Jump to content
Welcome to our new Citrix community!

Citrix ADC 13.1 - Multi Network Routing


Recommended Posts

Hi Guys,

 

I am trying to design a new method of implementing a Citrix ADC in our network (ver 13.1. 4.43) and I am having troubles figuring out why it is not working. I am using Citrix ADC 13.1 Premium and I have installed it onto a VMware Server with 3x VMXNET3 Network cards:

 

NIC 1: NS Management and HA Heartbeat between this and a future Citrix ADC that will be built once this has been completed

NIC 2: Internet connection side: A single VLAN (connected as untagged) that hosts the default gateway IP Address and all Virtual Server VIPS

NIC 3: Internal connection: Mutiple tagged VLANs where all infrastructure lies.
 

From a routing perspective:

NIC1 has NSIP and is accessible only by devices on the management network (10.0.1.10/26)

NIC2 has SNIP bound to VLAN and Interface (10.0.3.10/24)

NIC3 has SNIP bound to Tagged VLAN's 

 

The network that the NSIP is connected to is a subnetted network (255.255.255.192), with the remaining /26 IP ranges to be bound to NIC 3 (as tagged VLANs with individual SNIPs)

 

There are three issues I am running into:

1. When I add another SNIP using one of the /26 addresses, the ADC becomes unreachable on the network, even from a machine on the same subnet segment.

2. When turning on network management on all SNIP's I am unable to SSH or GUI Manage the ADC

3. When I change the gateway of the device to be on the 10.0.3.x network, all management access stops ,even when I am on the same network as the SNIP.

 

I have gone over all of my firewall rules and cannot see if there is anything blocking or misrouting IP's (the 10.0.3.x network and 10,0.1.x network only have routes to internet and no other cross vlan routes) and I am stuck. Anyone got any ideas on what to look for?

 

Link to comment
Share on other sites

Add PBRs for the management network to handle traffic for the NSIP - https://www.carlstalhood.com/system-configuration-citrix-adc-13/#dedicatedmgmt . After you do the PBR you can change default route without affecting NSIP.

 

Enable Mac Based Forwarding (MBF) at System > Settings > Modes to handle replies from the muliple subnets.

 

Add static routes for any SNIP traffic originated by the ADC.

Link to comment
Share on other sites

  • 2 weeks later...
  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...