Intel Adaptive Load Balancing behind ASA5510

Unanswered Question

I have a Cisco ASA5510 and a server that has Intel PROSet for Wired Connections loaded in an Adaptive Load Balancing mode. When i place this server behind the firewall, everything works fine. However, when I place a rule in the Access-List and a Static Mapping in, all inbound and outbound traffic stops. Any suggestions?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Tue, 02/12/2008 - 07:38

your rule seems messy...what rule are you adding ? can you paste your config

I have mased my external IPs for obvious reasons.

As i stated - the current machines, which only have 1 nic, work fine. when i attempt to pull a server that has dual - nics using Adaptive Load Balancing by Intel, and i add a mapping in (for RDP), the server is unable to browse and any traffic will not make it in.

: Saved


ASA Version 7.0(7)


hostname wbaiweb


enable password #### encrypted




interface Ethernet0/0

nameif outside

security-level 0

ip address Mas.Ked.0.5


interface Ethernet0/1

nameif inside

security-level 100

ip address


interface Ethernet0/2


no nameif

no security-level

no ip address


interface Management0/0

nameif management

security-level 100

ip address



passwd PU6AEZI3KHII8gEh encrypted

ftp mode passive

clock timezone CST -6

clock summer-time CDT recurring

dns domain-lookup inside

object-group service 3389 tcp

port-object range 3389 3389

object-group service 25 tcp

port-object range smtp smtp

access-list OUTSIDE_ACCESS_IN extended permit tcp any host Mas.Ked.0.54 eq 3389

access-list OUTSIDE_ACCESS_IN extended permit tcp any host Mas.Ked.0.10 eq 3389

access-list OUTSIDE_ACCESS_IN extended permit tcp any host Mas.Ked.0.55 eq 3389

pager lines 24

logging asdm informational

mtu outside 1500

mtu inside 1500

mtu management 1500

asdm image disk0:/asdm-507.bin

no asdm history enable

arp timeout 14400

global (outside) 1 interface

nat (inside) 1

static (inside,outside) Mas.Ked.0.54 netmask

static (inside,outside) Mas.Ked.0.10 netmask

static (inside,outside) Mas.Ked.0.55 netmask

access-group OUTSIDE_ACCESS_IN in interface outside

route outside Mas.Ked.0.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet Mas.Ked.0.0 outside

telnet inside

telnet management

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd lease 3600

dhcpd ping_timeout 50


class-map inspection_default

match default-inspection-traffic



policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp


service-policy global_policy global


: end


abinjola Tue, 02/12/2008 - 08:08 seems routing issue here...check the "route print" output on your the default gateway correct ?


1)inspect icmp in yoru policy map

policy-map global_policy

class inspection_default

inspect icmp

2)Now turn on debug icmp trace on firewall and ping from the dual nic card you see pings reply ? do you see these request and replies through the firewall in this "debug icmp trace" output ?

3)If you turn OFF one NIC card.I suspect this would work.... get me the logs if possible


This Discussion