Forum Discussion
hooleylist
Jul 07, 2008Cirrostratus
Sorry, I didn't see your last post.
If you can use an internal IP address you'd configure a pool with the pubic IP address and port you want to connect to. Then create a VIP using the internal IP address on port 80. Add a server SSL profile to the VIP and it should work.
You could also configure the VIP using the actual public IP of the external server. You'd need to disable ARP on the virtual address and ensure there is a route on the client to the public IP through LTM. Here is a sample config using Gmail as a public HTTPS site:
pool gmail_https_pool {
member 64.233.171.83:https
}
virtual address 64.233.171.83 {
arp disable
}
virtual gmail_https_vs {
destination 64.233.171.83:http
snat automap
ip protocol tcp
profile serverssl tcp
pool gmail_https_pool
}
Aaron