how a static entry under a "sticky" performs Configuring Static IP Address Sticky Table Entries Cisco Documentation Says When you configure a static entry, the ACE enters it into the sticky table immediately. Configuring the ACE Action on Server Failure failaction purge # The purge keyword specifies that the ACE remove the connections to a real server if that real server in the server farm fails after you enter the command. The ACE sends a reset (RST) to both the client and the server that failed. Cisco Documentation Says If you do not configure this command, the ACE takes no action when a server fails
We are using several contexts for each customer in our ACE module.One of the customer contexts needs to activate XML API to control their services.I've tried to activate it, but cannot get any http response, what can be missing?ACE10 version A2(3.6a)
class-map type management match-any HTTP-ALLOW_CLASS 2 match protocol http source-address 10.110.0.0 255.255.254.0 3 match protocol http source-address 10.60.208.80 255.255.255.248 class-map type management match-any HTTPS-ALLOW_CLASS 2 match protocol https source-address 10.110.0.0 255.255.254.0 3 match protocol https source-address 10.60.208.80 255.255.255.248
I trying configure ASN traffic load balance, but doesn't works.I have one Cisco Catalyst 6509 and onde Cisco Ace10 module, in my context "PanWEB" i have the interfaces above: [code] If i try to establish a telnet session(telnet 10.96.202.10 80) i see the SYN packet passing through the ACE and going to the real server, but, the server do not response the SYN packet. I done a capture in the server using wireshark and could see that the IP address of the destination is the VIP and not the rserver ip address , this is a problem? Why can not I have the SYN + ACK from the server?
We have cisco ace 30 modules installed in cisco 6500 switches. For application availability purpose from the internet, we need to have some global site selector/3rd party devices with similar feature set that of cisco gss.
whether cisco ace is compatible to ge tintegrated with other 3rd party devices like F5 GTM?
I have installed ANM 5.2 virtual appliance.I have an issue importing a Catalyst 6500 device.When I try to import it, I get the following error: Device discovery failed: Cannot communicate to the device.Authentication failure while attempting to connect. Verify the device type and credentials. I double verified and the credentials are correct.I user SSH version 2.I use the following special carachters in the password: "!" and space.I don't use enable password to connect to the 6500 device. The 6500 device has a privilege 15 username.In ANM, the enable password is a requirement so I just fill in the regular password.I think the issue is appearing due to one of the following:
1.) The ANM does not support the special carachters I use in the 6500 password.
2.) Then ANM requires enable password, while I don't use enable password in the 6500 switch.
The 6500 runs SXI6 software version.I can't configure an enable password or configure a test username without special carachters beacause it's against the organization's policy.
I have done this in the past but I cannot find it anywhere......how do you display the uptime of a CSM module in a 6500? The chassis has an uptime of over 2 years, but I believe the CSM module was power cycled at some point within that 2 years and I need to find out if we may be running in to the bug that occurs after 828days of uptime. We are running 4.2(6) on the CSM and 12.2(18)SXF1 IOS on the SUP.
First of all, I want you to know that I do understand that it's not a good design at all, but I still need to implement it.My ACE20 in 6500 works in routed mode with VLAN 101 (10.0.101.0/24) as the client-side VLAN. I therefore have Vlan101 SVI (10.0.101.1/24) on 6500.I also have VLAN 200 (10.0.200.0/24) on 6500 with SVI Vlan200 (10.0.200.1/24) and I want to create a static bidirectional NAT so that clients, connecting to IP address in VLAN 200 (10.0.200.64) would be NATed to VIP (10.0.101.10).Let's say we have clients (10.0.500.0/24) connecting through gig1/0/1.Here is my current setup on 6500.
I was asked to mount ACESMs on each of the CAT6K switches of a VSS cluster (one ACESM on each individual switch).On a non-VSS environment, the "svclc module <slot> vlan-group <group>" command is used to bind the VLAN group to the module on a certain slot. But now I am facing a VSS scenario, I will need to combine switch and slot in order to reference each of the individual modules...
How do I "index" each of the ACESMs in a VSS cluster? ¿Is there an extension of the aforementioned command to be able to combine switch and slot information?
i have configure new ACE 30 module on top of 6500 core switch , the issues am facing whenver i want to access to https://ACE_IP and after i enter the user name and the password , it's forwared me to the follwoing page: is there anything should i configure to avoid this page ?
I have an ACE10-6500-K9 (Application Control Engine service module for Catalyst 6500) but I can't access it because I lost the admin password.I would like to know how to perform a Password Recovery Procedure on this device.Is it similar to the password recovery procedure on an ACE 4700 appliance?
I have Cisco 6500 with FWSM and ACE module which are in one central DC. Also we have four different Datacenter (Hub & spoke) and in our FWSM we have configured four contexts in central DC FWSM for each DC. Each DC servers are different VLAN and IP subnet. Now we have to configure ACE module for load balancing among those different subnet servers. What will be the design and configuration for this solution? Like routed or one-arm mode design.
Now customer requirement is we have to load balance using ACE between these App Servers which are in different context s in FWSM and one Server is not FWSM. how to configure or design or placement of ACE and FWSM for above scenario.
Since the ACE supports only static routing, when pointing a default route from the ACE what is your preferred method when using multiple 6500s with an ACE in each in a failover scenario to prevent just pointing at one 6500? Static route to an HSRP address? Multiple static routes on the ACE, etc?
Is it possible to upgrade ACE 4710 from A3 to A4? What does this actualy means by A3, A4 & A5.
I want to upgrade ACE from A3 to A4 becase I want to enable switch-mode on ACE. Current S/W version is A3 2.0 which is not supporting this command. While reffering the command refernce guide saw that this command is supported in A2 & A4 version from 2.0 itself but for A3 in 2.7 (which is the latest) also this is not supporting this feature.
I am trying to upgrade Sup2T from 15.0 to 15.1 (same feature sets). I have the new image in bootflash and have changed the boot system statement to boot from the new image and the config register is 0x2102. However, everytime it reboots it loads the old image. [code]
Today we have 2 VSS, and are about to buy another two 6500 chassies to bulid a new VSS. Our currens chassies have supervisor 720, and the new one will probably have SUP2T
We have a network design that allowes us to run on a single chassie per VSS if we have hardware failure. This means that in a really worst case scenario we need to move around hardware to have 3 system up and running (that would mean multiple failures on all systems... so really really worst case scenario )
So here is my first question. Can I run a VSS with different supervisors in the chassies? Second question: If I want to upgrade a VSS from SUP720 to SUP2T, cna I run 2 supervisors per chassie (quad supervisor VSS) where one supervisor is SUP720 and one is SUP2T?
I have a firewall module in a Switch Catalyst 6500. I wan to upgrade its context capacity to a greater capacity. When I looked it in the Dynamic configuration, it send me following number parts:
The first one is the license to have 20 context and the next one is upgrade from 20 context to 50 context. My problem is that I haven't could find a service support contract associate them.I want to know if they have or not service contract, because I can´t find them.
We are currently running ANM server version 4.1. I am trying to upgrade to version 5.1. But when I run the "application upgrade anm-va-5.1.ova Upgrade" command, I receive an error that states: "Manifest file not found in the bundle".I then tried to run the install command with the same error.
I am currently running A3(2.6) and evaluate the possibility of upgrading to A4(2.1). The Instal & Upgrade Guide A4(2.0) mentions that A4(2.0) does not include all features of A4(1.1). Does this apply to A4(2.1)? The Release Notes mentions a list of features merged from A4(1.1) to A4(2.1) but does not clarify if there any features not merged.
I will be installing a secondary SUP720 in a 6509-E and will be upgrading the IOS on the existing SUP which is on 122-18.SXF6. I've read that this release has passed End of Critical Maintenance earlier this you. I thinking of upgrading the IOS to 12.2.33-SXJ1(ED) or 12.2.33-SXI8(ED) (possible more stable), but i'm not sure if i need any step upgrades from the current version. The SUP meets the required hardware specs and I will also be upgrading the ROMMON to 12.2(17r)SX7 first.
I have alot of experience upgrading IOS on routers and switches, but i just need to now if there are any gotchas that i need to know for the upgrade on the SUP.
The other issue is i don't believe the current IOS has been installed, are there any issue running on an IOS not installed. Patching is not available since the system is not running from an installed image. To install please use the "install file" command.
I'm looking at upgrading our FWSM modules in our 6500's. They're the WS-SVC-FWM-1 modules.
We're running on version 3.2(12) at the moment and I'm looking to jump up to 4. Any recommendations around whether I should to go to 4.1(6) or 4.0(16)? There aren't any features in particular that I would need in 4.1 but want a good stable base to sit on for 12 months until I look at this exercise all over again.
Doing a bug scrub on our dual core, dual Sup 720 6500s tonight. We are going from s72033-advipservicesk9_wan-mz.122-33.SXI4a.bin to SXI9. I want to get a second set of eyes on my script since I have not done this for about 1 1/2 years. Following this doc:[URL]