For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

wbrowne's avatar
wbrowne
Icon for Altostratus rankAltostratus
Mar 25, 2021

iRule for HTTP::cookie creation works once on the first login. Any login after that no cookie is created

when HTTP_RESPONSE {   # if table shoud be set then take record of the ClientIP and set encrytped cookie   if { [ACCESS::session data get session.custom.suppressmfa.setauthtable] == 1 } {   HTTP...
BIG-IP Access Policy Manager (APM)
devops
iRules
log
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Mar 26, 2021

This seems complex. Have you checked with F5 ihealth if qkview shows a bug as it worked before and maybe the upgrade has a new bug? Also check for any TCL errors and you can contact the TAC as it worked before.

 

 

Is this from where you got the idea https://devcentral.f5.com/s/articles/Suppress-MFA-for-a-period-of-time ? You can check the post again as I see some changes and you can ask a question if in 14.4 there is something different.

  • wbrowne's avatar
    wbrowne
    Icon for Altostratus rankAltostratus
    Mar 27, 2021

    Nikoolayy1,

     

    you are correct that is exactly what I modeled this after. I had edited my post to include that but the edit was no longer there. It is complex. However, the most complex parts are working jus the Response is what is not. Specifically the HTTP::cookie portions