Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

ACE loadbalancing design dilemma

Hi,

We have an ACE in 6509 connected to a FW(TRUNK). FW connected to 3560 switch(DMZ) rservers connected to 3560 need to be loadbalanced by the ACE(Layer 3 LB)

Is this possible and is this the best way to do it how do the rest of you tackle the DMZ LB dilemma if the LB is on the inside network?

Security issues I need to be thinking of?

Appreciate your time.

1 REPLY
Bronze

Re: ACE loadbalancing design dilemma

You can operate your ACE strictly as an LB device. If you want to use LB only, you must configure certain parameters and disable some of the ACE security features as described in the below URL. By default, the ACE performs TCP/IP normalization checks and ICMP security checks on traffic entering the ACE interfaces. Using the following configuration will also allow asymmetric routing as required by your network application.

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A1/configuration/slb/guide/overview.html#wp1004320

150
Views
0
Helpful
1
Replies
CreatePlease to create content