You can use the NSX load balancer configuration scenarios to get an understanding of the required end-to-end workflow. Configure a One-Armed Load BalancerThe Edge Services Gateway (ESG) can be thought of as a proxy for incoming client traffic. Scenario: Configure NSX Load Balancer for Platform Service ControllerPlatform Services Controller (PSC) provides infrastructure security functions such as vCenter Single Sign-On, licensing, certificate management and server reservation. Scenario: SSL OffloadingEdge terminates client HTTPS (SSL sessions). Edge load balances the clients on HTTP to the servers. L7 application rules can be applied. Scenario: Import SSL CertificateSSL end-to-end: The NSX Edge terminates client HTTPS (SSL sessions). Edge load balances the client on new HTTPS connection to the servers. L7 application rules can be applied. Scenario: SSL PassthroughEdge do not terminate clients HTTPS (SSL sessions). Edge load balances TCP sessions to the servers. Client SSL sessions are terminated to the servers (not the edge). L7 application rules can not be applied. Scenario: SSL Client and Server AuthenticationSSL client and server authentication. Parent topic: Logical Load Balancer