Administration Guide
Page 21
...Guide xxi Italic text also indicates the first occurrence of characters. Preface Document Title Cisco 4700 Series Application Control Engine Appliance Device Manager Configuration Guide Cisco CSS-to-ACE Conversion Tool User Guide Description Describes how to use the Device Manager GUI, ...the system displays are in screen font. Do not use the CSS-to-ACE conversion tool to migrate Cisco Content Services Switches (CSS) running-configuration or startup-configuration files to the ACE. Encloses required arguments and keywords. Optional alternative keywords are in brackets and separated...
...Guide xxi Italic text also indicates the first occurrence of characters. Preface Document Title Cisco 4700 Series Application Control Engine Appliance Device Manager Configuration Guide Cisco CSS-to-ACE Conversion Tool User Guide Description Describes how to use the Device Manager GUI, ...the system displays are in screen font. Do not use the CSS-to-ACE conversion tool to migrate Cisco Content Services Switches (CSS) running-configuration or startup-configuration files to the ACE. Encloses required arguments and keywords. Optional alternative keywords are in brackets and separated...
Administration Guide
Page 28
... a direct serial connection between your terminal or a PC and the ACE by using a direct serial connection, perform the following procedure uses HyperTerminal for your ACE appliance, see the Cisco Application Control Engine Appliance Hardware Installation Guide. Use a straight-through cable to connect the switch to the console port on the rear panel of asynchronous...
... a direct serial connection between your terminal or a PC and the ACE by using a direct serial connection, perform the following procedure uses HyperTerminal for your ACE appliance, see the Cisco Application Control Engine Appliance Hardware Installation Guide. Use a straight-through cable to connect the switch to the console port on the rear panel of asynchronous...
Administration Guide
Page 29
...allows IP traffic originating from the File menu to the same port on the ACE and a policy map assigned to the Device Manager GUI (as was configured in the Cisco 4700 Series Application Control Engine Appliance Device Manager GUI Quick Configuration Guide). HTTPS is...the setup script is listed as an option under Start > Programs > Accessories > HyperTerminal > Name_of_session. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-3 switch login: Once a session is dedicated for management protocols HTTP, HTTPS, ICMP, SSH, Telnet, and XML-HTTPS. ...
...allows IP traffic originating from the File menu to the same port on the ACE and a policy map assigned to the Device Manager GUI (as was configured in the Cisco 4700 Series Application Control Engine Appliance Device Manager GUI Quick Configuration Guide). HTTPS is...the setup script is listed as an option under Start > Programs > Accessories > HyperTerminal > Name_of_session. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-3 switch login: Once a session is dedicated for management protocols HTTP, HTTPS, ICMP, SSH, Telnet, and XML-HTTPS. ...
Administration Guide
Page 30
... on the front of the system. *Note: setup is mainly used for details. Press the power button on the ACE" section). For example, enter: switch login: admin Password: admin ---- So setup always assumes system defaults and not the current system configuration values. Using the...process described in the setup script. By default, the username and password are admin. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-4 OL-11157-01 See the Cisco Application Control Engine Appliance Hardware Installation Guide for configuring the system initially, when no ): ...
... on the front of the system. *Note: setup is mainly used for details. Press the power button on the ACE" section). For example, enter: switch login: admin Password: admin ---- So setup always assumes system defaults and not the current system configuration values. Using the...process described in the setup script. By default, the username and password are admin. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-4 OL-11157-01 See the Cisco Application Control Engine Appliance Hardware Installation Guide for configuring the system initially, when no ): ...
Administration Guide
Page 34
.... Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-8 OL-11157-01 Log into the ACE Chapter 1 Setting Up the ACE To connect to the ACE and access configuration mode to perform initial configuration, perform the following steps: Step 1 Step 2 Access the ACE directly by entering the login username and password at the following prompt: switch...
.... Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-8 OL-11157-01 Log into the ACE Chapter 1 Setting Up the ACE To connect to the ACE and access configuration mode to perform initial configuration, perform the following steps: Step 1 Step 2 Access the ACE directly by entering the login username and password at the following prompt: switch...
Administration Guide
Page 35
...the administrative password, security on contexts, user roles, and domains, see the Cisco 4700 Series Application Control Engine Appliance Virtualization Configuration Guide. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-9 The administrative username and password...-Monitor. Chapter 1 Setting Up the ACE Changing the Administrative Password Step 3 To access configuration mode, enter the following : switch/Admin(config)# Changing the Administrative Password During the initial login process to the ACE, you enter the default user name ...
...the administrative password, security on contexts, user roles, and domains, see the Cisco 4700 Series Application Control Engine Appliance Virtualization Configuration Guide. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-9 The administrative username and password...-Monitor. Chapter 1 Setting Up the ACE Changing the Administrative Password Step 3 To access configuration mode, enter the following : switch/Admin(config)# Changing the Administrative Password During the initial login process to the ACE, you enter the default user name ...
Administration Guide
Page 36
...in clear text by default. Note Only the Admin context is as an unquoted text string with a maximum of the ACE. The ACE supports the following command: switch/Admin(config)# no username user1 Resetting the Administrator CLI Account Password If you forget the password for the Admin user back... you can recover the admin password during the initial bootup sequence of 64 characters. You must have access to the ACE through the console port. 1-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 For example, to the factory-default value of this ...
...in clear text by default. Note Only the Admin context is as an unquoted text string with a maximum of the ACE. The ACE supports the following command: switch/Admin(config)# no username user1 Resetting the Administrator CLI Account Password If you forget the password for the Admin user back... you can recover the admin password during the initial bootup sequence of 64 characters. You must have access to the ACE through the console port. 1-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 For example, to the factory-default value of this ...
Administration Guide
Page 37
... the example below). PCI test loop , count 0 PCI path is ready Starting services... See the "Restarting the ACE" section. Daughter Card Found. See the "Connecting and Logging into the ACE" section. Press ESC when the "Starting services..." The setup mode appears. Chapter 1 Setting Up the... ACE Changing the Administrative Password To reset the password that allows the Admin user access to the ACE, perform the following steps: Step 1 Step 2 Step 3 Step 4 Connect to access the ...
... the example below). PCI test loop , count 0 PCI path is ready Starting services... See the "Restarting the ACE" section. Daughter Card Found. See the "Connecting and Logging into the ACE" section. Press ESC when the "Starting services..." The setup mode appears. Chapter 1 Setting Up the... ACE Changing the Administrative Password To reset the password that allows the Admin user access to the ACE, perform the following steps: Step 1 Step 2 Step 3 Step 4 Connect to access the ...
Administration Guide
Page 38
...: login timeout minutes The minutes argument specifies the length of the ACE from switch to ACE_1, enter the following command: switch/Admin(config)# hostname ACE_1 ACE_1/Admin(config)# Configuring an ACE Inactivity Timeout By default, the inactivity timeout value is 5 minutes. 1-12 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 The...
...: login timeout minutes The minutes argument specifies the length of the ACE from switch to ACE_1, enter the following command: switch/Admin(config)# hostname ACE_1 ACE_1/Admin(config)# Configuring an ACE Inactivity Timeout By default, the inactivity timeout value is 5 minutes. 1-12 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 The...
Administration Guide
Page 40
To use the show banner motd 1-14 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-...motd input, you operate in multi-line mode, the ACE interprets the double quote character (") literally. Configuring a Message-of a variable in the single line. For example: switch/Admin(config)# banner motd #Welcome to "$(hostname)"...# Do... a single line message string. Tokens will be replaced with the character Welcome to configure the banner message: switch/Admin(config)# banner motd # Enter TEXT message. When you must include double quotes (") around the $(hostname...
To use the show banner motd 1-14 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-...motd input, you operate in multi-line mode, the ACE interprets the double quote character (") literally. Configuring a Message-of a variable in the single line. For example: switch/Admin(config)# banner motd #Welcome to "$(hostname)"...# Do... a single line message string. Tokens will be replaced with the character Welcome to configure the banner message: switch/Admin(config)# banner motd # Enter TEXT message. When you must include double quotes (") around the $(hostname...
Administration Guide
Page 48
Using the prefer keyword reduces switching back and forth between peers. • server-Configures the ACE system clock to be synchronized by a peer. Synchronizing the ACE with an NTP Server Chapter 1 Setting Up the ACE This section contains the following topics: • Configuring NTP Server and Peer ...can specify multiple associations. • ip_address1-IP address of the time server that provides the clock synchronization. 1-22 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 The syntax of this peer the preferred peer that the...
Using the prefer keyword reduces switching back and forth between peers. • server-Configures the ACE system clock to be synchronized by a peer. Synchronizing the ACE with an NTP Server Chapter 1 Setting Up the ACE This section contains the following topics: • Configuring NTP Server and Peer ...can specify multiple associations. • ip_address1-IP address of the time server that provides the clock synchronization. 1-22 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 The syntax of this peer the preferred peer that the...
Administration Guide
Page 50
... an NTP Server Chapter 1 Setting Up the ACE Note Only users who are : • peer-status-Displays the status for all configured NTP servers and peers. • peers-Displays a listing of all NTP servers and peers, enter: switch/Admin# show ntp peer-status Table 1-2 describes the fields in the show ntp peer...-Displays the statistic counters related to the local server and peer entries listed in the configuration file The stratum The poll interval (in microseconds) 1-24 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01
... an NTP Server Chapter 1 Setting Up the ACE Note Only users who are : • peer-status-Displays the status for all configured NTP servers and peers. • peers-Displays a listing of all NTP servers and peers, enter: switch/Admin# show ntp peer-status Table 1-2 describes the fields in the show ntp peer...-Displays the statistic counters related to the local server and peer entries listed in the configuration file The stratum The poll interval (in microseconds) 1-24 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01
Administration Guide
Page 51
... NTP server or NTP peer For example, to display a summary of all peers, enter: switch/Admin# show ntp peers Table 1-3 describes the fields in the show ntp statistics io command output. Chapter 1 Setting Up the ACE Synchronizing the ACE with an NTP Server Table 1-2 Field Descriptions for the show ntp peer-status Command... number of times buffers were added, which also indicates the number of times there have been low memory resources during buffer creation OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-25
... NTP server or NTP peer For example, to display a summary of all peers, enter: switch/Admin# show ntp peers Table 1-3 describes the fields in the show ntp statistics io command output. Chapter 1 Setting Up the ACE Synchronizing the ACE with an NTP Server Table 1-2 Field Descriptions for the show ntp peer-status Command... number of times buffers were added, which also indicates the number of times there have been low memory resources during buffer creation OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-25
Administration Guide
Page 52
...Command Field Description System uptime Length of NTP packets received and processed by the ACE due to an invalid packet format. New version packets Number of packets not verified as authentic. 1-26 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Bad authentication ...NTP packets ignored by the ACE Total number of NTP packets received by the ACE Total number of NTP packets transmitted by the ACE Total number of NTP packets not sent by the ACE due to display the counters maintained by the local NTP, enter: switch/Admin# show ntp statistics ...
...Command Field Description System uptime Length of NTP packets received and processed by the ACE due to an invalid packet format. New version packets Number of packets not verified as authentic. 1-26 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Bad authentication ...NTP packets ignored by the ACE Total number of NTP packets received by the ACE Total number of NTP packets transmitted by the ACE Total number of NTP packets not sent by the ACE due to display the counters maintained by the local NTP, enter: switch/Admin# show ntp statistics ...
Administration Guide
Page 53
...table. The count of calls to findpeer. Chapter 1 Setting Up the ACE Synchronizing the ACE with an NTP Server OL-11157-01 For example, to display the statistic counters related to the memory code, enter: switch/Admin# show ntp statistics memory Table 1-6 describes the fields in the ... peer memory available for matching peer structures in the show ntp statistics memory command output. Number of memory to the free list. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-27 Length of memory to the allocation of time until the next send attempt. Table...
...table. The count of calls to findpeer. Chapter 1 Setting Up the ACE Synchronizing the ACE with an NTP Server OL-11157-01 For example, to display the statistic counters related to the memory code, enter: switch/Admin# show ntp statistics memory Table 1-6 describes the fields in the ... peer memory available for matching peer structures in the show ntp statistics memory command output. Number of memory to the free list. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-27 Length of memory to the allocation of time until the next send attempt. Table...
Administration Guide
Page 65
...Done!!! From the GRUB menu, choose ignorestartupcfg=1. 6. Press enter to edit the kernel command line. The ACE image entry is ready Starting services... . The ACE boot screen appears as follows: kernel=(hd0,0)/ACE_APPLIANCE_RECOVERY_IMAGE.bin ro root=LABEL=/ auto console=tt yS0,9600n8 quiet ... highlighted in Flash memory. The following GRUB menu appears. Type e to boot the selected software version. switch login: admin Password: admin OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-39 Press Esc when the countdown initiates on the GNU ...
...Done!!! From the GRUB menu, choose ignorestartupcfg=1. 6. Press enter to edit the kernel command line. The ACE image entry is ready Starting services... . The ACE boot screen appears as follows: kernel=(hd0,0)/ACE_APPLIANCE_RECOVERY_IMAGE.bin ro root=LABEL=/ auto console=tt yS0,9600n8 quiet ... highlighted in Flash memory. The following GRUB menu appears. Type e to boot the selected software version. switch login: admin Password: admin OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-39 Press Esc when the countdown initiates on the GNU ...
Administration Guide
Page 229
...arguments are: • all-Displays a list of the specified checkpoint OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 5-39 For example, enter: host1/Admin#...the running configuration to proceed? (y/n) [n] y Rollback in progress, please wait... Rollback succeeded switch/Admin# Displaying Checkpoint Information To display checkpoint information, use the checkpoint rollback command in Exec...Generating configuration.... Chapter 5 Managing the ACE Software Using the Configuration Checkpoint and Rollback Service The name argument specifies the unique ...
...arguments are: • all-Displays a list of the specified checkpoint OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 5-39 For example, enter: host1/Admin#...the running configuration to proceed? (y/n) [n] y Rollback in progress, please wait... Rollback succeeded switch/Admin# Displaying Checkpoint Information To display checkpoint information, use the checkpoint rollback command in Exec...Generating configuration.... Chapter 5 Managing the ACE Software Using the Configuration Checkpoint and Rollback Service The name argument specifies the unique ...
Administration Guide
Page 230
...memory. • If the system image is corrupted. - The CLI prompt changes to "switch(RECOVERY-IMAGE)/Admin#" as a means for you to backup an available image file, the ACE searches for the ACE-APPLIANCE-RECOVERY-IMAGE.bin image in Flash memory is not present in the Grub boot loader... system, use the format flash command to allocate and organize storage space for various types of Cisco Technical Assistance Center (TAC). ACE-APPLIANCE-RECOVERY-IMAGE.bin is used to reformat the ACE Flash memory only under the guidance and supervision of storage, such as startup-configuration files, SSL...
...memory. • If the system image is corrupted. - The CLI prompt changes to "switch(RECOVERY-IMAGE)/Admin#" as a means for you to backup an available image file, the ACE searches for the ACE-APPLIANCE-RECOVERY-IMAGE.bin image in Flash memory is not present in the Grub boot loader... system, use the format flash command to allocate and organize storage space for various types of Cisco Technical Assistance Center (TAC). ACE-APPLIANCE-RECOVERY-IMAGE.bin is used to reformat the ACE Flash memory only under the guidance and supervision of storage, such as startup-configuration files, SSL...
Administration Guide
Page 232
....bin] Formatting the cf..... Unmounting FAT filesystems... format completed successfully Restoring Image backupimage/scimi-3.bin kjournald starting graceful shutdown switch/Admin# Unmounting ext3 filesystems... Unmounting done... After you to provide the location of an available system image to backup:...Chapter 3, Managing ACE Software Licenses). • Import the startup and running-configuration files into the associated context using by using the copy command (see the Cisco 4700 Series Application Control Engine Appliance SSL Configuration Guide). 5-42 Cisco 4700 Series Application ...
....bin] Formatting the cf..... Unmounting FAT filesystems... format completed successfully Restoring Image backupimage/scimi-3.bin kjournald starting graceful shutdown switch/Admin# Unmounting ext3 filesystems... Unmounting done... After you to provide the location of an available system image to backup:...Chapter 3, Managing ACE Software Licenses). • Import the startup and running-configuration files into the associated context using by using the copy command (see the Cisco 4700 Series Application Control Engine Appliance SSL Configuration Guide). 5-42 Cisco 4700 Series Application ...
Administration Guide
Page 235
...distributed under the GNU Public License. Displaying Hardware Information To display ACE hardware inventory details, use the show copyright Cisco Application Control Software (ACSW) TAC support: http://www.cisco.com/tac Copyright (c) 1985-2007 by Cisco Systems, Inc. Some parts of this software are used :... 348552 kB, available: 469344 kB last boot reason: reload command by root configuration register: 0x1 switch kernel uptime is : show hardware For example, to display the ACE hardware...
...distributed under the GNU Public License. Displaying Hardware Information To display ACE hardware inventory details, use the show copyright Cisco Application Control Software (ACSW) TAC support: http://www.cisco.com/tac Copyright (c) 1985-2007 by Cisco Systems, Inc. Some parts of this software are used :... 348552 kB, available: 469344 kB last boot reason: reload command by root configuration register: 0x1 switch kernel uptime is : show hardware For example, to display the ACE hardware...