cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
541
Views
0
Helpful
1
Replies

URL filtering ACE after description of SSL traffic

r_huyerman
Level 1
Level 1

We currently have a Cisco CSS11501 which we have configured with SSL offloading.

We offload the SSL traffic and after description of the ssl traffic we perform URL filtering.

Can the Ace 4710 Appliance do the same?

I have attached the current configuration of the css.

Regards,

Richard

1 Reply 1

With the below config

Traffic matching 10.10.10.10:443 will be SSL offloaded and then

will be loadbalanced using rservers in Serverfarm "APP1-SFARM" if

the request includes "/matchthis".

ssl-proxy service APP1-SSL-PROXY

key default-key.pem

cert default-cert.pem

class-map match-all APP1-443-VIP

2 match virtual-address 10.10.10.10 tcp eq https

class-map type http loadbalance match-any APP1-URLMAP

2 match http url /matchthis.*

policy-map type loadbalance first-match APP1-Policy

class APP1-URLMAP

serverfarm APP1-SFARM

policy-map multi-match VIPS-VLAN79

class APP1-443-VIP

loadbalance vip inservice

loadbalance vip icmp-reply active

loadbalance policy APP1-Policy

ssl-proxy server APP1-SSL-PROXY

HTH

Syed iftekhar Ahmed

Review Cisco Networking for a $25 gift card