Any iRules that acts as Virtual Server for By-Pass Cert

Question

F5 APM with SWG module, so this F5 acts as Proxy and Intercept Cert.
I have a problem about intercept certificate some website cannot use it, then I solved that problem by create the new virtual machine and fixed the destination of each website's IP. (nslookup)
But I think it's not a good solution, because If some website occurs like this problem more, I have to add more virtual server. So I try to use iRules to by-pass the destination by using iRules.
when CLIENT_ACCEPTED {
if { [ IP::Addr [IP::local_addr] equals "xxx.xxx.xxx.xxx" ] } {
SSL::disable
} 
}

But it's did not work, please could you suggest me for the iRules command.

stanislas_piro2 · Answer

if you disable SSL on client side you also have to :
disable SSL on server sidedisable any L7 profile decoding inner protocol
you can try this:
when CLIENT_ACCEPTED {
    if { [ IP::Addr [IP::local_addr] equals "xxx.xxx.xxx.xxx" ] } {
        ACCESS::disable
        HTTP::disable
        SSL::disable clientside
        SSL::disable serverside
    } 
}

Forum Discussion

Any iRules that acts as Virtual Server for By-Pass Cert

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Question about irules and Virtual servers and caching of irules

iRULE regsub error

owa iapp assign irule

APM by pass rewrite profile

Need help on F5 automation to read the irules attached t all the virtual servers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS