Forum Discussion
vishu_chavan
Altocumulus
AltocumulusRestricting access to a virtual server by Public IP address should access through only domain name.
We had Published website on F5 with Domain name ,now created domain is aviable in public ,but publish website is also accessible with ip address in public domain.( we have created server pool...
seems you have not used your Domain certificate under client ssl profile , check thebelow link to upload your CA domain certificate and key to bigip and followed to that you need to create client ssl profile point to your Domain certificate/key and any chain certificate.
https://my.f5.com/manage/s/article/K14620#3
once done you check your domain for any ssl issue by running test in below link
https://www.sslshopper.com/ssl-checker.html
F5-EnthusiastAltocumulus
AltocumulusHello,
please note first, that version 11.5.8 is out of any supprt and service from April 8, 2019 as you can see in BIG-IP software support policy (f5.com)
For your problem, solution via iRule is a viable. also you could utilize LTM Policies.
But as you describe you can't add the iRule (which is based on HTTP Events) because you do not have any HTTP Profile on Virtual Server.
This Profile is required to validate or manipulate data on HTTP Layer.
And as you described you also have application issues if you apply an HTTP Profile it seems that the Application is protected by SSL / TLS. In this case you would also need an Client SSL / Server SSL profile
So the F5 will be able to decrypt and encrypt the connection and after that apply the http profile to make your iRule work.
But most important: Get an updated F5. This software Version is old and has maaaaaany Security and operating flaws
Regards
vishu_chavanAltocumulus
AltocumulusThanks for reply
yes we knew F5 is running on old version and it is out of date .new F5 is in process as it will take time .
Can you please, Guide me how to apply SSL / TLS for virtual server .
Thanks in advance .