F5 Bip-IP 4600 and Oracle Secure Global Desktop Gateway

Hello F5 community,

 

we are trying to implement a load-balanced deployment of Oracle Secure Global Desktop (OSGD) Gateway v5.2 with our F5 Big-IP 4600 Loadbalancer/WAF but we are facing problems when SGD client component is trying to connect.

 

Current setup is as follows:

 

Internet ==https:443==> F5 ==http:80==> OSGD Gateway ==https:443==> OSGD Server

 

F5 setup: http profile: "none"; clientssl enabled; serverssl disabled; client certificate on F5 for SSL termination

 

OSGD is a browser based solution for publishing remote applications. For accessing the remote application a client component (SGD Client) is used which tunnels AIP traffic over HTTPS/SSL (please see OSGD gateway architecture below).

 

 

The problem we are facing seems to be situated in the communication between SGD Client component – Load-Balancer – OSGD Gateway. Web browser traffic is working and the load-balancer is working as an SSL accelerator.

 

When SGD client component is loaded connection to SGD Gateway component cannot be established and is timed out. Our assumption is that this additional SSL channel is recognized as illegal or incorrectly processed by the load-balancer.

 

Does anyone have experience with OSGD gateway and F5 loadbalancers?

 

Further OSGD gateway documentation can be found here: http://docs.oracle.com/cd/E51728_01/E51733/html/gateway-architecture-intro.html

 

Systems used: OSGD Gateway/Server Version 5.2; F5 Big-IP 4600 Version 11.6.0 (Build 4.0.420)