Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Port 443 AND 80 traffic and SSL offloading

Users to a site (thissite.here.com, for example) have used both http://thissite.here.com and https://thissite.here.com for reasons lost in history...

The (IIS) site has a certificate but its use is not mandated.

In a new environment to whichi we are migrating, we have SSL offloading. We still want one DNS entry for thissite.here.com, and this ought to be an IP addresses held by the SSL module - but this only works if (paradoxically), that SLL module can also be sent not to mandate the use of SSL.

Does this make sense? Is this possible?

Tim T.

Everyone's tags (1)
1 REPLY
Cisco Employee

Port 443 AND 80 traffic and SSL offloading

Hi Tim,

In most environments, you don't use the SSL module alone, but rather along with a load balancer. In those cases, you can configure the load-balancer with the same IP address for two different ports and then send the SSL traffic to the SSLM and the rest to the servers directly.

If you are using a standalone SSLM, then, I'm afraid this is not possible.

By the way, I'm surprised to hear you are doing a new setup with the SSLM, as it's almost obsolete (see

http://www.cisco.com/en/US/prod/collateral/modules/ps2706/eol_c51_534811.html)

Regards

Daniel

293
Views
0
Helpful
1
Replies
CreatePlease to create content