Forum Discussion
Bernd_Fritzsche
Nimbostratus
NimbostratusHTTPS re-encryption
Hello,
as an iRules newbie, I need some ideas on how to realize my (weird?) thinking:
Given:
- 2 MS-Exchange systems (both offering OWA and ActiveSync using SSL)
- persistence is mandatory
Wish:
- send requests containing "/Microsoft-Server-ActiveSync/*" to nodeA (fallback: nodeB)
- send all other (=OWA) requests to nodeB (fallback: nodeA)
Goal:
- share load to both servers
My idea:
- building two pools with identical nodes but different ratio/prio
- SSL proxy that terminates SSL on BigIP and a virt.server with a rule like
if (http_uri contains "activesync") { use pool ACTSYNC }
else { use pool OWA }
Problem:
- so far so good, but now MS-Exchange needs SSL traffic so I have to re-encrypt afterwards.
- Any hints on how to achieve that?
Many thanks in advance for any help!
2 Replies
- Please refer to the BIG-IP Reference Guide -> SSL Accelerator Proxies -> Creating an SSL Accelerator proxy -> Creating a client-side proxy with SSL-to-Server enabled. It is available online at (4.5.x version):
http://tech.f5.com/home/bigip/manuals/bigip4_5_10/bigip4_5_10ref/BIGip_SSLproxy.html1252855
BTW, this question has nothing to do with iRules per se and because of that is not appropriate for this forum. 
Bernd_FritzscheI apologize - my question wasn't primarily SSL related but rather meant like "Is there some other way (with iRules?) that I can go?".
However, thank you very much!
