Forum Discussion
NimbostratusSSL disable/enable question
Hi everybody:
We have a question about SSL::enable/disable works. Let me introduce a brief map.
Our client wants to deploy a new facility (EWS migration for Office365) over Exchange Anywhere. Nowadays, F5 performs SSL-offload and balance connections over port 80 with UIE persistence ("Authorization" field for cookie insert).
EWS needs information to reach CAS servers over port 443 (mandatory), so we plan an alternative internal load balancing policy between the TMG's (clientside) and the CAS (serverside). Virtual Server listens to 443 and balances straightforward over 443 without any SSL handling. The issue comes with the persistence method.
When severs responses back to clients, we need the F5 to decrypt just to be able to recover that parameter, and then encrypt again to deliver packets back to TMG over 443.
So, here is the (simple) irule:
when HTTP_REQUEST {
SSL::disable clientside
SSL::disable serverside
}
when HTTP_RESPONSE {
SSL::enable clientside
SSL::enable serverside
}
Our question: Does this irule perform what we suppose it to do??
Thank you and regards.
3 Replies
- nitass
Employee
not sure if i understand correctly but isn't it just virtual server with http, clientssl and serverssl profiles? 
RubenMOh my!
Thank you and excuse such a stupid question. Sometimes we get paranoid with all weird requests our clients want us to deploy
- RubenM
Oh my!
Thank you and excuse such a stupid question. Sometimes we get paranoid with all weird requests our clients want us to deploy
