I am an ACE newbie - I have a two-tier ACE setup and I am basically trying to get the front-end ACE to divert to a sorry page if the back end servers hanging of the Back-end ACE do not reply to their probes.
I have the following setup...
DMZ ACE (doing SSL termination)
Reverse Proxy Server farm
Corporate LAN ACE
Application Server farm
DMZ ACE is probing Rev Proxy farm on TCP 2000 - and using sticky cookie insertion.
Corporate LAN ACE is probing App Server farm on TCP 2000 - and using sticky cookie insertion.
If the Application server farm becomes unavailable, I would like the DMZ ACE to detect this and then redirect the clients to a 'service unavailable' page hosted on the Reverse Proxy Servers.
My thought so far is the following...
probe icmp probe_icmp
ip address <App_Server_VIP>
rserver Rev_proxy1, Rev_proxy2
So the above Rev_proxy_farm availability is tied to the appearance of the App Server vip due to the directed icmp probe to the Corporate LAN ACE VIP - the VIP will disappear if the App Server farm does not respond to it's TCP probe.
I am then not sure how to redirect the HTTP request to the Reverse Proxy Server seeing as though these have already been flagged unavailable.
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...