Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACE module in ASN set up not passing URL

Hello all,

I have an interesting issue. I have an ACE30 set up in ASN mode (see http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA5_1_0/configuration/slb/guide/slbgd.html)

I do see the connection to the server establish, but the server admin informs me that they are performing URL filtering and that my packets do not contain a URL! I am not sure what exactly I should do about this.

Config on ACE context:

access-list INBOUND line 10 extended permit ip any any

probe https TMG-Exchange

  ssl version all

rserver host real1

  ip address 10.50.102.77

  inservice

rserver host real2

  ip address 10.50.102.78

  inservice

serverfarm host FARM_VIP_10.50.103.239

  transparent

  rserver real1

    inservice

  rserver real2

    inservice

class-map match-all VIP_CLASS

  2 match virtual-address 10.50.103.239 any

class-map type management match-any mgmt-cm

  2 match protocol icmp any

  3 match protocol ssh source-address 10.48.0.0 255.240.0.0

policy-map type management first-match mgmt-pm

  class mgmt-cm

    permit

policy-map type loadbalance first-match lbpol

  class class-default

    serverfarm FARM_VIP_10.50.103.239

policy-map multi-match LBPOL

  class VIP_CLASS

    loadbalance vip inservice

    loadbalance policy lbpol

    loadbalance vip icmp-reply active

    loadbalance vip advertise active

interface vlan 102

  description ONE ARM VLAN

  ip address 10.50.102.96 255.255.255.0

  no normalization

  access-group input INBOUND

  service-policy input LBPOL

  service-policy input mgmt-pm

  no shutdown

ip route 0.0.0.0 0.0.0.0 10.50.102.251

Any ideas?

Everyone's tags (6)
2 REPLIES

ACE module in ASN set up not passing URL

Hello Mikael,

Could you explain yourself better? Do you mean you need to match a specific URL or what exactly?

Jorge

New Member

ACE module in ASN set up not passing URL

I do not need to match a specific URL. The application on the server does however. The server admin reports that connection is being refused as there is no URL included to match.

When setting this up as a one-arm config with source NAT everything works fine. Unfortunately, it is a requirement of the application that the client IP remain intact.

370
Views
0
Helpful
2
Replies