Forum Discussion
Alain_Estrellas
Nimbostratus
NimbostratusSSL Offloading and HTTPS:8443 to HTTP:8080
I'm running an Openstack Swift-Proxy-Server and I've got a request to do SSL offloading in BigIP LTM.
From the application, the endpoint is SSL should terminate on BigIP LTM and the endpoint from BigIP LTM to Swift-Proxy-Server will be http://proxy.sample.com:8080.
Please help check my configurations since I am getting ConnectionError: [Errno 111] Connection refused
Here is my VS config:
Destination Address: 10.0.0.128 Service Port: 8443 | Others Protocol: TCP SSL Profile (Client): ssl_certificate Address Translation: Enabled Port Translation: Enabled: Source Port: Preserve Others is set to default
Here is my Monitor config:
Name: Monitor_8080 Type: TCP Alias Address: All Address Alias Service Port: 8080 Others is set to default
Here is my POOL config:
Health Monitors: Monitor_8080 Members: 10.0.0.129:8080 and 10.0.0.130:8080 Others is set to default
Stanislas_Piro2Cumulonimbus
Hi,
As virtual server address is in the same network than pool members, i think you need connections from LTM to servers must be initiated with LTM address.
to do it, you must enable source address translation Automap in the virtual server configuration.
JinshuCirrus
You just configure Automap or SNAT pool and you should be fine then.
-Jinshu
Alain_EstrellasGreat Stanislas and Jinshu!
Solved the problem by creating SNAT List then configured translation to use Automap.