SSLO routing error

Question

Hi guys,&nbsp;Whenever I try to run the SSLO with the services I always get the request back from my servers but if I add the services in the service chain it's not pushing thru. The devices are reachable with the corresponding interfaces, but I really can't seem to route and inspect the traffic from the services. Any ideas on how to fix this? Are there particular configurations that should be made first with my IPS to route the incoming traffic to the outgoing interface? I'm really lost on this one.

nikoolayy1 · Answer

Have you done tcpdump to see if the F5 sends the data to the servers and if they return reply as you may have a ping but a specific port could be blocked (you may also use telnet command from the F5 device to check if particular port can be accessed on the IPS server):

https://support.f5.com/csp/article/K411

https://support.f5.com/csp/article/K13637

Check the port lockdown on the self ip that connects to the IPS servers just in case:

https://support.f5.com/csp/article/K17333

Also check this article SSLO issue investigation:

https://support.f5.com/csp/article/K13637

Forum Discussion

SSLO routing error

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

SSLO HTTPS conversion to HTTP for NGFW inspection

response message be processed by SSLO again?

Disable Inter-VLAN Routing?

Symmetric routing on NGINX Plus with multiple interfaces

Lightboard Lessons: Inspecting Encrypted Traffic With F5 SSLO and Cisco FTD

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS