hello,
what is the meaning of that bug?
===
CSCdx35082 - When the CSS detects a mid-NAT reject, the RST (reset) going back to the client has a sequence number of 0.
===
at the momement I use CSS 11005 with app v 5.00.
I have two layers of CSSs:
-one I use load balancing over a few SSL servers
-sec I use for firewall load balancing
so my topology looks like:
SSL
SSL---CSS11005_B-----PIX-----CSS11005_A-----router_IOS----Internet
... PIX
SSL
only router_IOS has a public IP address, all other IPs are private
on the router_IOS there is a static NAT for VIP from CSS11005_B
CSS11005_A is used only for firewall loadbalancing and there is not NAT
PIXs do not make a NAT - only route
CSS11005_B gives VIP for SSL cluster, so there is a NAT
all works fine since over a year. but time to time I recive an information for my support departament, that there is a client who cannot use our SSL.
it is always the same situation: client use some kind of address translation at his point of Internet connection; behind his NAT he cannot use my SSL; If he connect directly to the Internet all works fine.
I am wondering is it possible to tunne something at my side to fix that kind of problems?
regards