Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
487
Views
0
Helpful
2
Replies

CSS SSL Multiple Applications

devsharma
Level 1
Level 1

‎08-05-2009 01:20 PM

Is it possible to do the following on CSS with SSL module:

content ssl-rule

vip address 10.10.10.1

protocol tcp

port 443

add service ssl_module1

application ssl

advanced-balance ssl

active

content rule-1

vip 10.10.10.1

port 80

add service service1

add service service2

active

content rule-2

vip 10.10.10.1

port 8080

add service service1

add service service2

active

content rule-3

vip 10.10.10.1

port 8081

add service service1

add service service2

active

Basically the VIP is same but port numbers differ.

Labels:
0 Helpful
2 Replies 2

jason.espino
Level 1
Level 1

‎08-06-2009 04:18 PM

The configuration you have outlined is fine. You can have multiple content rules with the same VIP address balance upon different inbound ports. However, what VIP/port within the proxy-list do you want the CSS to send the decrypted SSL traffic to?

10.10.10.1:80

10.10.10.1:8080

10.10.10.1:8081

What are you trying to accomplish?

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee

‎08-07-2009 01:26 AM

That's exactly how you have to do it.

Use different rules with the same virtual ip but different port.

You can also have the same port ip, same port but different "url" command so depending on the url requested by the user you performance different type of loadbalancing or send a redirect ...

Gilles.

0 Helpful
Customers Also Viewed These Support Documents