Forum Discussion

Cirrus

Oct 04, 2023

Solved

SSL protocol mismatch

Ok, I ended up way down a rabbit hole earlier this week. That whole line of thought seemed to be a red herring. BigIP LTM trying to load balance to MS Navision servers which don't use standard 80 o...

application delivery

LTM

ssl

Paulius
Oct 05, 2023
irbk That is correct. Unless you have some way of the F5 being able to look for a value in the client request that would define if it was intended to be SSL or not you would have to split SSL and non-SSL into two different VS listening on different ports on the F5 side that is client facing.

Amine_Kadimi

MVP

Oct 04, 2023

To confirm the issue is with the TLS cipher negociation between the client and the VS, you should get a ssldump. Overview of packet tracing with the ssldump utility (f5.com)

The client hello part of the dump will show you what cipehrs are supported by the client, you can then cross check them with the 'DEFAULT' ciphers

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)