Forum Discussion

imashish87's avatar
imashish87
Icon for Nimbostratus rankNimbostratus
Jan 06, 2023

Issue with SFTP Connection - Forward Proxy

Hi All,

I am facing issue with SFTP forward proxy virtual server. I have this VS with below details:

Source: 10.244.0.0/16

Destination: 0.0.0.0/0

Dst Port: 8822

irule --> which redirects the connection to port 22

there are many other SFTP applications running smoothely except one on which Vendor 3Econ.com applied security patch named Serv-U post that our application team is facing issue. I had taken packet captures however there is nothing suspicious about F5. Is any anyone faced such issue after update of Serv-U patch on SSH servers. Below is the links shared by vendor regarding the patch.

Below is a link to the “Release Notes” for ServU 15.3.1 and 15.3.2

Please review

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-2_release_notes.htm

https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-3-1_release_notes.htm

 

Supported Key Exchange, SSH Ciphers and SSH MACs for ServU

Key Exchange (KEX), SSH ciphers and SSH MACs supported in Serv-U (solarwinds.com)

If anyone can help me what I can check, will be really helpful also if needed I can share wireshark captures.

TIA,

Ashish Solanki

application delivery
sftp

3 Replies

Sort By
  • Mike757's avatar
    Mike757
    Icon for MVP rankMVP
    Jan 06, 2023

    Hi Ashish,

    Are you doing SSL interception on your F5 box? If not, I guess captures will show you the SSL handshake and not much more useful data. And also be aware that, if the F5 box is not involved in the SSL transaction, the negotiation is stricly between the client and end server.

    Anyway, you mentioned two things that will need further clarification:

    1. iRule to redirect traffic to port 22.
    Why? Just configure your pool members with port 22. No need for an iRule there, unless I'm not seeing the full picture. [Just re-read it... forward proxy, so no pool, right? Forget this one...]

    2. Security patch on the server side.
    Did the F5 Virtual Server ever work before that patch was applied?

    BR,
    Mike

  • Mike757's avatar
    Mike757
    Icon for MVP rankMVP
    Jan 10, 2023

    Hi richmond,

    Didn't quite get it. Do you mean to say that it never worked?

    I would suggest that you share the relevant configuration (Virtual Server, iRule, any custom profile if applicable). And maybe try to ssh from your F5 box directly to the end-server to check for connectivity.

    /Mike