I am having difficulty configuring a sorry server for an existing https serverfarm. The sorry (backup) server is failing all connections and I think it's because I can not determine a way to differentiate ssl connections for the production serverfarm and non-ssl connections for the sorry server. Here is the load balance policy:
policy-map type loadbalance http first-match WWW-HTTPS-LBP
serverfarm WWW-HTTPS backup WWW-OUTAGE
ssl-proxy client CLIENT-SSL-PROXY
The WWW-HTTPS serverfarm is comprised of HTTPS real servers, hence the necessity of the ssl-proxy client; however, when the WWW-HTTPS serverfarm is offline, the ssl-proxy can't connect to the WWW-OUTAGE serverfarm as the real server in that farm is HTTP only.
Has anyone run into this scenario before?
The ssl-proxy client forces the connection on the backend (to the real server to be https).
You should instead create a redirect serverfarm and use it to redirect the user to an http vserver where you can use your http serverfarm without the ssl-proxy client.