Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
1
Replies

Bridge mode on ACE module

HWangLoyalty_2
Level 1
Level 1

‎03-02-2011 09:01 AM

I tried to configure ACE module installed 6500 switch with brige mode. But it always failed.

The subnet (both VIP and real server) is terminated in the ASA firewall. for example, vip is 2.2.2.2 and real server is 2.2.2.100. when our internal user run a quick test from 1.1.1.1 to hit 2.2.2.2, we could find the connections are establised from ASA between them. Also I could find ACE fowarwd request to 2.2.2.100. To return traffcs. I thought ACE will change source IPs from 2.2.2.100 to 2.2.2.2, and then forward to ASA. But in the firewall, we could find the sessions from 2.2.2.100 to 1.1.1.1. So the connections are failed. I have to put nat dynamic to nat source IPs to fix it for workground solution.

Is this normal issue? why ACE could not change IPs automatically? any special commands required?? I am not sure if the issue is gone when the subnet is terminated in the MSFC. Please let me know your idea. Thanks!

BTW, I knew the routing mode is working properly with us.

Labels:
0 Helpful
1 Reply 1

ohynderi
Level 1
Level 1

‎03-04-2011 05:55 AM

Hi,

ACE should indeed rewrite the source ip from Server IP to VIP IP for reply packets. Most common error for this is asymetric routing. What do you see in "show conn detail" when seting up the connection?

Thanks,

Olivier

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card