Forum Discussion

Jason_19901

Nimbostratus

Mar 24, 2011

SSL offload to IPS

New to the forum. I am decrypting SSL traffic on the F5 and would like an iRule to send the unencrypted data to an IPS before it gets encrypted again on its way to the node. Is this possible?

Nimbostratus

Mar 24, 2011

You might want to investigate utilizing Clone Pools to see if it will do what you are needing.

SOL8573: Overview of port mirroring and clone pools

http://support.f5.com/kb/en-us/solutions/public/8000/500/sol8573.html?sr=13486642

Clone Pools can be configured to capture one way or two way traffic (Traffic to the Server from the Client - Clone Pool (Client) and traffic to the Client from the Server - Clone Pool (Server)). It does this during SSL tear down if the traffic is encrypted.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL offload to IPS

Recent Discussions

show system - attribute values

Upgrade F5 BIGIP

iRule: Failure to activate payload

APM integrate with Azure Intune

how to whitelist new source IP on F5 web UI access

Related Content

SSL Offloading for specific IPs or range of IPs

SSL Orchestrator Advanced Use Cases: Integrating F5 Intrusion Prevention System (IPS)

F5 Synthesis: Hybrid SSL Offload

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

SSL PROXY

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS