cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.
Joe_Jordan
F5 Employee
F5 Employee

Problem this snippet solves:

Use the SharePoint iApp template to configure availability, encryption, security, and remote access for Microsoft SharePoint 2010 and 2013. This template will configure the BIG-IP Local Traffic Manager (LTM) module, the Access Policy Manager (APM), the Application Acceleration Manager (AAM), the Advanced Firewall Manager (AFM), as well as Application Security Manager (ASM) for SharePoint deployments.

For detailed instructions for using this iApp template and configuring your SharePoint Server environment see the SharePoint deployment guide at http://www.f5.com/pdf/deployment-guides/iapp-sharepoint-2010-2013-dg.pdf

v1.2.2rc2
You must use this F5 release candidate iApp template (v1.2.2rc2), available as an attachment on this page, if you want to use BIG-IP Application Security Manager (ASM) in your deployment. If you try to use a previous version of the template with ASM, you receive an error. There are no other changes to this version of the iApp.

v1.2.2rc1
This F5 release candidate iApp template (v1.2.2rc1), available in the iApp package on downloads.f5.com in the RELEASE_CANDIDATE directory, contains no new features, but includes the fix for the troubleshooting entry "Why are users experiencing authentication issues after deploying the SharePoint iApp template?" on page 41. For guidance on downloading and importing the template, use the instructions in the deployment guide or in the solution referenced below.

v1.2.1
Use this fully F5 supported template (v1.2.1) to configure your SharePoint 2010/2013 environment. You can find instructions for downloading the template at https://support.f5.com/kb/en-us/solutions/public/15000/000/sol15043.html.

Code :

71668
Comments
fpieressa
Altostratus
Altostratus

Hi! We are trying the iApp template v1.2.2rc2, we want to select an existing ASM Security Policy, but we are not seeing it as the "Do you want to deploy BIG-IP Application Security Manager?" shows only LTM Policies with ASM enabled.

 

As we are checking, you can't create manually an LTM Policy with ASM enabled, they are automatically created when they are assigned to an ASM Security Policy in a Virtual Server...

 

So, is it possible to add to the iApp template the option to select ASM Security Policies, and not LTM Policies with ASM enabled?

 

As a workaround, we are creating a fake temporary VS with the required ASM Security Policy enabled, then we are creating the iApp selecting the LTM Policy with ASM enabled that was automatically created by the fake VS, and finally we are removing the fake VS.... so hard 😞

 

Thanks!

 

mikeshimkus_111
Historic F5 Account

Hi Franco, you must create the ASM policy and then reference it in the LTM policy's rules. Once you do that, the ASM-enabled LTM policy should appear in the iApp drop-down.

 

fpieressa
Altostratus
Altostratus

Hi, as we are trying, 12.1.2 doens't support create an LTM Policy with a rule enabling ASM...

 

mikeshimkus_111
Historic F5 Account

Hi, it absolutely does. I am looking at a 12.1.2 BIG-IP with an ASM-enabled LTM policy:

 

[azureuser@newscript-waf0:Active:In Sync] config tmsh list ltm policy F5waf-ltm_policy ltm policy F5waf-ltm_policy { controls { asm } last-modified 2017-08-07:02:11:44 requires { http } rules { default { actions { 0 { asm enable policy /Common/F5waf-linux-medium-security_policy } } ordinal 1 } } status legacy strategy first-match } [azureuser@newscript-waf0:Active:In Sync] config cat /VERSION Product: BIG-IP Version: 12.1.2 Build: 1.34.271 Sequence: 12.1.2.1.34.271.34 BaseBuild: 0.0.249 Edition: Engineering Hotfix HF1 Date: Thu May 11 22:29:29 PDT 2017 Built: 170511222929 Changelist: 2224035 JobID: 840061
Version history
Last update:
‎16-Nov-2015 15:29
Updated by:
Contributors