Forum Discussion
jk20004_44080
Oct 05, 2018Nimbostratus
best way to reject SSL Connections
We use IPI and we drop the requests via iRule because we cannot use ASM at every VS.
today we reject the connect in then CLIENT_ACCEPTED but the result is a
SSL Handshake failed for TCP xxx.xx...
Andy_McGrath
Oct 06, 2018Cumulonimbus
You are getting SSL error as the CLIENT_ACCEPTED event is triggered once the TCP connection has been established so the client has likely already sent the SSL Client Hello before being rejected.
Personally if this is for security and public I would drop the connection instead of rejecting it. These will mean the client TCP connection will timeout.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects