Forum Discussion

THi_89722's avatar
THi_89722
Icon for Nimbostratus rankNimbostratus
Feb 25, 2015

How to tcpdump traffic between APM Http Auth AAA object and a layered virtual server

Trying to debug APM http auth traffic to a layered virtual server. I have an APM http auth AAA object which sends custom http post to a layered VS, which in turn converts http to https and forwards the request to an external authentication server. I'm getting 400 Bad request from the external server. CUrl'ing the same content goes ok.

 

I might be missing something, but haven't been able to tcpdump the traffic between the http auth and the layered VS. Any advice?

 

  • There was a recent ticket in support open for it so i thought it is worth sharing the solution.

     

    You have to capture on the vlan that traffic to the AAA server leaves through, and use the :l switch.

     

    Example:

     

    tcpdump -i external:l

     

    thanks

     

    gianrico

     

  • Hmmm, are you using the [virtual] command? If so I suspect it's not possible.

     

    I can't be 100% sure so it might be worth disabling CMP and PVA for the two VSs and trying again but note this will have a performance impact so not something to do during a busy period.

     

  • Gianrico_D_Ang1's avatar
    Gianrico_D_Ang1
    Historic F5 Account

    There was a recent ticket in support open for it so i thought it is worth sharing the solution.

     

    You have to capture on the vlan that traffic to the AAA server leaves through, and use the :l switch.

     

    Example:

     

    tcpdump -i external:l

     

    thanks

     

    gianrico

     

    • THi's avatar
      THi
      Icon for Nimbostratus rankNimbostratus
      Thanks, I think it was my ticket, that I opened a month ago. Got the same reply from support earlier today. Haven't had time to test it yet. Perhaps tomorrow.
    • THi's avatar
      THi
      Icon for Nimbostratus rankNimbostratus
      Now tested and it works