Forum Discussion
Hien_Truong
Cirrus
Dec 19, 2022source_address persistance
Hi; i have a question of source_address persistance. Source address in this set up is user's source address or reverse proxy source address. thanks for your explaination.
Mike_Maher
Nimbostratus
Feb 01, 2012Mike,
So basically you want to be able to pass a certificate from a client through the LTM to one of the servers on the back side is what I am hearing.
You are going to need to use an iRule for this and put the information into the Header for the server to read. I am doing something like this with one of our applications that runs through an ASM. Your issue is that the connection is proxied and the client certificate is not being passed from the client side of the connection to the server side of the connection.
One other thing you could do is just do the client cert auth on the LTM itself through the Client SSL profile. Again you will need an iRule if you want to check for certain CNs but it is a pretty simple iRule I am also using this logic for a couple applications I run. See reference below.
http://devcentral.f5.com/wiki/iRules.ClientCertificateCNChecking.ashx
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects