2-23
Cisco 4700 Series Application Control Engine Appliance Administration Guide
OL-11157-01
Chapter 2 Enabling Remote Access to the ACE
Example of a Remote Access Configuration
To directly access the user context from an SSH client, perform the following
steps:
Step 1
From the SSH client, establish a remote SSH session to the IP address of the user
context VLAN interface.
Step 2
Enter the password for the user context VLAN interface. The ACE CLI prompt
appears in Exec mode of the user context.
host1/C1#
Example of a Remote Access Configuration
The following example illustrates a running-configuration that defines rules for
remote access to the ACE through the use of class maps, policy maps, and service
policies. The remote access configuration appears in bold in the example
telnet maxsessions 3
ssh maxsessions 3
access-list ACL1 line 10 extended permit ip any any
class-map type management match-any L4_REMOTE-MGT_CLASS
description Allows Telnet, SSH, and ICMP protocols
2 match protocol telnet any
3 match protocol ssh any
4 match protocol icmp any
policy-map type management first-match L4_REMOTE-MGT_POLICY
class L4_REMOTE-MGT_CLASS
permit
interface vlan 50
ip address 192.168.1.1 255.255.255.0
access-group input ACL1
service-policy input L4_REMOTE-MGT_POLICY
no shutdown
ssh key rsa1 1024 force