Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
1
Replies

HTTP Redirect with Service type redirect

joonyong-chua
Level 1
Level 1

‎03-18-2003 09:06 PM

Hi,

I would like to seek some advice on the redirection feature (using service type redirect) in a one arm CSS configuration.

In our environment, we process incoming HTTPS request and load balance to 2 HTTPS Servers. In the event that all the local services are unavailable, the request will be forwarded to a webpage located in either a HTTP or HTTPS Server.

Below is a sample config. However, it doesnt redirect when the local services become unavailable.

Instead, i change the whole config such that it process incoming HTTP request (not HTTPS), load balance to 2 HTTP servers and redirect to a HTTP server when local service fails. This time it works.

Do the redirect service type only works with incoming HTTP request only and not with incoming HTTPs request?

Is it able to redirect for the following senario?

1) incoming HTTPS, redirect to HTTPS Server or HTTP Server when local service are unavailable.

2) incoming HTTP, redirect to HTTP (tested it works) or HTTPS server.

Thanks in advance for assistance

!************************** CIRCUIT **************************

circuit VLAN1

ip address 192.168.103.35 255.255.255.192

!************************** SERVICE **************************

service SSL1

ip address 192.168.103.53

protocol tcp

port 443

keepalive type tcp

keepalive port 443

active

service SSL2

ip address 192.168.103.54

protocol tcp

port 443

keepalive type tcp

keepalive port 443

active

service SSLRedirectHTTPS

ip address 192.168.103.31

protocol tcp

port 443

keepalive type tcp

keepalive port 443

type redirect

no prepend-http

redirect-string "https://192.168.103.31/down.htm"

active

service SSLRedirectHTTP

ip address 192.168.103.32

protocol tcp

port 80

keepalive type http

type redirect

redirect-string "192.168.103.32/down.htm"

active

!*************************** OWNER ***************************

owner CISCO

content L5Rule_SSL

vip address 192.168.103.37

application ssl

protocol tcp

port 443

url "/*"

add service SSL1

add service SSLRedirect

active

!*************************** GROUP ***************************

group SSL

vip address 192.168.103.37

add destination service SSL1

add destination service SSL2

add destination service SSLRedirectHTTPS

add destination service SSLRedirectHTTP

active

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎03-21-2003 07:55 AM

only works with HTTP.

The reason is that the HTTPS session is encrypted.

So, the CSS can't insert, modify or create a reply to the client.

Gilles.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents