cancel
Showing results for 
Search instead for 
Did you mean: 

Internet + Intranet access to ITS

Former Member
0 Kudos
131

Hello,

My company is currently using the external ITS 6.20 patch 17 to provide web access to our ECC 5.0 (ERP 2004) system. We have a bank of 4 single-host (WGate + multiple AGate) ITS instances running on Windows 2000 Server & IIS. The 4 ITS servers are hardware load balaced with a Cisco Local Director. The local director balances new requests against the current load on the 4 ITS machines. All incoming traffic today is over the company intranet. All users are supposed to be using IE 6 SP2, and most are.

There's a new project on the horizon that requires providing web access to the backend SAP system from the public internet. The expected user base needing public internet access is expected to be small.

Setting aside the security aspects for now, my questions are primarily about leveraging the existing hardware and load balancing. My initial thought was to define a new WGate only instance for the public intenet users, which would then connect through a firewall and load balance across the 4 existing AGate machines.

So - does this idea seem workable? Will I potentially screw up my load balancing, since it's being balanced from two separate sources (internal users vs. external users)?

Any suggestions or ideas are welcome.

Regards,

Mike

Message was edited by: Mike White

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hello Mike

right now it sounds like there is only LoadBalancing in front of the WGates, but not between AGates and WGates?And for the second step you don't want to use the Cisco LoadBalancer, but one WGate that distributes the load between all 4 AGates? Is that correct?

That setup sounds OK. If there is a problem in regards to the Cisco Local Director's Load Balancing you could still turn on Load Balancing between all 4 WGates and all 4 AGates to accomodate that.

regards,

Gerd

Former Member
0 Kudos

Hi Gerd,

Thanks for the input - I appreciate the feedback.

Regarding your clarifying questions - yes, I currently only have load balancing in front of the WGates, using the Cisco Local Director. Each of the 4 ITS machines behind the local director are "independent", and are not using ITS load balancing to each other.

And yes, with the new requirement for external access I was thinking we would use the one WGate to distribute load between all 4 existing AGate machines.

When we originally setup the ITS machines some time ago, we had found notes talking about issues with the load balancing functionality within ITS itself, and so at the time we decided to implement hardware load balancing using the Cisco device. It appears that with more current ITS 6.20 patches (19 / 20) the internal ITS load balancing is much more stable.

Thanks again for your input.

Regards,

Mike

Message was edited by: Mike White

Former Member
0 Kudos

Hello Mike

I can't remember seeing Load Balancing issues on the WGate side for a while now and not sure if ITS 6.20 ever had serious LB issues.

Most LB questions I came across were issues where LBs wouldn't have session persistence or only for a certain period of time. That would mean sessions could end up on the wrong WGate/AGate and therefore causing ITS 500 errors.

Changing LB configuration or adding WGate/AGate LB usually fixed that.

regards

Gerd

Former Member
0 Kudos

Hi Gerd,

Thanks again for the input - that's good info to know. We've been running through the HW load balancer for a long time (since ITS 4.6C), so even though we're now at 6.20 there had been no reason to try the ITS LB (until now!).

Regards,

Mike

Former Member
0 Kudos

Mike/Gerd - I'm new to Cisco and am focusing on our solutions for SAP customers, specifically for the load balancing products. Are there any issues you have where I might be able to help out?

If so, please contact me at dosilver@cisco.com or +1 650-346-8945..... Doug

Answers (0)