01-03-2013 06:10 PM
Hi All,
I've a quick question about bridged mode in an ACE module.
Is it possible to have the servers on a separate subnet rather than on a directly connected VLAN?
Due to limitations brought on by physical aspects of the setup (and also security policy), I cannot put the ACE right next to the servers. ACE on a stick isn't feasible due to PBR smashing the CPU of the msfc so I'm thinking the ACE needs to be in bridged mode as we have to keep IP address transparency so the servers can perform policy functions based on client IP address.
I've attached a .jpg illustrating the basic setup.
The pertinent question i guess is: Can we use the ACE to loadbalance to servers that are NOT on the bridged VLAN subnet and will also quite possibly be on different subnets themselves?
Any suggestions are very much appreciated.
Thanks All!
Brad
Solved! Go to Solution.
01-07-2013 03:13 AM
Hi Brad,
I dont see that as a feasible option. I cant think of a way to achieve it in Bridge mode.
regards,
Ajay Kumar
01-03-2013 11:57 PM
Hi Brad,
As long as there is one to one nat on the firewall it should work just fine.
Even though the servers will be one subnet away but the natted IP will act as local IP for the ACE.
For config reference look at the following link :
hope that helps.
regards,
Ajay Kumar
01-06-2013 03:37 PM
Hello Ajay,
Thanks a lot for the reply, it's very helpful.
At the moment, there isn't any NATting present in the solution and if I can avoid it I'd like to; I'm not ruling it out though, I would just like to avoid NATting if I can.
Do you know if the server IPs need to be on the local subnet in bridged mode? ie, can they be on separate subnets altogether (assuming no NAT can take place?).
Thanks again for your help.
Brad
01-07-2013 03:13 AM
Hi Brad,
I dont see that as a feasible option. I cant think of a way to achieve it in Bridge mode.
regards,
Ajay Kumar
01-07-2013 07:13 PM
Thanks Ajay.
I appreciate yourr help and time.
Brad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide