[cpadmin13]

Hi Guys:

I been attempting to solve this problem for a week now and the closest I have gotten is to the following. I believe the answer is the creation of an arp table on both clusters running (R60 splat) but my superior insist it could be automatically resolved without the use of the arp tables.

Scenario:
Passing Location A's Public DMZ traffic to Locations B's Public DMZ (bi directional) through the internal network; both are our LAN. One CP cluster is in Location A (Cuda1) and another Cluster on Location B (Cuda2). The following layout works since the router at Location 2 holds an arp table for member 1. Thus, if the cluster fails over it will stop to function.
Note: both clusters LocationA and LocationB are managed by the same policy.

Current working layout

Nat Rules -- Manual at Top of List
cuda1_ext cuda2_ext nat_cuda1 nat_cuda2 ;trans DMZ to Int on LOCA1
nat_cuda1 nat_cuda2 cuda1_ext cuda2_ext ;trans Int to DMZ on LOCA2
nat_cuda2 nat_cuda1 cuda2_ext cuda1_ext ;trans DMZ to Int on LOCA2
cuda2_ext cuda1_ext nat_cuda2 nat_cuda1 ;trans Int to DMZ on LOCA1

Rules Base
cuda1_ext cuda1_ext ANY Log
cuda2_ext cuda2_ext
nat_cuda1 nat_cuda1
nat_cuda2 nat_cuda2

Router at location B (Cuda2)
has an arp table for Cuda2


Thank you for your feedback and any clues you may provide