Bug ID 755047: Category lookup returns wrong category on CONNECT traffic through SSLO

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4

Opened: Jan 09, 2019
Severity: 3-Major

Symptoms

Category lookup returns wrong category on CONNECT traffic through F5 SSL Orchestrator (SSLO).

Impact

Category Match is not performed, resulting in fallback branch to be taken.

Conditions

-- Outbound deployment configured in SSLO, where SSLO behaves as a transparent proxy. -- A policy has a branch to lookup category using HTTP Connect. -- An HTTPS client generates HTTPS traffic via an explicit proxy on local network with private address through SSLO as the gateway.

Workaround

None

Fix Information

None

Behavior Change