I have implemented a solution on a Cisco ACE LB, which receives requests from the internet for https://website1.com/path, and proxies these to https://website2.com/path -- using the following configuration:
rserver host <snip>
ip address <snip>
action-list type modify http HTTP_MODIFY
header rewrite both host header-value "website1\.com" replace "website2.com"
serverfarm host <snip>
sticky ip-netmask 255.255.255.255 address source <snip>
class-map match-all <snip>
10 match virtual-address <snip> tcp eq https
policy-map type loadbalance first-match <snip>
ssl-proxy client <snip>
policy-map multi-match <snip>
loadbalance vip inservice
loadbalance policy <snip>
loadbalance vip icmp-reply active
nat dynamic 5 vlan <snip>
ssl-proxy server <snip>
This works, except that it is seemingly incapable of dealing with 301/302 redirects. These come back from the server with a location field of https://website2.com/path2 and this is sent to the client browser unchecked.
I have tried all manner of response rewrites, but cannot get any of them to do what I need them to. I have a suspicion that these are being treated as payload rather than header information by the ACE, but if anyone can clarify I'd be most grateful.
I *believe* the format should be something like:
header rewrite response host header-value "(.*)https://website2\.com(.*)" replace "%1https://website1.com%2"
(assuming the ACE is even capable of doing this) but this does not seem to work.
Any assistance gratefully received.