I have two virtual web gateway appliances 7.7.2 legacy configured as HA Proxy, "WSG1 and WSG2". When the client initiates a connection, packets are first sent to the Active Director Virtual IP "WSG1". When the Active Director/Balancer balances traffic to the second "WSG2" Appliance/Scanner, all packets are sent and received directly between the client and the "WSG2” Appliance/Scanner passing only once through the Active Director/Balancer "WSG1". Everything is working properly.
I installed two new 10.2 virtual applicances "WSG3 and WSG4" in a new HA Proxy environment.
Balancing and high availability are working properly, but in this new environment, traffic is passing through the Active Director/Balancer "WSG3" twice, not just once.
When the Active Director/Balancer "WSG3" receives the packets and balances to the other "WSG4" appliance, it returns the packets to the "WSG3" unlike the legacy environment.
In the product guide I found the following information:
When IP spoofing is configured, data packets pass through the director node twice, once when the director node directs them to the scanning nodes and a second time when they are returned from the scanning nodes to the director node, as this node forwards the data packets to their original IP addresses.”
My question is: in version 10.2 is it possible to configure load balancing in PROXY HA mode the same way that it is working in version 7.7.2, that is, by making the packages pass only once through Active Director?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.