Forum Discussion

Nimbostratus

Nov 28, 2018

SSL Offload and re-encrypt traffic between Route Domains

SSL Offload and re-encrypt traffic between Route Domains like use NGFW features (IPS & AV) with F5 LTM. Traffic flow will be External client --- > fw1 --- > LTM (RD -01) --- > fw2 ---- > LTM (R...

Employee

Nov 29, 2018

Sanjeewa, you don't really need route domains if this is all layer 3 traffic. You simply need to create separate VLANs and self-IP subnets between each FW.

External client talks to FW1 on subnet1
FW1 talks to LTM on subnet2
LTM pools to FW2 on subnet3
FW2 default routes back to TLM on subnet4
LTM pools to web server on subnet5

Subnets 2 through 4 would all be internal, and as long as address translation is disabled, the destination IP could remain unchanged until you get to the LTM pool.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Offload and re-encrypt traffic between Route Domains

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

T4 and ALL tenant images

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

[ASM] - How to disable the SQL injection attack signatures

Related Content

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

SSL Full Proxy - SSL Re-Encryption performance degradation

SSL Offloading and Backend pool https

F5 Distributed Cloud - Traffic Steering based on Client IP Address

FTPS Offload via iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS