Forum Discussion

jfotopoulos_278's avatar
jfotopoulos_278
Icon for Nimbostratus rankNimbostratus
Nov 08, 2016

HTTPS/SSL failing on Windows clients

Hi, we have recently purchased a BigIP VE (12.1) and are initially configuring it, but we are having a very strange problem where any browser from a mac or a linux client can successfully connect t...
  • jfotopoulos_278's avatar
    Nov 11, 2016

    I have finally found out the problem. It had nothing to do with the ssl part. The whole issue was with a kernel sysctl option, net.ipv4.tcp_tw_recycle. This should have been set to "0" instead of "1".

     

    The strange thing about this that lead me to blame the ssl part was that problems only appeared with the backend system kernel version 4. One of our other backend servers is on kernel version 3.x.x and also had the same sysctl setting. We had no issues with this VS and the ssl certificate with the exact same setup. What is still troubling me is why did the problem only occur with windows clients and not with macosx or linux clients?

     

    After we solved the problem, we also found this related article:

     

    BIG-IP LTM and TMOS 11.5.4 where it is mentioned in the known issue section (542104). But, we have version 12.1.1, where in the 12.1.1 version of the same document page, BIG-IP LTM and TMOS 12.1.1 there was not any mention of it.

     

    It would be interesting to understand why the issue only comes up with windows clients. Does anyone have any ideas?

     

    Thanks