Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
458
Views
0
Helpful
2
Replies

ACE behaviuor if Cache sends original client IP ?

shukla1975
Level 1
Level 1

‎10-19-2008 12:54 AM

Netpros,

We are doing transparent caching with Blue-Coat and the caches have a bypass list where the web page is not cached and the client' original IP is sent from the cache to ACE to internet.

Is there any feature on ACE which shall block this session?

Thanks in advance

Shukla.

Labels:
0 Helpful
2 Replies 2

Gilles Dufour
Cisco Employee
Cisco Employee

‎10-20-2008 05:30 AM

if the SYN forwarded by the cache comes back on a different interface than the original client interface, ACE will treat it as a new connection and it will perform whatever action you have setup on that interface - the default is route.

Gilles.

0 Helpful

qataromnix
Level 1
Level 1

‎10-27-2008 06:18 AM

If the Bluecoat send client Ip address to Internet then the return packet has to go to the same active ACE... If the ACE is in one ARM mode and is you use PBR to send the WEB traffic to ACE to loadbalance across Bluecoat..then there should be Reverse PBR on the interfaces which return traffic come through and the has to forwaded to same active ACE ..Because once u enables Ip Spoofing on Bluecoat .. when it get a request from client.. Bluecoat will be initiating a different TCP session with source IP as client IP address.. so if this traffic dont come back to the same proxy and if it directly goes to the client then client will drop the packet

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card