Forum Discussion

Nimbostratus

Apr 17, 2008

SSL Pass Through

I have a pool of appliances that are running on port 443 with a self signed certificate that can not be changed (the vendor does not have an option to disable SSL and run the web interface on port 80)...

config

design

hoolio

Cirrostratus

Apr 17, 2008

Hi Mike,

If you don't have the default gateway of the web server set to the BIG-IP's floating self IP address or have source address translation enabled, the server will send the response back to the client via its default gateway or back directly to the client. Either way, it will be with a source address that the client didn't make the request to, so the client will ignore the packets. There are a few different options for resolving this: you can change the default gateway on the server or enable SNAT on the virtual server.

If neither option works for you, can you provide more detail on the problem?

Thanks,

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Pass Through

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Need F5 iRules Consultant - HTTP Header Manipulation Issues

DOSl7 reset learning database voor automatic mode

Ssl profile different in case of retry

ISP link latency

WebSocket connection to 'wss://...' failed: Invalid frame header

Related Content

Passing Arguments to iCall Scripts

Free Passes to AppWorld 2025 – First Come, First Served!

SSL Orchestrator Service Extensions: DoH Guardian

wccp configuration for SSL Orchestrator

Introduction to BIG-IP SSL Orchestrator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS