Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4141
Views
0
Helpful
3
Replies

Cisco CSS 11501 - View source of hits on SSL service

mwitherford
Level 1
Level 1

‎11-24-2020 02:28 AM

Hi I was wondering if anyone can help point me in the right direction:

 

I am working on decommissioning a Cisco CSS 11501 and have a service called ssl-module which refers to a proxy list. The service has a number of local connections and I want to try and find out what the cause of the connections is.

 

I don't know what time the connections are being made so the show flows command will not help unfortunately as it's a periodic connection, not a constant connection. 

 

Firstly here is the show version output from the box:

CSS11501# show version
Version: sg0820501 (08.20.5.01)
Flash (Locked): 08.10.1.06
Flash (Operational): 08.20.5.01
Type: PRIMARY
Licensed Cmd Set(s): Standard Feature Set

 

 

Here is the service ssl module:

CSS11501# show service ssl-module

Name: ssl-module Index: 98
Type: Ssl-Accel State: Alive
Rule ( 0.0.0.0 ANY ANY )
Session Redundancy: Disabled
SSL-Accel slot: 2
Session Cache Size: 10000
Redirect Domain:
Redirect String:
Keepalive: (NONE 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 10/11/2020 08:41:35
Mtu: 1500 State Transitions: 0
Total Local Connections: 219 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 219 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2


SSL Proxy Lists:
1: secure-(name removed for security reasons)-Active

 

My questions are:

So is there any commands I can use to find out what is hitting the service?

Is there anyway I can save detailed output of the hits to this service saved to logs? I do have syslog setup on the device.

 

I cannot provide copies of running configs of the devices I am afraid but I can provide specific sections where needed

 

 

 

 

 

 

 

Labels:
0 Helpful
3 Replies 3

mwitherford
Level 1
Level 1

‎11-25-2020 04:27 AM

Bump

0 Helpful

mwitherford
Level 1
Level 1

‎11-30-2020 03:25 AM

I have managed to find out that the command show summary can show hits on each of the services and which ones belong to the SSL module, therefore giving me a destination VIP and backend servers so it gives me half of the communication I need to look for.

0 Helpful

ameliascotts80938
Level 1
Level 1

‎03-03-2021 11:29 PM - edited ‎03-13-2021 11:16 PM

The Cisco CSS 11501 supports eight 10/100 Ethernet ports and one Gigabit Ethernet port through an optional small-form-factor, pluggable gigabit interface converter (SFP GBIC). The Cisco CSS 11503 and Cisco CSS 11506 are both modular platforms with interchangeable modules.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents