Forum Discussion

AjayPra_161698's avatar
AjayPra_161698
Icon for Nimbostratus rankNimbostratus
Feb 03, 2015

SSL offloading for https traffic

Scenario:   Nodes:Node1,Node2,Node3   Pool:Node1,Node2   Virtual Server:ABC   VIP 1.1.1.1   Port any   SSL offloading is configured on LTM with clientssl profile attached to the ...
application delivery
availability
design
LTM
TMOS
TMSH
shaggy's avatar
shaggy
Icon for Nimbostratus rankNimbostratus
Feb 03, 2015

The following rule will disable SSL processing if the port is not 443. The client-ssl/server-ssl profiles will still be assigned in the virtual server config

when CLIENT_ACCEPTED {
    if { [TCP::local_port clientside] != 443} {
        SSL::disable clientside
        SSL::disable serverside
    }
}
AjayPra_161698's avatar
AjayPra_161698
Icon for Nimbostratus rankNimbostratus
Feb 03, 2015
Thanks a lot shaggy My intension to do ssl off loading is to match the user agent value in http header for which I have irule as following .It seems I have to club the irule which you have provided and the one as below. when HTTP_REQUEST { set uagent [string tolower [HTTP::header User-Agent]] if { $uagent contains "msie6" or $uagent contains "msie7" or $uagent contains "msie8" or $uagent contains "mozilla/4.0"}{ pool pool1 } else { pool pool2 } }