I am wondering if someone can give me pointers on the cisco ACE
and asymetric routes. I've attached the diagram:
-Cisco IOS IP address is 192.168.15.4/24 and 188.8.131.52/24
-Firewall External interface is 192.168.15.1/24,
-Firewall Internal interface is 192.168.192.1/24,
-F5_BigIP External interface is 192.168.192.4/24,
-F5_BigIP Internal interface is 192.168.196.1/24 and 192.168.197.1/24,
-host_y has IP addresses of 192.168.196.10/24 and 192.168.197.10/24,
-Checkpoint has static route for 192.168.196.0/24 and 192.168.197.0/24
pointing to the F5_BigIP,
-host_y is dual-home to both VLAN_A and VLAN_B with the default
gateway on host_y pointing to VLAN_A which is 192.168.196.1,
-host_x CAN ssh/telnet/http/https to both of host_y IP addresses
of 192.168.196.10 and 192.168.197.10.
In other words, from host_x, when I try to connect to host_y
via IP address of 192.168.197.10, the traffics will go through VLAN_B
but the return traffics will go through VLAN_A. Everything
is working perfectly for me so far.
Now customer just replaces the F5_BigIP with Cisco ACE. Now,
I could not get it to work with Asymetric route with Cisco ACE. In
other words, from host_x, I can no longer ssh or telnet to host_y
via IP address of 192.168.197.10.
Anyone knows how to get asymetric route to work on Cisco ACE?
Thanks in advance.