There are two servers that access the internet on behalf of clients (mobile handset) so these are in essence proxies.
The proxies need to be NATed to a VIP of 172.22.72.250 (because of firewall rules) and due to this all other devices that need to access the internet also need to access it via this VIP.
This is configured under the group wap-gateway1 in the config.
So when the actual proxies make a request to the net, they first perform a DNS lookup, and that is successful. This is due to the flow-state 53 udp flow-disable nat-disable command, because we do NOT want to perform any FCB on the DNS request, as the src and dst port must stay as 53. I don't understand exactly why, but that's the way it is.
However when the Cache Engine (see config also attached) performs a DNS request, its request comes from 172.22.72.120 and .121 even though they are added as services into the group wap-gateway1.
My first question is, shoudn't they get NATed on any outgoing request because they are in the group?
Secondly, the CSS doesn't even bother (it seems) sending any http request to the cache engine for caching. We have it set up as a transparent cache, but I cannot see why it is failing because my config looks fine (I think)
By the way, both the Cache Engine and the loadbalancer and the proxy outgoing interface are all on VLAN2, while the actual outgoing internet connection is going from a host on VLAN 24