For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Michael_107360's avatar
Michael_107360
Icon for Cirrus rankCirrus
Apr 05, 2017

Deny TCP reverse path check

I have an Internal Vlan and an External Vlan, and the F5 is acting as the load balancer for virtual servers and it is the default gateway using a forwarding virtual server for all other traffic, in a...
application delivery
ASM Advanced WAF
LTM
security
Leonardo_Souza's avatar
Leonardo_Souza
Icon for Cirrocumulus rankCirrocumulus
Apr 05, 2017

You will have to take a tcpdump in the F5, and check what actually happens.

 

To check in the tcpdump:

 

  • Who terminates the connection?

     

  • Does the connection closes fully in the client side?

     

  • Does the connection closes fully in the server side?

     

A common problem related with termination in a TCP connection, is the time wait settings. I would guess that is that case here, but you need the tcpdump to confirm, with the settings from F5 and back end server. I saw this in the past with Windows servers, here is the link for Windows:

 

https://technet.microsoft.com/en-us/library/cc938217.aspx