11-14-2012 09:46 PM
How do I verify that hosts on different VLANs have connectivity? I can't ping from a host on one VLAN to a host on the other VLAN even with a policy that allows ICMP in place.
11-15-2012 10:01 AM
Just as a follow up, this explains my question better -
From the Routing and Bridging Guide vA2(1.0), Cisco ACE Application Control Engine Module -
"For security reasons, the ACE does not allow pings from an interface on a VLAN on one side of the ACE through the module to an interface on a different VLAN on the other side of the module. For example, a host can ping the ACE address that is on the IP subnet using the same VLAN as the host, but cannot ping IP addresses configured on other VLANs on the ACE."
11-15-2012 02:50 PM
Hi Larry,
It sounds like an expected behavior. However this applies only to ICMP traffic, you should be able to telnet for example without any problem.
---------------------
Cesar R
ANS Team
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide