I have 3 windows 2003 terminal servers setup for load balance using Windows Network Load Balance Manager. IP addresses 192.168.1.14, 192.168.1.15, 192.168.1.16 Cluster IP 192.168.1.40 multicast.
I have a remote site connected via site to site VPN tunnel using Cisco ASA5510 devices, subnet 192.168.100.1. On the local LAN(192.168.1.0) I can get connected to terminal servers using the cluster IP, at the remote site I can not. At the remote site I can connect to each TS using the actual IP address, I can ping the cluster IP address or the dns name and get a response. Can anybody think of any reason why I can not connect using the cluster IP address?
I have setup wireshark on my 192.168.1.0 subnet and setup a packet capture on the ASA5510. On the wireshark I see SYN packets coming in from my machine 192.168.100.102 to the cluster IP and I see SYN,ACK packets Src the cluster IP with the mac address of one of the terminal servers and the dst my IP address with the mac address of the ASA 5510. On the ASA5510 packet capture I only see the SYN packets from my machine coming in but no SYN,ACK packets going out. What happened to the SYN,ACK packets?
I did a packet capture when connecting to the actual IP address of the terminal server (Which Works) and compared the SYN,ACK packets from both and saw no difference.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...