Forum Discussion

KMA_50449's avatar
KMA_50449
Icon for Nimbostratus rankNimbostratus
Jul 16, 2008

Reverse proxy SSL with LTM : https with bigip, then http

Hi,     We have LTM with ssl accelerator card, so time to use them !     What I try to do seems easy :     Request :   Client -> https -> Bigip wit...
config
design
KMA_50449's avatar
KMA_50449
Icon for Nimbostratus rankNimbostratus
Jul 17, 2008
Hi,

 

 

So after fw test I have a new problem, which I can't explain

 

 

I've created a clientssl profile specifing my key/cert and all other option are default. No client authentication

 

 

I've created a pool with 1 server and port 80, allow snat is yes, other is default (allow nat no)

 

 

I"ve created a vs listening on port 443, with protocol profile client to tcp,my clientssl profile, address translation checked and snat pool to automap.

 

 

So I try to reach my server, the good certificate is sent to my browser, and then error 400, the LTM decrypte the ssl and resend the request in http to port 443 of my server.

 

 

The one in my pool is only on port 80, and port translation in the vs in not checked.

 

 

On the server side I can see the request arriving on the port 443 ... not 80.

 

Don't find where I've made a mistake, if you have any idea