Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
712
Views
3
Helpful
5
Replies

Transparent Cache & Failover Bypass

estebanmartin
Level 1
Level 1

‎09-08-2004 12:00 AM

Hi,

i'm using transparent caching on a 11501 sending all http traffic to a BlueCoat Cache.

I have set the failover bypass option.

When the cache is down, the CSS bypass the cache, but the problem is that i want the http requests to have the CSS source address so the firewall let them pass.

But the http requests have the client ip.

Is there a solution to this?

the cache rule is L5

Thanks

Labels:
0 Helpful
5 Replies 5

jfoerster
Level 4
Level 4

‎09-08-2004 05:48 AM

Hi,

yes there is a way. This sort of functionaliy is needed in a one armed scenario but you can use the method in a normal one to.

Just followup the steps described in step 5 of the following link (http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a0080093dff.shtml#topic1)

What is basicaly does is to do client nat and replaces the original Client IP by a configuered IP-adress. I think this will do the job.

Kind Regards,

Joerg

estebanmartin
Level 1
Level 1
In response to jfoerster

‎09-09-2004 12:07 AM

Hi Joerg,

thanks for the answer.

I think that could work, but i'd need to do client nat only when bypassing the cache.

any ideas?

0 Helpful

jfoerster
Level 4
Level 4
In response to estebanmartin

‎09-09-2004 03:44 AM

HI,

configure the firewall as a service and use it as backupservice for the bluecoat. The source-group will only include the firewall as service so only Client nat is done when the bluecoat fails and get's bypassed.

Maybe this is a posibility depending on the setup of your network.

Kind Regards,

Joerg

0 Helpful

estebanmartin
Level 1
Level 1
In response to jfoerster

‎09-10-2004 07:50 AM

Hi,

i'm going to try that configuration.

but how can i use the firewall service as a backupservice?

thanks in advance.

0 Helpful

jfoerster
Level 4
Level 4
In response to estebanmartin

‎09-12-2004 10:25 AM

HI,

just use the primarySorryServer command (see http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_command_reference_chapter09186a008028fe78.html#wp1140863). This command takes care or requestes if all other services in a content rule failed. In your case this will take place if your Caches are failing. The sorryserver (your firewall) will than take over the job until the caches return working.

Btw. be aware that this service should only do "routing". So no need for destination NAT.

Regards,

Joerg

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card