Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Redirecting HTTP traffic based on host-header (or URL request)

Reply
Thread Tools

Redirecting HTTP traffic based on host-header (or URL request)

 
 
Tim Mavers
Guest
Posts: n/a
 
      04-01-2004
I have been asked to see if I can have our Pix firewall route incoming web
requests (on port 80) to different machines based on the requesting URL. I
am not intimately familar with all the network layers, but it sounds like
the Pix would have to be aware of the HTTP traffic and not just the IP
traffic. Currently, our Pix routes all incoming traffic on port 80 to an
internal machine inside our LAN (regardless of what url was typed, if DNS
resolves it to the external interface, it gets routed to box 10.10.5.2.

What I would like to do is to (and I have no idea if this functionality
exists within the Pix), but add some sort of filter exception (conceptual
terms here), where if requests come in on say: xxx.mycompany.com they get
routed to a different machine. Any other requests continue to go to our
main web server.

Our main web server btw is Apache 2.0 and I looked through the docs briefly
and know there are ways of redirecting within the same machine using
host-headers. In other words, all requests continue to go to a single web
server, who then determines where it should go (not sure if it can redirect
to another machine, but I know it can redirect to other pages on the same
machine--creating a virtual host environment).

The problem is this second machine I need to redirect to is running IIS
under Windows. Furthermore, if I were able to configure apache to redirect
requests based on URL request, would there be other issues such as cookies,
session state (the IIS site uses ASP.NET).

These unknowns has got me looking back at the Pix again, if I could route
traffic before it hits any web server, I think that would be a much cleaner
solution. The question is, does Pix support this, and if so, how would I
configure it?

Thanks,


 
Reply With Quote
 
 
 
 
PJML
Guest
Posts: n/a
 
      04-01-2004
Tim Mavers wrote:
> I have been asked to see if I can have our Pix firewall route incoming web
> requests (on port 80) to different machines based on the requesting URL. I
> am not intimately familar with all the network layers, but it sounds like
> the Pix would have to be aware of the HTTP traffic and not just the IP
> traffic. Currently, our Pix routes all incoming traffic on port 80 to an
> internal machine inside our LAN (regardless of what url was typed, if DNS
> resolves it to the external interface, it gets routed to box 10.10.5.2.



For this I would recommend something like one of the
115xx-series Content Server Switches.

http://www.cisco.com/en/US/products/...792/index.html

They're layer 4-7 aware and can do the sorts of things
you want, with load-balancing and failover so you can
automatically redirect to a different server if your
primary one stops responding. I've been running a
couple of 11503s for some time and think they're great!

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      04-01-2004
In article <(E-Mail Removed)>,
Tim Mavers <(E-Mail Removed)> wrote:
:I have been asked to see if I can have our Pix firewall route incoming web
:requests (on port 80) to different machines based on the requesting URL.

We answered this just a couple of weeks ago.

The answer is NO. And there are no rumours about it being supported
in 7.0.

--
Whose posting was this .signature Google'd from?
 
Reply With Quote
 
Chad Mahoney
Guest
Posts: n/a
 
      04-13-2004
http://www.velocityreviews.com/forums/(E-Mail Removed)-cnrc.gc.ca (Walter Roberson) wrote in message news:<c4hge0$afq$(E-Mail Removed)>...
> In article <(E-Mail Removed)>,
> Tim Mavers <(E-Mail Removed)> wrote:
> :I have been asked to see if I can have our Pix firewall route incoming web
> :requests (on port 80) to different machines based on the requesting URL.
>
> We answered this just a couple of weeks ago.
>
> The answer is NO. And there are no rumours about it being supported
> in 7.0.


Hi,

the PIX can not do this **but** DNS sure can. Although you may need to
use more IP address than wanted.


hth,

Chad
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
need help with redirecting port 80 traffic essenz Cisco 5 06-07-2010 03:23 PM
redirecting traffic from LAN to WLAN on a server anita Wireless Networking 0 01-06-2009 11:02 PM
Redirecting all Outgoing http traffic to an internal Web server r_elder@yahoo.com Cisco 7 03-30-2007 02:16 PM
Cisco 1721 and redirecting inbound SMTP traffic jlatulip Cisco 4 05-13-2006 10:39 PM
Redirecting all WWW traffic CybrSage Cisco 7 07-19-2003 03:03 PM



Advertisments