CSS 11500 url path rewrite and NAT
Hi,
We are evaluating a CSS 11500 and try to configure url path rewrite and NAT, but we have some problems.
What we would like to do is the following:
http://www.example.com/path1 -> http://host1:80
http://www.example.com/path2 -> http://host1:8080
http://www.example.com/path3 -> http://host2:80
The address www.example.com is resolving to a valid internet address, whereas host1 and host2 resolves to private IP addresses.
The client should always see the external url (e.g. http://www.example.com/path1/...) and the CSS should do the necessary translation.
Any help would be very much appreciated!
Regards,
Harald
Hello Experts, I'm new with this cisco stuff too(just got it 3 weeks ago), but here is some of my experience with cisco css 11501.
First : Service ServerName, there is a port setting here, but from my experience, I think it is related with KeepAlive option, so, port is alternate way to know if the server alive or not.
Second : When you send request to cisco css, the port option in content port will be the cisco css port to accept request, so, if you send a request to http://vip:8080/, all service must be in the same port too to balance the request, in this case, port 8080, if one service port 80, i'm sure the css will not hit the server.
Third : To solve your problem...
http://www.example.com/path1 -> http://host1:80 (ipA)
http://www.example.com/path2 -> http://host1:80 (ipB)
http://www.example.com/path3 -> http://host2:80
if you are lazy to buy new nic, just set subinterface/ip alias on the host1, and make the webserver only bind to specific address, not to all interface...
O yea, about your path1/path2/path3 -> /, hmm, i'm still asking in this forum about path changing cause until now, i haven't know how to do this, i know about apache rewrite module, and success do this, if only i know about this in cisco css too :-(
I'm sorry if I make mistake, I'm just telling my experience...
Similar Messages
-
URL paths and regular expressions in ASDM
Some background info - I've recently switched to an ASA 5510 on 8.4(3) coming from a Checkpoint NGX platform (let's say fairly quickly and without much warning ). I have a couple questions and they're kind of similar so I'll post them up. I've read docs about regex and creating them both via command line and ASDM, but the examples always seem to include info I don't need or honestly something I don't understand yet (mainly related to defining class\inspect maps). If someone could provide a simple example of how to do these in ASDM that would help a lot in understanding how regular expressions are properly configured. So here we go.
I know this is basic but I need to make sure I understand this properly - I have a single web server (so this won't be a global policy) where I need to allow access to a specific URL path\file and that's it. So we'll call it \test\testfile.doc. Any other access to any other path should be dropped. What's the best way to do this in ASDM (6.4)? I think if I saw a basic example for this I could figure out next few questions but I'll post them as well just in case.
I have another single public web server (again this won't be a global policy) where I'd like to specify blocking file types, like .php, .exe., etc... again a basic example would be great.
Lastly, and this is kind of related, but we have a single office/domain and sometimes we get spam from forged addresses appearing to be from our domain. On Checkpoint I used to use its built-in SMTP security server and could define if it received mail from *@mydomain.com to drop it because we would never receive mail externally from our own domain name. I saw something similar with ESMTP in ASDM and it looks kind of like how you set up the URL access mentioned above. Can I configure this in ASDM as well, and if so how?
TIA for your help,
Jordan/bump
-
Dear NetPros:
Does anyone know that does Cisco CSS 11500 Series Content Services Switch support 'Session Caching of RDP Clients? session for roaming of disconnected sessions' features?
Thanks
BernardThe Cisco CSS 11500 is a compact modular platform, specifically designed to provide robust Layer 4-7 traffic management services for e-business applications in Internet and intranet data centers.
This URl should help you:
http://www.cisco.com/en/US/netsol/ns340/ns394/ns50/ns254/networking_solutions_package.html -
Hi,
I have requirement in Sp Designer 2010,Get List item URL and insert in another list as one column value.When open another list and click on same item column entry url will show the parent item information.
Here i have create work flow and insert item URL in another list but cant find appropriate item url information.I can easily make item url link through String builder in mail body with using current id and predefine link,but
when try to insert the same type of item link in another list where i cant find string builder for create custom url link,only get valur of Path,URL,Absolute URL and Relative server URL,all these links or not provide me exact
item link dispaly information.
So I opened SharePoint Designer and start creating the workflow associated to the list.
As there is some Field from source related to current item URL I start using it
Encoded Absolute URL – this one should be the one to use
Server Relative URL
URL Path
Unfortunately, none of these options were providing the correct link. Indeed, these options are providing an incorrect path:
Encoded Absolute URL
http://wfe1/Lists/bpf/1_.000
Server Relative URL
/Lists/bpf/1_.000
URL Path
/Lists/bpf/1_.000
As you can see, the item URL is composed by an ID while it should be http://wfe1/Lists/bpf/dispform.aspx?id=1
Hasan Jamal Siddiqui(MCTS,MCPD,ITIL@V3),Share Point Application Developer,TCSUnfortunately, [%Current Item:URL%] doesn't seem to be available from a "Site Workflow" associated to a List. I'm finding less advantages to doing a "Site Workflow" when I don't necessarily need to. One problem is the workflow is initiating
twice. I'm thinking I should have just created the workflow as a a "List Workflow."
I am going to try "Association Columns" -- that may work. Anyone have other suggestions? -
Hi All,
We have used WSRP Portlet in Webcenter Portal Page. The Portlet is created using JSF Bridge out of ADF Bounded Taskflow.
It is causing Performance issue. Every time static content like js, css and images URLs are downloaded and the URL contain portlet_id and few other dynamic parameters like resource_id, client_id etc.
We are not able to cache these static content as these contains dynamic URL. This ADF Specific images, js and css files are taking longer time to load.
Sample URL:
/<PORTAL_CONTEXT>/resourceproxy/~.clientId~3D-1~26resourceId~3Dresource-url~25253Dhttp~2525253A~2525252F~2525252F<10.*.*.*>~2525253A7020~2525252FportletProdApp~2525252Fafr~2525252Fring_60.gif~26locale~3Den~26checksum~3D3e839bc581d5ce6858c88e7cb3f17d073c0091c7/ring_60.gif
/<PORTAL_CONTEXT>/resourceproxy/~.clientId~3D-1~26resourceId~3Dresource-url~25253Dhttp~2525253A~2525252F~2525252F<10.*.*.*>~2525253A7020~2525252FportletProdApp~2525252Fafr~2525252Fpartition~2525252Fie~2525252Fn~2525252Fdefault~2525252Fopt~2525252Fimagelink-11.1.1.7.0-4251.js~26locale~3Den~26checksum~3Dd00da30a6bfc40b22f7be6d92d5400d107c41d12/imagelink-11.1.1.7.0-4251.js
Technologies Used:
Webcenter Portal PS6
Jdeveloper 11.1.1.7
Please suggest , how this performance issue can be resolved?
Thanks.
Regards,
DigeshStrange...
I can't reproduce this because i have issues with creating portlets... If i can solve this issue i will do some testing and see if i can reproduce the issue...
Can you create a new producer with a single portlet that uses a simple taskflow and see if that works?
Are you also using business components in the taskflows or something? You can try removing some parts of the taskflow and test if it works so you can identify the component(s) that causes the issues. -
Cookies, URL-Rewriting, and Sessions
Hi All,
I am aware that this is probably a question that has been asked many times in the past. Nonetheless, I have not been able to fully comprehend the differences. Therefore I would appreciate it, if someone could kindly spend some time explaining the differences between the three and when each would be the most preferred solution. ( cookies, url rewriting and sessions )
So far what I understand is that, cookies can be used to store small amounts of data not more than 4kb, and that most browsers can not accept more than 20 at a time.... but would it be correct to say that the data is stored within the http headers ?
URL rewriting, on the other hand is a method which can be used if cookies have been disabled by a browser. The 'session id' is appended to the url, and used to remember the data. ( how ? ). Although, it does mean that the programmer has to be very careful and ensure that rewriting occurs everytime it is passed to the browser, including redirection. ( whatever that means ? )
Http sessions, seem to be the best solution out of the three ( but if this is the case, why are cookies and rewriting still hanging around today ? And even being taught at universities ? ). Also, they work on top of cookies and if these have been disabled sessions will not work !! ....
As you can see ( from the above ) I do not have a thorough understanding of the three methods, especially if it comes to specifying the differences between the three.
I would appreciate an explanation.HttpSessions use cookies or url rewritting to pass the session id which the server uses to associate a particular session with a particular request. A well developed web application will be written to use url rewriting when a client has cookies disabled. That being said I yet to see such a web application and personally believe that few people still disable cookies.
Cookies still have uses.
Persistant cookies are used to store data that needs to persist between sessions. This data is stored by the browser in a text files and passed to the server in the header. An example of this would be a site that offers personalization would store the user's id so that each time the user accesses the site he would see his personalization without being required to log in. Yahoo is a good example.
In memory cookies are stored in the browser's memory and is used to store temporary data that goes away when the browser closes. Again this data gets passed to the server in the headers. Temporary cookies can be used to pass data between seperate web applications runing on the same host where storing the data in the session will not because each application has it's own session. -
Does anyone know if it is possible to do a 301 redirect as opposed to the 302 redirect in a CSS 11500?
Everything I have read and these forums indicate 302 only I am just wondering if anyone knows of a way to work around via script or possibly any CSS updates that can add 301 functionality.
-
The specified file or folder name is too long,the url path for all files and folders
The specified file or folder name is too long,the url path for all files and folders must be 260 character or less
can we increase this limit?
MCTS,ITILHi,
As I understand, you want to increase the length of URL path in SharePoint 2010.
Per my knowledge, this limit cannot be increased. SharePoint limits URL length because all relative URL links are stored in the clear forms on the SharePoint content DB and often this links are used as primary keys to link one table with another. Fields
which are used to store these links (for instance tp_DirName from the AllUserData table) allow storing only 256 characters.
There are several ways that you can resolve or mitigate URL length problems in the SharePoint Server 2010 environment. The following list provides suggestions:
1. Upgrade all the end-user browsers to Internet Explorer 8, which has a longer URL length limit.
2. Use shorter names for sites, folders, and documents and control the depth of the site and folder structures to reduce the lengths of URLs.
3. If possible or allowed, use ASCII names for sites, folders, and documents. This will avoid situations where the URL will be lengthened by being encoded.
4. To reduce the risk that the SharePoint Server 2010 end-users will encounter problems because of URL length limitations, we recommend that you apply the following effective limits in the deployment:
256 Unicode (UTF-16) Code units - the effective file path length limitation, including a domain/server name
128 Unicode (UTF-16) Code units - the path component length limitation
More reference:
http://technet.microsoft.com/en-us/library/ff919564(v=office.14).aspx
http://sharepointknowledgebase.blogspot.in/2013/04/url-path-length-restrictions-in.html#.VKJN53BJA
Best regards,
Sara Fan -
Hi,
I have a question regarding sorry server configuration on the CSS 11500 series.
Is there a way for the sorry server to ignore the URL path and always send the user traffic to the "root" page (e.g. index.html) of the sorry server web server?
The problem I have is the redirection of the "root" page (url "/") that is configured for the normal traffic is causing the sorry page not to work since the URL path ("/psp/CUSTOMER1/?cmd=login") does not exist on the sorry page web server:
service Sorry-Server
protocol tcp
port 8000
keepalive type tcp
ip address 192.168.2.254
active
service server1
ip address 192.168.2.101
protocol tcp
keepalive type tcp
port 8080
active
service server2
ip address 192.168.2.102
protocol tcp
keepalive type tcp
port 8080
active
owner Customer1
content Content1
vip address 192.168.1.101
port 80
protocol tcp
url "/*"
balance aca
advanced-balance arrowpoint-cookie
flow-timeout-multiplier 6
add service server1
add service server2
primarySorryServer Sorry-Server
active
content Content1-Redirect
redirect "/psp/CUSTOMER1/?cmd=login"
vip address 192.168.1.101
port 80
protocol tcp
url "/"
active
Thanks in advance for your help!
Best regards,
HarryHi again,
During a maintenance window I made the following change and that made things a bit better:
service Sorry-Server
type redirect
keepalive type none
redirect-string "192.168.2.254:8000"
active
However, since the redirect string points to a private address, Internet users are not able to access the URL.
As a work-around I sent the redirect to a new content rule with a public address and then configured a second sorry page server:
service Sorry-Server
type redirect
keepalive type none
redirect-string "sorry.example.com:8000"
active
service Sorry-Server-2
ip address 192.168.2.254
protocol tcp
port 8000
keepalive type tcp
active
owner Customer1
content Content2
vip address x.x.x.x
add service Sorry-Server-2
port 8000
protocol tcp
active
Is there a better way to do this?
Best regards,
Harry -
Services with different IP address subnets over CSS 11500 series
Hi all folks!
I have two CSS 11500 series...
In just a few months i will have ready a DRS (Disaster Recovery Site), where i will have 2 more servers to add to the environment.
But this servers will be in a different subnet from that today i have for the servers who are configured in the current services of my CSS.
So then the doubt i arises is:
Is correct to add two new services with these servers, but using the IP addressing of the DRS site???, and including on the CSS a static route to this network, (of the DRS) in order to reach them?? is it correct, it will work well?
This would be so....
________________LAN to LAN_____________________
| |
| |
|------SITE A------| |------SITE B------|
[Firewall] ===============IPSEC============= [Firewall]
| |
| |
[CSS-A]-[CSS-B] [SWITCH]
| | | |
[SWITCH] | |
[srvA] [srvB] [srvC] [srvD] [srvE]
So, at [CSS-A] & B, i will put a static route to firewall that know the subnet of site B through the IPSEC tunnel.
So In the CSSs, i will add the new services for the Servers "D" & "E" with the IP address of Site B.
This should be seen as well:
!*************************** GLOBAL ***************************
ip route 0.0.0.0 0.0.0.0 [IP FIREWALL]
ip route SITE B [IP FIREWALL]
!************************** SERVICE **************************
service srvA
ip address A.A.A.x
port 8080
service srvB
ip address A.A.A.x+1
port 8080
service srvC
ip address A.A.A.x+2
port 8080
service srvD
ip address B.B.B.y
port 8080
service srvE
ip address B.B.B.y+1
port 8080
I know that this practice is not the most desirable, in fact should use"Basic Global Server Load Balancing Site Redundancy Using the CSS with DNS", but I don't have much time to change the entire environment today, and in this first stage i have to begin with this poor but quick solution that i thought and i wanted to be validated if there is posibliidades this to work
Within their experiences that they say? Will operate?
Thanks in advance!
Regards!
Esteban =)Daniel!
Sorry by delay!
Thank you so much for you time for reply.
You have given me a great help to this doubt!
But..using "source group" let me know..
I can´t undertand the really difference between NAT with ACls as you can see at this link: (http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_tech_note09186a0080093dfc.shtml)
and
this other link, using NAT (from the piont 5), (http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a0080093dff.shtml)
where the NAT is configured under a method different from the previous one..
So.. for this scenario described above, which would you recommend using? I would think that the second is the most indicated truth? What do you think?
Thanks in advance again!!!
Have nice day!
Regards.
Esteban. -
How to move up within a URL path?
Recently started using URLs in my programs. Works great. However, all the
time I have been wondering how to move up in that URL path. For example,
if my url1=("http://www.something.com/") I normally end up at the index.html.
But how could one set up a relative url reaching a file or directory at the same
level as that index.html? I suppose one should go up onel level and then
specify the name of the required file.
I tried to use things like url2= new URL(url1,"../myfile") but that doesn't seem
to work.
Anybody has an idea? Thanks in advance.
Dirkmartin@work wrote:
Hi,
you can't, if your web server provides the minimum of security. In the web server configuration you normally map a base url to a physical directory on the server and the web server does its very best to assure that you can only access files in that physical directory and below, and that all other files on the server in any upper or parallel directories are not accessible.
If you want to access files in a parallel directory then you have to create a further mapping in the web server which maps another base URL to that directory.
Martin To reinforce what Martin says: if you cannot do this with your web browser, don't expect to do it with Java.
On the other hand, if you can do it in your web browser, we misunderstood your question and please
reformulate it using actual URL's (or at least the portion following the host name).
Edited by: baftos on Apr 25, 2008 9:28 AM -
Path palette: What's wrong with "path share" and "path exclude"?
Hi everybody. First of all: Sorry for my english, but I hope someone can understanding me.
Well, I want to work with Fireworks in the future because I think that this programm keep in some situation more efficience as Photoshop... So I was trying to learn how this programm is working.
Since some days I make some experiments with Path's, because I like to work with Illustrator as well. But now, I am still going crazy because I don't understanding 2 options. I don't know the english names but In the path palette does they have this Icons:
The first option (Pfade teilen) is "path share" and the second one (Pfade ausschließen) is free translate "path exclude"
My question is: When I can use this 2 Options? I really did everything but nothing was workingThanks for posting about this issue! I've taken a look at the "Combine Paths" operations in the Paths panel in both Fireworks CS6 and CS5 on my Mac, and noticed several bugs. Between you and I, here's a summary of what we've found:
Fireworks CS6, Version 12.0.0.236, WIN, 7, 64 Bit, SP 1
Exclude Paths - Does not work.
Fireworks CS6, Version 12.0.0.236, Mac OS 10.6.8 (Snow Leopard)
Divide Paths - No effect on rectangles.
Exclude Paths - Requires 2 clicks for rectangles - one to ungroup rectangles and another to apply path operation.
Fireworks CS5, Version 11.1.0.205, Mac OS 10.6.8 (Snow Leopard)
Divide Paths - Works like Exclude Paths.
Undo - Deletes previous unrelated non-path operation. For example:
Draw two ellipses.
Draw a rectangle.
Select two ellipses and apply Combine Paths operation.
Undo (Command-Z).
The rectangle disappears!
You can submit a bug report to Adobe about the "Exclude Paths" issue, and include the URL for this discussion within your report:
https://www.adobe.com/cfusion/mmform/index.cfm?name=wishform
In the meantime, I'm going to send an e-mail to the developer about these issues. I know that he's working on a fix for another problem with this panel and planning on releasing a fix at some point, so hopefully these issues can get fixed as well.
Again, thanks for being so persistent. It is challenging to understand your writing at times; however, the animated GIF was very helpful—and very well done. Have you tried composing your posts in your native language and then using something like Google Translate to convert it to English? I don't know if the results would be better; it's just an idea. -
Using Acrobat Pro XI, Windows 7-64, Firefox 25. If I open a PDF from a website link in IE, the PDF opens and I can see the URL path where I can copy it and send to others. Opening the same link in Firefox does not show the URL path. I get the File, Edit menu but no URL.
Is the PDF opening in a separate (popup) window? Sites can alter which bars appear on a popup window, but the address bar should always be visible (that's the default setting). Could you check and make sure that hasn't changed?
(1) In a new tab, type or paste '''about:config''' in the address bar and press Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste '''window_o''' and pause while the list is filtered
(3) If the '''dom.disable_window_open_feature.<u>location</u>''' preference is bolded and "user set" to false, double-click it to switch it back to true so sites are disabled from hiding the location (address) bar on popup windows. -
What is the appropriate product name for CSS 11500 on Bug Toolkit
Today I tried to search DDTs of CSS 11500 on Bug Toolkit (http://www.cisco.com/cgi-bin/Support/Bugtool/home.pl), however I can not find out appropriate product name corresponding to CSS 11500.
Before I had searched DDTs of CSS 11500 on Bug Toolkit many times, at that time, if my memory correct..
I selected "Cisco CSS 11500 Series Content Services Switches" in the list of "Search for bugs in other Cisco software and hardware products" on Bug Toolkit.
But I can not find this product name today.
Do you know what product name appropriate for CSS 11500 on Bug Toolkit ?
Your information would be appreciated.
Best regards,Hi Gilles,
Thank you for your cooperation.
Today, I can find the CSS at "new Bug Toolkit".
http://tools.cisco.com/Support/BugToolKit/action.do?hdnAction=searchBugs
Select Product Category: Application Networking Services
Select Product: Cisco CSS 11000 Series Content Services
So I understand I should go "new Bug Toolkit" instead of old "Bug Toolkit" to
search any DDTs for CSS 11500.
Many thanks.
Best regards, -
Open txt file in CV02n for URL path
Hi
I stored atachment Text file in SAP content server for SRM SC document.
and i have below HTTP url.
http://1xxxxxxxx:1090/ContentServer/ContentServer.dll?get&pVersion=0046&contRep=BBPFILESYSTEM&docId=E03E3F4E929E9BF1B4100026B98BDDE2&compId=linknew.TXT
I want to open the file in notepad from CV02N without opening browser. How to do this.
I used data carrier INTERNET and TYPE as UR, In this case its opening browser and opening text file.
But i dont want to open browser, instead i want to open only text file.
I already did customizing in ERP system for TXT file and if i checkin text file in CV02N i am able to open it in notepad.
simmilarly i want to open URL path file also.
Pls sugges me how to do this
Regards
Chandra
Edited by: princeck on Feb 24, 2011 10:09 AMMake sure the filename has an absolute path. If the path is relative it will point to a different location depending on where you run the program from.
When you run it from within Xcode itself the binary is buried way inside the project hierarchy (you can see where it is by selecting the program in the Products folder and doing a Show in Finder).
The safest bet is to always specify a specific directory for any writes you do.
regards
As an example for this program in Xcode (assumoing you will be able to see the images)
The binary is located here
Maybe you are looking for
-
Urgent: need help with Scanner
Im sorry im kinda new, and i cant figure out how to scan a String including new lines, and stops scanning after reaching an empty line... i think im supposed to use System.getParameter("line.seperator") Thx a lot in advance, but ive really been stuck
-
Firefox is not remembering passwords for sites that i visit regularly. Ihave checked the box "remember passwords for sites" in the security tab under tools, but the passwords are not being remembered when I return to the sites. I am running v 3.6.18
-
HT4101 Is the Panasonic lumix tz20 compatible with the iPad air lightning cable?
Is the Panasonic lumix compatible with the iPad air lightning to USB camera adaptor?
-
MRER is posting duplicate invoices
Hi All, When I ran MRER for 16 GRs, it created 32 IRs. Each GR had two IRs linked to it. The GR based IV in PO is chacked and duplicate invoice is also checked in the vendor master. Could any one please tell me how and why this is happening? Thanks i
-
I Can open PCX files in Elements 5 & 8. Why can't I open PCX files in Elements 12?
I can open pcx files in Elements 5 & 8. Why can't I open them in Elements 12?