11-21-2016 02:10 PM
Trying to set up a bidirectional connection that source NATs all rserver initiated connections to the same IP as the inbound VIP. I think I have the config right, but it doesn't seem to work. The IP that should be used for all comms is a VIP of 172.31.0.176 which you will see in the NAT pool. the 172.31.0.178 was created as a VIP for the rservers to send outbound to which will be source NATed to the 172.31.0.176.
rserver host RS_XXX_CORP_SMARTHOST_1
description XXX CORP SMARTHOST FOR EMAIL
ip address 5.5.5.5
inservice
serverfarm host SF_EXC2013_SMTP_OUTBOUND
description Exchange 2013 SMTP
predictor leastconns
rserver RS_XXX_CORP_SMARTHOST_1 25
inservice
sticky ip-netmask 255.255.255.255 address source Sticky_SrcIP_EXC2013_SMTP_OUTBOUND
serverfarm SF_EXC2013_SMTP_OUTBOUND
replicate sticky
class-map match-any VS_EXC2013_SMTP_OUTBOUND
description Exchange 2013 SMTP Outbound
2 match virtual-address 172.31.0.178 tcp eq smtp
policy-map type loadbalance first-match EXC2013_SMTP_OUTBOUND
class class-default
sticky-serverfarm Sticky_SrcIP_EXC2013_SMTP_OUTBOUND
policy-map multi-match Farm_VIPS
class VS_EXC2013_SMTP_OUTBOUND
loadbalance vip inservice
loadbalance policy EXC2013_SMTP_OUTBOUND
loadbalance vip icmp-reply active
nat dynamic 6 vlan 511
interface vlan 511
description ACE-DMZ-front
bridge-group 1
mac-sticky enable
access-group input BPDU
access-group input ANYONE
nat-pool 6 172.31.0.176 172.31.0.176 netmask 255.255.255.0 pat
service-policy input PM_AdminAccess
service-policy input Farm_VIPS
no shutdown
Solved! Go to Solution.
01-03-2017 08:08 AM
This config actually worked for me. I had an issue with the L2L tunnel the traffic was utilizing causing it to be dropped. Once the L2L tunnel as up it worked as planned.
01-03-2017 08:03 AM
David,
Since the rservers are on a separate subnet from the VIP, do they have a valid L3 path to the VIP?
01-03-2017 08:08 AM
This config actually worked for me. I had an issue with the L2L tunnel the traffic was utilizing causing it to be dropped. Once the L2L tunnel as up it worked as planned.
01-03-2017 08:10 AM
Ok. When I looked through the config it didn't appear as if anything was wrong. Glad you got it fixed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide