For this to work you need to decrypt the traffic as it comes in. Its too late if you did a capture and all the traffic is encrypted. So this entry is for those of you that would like to do some work ahead of time on the F5 and then have the user do some application testing while you are running a tcpdump. In many cases for me, I have only needed to do this on our DMZ LTM which is where the our F5 works as an SSL Bridge
SETUP
Put the source IPs in a txt file. I'm calling mine /var/t
You can use the ssldump utility to examine, decrypt, and decode SSL-encrypted packet streams managed by the BIG-IP system. The ssldump utility can act on packet streams real-time as they traverse the system, or on a packet capture file saved in the libpcap format, such as that produced by the tcpdump utility. Although it is possible for the ssldump utility to decode and display live traffic real-time as it traverses the BIG-IP system, it is rarely the most effective method to examine the volumin
Training Material captured throughout time learning about the LTM's, GTM's and Viprion chassis for F5's version 11.
Chapter 1 - Setting Up the BIG-IP System
Introducing the BIG-IP System
Initially Setting Up the BIG-IP System
Configuring the Management Interface
Activating the Software License
Provisioning Modules and Resources
Importing a Device Certificate
Specifying BIG-IP Platform Properties
Configuring the Network
Configur
