Patrik_Jonsson's avatar
Patrik_Jonsson
Icon for MVP rankMVP
Jan 10, 2017

That would conclude that it's a problem with one specific load balancer, and only for some objects? Very weird...

Read-only vs admin does not make a difference in terms of results, it's just good practice to not give more access than necessary.

For "fun" could you please run this on the device (ssh to it) and see if you see your ssl profiles then?

curl -sku user:password https://localhost/mgmt/tm/ltm/virtual?expandSubcollections=true\&\$select=name,profilesReference/items/name,profilesReference/items/context | json-format

You need to run the command as an admin user, preferably the same user you used to generate the report earlier.

You should then get a list that looks like this:

{
      "name": "vipname",
      "profilesReference": {
        "items": [
          {
            "name": "profilename",
            "context": "all",
            "nameReference": {
              "link": "https://localhost/mgmt/tm/ltm/profile/tcp/~Common~profilename?ver\u003d12.1.2"
            }
          }
        ]
      }
    },

If you don't see the profiles on your servers you have grounds to open up a case with F5 (they support iControl Rest but not the powershell snap-in).

That would be the "simple" way. Then there is a way of using Wireshark to capture the iControl traffic, decipher it to extract the SOAP request and response and then open up a case with that. But that would probably require too much effort. 🙂

/Patrik