Just a few things I found while messing with this product:
The ACE will not run in a CatOS box. You must run IOS on at least a Sup720.
The Supervisor 720 comes with 64MB of flash on 2 x internal DIMM-type modules. The shipping software image at this time is not sufficiently high enough for the Supervisor to recognise the ACE – it will therefore remain unrecognised in the chassis and the ACE’s left-most LED will stay unlit. We used 12.2(18) SXF7.
To get the ACE to be recognised, you need a newer version of IOS than that which ships on the Supervisor . To complicate matters, even the slightest increase in IOS version requires more flash than you have, so you need to order a flash upgrade. The only other alternative is to use the CF slots on the front of the Sup. Of course the attendant risk with external CF cards is that they can be stolen, and you’d only realise when the box doesn’t come back up after an outage.
In terms of an internal Sup flash upgrade, probably the best option is part number WS-CF-UPG. This is a 512MB CF card that is installed internally on the Sup via a kind of DIMM to CF converter. See this installation note. This card appears to ship with 12.2(18)SXE5 which is sufficient to get the ACE recognised.
You can either console onto the module directly using a standard Cisco rollover cable, or you can use the session command from the Supervisor console session. The command is:
Switch# session slot <number> processor 0
Even if you put an IP address on a new ACE module you will not be able to telnet to it by default. Therefore at initial config, the direct connection or a sesesion from the Supervisor are your only options.
The default username and password are both admin. You might want to change this using the command:
switch/Admin# conf t switch/Admin(config)# username admin password <password>
Once you have an IP address on the ACE, you will still need to permit management traffic to it. All traffic is denied by default. This is accomplished by defining a class-map, a policy-map and applying a service-policy to a VLAN interface – basically MQC, but in this instance it is being used a bit like an access-list:
class-map type management match-any MGMT-PROTOCOLS description Match telnet, ssh and icmp 2 match protocol telnet any 3 match protocol ssh any 4 match protocol icmp any policy-map type management first-match MANAGEMENT class MGMT-PROTOCOLS permit interface vlan 10 ip address 192.168.1.1 255.255.255.0 service-policy input MANAGEMENT no shutdown