IRONMAN
Feb 17, 2020Cirrostratus
When HTTP URL hitting the Virtual server with client SSL profile on port no 500, Will it accept the traffic?
Hi , any one guide what exactly happens here, it is not working, but i need to know is it possiable to make it work for both HTTP and HTTPs for VIP with client SSL profile URL: http...
- Feb 18, 2020
A virtual server is an IP:port listener so it's perfectly possible to make it accept traffic in whatever port you want. If you configure your virtual server as IP:500, it will accept traffic. However, if you add a Client SSL profile to it, then BIG-IP expects to receive a Client Hello after TCP 3-way handshake completes. If it doesn't, BIG-IP rejects the connection. The only exception to this is if you explicitly enable allow-non-ssl setting on Client SSL profile. Then, it should allow any other kind of traffic go through. Hope it helps.
Rodrigo