cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
812
Views
5
Helpful
2
Replies

WSA with Hardware load balancer

sachwsa01
Level 1
Level 1

I have two S100V appliances. We cannot leverage WCCP so I'm wondering how to properly load balance the 2 WSAs. I have a coyote endpoint LB I can leverage. I configured a VIP and accepted defaults when adding in my 2 WSAs into the cluster. And I can see the traffic hitting the WSAs when I tail the accesslogs but the problem I'm having is no user credentials are being sent. Looks like somehow, credentials are not being passed thru the LB to the WSAs. 

If I put the address to the WSA into the browser, then the credentials get sent from the browser and I can see it on the WSA. 

Right now, as I'm going thru the LB, no credentials are coming across so all traffic is being blocked, based on our policies. 

Anyone using a Load balancer that may be able to offer suggestions on settings? Much thanks,

-LG

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

we have live setup running  Example :

 

We have some deployment with DNS round robin with manual PAC file (WPAD for the Windows10) 

using LDAP authentication works like charm.

 

have a look below some information.

 

https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/118885-technote-wsa-00.html#anc5

 

I was looking concept like you before i was deployed the one i have mentioned above setup working.

 

I found 1 document posted in community site working with Big F5, worth looking to get head around see if that works for you.(attached for reference - thanks for him posting the document).

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

sadik.sener1
Level 1
Level 1

How is your LB deployed. I think the key point is to deploy your LB as the gateway of your Ironport data network. 

 

If you don't, you'd need to source nat the requests on LB and then, the 407 auth challenge responses from the will be sent to the Source nat ip address of the Load balancer.

 

So , first tell us about how is your topology.

 

Kind regards

Sadik