Resolution
These are the two modes of operation for Secure Socket Layer (SSL):
- Standalone mode. Flows in the client-to-server direction can originate as either clear text or as encrypted data. All flows in the server-to-client direction originate as clear text. Depending on the source port, traffic may or may not be encrypted by the SSL module before being forwarded to the client.
- One-armed configuration with Content Switching Module (CSM) module. When the SSL module is used with a CSM, the CSM treats the SSL module as a special real server. The CSM parses for traffic destined to the server farm's Versatile Interface Processor (VIP), port 443. The CSM forwards port 443 traffic to the SSL module without modifying the destination IP address. That is, it performs no server Network Address Translation (NAT).
For additional information on frequently asked questions on SSL service module , refer to Cisco Content Switching Module with SSL
For more information on installation and configuration of SSL service module , refer to Catalyst 6500 Series SSL Services Module Installation and Configuration Note, 1.1.