Forum Discussion
Anish_5238
Nimbostratus
NimbostratusF5 SSL load balancing webservers on VPN connection issue
We have a situation where we want an F5 to load balance a bunch of IIS ASP.NET servers hosted in a remote data center.
I am able to create a "virtual server" on port 80 (HTTP) utilising the type Performance(HTTP) in the configuration to serve the content from the App_pool consisting of member nodes connected to the F5 thru a VPN
However, when I want to do SSL, for some reason it doesnt work. Please note SSL transactions happen on the F5 and the traffic is passed on to the same App_pool over port 80. All necessary certificates are configured on the F5 with a SSL Profile(Client). The web browser is able to make a connection to the F5 on port 443, but after a few seconds the connection gets closed. Below is an example using wget
For HTTPS:
wget https://www.virtualhost.com
HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
Retrying.
(And this goes on in a loop. Same happens with a --no-check-certificate option in wget)
However for HTTP it works fine without any issues
For HTTP:
wget http://www.virtualhost.com
HTTP request sent, awaiting response... 302 Found
Location: /foo/bar.aspx [following]
HTTP request sent, awaiting response... 200 OK
Length: 18654 (18K) [text/html]
Please let me know if there is something amiss in the configuration for SSL
Thanks in Anticipation.
Regards,
Anish Srivastava
2 Replies
- Hi Anish -
What is the iRule on the virtual server doing?
/deb 
Anish_5238Hello
The static irule just redirects to a different pool if the URI has certain regexp(s).
Anyway, I was able to fix the problem with SSL by using SNAT Automap feature.
Thanks for your response though
Regards,
Anish
