05-10-2010 07:51 AM
I have ACE 4710 and I want to use this to redirect port 80 traffic to my proxy server. But I am not able to do that. MY ACE is in routed mode. Below is my ACE configuration when I am applying the policy on the interface I am not able to browse the Internet.
I am connected to the Interface VLAN 300. Below is the configuration for ACE.
class-map type management match-any CM_ALL
2 match protocol snmp any
3 match protocol http any
4 match protocol https any
5 match protocol icmp any
6 match protocol telnet any
class-map match-any CM_BYPASS_FOR_LAN
3 match virtual-address 100.1.1.0 255.255.255.0 tcp eq www
8 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
9 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
10 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
11 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www
12 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www
13 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www
class-map match-any CM_BYPASS_SUBNET
9 match virtual-address 100.0.0.0 255.0.0.0 tcp eq www
15 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
16 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www
17 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
18 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www
19 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www
20 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
class-map match-any CM_IM
2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5050
3 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 1080
4 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5101
class-map match-all CM_SF_BCPR
255 match virtual-address 0.0.0.0 0.0.0.0 tcp eq www
policy-map type management first-match PM_ALL
class CM_ALL
permit
policy-map type loadbalance http first-match PM_L7_BYPASS_FOR_LAN_HTTP
class class-default
forward
policy-map type loadbalance http first-match PM_L7_BYPASS_HTTP
class class-default
forward
policy-map type loadbalance http first-match PM_LB_SF_BCPROXY
class class-default
serverfarm SF_BCPR
policy-map multi-match PM_BYPASS_FOR_LAN_HTTP
class CM_BYPASS_FOR_LAN
loadbalance vip inservice
loadbalance policy PM_L7_BYPASS_FOR_LAN_HTTP
policy-map multi-match PM_BYPASS_HTTP
class CM_BYPASS_SUBNET
loadbalance vip inservice
loadbalance policy PM_L7_BYPASS_HTTP
policy-map multi-match PM_MAIN_BCPROXY
class CM_SF_BCPR
loadbalance vip inservice
loadbalance policy PM_LB_SF_BCPROXY
loadbalance vip icmp-reply active
appl-parameter http advanced-options PARAMAP_CASE
service-policy input PM_ALL
interface vlan 100
description FW-INSIDE CONTEXT1
ip address 192.168.180.5 255.255.255.240
no icmp-guard
access-group input acl-out
no shutdown
interface vlan 300
description ACE-INSIDE CONTEXT RACK1
ip address 192.168.10.5 255.255.255.0
no normalization
no icmp-guard
access-group input acl-in
service-policy input PM_BYPASS_FOR_LAN_HTTP
service-policy input PM_BYPASS_HTTP
service-policy input PM_MAIN_BCPROXY
no shutdown
interface vlan 301
description BC-VLAN CONTEXT RACK1
ip address 192.168.180.97 255.255.255.240
access-group input acl-proxy
no shutdown
Please let me know where I am missing the configuration. I will be very thankful for the prompt help.
Solved! Go to Solution.
05-10-2010 10:20 AM
Hi,
You need to put your rserver inservice.
rserver host RS_BCPR01
ip address 192.168.180.103
inservice
As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.
hth
05-10-2010 10:20 AM
Hi,
You need to put your rserver inservice.
rserver host RS_BCPR01
ip address 192.168.180.103
inservice
As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.
hth
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: