Nat virtual ip or nic physical IP for Microsoft NLB
I need advice for our setup consisting of 2 tmg 2010 servers configured as multicast nlb. The internal nics of the array (facing clients) and the external nics are connected in different vlans on the same cisco 4507 core.
Internal Nics: 10.10.10.1, 10.10.10.2
Internal Virtual IP: 10.10.10.3
External Nics: 10.10.100.1, 10.10.100.2
External Virtual IP: 10.10.100.3
I have added static mac and arp entries for each nics and vips (respectively)
The cisco core connects to a cisco ASA firewall. I have added a static arp statement on the asa for the external vip.
My question is about natting on the firewall. I am doing a dynamic nat to one public IP. When I natted the external vip I could not establish outgoing connections from internal clients to the internet via the nlb array, but when I nat each external (physical) ip instead of the external vip, clients can surf the internet.
Is this the right setup or the external vip should be natted?
I have not done a static nat since I am not publishing any exchange or other application that requires incoming connections.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...