Application Networking

For failover purposes we might want to have multiple routable /24 subnets at the outside of the CSS (facing the Internet.) But I understand that if you put a secondary IP address on a circuit/VLAN associated with an interface - the CSS will not be ab...

I have a problem with WCCP redirection on a 3750 switch. hardware and IOS versions are listed as supporting WCCPv2. WAE configured at a core site and at the remote site. "ip wccp 62 redirect in" configured on the interfaces at each end connected to t...

Hello,I have a simple SLB configuration running in RP mode. If a client on the same network as the virtual IP tries to connect to the VIP, it fails. I'm guessing this is because the communication is done at layer 2 and the packet never gets sent to t...

Hello,our customer has typical ACE configuration in routed mode with enabled direct access from client side to server side. ok. access to server port is enabled. when I try telnet to server_ip:service_port, I can see 'established' connection on the A...

I have been working on and testing a solution using WAEs to optimise a link between two sites both with WAEs. The TCP promiscuous mode service has been setup on both WAEs and WCCP appears to have successfully negotiated the connection etc to the WCCP...

We have the following config setup using two interfaces:Client(.10.33) -- VLAN10 -- CSS -- VLAN10 -- Servers (.10.31, .10.32)We have source-nating set up for the Client. We are trying to set up content routing on an SSL flow, and hence need to use bo...

Well, I got the CSS working fine with terminating all inbound SSL connections to a backend server port 7777However 1 problem has come up. When I have the oracle admins trying to upload a file to the backend webserver via the proxy and their webpage u...

Hi Guys,One of our clients wants to setup an SSL connection on a non-standard SSL port i.e. 4444 to begin with. Here the sever handles the SSL encryption / deccryption) instead of the SSL module. I've found the following config to work well:serverfar...

I have a requirement to send traffic to another server on the private side using the VIP address. I understand source groups need to be defined for this requirement to NAT the source ip address of server. There is also a requirement to send traffic t...

Hello all,I must configure our CSS to use a GeoTrust SSL wildcard cert covering 3 domain levels, i.e., "*.abc.com", "*.*.abc.com" and "*.*.*.abc.com".We generated the CSR from the CSS using "*.abc.com" for our domain name since you can only make one ...

We are having problems when the frontend SSL session times out, and browser reuses the same SSL-id and cookie, and we get routed to a different server (not sticking). Is there any way to debug the cookie content in the intermediate http flow ?Thanks ...

Hello,our customer has a problem with correct closing TCP connections on the ACE. TCP session (HTTP protocol) is closed _correctly_ (we can see it in the sniffer output), but 'sh conn' on the ACE shows it as 'established' (session is already closed)....

How to configure CSS load balancing, behind two Cisco ASA mode A/S with 2 DMZ's? 2 Fw ASA 5520 -> L2 Sw->2 CSS->2 L2 Sw->web servers and application servers DMZ-1 are web serversDMZ-2 are application servers Regards, Diego.

Hi there,i have configured within an ace context two vlans with a bridge group and one bvi interface.Here is the Config :access-list ALLOW_ALL_TRAFFIC line 7 extended permit icmp any any access-list ALLOW_ALL_TRAFFIC line 8 extended permit ip any any...