F5 BIG-IP SSL Orchestrator Training Lab > [v8] SSLO 201: Advanced Use Cases with SSL Orchestrator (Agility 2021 | 2 hours) > 2. Managing Security Services and Service Chains Source | Edit on
2.3. Pre-existing environment validation¶
A Microsoft Remote Desktop Protocol (RDP) client is required to connect to the client machines in this lab.
- Start an RDP session to the Ubuntu18.04 Client (Components > Ubuntu18.04 Client > ACCESS > XRDP)
- When prompted, save the RDP file to your local machine and then open it to connect.
- At the Ubuntu Login prompt, click on the OK button to continue.
If the RDP session times out later, refer to User Credentials for the student user password.
Open the Firefox browser
Click on the padlock icon in the address bar
Click the arrow to the right of Connection secure
Confirm that the connection/certificate is signed/verified by DigiCert Inc
Modify the client's proxy settings to point to F5 SSL Orchestrator
Select Preferences on the menu
In the Find in Preferences search field at the top, type
Click the Settings... button under Network Settings
Select the Manual proxy configuration radio button. Ensure the proxy settings appear as follows:
Click the OK button
Close and relaunch the web browser
Confirm that the connection/certificate is now verified by f5labs.com
Confirm that the explicit proxy service is seeing decrypted traffic:
Start a Web Shell to Ubuntu18.04 Services (Components > Ubuntu18.04 Services > ACCESS > Web Shell)
Enter the following commands in the Web Shell:
clear tail -f -n 0 /var/log/squid/access.log
Visit a few secure (HTTPS) websites (non-banking) using Firefox on the Ubuntu18.04 Client machine and confirm that access is being logged even though we are visiting a secure website. You should see log entries of the sites and URLs visited, similar to the example below:
Visit a financial web site such as
https://www.bankofamerica.comand verify that SSL Orchestrator is not intercepting TLS traffic. Confirm that the browser receives a server certificate that was issued by a trusted public CA. You should not see Verified by: f5labs.com because we are bypassing Financial Data and Services URLs in the SSL Orchestrator Security Policy.
Confirm that the explicit proxy service is not seeing the bypassed (encrypted) traffic. There should be no log entries for the financial web site itself in the access.log file.
You may still see log entries for analytics web sites that are associated with the financial web site.
<CTRL+C>to stop the tail tool.