Forum Discussion
CirrusUser access to servers
Very well ,
Change " service port 0 " to your needed port "7134"
This mandatory in your Case.
> Virtual server "100.68.0.8" listens on 443 , it performs destination NAT to both Pool_members "100.66.0.8" and "100.66.0.7".
But What about the port translation ,
443 port can not be translated to port "0" , Port "0" means any.
so in this case , F5 does not perform a Port address translation it transfer the traffic on Port 443 as it is without translation to port 7134.
> so the needed action is to change "0" to 7134 on both of pool members.
Thats why you access it when configuring the virtual server to listen on port 7134 not 443 as you did recently.
try it and tell me.
it will work isa.
CirrusFrom my PC I do not have access to it as web put ping I am able to do it
Cirrusyes the server has it's own self sign certificate
okay ,
> Put a serevr ssl profile in " 100.68.0.8" virtual server.
in still not working,
> you will take a packet capture
tcpdump -nnnveti 0.0:nnnp host "your_PC_IP_address" -s0 -S -w /var/tmp/name_of_the_file.pcap
> Do not forget to put your IP address in this feild "your_PC_IP_address" not Virtual server in tcpdump this command.
> after this command we can see the connections from your Pc to F5 and from F5 to Backend servers and the returned Path as well.
First take it , when it is done with you and you could capure these traffic , notify me , I will send so filters in Wireshark to view this behavior.
Regards- MustphaBassim
here it is the file for wireshark
https://mega.nz/file/ozI3laAQ#4aMeivOXWIXNT7YW51qe-LclSt-0lm4YSvA1x6xPQ6s
very Well ,
No Issues From your PC and F5 , F5 take your traffic and directs it to "100.66.0.8" and it uses one of SNAT pool IPs "100.68.0.117".
> the issue is between F5 and server "100.66.0.8" , F5 sends the traffic to it on port 443 not 7134 as configured on your server , so server "100.66.0.8" resets this connections because it has not 443 "https" service on it and it uses 7134 even if you assign a self certificate on server but it listens on port 7134.
> Please send a snap shot from "100.66.0.8" pool member configuration , something wrong with it
check it and tell me.- MustphaBassim
here they are
Very well ,
Change " service port 0 " to your needed port "7134"
This mandatory in your Case.
> Virtual server "100.68.0.8" listens on 443 , it performs destination NAT to both Pool_members "100.66.0.8" and "100.66.0.7".
But What about the port translation ,
443 port can not be translated to port "0" , Port "0" means any.
so in this case , F5 does not perform a Port address translation it transfer the traffic on Port 443 as it is without translation to port 7134.
> so the needed action is to change "0" to 7134 on both of pool members.
Thats why you access it when configuring the virtual server to listen on port 7134 not 443 as you did recently.
try it and tell me.
it will work isa.- MustphaBassim
finally it's worked thanx very much for your kind support
Greet News MustphaBassim ,
I am happy for you and this good troubleshooting as well.
Most welcome bro 🤝
