ACE bridge-mode can't ping BVI interface

Unanswered Question

Hi there,

i have configured within an ace context two vlans with a bridge group and one bvi interface.

Here is the Config :

access-list ALLOW_ALL_TRAFFIC line 7 extended permit icmp any any

access-list ALLOW_ALL_TRAFFIC line 8 extended permit ip any any

interface vlan 233

bridge-group 233

access-group input ALLOW_ALL_TRAFFIC

no shutdown

interface vlan 234

bridge-group 233

no shutdown

interface bvi 233

ip address

no shutdown

Now if i want to ping the BVI from the fwsm i got no replies. If i ping the firewall interface from the ace it works correctly i got replies...

Any idea ??

OT: How can i find bugs of the ACE in the bug toolkit ??? With the new version i found nothing.... i think the old one was better.

Thanks a lot and regards


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Martin Kyrc Wed, 07/25/2007 - 13:17

Try configure 'mgmt access':

class-map type management match-any MGMT

match protocol icmp any

policy-map type management first-match MGMT_POLICY

class MGMT


interface bvi 233

ip address 172.19...

service-policy input MGMT_POLICY

!-maybe access-group input ALLOW_ALL_TRAFIC

no shutdown




This Discussion