use different pool to SSL

Question

Hi, 
&nbsp; we have a situation that usually the ASM/BIGIP terminates the SSL on the LTM and uses a pool of servers with clear HTTP, in some situation we need to use differnet pool that also use SSL, SSL terminates on the BIGIP and again use different pool with SSL, i wrote an irule: 
&nbsp;  
&nbsp; when HTTP_REQUEST { 
&nbsp;  if { [string tolower [HTTP::uri]] contains "ssl" } { 
&nbsp;      pool ssl 
&nbsp; } else { 
&nbsp;      pool clear 
&nbsp;   } 
&nbsp; } 
&nbsp;  
&nbsp; this irule will not work because of an missing "ssl server profile" (i can use the default , i am looking for a way to add this to the irule. 
&nbsp; Thanks 
&nbsp;

shay_ben-david1 · Answer

can this be a solution ? 
&nbsp; after the ssl pool ? 
&nbsp;  
&nbsp; serverside {SSL::enable}

hooleylist · Answer

Hi Shay, 
&nbsp;  
&nbsp; Which ASM version are you running?  If it's pre-9.4.2, the operation could be complicated by the _ASM_clientside iRule.  For 9.4.2+ you could use 'SSL::disable serverside' (Click here).  You could add the server SSL profile to the VIP and then selectively disable it based which pool you'll send the request to. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

use different pool to SSL

2 Replies

Recent Discussions

Stable Firmware for F5

BigIP Next - Health Monitors / Template

LDAPS and renegotiation

Need advise to setup a policy on F5

Web acceleration

Related Content

Differences between Disabled vs. Force Offline (Pool Member)

Redirect to different Pool based on URL

Pool Member Nodes: Different Partitions, Same IP Address

Difference between IP::client_addr and IP::remote_addr

SNMP Pools