NSX Load Balancer - Application Rules ignored for HTTPS Traffic
search cancel

NSX Load Balancer - Application Rules ignored for HTTPS Traffic

book

Article ID: 343049

calendar_today

Updated On:

Products

VMware NSX Data Center for vSphere

Issue/Introduction

  • Application Rules have been created and applied to a virtual server, however these rules appear to be ignored.
  • Same set of application rules work as expected when using HTTP, rather than HTTPS
  • SSL passthrough is enabled.

Environment

VMware NSX Data Center for vSphere 6.4.x

Cause

This issue is seen due to SSL passthrough being enabled on the Load Balancer.
With SSL passthrough enabled, the Load Balancer does not decrypt and inspect the traffic. 
Traffic is sent directly to the servers in the server pool to be decrypted.

Resolution

Use SSL Termination rather than SSL passthrough.
Uncheck the SSL Passthrough checkbox in the Application profile.



Additional Information