Jump to content
Welcome to our new Citrix community!

Loadbalancing for Cisco Ironport (ESA)


nlffel439

Recommended Posts

In Citrix CNS-420 class, they say, you have to use L2 or L3 load-balancing for firewall load-balancing.

 

There is also product documentation about firewall load-balancing for both, ingress and outgoing traffic.

 

In the end, it's always a service of type ANY, port *, so you can send ANY traffic on any port (*) through it. It works perfectly well.

 

Cheers

 

Johannes Norz

CTA, CCI, CCE-AppDS

My Citrix ADC Blog

My Citrix ADC cook book

Link to comment
Share on other sites

On 1/18/2022 at 3:47 PM, nlffel439 said:

Thanks for your Answer. ?

The problem is that the Netscaler uses the SNIP to the backend and not the source IP. 

It depends on settings. You may turn on "Use Source IP Address" on service/service-group level. And it can't use SNIP in L2 or L3 mode, as neither a bridge, nor a router, is a proxy device. In "Use Source IP Address" mode and L2/L3 mode, it will keep the original IP address.

 

Cheers

 

Johannes Norz

CTA, CCI, CCE-N

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...