Replicating Cisco ACE Config on F5

Question

Hi all,
I am trying to replicate cisco ace config on my new f5. however my pool members are active and I can even see hits on my VS when I access my web application but the page wont displace.. The ace scenario is as follows
total rservers : 4

----------connections-----------

real                  weight state        current    total      failures

---+---------------------+------+------------+----------+----------+---------
rserver: zam
   y.y.y.y:443        8      PROBE-FAILED 0          2056329    5629

y.y.y.y:4433       8      OPERATIONAL  0          1728847    70202

rserver: zam
   x.x.x.x:4433       8      OPERATIONAL  0          204161     198

x.x.x.x:4443       8      OPERATIONAL  2          234414     213

The question is how can I configure f5 to listen to HTTP/HTTPS request on these custom ports..

Thanks

leonardo_souza · Answer

Create a virtual server with those ports.
You need to use clientssl and serverssl based on what you to do with SSL traffic.&nbsp;
This article have good explanation about that:&nbsp;
https://devcentral.f5.com/articles/ssl-profiles-part-1&nbsp;

robell_pontes_7 · Answer

Not sure it's entirely relevant but a few years ago I worked on a Cisco CSS to F5 LTM migration and used a script to convert large chunks of CSS (similar to ACE) config to F5-ish.&nbsp;
Still there's a lot to do as the output isn't necesarily 100% functional but may give you a better idea of how to "translate" properly the current Cisco config.&nbsp;
The article I used for reference and the scripts are available at:
https://devcentral.f5.com/articles/big-ip-configuration-conversion-scripts&nbsp;

k_kirchev_28437 · Answer

Hello J,&nbsp;
here are a couple of links that helped me in my current project:&nbsp;
https://devcentral.f5.com/articles/converting-a-cisco-ace-configuration-file-to-f5-big-ip-format&nbsp;
https://devcentral.f5.com/questions/convert-cisco-ace-to-f5-ltm-health-monitor-52662&nbsp;
https://devcentral.f5.com/questions/help-convert-a-cisco-ace-probe-to-a-f5-monitor&nbsp;
What you can do for a custom port is to make a health monitor with "alias port" option.
I have done this for custom HTTPS ports like 6443, 7443 etc.
If I remember correctly port translation is enabled by default on VS&nbsp;

jamshaid_dayar_ · Answer

Hi all,&nbsp;
so issue has resolved with doing two things&nbsp;
enabling rewrite-uriusing Layer 4 instead of standard in those apps which were not responding even after enabling rewrite option, may be due to some certificate issues btw f5 and the server.

Forum Discussion

Replicating Cisco ACE Config on F5

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

Related Content

F5 Distributed Cloud and Amazon FSx for NetApp ONTAP - Global Replication and Anywhere Access

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

F5 Distributed Cloud (XC) Global Applications Load Balancing in Cisco ACI

Weblogic JSessionID Persistence for Session Replication

virtual server config

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS