Forum Discussion

SergeyAU

Altostratus

Dec 13, 2019

Inspecting HTTPS traffic via SWG and iRules not SSL profiles

Hello

Our F5 is used as an application proxy. Clients connect to 8080 and F5 inspects the URLs via APM/SWG

All good for HTTP traffic, but we are unable to get HTTPs inspection/blocks to work.

Some applications cannot be decrypted due to security requirements.

Is is possible to use an iRule to inspect the virtual server (8080) traffic - it is clearly seen that client request some secure URLs via CONNECT host:port

The idea is for iRule to get URL from the CONNECT and compare it to the inspection policies. Can this be done?

devops

iRules

Secure Web Gateway

No RepliesBe the first to reply

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Inspecting HTTPS traffic via SWG and iRules not SSL profiles

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

procedure power off viprion os 17.1.x

F5 Distributed Cloud Services Simulator Connect

Multiple Default Gateways

F5OS (r4800) web interface access issue

Delayed connection when traffic crosses router domains in F5 BIG-IP

Related Content

Inspecting HTTP LB traffic for security

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)

Unsupported Snort Keywords in Protocol Inspection

Inspecting a UCS file from a compromised BIG-IP

F5 BIG-IP Advanced WAF – DOS profile configuration options.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS