Manual Chapter : Forward proxy chaining example

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
Manual Chapter

Forward proxy chaining example

Following is an example of a per-request policy that performs forward proxy chaining in addition to an SSL check, a category lookup, and an SSL Bypass Set. This per-request policy example requires the following:
  • An APM access (per-session) policy configured and associated with a virtual server.
  • For the SSL check, a virtual server with client and server SSL profiles.
  • An HTTP proxy connect profile configured with its state disabled and associated with the virtual server
  • Two pools of proxy servers. All servers in each pool need support the same mode of forward proxy chaining (explicit or transparent)
In the example, the system first checks whether the SSL is found on the endpoint. Whether it is found or not, the request is forwarded to two separate Category Lookups based on reviewing the URL. Requests then move to Proxy Select agents that specify the pool of proxy servers to which to send the request. Requests that did not pass the SSL check go to one pool, and those that pass the SSL check can bypass additional inspection. The next hop is selected from the pools.