I have a pair of 6509's with CSM and SSL modules. We are migrating these to ACE modules in a few days. I have the configuration (except for the interfaces) configured on the ACE, including exported/imported SSL certificates/keys. By not configuring the interfaces with service-policy, the VIP's nor the server IP addresses can conflict with the CSM.
Also, the supervisor config has already been set up to include the client and server vlans for the service linecard. That connectivity has been established, however, I will be changing the client side interface vlan to the one that the CSM was using as the existing one is temporary.
My plan is as follows:
1. Remove the vlan statements for server and client from the supervisor (from config mode, csm mod #).
2. Power down CSM and SSL modules from supervisor.
3. Session into ACE. Modify inteface vlans for both client and server side to use the IP addresses from the vlan server and vlan client configs.
At this time, the servers should begin to appear in the ACE modules' ARP table and the client VIP's should start responding.
Now, what or how do we clean up the rest of the CSM configuration in the supervisor?
If you see any flaws in this plan, please let me know.
Thanks in advance for your assistance.