Not sure if this is a common requirement or not but done a search on here on and seen similar questions so hoping someone might be able to help.
We have Cisco 11503`s and 2 x UNIX boxes each with 3 NIC`s that need to use SSH for internal management and also transfer of files.
The main problem is the UNIX hosts cannot control which interface the traffic leaves so whilst we have specific functions for most services tied to each NIC, SSH can use any of them.
Inbound is not a problem - content rule on the VIP however outbound is causing us some grief as we don't want ALL SSH traffic to be sourced by the NAT.
Is it possible to force the CSS to use the source group for specific hosts only ?
I.e. all normal internal traffic is not using the source group VIP but our defined hosts are forced to use the source NAT?
I've done some reading on ACL's but I'm not entirely sure these will help or not.
Any help appreciated.