Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

CSS sticky session when source ip changes

I work for an ASP and am having problems with customers dropping their ssl connection to our app across the internet on wireless connections. The customer was using a verizon wireless card and the ip assigned to his computer was a 70.x.x.x (ipconfig) but I had the user go to http://myipaddress.com because I could not see the ip on the sniff trace. The ip changed in the verizon network to a 66.x.x.x. I was able to trace the 66 ip and found that when the user was dropped his 66 ip changed. Has anyone experienced this?? I am looking for a long term fix. Currently SSL is termingation at the server farm and I am using a sticky source ip at 4 hours. I would be willing to move the ssl to the content switch if needed but what can i do to keep the same session after a source ip change?

Thanks,

Steve

CSSIP

CSSP

1 REPLY
Cisco Employee

Re: CSS sticky session when source ip changes

by terminating ssl on the css, you could use cookie stickyness which is independent of the ip address.

This would solve your problem for sure.

Without the SSL module, you don't have much option.

If you can't use IP address, you also can't use TCP ports, so the only thing left is the SSL ID.

You could 'advanced-balance ssl' with 'application ssl'.

However, IE browsers are known to change frequently the SSLID even during a single session.

So, by using this optin, you may fix the problem of this particular client but create more issues with other customer.

Unfortunately that's the only choices available.

Gilles.

433
Views
4
Helpful
1
Replies
CreatePlease to create content