Forum Discussion

pereest23_20740's avatar
pereest23_20740
Icon for Nimbostratus rankNimbostratus
Jun 19, 2015

SSL publishing on same Virtual Server Destination IP

Hi,

 

First of all let me tell you how the setup is. I've got a public interface and an inside interface. Servers on the inside are not in the same vlan as de F5. Routes are defined on F5 to reach those servers.

 

The problem that I'm facing is to publish two differend SSL sites with differend backend servers/pools and these need to be published on the same virtual Server address. When I try to create this, I get the following error :

 

> 01070333:3: Virtual Server /Common/VS_xxx illegally shares destination address, source address, and service port with Virtual Server /Common/VS_yyy.

 

I found follwoingprocedure on F5 website :

 

https://support.f5.com/kb/en-us/solutions/public/14000/600/sol14683.html

 

Only thing is that I don't have got 2 differend VLANS on the inside, I use routes. So this procedure does not seems to be working for me.

 

Anybody already countered the same issue? Any help is much appreciated.

 

Kind regards

 

ps : for the moment F5 is will only be used as a reverse proxy.

 

BIG-IP
certificate
deployment
ssl
virtual server

2 Replies

Sort By
  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Jun 22, 2015

    What is your need?

     

    You can create two virtual servers with same destination and port if you define something else in the configuration to permit LTM to choose the right VS:

     

    • Source Address (since 11.3) : you can specify one network
    • VLAN : specify the client VLAN. in you case, this is not possible as you only have one external VLAN

    If your need is to publish different HTTPS services, you can configure SNI as proposed by boneyard.

     

    If you only need to redirect to different servers, you can use LTM Policies or iRule.