Chapter 2 Commands for the Catalyst 6500 Series SSL Services Module

policy health-probe tcp

Context name: ssl

Context Id : 1

Admin Status: up

Operation Status: down

Proxy status: Health Probe Failed

This example shows how to configure TCP health probe to check whether service at port 81 is up and running on server IP address 19.0.0.1:

ssl-proxy(config-context)# service ssloffload ssl-proxy(config-ctx-ssl-proxy)# virtual ipaddr 7.100.100.180 protocol tcp port 443 ssl-proxy(config-ctx-ssl-proxy)# server ipaddr 19.0.0.1 protocol tcp port 80

ssl-proxy(config-ctx-ssl-proxy)#certificate rsa general-purpose trustpoint cert1024 ssl-proxy(config-ctx-ssl-proxy)#policy health-probe tcp probe1 ssl-proxy(config-ctx-ssl-proxy)#nat client natpool ssl-proxy(config-ctx-ssl-proxy)#inservice

ssl-proxy(config-ctx-ssl-proxy)# exit ssl-proxy(config-context)# policy health-probe tcp probe1 ssl-proxy(config-ctx-tcp-probe)# 81

Warning: Port in the service ssloffload configuration (80) differs from the port in the health probe configuration (81)

ssl-proxy(config-ctx-tcp-probe)# exit ssl-proxy(config-context)#

This example shows how to configure TCP health probe to check whether service at port 80 is up and running on virtual IP address 7.100.100.180:

ssl-proxy(config-context)# service ssloffload ssl-proxy(config-ctx-ssl-proxy)# virtual ipaddr 7.100.100.180 protocol tcp port 443 ssl-proxy(config-ctx-ssl-proxy)# server ipaddr 19.0.0.1 protocol tcp port 80

ssl-proxy(config-ctx-ssl-proxy)#certificate rsa general-purpose trustpoint cert1024 ssl-proxy(config-ctx-ssl-proxy)#policy health-probe tcp probe1 ssl-proxy(config-ctx-ssl-proxy)#no nat server ssl-proxy(config-ctx-ssl-proxy)#nat client natpool ssl-proxy(config-ctx-ssl-proxy)#inservice

ssl-proxy(config-ctx-ssl-proxy)# exit ssl-proxy(config-context)# policy health-probe tcp probe1 ssl-proxy(config-ctx-tcp-probe)# exit ssl-proxy(config-context)#

This example shows how to configure TCP health probe to check whether service at port 444 is up and running on virtual IP address 7.100.100.180:

ssl-proxy(config-context)# service ssloffload ssl-proxy(config-ctx-ssl-proxy)# virtual ipaddr 7.100.100.180 protocol tcp port 443 ssl-proxy(config-ctx-ssl-proxy)# server ipaddr 19.0.0.1 protocol tcp port 80

ssl-proxy(config-ctx-ssl-proxy)#certificate rsa general-purpose trustpoint cert1024 ssl-proxy(config-ctx-ssl-proxy)#policy health-probe tcp probe1 ssl-proxy(config-ctx-ssl-proxy)#no nat server ssl-proxy(config-ctx-ssl-proxy)#nat client natpool ssl-proxy(config-ctx-ssl-proxy)#inservice

ssl-proxy(config-ctx-ssl-proxy)# exit ssl-proxy(config-context)# policy health-probe tcp probe1 ssl-proxy(config-ctx-tcp-probe)# 444 ssl-proxy(config-ctx-tcp-probe)# exit

Warning: Port in the service ssloffload configuration (80) differs from the port in the health probe configuration (444)

ssl-proxy(config-context)#

Related Commands show ssl-proxy policy show ssl-proxy service

Catalyst 6500 Series Switch SSL Services Module Command Reference

 

OL-9105-01

2-33

 

 

 

Page 59
Image 59
Cisco Systems 6500 manual