Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CSS return traffic

Hello.

My client has a regular implementation of a CSS in router mode.

He now wants to create an aditinal logical structure with an aditional gateway to the internet. He has 2 firewalls (one for ServiceProvider-A and one for SP-B.

My problem is that I cannot make NAT to source addresses (legal stuff) and so I don't know how to forward traffic that came via SP-A to SP-A, and traffic that came via SP-B to SP-B.

Any ideias on how to solve this one? I'm looking for a feature like mac-sticky but I can't find one. I also believe that CSS does not support PBR.

Thanks in advance,

Joao Carvalho

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CSS return traffic

actually, this is interface in the sense 'circuit vlan'.

Gilles.

4 REPLIES
Cisco Employee

Re: CSS return traffic

Joao,

what you need is just 2 default static routes.

The CSS will automatically send response back to the firewall that send the query.

This behavior could be changed with the 'ip ecmp' command

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v8.20/configuration/routing/guide/IP.html

G.

New Member

Re: CSS return traffic

Hello.

In the document that you refered, I can see that "This means that the preferred interface over which to reply to a client is the interface on which the CSS originally received the request from the client.".

By interface we can assume that we are talking of VLANs? They have only one interface connected in trunk mode. This means that all requests arrive to the same interface but on different VLANs.

Thanks,

Joao Carvalho

Cisco Employee

Re: CSS return traffic

actually, this is interface in the sense 'circuit vlan'.

Gilles.

New Member

Re: CSS return traffic

Hello.

Thank you very much for your help.

Best regards,

Joao

149
Views
4
Helpful
4
Replies