Jad_Tabbara__J1
May 16, 2019Cirrostratus
Solved
Does F5 encrypts traffic internally from a VS to another VS ?
Dear community, Context VS_Parent with clientssl + serverssl profiles and an iRule (that is responsible for routing the traffic to the child VSs based on the FQDN for example) VS_Child1 has ...
- May 21, 2019
Hi Jad,
I had already asked myself the question.
So Yes, F5 encrypts traffic routed from a VS_Parent to a VS_Child.
I validate my supposition by removing SSL Client in VS_Child and noticed that access to my service was not functional.
Additional you can use my Debug irule (hosted in devcentral) that allow you to see that Cipher/protocol used in both VS (Child an parent).
I advise you to process a ssldum using this kb:
https://support.f5.com/csp/article/K10209
So in child vs, initiate a basic capture:
tcpdump -vvv -s 0 -nni external -w /var/tmp/www-ssl-client.cap host 10.1.1.100 and port 443
then check ssl exchange:
ssldump -nr /var/tmp/www-ssl-client.cap
keep me in touch.
regards,