Forum Discussion
hooleylist
Feb 09, 2010Cirrostratus
Hi Vladimir,
One option that may/may not work:
An LTM VIP can request or require a client cert for the clientside connection. LTM can also provide a client cert for the serverside connection. You can search on AskF5.com for clientssl profile or serverssl profile for details. There are a few solutions on this as well as manual chapters in the LTM config guide. You could use an iRule to select 127.0.0.1:80 as the node (when CLIENT_ACCEPTED { node 127.0.0.1 80}).
The iRule should work around a limitation of not being allowed to define a pool member on the loopback interface:
BIGpipe pool member creation error:
01020061:3: IP Address 127.0.0.1 is invalid, loopback not allowed.
Aaron