About MARK HILLIARD

MARK HILLIARD · 03-11-2013

Hi,We have a VIP for an FTP service where we do not wish to lose the Client (Source) IP for auditing purposes. So we don't source NAT and force the return traffic back to the ACE with PBR. However the return flow still bypasses the ACE VIP and straig...

MARK HILLIARD · 03-12-2013

Hi Ajay,We are using inspect on both the FW and the ACE. As you imply, this is needed for the PASV port negotiation to work via these devices.Obviously, we are in a Routed, Two-armed mode so slightly different to the scenario on docwiki.cisco.com. Al...

MARK HILLIARD · 03-12-2013

Hi Cesar,It's passive mode. So the client makes an initial connection on port 21, the result of which is the 'sh conn' output in the diagram. We don't get any further than the initial attempted TCP SYN on port 21. So the ACE forwards the client TCP S...

MARK HILLIARD · 12-02-2009

Hi,I have the same problem, tried the secondary cookie technique but it was unsuccessful...RegardsMark Hilliard

Member Since	‎12-02-2009 03:37 AM
Date Last Visited	‎07-29-2020 12:06 AM
Posts	4

User Statistics

User Activity

Routed ACE but no NAT problem

Routed ACE but no NAT problem

Routed ACE but no NAT problem

Re: ACE match http url with post data