Forum Discussion
PrasannaBlore_2
Nimbostratus
NimbostratusF5 recommended configuration for Microsoft IIS
Hi,
This question can be sound very trivial and basic but I have very high level knowledge on F5 and I am a developer with no prior knowledge and background on network administration. Any help i...
Hannes_RappNimbostratus
NimbostratusQuestion:
- If you configure the Pool Member in first case, I suppose you send requests to a SSL-enabled port on Windows Server 2012, and have also configured ServerSSL profile in VS config? Or in short, are you looking to deploy SSL decrypt, SSL re-encrypt solution on BigIP?
If that's the case, there's one thing worth looking into.
- I don't know if also the case with Windows Server 2012, but in case of ServerSSL between BigIP and Windows Server 2008, the SSL handshake tends to fail, resulting in TCP teardown. The easiest solution is to enforce explicit use of TLSv1.0 on the Server-SSL profile, there also are some workarounds for the Windows Server config, but they take a bit more time and are harder to implement.
Apart from possible ServerSSL issues, I cannot think of anything else as a likely root cause here.
Have a look here for reference solution: https://devcentral.f5.com/questions/regarding-cipher-negotiation-for-ltm