ACE in routed mode

pedro.quezada · ‎02-27-2007

do i have no NAT client initiated connection to reals when i use routed mode ...similar to how one sets up a vip for reals when you need to manage the server in the server vlan in the csm ...

example for the ace:

do i have to use NAT

client 3.3.3.3 tries to ssh. telnet to server 2.2.2.5

Client=3.3.3.3 (ssh)------vlan 20 ip 1.1.1.0/24-------ACE---vlan 40 2.2.2.0/24--------RealServer =2.2.2.5

Gilles Dufour · ‎02-28-2007

unlike the CSM, the ACE module does not require any policy or nating to allow traffic from client directly to realy.

All you need is make sure you have an access-group in on both client and server vlan that permits the traffic.

Gilles.

pedro.quezada · ‎03-01-2007

you also have to add a policy to forward traffic...i have to try it..

seems that the ace has to have a policy when it processes traffic in routed mode...

class-map match-all forward_vip

2 match virtual-address 0.0.0.0 0.0.0.0 any

policy-map type loadbalance first-match forward_vip_pol class class-default

forward

Gilles Dufour · ‎03-02-2007

Pedro.

NO !

The ACE does not need a policy to forward the traffic. Only the CSM does.

Gilles.

lionellemaire · ‎06-27-2007

Then what's the use of the 'forward' command ??

Roble Mumin · ‎06-27-2007

ignore :)