cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1271
Views
0
Helpful
3
Replies

ACE response rewrite of 301/302 redirects from web server

jasejames2e2
Level 1
Level 1

I have implemented a solution on a Cisco ACE LB, which receives requests from the internet for https://website1.com/path, and proxies these to https://website2.com/path -- using the following configuration:

rserver host <snip>

  ip address <snip>

  inservice

action-list type modify http HTTP_MODIFY

  header rewrite both host header-value "website1\.com" replace "website2.com"

serverfarm host <snip>

  probe TCP_443

  rserver <snip>

    inservice

sticky ip-netmask 255.255.255.255 address source <snip>

  timeout 60

  timeout activeconns

  replicate sticky

  serverfarm <snip>

class-map match-all <snip>

  10 match virtual-address <snip> tcp eq https

policy-map type loadbalance first-match <snip>

  class class-default

    sticky-serverfarm <snip>

    action HTTP_MODIFY

    ssl-proxy client <snip>

policy-map multi-match <snip>

  class <snip>

    loadbalance vip inservice

    loadbalance policy <snip>

    loadbalance vip icmp-reply active

    nat dynamic 5 vlan <snip>

    ssl-proxy server <snip>

This works, except that it is seemingly incapable of dealing with 301/302 redirects. These come back from the server with a location field of https://website2.com/path2 and this is sent to the client browser unchecked.

I have tried all manner of response rewrites, but cannot get any of them to do what I need them to. I have a suspicion that these are being treated as payload rather than header information by the ACE, but if anyone can clarify I'd be most grateful.

I *believe* the format should be something like:

header rewrite response host header-value "(.*)https://website2\.com(.*)" replace "%1https://website1.com%2"

(assuming the ACE is even capable of doing this) but this does not seem to work.

Any assistance gratefully received.

1 Accepted Solution

Accepted Solutions

ajayku2
Cisco Employee
Cisco Employee

Hi,

Now

header rewrite response host header-value "(.*)https://website2\.com(.*)" replace "%1https://website1.com%2"

You should modify the location header if it is 301/302.

Something like below:

header rewrite response location header-value https://website2[.]com(.*)" replace "%1https://website1.com%2"

let me know if that works for you.

regards,

Ajay Kumar

View solution in original post

3 Replies 3

ajayku2
Cisco Employee
Cisco Employee

Hi,

Now

header rewrite response host header-value "(.*)https://website2\.com(.*)" replace "%1https://website1.com%2"

You should modify the location header if it is 301/302.

Something like below:

header rewrite response location header-value https://website2[.]com(.*)" replace "%1https://website1.com%2"

let me know if that works for you.

regards,

Ajay Kumar

Thanks, much appreciated. I don't know why, but it didn't register with me that the "host/location" name was an actual HTTP matching mechanism -- for some reason I had thought it was just a label

This is now working perfectly, so I can now complete this project. Thanks!!

Good to hear that

regards,

Ajay Kumar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: