Bug ID 864329: Client port reuse causes RST when the backend server-side connection is open

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP APM, SSLO(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,, 15.0.0, 15.0.1,,, 15.1.0,

Fixed In:

Opened: Dec 20, 2019

Severity: 3-Major


The BIG-IP system or SSL Orchestrator does not close server-side connections when the security service closes the connection with the BIG-IP or SSL Orchestrator. So if client reuses the port, SSL Orchestrator rejects new connections by sending RST.


The BIG-IP system or SSL Orchestrator rejects new connection from clients when a client reuses the port.


-- Service profile is attached to virtual server. or -- SSL Orchestrator is licensed and provisioned and Service chain is added in the security policy. -- Security service closes the server-side connection with SSL Orchestrator. -- Client reuses the source port.



Fix Information

The BIG-IP system or SSL Orchestrator no longer rejects the client connection when the client reuses the port.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips