Does ACE replicate SSL sessions?

Toggle sidebar Toggle sidebar
C

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
We're implementing a redundant ACE module w/ a redundant 6500 chassis, and would like someone to confirm whether or not SSL stateful failover works between the two ACE modules.

If the primary active ACE or 6504 fails, do users need to re-establish all active SSL sessions, or are their sessions kept alive after failover occurs?

If Cisco's ACE doesn't do SSL stateful failover, whose product does it?
 
C

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
Cisco Doc says:
The ACE does not replicate SSL and other terminated (proxied) connections from the active context to the standby context.
 
C

Cooky

Golden Member
Apr 2, 2002
1,408
0
76
I couldn't believe SSL failover was not supported, so opened a case w/ Cisco TAC.

Here's their response (trying my best to state it in correct words):
Even though SSL ID's are not replicated over (actually a security feature, so that the ID can't be hijacked), most browsers automatically re-negotiates SSL after it fails over to secondary ACE, and thus it would be transparent to end users.

I guess one can argue SSL failover isn't supported, but to end users' point of view, it is.

=========
Side note:
Right after I opened the SR online (3 minutes or so), I called the 800 number and actually got to the assigned engineer right away, and didn't have to go through any dispatcher and explain any non-sense.

She was in Australia TAC, and pretty much answered all my questions & concerns within 10 minutes.

I generally find Australia TAC more reliable & quicker than the ones in the U.S....no offense in case anyone from SJ or RTP TAC is reading.
 
C

cmetz

Platinum Member
Nov 13, 2001
2,296
0
0
Cooky, I'll second your aside - the Austrialia TAC folks are way more helpful and are native English speakers. I've had extremely poor experiences with the SJ TAC. So for everyone with Cisco problems and a support contract that will allow it, call late night when the number gets routed to Australia.
 
J

jlazzaro

Golden Member
May 6, 2004
1,743
0
0
+1 on australia...ive actually waited to report late night issues just to make sure i get routed there.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |