An LTM device has been configured to log the reasons for generating TCP RST packets.
The following log entry occurs:
“01230140:3: RST sent from 192.168.1.100:80 to 192.168.1.124:39272, [0x112d82a:1721] {peer} TCP RST
from remote system.”
Which condition will trigger this log entry?

An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online
store using port 80, adding items to the shopping cart. The user then clicks the “Checkout” button on the
site, which redirects the user to port 443 for the checkout process. Suddenly, the user’s shopping cart is
shown as empty. The shopping cart data is stored in memory on the server, and the default source address
persistence profile is used on both virtual servers.
How should the LTM Specialist resolve this issue?

An LTM Specialist is troubleshooting a problem on an eCommerce website. The user browses the online
store using port 80, adding items to the shopping cart. The user then clicks the “Checkout” button on the
site, which redirects the user to port 443 for the checkout process. Suddenly, the user’s shopping cart is
shown as empty. The shopping cart data is stored in memory on the server, and the default source address
persistence profile is used on both virtual servers.
What is the issue?

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the
virtual server, clients receive the message “Unable to connect” in the browser, although connections directly
to the pool member show the application is functioning correctly.
The LTM configuration is:
ltm virtual /Common/vs_https {
destination /Common/10.10.1.110:443
ip-protocol udp
mask 255.255.255.255
pool /Common/pool_https
profiles {
/Common/udp { }
}
translate-address enabledtranslate-port enabled
vlans-disabled
}
ltm pool /Common/pool_https {
members {
/Common/172.16.20.1:443 {
address 172.16.20.1
}}}
How should the LTM Specialist resolve this issue?

An LTM Specialist is troubleshooting an issue with a new virtual server. When connecting through the
virtual server, clients receive the message “The connection was reset” in the browser, although connections
directly to the pool member show the application is functioning correctly.
ltm pool srv1_https_pool {
members {
192.168.2.1:https{
address 192.168.2.1
}}}
ltm virtual https_example_vs {
destination 192.168.1.155:https
ip-protocol tcp
mask 255.255.255.255
pool srv1_https_pool
profiles {
http { }
tcp { }
}
snat automap
vlans-disabled
}
How should the LTM Specialist resolve this issue?

An LTM Specialist is troubleshooting an HTTP monitor. The pool member is accessible directly through a
browser, but the HTTP monitor is marking the pool member as down.
GET / HTTP/1.1
HTTP/1.1 400 Bad Request
DatE. Tue, 23 Oct 2012 21:39:07 GTM
Server: Apache/2.2.22 (FreeBSD) PHP/5.4.4
mod_ssl/2.2.22 OpenSSL/0.9.8q DAV/2
Content-LengtH. 226
Connection: close
Content-TypE. text/html; charset=iso-8859-1
How should the LTM Specialist resolve this issue?

There are three servers in the pool: 172.16.20.1, 172.16.20.2, and 172.16.20.3, with the virtual IP address
10.0.20.88.
A user CANNOT connect to an HTTP application. To understand the problem and find a solution, the LTM
Specialist runs two concurrent traces on the LTM device, with the following results:
Trace on client side:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on 0.0, link-type EN10MB (Ethernet), capture size 96 bytes
22:22:07.423759 IP 172.16.20.100.53875 > 10.0.20.88.80: S 998346084:998346084(0) win 5840 <mss
1460,sackOK,timestamp 67942058 0,nop,wscale 4>22:22:07.424056 IP 10.0.20.88.80 > 172.16.20.100.53875: S 4671780:4671780(0) ack 998346085 win
4380 <mss 1460,nop,wscale 0,nop,nop,timestamp 2392362490 67942058,sackOK,eol>
22:22:07.424776 IP 172.16.20.100.53875 > 10.0.20.88.80: . ack 1 win 365 <nop,nop,timestamp 67942058
2392362490>
22:22:07.424790 IP 172.16.20.100.53875 > 10.0.20.88.80: P 1:149(148) ack 1 win 365
<nop,nop,timestamp 67942058 2392362490>
22:22:07.424891 IP 10.0.20.88.80 > 172.16.20.100.53875: . ack 149 win 4528 <nop,nop,timestamp
2392362491 67942058>
22:22:12.024850 IP 10.0.20.88.80 > 172.16.20.100.53875: R 1:1(0) ack 149 win 4528
6 packets captured
6 packets received by filter
0 packets dropped by kernel
Trace on server side:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on internal, link-type EN10MB (Ethernet), capture size 96 bytes
22:22:07.424881 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss
1460,nop,wscale 0,nop,nop,timestamp 2392362491 0,sackOK,eol>
22:22:08.424893 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss
1460,nop,wscale 0,nop,nop,timestamp 2392363491 0,sackOK,eol>
22:22:09.625082 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss
1460,nop,wscale 0,nop,nop,timestamp 2392364691 0,sackOK,eol>
22:22:10.825194 IP 172.16.20.100.53875 > 172.16.20.2.80: S 51116678:51116678(0) win 4380 <mss
1460,sackOK,eol>
4 packets captured
4 packets received by filter
0 packets dropped by kernel
What should the LTM Specialist do to solve the problem?

An LTM Specialist configured a virtual server to load balance a custom application. The application works
when it is tested from within the firewall but it fails when tested externally. The pool member address is
192.168.200.10:80. A capture from an external client shows:
GET /index.jsp HTTP/1.1
Host: 207.206.201.100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Connection: keep-alive
HTTP/1.1 302 Found
DatE. Wed, 17 Oct 2012 23:09:55 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://192.168.200.10/user/home.jsp
Content-LengtH. 304
Connection: close
What is the solution to this issue?

An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the
HTTP request below:
GET / HTTP/1.1
Host: www.f5.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-LanguagE. en-US,en;q=0.5
Accept-EncodinG. gzip, deflate
Cache-Control: no-cache
Connection: keep-alive
CookiE. somecookie=1Although a stream profile has been added to the virtual server, the content within the HTTP response is
NOT being matched, and therefore NOT modified.
Which HTTP header should the LTM Specialist remove from the request to ensure the content can be
matched and modified?

An LTM Specialist needs to rewrite text within an HTML response from a web server. A client is sending the
following HTTP request:
GET / HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-LanguagE. en-US,en;q=0.5
Accept-EncodinG. gzip, deflate
Cache-Control: no-cache
Connection: keep-alive
CookiE. somecookie=1
HTTP/1.1 200 OK
Server: Apache/2.2.15 (Unix)
Last-ModifieD. Wed, 12 Aug 2009 00:00:30 GMT
Accept-Ranges: bytes
Content-LengtH. 1063
X-Cnection: close
Content-TypE. text/html; charset=UTF-8
Vary: Accept-Encoding
Content-EncodinG. gzip
Connection: Keep-Alive
Although a stream profile has been added to the virtual server, the content within the HTTP response is
NOT being matched and therefore NOT modified.
Which header field is contributing to the issue?