beautypg.com

Displaying the configured server connections, Adding an encrypted syslog server – Brocade Multi-Service IronWare Administration Guide (Supporting R05.6.00) User Manual

Page 353

background image

Multi-Service IronWare Administration Guide

335

53-1003028-02

Configuring the Syslog service

A

Syntax: copy tftp flash client-certificate

and

Syntax: copy tftp flash client-private-key

The remote_ip keyword specifies the IP address of the remote host where the SSL Client certificate
and private key are present. The cert_file keyword specifies the filename of the SSL Client
Certificate, and the priv_key_file keyword specifies the filename of the private key.

Using SCP

1. Use SCP to copy the SSL Client Certificate and private key from the remote machine. Enter the

following commands in sequence in any order at the remote host where the SSL Client
Certificate and private key are present:

Host# scp cert.p12 [email protected]:sslclientcert

Host# scp privkeyfile [email protected]:sslclientprivkey

Syntax: scp user@:sslclientcert

and

Syntax: scp user@:sslclientprivkey

The remote_ip keyword specifies the IP address of the device. The cert_file keyword specifies the
filename of the SSL Client Certificate, and the priv_key_file keyword specifies the filename of the
private key.

Adding an encrypted syslog server

To configure an encrypted server connection, enter the following command:

Brocade (config)# logging host 10.25.105.201 ssl-port 60514

Syntax: logging host [ipv6] | ssl-port

The ip-address keyword specifies the syslog server. The ssl-port keyword specifies the SSL port that
will be used to connect to the specified syslog server.

NOTE

You can configure an encrypted syslog server connection only after the device has been placed in
the Common Criteria mode. While you can configure these when the device is in the Administrative
mode, the configuration takes effect only after the device is put in the Common Criteria Operational
mode.

Displaying the configured server connections

You can display the active encrypted syslog server connection with the show ip ssl command:

Brocade# show ip ssl

Session Source IP

Source Port

Remote IP

Remote Port

0 10.25.105.80

633

10.25.105.201

60514

In addition, you can use the show logging command to display the active SSL-encrypted syslog
server along with the logging level information.

Brocade# show logging

Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)