back-end CRule

Unanswered Question
Aug 6th, 2007

On an SSL termination and SSL initiation on a CSS in redundant active/backup mode,

1/ Does it that necessary to add the VIPs of the back-end content rule (meant for proxy-list use), under the circuit's virtual-routers.

2/ How harmful if we use a non-routable arbitrary ip address on these proxy-list and the corresponding back-end CRule. The reason being is that I do not want someone from external to hit this Content Rule and go unencrypted straight onto the servers.

Someone got an answer please...


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
htarra Fri, 08/10/2007 - 12:54

The CSS supports Adaptive Session Redundancy (ASR) on Cisco 11500 series CSS peers in an active-backup VIP redundancy and virtual interface redundancy environment to provide stateful failover of existing flows. To define how the CSS handles content requests when a service fails or is suspended, use the failover command. For the CSS to use this setting, ensure that you configure a keepalive for each service; that is, do not set the keepalive type to none (the keepalive default is ICMP). The CSS uses the keepalive settings to monitor the services to determine server health and availability


This Discussion