How to use another VIPs settings after SSL termination?

Question

I think I saw something about this before, but can't find it.&nbsp;
We're in the situation of needing to use 2 separate SSL certs, for the same application. To try and keep things simple (because these apps change a lot) I'd like to set up the second VIP to forward to the "main" VIP after SSL. So all the iRules, profiles and load balancing would be inherited from the main VIP.&nbsp;
Is there an easy way to just forward all traffic to another VIP on the same appliance? I working on some alternatives that allow combing the certs, but that's not possible right now.&nbsp;
Thanks!
Ben&nbsp;

jrahm · Answer

I'm assuming you are wanting to use the vip targeting vip solution? Simple:
priority 999
when CLIENT_ACCEPTED {
  virtual /Common/v.myvip
}

I like to set a super low (higher number, don't start... :)) priority so all the other rules on the front vip are processed before this executes.
Also, in later versions, it is possible to attach more than one SSL profile to a virtual and use the server name identifier feature in TLS. Note that this is not supported in older browsers, but all modern browsers should be fine.

Forum Discussion

How to use another VIPs settings after SSL termination?

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

DevCentral 2024 - Share Another Day

Set HTTP version

FTPS_SSL_ Termination

Another Bash script to backup a BIG-IP device.

pool members can't connect to another Virtual Server