CSS and SCA Configs

robbiebatchu · ‎03-31-2003

Does this config works ??

Hi

Our client connects to webeservers which we host.

Please check my configs and let me whether this could work or not??

My Cleint connects to our webservers on ssl port 9001.

The request comes to CSS on ssl port 9001 and then CSS forwards that to

SCA on port 4000 and and decrypts and sends back to CSS to ServerFarm on

cleartextport on 5000 and

urlrewrite * sslport 9001 clearport 5000 on SCA i m using urlrewrite anything from CSS http://*:5000 rewrite to https://*:9001 pn SCA.

Client ----https://216.239.53.99:9001---> | CSS | -----> SSLPort4000 |SCA|

Client <----- Back to Client <--- |CSS | <----Clearport5000

CSS Config

service web1

ip address 192.168.1.2

port 9001

keepalive port 9001

active

service web2

ip address 192.168.1.3

port 9001

keepalive port 9001

active

service sca

ip address 192.168.2.2

port 4000

keepalive port 4000

active

!--------------------------------------

owner Client

content web_clear

add service web1

add service web2

protocol tcp

port 5000

balance leastconn

vip address 216.239.53.99

advanced-balance arrowpoint-cookie

active

content web_ssl

protocol tcp

port 9001

balance leastconn

add service sca

vip address 216.239.53.99

active

Gilles Dufour · ‎04-02-2003

looks good to me.

Be aware that urlrewrite without the redirectonly keyword will only use

HTTP1.0 connection from SCA to server. Even if the client connects via HTTP1.1

So, this will break persistence.

Also, if the server answer is chunked/encoded, there is a bug linked to urlrewrite and you should therefore consider the very latest version

4.1.0.18 (at this time).

Gilles.

robbiebatchu · ‎04-16-2003

Hi

This almost went fine when we implemented the cofig.

Except the redirect pages. If i click on the a non-secured redirected page.

It says "page cannot be displayed". so what could be the problem ??

Thanks