Advanced Networking Services Guide
Table Of Contents
- vCloud Air Advanced Networking Services Guide
- Contents
- Preface
- Introducing Advanced Networking Services for vCloud Air
- Advanced Routing for vCloud Air
- Certificate and Security Group Management
- Network Security and Isolation
- Load Balancing
- Secure Access Using Virtual Private Networks
- IP Service Management: NAT and DHCP
- Index
Option Description
Mode
Select the mode by which the cookie should be inserted. The following
cookie insertion modes are supported:
n
Insert
The edge gateway sends a cookie. When the server sends one or more
cookies, the client will receive one extra cookie (the server cookies plus
the edge gateway cookie). When the server does not send any cookies,
the client will receive the edge gateway cookie only.
n
Prefix
Select this option when your client does not support more than one
cookie.
NOTE All browsers accept multiple cookies. But you might have a
proprietary application using a proprietary client that supports only
one cookie. The Web server sends its cookie as usual. The edge
gateway injects (as a prefix) its cookie information in the server cookie
value. This cookie added information is removed when the edge
gateway sends it to the server.
n
App Session
For this option, the server does not send a cookie; instead, it sends the
user session information as a URL. For example,
http://mysite.com/admin/UpdateUserServlet;jsessionid=OI2
4B9ASD7BSSD, where jsessionid is the user session information and
is used for the persistence. It is not possible to see the App Session
persistence table for troubleshooting.
Expires in
Enter a length of time in seconds that persistence stays in effect.
Insert X-Forwarded-For HTTP
header
(HTTP and HTTPS) Select Insert X-Forwarded-For HTTP header for
identifying the originating IP address of a client connecting to a Web
server through the load balancer.
Enable Pool Side SSL
(HTTPS Only) Select Enable Pool Side SSL to define the certificate, CAs,
or CRLs used to authenticate the load balancer from the server side in the
Pool Certificates tab.
6 (HTTPS Only) Configure the certificates to be used with the application profile:
Option Description
Virtual Server Certificates
Select the certificate, CAs, or CRLs used to decrypt HTTPS traffic.
Pool Certificates
Define the certificate, CAs, or CRLs used to authenticate the load balancer
from the server side.
NOTE Select Enable Pool Side SSL to enable this tab.
Cipher
Select the cipher algorithms (or cipher suite) negotiated during the
SSL/TLS handshake.
Client Authentication
Specify whether client authentication is to be ignored or required.
NOTE When set to required, the client must provide a certificate after the
request or the handshake is canceled.
What to do next
Add service monitors for the load balancer to define health checks for different types of network traffic. See
“Create a Service Monitor,” on page 43.
vCloud Air Advanced Networking Services Guide
42 VMware, Inc.