Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.


is it a bad idea to put both ports 443 and 80 in the same class map, when load-balancing using the ACE.

We are configuring an ACE 4710, and it is pretty straightforward, in that it is balancing http, and https traffic to a number of servers, ssl termination is on the Load balancer itself.

The question is - is it a bad idea to match both port 80 and 443 in the same class map - especially when they will be configured with the same load-balancing policy. 


If so, why?


thanks for any help you can give us.



No I do not think it is, I

No I do not think it is, I have used both www and https on the same class-map the same VIP, lots of times - you could be providing different services on these ports anyway. It's probably good that you are doing the ssl offloading from servers, one scenario I can think of at the moment of it being bad is if you present http connections to a server that is vulnerable to attacks etc... from a less secure port.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
CreatePlease login to create content