Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1058
Views
3
Helpful
4
Replies

ACE and FWSM design and configuration guideline with 6500

Md. Rashedul Alam
Level 1
Level 1

‎04-08-2013 11:33 PM

I have Cisco 6500 with FWSM and ACE module which are in one central DC. Also we have four different Datacenter (Hub & spoke) and in our FWSM we have configured four contexts in central DC FWSM for each DC. Each DC servers are different VLAN and IP subnet. Now we have to configure ACE module for load balancing among those different subnet servers. What will be the design and configuration for this solution? Like routed or one-arm mode design.

Scenario Example:

1.  App Server01

IP:192.168.11.5/24

GW: 192.168.11.1 in FWSM

FWSM Context: DC1

Physical Location:DC1

VLAN:11

2.  App Server02

IP:10.101.4.5/24

GW: 10.101.4.1 in FWSM

FWSM Conext:DC2

Physical Location:DC2

VLAN:4

3.   App Server03

IP:192.168.2.5/24

GW: 192.168.2.5 in Local Switch (not in FWSM)

Physical Location:DC3

VLAN2

Now customer requirement is we have to load balance using ACE between these App Servers which are in different context s in FWSM and one Server is not FWSM.

Please guide me how to configure or design or placement of ACE and FWSM for above scenario.

Thanks

Rashed

Labels:
0 Helpful
4 Replies 4

ajayku2
Cisco Employee
Cisco Employee

‎04-09-2013 07:36 AM

Hi,

It looks like Routed mode is ideal solution for you. One arm is feasible if all the servers are in the same subnet.

Here is a good reference for this kind of scenerio.

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/ACE_FWSM.html

regards,

Ajay Kumar

0 Helpful

Md. Rashedul Alam
Level 1
Level 1
In response to ajayku2

‎04-09-2013 10:37 AM

Thanks Ajay. Will you please clearify the position on ACE. cause most of the severs GW is FWSM.

Example:

MSFC

      | Vlan10

      |

  ACE

      |Vlan 11

      |

   FWSM    

|               |

Subnet1  Subnet1

Vlan100     Vlan200

and also flow traffice flow

0 Helpful

ajayku2
Cisco Employee
Cisco Employee
In response to Md. Rashedul Alam

‎04-10-2013 12:41 AM

Hi,

I believe the flow would be:

Client vlan ( vlan10) >> ACE >> VLAN 11 >> FWSM >> VLAN 100 or VLAN 200

I believe FWSM will do 1to1 NAT for each server.

In that case I see feasibility for ONE ARM as well. It is just that you have to add Source NAT on ACE.

ACE ---- vlan 10 ----- FWSM ------- servers

Or As above:

----vlan10--- ACE --- vlan11-----FWSM----( vlan100 or vlan 200)

In both the cases you need to add source Natting on ACE to make it work.

Hope that helps.

regards,

Ajay Kumar

Md. Rashedul Alam
Level 1
Level 1
In response to ajayku2

‎04-10-2013 02:38 AM

Thanks i will share this with my planning team.

0 Helpful
Customers Also Viewed These Support Documents