Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACE XML SSL termination

hello,

I have a problem found any guide, which describes SSL termination on ACE Web Application Firewall.

I have terminated outside connection on ACE, then load-balance two WAF. I need terminate SSL after ACE, on WAF.

Can anybody redirect me to any 'howto'? Cisco doc is not clear for me.

martin

2 REPLIES

Re: ACE XML SSL termination

Hi MArtin,

Kindly find some links , might be they useful for you:

1. Configure ACE with SSL Termination and URL Rewrite

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3045.shtml

2. SSL Termination on the Cisco Application Control Engine Without an Existing Chained Certificate and Key in Routed Mode Configuration Example

http://docwiki.cisco.com/wiki/SSL_Termination_on_the_Cisco_Application_Control_Engine_Without_an_Existing_Chained_Certificate_and_Key_in_Routed_Mode_Configuration_Example

3. Cisco Application Control Engine (ACE) Module Troubleshooting Guide, Release A2(x) -- Troubleshooting SSL

http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Module_Troubleshooting_Guide,_Release_A2(x)_--_Troubleshooting_SSL

Sachin garg

New Member

Re: ACE XML SSL termination

Hello Sachin,

all this links shows SSL termination on ACE module/appliance. I have no problem with this. I will terminate SSL on 'ACE Web Application Firewall (WAF)' (ACE XML Gateway). I found some design guides and there was described three designs:

1. SSL terminated on ACE module, over WAF clear HTTP

2. SSL through ACE module, SSL terminated on WAF, after WAF clear HTTP

3. SSL over ACE, SSL terminated on WAF and next SSL to server

I need configure design 2.

Reason: I have two context placed on different network location (for example two DMZs) for incomming HTTPS traffic. From both contexts is connection directed to same WAF. It's clear for me terminate SSL on one place (WAF), as on two places (two contexts).

martin

183
Views
0
Helpful
2
Replies