Re: CSM Source Nating

c.downie · ‎02-17-2005

Hello,

I'll looking for some info on how to source nat inter site requests on the CSM. At present I have two servers on different layers of my platform.

Server A with address 192.168.1.1 & server B with address 192.168.2.1 both are connected to different router below the CSM and can route via a firewall on their private addresses.

The application on server A has to talk to server B on 155.y.y.7 public address.

The issue is that the source of serverA is not getting nated so the return traffic is not going back via CSM but being routed back to firewall with the two private addresses thus we are getting out of sync packets.

Existing Config on CSM

static nat virtual

real 192.168.1.1

real 192.168.2.1

serverfarm serverA

no nat client

real 192.168.1.1

inservice

vserver serverA-vip

virtual 155.x.x.1 tcp 0

serverfarm serverA

persistent rebalance

inservice

serverfarm serviceB

nat server

no nat client

real 192.168.2.1

inservice

vserver serverB-vip

virtual 155.y.y.7 tcp 0

serverfarm serviceB

persistent rebalance

inservice

Thanks.

Charlie.

Gilles Dufour · ‎02-17-2005

Charlie,

as you can see in your config, you have 'no nat client'.

This is the source nat.

All you have to do is create a pool of address and then assign it to the serverfarm with 'nat client '.

This will nat all traffic from any client.

If you want to avoid this, you need to create a 2nd serverfarm that would be used exclusively when connection is made from server A.

Let me know if you need anything else.

Regards,

Gilles.