Showing results for 
Search instead for 
Did you mean: 

ACE admin context

Hi All

I was hoping that someone may be able to help on an issue, the setup is a monitoring server as a Rserver within a context on a ACE and the same on the failover ACE. Now the issue is I am able to reach the management interface for the context the Rserver is in but not the management interface for the Admin context and this is the one I would like to monitor via the Rserver, I can reach each management address of the Admin context from the other management Rserver from the failover ACE and the Rserver in the active ACE I can manage the standby Admin context.


Cisco Employee

Normally, the monitoring devices are in management subnet or in a subnet that is routeable to ACE management IPs.

So, don't really understand why the setup is like this. Why a monitoring server configured as an Rserver in a context? What is the purpose of monitoring server? Is it for client traffic that gets loadbalanaced through ACE? Can you share the topology diagram?

What you are probably running into, is that you can only manage the ace on the ingress vlan where the traffic first enters the ace.  So for example if the ace has 2 vlan, vlan 10, and vlan 20, you will not be able to reach the ace's vlan 20 interface if the traffic first enters the ace on vlan 10.  In order to reach the vlan 20 interface, then the management traffic has to first enter the ace on vlan 20.  Also the ace cannot route between contexts internally, so if the traffic is destined for the admin context and it enters the user context, the ace cannot route that traffic internally to the Admin context, that is only possible through another L3 device other than the ace.

Joel Lamousnery

Engineer, Customer Support

Technical Services - ANS

Joel Lamousnery CCIE R&S - 36768 Engineer, Customer Support Technical Services

Interesting things around traffic processing.

If it fails with management traffic; will it also fail with load balanced traffic ?

If I have interfaces vlan 10 and 20; traffic coming from vlan 10 to reach VIPs listening on Vlan 20 (so the traffic is routed internally before reaching the VIP), can it work ?

Content for Community-Ad