cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

285
Views
0
Helpful
1
Replies
Beginner

ACE 4710 - Server-initiated source NAT not working

Hi,

I have a working setup using ACE 4710 where client connections to a VIP located in client VLAN (VLAN 921) are successfully load-balancing to servers in a back-end VLAN (VLAN 804).

I have a requirement for server-initiated connections in server VLAN 804 to also connect to the VIP address.

Source-NAT has been configured, through configuration of an additional class-map in the multi-match policy. The class-map has been configured to match the server IP address that will originate the connection and perform Source-NAT to the address as defined in the NAT-pool statement. 

This seems to partly work as the ACE sees the initial server request and forwards it onwards to the real server. However return traffic from the real server is not going back via the ACE.

This suggests that the Source-NAT isn't working as intended.

I've attached the relevant parts of the ACE configuration along with output showing the connection state for a working TCP connection from client and a non-working connection from the server.

Would appreciate if someone can take a look at the configuration and let me know what's wrong?

Thanks

           

1 REPLY 1
Cisco Employee

To clarify,  you're trying to

To clarify,  you're trying to load balance connections within VLAN 804 correct?

EDIT:  Just saw the date posted on this.  LMK if this is now a non-issue.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here