Logging IMAPS payload with SSL::collect doesn't work, any solution?

Question

Hi,&nbsp;We have a Big-IP 13.x acting as an IMAPS SSL-offloading front-end for our IMAP backend servers. The problem is the backends don't see the real source IP. I want to log the client IP and imap login username on the Big-IP. Therefore I will have to search the decrypted payload, which is normally no problem. However, when I use SSL::collect my connection stalls.&nbsp;This seems to be the cause of my problem: https://support.f5.com/csp/article/K12646&nbsp;Basically, when I start collecting, the serverside connection is not created until the client sends something. But the client is waiting on the server to start the conversation.&nbsp;Has anybody been able to work around this? Or simply put: has anybody been able to log imaps logins?&nbsp;Kind regardsVincent&nbsp;&nbsp;

simon_blakely · Answer

K12646 does not list v13.x in the applies to ...&nbsp;What is your irule?

Forum Discussion

Logging IMAPS payload with SSL::collect doesn't work, any solution?

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

The Power of &: F5 Hybrid DNS solution

Re: Comprehensive solution for OWASP Web App A09:2021 Security Logging & Monitoring Failures fro

Adaptive Apps: Automating NGINX Solution Deployments and API Publication - Solution Demo

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Crafting Secure Paths: The Intricacies of VPN Solutions on BIG-IP APM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS