ACE 4710 - Server-initiated source NAT not working
I have a working setup using ACE 4710 where client connections to a VIP located in client VLAN (VLAN 921) are successfully load-balancing to servers in a back-end VLAN (VLAN 804).
I have a requirement for server-initiated connections in server VLAN 804 to also connect to the VIP address.
Source-NAT has been configured, through configuration of an additional class-map in the multi-match policy. The class-map has been configured to match the server IP address that will originate the connection and perform Source-NAT to the address as defined in the NAT-pool statement.
This seems to partly work as the ACE sees the initial server request and forwards it onwards to the real server. However return traffic from the real server is not going back via the ACE.
This suggests that the Source-NAT isn't working as intended.
I've attached the relevant parts of the ACE configuration along with output showing the connection state for a working TCP connection from client and a non-working connection from the server.
Would appreciate if someone can take a look at the configuration and let me know what's wrong?
Assure Application Performance on Hyperconverged InfrastructureWednesday November 20th at 11 am ET
Increased adoption of hyperconverged infrastructure has been driven by the need for IT teams to simplify IT operations and increase agility. Organizations a...
To participate in this event, please use the button to ask your questions
This topic is a chance to discuss more about the migration options from existing network designs to Cisco Application Centr...
Worried about the next Azure Stack firmware update? Learn how Cisco UCS makes the complex simple with every update.
In order to get the latest features, defect fixes and to protect from security threats it is the responsibility of the Microsoft Azu...
Cisco Workload Optimization Manager (CWOM)
Continuously Assure Application Performance at Any Scale
Webinar: Wednesday, October 23rd at 11am ET
Today’s applications utilize traditional virtualization platforms as well as newer DevOps meth...