View all questions & answers for the F5 BIG-IP LTM Specialist: Maintain and Troubleshoot (301b) Exam Materials exam


Question 56 Discussion

Connections to this Virtual Server are failing. tcpdump -nni 0.0:nnn ARP, Request who-has 192.168.128.130 tell 192.168.128.1 ARP, Reply 192.168.128.130 is-at 00:50:56:xx:xx:xx ARP, Request who-has 192.168.128.1 tell 192.168.128.130 ARP, Reply 192.168.128.1 is-at 00:50:56:yy:yy:yy ssl_dump 11:06:12 New TCP connection #1: 192.168.120.1 (59108) <-> 192.168.128.130 (443) 1 1 1457634815.7895 (0.0015) S>SV3.1 ClientHello Version (3,1) Random[32]: 4c b2 c3 84 a8 ef ad 57 69 9d 6a 83 e4 c5 50 11 52 f7 c0 95 e5 d4 75 c2 9f 97 c0 47 b1 04 Session ID: 07 f4 f9 4e e2 f2 a9 06 63 f8 ed d2 d0 14 ee Cipher Suites: Unknown value 0xC02B Unknown value 0xC02F Unknown value 0xC00A Unknown value 0xC009 Unknown value 0xC013 Unknown value 0xC014 TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Compression Methods: NULL 1457634815.7895 (4.0003) TCP RST What does this indicate? (Choose one answer)

  • A. The Virtual Server is down
  • B. The Virtual Server needs a server certificate applied
  • C. The Virtual Server needs Persistence applied
  • D. The Virtual Server needs a client certificate applied
Correct Answer: A

Brave-Dump Clients Votes

D 100%

Comments



Anonymous User 2026-03-04 19:33:40

Selected Answers: D


The correct answer is:

D. The Virtual Server needs a client certificate applied

Why?

From the capture:

Client → 192.168.128.130:443

TLS ClientHello is sent successfully.

Immediately after that, a TCP RST is sent at 4 seconds.

Key observations:

ARP resolution works → the Virtual Server is reachable.

The client successfully establishes TCP and sends TLSv1 ClientHello.

No ServerHello is seen.

Instead, the connection is reset.

This behavior typically occurs when:

The Virtual Server is configured with a Client SSL profile

The profile is set to require a client certificate

The client does not present one

When client certificate authentication is required and no valid client certificate is provided, the BIG-IP resets the connection during SSL negotiation.

Why the other options are incorrect

A. Virtual Server is down
Not true — ARP and TCP handshake succeed.

B. Needs a server certificate applied
If no server certificate were configured, the handshake would not proceed properly at all, and the behavior would differ. The reset specifically after ClientHello points to client-auth enforcement.

C. Needs Persistence applied
Persistence does not affect initial SSL handshake behavior.

Final Answer:

D. The Virtual Server needs a client certificate applied