07-17-2008 10:38 PM
Hi Folks,
I have a problem whereby I need to allow my real servers to ping the Server-Side ACE interface. Is this explicitly denied? I have the VIP up and running OK but my server can't ping the Server-Side interface (which is it's gateway).
Thanks in advance,
SteveK.
Solved! Go to Solution.
07-18-2008 12:19 AM
Your management policy is not configured under server side vlan
Do the following and you are good to go
interface vlan 56
service-policy input REMOTE_MGMT_ALLOW_POLICY
Thanks
Syed Iftekhar Ahmed
07-18-2008 02:21 AM
I think You should apply policy REMOTE_MGMT_ALLOW_POLICY to interface vlan 56 or globally.
Currently it's only applied to vlan 55 which is the client side interface.
If You don't want telnet/ssh access from server side, then You need to prepare another class and policy with only icmp traffic allowed.
07-17-2008 11:26 PM
You probably didn't configure management type policy or didn't include icmp traffic there.
Or didn't apply this policy to appropriate interface or globally.
07-17-2008 11:33 PM
07-18-2008 12:19 AM
Your management policy is not configured under server side vlan
Do the following and you are good to go
interface vlan 56
service-policy input REMOTE_MGMT_ALLOW_POLICY
Thanks
Syed Iftekhar Ahmed
07-18-2008 02:21 AM
I think You should apply policy REMOTE_MGMT_ALLOW_POLICY to interface vlan 56 or globally.
Currently it's only applied to vlan 55 which is the client side interface.
If You don't want telnet/ssh access from server side, then You need to prepare another class and policy with only icmp traffic allowed.
07-20-2008 07:50 PM
Thanks Kuba and Syed,
Your speedy response was most helpful.
Cheers, SteveK.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide