Forum Discussion
cakriwut
Nimbostratus
NimbostratusNeed help - Configure forwarding proxy chain
Hi team,
Initially I have configured forward proxy without any issue:
Client (Intranet) -> F5 (explicit-http) -> INTERNET
Now, we want to put proxy pool between F5 and INTERNET like this:
Client (Intranet) -> F5 (explicit-http) -> HTTP Proxy Pool -> INTERNET
I tried to follow this article - https://devcentral.f5.com/s/articles/configure-the-f5-big-ip-as-an-explicit-forward-web-proxy-using-ltm-32268 , however F5 (explicit-http) doesn't seem to tunnel the traffic to the HTTP Proxy Pool.
Please guide me what is missing?
Thanks,
Riwut
cakriwutthanks, you are saving my day.
For others who has same difficulties, here are the key moving part to create load balance forward proxy chain.
- Create Pool of forward proxy, that will actually connect to internet.
- Create DNS Resolver
- Create tcp-forward tunnel
- Create http-explicit service profile (bind DNS resolver, tcp-forward tunnel, disable one connect transformation, enable default connect handling)
- Create iRule that will disable HTTP::proxy , and direct to Pool of forward proxy.
Apparently my initial configuration was missing step-4 (disable one connect transformation) and step-5 irule.
Hence the principle to achieve forward proxy chain are:
- Create http-explicit VS for the proxy endpoint
- Using iRule to internally change the processing into Reverse proxy.
Thanks,
Riwut
chomjoshThanks for this straight forward contribution to this issue. It solved my problem 100%. Great job! This should be voted BEST!
- LiefZimmerman
Admin
- might you consider selecting the answer that provided as best? You could select your own as well if you prefer. Cheers.
