I am having a heck of a time getting SSL Offloading and load balancing to work with a product from a company called internet Dashboard. I really believe the isses to be the APP.
I have the SSL offloading configured and it works. The load balancing is straight forward and working as well. The setup is two servers and the DB server (not involoved in LB or SSL) in our DMZ. The 11501's (in an ASR pair) are one armed into the DMZ switches. Everything is cross connected in the switching environment. Proxy-Arp is disabled. Config is attached and showing good Cert associations.
What has been happening is we will get a loss of connection between the App servers and the DB server resulting in a General Network Error (Microsoft's latest equivilant to the famous General Protection Fault). This now appears to have been a problem with Win2K3 and SP2 and Broadcom drivers and was eliminated with a driver upgrade and disabling 'Chimney Offloading" on the servers.
Now, when I place the servers behind the 11501s and enable the SSL, I get a "Bad Request (Invalid Hostname)" error right after the cert exchange. However, when I go directly to the server by IP and bypass the VIP and SSL, it works fine.
This leads me to believe there is a DNS issue or other App based problem, but as I'm the only one who works with the CSSs here, I would like a second opinion.
Can anyone see something I have overlooked? I would appreciate any comments.
One last thing about the config. I know I have all the services, content and group suspended. I've had to back out the SSL termination and LB - again.