Forum Discussion

Jay_387077

Nimbostratus

Mar 27, 2019

Decrypt and Re-encrypt requests on F5

We have ADFS on internal netwrok.

Web application proxy server in DMZ

F5 BIGIP in DMZ routing traffic to Proxy server.

SNAT config, so loosing client ip.

We have the ADFS SSL cert on the F5 to decrypt incoming requests, and insert a header.

The WAP listens on https 443, so can we re-encrypt with the same certificate? or do we need to use the public key that the client uses?

We are using the same cert at the moment and the WAP/ADFS is not providing a web page, but if we change to SSL tunnel without decrypting, it works, but we loose client ip.

So we know ADFS WAP is listening and can handle requests to https 443, but if we do decrypt and re-encrypt on the F5 it stops working.

Any help would be great! thanks

BIG-IP

security

No RepliesBe the first to reply

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Decrypt and Re-encrypt requests on F5

Recent Discussions

VIP needed for many UDP ports

Creating Policy using Terraform

Unable to get Internet in server using SWG forward Proxy.

ASM don't block attack XSS

AWAF ADD-ON MODULE

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

Quantum Computer decrypt RSA, Bitcoin PQC, Solidity audit tool, Meaningless threat

F5 Distributed Cloud - Regional Decryption with Virtual Sites

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS