Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Possible to proxy outbound SSL connection?


First, I apologize if this is a newbie question. I am fairly new to working with F5's.


Issue: I have a client with pretty weak ciphers. It can't connect to (example) because it has no ciphers supported by In our environment, the F5 serves as both the Load Balancer and Firewall. Outbound internet traffic flow through the F5. is a third party and won't work with me on this issue.


Question: Is it possible to have the F5 proxy this outbound connection? The idea is for the F5 to do the SSL negotiation (using F5 ciphers) and pass this traffic back to the client.


Thank you in advance.


Yes this is posible. You can setup een explicit forward proxy. For example, you can use this iApp:


Note that you don't need APM when SSL inspection isn't required.


Manual configuration is also possible. See this:


With use of a PAC file, it's possible to only send requests to via the proxy.