Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
690
Views
0
Helpful
3
Replies

Terminal server Cluster with asa

ovidio.catrina
Level 1
Level 1

‎11-12-2012 05:56 AM - edited ‎03-11-2019 05:22 PM

Hy there

I have a problem with a terminal server cluster.

I have an asa with an interface sided to the terminal server cluster.

The problem is when someone is trying to connect to the cluster this gives back the answer with an different IP so the asa drops the connection.

Example :

Client_source : 192.168.1.1

TS_1 : 10.10.1.1

TS_2 : 10.10.1.2

TS_3 : 10.10.1.3

IP asa

inside : 192.168.1.254

TS_int: 10.10.1.254

When the client 192.168.1.1 attacks the main IP of the TS cluster 10.10.1.1 this loadbalance and answers for example with the IP 10.10.1.2 or 10.10.1.3

The asa drops the connection because it expect and answer from 10.10.1.1 not from other source.

Thank you.

Labels:
0 Helpful
3 Replies 3

Collin Clark
VIP Alumni
VIP Alumni

‎11-12-2012 06:44 AM

Take a look at source NAT (SNAT). I beleive that will take care of the problem.

0 Helpful

ovidio.catrina
Level 1
Level 1
In response to Collin Clark

‎11-12-2012 06:50 AM

Yeap I was thinking so, but isn't there another way, like some kind of asymetric routing.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card