For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Serverside SNI injection iRule

Problem this snippet solves: Hi Folks, the iRule below can be used to inject a TLS SNI extension to the server side based on e.g. HOST-Header values. The iRule is usefull if your pool servers depe...
Updated Jun 06, 2023
Version 2.0
devops
security
server name indication injection
sni
sni injection
Kai_Wilke's avatar
Icon for MVP rankMVP
My name is Kai Wilke and I'm working as a Principal Consultant for IT-Security at itacs GmbH - a German consulting company specialized in Microsoft Security cloud solutions, F5 customizations as well as for classic IT-Consulting. You can find additional information about me and my work here: https://devcentral.f5.com/articles/q-a-with-itacs-gmbhs-kai-wilke-devcentrals-featured-member-for-february-24890
View Profile
Dane_19050's avatar
Dane_19050
Icon for Nimbostratus rankNimbostratus
Aug 23, 2017

@angorya, I am seeing the same behavior you are. I have a portal access profile setup to route traffic to an internal app. I used the rule above and the tcpdumps still show the original server name instead of the injected server name.