Tabber
Oct 26, 2019Altostratus
Detect IP Being Blocked Upstream
I am running SSLo L3 Outbound, Forward Proxy, and my organization blocks IP of sites at our perimeter. This makes it confusing for customers going to HTTPS sites because the client side does the full TCP handshake and sends its first TLS data to F5, before the F5 server side starts, and receives a TCP reset so to the user it looks like there is a TLS error. In reality on the F5 server side the first TCP packet is sent and it receives no response and times out.
I would like to be able to detect the fact no response was received and return a custom page to the user with instructions on who to contact to resolve.
Tried to use event SERVER_CLOSED but this event doesn't trigger in scenario above.