Forum Discussion

Cirrocumulus

Nov 10, 2022

Is there Limitation of irule "virtual".. can we do it like this?

Hi We have BIG-IQ and BIG-IP AWAF. I see that BIG-IQ application dashboard is show only 1 application per virtual server. But in BIG-IP AWAF.. we config it as 1 virtual server 100 application (mul...

Cirrocumulus

Thank you for answer JRahm

May I've another question.. We perform ssl bridging on F5 AWAF (VIP port 443 and pool port 443.. decrypt to scan waf and reencrypt again)

when I use irule "virtual".. Do I need to reencypt before send it to VS_private ?
Flow will be like
Client > VIP:443 > Decrypt > irule send to virtual > (1) what port I need to use on Virtual private ? is it 80?

if it port 80.. So I need to config Virtual_Private to use port 80 with only serverssl profile to re-encrypt it to 443 before send to server , am I correct?
I'm concern about multiple decrypt/encrypt which might affect latency

JRahm

Admin

Nov 11, 2022

your thought there is correct, you don't want to re-encrypt between the virtual servers on the same backplane. Decrypt on the front-end virtual server with a clientssl profile, re-encrypt on the back-end virtual servers with a serverssl profile.

Forum Discussion

Is there Limitation of irule "virtual".. can we do it like this?

Recent Discussions

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Use BIG-IP LTM Virtual Server & iRule for an internal "What's My IP" website

"Content Switching" to non-addressable virtual server

What's the difference "Virtual Wire" and "VLAN group(Transparent) "

How to display big ip virtual edition appliance serial number (ex. "ZWIFNYAR")

Introduction to F5 Distributed Cloud Console Rate Limiting Feature