Forum Discussion
Cory_50405
May 13, 2014Noctilucent
I would expect this behavior to be reverse. The default https_443 monitor shouldn't work for your 10443 pool member, but would for your 443 pool member. Vice versa with the default https monitor.
Can you post your pool configs?
- LyonsG_85618May 13, 2014CirrostratusCory - i think the HTTPS_443 monitor "overrides" the 10443 port on the pool. Here's the pool config: ltm pool /SOA/POOL_TEST { members { /SOA/10.5.6.7:443 { address 10.5.6.7 } /SOA/10.5.6.7:10443 { address 10.5.6.7 } } monitor min 1 of { /Common/https_443 }
- Cory_50405May 13, 2014Noctilucenthttps_443 specifies a port of 443 within the monitor and should not use the port of the specified pool member, you are correct. So the behavior you are seeing appears to be backwards. Have you tried removing the monitors and re-adding to the pool?
- LyonsG_85618May 13, 2014CirrostratusThe behavious I am seeing is that although firewalls rules are there port 10443 cannot be used by the http monitor (aliasservice ports= *all ports). Only when overrding port 10443 (https_43 monitor where alias service ports = 443) does the monitor work
- LyonsG_85618May 13, 2014Cirrostratusand yes - i have added and removed a myriad of monitors to get to the point I am at!
- Cory_50405May 13, 2014NoctilucentIf you run a tcpdump on your LTM and capture on port 10443 traffic, do you see any response back from the server?
- LyonsG_85618May 13, 2014Cirrostratushi Cory Yes I can see responses from server on 10443
- LyonsG_85618May 13, 2014Cirrostratusalso tried adding a new monitor where Alias Service Port = 10443. This fails - so it looks like monitor just does not work on 10443?
- Cory_50405May 13, 2014NoctilucentIs the server responding with content or is it resetting the connection? Does a curl to the host return anything? curl -vk https://10.5.6.7:10443
- Cory_50405May 13, 2014NoctilucentIf you just use the standard https monitor, it should inherit the port of each of your pool members and it *should* work. Is there a reason you have two https monitors assigned to this pool?
- LyonsG_85618May 13, 2014CirrostratusI only have 1 HTTPS monitor - I just tries several to get this working.