16-May-2021 07:07
Hi guys,
Whenever I try to run the SSLO with the services I always get the request back from my servers but if I add the services in the service chain it's not pushing thru. The devices are reachable with the corresponding interfaces, but I really can't seem to route and inspect the traffic from the services. Any ideas on how to fix this? Are there particular configurations that should be made first with my IPS to route the incoming traffic to the outgoing interface? I'm really lost on this one.
17-May-2021 03:21
Have you done tcpdump to see if the F5 sends the data to the servers and if they return reply as you may have a ping but a specific port could be blocked (you may also use telnet command from the F5 device to check if particular port can be accessed on the IPS server):
https://support.f5.com/csp/article/K411
https://support.f5.com/csp/article/K13637
Check the port lockdown on the self ip that connects to the IPS servers just in case:
https://support.f5.com/csp/article/K17333
Also check this article SSLO issue investigation:
https://support.f5.com/csp/article/K13637