy VPN Remote data structures
41) Ping using loopback for Easy VPN Remote
42) Simulate a NACApp event to an Assigned IP.
IKE Firewall commands are:
-------------------------
105) Specify required firewall <arg1 = vendor, arg2 = product>
106) Force rcv'd ModeCfg FW_TYPE request <arg1 = request string>
110) Tear down IPV6 Phase I SAs
111) Tear down all IPV6 connection entries

debug menu ikev2

IKEv2 commands are:
------------------------

1) Delay sending IKEv2 packets by <x> msecs
2) Display the exit path database
         Possible Values:
                 0 - set exit path logging to off
                 1 - set exit path logging to on
                 2 - get exit path logging status
                 3 - show exit path
                 4 - clear exit path database
3) Display the date/time in the debug output <0=false, 1=true>
4) Force NAT-T <0=false, 1=true>
5) Don't send Cisco Vendor ID in IKE_AUTH message <0=false, 1=true>
6) IKEv2 Fragmentation <0=Disable, 1=Enable>
8) Display Disconnect Reason Stats
9) Display/Clear toolkit Error Stats
         0 - Display stats
         1 - Clear stats

Call Admission Control
------------------------
10) Clear CAC statistics
11) Show SA count
12) Show SA tree
         0 - non-detailed
         1 - detailed

13) Display/Clear OSAL Stats
         0 - Display stats
         1 - Clear stats

14) Display OSAL Info

30) Failover Toolkit UT
         Possible Values:
                 1 - Basic Bulk Sync Single Session test
                         0/1 - Verbose
                 2 - Basic Bulk Sync Multiple Session test
                         0/1 - Verbose
                 3 - Basic Bulk Sync Session Delete test
                         0/1 - Verbose
                 4 - Basic Bulk Sync Session Add test
                         0/1 - Verbose
                 5 - Basic Bulk Sync Single MIB test
                         0/1 - Verbose
                 6 - Basic Bulk Sync Multiple MIB test
                         0/1 - Verbose
                 7 - Periodic Global Statistics test
                         0/1 - Verbose
                 8 - Periodic Tunnel MIB test
                         0/1 - Verbose
                 9 - Periodic Tunnel MIB delete test
                         0/1 - Verbose
                 10 - SA event test
                         0/1 - Verbose
                 11 - Child SA event test
                         0/1 - Verbose
                 12 - Failure MIB event test
                         0/1 - Verbose
                 13 - Periodic SA Params test
                         0/1 - Verbose
                 all - Start all Failover tests
                         0/1 - Verbose
40) Initiate without initiating pkt traffic selector
41) Allow responder ANY selector narrowing to configured ACL
50) Network intersect
                 address1 mask1 address2 mask2
60) IPSECv3 Multiple Traffic Selectors UT
         Possible Values:
                 1 - Copy the Block Data on the next tunnel initiated for Multiple Child SAs
                         to same Traffic Selectors
                 2 - Bring up Multiple Child SAs to same Traffic Selectors
                 3 - Start Sending Traffic through Second Tunnel
                 4 - Stop Sending Traffic through Second Tunnel

debug menu ipaddrutl

ipaddrutl commands are:
1) Request any IP address <vpif> <group name>
2) Request a specific IP address <vpif> <ip addr>
3) Free a specific IP address <vpif> <ip addr>
4) Fill a specific address pool <vpif> <pool name>
5) Send Gratuitous ARP Request for IP address <address>
6) Send Gratuitous ARP Reply for IP address <address>


debug menu ipsec-over-tcp

IPSec over TCP debug commands:
------------------------------
1) Activate/deactivate IPSec over TCP Connection Database
2) Display IPSec over TCP Connection Database
3) Flush IPSec over TCP Connection Database
4) Clear IPSec over TCP Connection Database counters
5) Delete IPSec over TCP record <peer ip addr> <peer ctcp port>

debug menu ipv6

IPv6 debug commands:
------------------------

Unit Tests
------------------------
2) show ipv6 ifc cluster replicated LL table info
100) clear ipv6 ifc cluster replicated LL table info

debug menu isc_acp

ISC debug commands:
-----------------------
0) Display ISC ACP Control Block
1) Display ISC CLIENT Control Block
2) Connect to Master (from Slave)
3) Disconnect from Master (from Slave)
4) Disconnect from Slave (from Master)
5) Start Inter-tile server on Master
6) Stop Inter-tile server on Master
7) Start DISC server on Master
8) Stop DISC server on Master
9) Start SVC server on Master
10) Stop SVC server on Master
11) Send msg to Slave <msg type>
12) Send msg to SUP <msg type>
13) Send msg to Master <msg type>
14) Simulate Msg from SUP <msg type>
15) Send complete pkt to peer <len>
16) Send incomplete pkt to peer <len>
17) Enter 2 MCAST LTLs for CCL vlan
18) Add/Remove MAC address for CCL vlan
19) Enter source LTL for CCL vlan
20) Enter port-channel LTL for data vlans
21) Send fragmented pkt to peer <len>
22) Simulate Msg from Slave <msg type>
23) Simulate Msg from Master <msg type>
24) Clear local Inter-Tile sock info
25) Dump ISC logging message
26) Display ACP Context
27) Display ISSU queued packets
      <msg type> -
          1 - RISE_OPC_SVC_SYS_INFO
          2 - RISE_OPC_SVC_AUTOSTATE
          3 - RISE_OPC_SVC_VLAN_STITCH
          4 - RISE_OPC_SVC_ASA_APP_OPERATION(for cmd 14 only)
          5 - RISE_OPC_SVC_ASA_APP_STATE (online)
          6 - RISE_OPC_SVC_ASA_APP_STATE (offline)
          7 - RISE_OPC_SVC_ASA_VLAN_GROUP
          8 - RISE_OPC_SVCCLNT_X86M_PING
          9 - RISE_OPC_SVC_RELOAD
          10 - RISE_OPC_SVC_SC_ONLINE
          11 - RISE_OPC_SVC_ISSU (start)
          12 - RISE_OPC_SVC_ISSU (stop)

debug menu license

License commands are:
------------------------
 1. Accelerate time-based license
 4. Display shared server env
 5. Display shared client env

debug menu mdm-proxy

MDM proxy commands are:
-----------------------
1.  Dump MDM proxy sessions
2.  Dump MDM proxy sessions (short)

debug menu memory

Memory commands are:
------------------------
1) Allocate n number of memory with chunk size m bytes: <number of blocks> <size of memory chunk>
2) Fills up heap to n- in chunk size of m bytes, rounded down. default size is 1024: <percent> [<size of memory chunk>]
3) Frees memory, default is free all: [<number of blocks to free>]
4) Frees up every n-th memory block, default is a random number between 1-5: [<number of blo

debug menu nac

NAC-FRAMEWORK Debug Commands:
-----------------------------
1. Show NAC-FRAMEWORK session list
2. Show NAC-FRAMEWORK session details
3. Revalidate a NAC-FRAMEWORK session
4. Initialize a NAC-FRAMEWORK session
5. Show NAC policy stats
6. Change NAC Session Filter

debug menu npshim

usage: debug menu npshim [-abcdeFfiLlmnpstwZz]
-?                    - help info
-a <ip-address>       - specify dotted IP address of peer
-b                    - close immediately after connect issued
-C <handle>           - TCP_CLR_CH on a context
-c  wait-sock-close   - connect and wait for network to close
    wait-user-close   - connect and wait on user to stop
    no-wait           - connect and close after connect success
    user-close        - user close the connect
    send-immediate    - start connect and send immediately (pending test)
    write-sync        - start connect and write synchronously
    write-async       - start connect and write asynchronously
    read-sync         - start connect and read synchronously
    read-getw         - start connect and read synchronously with getw
-d  on                - turn on debugging
    on-all            - turn on debugging on all fsms
    off-all           - turn off debugging on all fsms
    off               - turn off debugging
-e  <secs>            - delay by secs
-F  <ip-address>      - Peer ip address for debug filtering
-f  reserve-udp       - reserve a udp port
    reserve-tcp       - reserve a tcp port
    clear             - clear previously reserved port
-g                    - Start the fiberized task
-i  <interface>       - specify interface name to use
-J  <fiber num>       - Start fiber number (1 or 2)
-j  <fiber num>       - Signal fiber number (1 or 2) to wake it up
-L  <ip-address>      - Local ip address for debug filtering
-l  select            - start a listen server using select
    select-pend-conn  - start a listen server using select to test pend conn
    listen            - start a listen server using listen ioctl
    port              - adding a listener for specified port
    close             - close a listener for specified port
    deny              - start a listener for specified port and deny the incoming connection
-m  <num writes>      - number of writes
-M  <Md5key length>   - number of bytes in MD5 key
-n  <num bytes>       - number bytes to write
-N  <num connects>    - number of connects
-p  <port>            - specify port value
-s                    - use select
-S                    - source address
-t                    - terminate async write
-u                    - udp send
-w                    - walk and display contexts
-W                    - Count number of contexts
-Z  <yes | no>        - allow zero filter address
-z  <handle>          - display context

debug menu octeon

Accelerator debug commands:
-----------------------
 0) Dump CPU usage
 1) Dump Console Log
 2) Dump Boot Log
 3) Enable/Disable Live Logging
 4) Print Resource Statistics
 5) Print Packet Drop Statistics
 6) Clear Packet Drop Statistics
 7) Print SDK Statistics
 8) Print SDK Status Information
 9) Print Registers
10) Print Debug Flags
11) Force Crash
12) Enable/Disable Resource Exhaustion Notification

debug menu oprofile

Oprofile commands are:
------------------------
1) Oprofile status
2) Start oprofile data collection
3) Stop oprofile data collection
4) Updating oprofile startup script

debug menu pki

Group map:
------------------------
51) Map IpSec certificate to tunnel-group <cert file>
52) Map SSL certificate to tunnel-group <cert file>

Cert/UserDB:
------------------------
61) Create cert DB record <username>
62) Remove cert DB record <username>
63) write certDB
64) display certDB
65) Raw display userDB
66) Raw display certDB
67) Add cert entry to existing cert DB record <username>
68) Display all Local CA Server timers
69) Reset a Local CA Server timer <timer> <time>
70) Set Local CA Server configuration timers <config> <time>
71) Display Local CA Server configuration timers

Misc:
------------------------
 97) Show/Set OCSP clock skew.
 98) Show Crypto CA request failure counts.
 99) Show number of CRLs marked for delete.
100) Show pki storage locking failure counts.
101) Show socket counts
102) Show/Clear/Set API counters/Limits
        <null:show, 1:clear, 2:Set Bad CRL timelimit> [limit]
103) Show device serial #
104) Set interface for DNS lookup: <intf>
105) DNS lookup: <name>
106) IPsec/SSL KU/EKU validation <0:IPSec, 1:SSL><cert file> [trustpoint label]
107) Show key debug info
108) Load/Display keys in storage <option>
109) Display Certificate Handle Info

Artificial tests:
------------------------
110) Toggle Simulate RA cert failure (currently OFF)
111) Set CRL cache capacity (currently 16777216)
112) Set max single CRL size (currently 4194304)
113) Set max number of CRL entries (currently 65534)
114) Show current CRL cache size/capacity
115) Enroll for a certificate.
116) Get path to Local CA CRL file.
117) Get CRL DP URL.

Aware HTTP Server:
------------------
130) Display Aware HTTP Server State.

CERT API tests:
------------------------
140) Validate base64 cert from file <filename>

debug menu ppp

PPP commands are:
------------------------

1) Display  PPP device information
2) Display  EAP device information

debug menu process

Process commands are:
------------------------
1) Show commands issued by the processes

debug menu qos

QoS commands are:
------------------------
1) Dump QoS BLT database
2) Dump QoS BLT Def and Rate Limit values.
3) Dump QoS output queues.
4) Dump QoS output queues.

debug menu quota   

Quota commands are:
------------------------

1) Management session quota
         Possible Values:
                 1 - Reset management session quota level <level>

debug menu regex

regex commands are:
------------------------
40) display all compiled regex tables
45) test regex over existing regex table
46) continue test regex over existing regex table
47) same as 45 with RE_MATCH_NON_OVERLAPPING_RULES
48) same as 46 with RE_MATCH_NON_OVERLAPPING_RULES

debug menu rest-token-auth

REST token auth commands are:
------------------------

1) Display REST token auth sessions for this context
2) Create a REST token auth session <username> <privilege>
3) Lookup a REST token auth session <token> [username]
4) Delete a REST token auth session <token>
5) Display REST token auth sessions for all contexts
6) Delete REST token auth sessions for all contexts

debug menu routing

data-path route table commands :
------------------------
101) Get Force Input recursive-routing config Status
102) Enable Force Input recursive-routing
103) Disable Force Input recursive-routing
104) Get Force Output recursive-routing  config Status
105) Enable Force Output recursive-routing
106) Disable Force Output recursive-routing

debug menu service-module

Cluster service-module debug commands are:
------------------------
 1. Simulate queue event.
 2. Simulate direct event.
 3. Simulate Cluster Unit Health Check Faileure event.
 4. Simulate SUP isc add bootstracp event.
 5. Simulate SUP isc del bootstracp event.
 6. Simulate SUP isc port bundle event.
 7. Simulate SUP isc port de-bundle event.
 8. Simulate SUP health check alert event.
 9. Change inspect FTP to semi-scalable.
 10. Revert inspect FTP to scalable.

debug menu sessmgr

SESSMGR commands:
-----------------
1. raw DB stats
2. Session table information
3. Tunnel table information
4. HW client table information (N/A)
5. Login table information (N/A)
6. Tunnel group table information (N/A)
7. Session free errors
8. Assigned IP address table information

debug menu shmem

debug menu shmem <cmd>

    dump pkt <index> <size>
    dump bpmap <index>
    dump desc <ch_no> <tx/rx> <index>
    dump usemap

debug menu sip

sip commands are:
------------------------
10) clear all sip session data
20) show sip session by call-id
21) show sip session by IPv4 or IPv6 address
22) show count of sip sessions matching the IPv4 or IPv6 address

debug menu splitdns

SPLIT DNS debug commands:
-------------------------
1) Display Split DNS Connection Database
2) Flush Split DNS Connection Database
3) Clear Split DNS Connection Database stats
4) Delete Split DNS record <src ip addr> <transaction_id>

debug menu ssh

SSH commands are:
------------------------
1) connect to remote SSH server <server> <username> <password> <optional int name>

debug menu ssl

SSL commands:
-------------
1. Display debug counters
2. Display SSL FCA DB
3. Add IP address to SSL FCA DB
4. Enable/disable of SSL FCA DB
5. Remove IP address from SSL FCA DB
6. Clear SSL FCA DB
7. Get/set SSL FCA DB timeout

Use 'show ssl' and 'clear ssl' commands

debug menu syslog

debug menu syslog commands are:
------------------------
1) show syslog auditlog status
2) set auditlog blocking to ON
3) set auditlog blocking to OFF

debug menu vpnfo

VPN Failover Debug Menu:
-----------------------
1. Set Debug Level
2. Print VPNFO Failover Version
3. Display the HA descriptor information

debug menu vpnlb

debug menu vpnlb <cmd>

Load balancing commands are:
----------------
  1) Print Stats
  2) Print Peer List
  3) Toggle FSM Debug
  4) Toggle FSM Debug Trace
  5) Print Peer List Debug
  6) Tunnel parameters

debug menu webvpn

WebVPN commands are:
------------------------
 3. Display ACL Database [verbose]
 4. Display ACL Keys
 5. Display ACL Key for <acl_ID>
 6. Display ACL List [key]
 7. Free ACL List [key]
 8. URL Test: <url-string> [key]
 9. TCP Test: <hostname> [hostport] [key]
10. Display ACL Key for <username>
20. Display argc, argv
21. MD5 Hashing <string>
23. domain_gethostbyname <host>
24. Display ACL stats
25. Display DB handle structure
26. webvpn_acl_init()
28. trange_find_entry <time-range>
29. webvpn_log_cache()
30. webvpn_acl_database() - open
31. webvpn_acl_database() - put [type] [port]
32. webvpn_acl_database() - get-first
33. webvpn_acl_database() - get-next
34. webvpn_acl_database() - del-rec [type] [port]
35. webvpn_acl_database() - del-aclid [type] [port]
36. webvpn_acl_database() - flush
37. webvpn_acl_database() - close
40. aaa stats
48. Get/Set WebVPN Applet Debug level [0..4]
66. Show users nethandle
67. Enable/Disable buffer capture to disk
68. Enable/Disable ssl
70. Clear webvpn statistics counters
71. Clear webvpn error counters
72. Display webvpn statistics counters
73. Display webvpn error counters
74. Enable/Disable internal capture trace to memory (screen)
75. Clear the capture trace
76. Display the capture trace in memory (screen)
77. Set capture trace flag
78. Display webvpn flow control statistics counters
79. Debug webvpn [ip-address]
81. ZLIB (Version 1.2.3) Compression Tests
82. Debug Citrix ICA
85. Sync domain_gethostbyname_andgroup <host> <group-name>
86. Async domain_gethostbyname_andgroup <host> <group-name>
87. Display DNS server groups
95. LDAP Client test application
96. LDAP attribute-map test <map name> <attr #> <attr count> <value #> <value count>
98. Dump WEBVPN sessions (short)
99. Dump WEBVPN sessions
100. set webvpn_debug_flags
101. Toggle SMB Signing
102: Toggle SMB DFS
104: SMB/CIFS debug menu
110: Show Emweb Listening Sockets
111: Show block registration status
112: Dump WebVPN Pending Auth Handles
120: View Midpath Module Queue Limits
121: Set Midpath Module Queue Limits
122: Dump Midpath Blocks
123: Get/Set SVC block xmit limit [<value>]
160. Show SNP MP SVC Sessions
170. TCP echo client V6
177. UDP echo client v4 <interface> <dest>
178. UDP client connect send test <addr> <port>
179. UDP server listen <interface> <port>
180. UDP DTLS enable listen <interface>
181. Dump mgmt and WebVPN ACL table.
182. List SVC handles that are terminated and waiting for DHCP.
186: webvpn failover invalid session stats
187: webvpn hostscan stats
188: Toggle forcing OCCAM to use system allocator for anonymous on demand pools
189: webvpn relay open sockets
200: Print WebFO Failover Version

No comments:

Post a Comment