Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
629
Views
0
Helpful
2
Replies

Problem of importing VIPs from Cisco ACE 4710 to the ACE Web App Manager

Go to solution
itlogical
Level 1
Level 1

‎02-16-2010 06:41 AM

Hello,

I am working on importing Virtual IP's (VIPs) from Cisco ACE 4710 Ver.A3(2.3) to the Cisco ACE Web App Manager Ver.6.3. In the first phase virtual connection between ACE appliances and WAF Manager is defined and the corresponding ACE Appliance IPs are getting listed under the "Destination Servers" option, But unable to import the VIPs and I get the following error after clicking the Import VIP link.

ERROR: Load balancer https://1.1.1.1:10443 virtual server parse failed Exception parsing for LoadBalancerContext
1.1.1.1 has no VIPs, or all of its VIPs are already represented by HTTP server definitions in this policy.

While reading through the document I have identified a note on which I still do not have clear understanding and I would like to mention here assuming if it could be the problem.

Note:The ACE Web Application Firewall does not support import of any VIP that matches a range of IP addresses in the ACE Application Switch policy.

Another point is that the VIPs on ACE and the IPs of ACE Web App Gateways are in the same range.

If this is the main cause of failure of importing VIPs then how it can be resolved or is there something else, If anyone can project some light or share ideas and experiences what could be the reason will be a great help.

Thanks in advance awaiting kind response.

Best Regards,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sean Merrow
Level 4
Level 4

‎02-17-2010 10:52 AM

Hello itlogical,

You are hitting a bug on the ACE 4710.  The problem is that when the WAF asks the ACE for the class-maps (VIPs), the XML is incorrectly formatted, and therefore the WAF can not properly process the response.

The bug ID for this is CSCsz52234 and it is fixed in the latest release of software for the ACE 4710.  It is A3(2.5) and you can download it today from cisco.com.

Regards,

Sean

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Sean Merrow
Level 4
Level 4

‎02-17-2010 10:52 AM

Hello itlogical,

You are hitting a bug on the ACE 4710.  The problem is that when the WAF asks the ACE for the class-maps (VIPs), the XML is incorrectly formatted, and therefore the WAF can not properly process the response.

The bug ID for this is CSCsz52234 and it is fixed in the latest release of software for the ACE 4710.  It is A3(2.5) and you can download it today from cisco.com.

Regards,

Sean

0 Helpful

Go to solution
itlogical
Level 1
Level 1
In response to Sean Merrow

‎02-17-2010 11:09 PM

Dear Sean,

Thanks for indicating this bug. For sure my next plan is to upgrade the ACE 4710 and I will let you know the outcome.

Lots of thanks once again.. will get back to you soon after applying upgrade.

Best Regards,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents