Address consolidation

Unanswered Question

Good afternoon, I think I know my answer but I'm hoping somebody has something up there sleave that can assist me.

The Problem is this,

I currently have a pair of 11506 without the SSL license hosting like 35 ssl sites utilizing layer 3 rules.

The certificates are terminated on the individual web servers.

The Application folks are asking if the CSS's can consolidate the VIP addresses via layer 5 rules? For they are needing approx another 10 to 15 more ssl sites?

What I'm looking for are what are my options?

I know I could do this if I terminated certs on the CSS's, but is there another way to do this without terminating the certs on the CSS's?

If I utilized redirects to ssl would this work? or will this work for only non inital ssl requests?

any help would be helpful.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Fri, 06/22/2007 - 04:26
User Badges:
  • Cisco Employee,

you simply can't do anything else than L3 rule with SSL traffic unless you terminate SSL on the device.

This is true for any loadbalancers.



This Discussion