Forum Discussion

Nimbostratus

Feb 16, 2017

CloudFlare 525 Errors - f5 fix?

I recently started routing assets called via https through Cloudflare, a proxy service, amongst other things. I have an interesting issue where, once i did that, i saw that around 1% of browser ...

Cirrus

Jan 23, 2019

I have an virtual server created with many websites hosted in it. It has one public IP assigned to it and is NATed to a private IP. The websites are accessible via HTTP and HTTPS. However one website uses Cloudflare, we experience an error with cloudflare (error 521). I have whitelisted the cloudflare IP addresses onto F5 via Network ›› Packet Filters : Rules

I am running software version 12.1.3

We no longer have blocking both in the F5 and the internal server. This only occurs with websites having Cloudflare configured with it. Is there anything I can check between F5 and Cloudflare?

I have tried applying an iRule that redirects traffic to see if the traffic from Cloudflare IPs are really reaching F5. Sometimes it does redirect but most of the times it servers error 521 immediately.

Philippe_Page_2
Cirrus
Jan 23, 2019
Can anyone provide an insight regarding this issue. Anything will do. Thank you.
Vijay_E
Cirrus
Jan 23, 2019
Throwing a few options:

You said there is no other blocking in place. So, no packet-filters on F5 or any intermediate device ?

When you run a tcpdump, do you see any RST/FIN from F5 or from the pool member to the cloud flare IP ?

Have you tried using OneConnect profile ?
boneyard
MVP
Feb 03, 2019
another idea would be to contact F5 support, this is an issue which pops up from time to time, so they might already have some ideas.