Internal to external generic proxy possible?

Question

I have setup internal to external proxies for single hostnames with the Big IP before but the setup is a little clunky.  Mainly because you have to have a VIP for each hostname and when put in the hostname in the node or pool, it resolves the DNS for the hostname and adds the node in as a IP.  If DNS resolution chhanges then the proxy breaks.&nbsp;
Is it possible, perhaps via iRule to do a DNS lookup in realtime on the pool member and then set the node to what DNS resolves?&nbsp;
What I would like to do is have a generic virtual server which could handle internal to external proxy for any hostname (not just a single hostname).&nbsp;
Why on earth would we do this you ask... right now we do it to handle some TLS1.0 to TLS1.2 connections for apps that can't yet talk in TLS1.2 but our end points have already forced TLS1.2 and we have no choice in that matter.&nbsp;

niels_van_sluis · Answer

Maybe this iRule can help you out:&nbsp;
https://devcentral.f5.com/codeshare/http-forward-proxy-v32&nbsp;
I used a slightly modified version of this iRule for a customer to allow legacy servers with outdated cipher suites and/or TLS implementations to connect to the internet.&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
No need to use an irule... look at this article&nbsp;

Forum Discussion

Internal to external generic proxy possible?

2 Replies

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

Redirecting to an external site when the internal site is down

Create isolated environment for internal and external networks

CSV to Address External Datagroup File

2 internal server vlans

Using F5 for load balancing internal traffic