Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

source address and the proxy server

We're running ACE SM and have a recurcive config requirement, where a front end VIP would load balance a packet between 2 back-end proxy servers which, it turn, would send the packet to the back-end VIP. We're trying to determine if we need to SNAT the egress packets based on the fact that the proxy servers retain source addresses of the client, as oppose to replacing it with their own.

Does anybody happen to know if proxy servers do infact retain the clients IP addresses or replace them with their own?

thanks..

1 REPLY
Bronze

Re: source address and the proxy server

In my experience, most proxyservers tend to nat the client ip to an common egress address, most often the address of the outgoing proxyinterface and simply apply pat to handle multible sessions.

Weather or not you need to configure src.nat on egress traffic, would depend entirely on your setup. In some cases, src.nat is needed to avoid the possibility of asynchronous routing.

Don't know if this answers your question, but more accuracy would require some more insight into your proxy/ace setup.

hth

/Ulrich

192
Views
0
Helpful
1
Replies