Client Certificate Inspection on SSL VPN
I have a request to set up an SSL VPN on the F5 which requires that only devices with machine certificates are allowed to connect.
I have set up the VPN and it works fine without certificate inspection, however I cannot get it to work with certificate inspection. I believe this is partially because I have set up an SSL certificate to allow the end user device to connect to the F5 using a DigiCert certificate so that tehy don't get a certificate error. This means that I then cannot associate another profile to the Virtual Server to check the internal CA against the machine certificate. The VPE does not seem to allow you to define what certificate authority to trust etc it just needs to be in the Virtual Server SSL client profile from all of my reading.
Please help!