In the past when configuring an 11501 for use with http load balancing I was able to have the VIP and the Service IPs in the same subnet.
I now have an SSL module and would like to continue that form of usage, Ie. http and ssl VIPs are in the same subnet as the service servers. Is this possible?
I have not seen any docs to explicitly say it is not possible and http examples here on cisco.com repeatedly show http load balance setup this way, but all SSL examples show the VIP in a different subnet.
I am mainly trying to save myself work, because I already have a simple firewall design going...basically just inside and outside, and would like to avoid needing to add a DMZ to allow this as only a choice few servers in my farm will go through the CSS for service. I would like to keep all servers in the same subnet if possible. Thanks...