Forum Discussion
Kai_M__48813
Cirrus
Cirrusvdi not working
after our upgrade to 12.1.1, our vdi environment has stopped working. Traffic hits the bigip, but security server sends a error_connection_reset. my suspiscion is that the cookies are not accepted. i saw this on other services, but there, i could simply turn off the modified domain and asm cookie check.
we set up the vdi environment using the iapp, but we are not using apm or asm on it. the bigip directs traffic straight to the server, but it drops. no changes have been done to the service apart from the software upgrade.
does anyone have any thoughts on how to proceed with troubleshooting this one?
What version was the upgrade from ?
Do you get an SSL Handshake error as the DEFAULT Cipher string has changed ?
IainThomson85_1Cumulonimbus
What version was the upgrade from ?
Do you get an SSL Handshake error as the DEFAULT Cipher string has changed ?
Kai_M__48813we went from 11.5.2 to 12.1.1
i get ssl handshake errors in the log, but they dont specify which virtual server it is. assuming this is the issue, what will be the next step forward?
- Kai_M__48813
the case is now solved! the vdi environment didnt accept the new DEFAULT cipherstring when reencrypting the requests. so i built a new serverside ssl profile, based on the insecure-compatible profile, as it doesnt use the DEFAULT ciphers.
and now i can log in and choose a machine from the pool.
thanks for pointing me in the right direction!
- IainThomson85_1
WooohOOo! I helped :)
Thanks for confirming.
boneyardMVP
if IainThomson85 did indeed provide the correct answer please flag it as such Kai M.
- Kai_M__48813
i forgot that...how can i get in and flag it? all i can seemingly do, is to edit the original question..
- boneyard
sorry i missed IainThomson85 didn't use the answer section but the comment, no then you can't do anything. IainThomson85 might copy paste his correct answer to the answer section.
- IainThomson85_1
What version was the upgrade from ?
Do you get an SSL Handshake error as the DEFAULT Cipher string has changed ?