Forum Discussion

Raj_5837's avatar
Raj_5837
Icon for Nimbostratus rankNimbostratus
Sep 25, 2012

FTPS Outbound passive load balancing issue

Hello all,

 

Greetings!!!

 

Just want to get your expert openion about FTPS outbound load balancing issue and How can F5 solve those issue?

 

Outbound FTPS passive setup:

 

Relay1[nothing but proxy on DMZ]

 

Server1 on core network-----> ------> Firewall----->client1

 

Relay2[nothing but proxy on DMZ]

 

On above setup FTPS TCP control and data connection originated from Server1 are load balanced among Relay 1 and Relay2.

 

Issue:

 

Now issue here client1 seeing different ip address for same FTPS session and rejecting the connection or firewall itself timeout as its waiting for data connection on same ip address of control connection but it came via other ip address[Control tcp connection using Relay1 ip address and data tcp connection using Relay2 ip address due to load balancing].

 

I am looking F5 can solve this issue using Virtual ip address SNAT. But i don’t know how we can do it? or is there any better solution to solve this issue???.

 

I would appreciate any help on this.

 

Thanks

 

raj

 

Note:

 

It was working fine if i removed one relay[ie., without load balancing]

 

No RepliesBe the first to reply