For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Shayne_Rinne_84's avatar
Shayne_Rinne_84
Icon for Nimbostratus rankNimbostratus
Apr 24, 2008

F5 as a default gateway

Hello,     We are running CA siteminder policy servers on Solaris 8 behind a BIG IP LTM, and many of our connections to Active Directory LDAP User directories are going into a TCP IDLE state. T...
config
design
Shayne_Rinne_84's avatar
Shayne_Rinne_84
Icon for Nimbostratus rankNimbostratus
Jun 24, 2008
We are still having an issue with this and we have narrow the problem down to what seems to be configuration between Solaris 8, F5 and MS 2003 or 2000. We ran a sniffer against the Solaris server and we determine that when MS AD closes the connection to the Solaris server TCP connections in LSOF or NETSTAT show IDLE.

 

 

Flow:

 

 

Solaris establishes a connection with MS

 

At Random points MS sends a FIN, ACK to close the connection

 

Solaris sends an ACK to MS

 

1 minute later MS sends a RST, ACK to Solaris

 

Solaris changes the TCP state to IDLE

 

 

 

Applications involved are siteminder policy server on solaris and Active Directory on MS. We have only seen this IDLE state issues on Solaris servers using the F5 as a default gateway.

 

 

netstat output of a IDLE TCP connection:

 

 

*.* *.* 0 0 24576 0 IDLE

 

 

The F5 inbound to outbound connection has Performance Layer 4 as the type.

 

 

Looking to rule out the F5 as the cause of the problem and having difficulting doing so. Help?