Forum Discussion
F5_Jeff
Cirrus
CirrusApache to F5 Configuration
Hi everyone,
We are having trouble with our F5 Configuration.Here is the scenario:
We are using Mobile application (from playstore) to access the server. It uses standard VS with port 443 and performing SSL offloading. Configuration is based from the Apache Server which is currently on production and no error. Single server is used to access using Web and Mobile Application, only uses different ports.Here is the config:
ProxyPass /fo connectiontimeout=60 timeout=600 ProxyPassReverse / timeout=600
ProxyPass /mob connectiontimeout=60 timeout=600 ProxyPassReverse /mob timeout=600
Looking at the firewall, no other port being used by the client when accessing using application. we captured some pcap, based on it, F5 can receive the traffic and can exchange SSL. However, we cannot see that F5 is sending the traffic to the server.It seems that there is configuration error with the virtual server. We tried changing the type to Performance L4 but SSL-offloading is removed.
we also changed the protocol to All protocol, but still, SSL-offloading is removed.
Is there a way to have All protocol type of VS but with SSL-offloading? If this can be done via irule. If not, does anyone experienced the same problem (using mobile application passing thru F5).
Thank you all for the response.
VernonWellsEmployee
Presumably you don't actually want "All Protocols" because that would mean any BIG-IP supported transport (e.g., TCP, UDP, SCTP) or pseudo-transport (e.g., ICMP) protocol. TLS is really only supported for a subset of protocols (generally, TCP and UDP).
I believe, from your post, what you want is "TCP but using any port". Is that the case? If so, you should be able to create a TCP Virtual Server with a Client-SSL profile, but set the port to the wildcard (* or 0 -- meaning "any port"),