Cisco Application :: ACE30 Match Http Url Except Specific One

Feb 4, 2013

is it possible to construct the L7 HTTP class-map expression to match all URLs except one? I have 1 correct url, for example: /correcturl.* and want to redirect requests to all other possible URLs to this one, without the need to list them all in "possitive match" statements.

View 6 Replies


ADVERTISEMENT

Cisco Application :: ACE30 Not Powering Up

Jan 6, 2013

I have ACE 30 module which is runing on SW 6500 in VSS mode, Vr. 15.0.2 with enugh power avilable ( 2550 W )   , i have insert the module at slot number 7 , the issues am facing it's desribe below :
 
7/0 ACE Expansion Card  1       ACEMOD-EXPN-DC     1.1    PwrDown
7/1 ACE Expansion Card  2       ACEMOD-EXPN-DC       1.1    PwrDown
 
And if i take out the blade and insert it again it's work for some time then goes down . here is the consle messages before it goes down  :
 
.ACE platform with 2097152 Kbytes of main memory
.Loading disk0:c6ace-t1k9-mz.A4_1_0.bin.  Please wait ....
Uncompressing Linux...
Starting the kernel...

[Code].....

View 2 Replies View Related

Cisco Application :: ACE30 - Using VIP As L3 Gateway

Oct 26, 2011

Is it all possible to use an ACE30 to RHI a VIP which acts as route for servers on LAN A to reach LAN B . We have 2xL2 WAN circuits between 2 sites used by only 4 servers for (different L3 subnets for the hosts). I`m considering using a VIP to load balance across 2 WAN circuits using L3 interfaces on the MSFC either side as rservers with a single VLAN in/out on the ACE where the VIP resides - simlair to using the Cisco design for firewall load balancing minus the inspections etc. Obviously we can do this entirely in the MSFC but considering options.

View 1 Replies View Related

Cisco Application Networking :: Cannot SSH Standby In ACE30

Jul 12, 2012

I have a pair of ACE30 in Active/Standby mode. I can ssh to all active contexts. I can also ssh to all standby contexts except one.

View 6 Replies View Related

Cisco Application :: ACE30 Not Syncing With Primary ACE?

Jan 16, 2013

We did a faulty ACE30 module swap in a HA pair. Both the ACEs have stopped syncing since then. Below is the error message I see:
 
FT Group ID: 1  My State:FSM_FT_STATE_ACTIVE    Peer State:FSM_FT_STATE_STANDBY_CONFIG
Context Name: Admin     Context Id: 0
Running Cfg Sync Status:Failed to convert/transform configuration to peer version
 
Both ACE modules are running 5.2 with the same license.sh ft peer status from both active and standby show the same results.

Peer Id                      : 1State                        : FSM_PEER_STATE_COMPATIBLEMaintenance mode             : MAINT_MODE_OFFSRG Compatibility            : COMPATIBLELicense Compatibility        : COMPATIBLEFT Groups                    : 15
 
Am I missing something here?

View 5 Replies View Related

Cisco Application :: ACE20 And ACE30 Failover?

Oct 25, 2011

Have a client with one ACE20 and now he needs a second one for redundancy.Since ACE20 is EOL, can I use an ACE30 with an ACE20 as a failover pair?

View 1 Replies View Related

Cisco Application :: ACE30 Fail On First Rserver

Jan 27, 2013

I have four rservers. I have found that if the first listed server in my serverfarm is off line, the entire farm quits working.  How did I come to this conclusion?  You see as part of "serverfarm host PORTAL-FARM" rservers "SISPOAS1 through 4".  I can shut down any server except SISPOAS1 and all is well.  The load balancer sees the probes have failed to that given server and continuses to load balance to the others.  However, If I shut down SISPOAS1, nothing works.  I confirmed this by eliminating SISPOAS1 from the configuration completely.  After doing so, I could reproduce the exact same problem using SISPOAS2 since it is now the first rserver in the list after I removed SISPOAS1.  I'm stumped!  Looking at the configuration below, what am I missing???

access-list TRAFFIC line 8 extended permit ip any anyaccess-list TRAFFIC line 16 extended permit icmp any any
probe tcp 389  port 389  interval 2  passdetect interval 2  passdetect count 1  open 1probe tcp 636  port 636  interval 2  passdetect interval 2  passdetect count 1  open 1probe tcp 7777  port 7777  interval 2  passdetect interval 2  passdetect count 1  open 1probe tcp 7778  port 7778  interval 2  passdetect interval 2  passdetect count 1  open 1probe tcp 7780  port 7780  interval 2  passdetect interval 2  passdetect count 1  open 1probe tcp [Code]...

View 4 Replies View Related

Cisco Application :: Accessing ACE30 Through Https For Management

Jun 11, 2012

I am new to the ACE30. I a basic configuration from the CLI and I am trying to use the device manger. I am able to get to the web informational page rather then accessing the login page.    I have rest the password for both the admin and www and still no go. my question is how to go into enabling the GUI access.

View 1 Replies View Related

Cisco Application :: Can Migrate Config From ACE20 To ACE30

Feb 18, 2013

I would like to know if I can migrate the config from ACE20 to ACE30 (last software) without any issue.I don't have any ACE30 to test

View 3 Replies View Related

Cisco Application :: ACE30 / Connectivity Between IP Subnets On The Same VLAN?

Aug 25, 2012

We have a subnet setup on the ACE as follows:
 
interface vlan 300
  description CALLISTA Environment
  ipv6 enable
  ip address 2001:388:608c:8b8::fffd/64
  alias 2001:388:608c:8b8::fffe/64
  peer ip address 2001:388:608c:8b8::fffc/64
  ipv6 nd ra interval 30

[code]....
 
Notes:There is the primary subnet 130.194.13.0/26 and the secondary IP subnet 130.194.19.192/27?The nat-pool is configured to allow server initiated connections to their frontend VIP when necessary.We are noticing that when a server on the 130.194.19.192/27 subnet needs to communicate with a server on 130.194.13.0/26, albeit on the same VLAN, the destination server sees connections with a source IP of 172.16.25.231, which is the NAT address.  Is this expected behavior, where connections between IP subnets, albeit on the same VLAN are NATed?

View 1 Replies View Related

Cisco Application :: ACE30 - Connectivity Between IP Subnets On Same VLAN

Aug 25, 2012

We have a subnet setup on the ACE as follows:
 
interface vlan 300
description CALLISTA Environment
ipv6 enable

[Code].....
 
We are noticing that when a server on the 130.194.19.192/27 subnet needs to communicate with a server on 130.194.13.0/26, albeit on the same VLAN, the destination server sees connections with a source IP of 172.16.25.231, which is the NAT address.  Is this expected behavior, where connections between IP subnets, albeit on the same VLAN are NATed?

View 1 Replies View Related

Cisco Application :: ACE30 Upgrading Software Image

Nov 28, 2011

Am looking to upgrade the software on the ACE30 from: [code]. Any ACE30 guide that explains this.  Have looked at the ACE30 configuration guide which I thought would cover this in the section "Managing The ACE Software", however everything else has been covered off except how to go about upgrading the software.

View 1 Replies View Related

Cisco Application :: ACE30 - Bridging Using Default Gateway?

Apr 18, 2013

I have a strange behaviour with some ACE30 running A5 release :
 
Setup is in bridge mode, working correctly with a default gateway set in the context.
 
For some reason, some return traffic is being routed on the ACE instead of being bridged.
 
On what conditions would the ace decide to route the traffic of simply bridge it from the server vlan to the client vlan.

View 4 Replies View Related

Cisco Application :: ACE30 Get Failures In A Number Of Server

May 23, 2012

After upgrade from ACE20 with A2(3.5) to ACE30 with A5(1.2) I get failures in a number of server farm's, where before upgrade the number was zero. No drops in VIP and logs from applications do not notice any new errors.

View 2 Replies View Related

Cisco Application :: Configuring Oracle Hyperion On ACE30

Apr 14, 2013

I have a request to configure an ACE30 for Oracle Hyperion utilizing SSL termination at the SSL offloader(ACE30).  Any sample configuration or template of some sort that could guide me through what needs to be configured.  We have many applications on the ACE#) but this is the first time we are going to try SSL termination.

View 3 Replies View Related

Cisco Application :: How SNMP EngineID Derived On ACE30

Nov 9, 2011

We currently have 6 admin context and they are all utilizing the same snmp engineid (Local SNMP engineID: 800000090441646D696E) which is causing issues as far as our monitoring/performance platform CA eHealth. Isn't the engineID, by default, the first interface on the device?
 
Doesn't seem to be the case on an ACE30.How is the SNMP engineID derived on the ACE30?

View 1 Replies View Related

Cisco Application :: ACE30 VIP Is Still Responding To Ping When Both Servers Are Down

Oct 30, 2012

I saw a strange beaviour in the ACE30 today.We are configuring most of our VIP:s with "loadbalance vip icmp-reply active" and I haven't thought about it that much.I just assumed it would do what the command says.Today an Intel tech called and said that he had taken down the webservice on port 80 on both servers in a serverfarm and he could still ping the VIP.I had a look in the ACE and saw that the VIP was marked OUTOFSERVICE. But he could still ping it at that moment.What is the criteria for the VIP not to respond to ping with the above command set?

View 5 Replies View Related

Cisco Application :: WS-SUP720-3B SP DRAM Requirement For ACE30

Oct 28, 2011

Last month I was reviewing following Cisco document, in which Cisco mentioned that ""To avoid possible memory fragmentation in the forwarding information base (FIB), Cisco recommends that the switch processor (SP) DRAM to a minimum of 1 GB ""
 
[URL] 
 
Since this document has been revised in Oct 2011 and, I can't no more find the above memory recommendations.
 
I want know if any one using WS-SUP720-3B with IOS SXI6 and Cisco ACE30 has gone for upgrading the SP DRAM from 512MB(default) to 1GB ?

View 1 Replies View Related

Cisco Application :: Upgrading ACE30 8Gbps License?

May 23, 2013

I need to upgrade a pair of ACE30s to 8Gbps.According to the administration guide, there will be no impact.BUT, it states also:
 
All license installations except one have no adverse impact to an operating ACE. [URL] Ofcourse, nothing is said about which one has impact.I assume it's the 16Gbps license but how to confirm this?

View 1 Replies View Related

Cisco Application :: ACE30 Module - Popup Windows

May 30, 2012

we use ACE30 module, ver. A4(1.0) for access to intranet application. The https connection from client is terminated on ACE module, LB algorithm is used and new SSL connection is initiated to the server. Standard operation works without problems.
 
But when user generates a .xls od .pdf report in the application, it should open in a new popup window. Problem is, that it does not (but on the server, the report is generated and stored). The PC and browser are configured fine, when accessing the application from the same PC directly (bypassing the ACE module), the popup window appears.

View 2 Replies View Related

Cisco Application :: Unable To Connect To ACE30 From 3845 / 2811

Aug 7, 2011

I`ve seen quite a lot of posts regarding SSH issues and the above SSH error. However the fix mainly involves upgrading clients but in this instance the client is are Cisco routers 3845 / 2811 - which we use for out and inband management.Connectivity / routing etc is proven. Using SSH v2 the actual 6500 chassis where the ACE is physically located works fine. Configuring SSH v1 on the ACE module allows connections via the 3845/2811`s but we cannot use this.Both have the following IOS Version 12.4(24)T4. I have tried various key sizes on the ACE module. [code]

View 4 Replies View Related

Cisco Application :: ACE30 Running But Not Allowing Management Access

Sep 9, 2012

We've got pairs of ACE30s in our data centers set up with active/standby FT.  Some time yesterday the active ACE in one data center started refusing management traffic - it accepts SSH connections but fails authentication (local password, no RADIUS/TACACS is configured); and ANM reports it as down (no XML connectivity),We haven't opened a TAC case yet - someone's on his way over to see whether we can get in through the serial port first - but I'm wondering whether there are any other diagnostics we can gather (will resetting the module form the Sup force a coredump?) before we do.

View 2 Replies View Related

Cisco Application :: ACE30-MOD-K9 Accessing And Convert TCP Options Header

Jan 28, 2013

Is there a way to convert TCP options header into an http header using Cisco ACE ? is there an equivalent solution with Cisco as the one proposed by F5 here: url.

View 7 Replies View Related

Cisco Application :: ACE30 Load Balancing Across Two Slightly Different Servers

Apr 10, 2013

is there a possibility to get a load balancing across two rservers so: when client sends http://vip/ and it goes to rserver1 then url is sent without change when client sends http://vip/ and it goes to rserver2 then url is modified to http://vip/xyz/
 
Or maybe load balancing can be done across two serverfarms ?

View 3 Replies View Related

Cisco Application :: ACE30 Accessing Appliance Device Manager

Sep 6, 2011

I've got basic connectivty to our ACE30 module and when I try connecting to the management IP address (attached to the Admin context), I see a very basic GUI which only lists the CSM to ACE config conversion tool.  I don't see a GUI as detailed in the document: url...How do I get the ACE Applicance Device Manager GUI working so that I can then configure real servers, serverfarms etc rather than via the GUI?Having read through copious amount of documentation I can't seem to find a refrence that would ne useful here.  This should be a fairly straight forward exercise - do I need to install some other software to get the full fledged GUI working?

View 2 Replies View Related

Cisco Application :: ACE30-MOD-K9 Module Crash Due To Service Cfgmgr

Dec 2, 2012

My ACE module ACE30-MOD-K9 crashed today, and at the show ver output i see  "last boot reason:  Service "cfgmgr" ".the curent version we running is Version A5(1.2) [build 3.0(0)A5(1.2).

After doing some research i found known bug that supposed to be fixed in this version: CSCtu36146
 
CSCtu36146—The ACE becomes unresponsive due to a configuration manager (Cfgmgr) process failure with the last boot reason: Service "cfgmgr."

View 2 Replies View Related

Cisco Application :: ACE20 To ACE30 Migration - Restore All Not Restoring SSL

Nov 6, 2012

I've run into an interesting problem trying to migrate my production config from my redundant ACE20's (A2(3.4)) to the new ACE30's (Tried (A4(1.0) and A5(1.0)).  Everything on the ACE30 is working fine with a base config, but when the restore all is run from the ACE20 backup (backup all), the SSL files are not restored and return errors.  All the contexts are restored correctly, along with the startup-config, but the running config fails due to no SSL.
 
All the crypto certs/keys are exportable and are present in the backup .tgz file.

View 1 Replies View Related

Cisco Application :: ACE30-MOD-K9 Gateway Find Retry Time

Feb 16, 2013

ACE version is A5_2_1.the transfer was carried out by the following procedures.1) C6509 vlan set2) client and serverfarm vlan svclc vlan-group not included.3) ACE configuration.  - FT vlan 999  - Client vlan 20  - Serverfarm vlan 154) ACE services enable

Problem occurs, I know why I do not know.

Was configured as follows.

======>> MSFC Configure (C6509#1 and C6509#2)
svclc autostatesvclc multiple-vlan-interfacessvclc module 4 vlan-group 150svclc vlan-group 20  999
C6509#1interface Vlan20   ip address 172.16.20.2 255.255.255.0   no shutdown
ip route 192.168.15.0 255.255.255.0 172.16.20.100
[Code]....

View 1 Replies View Related

Cisco Application :: L7CLASSSrv2 / ACE Loadbalance Ssl Match Header?

Mar 27, 2012

I created several rules to balance on a specific server somes apps. Everythings works great in http but no in https.In my example, i would like [URL] to be redirected to my server2 but it's always using the default rules instead of the L7CLASSSrv2. Today [URL] is well redirected. All other apps are correctly loadbalance with the stickyness effect but I can't handle the https connections.
 
 class-map match-all L4-WEB-IP
      2 match virtual-address xxxx tcp eq www
class-map match-all L4-WEBHTTPS-IP
      2 match virtual-address xxxx tcp eq https
class-map type http loadbalance match-any L7CLASSSrv1

[code]....

View 4 Replies View Related

Cisco Application :: ACE30 Normal Load Balancing In Routed Mode

Sep 23, 2012

We are in the situation we have a active configuration with ACE30 doing normal load balancing in routed mode, we have tons of rservers going out on a VIP.we now had to add a new private network to a provider that strangely enough does not want to see our public or private addresses. we need to loadbalance towards him on a priovided subnet (still rfc1918) (IOS VRF bug? is that correct?)I have two options, add the network (new interface) to the active loadbalancers (contexts) and then tie in new policies to the active serverfarms or make a new context just to load balance towards this provider.(preferred)Now - If I do this, the rservers see the client source addresses from this new provider. as the loadbalancer does not "hide" the client IP's. I would then have to add static routers toward the new context - I would want to skip that.
 
is there a way, to make the loadbalancer hide the client addresses towards the rservers ? perhaps I'm just needing the correct search term to find the config example.

View 1 Replies View Related

Cisco Application :: ACE30 Module Integrated With Nexus 7000 In Routed Mode

Sep 10, 2012

I am trying to get documentation on how to integrate an ACE30 module in a service chassis design integrated with the Nexus 7000 in routed mode.  Only documentation I could find shows this design with the ACE30 module in a one arm mode. Any documentation that shows this implementation of this design?

View 2 Replies View Related

Cisco Application :: Maximum Number Of Real Servers And Server Farms In ACE30 Module

Jun 17, 2012

What are the maximum number of real servers, server farms and virtual servers i can configure on ACE30 module,Is there any documentation available on cisco site where i can check this? Does it depend on the hardware or does it depend on the software version?

View 3 Replies View Related

Cisco Application :: CSS 11503 - Layer 5 Content Rule Match Wildcard And Suffix

Oct 2, 2011

Is it possible on the CSS11503 to create a layer 5 content rule that matches a url "/*/_edit".

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved