I have a group of 4 servers that service requests from servers in the same subnet, so they and their VIP are in a group configuration causing Source NAT.
<br />Now, I want Internet traffic to hit those same 4 servers, but not source NAT. I plan this with a new VIP that will not be in a 'group' configuration.
<br />Can I re-use the same 'service' definitions even though they are referenced with the other VIP in the 'group' section?
You can use ACLs to restrict traffic that needs to use the source group.For e.g
Assumption: Your non-Internet traffic is coming from 10.10.0.0/16 network
clause 254 permit any any destination any
clause 100 permit any 10.10.0.0 255.255.0.0 destination content/ sourcegroup
Above ACL applied to client VLAN will make CSS use source group for only 10.10.0.0/16 network.
Syed Iftekhar Ahmed