Syed Iftekhar Ahmed Fri, 08/08/2008 - 10:15
User Badges:
  • Blue, 1500 points or more

Why does it matter?

The back end servers never complains about :80


Is it only about port 80? or you want to translate different ports in requests to port 80 on the real server.


Syed

lxcollin1 Fri, 08/08/2008 - 10:18
User Badges:

It's port 80. I have SSL proxy on the ACE so the client sees SSL, but the web server is adding :80 to the string so the URL looks like this to the end client:


https://mysite.com:80/test


Syed Iftekhar Ahmed Fri, 08/08/2008 - 10:22
User Badges:
  • Blue, 1500 points or more

I got it.

For this you need to use SSL rewrite function.

This will ensure that the response from Real server is rewritten.


Configuration example.

If server is sending port 80 in the url and you want it get converted to 443.


action-list type modify http 80t0443

ssl url rewrite location ".*" sslport 443 clearport 80



policy-map type loadbalance http first-match syed-policy

class xyz

serverfarm sf1

action 80t0443




Details at

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/ssl/guide/terminat.html#wp1119436


Thanks

Syed Iftekhar Ahmed

Actions

This Discussion