Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE behaviuor if Cache sends original client IP ?

Netpros,

We are doing transparent caching with Blue-Coat and the caches have a bypass list where the web page is not cached and the client' original IP is sent from the cache to ACE to internet.

Is there any feature on ACE which shall block this session?

Thanks in advance

Shukla.

2 REPLIES
Cisco Employee

Re: ACE behaviuor if Cache sends original client IP ?

if the SYN forwarded by the cache comes back on a different interface than the original client interface, ACE will treat it as a new connection and it will perform whatever action you have setup on that interface - the default is route.

Gilles.

New Member

Re: ACE behaviuor if Cache sends original client IP ?

If the Bluecoat send client Ip address to Internet then the return packet has to go to the same active ACE... If the ACE is in one ARM mode and is you use PBR to send the WEB traffic to ACE to loadbalance across Bluecoat..then there should be Reverse PBR on the interfaces which return traffic come through and the has to forwaded to same active ACE ..Because once u enables Ip Spoofing on Bluecoat .. when it get a request from client.. Bluecoat will be initiating a different TCP session with source IP as client IP address.. so if this traffic dont come back to the same proxy and if it directly goes to the client then client will drop the packet

153
Views
0
Helpful
2
Replies
CreatePlease login to create content