Bypass VS Interception on SSL Forward Proxy

Question

Hi,&nbsp;
I am using APM+SWG to configure the F5 as Forward Proxy, using the iApp for setting up Secure web Gateway (SWG).&nbsp;
One of the option on it is: Select whether SSL traffic should be intercepted or bypassed by default&nbsp;
Bypass means that the client doesn't terminate the SSL connection on the F5, but it is bypassed by the F5 to be terminated on the Server?&nbsp;
Because Bypassing traffic I am NOT getting any Certificate Warning when accessing HTTPS websites, but when I switch it to 'Intercept' on the F5, I get Warnings on all the HTTPS Websites as I don't have CA signed certificates installed.&nbsp;
Thanks&nbsp;

niels_van_sluis · Answer

Yes, bypass will not intercept SSL traffic. The client that is using the forward proxy will receive the official (authentic) certificate of the server it is connecting to. Bypass will prevent the BIG-IP to do HTTPS inspection for that connection.

Forum Discussion

Bypass VS Interception on SSL Forward Proxy

Recent Discussions

How do I create a traffic log for two different route domains?

Http / https health monitor issue

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

Related Content

Bypass WAF for X-forwarder IP in XC

Use x-forwarded-for to bypass authentication?

Bypass certificate check

DNS Interception: Protecting the Client

MSM Bypass

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS