F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Muhammad_Irfan1's avatar
Muhammad_Irfan1
Icon for Cirrus rankCirrus
Oct 13, 2014

HTTPS Traffic

Is it possible if i make a VS of HTTPS traffic and F5 only pass the HTTPS traffic and SSL offloads on server not on F5.   If yes would be the disadvantage of it?   What would be the a...
Ryannnnnnnnn's avatar
Ryannnnnnnnn
Icon for Altocumulus rankAltocumulus
Oct 13, 2014

  1. Yes, you are able to create a VS listening on port 443 and terminate SSL on the pool member rather than the LTM.

     

  2. Disadvantages of not performing SSL offload could be no visibility into the encrypted packets, therefore you can't use any cool layer 7 stuff like cookie persistence and layer 7 iRules.

     

  3. Advantages of offloading, as mentioned above. Plus SSL on the LTM is performed in hardware as opposed to software, which improves speed and takes un-needed load off a busy pool member/s

     

  • Muhammad_Irfan1's avatar
    Muhammad_Irfan1
    Icon for Cirrus rankCirrus
    Oct 14, 2014
    Great answer sir. 1. Only cookie persistence can not performed or all persistences can not be performed? 2. Which traffic is classified as SSL in F5 (i) Which pass through F5 or (ii) Which offloads on F5 through certificate.