Exam 301b All QuestionsBrowse all questions from this exam
Go to Exam
Question 92

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the virtual server, clients receive the message "The connection was reset" in the browser, although connections directly to the pool member show the application is functioning correctly. ltm pool srv1_https_pool { members {

192.168.2.1:https{

address 192.168.2.1

}

}

}

ltm virtual https_example_vs {

destination 192.168.1.155:https

ip-protocol tcp

mask 255.255.255.255

pool srv1_https_pool

profiles {

http { }

tcp { }

}

snat automap

vlans-disabled

}

How should the LTM Specialist resolve this issue?

    Correct Answer: B

    The issue emerges because the virtual server is configured with an HTTP profile, which only works with unencrypted traffic. Since the server is using the HTTPS protocol, it needs to decrypt the SSL/TLS traffic to correctly apply HTTP settings. To decrypt the incoming HTTPS traffic, a ClientSSL profile must be added to the virtual server, which facilitates the decryption, allowing the subsequent HTTP profile to inspect and manage the traffic appropriately.

Discussion
jkffiecasOption: D

sorry D is correct. Adding client Client SSL Profile will not fix the problem since you still need Server SSL Profile. But removing the Http profile will fix the problem

penarolrolOption: B

HTTP profiles are incompatible with encrypted pass-through traffic, such as SSL and require a Client SSL profile to decrypt the traffic for L7 HTTP inspection. If the virtual server processing the encrypted traffic is configured with an HTTP profile and no Client SSL profile, the connection fails.

GVKDOption: D

D - Correct

penarolrolOption: D

D is correct, it should require also SSL profile. Not sure why removing the HTTP profile worked, but tested this in a Lab and D is correct..

penarolrol

Also Server SSL profile*

jkffiecasOption: B

should be B