Forum Discussion

Nimbostratus

Apr 19, 2018

ASM cookie exposing server name?

Hi, I just ran into an issue regarding ASM cookies. I have a transparent policy for a VS in place, that is called by an external portal. This external portal works with java and they get some ex...

Employee

Apr 19, 2018

These are two different cookies - the original server name seems to be in the JSESSIONID cookie which is set by the server. I would suggest that you do some more tcpdumping and see where the issue lies. You can quite easily manipulate the cookies with either iRules ( flexible but require some iRule knowledge ) or LTM policies ( operationally more easy to manage than iRules but less flexible )

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM cookie exposing server name?

Introducing the F5 Application Study Tool (AST)

Displaying Application Study Tool (AST) Dashboards in Your Own Grafana Instance

Recent Discussions

F5 BigIP APM VPN some LDAP field are base64 encoded

Terraform apply failures - loadbalancer_type.https.port_choice

Problem with sending BotDefense logs to remote server

adding second hard drive to a VE

File dowloaded is corrupted

Related Content

Protect an application exposed on Internet with F5 XC WAAP

1. SYN Cookie: Intro

Re: SYN Cookie operation

Encrypting Cookies

8. SYN Cookie: Troubleshooting tcpdump

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS