09-08-2012 12:03 AM
I have a problem with SSL handshake that I can't get to the bottom of on my ServerIronGT.
Here is the config (it's for both http and SSL, we are only interested in SSL part):
ssl profile bile_lti.pro
server virtual bile_lti 10.130.81.31
port ssl sticky
port ssl ssl-terminate bile_lti.pro
port http request-insert client-ip
bind ssl bile_lti-01 81 bile_lti-02 81 bile_lti-03 81 bile_lti-04 81
bind ssl bile_lti-05 81 bile_lti-06 81
bind http bile_lti-01 82 bile_lti-02 82 bile_lti-03 82 bile_lti-04 82
bind http bile_lti-05 82 bile_lti-06 82
server real bile_lti-04 10.130.80.15
port http keepalive
port http url "GET /isAlive.html"
port http group-id 7 7
port 81 keepalive
port 81 url "GET /isAlive.html"
port 82 keepalive
port 82 url "GET /isAlive.html"
The ServerIron is not forwarding any traffic to the real server, the SSL handshake seems to fail. But I am not sure what's going wrong.
Attached is a TCP dump on the ServerIronGT showing the traffic between the client and LB (rename to .pcap).
After the client hello I don't see anything that would make sense.
Is something obvious missing in my config? Anyone seen this before?