VPN Concentrator 3030 VCA (Vritual Cluster Agent) - software ver. 3.5.3

gonzalo.gil · ‎07-15-2002

Hi Guys,

We are running a pair of 3030 Concentratror on the same IP network (Internal and External Interfaces). I have configure the VCA feature (with and without intra-peers encrytion) and the client Load Balancing seems towork for 10/20 minutes and then stops responding.

I looked at the event logs and live log monitor and does not seem to give any errors.

Does these feature work or it is still buggy?

Thanks in advanced

Gonzalo

paqiu · ‎07-15-2002

It is working fine and many customers using this features right now.

Make sure you are following sample config below:

http://www.cisco.com/warp/customer/471/ld_bl_vpn3000_7602.html

Please make sure both cocentrator running same IOS version.

What is the version you are using ? Had better upgrade to the latest version.

Best Regards,

gonzalo.gil · ‎07-22-2002

Both Concentrators are currently running the latest software version and VCA is configure as per Cisco document. The only diference to point out, is we are using NAT, as the concentrators is behind a Pix firewall.

Thanks.

paqiu · ‎07-22-2002

For that NAT with load-balancing. Please make sure following settings:

I assume that we still using following network diagram:

http://www.cisco.com/warp/customer/471/ld_bl_vpn3000_7602.html

So the virtual ip address should be 172.18.124.254 ( will be static translated to 200.200.200.254)

please also config the NAtted ip address for both peers in the concentrator.

I assume one is 200.200.200.1, another 200.200.200.2

So in the PIX, you need three static nat translation.

One more thing, please turn off the proxy-arp in the inside interface of your PIX and give a try.

If it is still not working. please open a TAC case, we will continue help you to do further troublesshooting.

Best Regards,