ace routing mode desging issue

12pratham · ‎03-13-2012

need some assistance in configuring an application using routing mode on cisco ace

clients ---asa--3750--cisco ace--- servers behind vip

|

visa card transaction servers

i am able to setup a vip on ace using routing mode on ACE,as the servers need to see the client ip ,so we are not performing SNAT,this part is working fine

when a request comes from the client ,it goes to the vip and to one of the backend servers ,and the request will be forwaded back to the ace ,as the default gateway on the servers is pointing to the server vlan on ace.

but if the transaction from the servers need to go to the visa card transaction servers ,how can we acheive this ,and after fetching the data from visa servers,does the reply will be fwd to the ACE or ASAs directly

Or do we need to have static routes defined on the visa servers to point to ASA

please advise me on this

csimmons · ‎03-13-2012

There are quite a bit of options depending on how your network is designed. Are your farm servers and visa card servers in the same logical network?

Could you provide a more detailed diagram?

-Clint

12pratham · ‎03-14-2012

Clint

No they are completely in a different network ,

When a client hits the VIP ,the request goes to the ASA

ASA fwd the vip traffic to the ACE (VIP) interface ,and from there it fwd the traffic to the (server vlan) interface and to the appropriate backend servers.

Backend server responds back to the (server vlan ) interface and the traffic fwd back to the ASA.

But when visa card transaction need to take place ( farm servers ) need to route the traffic to the visa servers which will be in different subnet range .

Do the farm serevrs send the request back to the ASA and can we configure static routes on ASA to point to the visa servers.

Are on the farm servers can we have static routes for the visa servers

Or can I defind static routes on ACEs for the visa servers.