supporting a http2 sni website with f5 ltm?
I have a website which is working fine directly from browser to server. But not via f5 (v16.1.2).
The session uses https 443, tls1.2, http2.0, and the server relies on SNI. When via F5, the client browses https://app.external.com. F5 presents a wildcard cert for external.com which the browser is happy with. F5 forwards to backend https://server.internal.com. The node in the pool uses FQDN to resolve server.internal.com. I have tried using host header replacement via an irule to enforce host header being server.internal.com. I have tried creating a custom server side ssl profile which has the "server name" field set to server.internal.com.
Unfortunately the backend still does not see the traffic as being for https://server.internal.com in the same way that a direct browser session would behave. Is there irule logging i can apply to see exactly what request is being sent from F5 to the backend?