Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
0
Helpful
1
Replies

CSS11500 - Direct Access to Real Servers

hselak
Level 1
Level 1

‎10-29-2006 02:18 PM

Hello,

There's an example at Cisco.com how to provide a Direct Access to Real Servers behind CSM module, and I have to configure the same but with CSS which is different in configuration.

I'm using CSS11501 for LDAP load-balancing, there are just two servers with their adresses 10.0.0.1 and 10.0.0.2, this is private network side.

On the public side, there's a network 192.168.1.0/24, with 192.168.1.25 as VIP address which is targeted by users.

Is there a possibility that admins can make a Remote Desktop Connection to those Real Servers from public side of the network?

If yes, is it possible to make RDC to this VIP address, and to configure that for example port 4001 is for RDC for Server_1, and port 4002 is for Server_2?

I would appreciate if you have some config example.

Regards,

h.

Labels:
0 Helpful
1 Reply 1

Martin Kyrc
Level 3
Level 3

‎10-30-2006 01:05 AM

Hello,

yes, it's possible. You have two possibilities:

First (as you wrote) you can configure two VIPs - one for first, second for second, connection through RDP at different VIPs (and the same port), or the same VIP and different ports.

Second (better solution):

You are using routed mode (different subnets for client and server side). If you would like to connect directly to server side, you must route this network from client side.

for example: ip route 10.0.0.0/24 192.168.1.x, where 'x' is one CSS's IP. 'x' can be circuit IP, or virtual interface. You can use VIP too, but if rule is not working (service state for all services is 'down') VIP is not 'alive'.

--

martin

0 Helpful
Customers Also Viewed These Support Documents