Cisco Application :: ACE4710s / HTTP Redirection To Individual Servers In Farm?

Jun 19, 2012

I am wondering if there is a method to redirect particular URLs to individual real servers in a server farm.Scenario:   We have an url which is setup on our ACE4710s (A3 2.4) to load balancer to a particular server farm as per standard setup i.e.Customers access [URL] on an external VIP, this is then load balanced to a server farm "SF_WEBSITE" consisting of 2 real servers "Server_A" and "Server_B". Nothing difficult in this set up.  However, I have eeen asked if it is possible to redirect certain urls to individual servers within the server farm "SF_WEBSITE": e.g.
 
Action 1 - Customers access [URL] is redirected to "Server_A" only

Action 2 - Customers access [URL] is redirected to "Server_B" only

Default Action - Customer access [URL] anything else is redirected to server farm "SF_WEBSITE" and is load balanced between "Server_A" and "Server_B"
 
The Standard Class Maps and Policy would be something like:
 
policy-map type loadbalance first-match SLB_WEBSITE
class class-default
  serverfarm SF_WEBSITE
 
Where I thought I would need something like:
 
class-map type http loadbalance match-all CMAP_AREA1
description CMAP used to capture specific URL for area 1
2 match http url /area1 
class-map type http loadbalance match-all CMAP_AREA2
description CMAP used to capture specific URL for area 2
2 match http url /area2

[code]...
 
I think the above method is ok for 1 instance, but if it test successfully, my company would want to to roll this out across dozens of server farm configurations each consisting of numerous real servers, which will make the administration and implementation time overheads massive, not to mention complicating and lengthening the configuration.

View 7 Replies


ADVERTISEMENT

Cisco Application Networking :: 4710 Appliance / HTTP To HTTPS Redirection URL

Sep 25, 2011

i have a 4710 appliance (one armed) and i am load balancing with two webservers. In the URL, there are links that need to be redirected to https:

[URL]
 
i am using the

rserver redirect REDIRECT-TO-HTTPS[URL] 
 
The https is working but i have a problem. when i access the Main link "first" it is redirected to https to the Main link.But if i access one of the Sublinks directly(without having to click on the main link first) the page is redirected to https but to the Main Link. i have to click the Sublink again in order to get the page.How can i redirect to https and stay on the same page? What might be the general link in the webserver-redirection?

View 4 Replies View Related

Cisco Application :: Health Probe For RDP Farm 3389

Aug 19, 2012

I have an RDP server farm that lost a disk. The RDP service was still running but users were unable to log in. I'd like to create a health probe that does maybe a combination of TCP probe for port 3389 and something that can determine if the drive that stores user profiles is available.
 
I cannot add any new service (http or ftp) to the server. Is there any way I can check SNMP mibs on the windows server or maybe WMI through TCL?

View 1 Replies View Related

Cisco Application :: ACE 4710 - Renaming Server Farm

Feb 2, 2012

Is there a way to rename a server farm, health probe, real server or virtual service without having to completely rebuild it?  I'm running 3.0(A3).

View 2 Replies View Related

Cisco Application :: ACE 4710 Farm Selection Based On Source IP?

Jul 5, 2011

I have a requirement to select a farm based on source IP address.  I tried creating a match all class-map that matches on the virtual-address and source address but I get this message.LB01/Admin(config-cmap)# match source-address x.x.x.75 255.255.255.255 Error: Only one match virtual-address is allowed in a match-all class-map and it cannot mix with any other match type To me this is the only place where it makes sense to set the source match criteria.

View 2 Replies View Related

Cisco Application :: ACE 4710 - SSL Configuration / (HTTPS) Access To Server Farm

Aug 31, 2011

I have been tasked to provide SSL(HTTPS) access to a server farm that will be accessible from the internet.  Is this the correct guide to follow?
 
[URL]
 
I am assuming I will need to purchase a certificate to import into the load-balance r as well.

View 1 Replies View Related

Cisco Application :: ACE 4710 Server Farm Fail-on-all Option Missing

Feb 27, 2012

ACE 4710 software A3(2.7) [code] Why is the fail-on-all option missing from the serverfarm that is of type redirect? This option is something that I would actually need in a certain situation.

View 1 Replies View Related

Cisco Application :: Tcp 3636 - How To Configure CSS Port Redirection

Oct 11, 2011

I have CSS in single arm deployment model. I want to configure port redirection for the servers.  Servers are actually running web service on port TCP 3636. Which is accessibale by VIP http://192.168.200.87:3636 but I dont want to give user this URL I want the user to use standard HTTP URL as mention below, I want user to open http://192.168.200.87 and once they access this URL automatically CSS redirect them to port 3636. How I can achive this. I am using IP addresses for the load balancing.

View 4 Replies View Related

Cisco Application :: 3945 - WCCP Redirection For WAAS On Same Platform Using Different Service Group?

Nov 9, 2011

if a Cisco router or switch can handle wccp redirection enabled for both waas and some other web content filtering appliance using a different service group?
 
seems like the priority value would come into play determining which service group gets handled first?
 
we currently do WCCP for WaaS on our 3945s.
 
I am going to advocate to my customer that we separate this out for CPU load issues, config complexity issues, IOS issues, etc... but the question is going to come up - "can we do WCCP for different applications on our Catalyst 3750 core switch, or our 3945 WAN routers?"

View 2 Replies View Related

Cisco Application :: 11503 CSS HTTP Redirects

Jul 19, 2011

I have a number of web sites that are currently being load balanced by CSS 11503s runninng 8x code.  I was recently requested to configure HTTP -->  HTTPS redirects on the CSS for every site.  In the past, I have only configured the redirects for sites that had a requirement.  Now it appears that the server teams want all content encrypted.

1)  What impact will this have on the CPU?
2)  What impact will this have on Memory utilization?
3)  Is there a maximum nubmer on redirects?
4)  Are there other things I should be concerned about?

View 3 Replies View Related

Cisco Application :: HTTP 404 Errors In CSS11500?

Sep 11, 2012

I'm seeing the following error on one of our real server. Is there a way to find out who is spamming?
 
10.x.x.x(VIP) - - "POST /slmruntime/service HTTP/1.0" 404 1214

View 1 Replies View Related

Cisco Application :: ACE30 Match Http Url Except Specific One

Feb 4, 2013

is it possible to construct the L7 HTTP class-map expression to match all URLs except one? I have 1 correct url, for example: /correcturl.* and want to redirect requests to all other possible URLs to this one, without the need to list them all in "possitive match" statements.

View 6 Replies View Related

Cisco Application :: Insert Http Header Ace 4710

Jan 9, 2013

I have an ACE version A5.2 configured in one-armed leg (doing source nat). I have a requirement to add(or copy) the "referer" header value from the original request to the request send by ACE.
 
I cannot figure out how to copy this value. It is easy to add the source ip address  by adding: " insert-http x-forwarded-for header-value "%is".
 
So how I am going to copy the Refere header?
 
#Referer
#Address (URI) of the resource from which the URI in the request was obtained

View 2 Replies View Related

Cisco Application :: CSS Or ACE 4710 Redirect HTTPS To Http

Feb 27, 2012

For a CSS with a SSL module (performing SSL termination) - is it possible to impliment a redirect on https URL to send to equivalent http URL.If my understanding is correct, the CSS will do SSL termination and then use an http content rule on the resultant http stream as it is recursively handled by the CSS ? This would mean that the SSL module has no way of seeing/acting on layer 5 and above data (i.e. picking up on a specific URL) and can not itself issue a redirect - i.e. you could not associate a redirect statement or service with the following ssl content rule ? [code]The CSS would instead rely on a http content rule to impliment a redirect - i.e. you would have to associate a redirect statement or service to the following http content rule instead?
 
But if the CSS is already handling traffic for existing url...  traffic that is going to cause a loop when a client goes direct to. url...I realise the requirment is uncommon / a bit convoluted, its one of those don't ask type scenarios - aimed at achieving a specific requirement.Would the ACE 4710 be able to handle such a scenario any differently ?

View 7 Replies View Related

Cisco Application :: ACE 4710 - Redirect HTTP To HTTPS?

Jun 21, 2012

I am trying to make a redirect from http to https. the goal is whenever a user writes in http://10.80.199.71 it should be redirected to https://10.80.199.71 I am just haveing some trouble making it work.

View 4 Replies View Related

Cisco Application :: ACE 4700 Redirect HTTP To HTTPS?

Feb 6, 2013

How to configure a redirection on the ACE from HTTP to HTTPS using specific URL example [URL] to [URL], the SSL certificates were installed on the servers.

View 7 Replies View Related

Cisco Application :: CSS 11500 - Keepalive Http And Port At Same Time

Apr 29, 2012

I need to configure a keepalive that check an url in a server   (http in port 9500 not in port 80) and check the port 443 in the same server. If any of them not response . the service should go down.

View 1 Replies View Related

Cisco Application :: IOS HTTP Authorization Vulnerability When Traversing ACE 4710

Oct 10, 2012

We had a PCI security audit of an existing VIP on our ACE 4710. The VIP is set up as HTTPS terminating on the ACE with a http redirect for all 80 traffic.  The audit reported this VIP was vunerabled to the Cisco "IOS HTTP Authorization Vulnerability".  Which basicly states, http Management is on this IOS device.  It does not make any sense, as the VIP is pointed to a pair IIS servers?

[URL]

View 2 Replies View Related

Cisco Application :: 4710 - HTTP-Cookie Sticky Not Working

Feb 1, 2012

I have a requirement to load balance OWA 2010 inbound connectivity to 2 CAS servers using a ACE 4710 with sticky sessions enabled.
 
The CAS servers are currently responding on 80 or 443 at this moment in time. Eventually I want to off load the SSL to the ACE 4710, its currently running on the CAS servers. I need to enable sticky sessions to keep the session to the same CAS server for each internet based connection. I also have a proxy enabled for inbound connectivity so I cannot use source IP.
 
Here is my configuration but it doesn’t seem to be working, i am currently testing with port 80 connections not SSL.
 
serverfarm host INHOUSE-EXCHANGE-OWA-vFARM
predictor response app-req-to-resp samples 4
probe 443
probe HTTP-PROBE
rserver INHOUSE-TEST-CAS01-SVR
   inservice(code)

View 12 Replies View Related

Cisco Application Networking :: CSS 115003 Configuring HTTP Compression (not Work)

Jan 18, 2012

I need configure HTTP Compression by hardware on CSS 11503. I make config like this [URL]
 
My config:
 
service s1
ip address 10.1.66.11 (web server)
keepalive type none

[Code].....

View 4 Replies View Related

Cisco Application Networking :: GSS-4492-k9 Does GSS HTTP-HEAD Supports Https

Jun 26, 2011

I am configuring a GSS to check an Web server that responds to https requests.I put 443 as the port but I don´t see replies from the server and the Answer Status is always offline.Other servers using http on port 80 are showing OK.The appliance is a GSS-4492-k9 Version 3.1(0).

View 2 Replies View Related

Cisco Application :: ACE 4710 Cannot Confirm HTTP Cookie Sticky Connections

Jan 8, 2013

We are using a ACE 4710 with A3(2.6) software release.I had to change our sticky load balancing method for HTTPS to cookie based.However while connections appear to work if I look at the show sticky database table I can not see or confirm sticky entries for the cookie based connections.Here or config snippets to show the config
 
sticky http-cookie ghh-www scook-ghh
cookie insert browser-expire
serverfarm ghh-www-443
class-map match-all ghh-www-443_CLASS
2 match virtual-address 172.16.1.21 tcp eq https

[code].....

View 22 Replies View Related

Cisco Application :: CSS 11503 HTTP Keepalive Fails Even Though Server Responds

Nov 29, 2011

I recently "inherited" a CSS 11503 - I've only used ACEs before - and I want to get HTTP keepalives working.To start, I created a test service:
 
lb-1# show run service sunbird-http-7025-test
!************************** SERVICE **************************
service sunbird-http-7025-test
  port 7025
  ip address 141.211.229.168

[code].....

View 2 Replies View Related

Cisco Application :: 4710 Maximum 10 Http Header Map Is Allowed Per Policy

Nov 9, 2011

We are migrating from ACE 20 module to an ACE 4710 appliance. [code] When pasting in the config on the ACE 4710 running A4(2.1) code, I get the subject error message when trying to enter in the highlighted sticky-serverfarm command above.  Again, this config works on the older hardware and older code.

View 1 Replies View Related

Cisco Application :: Can ACE (4710) Behave As Reverse Proxy For HTTP And SSL Traffic

Jul 12, 2011

Can the ACE appliance behave as a reverse proxy for http and ssl traffic? I would assume it can given how it does SLB but SLB is not a requirement at this time.

View 2 Replies View Related

Cisco Application Networking :: ACE 4710 - How To Configure HTTP Rewrite Request / Response

Sep 18, 2011

We want to mask part of the path prefix to hide development content: For example: the site(s) are: [URL]However we don't want anything with acme showing...so we would want the loadbalanced url to be: [URL] ...for requests and responses. I think this would be an http re-write request/response scenario?Is this possible to configure this on the ACE Device? We've got the load balance configuration down...not sure how to do this re-write type scenario?

View 2 Replies View Related

Cisco Application :: ACE 4710 Giving Mangled Http Requests In Apache Access

Oct 21, 2012

After replacing a Cisco CSS/SSL  Accelorator and PIX firewall with an ACE 4710 to do load balancing and  SSL encryption behind an ASA firewall we started seeing mangled HTTP  requests in the Apache access logs for the servers in the server farm. This is occurring for several different URLs and not just the one above and for multiple web browsers.The ACE load balances to servers running Tomcat 7 with Apache HTTP server v. 2.2.14. A recent ACE software upgrade to A5(2.1) has not fixed the problem.

View 1 Replies View Related

Application And Database Servers

Oct 13, 2011

I have question about the basics of a high performance application and database server connection to each other. I have two servers, one application and one database server. Both of them are Windows 2008 R2 servers. I would like to connect them. What is the best configuration for quicker communication between them. Is it better to connect them through a network switch? Or directly connect them? Do I need to dedicate one of the ethernet ports on each server to separate their traffic to each other, from the internet connection traffic?

View 5 Replies View Related

Cisco Application :: ACE 4710 / Transferring Files Between Servers?

Jan 25, 2012

We have deployed an ACE 4710 and its working perfectly.  But the problem is that after I chage the default gateway of the servers I am not able to transfer files from one server to other.  Is there any special configuration needs to be done on ACE to achieve this?Other than copy Ping, telnet and everything is working fine from the servers. These servers are in the same subnet & VLAN.

View 3 Replies View Related

Cisco Application :: ACE30 VIP Is Still Responding To Ping When Both Servers Are Down

Oct 30, 2012

I saw a strange beaviour in the ACE30 today.We are configuring most of our VIP:s with "loadbalance vip icmp-reply active" and I haven't thought about it that much.I just assumed it would do what the command says.Today an Intel tech called and said that he had taken down the webservice on port 80 on both servers in a serverfarm and he could still ping the VIP.I had a look in the ACE and saw that the VIP was marked OUTOFSERVICE. But he could still ping it at that moment.What is the criteria for the VIP not to respond to ping with the above command set?

View 5 Replies View Related

Cisco :: Install Two New Prime LMS 4.1 Servers Application In Master?

May 12, 2012

I am going to install two new Cisco Prime LMS 4.1 servers application in a Master and Slave Deployment, and how many bandwidth is consumed between the servers.

View 1 Replies View Related

Cisco Application :: ACE30 Load Balancing Across Two Slightly Different Servers

Apr 10, 2013

is there a possibility to get a load balancing across two rservers so: when client sends http://vip/ and it goes to rserver1 then url is sent without change when client sends http://vip/ and it goes to rserver2 then url is modified to http://vip/xyz/
 
Or maybe load balancing can be done across two serverfarms ?

View 3 Replies View Related

Cisco Application Networking :: ACE 4710 Test Web Servers / Need To Use ACE As Their Default Gateway

May 26, 2011

I'm setting up an ACE 4710 in our test lab before deploying in production. Do the test web servers I am using need to use the ACE as their default gateway? The are currently configured to use a multilayer switch on their vlan as their gateway but I'm guessing the ACE needs to see the return traffic for load balancing to work correctly?

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved