Introduction While following the state-of-the-art of security-related technologies and gathering information is a daily job for engineers, we engineers often take a practical approach to gathering information. For example, when I gather security-rel...
This Week in Security September 10th to 16th, 2023 Aaron here as your editor this week for a round-up of interesting or notable security news from the last week that caught my eye; keeping up to date with new technologies, techniques and informa...
Hi,we have a F5 in front of an Exchange 2016 Cluster, which does the LB (configured via iApp / the https-combined-pool-selection-irule). There is no APM in use. Since ActiveSync is one of the last "open" services that has no second factor for authent...
DearsWe will migrate Firewall behind APM to different vendor, Is this will impact anything on APM device? or we will need to change something in APM.What's the recommended action from APM administrator through this firewall migration to avoid any int...
Hi TeamI am currently detected violation for following parameter for example. i am still try to creating dynamic content vlaue in WAF but it doesn't work. can you please give suggestion or any example for creating DCVctl00_ContentPlaceHoldserContent_...
Hello,I have a requirement to pretty much accomplish the followingUsers need to access http://abc.com, but they should see a webpage from https://server01.com/data.aspx without their browser's URL changing.This is non internet facing and is interal o...
We are currently implementing a solution in Azure and have encountered some DNS-related issues. I think it's a good idea to implement F5 DNS. However, I wonder if we can create an iRule to set up a CNAME for a specific domain. In other words, if a do...
Hi,I have 3 servers which i have to put behind balancer for load distribution. So i have configured a http virtual server (with cookie persistence).Users can access services provided by these servers both through web browsers (when they are inside co...
Need to know if there is a specific command for that, have a use case where i need to check what ips are hitting a url in the last 24 hours.Thank You
So say we have a redirect/rewrite in place which performs a redirect forhttps://myapp.site.com/ (in VM host)to https://myapp.site.com/ (in kubernetes container host)The new location is also available as: https://myapp.apps.site.com/ The effort is...
Hello All,I am looking to replace the FQDN of a URL with the server name keeping the remainder of the URL after the FQDN. Trying to find the simplest way to acheive this. Dont want to redirect the entire URL, just swap the FQDN.
Hi,,I am a newbie on F5 apm, currently, we have to authenticate users to access applications, I use the kerberos protocol via a keytab uploder file on the F5 apm, however, want to change encryption algorithm (RC4 to AES 256), the user sees displayed ...
Hi;can you help to write the irule to rewrite the post operation (not uri redirect) with a body as below:For example: abc-cd.ef.com/abc/v1/jurisdict/configuration rewrite to cd.ef.com/abc/v1/jurisdict/configuration other example: abc-cd.ef...
Guest Dan Moore | @mooreds | X | LinkedIn Notes @mooreds will be speaking at Longhorn PHP, Nov 2-4 in Austin Texas. His talk - What PHP Developers Need to Know About JWTs Dan's OAuth video!
With the announcement that iControl REST is going away in favor of AS3 for everything. I'm trying to figure out how would you backup / restore a BIGIP device using AS3?Another option is to somehow utilize gitlab to perform backups and restore but no...
Has anyone found a way to import a PFX into the f5 using PowerShell? I am attempting to perform this using the method below but am unable to get the iControl PowerShell snap-in registered. https://community.f5.com/t5/technical-forum/what-is-the-path-...
Hello, I have an old install, containing a cluster of big-ip 2000 series, running version 13.1.1.4This needs to be migrated to a cluster of rSeries 2600 boxes.Im not really experienced upgrading F5's, but I am reading on f5-journeys on github, and it...
Is there an easy way to veriify that SSL Bridging is working on an F5 LTM? I need to determine that an SSL session between the client and the F5 has been made and subsequently an SSL session between the F5 and the destination server.I've asked F5 sup...
Introduction Adaptive applications utilize an architectural approach that facilitates rapid and often fully-automated responses to changing conditions—for example, new cyberattacks, updates to security posture, application performance degradations, ...
Hi All,We have vertical kubernetes cluster and put F5 (GTM/LTM) in front of the cluster. Service to service call will be go to GTM/LTM before go to micro service (workload/pod):service A -> GTM/LTM -> service BWe have problem that the call from servi...
Hello,I got an api backend service behind an F5, the problem is if Virtual Server is Standard then client gets "Connection reset by peer", the problem is disapeared if i switch to Performance (HTTP).However, Performance HTTP would not allow to config...
Hi;With Delayed Blocking, one of the attacks in the list of attacks that can be associated with delayed blocking is "Brute Force, maximum login attemps are exceeded"For some reason, I cannot find this attack type in the list and I know it used to be ...
Hello All...I am looking for the SNMP OIDs, How can we figure out which OID is correct for our device. I beleive the MIB file has everything not just specific to the platform
Hello, I am trying to create / homologate a rule from a citrix balancer(netscaler) to a F5 because of a brand migration, however I have not been able to find the configuration for the rule which I will detail below: EXPRESSION: (CLIENT.SSL.VERSION.EQ...
Looking for help writing an iRule that will display, in HTML code, that the page being access has been changed. I'm trying to figure out how to referece the requested URI in HTML since this will vary. Below is what I have for now. Any help is appr...
Summary Features like subrequests for authentication, adding/removing HTTP headers, and supporting services of type ExternalName in Kubernetes (K8s) are great reasons to use F5 NGINX Ingress Controller. Documentation and examples of NGINX configurat...
Hey Guys,Have you ever deal with turning off one particular part of logs in ASM? for example im dealing with huge amount of logs of "Access from malicious ip address" which is resource consuming and its spamming logs which are unreadable due to this....
I have API which can be accessed through internet. I have restrict the access with IP address ( iRule/data group). Also, I have applied client authentication using certificate to be installed on client side ( iRule).Is there any other layer I should...
Introduction: In today's digital landscape, where cyber threats constantly evolve, safeguarding an enterprise's web applications is of paramount importance. However, for security engineers tasked with protecting a large enterprise equipped with a s...
dears,I configured a synchronization group between our Two GTMs, and all configurations advertised successfully to the second GTM, but I faced an issue, as after I configured any new configuration on one of them the configuration did not advertise to...
We are an online community of technical peers dedicated to supporting learning, exchanging ideas, and solving problems - together.
User | Count |
---|---|
28 | |
16 | |
16 | |
13 | |
11 |