Administration Guide vA2(3.0), Cisco ACE Application Control Engine Module
Setting Up the ACE
Downloads: This chapterpdf (PDF - 339.0KB) The complete bookPDF (PDF - 6.82MB) | Feedback

Setting Up the ACE

Table Of Contents

Setting Up the ACE

Prerequisites for Setting Up the ACE

Default Settings

Setting Up the ACE

Establishing a Console Connection on the ACE

Sessioning and Logging In to the ACE

Changing or Resetting the Administrative Password

Changing the Administrative Password

Resetting the Administrator Account Password

Assigning a Name to the ACE

Configuring an ACE Inactivity Timeout

Configuring a Message-of-the-Day Banner

Configuring the Date and Time

Configuring the Time Zone

Adjusting for Daylight Saving Time

Configuring Terminal Settings

Configuring Terminal Display Attributes

Configuring Console Line Settings

Configuring Virtual Terminal Line Settings

Modifying the Boot Configuration

Setting the Boot Method from the Configuration Register

Setting the BOOT Environment Variable

Restarting the ACE

Restarting the ACE from the CLI

Restarting the ACE from the Catalyst CLI

Using ROMMON to Specify the System Boot Image During a Restart

Shutting Down the ACE

Displaying the ACE Setup Configuration


Setting Up the ACE


This chapter describes how to initially configure basic settings on the Cisco Application Control Engine (ACE) module in the Catalyst 6500 series switches. It contains the following major sections:

Prerequisites for Setting Up the ACE

Default Settings

Setting Up the ACE

Displaying the ACE Setup Configuration

For details on assigning VLANs to the ACE, configuring VLAN interfaces on the ACE, and configuring a default or static route on the ACE, see the Cisco Application Control Engine Module Routing and Bridging Configuration Guide.

Prerequisites for Setting Up the ACE

Setting up the ACE has the following requirements:

Terminal—The terminal that you use to communicate with the ACE must contain a terminal communications application, such as HyperTerminal for Windows, and be configured as follows:

Asynchronous transmission

9600 baud

8 data bits

1 stop bit

No parity

Cable—The cable that connects the terminal to the ACE must meet the following requirements:

Serial cable with an RJ-45 connector

Cable type—Rollover serial cable to connect the ACE to a DTE device

For instructions on connecting a console cable to your ACE, see the Cisco Application Control Engine Module Hardware Installation Guide.

Default Settings

Table 1-1 lists the default settings for the ACE setup parameters.

Default Setup Parameters

Parameter
Default

User accounts

Administrator account:

username: admin / password: admin

XML interface account:

username: www: / password: admin

Host name

switch

Inactivity timeout

5 minutes

Console port communication parameters

9600 baud

8 data bits

1 stop bit

No parity


Setting Up the ACE

This section describes the tasks associated with setting up the ACE and includes the following topics:

Establishing a Console Connection on the ACE

Sessioning and Logging In to the ACE

Changing or Resetting the Administrative Password

Assigning a Name to the ACE

Configuring an ACE Inactivity Timeout

Configuring a Message-of-the-Day Banner

Configuring the Date and Time

Configuring Terminal Settings

Modifying the Boot Configuration

Restarting the ACE

Shutting Down the ACE

Establishing a Console Connection on the ACE

This section describes how to establish a direct serial connection between your terminal and the ACE by making a serial connection to the console port on the front of the ACE. The console port is an asynchronous RS-232 serial port with an RJ-45 connector.

Prerequisites

This setup procedure requires a properly configured terminal and cable as described in the "Prerequisites for Setting Up the ACE" section.

Restrictions

Only the Admin context is accessible through the console port; all other contexts can be reached through Telnet or SSH sessions.

Detailed Steps

Follow these steps to access the ACE using a direct serial connection:


Step 1 Connect the serial cable between the ACE and the terminal and then use any terminal communications application to access the ACE CLI. This procedure uses HyperTerminal for Windows.

Step 2 Launch HyperTerminal. The Connection Description window appears.

Step 3 Enter a name for your session in the Name field.

Step 4 Click OK. The Connect To window appears.

Step 5 From the drop-down list, choose the COM port to which the device is connected.

Step 6 Click OK. The Port Properties window appears.

Step 7 Set the following port properties:

Baud Rate = 9600

Data Bits = 8

Flow Control = none

Parity = none

Stop Bits = 1

Step 8 Click OK to connect.

Step 9 Press Enter to access the CLI prompt.

switch login: 


What to Do Next

When the login prompt displays, proceed with the following tasks:

Once a session is created, choose Save As from the File menu to save the connection description. Saving the connection description has the following two advantages:

The next time that you launch HyperTerminal, the session is listed as an option under Start > Programs > Accessories > HyperTerminal > Name_of_session. This option lets you reach the CLI prompt directly without going through the configuration steps.

You can connect your cable to a different device without configuring a new HyperTerminal session. If you use this option, make sure that you connect to the same port on the new device as was configured in the saved HyperTerminal session. Otherwise, a blank screen appears without a prompt.

See the "Sessioning and Logging In to the ACE" section for details on logging in and entering the configuration mode to configure the ACE.

Sessioning and Logging In to the ACE

This section describes how to connect (session) to the ACE as the default user from either the ACE console port or from the Catalyst 6500 series CLI. Once you connect to the ACE as the default user, you can then log in and enter the configuration mode to configure the ACE.

The ACE creates two default user accounts at startup: admin and www. The admin user is the global administrator and cannot be deleted. The ACE uses the www user account for the XML interface.

Later, when you configure interfaces and IP addresses on the ACE itself, you can remotely access the ACE CLI through an ACE interface by using the Catalyst console port or by a Telnet or SSH session. To configure remote access to the ACE CLI, see Chapter 2, Enabling Remote Access to the ACE. For details on configuring interfaces on the ACE, see the Cisco Application Control Engine Module Routing and Bridging Configuration Guide.

You can configure the ACE to provide a higher level of security for users accessing the ACE. For information about configuring user authentication for login access, see the Cisco Application Control Engine Module Security Configuration Guide.

Restrictions

Only the Admin context is accessible through the console port; all other contexts can be reached through a Telnet or SSH remote access session.

Detailed Steps

Follow these steps to session into the ACE and access configuration mode to perform the initial configuration:


Step 1 Access the ACE through one of the following methods:

If you choose to access the ACE directly by its console port, attach a terminal to the asynchronous RS-232 serial port on the front of the ACE. Any device connected to this port must be capable of asynchronous transmission. The connection requires a terminal configured as 9600 baud, 8 data bits, 1 stop bit, no parity. See the "Establishing a Console Connection on the ACE" section.

If you choose to session into ACE, after the ACE successfully boots enter the session command from the Catalyst CLI to Telnet to the ACE:

Cat6k-switch# session slot mod_num processor 0

The mod_num argument identifies the slot number in the Catalyst 6500 series chassis where the ACE is installed.


Note The default escape character sequence is Ctrl-^, and then x. You can also enter exit at the remote prompt to end the session.


Step 2 Log into the ACE by entering the login username and password at the following prompt:

switch login: admin
Password: admin

By default, both the username and password are admin.

The prompt changes to the following:

host1/Admin# 

To change the default login username and password, see the "Changing or Resetting the Administrative Password" section for details.


Caution You must change the default Admin password if you have not already done so. Otherwise, you will be able to log in to the ACE only through the console port or through the supervisor engine of the Catalyst 6500 series switch or the Cisco 7600 series router. You will not be able to access the ACE using Telnet or SSH until you change the default Admin password.

Step 3 To access configuration mode, enter:

host1/Admin# configure
Enter configuration commands, one per line. End with CNTL/Z

The prompt changes to the following:

host1/Admin(config)#


Changing or Resetting the Administrative Password

This section describes how to change or reset the administrative password and includes the following topics:

Changing the Administrative Password

Resetting the Administrator Account Password

Changing the Administrative Password

This section describes how to change the administrative password. During the initial login process to the ACE, you enter the default user name admin and the default password admin in lowercase text. You cannot modify or delete the default administrative username; however, for security reasons, you must change the default administrative password. If you do not change the password, then security on your ACE can be compromised because the administrative username and password are configured to be the same for every ACE shipped from Cisco Systems.

The administrative username and password are stored in Flash memory. Each time that you reboot the ACE, it reads the username and password from Flash memory. Global administrative status is assigned to the administrative username by default.


Note For information about changing a user password, see the Cisco Application Control Engine Module Virtualization Configuration Guide.



Caution You must change the default Admin password if you have not already done so. Otherwise, you can log in to the ACE only through the console port or through the supervisor engine of the Catalyst 6500 series switch or the Cisco 7600 series router.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

username name1 [password [0 | 5] {password}]


Example:

host1/Admin(config)# username admin 
password 0 mysecret_801

Changes the default username and password. The keywords, arguments, and options are as follows:

name1—Sets the username that you want to assign or change. Enter admin.

password—(Optional) Keyword that indicates that a password follows.

0—(Optional) Specifies a clear text password.

5—(Optional) Specifies an MD5-hashed strong encryption password.

password—The password in clear text, encrypted text, or MD5 strong encryption, depending on the numbered option (0 or 5) that you enter. If you do not enter a numbered option, the password is in clear text by default. Enter a password as an unquoted text string with a maximum of 64 characters.


Note If you specify an MD5-hashed strong encryption password, the ACE considers a password to be weak if it less than eight characters in length.


The ACE supports the following special characters in a password:

, . / = + - ^ @ ! % ~ # $ * ( )

Note that the ACE encrypts clear text passwords in the running-config.

Step 3 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Resetting the Administrator Account Password

This section describes how recover the admin password during the initial bootup sequence of the ACE if you forget the password for the ACE administrator account and cannot access the ACE. You must have access to the ACE through the console port to be able to reset the password for the Admin user back to the factory-default value of admin.

Restrictions

Only the Admin context is accessible through the console port.

Detailed Steps

Follow these steps to reset the password that allows the Admin user access to the ACE:


Step 1 Connect to the console port on the Catalyst 6500 series switch.

Step 2 Session in to the ACE through the console port on the front panel.

Step 3 Reboot the ACE from the Catalyst 6500 series CLI. See the "Restarting the ACE" section for details.

Step 4 During the bootup process, output appears on the console terminal. Press ESC when the "Waiting for 3 seconds to enter setup mode..." message appears on the terminal (see the example below). The setup mode appears. If you miss the time window, wait for the ACE to properly complete booting, reboot the ACE from the Catalyst 6500 series CLI, and try again to access the setup mode by pressing ESC.

IXP polling timeout interval: 120

map_pci_xram_to_uspace[149] :: mapping 4096 bytes from 0x58800000

map_pci_xram_to_uspace[149] :: mapping 4096 bytes from 0x5a800000
................................................
IXP's are up... <Sec 48 :Status of IXP1 7, IXP2 7>

map_pci_xram_to_uspace[149] :: mapping 102400 bytes from 0x4fd68000
map_pci_xram_to_usenabling intb 57 interrupts
pace[149] :: mapping 102400 bytes from 0x57d68000
Starting lcpfw process...
inserting IPCP klm
Warning: loading /itasca/klm/klm_session.klm will taint the kernel: no license
  See http://www.tux.org/lkml/#export-tainted for information about tainted modules
Module klm_session.klm loaded, with warnings
inserting cpu_util klm
 create dev node as 'mknod /dev/cpu_util c 236 0'
getting cpu_util dev major num
making new cpu_util dev node

 Session Agent waiting for packets.
Waiting for 3 seconds to enter setup mode...
Entering setup sequence...
Reset Admin password [y/n] (default: n): y
Resetting admin password to factory default...
XR Serial driver version 1.0 (2004-11-08) with no serial options enabled
ttyXR major device number: 235
Create a dev file with 'mknod /dev/ttyXR c 235 [0-1]'
cux major device number: 234
Create a dev file with 'mknod /dev/cux c 234 [0-1]'
ttyXR0 at 0x10c00000 (irq = 59) is a 16550A
ttyXR1 at 0x10c00008 (irq = 59) is a 16550A
No licenses installed...

Loading.. Please wait...Done!!!

Step 5 The setup mode prompts if you want to reset the admin password. Enter y. The "Resetting admin password to factory default" message appears. The ACE deletes the admin user password configuration from the startup configuration and resets the password back to the factory default value of admin.

The boot process continues as normal and you are able to enter the admin password at the login prompt.


Assigning a Name to the ACE

This section describes how to specify a hostname for the ACE or for the peer ACE in a redundant configuration. The hostname is used to identify the ACE and for the command-line prompts. If you establish sessions to multiple devices, the hostname helps you track where you enter commands. By default, the hostname for the ACE is "switch."

Restrictions

Only the Admin context is accessible through the console port.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

hostname name

Example:

host1/Admin(config)# hostname ACE_1
ACE_1/Admin(config)# 

Changes the ACE name.

The name argument specifies a new hostname for the ACE. Enter a case-sensitive text string that contains from 1 to 32 alphanumeric characters.

Step 3 

peer hostname name

Example:

ACE_1/Admin(config)# peer hostname ACE_2

(Optional) Changes the peer ACE name in a redundant configuration.

The name argument specifies a new hostname for the peer ACE. Enter a case-sensitive text string that contains from 1 to 32 alphanumeric characters.

Step 4 

do copy running-config startup-config


Example:

ACE_1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Configuring an ACE Inactivity Timeout

This section describes how to modify the length of time that can occur before the ACE automatically logs off an inactive user by specifying the length of time that a user session can be idle before the ACE terminates the console, Telnet, or SSH session. By default, the inactivity timeout value is 5 minutes.

Restrictions

The login timeout command setting overrides the terminal session-timeout setting (see the "Configuring Terminal Display Attributes" section).

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

login timeout minutes

Example:

host1/Admin(config)# login timeout 10

Configures the inactivity timeout value.

The minutes argument specifies the length of time that a user can be idle before the ACE terminates the session. Valid entries are from 0 to 60 minutes. A value of 0 instructs the ACE never to timeout. The default is 5 minutes.

 
no login timeout

Example:

host1/Admin(config)# no login timeout 

(Optional) Restores the default timeout value of 5 minutes.

Step 3 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Configuring a Message-of-the-Day Banner

This section describes how to configure a message in configuration mode to display as the message-of-the-day banner when a user connects to the ACE. Once connected to the ACE, the message-of-the-day banner appears, followed by the login banner and Exec mode prompt.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

banner motd text

Example:

host1/Admin(config)# banner motd #Welcome 
to "$(hostname)"...#

Configures the message-of-the-day banner.

The text argument is a line of message text to be displayed as the message-of-the-day banner. The text string consists of all characters that follow the first space until the end of the line (carriage return or line feed).

The pound (#) character functions as the delimiting character for each line. For the banner text, spaces are allowed but tabs cannot be entered at the CLI. To instruct the ACE to display multiple lines in a message-of-the-day banner, enter a new banner motd command for each line that you want to appear.

The banner message is a maximum of 80 characters per line, up to a maximum of 3000 characters (3000 bytes) for a message-of-the-day banner. This maximum value includes all line feeds and the last delimiting character in the message.

To add multiple lines to an existing a message-of-the-day banner, precede each line by using the banner motd command. The ACE appends each line to the end of the existing banner. If the text is empty, the ACE adds a carriage return (CR) to the banner.

You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable. For example, enter:

$(hostname)—Displays the hostname for the ACE during run time.

$(line)—Displays the tty (teletypewriter) line or name (for example, "/dev/console", "/dev/pts/0", or "1").

To use the $(hostname) in a single line banner motd input, you must include double quotes (") around the $(hostname) so that the $ is interpreted as a special character at the beginning of a variable in the single line (see the Step example).

Do not use the double quote character (") or the percent sign character (%) as a delimiting character in a single line message string.

For multi-line input, double quotes (") are not required for the token because the input mode is different from signal-line mode. When you operate in multi-line mode, the ACE interprets the double quote character (") literally.

 
no banner motd

Example:

host1/Admin(config)# do show banner motd

(Optional) Replace a banner or a line in a multi-line banner.

Step 3 

do show banner motd

Example:

host1/Admin(config)# no banner motd

(Optional) Display the configured banner message.

Step 4 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Examples

The following example shows how to span multiple lines and use tokens to configure the banner message:

host1/Admin(config)# banner motd #
Enter TEXT message. End with the character '#'.
================================
Welcome to Admin Context
--------------------------------
Hostname: $(hostname)
Tty Line: $(line)
=================================
#

Configuring the Date and Time

This section describes how to configure the time zone and daylight saving time of the ACE for display purposes. The ACE time and date are synchronized with the clock from the Catalyst 6500 series supervisor engine. See the Cisco 6500 Series Switch Cisco IOS Software Configuration Guide for details on setting the system clock on the switch.

This section contains the following topics:

Configuring the Time Zone

Adjusting for Daylight Saving Time

Configuring the Time Zone

This section describes how to set the time zone of the ACE. The ACE keeps time internally in Universal Time Coordinated (UTC) offset.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

clock timezone {zone_name{+ | -} hours 
minutes} | {standard timezone}

Example:

host1/Admin(config)# clock timezone 
PST -8 0

Configures the time zone of the ACE.

The keywords, arguments, and options are as follows:

zone_name—The 8-character name of the time zone (for example, PDT) to be displayed when the time zone is in effect. Table 1-1 lists the common time zone acronyms that you can use for the zone_name argument.

hours—Hours offset from UTC. The range is from -23 to +23.

minutes—Minutes offset from UTC. The range is from 0 to 59 minutes.

standard timezone—Displays a list of well known time zones that include an applicable UTC hours offset. Available choices in the list are as follows:

AKST—Alaska Standard Time, as UTC -9 hours

AST—Atlantic Standard Time, as UTC -4 hours

BST—British Summer Time, as UTC + 1 hour

CEST—Central Europe Summer Time, as UTC + 2 hours

CET—Central Europe Time, as UTC + 1 hour

CST—Central Standard Time, as UTC -6 hours

CST—Central Standard Time, as UTC + 9.5 hours

EEST—Eastern Europe Summer Time, as UTC + 3 hours

EET—Eastern Europe Time, as UTC + 2 hours

EST—Eastern Standard Time, as UTC -5 hours

GMT—Greenwich Mean Time, as UTC

HST—Hawaiian Standard Time, as UTC -10 hours

IST—Irish Summer Time, as UTC + 1 hour

MSD—Moscow Summer Time, as UTC + 4 hours

MSK—Moscow Time, as UTC + 3 hours

MST—Mountain Standard Time, as UTC -7 hours

PST—Pacific Standard Time, as UTC -8 hours

WEST—Western Europe Summer Time, as UTC + 1 hour

WST—Western Standard Time, as UTC + 8 hours

 
no clock timezone

Example:

host1/Admin(config)# no clock timezone

(Optional) Removes the clock timezone setting.

Step 3 

do show clock

Example:

host1/Admin (config)# do show clock
Fri Aug 7 01:38:30 PST 2009

(Optional) Displays the current clock settings.

Step 4 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Table 1-1 lists common time zone acronyms that you use when specifying the zone name using the command's zone_name argument.

Table 1-1 Common Time Zone Acronyms 

Acronym
Time Zone Name and UTC Offset

Europe

BST

British Summer Time, as UTC + 1 hour

CET

Central Europe Time, as UTC + 1 hour

CEST

Central Europe Summer Time, as UTC + 2 hours

EET

Eastern Europe Time, as UTC + 2 hours

EEST

Eastern Europe Summer Time, as UTC + 3 hours

GMT

Greenwich Mean Time, as UTC

IST

Irish Summer Time, as UTC + 1 hour

MSK

Moscow Time, as UTC + 3 hours

MSD

Moscow Summer Time, as UTC + 4 hours

WET

Western Europe Time, as UTC

WEST

Western Europe Summer Time, as UTC + 1 hour

United States and Canada

AST

Atlantic Standard Time, as UTC - 4 hours

ADT

Atlantic Daylight Time, as UTC - 3 hours

CT

Central Time, either as CST or CDT, depending on the place and time of the year

CST

Central Standard Time, as UTC - 6 hours

CDT

Central Daylight Saving Time, as UTC - 5 hours

ET

Eastern Time, either as EST or EDT, depending on the place and time of the year

EST

Eastern Standard Time, as UTC - 5 hours

EDT

Eastern Daylight Saving Time, as UTC - 4 hours

MT

Mountain Time, either as MST or MDT, depending on the place and time of the year

MDT

Mountain Daylight Saving Time, as UTC - 6 hours

MST

Mountain Standard Time, as UTC - 7 hours

PT

Pacific Time, either as PST or PDT, depending on the place and time of the year

PDT

Pacific Daylight Saving Time, as UTC - 7 hours

PST

Pacific Standard Time, as UTC - 8 hours

AKST

Alaska Standard Time, as UTC - 9 hours

AKDT

Alaska Standard Daylight Saving Time, as UTC - 8 hours

HST

Hawaiian Standard Time, as UTC - 10 hours

Australia

CST

Central Standard Time, as UTC + 9.5 hours

EST

Eastern Standard/Summer Time, as UTC + 10 hours (+11 hours during summer time)

WST

Western Standard Time, as UTC + 8 hours


Adjusting for Daylight Saving Time

This section describes how to configure the ACE to change the time automatically to summer time (daylight saving time) by specifying when summer time begins and ends. All times are relative to the local time zone; the start time is relative to standard time and the end time is relative to summer time. If the starting month is after the ending month, the ACE assumes that you are located in the Southern Hemisphere.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

clock summer-time {daylight_timezone_name 
start_week start_day start_month 
start_time end_week end_day end_month 
end_time daylight_offset | standard 
timezone}

Example:

host1/Admin(config)# clock summer-time 
Pacific 1 Sun Apr 02:00 5 Sun Oct 02:00 60

Configures the ACE to change the time automatically to summer time (daylight saving time).

The keywords, arguments, and options are as follows:

daylight_timezone_nameThe eight-character name of the time zone (for example, PDT) to be displayed when summer time is in effect. See Table 1-1 for the list the common time zone acronyms used for the daylight_timezone_name argument.

start_week end_weekThe week, ranging from 1 through 5.

start_day end_dayThe day, ranging from Sunday through Saturday.

start_month end_monthThe month, ranging from January through December.

start_time end_timeTime, in military format, specified in hours and minutes.

daylight_offsetNumber of minutes to add during the summer time. Valid entries are 1 to 1440.

standard timezone—Displays a list of well known time zones that include an applicable daylight time start and end range along with a daylight offset. Available list choices are as follows:

ADT—Atlantic Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

AKDT—Alaska Standard Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

CDT—Central Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

EDT—Eastern Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

MDT—Mountain Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

PDT—Pacific Daylight Time: 2 a.m. 1st Sunday April to 2 a.m. last Sunday Oct, + 60 min

 
no clock summer-time

Example:

host1/Admin(config)# no clock summer-time

(Optional) Remove the clock summer-time setting.

Step 3 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Configuring Terminal Settings

This section describes how to access the ACE CLI by using one of the following methods:

Make a direct connection by using a dedicated terminal attached to the console port on the front of the ACE.

Establish a remote connection to the ACE through the Catalyst 6500 series switch using the Secure Shell (SSH) or Telnet protocols.

This section contains the following topics:

Configuring Terminal Display Attributes

Configuring Console Line Settings

Configuring Virtual Terminal Line Settings

For details on configuring remote access to the ACE CLI using SSH or Telnet, see Chapter 2, Enabling Remote Access to the ACE.

Restrictions

This configuration topic includes the following restrictions:

Only the Admin context is accessible through the console port; all other contexts can be reached through Telnet or SSH.

The login timeout command setting overrides the terminal session-timeout setting (see the "Configuring an ACE Inactivity Timeout" section).

Configuring Terminal Display Attributes

This section describes how to specify the number of lines and the width for displaying information on a terminal during a console session.

Restrictions

The maximum number of displayed screen lines is 511 columns.

Detailed Steps

 
Command
Purpose

Step 1 

terminal length lines 

Example:

host1/Admin# terminal lines 50

Specifies the number of lines for displaying information on a terminal during a console session.

The lines argument sets the number of lines displayed on the current terminal screen. This command is specific to only the console port. Telnet and SSH sessions set the length automatically. Valid entries are from 0 to 511. The default is 24 lines. A value of 0 instructs the ACE to scroll continuously (no pausing) and overrides the terminal width value. If you later change the terminal length to any other value, the originally configured terminal width value takes effect.

Step 2 

terminal monitor 

Example:

host1/Admin# terminal monitor
%ACE-7-111009: User 'admin' 
executed cmd: terminal monitor

 %ACE-7-111009: User 'admin' 
executed cmd: terminal 
monitor......

Starts the terminal monitor session and displays syslog output on the terminal. To enable the various levels of syslog messages to the terminal, use the logging monitor command (see the Cisco Application Control Engine Module System Message Guide for details).

 
terminal no monitor 

Example:

host1/Admin# terminal no monitor

(Optional) Stops the current terminal monitoring session.

Step 3 

terminal session-timeout minutes 

Example:

host1/Admin# terminal 
session-timeout 600

Specifies the inactivity timeout value in minutes to configure the automatic logout time for the current terminal session on the ACE. When inactivity exceeds the time limit configured by this command, the ACE closes the session and exits. The range is from 0 to 525600. The default value is inherited from the value that is configured for the login timeout command. If you do not configure a value for the login timeout command, the default for both commands is 5 minutes. You can set the terminal session-timeout value to 0 to disable this feature so that the terminal remains active until you choose to exit the ACE. The ACE does not save this change in the configuration file.

The minutes argument sets the timeout value in minutes.

Step 4 

terminal terminal-type text 

Example:

host1/Admin# terminal terminal-type 
vt200

Specifies the name and type of the terminal used to access the ACE. If a Telnet or SSH session specifies an unknown terminal type, the ACE uses the VT100 terminal by default.

The minutes argument is the terminal type. Specify a text string from 1 to 80 alphanumeric characters.

Step 5 

terminal width characters 

Example:

host1/Admin# terminal width 250

Specifies the width for displaying information on a terminal during a console session. This command is specific to the console port only.Telnet and SSH sessions set the width automatically.

The characters argument sets the number of characters displayed on the current terminal screen. Valid entries are from 24 to 512. The default is 80 columns.

 
terminal no width

Example:

host1/Admin# terminal no width

(Optional) Resets a terminal setting to its default value.

Step 6 

show terminal

Example:

host1/Admin# show terminal
TTY: /dev/pts/0 Type: "vt100"
Length: 25 lines, Width: 80 columns
Session Timeout: 60 minutes

(Optional) Displays the console terminal settings.

Configuring Console Line Settings

This section describes how to use the ACE console port to directly access the module to perform an initial configuration. The console port, which is a standard RS-232 port with an RJ-45 connector, is an asynchronous serial port; therefore, any device connected to this port must be capable of asynchronous transmission. The connection requires a terminal configured as 9600 baud, 8 data bits, 1 stop bit, no parity.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

line console

Example:

host1/Admin(config)# line console
host1/Admin(config-console)#

Enters console configuration mode.

Step 3 

databits number

Example:

host1/Admin(config-console)# databits 6

Specifies the number of data bits per character. The range is from 5 to 8. The default is 8 data bits.

 
no databits

Example:

host1/Admin(config-console)# no databits

(Optional) Resets the number of data bits per character to the default value (8).

Step 4 

parity {even | none | odd}

Example:

host1/Admin(config-console)# parity even

Sets the parity for the console connection. The supported choices are: even (even parity), none (no parity), or odd (odd parity). The default is none.

 
no parity

Example:

host1/Admin(config-console)# no parity

(Optional) Resets the parity for the console connection to its default value (none).

Step 5 

speed speed

Example:

host1/Admin(config-console)# speed 19200

Sets the transmit and receive speeds for the serial console. The range is between 110 and 115200 baud (110, 150, 300, 600, 1200, 2400, 4800, 9600,19200, 28800, 38400, 57600, or 115200). The default is 9600 baud.

 
no speed

Example:

host1/Admin(config-console)# no speed

(Optional) Resets the transmit and receive speeds for the serial console to its default value (9600).

Step 6 

stopbits {1 | 2}

Example:

host1/Admin(config-console)# stopbits 2

Sets the stop bits for the console connection. Valid values are 1 or 2 stop bits. The default is 1 stop bit.

 
no stopbits 

Example:

host1/Admin(config-console)# no stopbits

(Optional) Resets the stopbit setting to its default value (1).

Step 7 

do show line console [connected]

Example:

host1/Admin(config-console)# do show line 
console
line Console:
    Speed:        9600 bauds
    Databits:     8 bits per byte
    Stopbits:     1 bit(s)
    Parity:       none

(Optional) Displays the line console settings.

Step 8 

do copy running-config startup-config


Example:

host1/Admin(config-console)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Configuring Virtual Terminal Line Settings

This section describes how to configure the virtual terminal line settings to enable remote access to the ACE. A virtual terminal line is not associated with the console port; instead, it is a virtual port on the Catalyst 6500 series switch that allows you to access the ACE.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

line vty

Example:

host1/Admin(config)# line vty
host1/Admin(config-line)#

Enters line configuration mode.

Step 3 

session-limit number

Example:

host1/Admin(config-line)# session-limit 23

Specifies the maximum number of terminal sessions per line. The range is from 1 to 251.

 
no session-limit number

Example:

host1/Admin(config-line)# no session-limit 
23

(Optional) Disables a setting for the configured virtual terminal line.

Step 4 

do copy running-config startup-config


Example:

host1/Admin(config-line)# do copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Step 5 

Ctrl-z


Example:

host1/Admin(config-line)# ctrl-z

host1/Admin#

(Optional) Returns to the Exec mode prompt.

Step 6 

clear line vty_name


Example:

host1/Admin# clear line vty vty1

(Optional) Closes a specified vty session.

The vty_name argument specifies the name of the VTY session. Enter a maximum of 64 characters for the name of the virtual terminal.

Modifying the Boot Configuration

This section describes how to control the way in which the ACE performs its boot process through ROMMON mode. ROMMON is the ROM-resident code that starts executing as soon as you power up or reset the ACE. Two user-configurable parameters determine how theACE boots: the boot field in the configuration register and the BOOT environment variable.

This section describes how to modify the boot configuration of the ACE and contains the following topics:

Setting the Boot Method from the Configuration Register

Setting the BOOT Environment Variable

Setting the Boot Method from the Configuration Register

This section describes how to modify the boot method that the ACE uses at the next startup by setting the boot field in the software configuration register. The configuration register identifies how the ACE should boot and where the system image is stored. You can modify the boot field to force the ACE to boot a particular system image at startup instead of using the default system image.

The ROMMON code executes upon power up, reset, or when a fatal exception occurs. The ACE enters ROMMON mode if it does not find a valid system image, if the Flash memory configuration is corrupted, or if the configuration register is set to enter ROMMON mode.


Note You can manually enter ROMMON mode by restarting the ACE and then pressing the Break key during the first 60 seconds of startup. If you are connected to the ACE through a terminal server, you can escape to the Telnet prompt and then enter the send break command to enter the ROMMON mode.


Restrictions

The config-register command used to change the configuration register settings affects only the configuration register bits that control the boot field and leaves the remaining bits unaltered.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

config-register value

Example:

host1/Admin(config)# config-register 1

The value argument represents the configuration register value that you want to use the next time that you restart the ACE. The supported value entries are as follows:

0—Upon reboot, the ACE boots to the rommon prompt. The ACE remains in ROMMON mode at startup. From the ROMMON mode, you select specify the system boot image to use to boot the ACE For information about using the ROMMON mode during a reboot, see the "Restarting the ACE" section.

1—Upon reboot, the ACE boots the system image identified in the BOOT environment variable (see the "Setting the BOOT Environment Variable" section). The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. If the ACE encounters an error or if the image is not valid, it will try the second image (if one is specified). If the second image also fails to boot, the ACE returns to ROMMON mode.

See the "Restarting the ACE" section for details on booting the ACE from the rommon prompt.

 
no config-register 1

Example:

host1/Admin(config)# no config-register 1

(Optional) Resets the config-register setting.

Step 3 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

Copies the running configuration to the startup configuration.

Setting the BOOT Environment Variable

This section describes how to add several images to the BOOT environment variable to provide a fail-safe boot configuration. The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. If the first file fails to boot the ACE, subsequent images that are specified in the BOOT environment variable are tried until the ACE boots or there are no additional images to attempt to boot. If there is no valid image to boot, the ACE enters ROMMON mode where you can manually specify an image to boot.

The ACE stores and executes images in the order in which you added them to the BOOT environment variable. If you want to change the order in which images are tried at startup, you can either prepend and clear images from the BOOT environment variable to attain the desired order or you can clear the entire BOOT environment variable and then redefine the list in the desired order.

Detailed Steps

 
Command
Purpose

Step 1 

config


Example:

host1/Admin# config

host1/Admin(config)#

Enters global configuration mode.

Step 2 

boot system image:image_name

Example:

host1/Admin(config)# boot system 
image:c6ace-t1k9-mzg.A2_2_99_57.bin
 
        

Sets the BOOT environment variable.

The image_name argument specifies the name of the system image file. If the file does not exist (for example, if you entered the wrong filename), then the filename is appended to the bootstring, and this message displays, "Warning: File not found but still added in the bootstring." If the file does exist, but is not a valid image, the file is not added to the bootstring, and this message displays, "Warning: file found but it is not a valid boot image."

Step 3 

do show bootvar


Example:

host1/Admin(config)# BOOT variable = 
"disk0:c6ace-t1k9-mzg.A2_2_99_57.bin
Configuration register is 0x1
 
        

(Optional) Displays the BOOT environment variable settings.

Step 4 

do copy running-config startup-config


Example:

host1/Admin(config)# do copy running-config startup-config

Copies the running configuration to the startup configuration.

Restarting the ACE

This section describes how to reload the ACE directly from its CLI or reboot it by using the Catalyst 6500 series CLI. You may need to reboot the ACE from the Catalyst CLI if you cannot reach the ACE through its CLI or by using an external Telnet session.

This section contains the following topics:

Restarting the ACE from the CLI

Restarting the ACE from the Catalyst CLI

Using ROMMON to Specify the System Boot Image During a Restart

Restarting the ACE from the CLI

This section describes how to reboot the ACE directly from its CLI and reload the configuration. When you reboot the ACE, it performs a full power cycle of both the hardware and software. Any open connections with the ACE are dropped. The reset process can take several minutes.


Caution Configuration changes that are not written to the Flash partition are lost after a reload. Before rebooting, enter the copy running-conf startup-config command in Exec mode to store the current configuration in Flash memory. If you fail to save your configuration changes, the ACE reverts to its previous settings upon restart.

Detailed Steps

 
Command
Purpose

Step 1 

copy running-config startup-config


Example:

host1/Admin# copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Step 2 

reload


Example:

host1/Admin# reload
This command will reboot the system
Save configurations for all the contexts. 
Save? [yes/no]: [yes]

Reboots the ACE and reloads the configuration. When you specify reload, the ACE prompts you for confirmation and performs a cold restart of the ACE.

During the reload process, the ACE performs one of the following actions:

If you specified a value of 1 for the config-register command (see the "Setting the Boot Method from the Configuration Register" section), the ACE boots the system image identified in the BOOT environment variable.

If you specified a value of 0 for the config-register command, the ACE enters the ROMMON mode and you must identify the location of an image file to boot (see the "Using ROMMON to Specify the System Boot Image During a Restart" section).

Restarting the ACE from the Catalyst CLI

This section describes how to restart the ACE from the Catalyst 6500 series CLI.


Caution Configuration changes that are not written to the Flash partition are lost after a reload. Before rebooting, enter the copy running-conf startup-config command in Exec mode to store the current configuration in Flash memory. If you fail to save your configuration changes, the ACE reverts to its previous settings upon restart.

Detailed Steps

 
Command
Purpose

Step 1 

copy running-config startup-config


Example:

host1/Admin# copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration. Enter this command from the ACE CLI.

Step 2 

hw-module module mod_num reset


Example:

Cat6k-switch# hw-module module 3 reset
Proceed with reload of module?[confirm] 
% reset issued for module 3

Restarts the ACE from the Catalyst 6500. Enter this command from the Catalyst 6500 CLI.

The arguments and keywords are as follows:

module mod_num—Applies the command to the module in the specified slot number in the Catalyst 6500 series chassis where the ACE is installed.

reset—Resets the specified module.

During the restart process, the ACE performs one of the following actions:

If you specified a value of 1 for the config-register command (see the "Setting the Boot Method from the Configuration Register" section), the ACE boots the system image identified in the BOOT environment variable.

If you specified a value of 0 for the config-register command, the ACE enters the ROMMON mode and you must identify the location of an image file to boot (see the "Using ROMMON to Specify the System Boot Image During a Restart" section).

Using ROMMON to Specify the System Boot Image During a Restart

This section describes how to specify a value of 0 for the config-register command (see the "Setting the Boot Method from the Configuration Register" section) to force the ACE to enter the ROMMON mode upon a reload or power cycle of the ACE. The ACE remains in ROMMON mode until you identify the location of an image file to boot.

The ACE supports two methods of booting the module from the rommon prompt:

To manually change the configuration register setting in ROMMON mode, use the confreg command followed by a value of 0 or 1.

To change the boot characteristics using onscreen prompts, use the confreg command without a value.

To instruct the ACE to manually boot from a particular system image, use the confreg command and specify a configuration register value of 1. Identify the name of the system image file that the ACE uses to boot.

A confreg value of 0 instructs the ACE to boot to the rommon prompt.

For example, to use the confreg command at the rommon prompt to instruct the ACE to boot from the c6ace-t1k9-mzg.3.0.0_A0_2.48.bin system image, enter:

rommon 11 > confreg 1
rommon 12 > BOOT=disk0:c6ace-t1k9-mzg.A2_2_99_57.bin
rommon 13 > sync

To instruct the ACE to automatically boot from the image specified in the BOOT variable (see the "Setting the BOOT Environment Variable" section), use the confreg command without specifying a configuration register value to launch the Configuration Summary menu-based utility. You can then instruct the ACE to boot from the system image identified in the BOOT environment variable (see the "Setting the BOOT Environment Variable" section).

For example, to use the confreg command to display the onscreen prompts for changing the boot characteristics of the ACE, enter:

rommon 11 > confreg
Configuration Summary
(Virtual Configuration Register: 0x1)
enabled are:
break/abort has effect
console baud: 9600
boot: the ROM monitor
do you wish to change the configuration? y/n [n]: y
disable "break/abort has effect"? y/n [n]:
enable "ignore system config info"? y/n [n]:
change the boot characteristics? y/n [n]: y
enter to boot:
0 = ROM Monitor
1 = boot file specified in BOOT variable
[1]: 1

For example, to use the confreg command to instruct the ACE to boot from the c6ace-t1k9-mzg.A2_2_99_57.bin system image, enter:

rommon 11 > confreg
Configuration Summary
(Virtual Configuration Register: 0x1)
enabled are:
break/abort has effect
console baud: 9600
boot: the ROM monitor
do you wish to change the configuration? y/n [n]: n
rommon 12 > BOOT=disk0:c6ace-t1k9-mzg.A2_2_99_57.bin
rommon 13 > sync

Shutting Down the ACE

This section describes how to shut down the ACE from the Catalyst 6500 series CLI. To avoid corrupting the ACE, you must correctly shut down the module before you disconnect the power or remove it from the Catalyst 6500 series chassis.


Caution Configuration changes that are not written to the Flash partition are lost after a reload. Before rebooting, enter the copy running-conf startup-config command in Exec mode to store the current configuration in Flash memory. If you fail to save your configuration changes, the ACE reverts to its previous settings upon restart.


Caution Do not remove the ACE from the Catalyst 6500 series switch until the module has shut down completely and the Status LED is orange. You can damage the ACE if you remove it from the switch before it completely shuts down.

Detailed Steps

 
Command
Purpose

Step 1 

copy running-config startup-config


Example:

host1/Admin# copy running-config startup-config

(Optional) Copies the running configuration to the startup configuration.

Step 2 

no power enable module


Example:

host1/Admin# no power enable module

Shuts down the ACE.

If the ACE fails to respond to this command, shut down the module by using a small, pointed object (such as a paper clip) to access the recessed Shutdown button on the front panel of the ACE. The shutdown procedure may take several minutes. The Status LED turns off when the ACE shuts down.

Displaying the ACE Setup Configuration

To display the ACE setup configuration information, use the following show commands from Exec mode:

Command
Purpose

show banner motd

Displays the configured banner message (see the "Configuring a Message-of-the-Day Banner" section).

show bootvar

Displays the BOOT environment variable settings (see the "Setting the BOOT Environment Variable" section).

show clock

Displays the current clock settings (see the "Configuring the Time Zone" section).

show line console [connected]

Displays the line console settings (see the "Configuring Console Line Settings" section).

show login timeout

Displays the configured login time value (see the "Configuring an ACE Inactivity Timeout" section).

show terminal

Displays the console terminal settings (see the "Configuring Terminal Display Attributes" section).


For detailed information about the fields in the output from these commands, refer to the Cisco Application Control Engine Module Command Reference.