Home > Cisco > Interface > Cisco Ise 14 User Guide

Cisco Ise 14 User Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual Cisco Ise 14 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 232
    Add page 171 to Favourites
    image text
    Enable zoom 
    							Australia Time Zones
Enterthecountryandcitytogetherwithaforwardslash(/)betweenthemfortheAustraliatimezone;for
example,Australia/Currie.
Note
Table 5: Table 4-2 Australia Time Zones (Continued)
Australia
Broken_HillBrisbaneAdelaideAustralianCapital
Territory(ACT)
HobartDarwinCurrieCanberra
MelbourneLordHoweIsland(LHI)LindemanLord_Howe
QueenslandPerthNewSouthWales(NSW)North
VictoriaTasmaniaSydneySouth
YancowinnaWest
Cisco Identity Services Engine CLI Reference Guide, Release 1.4    
163
Cisco ISE CLI Commands in Configuration Mode
Australia Time Zones
    Add page 172 to Favourites
    image text
    Enable zoom 
    							Asia Time Zones
TheAsiatimezoneincludescitiesfromEastAsia,SouthernSoutheastAsia,WestAsia,andCentralAsia.
Entertheregionandcityorcountrytogetherseparatedbyaforwardslash(/);forexample,Asia/Aden.
Note
Table 6: Table 4-3 Asia Time Zones (Continued)
Asia
AnadyrAmmanAlmatyAden
AshkhabadAshgabatAqtobeAqtau
BangkokBakuBahrainBaghdad
CalcuttaBruneiBishkekBeirut
DamascusColumboChongqingChoibalsan
DushanbeDubaiDiliDhakar
HovdHong_KongHarbinGaza
JayapuraJakartaIstanbulIrkutsk
KarachiKamchatkaKabulJerusalem
KuchingKuala_LumpurKatmanduKashgar
KrasnoyarskKuwait
   Cisco Identity Services Engine CLI Reference Guide, Release 1.4
164
Cisco ISE CLI Commands in Configuration Mode
Asia Time Zones
    Add page 173 to Favourites
    image text
    Enable zoom 
    							conn-limit
ToconfigurethelimitofincomingTCPconnectionsfromasourceIPaddress,usetheconn-limitcommand
inconfigurationmode.Toremovethisfunction,usethenoformofthiscommand.
Syntax DescriptionNumberofTCPconnections.
(Optional).SourceIPaddresstoapplytheTCPconnectionlimit.ip
(Optional).SourceIPmasktoapplytheTCPconnectionlimit.mask
(Optional).DestinationportnumbertoapplytheTCPconnection
limit.
port
Command DefaultNodefaultbehaviororvalues.
Command ModesConfiguration(config)#
Usage GuidelinesUsethisconn-limitcommandformorethan99TCPconnections.Forlessthan100connections,thesystem
displaysthefollowingwarning:
%Warning:Settingasmallconn-limitmayadverselyaffectsystemperformance
Example
ise/admin(config)#conn-limit25000ip77.10.122.133port22ise/admin(config)#endise/admin
Related CommandsDescriptionCommand
rate-limit
Cisco Identity Services Engine CLI Reference Guide, Release 1.4    
165
Cisco ISE CLI Commands in Configuration Mode
conn-limit
    Add page 174 to Favourites
    image text
    Enable zoom 
    							do
ToexecuteanEXEC-systemlevelcommandfromconfigurationmodeoranyconfigurationsubmode,use
thedocommandinanyconfigurationmode.
doEXECcommands
Syntax DescriptionSpecifiestoexecuteanEXEC-systemlevelcommand(seeTable7:
Table4-4CommandOptionsforDoCommand(Continued)).
EXECcommands
Table 7: Table 4-4 Command Options for Do Command (Continued)
DescriptionCommand
Configuresaspecificapplication.applicationconfigure
Installsaspecificapplication.applicationinstall
Removesaspecificapplication.applicationremove
Resetsapplicationconfigurationtofactorydefaults.applicationreset-config
Resetsapplicationpasswordforaspecifieduser.applicationreset-passwd
Startsorenablesaspecificapplicationapplicationstart
Stopsordisablesaspecificapplication.applicationstop
Upgradesaspecificapplication.applicationupgrade
Performsabackup(CiscoISEandCiscoADEOS)andplacesthe
backupinarepository.
backup
PerformsabackupofalllogsintheCiscoISEservertoaremote
location.
backup-logs
SetsthesystemclockintheCiscoISEserver.clock
Entersconfigurationmode.configure
Copiesanyfilefromasourcetoadestination.copy
Displaysanyerrorsoreventsforvariouscommandsituations;for
example,backupandrestore,configuration,copy,resourcelocking,
filetransfer,andusermanagement.
debug
DeletesafileintheCiscoISEserver.delete
   Cisco Identity Services Engine CLI Reference Guide, Release 1.4
166
Cisco ISE CLI Commands in Configuration Mode
do
    Add page 175 to Favourites
    image text
    Enable zoom 
    							DescriptionCommand
ListsfilesintheCiscoISEserver.dir
ForcesthelogoutofallsessionsofaspecificCiscoISEnodeuser.forceout
DisablesorshutsdowntheCiscoISEserver.halt
Createsanewdirectory.mkdir
QueriestheIPv4orIPv6addressorhostnameofaremotesystem.nslookup
UpdatestheCLIaccountpassword.password
InstallsaPatchBundleoruninstallsanApplicationpatch.patch
DeterminestheIPv4addressorhostnameofaremotesystem.ping
DeterminestheIPv6addressofaremotesystem.ping6
RebootstheCiscoISEserver.reload
Performsarestoreandretrievesthebackupoutofarepository.restore
Removesanexistingdirectory.rmdir
ProvidesinformationabouttheCiscoISEserver.show
Startsanencryptedsessionwitharemotesystem.ssh
ProvidesTechnicalAssistanceCenter(TAC)commands.tech
EstablishesaTelnetconnectiontoaremotesystem.telnet
Setsterminallineparameters.terminallength
Setstheinactivitytimeoutforallterminalsessions.terminalsession-timeout
Setsthewelcomemessageonthesystemforallterminalsessions.terminalsession-welcome
Specifiesthetypeofterminalconnectedtothecurrentlineofthe
currentsession.
terminalterminal-type
TracestherouteofaremoteIPaddress.traceroute
Disablestheoutput(displayoferrorsorevents)ofthedebug
commandforvariouscommandsituations;forexample,backupand
restore,configuration,copy,resourcelocking,filetransfer,anduser
management.
undebug
Cisco Identity Services Engine CLI Reference Guide, Release 1.4    
167
Cisco ISE CLI Commands in Configuration Mode
do
    Add page 176 to Favourites
    image text
    Enable zoom 
    							DescriptionCommand
Erasesthestartupconfigurationthatforcestorunthesetuputility
andpromptthenetworkconfiguration,copiestherunning
configurationtothestartupconfiguration,displaystherunning
configurationontheconsole.
write
Command DefaultNodefaultbehaviororvalues.
Command ModesConfiguration(config)#oranyconfigurationsubmode(config-GigabitEthernet)#and(config-Repository)#
Usage GuidelinesUsethisdocommandtoexecuteEXECcommands(suchasshow,clear,anddebugcommands)while
configuringtheCiscoISEserver.AftertheEXECcommandisexecuted,thesystemwillreturntoconfiguration
modeyouwereusing.
Example
ise/admin(config)#doshowrunGeneratingconfiguration...!hostnameise!ipdomain-namecisco.com!interfaceGigabitEthernet0ipaddress172.23.90.113255.255.255.0ipv6addressautoconfig!ipname-server171.70.168.183!ipdefault-gateway172.23.90.1!clocktimezoneEST!ntpservertime.nist.gov!usernameadminpasswordhash$1$JbbHvKVG$xMZ/XL4tH15Knf.FfcZZr.roleadmin!servicesshd!backup-staging-urlnfs://loc-filer02a:/vol/local1/private1/jdoe!password-policylower-case-requiredupper-case-requireddigit-requiredno-usernamedisable-cisco-passwordsmin-password-length6!logginglocalhostloggingloglevel6!--More--ise/admin(config)#
   Cisco Identity Services Engine CLI Reference Guide, Release 1.4
168
Cisco ISE CLI Commands in Configuration Mode
do
    Add page 177 to Favourites
    image text
    Enable zoom 
    							end
ToendthecurrentconfigurationsessionandreturntoEXECmode,usetheendcommandinconfiguration
mode.
Thiscommandhasnokeywordsandarguments.
end
Command DefaultNodefaultbehaviororvalues.
Command ModesConfiguration(config)#
Usage GuidelinesThiscommandbringsyoubacktoEXECmoderegardlessofwhatconfigurationmodeorsubmodeyouare
in.
UsethiscommandwhenyoufinishconfiguringthesystemandyouwanttoreturntoEXECmodetoperform
verificationsteps.
Example
ise/admin(config)#endise/admin#
Related CommandsDescriptionCommand
exit
Cisco Identity Services Engine CLI Reference Guide, Release 1.4    
169
Cisco ISE CLI Commands in Configuration Mode
end
    Add page 178 to Favourites
    image text
    Enable zoom 
    							exit
Toexitanyconfigurationmodetothenext-highestmodeintheCLImodehierarchy,usetheexitcommand
inconfigurationmode.
exit
Thiscommandhasnokeywordsandarguments.
Command DefaultNodefaultbehaviororvalues.
Command ModesConfiguration(config)#
Usage GuidelinesTheexitcommandisusedintheCiscoISEservertoexitthecurrentcommandmodetothenexthighest
commandmodeintheCLImodehierarchy.
Forexample,usetheexitcommandinconfigurationmodetoreturntoEXECmode.Usetheexitcommand
intheconfigurationsubmodestoreturntoconfigurationmode.Atthehighestlevel,EXECmode,theexit
commandexitsEXECmodeanddisconnectsfromtheCiscoISEserver.
Example
ise/admin(config)#exitise/admin#
Related CommandsDescriptionCommand
end
exit
   Cisco Identity Services Engine CLI Reference Guide, Release 1.4
170
Cisco ISE CLI Commands in Configuration Mode
exit
    Add page 179 to Favourites
    image text
    Enable zoom 
    							hostname
Tosetthehostnameofthesystem,usethehostnamecommandinconfigurationmode.
hostnamehostname
Syntax DescriptionNameofthehost.Supportsupto19alphanumericcharactersandan
underscore(_).Thehostnamemustbeginwithacharacterthatis
notaspace.
hostname
Command DefaultNodefaultbehaviororvalues.
Command ModesConfiguration(config)#
Usage Guidelines
If'Ctrl-C'isissuedduringtheCLIconfigurationchangeof'hostname'command,incaseofhostname
changethesystemmayendupinastatewheresomeapplicationcomponentshavetheoldhostnameand
somecomponentsusethenewhostname.ThiswillbringtheCiscoISEnodeintoanon-workingstate.
Theworkaroundforthisistoissueanother'hostname'configurationCLItosetthehostnametothedesired
value.
Note
Usethehostnamecommandtochangethecurrenthostname.Asingleinstancetypeofcommand,hostname
onlyoccursonceintheconfigurationofthesystem.Thehostnamemustcontainoneargument;otherwise,an
erroroccurs.
IfyouupdatethehostnameoftheCiscoISEserverwiththiscommand,thefollowingwarningmessageis
displayed:
%Warning:Updatingthehostnamewillcauseanycertificateusingtheold%hostnametobecomeinvalid.Therefore,anewself-signed%certificateusingthenewhostnamewillbegeneratednowfor%usewithHTTPs/EAP.IfCA-signedcertswereusedonthisnode,%pleaseimportthemwiththecorrecthostname.Inaddition,if%thisISEnodewillbejoininganewActiveDirectorydomain,%pleaseleaveyourcurrentActiveDirectorydomainbefore%proceeding.IfthisISEnodeisalreadyjoinedto%anActiveDirectorydomain,thenitisstronglyadvised%torejoinallcurrentlyjoinedjoin-pointsinorderto%avoidpossiblemismatchbetweencurrentandprevious%hostnameandjoinedmachineaccountname.
Example
ise/admin(config)#hostnamenew-hostname%ChangingthehostnamewillcauseISEservicestorestartContinuewithhostnamechange?Y/N[N]:yStoppingISEMonitoring&TroubleshootingLogCollector...StoppingISEMonitoring&TroubleshootingLogProcessor...ISEIdentityMappingServiceisdisabled
Cisco Identity Services Engine CLI Reference Guide, Release 1.4    
171
Cisco ISE CLI Commands in Configuration Mode
hostname
    Add page 180 to Favourites
    image text
    Enable zoom 
    							ISEpxGridprocessesaredisabledStoppingISEApplicationServer...StoppingISECertificateAuthorityService...StoppingISEProfilerDatabase...StoppingISEMonitoring&TroubleshootingSessionDatabase...StoppingISEADConnector...StoppingISEDatabaseprocesses...ISEDatabaseprocessesalreadyrunning,PID:9651StartingISEMonitoring&TroubleshootingSessionDatabase...StartingISEProfilerDatabase...StartingISEApplicationServer...StartingISECertificateAuthorityService...StartingISEMonitoring&TroubleshootingLogProcessor...StartingISEMonitoring&TroubleshootingLogCollector...StartingISEADConnector...Note:ISEProcessesareinitializing.Use'showapplicationstatusise'CLItoverifyallprocessesareinrunningstate.ise-1/admin#
   Cisco Identity Services Engine CLI Reference Guide, Release 1.4
172
Cisco ISE CLI Commands in Configuration Mode
hostname
    All Cisco manuals Comments (0)

    Related Manuals for Cisco Ise 14 User Guide