Access-List and Ace-4710 Question

Unanswered Question
Aug 17th, 2009

I have a lab with the Ace-4710 implemented.

I have four production VLANs and four standby VLANs for the servers. I am connected via trunk ports for the vlans down to a switch. I can ping from the 4710 to all servers on all VLANs. I can ping from all servers to their default gateway which is the 4710 VLAN interface. So for this reason I believe trunking is working.

The VIP address for my Tomcat VLAN is working fine as I can bring up HTTP for that IP that gets load balanced to the VLAN behind it. So that seems to work which is another reason I am thinking this is a access list issue.

However, I cannot ping from one VLAN through the 4710 to another VLAN. I have to think this is a access-list issue. Below is the config for the 4710. What I need is help figuring out whether this is a Access-List issue or not. I am not an ACL guy but I am learning

Actually, the config is attached. Too big to post.

Thanks for any help you can give.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Mon, 08/17/2009 - 08:48


You have one ACL configured (named ALL) and it is applied only to the management interface. It permits all ports and protocols. None of the other interfaces have an ACL applied. I would double check the routing and make sure the remote VLAN's know how to get the VLANs behind the ACE's. Hope that helps.

jfraasch Mon, 08/17/2009 - 08:51

Yeah, I figured out in the meantime that the 4710 does NOT route between VLANs so I have been playing with my Dell Chassis internal PowerConnect layer 3 switch. I have it almost there as I can ping between all the VLANs except for one.

Can't figure this next part out.

Thanks for the reply. Good lesson on the 4170 though. It does not route!


Jon Marshall Mon, 08/17/2009 - 08:59


"Good lesson on the 4170 though. It does not route!"

The ACE can route and will if it is in routed mode -

I recommend posting this query into the "Data Center -> Application Networking" forum where all the experts on these devices live.



This Discussion