Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Config Info - CSS Newbie

I can't figure out why this isn't working...it is basic config, and I am eventually trying to to back-end SSL termination. Need basic connectivity first though. If anyone can assist that would be great.

thanks in advance!

CSS11501# term len 0

CSS11501# sh run

!Generated on 01/15/2007 20:38:54

!Active version: sg0810106

configure

!*************************** GLOBAL ***************************

!************************* INTERFACE *************************

interface e1

phy 100Mbits-FD

description "SCTREC02"

bridge vlan 55

interface e2

phy 100Mbits-FD

description "SCTREC02-9/11"

bridge vlan 255

!************************** CIRCUIT **************************

circuit VLAN55

ip address 161.19.55.5 255.255.255.192

ip virtual-router 55

ip virtual-router 150 priority 105 preempt

ip redundant-interface 55 161.19.55.4

ip redundant-vip 150 161.19.55.8

circuit VLAN255

ip address 161.19.55.66 255.255.255.192

ip virtual-router 255

ip redundant-interface 255 161.19.55.65

!*********************** SSL PROXY LIST ***********************

ssl-proxy-list SSL-PROXY

ssl-server 1

ssl-server 1 vip address 161.19.55.8

ssl-server 1 cipher rsa-with-rc4-128-md5 161.19.55.8 443

ssl-server 1 unclean-shutdown

ssl-server 1 ssl-queue-delay 0

backend-server 20

backend-server 20 ip address 161.19.55.75

backend-server 20 port 443

backend-server 20 cipher rsa-with-rc4-128-md5

backend-server 10

backend-server 10 ip address 161.19.55.74

backend-server 10 port 443

backend-server 10 cipher rsa-with-rc4-128-md5

!************************** SERVICE **************************

service sctam103:1-1

ip address 161.19.55.74

protocol tcp

port 443

keepalive type tcp

keepalive tcp-close fin

keepalive port 443

active

service sctam104:1-1

ip address 161.19.55.75

protocol tcp

port 443

keepalive type tcp

keepalive tcp-close fin

keepalive port 443

active

!*************************** OWNER ***************************

owner AMLDAP

content services-sys:ssl

vip address 161.19.55.8

protocol tcp

port 443

add service sctam103:1-1

add service sctam104:1-1

active

CSS11501#

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Config Info - CSS Newbie

try setup a group -

group

add destination service sctam103:1-1

add destination service sctam104:1-1

vip address 161.19.55.8

active

I had to add this in the first time I used the CSS models as the return HTTP traffic was coming back with the real server IP rather than the VIP IP. You should run an ethereal trace to see what responses you are getting.

2 REPLIES
New Member

Re: Config Info - CSS Newbie

try setup a group -

group

add destination service sctam103:1-1

add destination service sctam104:1-1

vip address 161.19.55.8

active

I had to add this in the first time I used the CSS models as the return HTTP traffic was coming back with the real server IP rather than the VIP IP. You should run an ethereal trace to see what responses you are getting.

New Member

Re: Config Info - CSS Newbie

perfect....worked great.

Thanks very much.

138
Views
0
Helpful
2
Replies
CreatePlease login to create content