Forum Discussion

muntae_kim's avatar
muntae_kim
Icon for Cirrus rankCirrus
Feb 27, 2024

Can I set decryption in LTM config on a port other than 443?

hello. My name is Muntae Kim. Due to the EoTS of the BIG-IP SW used by our client, we are inevitably unable to open the case and would like to ask for your assistance.   Customer information: ...
security
muntae_kim's avatar
muntae_kim
Icon for Cirrus rankCirrus

Thank you for answer. I would like to ask additional questions because I do not understand your answer.

Based on the current settings, the customer only wants to decrypt port 443, and is considering additional decryption of port 4430.

To make this possible, please review the following settings.

1. Add 4430 port Virtual Servers separately so that traffic flowing into 4430 port can be decrypted to the Virtual Servers that are currently set to port 443 only.
2. Modify and apply iRules to operate on a newly added Virtual Server

The conclusion is that when TCP 443 is set to 4430, a custom port, it is designated as Other, and whether it operates the same as 443.

If anyone has any clarity on this part, please respond.

thank you

Paulius's avatar
Paulius
Icon for MVP rankMVP
Mar 06, 2024

muntae_kim You would configure a new virtual server listening on 4430 with an SSL profile and then send that decrypted traffic to your pool of choice. You do not have to send decrypted traffic back around to the virtual server listening on 443.