Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

GTM Listener ip with routing domain

Hello,  is it possible to make listener ip with routing domain value such as %1. Because we need to implement gtm on single network with delegation method. So we have to make that.? For example; There is single subnet like and i have g...

icontrol - policy-diff and merge

Hello,trying to compare and merge two ASM policies via REST API but with no success.I called endpoint POST /mgmt/tm/asm/tasks/policy-diff with body:{"firstPolicyReference": { "link": "http://localhost/mgmt/tm/asm/policies/firstID"}, "secondPolicyRefe...

Standard irule that can be used for multiple urls

Here is a usecase I have and I am trying to find a solution for to: am able to get till app1/app2 but the rest just fails ...

rSeries Allow List

Any reason why you can only add single hosts or subnets for the rSeries Allow List? Seems a little crazy to me that you cannot add multiple host variables in the same command line. I have 87 hosts that I need to create for allowing SNMP 161. Maybe th...

prt1969 by Nimbostratus
  • 3 replies
  • 0 kudos

BIG-IQ 7.1: Login Using Azure AD as IdP

Is there a manner to use Azure AD as IdP to log onto BIG-IQ?  I can see only Active Directory or LDAP in the list of Auth Provider. Any help would be appreciatedThanks

verons by Nimbostratus
  • 0 replies
  • 0 kudos

F5OS AD Integration

I'm not usually the person that sets up the AD integration on our hosts.  The person that normally configures it took one look at the new F5OS (1.4) and, well, I won't repeat their comment here.  I figured how hard can it be.  I think I'm reasonably ...

Leav97 by Altostratus
  • 0 replies
  • 0 kudos

F5 Rules for AWS WAF - List of CVE

I have checked the AWS WAF F5 rule - Common Vulnerabilities and Exposures (CVE) rule on the AWS marketplace, but is there a WAF rule that corresponds to the following CVE?- CVE-2022-24963(

BIG-IP Peer self local IP cannot be ping

Hi Expert,I have a big-ip in HA setting.But if I am in primary one, I cannot ping peer local self IP.I can ping primary local and floating IP. check this link, and I do tcpdump in primary one, I can see I am ...

Radius:avp 97 ipv6

Hi all,I'm trying to get IPv6 address of customer using Radius AVP 97 using iRule, it works fine with IPv4 but IPv6 always return empty field, even for known IPv6 cutomer, here is the start of the scriptwhen CLIENT_ACCEPTED {# 4 for Accounting-Reques...

About Routing

Hello,Here is my structure:My F5 can ping through why Win( can't ping ? Any help is appreciate. 

Michaelyang_0-1680169782386.png Michaelyang_1-1680169966385.png Michaelyang_2-1680170003008.png

Automatic schedule report for APM session logs

Hi Experts,Please guide me to configure Automatic scheduled Access session report for daily basis. (APM)This report has to send to email Id dayily basis which contains the active session ,Landing URI and Geolocation details. -Rkram 

rkram_p by Altostratus
  • 1 replies
  • 0 kudos

Resolved! icmp of management firewall

Hello.I was doing a test on the management firewall.I don't want to respond when a client makes an ICMP request to MGMT.I think I can do it by adjusting the settings in "Security Firewall Management-IP-Rules", but it doesn't work.Any suggestions?

Webredirect and URL Rewrite

I have a requirement for users to target an internal url but have it redirect to an external url, while preserving the original URL in the browser. So for example:User targets -> Redirects to -> externalsite@externa...

Verify a certificate before it redirects

I have a website VIP which corresponds ex: and it gets redirected to ex: The certificate on is expiring and I want to know how can I verify if the new cert on is applied without removing the po...

Resolved! SSLO HTTPS conversion to HTTP for NGFW inspection

Hi all,I am new to the bigip SSLO and I was playing around it in order to see if I can enhance my NGFW visibility instead of moving to a bigger box.The BIGIP has been moved as the default gateway for all users and acts as a transparent proxy. All use...

Resolved! Deleting iApp - Pool and VIPs already gone

Hi,I came accross a situation where the VIP and Pool, etc. were created by an iApp.  Strict Updates was disabled and the Pool and VIP was removed outside of the iApp.The iApp is not in use, but I'd like to cleanup.  I was concerned about deleting to ...

Nova by Cirrus
  • 2 replies
  • 2 kudos

disable http retry

hi experti want to disable http retry by using irule,  what is irule to do this ? 

Noname by Nimbostratus
  • 6 replies
  • 0 kudos

Resolved! find specific SNMP OID

Hi All.customer want the OID to query the CPU utilization of a virtual server.can some one help me to get OID for a virtual server. 

websocket configuration

HiI am new in F5 LTM, I would like to know the prerequisites to make an application work with the websocket protocol (WSS), I mean by that:Type of VS ( standard/FastL4/ others) ?Profile  ?Certificate Yes/No ?FYI, I have version 15.x on the F5 , and S...

Mock application response for uri in ASM policy

Hello,(I apologize for the quality of my English.)Presentation of my context: In my company, I have an F5 (WAF) installed on a closed development environment that does not have access to applications and the internet. In this F5, there is a security ...

ctadev by Nimbostratus
  • 2 replies
  • 0 kudos

STIX/TAXII security intelligence sharing

Companies normally use a variety of security products in their infrastructure wether on premise or in the cloud. Now I see a lot of security companies performing integration with STIX/TAXII using API to share their intelligence feeds (with active sub...

Marvin by Cirrostratus
  • 3 replies
  • 0 kudos

Resolved! Policy to forward to a range of ports

Good day,We require a configuration that sends as an example ports 7001 - 7999 to a pool of backends servers.The idea is to create a wildcard VIP (client ssl) and pool. Allow only those ports to connect to the VIP and load balance to the backend serv...

Chause1 by Cirrus
  • 11 replies
  • 0 kudos

DNS queries from APM Edge Client

hello everyoneI confirmed that APM Edge Client requests DNS queries to and question is why do you need communication for these 2 domains?Who can help?thank you

khkim by Nimbostratus
  • 1 replies
  • 1 kudos

From one url to another

Guys i need your help Lets say when users type in their browser I want the f5 to keep displaying to the users the same URL without changing it, but when the f5 is connects to the backend nodes, i want it to change t...

Resolved! Create a fqdn node in CLI

I am trying to create FQDN nodes through the CLI.  When i type in the command the F5 returns an error that the FQDN is invalid and the node exist.I checked the GUI and the conf file and this node does not exist.  Any ideas create ltm node name

Big-Ip Egde Client reCaptcha

Hey guys, I'm having a problem that when accessing my login page through the Bip-Ip Edge Client, Google recaptcha does not work when I click on I'm not a robot it stays in looping . Has anyone ever experienced this ? Strangely, this only happens o...

Matos06 by Nimbostratus
  • 7 replies
  • 0 kudos

iRule datagroup sideband

I been trying to use HSSR to use a curl to add an IP to a datagroup, here is my code but still can't figure out what I"m missingthe curl works if I use this, but Need to use it on a iRule any help will be appreciated curl -ku "admin:admin" -X PATCH -...