Forum Discussion

Nimbostratus

Jul 15, 2011

SSL persistence with F5

We are having the sharepoint portal. There are some users connected from 1 source ip remotely If SSL persistence is enabled, all the connection will go to 1 reverse proxy server. If ther...

microsoft

partner

hoolio

Cirrostratus

Jul 15, 2011

If you're decrypting the SSL on LTM you could use cookie insert persistence instead. This is generally a better method than SSL session ID persistence as it is not subject to the browser using a new session ID.

But I'm surprised to hear that all requests get persisted to the same pool member with SSL session ID persistence. Each browser, even if connecting from behind the same proxy, should negotiate an SSL handshake with a separate SSL session ID. Or are you using server SSL also? If so, see SOL3062 for the requirements for using SSL persistence:

sol3062: Using SSL (Session ID) persistence

http://support.f5.com/kb/en-us/solutions/public/3000/000/sol3062.html

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL persistence with F5

Recent Discussions

Getting trial license for exam preparation

HTTP 413 error

iRule to Change Default Pool (not redirect to another pool)?

Throughput

Question about RSS for New and Updated Articles

Related Content

SOCKS5 SSL Persistence

Persisting SSL Connections

SSL Orchestrator Advanced Use Cases: Outbound SNAT Persistence

SSL Profiles Part 6: SSL Renegotiation

Setting up persistence in F5 XC

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS