Forum Discussion

aygitci_128716's avatar
aygitci_128716
Icon for Nimbostratus rankNimbostratus
Jan 26, 2018

chaining with other WAF

Hi,

 

For migration to F5 devices purpose, we will chain F5 with the current WAF. Then remove current one after validating the ASM policies. We'll put the F5 in transparent mode for learning the traffic and build the policies. The flow will go to current WAF and then to endpoint (see pict below).

 

We will import the SSL certificates/keys of apps from current WAF to F5.

 

Question: how can we configure the client and server SSL profiles and avoid disturbing the apps during this chaining period? Current WAF should also keep the certificates/keys.

 

Client SSL profile with imported cert/key ?

 

Server SSL profile with imported cert/key ? default profile ?

 

 

Thanks for your help.