Unable to get connectivity to ACE

Unanswered Question
Sep 21st, 2009

i am trying to get ip connectivity to my ace-module from the 6509.


In the switch i enter;

svclc multiple-vlan-interfaces

svclc switch 1 module 3 vlan-group 1

svclc vlan-group 1 505



There is an ip-adress on vlan 505 in the 6509. In the admin context of the ACE-module there is a vlan 505 up and running. Why can i not ping between the modules?


The sh arp in the ace displays;

================================================================================

IP ADDRESS MAC-ADDRESS Interface Type Encap NextArp(s) Status

================================================================================

10.x.x.x 00.00.00.00.00.00 vlan505 GATEWAY - * 2 req dn


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dario.didio Mon, 09/21/2009 - 05:15

Hi,


you need to allow this.


Add following class, policy map and ACL.


class-map type management match-any REMOTE_ACCESS-CM

description Match management traffic

2 match protocol telnet any

3 match protocol ssh any

4 match protocol https any

5 match protocol icmp any


policy-map type management first-match REMOTE_ACCESS-PM

class REMOTE_ACCESS-CM

permit


access-list all permit ip any any


int vlan 505

access-group input all

service-policy input mgmt

no shut


HTH,

Dario

martensa Mon, 09/21/2009 - 05:53

it doesn't make any difference;


Still unable to ping..


Heres the config..




access-list all line 1 extended permit ip any any




class-map type management match-any REMOTE_ACCESS-CM

description Match management traffic

2 match protocol telnet any

3 match protocol ssh any

4 match protocol https any

5 match protocol icmp any


policy-map type management first-match REMOTE_ACCESS-PM

class REMOTE_ACCESS-CM

permit


interface vlan 505

ip address x.x.x.x

access-group input all

service-policy input REMOTE_ACCESS-PM

no shutdown


dario.didio Mon, 09/21/2009 - 23:31

Can you post the output for


show int vlan 505

sh arp


are you running ACE on a C6500 VSS pair?


Tnx,

Dario


martensa Mon, 09/21/2009 - 23:45

I assume you ment from the ACE, here it is..


sh int vlan 505


vlan505 is up

Hardware type is VLAN

MAC address is 00:1f:ca:7b:7d:e3

Mode : routed

IP address is 10.x.x.x netmask is 255.255.255.0

FT status is non-redundant

Description:not set

MTU: 1500 bytes

Last cleared: never

Alias IP address not set

Peer IP address not set

Assigned from the Supervisor, up on Supervisor

82 unicast packets input, 2916134 bytes

42798 multicast, 4 broadcast

0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops

4 unicast packets output, 5696 bytes

0 multicast, 85 broadcast

0 output errors, 0 ignored


sh arp



Context Admin

================================================================================

IP ADDRESS MAC-ADDRESS Interface Type Encap NextArp(s) Status

================================================================================

10.x.x.2 00.00.00.00.00.00 vlan505 LEARNED - * 2 req dn

10.x.x.10 00.1f.ca.7b.7d.e3 vlan505 INTERFACE LOCAL _ up

================================================================================

Total arp entries 2



Yes, ACE is located in a 6500 VSS-pair.


/Andreas

Actions

This Discussion