Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Salmander's avatar
Salmander
Icon for Nimbostratus rankNimbostratus
Sep 30, 2020

SSL Handshake errors - no additional information in ltm log - v13.1.3.5

Hi. I need to troubleshoot some SSL Handshake errors and I understood that additional logging should already be available in the LTM log but it is not on my v13.1.3.5 LTM-VE. I have tried changing ...
big-ip
security
ssl
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Sep 30, 2020

Hi Salmander,

Can you try this iRule?

when HTTP_REQUEST {
	log local0. "Cipher=[SSL::cipher name] - Version=[SSL::cipher version] - Bits=[SSL::cipher bits]"
}
Salmander's avatar
Salmander
Icon for Nimbostratus rankNimbostratus
Sep 30, 2020

Thanks for the reply. That works well for traffic which is successfully processed by the F5 but does not appear to work for traffic that is reported by the "SSL Handshake failed for TCP" issue.

 

I have added Source IP Address=[IP::client_addr]:[TCP::client_port] to your iRule so the source IP address and source port is reported in the log, but the iRule does not appear to be run for the traffic that has the SSL Handshake error by verifying the source IP address/port details