For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jason_Hook_4092's avatar
Jason_Hook_4092
Icon for Nimbostratus rankNimbostratus
Apr 12, 2010

Expose pool member in response

I would like to expose which pool member responded to the request for tracking within TrueSight in front of the VIP.     This is what I feel will work, but I'd like some feedback whether this is...
application delivery
dev
devops
iRules
Chris_Miller's avatar
Chris_Miller
Icon for Altostratus rankAltostratus
Jan 12, 2011
Posted By fujisen on 01/12/2011 07:57 AM

 

thanks,

 

 

I understand SSL client Cert is required on https VIP, to use same irule but can the pool memebers listen on port 443? or it should be on 80

 

 

If you want encryption between the LTM and Pool Member (over 443,) then you'll need a serverSSL profile in addition to the clientSSL profile.

 

 

Think of it like this:

 

 

 

1. Client Request hits LTM over HTTPS.

 

2. LTM uses the ClientSSL profile to decrypt the traffic so it can view the request.

 

3. If sending to the pool member over HTTPS, LTM uses the ServerSSL profile to re-encrypt the traffic (and decrypt it on the way back)