Forum Discussion
Kevin_Stewart
Oct 16, 2013Employee
If I may add, once the SSL VPN tunnel has been established, the network access VIP will no longer respond to events, so it wouldn't generally be possible to pass an HTTP header from the network access VIP to services inside the tunnel. You could alternatively host a virtual server inside the tunnel (on the tunnel's lease pool network) that prompted for client certificate and then sent the traffic to the proxy server with an HTTP header. For that matter though, you could probably do the same without the SSL VPN tunnel.
And to be clear, ProxySSL and Forward Proxy SSL are two distinct things. ProxySSL only works in a reverse proxy mode, and both work very differently.