Forum Discussion

Nimbostratus

Jul 15, 2011

SSL persistence with F5

We are having the sharepoint portal. There are some users connected from 1 source ip remotely If SSL persistence is enabled, all the connection will go to 1 reverse proxy server. If ther...

microsoft

partner

hooleylist

Cirrostratus

Jul 15, 2011

If you're decrypting the SSL on LTM you could use cookie insert persistence instead. This is generally a better method than SSL session ID persistence as it is not subject to the browser using a new session ID.

But I'm surprised to hear that all requests get persisted to the same pool member with SSL session ID persistence. Each browser, even if connecting from behind the same proxy, should negotiate an SSL handshake with a separate SSL session ID. Or are you using server SSL also? If so, see SOL3062 for the requirements for using SSL persistence:

sol3062: Using SSL (Session ID) persistence

http://support.f5.com/kb/en-us/solutions/public/3000/000/sol3062.html

Aaron

Forum Discussion

SSL persistence with F5

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

SOCKS5 SSL Persistence

Persisting SSL Connections

SSL Orchestrator Advanced Use Cases: Outbound SNAT Persistence

Decoding the IPv4 address from the persistence cookie

Setting up persistence in F5 XC