ProxyPass 8.2 external web proxy
I am running BIG-IP 9.4.8 Build 385.0 Hotfix HF2 with ProxyPass v8.2 (https://devcentral.f5.com/wiki/iRules.ProxyPass.ashx)
I am trying to use the ProxyPass iRule to proxy external websites through a domain owned by my company. Say my company owns the following address:
I want this to proxy the actual fandango.com:
This is important due to a web application that needs to stay within our domain. Based on other threads here, I created a pool with fandango.com as the member, and then configured ProxyPass to proxy using this pool with the following entry in the appropriately named ProxyPass data group:
/proxy/fandango.com fandango.com fandango.com (clientURL serverURL pool)
SNAT Automap is enabled on the associated VS. I have tried with and without OneConnect.
The problem is that when I go to https://mycompany.com/proxy/fandango.com in a web browser, it sits there connecting for a while and then times out with an error message indicating the connection was reset.
Running WireShark on the external interface of the BigIP I can see that the BigIP is going out to fandango.com from an appropriate, SNATed external address and downloading data. On the client side I can see the SSL connection is established, waits for a few seconds, and then the BigIP sends a RST. It generally seems to take about 10 seconds to time out; I tried messing with TCP profiles to increase timeouts and this made it take longer, but with the same result.
The additional problem is that the fandango.com pool member is an IP, so if the actual website changes their IP it will fail. Is there any way to get this to work with DNS instead of IP?
The following DevCentral post was the closest I was able to find to my situation:
I have contacted F5 Support and the only help they can offer is to post the issue here. Any help would be greatly appreciated.