SSL Offload and re-encrypt traffic between Route Domains

Question

SSL Offload and re-encrypt traffic between Route Domains &nbsp;
like use NGFW features (IPS &amp; AV) with F5 LTM. Traffic flow will be External client --- &gt; fw1 --- &gt; LTM (RD -01) --- &gt; fw2 ---- &gt; LTM (RD -02) --- &gt; pool member ( web server)&nbsp;
SSL offload needs to be done on LTM (RD -01) without any pool members. Server SSL need to be done on LTM (RD -02) to re-encrypt the traffic. &nbsp;
Could I please have some guidance to create an irule if that works?&nbsp;

kevin_stewart · Answer

Sanjeewa, you don't really need route domains if this is all layer 3 traffic. You simply need to create separate VLANs and self-IP subnets between each FW.&nbsp;
External client talks to FW1 on subnet1FW1 talks to LTM on subnet2LTM pools to FW2 on subnet3FW2 default routes back to TLM on subnet4LTM pools to web server on subnet5
Subnets 2 through 4 would all be internal, and as long as address translation is disabled, the destination IP could remain unchanged until you get to the LTM pool.&nbsp;

Forum Discussion

SSL Offload and re-encrypt traffic between Route Domains

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

SSL Full Proxy - SSL Re-Encryption performance degradation

fellow traffic

SSL Offload with HTTP/2.0

HTTPS offload rewriting

FTPS Offload via iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS