CLI Steps to Set Up VPNs With Client Profiles

This example builds on the one provided in Example: Configuring Client Username Accounts.

Using the two previously created client username accounts pascal blue and pascal red assigned to client profile Sales_Access, this example:

  • designates Message VPN blue as the Management Message VPN
  • enables the publishing of syslog events to the message bus on both Message VPNs
  • configures a custom log identification tag as a prefix for syslog events generated against Message VPN red
  • activates the Message VPNs blue, red, and default for service
  1. Designate Message VPN blue as the Management Message VPN through the management-message-vpn CONFIG command, then enable the publishing of some syslog events to the message bus:
    solace> enable
    solace# configure
    solace(configure)# management-message-vpn blue
    solace(configure)# message-vpn blue
    solace(configure/message-vpn)# event
    solace(configure/message-vpn/event)# publish-client
    solace(configure/message-vpn/event)# publish-message-vpn
    solace(configure/message-vpn/event)# publish-subscription
    WARNING: Enabling subscription event message publishing can significantly impact subscription add/remove rates.
    Do you want to continue (y/n)? y
    solace(configure/message-vpn/event)# exit
    solace(configure/message-vpn)# exit
  2. Configure and enable syslog event messages on Message VPN red:
    solace(configure)# message-vpn red
    solace(configure/message-vpn)# event
    solace(configure/message-vpn/event)# subscriptions thresholds set-value 25000 clear-value 15000
    solace(configure/message-vpn/event)# publish-message-vpn
  3. Configure the custom log identification tag “red_apps1” as a prefix for syslog events generated against Message VPN red:
    solace(configure/message-vpn/event)# log-tag red_apps1
    solace(configure/message-vpn/event)# exit
    solace(configure/message-vpn)# exit
    solace(configure)#
  4. Enter the show commands for the Message VPNs blue and red to confirm their creation and configuration:
    solace(configure)# show message-vpn blue

    Message VPN:                       blue [Management Message VPN]
    Local Status:                      Down
    Distributed Cache Management:      Enabled
    Total Local Unique Subscriptions:  0
    Total Remote Unique Subscriptions: 0
    Total Unique Subscriptions:        0
    Maximum Subscriptions:             5000000
    Local Connections:                 0
    Max Connections:                   9000
      Service SMF:                     9000
      Service Web-Transport:           9000

    Basic Authentication:                Enabled
        Auth Type:                       no authentication
        Auth Profile:
        Radius Domain:
    Client Certificate Authentication:   Disabled
        Maximum Chain Depth:             3
        Validate Certificate Dates:      Enabled
        Allow API Provided Username:     Disabled
    Kerberos Authentication :            Disabled
    Allow API Provided Username:         Disabled

    SEMP over Message Bus:               Enabled
      Admin commands:                    Enabled
        Client commands:                 Disabled
        Distributed Cache commands:      Disabled
      Show commands:                     Enabled
      Legacy Show Clear commands:        Enabled

    Large Message Threshold:             1024 (KB)
    Event Log Tag:
    Publish Client Event Messages:       Enabled
    Publish Message VPN Event Messages:  Enabled
    Publish Subscription Event Messages: Enabled
      No unsubscribes on disconnect:     Disabled
      Event topic format:                v1

    Event Threshold                           Set Value      Clear Value
    ---------------------------------- ---------------- ----------------
    Connections (#conn)                       80%(7200)        60%(5400)
    Service SMF                               80%(7200)        60%(5400)
    Service Web-Transport                     80%(7200)        60%(5400)
    Ingress Message Rate (msg/sec)              4000000          3000000
    Egress Message Rate (msg/sec)               4000000          3000000
    Subscriptions (#subs)                   80%(4000000)    60%(3000000)

    solace(configure)# show message-vpn red

    Message VPN:                       red
    Local Status:                      Down
    Distributed Cache Management:      Enabled
    Total Local Unique Subscriptions:  0
    Total Remote Unique Subscriptions: 0
    Total Unique Subscriptions:        0
    Maximum Subscriptions:             5000000
    Local Connections:                 0
    Max Connections:                   9000
      Service SMF:                     9000
      Service Web-Transport:           9000
    Export Subscriptions:              Yes (100% complete)

    Basic Authentication:              Enabled
        Auth Type:                     no authentication
        Auth Profile:
        Radius Domain:
    Client Certificate Authentication:   Disabled
        Maximum Chain Depth:             3
        Validate Certificate Dates:      Enabled
        Allow API Provided Username:     Disabled
    Kerberos Authentication :            Disabled
      Allow API Provided Username:       Disabled

    Large Message Threshold:             1024 (KB)
    Event Log Tag:                       red_apps1
    Publish Client Event Messages:       Disabled
    Publish Message VPN Event Messages:  Enabled
    Publish Subscription Event Messages: Disabled
      No unsubscribes on disconnect:     Disabled
      Event topic format:                N/A

    Event Threshold                           Set Value      Clear Value
    ---------------------------------- ---------------- ----------------
    Connections (#conn)                       80%(7200)        60%(5400)
        Service SMF                               80%(7200)        60%(5400)
        Service Web-Transport                     80%(7200)        60%(5400)

    Ingress Message Rate (msg/sec)                  4000000          3000000
    Egress Message Rate (msg/sec)                   4000000          3000000
    Subscriptions (#subs)                             25000            15000
  5. Activate the Message VPNs blue, red, and default for service, then use a show command to confirm their activation:
    solace(configure)# message-vpn blue
    solace(configure/message-vpn)# no shutdown
    solace(configure/message-vpn)# exit
    solace(configure)# message-vpn red
    solace(configure/message-vpn)# no shutdown
    solace(configure/message-vpn)# exit
    solace(configure)# message-vpn default
    solace(configure/message-vpn)# no shutdown
    solace(configure/message-vpn)# exit
    solace(configure)# exit
    solace# exit
    solace> show message-vpn *

    Management Message VPN: blue
    Message-VPN                      Local      # Unique Subscriptions  # Local
                                     Status      Local   Remote    Total  Conns
    -------------------------------- -------- -------- -------- -------- ------
    blue                             Up              2        0        2      1
    default                          Up              2        0        2      1
    red                              Up              2        0        2      1
  6. Use a show command for client usernames pascal blue and pascal red to confirm the Message VPNs they belong to are enabled:
    solace> show client-username pascal message-vpn *
       
       Username                        Message VPN               Enabled # Clients
       ------------------------------- ------------------------- ------- ---------
       pascal                          blue                          Yes         0
       pascal                          red                           Yes         0