Client Profile Configuration

Client profiles are associated with client username accounts so that an administrator can easily apply common configurations to groups of clients.

To create a client profile, enter the following command:

solace(configure)# create client-profile <name> message-vpn <vpn‑name>

To edit an existing client profile, enter the following command:

solace(configure)# client-profile <name> message-vpn <vpn-name>

Where:

<name> is the name of the client profile. A client profile name can contain up to 32 alphanumeric characters (case-sensitive). The “_” character is also permitted.

<vpn-name> is the name of an existing Message VPN that the client profile is in.

The no version of this command, no client-profile, deletes the specified client profile, and client username that were associated with this profile are associated with the profile named default. The profile named default cannot be deleted.

Deleting a client profile results in changing the profiles of potentially many client username accounts back to the profile named default. This can cause unforeseen disruptions to customer service. To list all the clients using a particular client profile, enter the show client-profile <name> detail User EXEC command for the given client profile.

In this section we'll show you the various configuration tasks that can be performed on a client profile. Note that the parameters that are configured are applied to the client username accounts that are assigned the client profile.

Allowing Bridge Connections

The Message VPN bridge feature allows for inter-connection between Message VPNs on Solace PubSub+ event brokers. By default, the Message VPN bridge feature is not available to clients—it must first be configured in the client’s profile on the event broker.

To permit clients using this client profile to use Message VPN bridging, enter the following command:

solace(configure/client-profile)# allow-bridge-connections

The no version of this command, no allow-bridge-connections, removes the permission to use Message VPN bridging from the client profile. Changing this permission during event broker operation does not affect existing sessions. It is only validated when client sessions are established.

Allowing Shared Subscriptions

Because allowing indiscriminate access to MQTT and SMF shared subscriptions is a potential security issue (where a client could join a shared subscription and siphon off a portion of the traffic), you can configure whether or not specific clients can use shared subscriptions. By default, clients are not permitted to use shared subscriptions.

To permit clients using this profile to use shared subscriptions, enter the following command:

solace(configure/client-profile)# allow-shared-subscriptions

The no version of this command, no allow-shared-subscriptions, removes the permission to use shared subscriptions from the client profile.

:  Allowing shared subscriptions is an all or nothing setting. This means that clients permitted to use shared subscriptions are allowed to subscribe to all shared subscriptions in the Message VPN. If you want to control access to specific shared subscriptions, you can use an ACL to configure a list of share names that are permitted (or denied) and then associate it with a client profile. For more information, see Configuring Share Name Subscribe Permissions.

Allowing Client Connects to Replication Standby VPNs

To allow clients using the given client profile to connect to a Message VPN with a standby Replication state, enter the following commands for the client profile on the Message VPN that has an active Replication state:

solace(configure/client-profile)# replication
solace(configure/client-profile/replication)# allow-clients-when-standby

The no version of this command, no allow-clients-when-standby, disallows clients from connecting to the Message VPN when it has a standby Replication state. By default, clients are not allowed to connect a Message VPN with a standby Replication state.

Also, to allow clients to consume messages from an endpoint in a Message VPN with a standby Replication state, you must also disable the propagation of acknowledgments (ack-propagation) for all endpoints from which the client will consume messages. For queues, see Enabling / Disabling Propagating Consumer Acks to Replicated VPNs; for topic endpoints, see Enabling/Disabling Propagating Consumer Acks to Replicated VPNs).

  • When a Message VPN’s Replication state changes from active to standby, clients will not be disconnected if they are using a client profile that allows them to connect to a Message VPN with a standby Replication state. However, clients will be unbound from any endpoints that have the ack‑propagation feature enabled if the Replication state of Message VPN the endpoints are in changes to Replication standby. Also, when the Message VPN they are in changes to Replication standby, clients will be unbound from any endpoint if ack-propagation is enabled.
  • Clients connected to a Message VPN with a standby Replication state will get disconnected if the allow‑clients-when-standby option for client profile they are using is disabled.

Configuring Client Events Generation

To configure the conditions that cause client-related events to be generated for the given client profile, enter the following command:

solace(configure/client-profile)# event

The CLI moves to a level from which you can configure the set and clear thresholds at which client-related events are generated for clients using the given client profile. For information on how to set the high and low thresholds for generating the events, see Configuring Event Outputs and Thresholds.

Configuring Max Connections Per Username

For a given client profile you can configure the maximum permitted number of simultaneous client connections to the event broker that can be made using the same client username. This limit applies to client connections using any supported service type. That is, this limit applies to all client connections regardless of whether they use Solace Message Format (SMF), Web transport, REST, MQTT, and/or AMQP service.

To configure for the given client profile the maximum number of simultaneous client connections that can be made using the same client username account, enter the following command:

solace(configure/client-profile)# max-connections-per-client-username <value>

Where:

<value> is an integer value specifying the maximum number of simultaneous client connections that are permitted. Note that this value is not enforced, so it is possible for you to set a value that exceeds the maximum number of simultaneous connections supported by the type of event broker used. To view the supported limits for the event broker, enter the show service command.

The no version of this command, no max-connections-per-client-username, resets the maximum number of client connections back to the default value.

:  You can also specifically limit the simultaneous client connections to the event broker that can be made using the same client username account according to whether they are SMF or Web clients. For more information, see the max-connections-per-client-username property for Configuring Max SMF Connections and Configuring Max Web Transport Connections Per Username, respectively.

Configuring Max Permitted Subscriptions

When specifying the maximum number of subscriptions for a single client in the client profile, you should consider the total maximum number of permitted topic subscriptions and the total maximum number of client connections for the type of event broker that is used. That is, to ensure reliable system performance, you must find the right balance for your network, while staying within the system limits mentioned, between allowing the creation of many clients and allowing each client to add a large number of topic subscriptions.

To configure the maximum number of subscriptions permitted for a single client for the given client profile, enter the following command:

solace(configure/client-profile)# max-subscriptions <value>

Where:

<value> is an integer value specifying the maximum number of subscriptions. The valid range and default value depends on the type of event broker used.

The no version of this command, no max-subscriptions, resets the maximum number of subscriptions back to the default value.

Configuring Guaranteed Messaging Parameters

A Solace event broker provides a Guaranteed Messaging facility whereby the delivery of a message between two applications is guaranteed by the network even in cases where the receiving application is offline, or there is a failure of a piece of network equipment.

  • On Solace PuSub+ appliances, Guaranteed Messaging is not available by default for clients—it must be configured in the client profile applied to the client username that the client uses.
  • On Solace PubSub+ software event brokers, Guaranteed Messaging is enabled by default for clients.

Allowing Cut-Through Forwarding

To permit clients assigned to a client profile to use cut-through message delivery bind to queues or topic endpoints, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-cut-through-forwarding

The no version of this command, no allow-cut-through-forwarding, removes the permission to use cut-through message delivery from the client profile. However, changing this permission during event broker operation does not affect existing sessions. It is only validated at session establishment time.

:   On a Solace PubSub+ appliance, by default, a client profile does not permit cut-through Guaranteed message delivery.

Allowing Guaranteed Endpoint Creates

To permit clients assigned to a client profile to create queues or topic endpoints, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-guaranteed-endpoint-create

The no version of this command, no allow-guaranteed-endpoint-create, removes the permission to create queues or topic endpoints from the client profile. Changing this permission during event broker operation does not affect existing sessions. It is only validated at session establishment time.

:   On a Solace PubSub+ appliance, by default, a client profile does not permit clients to dynamically create endpoints. On a Solace PubSub+ software event broker, the default setting, on the default client profile for the default message VPN, is to permit clients to dynamically create endpoints.

Specifying the Allowed Durability for Created Endpoints

By default, if a client profile allows clients to create endpoints, they can create both durable and non-durable endpoints. For more information about endpoint durability, refer to Endpoint Durability.

To specify the durability of endpoints that clients assigned to a client profile can create, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-guaranteed-endpoint-create-durability {all | durable | non-durable}

Where:

all specifies that a client associated with this client profile can create any type of endpoint. This is the default value.

durable specifies that a client associated with this client profile can create only durable endpoints.

non-durable specifies that a client associated with this client profile can create only non-durable endpoints.

The no version of this command no allow-guaranteed-endpoint-create-durability, returns this setting to the default value.

Changing this permission during event broker operation does not affect existing sessions. It is only validated at session establishment time.

Allowing Guaranteed Message Receives

To permit clients assigned to a client profile to bind to topic endpoints or queues, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-guaranteed-message-receive

The no version of this command, no allow-guaranteed-message-receive, removes the permission to receive Guaranteed messages from the client profile. Changing this permission during event broker operation does not affect existing sessions. It is only validated at session establishment time.

:   On a Solace PubSub+ appliance, by default, a client profile does not permit clients to bind to topic endpoints or queues and consume Guaranteed messages from those endpoints. On a Solace PubSub+ software event broker, the default setting, on the default client profile for the default message VPN, is to permit clients to bind to topic endpoints or queues and consume Guaranteed messages from those endpoints.

Allowing Guaranteed Message Sends

By default, the ability for clients to publish non-persistent or persistent messages (that is, Guaranteed messages) is not permitted for a client profile.

To permit clients assigned to a client profile to send non-persistent or persistent messages, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-guaranteed-message-send

The no version of this command, no allow-guaranteed-message-send, removes the permission to send Guaranteed messages from the client profile. Changing this permission during event broker operation does not affect existing sessions. It is only validated at session establishment time.

:   On a Solace PubSub+ appliance, by default, a client profile does not permit clients to publish Guaranteed messages. On a Solace PubSub+ software event broker, the default setting, on the default client profile for the default message VPN, is to permit clients to publish Guaranteed messages.

Allowing Transacted Sessions

Transacted sessions (that is, local transacted sessions and/or XA Sessions) are supported by the Solace JMS, Java, Java RTO, C, and .NET APIs messaging APIs. XA Sessions are only supported by the Solace JMS messaging API.

To permit clients assigned to a client profile to use transacted sessions, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# allow-transacted-sessions

The no version of this command, no allow-transacted-sessions, removes the permission to use transacted sessions from the client profile.

  • Changing this value during operation does not affect transacted sessions currently in progress.
  • On a Solace PubSub+ appliance, by default, a client profile does not permit clients to use transacted sessions. On a Solace PubSub+ software event broker, the default setting, on the default client profile for the default message VPN, is to permit clients to use transacted sessions.

Configuring Initial Values for Client-Created Endpoints

When a client using a Solace messaging API dynamically creates an endpoint on an event broker, its configuration is determined first by those endpoint properties and provision flags that the client may provide with a queue or topic endpoint create API function or method (refer to Receiving Guaranteed Messages for Solace enterprise messaging APIs). Any remaining endpoint parameters to be configured are then filled by the values used for queues or topic endpoints that an administrator can provide through the Solace CLI.

Endpoint Templates can be used to specify custom attributes for client created endpoints based upon the endpoint name. Any configurable values associated with the endpoint template will be applied to client created endpoints. Administrators can choose which client created queues use specific endpoint templates through two mechanisms:

  • Endpoint Templates have a name-filter that allows them to match an endpoint name to an endpoint template. This allows client created queues or topic endpoints the ability to dynamically copy attributes from the specified endpoint template. Refer to Setting Name Filters to Match Queue Names or Setting Name Filters to Match Topic Endpoint Names for more information.
  • Client Profiles have an optional copy-from-template-on-create command that can be used to copy custom values from endpoint templates to client created endpoints. However, if no customized endpoint template to be copied is explicitly set, the system defaults for CLI‑provisioned endpoints are used. To set initial values for client-created endpoints, see Configuring Initial Values for Client-Created Queues or Configuring Initial Values for Client-Created Topic Endpoints.
    For event brokers before the 9.4.0 release, use the copy-from-on-create command to specify a CLI‑provisioned queue or topic endpoint with custom values, and those values will be applied to any new client‑created endpoints.

:  A client application may only dynamically create durable and non-durable/temporary queues or topic endpoints on the event broker if it uses a client profile that has the allow-guaranteed-endpoint-create parameter enabled (refer to Allowing Guaranteed Endpoint Creates).

Configuring Initial Values for Client-Created Queues

To set a CLI-provisioned queue template that all new client‑created queues will copy their configuration parameter values from, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# api-queue-management
solace(...le/message-spool/api-queue-management)# copy-from-template-on-create <queue-name>

Where:

<queue-template-name> is the name of a queue template provisioned on the given Message VPN whose parameter values will be used for any new client-created queues.

The no version of this command, no copy-from-template-on-create, resets the default setting, which is that the default event broker queue parameter values will be used for any new client-created queues.

Configuring Initial Values for Client-Created Topic Endpoints

To set a CLI-provisioned topic endpoint template that all new client‑created topic endpoints will copy their configuration parameter values from, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# api-topic-endpoint-management
solace(...e-spool/api-topic-endpoint-management)# copy-from-template-on-create <topic-endpoint-template-name>

Where:

<topic-endpoint-template-name> is the name of a topic endpoint template provisioned on the given Message VPN whose parameter values will be used for any new client-created topic endpoints.

The no version of this command, no copy-from-template-on-create, resets the default setting, which is that the default event broker topic endpoint parameter values will be used for any new client-created topic endpoints.

Configuring the Max Egress Flows Permitted

To configure the maximum number of egress flows (that is, Guaranteed message client receive flows or consumer flows) that can be created by a single client associated with this client profile, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# max-egress-flows <value>

Where:

<value> specifies the maximum number of egress flows that a client associated with the client profile can create. The valid range and default value depends on the type of Solace PubSub+ event broker used.

The no version of this command, no max-egress-flows, resets the maximum number of egress flows allowed for a client back to the default value.

Configuring the Max Endpoints Permitted Per Client Username

There is a maximum number of durable and non-durable queues and topic endpoints that can be owned by the clients using the same client username within a client profile. A client username is the owner of an endpoint when a client with that username dynamically creates an endpoint through an API call. You can also assign an owner to a durable endpoint through the Solace CLI (refer to Configuring Queue Owners or Configuring Topic Endpoint Owners).

To configure the maximum number of durable and non-durable queues and topic endpoints that can be owned by clients using the same client username associated with a client profile, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# max-endpoints-per-client-username <value>

Where:

<value> specifies the maximum number of queues and topic endpoints that a client username associated with the given client profile can be the owner of. The valid range and default value depends on the type of Solace PubSub+ event broker used.

The no version of this command, no max-endpoints-per-client-username, resets the maximum number of endpoints per client username value back to the default.

Configuring the Max Ingress Flows Permitted

To configure the maximum number of ingress flows (that is, Guaranteed message client publish flows) that can be created by a single client associated with this client profile, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# max-ingress-flows <value>

Where:

<value> specifies the maximum number of ingress flows that a client associated with the client profile can create. The valid range and default value depends on the type of Solace PubSub+ event broker used.

The no version of this command, no max-ingress-flows, resets the maximum number of ingress flows allowed for a client back to the default value.

Configuring the Max Number of Transactions

To configure the total maximum number of simultaneous transactions (both local transactions and transactions within XA transaction branches) allowed for a single client associated with this client profile, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# max-transactions <value>

Where:

<value> is an integer value specifying the maximum number of transactions allowed per client associated with the given client profile. The valid range and default value depends on the type of Solace PubSub+ event broker used.

The no version of this command, no max-transactions, resets the total maximum number of simultaneous transactions back to the default value.

Configuring the Max Number of Transacted Sessions

To configure the maximum number of simultaneous transacted sessions and/or XA Sessions allowed for a single client associated with this client profile, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# max-transacted-sessions <value>

Where:

<value> is the integer value specifying the maximum number of transacted sessions allowed per client. The valid range and default value depends on the type of Solace PubSub+ event broker used.

The no version of this command, no max-transacted-sessions, resets the maximum number of transacted sessions allowed per client by the client profile back to the default value.

Handling Guaranteed Messages with No Matches

When Guaranteed messages are published, and there are no Guaranteed subscriptions on the event broker that match the messages’ topics, the event broker can either:

  • Return negative acknowledgments (that is, “Nacks”) to the publishers to indicate that there are no matching Guaranteed subscriptions for the messages. Messages published to unknown queue names are always Nacked.
  • Silently discard the messages (that is, no Nacks are returned to the publishers). This is the default action.

To configure that Nacks should be returned for published Guaranteed messages that do not have Guaranteed message subscription matches, enter the following commands:

solace(configure/client-profile)# message-spool
solace(configure/client-profile/message-spool)# reject-msg-to-sender-on-no-subscription-match

:  Even if a Nack is returned to the publisher, it will still be delivered to any clients that have Direct subscriptions to the topic.

To restore the default action, that published Guaranteed messages should be silently discarded when there are no Guaranteed subscription matches, enter the no version of the command:

solace(configure/client-profile/message-spool)# no reject-msg-to-sender-on-no-subscription-match

Configuring Egress Priority Queues

Refer to Message Delivery Resources for details on the queue Client Profile CONFIG command and general information on how to configure and monitor egress per-client priority queues.

Configuring Services

To set the configuration parameters for the given Message VPN for the types of services offered to clients using the given client profile, enter the following commands:

solace(configure/client-profile)# service

The CLI is now at a level where you can configure service settings for the given client profile for the following service types:

:   Once you have configured appropriate services, you can view the maximum number of client connections that the Solace event broker can supported, enter the show service User EXEC command.

Configuring Max SMF Connections

Solace PubSub+ uses the Solace Message Format (SMF) as its underlying messaging transport protocol.

For the given client profile, you can configure the maximum permitted number of simultaneous SMF client connections to the event broker that can be made using the same client username account.

To configure the maximum number of simultaneous SMF client connections, enter the following commands:

solace(configure/client-profile/service)# smf
solace(configure/client-profile/service/smf)# max-connections-per-client-username <value>

Where:

<value> is the maximum number of simultaneous SMF client connections permitted. To view the maximum total number of SMF client connections that the Solace PubSub+ event broker can support, enter the show service User EXEC command. The valid range depends on the type of Solace PubSub+ event broker used.

The no version of the command, no max-connections-per-client-username, resets the max-connections-per-client-username value to the default value, which is the maximum total number of SMF client connections that the event broker can support.

Configuring Web Transport Services

To configure specific Web transport service settings for the given client profile, enter the following commands:

solace(configure/client-profile)# service web-transport

The CLI is now at a configuration mode that allows you to specify the following Web transport service parameters:

Configuring Inactivity Timeouts

To configure the number of seconds a Web client has to send a request before its session will timeout (that is, will be terminated) for being inactive, enter the following command:

solace(.../client-profile/web-transport)# inactive-timeout <seconds>

Where:

<seconds> is the number of seconds a Web client has to send a request or have its session timeout for being inactive. The valid range is 1 to 4294967295. The default value is 30.

The no version of this command, no inactive-timeout, resets the duration back to the default value.

Configuring Max Web Transport Connections Per Username

To configure for the given client profile the maximum permitted number of simultaneous Web transport client connections to the event broker that can be made using the same client username account, enter the following command:

solace(.../client-profile/web-transport)# max-connections-per-client-username <value>

Where:

<value> is the maximum number of simultaneous Web transport client connections permitted. The valid range depends on the type of Solace PubSub+ event broker used. To view the maximum total number of Web client connections that the event broker can support, as determined by the type of event broker used, enter the show service User EXEC command.

The no version of the command, no max-connections-per-client-username, resets the max connections per client username value to the default value, which is the maximum total number of Web client connections that the event broker can support.

Configuring Max Web Payloads

SMF messages that are sent to a consuming Web client are contained within a Web transport message that the event broker sends in its HTTP response to that client. Each Web transport message that is sent can contain multiple SMF messages or partial SMF messages.

The maximum Web payload value sets the maximum number of bytes allowed in a single Web transport message (not including the header). This value determines the number of SMF messages that can be sent in a single HTTP response and the size of the Web transport message sent in the HTTP response.

:  Large SMF messages can be fragmented across Web transport messages to respect the value set for the maximum possible Web payload.

To configure the maximum number of bytes allowed in a single Web transport message, enter the following command:

solace(.../client-profile/web-transport)# max-web-payload <bytes>

Where:

<bytes> is the maximum number of bytes allowed in each Web transport message payload. The valid range is 300 to 10000000. The default value is 1000000.

The no version of this command, no max-web-payload, resets the maximum back to default.

Configuring Client TCP Settings

To configure the TCP settings for the given client profile, enter the following command:

solace(configure/client-profile)# tcp

The CLI is now at a level from which you can configure the following client-to-event broker TCP settings:

  • TCP Initial Congestion Window Sizes
  • TCP Keepalives
  • TCP Maximum Segment Sizes
  • TCP Maximum Window Sizes

For details on how to set these client-to-event broker TCP settings, see TCP Settings

Configuring Message Eliding

Eliding allows you to define a custom per-topic rate for client applications so they can effectively consume relevant messages, rather than queuing up outdated messages. For example, when eliding is configured, clients could receive Direct messages for their topic subscriptions at a rate of at most 5 per second per topic even though the source is publishing updates at much higher rates.

:  Message eliding is not supported on Solace PubSub+ appliances that use a Network Acceleration Blade-0401EM (NAB-0401EM). This NAB model does not support message eliding.

To configure the given client profile to use message eliding, enter the following command:

solace(configure/client-profile)# eliding

The CLI is now at a level from you can configure message eliding parameters and start or stop message eliding for the client profile:

Configuring Message Delay Intervals

To configure the amount of time to delay the delivery of messages to a client after the initial message has been delivered, enter the following command:

solace(configure/client-profile/eliding)# delay <milliseconds>

Where:

<milliseconds> is a delay time interval in milliseconds. This delay interval controls on a topic-by-topic basis the rate of message updates sent to a client. The valid range is 0 to 60000. The default is 0 (no delay).

The no version of this command, no delay, resets the delay back to default value.

Configuring the Maximum Number of Topics to Elide

To configure the maximum number of topics the event broker can track for performing the eliding function on each client connection, enter the following command:

solace(configure/client-profile/eliding)# max-topics <num>

Where:

<num> is the maximum number of topics that can be tracked for eliding. Once this maximum number is reached, the event broker clears the elided topics for the client to prevent consuming more eliding resources than have been allocated for the connection, and a one-time Syslog event is generated on a per-client basis. The topics of any subsequent messages that are received are then tracked for eliding again. The valid range is 1 to 32000. The default is 256.

The no version of this command, no max-topics, resets the maximum number of topics to default.

Any messages that are received on a topic that was tracked before exceeding the maximum is regarded as a message published to a new topic. The “new” topic is tracked again, and a message for that topic is sent immediately. The result is that two messages may be sent for an elided topic: one message is sent before the eliding maximum is reached, another is sent after the eliding maximum is reached and a new eliding topic tracking period begins.

Starting/Stopping Message Eliding

By default message eliding is disabled on client profiles.

  • To start message eliding for clients using the given client profile, enter the following command:

    solace(configure/client-profile/eliding)# no shutdown

  • To stop messaging eliding for clients using the given client profile, enter the following command:

    solace(configure/client-profile/eliding)# shutdown

Configuring Downgrade to Plain-Text

To allow clients which support the option to downgrade their connections to plain-text, enter the following commands:

solace(configure/client-profile)# ssl
solace(configure/client-profile/ssl)# allow-downgrade-to-plain-text

The command allows downgrading to both {plaintext, compressed} and {plain-text, uncompressed}.

By default, clients are allowed to downgrade their connections to plain-text.

The no version of this command, no allow-downgrade-to-plain-text, prevents clients from downgrading their connections to plain-text.

Disabling Compression

By default, clients are allowed to transfer data using compression. To disable this ability, enter the following commands:

solace(configure/client-profile)# compression
solace(configure/client-profile/compression)# shutdown

Disabling compression means:

  • Not allowing plain-text compressed SMF connections.
  • No SSL client negotiation to {secure, compressed}.
  • No SSL client negotiation to {plain-text, compressed}.
  • No bridging with compressed traffic.

The no version of this command, no shutdown, restores data transfer with compression.

Configuring Client Username Accounts Example

This example shows how to:

  • Create client username accounts (pascal) in separate Message VPNs (blue and red)
  • Create client profiles (Sales_Access) in both Message VPNs
  • Assign those client profiles to the client username accounts
  • Activate the client username accounts for service
  1. Create the Message VPN blue:

    solace> enable
    solace# configure
    solace(configure)# create message-vpn blue
    solace(configure/message-vpn)# exit

  2. Create the Message VPN red:

    solace(configure)# create message-vpn red
    solace(configure/message-vpn)# exit

  3. Create the client username account pascal in Message VPN blue:

    solace(configure)# create client-username pascal message-vpn blue
    solace(configure/client-username)# exit

  4. Create the client username account pascal in Message VPN red:

    solace(configure)# create client-username pascal message-vpn red
    solace(configure/client-username)# exit

  5. Enter the following show command on the client username accounts pascal to confirm their creation:

    solace(configure)# show client-username pascal message-vpn *

  6. Create the client profile Sales_Access in Message VPN blue:

    solace(configure)# create client-profile Sales_Access message-vpn blue
    solace(configure/client-profile)# exit

  7. Create the client profile Sales_Access in Message VPN red:

    solace(configure)# create client-profile Sales_Access message-vpn red
    solace(configure/client-profile)# exit

  8. Enter the following show command on the client profile Sales_Access to confirm its creation and configuration.

    solace(configure)# show client-profile Sales_Access detail

  9. Assign client profile Sales_Access to the client username account pascal in Message VPN blue:

    solace(configure)# client-username pascal message-vpn blue
    solace(configure/client-username)# client-profile Sales_Access
    solace(configure/client-username)# exit

  10. Assign client profile Sales_Access to the client username account pascal in Message VPN red:

    solace(configure)# client-username pascal message-vpn red
    solace(configure/client-username)# client-profile Sales_Access
    solace(configure/client-username)# exit

  11. Enter the following show command to confirm the client username accounts have been assigned to client profile Sales_Access:

    solace(configure)# show client-username pascal detail

  12. Activate the client username account pascal in Message VPN blue for service:

    solace(configure)# client-username pascal message-vpn blue
    solace(configure/client-username)# no shutdown
    solace(configure/client-username)# exit

  13. Activate the client username account pascal in Message VPN red for service:

    solace(configure)# client-username pascal message-vpn red
    solace(configure/client-username)# no shutdown
    solace(configure/client-username)# exit

  14. Enter the following show command to confirm the client username accounts’ activation:

    solace(configure)# show client-username pascal message-vpn *

    Username                        Message VPN                 Enabled # Clients
    ------------------------------- --------------------------- -------  --------
    pascal                          blue                            Yes         0
    pascal                          red                             Yes         0

  15. To activate the Message VPNs blue, red, and default for service, go to CLI Steps to Set Up VPNs With Client Profiles.