So i'm looking at header-inserts on the ACE. We have a requirement to to instruct the ACE to redirect from HTTP to HTTPS should a HTTP request be made. This is fine and has been implemented, however, after the redirect we need to insert an header into the packet to tell the web server listening on port 80 that the packet has been decrypted and did arrive on HTTPS after the redirect. What sort of header-insert would normally handle this?
You can insert IP and port in client requests that come on to ACE using x-forwarded-for but i am not sure if webserver will know that the request originally came on HTTPS even after CLIENT IP AND PORT insertion. Normally this is used for reporting purposes. If the purpose is just to know the original client IP and PORT then that's how you do it.
Now, normally in situation where front end is HTTPS and backend is HTTP, in case a webserver issues a redirect it will be "HTTP". ACE will forward that redirect as it is and client will switch the connection from HTTPS to HTTP and that will be a problem. So to deal with these situations ACE has the capability to rewrite the redirect issued by webserver itself from HTTP to HTTPS so the connection stays HTTPS. If the purpose to telling the webserver of client original PORT is to ensure that if any redirect issued by webserver is sent on HTTPS, then i am not sure if x-forwarded-for can help you. May be server team can throw some light on it. If the purpose is just to know the client original port then yes you can do it. Please have a look at "x-forwarded-for" under header-insertion.
New Cisco Champion Radio release on Cisco Intersight Cloud Operations PlatformListen: https://smarturl.it/CCRS8E15Follow us: https://twitter.com/CiscoChampion Known as Project Starship when it was introduced in June 2017, Cisco Intersight has come a ...
Join us live on Thursday, April 8 at 10 am PT (and on demand after) as we join Cisco and HashiCorp executives to discuss the importance of IaC automation, Intersight Service for Terraform, and how to better manage hybrid cloud infrastructure at scale...
Join us live on Thursday, April 8 at 10 am PT (and on demand after) where Cisco and HashiCorp executives will discuss the importance of IaC automation, Cisco Intersight Service for Hashicorp Terraform, and how to better manage hybrid cloud infrastructure...
How to START with Infrastructure as a code for Cisco Cloud Solutions
ACI Ansible Modules Documentation Guide
Cisco Collections on Ansible Galaxy
Cisco DevNet Learning Labs
DevNet Introduction to ACI and Ansible
DevNet Introduction to ACI a...