Forum Discussion
Deepak_k_226543
Nimbostratus
NimbostratusASM deployment
I have SLB in Reverse proxy mode for 3 internal vlan traffic.For those 3 vlan i'm using trunk on my slb for internal network. After the SLB i have WAF in Inline mode. Traffic is passing. i want to know how can i inspect the HTTPS traffic.
You will need to set up your Big IP for SSL interception via Transparent Proxy.
Here is F5's guide on the process.
https://www.f5.com/pdf/deployment-guides/ssl-intercept-dg.pdf
shopkeeper56_23Cirrostratus
You will need to set up your Big IP for SSL interception via Transparent Proxy.
Here is F5's guide on the process.
https://www.f5.com/pdf/deployment-guides/ssl-intercept-dg.pdf
- Deepak_k_226543Nice Thanks
- The SSL Intercept deployment is intended for outbound (forward proxy) traffic and may not be the correct solution here. Is your issue that the WAF you have deployed cannot sit on the Trunked ports or that the traffic on the server side connection is HTTPS encrypted? If the issue is that the server side connection is encrypted, you will want to ensure you are using an RSA based SSL cipher on the server side connection. Most WAFs can import your RSA based key and decrypt in flight. DHE/ECDHE based ciphers prevent L2 based WAFs from sitting inline.
- shopkeeper56_23^ this is correct. I might have misunderstood the OP's question. I thought his/her intention was to inspect outgoing. I assumed any incoming SSL would be terminated on the Big IP, thus already visible for ASM.
