import-periodic

Description                                                    Get files from a remote site periodically.

Syntax                                                                  import-periodic 
{
  {
  aflex file |
  auth-portal file |
  bw-list file |
  class-list
 file |
  class-list-convert file class-list-type type |
  dnssec-dnskey file |
  dnssec-ds file |
  geo-location file |
  license file |
  local-uri-file file |
  
policy file |
  {
  ssl-cert
 file
   {[certificate-type {pem | der | pfx pfx-password pswd | p7b}]
    [
csr-generate]
  } |
  ssl-cert-key bulk |
  ssl-crl file [csr-generate] |
  ssl-key file [csr-generate] |
  thales-kmdata
file [overwrite] |
  thales-secworld
file [overwrite] |
  wsdl file |
  xml-schema file
  }
  {[use-mgmt-port] url}
  period
 seconds
}

Parameter

Description

aflex

Import an aFleX file.

auth-portal

Import an authentication portal file for Application Access Management (AAM).

bw-list

Import a black/white list.

class-list

Import an IP class list.

class-list-convert file class-list-type {ac | string |ipv4 | ipv6 | string-case-inten­sive}

ACOS imports a newline delimited text file and converts it to a class-list file of the type spec­ified a filetype keyword:

  ac - Aho-Corasick class list.
See the “How to Convert Your SNI List to an A10 Class List” section in the SSL Insight book for an example of converting to an A10 Aho-Corasick class list.

  string

  ipv4

  ipv6

  string-case-insensitive

NOTE: Only the Aho-Corasick class list is compliant with the class list types created through the class-list command.

dnssec-dnskey

Import a DNSEC key-signing key (KSK) file.

dnssec-ds

Import a DNSSEC DS file.

geo-location

Imports a geo-location data file for Global Server Load Balancing (GSLB).

license

Import a license file, if applicable to your model.

local-uri-file

Import a local URI file.

policy

Import a WAF policy file.

ssl-cert [bulk]

Imports a certificate.

  Use the bulk option to import multiple files simultaneously as a .tgz archive.

  Use certificate-type to specify a certificate type.

  Use csr-generate to generate a CSR file.

ssl-cert-key [bulk]

Imports a certificate and key together as a single file.

Specify bulk to import multiple files simultaneously as a .tgz archive

ssl-key [bulk]

Import a certificate key.

Specify bulk to import multiple files simultaneously as a .tgz archive

ssl-crl

Import a certificate revocation list (CRL).

wsdl

Import a WSDL file.

xml-schema

Import an XML schema file.

use-mgmt-port

Uses the management interface as the source interface for the connection to the remote device. The management route table is used to reach the device. Without this option, the ACOS device attempts to use the data route table to reach the remote device through a data interface.

url

Protocol, user name (if required), and directory path you want to use to send the file.

You can enter the entire URL on the command line or press Enter to display a prompt for each part of the URL. If you enter the entire URL and a password is required, you will still be prompted for the password. The password can be up to 255 characters long.

To enter the entire URL:

  tftp://host/file

  ftp://[user@]host[port:]/file

  scp://[user@]host/file

  sftp://[user@]host/file

period seconds

Enables automated updates of the file. You can specify 60 (one minute)-31536000 (one year) seconds.

The period option simplifies update of imported files, especially files that are used by mul­tiple ACOS devices. You can edit a single instance of the file, on the remote server, then con­figure each of ACOS device to automatically update the file to import the latest changes.

When you use this option, the ACOS device periodically replaces the specified file with the version that is currently on the remote server. If the file is in use in the running-config, the updated version of the file is placed into memory.

The updated file affects only new sessions that begin after the update but does not affect existing sessions. For example, when an aFleX script that is bound to a virtual port is updated, the update affects new sessions that begin after the update, but does not affect existing sessions that began before the update.

Mode                                                                   Privileged EXEC mode or global configuration mode

Example                                                            The following command imports an aFleX policy onto the ACOS device from a TFTP server, from its directory named “backups” every 30 days:

ACOS(config)# import-periodic aflex aflex-01 tftp://192.168.1.101/backups/aflex-01 period 2592000

Table of Contents

Index

Glossary

-Search-

Back