×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

CSS SSL Transparent proxy + Back-end server config

Unanswered Question
Nov 15th, 2005
User Badges:

Please have anybody a css1150x config which match with the scenario shown on page 8-4 that you can find in the following url:

http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_740/sslgd/examples.pdf


The only diference with my installatón is that we have only a SSL module. Except for this (only one ssl module) my scenario is the same. Our clients use multiple http connectons for shopping or browsing and e few SSL connection to make orders and pay.

We need cookie stickiness, because we can´t use other type of stickness (src-dest, ssl id, etc).

We need terminate ssl tunnels on the ssl module (client side) and also iniciate ssl tunnels (servers side)at the same time.

Thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Tue, 11/15/2005 - 10:28
User Badges:
  • Cisco Employee,

the config would be exactly the same with just 1 module.

simply remove from the config all reference to ssl_module2.


Regards,


Gilles.

nacho Wed, 11/16/2005 - 01:41
User Badges:

Please can you tell me if the attach configuration could work under the following premises:


- The same real servers are used for both http and https (192.168.178.20 and 192.168.178.21).


- We also use the same virtual ip for both http and https (192.168.168.73).


- We need that http traffic be balanced and passes transparently trought the CSS. Https traffic shoud be decripted balanced over backend servers and encryted again.


- Also we need that for the same client shopping the http and https sessions terminate on the same server. For this propose we implemente stickiness in base to arrow-point cookies, creates by the CSS.


Thans in advance



Actions

This Discussion