F5 BIG-IP SSL Orchestrator Training Lab > Class 1: SSL Orchestration > Module 1: Outbound SSLO Source | Edit on
Lab 1.1: Deployment Settings¶
Task 1 - Create Outbound SSLO Deployment¶
In this lab, we will explore the settings required to deploy Outbound SSLO. First, we will cover the General Properties of the deployment. We will then configure the Egress, DNS, and Logging settings.
Note
This guide may require you to Copy/Paste information from the guide to your jumphost. To make this easier you can open a copy of the guide by using the Lab Guide bookmark in Firefox.
Open Firefox and navigate to the following bookmark: f5 BIG-IP. Bypass any SSL errors that appear and ensure you see the login screen for each bookmark:
Warning
We are using a self-signed certificate in this lab. In your environment you must make sure that you use certificates issued by your certificate authority for both production and lab equipment. Not doing so would make it possible for an attacker to do a man-in-the-middle attack and allow him the ability to steal passwords and tokens.
Authenticate to the interface using the default credentials as defined in the lab topology.
Navigate to
and click:In General Properties change the Deployment Name to sslo_agility_lab
In the Egress Configuration section set the following:
- Manage SNAT Settings –> Auto Map
- Gateways –> Specific gateways
- Add IPv4 gateway address 10.30.0.1
Leave the DNS settings at their defaults.
Change Logging level –> Debug
Note
The Debug log level should not be used in production unless recommended by f5 Support.
This completes the Deployment Settings setup. When your screen looks like the following, click Finished:
Note
The Strict Updates option protects against accidental changes to an application service’s configuration. The Strict Updates setting is checked by default.
Unless you have a specific reason to turn off strict updates, F5 recommends that you leave the setting enabled.