Forum Discussion

Nimbostratus

Mar 11, 2013

ProxyPassSSLProfiles Internal Data Group Issue

I am having a problem with v10.9 of ProxyPass. I've setup the internal string data group ProxyPassSSLProfiles with one name-value pair. It appears that the findclass statement below that att...

Nimbostratus

Mar 12, 2013

I was able to get ProxyPass v10.9 to function properly on TMOS v11 with only the change mentioned in my above posting - using class match instead of findclass.

I also discovered that in v11.2 where it now supports and defaults to strict secure renegotiation in the server side SSL profile. My lab test was failing with the following message in the log file.

warning tmm1[7283]: 01260017:4: Connection attempt to insecure SSL server (see RFC5746) aborted: ...

Setting the "Secure Renegotiation" setting in the server SSL profile to "Request" fixed this issue for me. I mention this ssl profile setting because obviously it is related to the ProxyPass iRule in the context above (i.e. ProxyPassSSLProfiles, etc.) and it is a change from v10.

Cheers

-Deon

Forum Discussion

ProxyPassSSLProfiles Internal Data Group Issue

Recent Discussions

Find GSLB pool membership from vip IP

Pool Members communication with B-party via F5 VIP

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Related Content

Update an internal Data Group via API?

Certified Kubernetes Administrator - Study Group

2 internal server vlans

Using F5 for load balancing internal traffic

GTM synchronization group