We are using vShiedl Edge since several years only as load balancer in our several networks. Actually most of the application are working, but now we have an issue which we can´t deal with.

Our typical configuration is issuing a virtual ip and a port like http (80) or https (443) in the same network as the VM´s hosting the web interface; e.g.

Load Balancer IP 172.24.10.6

VM IP 1     172.24.10.11

VM IP 2      172.24.10.12

On the edge appliance we have only internal interfaces (one for 172.24.10.x adresses, one for each subnet) and ICMP redirect is activated on the interfaces.

Now we are facing a problem which has been brought up by our software engineers and we don not know how we can fix. If we try to access the virtual IP´s of the load balance from an OTHER subnet we can´t even ping the virtual ip adresses neither access the webpages. Our Cisco firewall guy says he has been opening the needed ports for this IP. As a further information we can ping the VM IP addresses behind the load balancer form the other subnet and, if the Cisco guy is opening the additional ports for the this VM´s, we can access the specific webpages.

Inside the subnets everything is working, even ping and more.

We have four of this load balancer configurations, but non of them are accessible from other subnets. Actually it is a easy to use configuration, two of the load balancer use https port 9443 for accessing the webpage.

Does anyone can give us advice what is wrong in our configuration?