F5 Sites
  • F5.com
  • LearnF5
  • NGINX
  • MyF5
  • Partner Central
Contact
  • Under Attack?
  • F5 Support
  • DevCentral Support
  • F5 Sales
  • NGINX Sales
  • F5 Professional Services
Skip to contentBrand Logo
Forums
CrowdSRC
Articles
Groups
EventsSuggestionsHow Do I...?
RegisterSign In
  1. DevCentral
  2. Articles
  3. Technical Articles

OCSP through an outbound explicit proxy

Hey DC community, Kevin Stewart here with a fun little project I'd like to share. There have been countless questions about this over the years: how to pass LTM or APM OCSP requests through an out...
Published Dec 05, 2017
Version 1.0
BIG-IP Access Policy Manager (APM)
LTM
ocsp
security
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Joined March 16, 2006
View Profile
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Joined March 16, 2006
View Profile
thegeneralmills's avatar
thegeneralmills
Icon for Nimbostratus rankNimbostratus
Apr 09, 2019

Thanks for putting this together. We used part of this method to support some F5s that are out in a PoP where we were not planning on adding SNAT capabilities to the access our OCSP stapling endpoint, it did, however, have access to a data center that did have SNAT enabled. We took the "Proxy iRule" you created and applied it to a Virtual Server in the RFC1918 space with a Pool that consisted of the DNS record of our OCSP stapling endpoint. SNAT from the data center works like a champ, and we didn't have to find a different work around to solve this issue.

 

Thanks a bunch, very helpful and informative!

 

ABOUT DEVCENTRAL

DevCentral NewsTechnical ForumTechnical ArticlesTechnical CrowdSRCCommunity GuidelinesDevCentral EULAGet a Developer Lab LicenseBecome a DevCentral MVP

RESOURCES

Product DocumentationWhite PapersGlossaryCustomer StoriesWebinarsFree Online CoursesF5 CertificationLearnF5 Training

SUPPORT

Manage SubscriptionsProfessional ServicesProfessional ServicesCreate a Service RequestSoftware DownloadsSupport Portal

PARTNERS

Find a Reseller PartnerTechnology AlliancesBecome an F5 PartnerLogin to Partner Central

F5 logo©2024 F5, Inc. All rights reserved.
TrademarksPoliciesPrivacyCalifornia PrivacyDo Not Sell My Personal Information