Random TCP Resets from F5
Good day all, I am researching an intermittent and random issue where our F5 WAFs respond to customers with the following: "An error occurred while sending the request.::Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..::An existing connection was forcibly closed by the remote host." I collected PCAPs and examined the traffic and it leads back to the WAFs sending the reset. I've searched this issue with A.I. assistance and it suggested adjusting/increasing the client ssl profile "handshake timeout" value from 10 seconds (default) to possibly 20 and 30 seconds, depending on traffic load. Is this a legitimate suggestion and potential resolution? Has anyone modified their "handshake timeout" setting from default? I appreciate your time and energy and look forward to your thoughts and suggestions. Thanks!
