BiG-IP RST after OCSP "good" response

Hi,

I have configured a VSERVER with client authentication per client-certificate. Client Authentication is required and checked against the Trusted CA. In addition i have configured an authentication profile for OCSP to check the cert-status „good“ or „revoked“. In the wireshark capture you see the client <> BiG-IP and BiG-IP <> OCSP-Responder connection. The OCSP respons is „good“ but the BiG-IP sends a RST to Client-IP.

The APM Module is not licensed. I hope it is running with LTM.

Any idea ?

Thank you !!

BiG-IP Version 13.1.1.2

VSERVER: 172.28.187.103 TCP:8300

Client: 192.168.255.103

OCSP Responder: 10.34.11.107