Showing cached kerberos tickets – Cisco ASA 5505 User Manual
Page 1633
74-47
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 74 Configuring Clientless SSL VPN
Understanding How KCD Works
Showing Cached Kerberos Tickets
To display all Kerberos tickets cached on the ASA, enter the following commands:
Command
Function
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
show aaa kerberos
Displays all Kerberos tickets cached on the ASA.
Step 3
show aaa kerberos [username user | host ip |
hostname]
•
user—Used to view the Kerberos tickets of a specific
user
•
hostname—Used to view the Kerberos tickets issued for
a specific host
Example:
ASA# show aaa kerberos
Default Principal
Valid Starting
Expires
Service Principal
06/29/10 18:33:00
06/30/10
18:33:00
krbtgt/[email protected]
06/29/10 17:33:00
06/30/10
17:33:00
asa$/[email protected]
06/29/10 17:33:00
06/30/10
17:33:00
http/[email protected]
ASA# show aaa kerberos username kcduser
Default Principal
Valid Starting
Expires
Service Principal
06/29/10 17:33:00
06/30/10
17:33:00
asa$/[email protected]
06/29/10 17:33:00
06/30/10
17:33:00
http/[email protected]
ASA# show aaa kerberos host owa.bxb.com
Default Principal
Valid Starting
Expires
Service Principal
[email protected]/29/1006/30/10 17:33:00
http/[email protected]
ASA# show aaa kerberos username kcduser
Default Principal
Valid Starting
Expires
Service Principal
06/29/10 17:33:00
06/30/10
17:33:00
asa$/[email protected]
06/29/10 17:33:00
06/30/10
17:33:00
http/[email protected]
ASA# show aaa kerberos host owa.bxb.com
Default Principal
Valid Starting
Expires
Service Principal
06/29/10
06/30/10
17:33:00
http/[email protected]
Shows sample output returned from this command.