ACE Reverse Proxy question

Answered Question

Hello, I have a client that needs to reverse proxy sessions to two backend servers. Can the ACE preform reverse proxies?

Correct Answer by Gilles Dufour about 8 years 4 months ago

Gregg,


you need to create an action-list and assign it to your policy-map


switch/Admin(config)# action-list type optimization http avs_default

switch/Admin(config-actlist-optm)# ?

Configure optimization actions:

appscope Appscope measurement against optimization

cache Cache optimization

delta Delta optimization

do EXEC command

dynamic Enable just-in-time object accelaration

end Exit from configure mode

exit Exit from this submode

flashforward Flashforward optimization

flashforward-object Flashforward object optimization

no Negate a command or set its defaults



You will probably want to use cache forward or cache dynamic.

More info at


http://www.cisco.com/en/US/docs/net_mgmt/application_networking_manager/2.0/user/guide/UG_optimization.html


Gilles.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
Gilles Dufour Wed, 11/12/2008 - 09:08
User Badges:
  • Cisco Employee,

What do you expect from the reverse-proxy ???

Just caching ?

If so, the ACE module is not a solution but the ACE appliance C4710 will offer caching functionalities.


Gilles.

Gilles,


We do have a 4710. Attached is what we are trying to do. Can you point me in the right direction for setting this up? We are trying to reverse proxy an SSL traffic to two web servers. SSL traffic will be terminated on the ACE. I have also attached my configs, with how I have setup the VIP and server farm.


I am a switch and router guy not a load balancer expert by any means, any help or pointing to the correct docs would be very helpful.


Thanks,

Gregg



Attachment: 
Correct Answer
Gilles Dufour Thu, 11/13/2008 - 01:58
User Badges:
  • Cisco Employee,

Gregg,


you need to create an action-list and assign it to your policy-map


switch/Admin(config)# action-list type optimization http avs_default

switch/Admin(config-actlist-optm)# ?

Configure optimization actions:

appscope Appscope measurement against optimization

cache Cache optimization

delta Delta optimization

do EXEC command

dynamic Enable just-in-time object accelaration

end Exit from configure mode

exit Exit from this submode

flashforward Flashforward optimization

flashforward-object Flashforward object optimization

no Negate a command or set its defaults



You will probably want to use cache forward or cache dynamic.

More info at


http://www.cisco.com/en/US/docs/net_mgmt/application_networking_manager/2.0/user/guide/UG_optimization.html


Gilles.

chris.pomeroy Sat, 11/15/2008 - 10:01
User Badges:

Get rid of your chain group, if you only have the root cert, you don't need a chain group.


crypto chaingroup HBSP_CHAIN_GROUP

cert ebscert.pem


ssl-proxy service SSL_PROXY_EBSAPP

key "ebskey.pem"

cert "ebscert.pem"

chaingroup HBSP_CHAIN_GROUP



Actions

This Discussion