Serverside SNI injection iRule

Problem this snippet solves: Hi Folks, the iRule below can be used to inject a TLS SNI extension to the server side based on e.g. HOST-Header values. The iRule is usefull if your pool servers depe...
Updated Jun 06, 2023
Version 2.0
devops
security
server name indication injection
sni
sni injection
Kai_Wilke's avatar
Icon for MVP rankMVP
My name is Kai Wilke and I'm working as a Principal Consultant for IT-Security at itacs GmbH - a German consulting company specialized in Microsoft Security cloud solutions, F5 customizations as well as for classic IT-Consulting. You can find additional information about me and my work here: https://devcentral.f5.com/articles/q-a-with-itacs-gmbhs-kai-wilke-devcentrals-featured-member-for-february-24890
View Profile
kgaigl's avatar
kgaigl
Icon for Cirrocumulus rankCirrocumulus
Nov 28, 2018

Hello Kai,

 

could you please explain, how to tweak the sni_value? I'm to stupid to get this...

 

we've 2 servernames behind a Portal-Access (different from the FQDN of Client-Side), now only the one works, I insert the servername in the sni-field of the SSL-Profile.

 

But what would there be the $sni_value ? At the moment I don't get it.

 

thanks

 

Karl