Forum Discussion

Dave_McCauley_3's avatar
Dave_McCauley_3
Icon for Cirrostratus rankCirrostratus
Mar 17, 2019

SSL Orchestrator Response Inspection

I've been testing the latest SSL Orchestrator with the guided configuration and I've noticed that it doesn't seem like the responses are sent to the inspection devices. Everything I've seen looks like they should be going through, but on a tcpdump I don't see anything.

 

I've configured the BIG-IP as the gateway for a test client, and I can block specific sites with my filtering device, so I know outbound request filtering is working. I've configured a PAN as a L3 device in the service chain and I've been running a tcpdump on both the to-the-pan vlan and the from-the-pan vlan. Any ideas, am I doing something wrong or is it working as expected?

 

  • I started from scratch and redployed the BIG-IP and the whole SSLO configuration and the responses now are visible in the tcpdump on the VLAN to the PAN.

     

    I can't see anything different, but it's working now!

     

  • I started from scratch and redployed the BIG-IP and the whole SSLO configuration and the responses now are visible in the tcpdump on the VLAN to the PAN.

     

    I can't see anything different, but it's working now!