Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
4
Helpful
1
Replies

ACE Sticky Question

jteixido
Level 1
Level 1

‎10-12-2010 01:23 PM

Team,

Would the following sticky configuration work if I configured the ACE to accept connections via port 80 and then I redirect the connection to port 443?

sticky http-cookie acecookie sticky-example

cookie insert browser-expire

replicate sticky

serverfarm example

Regards,

John...

Labels:
0 Helpful
1 Reply 1

Pablo
Cisco Employee
Cisco Employee

‎10-12-2010 01:34 PM

Hi John,

This configuration would only work only if you're doing SSL offloading on the ACE, you don't need stickiness for the 80 connection because the redirect service is a fake rserver intended only to do HTTP redirection, once the connections goes over port 443 all the L5 data is hidden for the ACE so cookie inspection is not possible anymore.

If you're not doing SSL offloading on the ACE then you might want to configure sticky based on Sticky srcIP (not good if connections comes from a proxy) or also based on the SSL session ID.

If you need any examples of this two methods, ping back.

HTH

__ __

Pablo

Customers Also Viewed These Support Documents