Running HTTP and HTTPS connections for a single domain (say, www.example.com) through a Cisco ACE SS

Posted by Paddu on Server Fault See other posts from Server Fault or by Paddu
Published on 2010-05-13T22:26:24Z Indexed on 2010/05/13 22:34 UTC
Read the original article Hit count: 297

Filed under:
|

My web application config has a Cisco ACE load balancing across a server farm and I want to use the ACE as an SSL endpoint as well. To make this work, the network architect has come up with a design where all secure pages have to be served from secure.my-domain.com, while non-secure pages are served up from www.my-domain.com. The reason for this is apparently that the configuring the Cisco ACE to accept HTTPS requests on port 443 for a particular public IP prevents the simultaneous acceptance of HTTP requests on port 80 for the same IP. While I'm not a networking (or Cisco) expert, this seems to be intuitively wrong, as it would prevent any website using the Cisco ACE to serve pages on http://www.my-domain.com and https://www.my-domain.com simultaneously. In this situation, my questions are:

  1. Is this truly a limitation of the Cisco ACE when used as an SSL endpoint?
  2. If not, then can I assume that we can set up the ACE to accept connections for a particular IP on ports 80 and 443, and function as an SSL endpoint for the incoming requests on 443? Links to appropriate documentation most welcome here.
  3. Assuming the setup in the previous question, can I then redirect both sets of requests to the same server farm on the same port?

© Server Fault or respective owner

Related posts about cisco-ace

Related posts about ssl