Forum Discussion
Michael_Yates
Nimbostratus
Nimbostratusv10.2.0 Upgrade, results in Virtual Server Failure
Hey Everybody,
I am quite familiar with v9, but recently upgrade my Model / Integration F5's from v9.4.3 to v10.2.0 (large jump I know).
I know that some of the features with the iRules have changed, but what I am experiencing is at the Virtual Server level.
Does anyone know what could affect a base virtual server to fail after an upgrade? Something in the default profiles that has changed to a degree to cause this?
Michael_YatesNevermind :-)
Found the issue.
The Problem I was having was related to the serverssl profiles on the v10.x.x. The default Ciphers have now been upgraded to drop all weak encryption.
The application I was working with used a Self-Signed SSL Certificate that had weak encryption so all of the traffic was being dropped.
Default Profile - serverssl - Has increased Ciphers. See the Solution below to see the defaults:
http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10262.html
Default Profile - serverssl-insecure-compatible - Will allow the traffic with weak encryption to pass through (I would only suggest using it until you can get it fixed / replaced). You can see additional information about it here:
http://support.f5.com/kb/en-us/solutions/public/11000/600/sol11624.html
I hope this helps someone else!- smp_86112
Cirrostratus
Hi Michael, I was also impacted by this change:
http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/52/afnp/1197150/afv/topic/aft/1172861/aff/31/showtab/groupforums/Default.aspx
Our clients would only accept ciphers based on the MD5 hash which was removed in 10.2.0. I had to add them back into the Client SSL Profile.