-
-
-
-
-
-
-
-
-
-
-
vpn-global
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
vpn-global
The following operations can be performed on “vpn-global”:
bind | unbind | show |
bind vpn global
Binds Citrix Gateway entities, including policies, globally.
Synopsis
bind vpn global [-policyName
Arguments
policyName Name of the policy to bind globally.
priority Integer specifying the policy’s priority. The lower the priority number, the higher the policy’s priority. Maximum value for default syntax policies is 2147483647 and for classic policies is 64000. Minimum value: 0 Maximum value: 2147483647
secondary Bind the authentication policy as the secondary policy to use in a two-factor configuration. A user must then authenticate not only to a primary authentication server but also to a secondary authentication server. User groups are aggregated across both authentication servers. The user name must be exactly the same on both authentication servers, but the authentication servers can require different passwords.
groupExtraction Bind the Authentication policy to a tertiary chain which will be used only for group extraction. The user will not authenticate against this server, and this will only be called it primary and/or secondary authentication has succeeded.
intranetDomain Intranet domain name for single sign-on.
intranetApplication Name of the intranet application to bind globally.
nextHopServer Name of the next hop server to bind globally.
urlName Name of the URL of the virtual server to bind globally.
intranetIP Range of IP addresses in an address pool or individual IP addresses to bind globally.
netmask The intranet ip or range’s netmask.
intranetIP6 Starting address in the range of IPv6 addresses in an address pool or individual IPv6 addresses to bind globally.
numaddr The intranet ipv6 address. Minimum value: 1
staServer Web address of the Secure Ticketing Authority (STA) server to be bound globally, in the following format: ‘http(s)://FQDN/URLPATH’
staAddressType Type of the STA server address(ipv4/v6).
Possible values: IPV4, IPV6
appController App Controller server, in the format ‘http(s)://IP/FQDN’
sharefile ShareFile server, in the format ‘IP:PORT / FQDN:PORT’
gotoPriorityExpression Applicable only to advance vpn session policy. An expression or other value specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.
portaltheme Portaltheme name to bind globally
eula EULA name to bind globally
certkeyName SSL certkey to use in signing tokens. Only RSA cert key is allowed
userDataEncryptionKey Certificate to be used for encrypting user data like KB Question and Answers, Alternate Email Address, etc.
cacert Name of the CA certificate.
crlCheck Rule to use for the CRL corresponding to the CA certificate during client authentication. Available settings function as follows:
- MANDATORY - Deny SSL clients if the CRL is missing or expired, or the Next Update date is in the past, or the CRL is incomplete.
- OPTIONAL - Allow SSL clients if the CRL is missing or expired, or the Next Update date is in the past, or the CRL is incomplete, but deny if the client certificate is revoked in the CRL. If neither CRL nor OCSP option is specified while binding the CA certificate, this option is set to CRLCHECK OPTIONAL by default.
Possible values: Mandatory, Optional
ocspCheck Rule to use for the OCSP responder associated with the CA certificate during client authentication. If MANDATORY is specified, deny all SSL clients if the OCSP check fails because of connectivity issues with the remote OCSP server, or any other reason that prevents the OCSP check. With the OPTIONAL setting, allow SSL clients even if the OCSP check fails except when the client certificate is revoked.
Possible values: Mandatory, Optional
unbind vpn global
Unbinds Citrix Gateway policies to the virtual server globally.
Synopsis
unbind vpn global [-policyName
Arguments
policyName Name of the policy to unbind globally.
secondary Bind the authentication policy as the secondary policy to use in a two-factor configuration. A user must then authenticate not only to a primary authentication server but also to a secondary authentication server. User groups are aggregated across both authentication servers. The user name must be exactly the same on both authentication servers, but the authentication servers can require different passwords.
groupExtraction Bind the Authentication policy to a tertiary chain which will be used only for group extraction. The user will not authenticate against this server, and this will only be called it primary and/or secondary authentication has succeeded.
intranetDomain A conflicting intranet domain name to be unbound.
intranetApplication The name of a VPN intranet application to be unbound.
nextHopServer The name of the next hop server to be unbound globally.
urlName The name of a VPN url to be unbound from vpn global.
intranetIP The intranet IP address or range to be unbound.
netmask The intranet IP or range’s netmask to be unbound from vpn global.
intranetIP6 The intranet ip address or range to be unbound.
numaddr The intranet ip or range’s netmask to be unbound from vpn global. Minimum value: 1
staServer Secure Ticketing Authority (STA) server to be removed, in the format ‘http(s)://IP/FQDN/URLPATH’
appController App Controller server to be removed, in the format ‘http(s)://IP/FQDN’
sharefile ShareFile server to be removed, in the format ‘IP:PORT / FQDN:PORT’
portaltheme Name of the Portal theme to unbind from vpnglobal
eula Name of the EULA to unbind from vpnglobal
certkeyName SSL certkey to use in signing tokens. Only RSA cert key is allowed
userDataEncryptionKey Certificate to be used for encrypting user data like KB Question and Answers, Alternate Email Address, etc.
cacert Name of the CA certificate to unbind.
show vpn global
Shows the Citrix Gateway policies that are bound to the virtual server globally.
Synopsis
show vpn global
Arguments
Output
stateflag policyName The name of the policy.
priority Integer specifying the policy’s priority. The lower the priority number, the higher the policy’s priority. Maximum value for default syntax policies is 2147483647 and for classic policies is 64000.
intranetDomain The conflicting intranet domain name.
intranetApplication The intranet vpn application.
nextHopServer The name of the next hop server bound to vpn global.
urlName The intranet url.
intranetIP The intranet ip address or range.
netmask The intranet ip address or range’s netmask.
intranetIP6 The intranet ip address or range.
numaddr The intranet ip address or range’s netmask.
staServer Configured Secure Ticketing Authority (STA) server.
staAddressType Type of the STA server address(ipv4/v6).
staAuthID Authority ID of the STA Server. Authority ID is used to match incoming STA Tickets in the SOCKS/CGP protocol with the right STA Server.
staState State of the STA Server. If Authority ID is set then STA Server is UP else DOWN.
appController Configured App Controller server.
sharefile Configured Sharefile server, in the format IP:PORT / FQDN:PORT
type Bindpoint to which the policy is bound
policySubType builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.
feature The feature to be checked while applying this config
secondary Bind the authentication policy as the secondary policy to use in a two-factor configuration. A user must then authenticate not only to a primary authentication server but also to a secondary authentication server. User groups are aggregated across both authentication servers. The user name must be exactly the same on both authentication servers, but the authentication servers can require different passwords.
groupExtraction Bind the Authentication policy to a tertiary chain which will be used only for group extraction. The user will not authenticate against this server, and this will only be called it primary and/or secondary authentication has succeeded.
policyType Policy type (Classic/Advanced) to be bound.Used for display.
gotoPriorityExpression Applicable only to advance vpn session policy. An expression or other value specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.
globalBindType portaltheme Name of the portal theme bound to vpnglobal
eula Name of the EULA bound to vpnglobal
certkeyName SSL certkey to use in signing tokens. Only RSA cert key is allowed
cacert The name of the CA certificate binding.
crlCheck The state of the CRL check parameter (Mandatory/Optional).
ocspCheck The state of the OCSP check parameter (Mandatory/Optional).
userDataEncryptionKey Certificate to be used for encrypting user data like KB Question and Answers, Alternate Email Address, etc.
devno count
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.