Forum Discussion

suthomas1's avatar
suthomas1
Icon for Cirrostratus rankCirrostratus
Oct 17, 2022

Big IP cookie

Good day all,

Is it common for Big IP to set cookie on an application behind Big IP? If so, is there a way to verify or check it within Big IP by troubleshooting? To check if its the same cookie that application is seeing.

There is an ASM module also, so not very confident if its setting any cookie too?

 

Thank you in advance.

 

  • the ASM module certainly sets a cookie, see: https://support.f5.com/csp/article/K6850

    Tte LTM module can do it if you enable certain features, have a look at your settings, perhaps share them (redacted) here. CLI config is best to share for someone to look at.

    Does the cookie you are wondering about have a specific name?

     

  • the ASM module certainly sets a cookie, see: https://support.f5.com/csp/article/K6850

    Tte LTM module can do it if you enable certain features, have a look at your settings, perhaps share them (redacted) here. CLI config is best to share for someone to look at.

    Does the cookie you are wondering about have a specific name?

     

  • boneyard beat me to it, but yes, ASM sets cookies to manage sessions between the BIG-IP and the client. These cookies have no bearing on the application itself. That's true of LTM persistence cookies as well, IF the BIG-IP is configured to do so. 

    That said, the BIG-IP can be configured in policies or iRules to manipulate the application's cookies, if desired. You can take a packet capture on the BIG-IP with tcpdump and capture both client-side and server-side flows by using interface 0.0 and then you can review what cookies are present in request/response traffic on both sides of the proxy.