For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

akvzau's avatar
akvzau
Icon for Nimbostratus rankNimbostratus
Oct 30, 2023

SSLO http proxy base on category

Currently, we have a requirement to integrate SSLO for user proxy traffic, Current proxy policy is authenticated and filters based on user group. Certain categories are required to bypass SSL inte...
security
Paulius's avatar
Paulius
Icon for MVP rankMVP
Oct 30, 2023

akvzau Sadly I'm not familiar with this process but it should be possible to have an HTTP proxy without performing SSL termination because we currently use one with just the LTM without SSLO and it works for both HTTP and HTTPS traffic. Essentially what happens in this case is you have an HTTP tunnel between yourself and the LTM proxy which you then tunnel HTTPS traffic over and the LTM hands off the SSL negotiation directly to the destination. The following might be of some assistance.

https://community.f5.com/t5/technical-forum/performing-ssl-bypass-for-forward-proxy-traffic-based-using-an/td-p/54004