cancel
Showing results for 
Search instead for 
Did you mean: 

NC loadbalancing issue

GIM_
Not applicable

NC loadbalancing issue

Hi,

We have DX (Active/standby) loadbalancing services provided by SSL VPN cluster.both DX and SA boxes are in DMZ of firewall All other services are being loadbalanced exept NC. Clients are reciving ip address and the ssl session is commimg up but couldnt access any resources in the trusted zone.

The problem is adding static route on firewall. which ip address i should point while adding a route to pool ip address of NC? SA or DX?

core switch has a default route pointing to Firewall and firewall has a default route pointing to outside interface.

I tried adding a static route to DX VIP but no luck. then added a route to master SA ip address and switched off secondary, It worked. but still i couldnt load balance NC traffic if i bring secondry SA up clients connected to it were not able to reach internal network due to lack of return route.

How can i loadbalance in this scenario?

My set up is:

servers------CoreSw(trust)------FW-----DMZ

1 REPLY 1
PMODAK_
Not applicable

Re: NC loadbalancing issue

Hi,

I found a document from Juniper for DX, SA in Active/Active and NC.

Link: http://cn.juniper.net/solutions/literature/app_note/350069.pdf

Thanks & Regards,

Prasanjit Modak.