Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
4
Replies

SSL offloading on ACE

igorkuliffay
Level 1
Level 1

‎03-05-2009 06:39 AM

Hi all,

I'm working on deployment of ACE appliances for our customer. They want to terminate SSL connections on the ACE. But it's not HTTP encrypted inside.

It's some proprietary protocol encrypted inside the SSL. Here, the server contacts the client first, after the TCP/SSL connection is established.

But with ACE, after the SSL is set up, the ACE is waiting for some message from the client.

What I need is to instruct the ACE to establish the TCP connection to real server immediately after the SSL handshake is done.

Unfortunately, end-to-end SSL is not an option. The real server does not support SSL.

Does anyone have similar experience? Or some magic command, which would do this?

Labels:
0 Helpful
4 Replies 4

carenas123
Level 5
Level 5

‎03-12-2009 04:18 PM

It seems like the bug CSCsk70822

0 Helpful

igorkuliffay
Level 1
Level 1
In response to carenas123

‎03-13-2009 01:30 AM

Actually, we're running latest OS:

Version A3(2.0) build 3.0(0)A3(2.0)

I'd say this behavior is standard. ACE waits for HTTP GET message before it initiates TCP session to real server.

The question is, how to change it..

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to igorkuliffay

‎03-17-2009 05:59 AM

disable persistence rebalance with a parameter-map and it will open the connection right after the ssl handshake without waiting for some data.

Gilles.

0 Helpful

igorkuliffay
Level 1
Level 1
In response to Gilles Dufour

‎03-17-2009 06:09 AM

will try. thanks for hint.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card