Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
551
Views
0
Helpful
2
Replies

need to terminate SSL on the ACE to configure stickiness?

axfalk
Level 1
Level 1

‎04-14-2015 12:35 PM

Hi,

We have a requirement to configure source IP session persistence for HTTPS connections (port 443) on the ACE running A5(3.1). The real servers are listening on port 443 as well. Will we need to terminate these HTTPS sessions on the ACE?

 

thanks.

 

 

Labels:
0 Helpful
2 Replies 2

Abhishek Purohit
Level 1
Level 1

‎04-16-2015 05:21 AM

Hi,

 

Your requirement is termed as End-to-End SSL termination. For IP persistence, you just need to add sticky servers and

End To End SSL: http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_%28ACE%29_Configuration_Examples_--_SSL_Configuration_Examples#Simplified_End-to-End_SSL_Configuration_Example

 

With Sticky: http://www.cisco.com/c/en/us/support/docs/interfaces-modules/ace-application-control-engine-module/107401-ace-end2end.html

 

Hope that helps.

 

BR,

Abhi

 

Regards, Abhishek Purohit CCIE-S- 35269
0 Helpful

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎04-17-2015 10:24 AM

Hi,

If the requirement is just to have source based persistence then you don't need SSL to be terminated unless you want to. Even without SSL termination, you can have source based sticky. Anything above that would be encrypted and if L7 based sticky is required then you need end to end ssl in your scenario.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents