Exam 301b All QuestionsBrowse all questions from this exam
Go to Exam
Question 89

An LTM Specialist configured a virtual server to load balance a custom application. The application works when it is tested from within the firewall but it fails when tested externally. The pool member address is 192.168.200.10:80. A capture from an external client shows:

GET /index.jsp HTTP/1.1 -

Host: 207.206.201.100 -

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Connection: keep-alive -

HTTP/1.1 302 Found -

DatE. Wed, 17 Oct 2012 23:09:55 GMT

Server: Apache/2.2.15 (CentOS)

Location: http://192.168.200.10/user/home.jsp

Content-LengtH. 304 -

Connection: close -

What is the solution to this issue?

    Correct Answer: A

    The issue here is that the external client is being redirected to an internal IP address (192.168.200.10), which it cannot reach directly because the internal network is not accessible from outside. To solve this, assigning a SNAT pool to the virtual server ensures that the source IP address of the incoming request is translated to an address that the internal pool member can accept. This way, the request appears to originate from within the internal network, allowing the custom application to function correctly when accessed externally.

Discussion
GVKDOption: A

A - Correct The capture shows the client requesting 207.206.201.100, but the pool member resides on a private address (192.168.200.10). Since the client cannot directly access the internal address, the LTM needs to translate the external request to the internal pool member's address. SNAT (Source Network Address Translation) changes the source IP address in the outgoing packet to an address the pool member can accept. This effectively "masks" the client's IP and allows communication.