ACE Reverse Proxy question

Answered Question

Hello, I have a client that needs to reverse proxy sessions to two backend servers. Can the ACE preform reverse proxies?

I have this problem too.
0 votes
Correct Answer by Gilles Dufour about 8 years 2 weeks ago

Gregg,

you need to create an action-list and assign it to your policy-map

switch/Admin(config)# action-list type optimization http avs_default

switch/Admin(config-actlist-optm)# ?

Configure optimization actions:

appscope Appscope measurement against optimization

cache Cache optimization

delta Delta optimization

do EXEC command

dynamic Enable just-in-time object accelaration

end Exit from configure mode

exit Exit from this submode

flashforward Flashforward optimization

flashforward-object Flashforward object optimization

no Negate a command or set its defaults

You will probably want to use cache forward or cache dynamic.

More info at

http://www.cisco.com/en/US/docs/net_mgmt/application_networking_manager/2.0/user/guide/UG_optimization.html

Gilles.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (2 ratings)
Loading.
Gilles Dufour Wed, 11/12/2008 - 09:08

What do you expect from the reverse-proxy ???

Just caching ?

If so, the ACE module is not a solution but the ACE appliance C4710 will offer caching functionalities.

Gilles.

Gilles,

We do have a 4710. Attached is what we are trying to do. Can you point me in the right direction for setting this up? We are trying to reverse proxy an SSL traffic to two web servers. SSL traffic will be terminated on the ACE. I have also attached my configs, with how I have setup the VIP and server farm.

I am a switch and router guy not a load balancer expert by any means, any help or pointing to the correct docs would be very helpful.

Thanks,

Gregg

Attachment: 
Correct Answer
Gilles Dufour Thu, 11/13/2008 - 01:58

Gregg,

you need to create an action-list and assign it to your policy-map

switch/Admin(config)# action-list type optimization http avs_default

switch/Admin(config-actlist-optm)# ?

Configure optimization actions:

appscope Appscope measurement against optimization

cache Cache optimization

delta Delta optimization

do EXEC command

dynamic Enable just-in-time object accelaration

end Exit from configure mode

exit Exit from this submode

flashforward Flashforward optimization

flashforward-object Flashforward object optimization

no Negate a command or set its defaults

You will probably want to use cache forward or cache dynamic.

More info at

http://www.cisco.com/en/US/docs/net_mgmt/application_networking_manager/2.0/user/guide/UG_optimization.html

Gilles.

chris.pomeroy Sat, 11/15/2008 - 10:01

Get rid of your chain group, if you only have the root cert, you don't need a chain group.

crypto chaingroup HBSP_CHAIN_GROUP

cert ebscert.pem

ssl-proxy service SSL_PROXY_EBSAPP

key "ebskey.pem"

cert "ebscert.pem"

chaingroup HBSP_CHAIN_GROUP

Actions

This Discussion