Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1346
Views
0
Helpful
6
Replies

Redirect Problem with ACE 4710 !

dominik.menzi
Level 1
Level 1

‎09-14-2012 02:23 AM

Greetings

I must  redirect all connections from port 443 to 9443.

this is configered and running:            

serverfarm host FARM-002

  probe test-xml

  rserver svx-xmlfw-lb-01 9443

    backup-rserver svx-xmlfw-lb-02 9443

    inservice

  rserver svx-xmlfw-lb-02 9443

    inservice standby

serverfarm host FARM-003

  rserver svx-xmlfw-lb-03 9443

    inservice

     

I have in the moment following problem. All connections become redirectet to port 9443 but port 8080 shouldn`t be redirectet to port 9443. What can i change in my config to solve this problem?

Thanks for help

Dominik

Labels:
0 Helpful
6 Replies 6

sivaksiv
Cisco Employee
Cisco Employee

‎09-14-2012 02:38 AM

Hi Domnik,

One option is to configure a virtual ip for port 8080 and make them not to be reciredted anywhere.

Regards,

Siva

0 Helpful

dominik.menzi
Level 1
Level 1
In response to sivaksiv

‎09-14-2012 03:54 AM

Thanks for the answer

What do mean with e virtuel ip for port 8080?

Current configuration is:

serverfarm host FARM-003

  rserver svx-xmlfw-lb-03 9443

    inservice

sticky ip-netmask 255.255.255.255 address source STICKY-GRP-003

  timeout 1

  serverfarm FARM-003

class-map match-all VIP-003

  2 match virtual-address 193.134.75.9 any

policy-map type loadbalance first-match LB-POLICY-003

  class class-default

    sticky-serverfarm STICKY-GRP-003

policy-map multi-match LB-TRAFFIC-001

  class VIP-003

    loadbalance vip inservice

    loadbalance policy LB-POLICY-003

    loadbalance vip icmp-reply active

sticky ip-netmask 255.255.255.255 address source STICKY-GRP-003

  timeout 1

  serverfarm FARM-003

 

This VIP 193.134.75.9 has the DNS webservices.baloise.ch. Do you mean e second VIP with another Hostname?

Regards

Dominik

0 Helpful

sivaksiv
Cisco Employee
Cisco Employee
In response to dominik.menzi

‎09-14-2012 04:01 AM

Hi Domnik,

Add another VIP as below.

class-map match-all VIP-8080

  2 match virtual-address 193.134.75.9 tcp eq 8080

policy-map multi-match LB-TRAFFIC-001

  class VIP-8080

    loadbalance vip inservice

    .....

    ....

  class VIP-003

    loadbalance vip inservice

    loadbalance policy LB-POLICY-003

    loadbalance vip icmp-reply active

-

Siva

0 Helpful

dominik.menzi
Level 1
Level 1
In response to sivaksiv

‎09-14-2012 05:13 AM

Hi Siva

Thank you for you reply

We tried it in three ways:

First way

serverfarm host FARM-003

  rserver svx-xmlfw-lb-03 9443

    inservice

class-map match-all VIP-003

  2 match virtual-address 193.134.75.9 any

class-map match-all VIP-003-8080

  2 match virtual-address 193.134.75.9 tcp eq 8080

policy-map multi-match LB-TRAFFIC-001

class VIP-003

    loadbalance vip inservice

    loadbalance policy LB-POLICY-003

    loadbalance vip icmp-reply active

class VIP-003-8080

    loadbalance vip inservice

class-map match-all VIP-003

  2 match virtual-address 193.134.75.9 tcp eq 9443

class-map match-all VIP-003-8080

  2 match virtual-address 193.134.75.9 tcp eq 8080

serverfarm host FARM-003

  rserver svx-xmlfw-lb-03

    inservice

doesn`t work , it works only the redirection 9443

second way

class-map match-all VIP-003
  2 match virtual-address 193.134.75.9 tcp eq 9443
class-map match-all VIP-003-8080
  2 match virtual-address 193.134.75.9 tcp eq 8080

serverfarm host FARM-003
  rserver svx-xmlfw-lb-03
    inservice

policy-map multi-match LB-TRAFFIC-001

class VIP-003

loadbalance vip inservice

loadbalance policy LB-POLICY-003

loadbalance vip icmp-reply active

class VIP-003-8080

loadbalance vip inservice

doesn`t work , it works only the redirection 9443

third way

class-map match-all VIP-003
2 match virtual-address 193.134.75.9 any
class-map match-all VIP-003-8080
2 match virtual-address 193.134.75.9 tcp eq 8080

serverfarm host FARM-003
rserver svx-xmlfw-lb-03
inservice

policy-map multi-match LB-TRAFFIC-001

class VIP-003

loadbalance vip inservice

loadbalance policy LB-POLICY-003

loadbalance vip icmp-reply active

class VIP-003-8080

loadbalance vip inservice

doesn`t work , it works only the redirection 8080

Do you see where we made a mistake

Regards

Dominik

0 Helpful

sivaksiv
Cisco Employee
Cisco Employee
In response to dominik.menzi

‎09-14-2012 06:55 AM

Hi Dominik,

VIP-8080 should be applied first followed by other VIP.

I created a new serverfarm for VIP 8080 so it gets redirected on the same port.

serverfarm host FARM-8080

  rserver svx-xmlfw-lb-03 8080

    inservice

policy-map multi-match LB-TRAFFIC-001

class VIP-003-8080

loadbalance vip inservice

loadbalance policy LB-POLICY-8080

loadbalance vip icmp-reply active

class VIP-003

loadbalance vip inservice

loadbalance policy LB-POLICY-003

loadbalance vip icmp-reply active

-

Siva

0 Helpful

dominik.menzi
Level 1
Level 1
In response to sivaksiv

‎09-14-2012 07:57 AM

Thanks e lot!

I check this monday morning. Have e nice weekend!!

Regards

Dominik

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card