Hi All,

I am New to ACE..

Our customer is having trouble in SSL Offloading on Cisco ACE 4710.

Also is there any way we can configure etherchannel on 4710 Appliance?

Attached the configuration

===============================

crypto csr-params KOTAK-INTRANET-CSR
  country IN
  state Maharashtra
  organization-unit IT
  common-name www.XYZabc.com
  serial-number 01

access-list ALL line 8 extended permit ip any any

[7m--More-- [m

[K

probe http UAT_siebel-app-kmbenu
  description UAT_siebel-app-kmbenu
  interval 10
  faildetect 5
  passdetect interval 3
  passdetect count 5
  request method get url /kmb_enu/
  expect status 200 200
  connection term forced
  open 1
probe http siebel-app
  description siebel-app
  interval 10
  faildetect 5
  passdetect interval 3
  passdetect count 5
  request method get url /siebel.html
  expect status 200 200
  connection term forced
  open 1
[7m--More-- [m
probe http siebel-app-kmbenu
  description siebel-app-kmbenu
  interval 10
  faildetect 5
  passdetect interval 3
  passdetect count 5
  request method get url /kmb_enu/
  expect status 200 200
  connection term forced
  open 1

rserver host Siebel_App_Server01
  description Siebel_App_Server01--10.X.3.156
  ip address 10.X.3.156
  inservice
rserver host Siebel_App_Server02
  description Siebel_App_Server02--10.X.3.157
  ip address 10.X.3.157
  inservice
rserver host UAT_Siebel_App_Server01
  description UAT_Siebel_App_Server01--10.X.56.143
  ip address 10.X.56.143
inservice

serverfarm host Server_farm_app
  description Siebel App Server farm
  probe siebel-app
  probe siebel-app-kmbenu
  rserver Siebel_App_Server01 80
    inservice
  rserver Siebel_App_Server02 80
    inservice
serverfarm host UAT_Server_farm_app
  description UAT Siebel App Server farm
  probe UAT_siebel-app-kmbenu
  rserver UAT_Siebel_App_Server01 80
    inservice

ssl-proxy service XYZ-INTRANET-SSL
  key XYZ-INTRANET.PEM
  cert XYZ-INTRANET.crt

sticky http-cookie Siebel 2
[7m--More-- [m
  cookie insert browser-expire
  timeout 60
  serverfarm Server_farm_app

class-map match-any App_Server_VIP
  3 match virtual-address 10.x.3.212 tcp eq https
class-map match-any App_Server_VIP1
  2 match virtual-address 10.x.3.212 tcp eq www
class-map match-any UAT_App_Server_VIP
  3 match virtual-address 10.x.3.212 tcp eq https
class-map match-any UAT_App_Server_VIP1
  2 match virtual-address 10.x.3.212 tcp eq www
class-map type management match-any remote_access
  201 match protocol icmp any

policy-map type management first-match remote_mgmt_allow_policy
  class remote_access
    permit

policy-map type loadbalance first-match App_Server_VIP-l7slb
  class class-default
    sticky-serverfarm 2
[7m--More-- [m
policy-map type loadbalance first-match UAT_App_Server_VIP-l7slb
  class class-default
    serverfarm UAT_Server_farm_app

policy-map multi-match UAT
  class UAT_App_Server_VIP
    loadbalance vip inservice
    loadbalance policy UAT_App_Server_VIP-l7slb
    loadbalance vip icmp-reply active
    nat dynamic 1 vlan 3
    ssl-proxy server XYZ-INTRANET-SSL
policy-map multi-match int3
  class App_Server_VIP
    loadbalance vip inservice
    loadbalance policy App_Server_VIP-l7slb
    loadbalance vip icmp-reply active
    nat dynamic 1 vlan 3
    ssl-proxy server XYZ-INTRANET-SSL
  class App_Server_VIP1
    loadbalance vip inservice
    loadbalance policy App_Server_VIP-l7slb
    loadbalance vip icmp-reply active
nat dynamic 1 vlan 3
    ssl-proxy server XYZ-INTRANET-SSL

interface vlan 3
  ip address 10.X.3.213 255.255.255.0
  peer ip address 10.X.3.214 255.255.255.0
  access-group input ALL
  nat-pool 1 10.X.3.212 10.X.3.212 netmask 255.255.255.255 pat
  service-policy input int3
  service-policy input remote_mgmt_allow_policy
  no shutdown

ip route 0.0.0.0 0.0.0.0 10.X.3.252

Regards

Madhu