F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Gdub_105041's avatar
Gdub_105041
Icon for Nimbostratus rankNimbostratus
Jul 16, 2010

F5 & SSL on non SSL Ports

We host multiple Web sites so to keep from using a different IP for each SSL on dev, test, and production for the various Web sites; we use the following:

 

 

https://someurl.com/

 

 

Internal on IIS

 

http: port 80

 

https: port 1500

 

 

SSL has to be installed on IIS and not the F5 LTM. The Virtual Servers and Pools are all configured correctly, but the issue we are having is that when we use a port different from 443 for SSL, Big IP doesn't process the traffic.

 

 

Any suggestions.

 

 

 

 

 

microsoft
partner

1 Reply

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jul 19, 2010
    Hi Gdub,

     

     

    I imagine the problem is that the web applications are referring to themselves on ports which don't match the LTM virtual server ports you're using. There are a few possible solutions to this:

     

     

    - Change the webserver configuration to reference the VS ports instead of their own ports

     

    - Define the virtual server on the same port as the web servers. This should work as the VS will be listening on the same ports as the web servers, so no port translations should be necessary.

     

    - Decrypt (and optionally re-encrypt) the SSL and then rewrite port references from the web server ports to the LTM ports. This could be done with HTTP profile options and/or an iRule.

     

     

    If you want help fleshing out any of these options, let us know.

     

     

    Aaron