Hi,

I tried but no luck. I can see the hit on the Rule but unable to open the web page.

ENOC_IRC         Active    IRC_1            49

                                            IRC_2            0

                                            IRC_DR           0

content ENOC_IRC

    add service IRC_1

    add service IRC_2

    add service IRC_DR

    vip address 192.168.200.58

    advanced-balance sticky-srcip

    protocol tcp

    port 80

    url "/*"

    active

Kindly assist.

Hi,

From the error attached I can see your server are listening on port 9000 so you need to do port translation on the services.

Configure port 9000 on each of your services

service IRC_1

  ip address 192.168.17.12

  keepalive type tcp

  keepalive port 80

  port 9000

  active

Also make sure the services are "alive" with a show service summary.

The content rule will still listen on port 80 so you can connect using the URL http://irs.abc.com/irs.htm but the traffic will be sent to the servers using port 9000 (This is totally transparent to the client).

HTH

__ __

Pablo

Hi,

I have tried with 9000 but no luck. Even the web page is coming up with error. Below is the configuration

service IRC_1

  ip address 192.168.17.12

  keepalive type tcp

  keepalive port 80

  port 9000

  active

service IRC_2

  ip address 192.168.17.14

  keepalive type tcp

  keepalive port 80

  port 9000

service IRC_DR

  ip address 192.168.10.37

  keepalive type tcp

  keepalive port 80

  port 9000

CSS01# show service summary

Service Name                     State     Conn  Weight  Avg   State

                                                         Load  Transitions

ITSMWEB_1_HTTPS                  Alive         0      1     2            0

ITSMWEB_2_HTTPS                  Alive         0      1     2            0

ORALCE_PRD1                      Alive         3      1     2            0

ORALCE_DR1                       Down          0      1   255            0

ORALCE_PRD2                      Down          0      1   255            0

IRC_1                            Alive         0      1     2            4

IRC_2                            Suspended     0      1   255            2

IRC_DR                           Suspended     0      1   255            2

end of buffer

CSS01# show rule-summary

VIP Address     Port  Prot Url                CntRuleName    OwnerName Stat Idx

--------------- ----- ---- ------------------ -------------- --------- ---- ---

192.168.200.95  80    TCP                     TP        GIT  Act  5 

192.168.200.58  80    TCP  /*                 IRC       GIT  Act  9 

192.168.200.65  Any   Any                     EFAX      GIT  Act  2 

192.168.205.28  8002  TCP                     ORACLE_DEV GIT  Act  6 

192.168.200.106 30005 TCP                     ITSMAPP   GIT  Act  3 

192.168.200.105 80    TCP                     ITSM_WEB  GIT  Act  4 

192.168.210.57  80    TCP                     XPENAPP  GIT  Act  1 

192.168.200.101 443   TCP                     ITSM_HTTP GIT  Act  7

I can telnet real server 192.168.17.12 on port  9000.

I have also capture the packet while access the real server with success and caputre on VIP which shows error.

Hello,

from the screenshot it looks that your application once the page is loaded (and as this works fine i would say that the configured http rule is ok) will use some active component, like an applet, which in turn will perform connections, and from the error it looks that it tries to connect to port 9000, checking the vip trace this seems confirmed as:

ip.addr == 192.168.200.58 && !(tcp.port == 80)

shows the unsuccessful connection attempts to port 9000. So you will need another content rule, on the same VIP but listening on TCP port 9000. Looking at the serverside trace the connections to port 9000 do NOT seem to be using HTTP, so i would not define in the content rule a URL.

I also have the feeling that your first content rule was fine as before with the services pointing to port 80 for http traffic, I would add insteand new services with the same ip but with 9000 port to this second content rule.

Summarizing:

service IRC_1

  ip address 192.168.17.12

  keepalive type tcp

  keepalive port 80

  active

service IRC_2

  ip address 192.168.17.14

  keepalive type tcp

  keepalive port 80

service IRC_DR

  ip address 192.168.10.37

  keepalive type tcp

  keepalive port 80

service IRC_1_9000

  ip address 192.168.17.12

  keepalive type tcp

  keepalive port 9000

  port 9000

  active

service IRC_2_9000

  ip address 192.168.17.14

  keepalive type tcp

  keepalive port 9000

  port 9000

service IRC_DR_9000

  ip address 192.168.10.37

  keepalive type tcp

  keepalive port 9000

  port 9000

content IR_URL

    protocol tcp

    port 80

    vip address X.X.X.X

    add service IRC_1

    add service IRC_2

    add service IRC_DR

    url "//irs.abc.com/*"

    active

content IR_9000

    protocol tcp

    port 9000

    vip address X.X.X.X

    add service IRC_1_9000

    add service IRC_2_9000

    add service IRC_DR_9000

    active

group TEST_IRC

  add destination service IRC_1

  add destination service IRC_2

  add destination service IRC_DR

  add destination service IRC_1_9000

  add destination service IRC_2_9000

  add destination service IRC_DR_9000

  vip address 192.168.200.58

  active

Please note that this is a guess based on traces and errors but a proper design should be based on the input coming from the application team regarding the operational network requirements of this application.

Hope it helps,

Francesco