Port translation not happening

Question

We have configured a VIP to listen on port 443 and the associated pool members listening on port 7443.&nbsp;
Now when we are trying open the VIP IP from our browser we are getting Page cannot be displayed error.But we are able open the web page directly if we put the server IP with port 7443.&nbsp;
We have checked the routing and also enabled the Port and address translation option.&nbsp;
What could be issue. &nbsp;

samir_jha_52506 · Accepted Answer

Have you installed SSL certificate on Server Side? Yes. 1). Select Server side certificate as "serverssl-insecure-compatible" &nbsp;
2). Select SNAT Automap
3). Capture TCPDUMP&nbsp;
Please let me know if it is working&nbsp;

niels_van_sluis · Answer

Did you also enable SNAT automap or SNAT pools? Have you supplied both the client- and serverssl profiles if you are planning to do SSL bridging? What does a tcpdump on the BIG-IP show?
 tcpdump -nni 0.0:nnn port 7443

paulastya_aich_ · Answer

We are not using any ssl offloading in f5.
snat is set to automap.
In the tcpdump at F5, we are getting reset packet from the realservers after completeing the 3way handshaking. The reset is coming in response of fin/ack from the snat ip to the server.&nbsp;

Forum Discussion

Port translation not happening

3 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

"Core the device" - what actually happens

Need Irule for redirection for port translation

Everything old is still happening - May 15th - 21st, 2023 - F5 SIRT - This Week in Security

IPv6 Virtual Server to IPv4 pools translation

GTM Translation