FTPS Load-balancing Problem
I have setup an LTM to load-balance traffic to 2 FTPS servers.
The FTPS client works fine when it connects directly to the individual servers, however it fails when it connects to the VIP address.
When the client connects to the FTPS on the VIP, it successfully connects and authenticates, but there is always a "Connection timed out" error after it issues the 'LIST' command.
Sometimes it also generates the error "A TLS packet with unexpected length was received" after issuing the LIST command, for which reason directory listing fails.
My LTM setup
- The LTM is setup not to terminate the SSL session but to 'pass-through' directly to the FTPS servers.
- I have a virtual server that listens on port 990 and maps to a Pool consisting of the two FTPS servers, port 990
- I also have another virtual server (same VIP) that listens on port * and maps to a pool consisting of the two FTPS servers, port * so that any negotiated data transfer port can be captured by the LTM.
The FTPS client operates in Passive mode.
I would appreciate any assistance and experiences you can share to help me resolve this problem.