Using the CSM to setup a HTTPS session on non-standard ports?
One of our clients wants to setup an SSL connection on a non-standard SSL port i.e. 4444 to begin with. Here the sever handles the SSL encryption / deccryption) instead of the SSL module.
I've found the following config to work well:
no nat client
real 126.96.36.199 4444
real 188.8.131.52 4444
sticky 108 netmask 255.255.255.255 timeout 60
virtual 184.108.40.206 tcp https
sticky 60 group 108
With the above setup the CSM redirects the SSL connections (recieved on 443) to port 4444 on the sever and maintains this for the duration of the session.
While the above setup works, is it possible to configure the VIP to use a HTTPS port other than 443 (which is default)? This would then allow for separate HTTPS paths to be setup on non-standard ports. I ask this since the client also wants to setup a HTTPS path on port 4443 as well.
Re: Using the CSM to setup a HTTPS session on non-standard ports
I though use non standard port (4443), where encryption/decryption is done on the real servers. CSM only 'forwards' traffic to the real server (using nat/pat, because vip and rserver ports are different - vip:4443/443, rserver:4444)
(btw: you can use non standard port with SSL termination on the SSL module too)
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
Introduction Prepositioning is a powerful tools on the WAAS platform but
it is not always easy to figure out why your jobs are failing when
trying to retrieve the files.Here is a method that should help you to
figure out the reason why they are not succes...