Forum Discussion

rajitoor's avatar
rajitoor
Icon for Nimbostratus rankNimbostratus
Aug 13, 2020

Decryption/Inspection before F5

We have F5 which has VIP's in the DMZ network and member servers in a different network. We have started inbound inspection of SSL traffic on the firewall before traffic reaches any of the servers or F5 in DMZ. Doing this with servers that are in the DMZ network has no issue. But when we enable it for traffic destined to F5 VIP, it fails. Some VIP's are set to SSL pass-through while some are doing SSL off-load and both options fail. What can be done that would enable firewall to do SSL inspection.