2 different Pool has members running service port 80 and 443, Virtual Server listening on All ports, how to create LTM policy for its successful operation ?

Rahul_Kaul · ‎08-May-2020

Hi All,

Requirement :-

Virtual Server = Listening on All ports, Client-side and Server-side SSL Profile attached to it. No default Pool attached to it.

LTM policy mapped to VS as below

1) If request has Host:10.1.20.1:80 then Forward to Pool_80

2) If request has Host:10.1.20.1:443 then Forward to Pool_443

Issue faced:-

Pool_443 member able to receive and send traffic with success.

But due to Client and Server SSL profile attached to encrypt data to VS, Pool_80 is not able to reply to request.

Kind help needed as how to create a LTM Policy to meet above requirement with success ?

Mayur_Sutare · ‎08-May-2020

Why don't you create two separate VS which will listen on required ports only and you can have Server-SSL on VS which is listening on 443 only. It will become simpler job for your.

Anyways i tried one LTM policy for your use case. You can try it out and check if helps. i have written for host with 80 port and disabled server SSL if traffic is matched. You can keep condition written for 443 as it is.

Hope it helps!

Mayur

Rahul_Kaul · ‎08-May-2020

Thanks for your reply above will certainly look into it !!!! Regarding question asked, actually the F5 device is running ASM primarily and we were having some issues with attaching same ASM policy to 2 different Virtual Servers running same application, hence to made operational task easy we were looking for single VS use per application running different service ports.

DevCentral

2 different Pool has members running service port 80 and 443, Virtual Server listening on All ports, how to create LTM policy for its successful operation ?

Khoros Kudos Award 2022