Forum Discussion
reen_sc_140631
Feb 09, 2015Nimbostratus
Sorry for the delay.
Here is my configuration. Only standards....no additional modifications.
I did check the ProxyPass with "http" to the Backend and it's working fine. Only an ServerSSL Connection won't be established!?
Code
ltm virtual /preprod/vs_tomcat {
destination /preprod/193.90.130.45%2:https
ip-protocol tcp
mask 255.255.255.255
partition preprod
persist {
cookie {
default yes
}
}
pool /preprod/p_backend_https
profiles {
clientssl {
context clientside
}
http { }
oneconnect { }
tcp { }
}
rules {
i_ios_ltm_log_ssl_client_handshake
i_ios_ltm_log_ssl_server_handshake
/preprod/ProxyPass
}
source 0.0.0.0%2/0
source-address-translation {
type automap
}
vlans {
vlan_webdmz
}
vlans-enabled
vs-index 56
}
tm data-group internal /preprod/ProxyPassvs_tomcat {
partition preprod
records {
/ssltomcat/ {
data "/ p_tomcat_https"
}
/tomcat/ {
data "/ p_tomcat_http"
}
}
type string
}
ltm data-group internal /preprod/ProxyPassSSLProfiles {
partition preprod
records {
"p_tomcat_https profile_serverssl" { }
}
type string
}
It looks like the SSL Profile in the DataGroup (ProxyPassSSLProfiles) is not used. If I define the serverssl profile to the Virtual Server => same effect.
With SSLDump New TCP connection 24: 193.90.139.18(58915) <-> 192.168.1.30(443) 24 0.0016 (0.0016) S>C TCP RST