Forum Discussion

Nimbostratus

Dec 16, 2020

Log the TLS version of a client connecting to a TCP VIP with no HTTP or client-ssl Profile

Hello, I have a TCP VIP on port 995 with no HTTP Profile or client-ssl profile. There are several clients that makes SSL connections to this VIP. I need to know the client SSL/TLS version. ...

MVP

Dec 17, 2020

Hi, Fully agreed with , As your setup is SSL Pass-through, BigIP is not participating in encryption. You should map associated profiles on the VS to understand the traffic being processed. Here as you want F5 to inspect SSL Handshake, you should configure client SSL profile on it.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Log the TLS version of a client connecting to a TCP VIP with no HTTP or client-ssl Profile

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Client SSL Profile

Connect to version 14 and above with Powershell iControl

Client ssl certification bulk installation

TLS Fingerprinting to profile SSL/TLS clients without decryption

iRule to accept client then SSL cert validation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS