Forum Discussion
tiwang_122270
Nimbostratus
NimbostratusUsing SSL offload and passing traffic through to internal webserver
hi out there
I have defined a vs - solely LTM (bigip 11.3) where I make use of SSL offload in the F5 and passing the http traffic through to a internal webserver. The intention was that we in ph...
Cory_50405
Noctilucent
NoctilucentTi,
Do you only have one web server in your pool? If so, could you please post your virtual server, pool, and client SSL profile configurations?
tiwang_122270Nimbostratus
Nimbostratushi cory I have only webserve rin my pool (second isdisabled but was a test vm so it can be removed - just disabled it at first:
ltm pool /dk_dmz/DK_FILE_pool {
members {
/dk_dmz/AE-REL-IIS-02:80 {
address 172.23.7.15
session user-disabled
}
/dk_dmz/AEWEB-03:80 {
address 10.14.12.22
description "Webserver for webapp dmz"
monitor /dk_dmz/DK_ICMP
}
}
monitor /dk_dmz/DK_ICMP
}
ltm virtual /dk_dmz/DK_FILE_vs {
description "Virtual server for pass-through to File upload service"
destination /dk_dmz/195.8.25.38%0:443
http-class {
/dk_dmz/DK_FILE_vs
}
ip-protocol tcp
mask 255.255.255.255
pool /dk_dmz/DK_FILE_pool
profiles {
/Common/tcp { }
/Common/wildcard.adp.com_ssl {
context clientside
}
/dk_dmz/DK_ADP_HTTP_Profile { }
}
security-log-profiles {
"/Common/Log all requests"
}
source 0.0.0.0%0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
vlans-disabled
}
ltm profile client-ssl /Common/wildcard.adp.com_ssl {
app-service none
cert /Common/wildcard.adp.com_2015.crt
chain /Common/digicertca_chain_2022.crt
defaults-from /Common/clientssl
key /Common/wildcard.adp.com_2015.key
}
