Forum Discussion

Mahirawat_75557's avatar
Mahirawat_75557
Icon for Nimbostratus rankNimbostratus
Mar 16, 2011

SSL VIP session timeout issue

Hi All,

 

 

I have a VIP configured for port 443 on our LTM and certificate is installed on the server. We are using SNAT auto-map and no persistence profile configured. Users are getting session timeout while accessing the VIP in 1-2 minutes automatically.

 

 

Users are getting natted to same IP before hitting the VIP. If I configure source persistence, issue is resolved but requests are hitting to same server and no load balancing happening. We do not have any other choice of persistence to set to repsolve the issue.

 

 

Can someone let me know a solution to fix it with irule so that session maintain between client and server?

 

 

Thanks

 

Mahi

 

 

  • Hi Mahi,

     

     

    I'm guessing sessions aren't being timed out--rather the clients are being load balanced to a new server where the application session doesn't exist. Are you using a client SSL profile to decrypt the traffic? If so, you could use cookie insert persistence to ensure clients are sent back to the same pool member for the duration of their browser session. If you're not decrypting the SSL, you could try SSL session ID persistence.

     

     

    Aaron