Forum Discussion
eric_haupt1
Nimbostratus
NimbostratusOCSP outbound LB through F5 VS
I'm trying to solve a problem of ocsp reachability. My primary OCSP service is upstream through network transport outside of my control. We have replicated responders closerto the F5's location. I ha...
Rico
Cirrus
CirrusEric,
It is a bit hard to determine the exact issue just from you statement alone, but here are a few troubleshooting steps I would take.
I'd suggest you run a tcpdump to ensure that the traffic is reaching the virtual server and that it is being sent out to its pool members. If you don't see any incoming traffic when you run the OCSP query, you know that there is some issue with network connectivity. If you see traffic hitting the virtual server and not being sent to the pool members, then that would seem to suggest that there is a connection issue between the client and the virtual server. If the query seems to pass through the virtual server and out to the pool members without an issue, I'd suggest checking your SNAT settings on the virtual server. Without the SNAT setting set to Automap (or SNAT pool if you have one configured), the response would not be routed properly back through the F5.
If you can provide any more details, such as the results of tcpdump or where the query seems to be dropped, I'd be able to give more accurate and useful advice.
Hope this helps.
