OCSP through an outbound explicit proxy
Hey DC community, Kevin Stewart here with a fun little project I'd like to share.
There have been countless questions about this over the years: how to pass LTM or APM OCSP requests through an out...
Published Dec 05, 2017
Version 1.0
Kevin_Stewart
Employee
Employee
thegeneralmills
Nimbostratus
NimbostratusThanks for putting this together. We used part of this method to support some F5s that are out in a PoP where we were not planning on adding SNAT capabilities to the access our OCSP stapling endpoint, it did, however, have access to a data center that did have SNAT enabled. We took the "Proxy iRule" you created and applied it to a Virtual Server in the RFC1918 space with a Pool that consisted of the DNS record of our OCSP stapling endpoint. SNAT from the data center works like a champ, and we didn't have to find a different work around to solve this issue.
Thanks a bunch, very helpful and informative!