Posted By Jomar on 10/20/2010 08:02 AM
On what port is pool y.z.com listening? If different than 443, is port translation enabled?
Yes it is.
Have you done a tcpdump from LTM to see whether the RST is coming from the pool members or directly from the VIP? I'd be interested to see whether the 3-way handshake, and cert exchange are happening properly.
A good idea, will take a look at that now.
Have you checked your LTM logs to see whether we're throwing any errors?
Yes I have checked the logs, and there are no errors.
Can you also check the stats to confirm the iRule on VS 2 is being executed? If not in stats, add a log statement so rule 2 looks like this
when HTTP_REQUEST {
if {
[string tolower [HTTP::uri]] starts_with "/abc/common/" } {
pool y.z.com
log local0. "User requested [HTTP::uri] and was sent to pool y.z.com"
}
}
Then, check LTM logs to confirm URI is matching.