Forum Discussion
4 Replies
Sort By
- Colin_Walker_12Historic F5 AccountTechnically speaking you won't be able to do anything with traffic inspection until the traffic is decrypted anyway, meaning that a client profile will have been enforced. You're able to switch profiles at that point, if you want, with SSL::renegotiate, but you can't do that before the decryption happens. And yes, you can certainly direct to different pools based on URL once the traffic is decrypted.
- Valentine_96813NimbostratusHere are two different ways I do it. The first is based in a single VS and iRule doing different redirects to pools. The second is redirecting to another VS. You can use this second method if you wanted do something like apply client certs as in this example. You'll have to strip out what you dont need, I was OTR when I posted this.
- hooleylistCirrostratusUntil all commonly used OS's and browsers support TLS server name indication (SNI), this won't be practical to implement on LTM or any network device.
- hooleylistCirrostratus...