Application Delivery (ADX)

Reply
Occasional Contributor
Posts: 6
Registered: ‎03-17-2010

Problems with Policies SSL-CSW (insert-cookie and request-insert together)

Hi Group:

When the client enters https://abc.com.pe the ADX should rewrites the request at https://abc.com.pe/file2/ before negotiating the keys and Certificates. The below configuration not work to insert cookie (to persistence) and rewrites at the same time (together in a only policies). Which is the better recommendation  to achieve this scenario.  Is Settings correct?, this can be achieved? is this possible?

The ADX is Switch Code and is connected on interface ethernet 1 (one-arm).

The solution use Certificate wildcard and also the reals server and Virtual server belong same network

Copyright (c) 1996-2009 Brocade Communications Systems, Inc.

Boot Version 12.4.00T405 Nov 21 2011 15:10:38 PST label: dob12400

Monitor Version 12.4.00T405 Nov 21 2011 15:10:38 PST label: dob12400

System Version 12.4.00cT401 Sep 12 2012 15:04:25 PDT label: ASM12400c

AXP Version: 1.18 Dated: 2012/03/16 14:18:57

PAX Version: 8.6 Dated: 2011/11/28 10:12:32

MBRIDGE Version: 000b, Device ID # bebe

==========================================================================

Type:   ServerIron ADX 1016-2

      Backplane Serial #:   E20548G71A

      Chassis Serial #:   E30535H004

      LID #: gIFKIKjFFJ  License: SI-1016-2-SSL

      Part #:   35723-002

      SSL Card - Serial #: 1F0519H41Y       Part #: 40-1000373-02

      Version #: 13b626-05050505-111d8036-00

server source-nat-ip  10.120.140.205 255.255.0.0 10.120.140.1 port-range 1

csw-rule "chainredirect" response-header "Location" pattern "http://abc.com.pe/file2/inicio.action"

csw-rule "matchserverid" header "cookie" search "ServerID="

csw-rule "redirecthttps" response-status-code 200 400

csw-rule "urlinicio" url prefix "/abc.com.pe"


csw-policy "CookieS"

match "matchserverid" persist offset 0 length 4 group-or-server-id

match "matchserverid" rewrite request-insert client-ip ""

match "urlinicio" forward 1

match "urlinicio" rewrite request-insert "/file2/" offset 0

default forward 1

default rewrite insert-cookie

server virtual abc.com.pe 10.120.140.200

predictor round-robin

port ssl

no port ssl sticky

port ssl ssl-terminate profile1

port ssl response-rewrite-policy "responsehttp"

port ssl csw-policy "CookieS"

port ssl csw

port ssl keep-alive

port http sticky concurrent

bind ssl server1.com.pe 23306 server1.com.pe 23308 server2.com.pe 23306 server2.com.pe 23308


I tried to work with one http-CSW policies to rewrite firts http//abc.com.pe and then redirect to ssl but neither works

Please I need all your recomendatons

Contributor
Posts: 74
Registered: ‎08-18-2011

Re: Problems with Policies SSL-CSW (insert-cookie and request-insert together)

Hi,

I think there is an issue with the csw rule urlinicio. In http request the "abc.com.pe" will appear in HOST header and ADX will see the url as "/".

You may want to match if the url equals to "/" then replace it with "/file2/".

Please let me know if that works.

-Regards,

Mohit

-Mohit Sahni

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook