Trying to achieve a specific configuration with an Irule and SSL Proxy.

> We cannot use nodes because all those site are external.

You can define nodes that are external to the networks on the LTM.

> Our dev team would like to replace this IIS server without having to use nodes,datagroup or so. Only with the /URL=??? method already hardcoded on hundreds of servers.

It's certainly achievable, but not trivial.

I'd suggest approaching F5 Professional Services to get this written.

Otherwise, here is a high-level irule structure

you need server-ssl profiles for all the target severs, with relevant settings and client-auth certificates

They need to be named in a structured way so they can be correctly selected with the host name

get the request URI (HTTP:uri)

split it on "URL=", and keep the second result

Prepend "https://" so you have a target URI for the server-side response

Use URI::host to get the host name

use DNS::resolve to get an IP address from the host name

set the node using the IP address

change the Host header in the request

select the correct server-ssl profile based on the hostname

allow the request to be made

once you have a response, translate any embedded URLs as required