01-31-2007 07:37 AM
I can't figure out why this isn't working...it is basic config, and I am eventually trying to to back-end SSL termination. Need basic connectivity first though. If anyone can assist that would be great.
thanks in advance!
CSS11501# term len 0
CSS11501# sh run
!Generated on 01/15/2007 20:38:54
!Active version: sg0810106
configure
!*************************** GLOBAL ***************************
!************************* INTERFACE *************************
interface e1
phy 100Mbits-FD
description "SCTREC02"
bridge vlan 55
interface e2
phy 100Mbits-FD
description "SCTREC02-9/11"
bridge vlan 255
!************************** CIRCUIT **************************
circuit VLAN55
ip address 161.19.55.5 255.255.255.192
ip virtual-router 55
ip virtual-router 150 priority 105 preempt
ip redundant-interface 55 161.19.55.4
ip redundant-vip 150 161.19.55.8
circuit VLAN255
ip address 161.19.55.66 255.255.255.192
ip virtual-router 255
ip redundant-interface 255 161.19.55.65
!*********************** SSL PROXY LIST ***********************
ssl-proxy-list SSL-PROXY
ssl-server 1
ssl-server 1 vip address 161.19.55.8
ssl-server 1 cipher rsa-with-rc4-128-md5 161.19.55.8 443
ssl-server 1 unclean-shutdown
ssl-server 1 ssl-queue-delay 0
backend-server 20
backend-server 20 ip address 161.19.55.75
backend-server 20 port 443
backend-server 20 cipher rsa-with-rc4-128-md5
backend-server 10
backend-server 10 ip address 161.19.55.74
backend-server 10 port 443
backend-server 10 cipher rsa-with-rc4-128-md5
!************************** SERVICE **************************
service sctam103:1-1
ip address 161.19.55.74
protocol tcp
port 443
keepalive type tcp
keepalive tcp-close fin
keepalive port 443
active
service sctam104:1-1
ip address 161.19.55.75
protocol tcp
port 443
keepalive type tcp
keepalive tcp-close fin
keepalive port 443
active
!*************************** OWNER ***************************
owner AMLDAP
content services-sys:ssl
vip address 161.19.55.8
protocol tcp
port 443
add service sctam103:1-1
add service sctam104:1-1
active
CSS11501#
Solved! Go to Solution.
02-05-2007 09:02 AM
try setup a group -
group
add destination service sctam103:1-1
add destination service sctam104:1-1
vip address 161.19.55.8
active
I had to add this in the first time I used the CSS models as the return HTTP traffic was coming back with the real server IP rather than the VIP IP. You should run an ethereal trace to see what responses you are getting.
02-05-2007 09:02 AM
try setup a group -
group
add destination service sctam103:1-1
add destination service sctam104:1-1
vip address 161.19.55.8
active
I had to add this in the first time I used the CSS models as the return HTTP traffic was coming back with the real server IP rather than the VIP IP. You should run an ethereal trace to see what responses you are getting.
02-07-2007 07:13 AM
perfect....worked great.
Thanks very much.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide