datagroup value set to SSL?

When you terminate (and optionally re-encrypt) SSL at the F5, you're performing a full proxy on the SSL layer. The client side (client to F5) and server side (F5 to server) are separate SSL sessions. And as a security device, the F5 tends to be a bit less flexible than a client browser. For instance, if a client browser initiates an SSL session to a server, and that server doesn't support the latest-greatest crypto and/or TLS extensions, the browser will often dutifully downshift into what the server can support. One of the biggest issues I see with SSL bridging is when the server doesn't support TLS RFC5746 Secure Renegotiation. The default server SSL profile on an F5 is set to require this extension, so server side SSL will fail unless you set it to "Request". You'll actually see this error in the /var/log/ltm log. You may also want to, for troubleshooting, set SSL logging to debug. Most SSL-related errors will show up in the ltm log once you do that.