Forum Discussion

Altostratus

Feb 26, 2025

Any approach to encrypting HSL traffic such that no plain text is ever sniffable?

Hi - we have been asked to integrate a vendor logging solution on our F5s that uses HSL to send information about requests to and responses from our HTTP/HTTPS VIPs on our LTMs. (I describe this conf...

hsl

tls

Juergen_Mang

MVP

Feb 27, 2025

I quickly tested the setup described in this article and it works:

Create a L4 TCP Virtual Server with a none-floating address with a serverssl profile and the tls syslog server as Pool Member.
Create a Pool with above Virtual Server as Pool Member.
Use this Pool as the HSL-Pool or use the Virtual Server directly for syslog messages.

We now have a Virtual Server that listens for plain-text syslog messages and sends this messages encrypted to the tls syslog server. No plain-text packet leaves the f5.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Any approach to encrypting HSL traffic such that no plain text is ever sniffable?

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

Let's Encrypt

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Automate Let's Encrypt Certificates on BIG-IP

Coordinated Vulnerability Disclosure: A Balanced Approach

Load Balancing TCP TLS Encrypted Syslog Messages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS