For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

swo0sh_gt_13163's avatar
swo0sh_gt_13163
Icon for Altostratus rankAltostratus
Nov 02, 2014

Content doesn't load in the web browser through F5, without F5 it loads well.

Hello Folks,

One of the customers is facing an issue where an application hosted through F5, doesn't show expected content in the web browser. Basically it is a portal, once you logged in, you can load some word file within the application.

While accessing the portal through F5, the word file shows into converted HTML format, instead of the original word format. When we bypass F5, it loads it in word format.

The VS property looks as following.

7700207@(f5prim)(cfg-sync Changes Pending)(Active)(/Common)(tmos) list /ltm virtual vs_serviceU_temp__https
ltm virtual vs_serviceU_temp_https {
    description "New temp UAT Portal"
    destination 10.40.90.161:https
    fallback-persistence source_addr
    ip-protocol tcp
    mask 255.255.255.255
    persist {
        prof_pers_serviceU_temp_{
            default yes
        }
    }
    policies {
        cls_serviceU_temp
    }
    pool pool_servicesu_temp._https
    profiles {
        new_wildcard_temp {
            context clientside
        }
        prof_http_serviceU_temp_ { }
        serverssl-insecure-compatible {
            context serverside
        }
        stream { }
        tcp { }
        websecurity { }
        xml { }
    }
    rules {
        ShellShock
        ServicesU-Rewrite
    }
    security-log-profiles {
        QRadar
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    vs-index 59
}

They have BIG-IP3600 and running over 11.5.1 HF4. Any help?

Thank you, Darshan

5 Replies

  • R_Marc's avatar
    R_Marc
    Icon for Nimbostratus rankNimbostratus
    Nov 02, 2014

    I would try removing the stream profile. I don't use that one, but it appears to muck with the content type which might be contributing to your issue.

     

  • swo0sh_gt_13163's avatar
    swo0sh_gt_13163
    Icon for Altostratus rankAltostratus
    Nov 02, 2014

    Thanks Marc, I will try to detach the stream profile and test it, will let you know.

     

    Thanks again!

     

  • R_Marc's avatar
    R_Marc
    Icon for Nimbostratus rankNimbostratus
    Nov 03, 2014

    I would try seeing what it looks like manually, and diffing the two outputs.

     

    openssl s_client -connect 10.40.90.161:443 | tee /path/to/some/file.txt

     

    Then, once connected:

     

    GET /your/path HTTP/1.1 Host: your.hostname

     

    Do that also to one of the pool members using a different file. You could use diff, but I would use vimdiff to see what the differences are. It should provide a clue.

     

  • swo0sh_gt_13163's avatar
    swo0sh_gt_13163
    Icon for Altostratus rankAltostratus
    Nov 03, 2014

    Hey Marc,

     

    Sorry for the late update. But the VS has ASM applied, and that was causing the issue. Though it was a configuration issue.

     

    Actually while clicking on the template file (i.e. word document) within the portal, it was triggering HTTP 404 status code, which wasn't added in allowed response code in ASM Policy. By adding the same in allowed response code, it start appearing the result as expected.

     

    Thanks for your efforts and time.

     

    Cheers! Darshan