Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
505
Views
0
Helpful
1
Replies

SorryServer with 443 - How to implement ?

Go to solution
cjrchoi11
Level 1
Level 1

‎12-16-2003 06:27 AM

Please clarify and correct my SorryServer with 443 scenario. normally, clients will be connected to S1 or S2 with the server's certification.

.

1. If S1 and S2 both down, clients will be redirecting to SorryServer and SorryServer will be issued the certification.

2. Client have a certification from server. S1 and S2 down in the middle of communication, what happen the client ? Is the client will get a certification request from SorryServer ? I'm not clear for the certification which already got from the server.

3. Last question. Is this right way to implement SorryServer with 443 ?

.

service S1

ip address 1.1.1.1

port 443

!

service S2

ip address 1.1.1.2

port 443

!

service SorryServer

ip address 1.1.2.1

port 443

!

content SecureServer

vip address 2.2.2.2

add service S1

add service S2

advanced-balance sticky-srcip

primarySorry SorryServer

port 443

.

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
stevehall
Level 1
Level 1

‎12-16-2003 02:13 PM

Well,

Assuming you activate the services with the "active" command.. :)

If something goes wrong in the middle of a flow (or conneciton) then there is not much we will do. The sorry server does not have a socket for that specific connection. If we did send it there, we would only get a TCP RST response. The sorry service will get all NEW connections if all the other services go down.

Other than not having "active" services, and I am not sure on the content rule (It needs to be active also!) the way you have configured it is fine.

-Steve

View solution in original post

0 Helpful
1 Reply 1

Go to solution
stevehall
Level 1
Level 1

‎12-16-2003 02:13 PM

Well,

Assuming you activate the services with the "active" command.. :)

If something goes wrong in the middle of a flow (or conneciton) then there is not much we will do. The sorry server does not have a socket for that specific connection. If we did send it there, we would only get a TCP RST response. The sorry service will get all NEW connections if all the other services go down.

Other than not having "active" services, and I am not sure on the content rule (It needs to be active also!) the way you have configured it is fine.

-Steve

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card