Forum Discussion
Proxy Handhsake failure
it looks like its a failure in the handshake. SSLv3 is quite old this wouldn't be the web server or client using this has been updated to not use SSL but upto TLS1.2 or TLS1.3??
Other than that, i'm stuck to!
Thank you mate.
Yes, it is possible but...I cannot reconfigure my antivirus agent.
The only solution for me is let to disable SSL inspection or https decryption or allow the agent to use SSLv3.
Do you know how to do it?
- Apr 26, 2022
It's not McAfee is it??? I recongise the Port number! (but others may use it as well - just a guess!)
So where is this flow error coming from? AV to Virtual server? Or f5 to pool member?
Where is 192.168.201.37:8081?? I'm guessing this is a f5 to pool member flow?So to remove the encryption you just need to remove the client and server SSL profiles from the virtual server.
But there must be a way to check this, maybe even take a pcap of the flow and have a better look,
Possible f5 support could look at the config and that pcap for you with more understanding of what those errors mean.- MadMickApr 27, 2022Nimbostratus
This is the Virtual server configuration: everything seems to be disabled.
- Apr 27, 2022
Hi,
Your in Local Traffic > Virtual Servers > [VIRTUAL SERVER] > Secuirty.
SSL Certs are set at
Local Traffic > Virtual Servers > [VIRTUAL SERVER]
Under Configuration
SSL Profile (Client) and SSL Profile (Server)And these policies are set in Local Traffic > Profiles > SSL > Client or Server as needed.
Client is incoming so from web client to f5 and server is f5 to web server,
From the looks of your in i'm guessing this is linked to the f5 to server comms so the SSL Server profile is being used.So possibly something in the server ssl profile is stopping you?
You are in the range of looking at what updates have happened on the TrendMicro platform, and a f5 support call to try to deep dive into it.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com