We have a requirement to allow some servers in a DMZ to talk to a service on the internet. I was looking into the SSL Forward Proxy feature on the LTMs as this appears to provide the service we need. F5s documentation on this is rather weak and rushed. I am following this guide:
Some (basic) questions I had on this:
This post has a really good write up on how to configure SSL forward proxy. F5 luminary Kevin Stewart provides a step by step. See SSL forward proxy what cert to use
Hope this helps
Thanks Nathan. I did see this and actually managed to get things working. Turns out you do need to use the certificate template as mentioned above. Also, the pool member should be the next hop device e.g., a router.
Do you require a ssl forward proxy or do you want LTM to act as a forward proxy for https requests?
LTM can act as a forward https proxy without forward proxy feature (and without license).
SSL forward proxy feature is useful when you want to enable http security like URL filtering.