HTTPS session not passing through F5.

I'm assuming you also don't want the F5 to handle any of the SSL traffic (as in decrypt client side SSL and re-encrypt to the server). Of so, then you want to make sure that:

1. You do not have client and server SSL profiles applied to the virtual server

    

2. You do not have any application layer profiles applied to the virtual server (ex. an HTTP profile)

    

Without HTTP and SSL profiles applied to the VIP, the virtual server becomes nothing more than a layer 4 (TCP) load balancer.

I don't apply any SSL profiles and is not working. If I use for example I can't get the page. But is working when I use

Do you have an HTTP profile applied to the virtual server?

yes, I do.

You MUST remove this. You CANNOT process HTTP if you aren't processing SSL.

Thanks Kevin. Now is working. When profile is set to none I can use https, not http.

I think it's very likely that you can do http, given that the VIP doesn't care about anything over OSI layer 4, but that you can't do any HTTP iRule stuff without an HTTP profile.

When I try HTTP IE is in the connecting status. But that's oaky, as long HTTPS is working I'm fine for now. Can I still use ssl as a default Persistence Profile?

If this is for browser-based communications, then generally speaking SSL persistence doesn't work (reliably). This persistence method uses the SSL session ID to control load balancing affinity, but that number will change whenever an SSL session is renegotiated, which happens quite often for browsers.

To summarize, in the absence of the ability to see inside SSL traffic, any load balancing product is generally limited to IP addresses to maintain affinity. There are some non-browser clients (of stateful protocols) that don't renegotiate their SSL sessions, where SSL persistence works, but guessing that's not what you need here.

So in this case hash or source address I should implement. Thanks Kevin.