Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
521
Views
0
Helpful
3
Replies

CSS+SSL Failover

conoufri
Level 1
Level 1

‎04-05-2005 02:21 PM

If I have two CSS with SSL module in an ASR config, in case the master CSS fails, will the redundant CSS chassis take over the SSL sessions as well, without the client having to reconnect?

Thx,

Christos

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎04-05-2005 11:36 PM

no. We are currently working on such a solution but this is not possible as of now.

Gilles.

0 Helpful

conoufri
Level 1
Level 1
In response to Gilles Dufour

‎04-06-2005 01:41 AM

Gilles hi,

Thx for your reply.

What I couldn't find on the web was info on SSL fail-over and how the SSL will behave in the event that the Master CSS fails and the Stand-by takes over. What will happen to the SSL sessions.

Also, how does the CSS behave in the event that it looses one of the back-end web-servers?

If you want you can contact me direct at:

conoufriou@odysseyconsultants.com

Regards,

Christos

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to conoufri

‎04-06-2005 02:45 AM

we can save TCP connections but not the ssl info.

So after failover, the traffic will be sent to the new active SSL module which will send a RESET to the client.

The client will normally restart the connection.

If you lose the backend server, the CSS does nothing.

If the client is sending traffic, the SSL module will forward it to the dead server and if we don't get a response during the timeout period the SSL module will reset the connection.

If a new connection is open it will be sent to another active server if one is available.

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card