Forum Discussion
Yes it is a proxy for http/https only. All other traffic will not be allowed to the Internet (North of the F5's) except for other servers in vlan 30. Servers in VLAN 30 are allowed out to more than just port 80 and 443.
The application servers (vlan 10) however still need to be able to talk to the database servers (vlan 20) on ports other than 80 and 443.
I think this should work if I create a virtual server with 0.0.0.0/0 destined to 0.0.0.0/0 port 80 and a duplicate virtual server with destination port 443. Then have the virtual servers listen on the vlan 10 and vlan 20 interfaces with a pool that is only the proxy server.
There would also be a ip fwd virtual server for allowing access to the database servers from vlan 10 subnets to the database server IPs. Since this would be more specific it should I believe take precedence over the proxy rules I create.
Does this sound like a valid solution?