Preserving source IP addresses on CSS 11501

Unanswered Question
Sep 22nd, 2009

Hello Everyone,

I'm trying to scheme a way to preserve client IP addresses on a CSS 11501 that is running in a one armed configuration.

The CSS was added before we needed to load balance and the site(s) which it serves are in production and really can't be touched (perhaps one at a time in a maintenance window).

The relevant setup is:

Internet --> ASA 5520 (NAT) --> servers/CSS 11501's

Can I somehow make the CSS the default gateway for the servers on the LAN?

Any advice would be appreciated and the relevant config can be posted if necessary.

Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 09/22/2009 - 07:41

Nick

You can't preserve the client IP's in one-armed. You have to force the traffic to go back to the CSS from the load-balanced servers. If you preserved the client IP's then the servers would send the traffic straight back to the client without going back through the CSS so the CSS doesn't see the full flow.

Jon

Actions

This Discussion