Quick Start Guide vA3(2.2), Cisco ACE 4700 Series Application Control Engine Appliance - Setting Up an ACE Appliance [Cisco ACE 4700 Series Application Control Engine Appliances]

Table Of Contents

Setting Up an ACE Appliance

Overview

Establishing a Console Connection on the ACE

Enabling Management Connectivity Using the Setup Script

Assigning a Name to the ACE

Setting Up an ACE Appliance Using the Device Manager GUI

Logging in to the ACE

Configuring a Second Gigabit Ethernet Interface Port

Configuring a Third Gigabit Ethernet Interface Port

Setting Up an ACE Appliance Using the CLI

Logging in to the ACE

Configuring the First Gigabit Ethernet Port

Allocating the First Gigabit Ethernet Port to a VLAN

Configuring a Management VLAN Interface on the ACE

Configuring a Second Gigabit Ethernet Interface Port

Configuring a Third Gigabit Ethernet Interface Port

Configuring Remote Management Access to the ACE

Accessing the ACE through a Telnet Session

Setting Up an ACE Appliance

This chapter describes how to set up a Cisco 4700 Series Application Control Engine (ACE) appliance. It includes the following major sections:

•Overview

•Establishing a Console Connection on the ACE

•Enabling Management Connectivity Using the Setup Script

•Assigning a Name to the ACE

•Setting Up an ACE Appliance Using the Device Manager GUI

•Setting Up an ACE Appliance Using the CLI

Overview

After reading this chapter, you should have a basic understanding of how to configure a ACE appliance with the networking parameters necessary for communicating with a management device to configure server load balancing.

After some initial setup using the CLI, you can complete the procedures in this chapter using the Device Manager GUI.

Before performing the procedures in this section, make sure that you complete the ACE installation instructions as described in the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide.

Configuring an ACE involves the following basic steps:

Step 1 Establishing a console connection on the ACE.

Step 2 Enable management connectivity to the ACE through a Gigabit Ethernet port.

Step 3 Log in to the ACE.

Step 4 Configure a second Gigabit Ethernet port for client-side connectivity.

Step 5 Configure a third Gigabit Ethernet port for server-side connectivity.

This chapter describes how to set up an ACE appliance using the example network setup illustrated in Figure 2-1.

Figure 2-1 Example Network Setup

The configuration of the example setup is as follows:

•VLAN 1000 is assigned to the first Gigabit Ethernet port and is used for management traffic for both the Admin context and a user context.

Note A virtual local area network (VLAN) is a logical division of a computer network within which information can be transmitted for all devices to receive. VLANs enable you to segment a switched network so that devices in one VLAN do not receive information packets from devices in another VLAN.

•VLAN 400 is assigned to the second Gigabit Ethernet port and is used for client-side traffic.

•VLAN 500 is assigned to the third Gigabit Ethernet port and is used for server-side traffic.

•None of the three Gigabit Ethernet ports used are trunked.

•A management VLAN interface is configured for the Admin context with VLAN 1000 and IP address 172.25.91.110.

•A management VLAN interface is configured for the user context VC_web with VLAN 1000 and IP address 172.25.91.111.

•A client-side VLAN interface is configured for the user context VC_web with VLAN 400 and IP address 10.10.40.10.

•A server-side VLAN interface is configured for the user context VC_web with VLAN 500 and IP address 10.10.50.1.

•Four web servers are available to the ACE for load-balancing client requests.

Establishing a Console Connection on the ACE

The ACE has one standard RS-232 serial port on its rear panel that operates as the console port. You can establish a direct serial connection between the ACE and your terminal (or a PC with terminal software) by making a serial connection to this console port. The integrated serial port accepts a 9-pin female D-shell connector. Use a straight-through cable with a null modem to connect the ACE to the terminal or a PC. For more instructions on connecting a console cable to your ACE appliance, see the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide.

The ACE appliance has four physical Ethernet interface ports. All VLANs are assigned to these ports. The four Ethernet ports provide the physical connection between the ACE and the servers, PCs, routers, and other devices. You can configure the Ethernet ports to provide an interface for connecting to 10-Mbps, 100-Mbps, or 1000-Mbps networks. After the VLANs are assigned, you can configure the corresponding VLAN interfaces so that the ACE can provide different networking functions for different VLANs.

Note Only the Admin context is directly accessible through the console port; all other contexts can be accessed through Telnet or SSH sessions on the Ethernet ports.

After making the console connection, you can use any terminal communications application to access the ACE CLI.

Note If the appliance is not on, press the power button on the front of the ACE to start the boot process. See the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide for details.

Access the ACE CLI using HyperTerminal for Windows by following these steps:

Step 1 Launch HyperTerminal.

The Connection Description window appears (Figure 2-2).

Figure 2-2 HyperTerminal—Connection Description

Step 2 Enter a name for your connection in the Name field.

Step 3 Click OK. The Connect To window appears (Figure 2-3).

Figure 2-3 HyperTerminal—Connect To

Step 4 From the Connect using drop-down list, choose the COM port to which the device is connected.

Step 5 Click OK. The Port Properties window appears (Figure 2-4).

Figure 2-4 HyperTerminal—Port Properties

Step 6 Set the port properties:

•Bits per second = 9600

•Data bits = 8

•Parity = none

•Stop bits = 1

•Flow control = None

Step 7 Click OK to connect.

Enabling Management Connectivity Using the Setup Script

When you boot the ACE for the first time and the ACE does not detect a startup configuration file, a setup script guides you through the process of configuring a management VLAN on the ACE through one of its Gigabit Ethernet ports to enable connectivity to the Device Manager GUI.

After running the setup script, the management VLAN is allocated to the specified Gigabit Ethernet port and the VLAN interface is configured on the ACE, as illustrated in Figure 2-5.

Figure 2-5 Configuration After the Setup Script is Executed

Configure the ACE using the setup script by following these steps:

Step 1 At the login prompt, log into the ACE by entering the login username admin and password. By default, the username and password are admin. For example, enter:
Starting sysmgr processes.. Please wait...Done!!!
switch login: admin
Password: admin
Step 2 At the Enter the new password for "admin": prompt, change the default Admin password. If you do not change the default Admin password, after you upgrade the ACE software you will only be able to log in to the ACE through the console port.
Enter the new password for "admin": xxxxx
Confirm the new password for "admin": xxxxx
admin user password successfully changed.
Step 3 At the Enter the new password for "www": prompt, change the default www user password. If you do change the default www user password, the www user will be disabled and you will not be able to use Extensible Markup Language (XML) to remotely configure an ACE until you change the default www user password.
Enter the new password for "www": xxxxx
Confirm the new password for "www": xxxxx
www user password successfully changed.
This script will perform the configuration necessary for a user to 
manage the ACE Appliance using the ACE Device Manager. The management 
port is a designated Ethernet port which has access to the same 
network as your management tools including the ACE Device Manager. You 
will be prompted for the Port Number, IP Address, Netmask and Default 
Route (optional).
Enter `ctrl-c' at any time to quit the script
Caution At this point, you should consider whether you plan to configure the ACE using the Device Manager GUI or using the CLI. If you have a trunking network setup, or if your VLAN 1000 has been used, you should bypass the following setup script and use the CLI at "Setting Up an ACE Appliance Using the CLI."

Step 4 At the "Would you like to enter the basic configuration dialog? (yes/no)" prompt, press Enter to continue the setup. To bypass setup and directly access the CLI, type no.
Would you like to enter the basic configuration dialog? (yes/no) [y]:
Note The ACE provides a default response in brackets [ ] for each question in the setup script. Accept the default response to a configuration prompt by pressing Enter.

Step 5 Select port 1 to carry management VLAN communication by pressing Enter.
Enter the Ethernet port number to be used as the management port 
(1-4):? [1]:
Step 6 Assign an IP address for the management VLAN interface by entering 172.25.91.110.
Enter the management port IP Address (n.n.n.n): [192.168.1.10]: 
172.25.91.110
Step 7 Accept the default subnet mask for the management VLAN interface by pressing Enter.
Enter the management port Netmask(n.n.n.n): [255.255.255.0]:
Step 8 Assign the IP address of the gateway router (the next-hop address for this route) by entering 172.25.91.1.
Enter the default route next hop IP Address (n.n.n.n) or <enter> to 
skip this step: 172.25.91.1
Step 9 Examine the entered values.
Summary of entered values: 
Management Port: 1
Ip address 172.25.91.110
Netmask: 255.255.255.0
Default Route: 172.25.91.1
Step 10 Review the configuration details by entering d.
Submit the configuration including security settings to the ACE 
Appliance? (yes/no/details): [y]: d
interface gigabitEthernet 1/3
  switchport access vlan 1000
  no shut
access-list ALL extended permit ip any any
class-map type management 
match-any remote_access
  match protocol xml-https any
  match protocol dm-telnet any
  match protocol icmp any
  match protocol telnet any
  match protocol ssh any
  match protocol http any
  match protocol https any
  match protocol snmp any
policy-map type management first-match remote_mgmt_allow_policy
  class remote_access
    permit
interface vlan 1000
  ip address 172.25.91.110 255.255.255.0
  access-group input ALL
  service-policy input remote_mgmt_allow_policy
  no shutdown
ssh key rsa
ip route 0.0.0.0 0.0.0.0 172.25.91.1
Step 11 Accept this configuration by pressing Enter (for Yes); otherwise, enter n.
Submit the configuration including security settings to the ACE 
Appliance? (yes/no/details): [y]:
Step 12 After you press Enter to accept the configuration, the following message appears.
Configuration successfully applied. You can now manage this ACE 
Appliance by entering the url 'https://172.25.91.110' into a web 
browser to access the Device Manager GUI.
After you have completed the setup script, the command prompt appears.
switch/Admin#
After you specify a Gigabit Ethernet port, port mode, and management VLAN, the setup script automatically applies the following default configuration:

•A Management VLAN is allocated to the specified Ethernet port.

•An extended IP access list that allows IP traffic originating from any other host addresses.

•A traffic classification is created for management protocols HTTP, HTTPS, ICMP, SSH, Telnet, and XML-HTTPS. HTTPS is dedicated to connectivity with the Device Manager GUI.

•A VLAN interface is configured on the ACE.

Assigning a Name to the ACE

The hostname is used for the command-line prompts and default configuration filenames. When you establish sessions to multiple devices, the hostname helps you keep track of which ACE you are entering commands to. By default, the hostname for the ACE is switch.

For example, change the hostname of the ACE from switch to host1 by entering:
switch/Admin# Config
switch/Admin(config)# hostname host1
The prompt appears with the new hostname.
host1/Admin(config)#
Setting Up an ACE Appliance Using the Device Manager GUI

You can set up an ACE appliance using the Device Manager GUI or the CLI. This section describes how to set up an ACE using the GUI, and includes the following topics:

•Logging in to the ACE

•Configuring a Second Gigabit Ethernet Interface Port

•Configuring a Third Gigabit Ethernet Interface Port

Logging in to the ACE

You can access the ACE Device Manager GUI through a web-based interface. Log in to the Device Manager by following these steps:

Step 1 Navigate to the ACE Device Manager by entering the secure HTTPS address or hostname of the ACE in the address field of a web browser. For the example setup shown earlier in Figure 2-1, enter:
https://172.25.91.110/
Step 2 Click Yes at the prompt to accept (trust) and install the signed certificate from Cisco Systems, Inc. To avoid having to approve the signed certificate every time you log in to the Device Manager, accept the certificate.

The Device Manager GUI Login window appears (Figure 2-6).

Note Because this product is regularly updated, you may notice minor variations between the figures in this manual and the windows that appear in the software version you are running.

Figure 2-6 Device Manager GUI Login Window

Step 3 In the User Name field, type admin for the admin user account.

Step 4 In the Password field, type the new password that you entered in Step 2 in "Enabling Management Connectivity Using the Setup Script."

Step 5 Click Login. The default window that appears is the Virtual Contexts window with the Admin context listed, as shown in Figure 2-7.

Figure 2-7 Virtual Contexts Pane (Admin Context)

Configuring a Second Gigabit Ethernet Interface Port

You can configure a second Gigabit Ethernet interface port to connect to clients. For the example configuration, you will configure Gigabit Ethernet interface port 2 as illustrated in Figure 2-8 (previously configured settings are grayed out).

Figure 2-8 Configuring a Second Gigabit Ethernet Interface Port to Connect to Clients

Configure a second Gigabit Ethernet port by following these steps:

Step 1 Choose Config > Virtual Contexts > Network > GigabitEthernet Interfaces. The GigabitEthernet Interfaces pane appears (Figure 2-9).

Note Only users authenticated in the Admin context can configure the Gigabit Ethernet interface ports.

Figure 2-9 GigabitEthernet Interfaces Pane—gigabitEthernet 1/2

Step 2 In the GigabitEthernet Interfaces pane, choose gigabitEthernet 1/2, and then click Edit to define attributes for the port (see Figure 2-9). The Physical Interfaces window appears (Figure 2-10).

Figure 2-10 Physical Interfaces Window—gigabitEthernet 1/2

Step 3 Enter the following attributes for port 2. Leave the remaining attributes blank or with their default values.

•Description: Client-side

•Admin Status: Up

•Speed: Auto

•Port Operation Mode: Switch Port

•Switch Port Type: Access

•Access VLAN: 400

Step 4 Click Deploy Now to save these settings and to return to the GigabitEthernet Interfaces pane (Figure 2-11).

Figure 2-11 GigabitEthernet Interfaces Pane with Ethernet Port 2 Configured

Configuring a Third Gigabit Ethernet Interface Port

You can configure a third Gigabit Ethernet interface port to connect to the servers. For the example configuration, you will configure Gigabit Ethernet interface port 3 as illustrated in Figure 2-12 (previously configured settings are grayed out.)

Figure 2-12 Configuring a Third Gigabit Ethernet Interface Port to Connect to the Servers

Configure a third Gigabit Ethernet port by following these steps:

Step 1 In the GigabitEthernet Interfaces pane, choose gigabitEthernet 1/3, and then click Edit to define attributes for the port. The GigabitEthernet Interfaces window appears (Figure 2-10).

Step 2 Enter the following attributes for port 3. Leave the remaining attributes blank or with their default values.

•Description: Server-side

•Admin Status: Up

•Speed: Auto

•Port Operation Mode: Switch Port

•Switch Port type: Access

•Access VLAN: 500

Step 3 Click Deploy Now to save these settings and to return to the GigabitEthernet Interfaces pane (Figure 2-13).

Figure 2-13 GigabitEthernet Interfaces Pane with Ethernet Port 3 Configured

Setting Up an ACE Appliance Using the CLI

You can set up an ACE appliance using the Device Manager GUI or the CLI. This section describes how to set up an ACE using the CLI, and includes the following topics:

•Logging in to the ACE

•Configuring the First Gigabit Ethernet Port

•Allocating the First Gigabit Ethernet Port to a VLAN

•Configuring a Management VLAN Interface on the ACE

•Configuring a Second Gigabit Ethernet Interface Port

•Configuring a Third Gigabit Ethernet Interface Port

•Configuring Remote Management Access to the ACE

•Accessing the ACE through a Telnet Session

Logging in to the ACE

After you have established a direct serial connection between the ACE and your terminal or a PC (see the "Establishing a Console Connection on the ACE" section), you can set up the ACE using the CLI.

When the setup script displays the "Would you like to enter the basic configuration dialog? (yes/no):" prompt, enter no to access the CLI. Log in to the ACE by following these steps:

Step 1 At the login prompt, enter admin. For the password, type the new password that you entered in Step 2 in the "Enabling Management Connectivity Using the Setup Script" section.
host1 login: admin
Password: xxxxx
You are ready to use the ACE CLI when the following prompt appears.
host1/Admin#
Step 2 Set the terminal session-timeout command to 0 to prevent this current session from timing out. By default, a session on the ACE is automatically logged out after 5 minutes of inactivity.
host1/Admin# terminal session-timeout 0
host1/Admin#
Configuring the First Gigabit Ethernet Port

You can configure a Gigabit Ethernet interface port for the ACE management traffic. For the example configuration, you will configure Gigabit Ethernet interface port 1. Configure the first Gigabit Ethernet port by following theses steps:

Step 1 Configure a Layer 2 Gigabit Ethernet port on the ACE by using the interface gigabitEthernet slot_number/port_number command in configuration mode.

Note The slot_number specifies the physical slot on the ACE that contains the Ethernet ports. For the current release of the ACE appliance, this selection is always 1.

Configure Gigabit Ethernet port 1 and enter interface configuration mode by entering:
host1/Admin# config
host1/Admin(config)# interface gigabitEthernet 1/1
host1/Admin(config-if)#
Step 2 Enable the Gigabit Ethernet port by using the no shutdown command in interface configuration mode. Disable a running Gigabit Ethernet port by using the shutdown command; bring one up by using the no shutdown command.
host1/Admin(config-if)# no shutdown
Step 3 Display the configuration of the interface by using the do command with the show interface command.
host1/admin(config-if)# do show interface vlan 1000 
Allocating the First Gigabit Ethernet Port to a VLAN

After you configure an Gigabit Ethernet port, the next step is to allocate it to a VLAN. For the example configuration, you will allocate the first Gigabit Ethernet port to VLAN 1000, as illustrated in Figure 2-14 (previously configured settings are grayed out.)

Figure 2-14 Allocating the First Gigabit Ethernet Port to a VLAN

Allocate the port to a VLAN by following these steps:

Step 1 Assign one or more VLAN numbers to the Gigabit Ethernet port by using the switchport trunk allowed vlan vlan_list command in interface configuration mode. The vlan_list argument can include:

•A single VLAN number

•Beginning and ending VLAN numbers separated by a hyphen

•Specific VLAN numbers separated by commas

Valid entries are 1 through 4094. Do not enter any spaces in a hyphenated range or in a comma-separated list of numbers in the vlan_list argument.

Note You can associate a VLAN number with only one Gigabit Ethernet port.

Add VLAN 1000 to the defined list of VLANs currently set for Gigabit Ethernet port 1 by entering:
host1/Admin(config)# interface gigabitEthernet 1/1
host1/Admin(config-if)# switchport access allowed vlan 1000
Step 2 Enable VLAN access for the specified Layer 2 Gigabit Ethernet port by using the no shutdown command in interface configuration mode.
host1/Admin(config-if)# no shutdown
host1/Admin(config-if)# exit
host1/Admin(config)#
Configuring a Management VLAN Interface on the ACE

You can provide management connectivity to the ACE by assigning an IP address to the VLAN interface on the ACE. For the example configuration, you will assign an IP address 172.25.91.110 and a subnet mask of 255.255.255.0 to VLAN 1000, as illustrated in Figure 2-15 (previously configured settings are grayed out).

Figure 2-15 Configuring a Management VLAN Interface on the ACE

Configure a VLAN interface on the ACE by following these steps:

Step 1 Access interface configuration mode for the VLAN 1000.
host1/Admin(config)# interface vlan 1000
host1/Admin(config-if)#
Step 2 Assign an IP address of 172.25.91.110 and a subnet mask of 255.255.255.0 to the VLAN interface for management connectivity.
host1/Admin(config-if)# ip address 172.25.91.110 255.255.255.0 
Step 3 (Optional) Provide a description for the interface.
host1/Admin(config-if)# description Management connectivity on VLAN 
1000
Step 4 Enable the VLAN interface.
host1/Admin(config-if)# no shutdown
Step 5 Display the configuration of VLAN 1000.
host1/Admin(config-if)# do show interface vlan 1000
Step 6 Verify network connectivity by using the ping command. This command verifies the connectivity of a remote host or server by sending echo messages from the ACE.
host1/Admin(config-if)# do ping 172.25.91.110
Step 7 Exit the interface configuration mode.
host1/Admin(config-if)# exit
host1/Admin(config)#
Configuring a Second Gigabit Ethernet Interface Port

You can configure a second Gigabit Ethernet interface port to connect to clients. For the example configuration, you will configure Gigabit Ethernet interface port 2 as illustrated in Figure 2-8. Configure the second Gigabit Ethernet Interface port by following these steps:

Step 1 Add VLAN 400 to the defined list of VLANs currently set for Gigabit Ethernet port 2.
host1/Admin(config)# interface gigabitEthernet 1/2
host1/Admin(config-if)# switchport access vlan 400 
Step 2 Enable the Gigabit Ethernet port.
host1/Admin(config-if)# no shutdown
host1/Admin(config-if)# exit
host1/admin(config)#
Configuring a Third Gigabit Ethernet Interface Port

You can configure a third Gigabit Ethernet interface port to connect to the servers. For the example configuration, you will configure Gigabit Ethernet interface port 3 as illustrated in Figure 2-12. Configure the third Gigabit Ethernet Interface port by following these steps:

Step 1 Add VLAN 500 to the defined list of VLANs currently set for Gigabit Ethernet port 3.
host1/Admin(config)# interface gigabitEthernet 1/3
host1/Admin(config-if)# switchport access allowed vlan 500
Step 2 Enable the Ethernet port.
host1/Admin(config-if)# no shutdown
host1/Admin(config-if)# exit
host1/admin(config)#
Configuring Remote Management Access to the ACE

Before remote network access can occur on the ACE through an Ethernet port, you must create a traffic policy that identifies the network management traffic that can be received by the ACE. Configure remote management access to the ACE by following these steps:

Step 1 Create a management-type class map named REMOTE_ACCESS that matches any traffic.
host1/Admin(config)# class-map type management match-any REMOTE_ACCESS
host1/Admin(config-cmap-mgmt)#
Step 2 (Optional) Provide a description for the class map.
host1/Admin(config-cmap-mgmt)# description Remote access traffic match
Step 3 Configure the match protocol to permit traffic based on the SSH, Telnet, and ICMP protocols for any source address.
host1/Admin(config-cmap-mgmt)# match protocol ssh any
host1/Admin(config-cmap-mgmt)# match protocol telnet any
host1/Admin(config-cmap-mgmt)# match protocol icmp any
host1/Admin(config-cmap-mgmt)# exit
host1/Admin(config)#
Step 4 Create a REMOTE_MGMT_ALLOW_POLICY policy map for traffic destined to an ACE interface.
host1/Admin(config)# policy-map type management first-match 
REMOTE_MGMT_ALLOW_POLICY
host1/Admin(config-pmap-mgmt)#
Step 5 Apply the previously created REMOTE_ACCESS class map to this policy.
host1/Admin(config-pmap-mgmt)# class REMOTE_ACCESS
host1/Admin(config-pmap-mgmt-c)#
Step 6 Allow the ACE to receive the configured class map management protocols.
host1/Admin(config-pmap-mgmt-c)# permit
host1/Admin(config-pmap-mgmt-c)# exit
host1/Admin(config-pmap-mgmt)# exit
host1/Admin(config)#
Step 7 Access interface configuration mode for the VLAN to which you want to apply the policy map.
host1/Admin(config)# interface vlan 1000
host1/Admin(config-if)#
Step 8 Apply the REMOTE_MGMT_ALLOW_POLICY policy map to the interface.
host1/Admin(config-if)# service-policy input REMOTE_MGMT_ALLOW_POLICY
Step 9 Display the REMOTE_MGMT_ALLOW_POLICY policy applied to the interface.
host1/Admin(config-if)# do show service-policy 
REMOTE_MGMT_ALLOW_POLICY
Status     : ACTIVE
-----------------------------------------
Interface: vlan 1000
  service-policy: REMOTE_MGMT_ALLOW_POLICY
Step 10 Save your configuration changes from the running configuration to the startup configuration.
host1/Admin(config-if)# do copy running-config startup-config
Generating configuration....
running config of context VC_web saved
host1/Admin(config-if)# exit
host1/Admin(config)# exit
Step 11 Display the running configuration.
host1/Admin(config)# do show running-config
Generating configuration....
class-map type management match-any REMOTE_ACCESS
  description Remote access traffic match
  2 match protocol telnet any
  3 match protocol ssh any
  4 match protocol icmp any
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
  class REMOTE_ACCESS
    permit
interface vlan 1000
  description Management connectivity on VLAN 1000
  ip address 172.25.91.110 255.255.255.0
  service-policy input REMOTE_MGMT_ALLOW_POLICY
  no shutdown
interface vlan 400
  description client connectivity on VLAN 400
  ip address 10.10.40.10 255.255.255.0
  no shutdown
Accessing the ACE through a Telnet Session

After you have completed the previous configurations, you can use Telnet to access the ACE through an Ethernet port by using its IP address. Access the ACE through Telnet by following these steps:

Step 1 Initiate a Telnet session from a remote host to the ACE. For example, access the ACE from the VLAN IP address of 172.25.91.110 by entering:
remote_host# telnet 172.25.91.110
Trying 172.25.91.110... Open
Step 2 At the prompt, log in to the ACE. Enter admin as the user name and for the password, type the new password that you entered in the Step 2 in "Enabling Management Connectivity Using the Setup Script" section.
host1 login: admin
Password: xxxxx
Step 3 Display the Telnet session.
host1/Admin# show telnet
In this chapter, you have set up your ACE appliance so that you can use the ACE Device Manager or CLI to perform server load-balancing configuration tasks through a remote management interface. Next, you will create a user context for server load balancing.

	Quick Start Guide vA3(2.2), Cisco ACE 4700 Series Application Control Engine Appliance
	Setting Up an ACE Appliance
Quick Start Guide vA3(2.2), Cisco ACE 4700 Series Application Control Engine Appliance Preface Overview Setting Up an ACE Appliance Creating a Virtual Context Configuring Access Control Lists Configuring Role-Based Access Control Configuring Server Load Balancing Configuring a Load-Balancing Predictor Configuring Server Persistence Using Stickiness Configuring SSL Security Configuring Health Monitoring Using Health Probes Index	Download this chapter Setting Up an ACE Appliance Download the complete book Cisco 4700 Series Application Control Engine Appliance Quick Start Guide (Book-Length PDF) (PDF - 5 MB) Feedback Table Of Contents Setting Up an ACE Appliance Overview Establishing a Console Connection on the ACE Enabling Management Connectivity Using the Setup Script Assigning a Name to the ACE Setting Up an ACE Appliance Using the Device Manager GUI Logging in to the ACE Configuring a Second Gigabit Ethernet Interface Port Configuring a Third Gigabit Ethernet Interface Port Setting Up an ACE Appliance Using the CLI Logging in to the ACE Configuring the First Gigabit Ethernet Port Allocating the First Gigabit Ethernet Port to a VLAN Configuring a Management VLAN Interface on the ACE Configuring a Second Gigabit Ethernet Interface Port Configuring a Third Gigabit Ethernet Interface Port Configuring Remote Management Access to the ACE Accessing the ACE through a Telnet Session Setting Up an ACE Appliance This chapter describes how to set up a Cisco 4700 Series Application Control Engine (ACE) appliance. It includes the following major sections: •Overview •Establishing a Console Connection on the ACE •Enabling Management Connectivity Using the Setup Script •Assigning a Name to the ACE •Setting Up an ACE Appliance Using the Device Manager GUI •Setting Up an ACE Appliance Using the CLI Overview After reading this chapter, you should have a basic understanding of how to configure a ACE appliance with the networking parameters necessary for communicating with a management device to configure server load balancing. After some initial setup using the CLI, you can complete the procedures in this chapter using the Device Manager GUI. Before performing the procedures in this section, make sure that you complete the ACE installation instructions as described in the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide. Configuring an ACE involves the following basic steps: Step 1 Establishing a console connection on the ACE. Step 2 Enable management connectivity to the ACE through a Gigabit Ethernet port. Step 3 Log in to the ACE. Step 4 Configure a second Gigabit Ethernet port for client-side connectivity. Step 5 Configure a third Gigabit Ethernet port for server-side connectivity. This chapter describes how to set up an ACE appliance using the example network setup illustrated in Figure 2-1. Figure 2-1 Example Network Setup The configuration of the example setup is as follows: •VLAN 1000 is assigned to the first Gigabit Ethernet port and is used for management traffic for both the Admin context and a user context. Note A virtual local area network (VLAN) is a logical division of a computer network within which information can be transmitted for all devices to receive. VLANs enable you to segment a switched network so that devices in one VLAN do not receive information packets from devices in another VLAN. •VLAN 400 is assigned to the second Gigabit Ethernet port and is used for client-side traffic. •VLAN 500 is assigned to the third Gigabit Ethernet port and is used for server-side traffic. •None of the three Gigabit Ethernet ports used are trunked. •A management VLAN interface is configured for the Admin context with VLAN 1000 and IP address 172.25.91.110. •A management VLAN interface is configured for the user context VC_web with VLAN 1000 and IP address 172.25.91.111. •A client-side VLAN interface is configured for the user context VC_web with VLAN 400 and IP address 10.10.40.10. •A server-side VLAN interface is configured for the user context VC_web with VLAN 500 and IP address 10.10.50.1. •Four web servers are available to the ACE for load-balancing client requests. Establishing a Console Connection on the ACE The ACE has one standard RS-232 serial port on its rear panel that operates as the console port. You can establish a direct serial connection between the ACE and your terminal (or a PC with terminal software) by making a serial connection to this console port. The integrated serial port accepts a 9-pin female D-shell connector. Use a straight-through cable with a null modem to connect the ACE to the terminal or a PC. For more instructions on connecting a console cable to your ACE appliance, see the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide. The ACE appliance has four physical Ethernet interface ports. All VLANs are assigned to these ports. The four Ethernet ports provide the physical connection between the ACE and the servers, PCs, routers, and other devices. You can configure the Ethernet ports to provide an interface for connecting to 10-Mbps, 100-Mbps, or 1000-Mbps networks. After the VLANs are assigned, you can configure the corresponding VLAN interfaces so that the ACE can provide different networking functions for different VLANs. Note Only the Admin context is directly accessible through the console port; all other contexts can be accessed through Telnet or SSH sessions on the Ethernet ports. After making the console connection, you can use any terminal communications application to access the ACE CLI. Note If the appliance is not on, press the power button on the front of the ACE to start the boot process. See the Cisco 4710 Application Control Engine Appliance Hardware Installation Guide for details. Access the ACE CLI using HyperTerminal for Windows by following these steps: Step 1 Launch HyperTerminal. The Connection Description window appears (Figure 2-2). Figure 2-2 HyperTerminal—Connection Description Step 2 Enter a name for your connection in the Name field. Step 3 Click OK. The Connect To window appears (Figure 2-3). Figure 2-3 HyperTerminal—Connect To Step 4 From the Connect using drop-down list, choose the COM port to which the device is connected. Step 5 Click OK. The Port Properties window appears (Figure 2-4). Figure 2-4 HyperTerminal—Port Properties Step 6 Set the port properties: •Bits per second = 9600 •Data bits = 8 •Parity = none •Stop bits = 1 •Flow control = None Step 7 Click OK to connect. Enabling Management Connectivity Using the Setup Script When you boot the ACE for the first time and the ACE does not detect a startup configuration file, a setup script guides you through the process of configuring a management VLAN on the ACE through one of its Gigabit Ethernet ports to enable connectivity to the Device Manager GUI. After running the setup script, the management VLAN is allocated to the specified Gigabit Ethernet port and the VLAN interface is configured on the ACE, as illustrated in Figure 2-5. Figure 2-5 Configuration After the Setup Script is Executed Configure the ACE using the setup script by following these steps: Step 1 At the login prompt, log into the ACE by entering the login username admin and password. By default, the username and password are admin. For example, enter: Starting sysmgr processes.. Please wait...Done!!! switch login: admin Password: admin Step 2 At the Enter the new password for "admin": prompt, change the default Admin password. If you do not change the default Admin password, after you upgrade the ACE software you will only be able to log in to the ACE through the console port. Enter the new password for "admin": xxxxx Confirm the new password for "admin": xxxxx admin user password successfully changed. Step 3 At the Enter the new password for "www": prompt, change the default www user password. If you do change the default www user password, the www user will be disabled and you will not be able to use Extensible Markup Language (XML) to remotely configure an ACE until you change the default www user password. Enter the new password for "www": xxxxx Confirm the new password for "www": xxxxx www user password successfully changed. This script will perform the configuration necessary for a user to manage the ACE Appliance using the ACE Device Manager. The management port is a designated Ethernet port which has access to the same network as your management tools including the ACE Device Manager. You will be prompted for the Port Number, IP Address, Netmask and Default Route (optional). Enter `ctrl-c' at any time to quit the script Caution At this point, you should consider whether you plan to configure the ACE using the Device Manager GUI or using the CLI. If you have a trunking network setup, or if your VLAN 1000 has been used, you should bypass the following setup script and use the CLI at "Setting Up an ACE Appliance Using the CLI." Step 4 At the "Would you like to enter the basic configuration dialog? (yes/no)" prompt, press Enter to continue the setup. To bypass setup and directly access the CLI, type no. Would you like to enter the basic configuration dialog? (yes/no) [y]: Note The ACE provides a default response in brackets [ ] for each question in the setup script. Accept the default response to a configuration prompt by pressing Enter. Step 5 Select port 1 to carry management VLAN communication by pressing Enter. Enter the Ethernet port number to be used as the management port (1-4):? [1]: Step 6 Assign an IP address for the management VLAN interface by entering 172.25.91.110. Enter the management port IP Address (n.n.n.n): [192.168.1.10]: 172.25.91.110 Step 7 Accept the default subnet mask for the management VLAN interface by pressing Enter. Enter the management port Netmask(n.n.n.n): [255.255.255.0]: Step 8 Assign the IP address of the gateway router (the next-hop address for this route) by entering 172.25.91.1. Enter the default route next hop IP Address (n.n.n.n) or <enter> to skip this step: 172.25.91.1 Step 9 Examine the entered values. Summary of entered values: Management Port: 1 Ip address 172.25.91.110 Netmask: 255.255.255.0 Default Route: 172.25.91.1 Step 10 Review the configuration details by entering d. Submit the configuration including security settings to the ACE Appliance? (yes/no/details): [y]: d interface gigabitEthernet 1/3 switchport access vlan 1000 no shut access-list ALL extended permit ip any any class-map type management match-any remote_access match protocol xml-https any match protocol dm-telnet any match protocol icmp any match protocol telnet any match protocol ssh any match protocol http any match protocol https any match protocol snmp any policy-map type management first-match remote_mgmt_allow_policy class remote_access permit interface vlan 1000 ip address 172.25.91.110 255.255.255.0 access-group input ALL service-policy input remote_mgmt_allow_policy no shutdown ssh key rsa ip route 0.0.0.0 0.0.0.0 172.25.91.1 Step 11 Accept this configuration by pressing Enter (for Yes); otherwise, enter n. Submit the configuration including security settings to the ACE Appliance? (yes/no/details): [y]: Step 12 After you press Enter to accept the configuration, the following message appears. Configuration successfully applied. You can now manage this ACE Appliance by entering the url 'https://172.25.91.110' into a web browser to access the Device Manager GUI. After you have completed the setup script, the command prompt appears. switch/Admin# After you specify a Gigabit Ethernet port, port mode, and management VLAN, the setup script automatically applies the following default configuration: •A Management VLAN is allocated to the specified Ethernet port. •An extended IP access list that allows IP traffic originating from any other host addresses. •A traffic classification is created for management protocols HTTP, HTTPS, ICMP, SSH, Telnet, and XML-HTTPS. HTTPS is dedicated to connectivity with the Device Manager GUI. •A VLAN interface is configured on the ACE. Assigning a Name to the ACE The hostname is used for the command-line prompts and default configuration filenames. When you establish sessions to multiple devices, the hostname helps you keep track of which ACE you are entering commands to. By default, the hostname for the ACE is switch. For example, change the hostname of the ACE from switch to host1 by entering: switch/Admin# Config switch/Admin(config)# hostname host1 The prompt appears with the new hostname. host1/Admin(config)# Setting Up an ACE Appliance Using the Device Manager GUI You can set up an ACE appliance using the Device Manager GUI or the CLI. This section describes how to set up an ACE using the GUI, and includes the following topics: •Logging in to the ACE •Configuring a Second Gigabit Ethernet Interface Port •Configuring a Third Gigabit Ethernet Interface Port Logging in to the ACE You can access the ACE Device Manager GUI through a web-based interface. Log in to the Device Manager by following these steps: Step 1 Navigate to the ACE Device Manager by entering the secure HTTPS address or hostname of the ACE in the address field of a web browser. For the example setup shown earlier in Figure 2-1, enter: https://172.25.91.110/ Step 2 Click Yes at the prompt to accept (trust) and install the signed certificate from Cisco Systems, Inc. To avoid having to approve the signed certificate every time you log in to the Device Manager, accept the certificate. The Device Manager GUI Login window appears (Figure 2-6). Note Because this product is regularly updated, you may notice minor variations between the figures in this manual and the windows that appear in the software version you are running. Figure 2-6 Device Manager GUI Login Window Step 3 In the User Name field, type admin for the admin user account. Step 4 In the Password field, type the new password that you entered in Step 2 in "Enabling Management Connectivity Using the Setup Script." Step 5 Click Login. The default window that appears is the Virtual Contexts window with the Admin context listed, as shown in Figure 2-7. Figure 2-7 Virtual Contexts Pane (Admin Context) Configuring a Second Gigabit Ethernet Interface Port You can configure a second Gigabit Ethernet interface port to connect to clients. For the example configuration, you will configure Gigabit Ethernet interface port 2 as illustrated in Figure 2-8 (previously configured settings are grayed out). Figure 2-8 Configuring a Second Gigabit Ethernet Interface Port to Connect to Clients Configure a second Gigabit Ethernet port by following these steps: Step 1 Choose Config > Virtual Contexts > Network > GigabitEthernet Interfaces. The GigabitEthernet Interfaces pane appears (Figure 2-9). Note Only users authenticated in the Admin context can configure the Gigabit Ethernet interface ports. Figure 2-9 GigabitEthernet Interfaces Pane—gigabitEthernet 1/2 Step 2 In the GigabitEthernet Interfaces pane, choose gigabitEthernet 1/2, and then click Edit to define attributes for the port (see Figure 2-9). The Physical Interfaces window appears (Figure 2-10). Figure 2-10 Physical Interfaces Window—gigabitEthernet 1/2 Step 3 Enter the following attributes for port 2. Leave the remaining attributes blank or with their default values. •Description: Client-side •Admin Status: Up •Speed: Auto •Port Operation Mode: Switch Port •Switch Port Type: Access •Access VLAN: 400 Step 4 Click Deploy Now to save these settings and to return to the GigabitEthernet Interfaces pane (Figure 2-11). Figure 2-11 GigabitEthernet Interfaces Pane with Ethernet Port 2 Configured Configuring a Third Gigabit Ethernet Interface Port You can configure a third Gigabit Ethernet interface port to connect to the servers. For the example configuration, you will configure Gigabit Ethernet interface port 3 as illustrated in Figure 2-12 (previously configured settings are grayed out.) Figure 2-12 Configuring a Third Gigabit Ethernet Interface Port to Connect to the Servers Configure a third Gigabit Ethernet port by following these steps: Step 1 In the GigabitEthernet Interfaces pane, choose gigabitEthernet 1/3, and then click Edit to define attributes for the port. The GigabitEthernet Interfaces window appears (Figure 2-10). Step 2 Enter the following attributes for port 3. Leave the remaining attributes blank or with their default values. •Description: Server-side •Admin Status: Up •Speed: Auto •Port Operation Mode: Switch Port •Switch Port type: Access •Access VLAN: 500 Step 3 Click Deploy Now to save these settings and to return to the GigabitEthernet Interfaces pane (Figure 2-13). Figure 2-13 GigabitEthernet Interfaces Pane with Ethernet Port 3 Configured Setting Up an ACE Appliance Using the CLI You can set up an ACE appliance using the Device Manager GUI or the CLI. This section describes how to set up an ACE using the CLI, and includes the following topics: •Logging in to the ACE •Configuring the First Gigabit Ethernet Port •Allocating the First Gigabit Ethernet Port to a VLAN •Configuring a Management VLAN Interface on the ACE •Configuring a Second Gigabit Ethernet Interface Port •Configuring a Third Gigabit Ethernet Interface Port •Configuring Remote Management Access to the ACE •Accessing the ACE through a Telnet Session Logging in to the ACE After you have established a direct serial connection between the ACE and your terminal or a PC (see the "Establishing a Console Connection on the ACE" section), you can set up the ACE using the CLI. When the setup script displays the "Would you like to enter the basic configuration dialog? (yes/no):" prompt, enter no to access the CLI. Log in to the ACE by following these steps: Step 1 At the login prompt, enter admin. For the password, type the new password that you entered in Step 2 in the "Enabling Management Connectivity Using the Setup Script" section. host1 login: admin Password: xxxxx You are ready to use the ACE CLI when the following prompt appears. host1/Admin# Step 2 Set the terminal session-timeout command to 0 to prevent this current session from timing out. By default, a session on the ACE is automatically logged out after 5 minutes of inactivity. host1/Admin# terminal session-timeout 0 host1/Admin# Configuring the First Gigabit Ethernet Port You can configure a Gigabit Ethernet interface port for the ACE management traffic. For the example configuration, you will configure Gigabit Ethernet interface port 1. Configure the first Gigabit Ethernet port by following theses steps: Step 1 Configure a Layer 2 Gigabit Ethernet port on the ACE by using the interface gigabitEthernet slot_number/port_number command in configuration mode. Note The slot_number specifies the physical slot on the ACE that contains the Ethernet ports. For the current release of the ACE appliance, this selection is always 1. Configure Gigabit Ethernet port 1 and enter interface configuration mode by entering: host1/Admin# config host1/Admin(config)# interface gigabitEthernet 1/1 host1/Admin(config-if)# Step 2 Enable the Gigabit Ethernet port by using the no shutdown command in interface configuration mode. Disable a running Gigabit Ethernet port by using the shutdown command; bring one up by using the no shutdown command. host1/Admin(config-if)# no shutdown Step 3 Display the configuration of the interface by using the do command with the show interface command. host1/admin(config-if)# do show interface vlan 1000 Allocating the First Gigabit Ethernet Port to a VLAN After you configure an Gigabit Ethernet port, the next step is to allocate it to a VLAN. For the example configuration, you will allocate the first Gigabit Ethernet port to VLAN 1000, as illustrated in Figure 2-14 (previously configured settings are grayed out.) Figure 2-14 Allocating the First Gigabit Ethernet Port to a VLAN Allocate the port to a VLAN by following these steps: Step 1 Assign one or more VLAN numbers to the Gigabit Ethernet port by using the switchport trunk allowed vlan vlan_list command in interface configuration mode. The vlan_list argument can include: •A single VLAN number •Beginning and ending VLAN numbers separated by a hyphen •Specific VLAN numbers separated by commas Valid entries are 1 through 4094. Do not enter any spaces in a hyphenated range or in a comma-separated list of numbers in the vlan_list argument. Note You can associate a VLAN number with only one Gigabit Ethernet port. Add VLAN 1000 to the defined list of VLANs currently set for Gigabit Ethernet port 1 by entering: host1/Admin(config)# interface gigabitEthernet 1/1 host1/Admin(config-if)# switchport access allowed vlan 1000 Step 2 Enable VLAN access for the specified Layer 2 Gigabit Ethernet port by using the no shutdown command in interface configuration mode. host1/Admin(config-if)# no shutdown host1/Admin(config-if)# exit host1/Admin(config)# Configuring a Management VLAN Interface on the ACE You can provide management connectivity to the ACE by assigning an IP address to the VLAN interface on the ACE. For the example configuration, you will assign an IP address 172.25.91.110 and a subnet mask of 255.255.255.0 to VLAN 1000, as illustrated in Figure 2-15 (previously configured settings are grayed out). Figure 2-15 Configuring a Management VLAN Interface on the ACE Configure a VLAN interface on the ACE by following these steps: Step 1 Access interface configuration mode for the VLAN 1000. host1/Admin(config)# interface vlan 1000 host1/Admin(config-if)# Step 2 Assign an IP address of 172.25.91.110 and a subnet mask of 255.255.255.0 to the VLAN interface for management connectivity. host1/Admin(config-if)# ip address 172.25.91.110 255.255.255.0 Step 3 (Optional) Provide a description for the interface. host1/Admin(config-if)# description Management connectivity on VLAN 1000 Step 4 Enable the VLAN interface. host1/Admin(config-if)# no shutdown Step 5 Display the configuration of VLAN 1000. host1/Admin(config-if)# do show interface vlan 1000 Step 6 Verify network connectivity by using the ping command. This command verifies the connectivity of a remote host or server by sending echo messages from the ACE. host1/Admin(config-if)# do ping 172.25.91.110 Step 7 Exit the interface configuration mode. host1/Admin(config-if)# exit host1/Admin(config)# Configuring a Second Gigabit Ethernet Interface Port You can configure a second Gigabit Ethernet interface port to connect to clients. For the example configuration, you will configure Gigabit Ethernet interface port 2 as illustrated in Figure 2-8. Configure the second Gigabit Ethernet Interface port by following these steps: Step 1 Add VLAN 400 to the defined list of VLANs currently set for Gigabit Ethernet port 2. host1/Admin(config)# interface gigabitEthernet 1/2 host1/Admin(config-if)# switchport access vlan 400 Step 2 Enable the Gigabit Ethernet port. host1/Admin(config-if)# no shutdown host1/Admin(config-if)# exit host1/admin(config)# Configuring a Third Gigabit Ethernet Interface Port You can configure a third Gigabit Ethernet interface port to connect to the servers. For the example configuration, you will configure Gigabit Ethernet interface port 3 as illustrated in Figure 2-12. Configure the third Gigabit Ethernet Interface port by following these steps: Step 1 Add VLAN 500 to the defined list of VLANs currently set for Gigabit Ethernet port 3. host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# switchport access allowed vlan 500 Step 2 Enable the Ethernet port. host1/Admin(config-if)# no shutdown host1/Admin(config-if)# exit host1/admin(config)# Configuring Remote Management Access to the ACE Before remote network access can occur on the ACE through an Ethernet port, you must create a traffic policy that identifies the network management traffic that can be received by the ACE. Configure remote management access to the ACE by following these steps: Step 1 Create a management-type class map named REMOTE_ACCESS that matches any traffic. host1/Admin(config)# class-map type management match-any REMOTE_ACCESS host1/Admin(config-cmap-mgmt)# Step 2 (Optional) Provide a description for the class map. host1/Admin(config-cmap-mgmt)# description Remote access traffic match Step 3 Configure the match protocol to permit traffic based on the SSH, Telnet, and ICMP protocols for any source address. host1/Admin(config-cmap-mgmt)# match protocol ssh any host1/Admin(config-cmap-mgmt)# match protocol telnet any host1/Admin(config-cmap-mgmt)# match protocol icmp any host1/Admin(config-cmap-mgmt)# exit host1/Admin(config)# Step 4 Create a REMOTE_MGMT_ALLOW_POLICY policy map for traffic destined to an ACE interface. host1/Admin(config)# policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY host1/Admin(config-pmap-mgmt)# Step 5 Apply the previously created REMOTE_ACCESS class map to this policy. host1/Admin(config-pmap-mgmt)# class REMOTE_ACCESS host1/Admin(config-pmap-mgmt-c)# Step 6 Allow the ACE to receive the configured class map management protocols. host1/Admin(config-pmap-mgmt-c)# permit host1/Admin(config-pmap-mgmt-c)# exit host1/Admin(config-pmap-mgmt)# exit host1/Admin(config)# Step 7 Access interface configuration mode for the VLAN to which you want to apply the policy map. host1/Admin(config)# interface vlan 1000 host1/Admin(config-if)# Step 8 Apply the REMOTE_MGMT_ALLOW_POLICY policy map to the interface. host1/Admin(config-if)# service-policy input REMOTE_MGMT_ALLOW_POLICY Step 9 Display the REMOTE_MGMT_ALLOW_POLICY policy applied to the interface. host1/Admin(config-if)# do show service-policy REMOTE_MGMT_ALLOW_POLICY Status : ACTIVE ----------------------------------------- Interface: vlan 1000 service-policy: REMOTE_MGMT_ALLOW_POLICY Step 10 Save your configuration changes from the running configuration to the startup configuration. host1/Admin(config-if)# do copy running-config startup-config Generating configuration.... running config of context VC_web saved host1/Admin(config-if)# exit host1/Admin(config)# exit Step 11 Display the running configuration. host1/Admin(config)# do show running-config Generating configuration.... class-map type management match-any REMOTE_ACCESS description Remote access traffic match 2 match protocol telnet any 3 match protocol ssh any 4 match protocol icmp any policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY class REMOTE_ACCESS permit interface vlan 1000 description Management connectivity on VLAN 1000 ip address 172.25.91.110 255.255.255.0 service-policy input REMOTE_MGMT_ALLOW_POLICY no shutdown interface vlan 400 description client connectivity on VLAN 400 ip address 10.10.40.10 255.255.255.0 no shutdown Accessing the ACE through a Telnet Session After you have completed the previous configurations, you can use Telnet to access the ACE through an Ethernet port by using its IP address. Access the ACE through Telnet by following these steps: Step 1 Initiate a Telnet session from a remote host to the ACE. For example, access the ACE from the VLAN IP address of 172.25.91.110 by entering: remote_host# telnet 172.25.91.110 Trying 172.25.91.110... Open Step 2 At the prompt, log in to the ACE. Enter admin as the user name and for the password, type the new password that you entered in the Step 2 in "Enabling Management Connectivity Using the Setup Script" section. host1 login: admin Password: xxxxx Step 3 Display the Telnet session. host1/Admin# show telnet In this chapter, you have set up your ACE appliance so that you can use the ACE Device Manager or CLI to perform server load-balancing configuration tasks through a remote management interface. Next, you will create a user context for server load balancing.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks