Configuration Guide
Page 42
The Cisco 11000 Series Secure Content Accelerator is a Secure Sockets Layer (SSL) offloading solution. The Secure Content Accelerator provides: • Secure URL rewrite, ... International Step-Up Certificate and Microsoft Server Gated Cryptography support Cisco 11000 Series Secure Content Accelerator Configuration Guide 1-2 78-13124-06 Product Overview Chapter 1 Overview Product Overview The Secure Content Accelerator is compatible with all Cisco content switches-the Cisco LocalDirector, the Catalyst Content Switching Module, and the Cisco CSS 11000 Series Content Services...
The Cisco 11000 Series Secure Content Accelerator is a Secure Sockets Layer (SSL) offloading solution. The Secure Content Accelerator provides: • Secure URL rewrite, ... International Step-Up Certificate and Microsoft Server Gated Cryptography support Cisco 11000 Series Secure Content Accelerator Configuration Guide 1-2 78-13124-06 Product Overview Chapter 1 Overview Product Overview The Secure Content Accelerator is compatible with all Cisco content switches-the Cisco LocalDirector, the Catalyst Content Switching Module, and the Cisco CSS 11000 Series Content Services...
Configuration Guide
Page 47
... an on a flat surface as a: • Free-standing unit • Rack-mounted unit 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-3 The Secure Content Accelerator can be placed on /off switch, turn OFF the power and unplug the power cord. Save the packing materials in case you need...
... an on a flat surface as a: • Free-standing unit • Rack-mounted unit 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-3 The Secure Content Accelerator can be placed on /off switch, turn OFF the power and unplug the power cord. Save the packing materials in case you need...
Configuration Guide
Page 49
... provided to ensure your safety: 1) This unit should be mounted at the bottom of the Secure Content Accelerator, shown in Figure 2-1, contains the following connectors, switches, and LEDs: • Two DB9 serial ports, marked "AUX" and "CONSOLE" • Two RJ-45 10/100 Ethernet interface ports, marked "SERVER" and "NETWORK" 78...
... provided to ensure your safety: 1) This unit should be mounted at the bottom of the Secure Content Accelerator, shown in Figure 2-1, contains the following connectors, switches, and LEDs: • Two DB9 serial ports, marked "AUX" and "CONSOLE" • Two RJ-45 10/100 Ethernet interface ports, marked "SERVER" and "NETWORK" 78...
Configuration Guide
Page 50
Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-6 78-13124-06 Panel Descriptions Chapter 2 Installing the Hardware and Software • Three Ethernet management LEDs associated with each port • One "TEST" LED • One "RESET" switch Figure 2-1 Secure Content Accelerator Front ...Panel The rear panel of the Secure Content Accelerator, shown in Figure 2-2, contains the following connectors and switches: • Two power inputs • Two power switches Figure 2-2 Secure Content Accelerator Rear Panel Figure 2-3 shows the LED layout of each LED on the SCA...
Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-6 78-13124-06 Panel Descriptions Chapter 2 Installing the Hardware and Software • Three Ethernet management LEDs associated with each port • One "TEST" LED • One "RESET" switch Figure 2-1 Secure Content Accelerator Front ...Panel The rear panel of the Secure Content Accelerator, shown in Figure 2-2, contains the following connectors and switches: • Two power inputs • Two power switches Figure 2-2 Secure Content Accelerator Rear Panel Figure 2-3 shows the LED layout of each LED on the SCA...
Configuration Guide
Page 51
Chapter 2 Installing the Hardware and Software Figure 2-3 SCA Ethernet Port Detail Reset Switch Test LED Panel Descriptions 100 ACT LNK Server 100 ACT LNK Network Table 2-1 SCA Port LED Descriptions LED Name LK Color Green TX Amber RX ... 2-4 shows the LED layout of each LED on the device. Table 2-2 describes the function of the SCA2 Ethernet ports. Figure 2-4 SCA2 Ethernet Port Detail Reset Switch Test LED 100 ACT LNK Server 100 ACT LNK Network 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-7
Chapter 2 Installing the Hardware and Software Figure 2-3 SCA Ethernet Port Detail Reset Switch Test LED Panel Descriptions 100 ACT LNK Server 100 ACT LNK Network Table 2-1 SCA Port LED Descriptions LED Name LK Color Green TX Amber RX ... 2-4 shows the LED layout of each LED on the device. Table 2-2 describes the function of the SCA2 Ethernet ports. Figure 2-4 SCA2 Ethernet Port Detail Reset Switch Test LED 100 ACT LNK Server 100 ACT LNK Network 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-7
Configuration Guide
Page 52
...the Secure Content Accelerator by the text on ) position. Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-8 78-13124-06 Before you install the power cords, ensure that the Secure Content Accelerator power switches are running Identifying SCA Models SCA and SCA2 models can ...be differentiated by plugging the AC power cord connector into dedicated three-wire grounding receptacles. 4. Plug the power cords ...
...the Secure Content Accelerator by the text on ) position. Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-8 78-13124-06 Before you install the power cords, ensure that the Secure Content Accelerator power switches are running Identifying SCA Models SCA and SCA2 models can ...be differentiated by plugging the AC power cord connector into dedicated three-wire grounding receptacles. 4. Plug the power cords ...
Configuration Guide
Page 53
... Ethernet interfaces are not lit, see Appendix B, Deployment Examples. Connect the "Server" port to the servers (or to a hub or switch. Check the LK LEDs for suggestions. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-9 Use a straight-through different ports. For network deployment instructions and suggestions, see Appendix E, Troubleshooting...
... Ethernet interfaces are not lit, see Appendix B, Deployment Examples. Connect the "Server" port to the servers (or to a hub or switch. Check the LK LEDs for suggestions. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 2-9 Use a straight-through different ports. For network deployment instructions and suggestions, see Appendix E, Troubleshooting...
Configuration Guide
Page 109
... 1. Click Update. Note In certain situations, such as when changing to the device. If you that the connection switches to activate the Network tabs. 2. Use the list box in Figure 5-5. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 5-9 If the connection is shown in the Network Interface or Server...
... 1. Click Update. Note In certain situations, such as when changing to the device. If you that the connection switches to activate the Network tabs. 2. Use the list box in Figure 5-5. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 5-9 If the connection is shown in the Network Interface or Server...
Configuration Guide
Page 165
For information about configuring the Secure Content Accelerator in conjunction with the CSS 11000 Series Content Services Switch (hereinafter referred to as instructed previously. 2. Connect the "Network" Ethernet interface to the load balancer. Connect the "Server" Ethernet interface to the Internet. Install the appliance as the CSS), see "Use with a Load Balancer 1. Appendix B Deployment Examples Load Balancing Figure B-2 Secure Content Accelerator Installation with the CSS". 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-3
For information about configuring the Secure Content Accelerator in conjunction with the CSS 11000 Series Content Services Switch (hereinafter referred to as instructed previously. 2. Connect the "Network" Ethernet interface to the load balancer. Connect the "Server" Ethernet interface to the Internet. Install the appliance as the CSS), see "Use with a Load Balancer 1. Appendix B Deployment Examples Load Balancing Figure B-2 Secure Content Accelerator Installation with the CSS". 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-3
Configuration Guide
Page 167
... 80 traffic is a Layer 2 device, it as clear text on the CSS and/or the upstream Layer 2 switch. The Secure Content Accelerator intercepts all port 443 traffic for both the CSS and Secure Content Accelerator. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-5 Table B-1 shows basic configuration...
... 80 traffic is a Layer 2 device, it as clear text on the CSS and/or the upstream Layer 2 switch. The Secure Content Accelerator intercepts all port 443 traffic for both the CSS and Secure Content Accelerator. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-5 Table B-1 shows basic configuration...
Configuration Guide
Page 172
...Examples keepalive maxfailure 3 no keepalive enable end end One-Armed Non-Transparent Proxy This deployment uses a single CSS for load balancing SSL offloading and Layer 5 switching, allowing load balancing at up to the limit of transactions per second of scalability. The one-armed ...the Secure Content Accelerator. Figure B-4 shows a typical deployment. If IP address accounting is complex to a specific host. B-10 Cisco 11000 Series Secure Content Accelerator Configuration Guide 78-13124-06 This command instructs the device to write a client access log to confi...
...Examples keepalive maxfailure 3 no keepalive enable end end One-Armed Non-Transparent Proxy This deployment uses a single CSS for load balancing SSL offloading and Layer 5 switching, allowing load balancing at up to the limit of transactions per second of scalability. The one-armed ...the Secure Content Accelerator. Figure B-4 shows a typical deployment. If IP address accounting is complex to a specific host. B-10 Cisco 11000 Series Secure Content Accelerator Configuration Guide 78-13124-06 This command instructs the device to write a client access log to confi...
Configuration Guide
Page 193
...;oaders and some models of load-balancing and content-switching gear. Unlike conventional transparent mode, the IP address specified within the services definitions. The CSS (or other load-balancer) will fail. Appendix B... when a logical SSL server is offered by uniqueness in transparent mode. thus the hybridity of the CSS configuration mirrors that used to host multiple logical SSL servers. Unlike traditional no cache-bypass directives... its own IP address in transparent mode. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-31
...;oaders and some models of load-balancing and content-switching gear. Unlike conventional transparent mode, the IP address specified within the services definitions. The CSS (or other load-balancer) will fail. Appendix B... when a logical SSL server is offered by uniqueness in transparent mode. thus the hybridity of the CSS configuration mirrors that used to host multiple logical SSL servers. Unlike traditional no cache-bypass directives... its own IP address in transparent mode. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide B-31
Configuration Guide
Page 418
... the cable segment is unlit. Make sure the speed and duplex settings on the network (hardware). Cisco 11000 Series Secure Content Accelerator Configuration Guide E-2 78-13124-06 Ensure cables are secure. Check the associated power switch, power cord, and power source. If the problem continues, press and hold the reset... Troubleshooting the Hardware Table E-1 lists some problems that may occur with 100Base-TX recommendations. If you can connect to the device, use to a switch or hub; Make sure you are using the reload command in the flash memory is powered on.
... the cable segment is unlit. Make sure the speed and duplex settings on the network (hardware). Cisco 11000 Series Secure Content Accelerator Configuration Guide E-2 78-13124-06 Ensure cables are secure. Check the associated power switch, power cord, and power source. If the problem continues, press and hold the reset... Troubleshooting the Hardware Table E-1 lists some problems that may occur with 100Base-TX recommendations. If you can connect to the device, use to a switch or hub; Make sure you are using the reload command in the flash memory is powered on.
Configuration Guide
Page 422
...Are the console settings correct? Use a known good null-modem No cable; or 2-port mode correctly set terminal to next flowchart Appendix E Troubleshooting Cisco 11000 Series Secure Content Accelerator Configuration Guide E-6 78-13124-06 reload device Yes Are the network settings correct? Verify physical cabling No and speed of... a known good power source? No Configure network settings Yes Go to 9600 (or 115,200), 8,N,1 Yes Yes Yes Reboot the device using the power switches Is the console responsive? Have the cabling and speed of all associated ports been verified?
...Are the console settings correct? Use a known good null-modem No cable; or 2-port mode correctly set terminal to next flowchart Appendix E Troubleshooting Cisco 11000 Series Secure Content Accelerator Configuration Guide E-6 78-13124-06 reload device Yes Are the network settings correct? Verify physical cabling No and speed of... a known good power source? No Configure network settings Yes Go to 9600 (or 115,200), 8,N,1 Yes Yes Yes Reboot the device using the power switches Is the console responsive? Have the cabling and speed of all associated ports been verified?