CSS return traffic

Answered Question
Jun 23rd, 2009

Hello.

My client has a regular implementation of a CSS in router mode.

He now wants to create an aditinal logical structure with an aditional gateway to the internet. He has 2 firewalls (one for ServiceProvider-A and one for SP-B.

My problem is that I cannot make NAT to source addresses (legal stuff) and so I don't know how to forward traffic that came via SP-A to SP-A, and traffic that came via SP-B to SP-B.

Any ideias on how to solve this one? I'm looking for a feature like mac-sticky but I can't find one. I also believe that CSS does not support PBR.

Thanks in advance,

Joao Carvalho

I have this problem too.
0 votes
Correct Answer by Gilles Dufour about 7 years 5 months ago

actually, this is interface in the sense 'circuit vlan'.

Gilles.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
jcarvalh Wed, 06/24/2009 - 01:25

Hello.

In the document that you refered, I can see that "This means that the preferred interface over which to reply to a client is the interface on which the CSS originally received the request from the client.".

By interface we can assume that we are talking of VLANs? They have only one interface connected in trunk mode. This means that all requests arrive to the same interface but on different VLANs.

Thanks,

Joao Carvalho

Correct Answer
Gilles Dufour Wed, 06/24/2009 - 02:30

actually, this is interface in the sense 'circuit vlan'.

Gilles.

jcarvalh Wed, 06/24/2009 - 02:34

Hello.

Thank you very much for your help.

Best regards,

Joao

Actions

This Discussion