BIG-IP SSL related error/access logs

Question

In case of SSL termination (HTTPS offloading), is there a way to find out if the client is being blocked by BIG-IP because of http://.. access. Does BIG-IP output any SSL related authentication error/access logs?&nbsp;
We have HTTPS web service (https://example.jp/).
We doubt that our client tried to access through http://example.jp/&nbsp;
Does BIG-IP produce any logs/hints in case like above? 
How does BIG-IP respond to case like above?&nbsp;
We would be grateful if anyone could provide us with the answer/knowledge.
Thank you!&nbsp;

samir_jha_52506 · Answer

Its default behaviour of LTM to drop connection if http(vip) doesn't exist. If you wanted to track http connection then create http vip n apply irule with drop condition and send client log to ltm. Does it makes sense?&nbsp;
Other option to redirect all connection to https vip n take client IP log.&nbsp;

rsacheen · Answer

Thank you for the reply jhaas! 
Want to know whether LTM produces any logs when the connection is dropped.
About tracking HTTP connection and redirection to HTTPS VIP, I shall try it later. Thanks!&nbsp;

samir_jha_52506 · Answer

No.F5 doesn't track drop connection log in ltm log.&nbsp;

rsacheen · Answer

Got the answer. Thank you!&nbsp;

Forum Discussion

BIG-IP SSL related error/access logs

4 Replies

Recent Discussions

preserve client IP on layer 4 VIP

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

Mitigating OWASP API Security risks using BIG-IP

Quick Optimizations for F5 BIG-IP Virtual Edition

Getting Started with BIG-IP Next: Upgrading Central Manager

Multi-Stores Citrix environment BIG-IP APM