For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Amit585731's avatar
Amit585731
Icon for Nimbostratus rankNimbostratus
Sep 10, 2015

Regarding SSL session ID persistence

Hi All,   We are having issue with one of the application which seems to be using SSLv3 and low cipher value. Due to this when the source server tries to connect to VIP the connection disconnects ...
application delivery
deployment
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 10, 2015

It's all about OSI layers. You can absolutely do source IP address affinity because IPs are layer 3 and SSL doesn't happen until layer 6. You cannot, however, do X-Forwarded-For headers because that is HTTP (layer 7), which you can't have access to unless you decrypt the SSL (layer 6).