Forum Discussion

InnO's avatar
InnO
Icon for Nimbostratus rankNimbostratus
Jan 21, 2015

Need Latest (11.6) Secure Web Gateway iApp

Hi all,

 

I'm desperately trying to find the latest release of the SWG iApp (f5.secure_web_gateway.v1.1.0 for 11.6) supposedly recently published early January. This iApp allows selection of a Per-Request Policy selection (as this has been brought with 11.6.0).

 

The only one I was able to find and test is the previous version for 11.5 (f5.secure_web_gateway.v1.0.10)

 

Thanks for your help,

 

Pascal.

 

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account

    Hi Pascal, I haven't seen that published anywhere yet. Where did you hear about it?

     

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account

    I'm checking with Matthieu about this. The most recent released version I know of is v1.0.10.

     

  • InnO's avatar
    InnO
    Icon for Nimbostratus rankNimbostratus

    Hi all, Any update on this ? I have a 30-day trial license for SWG for a POC, and time is running out.

     

    Thanks, Pascal.

     

    • mikeshimkus_111's avatar
      mikeshimkus_111
      Historic F5 Account
      Unfortunately, I don't have an ETA on this yet. I'll let you know as soon as the new iApp is published.
  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    As of now you can use the iAppf5.secure_web_gateway.v1.0.10, which configure most of the stuffs. So just need to manually add in the per-request policy by modifying the virtual server

     

    • InnO's avatar
      InnO
      Icon for Nimbostratus rankNimbostratus
      Sure we can. But the thing is, there is an issue with that iApp : if you deploy it at any partition different than Common, you will get an error if you enable SSL interception and as I never deploy any specific configs at this Common level, I had to correct that iApp myself...
    • InnO's avatar
      InnO
      Icon for Nimbostratus rankNimbostratus
      BTW : Here is the modif I brought to that iApp : remove the "/Common/" in the 2 occurrences of /Common/${tmsh::app_name}.app
  • As of now you can use the iAppf5.secure_web_gateway.v1.0.10, which configure most of the stuffs. So just need to manually add in the per-request policy by modifying the virtual server

     

    • InnO's avatar
      InnO
      Icon for Nimbostratus rankNimbostratus
      Sure we can. But the thing is, there is an issue with that iApp : if you deploy it at any partition different than Common, you will get an error if you enable SSL interception and as I never deploy any specific configs at this Common level, I had to correct that iApp myself...
    • InnO's avatar
      InnO
      Icon for Nimbostratus rankNimbostratus
      BTW : Here is the modif I brought to that iApp : remove the "/Common/" in the 2 occurrences of /Common/${tmsh::app_name}.app
    • InnO's avatar
      InnO
      Icon for Nimbostratus rankNimbostratus
      Thanks, works like a charm :) Question : there may be something missing : it seems like the user authenticated to the proxy is cached somewhere. I recreated the iApp multiple times, flushed the IE cache on the test stations, force deleted any remaining connections, deleted APM sessions. Even days after, user is still authenticated and never prompts again for user/password, like the 407 is already filled in. Any clue ? I am using Local DB authentication on a 11.6.0 HF3 VE.