Примечания к выпуску для Cisco Cisco Content Switching Module with SSL

CSCsx37458

Under certain conditions, one or more VIPs on the CSM-S will not respond to the ping. This 
condition occurs when the same VIP is used in the virtual server and in a static NAT entry. The VIP 
may be displayed in the CSM ARP table as a SVR NAT entry instead of virtual server entry.  You 
can display the CSM ARP table by using show mod csm slot arp command.

Workaround: 

Suspend all virtual servers for the VIP address that have an uncertain VIP address.

Remove the static NAT configuration for that VIP.

Reactivate the virtual servers.

Add the static NAT again.

For a description of SSL caveats resolved in CSM-S software release 2.2(3), see the 

This section describes the open SSL caveats in CSM-S software release 2.2(3):

Configuring NTP on the SSLM or CSM-S SSL-DC may interfere with the clock synchronization. 
Configuring the CSM-S SSL-DC to synchronize its clock using NTP might lead to the clock going 
out of synchronization.

Workaround: Do not configure NTP on the CSM-S SSL-DC or the SSLM. The DC clock 
periodically synchronizes with the supervisor engine, so having NTP running on the supervisor 
engine is enough to keep the clock in synchronization. (CSCsg55214)

For a description of open SSL caveats in CSM-S software release 2.2(3), see the 

This section describes the resolved SSL caveats in CSM-S software release 2.2(3):

After normal operation, the SSLM stops inserting the header into the clear text traffic. This problem 
occurs only with software release 2.1(10). 

Workaround: None. (CSCsh79045)

These sections describe the open and resolved caveats in CSM-S software release 2.2(2):