Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS logs

Guys,

I have this following question.

In a SLB configuration

Internet--->CSS11503--->Servers

I use the configuration mode where the CSS process all packets and change the source IP when packets come from Internet, as they originate from the CSS and backwards. In other words the CSS SNATs all packets.

Doing so, the webserver logs that all sessions are initiated by the CSS IP instead of the real public IP's sourced in Internet.

Which is a problem when debugging a particular session.

Can you advise on what logs should be activated on the CSS, to have all sessions logged.

At this moment i couldn't find the answer in the documentation.

Thanks,

Teo

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CSS logs

There is no way to log the session on the CSS.

The ACE module or Ace Application are able to do it but not ACE.

You should find a way to get rid of client nat on the CSS.

This can be done with just a static route if you make the CSS the default gateway for the server or with policy routing if you don't want to change the servers.

Another solution, is to insert a monitoring device in front of the css for logging purposes.

Gilles.

1 REPLY
Cisco Employee

Re: CSS logs

There is no way to log the session on the CSS.

The ACE module or Ace Application are able to do it but not ACE.

You should find a way to get rid of client nat on the CSS.

This can be done with just a static route if you make the CSS the default gateway for the server or with policy routing if you don't want to change the servers.

Another solution, is to insert a monitoring device in front of the css for logging purposes.

Gilles.

104
Views
0
Helpful
1
Replies