Forum Discussion
Muhammad_57196
Nimbostratus
NimbostratusSSL connection and remedy web server - problem
Hi,
We have two F5s between the client and server as shown below:
client -----Entry F5 ==============Exit F5 ----- Remedy web server
We create a standard https (443) server on the entry F5 and we are doing SSL offloading on Exit F5. The three way TCP hand shake is successfully established from client to the server. But one when the remedy web server send a data (push) back to the client, the Entry F5 will receive that packet but will not send it back to the client.
The Exit F5 can receive the push packet and send it to Entry F5 successfully. The Entry F5 can received the push packet but will not send it to the client. We tried with http profile and without http profile it won't work. We even tried using FastL4 it won't work.
But when we config the forwarder instead of standard or perf layer 4 virtual server it works.
Is there any idea why the forwarder works and standard https server didn't work. Any hints how to troubleshoot such issue.
Thanks a lot.
Regards,
Muhammad
hoolioCirrostratus
Hi Muhammad,
If you are doing SSL decryption on the exit F5, you can create a Performance (L4) virtual server with a FastL4 profile on the Entry F5. The pool should be the Exit F5 virtual server (which should be a standard TCP VIP with a client SSL profile). You would not want to add an HTTP profile on the first VIP or LTM will try to decrypt the traffic.
If that doesn't work, can you describe the symptoms and post an anonymized copy of the two virtual servers (b virtual VIP_NAME list)?
Thanks,
Aaron