For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Lightboard Lessons: Air Gap Architectures

In this episode of Lightboard Lessons, Jason covers a couple deployment options for routing traffic through an IPS tier while maintaining source IPs. The first option compresses the external and inte...
Published Jan 05, 2017
Version 1.0
air gap
application delivery
lbl
LTM
security
ssl intercept
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
Carlos_Pesset's avatar
Carlos_Pesset
Icon for Nimbostratus rankNimbostratus
Aug 24, 2017

Thanks for the answer Jason.

 

I was making a huge confusion between airgap concepts for forwarding ssl intercept traffic and reverse ssl proxy traffic.

 

For forwarding I believe that yes, both client and server_ssl are needed in the ingress(internal) LTM and a a server_ssl for the egress(external) LTM.

 

For reverse proxy is just as you explained: ingress(outside) LTM with client_ssl and egress(internal) with server_ssl.

 

At least this is what I've seen reading some deployment guides. :)