Search this Blog

Wednesday, January 27, 2010

Problem with ACE4710 in L2 mode. It does not pass traffic between VLANs.

We have ACE4710 appliance from Cisco. We configured RDP load balance in bridge mode, but ACE doesn't pass traffic between the VLANs. ICMP req and rep passed. We can ping VIP and some of servers in server farm, but can't establish RDP session to VIP or directly to servers. ACE4710 work in bridge mode. Interface Vlan 501 and 1501 are members of bridge group 1.

Diagnostic steps

1) Server response could be bypassing ACE (asymmetrical traffic). Try configuring
Source NAT if it resolves this issue.
Click here for more information on sample config on how to configure Source NAT on ACE.

2) Please check and confirm that the servers are in VLAN 501 and the upstream router is in VLAN 1501.
3) Please check and confirm that the default gw of the server is the upstream router in VLAN 1501.
4) Try to only match on the VIP address (remove the "tcp eq rdp").
5) Check if you are able to initiate a RDP session directly on the server, through the ACE but on the IP of the server.
6) Check your HP NIC Teaming software on blade servers. If Teaming mode Auto/Auto traffic does not correctly return to ACE then change the mode to Network Fault Tolerance Only (only one NIC active) and try again.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

No comments :

Post a Comment

/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */