Cisco Application :: Tcp 3636 - How To Configure CSS Port Redirection
Oct 11, 2011
I have CSS in single arm deployment model. I want to configure port redirection for the servers. Servers are actually running web service on port TCP 3636. Which is accessibale by VIP http://192.168.200.87:3636 but I dont want to give user this URL I want the user to use standard HTTP URL as mention below, I want user to open http://192.168.200.87 and once they access this URL automatically CSS redirect them to port 3636. How I can achive this. I am using IP addresses for the load balancing.
View 4 Replies
ADVERTISEMENT
Aug 15, 2012
I am having difficulty following the logic of the port-translation. Here is the configuration on a 5505 with 8.3,So I would have thought the outside access-list should reference the 'mapped' port but even with 3398 open I cannot remote desktop to the host. If I open 3389 then I can connect successfully.
View 12 Replies
View Related
Jun 19, 2012
I am wondering if there is a method to redirect particular URLs to individual real servers in a server farm.Scenario: We have an url which is setup on our ACE4710s (A3 2.4) to load balancer to a particular server farm as per standard setup i.e.Customers access [URL] on an external VIP, this is then load balanced to a server farm "SF_WEBSITE" consisting of 2 real servers "Server_A" and "Server_B". Nothing difficult in this set up. However, I have eeen asked if it is possible to redirect certain urls to individual servers within the server farm "SF_WEBSITE": e.g.
Action 1 - Customers access [URL] is redirected to "Server_A" only
Action 2 - Customers access [URL] is redirected to "Server_B" only
Default Action - Customer access [URL] anything else is redirected to server farm "SF_WEBSITE" and is load balanced between "Server_A" and "Server_B"
The Standard Class Maps and Policy would be something like:
policy-map type loadbalance first-match SLB_WEBSITE
class class-default
serverfarm SF_WEBSITE
Where I thought I would need something like:
class-map type http loadbalance match-all CMAP_AREA1
description CMAP used to capture specific URL for area 1
2 match http url /area1
class-map type http loadbalance match-all CMAP_AREA2
description CMAP used to capture specific URL for area 2
2 match http url /area2
[code]...
I think the above method is ok for 1 instance, but if it test successfully, my company would want to to roll this out across dozens of server farm configurations each consisting of numerous real servers, which will make the administration and implementation time overheads massive, not to mention complicating and lengthening the configuration.
View 7 Replies
View Related
Sep 25, 2011
i have a 4710 appliance (one armed) and i am load balancing with two webservers. In the URL, there are links that need to be redirected to https:
[URL]
i am using the
rserver redirect REDIRECT-TO-HTTPS[URL]
The https is working but i have a problem. when i access the Main link "first" it is redirected to https to the Main link.But if i access one of the Sublinks directly(without having to click on the main link first) the page is redirected to https but to the Main Link. i have to click the Sublink again in order to get the page.How can i redirect to https and stay on the same page? What might be the general link in the webserver-redirection?
View 4 Replies
View Related
Nov 9, 2011
if a Cisco router or switch can handle wccp redirection enabled for both waas and some other web content filtering appliance using a different service group?
seems like the priority value would come into play determining which service group gets handled first?
we currently do WCCP for WaaS on our 3945s.
I am going to advocate to my customer that we separate this out for CPU load issues, config complexity issues, IOS issues, etc... but the question is going to come up - "can we do WCCP for different applications on our Catalyst 3750 core switch, or our 3945 WAN routers?"
View 2 Replies
View Related
Nov 30, 2011
I'm trying to use port redirection to allow outside access to a internal web server. As far as I can see, everything is configured properly. The Open Port Checker tool from yougotsingle.com says that the port (80) is open. However when I goto access it the connection times out. The external address is static from my ISP, and I will call it xxx.xxx.xxx.xxx. The server is at 10.1.1.20, and is functioning properly over the LAN.
View 7 Replies
View Related
Apr 3, 2012
I'm new at the ASA5500 domain. I have a question: How can I redirect traffic coming on a port to a machine inside the LAN listening to another port ? I would like to use ASDM.
View 1 Replies
View Related
May 16, 2013
We have a singe IP Address in the Internet and want to forward SMTP traffic that hits our ASA Outside Interace to the internal Mailserver.And we like to forward Http Traffic to our Webserver.
Example.
212.23.23.23 Port 25 -> 192.168.1.100 Port 25
212.23.23.23 Port 80 -> 192 168.1.200 Port 80
How do i acomplish that. Which NAT rules do in need?
View 12 Replies
View Related
Mar 5, 2013
I have a little problem with a redirection. When I type my external ip, I am directly connected to my Cisco 861 ( through port 80 (HTTP))
Even if I do a factory default, I always have the same problem. I try to make another redirection on another internal ip , but always same problem...
View 7 Replies
View Related
May 26, 2012
We have 2 TS (Terminal Servers) and have configured the 1st RDP using my public address (say 8.8.8.8) on port 3389. it is working very well of course. However I need setup my 2nd TS but will use port 7777 on the same public address which is not working.I am using ASDM 6.3 and firmware 8.3.1.Is this a limitation for this IOS?
View 6 Replies
View Related
Sep 5, 2012
wondering if redirection or conversion port 8080 into port 80 is possible? if so how and what cisco equipment can do that?
View 11 Replies
View Related
Apr 4, 2012
I have a Cisco 857 router which i used for Internet connection with RJ11 connectior (ADSL0 POTS) but now the ISP has changed the internet link with PPOE type and the ONT connection is RJ45 , Is there a possibility to configure one os the Fast Ethernet ports as WAN port for internet.
View 2 Replies
View Related
Feb 27, 2012
What is network port ? I want to configure a trunk port as network port, so that the trunk port becomes the network port for all the VLAN associated to the port.
View 18 Replies
View Related
Feb 11, 2013
Do you know if it is possible in ACE 4710 appliance to configure a SIP TLS ?The SIP probe we have in the configuration guide it is only for clear text. for Lync 2013 we need to establish first a TLS session and then within it, send an SIP request..IS it possible in any version? I tried also to configure a HTTPS probe but it fails as it sends a GET which the Lync SIP server doesn't understand.
View 1 Replies
View Related
May 12, 2011
I want to compress as much all packets COMING IN to our network to optimize the bandwidth. When users from Lan accessing the internet, it goes out to our GW1 but I want the RETURN internet packets will go first to Expand 2 for compression then goes to Expand1 for decompression. see attached network diagram setup. All Expand appliances are already configured. What configuration should be in GW1 and R2, both C2851?
View 4 Replies
View Related
Jul 3, 2011
I have upgraded gss to version 3.2(0) because I need to track a server that uses only https.I configured a https head KA VIP answer type but the answer never goes on-line.I tried using url... as the VIP address but not go online too.The gss is behind a firewall.I suspected of the firewall but from the gss CLI it seems that the firewall is open for the https traffic: [code]
View 1 Replies
View Related
Mar 6, 2011
How to configure HSRP with Statefull NAT using the application redundancy of the IOS XE? I want to have static NAT using the HSRP groups for clients and SNAT. (I want to achieve this as in normal IOS -[URL] High Availability NAT with HSRP)The configuration that I have on the 1st ASR. The configuration is similar on the second ASR
redundancy
mode none
application redundancy
group 1
name NAT-HSRPIN
[code]...
IP nat inside source static 10.10.10.20 "real ip address" redundancy 1 mapping-id 1 extendable.
View 1 Replies
View Related
Jan 12, 2013
i have configure new ACE 30 module on top of 6500 core switch , the issues am facing whenver i want to access to https://ACE_IP and after i enter the user name and the password , it's forwared me to the follwoing page: is there anything should i configure to avoid this page ?
View 1 Replies
View Related
Sep 24, 2012
I'm looking for some documentation I can share with a customer to explain why I can't configure them a back-up sticky server farm when we're not terminating SSL on the the ACE (we pass SSL from the client through to the rservers, sticking the client to the rserver by source IP address). I've not been able to find anything that addresses this particular scenario in my googling so far. I remember discussing this in my training class with the instructor, but I can't find any reference to it. Have any of you run into this and have a link they can share?
View 7 Replies
View Related
Oct 27, 2011
My ACE module rebooted itself and after the reboot it lost all the config and it has been booted with factory default setting.
[code]....
I would like to know the reason for the same. Is this due to firmware bug? or with the Hardware? I am bit dissatisfied that all of my config vanished without any reason after the reboot of ACE.
View 3 Replies
View Related
Aug 17, 2011
I'm trying to configure Fault Tolerance on a pair of 4710s. I followed the doc, and configured int gi1/4 as the fault tolerance interface, using vlan 12. However the GUI is saying FT Vlan Down
The troubleshooting wiki said check the physical connectivity, but everything there looks good. Each ACE can ping it's own IP, but not the router on that VLAN, or the peer. They're connected to a dedicated VLAN in a switch, and I even tried a crossover cable to directly connect the two. [code]
View 8 Replies
View Related
Apr 12, 2012
Is it possible to modify conf with snmp on ace module like others 6500 catalyst ?Is ace answer to snmpset cmds ?
View 1 Replies
View Related
Sep 18, 2012
I'm configuring ACE 4710's for the first time and I want to load balance my Nuance speech servers on port 554. Here's my configuration on ACE01:
[code].....
View 23 Replies
View Related
Sep 18, 2011
We want to mask part of the path prefix to hide development content: For example: the site(s) are: [URL]However we don't want anything with acme showing...so we would want the loadbalanced url to be: [URL] ...for requests and responses. I think this would be an http re-write request/response scenario?Is this possible to configure this on the ACE Device? We've got the load balance configuration down...not sure how to do this re-write type scenario?
View 2 Replies
View Related
Jan 1, 2013
I'm looking for a way to configure Cisco ACE4710 loadbalancer to bypass traffic that is initiated from server side to Internet?Are there any way to configure this, so that the loadbalancer will not maintain session for this bypass traffic to maximize throughput?
View 1 Replies
View Related
Aug 11, 2012
I've got a web app that the owners want to run over port 80, but also using SSL to secure private data in transit. The architecture is an ACE 4710 in SSL termination mode->Apache (port 2000)->Back-End app server.
I've got two VIPs set up already - one on port 443 and one on 2000 - both of which do the SSL termination quite nicely, but using the 3rd VIP set up on port 80, the connection steadfastly refuses to be HTTPS (i.e. doesn't show the padlock).
I've done all the set-up through the web interface so far, can this be done? If so, how?
View 1 Replies
View Related
Mar 12, 2012
I’m wondering if there is a way to configure CSS11503 running 8.10 so that the servers in the content rules can see the client port number?The servers can see the client IP, but not the port!! It seems when forwarding packets to the servers in the content rule, the CSS uses a new high-number port when communicating with servers.
View 2 Replies
View Related
Feb 3, 2013
the dynamic port range server load balancing supported for MS Exchange 2010
View 1 Replies
View Related
Dec 21, 2011
We have multiple CSS 11500 clusters. We have found that on all of them, if you try to open a session on any port to an IP address on the backend of the CSS, the CSS will complete the SYN-ACK-ACK session with the client. This happens regardless of whether there is something on that IP address or not.
Coming from any IP, if I try to telnet to ANY IP on the 10.2.2.0 subnet (whether or not there is an actual server on that IP) on any port (whether or not that port is open or not), the CSS will complete the initial connection. I have verified this using telnet to numerous ports and viewing the transaction in a packet capture.
Is there any way to shut this off? This is causing some licensing issues for our security folks that use a vulnerability scanner licensed on number of IP addresses.
View 4 Replies
View Related
Apr 26, 2012
I'm running several game and file servers via a dynamic IP, which I unfortunately cannot change to a static connection for several reasons. I've solved this by using No-IP, which is a Dynamic IP resolution service. This solved the first part of my problem - I can give people IP's for their websites, such as myfreemusic.sytes.net and so forth, but they all HAVE to append their ports to the url - i.e.
site1.sytes.net:90
site2.sytes.net:91
My main problem right now is the game servers - I'm hosting games that default host to 25565, and though I can change the ports the server hosts from, I must give those who want to connect the ports at the end of their urls, i.e.
server1.sytes.net:25566
server2.sytes.net:25567
I know DNS is essentially agnostic when it comes to ports, so no solution there. And I don't think the game (Minecraft vis-a-vis bukkit) supports SRV records, and even if they did, I'd have no idea how to configure them. How can I resolve static urls redirecting to a dynamic IP by pointing them to ports?
To simplify the question -
How can I make server1.sytes.net resolve to port 25566, and server2.sytes.net resolve to port 25567 when the default port is set to 25565?
View 1 Replies
View Related
Apr 29, 2012
I need to configure a keepalive that check an url in a server (http in port 9500 not in port 80) and check the port 443 in the same server. If any of them not response . the service should go down.
View 1 Replies
View Related
Dec 13, 2011
we would like to setup FTP server over CSS where our member sever use non-std-port to open both control/data channel (i.e. 6370 as ctrl and 6369 as data this case.) but seems we only get Passive mode FTP mode work only but not for Active mode FTP case for data channel establishement for server back to client..
# sh ver
Version: sg0820501 (08.20.5.01)
Flash (Locked): 08.10.1.06
Flash (Operational): 08.20.5.01
Type: PRIMARY
Licensed Cmd Set(s): Standard Feature Set
[code]....
View 3 Replies
View Related
Sep 13, 2012
I must redirect all connections from port 443 to 9443.
this is configered and running:
serverfarm host FARM-002
probe test-xml
rserver svx-xmlfw-lb-01 9443
backup-rserver svx-xmlfw-lb-02 9443
inservice
rserver svx-xmlfw-lb-02 9443
[code]....
I have in the moment following problem. All connections become redirectet to port 9443 but port 8080 shouldn`t be redirectet to port 9443. What can i change in my config to solve this problem?
View 6 Replies
View Related
