I have a pair of redundant CSS11503 load-balancing two HTTP servers. I need to permit access to specific subset of URLs on those two HTTP servers to anybody on the Internet, while rest of the URLs should be allowed for specific range(s) of IP addresses.
- permit any to access /games/scores/*
- permit some/range to access /*
- deny the rest
I'm running a two-armed CSS setup, meaning a public VIP known by external users. Requests to the VIP are load-balanced on two internal/RFC1918 HTTP servers.
the CSS is a 'communication enabling' device, not a 'communication forbidding' device. You can configure the CSS to distribute the load to different servers based on many different algorithms, but you cannot configure the CSS to deny request based on URLs/Source.
What the CSS can do is to deny requests from defined IP addresses. You have to use the ACL feature for this.
What I would do is to let the web servers decide what a user is allowed to see. This way you also can use advanced user authentication on the web servers.
Just let the CSS do what it is built for: distribute traffic.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...