I am able to get redirection to work if the ports are different. For example, I am able to get http://test.foo.com:8000 to redirect to https://test.foo.com:8010. The SSL traffic is then terminated on the ACE, and traffic is sent back to the real servers on port 80. However, when I try to use the same port, it seems to get stuck in a "redirection loop". It is as if the first match VIP for port 8000 will try to hit that same redirection port the second time.
Is there a way, with SSL termination on the ACE, to have the http rewrite to https on the same port?
What you are trying to do is not possible. You cannot have two different protocols being received in the same IP and port, because then, the ACE (or any other load-balancer or server) will not know which of the two to use for each of connection.
If you really want to keep the same port, you should redirect to a different IP address.
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...