Chapter 8 Examples of CSS SSL Configurations
8-12
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
SSL Transparent Proxy Configuration — HTTP and Back-End SSL
Servers
This section provides an example configuration for an SSL transparent proxy for
two clients, a CSS with two SSL modules, two HTTP servers (ServerABC and
ServerGHI), and two back-end SSL servers (ServerDEF and ServerJKL). This
configuration is similar to the previous configuration. (See the “SSL Transparent
Proxy Configuration — Two SSL Modules” section.) However, this example
includes the configuration for a back-end SSL server.
In Figure 8-5, Client A’s SSL connection has a destination address 192.168.5.5
that matches content rule ssl-rule. The CSS load balances the SSL connection to
SSL module 1. The module terminates the connection, decrypts the data to clear
text and initiates an HTTP connection to content rule http-rule. The CSS forwards
the request to HTTP server ServerABC.
Client B’s SSL connection has a destination address 192.28.4.4 that matches
content rule ssl-rule-1. The CSS load balances the SSL connection to SSL
module 2. The module terminates the connection, decrypts the data to clear text
and initiates an HTTP connection to content rule http-ssl-rule. The CSS directs
the clear text data back to SSL module 2. The module terminates the connection,
re-encrypts the traffic, and establishes an SSL connection to SSL server
ServerDEF.
To Next Page
Loading...
