Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
693
Views
0
Helpful
5
Replies

Ping from CSS

nalcomis75
Level 1
Level 1

‎03-28-2005 01:26 PM

My CSS is currently in a one-armed transparent proxy configuration with multiple default gateways (as specified in Cisco's configuration example). When the CSS pings odd number IP addresses it sources the ping with its VLAN1 IP address.. If it pings even number IP addresses it sources the ping with its VLAN2 IP address. How can I control this? VLAN2 is an unpublished subnet between the SCA and CSS. All pings fail originating from VLAN2 because the remote client does not have a route to it. I would like the CSS to never originate pings from VLAN2 (unless it is pinging the SCA on VLAN2)

Thanks.

Labels:
0 Helpful
5 Replies 5

pknoops
Level 3
Level 3

‎03-28-2005 01:36 PM

Can we see some of the config specifically the route and circuit section. This behavior is not correct. Can you also let us know the version of webns ?

thanks

Pete..

0 Helpful

nalcomis75
Level 1
Level 1
In response to pknoops

‎03-28-2005 07:11 PM

Pete,

I attached a document containing the version number of WebNS, traceroutes to both and odd and even IPs, and my CSS config. Thanks in advance.

-Erik

Preview file
6 KB
0 Helpful

jfoerster
Level 4
Level 4
In response to nalcomis75

‎03-29-2005 03:57 AM

Hi Erik,

having a look at your config you are having two (2) default routes.

I think this causes the "trouble".

From my point of view this has nothing to do with even or odd IP-Addresses but with loadsharing over two links on equal routing pathes.

Why do you have the 2nd default route pointing to the SCA?

You are having a service configured pointing to the SCA and this should be enough from my point of view.

Do I miss something here?

Kind Regards,

Joerg Foerster

0 Helpful

pknoops
Level 3
Level 3
In response to nalcomis75

‎03-29-2005 04:44 AM

Erik,

What you are seeing is in fact normal behavior and only really applies to pings and traceroutes because of the 2 default routes. This is why you have the ACLs in place. How is the rest of the ssl traffic working ?

Regards

Pete..

0 Helpful

efairbanks
Level 1
Level 1
In response to pknoops

‎03-29-2005 05:34 AM

Pete,

SSL appears to be operating normally. I don't have the system in a production environment, so I haven't seen all the bugs that exist yet. The sample one-armed transparent proxy config provided by Cisco shows a default route towards the SCA. What is the purpose of this? Is there another way to get icmp working correctly? Thanks again for your help.

-Erik

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card