Internet Proxies load balanced through LTM

Question

Has anyone tried to load balanced the internet proxies through LTM ? We have configured our proxies to be load balanced through LTM. It works fine when users are surfing internet &amp; watching videos. But we hot with a very strange issue when people using outlook in office 365 (Mailboxes in MS cloud), a lot of people complained that their mailboxes hangs or frozen. At the same time several people complained that they are unable to access the internet. All this traffic works fine when proxies are load balanced through DNS round robin. Any thoughts or suggestions ?
Below is the VS &amp; pool config.&nbsp;
ltm virtual vs_proxyserver_prd_8080. {
    destination 172.27.116.124:webcache
    fallback-persistence source_addr
    fallback-persistence-type source-address
    ip-protocol tcp
    mask 255.255.255.255
    persist {
        cookie_proxy {
            default yes
        }
    }
    pool pool_extdmzproxyserver_prd_8080.
    profiles {
        TCP_RAC { }
        analytics { }
        http_proxy { }
    }
    rules {
        irule_inserted_x-forwared-for
    }
    source 0.0.0.0/0
    source-address-translation {
        pool SNATpool_proxy._8080_PRD
        type snat
    }
    translate-address enabled
    translate-port enabled
    vs-index 269
}&nbsp;
ltm pool pool_extdmzproxyserver_prd_8080. {
    description "McAfee Proxy Servers in External DMZ"
    ip-tos-to-client 32
    load-balancing-mode least-connections-member
    members {
        nds_ext_beseh011.:webcache {
            address 172.27.119.106
            connection-limit 24000
            description "McAfee Proxy Servers in External DMZ"
            priority-group 10
            session monitor-enabled
            state up
        }
        nds_ext_beseh018.:webcache {
            address 172.27.119.101
            connection-limit 24000
            priority-group 10
            session monitor-enabled
            state up
        }
        nds_ext_beseh019.:webcache {
            address 172.27.119.102
            connection-limit 24000
            priority-group 10
            session monitor-enabled
            state up
        }
        nds_ext_bxteh011.:webcache {
            address 172.27.119.108
            connection-limit 24000
            description "McAfee Proxy Servers in External DMZ"
            priority-group 10
            session monitor-enabled
            state up
        }
        nds_ext_bxteh018.:webcache {
            address 172.27.119.103
            connection-limit 24000
            priority-group 10
            session monitor-enabled
            state up
        }
        nds_ext_bxteh019.:webcache {
            address 172.27.119.104
            connection-limit 24000
            priority-group 10
            session monitor-enabled
            state up
        }
    }
    min-active-members 1
    monitor min 1 of { gateway_icmp http_8080 }
    service-down-action reselect
}&nbsp;

oscar_pucheta · Answer

Hi,if possible and only just for testing purpose, during a maintenance window  try disabling the http profile on the F5. it may help to narrow down the issue.&nbsp;Best Regards,Oscar Puchetahttps://www.australtech.nethttps://www.linkedin.com/in/npucheta/

Forum Discussion

Internet Proxies load balanced through LTM

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

Related Content

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Protect an application exposed on Internet with F5 XC WAAP

NGINXaaS for Azure: Load Balancing

F5 TCP Proxy mode