Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
653
Views
0
Helpful
6
Replies

Help in setting two ACE appliances in redundancy

Go to solution
ronnel.maranan
Level 1
Level 1

‎09-24-2008 10:12 AM

Can you please provide a sample configuration on setting up two ACE appliances for redundancy. Also, if you have two redundant ACEs, does the config is copied from the active to the standby or do i have to configure the standby separately?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8
In response to ronnel.maranan

‎11-06-2008 11:01 PM

From the following link

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/command/reference/if.html#wp1068700

"ACE automatically includes the FT VLAN in the VLAN trunk link"

It means FT ports are put by default in trunk mode. Could you change the ports on the switches to trunk port and see if it works.

Syed

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8

‎09-24-2008 03:02 PM

Following link will give you details about ACE redundancy

http://preview.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/admin/guide/redundcy.html

Config is copied from Active to Standby automatically.You just need to configure FT related config (ft group, ft peer, ft vlan) on the Standby ACE.

Syed Iftekhar Ahmed

0 Helpful

Go to solution
ronnel.maranan
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎11-06-2008 12:39 PM

not sure why but the link doesnt work for me... to give you an idea i copied the config on my two aces... can you please advise what is wrong with these configs... when i view the status of the the fault tolerant all the heartbeats being sent are missed.

*************************

hostname FP_ACE_PlanB_1

interface gigabitEthernet 1/1

switchport trunk allowed vlan 2

no shutdown

interface gigabitEthernet 1/2

shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

description ACE_Heartbeat

ft-port vlan 320

no shutdown

access-list ALL line 8 extended permit ip any any

class-map type management match-any remote_access

201 match protocol icmp any

202 match protocol telnet any

203 match protocol ssh any

204 match protocol https any

205 match protocol snmp any

policy-map type management first-match remote_mgmt_allow_policy

class remote_access

permit

interface vlan 2

ip address 10.146.2.22 255.255.255.0

alias 10.146.2.21 255.255.255.0

peer ip address 10.146.2.23 255.255.255.0

access-group input ALL

service-policy input remote_mgmt_allow_policy

no shutdown

ft interface vlan 320

ip address 10.146.1.233 255.255.255.252

peer ip address 10.146.1.234 255.255.255.252

no shutdown

ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 320

query-interface vlan 2

ft group 1

peer 1

priority 200

peer priority 50

associate-context Admin

inservice

ip route 0.0.0.0 0.0.0.0 10.146.2.1

************************

hostname FP_ACE_Prodn_1

interface gigabitEthernet 1/1

switchport trunk allowed vlan 2

no shutdown

interface gigabitEthernet 1/2

shutdown

interface gigabitEthernet 1/3

shutdown

interface gigabitEthernet 1/4

description ACE_Heartbeat

ft-port vlan 320

no shutdown

access-list ALL line 8 extended permit ip any any

class-map type management match-any remote_access

2 match protocol xml-https any

4 match protocol icmp any

5 match protocol telnet any

6 match protocol ssh any

7 match protocol http any

8 match protocol https any

9 match protocol snmp any

policy-map type management first-match remote_mgmt_allow_policy

class remote_access

permit

interface vlan 2

ip address 10.146.2.23 255.255.255.0

alias 10.146.2.21 255.255.255.0

peer ip address 10.146.2.22 255.255.255.0

access-group input ALL

service-policy input remote_mgmt_allow_policy

no shutdown

ft interface vlan 320

ip address 10.146.1.234 255.255.255.252

peer ip address 10.146.1.233 255.255.255.252

no shutdown

ft peer 1

heartbeat interval 200

heartbeat count 20

ft-interface vlan 320

query-interface vlan 2

ft group 1

peer 1

priority 50

peer priority 200

associate-context Admin

inservice

ip route 0.0.0.0 0.0.0.0 10.146.2.1

0 Helpful

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8
In response to ronnel.maranan

‎11-06-2008 03:08 PM

How are the two ACE appliances connected?

Are they using an intermediate switch or a cross cable?

Syed

0 Helpful

Go to solution
ronnel.maranan
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎11-06-2008 05:23 PM

the ft-port for both ACE are connected using an intermediate switch which are configured as an access port and with access to vlan 320

Ronnel

0 Helpful

Go to solution
Syed Iftekhar Ahmed
Level 8
Level 8
In response to ronnel.maranan

‎11-06-2008 11:01 PM

From the following link

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/command/reference/if.html#wp1068700

"ACE automatically includes the FT VLAN in the VLAN trunk link"

It means FT ports are put by default in trunk mode. Could you change the ports on the switches to trunk port and see if it works.

Syed

0 Helpful

Go to solution
ronnel.maranan
Level 1
Level 1
In response to Syed Iftekhar Ahmed

‎11-27-2008 11:44 AM

you have to make the ft vlan the native vlan in the trunk in order to work.

switchport trunk native vlan "your ft vlan"

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents