For example, is the below config valid? Basically i want incoming requests for dev.com.domain.com on 443 to be rewritten to port 444. In the service I've used both the 'port 444' and prepended :444 to the domain as i wasn't sure which if either would have the desired effect.
My hope is that the request will come in on https://dev.com.domain.com and hit the L5 content rule which will send it to the secure-transfer service to be redirected to port 444 which goes back to the other L5 rule and off to the ssl_module service.
If this won't work, is there another way of making it work?
At first sight, I don't see anything wrong with the redirection service. To set the port for this redirection, the correct way to do it would be adding the port information at the end of the url. The "port" command will be ignored for redirection services.
For the other part, I see one problem. In both content rules, you are trying to match on a specific url, but, if I understood it correctly, both will be dealing with SSL traffic. In that case, since traffic is encrypted, the CSS will not be able to match the URL and all requests will be dropped. If you need to do L5 processing on a SSL connection, you first need to setup SSL termination to decrypt the traffic.
My reason for trying this is to try and use one public IP for multiple SSL enabled backend servers without having to ask the dev's to change their code to use a differnt port.
I know that in the ssl proxy lists you can have multiple entries use the same IP as long as the port is differnt so differentiate between certificates so i thought i could be clever and let them continue using port 443 but have the CSS detect the url and then transparently redirect to another port like 444 in my case so the ssl proxy list would know the cert to use. But as you've pointed out, that won't work which is a shame.
oh well. It was a nice idea while it lasted
Unless anyone else knows a work around to this i guess i'll need to either use a 2nd public IP or ask them to change their code to use port 444 for ssl content.
常见的数据中心之间通信均会采用运营商MSTP/OTN专线进行互联实现通信，由于长途线路价格昂贵通常我们需要最大化使用线路带宽，传统的网络传输中通常是尽力而为传输一旦突发流量较大就会发生线路拥塞的情况，从而影响业务正常通信传输。这时候我们可以采用Qos技术来实现数据中心思科设备之间关键网络流量保障，从而实现链路最大化利用。拓扑图场景如下：如上图，SW01是位于数据中心A的广域网接入Cisco Nexus 3048交换机，SW02是位于数据中心B的广域网接...
Cloud Networking Community on Cisco Customer Connection
Join our community!!
As a valued Cisco Cloud Networking (former DCN) customer, you can be part of Cisco Customer Connection Program (CCP), Cisco’s global online community program. Connect ...
Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simplify the orchestration and automation of your infrastructure and workloads across your hybrid cloud environment. We will take a closer look at Cisco Intersight Cloud O...
Hybrid Cloud Demo Series: Simplify Orchestration of Your Infrastructure and Workloads
Tuesday, September 7, 202110:00 am Pacific Time(San Francisco, GMT-08:00)Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simpli...
Hybrid Cloud Demo Series: Simplify your hybrid cloud environment with Cisco Cloud ACI
Tuesday, August 24, 202110:00 am Pacific Time(San Francisco, GMT-08:00)Join us for a special Hybrid Cloud Demo Series webinar featuring Cisco Cloud Application Cen...