Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

Page 188

Advertising
background image

174

ServerIron ADX Security Guide

53-1002440-03

Configuring Real and Virtual Servers for SSL Termination and Proxy Mode

6

Configuring Real and Virtual Servers for SSL Proxy Mode

Real and Virtual Server configuration is described in detail in the ServerIron ADX Server Load
Balancing Guide. When configuring a Real or Virtual Server for SSL Proxy Mode, you need to do the
following:

Configure a Real Server with an SSL port

Configure a Virtual Server with an SSL port

Enable SSL Proxy and specify an SSL client profile and an SSL server profile on the SSL port of
the Virtual Server

Bind SSL on the Virtual Server to an SSL port on a Real Server

For IPv4 Real Server to IPv4 Virtual Server

In the example below an IPv4 Real Server and an IPv4 Virtual Server are configured for SSL Proxy
mode with the following details:

An SSL port is defined on the Real Server: "rs3"

An SSL port is defined on the Virtual Server: "vip3".

SSL Proxy is configured and the SSL client profile "IPv4clientprofile" and SSL server profile
"IPv4serverprofile" are specified on the Virtual Server: "vip3".

A bind is configured between SSL on Virtual Server: "vip3" and SSL on the Real Server: "rs3".

ServerIronADX(config)# server real rs3 10.1.1.1

ServerIronADX(config-rs-rs3)# port ssl

ServerIronADX(config-rs-rs3)# exit

ServerIronADX(config)# server virtual-name-or-ip vip3

ServerIronADX(config-vs-vip3)# port ssl

ServerIronADX(config-vs-vip3)# port ssl ssl-proxy IPv4clientprofile

IPv4serverprofile

ServerIronADX(config-vs-vip3)# bind ssl rs3 ssl

For IPv6 Real Server to IPv6 Virtual Server

In the example below an IPv6 Real Server and an IPv6 Virtual Server are configured for SSL Proxy
mode with the following details:

An SSL port is defined on the Real Server: "rs4"

An SSL port is defined on the Virtual Server: "vip4".

SSL Proxy is configured and the SSL client profile "IPv6clientprofile" and SSL server profile
"IPv6serverprofile" are specified on the Virtual Server: "vip4".

A bind is configured between SSL on Virtual Server: "vip4" and SSL on the Real Server: "rs4".

ServerIronADX(config)# server real rs4 2000::2

ServerIronADX(config-rs-rs4)# port ssl

ServerIronADX(config-rs-rs4)# exit

ServerIronADX(config)# server virtual-name-or-ip vip4

ServerIronADX(config-vs-vip4)# port ssl

ServerIronADX(config-vs-vip4)# port ssl ssl-proxy IPv6clientprofile

IPv6serverprofile

ServerIronADX(config-vs-vip4)# bind ssl rs4 ssl

Syntax: [no] port ssl ssl-proxy <ssl-profile-name-1> <ssl-profile-name-2>

Advertising
Popular Brands
Popular manuals