Forum Discussion
Anzine321
Altocumulus
Altocumulusadd attribute query f5 apm
hi expert
i want to send otp to another domain for example on irule lx
to : a@abc.com send email and we want to add atribute ad : noname and send to : a@cde.com
the goal email otp code should a@cde.com
the logic is if nomber phone doesnt ekist send to email user
thanks
- lnxgeek
MVP
You can achive this by using an iRule event in the VPE.
You insert an iRule Event agent at the right place in your logic in VPE and then in the iRule attached to the VS you have access to the different session variables where you can measure and rewrite.
Anzine321We already configured session on irule event on vs and we set attribute on pve but when access vpn we did not get OTP notification, we already check attribute name and match on active directory, on report log is able to see the session attribute succes send otp or not?
if we running debug on f5, the event procces can see to make sure the step on it
Thanks
- lnxgeek
I would start to log the relevant variables in the iRule when logging on to get there content.
Then I would run a tcpdump on the unit to see if it tries to send anything out and to where, with what.
Also, have you configured a SMTP relay (System ›› Configuration : Device : SMTP) and do you know if it works ?
- Anzine321
i have check access report but didnt find the variable, how to check log for relevant variable ?
if i used tcp dump should we decrypt client ssl side only or server to ? because we have client and servire ssl certificate
we didnt configure smtp rely, this active directory on existing we just add new attribut contain email address and when otp will send to new email not existing email
- lnxgeek
Turn up logging to debug for all features, that should give you more information of what is going on in general. I would expect the variables to be logged without it though.
You must configure a smtp relay, otherwise it doesn't know how to send the otp:
Regarding decrypting ssl I would go for both sides. Have a look at Mr. Rahm's solution:
- Anzine321
function send_email (req, res) {
var transporter = nodemailer.createTransport ({
host: 'xx.xx.xx.xx',
port: 25,
secure: false,
tls: {
rejectUnauthorized: false
}
});
var mailOptions = {
from: '@example.com',
to: req.params()[2],
subject: 'User VPN '+ req.params()[0],
html: "Kode OTP : "+ req.params()[1] + "<br />dont share.<br /><br />Email user: "+ req.params()[2]+"<br />Phone: "+req.params()[3]+"<br/>Department: "+req.params()[4]
};here is irule access policy agent event (on vpe attribute name is mail)
ACCESS::session data get session.ad.last.attr.mail
