I have a client who wants help with some URL filtering in their ACE appliance.
Description of the case is as follows:
All calls to http://www.acme.dom.se/lagrummet be sent to http://pluto.dom.se/lagrummet.
Note, no calls coming in on the VIP get sent to something other than /lagrummet, it must be ensured that with a creative URL cannot access another service!
Is it a redirect or rewrite that would be the best solution?
Basically you just want to match: /lagrummet ,-only that-, correct?
What about if you have http://www.acme.dom.se/lagrummet/services or something like that? Do you like to send that to http://pluto.dom.se/lagrummet anyway?
What you can do is to configure a redirect to send the request to http://pluto.dom.se/lagrummet if it matches the uri /lagrumment, otherwise you can just have a default serverfarm to handle the rest of the traffic which does not match
/lagrummen or just configure a "drop"
Thank you for your answer, sorry for the delay in my response. Do you have an example of this configuration or could you create one from the above?
Probably you can try the following:
access-list ANYONE line 10 extended permit ip any any
interface vlan 10
description Client vlan
ip address 172.16.1.2 255.255.255.0
access-group input ANYONE
service-policy input WEB
policy-map multi-match WEB
loadbalance vip inservice
loadbalance vip icmp-reply active
class-map match-all WEB_VIP
2 match virtual-address 172.16.1.10 tcp eq www
class-map type http loadbalance match-all HOST-MATCH
2 match http header Host header-value "www.acme.dom.se"
3 match http url /lagrummet
policy-map type loadbalance first-match WEB
serverfarm redirect SERVERFARM-REDIRECT
rserver redirect SV-REDIRECT
webhost-redirection http://pluto.dom.se/lagrummet 301
Once the ACE has done the redirect, you need to make sure to have another VIP which will handle the new request:
http://pluto.dom.se/lagrummet which will load balance the traffic between the servers which you have configured for that.
Hope this helps!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: