My ACE is almost completely configured - with VIPs, farms, real servers, redirects etc. Port 80 and 443 are working as expected and web requests are getting routed appropriately.
The need has arisen however, to allow a non-traditional port to be allowed/open to certain websites (to certain VIPs). (As some background - this is an SFTP style client based connection. )
My ACL configuration is open - ip any any - but i even created one specific to this port number. (let's just say it's 7777 for now). I've done captures on the firewall to make sure that traffic from external requests is getting through it, and when I try to connect to the real server address (either NATed or internally), it connects just fine. I am unable to see the connection attempts in the logging on the ACE and the error message that the client app gets is "connection refused"
I'm not good with policy maps or class maps, so I'm not sure if that's where I need to be looking. I suppose that the issue is at the VIP level though since the server IPs work fine, so I need to understand what gets processed via that IP that doesn't via the others.
So if I currently have websites on the ACE configured to accept, redirect, and loadbalance for port 80 and 443, but I now need them to do the same on port 7777, what changes need to be applied and where?
I can paste any config info if someone can help me. Thanks.
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...