Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
909
Views
0
Helpful
3
Replies

ACE eliminate insertion of http-header in some case

Alex Labuta
Level 1
Level 1

‎02-03-2012 05:53 AM

Hi All!

I have already configure loadbalance for http proxy servers (squid with NTLM) on ACE

with NAT and http header-insertion

If browser send clear request without username and password all done, i see client ip source into x-forward header.

Else nothing insert.

All recommendation from forum and guides applyed  and over.

ACE2/proxy# show parameter-map HTTP_PARAMETER_MAP

Parameter-map : HTTP_PARAMETER_MAP

Description : -

Type : http

    server-side connection reuse       : disabled

    case-insensitive parsing           : enabled

    persistence-rebalance              : enabled

    inspect non-persistence            : enabled

    header modify per-request          : enabled

    parsing non-strict                 : enabled

    header-maxparse-length             : 16384

    content-maxparse-length            : 32768

    parse length-exceed action         : continue

    urlcookie-delimiters               : /&#+

    urlcookie-start                    : ?

What I do wrong?

I have ACE20 with 2.3.5 software

Labels:
0 Helpful
3 Replies 3

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee

‎02-06-2012 12:15 AM

Hi Alex,

I would suggest you to do a SPAN session of the internal TenGig interface connecting the ACE with the switch backplane. Seeing the differences between the working and failing scenarios will probably give you some hints on why the header insertion is not working.

If you need help to analyze the traffic capture, you can always open a TAC case

Regards

Daniel

0 Helpful

Alex Labuta
Level 1
Level 1
In response to Daniel Arrondo Ostiz

‎02-06-2012 02:16 AM

Hi Daniel,

I am already have sniffers at client and serverside, it's insufficiently?

Best regard, Alex.

0 Helpful

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee
In response to Alex Labuta

‎02-06-2012 02:35 AM

Hi Alex,

It's always better to get the captures on the backplane to really see what the ACE is sending/receiving (including the vlan tags), but having captures on the client and server may also be enough.

Daniel

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card