Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
2
Replies

CSS11503 - Need help troubleshooting SSL connection

dclee
Level 1
Level 1

‎10-21-2011 07:40 AM

We run 2 CSS's here, one is prod and one is QA. Our QA is a CSS11503 and currently terminates 36 inbound SSL url's and

redirects them to a backend web server..All is working well.

But I am trying to add a new ssl rule and I'm having problems getting it to work.

I'm looking for a few troubleshooting commands that will allow me to see if the SSL traffic has reached the CSS as well as

if it has redirected the backend web traffic to the correct server.

Any help would be appreciated.

Cheers


Dave

Labels:
0 Helpful
2 Replies 2

dclee
Level 1
Level 1

‎10-21-2011 07:53 AM

I notice that when I do a show service, its state is "down"

0 Helpful

Daniel Arrondo Ostiz
Cisco Employee
Cisco Employee
In response to dclee

‎10-24-2011 04:33 AM

If the service is showing down, it means the CSS is not able to reach the service. By default, unless you have defined a different keepalive method, it will test reachability by pinging the IP address of the service.

Until the service status becomes "alive" connections will not be sent to this server.

In general, there are not many commands you can use for troubleshooting on the CSS. Most of the time, the best approach to see if a connection is working or not is doing a traffic capture on the client and the server. Apart from this capture, it is sometimes useful to do "show summary" to confirm all the rules are operational and "show flows" to see the currently established connections.

Regards

Daniel

0 Helpful
Customers Also Viewed These Support Documents