Configures fallback to no encryption on the inner channel.

Specifies that the system optimizes but does not encrypt the connection when it is unable to negotiate a secure, encrypted inner channel connection with the peer. This is the default setting.

Enabling this option requires an optimization service restart.

We strongly recommend enabling this setting on both the SteelHead Mobile and the server-side SteelHeads.

This option applies only to non-SSL traffic and is unavailable when you select ssl-only as the traffic type in the policy id ssl traffic-type command.

The no policy id <id> ssl fallback-no-enc enable command configures the system to not trust all preconfigured peering certificates.

Disable this setting to pass through connections that do not have a secure encrypted inner channel connection with the peer. Use caution when disabling this setting, because doing so specifies that you strictly do not want traffic optimized between non-secure systems. Consequently, when this setting is disabled, connections might be dropped.

For detailed information about SSL, see the SteelHead User Guide.

Client Accelerator

show policy id