05-10-2010 07:51 AM
I have ACE 4710 and I want to use this to redirect port 80 traffic to my proxy server. But I am not able to do that. MY ACE is in routed mode. Below is my ACE configuration when I am applying the policy on the interface I am not able to browse the Internet.
I am connected to the Interface VLAN 300. Below is the configuration for ACE.
class-map type management match-any CM_ALL
2 match protocol snmp any
3 match protocol http any
4 match protocol https any
5 match protocol icmp any
6 match protocol telnet any
class-map match-any CM_BYPASS_FOR_LAN
3 match virtual-address 100.1.1.0 255.255.255.0 tcp eq www
8 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
9 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
10 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
11 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www
12 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www
13 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www
class-map match-any CM_BYPASS_SUBNET
9 match virtual-address 100.0.0.0 255.0.0.0 tcp eq www
15 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www
16 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www
17 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www
18 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www
19 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www
20 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www
class-map match-any CM_IM
2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5050
3 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 1080
4 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5101
class-map match-all CM_SF_BCPR
255 match virtual-address 0.0.0.0 0.0.0.0 tcp eq www
policy-map type management first-match PM_ALL
class CM_ALL
permit
policy-map type loadbalance http first-match PM_L7_BYPASS_FOR_LAN_HTTP
class class-default
forward
policy-map type loadbalance http first-match PM_L7_BYPASS_HTTP
class class-default
forward
policy-map type loadbalance http first-match PM_LB_SF_BCPROXY
class class-default
serverfarm SF_BCPR
policy-map multi-match PM_BYPASS_FOR_LAN_HTTP
class CM_BYPASS_FOR_LAN
loadbalance vip inservice
loadbalance policy PM_L7_BYPASS_FOR_LAN_HTTP
policy-map multi-match PM_BYPASS_HTTP
class CM_BYPASS_SUBNET
loadbalance vip inservice
loadbalance policy PM_L7_BYPASS_HTTP
policy-map multi-match PM_MAIN_BCPROXY
class CM_SF_BCPR
loadbalance vip inservice
loadbalance policy PM_LB_SF_BCPROXY
loadbalance vip icmp-reply active
appl-parameter http advanced-options PARAMAP_CASE
service-policy input PM_ALL
interface vlan 100
description FW-INSIDE CONTEXT1
ip address 192.168.180.5 255.255.255.240
no icmp-guard
access-group input acl-out
no shutdown
interface vlan 300
description ACE-INSIDE CONTEXT RACK1
ip address 192.168.10.5 255.255.255.0
no normalization
no icmp-guard
access-group input acl-in
service-policy input PM_BYPASS_FOR_LAN_HTTP
service-policy input PM_BYPASS_HTTP
service-policy input PM_MAIN_BCPROXY
no shutdown
interface vlan 301
description BC-VLAN CONTEXT RACK1
ip address 192.168.180.97 255.255.255.240
access-group input acl-proxy
no shutdown
Please let me know where I am missing the configuration. I will be very thankful for the prompt help.
Solved! Go to Solution.
05-10-2010 10:20 AM
Hi,
You need to put your rserver inservice.
rserver host RS_BCPR01
ip address 192.168.180.103
inservice
As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.
hth
05-10-2010 10:20 AM
Hi,
You need to put your rserver inservice.
rserver host RS_BCPR01
ip address 192.168.180.103
inservice
As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.
hth
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide