Currently we have our ACE's deployed in L2 mode. I have the service policy applied to the client side vlan (123). Everything is working fine. My application guys want to be able to ping the VIP from the rservers and as configured it does not work. In order to get this to work it seems that I need to apply the service policy to the server side vlan (456) too. Are there any issues that I need to be aware of when doing this besides source natting the server connections if they want to access the VIP content? Relevant config:
interface vlan 123
bridge-group 1
access-group input BPDU
access-group input PERMIT_ANY
service-policy input REMOTE_MGMT_ALLOW_POLICY
service-policy input VIP_POLICY
no shutdown
interface vlan 456
bridge-group 1
access-group input BPDU
access-group input PERMIT_ANY
service-policy input REMOTE_MGMT_ALLOW_POLICY
no shutdown
Thanks.
-Joshua