Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

P2V migration while LACP configured for links

I am working on a F5 LTM migration, where a pair of LTM running 14.1.x will be migrated to 2 VMs. All configs can be migrated via UCS loading, but there are LACP configured for their network interfaces. KB K85674611 already outlined the issue for LAC...

How to configure F5 as a reverse proxy

Hi All,I am pretty much new in F5 LTM. Currently I am working in a project where client wants to deploy F5 as a reverse proxy. It is band new F5 and has to configure anything till yet. Client has two application servers which are hosted inside their ...

Python script to save /sys config file

Hi guys, I need help writing a dedicated script to do those things:# tmsh save /sys config file bigip.conf no-passphrase# netstat -nr > netroute.txtBoth of the files need to be sent to another server directory combining the device name + current date...

MaxMedov by Nimbostratus
  • 2 replies
  • 1 kudos

Unknown event send to siem

WAF send multiple logs combaimed togater  to siem tool as unknown, how to solve this issue ? is there way to send the logs with clear name?

the connection from WAF to server

I have virtual server with port 443 and client certificate  with pool of port the Connection from client to WAF is 443 with certificate (HTTPS) and from WAF to server is 8080 with no certificate (HTTP). if I  access the portal via WAF, the we...

Rate Limit per vlan

Hello All I need you asssitance here. we launch a new service over our Bigip I7800 for Metro Customers  Each customer has its own vlan , and VAS(NAT, DNS and more)the issue here that i am looking  is to limit the customer bandwidth per vlan.i have tr...

amiros by Nimbostratus
  • 1 replies
  • 0 kudos

Using F5 DNS for Internal

Current we are using dns server integrated with AD, and all client ,server, device...point to these dns to resolve internal and resolve public domain. But dns hange some time when have server problem send more dns as ddos to DNS server and hang. If W...

Resolved! Disabling Auto Last Hop on VLAN

Hello Guys!We have an internet facing LTM with public IPs. Currently, this LTM's default route points to a VRRP address (we have 2 routers for redundancy).On the same public VLAN, we have multiple virtual-servers.We are scheduling a maintenance windo...

rafaelbn by Cirrostratus
  • 2 replies
  • 1 kudos

Resolved! IRULE question - pool command and SSL renegotiation

I have a standard SSL virtual with a client and a serverssl profile. I need to create an iRule that does some content switching based on HTTP::uri. My virtual has a clientssl profile with an SSL certificate for that is sending SNI hostnam...

Resolved! IRULE - redirect URI

my requiremnet is if URI is something like /business/car/truck it shoud look for the "business " and change it as /company/car/truck..$Path_proxy= companywhen HTTP_REQUEST {set http_hostname [getfield [HTTP::host] : 1]set name [class match -value -- ...

SV2022 by Nimbostratus
  • 6 replies
  • 0 kudos

F5 BIG-IP ASM customized error pages

Hello all, I would like to ask people who knows if possle to have ASM error pages such as Captcha, access denied, etc., to have them customized and translated and show appropriate language by GeoIP or browser defined language settings?I currently hav...


We have requirement where we have to be in middle to present the public certificate, so it will be like USER -- PUBLIC IP ( which will be Natted to F5 VIP Address and On this F5 VIP we will be wanted to configure Pool members which is h...

Connecting to site with F5 security enabled

Hi,im trying to connect to a site which has F5 security enabled.F5 says after system scan that i have failed Antivirus check, ( tried Avast, Avira )i am using Win 11 and Edge in IE mode.please help.Regards

shrijith by Nimbostratus
  • 3 replies
  • 0 kudos

F5 Distributed Cloud HTTP Load balancer

I am trying to use F5 Distributed Cloud HTTP load balancer to select specific origin pool based on url hostname. Can you suggest how can I do it.On BIGIP-LIM we use irule and data group to accomplish that as we use multiple url behind same VIP.

Resolved! Irule advice?

Hello,I'm seeking advice on using an Irule to drop a connection when a certain condition is met in the URI. fid= followed by non numeric charectors. fid=1234 would pass. fid=13d4 would drop. Thanks!

Resolved! iRule sideband using HTTP/2

All examples I have seen with iRules using 'connect' to generate a sideband connection use HTTP/1.0 or HTTP/1.1I am wondering if anyone has examples of, or knows how iRule sideband connections can be made using HTTP/2?I expect this to cause problems ...

Alex1 by Nimbostratus
  • 3 replies
  • 0 kudos

Resolved! Insert Basic Auth Header

Is there a way to insert basic auth header to the backend server?clinet http request dont have the basic auth header and would like to build an irule so when the request is received, the proxy inserts the basic auth header with the proper credentials...

Rate limiting on NGINX

We are using NGINX as a proxy server+load balancer for other servers on the same network that use Apache.For security, we want to apply a rate limiting per IP, so that if there are more than 100 requests in a second, or even more than 100 requests fo...

Resolved! Auto-Last-Hop vs Routing

Hey guys,cause of an active-active DSC setup I don't want to work with routes. (Two gateways for the same subnet) I thought I could manage it with the "Auto Last Hop" feature which is enabled. Unfortunately the health check traffic is passing the man...

HA Cluster behavior on AWS

Hello,I've managed to run two F5 in different "Availability Zone" (in same VPC) from scratch and they can sync configuration objects that i created. CFE configuration took some time to figured out but eventually its is working right now. I have a cou...

Logging DNS Requests

Hello,I've needed an iRule to read query & query-type from dns packets and send them to remote syslog server. I found a couple of posts on devcentral but looks like they work if you have DNS / GTM license. So, i wrote one for my own needs.May be ther...

Oauth scope custom authorization header

Hello,The "Oauth scope" agent expects to find and validate the bearer token in the request header variable called "Authorization", which is according to standard. My question is, is it possible to "instruct" the Oauth scope agent to read the bearer t...

didros by Nimbostratus
  • 1 replies
  • 0 kudos

APM OTP authentication

We are using APM for OTP authentication , The problem is that there are a number of users who on purpose make the first registration using the username and password, then after the OTP-code arrives, they open another tab in the browser and request a ...

Mush83 by Nimbostratus
  • 2 replies
  • 0 kudos