Hi I was wondering if anyone can help point me in the right direction:
I am working on decommissioning a Cisco CSS 11501 and have a service called ssl-module which refers to a proxy list. The service has a number of local connections and I want to try and find out what the cause of the connections is.
I don't know what time the connections are being made so the show flows command will not help unfortunately as it's a periodic connection, not a constant connection.
Firstly here is the show version output from the box:
CSS11501# show version
Version: sg0820501 (08.20.5.01)
Flash (Locked): 08.10.1.06
Flash (Operational): 08.20.5.01
Type: PRIMARY
Licensed Cmd Set(s): Standard Feature Set
Here is the service ssl module:
CSS11501# show service ssl-module
Name: ssl-module Index: 98
Type: Ssl-Accel State: Alive
Rule ( 0.0.0.0 ANY ANY )
Session Redundancy: Disabled
SSL-Accel slot: 2
Session Cache Size: 10000
Redirect Domain:
Redirect String:
Keepalive: (NONE 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 10/11/2020 08:41:35
Mtu: 1500 State Transitions: 0
Total Local Connections: 219 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 219 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2
SSL Proxy Lists:
1: secure-(name removed for security reasons)-Active
My questions are:
So is there any commands I can use to find out what is hitting the service?
Is there anyway I can save detailed output of the hits to this service saved to logs? I do have syslog setup on the device.
I cannot provide copies of running configs of the devices I am afraid but I can provide specific sections where needed
Bump
I have managed to find out that the command show summary can show hits on each of the services and which ones belong to the SSL module, therefore giving me a destination VIP and backend servers so it gives me half of the communication I need to look for.