Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
3
Replies

MS Internet Explorer interrupts SSL sessions

franz.macsek
Level 1
Level 1

‎11-20-2003 09:49 AM

Many of our customers complain about interrupted SSL sessions, when using MSIE 5.01 or above via a proxy server (e.g. SQUID, ISA). Mainly it seems to happen on POST operations.

Until now we found two workarounds:

- A working solution is to use MSIE and bypassing the proxy server.

- Everything is fine too, when using a Mozilla browser via a proxy server.

But, in most cases our customers are not able to use these workarounds.

On our side we are running an Apache 2.0 server, which is behind a CSS11503 box (S/W version 7.20 Build 104).

We defined the following content rule:

content www.exportservice.at_https

application ssl

add service www.exportservice.at_https_1

add service www.exportservice.at_https_2

vip address 143.245.6.23

balance srcip

protocol tcp

port 443

url "/*"

advanced-balance sticky-srcip

sticky-mask 255.255.254.0

active

As I read in some forum articles MSIE may cause problems with SSL stickyness. Therefore we use srcip stickyness. But it doesn´t help.

Do you have any idea, what we can do to offer stable services to our customers?

I would be glad to get any hints to solve our problem.

Best regards

Franz

Labels:
0 Helpful
3 Replies 3

vkasacavage
Level 1
Level 1

‎11-26-2003 09:33 AM

Could you describe the symptoms the clients are experiencing...what do you mean by interrupted SSL sessions.

If they are getting 404 errors after periods of inactivity, you can fix this with keepalive settings on the apache server and adjusting the apache keepalive timers.....btw, IIS uses a keepalive timer of 900 seconds, apache uses a default of 90 seconds

0 Helpful

krmenon
Cisco Employee
Cisco Employee

‎11-28-2003 06:53 AM

Franz, since u claim, that ur customers are already using IE 5.01, then this link will not be of much help to you.

However, go thru this and see if you can get anymore further with this issue.

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q265369&ID=KB;EN-US;Q265369

regards

Krish...

Cisco TAC

0 Helpful
Customers Also Viewed These Support Documents