05-02-2011 05:56 AM
Can you Help Me?
Is possible configure ACE Module for End to End SSL with one armed configuration?
Thanks
05-02-2011 07:25 AM
Ciao Simone,
you should be able to do that by referring to the normal End-to-End configuration
and by adding the source NAT on the "server side" to make sure the server sees the requests as coming from the ACE and not from the client.
Let me know how it goes
--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
05-04-2011 06:32 AM
The problem is the follow:
I have an ACE 4710 (A3) configured One-Armed (sources natted on unique IP), the ssl session is terninated on server, but now is necessary track the source IP.
The x-forwarded option, is possible use in this case?
Can we help me?
05-05-2011 10:29 AM
Ciao Simone,
with End-to-End SSL configuration you allow the ACE to access to the content in clear of the SSL communication and hence the possibility to take decision based on the content and/or to modify it.
What you are asking should be possible by doing the following:
policy-map type loadbalance first-match P-MAP
class class-default
serverfarm SFARM
insert-http X-Forwarded-For header-value "%is"
I hope this helps,
Alessandro
--
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: