Old web application support through F5 LTM

Question

We have an old application, that uses HTTP (port 80) to make requests to a web service over the internet. We want these calls to use HTTPS (port 443). The web service endpoint only supports TLS 1.2 while the old application cannot support anything newer than TLS 1. So I am checking to see if we can make the call from the old application to the internal F5(LTM) then to the web service in order to support the encrypted traffic.  This way the F5 can manage the TLS1.2 termination. is this possible?

As is:
Old app (HTTP) ----&gt; Fire Wall ----&gt; web service
Proposed:
Old app (HTTPs/TLS 1) ----&gt; internal F5 (HTTPs/TLS 1.2)  ----&gt; Fire Wall ----&gt; web Service

harshapotharaju · Answer

Yes. Create https vip and assign http pool to it. For ssl profiles, client ssl is enough. Should not assign server ssl profile to the vip.&nbsp;
Webservice - Firewall - F5 https tls1.2 - app http tls1.0&nbsp;
Let me know what you got after this. We may have to modify ciphers also.&nbsp;

Forum Discussion

Old web application support through F5 LTM

Recent Discussions

Upgrade F5 BIGIP

MAC address of deleted VS IP address still responsive

ports are showing open on online scanning tool

how to whitelist new source IP on F5 web UI access

TMSH Command to list ASM policies not attached to any virtual servers in all partitions

Related Content

F5 Access support for MS Intune

Does LTM support external GeoIP Database?

how many concurrency rest api request LTM,GTM can support

F5 Access Win10 Application does not support DNS

F5 support web site login

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS