Jump to content
Welcome to our new Citrix community!

Content Switching error - Http/1.1 Service Unavailable


Recommended Posts

Hi All,

 

I am trying to setup a unified gateway on my lab.

 

NS version - 12.1.50.31

I have configured unified gateway and XD/SF are configured. They are working as expected while being accessed remotely using the CS Vserver(External facing IP).

External FQDN - unifiedportal.citrixlab.com

 

Now I am trying to publish a webserver using CS with the same external facing IP. These are the steps that I did,

 

1. Created service and pointed to the webserver at http://10.1.1.xx:8080. It's marked as UP.

2. Created LB vserver using IP 10.1.1.yy and port 80. I bound the service to the LB vserver. LB Vserver status is UP as well. I have cross checked by accessing http://10.1.1.yy and the webserver is accessible.

3. AAA Authentication vserver is bound to the LB vserver using form based authentication

4. Created a CS Action and pointed it to the LB vserver.

5. Created CS policy with an expression - HTTP.REQ.USER.NAME.EQ("enduser1"). Above CS Action was bound to the policy.

6. Now I added the above CS policy to the CS Vserver with lowest priority.

 

I expected that this should work. But when I access the external page with username "enduser1", I get the below error. I still get the SF Store URL even though the CSpolicy for the webserver are being hit.

image.thumb.png.538d3101060187769064579c4a658e5e.png

When I access the External FQDN with any other username, I can access my VDI from the SF store.

 

Do let me know if I am missing any steps.

 

Thank you.

 

Link to comment
Share on other sites

"Http/1.1 Service Unavailable" basically means no Content Switch policies apply and it cant go further.

One option could be to remove the CS policy and add the LB VIP as the "Default Load Balance Virtual Service" which can eliminate the CS policy as the issue.

Link to comment
Share on other sites

On 06/03/2019 at 8:17 AM, Carl Behrent said:

No, I haven't configured that.

I got it configured as the default load balance vserver and then I can access the internal webpage remotely. 

401 based authentication is configured on the lbvserver directly.

It works fine even though the CS Policy is removed from the CS vserver.

Link to comment
Share on other sites

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...