Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

BBSM5.3 not passing https/ssl traffic

We have deployed BBSM53 for guest auth on a wireless network. Regular 8080 traffic is flowing fine, but ssl/ipsec/443 traffic is being blocked. Authorizations are being done via access codes, so SSL was not a concern. Do you still have to have a SSL cert loaded on the BBSM to pass secure web traffic?

1 REPLY
New Member

Re: BBSM5.3 not passing https/ssl traffic

For reference, this was the fix that solved the issue.

Enable transparent proxy causes all traffic internally to the BBSM to

leave with a source address of the external address of the BBSM and a

port of 80. So when traffic that needs to go to the ssl/443 port leaves

the BBSM it is actually destined for port 80 due to transparent proxy

and the far ssl server drops the packet. Any data that needs a specific

port ( smtp/ftp/ssl/vpn ) will fail with transparent proxy.

You can disable transparent proxy and use nat externally to the bbsm for

the internal client network to get around this issue or use a public ip

space for your client network.

106
Views
0
Helpful
1
Replies
CreatePlease login to create content