Bug ID 751807

Bug Tracker
ID 751807

Bug ID 751807: SSL Orchestrator may not activate service connectors if traffic is an HTTP tunnel

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5

Fixed In:
15.0.0, 14.1.0.6

Opened: Dec 04, 2018

Severity: 3-Major

Symptoms

Decrypted traffic is not forwarded to services despite even though a matching rule action in security policy selects a service chain.

Impact

No visibility to decrypted traffic if it is an HTTP tunnel through SSL Orchestrator.

Conditions

-- Matching rule action in security policy selects a service chain. -- Traffic is an HTTP tunnel (CONNECT method) is accepted by an outbound transparent proxy created by SSL Orchestrator.

Workaround

None.

Fix Information

Decrypted traffic is forwarded as expected to services, when matching rule action in security policy selects a service chain, for HTTP tunnel traffic sent through SSL Orchestrator.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips