Thanks for clarifying. I should be clear though, I am using one VS on F5 and a shared IP on IIS to support IP sharing on both devices. My VS looks like this:
ltm virtual IDCFLB.app/IDCFLB_vs {
app-service /Common/IDCFLB.app/IDCFLB
creation-time 2022-06-17:09:53:43
destination 146.142.203.68:https
ip-protocol tcp
last-modified-time 2022-06-24:10:25:24
mask 255.255.255.255
pool IDCFLB.app/IDCFLB_pool
profiles {
IDCFLB.app/IDCFLB_client-ssl {
context clientside
}
IDCFLB.app/IDCFLB_f5-tcp-lan {
context serverside
}
IDCFLB.app/IDCFLB_f5-tcp-wan {
context clientside
}
IDCFLB.app/IDCFLB_http { }
IDCFLB.app/IDCFLB_oneconnect { }
IDCFLB.app/IDCFLB_optimized-caching { }
IDCFLB.app/IDCFLB_wan-optimized-compression { }
}
rules {
IDCF
}
serverssl-use-sni disabled
source 0.0.0.0/0
source-address-translation {
type automap
}
translate-address enabled
translate-port enabled
vlans {
VLAN_203
}
vlans-enabled
vs-index 21
The iApp has all the DNS names attached to it and I have an iRule for handling the redirects to URLs that IIS will then proxy to the WebLogic.
I did start my captures on IIS and did find that I missed some of the require SSL settings so at least some of my failed tests are my own stupidity and lack of quality control. I'm still reviewing. However, I'm now questioning this configuration and if it's something that F5 really isn't going to handle well. If I'm forced to request a bunch of new IPs and DNS entries to make this work properly I can abondon this effort and start that approach.