For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Doug_25517's avatar
Doug_25517
Icon for Nimbostratus rankNimbostratus
May 14, 2014

F5 potentially overriding username when forwarding traffic to destination server

I currently have a configuration that has a client connecting to a VIP on the F5 which then forwards the connection and data through its pool members to another server. For some reason it appears that the F5 is attempting to login as root into the destination server as opposed to using the configured user name that the client is supposed to be using/providing.

 

Has anyone run into this type of issue? I don't think it's actually the F5, but I could be wrong.

 

Thx! Doug

 

application delivery
BIG-IP Access Policy Manager (APM)
cloud
deployment
devops
iRules
LTM
security
vmware

2 Replies

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    May 16, 2014

    If I understand your scenario, you have an F5 VIP that load balances to a server, which then passes that traffic to another server

    client -> F5 VIP -> server (in pool) -> destination server

    First question, I guess, is what is that intermediate server and how is it routing traffic? Is it a proxy? Are you describing a two-tier architecture (web server -> application server)? And second, how does authentication work in this environment? How does the user pass credentials?

  • Doug_25517's avatar
    Doug_25517
    Icon for Nimbostratus rankNimbostratus
    May 16, 2014

    Thank you for the quick reply Kevin. We were able to resolve this issue by defining the username outside of the code snippet that utilized an if statement on the client machine.

     

    I didn't think it was an F5 issue and it appears that my initial assumption was correct.