Forum Discussion
Kevin_K_51432
Apr 16, 2014Historic F5 Account
Hi MW, It looks like the only restrictions are using an SSL Server Profile and Client Authentication. Some additional details:
https://support.f5.com/kb/en-us/solutions/public/3000/000/sol3062.html?sr=36697813
Be careful of using source address as backup. If connections come through a proxy or the timeout is longer for the source IP, it will overtake the SSL ID Persistence.
Kevin
- What_Lies_Bene1Apr 17, 2014CirrostratusThanks Kevin. I finally found my notes from the other Kevin, as follows: "on some older platforms, the SSL session ID isn’t stored globally; it’s stored within the TMM handling that connection. Therefore a CMP system may create multiple different persistence records for connections within a single session. Disabling CMP on the Virtual Server overcomes this issue but this is not ideal." - I'd assume this isn't really an issue anymore with the various TMOS and platform upgrades since then.