ADC CLI Commands

tunnel-global

The following operations can be performed on “tunnel-global”:

bind unbind show

bind tunnel global

Activates an existing tunnel traffic policy globally.

Synopsis

bind tunnel global ( [-priority ] [-gotoPriorityExpression ]) [-state ( ENABLED | DISABLED )] [-type ]

Arguments

policyName Name of the tunnel traffic policy to activate or bind.

priority Integer specifying the policy’s priority. The lower the number, the higher the priority. Policies are evaluated in the order of their priority numbers. Minimum value: 0 Maximum value: 2147483647

gotoPriorityExpression Expression or other value specifying the next policy to evaluate if the current policy evaluates to TRUE. Specify one of the following values:

  • NEXT - Evaluate the policy with the next higher priority number.
  • END - End policy evaluation.
  • USE_INVOCATION_RESULT - Applicable if this policy invokes another policy label. If the final goto in the invoked policy label has a value of END, the evaluation stops. If the final goto is anything other than END, the current policy l abel performs a NEXT.
  • An expression that evaluates to a number. If you specify an expression, the number to which it evaluates determines the next policy to evaluate, as follows:
  • If the expression evaluates to a higher numbered priority, the policy with that priority is evaluated next.
  • If the expression evaluates to the priority of the current policy, the policy with the next higher numbered priority is evaluated next.
  • If the expression evaluates to a number that is larger than the largest numbered priority, policy evaluation ends.

An UNDEF event is triggered if:

  • The expression is invalid.
  • The expression evaluates to a priority number that is smaller than the current policy’s priority number.
  • The expression evaluates to a priority number that is between the current policy’s priority number (say, 30) and the highest priority number (say, 100), but does not match any configured priority number (for example, the expression ev aluates to the number 85). This example assumes that the priority number increments by 10 for every successive policy, and therefore a priority number of 85 does not exist in the policy label.

state Current state of the binding. If the binding is enabled, the policy is active.

Possible values: ENABLED, DISABLED Default value: ENABLED

type Global bind point, specifying where to bind the policy. This is relevant for advanced (default-syntax) policies only.

Possible values: REQ_OVERRIDE, REQ_DEFAULT, RES_OVERRIDE, RES_DEFAULT, NONE Default value: NONE

Example

add tunnel trafficpolicy cmp_all_destport “REQ.TCP.DESTPORT == 0-65535” GZIP

After creating above tunnel policy, it can be activated by binding it globally: bind tunnel global cmp_all_destport

After binding cmp_all_destport compression policy globally, the policy gets activated and the Citrix ADC will compress all TCP traffic accessed through ssl-vpn tunnel.

Globally active tunnel policies can be seen using command:

show tunnel global 1 Globally Active Tunnel Policies: 1) Policy Name: cmp_all_destport Priority: 0 Done

unbind tunnel global

Deactivates an active tunnel traffic policy.

Synopsis

unbind tunnel global [-type ] [-priority ]

Arguments

policyName Name of the tunnel traffic policy to unbind or deactivate.

type Bind point, specifying from where to unbind the policy. Applicable only to advanced (default-syntax) policies.

Possible values: REQ_OVERRIDE, REQ_DEFAULT, RES_OVERRIDE, RES_DEFAULT, NONE

priority Priority of the policy to be unbound. Minimum value: 1 Maximum value: 2147483647

Example

Globally active tunnel policies can be seen using command:

show tunnel global 1 Globally Active Tunnel Policies: 1) Policy Name: cmp_all_destport Priority: 0 Done

The globally active tunnel traffic policy can be deactivated on the Citrix ADC system by issuing the command: unbind tunnel global cmp_all_destport

show tunnel global

Displays globally active tunnel policies.

Synopsis

show tunnel global [-type ]

Arguments

type Bind point to which the policy is bound.

Possible values: REQ_OVERRIDE, REQ_DEFAULT, RES_OVERRIDE, RES_DEFAULT

Output

policyName Policy name.

priority Priority.

gotoPriorityExpression Expression specifying the priority of the next policy which will get evaluated if the current policy rule evaluates to TRUE.

state Current state of the binding. If the binding is enabled, the policy is active.

numpol The number of policies bound to the bindpoint.

builtin Indicates that a variable is a built-in (SYSTEM INTERNAL) type.

feature The feature to be checked while applying this config

stateflag policyType Policy type (Classic/Advanced) to be bound.Used for display.

globalBindType devno count

Example

sh tunnel global 1) Policy Name: cmp_all_destport Priority: 0 2) Policy Name: local_sub_nocmp Priority: 500 Done

tunnel-global