Showing results for 
Search instead for 
Did you mean: 

Source NAT on One Arm Config ACE

Bilal Nawaz
VIP Alumni
VIP Alumni


In a one arm load-balancing configuration setup is it necessary to use source nat? or does the LB know what NAT needs to take place? It has knowledge that its in a one arm config as seen below (from the gui of the ACE)

Screen Shot 2012-12-26 at 21.04.25.png

Take an example for instance client is the gateway is

The VIP on the LB is and the client contacts the VIP.

Logically looks like this....

Screen Shot 2012-12-26 at 20.55.46.png

We're not using ipv6 however the highlight is shown below where reference to source NAT on the LB

Screen Shot 2012-12-26 at 21.01.15.png

Thank you


Please rate useful posts & remember to mark any solved questions as answered. Thank you.
1 Reply 1

The NAT that is occuring is a destination NAT you could say.  When a request is made from an Outside Global address to a Inside Global address the ACE will take that Inside Global address and NAT it to an Inside Local address, say an internal servers IP address.  I believe the ACE also acts as a Reverse Proxy for external requests, meaning the ACE contacts the load balanced servers on behalf of the client.  That way external requests are not actually touching your servers.

Review Cisco Networking for a $25 gift card