HTTPS Monitor failing after upgrade to v11.4(HF3)

Cory - i think the HTTPS_443 monitor "overrides" the 10443 port on the pool. Here's the pool config: ltm pool /SOA/POOL_TEST { members { /SOA/10.5.6.7:443 { address 10.5.6.7 } /SOA/10.5.6.7:10443 { address 10.5.6.7 } } monitor min 1 of { /Common/https_443 }

https_443 specifies a port of 443 within the monitor and should not use the port of the specified pool member, you are correct. So the behavior you are seeing appears to be backwards. Have you tried removing the monitors and re-adding to the pool?

The behavious I am seeing is that although firewalls rules are there port 10443 cannot be used by the http monitor (aliasservice ports= *all ports). Only when overrding port 10443 (https_43 monitor where alias service ports = 443) does the monitor work

and yes - i have added and removed a myriad of monitors to get to the point I am at!

If you run a tcpdump on your LTM and capture on port 10443 traffic, do you see any response back from the server?

hi Cory Yes I can see responses from server on 10443

also tried adding a new monitor where Alias Service Port = 10443. This fails - so it looks like monitor just does not work on 10443?

Is the server responding with content or is it resetting the connection? Does a curl to the host return anything? curl -vk https://10.5.6.7:10443

If you just use the standard https monitor, it should inherit the port of each of your pool members and it *should* work. Is there a reason you have two https monitors assigned to this pool?

I only have 1 HTTPS monitor - I just tries several to get this working.