Forum Discussion

Nimbostratus

Dec 16, 2009

GTM and SSL VPN

This could almost be considered a pre-sales question but I wanted to reach out to the community here. I was wondering if anyone had exposure using a GTM to load balance geographical dis...

Cirrostratus

Dec 16, 2009

Hi Justin,

That's a novel approach. I think you'd actually want to track open sessions--not connections. A single user could easily have many TCP connections open to an SSL VPN.

I haven't tried this before, but I wonder if you could use an SNMP-based external GTM monitor to weight the two pool members based on an SNMP query for the number of active user sessions each VPN server holds. Does the Juniper SA provide session counts via SNMP? The default SNMP monitor would just mark the pool member down if it doesn't respond to the SNMP request. You'd need to use a custom script to poll the members for active sessions and then adjust the member priority using bigpipe, tmsh or iControl.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

GTM and SSL VPN

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Bot Defense causing a lot of false positives

Related Content

SSL Profiles Part 6: SSL Renegotiation

SSL Orchestrator Service Extensions: DoH Guardian

Introduction to BIG-IP SSL Orchestrator

SSL Profiles Part 5: SSL Options

Updating SSL Certificates on BIG-IP using REST API

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS