Filter
Top Products
74-47
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 74 Configuring Clientless SSL VPN
Understanding How KCD Works
Showing Cached Kerberos Tickets
To display all Kerberos tickets cached on the ASA, enter the following commands:
Command Function
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
show aaa kerberos
Displays all Kerberos tickets cached on the ASA.
Step 3
show aaa kerberos [username user | host ip |
hostname]
• user—Used to view the Kerberos tickets of a specific
user
• hostname—Used to view the Kerberos tickets issued for
a specific host
Example:
ASA# show aaa kerberos
Default Principal Valid Starting Expires
Service Principal
asa@BXB.COM 06/29/10 18:33:00 06/30/10
18:33:00 krbtgt/BXB.COM@BXB.COM
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 asa$/BXB.COM@BXB.COM
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 http/owa.bxb.com@BXB.COM
ASA# show aaa kerberos username kcduser
Default Principal Valid Starting Expires
Service Principal
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 asa$/BXB.COM@BXB.COM
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 http/owa.bxb.com@BXB.COM
ASA# show aaa kerberos host owa.bxb.com
Default Principal Valid Starting Expires
Service Principal
kcduser@BXB.COM06/29/1006/30/10 17:33:00
http/owa.bxb.com@BXB.COM
ASA# show aaa kerberos username kcduser
Default Principal Valid Starting Expires
Service Principal
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 asa$/BXB.COM@BXB.COM
kcduser@BXB.COM 06/29/10 17:33:00 06/30/10
17:33:00 http/owa.bxb.com@BXB.COM
ASA# show aaa kerberos host owa.bxb.com
Default Principal Valid Starting Expires
Service Principal
kcduser@BXB.COM 06/29/10 06/30/10
17:33:00 http/owa.bxb.com@BXB.COM
Shows sample output returned from this command.