SSL Acceleration - Can I encrypt outbound traffic

Question

I know that BIG-IP can do SSL termination and optionally re-encrypt traffic, but I'm not clear from reading the documentation whether it is possible to encrypt a non-encrypted traffic stream. We have an application using SOAP and because the traffic is high volume, we'd like to use SOAP over plain http internally, and use the F5 to translate/terminate the connection, and establish an SSL connection with an external server hosted in another organisation. Is this possible?

Thanks,

Iain

hooleylist · Answer

Hi Iain, &nbsp;
&nbsp; Yes, LTM can encrypt the serverside connection regardless of whether the clientside connection is encrypted.  You can configure this with a server SSL profile on the virtual server.  You'd probably need to enable SNAT on the virtual server to ensure the external host responds back to the client via LTM.  You'll also need a route from LTM to the external host.&nbsp;
&nbsp; Aaron

iain_fyfe_38111 · Answer

Thanks Aaron - that all makes sense.&nbsp;&nbsp;Cheers,&nbsp;&nbsp;&nbsp;Iain&nbsp;

Forum Discussion

SSL Acceleration - Can I encrypt outbound traffic

2 Replies

Recent Discussions

TELEGRAMA @CANNAUNION DINERO FALSO 💸✔💸

Handling IP Geolocation Conflicts with AWAF for Internal LAN Addresses

F5 AWAF with HTTP/2, MRF and Websocket profiles

What parameter sections can be checked to find out the cause of slow GUI access?

Issue with worker_connections limits in Nginx+

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Automate Let's Encrypt Certificates on BIG-IP

F5 Fast L4 Acceleration and the F5 Smart Coprocessor (prioritized Fast L4 Acceleration)

Accelerating Digital Transformation in Banking and Financial Services