Cisco Application :: CSS11500 Connection Counts
Jul 19, 2011
Why do my connection not clear when my service goes to a down state. The only way I can get the connections to clear is by bouncing my content rule. CSS11503 version 08.20.4.05s - SSL all the way to the server --- I also have flow permanent port3 443 configured, but I don't understand why the other two servers go to zero while server01 never goes to zero. If I remove the flow permanent port3 all the counters go to zero, but I would think if the servers goes down then the connections should go to zero regardless of the flow permanent port configuration. [code]
View 3 Replies
ADVERTISEMENT
Sep 11, 2012
I'm seeing the following error on one of our real server. Is there a way to find out who is spamming?
10.x.x.x(VIP) - - "POST /slmruntime/service HTTP/1.0" 404 1214
View 1 Replies
View Related
May 29, 2012
I know that it's possible on the CSS to handle multiple incoming HTTP requests that terminate on the same IP address and port and balance them to various servers based on the url. For instance, I can set up URL at the same 192.168.35.12 address in DNS, and set up two different content rules:
content cats
vip address 192.168.35.12
port 80
url "//www.cats.com/*"
add server cats1
add server cats2
active
content dogs
vip 192.168.35.12
port 80
url "//www.dogs.com/*"
add server dogs1
add server dogs2
active.
Easy and straightforward.
But what if I want to add SSL handling for URl. I'm not sure how to create the ssl-proxy-list where one content rule (ip address/port) combination needs to pass through the ssl module and get matched with the proper ssl certificate.
Can this be done? Can one associate multiple certs and keys with a single ssl-server entry and a single ssl accelerator service? Or do I have to create multiple ssl-proxy-lists for cats and dogs and build multiple ssl services each referring to a unique ssl-proxy-list, and then use the url parameter in the https content rule to determine which ssl service (and therefore which key/cert pair) gets the traffic?
View 1 Replies
View Related
Jun 13, 2011
I am not able to find information of how to configure a balance in CSS11500 depending of the IP source. I want to do the next:
Site A : 192.168.1.0/24
Site B : 192.168.2.0/24
Both sites access to the same VIP: http://vip_balnace_IP but depending of the source the should be balanced to diferentes servers.
Site A -> VIP_balance -> server1
Site A -> VIP_balance -> server2
how to do that?
View 2 Replies
View Related
Jun 6, 2011
How to change host name in CSS11500 Series. I cannot find any documentation for that matter.Is there any impact in the system to change the host name?
View 3 Replies
View Related
Jul 1, 2012
This is a newbie question regarding CSS11500 series loadbalancers as I trying to get up to speed with managing them as part of my job. I noticed that there are a couple of CSS "clustered together" since I see they are managed using a single ip address.
My question is around how to establish a session to each individual device in this cluster, if at all possible? If is not possible, how do manage the secondary device in this cluster to perform tasks such as copying new software to it, backing it up, etc.?
View 1 Replies
View Related
Dec 8, 2011
I am using LMS 3.2.1 and cisco view 6.1.9 but when i am seeing in Common services -->Server --> device Update i am able to see number of counts in RME but zero number of counts in Cisco View.
View 2 Replies
View Related
Feb 13, 2012
I prepare replace FWSM to ASA 5585 Series,but I confuse the default virtual context counts on ASA 5585.I used 3 virtual contexts on my old FWSM(1 admin context with 2 contexts).According the ASA configuration guide below. url...
It state the ASA 5585 have default 2 contexts,Does it state the ASA 5585 just have 2 contexts or 1 admin context plus "2" context (3 contexts available)
View 4 Replies
View Related
Jun 8, 2011
We have a rather strange issue, and I'm not sure it's really a problem with the ACE or not. We created an HTTP parameter map called "TCPreuse" and applied it to a virtual server. A show conn detail displays "[ conn in reuse pool : FALSE]" for all connections pertaining to this virtual server. The rserver in question is Linux(Ubuntu) + Apache.Next we applied the HTTP parameter map to another virtual server - this time IIS7 + Windows Server 2008. There are plenty of entries "[ conn in reuse pool : TRUE ]" when I do a "show conn detail".What could the web servers be doing differently that would cause the connection reuse to work on one virtual server and not the other?
View 1 Replies
View Related
Jan 29, 2013
What exactly happens when the SSL connection rate is exceeded. Is the connection dropped, queued or what ?
Defined as the SSL TPS. In our case 1000 but upgradeable to 5000
View 3 Replies
View Related
Dec 21, 2012
In my lab I have only one ESX server. On this server I am running VSM and vCenter (appliance).I am trying to get 1000v working however everytime I try to migrate my ports I get the following error:Network configuration change disconnected the host '192.168.0.10' from vCenter server and has been rolled back.fault.NetworkDisruptedAndConfigRolledBack.summaryIt seems that it doesn't like the fact that vCenter lives on the same ESX host as I'm trying to migrate. How I could get this to work?
View 1 Replies
View Related
May 24, 2011
I have CSS CSS11501 which is working fine in single arm deployment. Now I want to have redudency so that in case the switch 1 where CSS is currenlty connected is down.I can reach the CSS through the second switch 2.Both the switch are trunk with each other and CSS has one port connected with Switch 2.
View 2 Replies
View Related
Jul 9, 2011
monitoring oracle database performance by JDBC connection from CSS11506?
if it is not possible to do so, if there is otherway the system do eitehr application server or DB server is performance is too low?
View 1 Replies
View Related
Feb 20, 2012
I require to connect a "css11501" two core switches to provide redundancy to the load balancing service and would like to verify this possible (Does the spanning-tree protocol officer for load balancing?)
View 2 Replies
View Related
May 23, 2012
I'm expecting some problems with ACE. I've configured it to loadbalance between 4 nodes with SSL termination at ACE.
Everything was working fine up to the identification of a problem using firefox browser. With Chrome and IE works fine.
The user is trying to upload a file to one of the 4 nodes. When the costumer click at the send button, the Firefox shows the following message: Connection Reset.
This problem just happens when the user try to upload the file. Whe he's just surfing through the system, works fine.
------ Configuration ------
ACE-01-SJPR/eproc4# sh run
Generating configuration....
logging enable
[Code].....
View 9 Replies
View Related
Oct 24, 2011
How do I apply the connection parameter map in a configuration like this to the service policy int827? Do I need to define the traffic? Can I specify only one source destination flow to apply the set tcp half-closed TCP normalization against?
policy-map type loadbalance first-match wss-1100-l7slb
class class-default
sticky-serverfarm sticky-srcip-1100
policy-map type loadbalance first-match wss-1101-l7slb
class class-default
sticky-serverfarm sticky-srcip-1101
[code].....
View 1 Replies
View Related
Aug 7, 2011
I'm running v4.3.5 in our WAAS environment. At the CLI of one of our 7341 WAEs, there are several connections that show up [code] However, in the Central Manager nothing shows up - not even empty graphs - when I click on a device and go to monitor/connections statistics. After a few minutes, I do get an error message that states "Error retrieving connection stats. Please ensure that the device is online and then refresh." By the way, I get all other statics in the GUI such as Optimization Details Report, Traffic Summary Report, etc. Another thing, these WAEs are behind a router and supposedly the ports to allow access to/from the WAEs and other data is allowed through the firewall.
Is there some special port that needs to be opened on the firewall to allow for 'connection statistics' information displayed, that doesn't need to be opened for the other statistics to display? Or could this be a bug in the software?
View 1 Replies
View Related
Nov 12, 2012
I have a ACE4710 setup to load balance a couple of web servers. The real servers all show as inservice as do the propbes and serverfarms/virtual servers. If I ping the Virtuual server ip address I get a reply but it I try to access VIP via telnet or web browser. I get a connection could not be open error on the client.The question is how do i determine where the error is comming from so far I can not tell if the client is getting through the acl or not.I have used the trouble shooting guide and nothing has worked to determine the cause so far. show service-policy int479 detail does not show an increase in the hit count when I try to connect.show stats conn does not show an increase in failed or timed out connections when i try to connect. [code]
View 3 Replies
View Related
Mar 28, 2012
default inactivity connection time out for A3(1.0) So by defult any tcp connection(http or https) will be timed out in an hour. [code]Was this change in the A4(2.0) code or is it still the same? I heard a TAC engg say that default inactivity timeout for http and https are now 5 mins that is 300 seconds.
View 3 Replies
View Related
Jul 26, 2012
I have a ACE module A2(3.5) installed, I am having a connectivity problem between two servers in my network. I have captured some traffic on different points in my network and from capture it seems like the problem is with this ACE module or somehow it is closing the connection.
View 6 Replies
View Related
Apr 2, 2012
I've configure two ACE 4700 in a SLB modus http to a web server.To understand how the ACE works and to see if all are ok, I want to test it? but how?
How do I do to initiate a http connection between my test pc to the webserver through the ACE?
View 5 Replies
View Related
Mar 18, 2013
I Updated the 5508 from 7.0.230 to 7.4.100 and made it a cluster.Sinse the Update the handscanners loose the connection to the AS400 Application.Where to start troubleshooting?I did a debug client, I see the client is roaming but I can not say if there is a relation between roaming and loosing connection to the application.
View 19 Replies
View Related
Aug 8, 2011
Can i send "show conn" to syslog server? for example:
[code]...
ESTAB5082
View 1 Replies
View Related
May 23, 2013
can we make a bridge connection between cisco aironet 1400 series and cisco R5005?
In Root and Non Root Manner.
View 1 Replies
View Related
Dec 3, 2012
Everytime I make a config change to one of the contexts on our ACE20, I get this message: Config Application in Progress. This command is queued to the system
If I run show download info, I get:
context : context1
Interface Download-status
--------------------------------------------------------------
187 In Progress
199 Pending
Regex download optimization status : Couldn't get status[TNRPC Timed out]
It eventually seems to complete, but it takes a very, very long time. We are running Version A2(3.5) [build 3.0(0)A2(3.5)].
View 2 Replies
View Related
Mar 27, 2013
Report run via Individual Web server URL’sThe report takes less than 20 minutes (average 15 minutes) to fetch and return the data. This is observed 9 out of 10 times.Report run via ACE Load Balanced URLThe report keeps on running for more than 20 minutes and never completes. The front end keeps showing report is running.The data in general when tested directly by running queries against the database (bypassing the platform) completes in 15-18 minutesThe network connectivity for each and every ports involved (Loadbalancer/Servers) have been throulgly checked.
View 6 Replies
View Related
Apr 3, 2012
I am taking an introduction class to CCNA and we are focusing on the Application Layer,and I'm having some difficulty in understanding what is an Application Layer Service. Is the Application Layer Service the same as Application Layer Software?
View 3 Replies
View Related
Jan 23, 2012
Is it possible to upgrade ACE 4710 from A3 to A4? What does this actualy means by A3, A4 & A5.
I want to upgrade ACE from A3 to A4 becase I want to enable switch-mode on ACE. Current S/W version is A3 2.0 which is not supporting this command. While reffering the command refernce guide saw that this command is supported in A2 & A4 version from 2.0 itself but for A3 in 2.7 (which is the latest) also this is not supporting this feature.
View 4 Replies
View Related
Apr 11, 2013
I have an issue with LMS not terminating SSH sessions on the Cisco ACE?
Cisco LMS 3.2
Cisco ACE A2(3.3)
View 1 Replies
View Related
Apr 5, 2012
I have two GSS. One in side A and one in side B. This in side A is primary and make management function, this in side B is secondary. Site A and B are DC work in active-active.
I have version 3.1.2 and I have to upgrade to 4.1 becouse 4.1 work with DNSSec. This is true?
I read that first I have to upgrade primary. But what with secondary? How it work? When I will be upgrade primary it will be not impact to synchronization with secondary?
View 3 Replies
View Related
Apr 8, 2013
We've got an application that broke after upgrading our ACEs from A5(2.1) to A5(2.2); the problem lies in how the ACE handles URLs with embedded backslash characters in them - e.g.: URL
Prior to the upgrade the ACE would forward these to the back-end servers; after the upgrade the ACE resets the client connection.
(We're doing SSL offload on the ACE; the back-end connection is HTTP over port 80, only the client-side traffic is over SSL.)
Some browsers will convert these to percent-encoded form - i.e. URL
and things work for these; but other browsers won't do this. So I'd like to set up a rewrite rule in the ACE that will replace any (or at least the first) '' with the string '%5C'. Just how to do this isn't clear from the command ref, and the config guide is a tad shy on similar examples.
View 1 Replies
View Related
Aug 1, 2011
Is the XFF [URL] on the Cisco CSS 11503? If not, is it on the roadmap for a future code release?
View 1 Replies
View Related
Nov 28, 2011
I would like to allow yahoo chat application to a particular user in my office thru Cisco ASA, can i have configuration for this The list of IP addresses and port number which is Yahoo Chat is using.
View 2 Replies
View Related
