Use with the CSS
Table B-1
In-Line Installation Device Configuration
CSS Configuration
Create a VLAN for each Secure Content
•
Accelerator
Create a VLAN for the servers
•
•
Create services as required for each server,
adding "keepalive" attributes as necessary
Create a default ECMP route for each load
•
balanced Secure Content Accelerator using
the upstream router as the gateway for each
upstream VLAN
Create Layer 5 rules for the secure content
•
•
Create content rules as required for
non-secure content
Cisco 11000 Series Secure Content Accelerator Configuration Guide
B-6
The following listing shows a sample configuration for the CSS.
!Generated on 11/18/2000 11:01:18
!Active version: ap0400007s
configure
!*************************** GLOBAL ***************************
bridge spanning-tree disabled
no restrict web-mgmt
ip route 0.0.0.0 0.0.0.0 10.176.11.1 1
!************************* INTERFACE *************************
interface ethernet-8
bridge vlan 8
!************************** CIRCUIT **************************
circuit VLAN1
ip address 10.176.10.1 255.255.255.0
circuit VLAN8
ip address 10.176.11.2 255.255.255.0
Appendix B
Secure Content Accelerator Configuration
Export keys and certificates from any existing
•
secure servers, if necessary
Assign an IP address to each Secure Content
•
Accelerator as specified in the CSS
configuration
•
Assign a default route for each Secure
Content Accelerator using the CSS VLAN
circuit IP address as the gateway
Set up one or more logical secure servers
•
using QuickStart wizard (Chapter 3) or
configuration manager (Chapter 4)
Deployment Examples
78-13124-06