PIX and Windows Network Load Balancing Service (NLBS/WLBS)

Solace · ‎09-09-2003

Hi,

I am having an issue with PIX 6.3(3) creating a static inbound tunnel to web servers running NLBS/WLBS in both unicast and multicast mode. Has anyone been able to get this working?

Thanks

bdube · ‎09-09-2003

It should be transparent to the PIX which isn't the case for the switch handling NLB traffics. But this is another issue.

Regards

Ben

tcavdar · ‎09-11-2003

First, is load balancing working well?

Solace · ‎09-11-2003

Yes. I've used it well with ISA without any problem (of course because of the type of firewall that ISA is) but the PIX refuses to work. Can't connect through the inbound tunnel to the load balanced address.

bdube · ‎09-11-2003

We have implemented it in customer site, ISA/NLB accessed over a PIX, as i said earlier, it was transparent to the PIX. The PIX never knows about NLB stuffs.

Regards

Ben

Solace · ‎09-11-2003

I understand how it would work behind an ISA firewall.

What I'm talking about is running NLBS directly behind a PIX - because the machines reply with different MACs? Am I wrong?

bdube · ‎09-11-2003

Hi,

The PIX shouldn't take care of which MAC address the packet is coming from. It takes care about IP/ICMP/TCP/UDP. For example, the packet may come from 2 or more differents inside routers before reaching the PIX which is the same case you have except you have differents hosts instead of routers.

Ben