SSL offloading issue with MSSQL
Hello all,
We have a setup where f5 does the SSL offloading for our MSSQL server but looks like when we enable this feature the client cannot establish the connection to the server. When we disable the SSL offloading on the f5 the connection is successful. Below is the logical setup:
MS-SQL (TCP 1433) <---un-encrypted--->f5 VIP (custom TCP port)<----encrypted---> SQL client
f5 VIP has SNAT feature enabled. tcpdump on f5 shows the request comes from the client and connection establishes successfully but nothing goes to the host (SQL server) from the f5. The error on the client indicates that connection gets terminated from the server (f5):
A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.) (Microsoft SQL Server, Error: 10054)
We have done SSL offloading with f5 successfully and it is working for other services but this one is acting up. I was wondering if there is compatibility issue or something between MS-SQL server and f5 that SSL offloading wouldn't work. I would welcome any suggestion.
Thanks