Administration Guide
Page 2
... use of their respective owners. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL ... the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Event Center, Fast Step,...
... use of their respective owners. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL ... the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Event Center, Fast Step,...
Administration Guide
Page 3
... Conventions xxi Obtaining Documentation, Obtaining Support, and Security Guidelines xxiii Open Source License Acknowledgements xxiii OpenSSL/Open SSL Project xxiii License Issues xxiii Setting Up the ACE 1-1 Establishing a Console Connection on the ACE 1-2 Using the Setup Script to Enable Connectivity to the Device Manager 1-3 ... the ACE 1-12 Configuring an ACE Inactivity Timeout 1-12 Configuring a Message-of-the-Day Banner 1-13 Configuring the Time, Date, and Time Zone 1-15 Setting the System Time and Date 1-15 Setting the Time Zone 1-16 Adjusting for Daylight Saving Time 1-19 Cisco 4700 ...
... Conventions xxi Obtaining Documentation, Obtaining Support, and Security Guidelines xxiii Open Source License Acknowledgements xxiii OpenSSL/Open SSL Project xxiii License Issues xxiii Setting Up the ACE 1-1 Establishing a Console Connection on the ACE 1-2 Using the Setup Script to Enable Connectivity to the Device Manager 1-3 ... the ACE 1-12 Configuring an ACE Inactivity Timeout 1-12 Configuring a Message-of-the-Day Banner 1-13 Configuring the Time, Date, and Time Zone 1-15 Setting the System Time and Date 1-15 Setting the Time Zone 1-16 Adjusting for Daylight Saving Time 1-19 Cisco 4700 ...
Administration Guide
Page 5
...Terminating an Active User Session 2-19 Enabling ICMP Messages to the ACE 2-19 Directly Accessing a User Context Through SSH 2-21 Example...ACE Software Licenses 3-1 Available ACE Licenses 3-2 Ordering an Upgrade License and Generating a Key 3-5 Copying a License File to the ACE 3-6 Installing a New or Upgrade License File 3-7 Replacing a Demo License with a Permanent License 3-8 Removing a License 3-9 Removing an Appliance Performance Throughput License 3-10 Removing an SSL TPS License 3-10 Removing a Virtualization Context License 3-10 Removing an HTTP Compression Performance License 3-13 Cisco...
...Terminating an Active User Session 2-19 Enabling ICMP Messages to the ACE 2-19 Directly Accessing a User Context Through SSH 2-21 Example...ACE Software Licenses 3-1 Available ACE Licenses 3-2 Ordering an Upgrade License and Generating a Key 3-5 Copying a License File to the ACE 3-6 Installing a New or Upgrade License File 3-7 Replacing a Demo License with a Permanent License 3-8 Removing a License 3-9 Removing an Appliance Performance Throughput License 3-10 Removing an SSL TPS License 3-10 Removing a Virtualization Context License 3-10 Removing an HTTP Compression Performance License 3-13 Cisco...
Administration Guide
Page 6
...License Configurations and Statistics 3-16 4 C H A P T E R Configuring Class Maps and Policy Maps 4-1 Class Map and Policy Map Overview 4-2 Class Maps 4-5 Policy Maps 4-6 Service Policies 4-9 Class Map and Policy Map Configuration Quick Start 4-10 Configuring Layer 3 and Layer 4 Class Maps 4-24 Defining Layer 3 and Layer 4 Classifications for Network Traffic Passing Through the ACE... 7 Classifications for HTTP Deep Packet Inspection 4-41 Defining Layer 7 Classifications for FTP Command Inspection 4-42 Cisco 4700 Series Application Control Engine Appliance Administration Guide vi OL-11157-01
...License Configurations and Statistics 3-16 4 C H A P T E R Configuring Class Maps and Policy Maps 4-1 Class Map and Policy Map Overview 4-2 Class Maps 4-5 Policy Maps 4-6 Service Policies 4-9 Class Map and Policy Map Configuration Quick Start 4-10 Configuring Layer 3 and Layer 4 Class Maps 4-24 Defining Layer 3 and Layer 4 Classifications for Network Traffic Passing Through the ACE... 7 Classifications for HTTP Deep Packet Inspection 4-41 Defining Layer 7 Classifications for FTP Command Inspection 4-42 Cisco 4700 Series Application Control Engine Appliance Administration Guide vi OL-11157-01
Administration Guide
Page 8
...-Configuration File 5-10 Loading Configuration Files from a Remote Server 5-11 Using the File System on the ACE 5-12 Listing the Files in a Directory 5-13 Copying Files 5-15 Copying Files to Another Directory on the ACE 5-15 Copying Licenses 5-16 Copying a Packet Capture Buffer 5-16 Copying Files to a Remote Server 5-17 Copying Files from... 5-23 Deleting Files 5-24 Displaying File Contents 5-25 Saving show Command Output to a File 5-26 Viewing and Copying Core Dumps 5-27 Copying Core Dumps 5-28 Cisco 4700 Series Application Control Engine Appliance Administration Guide viii OL-11157-01
...-Configuration File 5-10 Loading Configuration Files from a Remote Server 5-11 Using the File System on the ACE 5-12 Listing the Files in a Directory 5-13 Copying Files 5-15 Copying Files to Another Directory on the ACE 5-15 Copying Licenses 5-16 Copying a Packet Capture Buffer 5-16 Copying Files to a Remote Server 5-17 Copying Files from... 5-23 Deleting Files 5-24 Displaying File Contents 5-25 Saving show Command Output to a File 5-26 Viewing and Copying Core Dumps 5-27 Copying Core Dumps 5-28 Cisco 4700 Series Application Control Engine Appliance Administration Guide viii OL-11157-01
Administration Guide
Page 15
...; Related Documentation • Symbols and Conventions • Obtaining Documentation, Obtaining Support, and Security Guidelines • Open Source License Acknowledgements OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide xv You can configure the ACE by using the following major sections: • Audience • How to perform administration tasks on the...
...; Related Documentation • Symbols and Conventions • Obtaining Documentation, Obtaining Support, and Security Guidelines • Open Source License Acknowledgements OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide xv You can configure the ACE by using the following major sections: • Audience • How to perform administration tasks on the...
Administration Guide
Page 16
... Guide xvi OL-11157-01 Chapter 2, Enabling Remote Access to the ACE Describes how to configure remote access to the Cisco 4700 Series Application Control Engine (ACE) appliance by or passing through the ACE. Chapter 3, Managing ACE Software Licenses Describes how to manage the software licenses for Maps filtering traffic received by establishing a remote connection using the...
... Guide xvi OL-11157-01 Chapter 2, Enabling Remote Access to the ACE Describes how to configure remote access to the Cisco 4700 Series Application Control Engine (ACE) appliance by or passing through the ACE. Chapter 3, Managing ACE Software Licenses Describes how to manage the software licenses for Maps filtering traffic received by establishing a remote connection using the...
Administration Guide
Page 23
... lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Open Source License Acknowledgements The following acknowledgements pertain to this software license. All rights reserved. both licenses are BSD-style Open Source licenses. In case of the OpenSSL License and the original SSLeay license apply to OpenSSL please...
... lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Open Source License Acknowledgements The following acknowledgements pertain to this software license. All rights reserved. both licenses are BSD-style Open Source licenses. In case of the OpenSSL License and the original SSLeay license apply to OpenSSL please...
Administration Guide
Page 25
... as such any Copyright notices in a product, Eric Young should be it the RC4, RSA, lhash, DES, etc., code; Original SSLeay License: © 1995-1998 Eric Young ([email protected]). Copyright remains Eric Young's, and as the author of the parts of the library used... and/or other materials provided with the package. The following disclaimer. 2. The word 'cryptographic' can be removed. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide xxv Redistributions in binary form must retain the copyright notice, this software must display the ...
... as such any Copyright notices in a product, Eric Young should be it the RC4, RSA, lhash, DES, etc., code; Original SSLeay License: © 1995-1998 Eric Young ([email protected]). Copyright remains Eric Young's, and as the author of the parts of the library used... and/or other materials provided with the package. The following disclaimer. 2. The word 'cryptographic' can be removed. OL-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide xxv Redistributions in binary form must retain the copyright notice, this software must display the ...
Administration Guide
Page 26
... POSSIBILITY OF SUCH DAMAGE. this code cannot be copied and put under another distribution license [including the GNU Public License]. Preface 4. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY... DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; i.e. If you must include an acknowledgement: "This product includes software written by Tim Hudson ([email protected])". xxvi Cisco...
... POSSIBILITY OF SUCH DAMAGE. this code cannot be copied and put under another distribution license [including the GNU Public License]. Preface 4. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY... DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; i.e. If you must include an acknowledgement: "This product includes software written by Tim Hudson ([email protected])". xxvi Cisco...
Administration Guide
Page 66
... (c) 1985-2007 by other third parties and are covered under license. Note When you like to certain works contained herein are owned by Cisco Systems, Inc. Use ctrl-c at anytime to define basic configuration settings for details. You may now configure the ACE to skip a dialog. Setup configures only enough connectivity to skip...
... (c) 1985-2007 by other third parties and are covered under license. Note When you like to certain works contained herein are owned by Cisco Systems, Inc. Use ctrl-c at anytime to define basic configuration settings for details. You may now configure the ACE to skip a dialog. Setup configures only enough connectivity to skip...
Administration Guide
Page 97
... a Key • Copying a License File to the ACE • Installing a New or Upgrade License File • Replacing a Demo License with a Permanent License • Removing a License • Backing Up a License File • Displaying License Configurations and Statistics Note You can access the license and show license commands only in the Admin context to manage the software licenses for your Cisco 4700 Series Application...
... a Key • Copying a License File to the ACE • Installing a New or Upgrade License File • Replacing a Demo License with a Permanent License • Removing a License • Backing Up a License File • Displaying License Configurations and Statistics Note You can access the license and show license commands only in the Admin context to manage the software licenses for your Cisco 4700 Series Application...
Administration Guide
Page 98
Table 3-1 summarizes the contents of the default and upgrade ACE appliance licensing options. Available ACE Licenses Chapter 3 Managing ACE Software Licenses Available ACE Licenses By default, the ACE supports the following features and capabilities: • Performance: 1 gigabit per second (Gbps...capabilities of your ACE product: • Ordering a license bundle. Table 3-2 provides a list of the available license bundles. There are two methods to order your ACE product by purchasing one of software licenses. • Ordering separate license options. Cisco 4700 Series ...
Table 3-1 summarizes the contents of the default and upgrade ACE appliance licensing options. Available ACE Licenses Chapter 3 Managing ACE Software Licenses Available ACE Licenses By default, the ACE supports the following features and capabilities: • Performance: 1 gigabit per second (Gbps...capabilities of your ACE product: • Ordering a license bundle. Table 3-2 provides a list of the available license bundles. There are two methods to order your ACE product by purchasing one of software licenses. • Ordering separate license options. Cisco 4700 Series ...
Administration Guide
Page 99
... ACE Software Licenses Available ACE Licenses OL-11157-01 Table 3-1 ACE Licensing Bundles License Model ACE-4710-2F-K9 ACE-4710-1F-K9 Description This license bundle includes the following items: • ACE 4710 appliance • 2 Gbps throughput license • 7500 SSL transactions per second (TPS) license • 1 Gbps compression license • 5 virtual contexts license (default) • Application acceleration license This license bundle includes the following items: • ACE 4710 appliance • 1 Gbps throughput license...
... ACE Software Licenses Available ACE Licenses OL-11157-01 Table 3-1 ACE Licensing Bundles License Model ACE-4710-2F-K9 ACE-4710-1F-K9 Description This license bundle includes the following items: • ACE 4710 appliance • 2 Gbps throughput license • 7500 SSL transactions per second (TPS) license • 1 Gbps compression license • 5 virtual contexts license (default) • Application acceleration license This license bundle includes the following items: • ACE 4710 appliance • 1 Gbps throughput license...
Administration Guide
Page 100
...-K9 Application acceleration and optimization. By default, the ACE performs up to use the show license usage command in Exec mode. To view the expiration of a demo license, use the ACE software. At the end of the following features: • Delta optimization • Adaptive dynamic caching • Flashforward • Etag ACE demo licenses are available through your Cisco...
...-K9 Application acceleration and optimization. By default, the ACE performs up to use the show license usage command in Exec mode. To view the expiration of a demo license, use the ACE software. At the end of the following features: • Delta optimization • Adaptive dynamic caching • Flashforward • Etag ACE demo licenses are available through your Cisco...
Administration Guide
Page 101
... upgrade license and to generate a license key for example, to transfer the license to another ACE). To order an upgrade license, perform the following Cisco.com website: http://www.cisco.com/go/license Enter the Product Authorization Key (PAK) number found on cisco.com. Provide all the requested information to generate a license key. Chapter 3 Managing ACE Software Licenses Ordering an Upgrade License and...
... upgrade license and to generate a license key for example, to transfer the license to another ACE). To order an upgrade license, perform the following Cisco.com website: http://www.cisco.com/go/license Enter the Product Authorization Key (PAK) number found on cisco.com. Provide all the requested information to generate a license key. Chapter 3 Managing ACE Software Licenses Ordering an Upgrade License and...
Administration Guide
Page 102
...8226; disk0:[path/]filename-Specifies that the file destination is optional because the ACE prompts you for a new or upgrade installation, see the "Replacing a Demo License with a Permanent License" section. Cisco 4700 Series Application Control Engine Appliance Administration Guide 3-6 OL-11157-01 Then... context to copy the file from Cisco Systems, you must copy the attached license file to a network server. Copying a License File to the ACE Chapter 3 Managing ACE Software Licenses Copying a License File to the ACE When you receive the software license key e-mail from the network server...
...8226; disk0:[path/]filename-Specifies that the file destination is optional because the ACE prompts you for a new or upgrade installation, see the "Replacing a Demo License with a Permanent License" section. Cisco 4700 Series Application Control Engine Appliance Administration Guide 3-6 OL-11157-01 Then... context to copy the file from Cisco Systems, you must copy the attached license file to a network server. Copying a License File to the ACE Chapter 3 Managing ACE Software Licenses Copying a License File to the ACE When you receive the software license key e-mail from the network server...
Administration Guide
Page 103
... license, enter: host1/Admin# license install disk0:ACE-AP-SSL-05K-K9.lic To install a license file for the license file. To install or upgrade a license on your ACE, use the license install disk0: command in the root directory. • target_filename-(Optional) Target filename for a 20 context license, enter: host1/Admin# license install disk0:ACE-AP-VIRT-020.lic OL-11157-01 Cisco...
... license, enter: host1/Admin# license install disk0:ACE-AP-SSL-05K-K9.lic To install a license file for the license file. To install or upgrade a license on your ACE, use the license install disk0: command in the root directory. • target_filename-(Optional) Target filename for a 20 context license, enter: host1/Admin# license install disk0:ACE-AP-VIRT-020.lic OL-11157-01 Cisco...
Administration Guide
Page 104
... a day. After you copy the permanent license file to the ACE, you can install it. Replacing a Demo License with a Permanent License Chapter 3 Managing ACE Software Licenses Replacing a Demo License with a Permanent License The ACE demo license is replacing. For example, enter: host1/Admin# license update disk0:ACE-AP-VIRT-020.lic ACE-AP-VIRT-020-DEMO.lic Cisco 4700 Series Application Control Engine Appliance...
... a day. After you copy the permanent license file to the ACE, you can install it. Replacing a Demo License with a Permanent License Chapter 3 Managing ACE Software Licenses Replacing a Demo License with a Permanent License The ACE demo license is replacing. For example, enter: host1/Admin# license update disk0:ACE-AP-VIRT-020.lic ACE-AP-VIRT-020-DEMO.lic Cisco 4700 Series Application Control Engine Appliance...
Administration Guide
Page 105
...-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 3-9 Enter the license filename as an unquoted text string with no spaces. You must use the license uninstall command in Exec mode from the ACE. Chapter 3 Managing ACE Software Licenses Removing a License Removing a License To remove an installed license, use the license uninstall command to remove license files from the...
...-11157-01 Cisco 4700 Series Application Control Engine Appliance Administration Guide 3-9 Enter the license filename as an unquoted text string with no spaces. You must use the license uninstall command in Exec mode from the ACE. Chapter 3 Managing ACE Software Licenses Removing a License Removing a License To remove an installed license, use the license uninstall command to remove license files from the...