URL filtering ACE after description of SSL traffic

Unanswered Question
Nov 5th, 2008
User Badges:

We currently have a Cisco CSS11501 which we have configured with SSL offloading.


We offload the SSL traffic and after description of the ssl traffic we perform URL filtering.


Can the Ace 4710 Appliance do the same?


I have attached the current configuration of the css.


Regards,


Richard



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Syed Iftekhar Ahmed Thu, 11/06/2008 - 14:21
User Badges:
  • Blue, 1500 points or more

With the below config


Traffic matching 10.10.10.10:443 will be SSL offloaded and then

will be loadbalanced using rservers in Serverfarm "APP1-SFARM" if

the request includes "/matchthis".



ssl-proxy service APP1-SSL-PROXY

key default-key.pem

cert default-cert.pem



class-map match-all APP1-443-VIP

2 match virtual-address 10.10.10.10 tcp eq https




class-map type http loadbalance match-any APP1-URLMAP

2 match http url /matchthis.*


policy-map type loadbalance first-match APP1-Policy

class APP1-URLMAP

serverfarm APP1-SFARM

policy-map multi-match VIPS-VLAN79

class APP1-443-VIP

loadbalance vip inservice

loadbalance vip icmp-reply active

loadbalance policy APP1-Policy

ssl-proxy server APP1-SSL-PROXY


HTH

Syed iftekhar Ahmed

Actions

This Discussion