iRule for IPS and SSL decryption (Air Gap) - "SSL::disable serverside" not working

Hello,

I am working on getting an iRule implemented that will decrypt inbound traffic, send it to a load balanced IPS pool on VLAN A, receive the post IPS inspected traffic on VLAN B, re-encrypt and send on to its destination.

Flow overview: Firewall > F5 > IPS Pool > F5

It's essentially this deployment guide, using a single F5 device.

We are seeing that the command

SSL::disable serverside

is not working.

Any ideas on what is happening?

when CLIENT_ACCEPTED {
   perform operation on percentage of traffic
  set percent [class lookup percent vip_presets]
  if { rand() < $percent } {
      disable server side ssl. Leave disabled unless inline security devices are down
    SSL::disable serverside
      get the name of the default pool and store in a variable
    set app_pool [LB::server pool]
      check for active members of the security device pool
    if { [active_members IPS_Pool] > 0 } {
         get load balanced L3 service
        pool IPS_Pool
        set L3 [lindex [split [LB::select]] 3]
        log local0. "router is $L3"
          use snat none if snat is enabled in VS config but
          needs to be disabled for routing through security devices
        snat none
    } else {
          inline service failed - go direct to app pool
         log local0. "l3 service down"
         SSL::enable serverside
          snat as required
         snat automap
    }    
     re-select the app pool
    pool $app_pool
  } else {
    log local0. "not redirected HTTPS"
  }
}
when LB_SELECTED {
     if { [info exists L3] } {
          nexthop through L3 service
         LB::reselect nexthop ${L3}
    }
}

Thank you in advance for any and all help (I'm not a coder - someone else created the iRule).