Forum Discussion
Kevin_Stewart
Jul 09, 2014Employee
Okay, so given the log data (cleaned up for viewing):
10.65.59.202:56070: SSL handshake completed, collecting SSL payload
QA-xxx-CUST1: QA-xxx-CUST1
x Entity Session routing QA-xxx-CUST1 and setting persistence
10.65.59.202:56074: SSL handshake completed, collecting SSL payload
:
x Entity Session routing and setting persistence
10.65.59.202:53658: SSL handshake completed, collecting SSL payload
QA-xxx-PROV1: QA-xxx-PROV1
x Entity Session routing QA-xxx-PROV1 and setting persistence
10.65.59.202:53668: SSL handshake completed, collecting SSL payload
:
x Entity Session routing and setting persistence
TCL error: /Common/x_Entity_Irule - attempt to use empty persistence key (line 1) invoked from within "persist uie $entityID 64000"
Two things are evident:
-
Every other TCP session is missing the entityID data in the payload. The source port is different each time, so is this a single client interaction, or are you testing repeatedly?
-
You should probably check that the $entityID variable has something in it before attempting to use it for persistence
It may be more helpful at this point to spin up Wireshark to observe these interactions through a native connection (without LTM SSL offload). You can configure it to decrypt the SSL payload by inserting the private key into the RSA list of the SSL configuration. At a minimum you want to verify that the entityID is indeed in every request packet.