Anonymous (not verified) Sat, 11/22/2008 - 21:43
User Badges:

Hi ,

I have replaced my pix-515e with asa5520-k9(Version 8.0(3)6).

I am facing an issue where i am having two servers on inside which r clustered.

From my outside interface i can connetct to server1 and srver2 but not the cluster ip.

I have natted all the three ip addresses statically.

Ur help needed as i caanot connect to the cluster ip,my application is not working.


static (inside,outside) 10.30.147.155 172.16.25.200 netmask 255.255.255.255 -----cluster ip

static (inside,outside) 10.30.147.153 172.16.25.100 netmask 255.255.255.255

static (inside,outside) 10.30.147.154 172.16.25.101 netmask 255.255.255.255


I cant access the cluster ip address but access the physical ip address.


Regads

Mahesh


Farrukh Haroon Sun, 11/23/2008 - 01:22
User Badges:
  • Red, 2250 points or more

If you mirrored the configuration, then I doubt this has anything to do with the ASA. Have you allowed all three IPs in the ACL as well?


Anyway, can you run the following command on the server and post the output here?


packet-tracer input outside tcp 4.4.4.4 1025 10.30.147.15 80 detailed


Just make sure you replace 80 with the 'service' port running on your app.


Regards


Farrukh

Anonymous (not verified) Sun, 11/23/2008 - 09:24
User Badges:

Thanks farrukh for ur reply,

I am getting hit counts for the respective acl.

When i replace my asa with pix then my config works fine.

I will definitely move ahead with the packet tracing alternative and revert back with the outcome.


Regards

Mahesh


Actions

This Discussion