Forum Discussion

suthomas1's avatar
suthomas1
Icon for Cirrostratus rankCirrostratus
Oct 17, 2022
Solved

Big IP cookie

Good day all, Is it common for Big IP to set cookie on an application behind Big IP? If so, is there a way to verify or check it within Big IP by troubleshooting? To check if its the same cookie tha...
application delivery
security
  • boneyard's avatar
    boneyard
    Oct 17, 2022

    the ASM module certainly sets a cookie, see: https://support.f5.com/csp/article/K6850

    Tte LTM module can do it if you enable certain features, have a look at your settings, perhaps share them (redacted) here. CLI config is best to share for someone to look at.

    Does the cookie you are wondering about have a specific name?

     

JRahm's avatar
JRahm
Icon for Admin rankAdmin
Oct 17, 2022

boneyard beat me to it, but yes, ASM sets cookies to manage sessions between the BIG-IP and the client. These cookies have no bearing on the application itself. That's true of LTM persistence cookies as well, IF the BIG-IP is configured to do so. 

That said, the BIG-IP can be configured in policies or iRules to manipulate the application's cookies, if desired. You can take a packet capture on the BIG-IP with tcpdump and capture both client-side and server-side flows by using interface 0.0 and then you can review what cookies are present in request/response traffic on both sides of the proxy.