Talk:Cisco Application Control Engine (ACE) Configuration Examples

From DocWiki

Revision as of 19:27, 2 March 2010 by Dakelley (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Hi Hani,

We respectfully ask you to seek technical support through the usual channels. If you do not have a support contract, try the NetPro Forum.

Thanks




Dears,

kindly note that i have problem with ACE Appliance 4710 that the Appliance worked OK with ping or telnet or http except specific http like [[1]]

So please Advice,


Please see here under the configuration:

access-list PERMIT_ALL line 8 extended permit ip any any access-list PERMIT_ALL line 16 extended permit icmp any any


probe icmp PROBE_SERVICE_ICMP

 interval 5
 passdetect interval 5

rserver host application1

 ip address 10.1.30.12
 probe PROBE_SERVICE_ICMP
 inservice

rserver host application2

 ip address 10.1.30.13
 probe PROBE_SERVICE_ICMP
 inservice

rserver host application3

 ip address 10.1.30.14
 probe PROBE_SERVICE_ICMP
 inservice

rserver host application4

 ip address 10.1.30.15
 probe PROBE_SERVICE_ICMP
 inservice


serverfarm host Application

 probe PROBE_SERVICE_ICMP
 rserver application1
   inservice
 rserver application2
   inservice
 rserver application3
   inservice
 rserver application4
   inservice

class-map match-all Application_CLASS

 2 match virtual-address 10.1.32.8 any


class-map type http loadbalance match-any L7default_CLASS

 2 match http url .*gif
 3 match http url .*css
 4 match http url .*js
 5 match http url .*class
 6 match http url .*jar
 7 match http url .*cab
 8 match http url .*txt
 9 match http url .*ps
 10 match http url .*vbs
 11 match http url .*xsl
 12 match http url .*xml
13 match http url .*pdf
 14 match http url .*swf
 15 match http url .*jpg
 16 match http url .*jpeg
 17 match http url .*jpe
 18 match http url .*jsp

class-map type management match-any TO-CP-POLICY

 2 match protocol http any
 3 match protocol icmp any
 4 match protocol telnet any
 5 match protocol snmp any
 6 match protocol ssh any
 7 match protocol https any


policy-map type management first-match TO-CP-POLICY

 class TO-CP-POLICY
   permit

policy-map type loadbalance first-match Application_POLICY

 class class-default
   serverfarm Application

policy-map type loadbalance first-match L7_POLICY

 class L7default_CLASS
 class class-default
   serverfarm Application
   compress default-method deflate

policy-map multi-match POLICY

   class Application_CLASS
   loadbalance vip inservice
   loadbalance policy Application_POLICY
   loadbalance vip icmp-reply active

service-policy input TO-CP-POLICY service-policy input POLICY

interface vlan 2

 ip address 10.1.32.4 255.255.255.0
 access-group input PERMIT_ALL
 no shutdown

interface vlan 10

 ip address 10.1.30.1 255.255.255.0
 access-group input PERMIT_ALL
 no shutdown

ip route 0.0.0.0 0.0.0.0 10.1.32.254

Personal tools