Add two servers with ACE 4710
Dear All,
We have two servers (sharepoint ) and need to add it in ACE 4710 to works as internal no need WAN , how to add it ?
Thanks a lot in Advance
Hi,
Here's the example:
Let's say you have two servers
rserver host SERVER_01
ip address 192.168.1.11
inservice
rserver host SERVER_02
ip address 192.168.1.12
inservice
rserver host SERVER_03
ip address 192.168.1.13
inservice
You add them in serverfarm
serverfarm host REAL_SERVERS
rserver SERVER_01
inservice
rserver SERVER_02
inservice
rserver SERVER_03
inservice
After that you configure the VIP and condition. Here any means any protocol and port
class-map match-all VIP-30
2 match virtual-address 172.16.51.30 any
YOu define the L7 policy map
policy-map type loadbalance first-match SLB_LOGIC
class class-default
serverfarm REAL_SERVERS--------->Serverfarm to which traffic would be loadbalanced.
policy-map multi-match CLIENT_VIPS---->L3 policy map.
class VIP-30
loadbalance vip inservice
loadbalance policy SLB_LOGIC
nat dynamic 1 vlan 451----------------->You need to apply the NAT when your client is in same subnet as server so that return traffic comes back to ACE and not to client directly.
interface vlan 251
description Client vlan
ip address 172.16.51.11 255.255.255.0
access-group input ANYONE
service-policy input REMOTE_MGT
service-policy input CLIENT_VIPS
no shutdown
interface vlan 451
description Servers vlan
ip address 192.168.1.1 255.255.255.0
nat-pool 1 192.168.1.100 192.168.1.110 netmask 255.255.255.0 pat---->Nat pool defined. It should always be on server side vlan.
no shutdown
ip route 0.0.0.0 0.0.0.0 172.16.51.1
Regards,
Kanwal
Note: Please mark answers if they are helpful.
Similar Messages
-
SIP load balancing issue with ACE 4710
SIP Load balancing Issue with ACE 4710
I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
rserver host CIN-VOX-31
ip address 172.20.130.31
inservice
rserver host CIN-VOX-32
ip address 172.20.130.32
inservice
serverfarm host CIN-VOX
probe SIP-5060
rserver CIN-VOX-31
inservice
rserver CIN-VOX-32
inservice
sticky sip-header Call-ID VOX_SIP_GROUP
timeout 1
timeout activeconns
replicate sticky
serverfarm CIN-VOX
class-map match-all CIN_VOX_L4_CLASS
2 match virtual-address 172.22.12.30 any
class-map match-all CIN_VOX_SIP_L4_CLASS
2 match virtual-address 172.22.12.30 udp eq sip
policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
class class-default
sticky-serverfarm VOX_SIP_GROUP
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
class CIN_VOX_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
interface vlan 20
description VIP_DMZ_VLAN
ip address 172.22.12.4 255.255.255.192
alias 172.22.12.3 255.255.255.192
peer ip address 172.22.12.5 255.255.255.192
access-group input PERMIT-ANY-LB
service-policy input GLOBAL_DMZ_POLICY
could you please help me on this...
thanks
Rakesh PatelI mean there should be one more statement-
class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY
match sip header Call_ID header-value sip:
and that will be called under-
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
is that missing in your config ? -
Two servers with redundant connections for Sun StorEdge 3320 SCSI arrays
Hello All,
I read in the "Sun StorEdge 3000 Family Installation, Operation and Service Manual" that it's possible to setup "two servers with redundant connections" but I never see a detailed schema to do this. I read also the "Best Pratices Guide" but this case is not mentioned. Is it really possible ?
My objective is to split a Sun StoreEdge 3320 SCSI array between two hosts with dual redundant scsi connection.
Thanks in advance for your answers.
Francois.At first this sounded easy, but looking at the parts listing for the 3320 seems to indicate otherwise. They're listing different part numbers for the chassis and midplane...
371-0105 chassis & midplane for JBOD
371-0106 chassis & midplane for RAID array
There are also different part numbers for the I/O boards....
370-7655 RAID SCSI I/O module
370-7713 JBOD SCSI I/O module
I can see what the difference is between the I/O modules, but am unsure of what differences if any are in the chassis and midplane. Seems like there's more involved here than what it would be worth to try and make it work. Perhaps the cost of a second HBA would be the lesser of two evils.......... -
Monitoring two servers with same IIS configuration using SCOM
Hello,
We have two servers which has the same IIS configuration including sites names, how do we configure APM to monitor and get events captured on two different monitors on SCOM 2012 R2.
Thank you, Anand
Anand FranklinHi Anand,
There is no problem at all, if applications IIS paths (Web Site names + Web application name in IIS) absolutely match. Make sure both servers have SCOM Agent installed and connected to the same Management Group.
In .NET Application Performance Monitoring template just keep Target Group field blank (it's blank by default) - that will mean the application will be monitored on each server within Management Group where it's discovered. The same configuration of
APM monitoring will be used for all app instances.
If you want to monitor the app only on two servers, and at the same time the app is hosted on more than these two boxes, you can create Windows Computer group populated with appropriate servers and specify this group as Target for APM monitoring.
If you want to differentiate APM configuration for specific app instances, you should create several Windows Computer groups and bind each group with separate configuration - in this case you will have to run .NET Application Monitoring template several
times, picking up the same app, but changing APM settings and setting new Target Group.
Igor Savchenko, VIAcode Consulting LLC (http://www.viacode.com/) -
Installing oracle10g on two servers with same databae
Dear DBAs
I have two servers and one SCSI SATA box as storage device which i have configured in RAID5 format. Servers are connected to channel 0 and 1 of the SATA box respectively.My OS is RHEL ES-4
I want to install Oracle10g on these two machines with SATA box as the Databse Storage medium. I donot want to use RAC as my clients donot have DBA. The servers has to be configured in a failsafe method.hi gert
the SATA SCSI box is LSI Logic Megaraid sas 8408E. My aim is to have a backup server which needs to be switched on once the main server fails. I can afford for a little bit data loss. Only thing is the backup server should use the data files of the crashed server. -
Full URL re-direct with ACE 4710
Is there anyway to perform a redirect on the ACE 4710 so that it will redirect a request sent to the domain mydomain.com be redirected to www.mydomain.com, this is so that an installed SSL certificate will match.
ThanksThank you for your response, but the redirect would occur before any encyption.. for example today this is what happens
someone goes to
http://www.mydomain.com
and the ACE redirects the connection to
https://www.mydomain.com
What I want is for someone to go to
http://mydomain.com (without the www) and for it to redirect to
http://www.mydomain.com which will inturn redirect to https://www.mydomain.com
or it can just redirect to https://www.mydomain.com
So the encryption will not occur until it is redirected to teh correct websit -
Problem on connect to two servers with SSL
Hey all!
I've got a problem with connecting to two different servers via SSL in one Application. Every Connection works fine on its one via SSL.
But if i try to initialize a new connection it fails every time.
My thought is that the problem is the DriverManager. I'm not quite sure how this DriverManager works, but what i know is that it's a single-ton Class and with that maybe stores some parameters from the first connection which didn't get reloaded when trying to make a new connection.
Here's the way i create the connection ..
String host="best.host.ever";
int port="3306";
String MYSQL_URL="jdbc:mysql://"+this.host+":"+this.port+"/";
DBName="db_foobar";
sqlProps = new Properties();
sqlProps.setProperty("user","foo");
sqlProps.setProperty("password","bar");
sqlProps.setProperty("zeroDateTimeBehavior","convertToNull");
sqlProps.setProperty("useSSL","true");
System.setProperty("javax.net.ssl.trustStore", trustStore);
System.setProperty("javax.net.ssl.trustStorePassword", "trustpass");
System.setProperty("javax.net.ssl.keyStore", keyStore);
System.setProperty("javax.net.ssl.keyStorePassword", "keypass");
System.setProperty("javax.net.debug","ssl");
printDebug("[Konstruktor] : Connecting to "+MYSQL_URL);
try {
Class.forName("org.gjt.mm.mysql.Driver").newInstance();
this.conn = DriverManager.getConnection(MYSQL_URL+DBName,sqlProps);
connectionCount++;
initOK=true;
//Catch stuff following...Is it possible that the System.properties i'm setting are only readed one time by the DriverManager (if it's readed by the DriverManager at all)?
So when i initialize a new Object with different System.properties they may not get used again.
Hopefully somebody has an explanation or a solution for this.
Besides: If i launch the programm twice it's no problem to have to differen SSL connections at the same time.
Thanks for reading and in advance for trying to help!Yep, it's the standard authentication failure message. (The error code is 1045).
The Exception which is thrown is a SQLException with the message:
Access denied for user 'username'@'p54BB743D.dip.t-dialin.net' (using password: YES)
errorcode: 1045
The code i'm using runs well with one connection and even with multiple connections as long as not more than one connection are using SSL.
To explain:
The user has the possibility to run the application with a user defined data-source (the connection). You can add a new connection and the application will then add a tabbed pane with the same gui but uses the other data source then.
This runs fine with multiple connections (I managed to work on 3 differen intranet servers and 2 different servers online, one of them using SSL)
So all together 5 Connections. Now i wanted to add a 6th server with SSL two and thats the point where it crashes. (Both SSL Servers run perfect on their own with my application - only both together doesnt work).
About that: Class.forName, yes i'm using it every time when i make a new Connection. This is wrong? Could you explain why?
Anyway thanks for your answers so far!
Message was edited by:
Hotkey_ger -
Problems Balancing IIS servers with ACEs.
Hi ...
Pls your help in this case ...
I just configured an ACE solution for Web Balancing. The Web Servers are Microsoft Windows 2008 IIS.
The ACE is configured with two contexts, one for Web Servers and other for Application Servers (both in Microsoft solution).
The context were configured in "One Arm" for each subnet (web and apps).
In attached files I'm sending the configuration of ACE.
Any sugestion ?
The error we got in the browsing is:
System.Web.HttpException: Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.
Invalid viewstate. Client IP: 10.11.60.26 Port: 1173.Hello,
Have you checked if your application requires persistence? Even when both server may have the exact same content if the user gets rebalanced to a different server during the connection will fail and that error you're getting could be a probe of it.
Just to confirm try doing a no inservice under the secondary server in the serverfarm in question, clear all the caches and re-test.
If this indeed solves the issue then it can be easily solved using a sticky method such as source IP or cookie insertion.
HTH
Pablo -
Hi,
I need to configure ACE for load-balancing FTPS. And simply deploying L4 policies are not helping either. Configured the FTPS servers and both of them are working fine when accessed via physical IP, but do not work when accessed via the VIP.
if it is possible, a reference URL would really be a great help.Hi Rajiv,
Do you want to loadbalance SFTP ?
Or just have it pass through ??
Loadbalancing SFTP is difficult because it starts as regular FTP and switches over to SSL which ACE can't do and fails to understand.
you don't need anything to have it passthrough.
As long as you don't ask ACE to inspect the traffic, and assuming this traffic is permitted in your access-group, then there is nothing to do to have it go through.
I think your goal is to distribute inbound file deposits evenly across SFTP servers.
High-level Overview
Clients -> Internet -> Tier-1 Firewall -> ACE Load-balancer -> SFTP Servers
I would like to tell you that SFTP is nothing but SSH. It uses a single connection. There are no issues loadbalancing it using traditional Layer 4 load balancing.
So you are good.
On the other hand FTP over SSL (FTPS) can neither offloaded nor loadbalanced using ACE.
FTPS uses multiple channels and Since the control channel is encrypted, ACe is not able to get the port numbers for the data connections.
Kindly find these examples for FTP load balance method in cisco ACE:
1. FTP serverfarm on Cisco ACE
http://snippets101.blogspot.com/2007/06/ftp-serverfarm-on-cisco-ace.html
2. FTP Load Balancing on ACE in Routed Mode Configuration Example
http://docwiki.cisco.com/wiki/FTP_Load_Balancing_on_ACE_in_Routed_Mode_Configuration_Example
3. FTP Load Balancing on ACE in One-Arm Mode Configuration Example
http://docwiki.cisco.com/wiki/FTP_Load_Balancing_on_ACE_in_One-Arm_Mode_Configuration_Example
Kindly refer the folowing URL for Layer4 policies:
http://cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3048.shtml
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/classlb.html
http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Module_Troubleshooting_Guide,_Release_A2(x)_--_Troubleshooting_Layer_4_Load_Balancing
http://snippets101.blogspot.com/2008/08/cisco-ace-and-private-vlans-in-switch.html
http://snippets101.blogspot.com/2008/08/asymmetric-server-normalization-on.html
http://docwiki.cisco.com/wiki/Cisco_ACE_4700_Series_Appliance_Quick_Start_Guide,_Release_A3(1.0)_--_Configuring_Server_Load_Balancing
http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/configuration/security/guide/tcpipnrm.html#wpmkr1116809
Hope it will help you furhter in configuring the ACE load balancing L4 policies.
Kindly rate
Sachin Garg -
ACE 4710 SSL server LB with stickiness
I will be replacing 11500 CSS which are not doing SSL termination, just load-balancing SSL sessions terminated on servers with ACE 4710.
On their CSS config, they were doing SSL-sticky. I understand the 4710 doesn't support SSL sticky, but can perform the same function by parsing the HTTP header. Has anyone done this config before and know where/how to parse the header to look for the SSL session# and stick connections to same server?
THANKS!In Ace 2.x code GPP (Generic protocol parsing) was introduced that enables ACE to look into the Layer 4 payload.Which is how this stickiness id achieved.
details at
http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A2/configuration/slb/guide/sticky.html#wp1133923
I dont think its currently available on ACE appliance yet.
Syed -
CSS ACTIVE/ACTIVE SCENARIO WITH JUST TWO SERVERS ??? POSSIBLE??
Hi
I'm gonna have a setup of TWO CSS11503 Content Switches with standard WEBNS feature set
in an ACTIVE / ACTIVE VIP and Virtual interface redundancy scenario for load-balancing just
two web servers initially.
Can I hv this setup up & running if I configure the two servers with different default
gateway addresses on the private side and two static routes in the private side Layer3
for two different VIP addresses in the public side ??
Any better suggestions for this scenario.
ThanxFirstly - what Gilles said.
Having said that, I'm using some content switches in active/active modes in a couple of places in a geographically distributed gateway. Active/Active lets us improve our redundancy characteristics and allow for device failures as well as link failures between the gateways.
There are lots of complexities that arise if you take this path - you will need to do a lot of logical math and testing about traffic symmetry under all of the different failure conditions, because you introduce the possibility that response traffic could come back at L2/L3 through a different CSS than the request traffic. -
Dear All,
I have task to add two servers to work with ACE 4710 , the client is coming from internal network and the end host (our servers).
I don,t know how to connect it physically and do the configuration.
Thanks a lot in advance .Hi,
Below is basic configuration example with three real servers and Source NAT.
Let's say you have three servers:
rserver host SERVER_01
ip address 192.168.1.11
inservice
rserver host SERVER_02
ip address 192.168.1.12
inservice
rserver host SERVER_03
ip address 192.168.1.13
inservice
You add them in serverfarm
serverfarm host REAL_SERVERS
rserver SERVER_01
inservice
rserver SERVER_02
inservice
rserver SERVER_03
inservice
After that you configure the VIP and condition. Here any means any protocol and port
class-map match-all VIP-30
2 match virtual-address 172.16.51.30 any
YOu define the L7 policy map
policy-map type loadbalance first-match SLB_LOGIC
class class-default
serverfarm REAL_SERVERS--------->Serverfarm to which traffic would be loadbalanced.
policy-map multi-match CLIENT_VIPS---->L3 policy map.
class VIP-30
loadbalance vip inservice
loadbalance policy SLB_LOGIC
nat dynamic 1 vlan 451----------------->You need to apply the NAT when your client is in same subnet as server so that return traffic comes back to ACE and not to client directly or when your servers default GW is not ACE.
interface vlan 251
description Client vlan------------------->VIP is in this subnet
ip address 172.16.51.11 255.255.255.0
access-group input ANYONE
service-policy input REMOTE_MGT
service-policy input CLIENT_VIPS
no shutdown
interface vlan 451--------------->Server side subnet
description Servers vlan
ip address 192.168.1.1 255.255.255.0
nat-pool 1 192.168.1.100 192.168.1.110 netmask 255.255.255.0 pat---->Nat pool defined. It should always be on server side vlan.
no shutdown
ip route 0.0.0.0 0.0.0.0 172.16.51.1
I would also suggest going through the below for basic troubleshooting and understanding.
http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_%28ACE%29_Troubleshooting_Guide_--_Overview_of_ACE_Troubleshooting
Basic loadbalancing using routed mode:
http://docwiki.cisco.com/wiki/Basic_Load_Balancing_Using_Routed_Mode_on_the_Cisco_Application_Control_Engine_Configuration_Example
And if you have any questions, please put them here and we will be glad to help.
Regards,
Kanwal
Note: Please mark answers if they are helpful. -
Rservers initiated traffic not sourcing the traffic as VIP in Ace 4710
One of the feature of our application is that our Application Server initiate text message to our devices sourcing from UDP 1120 and device need to see the message come from a specific pubic IP (2.2.2.2) with UDP port 1120 and reply back with the same Public IP (2.2.2.2) with UDP port 1120.The problem is we can make that happen if we have only one server in our ACE Serverfarm when we do a SNAT the real servers with the VIP address (10.1.246.32) but it does not work when we have more than one server in the Serverfarm. Since we have 2 servers, i cannot nat the real servers with the VIP address, if I do a PAT, obviously it is changing the source port of the request.
Note: This setup is working fine with the Cisco Content Switch module running on chasis 6509. When I sniff the traffic initiated from the server coming the CSM load balancer, it is sourcing the traffic as the VIP and the source port remains the same by default but this is not the case with ACE 4710
Traffic flow as follows
===============
ACE 4710 FWSM (Firewall static NAT) Device ( configured with 2.2.2.2:1120 (udp) to snd/rcv msg)
VIP
Rserver 1 - 10.1.104.80 10.1.246.32 10.1.246.32 < - > 2.2.2.2 1.1.1.1
Rserver 2 - 10.1.104.81c
----------------------------------------------------------> -------------------------------> - traffic flow from server to the device when we send msg
Configs:
======
rserver host server1
ip address 10.1.104.80
inservice
rserver host server2
ip address 10.1.104.81
inservice
serverfarm host SFARM
failaction purge
probe ICMP
rserver server1
inservice
rserver server2
inservice
access-list TEST-1120 line 8 extended permit udp host 10.1.104.80 eq 1120 any
access-list TEST-1120 line 16 extended permit udp host 10.1.104.81 eq 1120 any
parameter-map type connection UDP_TIMEOUT
set timeout inactivity 3600
sticky ip-netmask 255.255.255.255 address source STKY-SFARM
serverfarm SFARM
timeout 180
replicate sticky
class-map match-all CLS-SFARM
2 match virtual-address 10.1.246.32 udp eq 1120
class-map match-all SERVERNAT
2 match access-list TEST-1120
policy-map type loadbalance first-match POL-SFARM
class class-default
sticky-serverfarm STKY-SFARM
policy-map multi-match POL-LB
class CLS-SFARM
loadbalance vip inservice
loadbalance policy POL-SFARM
loadbalance vip icmp-reply active
connection advanced-options UDP_TIMEOUT
class SERVERNAT
nat dynamic 1 vlan 244
int vlan 244
ip address 10.1.246.2 255.255.255.0
service-policy input POL-LB
nat-pool 1 10.1.246.32 10.1.246.32 netmask 255.255.255.255
mac-sticky enable
no icmp-guard
no shut
interface vlan 2506
ip address 10.1.104.2 255.255.255.0
service-policy input POL-LB
mac-sticky enable
no icmp-guard
no shutI see in CSS, they are able to nat the source ip address with VIP and port-mapping diabled. How do I implement
portmap disable in ACE 4710
Disabling Port Mapping
By default, the CSS NATs source IP addresses and PATs source ports for a configured source group. If you configure the portmap disablecommand in a source group, the CSS performs NAT on the source IP addresses but does not perform PAT on the source ports of UDP traffic that matches on that source group.
For UDP applications with high-numbered assigned ports (for example, SIP and WAP), we recommend that you preserve those port numbers by configuring destination services in source groups instead of using the portmap disable command. Destination services cause the CSS to NAT the client source ports, but not the destination ports. For information about configuring destination services, -
Can't install ACE 4710 license
Hi,
I've tried to installed the license, but is not successful, below are the steps which i've taken to installed the license, with error messages. pls. assist.
CBJ6-LBDMZ2/Admin# copy tftp://10.2.18.66/ACE20090909090659371.lic disk0:
Enter the destination filename[]? [ACE20090909090659371.lic]
Trying to connect to tftp server......
TFTP get operation was successful
685 bytes copied
CBJ6-LBDMZ2/Admin# license install disk0:ACE20090909090659371.lic
Installing license... failed: Can't install this license with the current countCBJ6-LBDMZ2/Admin# show licen
ACE20090727112500202.lic:
SERVER this_host ANY
VENDOR cisco
INCREMENT ACE-AP-01-LIC cisco 1.0 permanent 1 \
VENDOR_STRING=1 HOSTID=ANY \
NOTICE="200907271125002021 \
1211J5CB363" SIGN=F2E3AFA69526
I think you have an HW appliance (code: ACE-4710-K9) with one a la carte license ( ACE-AP-01-LIC).
You bought a Bundle upgrade license, and this is not compatibly with you current license ( a la carte license).
To use the ACE-4710-BUN-UP2= ( 1G Bundle to 2G Bundle Upgrade License) you need to have a bundle product like the
ACE-4710-1F-K9.
Check this:
Table 1 ACE Licensing Bundles
License Model Description Upgrade Path
ACE-4710-0.5F-K9
This license bundle includes the following items:
•ACE 4710 appliance
•0.5-Gbps throughput license (ACE-AP-500M-LIC)
•100-Mbps compression license (ACE-AP-C-100-LIC)
•100 SSL transactions per second (TPS) license (ACE-AP-SSL-100-K9)
•5 virtual contexts license (ACE-AP-VIRT-5)
•Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
You have the option to upgrade to the 1-Gbps, 2-Gbps, or 4-Gbps bundle.
Start the upgrade with ACE-4710-BUN-UP1=.
ACE-4710-1F-K9
This license bundle includes the following items:
•ACE 4710 appliance
•1-Gbps throughput license (ACE-AP-01-LIC)
•500-Mbps compression license (ACE-AP-C-500-LIC)
•5000 SSL TPS license (ACE-AP-SSL-05K-K9)
•5 virtual contexts license (ACE-AP-VIRT-5)
•Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
You have the option to upgrade to the 2-Gbps or 4-Gbps bundle.
Start the upgrade with ACE-4710-BUN-UP2=.
ACE-4710-BAS-2PAK
This license bundle includes the following items:
•Two ACE 4710 appliances
•1-Gbps throughput license (ACE-AP-01-LIC)
ACE-4710-BAS-2PAK also includes the following default options:
•1000 SSL TPS
•100-Mbps compression
•5 virtual contexts
•Application acceleration (50 connections)
You have the option to upgrade to the 2-Gbps or 4-Gbps bundle.
Start the upgrade with ACE-4710-BUN-UP2=. Two upgrade licenses are required for upgrading two units of the ACE-4710-BAS-2PAK bundle.
ACE-4710-2F-K9
This license bundle includes the following items:
•ACE 4710 appliance
•2-Gbps throughput license (ACE-AP-02-LIC)
•1-Gbps compression license (ACE-AP-C-1000-LIC)
•7500 SSL TPS license (ACE-AP-SSL-07K-K9)
•5 virtual contexts license (ACE-AP-VIRT-5)
•Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
You have the option to upgrade to the 4-Gbps bundle.
Start the upgrade with ACE-4710-BUN-UP3=.
ACE-4710-4F-K9
This license bundle includes the following items:
•ACE 4710 appliance
•4-Gbps throughput license (ACE-AP-04-LIC)
•2-Gbps compression license (ACE-AP-C-2000-LIC)
•7500 SSL TPS license (ACE-AP-SSL-07K-K9)
•5 virtual contexts license (ACE-AP-VIRT-5)
•Application acceleration license (50 connections) (ACE-AP-OPT-50-K9)
This is the highest value bundle.
ACE-4710-BUN-UP1
0.5 to 1-Gbps throughput bundle upgrade license
See the Upgrade Path outlined above.
ACE-4710-BUN-UP2
1 to 2-Gbps throughput bundle upgrade license
See the Upgrade Path outlined above.
ACE-4710-BUN-UP3
2 to 4-Gbps throughput bundle upgrade license
See the Upgrade Path outlined above.
Table 2 ACE Licensing Options
Feature License Model Description
Performance Throughput
Default
1-Gbps throughput.
ACE-AP-500M-LIC
0.5-Gbps throughput.
ACE-AP-01-LIC
1-Gbps throughput.
ACE-AP-02-LIC
2-Gbps throughput.
ACE-AP-04-LIC
4-Gbps throughput.
ACE-AP-02-UP1
Upgrade from 1-Gbps to 2-Gbps throughput.
ACE-AP-04-UP1
Upgrade from 1-Gbps to 4-Gbps throughput.
ACE-AP-04-UP2
Upgrade from 2-Gbps to 4-Gbps throughput.
Virtualization
Default
1 admin/5 user contexts.
ACE-AP-VIRT-020
1 admin/20 user contexts.
SSL
Default
100 TPS.
ACE-AP-SSL-05K-K9
5000 TPS.
ACE-AP-SSL-07K-K9
7500 TPS.
ACE-AP-SSL-UP1-K9
Upgrade from 5000 TPS to 7500 TPS.
HTTP Compression
Default
100-Mbps.
ACE-AP-C-500-LIC
500-Mbps.
ACE-AP-C-1000-LIC
1-Gbps.
ACE-AP-C-2000-LIC
2-Gbps.
ACE-AP-C-UP1
Upgrade from 500-Mbps to 1 Gbps.
ACE-AP-C-UP2
Upgrade from 500-Mbps to 2 Gbps.
ACE-AP-C-UP3
Upgrade from 1 Gbps to 2 Gbps.
Application Acceleration Feature Pack License
ACE-AP-OPT-LIC-K9
Application acceleration and optimization. By default, the ACE performs up to 50 concurrent connections. With the application acceleration and optimization software feature pack installed, the ACE can provide greater than 50 concurrent connections.
This license increases the operating capabilities of the following features:
•Delta optimization
•Adaptive dynamic caching
•FlashForward
•Dynamic Etag
ACE-AP-02-LIC=
Upgrade Performance License 2 Gbps Spare -
Upgrading ACE 4710 & Licensing
Hello
We have two pairs of ACE 4710s, one pair running A3(2.4) and the other pair A3(2.0). We plan to upgarde the second pair so that they are running the same image as the first pair (we know they are not the latest, but this is the first step in a larger rollout plan, and to aid some troublshooting for a major issue we are seeing.)
I have details of the upgrade steps, but my question is with regards to the licenses which are now enforced after (2.0). We currently have the following on the first pair, but are these part of the default licenses for (2.4) or would we need to purchase these as well?
ACE-AP-500M-LIC
ACE-AP-C-100-LIC
ACE-AP-OPT-50-K9
ACE-AP-SSL-05k-K9
Thanks in advance
ShaunAccording to the release notes, the default with the ACE running A3 is :
•Performance: 1 gigabit per second (Gbps) appliance throughput
•Virtualization: 1 admin context and 5 user contexts
•Secure Sockets Layer (SSL): 100 transactions per second (TPS)
•Hypertext Transfer Protocol (HTTP) compression: 100 megabits per second (Mbps)
so you don't have to purchase anything
Maybe you are looking for
-
How do I manage two iPods on one computer please?
I have an iPod (early 40G model, and it's fine). I installed iTunes, and all fine. A year goes by. Another member of the household gets an iPod (mini), and we load the software into a different subdirectory in Program Files. This erases my iTunes, bu
-
Web Application Deployment Issue in SOA Domain
I have a web application war file which when deployed in Weblogic 10.3.6 separately works fine. When I deploy the same in a SOA domain (_Weblogic 10.3.6 + SOA 11.1.1.6 + OSB 11.1.1.6_), it's throwing the below error. In both the cases I am targeting
-
Update JTable model col through header name in fast way
old day, i update my JTable model through the way : tableModel.setValueAt(aValue, rowIndex, jTable1.getColumn("HeaderName").getModelIndex());now, i am adding a feature to my table, where the user can remove column. when user remove the column, is jus
-
Websites not loading correctly.
Does anyone know why certain portions of some websites don't load since I've updated Flash and Reader. I've uninstalled and re-installed both of them.
-
Microsoft Access Not finding correct Linked SqlServer records
Microsoft Access 2010 application is not returning the correct linked records from a SqlServer 2008 database. For simplicity on the Access side I have a query such as: column XYZ is defined on the SqlServer as Nvarchar(1); Select * from LinkedSqlTabl