443 connection map to other port

Unanswered Question
Dec 4th, 2007

hi,

i have problem when from client using https/443 to load balancer and from load balancer using other ports, let say using 4443.. Can this works, because i'm trying mapping from load balancer to server can not running.

Illustration :

Client using https to load balancer,

and from

Load balancer using port 4443 to server

can anyone in this forum can help me.??

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Wed, 12/05/2007 - 05:20

this can be done.

All you have to do is specify the server port to be 4443.

On the CSS this is done with the command 'port 4443' in the service definition.

On the CSM you specify the port when defining the real in the serverfarm

ie: real x.x.x.x 4443

inservice

Gilles.

giordano234 Thu, 12/06/2007 - 07:37

additional infromation;

client using MS Soap Toolkit version 2 and Server using Oracle 10i.

So from MS Soap Toolkit using 443 to Load Balancer, and Load Balancer nothing to do for termination because ssl termination on the server side, but the server listening from 4443.

from this case, i think load balancer need mapping port from client for passthrough to server side using 4443.

what the mean with specify the server port to be 4443, how about from client side ? on the content configuration need define application ssl and port 443 ?

giordano

Syed Iftekhar Ahmed Thu, 12/06/2007 - 10:38

You donot need to map any thing.

Your Virtual server will be configured to listen on port 443 and as Gilles suggested your real server definitions will change the destination port from 443 to listening port (4443 in your case) configured on the real servers.

If you tell us which LB you are using we can give you an example config.

Syed Iftekhar Ahmed

giordano234 Thu, 12/06/2007 - 10:42

i'm using Cisco CSS 11503 without ssl module, because ssl termination on server side

can you give me example Syed ?

Thanks for your advice

Gilles Dufour Thu, 12/06/2007 - 11:56

as I said, you just need to add the port command under the service definition

ie:

service server1

ip address x.x.x.x

port 4443

active

owner mycompany

content ssl

vip x.x.x.x

port 443

add service server1

acitve

Gilles.

b.petronio Fri, 01/04/2008 - 02:16

Can i ask how it will be the configuration, if there was a SSL Module ?

Best Regards,

Bruno Petrónio

Actions

This Discussion