Forum Discussion
hooleylist
Feb 22, 2007Cirrostratus
I would guess that you don't have a client SSL profile configured on the virtual server. When you add an HTTP profile to a virtual server, you're instructing BIG-IP to parse the content as HTTP. If the client is making an HTTPS request to the virtual server and you want to inspect/change the HTTP content of the request, you must use a client SSL profile to decrypt the traffic. Else, as you've found BIG-IP will reset the connection.
Typicaly, you would want to configure the virtual server on port 443 with an client SSL profile to decrypt the traffic. You'd then add a pool of nodes defined on port 80. You could then add an HTTP profile if you want to inspect the HTTP content.
You can check the configuration guide for your version on AskF5 to get details on configuring a client SSL profile and setting up load balancing.
Aaron