SSLO routing error

Question

Hi guys,&nbsp;Whenever I try to run the SSLO with the services I always get the request back from my servers but if I add the services in the service chain it's not pushing thru. The devices are reachable with the corresponding interfaces, but I really can't seem to route and inspect the traffic from the services. Any ideas on how to fix this? Are there particular configurations that should be made first with my IPS to route the incoming traffic to the outgoing interface? I'm really lost on this one.

nikoolayy1 · Answer

Have you done tcpdump to see if the F5 sends the data to the servers and if they return reply as you may have a ping but a specific port could be blocked (you may also use telnet command from the F5 device to check if particular port can be accessed on the IPS server):

https://support.f5.com/csp/article/K411

https://support.f5.com/csp/article/K13637

Check the port lockdown on the self ip that connects to the IPS servers just in case:

https://support.f5.com/csp/article/K17333

Also check this article SSLO issue investigation:

https://support.f5.com/csp/article/K13637

Forum Discussion

SSLO routing error

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

SNI Routing with DNS Lookup

SSLO HTTPS conversion to HTTP for NGFW inspection

F5 BIG-IP Access Policy Manager (APM) Identity-based steering with SSL Orchestrator (SSLO)

response message be processed by SSLO again?

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS