05-11-2007 06:25 AM
Currently CSS terminates SSL connections for 2 backend web servers. Do these web servers need to be physically connected the CSS switch module ? Or can I move them to another segment of the network ?
Right now the reverse proxy function stops working if I move those web servers off the switch module of the CSS
Thanks
Dave
05-11-2007 10:00 AM
if the CSS is on another segment
different than the servers and there is a firewall in between then you must allow the keepalives to traverse through the firewall between the CSS and the servers. In case of either a router/firewall between two segments ,you need to make sure that return traffic doesnt bypass CSS.You can achieve this by using source natting.
Syed
05-11-2007 10:04 AM
Okay, well right now my CSS and the web servers are on the same segment. I'll get this working first before I move them across the firewall interface. Is there any special config I need to do on the CSS in order to get the connections working on the same segment but off the switch nodule of the CSS ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: