Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
405
Views
0
Helpful
1
Replies

is it a bad idea to put both ports 443 and 80 in the same class map, when load-balancing using the ACE.

luckymike33
Level 1
Level 1

‎06-11-2014 04:00 AM

We are configuring an ACE 4710, and it is pretty straightforward, in that it is balancing http, and https traffic to a number of servers, ssl termination is on the Load balancer itself.

The question is - is it a bad idea to match both port 80 and 443 in the same class map - especially when they will be configured with the same load-balancing policy. 

 

If so, why?

 

thanks for any help you can give us.

 

Labels:
0 Helpful
1 Reply 1

Bilal Nawaz
VIP Alumni
VIP Alumni

‎06-11-2014 11:31 PM

No I do not think it is, I have used both www and https on the same class-map the same VIP, lots of times - you could be providing different services on these ports anyway. It's probably good that you are doing the ssl offloading from servers, one scenario I can think of at the moment of it being bad is if you present http connections to a server that is vulnerable to attacks etc... from a less secure port.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
0 Helpful
Customers Also Viewed These Support Documents