Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

6500 CSM with SSL, gw on real servers.

I've got a CSM with SSL module. Is it necessary on real serversto point the gateway on CSM VIP or can I pass by the 6500 with CSM and SSL and point the gatway to the router in the network before 6500?

It's not clear to me from docs if the connections going through the SSL must be going back through CSM.

any hints?

tia

  • Application Networking
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: 6500 CSM with SSL, gw on real servers.

The CSM must see both side of a connection or it will close the connection with a RESET.

So, yes, the traffic from the real server must go back to the CSM.

There is a way to avoid this called 'Direct Server Return' but I would not recommend it unless you are an expert with CSM.

Gilles.

1 REPLY
Cisco Employee

Re: 6500 CSM with SSL, gw on real servers.

The CSM must see both side of a connection or it will close the connection with a RESET.

So, yes, the traffic from the real server must go back to the CSM.

There is a way to avoid this called 'Direct Server Return' but I would not recommend it unless you are an expert with CSM.

Gilles.

120
Views
0
Helpful
1
Replies
This widget could not be displayed.