I have a setup where I am using my F5 as a forward proxy towards Internet. From my internal environment, when user initiates a connection to a SAP Server (on Internet), user is unable to connect to it, however when he is allowed to Bypass the proxy and connect directly to the SAP Server, it works fine.
On taking the packet capture, I find that when the F5 is initiating packets from it's self-IP towards the SAP Server, after successful TCP Handshake, during SSL Handshake, F5 Self-IP recieves RST packet from the server.
However, in the wireshark RESET Cause states : BIG-IP: [0x2b9df43:6605] iRule execution (reject command)
For Security reasons, I cannot share the Wireshark Screenshot. However, there is no explicit iRule indicated by the capture. It is just this "0x2b9df43:6605" So I am not sure which irule to check. Even the virtual-Server name mentioned in the F5 Trail of the packet in wireshark, does not have any iRule associated to it. So, I am not sure what iRule is the message refering to.
okay. So if there is no iRule/LTM policy at your vip and you are seeing RST is coming from other end, it could be the SAP server having BIGIP infront of it and it's rejecting the connection. So you would have to check with the SAP team.
They might be looking for specific TLS versions and Cipher suites for TLS connection could be one of the reason. SAP team can tell you more on that error though.
