Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
470
Views
0
Helpful
1
Replies

NAT issue? Help?

jcotter
Level 1
Level 1

‎09-01-2005 12:26 PM

Okay, I've got a small issue that I think is a NAT problem. Could someone look over this config and tell if I've done something amazingly stupid? I can get to the load balanced addresses of 10.0.4.67:7080 and 10.0.5.98:8080 but NOT 10.0.4.68:8080 (notice that the hosts and the vip are on the same subnet). That's why I'm thinking that NAT is the problem. VLAN 255 is 10.0.0.0/16 and VLAN 72 is 10.99.72.0/24. Also, I can get to the host directly at 10.0.4.73 at port 8080 with no problems directly. It just won't come through the CSS.

!*************************** GLOBAL ***************************

no restrict web-mgmt

snmp name "CSS1a"

logging host 10.0.55.2 facility 0 log-level debug-7

ip route 0.0.0.0 0.0.0.0 10.0.0.2 1

!************************* INTERFACE *************************

interface 1/1

trunk

vlan 72

interface 1/2

trunk

vlan 255

!************************** CIRCUIT **************************

circuit VLAN72

ip address 10.99.72.100 255.255.255.0

ip virtual-router 72 priority 200 preempt

ip redundant-interface 72 10.99.72.10

circuit VLAN255

ip address 10.0.5.109 255.255.0.0

ip virtual-router 10 priority 200 preempt

ip redundant-interface 10 10.0.5.134

ip redundant-vip 10 10.0.5.98

ip redundant-vip 10 10.0.4.67

ip redundant-vip 10 10.0.4.68

!************************** SERVICE **************************

service shsnjp2.xxxx.com

ip address 10.99.72.45

keepalive type http

keepalive port 8080

active

service shsnjp3.xxxx.com

ip address 10.99.72.140

keepalive port 8080

keepalive type http

active

service sqasn01.xxxx.com

ip address 10.99.72.50

keepalive port 7080

keepalive type tcp

keepalive method get

active

service sqasn02.xxxx.com

ip address 10.99.72.51

keepalive port 7080

keepalive type http

service sqesn01.xxxx.com

ip address 10.0.4.90

keepalive port 8080

keepalive type http

service stbsn01.xxxx.com

ip address 10.0.4.73

keepalive port 8080

keepalive type http

active

service stbsn01b.xxxx.com

ip address 10.0.4.73

keepalive port 20000

keepalive type http

active

!*************************** OWNER ***************************

owner xxxx

content Endeca

add service sqesn01.xxxx.com

add service stbsn01.xxxx.com

balance weightedrr

vip address 10.0.4.68

port 8080

protocol tcp

active

content Endeca-2

add service sqesn01.xxxx.com

add service stbsn01.xxxx.com

balance weightedrr

vip address 10.0.4.68

protocol tcp

port 20000

active

content JBoss

add service shsnjp2.xxxx.com

add service shsnjp3.xxxx.com

protocol tcp

vip address 10.0.5.98

port 8080

advanced-balance sticky-srcip

redundancy-l4-stateless

active

content QA

add service sqasn01.xxxx.com

add service sqasn02.xxxx.com

protocol tcp

port 7080

balance weightedrr

vip address 10.0.4.67

active

!*************************** GROUP ***************************

group servernat

vip address 10.0.4.68

active

Labels:
0 Helpful
1 Reply 1

jcotter
Level 1
Level 1

‎09-01-2005 12:50 PM

I solved my problem. I left out where I was applying the NAT in the group servernat. I applied the NAT to the stbsn01.xxxx.com server (under the group servernat) and that fixed the problem.

For anyone who has a similar problem the syntax is:

group servernat

vip address 10.0.4.68

add destination service stbsn01.xxxx.com

active

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card