Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Need help with configure Bridged Mode on the ACE

Dear all!

I need to configure my new ACE appliance in bridged mode

my topology

VTVCab_network.jpg

Configure on ACE:

Context Admin

switch/Admin# show running-config

Generating configuration....

!

boot system image:c4710ace-t1k9-mz.A5_1_2.bin

!

interface gigabitEthernet 1/1

  channel-group 1

  no shutdown

interface gigabitEthernet 1/2

  channel-group 1

  no shutdown

interface gigabitEthernet 1/3

  switchport access vlan 1001

  shutdown

interface gigabitEthernet 1/4

  switchport access vlan 1000

  no shutdown

interface port-channel 1

  switchport trunk native vlan 1

  no shutdown

!

access-list ALL line 8 extended permit ip any any

!

class-map type management match-any remote_access

  2 match protocol xml-https any

  3 match protocol icmp any

  4 match protocol telnet any

  5 match protocol ssh any

  6 match protocol http any

  7 match protocol https any

  8 match protocol snmp any

!

policy-map type management first-match remote_mgmt_allow_policy

  class remote_access

    permit

!

interface vlan 1000

  ip address 10.104.10.19 255.255.255.0

  access-group input ALL

  service-policy input remote_mgmt_allow_policy

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 10.104.10.1

!

context Websphere

  allocate-interface vlan 20

  allocate-interface vlan 200

!

username admin password 5 $1$Ei88yeEz$CT5Gy5MCkewwUT/XCV5350  role Admin domain default-domain

username www password 5 $1$a.NWKsco$sOiUlxJdrdrYbkoobfr/d1  role Admin domain default-domain

!

ssh key rsa 1024 force

!

Context Websphere

switch/Websphere# show running-config

Generating configuration....

!

logging enable

logging timestamp

logging trap 5

!

access-list everyone line 8 extended permit ip any any

access-list everyone line 16 extended permit icmp any any

!

rserver host was01

  ip address 10.104.20.33

  inservice

rserver host was02

  ip address 10.104.20.34

  inservice

rserver host was03

  ip address 10.104.20.35

  inservice

!

serverfarm host Websphere

  rserver was01

    inservice

  rserver was02

    inservice

  rserver was03

    inservice

!

class-map match-all slb-vip

  2 match virtual-address 10.104.20.36 any

!

policy-map type management first-match remote-access

  class class-default

    permit

!

policy-map type loadbalance http first-match slb

  class class-default

    serverfarm Websphere

!

policy-map multi-match client-vips

  class slb-vip

    loadbalance vip inservice

    loadbalance policy slb

interface vlan 20

  description "Client Side"

  bridge-group 1

  access-group input everyone

  service-policy input client-vips

  no shutdown

interface vlan 200

  description "Server Side"

  bridge-group 1

  service-policy input remote-access

  no shutdown

interface bvi 1

  ip address 10.104.20.30 255.255.255.0

  description "client - server bridge group"

  no shutdown

ip route 0.0.0.0 0.0.0.0 10.104.20.1

!

It didn't work.

i can not ping to GW, server or VIP

plz help

1 REPLY
Cisco Employee

Need help with configure Bridged Mode on the ACE

Hi,

Your configuration looks fine. Can you also apply access group to vlan200 as well? I see you have applied remote access policy but no access group on that VLAN. Can you do that and check again.

Normally without access group on server side VLAN normal SLB should work with the above configuration.

Regards,

Kanwal

267
Views
0
Helpful
1
Replies