Suppouse that there is two servers providing service for remote aplications. Those aplications using IPSEC in transport mode. I would like to put at front CSM to load-balance beetwen both of them (persist via SRC IP is ok for me).
Have you any expirience with transort mode? IMHO it is not possible becouse of ip header changes?
What when changing to tunnel mode. Have you ever seen that configuraion working?
Improved IPSec integration with Network Load Balancing allows a Network Load Balancing group of servers to provide highly available IPSec-based VPN services. Network Load Balancing can accurately track IPSec-secured sessions, and the IPSec IKE protocol can detect when an IPSec-secured session is being established with a cluster server and quickly recover from a failover. Additionally, Network Load Balancing can now maintain IPSec-secured connections to the correct Network Load Balancing host, even when the number of hosts in the cluster (and the algorithm used to map clients to hosts) changes. Because the IKE protocol automatically detects the Network Load Balancing service, no additional configuration is required to use this feature.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...