Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
3
Replies

Using port 443 in L4 policy with ACE

lukaszkhalil
Level 1
Level 1

‎03-08-2011 06:28 AM

Hello

I am trying to create on my ACE a VIP on a port 443 that will work in a layer 4. The real http traffic will be decrypted on the rservers.

As long as I do not use the port 443 as a VIP port everything is OK, but if I changed it to 443 I loose the communication.

Does anybody know if there is any restriction in the ACE that does not allow using the 443 TCP port for L4 traffic?

Thank you in advance

Regards

Lucas

Labels:
0 Helpful
3 Replies 3

Surya ARBY
Level 4
Level 4

‎03-08-2011 07:00 AM

No restriction. It should work. here is one of my template for that :

access-list PERMIT-ALL line 8 extended permit ip any any

serverfarm host XXX

failaction purge

predictor leastconns

probe generic-tcp

rserver SYMI-NH01 443

  inservice

rserver SYMI-NH02 443

  inservice

sticky ip-netmask 255.255.255.0 address source XXX

timeout 3600

replicate sticky

serverfarm XXX

class-map match-any XXX

2 match virtual-address A.B.C.D 255.255.255.255 tcp eq https

policy-map type loadbalance first-match XXX

class class-default

sticky-serverfarm XXX
0 Helpful

lukaszkhalil
Level 1
Level 1
In response to Surya ARBY

‎03-08-2011 10:56 PM

OK, thanks.

I forgot to mention that my rservers are listening on different port then 443.

0 Helpful

Surya ARBY
Level 4
Level 4
In response to lukaszkhalil

‎03-08-2011 11:50 PM

Just change the port in the serverfarm

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card