Forum Discussion
Sly_85819
Nimbostratus
Oct 13, 2009SSL pass-through configuration
Can someone tell me how to I configure SSL pass-through for Standard VS? Basically we dont want to have SSL offloading on LTM and the server should have SSL cert. I have used 2 options suggested by F5...
hoolio
Cirrostratus
Nov 17, 2009There are a few options (in order by what I think your requirements are):
1. Standard TCP VIP without any client or server SSL using SSL session ID persistence. No HTTP inspection or modification possible.
2. Standard TCP VIP with a client and server SSL profile. This would add load to both LTM and the servers for decrypting and re-encrypting the SSL, but would allow you to inspect and modify the HTTP on LTM and keep all traffic on the wire encrypted.
3. Use a performance layer 4 VIP and no client or server SSL profiles. This is the fastest in terms of LTM processing, but also the most limited in terms of functionality. You cannot use client or server SSL, an HTTP profile for inspection or modification, cookie insert persistence, etc.
Aaron
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects