Keepalives from CSS to SSLM(cat6500 blade)

Unanswered Question
Jun 13th, 2007
User Badges:

I'm moving from SCA2's to SSLM's(cat6500 Blade), We are using the config below and it works fine but I require to do keepalives to each of the ssl-proxy services.

I've tried to config it the way it was done on the SCA config by using the same IP but changing the ports for each services but SSL-M didn't like this.

Any suggestions ?

content test

protocol tcp

port 443

redundant-index 3

vip address xx.xx.56.156

balance srcip

add service PRTSSL001-UKGR

add service PRTSSL002-UKGR


service PRTSSL001-UKGR

redundant-index 103

ip address

type transparent-cache


ssl-proxy service test

virtual ipaddr xx.xx.58.156 protocol tcp port 443 secondary

virtual policy ssl prtpolicy

server ipaddr protocol tcp port 8050

certificate rsa general-purpose trustpoint yyyyyyyyyyyyy

no nat server

trusted-ca PRT-CA

authenticate verify all


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
brispin Wed, 06/20/2007 - 10:57
User Badges:

You can use SSL probes on the CSM by use of the TCL script. It is not a true SSL probe, but it will send a SSL client hello and expect a SSL server hello. Example config probe sslProbe script #script SSL_PROBE [0]


This Discussion