ACE30 - PING to VIP and Client side SVI not working

Hi Guys,
Having setup the ACE30 based on the configuration guides, I've been able to get basic load balancing working, probes, stickness etc.  However in testing connectivty, I've noticed that from the real server on the backend I cannot seem to PING:
1. The VIP for the web service that the server is a part of
2. The Client side SVI
I'd like this to work to ensure full connectivity.
I've applied ACLs to the Client side SVI (on the ACE) to allow this in both directions, and also removed any ACLs attached to the client side SVI on the MSFC where the subnet is actually homed.  However I just cannot seem to PING the Client side SVI on the ACE, or the VIP.  Trying to understand if this is normal behavior.
Have inserted my config below for completeness.
ACE30 Config
login timeout 60
hostname ACE1
boot system image:c6ace-t1k9-mz.A90_6_3_5.bin
boot system image:c6ace-t1k9-mz.A4_1_0.bin
resource-class RC_1
  limit-resource all minimum 10.00 maximum unlimited
access-list all line 8 extended permit ip any any
access-list v6-any line 8 extended permit ip anyv6 anyv6
class-map type management match-any REMOTE_ACCESS
  description Remote access traffic match
  2 match protocol telnet any
  3 match protocol ssh any
  4 match protocol icmp any
  5 match protocol https any
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
  class REMOTE_ACCESS
    permit
interface vlan 768
  description Management connectivity
  ip address 10.20.40.72 255.255.255.0
  service-policy input REMOTE_MGMT_ALLOW_POLICY
  no shutdown
ip route 0.0.0.0 0.0.0.0 10.20.40.254
context VC_1
  allocate-interface vlan 11
  allocate-interface vlan 186
  member RC_1
username admin password 5 $1$STizNv5q$i96.Qrt4C4SfHkbLyVT74.  role Admin domain default-domain
username www password 5 $1$ZAn8bOtv$xmmNlH8akF6iYfXdQCKMo1  role Admin domain default-domain
ssh key rsa1 1024 force
! VC_1
ACE1/VC_1# sh run
probe http HTTP_PROBE1
  interval 15
  passdetect interval 60
  expect status 200 200
  open 1
rserver host RS_MONASH_WEB1
  description Test Monash Web Server 1
  ip address 10.194.27.177
  inservice
serverfarm host SF_MONASH_WEB
  probe HTTP_PROBE1
  rserver RS_MONASH_WEB1 80
    inservice
sticky ip-netmask 255.255.255.255 address source STICKY_MONASH_WEB
  timeout 3600
  serverfarm SF_MONASH_WEB
class-map type management match-any REMOTE_ACCESS
  description Remote access traffic match
  2 match protocol ssh any
  3 match protocol telnet any
  4 match protocol icmp any
  5 match protocol https any
class-map match-all VS_MONASH_WEB
  2 match virtual-address 10.194.11.1 tcp eq www
access-list ALLOW_TRAFFIC_TOWARDS_ACE extended permit ip any any
access-list ALLOW_TRAFFIC_TOWARDS_ACE extended permit icmp any any
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
  class REMOTE_ACCESS
    permit
policy-map type loadbalance first-match PM_MONASH_WEB_LB
  class class-default
    sticky-serverfarm STICKY_MONASH_WEB
policy-map multi-match PM_MULTI_MATCH_CLIENT_VIP
  class VS_MONASH_WEB
    loadbalance vip inservice
    loadbalance policy PM_MONASH_WEB_LB
service-policy input REMOTE_MGMT_ALLOW_POLICY
interface vlan 11
  description Client connectivity on Vlan 11
  ip address 10.194.11.250 255.255.255.0
  access-group input ALLOW_TRAFFIC_TOWARDS_ACE
  access-group out ALLOW_TRAFFIC_TOWARDS_ACE       ! not sure if this is required as well?
  service-policy input PM_MULTI_MATCH_CLIENT_VIP
  no shutdown
interface vlan 186
  description CSM www monash
  ip address 10.194.27.189 255.255.255.240
  access-group input ALLOW_TRAFFIC_TOWARDS_ACE    ! not sure if this is required?
  access-group out ALLOW_TRAFFIC_TOWARDS_ACE      ! not sure if this is required?
  ip dhcp relay server 130.194.15.17
  ip dhcp relay server 130.194.15.1
  ip dhcp relay enable
  no shutdown
ip route 0.0.0.0 0.0.0.0 10.194.11.254
6500s
! test-clay1-gw - ACE connects to this 6500
svclc multiple-vlan-interfaces
svclc module 2 vlan-group 2
svclc vlan-group 2  11,171-499,768
! test-clay0-gw - Where Client side subnet, VLAN11 is homed
interface Vlan11
description Testlab server subnet
ip address 10.194.11.253 255.255.255.0
no shut
ip route 10.194.27.176 255.255.255.240 10.194.11.250
thanks
Sheldon

To ping your VIP of the webserver, you should apple the service-policy input command on VLAN 186 too. Currently the VIP only listens on VLAN 11. For the SVI i think that was forbidden by security reason, but i cant remember anymore. Maybe you just need to put the management policy on the interface VLAN 186. If it dont work, then my first guess was right

Similar Messages

  • Auto remove of log files on the client-side is not working

    Hi,
    I have a setup for one-to-one client/server replication database. Everything is replicated ok.
    But on the client side, I see the log.00000000xx files are not removing at all,
    while the server has only 2 last log.00000000xx files left. But if I switch the role of the client/server,
    the newly server will eventually removed the unused log.00000000xx file, and have two last log file left.
    Both client and server database environment setup has called dbenvp->log_set_config(dbenvp, DB_LOG_AUTO_REMOVE, 1).
    Is there any additional setting for the client-side to auto remove the unused log files?
    Thanks,
    Sandra

    Hi.
    First, what version are you running? We created a test to confirm that this feature is
    working as expected on both a master and a client site. What flags do you have set
    for replication? I think we need to have you run with replication verbose messages
    set on the client site and possibly other diagnostics in order to determine what is different
    about your setup. We should take that level offline. Verbose messages can generate
    a large amount of output.
    You can contact me at the typical [email protected] and we'll move it
    forward that way. Thanks.
    Sue LoVerso
    Oracle

  • Weired issue odd IP's can ping the VIP and even can't on the Nexus 9K switch.

    Hello experts!
    we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
                                   Nexus 1                                                                                                                        Nexus 2

    Hello experts!
    we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
                                   Nexus 1                                                                                                                        Nexus 2

  • Weired issue odd IP's can ping the VIP and even can't!

    Hello experts!
    we have two nexus 9k core, attached to the HP Blade v7000 chasis and VPC configured. All Vlans are HSRP are configured. VPC is configured successfully. But the weird this is that source IP address 10.1.2.3 can ping the dest VIP (on the loadblanacer) but 10.1.2.4 can't ie all odd IP's can ping the vip and even IP's can't ping and this is happening in all other Vlans. No firewall no security applience ... windows firewalls are turned off, no ACL's on the swtiches. If I shut down the interface on nexus 1 then all IP's can ping the VIP, as soon as I unshut the interface then .4 stops pinging, and if I shutdown the interface on nexus 2 then all IP's can ping. 10 gig links are connected to Flex fabric card and vpc port channel is up. Any thoughts or help ?
                                   Nexus 1                                                                                                                        Nexus 2

    Nexus 1
    show hsrp active brief
                         P indicates configured to preempt.
                         |
    Interface   Grp Prio P State    Active addr      Standby addr     Group addr
    Vlan99      1   120  P Active   local            10.104.0.3       10.104.0.1      (conf)
    Vlan160     5   120  P Active   local            10.104.5.3       10.104.5.1      (conf)
    Vlan200     6   120  P Active   local            10.104.6.3       10.104.6.1      (conf)
    Vlan210     7   120  P Active   local            10.104.7.3       10.104.7.1      (conf)
    Vlan310     9   120  P Active   local            10.104.9.3       10.104.9.1      (conf)
    Vlan350     11  120  P Active   local            10.104.11.3      10.104.11.1     (conf)
    Vlan450     13  120  P Active   local            10.104.13.3      10.104.13.1     (conf)
    Vlan700     14  120  P Active   local            10.104.14.6      10.104.14.4     (conf)
    Vlan750     15  120  P Active   local            10.104.15.3      10.104.15.1     (conf)
    =======================
    Nexus 2
    show hsrp active brief
                         P indicates configured to preempt.
                         |
    Interface   Grp Prio P State    Active addr      Standby addr     Group addr
    Vlan100     3   120  P Active   local            10.104.2.2       10.104.2.1
      (conf)
    Vlan150     4   120  P Active   local            10.104.4.2       10.104.4.1
      (conf)
    Vlan199     2   120  P Active   local            10.104.1.2       10.104.1.1
      (conf)
    Vlan300     8   120  P Active   local            10.104.8.2       10.104.8.1
      (conf)
    Vlan320     10  120  P Active   local            10.104.10.2      10.104.10.1
      (conf)
    Vlan400     12  120  P Active   local            10.104.12.2      10.104.12.1
      (conf)
    Vlan760     16  120  P Active   local            10.104.16.2      10.104.16.1

  • I dropped my ipad mini and the left side got dented .. so the volume buttons and the mute is not working anymore .... and when i am playing games the volume automatically goes up... i still have warranty .. so does apple replace a new one?

    i dropped my ipad mini and the left side got dented .. so the volume buttons and the mute is not working anymore .... and when i am playing games the volume automatically goes up... i still have warranty .. so does apple replace a new one?

    Steven ~ Welcome to the Support Communities. The following may be useful for next time...
    AppleCare+ for iPad extends your coverage to two years from the original purchase date of your iPad and adds up to two incidents of accidental damage coverage, each subject to a $49 service fee. Note: AppleCare+ must be purchased within 30 days of the date you bought your new iPad.
    iPad mini cases from Tech21
    iPad mini screen protector from Tech21

  • Mobility between HREAP and NON HREAP does not work..

    HREAP Local Switch and Auth has been enabled on SSID.
    Indoor AP is in HREAP mode.
    Outdoor AP does not support HREAP mode.
    Client connects to indoor AP....continous PING breaks after client roams to outdoor AP. The state of the client is RUN.
    Disable HREAP Local Auth and the issue goes away.  Why?

    Without HREAP config, you will not be able to do local-auth on the AP
    The design guid says roam between a HREAP and non-HREAP will not work,
    Thanks
    NikhiL

  • Radio button and associated functionality is not working!

    Hi Pros,
    I am facing the following problem:
    1.I have an interactive PDF created in Acrobat 9 Pro.
    2.PDF have few radio buttons, each radio buttons ahave assigned valus(eg: 1,2,3 etc)
    3.I have a text box in which the value of selected radio button is displayed.
    4.PDF is working fine on my machine.
    5.Client is having Internet Explorer version 7.0.5 and Adobe reader:8.2.6
    6.The radio buttons and associated functionality is not working on client's machine.
    7.The text box shows '0' even if we a radio button with value 2 or 1 is selected.
    What will be the problem? How can I fix this issue?
    Please help.

    Thanks alot for helping me on this.
    Thanks to u also ~graffiti

  • When i install the new os my fcp,motion and many adobe software not working so please help me out.

    when i install the new os my fcp,motion and many adobe software not working so please help me out.
    there are so many videos on youtube but i want know any solution from apple side plz my so many works are pending becuze i am working as Video Editor.

    You need to be more specific about which software applications you're using, the versions and what happens when you try to open them.
    It would also be nice if you could include which model MacBook Air you're using.
    Clinton
    MacBook Pro (15” Late 2011), OS X Yosemite 10.10, 16GB Crucial RAM, 960GB M500 Crucial SSD, 27” Apple Thunderbolt Display

  • WU and STORE(apps downloading) NOT working behind PROXY

    Recently I upgraded to build 9926 from build 9879. I use <g class="gr_ gr_23 gr-alert gr_gramm Grammar only-ins doubleReplace replaceWithoutSep"
    data-gr-id="23" id="23">proxy</g> for internet access.
    Previously I was able to use all the services including WU and downloading apps from Store through proxy connection. But in build 9926 I am not able to download apps from Windows Store and even WU is not working.
    I used the command "<g class="gr_ gr_264 gr-alert gr_spell ContextualSpelling ins-del multiReplace" data-gr-id="264" id="264">netsh</g><g class="gr_ gr_264
    gr-alert gr_spell ContextualSpelling ins-del multiReplace" data-gr-id="264" id="264">winhttp</g>import proxy source=ie" but it is also not working. All the features are
    working except Windows services, I am also not able to download .NET frameworks through WU. WU is giving this error code : 0x80240438 and STORE shows this error : 0x80072efd. Please help me.
     I am stuck <g class="gr_ gr_204 gr-alert gr_gramm Grammar multiReplace" data-gr-id="204" id="204">in</g> this network issue.
    PROXY system works fine in all
    <g class="gr_ gr_22 gr-alert gr_gramm Grammar multiReplace" data-gr-id="22" id="22">other version</g> of Windows, only build 9926 is showing such behavior.
    Please help!!!!!

     
    Hi,
    Have a check of the following command to make all use the proxy settings
    Netsh winhttp import proxy source=ie
    And this link can also be helpful
    How the Windows Update client determines which proxy server to use to connect to the Windows Update Web site
    http://support.microsoft.com/kb/900935
    Yolanda Zhu
    TechNet Community Support

  • Am using ipad air, my question is under accessibility mute and unmute button is not working.

    pls help me am using ipad air, under accesibility the mute and unmute button are not working.

    Do you mean that you have Settings > General > Use Side Switch To set to 'Mute', and you have the switch on the right-hand side of your iPad, above the volume control, 'on' ? WIth that 'on' notification sounds should be muted (e.g. email notifications, game sounds etc), but the you should still be able to hear the Videos and Music apps and with headphones. Is that not happening, and if not you've tried toggling the switch on the side of your iPad on/off ?
    iPad side switch : http://support.apple.com/kb/HT4085

  • Automatic update of RemoteApp and Desktop Connections does not work (while manual updates with "update now" is working)

    Hello,
    on several Windows 7 Clients the update/refresh of the RemoteApp and Desktop Connections stopped not working automatically. There is a Update failed error. When we do an "Update Now" manually, it gets synchronized without problems.
    I am asking me if there is an issue with a stored Password as we Need to Change the Passwords regularily. The error is occuring for Connections to all RDS Servers (we have severals).
    Does Windows store the user Password in the Task Scheduler? If yes, does the schedule Task Password Change automatically after the Domain Password Change?
    Or what else could be the issue? The RDS Server and the certificate (Name the same as the URL) seems to be fine as not all Clients have this issue.
    Thank you for your help

    Hi,
    Thank you for posting in Windows Server Forum.
    By default it will automatically update the RemoteApp and Desktop Connections but if in any particular case it’s not happening then for a try you can restart the server and check the result again.  In addition you can try running below command and check
    the result. 
    Start-Process rundll32 -ArgumentList "tsworkspace,TaskUpdateWorkspaces2
    More information:
    Powershell to update "RemoteApp and Desktop Connections"
    If a task is registered using the Administrators group for the security context of the task, then you must also make sure the Run with highest privileges check box is checked if you want to run the task. Please check “Task
    Security Context” for more details.
    Hope it helps!
    Thanks,
    Dharmesh

  • Social Client & Nokia blogs not working

    from last week social client & nokia blogs not working. Facebook / Twitter / Conversations / Blog etc... are not opening. Get a blank white screen with only option to exit. Surprisingly the social widget is getting updated with posts from both Facebook & Twitter! But if i click to open then its the same issue...

    Thanks Adrian,
    Am from India and using N8.
    First thing i checked is for updates on suite but no luck with that... Not sure if there are updates released which are not made available for users here.
    Any idea on where to check if updates are available here? Or when it would be made available here?
    Appreciate ur help.
    Merry Christmas...
    Cheers
    Staty

  • Thanks for responding.  Since I upgraded ITUNES to IOS 6, my IPOD Touch no longer works at all.  I had numerous apps, music and videos on this touch.  It made me restore to factory reset and it still does not work!!! Nothing I do will work on this touch n

    Thanks for responding. Since I upgraded ITUNES to IOS 6, my IPOD Touch no longer works at all. I had numerous apps, music and videos on this touch. It made me restore to factory reset and it still does not work!!! Nothing I do will work on this touch now. I have so much data on this, I don't want to loose or have to restore!
    Can you help me?
    Thanks

    If you restored to factory settings/new iPod and still have the problem that indicates a hardware problem.
    Make an appointment at the Genius Bar of an Apple store..
    Apple Retail Store - Genius Bar

  • TA44551 My 1-year ipod nano locked up and would not start overnight. The on/off button will not work and stopped holding charge. No water damage, no fall, nothing unusual. I restored it (twice) but it will still not hold charge and on/off does not work.

    My 1-year ipod nano locked up and would not start overnight. The on/off button will not work and stopped holding charge. No water damage, no fall, nothing unusual. I restored it (twice) but it will still not hold charge and on/off does not work. I tried to restore it again and charged it in three different locations with different cables. etc but nothing. Suggestions?

    - After charging for 1/2 hour or so, does iTunes see the iPod?  If yes, restore the iPod from backup.
    - If no, se if placing the iPod in recovery mode will make it visible so you can restore the iPod.  For recovery mode see:
    iPhone and iPod touch: Unable to update or restore

  • HDMI and PC inputs do not work on my 37AV502R LCD TV

    HDMI inputs and PC inputs do not work consistently
    my Apple TV (HDMI) and computers 2 on HDMI, 1 on PC, display just fine n the TV but after a while the TV goes blank,
    the time is not consistent sometime a few minutes, sometimes a few hours,
    but every time, after the TV goes blank there is nothing I can do, the TV just stays blank, if I unplug and turn back on the TV displays the image for a split second and goes bank again,
    I thought it might be an overheating thing, however sometimes the PC input will stop working but the HDMI input (either one) will work fine,
    has anyone else had this issue?
    Thanks
    A. 

    I'm having the same issue.  As soon as I connect it to VGA or HDMI, it goes into a cycle of flashing on-and-off.  A guy on youtube had the same problem (posted a video identical to my problem) and reportedly fixed it with a firmware update.  
    The problem: the US website doesn't have a firmware download.  The canadian website does, but the update is from 4/2009, and the manufactured date on the back of my TV is 5/2009.  (I also tried the update, but it didn't fix the problem).
    When I call Toshiba to ask about the firmware update, after they confirm I am out of warranty, their automated system keeps hanging up on me.  So frustrating. 

Maybe you are looking for

  • Toshiba P50 B 10v does not power up -- possible solution

    Hello, I registered just to say this. My new (about 1 month old) Toshiba P50 B 10V just decided to not power up from one day to the next. If you don't care about the bla, bla, bla, just skip to THE SOLUTION below. The symptoms were: - AC plugged in,

  • Automatic reminder of the retirement age,brithday, pass probation on SAP-HR

    Hi all, My client want automatic reminder of the retirement age,brithday, pass probation, contract end, . . . on the sreen and automatic send the email to HR officer. But I don't know how to do this, please help me solve my problem by step by step or

  • Search Help screen in the BSP

    Hi, Our requirement is to provide the search help for a field. The Search help pop up should have three input fields 'UserId', 'First Name' and 'Last Name'. The pop up should not be table. In the pop up, we can give some input value and based on that

  • Safari sometimes goes nuts

    Safari sometimes seems to loose the page formating, especially on the Apple pages, causing the whole page to look like un-formated junk. Is this a Safari bug, or are the Apple Discussion pages going bonkers at times? Once it happens, it seems that th

  • Photoshop Elements 9 where to download from?

    Where can I download Photoshop Elements 9, I have misplaced the CD and would like to install it on my new laptop