For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Brian_Deitch_11's avatar
Brian_Deitch_11
Historic F5 Account
Nov 15, 2012

NetScaler to F5 problems with cookies

Hey guys, Working a project where I'm taking a netscaler VIP to the LTM. The old VIP used content switching (uri based pool section). As you may know, cookie persistence is set at the pool (service...
application delivery
dev
devops
iRules
Brian_Deitch_11's avatar
Brian_Deitch_11
Historic F5 Account
Nov 16, 2012
Final workaround: 

when HTTP_REQUEST {

switch -glob [string tolower [HTTP::path]] {
    */301* { pool pool_301_8080
      persist cookie insert NSC_bgn301 "1d 00:00:00" }
    */302* { pool pool_302_8080
      persist cookie insert NSC_bgn302 "1d 00:00:00" }
    */303* { pool pool_301_8080
      persist cookie insert NSC_bgn303 "1d 00:00:00" }
    */304* { pool pool_305_8080
      persist cookie insert NSC_bgn304 "1d 00:00:00" }
  default { pool pool_whatever_80 }
  }
}

when HTTP_RESPONSE {
  set myValues [HTTP::cookie names]
    foreach mycookies $myValues {
      HTTP::cookie secure $mycookies enable
    }
}

Since I was unable to set the persistence timeout to 0(session), I had to set it to 1 Day (1d 00:00:00). Securing cookies now works as I had passed the wrong argument in the original post.