Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Need help - Configure forwarding proxy chain

Go to solution
cakriwut
Nimbostratus
Nimbostratus

‎24-Jan-2020 04:30

Hi team,

 

Initially I have configured forward proxy without any issue:

Client (Intranet) -> F5 (explicit-http) -> INTERNET

 

Now, we want to put proxy pool between F5 and INTERNET like this:

Client (Intranet) -> F5 (explicit-http) -> HTTP Proxy Pool -> INTERNET

 

I tried to follow this article - https://devcentral.f5.com/s/articles/configure-the-f5-big-ip-as-an-explicit-forward-web-proxy-using-... , however F5 (explicit-http) doesn't seem to tunnel the traffic to the HTTP Proxy Pool.

 

Please guide me what is missing?

 

Thanks,

 

Riwut

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
nathe
Cirrocumulus
Cirrocumulus

‎24-Jan-2020 11:34

Have you seen this iApp? May identify any misconfiguration. Of course you may not need to go down the route of 0365 bypass though.

View solution in original post

4 REPLIES 4

Go to solution
nathe
Cirrocumulus
Cirrocumulus

‎24-Jan-2020 11:34

Have you seen this iApp? May identify any misconfiguration. Of course you may not need to go down the route of 0365 bypass though.

Go to solution
cakriwut
Nimbostratus
Nimbostratus

‎25-Jan-2020 18:41 - last edited on ‎24-Mar-2022 01:07 by Fog

  thanks, you are saving my day.

For others who has same difficulties, here are the key moving part to create load balance forward proxy chain.

  1. Create Pool of forward proxy, that will actually connect to internet.
  2. Create DNS Resolver
  3. Create tcp-forward tunnel
  4. Create http-explicit service profile (bind DNS resolver, tcp-forward tunnel, disable one connect transformation, enable default connect handling)
  5. Create iRule that will disable HTTP::proxy , and direct to Pool of forward proxy.

 

Apparently my initial configuration was missing step-4 (disable one connect transformation) and step-5 irule.

Hence the principle to achieve forward proxy chain are:

  1. Create http-explicit VS for the proxy endpoint
  2. Using iRule to internally change the processing into Reverse proxy.

 

Thanks,

 

Riwut

 

 

Go to solution
LiefZimmerman
Community Manager
Community Manager
In response to cakriwut

‎30-Jan-2020 15:54 - last edited on ‎24-Mar-2022 01:07 by Fog

 - might you consider selecting the answer that  provided as best? You could select your own as well if you prefer. Cheers.

0 Kudos

Go to solution
chomjosh
Nimbostratus
Nimbostratus
In response to cakriwut

‎17-Jul-2023 16:47 - edited ‎17-Jul-2023 16:48

Thanks for this straight forward contribution to this issue. It solved my problem 100%. Great job! This should be voted BEST!

0 Kudos
Copyright © 2023 Khoros, LLC