Thanks folks! So what I understood is that this is achievable ....I will do these steps
- Create VIP and associate application ports 80,443,22 with that VIP.
- Create node (server IP) and listen on ports 80,443,22. Setup keepalive.
-
On VIP Profile :
Do not use SNAT, automap
default profiles for http
default profile for https (no SSL offloading)
no CA and Identity certificate reqd as Server will have the SSL certificate
- Server does not use F5 as Gateway. L3 switch will be the DGW
- On the Server L3 Switch configure policy for server source IP to use F5 LTM as next hop
Is there anythng else required on VIP , Node setup, elsewhere?