09-18-2014 12:11 AM
Dear All,
We have two servers (sharepoint ) and need to add it in ACE 4710 to works as internal no need WAN , how to add it ?
Thanks a lot in Advance
Solved! Go to Solution.
09-18-2014 05:44 AM
Hi,
I didn't get your question clearly. To add rservers you just need to do following:
rserver RS1
ip address 1.1.1.1
inservice.
Then you add this to serverfarm:
serverfarm SF
rserver RS1
inservice
After that you define class-map, policy-map L7 and L4 and apply the service policy to interface.
It doesn't matter if user is coming from WAN or internal network. If the server and user are in same subnet then you would need to do NAT to prevent asymmetric routing.
Regards,
Kanwal
Note: Please mark answers if they are helpful.
10-12-2014 07:18 AM
Hi,
Here's the example:
Let's say you have two servers
rserver host SERVER_01
ip address 192.168.1.11
inservice
rserver host SERVER_02
ip address 192.168.1.12
inservice
rserver host SERVER_03
ip address 192.168.1.13
inservice
You add them in serverfarm
serverfarm host REAL_SERVERS
rserver SERVER_01
inservice
rserver SERVER_02
inservice
rserver SERVER_03
inservice
After that you configure the VIP and condition. Here any means any protocol and port
class-map match-all VIP-30
2 match virtual-address 172.16.51.30 any
YOu define the L7 policy map
policy-map type loadbalance first-match SLB_LOGIC
class class-default
serverfarm REAL_SERVERS--------->Serverfarm to which traffic would be loadbalanced.
policy-map multi-match CLIENT_VIPS---->L3 policy map.
class VIP-30
loadbalance vip inservice
loadbalance policy SLB_LOGIC
nat dynamic 1 vlan 451----------------->You need to apply the NAT when your client is in same subnet as server so that return traffic comes back to ACE and not to client directly.
interface vlan 251
description Client vlan
ip address 172.16.51.11 255.255.255.0
access-group input ANYONE
service-policy input REMOTE_MGT
service-policy input CLIENT_VIPS
no shutdown
interface vlan 451
description Servers vlan
ip address 192.168.1.1 255.255.255.0
nat-pool 1 192.168.1.100 192.168.1.110 netmask 255.255.255.0 pat---->Nat pool defined. It should always be on server side vlan.
no shutdown
ip route 0.0.0.0 0.0.0.0 172.16.51.1
Regards,
Kanwal
Note: Please mark answers if they are helpful.
09-18-2014 05:44 AM
Hi,
I didn't get your question clearly. To add rservers you just need to do following:
rserver RS1
ip address 1.1.1.1
inservice.
Then you add this to serverfarm:
serverfarm SF
rserver RS1
inservice
After that you define class-map, policy-map L7 and L4 and apply the service policy to interface.
It doesn't matter if user is coming from WAN or internal network. If the server and user are in same subnet then you would need to do NAT to prevent asymmetric routing.
Regards,
Kanwal
Note: Please mark answers if they are helpful.
10-12-2014 01:13 AM
Dear Kanwal,
Sorry for the delay i was in vacation .
Please send me the steps to do VIP and class-map, policy-map L7 and L4 by CLI ?
10-12-2014 07:18 AM
Hi,
Here's the example:
Let's say you have two servers
rserver host SERVER_01
ip address 192.168.1.11
inservice
rserver host SERVER_02
ip address 192.168.1.12
inservice
rserver host SERVER_03
ip address 192.168.1.13
inservice
You add them in serverfarm
serverfarm host REAL_SERVERS
rserver SERVER_01
inservice
rserver SERVER_02
inservice
rserver SERVER_03
inservice
After that you configure the VIP and condition. Here any means any protocol and port
class-map match-all VIP-30
2 match virtual-address 172.16.51.30 any
YOu define the L7 policy map
policy-map type loadbalance first-match SLB_LOGIC
class class-default
serverfarm REAL_SERVERS--------->Serverfarm to which traffic would be loadbalanced.
policy-map multi-match CLIENT_VIPS---->L3 policy map.
class VIP-30
loadbalance vip inservice
loadbalance policy SLB_LOGIC
nat dynamic 1 vlan 451----------------->You need to apply the NAT when your client is in same subnet as server so that return traffic comes back to ACE and not to client directly.
interface vlan 251
description Client vlan
ip address 172.16.51.11 255.255.255.0
access-group input ANYONE
service-policy input REMOTE_MGT
service-policy input CLIENT_VIPS
no shutdown
interface vlan 451
description Servers vlan
ip address 192.168.1.1 255.255.255.0
nat-pool 1 192.168.1.100 192.168.1.110 netmask 255.255.255.0 pat---->Nat pool defined. It should always be on server side vlan.
no shutdown
ip route 0.0.0.0 0.0.0.0 172.16.51.1
Regards,
Kanwal
Note: Please mark answers if they are helpful.
10-15-2014 11:28 PM
Thanks a lot Kanwal .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide