Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Alternate Source Address needed on Virtual Service for back end connection

 

Information

 

Summary:

Virtual Service not working due to wrong back-end source IP

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

EU is unable to connect to their service because their server will only accept connections from a specific subnet/IP

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:  
Resolution:

 

  1. Packet captures showed successful front end communication, but the back-end communication would fail after the initial SYN from the loadmaster over port 443, with a flood of Re-Transmissions.
  2. EU's back-end azure environment/servers will only accept connections sourced from a specific subnet range/IP addresses.
  3. To fix this, we need to enable the ability to specify an alternate source address.

     

  4. This is located in System Configuration -> Miscellaneous Options -> L7 Configuration -> Allow connection scaling over 64K Connections.

  5. Next, you will have to navigate to the Virtual Service that you want to change the Source IP Address of. Navigate to advanced properties -> Alternate Source Addresses and type in the new Source IP Address. You will not need to add the CIDR here.

  6. Connections to the virtual service should now work.
Workaround:  
Notes:

https://support.kemptechnologies.com/hc/en-us/articles/360015826692-How-to-Configure-Subnet-Originating-Request-with-Non-Local-Real-Servers-


Comments