redirect to ifile page if TLS 1 or 1.1 is used

Hello,

Did you check the output logs? during your test... /var/log/ltm

You can add log in your irule: log local0. "cipher version: [SSL::cipher version]"

Regards,

Dear Youssef,

yes this what the logs are showing and its normal but seems the irule is not working.

Jan 9 11:49:55 f5-IB-1 info tmm3[20682]: 01260013:6: SSL Handshake failed for TCP 172.16.37.16%10:6368 -> 192.168.110.115%10:443 Jan 9 11:50:00 f5-IB-1 warning tmm3[20682]: 01260009:4: Connection error: ssl_hs_rxhello:7443: unsupported version (70) Jan 9 11:50:00 f5-IB-1 info tmm3[20682]: 01260013:6: SSL Handshake failed for TCP 172.16.37.16%10:6396 -> 192.168.110.115%10:443 Jan 9 11:50:05 f5-IB-1 warning tmm1[20682]: 01260009:4: Connection error: ssl_hs_rxhello:7443: unsupported version (70) Jan 9 11:50:05 f5-IB-1 info tmm1[20682]: 01260013:6: SSL Handshake failed for TCP 172.16.37.16%10:6405 -> 192.168.110.115%10:443

Hi Aboulleill,

I think that your problem is not due to the Irule. You are blocked before Irule execution. It seems that your ssl handshake failed because you use an unsupported version (Protocol).

Can you confirm me that you don't set cert auth in you ssl client profil? What you set in "Ciphers" options in your client ssl profil?

And did you test access to your VS with another browser?

regars,

Dear Youssef,

Its working now :) it was set inside ssl client profile : ECDHE:!TLSv1:!3DES:!TLSv1_1:!SHA:!NONE But after returining back default ciphers the redirection works prefectly.

Thank you very much for your support.

Best Regards,

Dear Aboulleill,

You're welcome!!!

Regards