Forum Discussion
4 Replies
- fgf_165674Nimbostratus
Hello,
172.20.234.34 is a floating or a non-floating Self-IP address?
If it is a non-floating Self-IP address, is it configured on the active or standby unit?
Regards,
- Doran_LumNimbostratus
Floating Self-IP so it's on both active and inactive unit
- Ed_SummersNimbostratus
You can use the self-IP as a next-hop. Typically (simply speaking) you'll want to use a floating self IP for the traffic group so routing survives a fail-over between clustered devices (if applicable).
However the wording of your question catches my eye. If the issue is constrained by a property of the server certificate (SHA2 signature algorithm or other), then I would not suspect routing as the issue. Does the issue only impact servers using SHA2 certificates? Are other servers in the same subnets working properly?
- Doran_LumNimbostratus
Thanks, for the certificate yes it seem to impact SHA2 certificates only. On the tcpdump on F5 we see the TLS 1.2 encrypted alert 21. It's affecting different servers on different subnets