User Guide
Page 1
... a Key • Upgrading Your ACE Software in a Redundant Configuration • Downgrading Your ACE Software in a Redundant Configuration • ACE Documentation Set • Obtaining Documentation and Submitting a Service Request Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2011 Cisco Systems, Inc. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance Software Verion A4(2.0) and Later September, 2011 Note The most current Cisco documentation for the Cisco ACE...
... a Key • Upgrading Your ACE Software in a Redundant Configuration • Downgrading Your ACE Software in a Redundant Configuration • ACE Documentation Set • Obtaining Documentation and Submitting a Service Request Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA © 2011 Cisco Systems, Inc. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance Software Verion A4(2.0) and Later September, 2011 Note The most current Cisco documentation for the Cisco ACE...
User Guide
Page 2
... SSL, compression, and/or VCs ACE-4710-1F-K9 • 1 Gbps throughput • 500 Mbps compression • 5000 SSL TPS • 5 VCs ACE-4710-BAS-2PAK Two units each 4710 Each 4710 has: • 1 Gbps throughput • Up to you when using the licenses in software version A4(1.1), A3(2.7), and earlier. Upgrade Scenarios Based on Licenses in Software Release A4(1.1), A3(2.7), and Earlier...
... SSL, compression, and/or VCs ACE-4710-1F-K9 • 1 Gbps throughput • 500 Mbps compression • 5000 SSL TPS • 5 VCs ACE-4710-BAS-2PAK Two units each 4710 Each 4710 has: • 1 Gbps throughput • Up to you when using the licenses in software version A4(1.1), A3(2.7), and earlier. Upgrade Scenarios Based on Licenses in Software Release A4(1.1), A3(2.7), and Earlier...
User Guide
Page 3
... compression Throughput upgrade only Start upgrade with ACE-4710-BUN-UP2= (Two licenses required for two 4710s in the 2PAK bundle) • 1000 SSL TPS • 5 VCs ACE-4710-2F-K9 • 2 Gbps throughput • 1 Gbps compression Increased SSL, compression and/or VCs Software upgrade to version A4(2.0) • 7500 SSL TPS • 5 VCs ACE-4710-2F-K9 • 2 Gbps throughput Throughput upgrade only Upgrade with ACE-4710-BUN-UP3...
... compression Throughput upgrade only Start upgrade with ACE-4710-BUN-UP2= (Two licenses required for two 4710s in the 2PAK bundle) • 1000 SSL TPS • 5 VCs ACE-4710-2F-K9 • 2 Gbps throughput • 1 Gbps compression Increased SSL, compression and/or VCs Software upgrade to version A4(2.0) • 7500 SSL TPS • 5 VCs ACE-4710-2F-K9 • 2 Gbps throughput Throughput upgrade only Upgrade with ACE-4710-BUN-UP3...
User Guide
Page 5
... 2 Gbps of compression (limited by device throughput) • 7500 SSL TPS • 20 VCs Throughput upgrade only Start upgrade with ACE-4710-BUN-UPG2= (Two licenses required for two 4710s in the 2PAK bundle) Each 4710 with: • 2 Gbps throughput • Up to 2 Gbps of compression • 7500 SSL TPS • 20 VCs Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 5
... 2 Gbps of compression (limited by device throughput) • 7500 SSL TPS • 20 VCs Throughput upgrade only Start upgrade with ACE-4710-BUN-UPG2= (Two licenses required for two 4710s in the 2PAK bundle) Each 4710 with: • 2 Gbps throughput • Up to 2 Gbps of compression • 7500 SSL TPS • 20 VCs Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 5
User Guide
Page 6
... TPS • 20 VCs ACE4710 with 1 Gbps throughput • ACE-AP-01-LIC • Any combination of feature licenses Throughput upgrade to 4 Gbps Start upgrade with ACE-4710-BUN-UPG2= and then ACE-4710-BUN-UPG3= • 4 Gbps throughput • 2 Gbps compression • 7500 SSL TPS • 20 VCs Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 6 OL-25719-01
... TPS • 20 VCs ACE4710 with 1 Gbps throughput • ACE-AP-01-LIC • Any combination of feature licenses Throughput upgrade to 4 Gbps Start upgrade with ACE-4710-BUN-UPG2= and then ACE-4710-BUN-UPG3= • 4 Gbps throughput • 2 Gbps compression • 7500 SSL TPS • 20 VCs Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 6 OL-25719-01
User Guide
Page 7
... Start upgrade with Software Release A4(1.1), A3(2.7), and Earlier Licenses When you upgrade to software version A4(2.0) or later from an earlier version, you need to downgrade to an earlier software version, the earlier software version reverts to the earlier feature limits that are new in A4(2.0). For details about the A4(1.1) features, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine for software version A4...
... Start upgrade with Software Release A4(1.1), A3(2.7), and Earlier Licenses When you upgrade to software version A4(2.0) or later from an earlier version, you need to downgrade to an earlier software version, the earlier software version reverts to the earlier feature limits that are new in A4(2.0). For details about the A4(1.1) features, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine for software version A4...
User Guide
Page 8
... key e-mail with an attached license file and installation instructions. To order an upgrade license, follow the instructions that reflect the new maximum capabilities for your proof of purchase. For information on installing and managing ACE licenses: • Using the ACE ACE CLI, see Chapter 3, Managing ACE Software Licenses, in the Administration Guide, Cisco ACE Application Control Engine. • Using the ACE Device Manager, see Chapter 2, Configuring Virtual Contexts, in the Device Manager Guide, Cisco ACE 4700 Series Application Control...
... key e-mail with an attached license file and installation instructions. To order an upgrade license, follow the instructions that reflect the new maximum capabilities for your proof of purchase. For information on installing and managing ACE licenses: • Using the ACE ACE CLI, see Chapter 3, Managing ACE Software Licenses, in the Administration Guide, Cisco ACE Application Control Engine. • Using the ACE Device Manager, see Chapter 2, Configuring Virtual Contexts, in the Device Manager Guide, Cisco ACE 4700 Series Application Control...
User Guide
Page 9
..., the command is removed from A3(2.0) to upgrade the ACE appliance software, end clients will be enabled again. If the ACE startup configuration contains the concurrent-connections command in the Administration Guide, Cisco ACE Application Control Engine. OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 9 If you plan to A4(1.0)) or later, dynamic incremental sync is automatically disabled only while the active ACE is running software version A3...
..., the command is removed from A3(2.0) to upgrade the ACE appliance software, end clients will be enabled again. If the ACE startup configuration contains the concurrent-connections command in the Administration Guide, Cisco ACE Application Control Engine. OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 9 If you plan to A4(1.0)) or later, dynamic incremental sync is automatically disabled only while the active ACE is running software version A3...
User Guide
Page 10
... flows) Operation Upgrade Upgrade Upgrade Downgrade Downgrade Downgrade Comments - - - Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 10 OL-25719-01 Upgrading Your ACE Software in version A1(8.0), the ACE introduced the STANDBY_WARM and WARM_COMPATIBLE redundancy states to handle any CLI incompatibility issue between peers during the upgrading and downgrading of the ACE software. When you upgrade or downgrade the ACE software in a redundant configuration with a different software version, the...
... flows) Operation Upgrade Upgrade Upgrade Downgrade Downgrade Downgrade Comments - - - Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 10 OL-25719-01 Upgrading Your ACE Software in version A1(8.0), the ACE introduced the STANDBY_WARM and WARM_COMPATIBLE redundancy states to handle any CLI incompatibility issue between peers during the upgrading and downgrading of the ACE software. When you upgrade or downgrade the ACE software in a redundant configuration with a different software version, the...
User Guide
Page 11
... Compatibility Matrix Active ACE Standby ACE Software Version Software Version A3(2.1) A3(2.2) A3(2.3) A3(2.4) A3(2.5) A3(2.6) A3(2.7) A4(1.0) A4(1.1) A4(2.0) A4(2.1) A4(2.2) A5(1.0) A3(2.1) C...WC WC WC C OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 11 Upgrading Your ACE Software in a Redundant Configuration The following software version combinations in Table 4 indicate whether the SRG compatibility field displays WARM_COMPATIBLE (WC) or COMPATIBLE (C): Note By default, software versions are considered compatible unless they are ...
... Compatibility Matrix Active ACE Standby ACE Software Version Software Version A3(2.1) A3(2.2) A3(2.3) A3(2.4) A3(2.5) A3(2.6) A3(2.7) A4(1.0) A4(1.1) A4(2.0) A4(2.1) A4(2.2) A5(1.0) A3(2.1) C...WC WC WC C OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 11 Upgrading Your ACE Software in a Redundant Configuration The following software version combinations in Table 4 indicate whether the SRG compatibility field displays WARM_COMPATIBLE (WC) or COMPATIBLE (C): Note By default, software versions are considered compatible unless they are ...
User Guide
Page 12
... software version running on the active ACE and software version A4(2.0) running on changing the default Admin password, do not make any configuration changes while the two ACEs are in split mode. We recommend that your ACE configurations meet the upgrade prerequisites in the following : • From the CLI, see Chapter 1, Setting Up the ACE, in the Administration Guide, Cisco ACE Application Control Engine. • From the Device Manager GUI, see Chapter 1, Overview, in the Device Manager Guide, Cisco ACE...
... software version running on the active ACE and software version A4(2.0) running on changing the default Admin password, do not make any configuration changes while the two ACEs are in split mode. We recommend that your ACE configurations meet the upgrade prerequisites in the following : • From the CLI, see Chapter 1, Setting Up the ACE, in the Administration Guide, Cisco ACE Application Control Engine. • From the Device Manager GUI, see Chapter 1, Overview, in the Device Manager Guide, Cisco ACE...
User Guide
Page 13
...-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 13 Creating a Checkpoint We strongly recommend that you can update the duplex settings for which you do not modify a hostname by removing the underscore character (_), after you upgrade the ACE software, the www user password will be disabled and you will not be in the STANDBY_HOT state. Use the checkpoint create command in Exec mode...
...-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 13 Creating a Checkpoint We strongly recommend that you can update the duplex settings for which you do not modify a hostname by removing the underscore character (_), after you upgrade the ACE software, the www user password will be disabled and you will not be in the STANDBY_HOT state. Use the checkpoint create command in Exec mode...
User Guide
Page 14
... your ACE. To check the redundant configuration of each ACE. In that the preempt command is configured. The preempt command is not configurable. For more information about the copy command, see the Administration Guide, Cisco ACE Application Control Engine. ACE-1/Admin# Save the running -config ft command. The Exec mode prompt appears. If you upgrade the ACE to software version A4(2.0) or later, the ACE software ignores the configured command and sets the number of concurrent connections for FT...
... your ACE. To check the redundant configuration of each ACE. In that the preempt command is configured. The preempt command is not configurable. For more information about the copy command, see the Administration Guide, Cisco ACE Application Control Engine. ACE-1/Admin# Save the running -config ft command. The Exec mode prompt appears. If you upgrade the ACE to software version A4(2.0) or later, the ACE software ignores the configured command and sets the number of concurrent connections for FT...
User Guide
Page 15
....A3_2_1.bin Step 8 Configure ACE-1 to autoboot from the boot variable on ACE-1 by entering the no Password: Step 5 Ensure that the boot variable was synchronized with ACE-1. ACE-1/Admin(config)# no ]: [yes] OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 15 To set the boot variable and configuration register to remove the A3(2.1) image, enter: ACE-1/Admin# configure Enter configuration commands, one per line. Enter...
....A3_2_1.bin Step 8 Configure ACE-1 to autoboot from the boot variable on ACE-1 by entering the no Password: Step 5 Ensure that the boot variable was synchronized with ACE-1. ACE-1/Admin(config)# no ]: [yes] OL-25719-01 Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 15 To set the boot variable and configuration register to remove the A3(2.1) image, enter: ACE-1/Admin# configure Enter configuration commands, one per line. Enter...
User Guide
Page 16
... the standby ACE reboots, log in and perform the following actions to verify the state of all configuration and state information from ACE-1 to ACE-2. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 16 OL-25719-01 If ACE-1 is still enabled and the connections through ACE-1 are still being replicated to ACE-2 by entering the ft switchover all command in Exec mode on the...
... the standby ACE reboots, log in and perform the following actions to verify the state of all configuration and state information from ACE-1 to ACE-2. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 16 OL-25719-01 If ACE-1 is still enabled and the connections through ACE-1 are still being replicated to ACE-2 by entering the ft switchover all command in Exec mode on the...
User Guide
Page 17
... number of concurrent connections for optimization is available with software version A3(2.0) or later, ensure that you enable cookies, JavaScript/scripting, Adobe Flash Player 9, and popup windows. In this command is enabled on the FT group if you want the active ACE to remain active after the downgrade process is completed. • If your ACE includes the 0.5-Gbps bundled license (ACE-4710-0.5F-K9...
... number of concurrent connections for optimization is available with software version A3(2.0) or later, ensure that you enable cookies, JavaScript/scripting, Adobe Flash Player 9, and popup windows. In this command is enabled on the FT group if you want the active ACE to remain active after the downgrade process is completed. • If your ACE includes the 0.5-Gbps bundled license (ACE-4710-0.5F-K9...
User Guide
Page 18
... Configuration Step 2 Configure ACE-1 to 1, use the boot system image: and config-register commands in the startup-configuration file. ACE-1/Admin# reload After ACE-1 boots up to ACE-1. Note Dynamic incremental sync is automatically disabled while the active ACE is running an earlier software version. To set up , it has received all the contexts. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 18 OL-25719-01 Downgrading Your ACE Software in Exec mode. ACE...
... Configuration Step 2 Configure ACE-1 to 1, use the boot system image: and config-register commands in the startup-configuration file. ACE-1/Admin# reload After ACE-1 boots up to ACE-1. Note Dynamic incremental sync is automatically disabled while the active ACE is running an earlier software version. To set up , it has received all the contexts. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance 18 OL-25719-01 Downgrading Your ACE Software in Exec mode. ACE...
User Guide
Page 19
... managing the appliance. ACE 4700 Series Application Control Engine Appliance Getting Started Guide, Cisco ACE 4700 Series Application Control Engine Appliance Describes how to use the Device Manager GUI, which resides in Application Control Engine flash memory on . ACE Documentation Set Step 7 Enter the write memory all command in both ACEs to save the running -configuration or startup-configuration files to troubleshoot the most common problems that you may encounter during the operation of your ACE. Command Reference, Cisco ACE...
... managing the appliance. ACE 4700 Series Application Control Engine Appliance Getting Started Guide, Cisco ACE 4700 Series Application Control Engine Appliance Describes how to use the Device Manager GUI, which resides in Application Control Engine flash memory on . ACE Documentation Set Step 7 Enter the write memory all command in both ACEs to save the running -configuration or startup-configuration files to troubleshoot the most common problems that you may encounter during the operation of your ACE. Command Reference, Cisco ACE...
User Guide
Page 20
... ports • VLAN interfaces • IPv6, including transitioning IPv4 networks to IPv6, IPv6 header format, IPv6 addressing, and suported protocols. • Routing • Bridging • Dynamic Host Configuration Protocol (DHCP) Security Guide, Cisco ACE Application Control Engine Describes how to perform the following ACE security configuration tasks: • Security access control lists (ACLs) • User authentication and accounting using a Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service...
... ports • VLAN interfaces • IPv6, including transitioning IPv4 networks to IPv6, IPv6 header format, IPv6 addressing, and suported protocols. • Routing • Bridging • Dynamic Host Configuration Protocol (DHCP) Security Guide, Cisco ACE Application Control Engine Describes how to perform the following ACE security configuration tasks: • Security access control lists (ACLs) • User authentication and accounting using a Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service...
User Guide
Page 21
... Subscribe to be actual addresses. Obtaining Documentation and Submitting a Service Request Document Title Regulatory Compliance and Safety Information, Cisco ACE 4710 Application Control Engine Appliance Release Note, Cisco ACE 4700 Series Application Control Engine Appliance User Guide, Cisco Application Networking Manager Description Regulatory compliance and safety information for the ACE appliance. Provides information about operating considerations, caveats, and command-line interface (CLI) commands for the ACE appliance. Cisco and the Cisco Logo are trademarks...
... Subscribe to be actual addresses. Obtaining Documentation and Submitting a Service Request Document Title Regulatory Compliance and Safety Information, Cisco ACE 4710 Application Control Engine Appliance Release Note, Cisco ACE 4700 Series Application Control Engine Appliance User Guide, Cisco Application Networking Manager Description Regulatory compliance and safety information for the ACE appliance. Provides information about operating considerations, caveats, and command-line interface (CLI) commands for the ACE appliance. Cisco and the Cisco Logo are trademarks...