Mutual Authentication

Question

Hi All,&nbsp;
We have multiple VIPs in our environment where we have mutual authentication configured. At time we face issue where some of the cert at server side gets changed and we need to take tcpdump to figure out correct cert. But at time I have seen issue where we take wireshark and instead of seeing 'client hello' after 'ack' we just keep on seeing 'psh, ack'. Below is the command I use to take capture:&nbsp;
tcpdump -vnni 0.0 -s0 host 1.1.1.1 -w /var/tmp test.pcap&nbsp;
Is there anything I am missing? I am using f5 plugin as well.&nbsp;
Thanks.&nbsp;

kevin_stewart · Answer

Okay, let's clarify a few things. You say "cert at server side", which implies to me that you're sending the client cert all the way through, which also implies that you're not decrypting and re-encrypting at the F5. So if that's the case, what type of persistence do you have configured for the pool members?

Forum Discussion

Mutual Authentication

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

What is Mutual TLS (mTLS)?

Selective mutual authentication by HTTP::Host

Mutual authetication from imperva to F5

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Verifying Slack Requests with Mutual TLS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS