Operational Notes

When writing a configuration via the GUI, the existing configuration is erased first; therefore, all configurations written using the GUI should be complete configurations. Incremental configuration updates are only possible by adding the changes to a complete configuration, and then writing this configuration. An option for overwriting or incrementally updating a configuration using a written configuration will be added at a future date.

The GUI caches certain items and can misrepresent the state of the actual device in certain circumstances, such as if the device is rebooted without saving changes. To obtain the current device state, refresh the page. This can be accomplished by holding the SHIFT-clicking the Refresh button.

Once Web management is enabled, it is always accessible via the “Server” port (two-port mode) or the “Network” port (one-port mode) even if SSL client-side access has been configured. Use an access list to prevent unwanted access.

Assigning a Web management access list to the device completely prevents HTTPS access from the GUI. Setting the following access list allows HTTPS access to the GUI from any IP address:

access-list 10 permit 127.0.0.1 0.0.0.0 web-mgmt access-list 10

CLI Notes

The copy to startup-configurationcommand replaces the public startup-configuration. The keys and passwords still exist unless they have been deleted or erased.

Erasing the running-configuration of a device using the CLI disconnects any GUI or telnet sessions from the device. To continue configuration, reconnect to the device.

The custom completer completes previously created objects with the word “create” if TAB is pressed after the full name is typed. To edit an existing object, ensure “create” is not part of the command.

When writing configuration files to the running configuration, the new configuration file appends to the existing configuration rather than replacing it. In the process of recreating existing configuration information, some errors will be displayed. These can be ignored safely.

SNMP Notes

The factory-set default SNMP community is “public”; however, “public” is not listed in the configuration. The behavior of setting and resetting the SNMP community is demonstrated in the table below.

 

 

SNMP community in

Command

SNMP community is set to...

configuration is...

 

 

 

snmp default community XYZ

XYZ

XYZ

 

 

 

no snmp default community

XYZ

No default community listed

 

 

 

snmp default community

public

public

public

 

 

 

 

 

Release Note for the Cisco 11000 Series Secure Content Accelerator: SCA/SCA2

 

78-14640-03

5

 

 

 

Page 5
Image 5
Cisco Systems 11000 manual CLI Notes, Snmp Notes