Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSL Accel Backend VIP address

We are trying to set up content routing on an SSL flow, and hence need to use both front-end and back-end SSL for the flow.

I understand that the service IP and port must correspond to the server ip and port for the backend-server defined in the ssl-proxy list.

What should the VIP and Port of the backend-server be for this kind of backend-server? Can it be the same IP address as the server-IP and a different port number?

Does it have to match the HTTP port number for the backend content rule?

Also, does the backend-server need to be activated, or does the activation of the ssl-proxy-list do the job?

e.g.:

ssl-proxy-list ssllist1

ssl-server 252

ssl-server 252 vip address 192.168.10.252

ssl-server 252 port 443

ssl-server 252 cipher rsa-with-3des-ede-cbc-sha 192.168.10.252 8080

ssl-server 252 rsacert myrsacert1

ssl-server 252 rsakey myrsakey1

backend-server 31

backend-server 31 ip address 192.168.10.31

backend-server 31 port 17112

backend-server 31 server-ip 192.168.10.31

backend-server 31 server-port 7112

backend-server 31 cipher rsa-with-3des-ede-cbc-sha

backend-server 31 rsacert myrsacert1

backend-server 31 rsakey myrsakey1

backend-server 32

backend-server 32 ip address 192.168.10.31

backend-server 32 port 17122

backend-server 32 server-ip 192.168.10.31

backend-server 32 server-port 7122

backend-server 32 cipher rsa-with-3des-ede-cbc-sha

backend-server 32 rsacert myrsacert1

backend-server 32 rsakey myrsakey1

active

service sslulb3svr0

type ssl-accel

slot 6

keepalive type none

add ssl-proxy-list ssllist1

active

service ssluportal1-1

type ssl-accel-backend

keepalive type ssl

keepalive frequency 60

keepalive retryperiod 255

add ssl-proxy-list ssllist1

ip address 192.168.10.31

port 7112

active

Those with answers, please help.

1 REPLY
Bronze
120
Views
0
Helpful
1
Replies
CreatePlease login to create content