Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
795
Views
0
Helpful
3
Replies

ACE redirect or/and rewrite?

hborg
Level 1
Level 1

‎05-02-2012 12:31 AM

I have a client who wants help with some URL filtering in their ACE appliance.

Description of the case is as follows:

All calls to http://www.acme.dom.se/lagrummet be sent to http://pluto.dom.se/lagrummet.

Note, no calls coming in on the VIP get sent to something other than /lagrummet, it must be ensured that with a creative URL cannot access another service!

Is it a redirect or rewrite that would be the best solution?

Thank you.

Labels:
0 Helpful
3 Replies 3

Jorge Bejarano
Level 4
Level 4

‎05-02-2012 10:23 PM

Hello,

Basically you just want to match: /lagrummet ,-only that-, correct?

What about if you have http://www.acme.dom.se/lagrummet/services or something like that? Do you like to send that to http://pluto.dom.se/lagrummet anyway?

What you can do is to configure a redirect to send the request to http://pluto.dom.se/lagrummet  if it matches the uri /lagrumment, otherwise you can just have a default serverfarm to handle the rest of the traffic which does not match

/lagrummen or just configure a "drop"

J

.

0 Helpful

hborg
Level 1
Level 1
In response to Jorge Bejarano

‎06-07-2012 05:05 AM

Hello,

Thank you for your answer, sorry for the delay in my response. Do you have an example of this configuration or could you create one from the above?

Thank you.

//HB

0 Helpful

Jorge Bejarano
Level 4
Level 4
In response to hborg

‎06-07-2012 09:22 PM

Hello HB,

Probably you can try the following:

access-list ANYONE line 10 extended permit ip any any

interface vlan 10

  description Client vlan

  ip address 172.16.1.2 255.255.255.0

  access-group input ANYONE

  service-policy input WEB

  no shutdown

policy-map multi-match WEB

  class WEB_VIP

    loadbalance vip inservice

    loadbalance WEB

    loadbalance vip icmp-reply active

class-map match-all WEB_VIP

  2 match virtual-address 172.16.1.10 tcp eq www

class-map type http loadbalance match-all HOST-MATCH

  2 match http header Host header-value "www.acme.dom.se"

  3 match http url /lagrummet

policy-map type loadbalance first-match WEB

  class HOST-MATCH

  serverfarm SERVERFARM-REDIRECT

  Class class-default

  drop

serverfarm redirect SERVERFARM-REDIRECT

  rserver SV-REDIRECT

    inservice

rserver redirect SV-REDIRECT

  webhost-redirection http://pluto.dom.se/lagrummet 301

  inservice

Once the ACE has done the redirect, you need to make sure to have another VIP which will handle the new request:

http://pluto.dom.se/lagrummet which will load balance the traffic between the servers which you have configured for that.

Hope this helps!!!

+++++++++++++++++++

Jorge

0 Helpful
Customers Also Viewed These Support Documents