Bug ID 1047377: "Server-speak-first" traffic might not work with SSL Orchestrator

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP SSLO(all modules)

Known Affected Versions:
16.1.1, 16.1.2,

Fixed In:

Opened: Sep 16, 2021

Severity: 3-Major


Server-speaks-first traffic does not pass through BIG-IP SSL Orchestrator. BIG-IP does not perform a TCP three-way handshake to the server.


Connection does not succeed, client sees a reset after timeout.


SSL Orchestrator interception rule has an attached security policy that is service chaining and at-least one service has port-remap enabled.


Disable port-remap on service and redeploy.

Fix Information

Fix SSL Orchestrator connector to handle server speaks first traffic. After fix, server-speaks-first traffic will work even with port-remap enabled on the service.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips