Forum Discussion
NimbostratusNeed help - Configure forwarding proxy chain
Hi team,
Initially I have configured forward proxy without any issue:
Client (Intranet) -> F5 (explicit-http) -> INTERNET
Now, we want to put proxy pool between F5 and INTERNET like this:
Client (Intranet) -> F5 (explicit-http) -> HTTP Proxy Pool -> INTERNET
I tried to follow this article - https://devcentral.f5.com/s/articles/configure-the-f5-big-ip-as-an-explicit-forward-web-proxy-using-ltm-32268 , however F5 (explicit-http) doesn't seem to tunnel the traffic to the HTTP Proxy Pool.
Please guide me what is missing?
Thanks,
Riwut
4 Replies
cakriwutthanks, you are saving my day.
For others who has same difficulties, here are the key moving part to create load balance forward proxy chain.
- Create Pool of forward proxy, that will actually connect to internet.
- Create DNS Resolver
- Create tcp-forward tunnel
- Create http-explicit service profile (bind DNS resolver, tcp-forward tunnel, disable one connect transformation, enable default connect handling)
- Create iRule that will disable HTTP::proxy , and direct to Pool of forward proxy.
Apparently my initial configuration was missing step-4 (disable one connect transformation) and step-5 irule.
Hence the principle to achieve forward proxy chain are:
- Create http-explicit VS for the proxy endpoint
- Using iRule to internally change the processing into Reverse proxy.
Thanks,
Riwut
chomjoshThanks for this straight forward contribution to this issue. It solved my problem 100%. Great job! This should be voted BEST!
- LiefZimmerman
Admin
- might you consider selecting the answer that provided as best? You could select your own as well if you prefer. Cheers.
