If you don't want to configure SSL decryption on LTM, a Performance Layer4 VIP with a FastL4 profile should work. If you do want to decrypt the client SSL and re-encrypt the server side connection, you can use a standard VIP with a client and server SSL profile. The advantage to the latter option is that you can inspect and modify the HTTP. This includes using cookie persistence. The downside is that it's extra load on the servers and LTM as both need to decrypt the SSL.
Why do you mention that you want to not use a Performance L4 VIP?
Aaron