ACE 4710 Appliance GUI configuration

I am having an issue with configuration of the GUI for the 4710. If I am using local authentication, the GUI works fine. However when I turn on aaa and use radius to authenticate, I am unable to log into the GUI.
When I place the 4710 into debug for aaa, I am sucessfully authenticating. My radius server's logs state the same.
Has anyone run across this?

Are you able to login to the CLI using AAA? Have you configued the role and domain for the user on your AAA server? Here is some documenation on configuring the role and domain for a use on the AAA server:
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/configuration/security/guide/aaa.html#wp1321891

Similar Messages

  • VLAN Tagging on the ACE 4710 Appliance

    Hello all,
    I have a quick question. How does the ACE 4710 Appliance works with VLAN tagging? I have virtual servers that I am trying to configure behind ACE. The VMs support VLAN tagging. Can I just trunk to link to my core switch and allow the ACE vlans to pass through?
    Your help is greatly appreciated.

    ACE 4710 support dot1q trunkning.
    Configure the interface between 4710 and core switch as a trunk.
    Same between your VMS and core switch.
    Gilles

  • ACE 4710 Appliance: init: failed to initialize modlock_init(): No such file or directo

    Hi,
    I have ACE 4710 Appliance, but it is failed and giving following error while login at console.....
    I am suspecting hardware issue..most probably with harddrive.... Please let me know if it can be recoverable of only replacement is the solution..
    switch login: init: failed to initialize modlock_init(): No such file or directo                                                                             ry
    eth2: ERROR while getting interface flags: No such device
    perform_sysmgr_offline: unable to move MTS to MTS_STATE_OFFLINE: Invalid argumen                                                                             t (error-id 0x801E0016).
    init: failed to initialize modlock_init(): No such file or directory
    eth2: ERROR while getting interface flags: No such device
    perform_sysmgr_offline: unable to move MTS to MTS_STATE_OFFLINE: Invalid argumen                                                                             t (error-id 0x801E0016).
    init: failed to initialize modlock_init(): No such file or directory
    eth2: ERROR while getting interface flags: No such device
    perform_sysmgr_offline: unable to move MTS to MTS_STATE_OFFLINE: Invalid argumen                                                                             t (error-id 0x801E0016).
    /isan/sbin/sysmgr: symbol lookup error: /isan/lib/libutils.so: undefined symbol:                                                                              tftp_callback_fn
    Regards
    Nadeem

    Hi,
    I RMAed the appliace, i think it was hardware failure which casue this issue.
    If some one face this issue please let me know...Thanks!
    Regards
    Nad

  • ACE 4710 - need help configuring backend server monitoring

    Currently running an ACE 4710, which is handling all of our inbound SSL connections and then forwarding requests thru
    to backend web servers. This all works fine.
    My question is this..Right now we are not load balancing any of the backen web servers. But I now have a requirement that should
    a web server crash or become unavailable I need to redirect that backend connection to another web server.
    Scenario is more like I have 2 web servers both serving same content, but I want one server to take all the connections unless it fails, at that point
    have all the connections forwarded to 2nd server.
    Is there a way to setup the load balancing where the 1st server gets all the connections until a failure happens ?
    Any help would be appreciated.
    Cheers
    Dave                  

    Hi Dave,
    You can use sorry-server or backup server feature. details can be found at
    http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/rsfarms.html#wp1000264

  • Schedule reload on ACE 4710 appliance?

    Is it possible to schedule a reload of an ACE appliance? Can yuo advise cmd's if so. Regards William

    Finally found it in the command reference guide too.
    reload
    To reload the configuration on the ACE, use the reload command.
    reload
    Syntax Description
    This command has no keywords or arguments.
    Command Modes
    Exec
    Admin context only
    http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/command/reference/execmds.html#wp1361286

  • ACE 4710 Appliance end-to-end SSL

    Hello,
    Am I able to use a port other than 443 to the servers in a end to end SSL config?  For example, 443 to the users and 8443 to the servers?
    Thanks,
    Dave

    Hi Dave,
    Sure that's not a problem at all.  Just make sure you add the 8443 after the rserver name in the serverfarm configuration
    serverfarm host REAL_SERVERS
      probe HTTPS-KEEPALIVE
      rserver SERVER_01 8443
        inservice
      rserver SERVER_02 8443
        inservice
    Hope this helps,
    Sean

  • ACE 4710 Appliance action list

    Hello,
    I am running an action-list for an SSL rewite and need to configure another SSL rewrite for a different VIP/site.  Can I add to that same action-list and reference in a different policy-map?  Or, do I need to create a new action-list for each VIP?
    Thanks,
    Dave

    I guess you'd better define a separate action-list for each site/VIP as it usually (always (-: ) contains the site name/IP:
    action-list type modify http SSL_ACTLIST
      ssl url rewrite location sysanlbs|sysanlbs\.sysa\.acme\.hu|10\.222\.6\.[148]

  • ACE 4710: No image in GRUB loader

    I have an ACE 4710 appliance that has only a Linux kernel in its GRUB loader, no ACE image.  Is anyone aware of how I could copy the image to the ACE via TFTP, USB drive, etc.?

    Hi Joe,
    Take a look at this link.  It will show you how to copy and image to the ACE using the ACE-APPLIANCE-RECOVERY-IMAGE.bin.  If it can't find this, then you may need to RMA the device.
    Reformatting the Flash Memory
    http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_2_x/configuration/admin/guide/managesw.html#wp1069378
    Hope this helps,
    Sean

  • ACE 4710 in failover - ssl offload, cert for second ACE

    Hi,
    I'm testing two ACE 4710 appliances that should work in active/standby mode and do ssl offload in bridged mode.
    At the moment I have configured one of the devices to do basic load balancing (without ssl offload).
    Now I would like to move further and configure ssl offload and configure High availability.
    I read that the certificate for ssl can be localy generated on the ACE device but I couldn't find any information regarding the cert that should be used on the second ACE.
    Should I generate a new cert od the standby unit or somehow use the one on the first ACE?
    Is it better to first set up high availability and then configure ssl offload or vice versa?
    Does anyone have a config example of ssl offload and active/standby configuration?
    Thank you in advance.

    You simply need to generate keys & CSR on the primary ACE. Export the Keys from Primary ACE, Import these keys to Standby ACE and once you recieve the certs from CA then simply import the cert to both ACEs.
    FOllowing will be steps to achive that
    On primary Ace
    1. create RSA Keys
    crypto generate key 2048 app1.key
    2. Create CSR & send it to CA
    ace/Admin(config)# crypto csr-params app1-csr
    ace/Admin(config-csr-params)# common-name www.app1.com
    ace/Admin(config-csr-params)# country US
    ace/Admin(config-csr-params)# email [email protected]
    ace/Admin(config-csr-params)# locality xyz
    ace/Admin(config-csr-params)# organization-name xyz
    ace/Admin(config-csr-params)# organization-unit xyz
    ace/Admin(config-csr-params)# state CA
    ace/Admin(config-csr-params)# serial-number 1234
    ace/Admin(config-csr-params)# end
    ace/Admin(config)# crypto generate csr app1-csr app1.key
    (copy the result to a file)
    4. Import certificate recieved from CA
    crypto import terminal app1.cert
    (pasted the content from the cert)
    5. verify the cert & keys match
    crypto verify app1.key app1.cert
    6. Export the keys from Active
    crypto export app1.key
    (copy the result to a file)
    ON Standby ACE:
    1. Import the keys
    crypto import terminal app1.key
    2. Import the cert
    crypto import terminal app1.cert
    3.verify the cert & keys match
    crypto verify app1.key app1.cert
    Hope this helps
    Syed

  • ACE 4710 FT failover failure

    Hello,
    I am running redundant ACE 4710 appliances running A3(2.7).  I have five FT groups configured along with FT Tracking and when the vlans fail due to physical links being down, the contexts to do not failover.  If one of the ACE boxes fail completely, failover works fine.  I have included the FT config from one of the contexts below.  I have a case open with TAC and the Engineer is suggesting the use of a query interface in additon to FT Tracking.  We have had two incidents on separate contexts where we lost a physical interface on the primary ACE, one for the maintenance of the core switch, the other was a cable disconnect and we are unable to understand why the indivdual context didn't failover.  Any ideas would be much appreciated.  Let me know if more info/configs are needed.
    Dave
    ft interface vlan 900
      ip address 10.10.10.1 255.255.255.0
      peer ip address 10.10.10.2 255.255.255.0
      no shutdown
    ft peer 1
      heartbeat interval 300
      heartbeat count 20
      ft-interface vlan 900
    ft group 3
      peer 1
      no preempt
      priority 210
      peer priority 120
      associate-context XYZ
      inservice
    FT Group                     : 3
    No. of Contexts             : 1
    Context Name                 : XYZ
    Context Id                   : 2
    Configured Status           : in-service
    Maintenance mode             : MAINT_MODE_OFF
    My State                   : FSM_FT_STATE_ACTIVE
    My Config Priority           : 210
    My Net Priority             : 210
    My Preempt                   : Disabled
    Peer State                   : FSM_FT_STATE_STANDBY_HOT
    Peer Config Priority         : 120
    Peer Net Priority           : 120
    Peer Preempt                 : Disabled
    Peer Id                     : 1
    Last State Change time       : Wed Jan 11 13:14:16 2012
    Running cfg sync enabled     : Enabled
    Running cfg sync status     : Running configuration sync has completed
    Startup cfg sync enabled     : Enabled
    Startup cfg sync status     : Startup configuration sync has completed
    Bulk sync done for ARP: 0
    Bulk sync done for LB: 0
    Bulk sync done for ICM: 0
    show int
    vlan424 is up, VLAN up on the physical port
    Hardware type is VLAN
    MAC address is 00:1e:68:1e:ba:b7
    Virtual MAC address is 00:0b:fc:fe:1b:03
    Mode : routed
    IP address is 10.104.224.6 netmask is 255.255.255.0
    FT status is active
    Description:"New Server VIP and real"
    MTU: 1500 bytes
    Last cleared: never
    Last Changed: Sun Mar 11 01:13:12 2012
    No of transitions: 3
    Alias IP address is 10.104.224.5 netmask is 255.255.255.0
    Peer IP address is 10.104.224.7 Peer IP netmask is 255.255.255.0
    Assigned on the physical port, up on the physical port
    Previous State: Sun Mar 11 00:04:57 2012, VLAN not up on the physical port
    Previous State: Sun Sep 18 10:21:15 2011, administratively up
         3991888419 unicast packets input, 23734607976687 bytes
         20246934 multicast, 174801 broadcast
         0 input errors, 0 unknown, 0 ignored, 0 unicast RPF drops
         1609345958 unicast packets output, 23690663385228 bytes
         7 multicast, 55807 broadcast
         0 output errors, 0 ignored

    Dave,
    For tracking to work you need to have preempt enabled. Can you try enabling preempt under the ft group and test your tracking again? Another potential issue you may run into is if your tracking is not lowering the priority enough when it fails. The difference between the active and standby device is 100. If you are not decrementing the priority greater than this value even if priority is enabled it will not lower it enough to force the failover. If after enabling preempt on this group the tracking still does not work as expected send you whole config for us to look at.
    Regarding the query interface; This is not a bad idea. It will help prevent an active active situation if there is a problem with the ft link between the two modules.
    Thanks
    Jim

  • ANM 5.2 unable to import ACE 4710

    Good day,
    I am currently experiencing a problem while trying to import multiple 4710 ACE Appliances into ANM. ANM version is 5.2 and ACE 4710 Appliances version is 5.1.2. The error message is the same for all Appliances (currently 14, more to be deployed this year, another 12 this year). The management class, policy-map and servcie policy are all in place.
    The error message is below:
    Any assistance would be greatly appreiated.
    Thank you.
    Paul

    Paul,
    Can you get a show tech-support?
    After that, can you do the following:
    1. "dm status"
    2. "dm reload"
    3. "dm status"
    I think you probably may require to reboot the box but it will be better to open a TAC case for that and check deeper.
    Hope this helps!
    Jorge

  • Server-conn reuse stats on ACE 4710?

    Hi,
    Does anyone know if it's possible to get the server-conn reuse stats on an ACE 4710 appliance?  I'd like to confirm that it's working and ideally see the number of resued connections.
    Thanks,
    Jim

    Scimitar1/Admin# show np 1 me-stats "-socm -v" | i [uU][sS][eE]
    Reuse retrieve link update conn invalid           0             0
    Reuse retrieve link update conn not on r          0             0
    Reuse retrieve success but conn invalid:          0             0
    Reuse retrieve miss:                              0             0
    Reuse conns retrieved:                            0             0
    Scimitar1/Admin#
    The last 2 indicates if a new connection is needed (miss) or if we could retrieve an existing one.
    Gilles.

  • Can't install ACE 4710 license

    Hi,
    I've tried to installed the license, but is not successful, below are the steps which i've taken to installed the license, with error messages. pls. assist.
    CBJ6-LBDMZ2/Admin# copy tftp://10.2.18.66/ACE20090909090659371.lic disk0:
    Enter the destination filename[]? [ACE20090909090659371.lic]
    Trying to connect to tftp server......
    TFTP get operation was successful
    685 bytes copied
    CBJ6-LBDMZ2/Admin# license install disk0:ACE20090909090659371.lic
    Installing license... failed: Can't install this license with the current count

    CBJ6-LBDMZ2/Admin# show licen
    ACE20090727112500202.lic:
    SERVER this_host ANY
    VENDOR cisco
    INCREMENT ACE-AP-01-LIC cisco 1.0 permanent 1 \
            VENDOR_STRING=1 HOSTID=ANY \
            NOTICE="200907271125002021 \
            1211J5CB363" SIGN=F2E3AFA69526
    I think you have an HW appliance (code: ACE-4710-K9) with one a la carte license ( ACE-AP-01-LIC).
    You bought a Bundle upgrade license, and  this is not compatibly with you current license ( a la carte license).
    To use the  ACE-4710-BUN-UP2= ( 1G Bundle to 2G Bundle Upgrade License) you need to have a bundle product like the
    ACE-4710-1F-K9.
    Check this:
    Table 1     ACE Licensing Bundles
    License Model Description Upgrade Path
    ACE-4710-0.5F-K9
    This license bundle includes the following items:
    •ACE 4710 appliance
    •0.5-Gbps throughput license (ACE-AP-500M-LIC)
    •100-Mbps compression license (ACE-AP-C-100-LIC)
    •100 SSL transactions per second (TPS) license (ACE-AP-SSL-100-K9)
    •5 virtual contexts license (ACE-AP-VIRT-5)
    •Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
    You have the option to upgrade to the 1-Gbps, 2-Gbps, or 4-Gbps bundle.
    Start the upgrade with ACE-4710-BUN-UP1=.
    ACE-4710-1F-K9
    This license bundle includes the following items:
    •ACE 4710 appliance
    •1-Gbps throughput license (ACE-AP-01-LIC)
    •500-Mbps compression license (ACE-AP-C-500-LIC)
    •5000 SSL TPS license (ACE-AP-SSL-05K-K9)
    •5 virtual contexts license (ACE-AP-VIRT-5)
    •Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
    You have the option to upgrade to the 2-Gbps or 4-Gbps bundle.
    Start the upgrade with ACE-4710-BUN-UP2=.
    ACE-4710-BAS-2PAK
    This license bundle includes the following items:
    •Two ACE 4710 appliances
    •1-Gbps throughput license (ACE-AP-01-LIC)
    ACE-4710-BAS-2PAK also includes the following default options:
    •1000 SSL TPS
    •100-Mbps compression
    •5 virtual contexts
    •Application acceleration (50 connections)
    You have the option to upgrade to the 2-Gbps or 4-Gbps bundle.
    Start the upgrade with ACE-4710-BUN-UP2=. Two upgrade licenses are  required for upgrading two units of the ACE-4710-BAS-2PAK bundle.
    ACE-4710-2F-K9
    This license bundle includes the following items:
    •ACE 4710 appliance
    •2-Gbps throughput license (ACE-AP-02-LIC)
    •1-Gbps compression license (ACE-AP-C-1000-LIC)
    •7500 SSL TPS license (ACE-AP-SSL-07K-K9)
    •5 virtual contexts license (ACE-AP-VIRT-5)
    •Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
    You have the option to upgrade to the 4-Gbps bundle.
    Start the upgrade with ACE-4710-BUN-UP3=.
    ACE-4710-4F-K9
    This license bundle includes the following items:
    •ACE 4710 appliance
    •4-Gbps throughput license (ACE-AP-04-LIC)
    •2-Gbps compression license (ACE-AP-C-2000-LIC)
    •7500 SSL TPS license (ACE-AP-SSL-07K-K9)
    •5 virtual contexts license (ACE-AP-VIRT-5)
    •Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
    This is the highest value bundle.
    ACE-4710-BUN-UP1
    0.5 to 1-Gbps throughput bundle upgrade license
    See the Upgrade Path outlined above.
    ACE-4710-BUN-UP2
    1 to 2-Gbps throughput bundle upgrade license
    See the Upgrade Path outlined above.
    ACE-4710-BUN-UP3
    2 to 4-Gbps throughput bundle upgrade license
    See the Upgrade Path outlined above.
    Table 2     ACE Licensing Options
    Feature License Model Description
    Performance Throughput
    Default
    1-Gbps throughput.
    ACE-AP-500M-LIC
    0.5-Gbps throughput.
    ACE-AP-01-LIC
    1-Gbps throughput.
    ACE-AP-02-LIC
    2-Gbps throughput.
    ACE-AP-04-LIC
    4-Gbps throughput.
    ACE-AP-02-UP1
    Upgrade from 1-Gbps to 2-Gbps throughput.
    ACE-AP-04-UP1
    Upgrade from 1-Gbps to 4-Gbps throughput.
    ACE-AP-04-UP2
    Upgrade from 2-Gbps to 4-Gbps throughput.
    Virtualization
    Default
    1 admin/5 user contexts.
    ACE-AP-VIRT-020
    1 admin/20 user contexts.
    SSL
    Default
    100 TPS.
    ACE-AP-SSL-05K-K9
    5000 TPS.
    ACE-AP-SSL-07K-K9
    7500 TPS.
    ACE-AP-SSL-UP1-K9
    Upgrade from 5000 TPS to 7500 TPS.
    HTTP Compression
    Default
    100-Mbps.
    ACE-AP-C-500-LIC
    500-Mbps.
    ACE-AP-C-1000-LIC
    1-Gbps.
    ACE-AP-C-2000-LIC
    2-Gbps.
    ACE-AP-C-UP1
    Upgrade from 500-Mbps to 1 Gbps.
    ACE-AP-C-UP2
    Upgrade from 500-Mbps to 2 Gbps.
    ACE-AP-C-UP3
    Upgrade from 1 Gbps to 2 Gbps.
    Application Acceleration Feature Pack License
    ACE-AP-OPT-LIC-K9
    Application acceleration and optimization. By default, the ACE performs  up to 50 concurrent connections. With the application acceleration and  optimization software feature pack installed, the ACE can provide  greater than 50 concurrent connections.
    This license increases the operating capabilities of the following features:
    •Delta optimization
    •Adaptive dynamic caching
    •FlashForward
    •Dynamic Etag
    ACE-AP-02-LIC=
    Upgrade Performance License 2   Gbps Spare

  • Unable to GUI into an 4710 appliance

    Hi..we have a pair of 4710 appliances and we're able to ssh and HTTPS into one, but not HTTPS into the other. Is there a  "lighting rod" as far as configuring the GUI access on the 4710 appliance?
    Thanks

    I am not getting a login page at all for the primary ACE, but getting a full login page and able to login to the stand-by device. The Admin Context between the two contexts are identical. Below is the Admin Context config:
    logging enable
    logging buffered 6
    resource-class ABC
      limit-resource all minimum 75.00 maximum unlimited
    boot system image:c4710ace-mz.A3_2_0.bin
    peer hostname LB2-A
    hostname LB2-S
    interface gigabitEthernet 1/1
      channel-group 1
      no shutdown
    interface gigabitEthernet 1/2
      channel-group 1
      no shutdown
    interface gigabitEthernet 1/3
      channel-group 1
      no shutdown
    interface gigabitEthernet 1/4
      channel-group 1
      no shutdown
    interface port-channel 1
      switchport trunk allowed vlan 201-204
      no shutdown
    clock timezone standard EST
    class-map type management match-any ACCESS
      2 match protocol https any
      3 match protocol icmp any
      5 match protocol ssh any
    policy-map type management first-match REMOTE-ACCESS_PL
      class ACCESS
        permit
    interface vlan 202
      ip address 10.11.202.251 255.255.255.224
      peer ip address 10.11.202.250 255.255.255.224
      service-policy input REMOTE-ACCESS_PL
      no shutdown
    ft interface vlan 203
      ip address 10.11.202.10 255.255.255.224
      peer ip address 10.11.202.11 255.255.255.224
      no shutdown
    ft peer 1
      heartbeat interval 300
      heartbeat count 10
      ft-interface vlan 203
      query-interface vlan 202
    ft group 1
      peer 1
      priority 75
      associate-context Admin
      inservice
    ip route 0.0.0.0 0.0.0.0 10.11.202.254
    context GAP
      allocate-interface vlan 201-202
      allocate-interface vlan 204
      member ABC
    context GAPDev1
      allocate-interface vlan 201-202
      allocate-interface vlan 204
    context GAPQA1
      allocate-interface vlan 201-202
      allocate-interface vlan 204
    snmp-server community GAP-MEDI group Network-Monitor
    ft group 2
      peer 1
      priority 75
      associate-context GAP
      inservice
    Thanks..

  • Need help to Configure Cisco ACE 4710 Cluster Deployment

    Dear Experts,
    I'm newbie for Cisco ACE 4710, and still I'm in learning stage. Meanwhile I got chance at my work place to deploy a Cisco ACE 4710 cluster which should load balance the traffic between  two Application Servers based on HTTP and HTTPS traffic. So I was looking for good deployment guide in Cisco SBA knowledge base then finall found this guide.
    http://www.cisco.com/en/US/docs/solutions/SBA/February2013/Cisco_SBA_DC_AdvancedServer-LoadBalancingDeploymentGuide-Feb2013.pdf
    This guide totally fine with my required deployment model. I have same deployment environment as this guide contains with ACE cluster that connects to two Cisco 3750X (Stack) switches. But I have some confusion places in this guide
    This guide follow the "One-armed mode" as a deployment method. But when I go through it further I have noticed that they have configured server VLAN as a 10.4.49.0/24 (all servers reside in it) and Client side VIP also in same VLAN which is 10.4.49.100/24 (even NAT pool also).
    My confusion is, as I have learned about Cisco ACE 4710 one-armed mode deployment method, it should has two VLAN segments, one for Client side which client request come and hit the VIP and then second one for Server side. which means besically two VLANs. So please be kind enough to go through above document then tell me where is wrong, what shoud I need to do for the best. Please this is an urgent, so need your help quickly.
    Thanks....!
    -Amal-

    Dear Kanwal,
    I need quick help for you. Following are the Application LB requirements which I received from my clinet side.
    Following detail required for configuring Oracle EBS Apps tier on HA:
    LBR IP and Name required to configure EBS APPS Tier (i.e, ap1ebs & ap2ebs nodes)
    Suggested IP and Name for LBR:
    IP : 172.25.45.x [should be on same 172.25.45 subnet of ap1ebs & ap2ebs nodes]
    ebiz.xxxx.lk [on port 80 for http protocol accessibility]
    This LBR IP & name must be resolve and respond on DNS network
    Server Farm detail for LBR Setup
    Following detail will be use for configuring the LBR:
    LBR IP and Name :
    IP : 172.25.45.x [should be on same 172.25.45 subnet of ap1ebs & ap2ebs nodes]
    ebiz.xxxx.lk [on port 80 for http protocol accessibility]
    This LBR IP & name must be resolve and respond on DNS network
    Server Farm Detail for LBR setup:
    Server 1 (EBS App1 Node, ap1ebs):
    IP : 172.25.45.19
    Server Name: ap1ebs.xxxx.lk [ap1ebs hostname is an example, actual hostname will be use]
    Protocol: http
    Port: 8000
    Server 2 (EBS App2 Node, ap2ebs):
    IP : 172.25.45.20
    Server Name: ap2ebs.xxxx.lk [ap2ebs hostname is an example, actual hostname will be use]
    Protocol: http
    Port: 8000
    Since my client needs to access URL ebiz.xxxx.lk which should be resolved by IP 172.25.45.21 (virtual IP) via http (80) before they deploy the app on the two servers I just ran web service on both servers (Linux) and was trying to access http://172.25.45.21 it was working fine and gave me index.html page. Now after my client has deployed the application then when he tries to access the page http://172.25.45.21 he cannot see his main login page. But still my testing web servers are there on both servers when I type http://172.25.45.21 it will get index.html page, but not my client web login page. What can I do for this ?
    Following are my latest config :
    probe http Get-Method
      description Check to url access /OA_HTML/OAInfo.jsp
      interval 10
      faildetect 2
      passdetect interval 30
      request method get url /OA_HTML/OAInfo.jsp
      expect status 200 200
    probe udp http-8000-iRDMI
      description IRDMI (HTTP - 8000)
      port 8000
    probe http http-probe
      description HTTP Probes
      interval 10
      faildetect 2
      passdetect interval 30
      passdetect count 2
      request method get url /index.html
      expect status 200 200
    probe https https-probe
      description HTTPS traffic
      interval 10
      faildetect 2
      passdetect interval 30
      passdetect count 2
      ssl version all
      request method get url /index.html
    probe icmp icmp-probe
      description ICMP PROBE FOR TO CHECK ICMP SERVICE
    rserver host ebsapp1
      description ebsapp1.xxxx.lk
      ip address 172.25.45.19
      conn-limit max 4000000 min 4000000
      probe icmp-probe
      probe http-probe
      inservice
    rserver host ebsapp2
      description ebsapp2.xxxx.lk
      ip address 172.25.45.20
      conn-limit max 4000000 min 4000000
      probe icmp-probe
      probe http-probe
      inservice
    serverfarm host ebsppsvrfarm
      description ebsapp server farm
      failaction purge
      predictor response app-req-to-resp samples 4
      probe http-probe
      probe icmp-probe
      inband-health check log 5 reset 500
      retcode 404 404 check log 1 reset 3
      rserver ebsapp1 80
        conn-limit max 4000000 min 4000000
        probe icmp-probe
        inservice
      rserver ebsapp2 80
        conn-limit max 4000000 min 4000000
        probe icmp-probe
        inservice
    sticky http-cookie jsessionid HTTP-COOKIE
      cookie insert browser-expire
      replicate sticky
      serverfarm ebsppsvrfarm
    class-map type http loadbalance match-any default-compression-exclusion-mime-type
      description DM generated classmap for default LB compression exclusion mime types.
      2 match http url .*gif
      3 match http url .*css
      4 match http url .*js
      5 match http url .*class
      6 match http url .*jar
      7 match http url .*cab
      8 match http url .*txt
      9 match http url .*ps
      10 match http url .*vbs
      11 match http url .*xsl
      12 match http url .*xml
      13 match http url .*pdf
      14 match http url .*swf
      15 match http url .*jpg
      16 match http url .*jpeg
      17 match http url .*jpe
      18 match http url .*png
    class-map match-all ebsapp-vip
      2 match virtual-address 172.25.45.21 tcp eq www
    class-map type management match-any remote_access
      2 match protocol xml-https any
      3 match protocol icmp any
      4 match protocol telnet any
      5 match protocol ssh any
      6 match protocol http any
      7 match protocol https any
      8 match protocol snmp any
    policy-map type management first-match remote_mgmt_allow_policy
      class remote_access
        permit
    policy-map type loadbalance first-match ebsapp-vip-l7slb
      class default-compression-exclusion-mime-type
        serverfarm ebsppsvrfarm
      class class-default
        compress default-method deflate
        sticky-serverfarm HTTP-COOKIE
    policy-map multi-match int455
      class ebsapp-vip
        loadbalance vip inservice
        loadbalance policy ebsapp-vip-l7slb
        loadbalance vip icmp-reply active
        nat dynamic 1 vlan 455
    interface vlan 455
      ip address 172.25.45.36 255.255.255.0
      peer ip address 172.25.45.35 255.255.255.0
      access-group input ALL
      nat-pool 1 172.25.45.22 172.25.45.22 netmask 255.255.255.0 pat
      service-policy input remote_mgmt_allow_policy
      service-policy input int455
      no shutdown
    ft interface vlan 999
      ip address 10.1.1.1 255.255.255.0
      peer ip address 10.1.1.2 255.255.255.0
      no shutdown
    ft peer 1
      heartbeat interval 300
      heartbeat count 10
      ft-interface vlan 999
    ft group 1
      peer 1
      no preempt
      priority 110
      associate-context Admin
      inservice
    ip route 0.0.0.0 0.0.0.0 172.25.45.1
    Hope you will reply me soon
    Thanks....!
    -Amal-

Maybe you are looking for

  • Cálculo de Impostos TAXBRA e TAXBRJ

    Pessoal, Estou em um projeto de migração de TAXBRJ para TAXBRA e me deparei com uma questão nos processos de SD. Em alguns testes preliminares constatei que a TAXBRA só está considerando o Código de Imposto para o cálculo, independente do IVA determi

  • Idoc to soap sync without bpm. is it possible? Helping me..

    Hi Experts, i have a small clarification Idoc to soap sync interface in sap pi 7.0. i created IDoc to Soap sync using BPM but some times the signals are stuck due to load issue in swpr, while reprocess those signals all going successfully to the rece

  • My account has been cancelled

    Last night I received an email telling me I had placed an order to cancel my line and broadband. I never made this order, especially after having to wait TWO months to have my home move order activated.  I have called to cancel this order this mornin

  • Downloaded Safari 5, doesn't show after multiple installs / reboots

    I went to apple.com and downloaded the latest is Safari 5 at http://www.apple.com/safari/download/ and downloaded the package, ran installation and then rebooted the Mac. I tried this several times. When I tried to check for any Safari, it doesn't sh

  • ACE Graceful Server Shutdown with Sticky

    I would like a way to gracefully shutdown a server without killing the sessions of the current users on that server. I know the "no inservice" command will allow the server to finish servicing existing TCP connections, but what happens to the users t