Converting from CSS11501 to ACE 4710 appliance - Need help
I am trying to replicate this environment (see attached) on our new ace appliances but it doesn't like what the css-conversion tool had me do and the only way I can make it work is with transparent mode, no NAT, and the default route being set on my servers to the ACE. This is not a good solution since these servers are accessed by user subnets directly in some cases. What I tried....
(this works, says service is operational)
probe tcp p80_PROBE
passdetect interval 5
rserver host web-s1
ip address 192.168.1.2
rserver host web-s2
ip address 192.168.1.3
serverfarm host web
rserver web-s1 80
rserver web-s2 80
class-map match-all web_CLASS
match virtual-address 192.168.100.66 tcp eq 80
policy-map type loadbalance first-match web_POLICY
policy-map multi-match POLICY
loadbalance vip inservice
loadbalance vip icmp-reply active
loadbalance policy web_POLICY
nat dynamic 10 vlan 100
interface vlan 100
nat-pool 10 192.168.100.66 netmask 255.255.255.0 pat
service-policy input POLICY
I have also put ACLs allowing everything on all interfaces but that doesn't change anything.
serverfarm details shows failures and no connections when i try to access from my browser
am I messing up how I do NAT? What else may be the issue?
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...