We have the following problem. We use ssl-termination on the ace. This should work as follows : Plain http-requests should go directly to the server (Port80) and https-requests should terminate on the ace and decryptet to the server with a "pseudo-https" (Port 8443/http) request.
After first http-request, the server sends a redirect to : "https://URL" for the Login procedure (this should be encryptet). After login, the server switch back to http.
Our problem now is the stickyness. This two connections should be sticky together, because only the server, where the client logged-in (https) knows about the user.
We have a config, which works, but not with "ONE" stickyness. Is there a solution to match these two connection together ?
You can see in the output of the sticky db, that the http-Part now matches on Server3 and the https-Part on Server1 (which should be the same).
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the checklist before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)
Business impact (eg, what kind of services...
moquery usageAPIC moquerySwitchmoquery
This document discuss a common issue observed during the VMM integration & VM workload migration to ACI fabric.
VMware Virtual machines are hosted in Cisco UCS-B seri...