Forum Discussion

Nimbostratus

Mar 26, 2015

TCP monitor vs TCP Half Open

Hi Guys! Got a question for you ... I have a pool of Citrix Gateways, configured with the default TCP monitor. This is causing the gateways to log an error of this sort "SSL three way handshake ...

Cirrus

Mar 26, 2015

You are most likely getting the SSL failure because with a TCP monitor you complete a full three-way handshake. Since you are using a TCP monitor against an SSL interafce it then tries to initiate the SSL handshake and fails. TCP Half-Open doesn't complete the three-way handhsake since it sends a RST instead of an ACK, so it never attempts the SSL handshake. So, in short the TCP vs Half-open will only give you the knowledge that a full TCP handshake can occur vs it responding on the port.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

TCP monitor vs TCP Half Open

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Need F5 iRules Consultant - HTTP Header Manipulation Issues

Ssl profile different in case of retry

WebSocket connection to 'wss://...' failed: Invalid frame header

L7DoS Profile does not show baseline traffic.

Checkpoint Web Smartconsole behind reverse proxy.

Related Content

TCP 3-WAY Handshake vs TCP Half-Open

Phishing, Malware, Breach and Open-Source Security

DevCentral Connects Recap: Open Finance, APIs, AI & Security

AppWorld 2024 Call For Speakers open

US Tiktok ban, Salt and Twill, over Half billion in crypto stolen

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS