Forum Discussion

Nimbostratus

Mar 22, 2015

GTM Design Question

Hi everyone. In my company I have a Firewall that make communication inbound and outbound company / internet. I want to put a GTM to load balance 53 request between two DCs(with LTM each on...

application delivery

availability

BIG-IP Access Policy Manager (APM)

Nacreous

Mar 22, 2015

Hi,

This would require to terminate SSL on your firewall. Otherwise the firewall doesn't know, what name has to be resolved.

It's typically the job of the GTM to verify the availability of the servers, respond to the client/resolver with a resource record and the client tries to establish a direct connection to the target system.

What you are expecting from your firewall is the job of a forward proxy. But a forward proxy requires the client to use the so called CONNECT method to specify the hostname it wants to be connected to.

Now the forward proxy does a name resolution, sends an OK to the client and now the client starts sending the request through the established "tunnel".

So the answer depends on the capabilities of your firewall.

Thanks, Stephan

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)