For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Julzor's avatar
Julzor
Icon for Altostratus rankAltostratus
Mar 16, 2020
Solved

APM : CCU "Full" session VS Access "LTM_APM" session

Hi guys,   We are NOT -yet- F5 expert and had to deploy APM ASAP.   Everything mainly works, but I still have some doubt about one thing. We have 2500 licences for concurrent VPN access, and...
BIG-IP Access Policy Manager (APM)
security
Leonardo_Souza's avatar
Leonardo_Souza
Icon for Cirrocumulus rankCirrocumulus
Mar 16, 2020

First the session type just indicates the type of APM session:

 

N/A: Still doing login for example.

network_access: A webtop with a network access resource (VPN)

web_application: A virtual server with APM profile and a rewrite profile (APM doing L7 reverse proxy)

full: A full webtop, can have multiple type of resources, including a network access resource (VPN)

ltm_apm: A virtual server with an APM profile, just for authentication for example.

 

In the list above I have 5 sessions:

 

Those sessions may or may not count as one CCU, it will depend on resource used in the session:

https://support.f5.com/csp/article/K13267

 

You can see the number of CCUs used via command line:

https://support.f5.com/csp/article/K15032

 

Concluding, the tmsh command will tell you how many CCU you have used.

Looking the type of session does not directly indicate that is using a CCU, because you could have a session type full that is only doing Microsoft RDP and that does not use CCUs.