Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
0
Helpful
1
Replies

CSS Flow

emily
Level 1
Level 1

‎07-30-2004 07:20 AM

Is possible , The CSS connect real server use circuit vlan IP(61.218.77.150) through Intranet-PIX

, But according with Intranet-PIX debug message , I found that CSS forward outside client ip to Intranet-PIX , that violate my company policy .

Is possible , I need that CSS used circuit vlan ip to connect real server ?

How can i do it

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎07-31-2004 10:53 PM

The CSS can't use its circuit ip address for connections hitting a VIP.

However, you can tell the CSS to use a natted address of your internal vlan.

For this, use the followings config.

Assuming your VIP is like this :

owner blah

content WEB

vip address x.x.x.x

add service server1

add service server2

....

!

Then configure the following to achieve natting of client address

group blah

vip address y.y.y.y

add destination service server1

add destination service server2

active

The y.y.y.y address can be whatever address you want but not an ip address already used for a CSS circuit address.

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card