Example Config ACE routed mode with NAT

dolphon01 · ‎09-05-2013

Hi all,

i have a two-arm loadbalancer (routed mode).

client ->vlan100->[VIP]Loadbalancer[NAT] ->vlan200-> serverfarm

But i have my problems to configure the NAT. Can anybody show me a example configuration of a two-arm loadbalancer with NAT?

Especially the access-list, class-map, policy-map and on which interface the NAT-Policy must be added.

BR

Dominik

Cesar Roque · ‎09-05-2013

Hi Dominik,

Something like this:

access-list ANYONE line 10 extended permit ip any any

rserver host SERVER_01

ip address 10.198.16.2

inservice

rserver host SERVER_02

ip address 10.198.16.3

inservice

rserver host SERVER_03

ip address 10.198.16.4

inservice

serverfarm host REAL_SERVERS

rserver SERVER_01

inservice

rserver SERVER_02

inservice

rserver SERVER_03

inservice

class-map match-all VIP-30

2 match virtual-address 192.168.1.30 tcp eq www

class-map type management match-any REMOTE_ACCESS

description remote-access-traffic-match

2 match protocol telnet any

3 match protocol ssh any

4 match protocol icmp any

policy-map type management first-match REMOTE_MGT

class REMOTE_ACCESS

permit

policy-map type loadbalance first-match SLB_LOGIC

class class-default

serverfarm REAL_SERVERS

policy-map multi-match CLIENT_VIPS

class VIP-30

loadbalance vip inservice

loadbalance policy SLB_LOGIC

loadbalance vip icmp-reply active

nat dynamic 1 vlan 452

interface vlan 451

ip address 192.168.1.2 255.255.255.0

access-group input ANYONE

service-policy input CLIENT_VIPS

no shutdown

interface vlan 452

description Servers vlan

ip address 10.198.16.1 255.255.255.0

access-group input ANYONE

nat-pool 1 10.198.16.5 10.198.16.5 netmask 255.255.255.0 pat

no shutdown

ip route 0.0.0.0 0.0.0.0 192.168.1.1

---------------------
Cesar R
ANS Team

--------------------- Cesar R ANS Team