Integration of reverse proxy with Squid proxy

Hi!

Have you assigned a server ssl profile? Otherwise the request might use http to contact a https listener which could generate the error you describe.

Just out of curiosity, if you want to offload the squid server by using the F5, why do you still send the traffic to https instead of http?

As for the iRule, try something like this:

when HTTP_REQUEST {

    set host [string tolower [HTTP::uri]]

    The condition below can be omitted in case you want to rewrite all requests
    if { $host eq "abc.123.com" } {
        [HTTP::host] "xyz.456.com"
    }

} 

Good luck!

/Patrik

Hi Sachin!

From your description you basically want to bounce connections from external users via your load balancer to an external website.

If this is the case you need to:

Create a pool and add the IP (or IP's if you will) of the external site as a member.

Create an iRule for host header rewriting:

when HTTP_REQUEST {

        [HTTP::host] "xyz.456.com"

}

Create a VIP with:

• HTTP profile
• Client SSL profile
• Server SSL profile
• SNAT pool, or SNAT (you can use SNAT automap for this, or create a new pool). Note that if your F5 is not located on the internet you will need to NAT the request sent by the F5 to a public IP before leaving your network. The SNAT pool settings is located under "Source Address Translation" when creating the VIP.
• If the external site has multiple IP's you need to add a persistence profile too.
• Assign the pool you created as default pool.
• Assign the iRule you created.

Then open the firewall and add any internal to public NAT's you need.

Good luck!

/Patrik