Administration Guide
Page 2
... FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. Copyright © 1981, Regents of the University of actual IP addresses in the document are registered trademarks of Cisco Systems, Inc. Any examples, command display output, and figures included in illustrative content is unintentional and coincidental...
... FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. Copyright © 1981, Regents of the University of actual IP addresses in the document are registered trademarks of Cisco Systems, Inc. Any examples, command display output, and figures included in illustrative content is unintentional and coincidental...
Administration Guide
Page 20
... also lists and describes the system log (syslog) messages generated by mode, including syntax, options, and related commands. Cisco 4700 Series Application Control Engine Appliance Command Reference Provides an alphabetical list and descriptions of all CLI commands by the ACE. Cisco 4700 Series Application Control Engine Appliance Administration Guide xx OL-11157-01 Preface Document Title Description...
... also lists and describes the system log (syslog) messages generated by mode, including syntax, options, and related commands. Cisco 4700 Series Application Control Engine Appliance Command Reference Provides an alphabetical list and descriptions of all CLI commands by the ACE. Cisco 4700 Series Application Control Engine Appliance Administration Guide xx OL-11157-01 Preface Document Title Description...
Administration Guide
Page 22
...Means possible physical harm or equipment damage. For additional information about CLI syntax formatting, see the Cisco 4700 Series Application Control Engine Appliance Command Reference. Arguments for example, the key combination ^D in equipment damage or loss of data. Warnings use.... Notes use the following conventions: Caution Means reader be careful. Cisco 4700 Series Application Control Engine Appliance Administration Guide xxii OL-11157-01 Notes contain helpful suggestions or references to material not covered in boldface screen font. Preface Convention boldface ...
...Means possible physical harm or equipment damage. For additional information about CLI syntax formatting, see the Cisco 4700 Series Application Control Engine Appliance Command Reference. Arguments for example, the key combination ^D in equipment damage or loss of data. Warnings use.... Notes use the following conventions: Caution Means reader be careful. Cisco 4700 Series Application Control Engine Appliance Administration Guide xxii OL-11157-01 Notes contain helpful suggestions or references to material not covered in boldface screen font. Preface Convention boldface ...
Administration Guide
Page 54
... mode. Synchronizing the ACE with an NTP Server Chapter 1 Setting Up the ACE Table 1-7 Field Descriptions for show ntp statistics peer Command Field Packets Sent Packets Received Bogus Origin Duplicate Bad Dispersion Bad Reference Time Candidate Order Description...Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Number of packets received from the NTP peer. Number of this server when it chooses the master. .Clearing NTP Statistics To clear NTP information, use the clear ntp statistics command in which the ACE may consider this command...
... mode. Synchronizing the ACE with an NTP Server Chapter 1 Setting Up the ACE Table 1-7 Field Descriptions for show ntp statistics peer Command Field Packets Sent Packets Received Bogus Origin Duplicate Bad Dispersion Bad Reference Time Candidate Order Description...Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Number of packets received from the NTP peer. Number of this server when it chooses the master. .Clearing NTP Statistics To clear NTP information, use the clear ntp statistics command in which the ACE may consider this command...
Administration Guide
Page 116
... class map defines a traffic classification: network traffic that you . Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-2 OL-11157-01 Creating a policy map by using the class-map command and the associated match commands, which refers to the class maps and identifies a series of actions to ..., or passing through, the ACE based on a series of flow match criteria specified by using the ...
... class map defines a traffic classification: network traffic that you . Cisco 4700 Series Application Control Engine Appliance Administration Guide 4-2 OL-11157-01 Creating a policy map by using the class-map command and the associated match commands, which refers to the class maps and identifies a series of actions to ..., or passing through, the ACE based on a series of flow match criteria specified by using the ...
Administration Guide
Page 142
... predefined access control list (ACL), use the match any command with a maximum of this command is a permit entry, the ACE allows the matching result. Refer to 255 as the line number. You can have multiple match access-list commands. You may combine multiple match access-list, match source-... Any Criteria To instruct the ACE to identify individual match commands. You can include only one match any command within a class map and you cannot combine the match any command in a class map because the ACE ignores the match criteria. 4-28 Cisco 4700 Series Application Control Engine...
... predefined access control list (ACL), use the match any command with a maximum of this command is a permit entry, the ACE allows the matching result. Refer to 255 as the line number. You can have multiple match access-list commands. You may combine multiple match access-list, match source-... Any Criteria To instruct the ACE to identify individual match commands. You can include only one match any command within a class map and you cannot combine the match any command in a class map because the ACE ignores the match criteria. 4-28 Cisco 4700 Series Application Control Engine...
Administration Guide
Page 164
Refer to specify SSL termination parameters. Configuring a Layer 7 Policy Map Chapter 4 Configuring Class Maps and Policy Maps • parameter-map type udp-Combines all UDP connection related configuration parameters. Use the parameter-map type ssl command to the Cisco 4700 Series Application Control...8226; Deep packet inspection of the HTTP protocol • FTP command inspection 4-50 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 To specify the SSL session parameters that the ACE uses in a parameter map, enter: host1/Admin(config)# ...
Refer to specify SSL termination parameters. Configuring a Layer 7 Policy Map Chapter 4 Configuring Class Maps and Policy Maps • parameter-map type udp-Combines all UDP connection related configuration parameters. Use the parameter-map type ssl command to the Cisco 4700 Series Application Control...8226; Deep packet inspection of the HTTP protocol • FTP command inspection 4-50 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 To specify the SSL session parameters that the ACE uses in a parameter map, enter: host1/Admin(config)# ...
Administration Guide
Page 234
... GRUB Device Manager version 1.0 (0) 20071009:0434 installed license: ACE-AP-VIRT-020 ACE-AP-OPT-LIC-K9 ACE-AP-SSL-10K-K9 Hardware cpu info: number of system software that is available at http://www.gnu.org/licenses/gpl.html. See the Cisco 4700 Series Application Control Engine Appliance Command Reference for background information about those show version...
... GRUB Device Manager version 1.0 (0) 20071009:0434 installed license: ACE-AP-VIRT-020 ACE-AP-OPT-LIC-K9 ACE-AP-SSL-10K-K9 Hardware cpu info: number of system software that is available at http://www.gnu.org/licenses/gpl.html. See the Cisco 4700 Series Application Control Engine Appliance Command Reference for background information about those show version...
Administration Guide
Page 260
.... • Redundancy is not supported between an ACE appliance and an ACE module operating as peers. Each step includes the CLI command or a reference to the procedure required to a VLAN interface should be of the same ACE device type and software release. • In ...each feature and all interfaces that you configure redundancy, the ACE keeps all the options associated with the CLI commands, see the Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide. Cisco 4700 Series Application Control Engine Appliance Administration Guide 7-8 OL...
.... • Redundancy is not supported between an ACE appliance and an ACE module operating as peers. Each step includes the CLI command or a reference to the procedure required to a VLAN interface should be of the same ACE device type and software release. • In ...each feature and all interfaces that you configure redundancy, the ACE keeps all the options associated with the CLI commands, see the Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide. Cisco 4700 Series Application Control Engine Appliance Administration Guide 7-8 OL...
Administration Guide
Page 340
... group of this command is as follows: snmp-server community community_name [group group_name | ro] The keywords, arguments, and options are as specifying the role group that the user belongs to the Cisco Application Control Engine ...section). For example, to which the user belongs. Note Only network monitoring operations are supported through the ACE implementation of the Network-Monitor group, with read -only access for the community, enter: host1/Admin(config...name for this community. For details on creating users, refer to , authentication parameters for SNMPv1 and SNMPv2c.
... group of this command is as follows: snmp-server community community_name [group group_name | ro] The keywords, arguments, and options are as specifying the role group that the user belongs to the Cisco Application Control Engine ...section). For example, to which the user belongs. Note Only network monitoring operations are supported through the ACE implementation of the Network-Monitor group, with read -only access for the community, enter: host1/Admin(config...name for this community. For details on creating users, refer to , authentication parameters for SNMPv1 and SNMPv2c.
Administration Guide
Page 371
...Definition A DTD is to the attributes of the elements. The ACE DTD file, ace_appliance.dtd, is included as an external reference. You can be declared inline in regular CLI display format. For details on the given command */ /* vsh unable to directly access the ace_appliance.dtd file ... software image and is accessible from the Cisco ACE Appliance Management page. Note By default, XML responses will automatically appear in XML format if the corresponding CLI show Command Output in XML format, consult the ace_appliance.dtd file. CISCO CONFIDENTIAL The returned error codes correspond to...
...Definition A DTD is to the attributes of the elements. The ACE DTD file, ace_appliance.dtd, is included as an external reference. You can be declared inline in regular CLI display format. For details on the given command */ /* vsh unable to directly access the ace_appliance.dtd file ... software image and is accessible from the Cisco ACE Appliance Management page. Note By default, XML responses will automatically appear in XML format if the corresponding CLI show Command Output in XML format, consult the ace_appliance.dtd file. CISCO CONFIDENTIAL The returned error codes correspond to...
Administration Guide
Page 396
...command or a reference to the procedure required to the ACE. For a complete description of each feature and all the options associated with the name c4710ace-t1k9-mz.A1_7.bin using FTP, enter: host1/Admin# copy ftp://server1/images/c4710ace-t1k9-mz.A1_7.bin image: Cisco ... A-1 Software Upgrade Quick Start Task and Command Example 1. For clarity, the original active ACE is referred to as ACE-1 and the original standby ACE is referred to as ACE-2 in the Admin context of each ACE. Software Upgrade Quick Start Chapter A Upgrading Your ACE Software Software Upgrade Quick Start Table A-1 ...
...command or a reference to the procedure required to the ACE. For a complete description of each feature and all the options associated with the name c4710ace-t1k9-mz.A1_7.bin using FTP, enter: host1/Admin# copy ftp://server1/images/c4710ace-t1k9-mz.A1_7.bin image: Cisco ... A-1 Software Upgrade Quick Start Task and Command Example 1. For clarity, the original active ACE is referred to as ACE-1 and the original standby ACE is referred to as ACE-2 in the Admin context of each ACE. Software Upgrade Quick Start Chapter A Upgrading Your ACE Software Software Upgrade Quick Start Table A-1 ...
Administration Guide
Page 401
... memory (nonvolatile memory) to Chapter 1, Setting Up the ACE. For details about the different settings of the config-register command, refer to the running-configuration file stored in RAM (volatile memory). Chapter A Upgrading Your ACE Software Configuring the ACE to Autoboot the Software Image Configuring the Configuration Register to ...the BOOT environment variable and to boot the system image, enter: host1/Admin(config)# config-register 0x1 OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide A-9 The BOOT environment variable is specified).
... memory (nonvolatile memory) to Chapter 1, Setting Up the ACE. For details about the different settings of the config-register command, refer to the running-configuration file stored in RAM (volatile memory). Chapter A Upgrading Your ACE Software Configuring the ACE to Autoboot the Software Image Configuring the Configuration Register to ...the BOOT environment variable and to boot the system image, enter: host1/Admin(config)# config-register 0x1 OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide A-9 The BOOT environment variable is specified).