Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

URL filtering ACE after description of SSL traffic

We currently have a Cisco CSS11501 which we have configured with SSL offloading.

We offload the SSL traffic and after description of the ssl traffic we perform URL filtering.

Can the Ace 4710 Appliance do the same?

I have attached the current configuration of the css.

Regards,

Richard

1 REPLY

Re: URL filtering ACE after description of SSL traffic

With the below config

Traffic matching 10.10.10.10:443 will be SSL offloaded and then

will be loadbalanced using rservers in Serverfarm "APP1-SFARM" if

the request includes "/matchthis".

ssl-proxy service APP1-SSL-PROXY

key default-key.pem

cert default-cert.pem

class-map match-all APP1-443-VIP

2 match virtual-address 10.10.10.10 tcp eq https

class-map type http loadbalance match-any APP1-URLMAP

2 match http url /matchthis.*

policy-map type loadbalance first-match APP1-Policy

class APP1-URLMAP

serverfarm APP1-SFARM

policy-map multi-match VIPS-VLAN79

class APP1-443-VIP

loadbalance vip inservice

loadbalance vip icmp-reply active

loadbalance policy APP1-Policy

ssl-proxy server APP1-SSL-PROXY

HTH

Syed iftekhar Ahmed

266
Views
0
Helpful
1
Replies