Administration Guide
Page 3
...xxiii OpenSSL/Open SSL Project xxiii License Issues xxiii Setting Up the ACE 1-1 Establishing a Console Connection on the ACE 1-2 Using the Setup Script to Enable Connectivity to the Device Manager 1-3 Connecting and Logging into the ACE 1-7 Changing the Administrative Password 1-9 Resetting the Administrator CLI Account Password ... the ACE 1-12 Configuring an ACE Inactivity Timeout 1-12 Configuring a Message-of-the-Day Banner 1-13 Configuring the Time, Date, and Time Zone 1-15 Setting the System Time and Date 1-15 Setting the Time Zone 1-16 Adjusting for Daylight Saving Time 1-19 Cisco 4700 ...
...xxiii OpenSSL/Open SSL Project xxiii License Issues xxiii Setting Up the ACE 1-1 Establishing a Console Connection on the ACE 1-2 Using the Setup Script to Enable Connectivity to the Device Manager 1-3 Connecting and Logging into the ACE 1-7 Changing the Administrative Password 1-9 Resetting the Administrator CLI Account Password ... the ACE 1-12 Configuring an ACE Inactivity Timeout 1-12 Configuring a Message-of-the-Day Banner 1-13 Configuring the Time, Date, and Time Zone 1-15 Setting the System Time and Date 1-15 Setting the Time Zone 1-16 Adjusting for Daylight Saving Time 1-19 Cisco 4700 ...
Administration Guide
Page 4
...Terminal Line Settings 1-32 Configuring Console Line Settings 1-32 Configuring Virtual Terminal Line Settings 1-34 Modifying the Boot Configuration 1-35 Setting the Boot Method from the Configuration Register 1-35 Setting the BOOT Environment Variable 1-37 Configuring the ACE to Bypass the Startup Configuration... Layer 4 Remote Access Policy Map 2-9 Creating a Layer 3 and Layer 4 Policy Map for Network Management Traffic Received by the ACE 2-9 Defining a Layer 3 and Layer 4 Policy Map Description 2-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide iv OL-11157-01
...Terminal Line Settings 1-32 Configuring Console Line Settings 1-32 Configuring Virtual Terminal Line Settings 1-34 Modifying the Boot Configuration 1-35 Setting the Boot Method from the Configuration Register 1-35 Setting the BOOT Environment Variable 1-37 Configuring the ACE to Bypass the Startup Configuration... Layer 4 Remote Access Policy Map 2-9 Creating a Layer 3 and Layer 4 Policy Map for Network Management Traffic Received by the ACE 2-9 Defining a Layer 3 and Layer 4 Policy Map Description 2-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide iv OL-11157-01
Administration Guide
Page 27
...-11157-01 This chapter describes how to the ACE, configuring VLAN interfaces on the ACE, and configuring a default or static route on the Cisco 4700 Series Application Control Engine (ACE) appliance. It includes the following major sections: • Establishing a Console Connection on the ACE • Using the Setup Script to Enable Connectivity to the Device Manager...
...-11157-01 This chapter describes how to the ACE, configuring VLAN interfaces on the ACE, and configuring a default or static route on the Cisco 4700 Series Application Control Engine (ACE) appliance. It includes the following major sections: • Establishing a Console Connection on the ACE • Using the Setup Script to Enable Connectivity to the Device Manager...
Administration Guide
Page 28
Connection requires a terminal configured as the console port. Note Only the Admin context is connected. To access the ACE by making a serial connection to connect. The Connect To window appears. Click OK. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-2 OL-11157-01 Use a straight-through cable to connect the switch to a DTE...
Connection requires a terminal configured as the console port. Note Only the Admin context is connected. To access the ACE by making a serial connection to connect. The Connect To window appears. Click OK. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-2 OL-11157-01 Use a straight-through cable to connect the switch to a DTE...
Administration Guide
Page 30
... the setup script, perform the following steps: Step 1 Step 2 Step 3 Ensure that you through the console port. Setup configures only enough connectivity to the ACE appliance Device Manager GUI of the system. *Note: setup is mainly used for configuring the system initially, when... a direct serial connection between your terminal or a PC and the ACE (see the "Establishing a Console Connection on the front of the system. For example, enter: switch login: admin Password: admin ---- See the Cisco Application Control Engine Appliance Hardware Installation Guide for each question in the ...
... the setup script, perform the following steps: Step 1 Step 2 Step 3 Ensure that you through the console port. Setup configures only enough connectivity to the ACE appliance Device Manager GUI of the system. *Note: setup is mainly used for configuring the system initially, when... a direct serial connection between your terminal or a PC and the ACE (see the "Establishing a Console Connection on the front of the system. For example, enter: switch login: admin Password: admin ---- See the Cisco Application Control Engine Appliance Hardware Installation Guide for each question in the ...
Administration Guide
Page 33
...global administrator to access the dm reload command). OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-7 For details on configuring interfaces on the ACE, see the Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide. To configure...higher. • The ACE uses the www user account for login access, see the Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide. Note Do not modify the dm user password from the ACE console port. The ACE creates the following default ...
...global administrator to access the dm reload command). OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-7 For details on configuring interfaces on the ACE, see the Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide. To configure...higher. • The ACE uses the www user account for login access, see the Cisco 4700 Series Application Control Engine Appliance Routing and Bridging Configuration Guide. Note Do not modify the dm user password from the ACE console port. The ACE creates the following default ...
Administration Guide
Page 34
...of asynchronous transmission. Caution For software versions A1(8.0a) and higher, you must be able to log in to the ACE only through the console port. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-8 OL-11157-01 Note When you have not already done so. Connecting... and Logging into the ACE by its console port, attach a terminal to the asynchronous RS-232 serial port on , 1 stop bit, no ...
...of asynchronous transmission. Caution For software versions A1(8.0a) and higher, you must be able to log in to the ACE only through the console port. Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-8 OL-11157-01 Note When you have not already done so. Connecting... and Logging into the ACE by its console port, attach a terminal to the asynchronous RS-232 serial port on , 1 stop bit, no ...
Administration Guide
Page 35
...the default scope of access is configured to be able to log in to the ACE only through the console port. Global administrative status is Network-Monitor. For details on your ACE can be compromised because the administrative password is the entire context. To verify the account... the administrative username by default. If you do not change the administrative password. Each time that you reboot the ACE, it reads the username and password from Cisco Systems. Caution For software versions A1(8.0a) and higher, you must change the administrative password, security on contexts...
...the default scope of access is configured to be able to log in to the ACE only through the console port. Global administrative status is Network-Monitor. For details on your ACE can be compromised because the administrative password is the entire context. To verify the account... the administrative username by default. If you do not change the administrative password. Each time that you reboot the ACE, it reads the username and password from Cisco Systems. Caution For software versions A1(8.0a) and higher, you must change the administrative password, security on contexts...
Administration Guide
Page 36
...MD5 strong encryption, depending on the numbered option (0 or 5) that the ACE encrypts clear text passwords in clear text by default. You must have access to the ACE through the console port. 1-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 If you ...can recover the admin password during the initial bootup sequence of the ACE. Note Only the Admin context is ...
...MD5 strong encryption, depending on the numbered option (0 or 5) that the ACE encrypts clear text passwords in clear text by default. You must have access to the ACE through the console port. 1-10 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 If you ...can recover the admin password during the initial bootup sequence of the ACE. Note Only the Admin context is ...
Administration Guide
Page 37
... by pressing ESC. See the "Connecting and Logging into the ACE" section. Daughter Card Found. PCI test loop , count 0 PCI path is ready Starting services... The setup mode appears. message appears on the console terminal. This may take some time, Please wait .... Chapter ...1 Setting Up the ACE Changing the Administrative Password To reset the password that allows the Admin user access to the ACE, perform the following steps: Step 1 Step 2 ...
... by pressing ESC. See the "Connecting and Logging into the ACE" section. Daughter Card Found. PCI test loop , count 0 PCI path is ready Starting services... The setup mode appears. message appears on the console terminal. This may take some time, Please wait .... Chapter ...1 Setting Up the ACE Changing the Administrative Password To reset the password that allows the Admin user access to the ACE, perform the following steps: Step 1 Step 2 ...
Administration Guide
Page 38
... a Name to the ACE Chapter 1 Setting Up the ACE Assigning a Name to the ACE The hostname is 5 minutes. 1-12 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Enter a case-sensitive text string that can occur before the ACE automatically logs off an inactive... devices, the hostname helps you track where you enter commands. The syntax of time that a user can be idle before the ACE terminates the console, Telnet, or SSH session. This command specifies the length of this command is 5 minutes. Valid entries are from 1 to ...
... a Name to the ACE Chapter 1 Setting Up the ACE Assigning a Name to the ACE The hostname is 5 minutes. 1-12 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 Enter a case-sensitive text string that can occur before the ACE automatically logs off an inactive... devices, the hostname helps you track where you enter commands. The syntax of time that a user can be idle before the ACE terminates the console, Telnet, or SSH session. This command specifies the length of this command is 5 minutes. Valid entries are from 1 to ...
Administration Guide
Page 40
... For multi-line input, double quotes (") are not required for example, "/dev/console", "/dev/pts/0", or "1"). Configuring a Message-of a variable in Exec mode as a delimiting character in multi-line mode, the ACE interprets the double quote character (") literally. The following example shows how to span ... character at the beginning of -the-Day Banner Chapter 1 Setting Up the ACE You can include tokens in the form $(token) in a multi-line banner, use the show banner motd 1-14 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 To display the...
... For multi-line input, double quotes (") are not required for example, "/dev/console", "/dev/pts/0", or "1"). Configuring a Message-of a variable in Exec mode as a delimiting character in multi-line mode, the ACE interprets the double quote character (") literally. The following example shows how to span ... character at the beginning of -the-Day Banner Chapter 1 Setting Up the ACE You can include tokens in the form $(token) in a multi-line banner, use the show banner motd 1-14 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 To display the...
Administration Guide
Page 47
... the same as a radio clock or an atomic clock attached to synchronize the clocks of the ACE, use an optional Cisco AVS 3180A Management Console with multiple ACE nodes, we strongly recommend that you plan to a time server. AppScope performance monitoring relies on ...very accurate time measurement, in the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide...
... the same as a radio clock or an atomic clock attached to synchronize the clocks of the ACE, use an optional Cisco AVS 3180A Management Console with multiple ACE nodes, we strongly recommend that you plan to a time server. AppScope performance monitoring relies on ...very accurate time measurement, in the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide...
Administration Guide
Page 56
.... Configuring Terminal Settings Chapter 1 Setting Up the ACE Configuring Terminal Settings You can access the ACE CLI as follows: • Make a direct connection using a dedicated terminal attached to the console port on the front of the ACE. • Establish a remote connection to scroll continuously (no pausing). 1-30 Cisco 4700 Series Application Control Engine Appliance Administration...
.... Configuring Terminal Settings Chapter 1 Setting Up the ACE Configuring Terminal Settings You can access the ACE CLI as follows: • Make a direct connection using a dedicated terminal attached to the console port on the front of the ACE. • Establish a remote connection to scroll continuously (no pausing). 1-30 Cisco 4700 Series Application Control Engine Appliance Administration...
Administration Guide
Page 57
... Settings OL-11157-01 • monitor-Displays syslog output on the ACE. The range is specific to access the ACE. Note The login timeout command setting overrides the terminal session-timeout setting (see the Cisco 4700 Series Application Control Engine Appliance System Message Guide for the current ...terminal-type text-Specifies the name and type of the command: host1/Admin# terminal no form of the terminal used to only the console port. The default is 5 minutes. To enable the various levels of characters displayed on the current terminal screen. Telnet and SSH sessions...
... Settings OL-11157-01 • monitor-Displays syslog output on the ACE. The range is specific to access the ACE. Note The login timeout command setting overrides the terminal session-timeout setting (see the Cisco 4700 Series Application Control Engine Appliance System Message Guide for the current ...terminal-type text-Specifies the name and type of the command: host1/Admin# terminal no form of the terminal used to only the console port. The default is 5 minutes. To enable the various levels of characters displayed on the current terminal screen. Telnet and SSH sessions...
Administration Guide
Page 58
...the following procedures: • Configuring Console Line Settings • Configuring Virtual Terminal Line Settings Configuring Console Line Settings The console port is 8 data bits. 1-32 Cisco 4700 Series Application Control Engine Appliance... Administration Guide OL-11157-01 It includes the following commands: • databits number-Specifies the number of data bits per character. Use the line console configuration mode command to start the current terminal monitoring session, enter: host1/Admin# terminal monitor host/Admin# %ACE...
...the following procedures: • Configuring Console Line Settings • Configuring Virtual Terminal Line Settings Configuring Console Line Settings The console port is 8 data bits. 1-32 Cisco 4700 Series Application Control Engine Appliance... Administration Guide OL-11157-01 It includes the following commands: • databits number-Specifies the number of data bits per character. Use the line console configuration mode command to start the current terminal monitoring session, enter: host1/Admin# terminal monitor host/Admin# %ACE...
Administration Guide
Page 59
.../Admin(config-console)# databits 6 host1/Admin(config-console)# parity even host1/Admin(config-console)# speed 19200 host1/Admin(config-console)# stopbits 1 To disable a setting for the ACE, enter: host1/Admin# config Enter configuration commands, one per byte Stopbits: 1 bit(s) Parity: none OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-33 Valid values...
.../Admin(config-console)# databits 6 host1/Admin(config-console)# parity even host1/Admin(config-console)# speed 19200 host1/Admin(config-console)# stopbits 1 To disable a setting for the ACE, enter: host1/Admin# config Enter configuration commands, one per byte Stopbits: 1 bit(s) Parity: none OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-33 Valid values...
Administration Guide
Page 60
Use the session-limit command to close a specified vty session, enter: host1/Admin# clear line vty vty1 1-34 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 For example, to close a specified vty session. Enter a ...251. instead, it is from 1 to access the ACE. The CLI displays the line configuration mode. End with the console port; Use the line vty configuration mode command to the ACE. Configuring Terminal Settings Chapter 1 Setting Up the ACE Configuring Virtual Terminal Line Settings Virtual terminal lines allow remote...
Use the session-limit command to close a specified vty session, enter: host1/Admin# clear line vty vty1 1-34 Cisco 4700 Series Application Control Engine Appliance Administration Guide OL-11157-01 For example, to close a specified vty session. Enter a ...251. instead, it is from 1 to access the ACE. The CLI displays the line configuration mode. End with the console port; Use the line vty configuration mode command to the ACE. Configuring Terminal Settings Chapter 1 Setting Up the ACE Configuring Virtual Terminal Line Settings Virtual terminal lines allow remote...
Administration Guide
Page 65
Type e to the GRUB menu. 7. From the GRUB menu, choose ignorestartupcfg=1. 6. The ACE boot screen appears as follows: kernel=(hd0,0)/ACE_APPLIANCE_RECOVERY_IMAGE.bin ro root=LABEL=/ auto console=tt yS0,9600n8 quiet bigphysarea=32768 ignorestartupcfg=1 [Linux-bzImage, setup=0x1400, size=0x43ff5d2] IP-Config: Incomplete .... PCI test loop , count 0 PCI path is highlighted in Flash memory. switch login: admin Password: admin OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-39 This may take some time, Please wait .... Press Esc to return to...
Type e to the GRUB menu. 7. From the GRUB menu, choose ignorestartupcfg=1. 6. The ACE boot screen appears as follows: kernel=(hd0,0)/ACE_APPLIANCE_RECOVERY_IMAGE.bin ro root=LABEL=/ auto console=tt yS0,9600n8 quiet bigphysarea=32768 ignorestartupcfg=1 [Linux-bzImage, setup=0x1400, size=0x43ff5d2] IP-Config: Incomplete .... PCI test loop , count 0 PCI path is highlighted in Flash memory. switch login: admin Password: admin OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 1-39 This may take some time, Please wait .... Press Esc to return to...
Administration Guide
Page 69
... how to configure remote access to the Cisco 4700 Series Application Control Engine (ACE) appliance by establishing a remote connection by using a dedicated terminal attached to the Console port on the front of the ACE, configure terminal display attributes, and configure terminal line settings for accessing the ACE by console or virtual terminal connection, see Chapter 1, Setting...
... how to configure remote access to the Cisco 4700 Series Application Control Engine (ACE) appliance by establishing a remote connection by using a dedicated terminal attached to the Console port on the front of the ACE, configure terminal display attributes, and configure terminal line settings for accessing the ACE by console or virtual terminal connection, see Chapter 1, Setting...