I started tcpdump on all three real servers.

When I go through http, I see that traffic on real servers:

17:32:18.944943 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [S], seq 1691755117, win 65535, options [mss 1452,nop,wscale 1,nop,nop,TS val 921369964 ecr 0,sackOK,eol], length 0
17:32:18.944990 IP 10.40.105.147.80 > 95.79.133.64.61347: Flags [S.], seq 157952838, ack 1691755118, win 14480, options [mss 1460,nop,nop,TS val 136468294 ecr 921369964,nop,wscale 7], length 0
17:32:19.228887 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [.], ack 1, win 33120, options [nop,nop,TS val 921370254 ecr 136468294], length 0
17:32:19.230578 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [P.], seq 1:332, ack 1, win 33120, options [nop,nop,TS val 921370255 ecr 136468294], length 331
17:32:19.230606 IP 10.40.105.147.80 > 95.79.133.64.61347: Flags [.], ack 332, win 122, options [nop,nop,TS val 136468323 ecr 921370255], length 0
17:32:19.230832 IP 10.40.105.147.80 > 95.79.133.64.61347: Flags [P.], seq 1:356, ack 332, win 122, options [nop,nop,TS val 136468323 ecr 921370255], length 355
17:32:19.230877 IP 10.40.105.147.80 > 95.79.133.64.61347: Flags [F.], seq 356, ack 332, win 122, options [nop,nop,TS val 136468323 ecr 921370255], length 0
17:32:19.439761 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [.], ack 356, win 32942, options [nop,nop,TS val 921370464 ecr 136468323], length 0
17:32:19.439805 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [.], ack 357, win 32942, options [nop,nop,TS val 921370464 ecr 136468323], length 0
17:32:19.440777 IP 95.79.133.64.61347 > 10.40.105.147.80: Flags [F.], seq 332, ack 357, win 33120, options [nop,nop,TS val 921370465 ecr 136468323], length 0
17:32:19.440803 IP 10.40.105.147.80 > 95.79.133.64.61347: Flags [.], ack 333, win 122, options [nop,nop,TS val 136468344 ecr 921370465], length 0

But when I try go by https, there is no any traffic on realservers at all. The requests doesn't get real servers and die somewhere on ssl-proxy or csm or between them, and I don't know how to check it.

There are also no any access-lists on those vlans on MSFC.