Forum Discussion
AltostratusF5 self IP TLS/SSL hand shake fail with tcp port node member
I suspect you're correct on this. The health check types need to be https so there CAN be a handshake. TCP will have no idea what to do with SSL and should not allow a successful ACK.
ALSO..
You could try tcp half open as a type if you REALLY don't care about valid SSL. This will send a SYN, get and SYN-ACK and call it a good response, rather than trying to send an ACK, which should fail because of the SSL, I'd think. If you try this, can you let me know how it goes?
MVPngockq It seems like your health monitor on TCP 19001 and 19002 is possibly an HTTPS health monitor or an HTTP health monitor and your server is expecting an HTTPS connection on those ports which is causing this error. Typically the F5 will not send any communication to a pool member unless it's explicitly told to do so. Can you please provide the VS, pool, and health monitor configuration so we can attempt to assist you further with this?
ModeratorI suspect you're correct on this. The health check types need to be https so there CAN be a handshake. TCP will have no idea what to do with SSL and should not allow a successful ACK.
ALSO..
You could try tcp half open as a type if you REALLY don't care about valid SSL. This will send a SYN, get and SYN-ACK and call it a good response, rather than trying to send an ACK, which should fail because of the SSL, I'd think. If you try this, can you let me know how it goes?
