cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

HTTPS monitor with headers Content-type.

Deepak_Kumar2
Nimbostratus
Nimbostratus

Hi All,

I am trying to create a new HTTPS health Monitor for pool which contains Cisco ISE.

For testing I am using below cURL string, and it is given below output:

curl -u username -k --location --request PUT ‘’https://ISE-Server/Url'  --header 'Accept: application/snd.com.cisco.ise.identity.guestuser.2.0+xml' --header 'Content-Type: application/xml'

Curl Output:

<?xml version="1.0" encoding="utf-8" standalone="yes"?><ns3:ersResponse operation="PUT-suspendByName-guestuser" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ns3="sss.ise.cisco.com"><link rel="related" href=" https://ISE-Server/Url" type="application/xml"/><messages><message type="ERROR" code="CRUD operation exception"><title>Suspend request for  GuestUser By name (username) failed due to  The GuestUser name (username), not found.</title></message></messages></ns3:ersResponse>

 

This is the desired output as per Engineer.

Now I am trying to convert this to HTTPs monitor as per below:

Send String:

PUT /Url HTTP/1.1\r\nHost: <host>\r\nContent-Type: application/xml\r\nConnection: Close\r\n\r\n

 

Receiver String:

<title>Suspend request for  GuestUser By name (apitest) failed due to  The GuestUser name (apitest), not found.</title>

But Pool member is showing Down.

Can someone pls support me to create a proper send and receive string for this. It seems I am not properly using Content-Type & Accept header in receive string.

2 REPLIES 2

Hello Deepak.

I guess your response is not matching the receive string properly. Just try it from a small string, maybe something like "GuestUser" and check if it matches.

 

Regards,
Dario.

SanjayP
MVP
MVP

@Deepak_Kumar2  - Check if your need useragent header as mentioned in https://support.f5.com/csp/article/K65151034.  Check if you are using username apitest in the monitor.  Enable monitor logging under pool member and you can check the logs.

I would suggest, refer to standard Cisco ISR deployment guide with F5 and use the monitor mentioned there. I don't see PUT monitor is mentioned in the doc. 

https://community.cisco.com/t5/security-documents/how-to-cisco-amp-f5-deployment-guide-ise-load-bala...