I am trying to deploy a CSM load balance solution in my DMZs. I have several DMZs that I need to load balance on but the real servers in each can not talk directly to one another, I am not using the MSFC as the router (I only built VLANs on the 6509...no VLAN interfaces), I am using my Checkpoint/Nokia FW as the router.
See my config below, I have the load balancing working fine, but if I get on a device in VLAN 172, I can communicate with a server in VLAN173 without going through the firewall. Is there anything I can do to remedy this? Thanks for any help!...Jeff
The feature you are looking for is virtualisation of the CSM, which is not avaialble with the existing hardware. There is a new product coming in the next few months, called ACE, which does permit virtual contexts in the CSM, plus it has ssl hardware and firewall. The existing CSM hardware is just not up to the job, so its not likely to become avaialble in later code.
If you had a FWSM in the same switch, you could configure this to sit between the CSM and the real servers within each server vlan, using a pair of vlans for each (one CSM - FW, one FW - reals). You could achieve this with other firewalls but this would need many interfaces, which most firewalls dont have.
Thanks Gilles. After trying to do this in routed mode, my next thought was to use bridge mode as you've described, that was quickly shot down...the web server admins do not want the clients natted going to the web servers, and I do not have enough interfaces in my firewalls to accomodate all of the subnets that we were planning on. We have decided to use routed mode and place all of the servers that need to be load balanced on one VLAN, seperating them by function would have been nice, but not a requirement.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...