F5 Help - Routing HTTPS external to internal web traffic?
As a developer, we are looking to deploy a solution which will require some F5 network aspects. However, as F5 is not an area of my expertise, I am looking for some assistance to determine the act of the possible; and to provide further guidance on what type of F5 configuration would be required for the desired solution?
REQUIREMENT: We want to expose an endpoint externally (some external URL - ) which will be used as a main channel of integration for our external partners. Currently we only have a single partner which shall send https requests in the form of JSON based payloads as part of a web-hook integration piece. The external endpoint shall be whitelisted to a set of IPs from our partner end.
There will be an external DNS declared and a public SSL certificate associated with this. The external requests will need to be routed to a pair of internally hosted load balanced servers (IIS web servers). The load balanced servers will each host a website that is SSL secured with an internal certificate (different to the external cert). So external https requests () will need to be routed all the way to the target internal servers () where the external and internal hosts will be different.
In terms of F5 I am on a vague understanding that we would have a virtual server (external) that shall have reference to both external and internal certificates; and possibly a pool member defined for the load balanced servers?
Can you confirm if the above setup is possible, and if so, what exactly do we need in terms of F5 configuration to achieve this?
ADDITIONAL REQUIREMENTS: In addition to the above, as we potentially want to use this solution as a generic channel for other partner integration; I was thinking if we can perform some form of assessment of the external URL to determine how it should be routed? i.e.
(1) For partner1 if the URL contains partner1 (i.e. DNS Host Name/partner1) then route this to internal load balancer servers A and B
(2) For partner2 if the URL contains partner2 (i.e. DNS Host Name/partner2) then route this to internal load balancer servers C and D etc..
Can we achieve this with possible IRULE or something?
I would appreciate if someone could give us some guidance on what F5 elements we would be required to achieve all of the above (i.e. REQUIREMENTS and ADDITIONAL)??
Many Thanks, Hung