Forum Discussion

Cirrostratus

Apr 15, 2016

SSL Inspection Bypass

Hi, Im in the process of setting up SSL inspection on browsing traffic for a client. I have been using F5's deployment guide (https://www.f5.com/pdf/deployment-guides/ssl-intercept-dg.pdf) to set t...

application delivery

irules

Yann_Desmarest

Cirrus

Apr 18, 2016

Hello,

Why not just set up an SSL forward proxy configuration and apply a specific SSL profile for that :

https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-12-0-0/14.html?sr=53151263

You can also define a bypass list within the SSL profile directly

Yann_Desmarest

Cirrus

Apr 18, 2016

Are you sure that a "non-bypassed" connection hit the following command within the irule : SSL::forward_proxy policy intercept Did you add some logs in the irule to check the path used for those failing connections ?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Inspection Bypass

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

F5 DNS Logs in JSON Format

Geo location update

Help with an iRule to disconnect active connections to Pool Members that are "offline"

block a specific user

Related Content

Implementing SSL Orchestrator - Decryption Bypass by Category

Bypass Azure Login Page with OAuth login_hint on F5 BIG-IP APM

SSL Orchestration: Making outbound SSL inspection faster and more resilient

Bypass certificate check

Unsupported Snort Keywords in Protocol Inspection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS