BM-CSS-SEC# sh run !Generated on 01/02/2008 06:12:27 !Active version: sg0810106 configure !*************************** GLOBAL *************************** global-portmap base-port 33100 range 30000 no restrict web-mgmt username admin des-password dfmhgggcla4engifva2hmcsb5doc3amb superuser app session 192.168.10.19 app ssl associate rsakey BMKEYFILE BMRSAKEY ssl associate cert BMORIGCERTFILE new64.cer ftp-record BM-FTP 192.168.10.6 css des-password sgxdweberhpbgb6g ip route 0.0.0.0 0.0.0.0 192.168.10.1 1 !************************* INTERFACE ************************* interface 1/1 isc-port-one interface 1/2 isc-port-two interface 2/1 bridge vlan 10 !************************** CIRCUIT ************************** circuit VLAN10 ip address 192.168.10.20 255.255.255.0 ip virtual-router 1 ip redundant-vip 1 192.168.10.171 ip redundant-interface 1 192.168.10.26 !*********************** SSL PROXY LIST *********************** ssl-proxy-list UAT ssl-server 1 ssl-server 1 rsakey BMKEYFILE ssl-server 1 vip address 192.168.10.171 ssl-server 1 cipher rsa-export1024-with-rc4-56-sha 192.168.10.171 80 weight 10 ssl-server 1 cipher rsa-with-3des-ede-cbc-sha 192.168.10.171 80 weight 9 ssl-server 1 cipher rsa-with-rc4-128-sha 192.168.10.171 80 weight 8 ssl-server 1 cipher rsa-with-rc4-128-md5 192.168.10.171 80 weight 7 ssl-server 1 rsacert BMORIGCERTFILE active !************************** SERVICE ************************** service SSLMOD type ssl-accel slot 4 keepalive type none add ssl-proxy-list UAT active service UAT-1 ip address 192.168.10.6 port 80 protocol tcp redundant-index 1 keepalive type tcp keepalive port 9080 active service UAT-2 port 80 protocol tcp redundant-index 2 ip address 192.168.10.86 keepalive type tcp keepalive port 9080 active service UAT-3 ip address 192.168.10.8 port 80 protocol tcp redundant-index 3 keepalive port 9080 keepalive type tcp active !*************************** OWNER *************************** owner BMAPP-CBS content CBS-UAT vip address 192.168.10.171 add service UAT-1 add service UAT-2 add service UAT-3 protocol tcp port 80 url "/*" redundant-index 101 advanced-balance sticky-srcip active content SSL-CBS-UAT application ssl protocol tcp port 443 vip address 192.168.10.171 add service SSLMOD active !*************************** GROUP *************************** group SourceNAT vip address 192.168.10.171 add destination service UAT-1 add destination service UAT-2 add destination service UAT-3 redundant-index 201 active BM-CSS-SEC#