Forum Discussion

Dran's avatar
Dran
Icon for Nimbostratus rankNimbostratus
Jun 23, 2020

Application works externally via F5 but not internally

Hi

 

One of the application works fine when accessed externally eventhough the certificate on the server isn't correct and on F5, we have added digi cert signed certificate as client ssl profile and used as server ssl profile as the server is running https service.when accessed internally, the connection is reset and page doesn't come up. Couple points to note when accessed internally, the application is in a different domain than the one from where it is being tried but the same laptop when connected to external, the application works fine. Network wise, telnet works on 443 from internal network to application. Did packet capture and ssl handshake seems to be successful between (client and f5) and (f5 and sever) and I can see 'application data' sent but then the client resets the traffic. Not sure why the application access works externally because the certificate on the server is wrong and when access directly to server, it gives cerficate error.

  • Hello,

     

    First of can you check that you set in your virtual serveur "automap" (NAT). and you set an http profil in your vs. And last point, in "VLAN and Tunnel Traffic" set configuration to "All Vlans and Tunnels"

     

    Second point when you test from internal can you apply this capture:

     

    tcpdump -nni 0.0 host "user ip" and host "vs ip"

     

    Then validate that you can reach the VS and a response is send to user.

     

    You can also apply an "tracert" from internal in order to validate that routing is done corectly from internal:

    tracert "VS IP"

     

    keep me in touch.

    regards