• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 715
  • Last Modified:

nlb in asa

hi support team,
we are using nlb multicast for our hub and cas array in our company.We are using ASA in transparent mode.Problem is from ASA nlb ip is pinging.But from my gateway router nlb ip is not reaching. Please have a look on my configurations.If i remove asa router can reach multicast ip.

please advise

thanks
Emtech admin
asa.txt
gateway-router.txt
0
emtechadmin
Asked:
emtechadmin
1 Solution
 
FideliusCommented:
Hello,

From http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml#unsupp
Multicast
You can allow multicast traffic through the security appliance if you allow it in an extended access list. In a transparent firewall, access-lists are required to pass the multicast traffic from higher to lower, as well as from lower to higher security zones. In normal firewalls, higher to lower security zones are not required. For more information, refer to the Pass Through Traffic section in the Firewall Service Module Transparent Firewall Configuration Example.

Pass Through Traffic section:
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a0080959e83.shtml#tpsd

Multicast traffic is udp so modify those examples to allow udp.

Hope this helps!


Regards!
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now