Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Cluster ip address not accessible from outside interface

Hi ,

I have replaced my pix-515e with asa5520-k9(Version 8.0(3)6).

I am facing an issue where i am having two servers on inside which r clustered.

From my outside interface i can connetct to server1 and srver2 but not the cluster ip.

I have natted all the three ip addresses statically.

Ur help needed as i caanot connect to the cluster ip,my application is not working.

static (inside,outside) 10.30.147.155 172.16.25.200 netmask 255.255.255.255 -----cluster ip

static (inside,outside) 10.30.147.153 172.16.25.100 netmask 255.255.255.255

static (inside,outside) 10.30.147.154 172.16.25.101 netmask 255.255.255.255

I cant access the cluster ip address but access the physical ip address.

Regads

Mahesh

2 REPLIES
New Member

Re: Cluster ip address not accessible from outside interface

I have the same problem with you.

how should we do when the ssl vpn connection across the nat.for the cisco ssl vpn cluster uses a redirect technique, so it can't keep the session when the nat happen . So I think , in the nat environment, cisco ASA couldn't support cluster

Re: Cluster ip address not accessible from outside interface

Hi Mahesh,

In addition to the static lines you mentioned, you also need to verify that your access-lists are configured correctly as well.

If possible, please post a sanitized copy of your config and we might be better able to assist.

-Mike

283
Views
0
Helpful
2
Replies
CreatePlease to create content