ssl-offload
3 TopicsUsing SSL offload and passing traffic through to internal webserver
hi out there I have defined a vs - solely LTM (bigip 11.3) where I make use of SSL offload in the F5 and passing the http traffic through to a internal webserver. The intention was that we in phase one of this project get the frame for it up and run - the F5 should only take care of SSL offload and passing the traffic on to the internal server. But - The authentication fails - I have enabled basic authentication on the webserver (IIS7.5) and it replies nicely with a 401 which the first time is passed through to client on the outside of the F5. Afterwards it fails and I cannot really find out why. I have been using the standard http profiles etc - as much as possibly right out of the box. Eg.: my problem here is that the first time the client access the internal webserver the authentication runs correctly - but afterwards it is as if the authentication fails - the webserver writes 401 in the logfile.. Since it is SSL encrypted on the client side it is a bit hard to investigate in even thoguh I can see what we think we sends by dumping it out with tcpdump and decrypt with ssldump - but I am still not sure what is going wrong. Are there some common pitfalls here when we do a protocol-transition? best regards /ti399Views0likes5CommentsSSL-Offloading issue
for a LTM 11.5.1 HF1, 1- Certificate has been imported successfully 2- ssl profile has been created 3- ssl profile is assigned to vs-A 4- https access & certificate for vs-A was successful , However for vs-B & vs-C, I did the same work, but https access is allowed with certificate error. what shall i do?Solved300Views0likes2CommentsUsing SSL offload and passing traffic through to internal webserver
hi out there I have defined a vs - solely LTM (bigip 11.3) where I make use of SSL offload in the F5 and passing the http traffic through to a internal webserver. The intention was that we in phase one of this project get the frame for it up and run - the F5 should only take care of SSL offload and passing the traffic on to the internal server. But - The authentication fails - I have enabled basic authentication on the webserver (IIS7.5) and it replies nicely with a 401 which the first time is passed through to client on the outside of the F5. Afterwards it fails and I cannot really find out why. I have been using the standard http profiles etc - as much as possibly right out of the box. Eg.: my problem here is that the first time the client access the internal webserver the authentication runs correctly - but afterwards it is as if the authentication fails - the webserver writes 401 in the logfile.. Since it is SSL encrypted on the client side it is a bit hard to investigate in even thoguh I can see what we think we sends by dumping it out with tcpdump and decrypt with ssldump - but I am still not sure what is going wrong. Are there some common pitfalls here when we do a protocol-transition? best regards /ti189Views0likes0Comments