Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

external URL (or IP) as a node for VS

Hi, The customer has a request to configure several SSL certificates on a VS (and use SNI) which is fairly simple, but one of incoming URLs needs to be proxied (not redirected) to an external URL - https://something.smth (is https a factor here?).

I do have the IP of this external URL - is this as straightforward as creating a pool with the external URL IP and 443 as a port? I could open the firewall path (though I do not love the idea) from VS to this URL.

Or would you advise any different approach. The traffic is loadbalanced by an iRule as far as i remember for this VS (I'm not close to my VPN right now, can't check)

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

If the external URL is a fixed IP, you can create a node and pool for this URL and use it in the virtual server configuration. HTTPS should not be an issue as long as you configure a correct Server SSL profile on the virtual server.

Do not forget to configure a correct SNAT on the virtual server otherwise the return traffic wil not go through the F5.

You can use a LTM policy to forward traffic for the https://something.smth URL to the correct pool.

Regards, Martijn.

0