Hi,we have a F5 in front of an Exchange 2016 Cluster, which does the LB (configured via iApp / the https-combined-pool-selection-irule). There is no APM in use. Since ActiveSync is one of the last "open" services that has no second factor for authent...
DearsWe will migrate Firewall behind APM to different vendor, Is this will impact anything on APM device? or we will need to change something in APM.What's the recommended action from APM administrator through this firewall migration to avoid any int...
Hi TeamI am currently detected violation for following parameter for example. i am still try to creating dynamic content vlaue in WAF but it doesn't work. can you please give suggestion or any example for creating DCVctl00_ContentPlaceHoldserContent_...
Hello,I have a requirement to pretty much accomplish the followingUsers need to access http://abc.com, but they should see a webpage from https://server01.com/data.aspx without their browser's URL changing.This is non internet facing and is interal o...
We are currently implementing a solution in Azure and have encountered some DNS-related issues. I think it's a good idea to implement F5 DNS. However, I wonder if we can create an iRule to set up a CNAME for a specific domain. In other words, if a do...
Hi,I have 3 servers which i have to put behind balancer for load distribution. So i have configured a http virtual server (with cookie persistence).Users can access services provided by these servers both through web browsers (when they are inside co...
So say we have a redirect/rewrite in place which performs a redirect forhttps://myapp.site.com/ (in VM host)to https://myapp.site.com/ (in kubernetes container host)The new location is also available as: https://myapp.apps.site.com/ The effort is...
Hello All,I am looking to replace the FQDN of a URL with the server name keeping the remainder of the URL after the FQDN. Trying to find the simplest way to acheive this. Dont want to redirect the entire URL, just swap the FQDN.
Hi,,I am a newbie on F5 apm, currently, we have to authenticate users to access applications, I use the kerberos protocol via a keytab uploder file on the F5 apm, however, want to change encryption algorithm (RC4 to AES 256), the user sees displayed ...
Hi;can you help to write the irule to rewrite the post operation (not uri redirect) with a body as below:For example: abc-cd.ef.com/abc/v1/jurisdict/configuration rewrite to cd.ef.com/abc/v1/jurisdict/configuration other example: abc-cd.ef...
With the announcement that iControl REST is going away in favor of AS3 for everything. I'm trying to figure out how would you backup / restore a BIGIP device using AS3?Another option is to somehow utilize gitlab to perform backups and restore but no...
Has anyone found a way to import a PFX into the f5 using PowerShell? I am attempting to perform this using the method below but am unable to get the iControl PowerShell snap-in registered. https://community.f5.com/t5/technical-forum/what-is-the-path-...
Hello, I have an old install, containing a cluster of big-ip 2000 series, running version 13.1.1.4This needs to be migrated to a cluster of rSeries 2600 boxes.Im not really experienced upgrading F5's, but I am reading on f5-journeys on github, and it...
Is there an easy way to veriify that SSL Bridging is working on an F5 LTM? I need to determine that an SSL session between the client and the F5 has been made and subsequently an SSL session between the F5 and the destination server.I've asked F5 sup...
Hi All,We have vertical kubernetes cluster and put F5 (GTM/LTM) in front of the cluster. Service to service call will be go to GTM/LTM before go to micro service (workload/pod):service A -> GTM/LTM -> service BWe have problem that the call from servi...
Hello,I got an api backend service behind an F5, the problem is if Virtual Server is Standard then client gets "Connection reset by peer", the problem is disapeared if i switch to Performance (HTTP).However, Performance HTTP would not allow to config...
Hi;With Delayed Blocking, one of the attacks in the list of attacks that can be associated with delayed blocking is "Brute Force, maximum login attemps are exceeded"For some reason, I cannot find this attack type in the list and I know it used to be ...
Hello All...I am looking for the SNMP OIDs, How can we figure out which OID is correct for our device. I beleive the MIB file has everything not just specific to the platform
Hello, I am trying to create / homologate a rule from a citrix balancer(netscaler) to a F5 because of a brand migration, however I have not been able to find the configuration for the rule which I will detail below: EXPRESSION: (CLIENT.SSL.VERSION.EQ...
Looking for help writing an iRule that will display, in HTML code, that the page being access has been changed. I'm trying to figure out how to referece the requested URI in HTML since this will vary. Below is what I have for now. Any help is appr...
Hey Guys,Have you ever deal with turning off one particular part of logs in ASM? for example im dealing with huge amount of logs of "Access from malicious ip address" which is resource consuming and its spamming logs which are unreadable due to this....
I have API which can be accessed through internet. I have restrict the access with IP address ( iRule/data group). Also, I have applied client authentication using certificate to be installed on client side ( iRule).Is there any other layer I should...
dears,I configured a synchronization group between our Two GTMs, and all configurations advertised successfully to the second GTM, but I faced an issue, as after I configured any new configuration on one of them the configuration did not advertise to...
Dears,I have a case in my GTM, as I added one Big IP server ( LTM ), and another server as a generic host, as I understand after I configure the server with the type bigip system the health monitor will be bigip and the GTM will know the status of VS...
Team, I have a virtual server with port 8899 configured as PerformanceLayer4 and FastL4. I am using couple Host names to drive thru this Virtual Server. I want to send the traffic to pool_magnus when the traffic is coming with host magnus.com. I wro...
dears,I configured a custom log profile on F5 WAF, to send the logs for waf policy to Siem solution, but I have an issue as still no logs appear on Seim solution, how can I solve this issue
Hey everyone,I've been working with F5 ASM and have some questions around its so-called 'Transparent Mode,' especially when it comes to enabling geo-blocking.First off, can we all agree that the term "Transparent Mode" is somewhat misleading? It give...
