Forum Discussion

Nimbostratus

Jan 17, 2017

Asm with squid outbound proxy

asm with squid outbound proxy does this work ? I tried this myself, the http:// urls work but the https does not . Any workaround ?

ASM Advanced WAF

security

Hannes_Rapp

Nimbostratus

Jan 17, 2017

A number of things can be wrong. Do you have more information about design, and policy configuration? Do you intend to use WAF so that your internal users can't try attack 3rd party web-sites on the public web? Normally, WAF is put in place to protect your own services from external users.

First basic criteria is that the ASM module requires un-encrypted input. Where do you currently offload TLS?

chin_15339
Nimbostratus
Jan 17, 2017
There is no SSL offload its just plain Squid forward proxy listening on port 3128
Hannes_Rapp
Nimbostratus
Jan 17, 2017
So HTTPS not working is as expected then. I do not know your use-case, so I will just refer you to solution articles:

Look into Client-SSL profiles: https://support.f5.com/csp/article/K14783

Depending on your use-case, Proxy SSL feature may suit better: https://support.f5.com/csp/article/K13385