LC outbound Cannot access some https sites

Platform:BIGIP LC 6900

 

TMOS:V10.2+HF2

 

 

Configuration files :

 

virtual VS_outbound {

 

destination any:any

 

mask 0.0.0.0

 

rules irules_outbound

 

}

 

virtual VS_outbound_ftp {

 

translate service disable

 

destination any:ftp

 

mask 0.0.0.0

 

ip protocol tcp

 

rules irules_outbound

 

profiles {

 

ftp {}

 

tcp {}

 

}

 

}

 

-------------------------------------------------------

 

rule irules_outbound {

 

when CLIENT_ACCEPTED {

 

if {[matchclass [IP::remote_addr] equals $::ct_snat] or [matchclass [IP::remote_addr] equals $::ct_client]}

 

{ pool ct_link }

 

else { if {[matchclass [IP::remote_addr] equals $::cnc_snat] or [matchclass [IP::remote_addr] equals $::cnc_client]} { pool cnc_link }

 

else { pool ct_link }

 

}

 

}

 

}

 

-------------------------------------------------------

 

class ct_snat {

 

{

 

network 172.30.224.0/24

 

host 10.148.128.30

 

... ...

 

}

 

class ct_client {

 

{

 

network 172.40.224.0/24

 

... ...

 

}

 

class cnc_snat {

 

{

 

network 192.168.1.0/24

 

host 192.168.10.163

 

... ...

 

}

 

class cnc_client {

 

{

 

network 192.168.100.0/24 ... ...

 

}

 

------------------------------------------------------------

 

 

 

ISSUE:

 

After a day of implementation, client says that some of the users cannot access some HTTPS sites.