NTP Servers

November 23, 2015 marlonfrank No comments exist
Posted by marlonfrank on

Not knowing the parameters configured on the F5’s specially for the Server Side on the connection I can’t tell for sure this is the issue. But assuming they are enforcing Certificate validation you see expect a reset out of this…
you can find the following time:

In the client side
GMT Unix Time: Jan 20, 2010 06:48:41.000000000 Cen. Australia Daylight Time
In the server side:
GMT Unix Time: May 19, 2041 21:36:39.000000000 Cen. Australia Standard Time

If you go to any other website such as www.commbank.com.au
You will find:
Client side:
GMT Unix Time: Nov 12, 2015 14:48:20.000000000 Cen. Australia Daylight Time
Server side:
GMT Unix Time: Nov 12, 2015 14:48:20.000000000 Cen. Australia Daylight Time

NTP servers should have been configured for the network devices specially in the F5s themselves being a HA pair. Certificates expiration dates are very sensitive to date and time specially if you are enforcing Certificate validation on the server side as previously mentioned before.

For more details please include the following filter in your wireshark packet capture.
tcp.stream eq 9

For more info about SSL server profiles please visit https://support.f5.com/kb/en-us/solutions/public/14000/800/sol14806.html
cheers

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.