Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1328
Views
0
Helpful
0
Replies

F5 GTM script monitoring the ASA's SSL VPN availability failing intermittently at a arbitrary interval

abhi.mukherjee1
Level 1
Level 1

‎06-22-2016 07:30 AM

Hello Everyone,

We have a F5 GTM box who monitors our ASA firewall having capability of SSL VPN via a custom script configured on F5. Now this script logs in to the firewall as a SSL VPN user and then log off to make sure the SSL VPN capability is working fine. Now here, as like any normal user when this F5 box is logging in in ASA it is doing a SSL Handshake as like normal user. Now sometimes, in arbitrary interval (2 to 3 times a day) this SSL hanshake is failing once and due to that the F5 monitor is also getting flapped. The capture on the ASA at the time of the issue, showing the SSL handshake is getting failed due to ASA box not sending the "Change cipher spec" (to change from Asymmetric key to symmetric) and after waiting for that response from ASA, F5 is terminating the connection.

Can anyone here have faced this kind of issue and in anyway can help, suggest, or what kind of process in ASA that might have the ability to create this kind of problem when malfunctioning.

Cheers,

Abhi  

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents