For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MustphaBassim's avatar
MustphaBassim
Icon for Cirrus rankCirrus
Jun 16, 2023

forward traffic based on name

Hello Dears any method to make F5 choose the correct virtual server based on name for exmaple : ex1.f5.com -->192.168.1.1-->pool node 1 ex2.f5.com--> 192.168.1.1-->pool node 2   Bests
application delivery
MustphaBassim's avatar
MustphaBassim
Icon for Cirrus rankCirrus
Jun 16, 2023

Hello Dear

i have one public IP and more than domain need to be published as https service so in this case it is need to move traffic to pool based on URL

Paulius's avatar
Paulius
Icon for MVP rankMVP
Jun 16, 2023

MustphaBassim If your end users use SNI you can configure SNI on one virtual server (VS) with multiple Client SSL Profiles and then all sites can use the one VS. You can attach an iRule to the VS and send different host fields to different pools. Alternatively you can purchase one SSL certificate that matches the different FQDNs and put that one Client SSL profile on the VS and use the iRule to split the traffic between the different pools. The only other alternative would be to configure a PAT on your perimeter device that listens for 443 and NATs that the F5 VS IP on port 443 and then the other one can have 8443, example "https://example.com:8443/" which then hits the perimeter device and does a PAT for 8443 to the other F5 VS IP on 443. The best option for all users to be supported would be the one SSL certificate that covers all FQDNs, second would be SNI, and the last one would be the PAT because that would require the end user to know to put the alternate port in the URL.