Bug ID 484661: SWG: Disable port translation on SSL virtual server

Last Modified: Mar 12, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Opened: Oct 15, 2014
Severity: 2-Critical

Symptoms

Secure Web Gateway Implementation guide does not specify the need to disable Port Translation on the virtual server for SSL.

Impact

SSL intercept does not function as intended.

Conditions

A problem can occur in either an SWG explicit or SWG transparent forward proxy configuration.

Workaround

1. Select Local Traffic > Virtual Servers and click the name of the virtual server used for SSL in the SWG configuration. 2. Scroll down to the Configuration area and select Advanced from the list. 3. Scroll down to Port Translation and clear the Enabled check box. 4. Click Update.

Fix Information

None

Behavior Change