Solved: Bridge mode ACE matching anything other than VIP?

Craig_Baum_2 · ‎06-28-2013

Hi, I have an ACE configured in bridged mode and we currently have various VIPs as class-map matches.

However I now need an effective wildcard match to match, say all tcp port eq www but the destination address could be any. So I effectively need to match any ip tcp port eq www.

Now applying that to a service policy inbound on the VLAN should match that. But without a VIP address how can the ACE terminate one TCP leg and then set up another to the serverfarm? Would it use the BVI address or can I add a set VIP type option?

So to confirm bridged ACE needing to match any IP going through with port 80 terminating and sending to serverfarm. Without a VIP how (if it does) work?

Thanks.

Sent from Cisco Technical Support iPad App

ajayku2 · ‎06-28-2013

Hi,

The below should work. We also say it "catch-all"

class-map match-any CM-HTTP-ANY
  2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq http

regards, 
Ajay Kumar

View solution in original post

ajayku2 · ‎06-28-2013

Hi,

The below should work. We also say it "catch-all"

class-map match-any CM-HTTP-ANY
  2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq http

regards, 
Ajay Kumar

Craig_Baum_2 · ‎06-28-2013

Thanks.

Edit: we have tried it and it appears to work. Thank you.

:)

Sent from Cisco Technical Support iPad App