For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Marco_Castro_11's avatar
Marco_Castro_11
Icon for Nimbostratus rankNimbostratus
Apr 11, 2014

Firepass with LTM without SSL offload

Hi, I would like to configure an HTTPS Virtual Server on BIG-IP LTM (11.4.1HF2) for firepass but without SSL offloading. I have to configure ssl server profile with serverssl-insecure-compatible to ...
Marco_Castro_11's avatar
Marco_Castro_11
Icon for Nimbostratus rankNimbostratus
Apr 22, 2014

Hi Kevin,

 

I have the same certificate in firepass and in client ssl profile of VS in LTM/APM Big-IP. The name o certificiate resolves to ip adress of this VS in LTM/APM Big-IP. Also in this VS i have to config ssl server profile to serverssl-insecure-compatible to firepass page display. In this VS i have configured also Access Policy of APM. So my idea was to create an irule that user type https://hostaname goes to firepass but if types https://hostname/uri1 or https://hostname/uri2 .... goes to APM. when access policy is configured in VSwith i can't go to firepass pool i can only go to APM using following irule, any suggestions? when HTTP_REQUEST {

 

if { [HTTP::uri] equals "/" } {

 

ACCESS::disable pool firepasspool } elseif { [HTTP::uri] equals "/uri1" } {

 

ACCESS::enable log local0. "APM /uri1 " } }

 

Thanks Regards, MC