We have dual 3030 4.7.2L in loadbalance and each is directly connected to redundant 6500 cores. Clients are authenticated sucessfully and get an IP from either concentrator but only the primary clients are able to access everything while the other users on the backup concentrator is not? Configs and routes are identical any thoughts or ideas?
Is the pool range same or different on both the concentrator? Are you running routing protocol and RRI on the concentrator's provate interface or not.
If the pool range is the same and you are not running routing protocol and RRI then it would not work.
Either the pool range should be different and ensure that the inside hosts etc know how to route back to the relevant concentrator (either use the routing protocol or static routes) or if the pool range is the same then routing protocol and RRI would be required.
Kmal, I enabled the OSPF and RRI on the private interface but it doesn't seem to be injecting the routes into our cores. I also notice that the OSPF neighbor relationships aren't being formed with the concentrator and core? Do you have examples of this?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...