During the session of the client, the transition is made to SSL port 443 when the client selects a link on the page that redirects to https. This causes a new content rule to be hit and the client may be load-balanced to another server. As the traffic is now encrypted https (SSL/TLS), the CSS is not able to check above layer 4 (the TCP port number) for cookies, URLs etc., because the requests are encrypted when the information passes the CSS. In order to prevent the occurrence of this issue, configure the redirecting HREF on each server to point back to https at the same servers public address, not the VIP address, as shown here:
https://servers_own_ip_address/path"> secure site If your servers are in a private address space, configure SSL content rules for each server with a HREF on each server that points to the SSL Content rules VIP.
Below is the configuration example for your reference:
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...