01-17-2008 05:14 AM
Hi ,
I have configured VIP in ACE and users are able to access the VIP .
How can I access VIP from the real server?.
__ Rgds
Dinesh
01-17-2008 05:25 AM
Dinesh,
you need to perform client nat when servers try to access the vip (this is true for every loadbalancers).
in this case, create an acl to match the traffic from the real servers to the vip.
ie:
class-map src-rserver
match access-list ....
Then create a natpool on the server vlan
interface vlan XXX
natpool 1 x.x.x.x .....
Then create a policy-map to link the nat-pool and the class-map
policy-map multimatch nat-rserver
class src-rserver
nat dynamic 1 vlan XXX
Finally, configure the policy-map on the server interface
interface vlan XXX
service-policy input nat-rserver
Gilles.
01-17-2008 10:19 AM
Hi Gilles,
Thanks for the information .
Please find the below config
interface vlan 15
description server-side Interface
bridge-group 10
access-group input ORACLE-ACCESS
access-group output ORACLE-ACCESS
no shutdown
********
class-map match-all ORACLE
2 match virtual-address 172.16.150.250 tcp eq www
should i configure natpool on vlan 15 ?
What will be the IP address ? ( natpool 1 X.X.X.X) . could you please clarify this also ?
Thanks in advance
-- Dinesh
02-23-2009 02:34 AM
Dinesh,
Yes, the natpool should be configured on VLAN 15, and the IP address should be a valid and available one on the same subnet as BVI 10.
Hope this helps,
Ian
01-18-2008 01:42 AM
Hi Gilles ,
We have configured bridge group in ACE ..
Both client side and server side vlan are in same segments . In that case how to achieve this ?
Rgds
Dinesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: