Posted By Jomar on 10/20/2010 07:28 AM
That is correct. VIP 2 is listening on 443 and is the SSL terminator. We are seeing the connection reset for anything that matches the /abc/common URI. All other traffic is passing as expected.
On what port is pool y.z.com listening? If different than 443, is port translation enabled?
Have you done a tcpdump from LTM to see whether the RST is coming from the pool members or directly from the VIP? I'd be interested to see whether the 3-way handshake, and cert exchange are happening properly.
Have you checked your LTM logs to see whether we're throwing any errors?