ProxySSL - tracking the client

Question

Consider the following scenario:
A virtual server is defined with a ProxySSL rule to inspect traffic before passing the stream to another virtual server.&nbsp;
Question:
If a connection is inspected, then rejected by the ProxySSL VS for some reason, is there any way to associate the connection with a client other than source IP?  Is there any way to determine the client certificate or the SSL session ID in the ProxySSL VS?&nbsp;

kevin_stewart · Answer

I'm a little confused by your description. ProxySSL, being a man-in-the-middle SSL mechanism, needs a direct client to server SSL negotiation. So do you mean the client is negotiation SSL (through your ProxySSL-enabled VIP) to another physically separate device downstream?

randy_abrams · Answer

Yes I mean the client is negotiation SSL (through a ProxySSL-enabled VIP) to another physically separate device downstream.&nbsp;

Forum Discussion

ProxySSL - tracking the client

2 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Link Tracking

Enhance your Application Security using Client-side signals

APM - Track clicks on webtop resources

iRule based RADIUS Client Stack

Referral Tracking With iRules