Table Of Contents
Managing Policies
TCP Policy
Viewing TCP Policies
Assigning Policies to Proxy Services
Adding TCP Policy
Editing TCP Policy
Deleting TCP Policy
SSL Policy
Viewing SSL Policy
Adding SSL Policies
Editing SSL Policies
Deleting SSL Policy
HTTP Header Insertion Policy
Viewing HTTP Header Insertion Policy
Adding HTTP Header Insertion Policy
Editing HTTP Header Insertion Policy
Deleting HTTP Header Insertion Policy
URL Rewrite Policy
Viewing URL Rewrite Policy
Adding URL Rewrite Policy
Editing URL Rewrite Policy
Viewing URL Rules and Outcome
Deleting URL Rewrite Policy
Managing Policies
The CVDM-SSLSM supports defining policies for Proxy Services. The policy templates help the Administrator customize the attributes associated with SSL and TCP stack to suit the needs.
The following policies are supported by the SSLSM:
•
SSL Policy
• TCP Policy
• HTTP Header Insertion Policy
• URL Rewrite Policy
Policies are grouped by their type and are displayed as a tree node in the object selector. All configured policies of a type are listed as child nodes under the policy node.
Figure 8-1 Policies
TCP Policy
The TCP commands for the SSL Services Module apply either globally or to a particular proxy server.
The TCP policy template allows you to define parameters associated with the TCP stack.
Viewing TCP Policies
To view the TCP Polices:
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select TCP Policy from the object selector. The policy information appears on the page.
The following fields appear:
TCP Policies
Fields
|
Description
|
Policy Name
|
Name of the TCP Policy
|
Number of Proxy Services (Use Count)
|
Number of proxy services using the TCP Policy.
|
Select a policy, then click Assign to Proxy Services to assign a policy to the proxy services.
Click Add to add a new TCP policy. The Add TCP Policy dialog box appears.
Select a policy, then click Edit to edit a TCP policy. The Edit TCP Policy dialog box appears.
Select a policy, then click Delete to delete the policy.
Step 3 Select a policy from the TCP Policy table, then Click Policy Tab to view the policy details or click Associated Proxy Services tab to view the proxy services associated with the policies.
TCP Policy Details
Fields
|
Description
|
Policy
|
Policy Name
|
Name of the TCP Policy.
|
MSS
|
The maximum segment size (MSS), in bytes, that the connection will identify in the SYN packet that it generates.
|
Syn Timeout
|
The connection establishment timeout.
|
Inactivity Timeout
|
The amount of time, in seconds, that an established connection can be inactive.
|
Reassembly Timeout
|
The amount of time, in seconds, before the reassembly queue is cleared. If the transaction is not complete within the specified time, the reassembly queue is cleared and the connection is dropped.
|
Fin Timeout
|
The FIN wait timeout in seconds.
|
Buffer Share Rx
|
The maximum receive buffer share per connection in bytes.
|
Buffer Share Tx
|
The maximum transmit buffer share per connection in bytes.
|
Associated Proxy Services
|
Name
|
The name of the associated proxy service.
|
Type
|
Type of the proxy service.
|
Side
|
Indicates whether the policy is applied to the client side or server side of the proxy service.
|
Virtual Server
|
The IP address of the virtual server.
|
Server
|
The IP address of the server.
|
Oper Status
|
The operational status of the proxy server.
|
Status
|
The status of the proxy server.
|
Certificate
|
Status of the certificate associated with the proxy service.
|
Related Topics
• Assigning Policies to Proxy Services
• Adding TCP Policy
• Editing TCP Policy
Assigning Policies to Proxy Services
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select a Policy from the object selector. The policy information appears on the page.
Step 3 Select a policy from the Policies table, then click Assign to Proxy Services. The Assign Policy to Proxy Services dialog box appears with the following details:
Field
|
Description
|
Policy
|
The name of the selected policy.
|
Proxy Service Name
|
Name of the proxy service.
|
Client Side (Virtual)
|
Name of the virtual server configured for the proxy service.
|
Selected Services
|
The list of services to which the policy is associated. The list appear only after adding proxy services for the policies.
|
Figure 8-2 Assigning Policies to Proxy Service
Step 4 Select a Proxy Service Name, then click Add >> to add the policy to the selected service.
You can remove the a proxy service from the list. Select a service from the list, then click << Remove.
You can clear all the services selected for assigning to a policy. Select a service from the list, then click Clear All.
Step 5 Click OK to complete the task.
Adding TCP Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select TCP Policy from the object selector. The policy information appears on the page.
Step 3 Click Add... . The Add TCP Policy dialog box appears.
Field
|
Description
|
Policy
|
Policy Name
|
Enter a name for the TCP Policy.
|
MSS
|
Enter the maximum segment size (MSS), in bytes, that the connection will identify in the SYN packet that it generates.
The default is 1460 bytes. The valid range is from 256 to 2460 bytes.
|
Timers
|
Syn Timeout
|
Enter the connection establishment timeout. The default is 75 seconds. The valid range is from 5 to 75 seconds.
|
Inactivity Timeout
|
Enter the amount of time, in seconds, that an established connection can be inactive. The default is 600 seconds. The valid range is 0 to 960 seconds (0 = disabled).
|
Reassembly Timeout
|
Enter the amount of time, in seconds, before the reassembly queue is cleared. If the transaction is not complete within the specified time, the reassembly queue is cleared and the connection is dropped. The default is 60 seconds. The valid range is 0 to 960 seconds (0 = disabled).
|
Fin-wait Timeout
|
Enter the FIN wait timeout in seconds. The default value is 600 seconds. The valid range is from 75 to 600 seconds.
|
Buffer Share
|
Enter the maximum receive buffer share per connection in bytes. The default value is 32768 bytes. The valid range is from 8192 to 262144 bytes.
|
Buffer Share Rx
|
Enter the maximum transmit buffer share per connection in bytes. The default value is 32768 bytes. The valid range is from 8192 to 262144 bytes.
|
Step 4 Click OK to add the new TCP Policy.
Editing TCP Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select TCP Policy from the object selector. The policy information appears on the page.
Step 3 Click Edit... . The Add TCP Policy dialog box appears.
Field
|
Description
|
Policy
|
Policy Name
|
Name of the TCP Policy
|
MSS
|
Modify the maximum segment size (MSS), in bytes, that the connection will identify in the SYN packet that it generates.
The default is 1460 bytes. The valid range is from 256 to 2460 bytes.
|
Timers
|
Syn Timeout
|
Modify the connection establishment timeout. The default is 75 seconds. The valid range is from 5 to 75 seconds.
|
Inactivity Timeout
|
Enter the amount of time, in seconds, that an established connection can be inactive. The default is 600 seconds. The valid range is 0 to 960 seconds (0 = disabled).
|
Reassembly Timeout
|
Enter the amount of time, in seconds, before the reassembly queue is cleared. If the transaction is not complete within the specified time, the reassembly queue is cleared and the connection is dropped. The default is 60 seconds. The valid range is 0 to 960 seconds (0 = disabled).
|
Fin-wait Timeout
|
Enter the FIN wait timeout in seconds. The default value is 600 seconds. The valid range is from 75 to 600 seconds.
|
Buffer Share
|
Enter the maximum receive buffer share per connection in bytes. The default value is 32768 bytes. The valid range is from 8192 to 262144 bytes.
|
Buffer Share Rx
|
Enter the maximum transmit buffer share per connection in bytes. The default value is 32768 bytes. The valid range is from 8192 to 262144 bytes.
|
Step 4 Click OK to save the new configuration for the TCP policy.
Deleting TCP Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select TCP Policy from the object selector. The policy information appears on the page.
Step 3 Select a Policy from the list, then click Delete.
SSL Policy
The SSL policy option allows you to define parameters associated with the SSL stack.
If you do not associate an SSL policy with a particular proxy server, the proxy server enables all the supported cipher suites and protocol versions by default.
Viewing SSL Policy
To view SSL Policy:
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select SSL Policy from the object selector. The policy information appears on the page.
Field
|
Description
|
SSL Policies
|
Policy Name
|
The name of the SSL policy.
|
Number of Proxy Services (Use Count)
|
Number of proxy services using the SSL Policy.
|
Select a policy from the SSL Policies table, then Click Policy Tab to view the policy details or click Associated Proxy Services tab to view the proxy services associated with the policies
Select a policy, then click Assign to Proxy Services to assign a policy to the proxy services.
Click Add to add a TCP policy. The Add TCP Policy dialog box appears.
Select a policy, then click Edit to edit a TCP policy. The Edit TCP Policy dialog box appears.
Select a policy, then click Delete to delete the policy.
SSL Policy Details
Field
|
Description
|
Policy
|
Version
|
The version of the SSL to one of the following:
•ALL—Both SSL3 and TLS1 versions are used.
•SSL3—SSL version 3 is used.
•TLS1—TLS version 1 is used.
|
Close Protocol
|
Indicates whether the SSL close-protocol behaviour is present.
|
Session Cache
|
Indicates whether the session caching is enabled.
|
Handshake Timeout (secs)
|
The amount of time the module keeps the connection in hadshake phase.
|
Absolute
|
Indicates whether the values should be absolute values.
|
Session Timeout (secs)
|
The amount of time the module waits for the session timeout.
|
Cipher Suites
|
The list of cipher-suites acceptable to the proxy server.
|
Associated Proxy Services
|
Name
|
Name of the proxy service.
|
Type
|
Type of the proxy service.
For example: Server Proxy.
|
Side
|
The side to which the policy is applied.
|
Client Side (Virtual)
|
The IP address of the virtual server.
|
Server
|
The IP address of the server.
|
Oper Status
|
Indicates the operational status of the proxy service.
|
Status
|
Indicates the status of the proxy service.
|
Certificate
|
Status of the certificate associated with the proxy.
|
Related Topics
• Assigning Policies to Proxy Services
• Adding SSL Policies
• Editing SSL Policies
Adding SSL Policies
Step 1 Click Setup from the Task bar.
Step 2 Click Policies on the left-most pane, then select SSL Policy from the object selector. The policy information appears on the page.
Step 3 Click Add... . The Add SSL Policy dialog box appears.
Field
|
Description
|
Policy
|
Policy Name
|
Enter a name for your new SSL Policy.
|
Version
|
Select a version for the SSL Policy.
Values are:
•ALL—Both SSL3 and TLS1 versions are used.
•SSL3—SSL version 3 is used.
•TLS1—TLS version 1 is used.
|
Close Protocol
|
Indicate whether to use an SSL close protocol.
Values are:
•SSL close protocol is not followed
•Follow strict SSL close protocol.
|
Handshake Timeout (Secs)
|
Enter the handshake timeout in seconds.Valid values are from 0 to 65535 seconds.
|
Absolute
|
Indicates whether the values should be absolute values.
|
Session Timeout (Secs)
|
Enter the session timeout in seconds. Valid values are from 0 to 72000 seconds.
|
Absolute
|
Select the check-box to view the abosolute values.
|
Session Cache
|
Select Enabled to enable session cache. You can decide not to cache the session by selecting Disabled.
|
Session Cache Size
|
The size of the Session Cache. Select Absolute check-box to view the absolute value.
|
Cipher Suite
|
Select the cipher-suite from the list.
The Cipher-suites that are acceptable to the proxy-server are:
•RSA_WITH_3DES_EDE_CBC_SHA—RSA with 3des-sha.
•RSA_WITH_DES_CBC_SHA—RSA with des-sha.
•RSA_WITH_RC4_128_MD5—RSA with rc4-md5.
•RSA_WITH_RC4_128_SHA—RSA with rc4-sha.
•all—All supported ciphers.
|
Step 4 Click OK to add the new SSL Policy.
Related Topics
• Viewing SSL Policy
• Editing SSL Policies
Editing SSL Policies
To edit SSL Policies:
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select SSL Policy from the object selector. The policy information appears on the page.
Step 3 Click Edit... . The Edit SSL Policy dialog box appears.
Field
|
Description
|
Policy
|
Policy Name
|
Enter a name for your new SSL Policy.
|
Version
|
Select a version for the SSL Policy.
Values are:
•ALL—Both SSL3 and TLS1 versions are used.
•SSL3—SSL version 3 is used.
•TLS1—TLS version 1 is used.
|
Close Protocol
|
Indicate whether to use an ssl close protocol.
Values are:
•SSL close protocol is not followed
•Follow strict SSL close protocol.
|
Handshake Timeout (Secs)
|
Enter the handshake timeout in seconds.Valid values are from 0 to 65535 seconds.
|
Session Timeout (Secs)
|
Enter the session timeout in seconds. Valid values are from 0 to 72000 seconds.
|
Session Cache
|
Select Enabled to enable session cache. You can decide not to cache the session by selecting Disabled.
|
Session Cache
|
Select Enabled to enable session cache. You can decide not to cache the session by selecting Disabled.
|
Cipher Suite
|
Select the cipher-suite from the list.
The Cipher-suites that are acceptable to the proxy-server are:
•RSA_WITH_3DES_EDE_CBC_SHA—RSA with 3des-sha
•RSA_WITH_DES_CBC_SHA—RSA with des-sha
•RSA_WITH_RC4_128_MD5—RSA with rc4-md5
•RSA_WITH_RC4_128_SHA—RSA with rc4-sha
•al—All supported ciphers
|
Step 4 Click OK to apply the new values.
Related Topics
• Viewing SSL Policy
• Adding SSL Policies
Deleting SSL Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select SSL Policy from the object selector. The policy information appears on the page.
Step 3 Select a Policy from the list, then click Delete.
HTTP Header Insertion Policy
HTTP header insertion is performed for the following methods: GET, HEAD, PUT, TRACE, POST, DELETE. HTTP header insertion is not performed for the CONNECT method.
Note You can configure up to 100 HTTP header insertion policies, each policy consisting of up to 32 prefixes or headers. Prefix and custom headers can include up to 240 characters.
•Client Certificate Headers--Allow the backend server to see the attributes of the client certificate that the SSL module has authenticated and approved. Client certificate headers are sent only once per session. The server is expected to cache these values using the session ID, which is also inserted with the headers. In subsequent requests, the server uses the session ID to look up the cached client certificate headers on the server itself.
If the client does not send a certificate, the SSL handshake fails. There is no data phase or header insertion.
–Client IP and Port Address Headers
–Network address translation (NAT) changes the client IP address and destination TCP port number information. server to see the client IP address and number.Custom Headers
•You can configure up to 16 custom headers per HTTP header policy. The custom string connections as coming from the SSL module, and not from other appliances. A prefix is not added to standard HTTP headers from the client. The SSL Session Headers-- including the session ID, are used to cache client certificates based on the session ID. Session headers are also cached based on the session ID if the server wants to track connections based on a particular cipher suite. The SSL module inserts the full session headers in the HTTP request during full SSL handshake, but inserts only the session ID when the session resumes.
When you configure the SSL module as a client, the SSL module inserts the session ID of the connection between the module and the backend SSL server.
Viewing HTTP Header Insertion Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select HTTP Header Insertion Policies from the object selector. The policy information appears on the page.
The following fields appear:
Fields
|
Description
|
Policy Name
|
Name of the policy.
|
Use Count
|
Number of proxy services using the policy.
|
Select a policy from the HTTP Header Insertion Policy table, then Click Policy Tab to view the policy details or click Associated Proxy Services tab to view the proxy services associated with the policies
Select a policy, then click Assign to Proxy Services to assign a policy to the proxy services.
Click Add to add a new TCP policy. The Add TCP Policy dialog box appears.
Select a policy, then click Edit to edit a TCP policy. The Edit TCP Policy dialog box appears.
Select a policy, then click Delete to delete the policy.
Fields
|
Description
|
Policy
|
Policy Name
|
The name of the policy.
|
General
|
Prefix
|
The prefix or the type of header.
|
Client Certificate Insertion
|
Indicates whether the client certificate insertion is enabled.
|
Client Ip Port Insertion
|
Indicates whether the client IP Port insertion is enabled.
|
Session Header Insertion
|
Indicates whether the Session Header insertion is enabled.
|
Custom Headers
|
Header Name
|
The user-defined header verbatim in the HTTP header.
|
Value
|
Value of the header.
|
Associated Proxy Services
|
Name
|
The name of the proxy service associated with the policy.
|
Type
|
The type of the proxy service.
Example: Server Proxy.
|
Virtual Server
|
The IP address of the virtual server.
|
Server
|
The IP address of the server.
|
Oper Status
|
The operational status of the service.
|
Status
|
The status of the proxy service.
|
Certificate
|
The status of the certificate associated with the proxy service.
|
Related Topics
• Adding HTTP Header Insertion Policy
• Editing HTTP Header Insertion Policy
Adding HTTP Header Insertion Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select HTTP Header Insertion Policy from the object selector. The policy information appears on the page.
Step 3 Click Add... . The Add HTTP Header Insertion Policy dialog box appears:
Field
|
Description
|
Policy
|
Policy Name
|
Enter a name for your new policy.
|
Prefix
|
Enter a prefix to be used with the policy.
For example: cisco.com
|
Client Certificate Insertion
|
Select Enabled to enable the client certificate insertion.
|
Client IP Port Insertion
|
Select Enabled to enable the client IP port insertion.
|
Session Header Insertion
|
Select Enabled to enable Session Header Insertion.
|
Custom Headers
|
Header
|
The user-defined header verbatim in the HTTP header. You can include up to 16 custom headers per HTTP header policy.
Click Add to add the header name.
|
Value
|
Enter a header name, then enter the value.
Click Add to add a value to the header.
|
Step 4 Click OK to add the new policy.
Related Topics
• Viewing HTTP Header Insertion Policy
• Editing HTTP Header Insertion Policy
Editing HTTP Header Insertion Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select HTTP Header Insertion Policy from the object selector. The policy information appears on the page.
Step 3 Click Edit... . The Edit HTTP Header Insertion Policy dialog box appears:
Field
|
Description
|
Policy
|
Policy Name
|
Name of the policy.
|
Prefix
|
Modify the existing prefix or you can enter a new prefix.
|
Client Certificate Insertion
|
Select Enabled to enable the client certificate insertion.
|
Client IP port Insertion
|
Select Enabled to enable the client IP Port insertion.
|
Session Header Insertion
|
Select Enabled to enable the Session Header insertion.
|
Custom Headers
|
Header
|
The user-defined header verbatim in the HTTP header. You can configure up to 16 custom headers per HTTP header policy.
|
Value
|
Enter the value.
|
Step 4 Click OK to apply the modifications.
Related Topics
• Viewing HTTP Header Insertion Policy
• Adding HTTP Header Insertion Policy
Deleting HTTP Header Insertion Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select HTTP Header Insertion Policy from the object selector. The policy information appears on the page.
Step 3 Select a Policy from the list, then click Delete.
URL Rewrite Policy
The URL rewrite feature supports the rewriting of redirection links. The system scans only the "Location:" HTTP header field in the response from the server and rewrites the rules accordingly. The URL rewrite feature does not support embedded links.
The URL rewrite feature rewrites the protocol and the nondefault port (default ports are port 80 for cleartext and port 443 for SSL).
Note You can configure up to 100 URL rewrite policies, each policy consisting of up to 32 rewrite rules per SSL proxy service, up to 200 characters per rule.
Follow these guidelines for URL rewrite:
•An exact URL match takes precedence over a wildcard rule. A suffix wildcard rule takes precedence over a prefix wildcard rule.
For example, www.cisco.com takes precedence, then www.cisco.*, then *.cisco.com.
•Enter only one suffix or prefix wildcard rule at one time. For example, do not enter www.cisco.* and www.cisco.c* in the same policy. Similarly, do not enter *w.cisco.com and *.cisco.com in the same policy.
•Do not enter two exact URL match rules in the same policy. For example, do not enter www.cisco.com clearport 80 sslport 443 and www.cisco.com clearport 81 sslport 444 in the same policy. In this case, the second rule entered overwrites the first rule.
•URL rewrite is performed for both offload and backend (HTTP-to-HTTPS, and HTTPS-to-HTTP). This includes port rewrites.
Viewing URL Rewrite Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select URL Rewrite Policy from the object selector. The policy information appears on the page.
The following fields appear:
Fields
|
Description
|
Policy Name
|
The name of the URL-Rewrite policy.
|
Number of Proxy Services (Use Count)
|
Number of proxy services using the SSL Policy.
|
Select a policy from the URL Rewrite Policy table, then Click Policy Tab to view the policy details or click Associated Proxy Services tab to view the proxy services associated with the policies
Select a policy, then click Assign to Proxy Services to assign a policy to the proxy services.
Click Add to add a URL Rewrite Policy. The Add URL Rewrite Policy dialog box appears.
Select a policy, then click Edit to edit a URL Rewrite Policy. The Edit URL Rewrite Policy dialog box appears.
Select a policy, then click Delete to delete the policy.
URL Rewrite Policy Details
Fields
|
Description
|
Policy
|
Policy Name
|
Name of the selected policy.
|
URL Host String
|
The host string of the URL.
|
HTTP Port
|
The HTTP port to be used for the traffic.
|
HTTPS Port
|
The HTTPS port to be used for the traffic.
|
Associated Proxy Services
|
Name
|
The name of the associated proxy service.
|
Type
|
The type of the proxy service.
For example: Server Proxy.
|
Client Side
|
The IP address of the virtual server.
|
Server
|
The IP address of the server.
|
Oper Status
|
The operational status of the server.
|
Certificate
|
Status of the certificate associated with the proxy service.
|
Related Topics
• Adding URL Rewrite Policy
• Editing URL Rewrite Policy
Adding URL Rewrite Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select URL Rewrite Policy from the object selector. The policy information appears on the page.
Step 3 Click Add... . The Add URL Rewrite Policy dialog box appears.
Field
|
Action/Description
|
Policy Name
|
Enter a name for the policy.
|
URL Host String
|
The host string of the url.
|
HTTP Port
|
The HTTP Port to be used for the traffic.
|
HTTPS Port
|
The HTTPS port to be used for the traffic.
|
URL Host String
|
Enter the URL host string for rewriting, then click Add to create the new URL Rewrite Rule.
|
HTTP Port
|
(Optional) Enter the clear port value.
The HTTP port specifies the port portion of the URL to be rewritten. If you do not enter a value, the default value is used.
|
HTTPS Port
|
(Optional) Enter the HTTPS port value.
The HTTPS port specifies the port portion of the URL that should be rewritten.If you do not enter a value, the default value is used.
|
You can specify URL alone. But you cannot add clear port and SSL port without entering a URL value.
Note You can configure up to 32 rewrite rules per SSL proxy service, up to 240 characters per rule. You should enter only one suffix or prefix wildcard character (*) only once per rewrite rule.
To remove a URL Rewrite Rule, select the rule from the table, then click Remove.
Step 4 Click OK to add the new policy.
Related Topics
• Viewing URL Rewrite Policy
• Editing URL Rewrite Policy
Editing URL Rewrite Policy
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select URL Rewrite Policy from the object selector. The policy information appears on the page.
Step 3 Select a policy, then click Edit... . The Edit URL Rewrite Policy dialog box appears.
The following fields appear:
Field
|
Action/Description
|
Policy Name
|
Enter a name for the policy.
|
URL Host String
|
The host string of the url.
|
HTTP Port
|
The HTTP Port used for the traffic.
|
HTTPS Port
|
The HTTPS port used for the traffic.
|
URL Host String
|
Enter the URL for rewriting, then click Add to create the new URL Rewrite Rule.
|
HTTP Port
|
(Optional) Enter the clear port value.
The HTTP port specifies the port portion of the URL to be rewritten. If you do not enter a value, the default value is used.
|
HTTPS Port
|
(Optional) Enter the HTTPS port value.
The HTTPS port specifies the port portion of the URL that should be rewritten. If you do not enter a value, the default value is used
|
You can specify URL alone. But you cannot add Clear Port and SSL Port without entering a URL value.
Note You can configure up to 32 rewrite rules per SSL proxy service, up to 240 characters per rule. You should enter only one suffix or prefix wildcard character (*) only once per rewrite rule.
To remove a URL Rewrite Rule, select the rule from the table, then click Remove.
Step 4 Click OK to modify values.
Related Topics
• Viewing URL Rewrite Policy
• Adding URL Rewrite Policy
• Viewing URL Rules and Outcome
Viewing URL Rules and Outcome
The URL Rules and Outcome dialog box helps you view the URL rules you have set and the outcome of the rules.
To view URL Rules and Outcome:
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select URL Rewrite Policy from the object All Router View. The policy information appears on the page.
Step 3 Select a policy from the table. The details appear on the URL Rewrite Policy Details pane. If you have set a URL rewrite for the policy, The View Rules and Outcome button will be active.
Step 4 Click View Rules and Outcome. The Rules and Outcome dialog box appears.
To view rules and outcome for server proxy, Click Rules and Outcome for Client Proxy tab. The following fields appear:
Field
|
Action/Description
|
URLs that Match
|
URL match criterion.
|
URL Rewrite
|
The new URL.
|
To view rules and outcome for server proxy, Click Rules and Outcome for Server Proxy tab. The following fields appear:
Field
|
Action/Description
|
URLs that Match
|
URL match criterion.
|
URL Rewrite
|
The new URL.
|
Deleting URL Rewrite Policy
To delete a policy:
Step 1 Click Setup from the Task bar.
Step 2 Click Policies from the left-most pane, then select URL Rewrite Policy from the object selector. The policy information appears on the page.
Step 3 Select a Policy from the list, then click Delete.
