For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

lizunjjg_280139's avatar
lizunjjg_280139
Icon for Nimbostratus rankNimbostratus
Jul 12, 2018

client ssl off_load

hi guys /1. client ssl off_load VIP is on port 443 and pool members also in service port 443 . /2. pool members can not change port (also 443 ) 、、、They want to do ssl offload on the VIP will it wo...
application delivery
BIG-IP
LTM
KevinA_246454's avatar
KevinA_246454
Icon for Cirrostratus rankCirrostratus
Jul 12, 2018

HI Lizunjjg

 

If I am understand you correctly you want to do SSL Offloading, but your not sure if it will work if your pool members is also listening on port 443 ?

 

If the above is your scenario I would say yes then only associate the client ssl profile with a http profile(default one will work) and a tcp profile which should be their by default. If you want to send ssl to the pool members as well you will have to add a server ssl profile(that will be SSL terminating not offloading).Note also you will have to ensure your webserver is configured to accept http on port 443.

 

lizunjjg_280139's avatar
lizunjjg_280139
Icon for Nimbostratus rankNimbostratus
Jul 12, 2018

haha,thanks KevinA