I'm wondering if this is possible : I seem to remember reading somewhere that it is, but do you think I can find the article?
(please see attached NET01.JPG file)
I have an ASA5510 with a few servers sitting behind it and some users that authenticate locally to the ASA to access those servers sitting on the 3560, all on the 10.255.255.0/24 network. Nothing too complicated there.
I've recently purchased a CSS11501 and have it configured to load balance between two WWW servers on a 10.0.120.0/24 network using a virtual IP address back on the 10.255.255.0/24 network (10.255.255.51).
When I attach myself to the 3560 and use http://10.255.255.51 I see the expected results, HTTP requests from server 1, sometimes from server 2. The CSS is working just fine.
However, now I need to get my remote clients access to the two servers behind the CSS and I'm finding it a little more tricky than I initially thought. I'm sure I read somewhere that I can simply add a "route inside 10.0.120.0 255.255.255.0 10.255.255.10" to my ASA adding a route to the CSS and then that handles the routing from that point forward. Of course, I need to ensure that the VPN client split tunnel group my VPN clients are using includes both 10.0.120.10 and 10.0.120.11 and then I should be OK to move forward. However in testing this doesn't work.
Does anyone have any suggestions?