Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
3
Replies

css 11501 basic NAT and PAT configuration

skarasiov
Level 1
Level 1

‎07-21-2005 06:02 AM

Hi,

I just want to connect with one of my mail servers through css11501

this is my config

-------begin-----

!************************** CIRCUIT **************************

circuit VLAN1

ip address 195.xxx.xxx.xxx 255.255.255.248

no redirects

ip address 10.1.1.1 255.0.0.0

no redirects

!************************** SERVICE **************************

service mx01

max connections 1024

ip address 10.0.2.3

port 25

protocol tcp

active

!*************************** OWNER ***************************

owner mx

content mx-con

add service mx01

protocol tcp

vip address 195.xxx.xxx.xxx

port 25

!*************************** GROUP ***************************

group mx-group

vip address 195.xxx.xxx.xxx

add service mx01

active

----------end---------

but when I connect with 195.xxx.xxx.xxx on 25 port - it writes me "connection refused"

whats wrong with my configuration

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎07-21-2005 06:07 AM

as always, the best solution is to capture sniffer traces to figure out what is going on.

From experience I would say you have a one-armed config, and the server response is going directly to the client without going first to the CSS.

I would recommend to remove your line 'add service ...' and replace it with 'add destination service ...'

Regards,

Gilles.

0 Helpful

skarasiov
Level 1
Level 1
In response to Gilles Dufour

‎07-21-2005 06:54 AM

ok, thank you.

I have another question. I just want to balance load beetween my five mail servers (they are just relays).

Is it possible ?

I look through "CSS Content Load-Balancing Configuration Guide" - but did not found any solution in it. All examples are about WWW. But now I need to balance my heavy loaded mail. And onle after -- balance WWW.

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to skarasiov

‎07-21-2005 08:29 AM

you can balance almost everything.

For WWW you get more functions that let you check the content, but for email traffic, you can simply balanced based on destination ip and tcp port.

Just make sure the response from the server is coming back to the CSS and does not go directly to the client.

[with client nat on the CSS or pointing your default gateway to the CSS]

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card