Forum Discussion

Nimbostratus

Jan 03, 2017

Solution For O365 SSL forward Proxy ByPass

May i ask you a question? { I want to know how can i get only ssl 443 traffic O365 going pass through directly to internet and all other traffic http & https going pass through to pool(bluecoat)...

Employee

Jan 05, 2017

So minimally you'd have two pools:

The pool of BC proxies
The pool of routers on the other side of the BCs

Based on some criteria, you'd select the BC or router (bypass) pool. The question then becomes what criteria to use. If you know the destination IP addresses for O365 resources, then it's super easy to switch pools based on the destination IP. If you don't know the IPs, and because you're not decrypting at the F5, you may have to collect and use the ClientHello SNI value (for encrypted traffic) or the HTTP host header (for unencrypted traffic).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Solution For O365 SSL forward Proxy ByPass

Recent Discussions

Management IP F5 cant be accessed

301 redirect and waf policy log problem

Big-IP VE edition for MacBook M4 Chip

ASD

Background Tasks

Related Content

The Power of &: F5 Hybrid DNS solution

Bypass WAF for X-forwarder IP in XC

Adaptive Apps: Automating NGINX Solution Deployments and API Publication - Solution Demo

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Use x-forwarded-for to bypass authentication?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS