Forum Discussion
strongarm_46960
Nimbostratus
NimbostratusNo server hello, no pool packets
when configured using port 80, everything works fine, as soon as I switch to SSL, pool side fails to send.
I am using automap. usedthe SSL profile on client and server side, From the tcpdump, my ssl connection reaches the virtual, however, when I sniffed the pool(443) nothing.
Somewhere after the virtual and the pool, packets are getting dumped, any ideas. Also, changing the cert to the default self signed, no server hello is not being sent out.
Openssl client test on the LTM to the virtual:443 and pool:433 presents both certs fine.
what Am I missing.
13 Replies
strongarm_46960on the F5 box, I started TCPdump and telnet from another windows, After the 3 way handshake with the pool and certificate persented to the LTM, then I do a GET request, I see the PUSH within the dump.
The Backend responds with a Fin.
in the end a TCP RSt from the backend
I cant see why it would be the Network firewall SNAT. since the 3way took place, and request got through and I see the ACK of from the server.- strongarm_46960It turns out the problem is the firewall, port 443 was not opened, still does not explain why I was able to see the backend presented cert over openssl. since this would have come over the same port. strange indeed!
- Chris_Miller
Altostratus
If port 443 was open for the non-floating IPs, you'd have seen the cert presented as your test would have used the non-floating address wheras the SNAT used the float.
