Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
493
Views
0
Helpful
1
Replies

ACE 4710 Setup

anooshoks
Level 1
Level 1

‎10-12-2014 03:54 AM

Dear All,

 

I have task to add two servers to work with ACE 4710 , the client is coming from internal network and the end host (our servers).

I don,t know how to connect it physically and do the configuration.

Thanks a lot in advance .

Labels:
0 Helpful
1 Reply 1

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎10-12-2014 07:16 AM

Hi,

Below is basic configuration example with three real servers and Source NAT.


Let's say you have three servers:

rserver host SERVER_01
  ip address 192.168.1.11
  inservice
rserver host SERVER_02
  ip address 192.168.1.12
  inservice
rserver host SERVER_03
  ip address 192.168.1.13
  inservice

You add them in serverfarm

serverfarm host REAL_SERVERS
  rserver SERVER_01
    inservice
  rserver SERVER_02
    inservice
  rserver SERVER_03
    inservice

After that you configure the VIP and condition. Here any means any protocol and port

class-map match-all VIP-30
  2 match virtual-address 172.16.51.30 any

YOu define the L7 policy map

policy-map type loadbalance first-match SLB_LOGIC
  class class-default
    serverfarm REAL_SERVERS--------->Serverfarm to which traffic would be loadbalanced.

policy-map multi-match CLIENT_VIPS---->L3 policy map.
  class VIP-30
    loadbalance vip inservice
    loadbalance policy SLB_LOGIC
    nat dynamic 1 vlan 451----------------->You need to apply the NAT when your client is in same subnet as server so that return traffic comes back to ACE and not to client directly or when your servers default GW is not ACE.

interface vlan 251
  description Client vlan------------------->VIP is in this subnet
  ip address 172.16.51.11 255.255.255.0
  access-group input ANYONE
  service-policy input REMOTE_MGT
  service-policy input CLIENT_VIPS
  no shutdown
interface vlan 451--------------->Server side subnet
  description Servers vlan
  ip address 192.168.1.1 255.255.255.0
  nat-pool 1 192.168.1.100 192.168.1.110 netmask 255.255.255.0 pat---->Nat pool defined. It should always be on server side vlan.
  no shutdown

ip route 0.0.0.0 0.0.0.0 172.16.51.1


I would also suggest going through the below for basic troubleshooting and understanding.

http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_%28ACE%29_Troubleshooting_Guide_--_Overview_of_ACE_Troubleshooting

Basic loadbalancing using routed mode:

http://docwiki.cisco.com/wiki/Basic_Load_Balancing_Using_Routed_Mode_on_the_Cisco_Application_Control_Engine_Configuration_Example

And if you have any questions, please put them here and we will be glad to help.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful
Customers Also Viewed These Support Documents