CSS11506 - Some basic help needed

Unanswered Question

Alright, I have a CSS11506 in the lab and I am trying to configure it into a reverse proxy config. So I would like to have all inbound http requests hit the CSS and then have it redirect to our web server on correct DMZ. Having never setup a CSS before I need some help.

- Is my service type proxy-cache, type redirect or type transparent cache ?

I know this should be fairly easy to do with the 11506. Can you also provide some docs explaining the config walkthru.

Any help would be appreciated.

Cheers

Dave

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Syed Iftekhar Ahmed Wed, 05/09/2007 - 11:49

If requirement is simply to direct all http requests to an application's virtual IP (defined on CSS) to a group of web servers then you dont need to define any service type. The default "type local" will work for you.

transparent-cache/proxy-cache type services are needed when you are dealing with Cache engines instead of webservers.Redirect type service is used to redirect client's request to a diffrent host (using 302 messages).

Syed

Thanks, that explains a few things.

So assuming the following, DMZ web server ip is 192.168.20.50 and VIP for CSS is 192.168.20.100, basically I would want to redirect all inbound http requests from 192.168.20.100 to the 192.168.20.50 using the following CSS config ?

service rprox1

ip address 192.168.20.50

protocol tcp

port 8080

active

owner clee

content redirect_rule

add service rprox1

vip address 192.168.20.100

protocol tcp

port 8080

url "/*"

Like I said, never configured one yet so this is my first attemtp.

Thanks again for the help

Cheers

Dave

Syed Iftekhar Ahmed Wed, 05/09/2007 - 20:47

The above config will work if you are expecting the traffic on port 8080.

The only other thing you need to make sure is that the return traffic should not bypass CSS.

If your clients are coming from any other networks than 192.168.20.x, then you can ensure that by pointing the webserver's default gateway to the CSS circuit ip.

If you are also expecting clients from network 192.168.20.x network then you will need to source nat such traffic.

Syed

Actions

This Discussion