Forum Discussion
Hi Moonlit ,
you may need to see the traffic on both sides client and server sides , also specify the session which you see RST packet.
Take a Tcp dump by usnig : P modifier.
tcpdump -nni 0.0:nnnp -s0 -vw /var/tmp/capture.pcap host " user_IP"
or follow this article:
https://support.f5.com/csp/article/K13637
use a test user IP in TCPdumb and try to Capture packets during RST or your Issue incident.
After that open the Pcap file and Follow Conversation sessions for this test user as below :
select the suspected Packet " RST " or any " SSL faidures " and Follow its conversation , Look to this snap shot :
But choose option " F5 IP " Not " F5 TCP " , I need you to see all the journy of this Packet from beginning and server side behavior as well.
> you will be able to read TMM info if you need from this tcpdump.
Note ,
> Note , This TCPdump command may be large sized and collect non-relative info for the test user , so after taking it , you need to filter by test user ip , and detect the RST Packet or susbected Packet , and Follow it Conversation by " F5 IP " option.
Hope this help you until resolve it.
Regards.