BIG IP does not pass RESET packets

Question

Hello everyone, we have in our infrastructure a fortinet waf behind the big-ip. The WAF is in offline mode, when it detects an attack sends a RESET to the client and the server, making captures we see that the BIG-iP does not pass that RESET to the client.
Why does not that RESET pass to the client and pass an END?
In the first image, you can see the waf RESET captured.
In the second image, you can see interface internal BIG-IP ,the reset packet is.
In the third image , you can see interface external BIG-IP, the reset packet is not.&nbsp;
&nbsp;
&nbsp;
&nbsp;

miguelarias_108 · Answer

Can anyone help us? This operation is normal because Big-ip is a full-proxy?&nbsp;
Thanks&nbsp;

stanislas_piro2 · Answer

did you configure oneconnect profile on the virtual server?&nbsp;

Forum Discussion

BIG IP does not pass RESET packets

2 Replies

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

Automating Packet Captures on BIG-IP

send fin packet when got reset packet

UDP TCP Packet Duplication