CLI Steps to Set Up VPNs With Client Profiles
This example builds on the one provided in Example: Configuring Client Username Accounts.
Using the two previously created client username accounts pascal blue
and pascal red
assigned to client profile Sales_Access
, this example:
- designates Message VPN
blue
as the Management Message VPN - enables the publishing of syslog events to the message bus on both Message VPNs
- configures a custom log identification tag as a prefix for syslog events generated against Message VPN
red
- activates the Message VPNs
blue
,red
, anddefault
for service
- Designate Message VPN
blue
as the Management Message VPN through themanagement-message-vpn
CONFIG command, then enable the publishing of some syslog events to the message bus:solace> enable
solace# configure
solace(configure)# management-message-vpn blue
solace(configure)# message-vpn blue
solace(configure/message-vpn)# event
solace(configure/message-vpn/event)# publish-client
solace(configure/message-vpn/event)# publish-message-vpn
solace(configure/message-vpn/event)# publish-subscription
WARNING: Enabling subscription event message publishing can significantly impact subscription add/remove rates.
Do you want to continue (y/n)? y
solace(configure/message-vpn/event)# exit
solace(configure/message-vpn)# exit - Configure and enable syslog event messages on Message VPN
red
:solace(configure)# message-vpn red
solace(configure/message-vpn)# event
solace(configure/message-vpn/event)# subscriptions thresholds set-value 25000 clear-value 15000
solace(configure/message-vpn/event)# publish-message-vpn - Configure the custom log identification tag “red_apps1” as a prefix for syslog events generated against Message VPN
red
:solace(configure/message-vpn/event)# log-tag red_apps1
solace(configure/message-vpn/event)# exit
solace(configure/message-vpn)# exit
solace(configure)# - Enter the show commands for the Message VPNs
blue
andred
to confirm their creation and configuration:solace(configure)# show message-vpn blue
Message VPN: blue [Management Message VPN]
Local Status: Down
Distributed Cache Management: Enabled
Total Local Unique Subscriptions: 0
Total Remote Unique Subscriptions: 0
Total Unique Subscriptions: 0
Maximum Subscriptions: 5000000
Local Connections: 0
Max Connections: 9000
Service SMF: 9000
Service Web-Transport: 9000
Basic Authentication: Enabled
Auth Type: no authentication
Auth Profile:
Radius Domain:
Client Certificate Authentication: Disabled
Maximum Chain Depth: 3
Validate Certificate Dates: Enabled
Allow API Provided Username: Disabled
Kerberos Authentication : Disabled
Allow API Provided Username: Disabled
SEMP over Message Bus: Enabled
Admin commands: Enabled
Client commands: Disabled
Distributed Cache commands: Disabled
Show commands: Enabled
Legacy Show Clear commands: Enabled
Large Message Threshold: 1024 (KB)
Event Log Tag:
Publish Client Event Messages: Enabled
Publish Message VPN Event Messages: Enabled
Publish Subscription Event Messages: Enabled
No unsubscribes on disconnect: Disabled
Event topic format: v1
Event Threshold Set Value Clear Value
---------------------------------- ---------------- ----------------
Connections (#conn) 80%(7200) 60%(5400)
Service SMF 80%(7200) 60%(5400)
Service Web-Transport 80%(7200) 60%(5400)
Ingress Message Rate (msg/sec) 4000000 3000000
Egress Message Rate (msg/sec) 4000000 3000000
Subscriptions (#subs) 80%(4000000) 60%(3000000)
solace(configure)# show message-vpn red
Message VPN: red
Local Status: Down
Distributed Cache Management: Enabled
Total Local Unique Subscriptions: 0
Total Remote Unique Subscriptions: 0
Total Unique Subscriptions: 0
Maximum Subscriptions: 5000000
Local Connections: 0
Max Connections: 9000
Service SMF: 9000
Service Web-Transport: 9000
Export Subscriptions: Yes (100% complete)
Basic Authentication: Enabled
Auth Type: no authentication
Auth Profile:
Radius Domain:
Client Certificate Authentication: Disabled
Maximum Chain Depth: 3
Validate Certificate Dates: Enabled
Allow API Provided Username: Disabled
Kerberos Authentication : Disabled
Allow API Provided Username: Disabled
Large Message Threshold: 1024 (KB)
Event Log Tag: red_apps1
Publish Client Event Messages: Disabled
Publish Message VPN Event Messages: Enabled
Publish Subscription Event Messages: Disabled
No unsubscribes on disconnect: Disabled
Event topic format: N/A
Event Threshold Set Value Clear Value
---------------------------------- ---------------- ----------------
Connections (#conn) 80%(7200) 60%(5400)
Service SMF 80%(7200) 60%(5400)
Service Web-Transport 80%(7200) 60%(5400)
Ingress Message Rate (msg/sec) 4000000 3000000
Egress Message Rate (msg/sec) 4000000 3000000
Subscriptions (#subs) 25000 15000 - Activate the Message VPNs
blue
,red
, anddefault
for service, then use a show command to confirm their activation:solace(configure)# message-vpn blue
solace(configure/message-vpn)# no shutdown
solace(configure/message-vpn)# exit
solace(configure)# message-vpn red
solace(configure/message-vpn)# no shutdown
solace(configure/message-vpn)# exit
solace(configure)# message-vpn default
solace(configure/message-vpn)# no shutdown
solace(configure/message-vpn)# exit
solace(configure)# exit
solace# exit
solace> show message-vpn *
Management Message VPN: blue
Message-VPN Local # Unique Subscriptions # Local
Status Local Remote Total Conns
-------------------------------- -------- -------- -------- -------- ------
blue Up 2 0 2 1
default Up 2 0 2 1
red Up 2 0 2 1 - Use a show command for client usernames
pascal blue
andpascal red
to confirm the Message VPNs they belong to are enabled:solace> show client-username pascal message-vpn *
Username Message VPN Enabled # Clients
------------------------------- ------------------------- ------- ---------
pascal blue Yes 0
pascal red Yes 0