David,It should just be needed on the VLAN's facing the clients in a standard web-server load-balancing scenario (servers connected at layer-2 to the server-side of the ACE, on the same VLAN's as the ACE interfaces). So put it on VLANs 10 and 30, an...
David,We actually just tested this scenario. If I am understanding your question correctly, and you are bridging VLAN 10 to VLAN 20, and bridging VLAN 30 to VLAN 40, then you can use the command 'mac-sticky enable' under the appropriate VLAN interf...
I believe the functionality you are looking for is called "Reverse Route Injection". This is available on both the ASA's and IOS. I'm assuming you are using routers, so here's the link for reverse route injection for IOS: http://www.cisco.com/en/U...
GRE is only necessary for Microsoft PPTP connections. Also you should only have to open ports on the firewall if you have an ACL applied on the inbound direction of the inside interface (access-group FOO in interface inside)...unles you've applied a...
Sounds a bit like your encryption domains (the ACLs attached to the crypto map) don't quite mirror each other. Is there a difference? Could be a subnet mask mistype or any number of small clerical errors.