For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Raja_M's avatar
Raja_M
Icon for Nimbostratus rankNimbostratus
May 24, 2018

SSL Offloading on F5 LTM

We have 2 VIP 1. VIP is on port 5555 and pool members also in service port. 2. VIP is on Port 5443 and Pool members in 5555.   They want to do ssl offload on the VIP will it work???  
application delivery
BIG-IP
Steve_Lyons_236's avatar
Steve_Lyons_236
Historic F5 Account
May 24, 2018

I personally don't see why not as I have a lot of customers using non standard ports for their web applications. I am curious as to why you wouldn't want to define a standard port on the virtual server as either users will need to manually define :5555 or you will need to create an iRule to redirect all requests to port 5555. As for the server side, the BIG-IP will perform any translation required to the service port of the pool members. At this point the BIG-IP is the client using ephemeral ports connecting to a static port on your web server. As long as the web server itself is listening on 5555 you should be fine. What are some of your concerns?

 

Raja_M's avatar
Raja_M
Icon for Nimbostratus rankNimbostratus
May 24, 2018

MY concern is if we add SSL certificate on non standard port VIP 5555 will SSL offloading work or not???