Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE Redirection

I have ACE 4710 and I want to use this to redirect port 80 traffic to my proxy server. But I am not able to do that. MY ACE is in routed mode. Below is my ACE configuration when I am applying the policy on the interface I am not able to browse the Internet.

I am connected to the Interface VLAN 300. Below is the configuration for ACE.

class-map type management match-any CM_ALL

2 match protocol snmp any

3 match protocol http any

4 match protocol https any

5 match protocol icmp any

6 match protocol telnet any

class-map match-any CM_BYPASS_FOR_LAN

3 match virtual-address 100.1.1.0 255.255.255.0 tcp eq www

8 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www

9 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www

10 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www

11 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www

12 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www

13 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www

class-map match-any CM_BYPASS_SUBNET

9 match virtual-address 100.0.0.0 255.0.0.0 tcp eq www

15 match virtual-address 192.168.0.0 255.255.0.0 tcp eq www

16 match virtual-address 172.20.0.0 255.255.0.0 tcp eq www

17 match virtual-address 172.16.0.0 255.255.0.0 tcp eq www

18 match virtual-address 172.23.16.0 255.255.255.0 tcp eq www

19 match virtual-address 172.23.15.0 255.255.255.0 tcp eq www

20 match virtual-address 10.0.0.0 255.0.0.0 tcp eq www

class-map match-any CM_IM

2 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5050

3 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 1080

4 match virtual-address 0.0.0.0 0.0.0.0 tcp eq 5101

class-map match-all CM_SF_BCPR

255 match virtual-address 0.0.0.0 0.0.0.0 tcp eq www

policy-map type management first-match PM_ALL

class CM_ALL

permit

policy-map type loadbalance http first-match PM_L7_BYPASS_FOR_LAN_HTTP

class class-default

forward

policy-map type loadbalance http first-match PM_L7_BYPASS_HTTP

class class-default

forward

policy-map type loadbalance http first-match PM_LB_SF_BCPROXY

class class-default

serverfarm SF_BCPR

policy-map multi-match PM_BYPASS_FOR_LAN_HTTP

class CM_BYPASS_FOR_LAN

loadbalance vip inservice

loadbalance policy PM_L7_BYPASS_FOR_LAN_HTTP

policy-map multi-match PM_BYPASS_HTTP

class CM_BYPASS_SUBNET

loadbalance vip inservice

loadbalance policy PM_L7_BYPASS_HTTP

policy-map multi-match PM_MAIN_BCPROXY

class CM_SF_BCPR

loadbalance vip inservice

loadbalance policy PM_LB_SF_BCPROXY

loadbalance vip icmp-reply active

appl-parameter http advanced-options PARAMAP_CASE

service-policy input PM_ALL

interface vlan 100

description FW-INSIDE CONTEXT1

ip address 192.168.180.5 255.255.255.240

no icmp-guard

access-group input acl-out

no shutdown

interface vlan 300

description ACE-INSIDE CONTEXT RACK1

ip address 192.168.10.5 255.255.255.0

no normalization

no icmp-guard

access-group input acl-in

service-policy input PM_BYPASS_FOR_LAN_HTTP

service-policy input PM_BYPASS_HTTP

service-policy input PM_MAIN_BCPROXY

no shutdown

interface vlan 301

description BC-VLAN CONTEXT RACK1

ip address 192.168.180.97 255.255.255.240

access-group input acl-proxy

no shutdown

Please let me know where I am missing the configuration. I will be very thankful for the prompt help.

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: ACE Redirection

Hi,

You need to put your rserver inservice.

rserver host RS_BCPR01
  ip address 192.168.180.103

    inservice


As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.

hth

1 REPLY
Bronze

Re: ACE Redirection

Hi,

You need to put your rserver inservice.

rserver host RS_BCPR01
  ip address 192.168.180.103

    inservice


As you can see, when you're displaying your rserver/serverfarm, it's current status is OUTOFSERVICE, which indicates, that the rserver has been manually suspended for service.

hth

411
Views
0
Helpful
1
Replies
CreatePlease to create content