Cluster ip address not accessible from outside interface

admin_2 · ‎11-18-2008

Hi ,

I have replaced my pix-515e with asa5520-k9(Version 8.0(3)6).

I am facing an issue where i am having two servers on inside which r clustered.

From my outside interface i can connetct to server1 and srver2 but not the cluster ip.

I have natted all the three ip addresses statically.

Ur help needed as i caanot connect to the cluster ip,my application is not working.

static (inside,outside) 10.30.147.155 172.16.25.200 netmask 255.255.255.255 -----cluster ip

static (inside,outside) 10.30.147.153 172.16.25.100 netmask 255.255.255.255

static (inside,outside) 10.30.147.154 172.16.25.101 netmask 255.255.255.255

I cant access the cluster ip address but access the physical ip address.

Regads

Mahesh

panzhixin · ‎08-11-2009

I have the same problem with you.

how should we do when the ssl vpn connection across the nat.for the cisco ssl vpn cluster uses a redirect technique, so it can't keep the session when the nat happen . So I think , in the nat environment, cisco ASA couldn't support cluster

robertson.michael · ‎08-12-2009

Hi Mahesh,

In addition to the static lines you mentioned, you also need to verify that your access-lists are configured correctly as well.

If possible, please post a sanitized copy of your config and we might be better able to assist.

-Mike