Forum Discussion
Need help - Configure forwarding proxy chain
Hi team,
Initially I have configured forward proxy without any issue:
Client (Intranet) -> F5 (explicit-http) -> INTERNET
Now, we want to put proxy pool between F5 and INTERNET like this:
Client (Intranet) -> F5 (explicit-http) -> HTTP Proxy Pool -> INTERNET
I tried to follow this article - https://devcentral.f5.com/s/articles/configure-the-f5-big-ip-as-an-explicit-forward-web-proxy-using-ltm-32268 , however F5 (explicit-http) doesn't seem to tunnel the traffic to the HTTP Proxy Pool.
Please guide me what is missing?
Thanks,
Riwut
Have you seen this iApp? May identify any misconfiguration. Of course you may not need to go down the route of 0365 bypass though.
- cakriwutNimbostratus
thanks, you are saving my day.
For others who has same difficulties, here are the key moving part to create load balance forward proxy chain.
- Create Pool of forward proxy, that will actually connect to internet.
- Create DNS Resolver
- Create tcp-forward tunnel
- Create http-explicit service profile (bind DNS resolver, tcp-forward tunnel, disable one connect transformation, enable default connect handling)
- Create iRule that will disable HTTP::proxy , and direct to Pool of forward proxy.
Apparently my initial configuration was missing step-4 (disable one connect transformation) and step-5 irule.
Hence the principle to achieve forward proxy chain are:
- Create http-explicit VS for the proxy endpoint
- Using iRule to internally change the processing into Reverse proxy.
Thanks,
Riwut
- might you consider selecting the answer that provided as best? You could select your own as well if you prefer. Cheers.
- chomjoshNimbostratus
Thanks for this straight forward contribution to this issue. It solved my problem 100%. Great job! This should be voted BEST!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com