on 11-Mar-2015 14:37
Problem this snippet solves:
This iApp configures an Explicit Proxy using the new "Explicit" Proxy Mode that was introduced into the HTTP Profile in BIG-IP 11.5.
You only need LTM or APM provisioned.
It creates all configuration components required including:
If you require the Explicit Proxy to listen on more than 1 port e.g 3128 and 8080, simply just create another Application Service.
Contributed by: Brett Smith
How to use this snippet:
Eric, we are also interested in implementing some sort of user authentication.
Did you had success with your Auth?
Hi Jos,
 
You can filter URLs, I would recommend the SWG iApp: https://devcentral.f5.com/s/articles/f5-secure-web-gateway-iapp-template
 
It doesn't require a SWG license in 12.1+ and you can create your own custom categories.
 
Great work! I managed to deploy successfully explicit proxy for HTTP/HTTPS calls.
Brett, is there a way to control server side encryption separate from the client side without using SSL Forward Proxy features? The problem I'm trying to solve is that I have dev machines supporting clear text only than need to reach resources on the internet that support tls1.2 only. dev machine >> (clear text) >> vIP (LTM Explicit Proxy) >> (encrypted - TLS1.2) Internet Resources
I've tried different ways of using server/client ssl profiles without success. Before going with "tunnel" vIP and SSL Forward Proxy I wanted to see if there is any other way around as from what I read this solution would require additional license.
This was working before but now, it just stopped working. The proxy no longer responds to requests
Hello,
I am trying to automate creation of this iapp. So far I have got the following variables and tables:
tmsh create sys application service Proxy { template f5.explicit_proxy tables add { tmsh show /sys serviceresolver__rootresolvers { column-names { ip } rows { { row { 8.8.8.8 } } } } proxy__client_vlan { column-names { vlans } rows { { row { internal } } } } } variables add { proxy__explicit__ip { value 10.51.126.5 } proxy__name { value Proxy } proxy__explicit__port { value 3128 } resolver__intresolvers { value /default } proxy__snatpool { value /default } } }
and I am geting an error:
Syntax Error: incomplete command
Can anyone help get this working?
Many Thanks
Is this designed to work with version 13.1.1? I cant seem to get it to work to save my life.
Hi Brett, the link seems to be not valid anymore. Can you, please provide a new one? Thanks a lot!