Forum Discussion

jjamall's avatar
jjamall
Icon for Nimbostratus rankNimbostratus
Dec 16, 2022

MTLS issue

Hi All.
I have configured a Client and Server SSL MTLS Certificate in F5, but when I am trying to access the site from outside, gets 403 - Forbidden: Access is denied error.
Do we have any best practices for this configuration.
Thanks, and regards.

3 Replies

  • Hi jjamall ,

    Can you share more details on what do you mean from outside , like it is a Public IP or NAT IP for your VIP , please share more details as the information given in your request is not sufficient to understand your issue.
    Are you able to access the site from internal network, but not from external or outside network, please share more details.


    You can refer the following article on F5 site  to perform two-way or mutual Secure Sockets Layer (SSL) authentication.

    K12140946: Configuring the BIG-IP system to perform two-way SSL authentication

    Configuring the BIG-IP system to perform two-way SSL authentication (f5.com)

    • jjamall's avatar
      jjamall
      Icon for Nimbostratus rankNimbostratus

      I am using the below configuration and having issue in accessing the server link:

      • Local Traffic  ››  Virtual Servers : Virtual Server List  ››  VS-Dev-mtls
      • Local Traffic  ››  Profiles : SSL : Client  ››  PF-CSSL-MTLS
      • Local Traffic  ››  Profiles : SSL : Server  ››  PF-SSSL-Dev

      I am looking for mTLS solution. " https://www.f5.com/labs/learning-center/what-is-mtls "

      If somone can share any best practices for this configuration for mTLS solution.!