For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

NickN01_135377's avatar
NickN01_135377
Icon for Nimbostratus rankNimbostratus
May 15, 2014

Cheers Corby, much appreciated...

Please see below. If you need anything else let me know please as this is driving me mad.

ltm virtual VIP2 {

description VIP2
destination 10.10.10.36:7003
ip-protocol tcp
mask 255.255.255.255
persist {

    COOKIE_PERSIST {
        default yes
    }
}
pool VIP2POOL
profiles {
    SSL-PROFILE {
        context clientside
    }
    HTTP_COMPRESSION { }
    HTTP_PROFILE { }
    analytics { }
    tcp { }
}
source 0.0.0.0/0
source-address-translation {
    type automap
}
vlans-disabled

}

ltm pool VIP2POOL {

load-balancing-mode least-connections-member
members {
    SERVER1:7003 {              
        address 10.10.10.10        
        session monitor-enabled
        state down
    }
    SERVER2:7003 {              
        address 10.10.10.11     
        session monitor-enabled
        state down
    }
}
monitor HTTP_MONITOR
service-down-action reselect
slow-ramp-time 0

}

ltm monitor http HTTP_MONITOR {

defaults-from http
destination *:7003
interval 30
recv "200 OK"
send "GET /aip/index.jsp HTTP/1.1\\r\\nHost: \\r\\nConnection: Close\\r\\n\\r\\n"
time-until-up 0
timeout 91

}

ltm persistence cookie COOKIE_PERSIST {

app-service none
cookie-name PRE_COOKIE
defaults-from cookie

}

ltm profile http HTTP_PROFILE {

app-service none
defaults-from http
header-insert "WL-Proxy-SSL: true"
redirect-rewrite matching

}

ltm profile http-compression HTTP_COMPRESSION {

app-service none
content-type-exclude none
content-type-include { application/vnd.ms-publisher "application/(xls|excel|msexcel|ms-excel|x-excel|x-xls|xmsexcel|x-ms-excel|vnd.excel|vnd.msexcel|vnd.ms-excel)"
"application/(word|doc|msword|winword|ms-word|x-word|x-msword|vnd.word|vnd.msword|vnd.ms-word)"
"application/(xml|x-javascript|javascript|x-ecmascript|ecmascript)"
"application/(powerpoint|mspowerpoint|ms-powerpoint|x-powerpoint|x-mspowerpoint|vnd.powerpoint|vnd.mspowerpoint |vnd.ms-powerpoint|vnd.ms-pps)"
"application/(mpp|msproject|x-msproject|x-ms-project|vnd.ms-project)"
"application/(visio|x-visio|vnd.visio|vsd|x-vsd|x-vsd)" "application/(pdf|x-pdf|acrobat|vnd.pdf)" }
defaults-from httpcompression

}

tcpdump -nni 0.0 -X -s0 host 10.10.10.36 -w /var/tmp/PRE-AIPONLINE.dmp

ltm profile client-ssl SSL-PROFILE {

app-service none
cert SSL.net.crt
defaults-from clientssl
key SSL.net.key

}