Cisco Cisco ACE Application Control Engine Module White Paper
© 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 23 of 40
Command Syntax and Example
Description
failaction reassign <across-if>
switch/Admin(config-sfarm-host)#failaction reassign across-if
across-interface option added for
failaction reassign.
failaction reassign.
show np <num> mtrie dest-ip <ip>
switch/Admin# sh np 1 mtrie dest 1.1.1.1
level 0 Mnode found, next_index=1.
Search terminating successfully, Leaf found.
ip resolve flag 0, ecmp flag 0, nat flag 0
Route/ECMP result #1 encaps id 0 if_id 0
CHange only applicable for NAT entries
level 0 Mnode found, next_index=1.
Search terminating successfully, Leaf found.
ip resolve flag 0, ecmp flag 0, nat flag 0
Route/ECMP result #1 encaps id 0 if_id 0
CHange only applicable for NAT entries
Change accounting octeons.
License uninstall [all | ?]
switch/Admin# license uninstall all
„All‟ token and command completion
is newly added.
is newly added.
show kalap udp load tag <tag name>
show kalap udp load vip tag <tag name>
VIP Tag Name VIP Port Load Value Time Last Updated
VIP Tag Name VIP Port Load Value Time Last Updated
Show kalap tag command.
[no] crypto crlparams <crlName> cacert <CACertFileName>
DM2/Admin(config)# crypto crlparams crl1 cacert cacert1.pem
CrlParams config command.
no]crypto crl <crlName>
ldap://<hostNameOrIPAdress>/<DNName>[?certificateRevocationList][?one|base|s
ub][?objectclass=<filter>]
ldap://<hostNameOrIPAdress>/<DNName>[?certificateRevocationList][?one|base|s
ub][?objectclass=<filter>]
DM2/Admin(config)# crypto crl crlLdap ldap://10.7.107.122:389/cn=Visa
Systems,o=Verisign,c=us?certificateRevocationList
Systems,o=Verisign,c=us?certificateRevocationList
LDAP Url based Crl Config.
crypto import bulk sftp passphrase [non-exportable] pasphrase <passphrase>
<host ip address> <user name> <remote path with wild card>
<host ip address> <user name> <remote path with wild card>
DM2/Admin# crypto import bulk sftp passphrase ABCD 10.1.1.1 root
/root/srccryptodir/*
/root/srccryptodir/*
Bulk import of crypto files.
New ACE Commands (Not Including IPv6)
The Cisco ACE30 module adds a variety of features and functionality to the Cisco ACE portfolio. Table 5 provides
an extensive list of the new CLI commands for configuring the new Cisco ACE30 functionality, except for the IPv6
commands. In the Cisco ACE Software Release A5.1.0, IPv6 support was introduced to the Cisco ACE product
Table 5.
New ACE Commands
Command Syntax and Example
Description
[no] cdp-errors ignore
parameter-map type ssl SSL_PMAP cdp-errors ignore
Added cdp-errors ignored to ssl
parammap
parammap
crl srvrcrl
ssl-proxy service SSL_CLIENT authgroup simple crl srvrcrl
Enable CRL configuration for
backend ssl
backend ssl