How can I preserve Client IP address?
I am configuring the ACE for bridged mode. However, the real server is seeing VIP IP but not Client IPs. Our business requires that the real server must see client IPs. Do you have any idea how to set that up?
I tried to turn ON/OFF normalization but it is still not working.
Thanks,
Vincent
==============================
Here is my configuration:
rserver host 192.168.71.71
ip address 192.168.71.71
inservice
serverfarm host WEB_FARM
failaction purge
probe ICMP
rserver 192.168.71.71
inservice
access-list PERMIT-BPDU ethertype permit bpdu
access-list ALL line 8 extended permit ip any any
sticky ip-netmask 255.255.255.255 address source WEB_FARM_Sticky
timeout 180
replicate sticky
serverfarm WEB_FARM
class-map match-all WEB_FARM_VIP
2 match virtual-address 192.168.71.154 tcp eq 80
class-map type management match-any remote_access
2 match protocol xml-https any
4 match protocol icmp any
5 match protocol telnet any
6 match protocol ssh any
7 match protocol http any
8 match protocol https any
9 match protocol snmp any
policy-map type loadbalance first-match WEB_FARM_Policy
class class-default
sticky-serverfarm WEB_FARM_Sticky
policy-map multi-match WEB_VIPS
class WEB_FARM_VIP
loadbalance vip inservice
loadbalance policy WEB_FARM_Policy
loadbalance vip icmp-reply active
nat dynamic 6 vlan 31
nat dynamic 5 vlan 21
interface vlan 21
description Client VLAN
bridge-group 171
no normalization
mac-sticky enable
access-group input PERMIT-BPDU
access-group input ALL
service-policy input WEB_VIPS
nat-pool 5 192.168.71.154 192.168.71.154 netmask 255.255.255.255 pat
interface vlan 31
description Server VLAN
bridge-group 171
no normalization
mac-sticky enable
access-group input PERMIT-BPDU
access-group input ALL
service-policy input WEB_VIPS
nat-pool 6 192.168.71.154 192.168.71.154 netmask 255.255.255.255 pat
no shutdown
interface bvi 171
ip address 192.168.71.3 255.255.255.0
no shutdown
Do you have a default route on the ACE and the rservers? Are they all pointing to the same IP? I have the same configuration. An ACE 4710 in transparent mode, but I have no NATing and my rservers are able to see the original client IPs (security requirement).
Here is part of my config for one serverfarm
rserver host RS_MIDTIER_220
description
ip address 172.31.0.131
inservice
rserver host RS_MIDTIER_221
description
ip address 172.31.0.132
inservice
rserver host RS_MIDTIER_222
description
ip address 172.31.0.133
inservice
rserver redirect RS_SSL_Redirects
webhost-redirection https://%h/%p 301
inservice
action-list type modify http SSL_URL_REWRITE
ssl url rewrite location ".*"
serverfarm redirect SF_SSL_Redirects
predictor leastconns
rserver RS_SSL_Redirects
inservice
serverfarm host SF_Midtier_Prod
description Midtier Production
predictor leastconns
probe APACHE
probe ICMP
rserver RS_MIDTIER_220 80
inservice
rserver RS_MIDTIER_221 80
inservice
rserver RS_MIDTIER_222 80
inservice
ssl-proxy service SSL_PSERVICE_MIDTIER_PROD
key
cert
chaingroup EntrustChainGroup
sticky http-cookie JSESSIONID Sticky_Jsession_Cookie_Midtier_Prod
timeout 90
serverfarm SF_Midtier_Prod
class-map type management match-any REMOTE_MGT_ACCESS
description remote access traffic match
2 match protocol ssh source-address
4 match protocol https source-address
5 match protocol snmp source-address
class-map match-any VS_Midtier_Prod_L3SLB
description Midtier Prod IPs
2 match virtual-address 172.31.0.46 tcp eq https
3 match virtual-address 172.31.0.47 tcp eq https
class-map match-any VS_SSL_Redirects
description Redirects any http VIPS to https
5 match virtual-address 172.31.0.46 tcp eq www
6 match virtual-address 172.31.0.47 tcp eq www
policy-map type management first-match REMOTE_MGMT_ALLOW_POLICY
class REMOTE_MGT_ACCESS
permit
policy-map type loadbalance http first-match Midtier_Prod_L4SLB
class class-default
sticky-serverfarm Sticky_Jsession_Cookie_Midtier_Prod
action SSL_URL_REWRITE
policy-map type loadbalance first-match SSL_Redirect_L4SLB
class class-default
serverfarm SF_SSL_Redirects
policy-map multi-match Farm_VIPS
class VS_SSL_Redirects
loadbalance vip inservice
loadbalance policy SSL_Redirect_L4SLB
class VS_Midtier_Prod_L3SLB
loadbalance vip inservice
loadbalance policy Midtier_Prod_L4SLB
loadbalance vip icmp-reply active
ssl-proxy server SSL_PSERVICE_MIDTIER_PROD
interface vlan 100
description DMZ ACE frontside
bridge-group 1
access-group input BPDUALLOW
access-group input ALL
service-policy input REMOTE_MGMT_ALLOW_POLICY
service-policy input Farm_VIPS
no shutdown
interface vlan 110
description DMZ ACE backside
bridge-group 1
access-group input BPDUALLOW
access-group input ALL
no shutdown
interface bvi 1
ip address 172.31.0.150 255.255.255.0
no shutdown
rserver redirect RS_SSL_Redirects
webhost-redirection https://%h/%p
301
inservice
domain
ip route 0.0.0.0 0.0.0.0 172.31.0.1
Similar Messages
-
How can I get Client IP Address in oracle?senthil
How can I get Client IP Address in oracle?senthil
Hi,
Following query can help you to get the Client IP Address.
select sys_context('userenv','ip_address') from dual;
Thanks, -
How can I get client IP address in portlet (servlet) ?
How can I get client IP address in portlet (servlet) ?
request.getRemoteAddr() return server IP.
May be I must use Portal API, which extend Servlet classes, but I can't find this.
Can any help me?Hi,
Following query can help you to get the Client IP Address.
select sys_context('userenv','ip_address') from dual;
Thanks, -
How can I preserve Client Port on CSS
Hi guys,
I’m wondering if there is a way to configure CSS11503 running 8.10 so that the servers in the content rules can see the client port number??
The servers can see the client IP, but not the port!! It seems when forwarding packets to the servers in the content rule, the CSS uses a new high-number port when communicating with servers.
ThanksI might be wrong, but afaik it depends on the type of balancing method used.
As long as the CSS only needs to nat the destination it won't change the client source port.
As soon as it get's a Layer4 rule it will intercept and setup a new connection and thus cause higher port numbers. -
How can i read client IP address
Hello,
I try to read the user IP address using Request.UserHostAddres and this is always 127.0.0.1 (=localhost)
This is happens (i think..) because the request is not submitted directly to my .net portal application .
What is the solution on this issue ?
Thanks !Hello,
I try to read the user IP address using Request.UserHostAddres and this is always 127.0.0.1 (=localhost)
This is happens (i think..) because the request is not submitted directly to my .net portal application .
What is the solution on this issue ?
Thanks ! -
Hi,
Please go through the below link.
http://docs.iplanet.com/docs/manuals/enterprise/60sp1/ag/esmonsvr.htm#18110
I hope this helps. If you need any help let me know.
Regards,
Dakshin.
Developer Technical Support
Sun Microsystems
http://www.sun.com/developers/support. -
How can I preserve row and column addresses on multiple cells at once in Numbers?
How can I preserve row and column addresses on multiple cells at once in Numbers 3.2.2? I do a lot of rearranging and sorting and want to reference cells in other sheets. After entering the formulas (example: '=Sheet1::Table 1::H126') I will sort the table and the formulas will not move with the sort. I think I can fix this by going cell by cell checking the 'preserve row' and 'preserve column' boxes when editing the formula. I want to avoid having to go one by one. I know that checking the boxes creates a formula like this: '=Sheet1::Table 1::$H$126' I have also tried entering this manually and filling down but it doesn't include the preservations (the $$) in the autofill. If there is another way to remedy my sorting problem that would also be welcomed!
THANKS!!The title of the post is this
How can I preserve row and column addresses on multiple cells at once in Numbers?
I restated the Question as follows
Can "Preserve Row" an / or "Preserve Column" be set on multiple cells at the same time.
In both cases it is not asked if multiple cells can be set to....
That is a given.
Step back a second... It is like selecting multiple cells and setting the text color of the currently selected cells to red. This can be done. More than one cell at a time modified because they are currently selected.
Whats is being asked is: if more than one cell is selected at the same time can the settings "Preserve Row" an / or "Preserve Column" be applied. No table I put up will help with that question.
YES or NO
If YES how? -
CS3 - How can I preserve Links and Hyperlinks in my INDB?
I am still pretty new to ID, so please speak slowly :)
My problem - I create an INDB that consists of several indd chapters. The chapters include numerous Links (to PNG & PSD images) and Hyperlinks both to Text anchors to other chapters within the INDB, as well as to URLs. I have all items saved on my local HD. Once complete, I do "Package for Print", check the Preflight report to make sure all is OK (it is) and then save the new INDB folder in a new location on my local HD. This all seems to work just fine, BUT if I move this packaged INDB folder (such as to a backup drive, or give to another worker that copies it to their HD), upon opening the INDB file, some links and Hyperlinks are broken.
It seems that these broken Links and Hyperlinks are still pointing to the original locations on my HD. But obviously not all are, since most links/hyperlinks DO work fine. The Hyperlinks to Text anchors within other indd chapters seem to typically break. Is there a way to force these to reference the packaged assets within the INDB folder? Seems ID would be smart enough to look there itself!
Also, I was creating some Hyperlinks as "cross referenced" - that is, I created a URL Hyperlink Destination in Chapter 1 indd and then created Hyperlinks pointing to it from other chapter indd in the book. I have learned that these ALWAYS break in the above scenario, so I started creating the URL destination within the same chapter indd and pointing to it there rather than across chapters. But this is just more work to keep re-creating the same URL destination in every indd!
I'll keep running into these problems since I need to share my finished INDB with other CS3 users. I also would like to be able to do a Save As of the INDB when creating a revised, newer version, but I see this also results in the new INDB links/hyperlinks still pointing to the original INDB's assets! Any way to make the Save As update the Links/Hyperlinks in the new INDB?
Thanks greatly for any insight. I can find no help in the Help on these issues!The title of the post is this
How can I preserve row and column addresses on multiple cells at once in Numbers?
I restated the Question as follows
Can "Preserve Row" an / or "Preserve Column" be set on multiple cells at the same time.
In both cases it is not asked if multiple cells can be set to....
That is a given.
Step back a second... It is like selecting multiple cells and setting the text color of the currently selected cells to red. This can be done. More than one cell at a time modified because they are currently selected.
Whats is being asked is: if more than one cell is selected at the same time can the settings "Preserve Row" an / or "Preserve Column" be applied. No table I put up will help with that question.
YES or NO
If YES how? -
MSExchangeTransport 1020 'NT AUTHORITY\ANONYMOUS LOGON - How can I identify Client?
My Exchange 2010 box is logging this error with some regularity:
MSExchangeTransport
1020
The account 'NT AUTHORITY\ANONYMOUS LOGON' provided valid credentials, but is not authorized to use the server; failing authentication.
How can identify what client is attempting this connection?Hi,
If there is no event id 1035, I recommend you use protocol logs with log parser to check the sender IP. Also, you can use network monitor to verify this client's IP address.
Here is a helpful article for your reference.
Report Top Sender IP’s on Exchange Server 2010 using Log Parser
http://exchangeserverpro.com/exchange-2010-report-top-sender-ips-log-parser/
Note: Microsoft is providing this information as a convenience to you. The site is not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
Hope it helps.
Best regards,
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Amy Wang
TechNet Community Support -
How can I remove a mailbox address from the "From" drop down box in a new e-mail my old e-mail address continue to populate as the sender address
Hello,
Try Mail>Preferences>Accounts icon>Account Information tab>Click on the Outgoing SMTP server drop down, choose edit Server list, highlight the old one & click Remove.
(Such convolution is worthy of Windows® in my estimation) -
My email address in the imessage part of my ipad is incorrect. How can I change the email address to conform with the email address on the rest of my apple products? I can get messages on my iphone, mac but not on my ipad because of the incorrect address.
Go on to settings> Messages > send and receive
this should give you the opportunity to edit email adressed
Hope it helps. -
How can I change the email address linked to my iCloud account on iPhone 4S running iOS 7?
How can I change the email address linked to my iCloud account for iPhone 4s?
Welcome to the Apple Community.
If it's your non-iCloud mail address, start here, change your country if necessary and go to manage your account
If it is your iCloud mail address you want to change, you can't. -
Whenever I update my iPhone software, it asks me to sign in to iCloud with an old email address. My other devices all have the correct address. How can I get the correct address for my iPhone? The only Apple ID that works for logging in is my new one.
To change the iCloud ID you have to go to Settings>iCloud, tap Delete Account, provide the password for the old ID when prompted to turn off Find My iPhone (if you're using iOS 7), then sign back in with the ID you wish to use. If you don't know the password for your old ID, or if it isn't accepted, go to https//appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID. Tap edit next to the primary email account, tap Edit, change it back to your old email address and save the change. Then edit the name of the account to change it back to your old email address. You can now use your current password to turn off Find My iPhone on your device, even though it prompts you for the password for your old account ID. Then go to Settings>iCloud, tap Delete Account and choose Delete from My iDevice when prompted (your iCloud data will still be in iCloud). Next, go back to https//appleid.apple.com and change your primary email address and iCloud ID name back to the way it was. Now you can go to Settings>iCloud and sign in with your current iCloud ID and password.
-
How can I correct my email address on my iphone for the app store
How can I correct my email address on my iphone so I can access the app store and itunes via my phone. The address is correct on my laptop and ipad so have no idea what's going on. All I know is that I cannot get into the app store or itunes on my iphone. Does anyone have any ideas please
Hi there gillian115,
You may find the information in the article below helpful.
iOS: Changing the signed-in iTunes Store Apple ID account
http://support.apple.com/kb/ht1311
-Griff W. -
How can I change my email address on icloud
How can I change my email address on iCloud?
Hey Sblan2,
According to the following document, you are unable to change the iCloud email address.
from: Apple ID: Changing your Apple ID
http://support.apple.com/kb/HT5621
However, one option you have would be to create an email alias:
iCloud: Create or change email aliases
http://support.apple.com/kb/PH2622
Welcome to Apple Support Communities!
Best,
Delgadoh
Maybe you are looking for
-
Printing to a Shared Printer in Classic programs
I searched for an answer to this and could not find anything so I am going to appeal for help. I have a Color LaserJet connected via USB to a G4 machine that is sharing the printer. The sharing works fine, all of my machines can access it. The proble
-
Header text copy from quotation to sales order
Dear all, My Client Requirement is like this if i entered some text in Quotation header text the same should be copied into sales order hearder text , i tried a lot i am unable to find the answer kindly guide me. With Regards san rao
-
Data Connection to MS-SQL using Windows Auth from untrusted machine
We have an Excel Spreadsheet that uses a Data Connection to a MS-SQL database. The database server is joined to our domain, and Windows Authentication is enabled. Here is a sample of the connection string (with revealing info obfuscated): Descriptio
-
Verizon messages upgrade; sync to Xoom only over wi-fi?
I like the upgrade in the Verizon messages program, especially the ability to sync with the Xoom over wi-fi. But ... if you go that far, why not allow them to connect and sync over the Verizon network? Why only wi-fi? -Dave
-
Why do templates use .classes so much instead of DIVS?
I really thought DIV's were the way we named once-off major columns and sections across our site, yet when I look into the DW templates they are all classes with unusual names. Yet I thought CSS were moving to standard naming conventions like.... div