Big-IP Edge Client / Windows 10 1809 - No internet connection with connected VPN
Hi everybody I've updated my computer to Windows 10 Build 1809: After a successfull connection with Big-IP Edge Client VPN the internet connection is broken. Ping to Google DNS servers with connected VPN: We have configured Network Access with "split tunneling". The very same VPN worked perfectly with the previous build of Windows 10 (1803). Version of VPN client: 7160,2018,417,2013 Does anyone run into the same problem? Thank you, John
F5 APM (failed to initialize local tunnel server)
Hi, I'm hoping someone can help with a couple of question I have before I turn to support. I've newly deployed an F5 APM and am having a couple of issues:- 1). I have a couple of users who get the error "failed to initialize local tunnel server" after successfully logging in using IE or Firefox and trying to launch an RDP resource. Other users on the same OS are fine. Have tried reinstalling all F5 components without success. It seems the tunnelserver.exe process doesn't get launched for some reason. Any idea's on what I can look for? 2). When a user first connects and launches a full Network access connection (Full VPN), a windows dialler profile gets built and populated and can be seen in the internet options on a windows machine. Once its built the OS tries to connect through this dialler and it causes some local connection issues until you set/configure the option "Never Use Dialler". Is there any way to stop this behaviour or to turn it off? I gather the dialler that is built is necessary. Thanks RK
What is the difference between BIG-IP APM and BIG-IP LTM?
As I'm preparing for F5 101 exam, I read about BIG-IP APM and LTM. I find it hard to get a difference between them. I found a table of features : https://support.f5.com/csp/article/K66031634 , but it doesn't explain too much. I've been also reading https://www.f5.com/pdf/products/big-ip-local-traffic-manager-ds.pdf . Is there any distinction on 101 level or do you need to be a little bit more advanced to understand these differences?
Kerberos Delegation and NTLM auth Exchange 2013
This is related to a previous post about the Exchange iApp. Everything is working for both internal and internal connections except from Outlook Anywhere clients attempting to connect to the external VS and auth via RPC over HTTP. I enabled all debug logs for APM and ECA since that seemed to be where the failure was occuring. I noticed the following and cannot make much sense of it. Any help would be appreciated. Below is the log file comparison between a successful auth though the internal iApp vs the failed auth through the external iApp. This is just a snippet of the full log. Everything before these lines in the log is the same for both internal and external connections. It seems to fail when the BigIP tries to make a call to itself to process the logon request, anyone ever see this before? Internal success: Aug 12 13:22:12 JHHCF5 debug eca[7237]: 0162000c:7: [Common] 10.1.12.9:46380 (0x09a8b9c8) Server challenge: 24296533D8C59FB4 Aug 12 13:22:12 JHHCF5 debug nlad[8603]: 01620000:7: <0x559058f0> clntsvc: processing 'logon' request on connection[18] from 127.0.0.1:43935 Aug 12 13:22:12 JHHCF5 debug nlad[8603]: 01620000:7: <0x559058f0> client[5]: is ready Aug 12 13:22:12 JHHCF5 debug nlad[8603]: 01620000:7: <0x5624cb90> NLAD_TRACE: nlclnt[53403010a / 01] sending logon = 0xC00000E5 Aug 12 13:22:12 JHHCF5 debug nlad[8603]: 01620000:7: <0x5624cb90> nlclnt[53403010a] logon: entering user GRicketts domain JHHC wksta JHHC04619LT Failed auth: Aug 12 12:51:10 JHHCF5 debug nlad[8603]: 01620000:7: <0x559058f0> clntsvc: processing 'logon' request on connection[38] from 127.0.0.1:44495 Aug 12 12:51:10 JHHCF5 warning nlad[8603]: 01620000:4: <0x559058f0> clntsvc: no client for id 6 to service request from connection[38] from 127.0.0.1:44495 Aug 12 12:51:10 JHHCF5 debug nlad[8603]: 01620000:7: <0x559058f0> nla_rq: response with status [0xc00000ab,NT_STATUS_INSTANCE_NOT_AVAILABLE] for type 'logon' client 6 context 0x5ab82b90 24 bytes to connection[38] from 127.0.0.1:44495: took 0 milli-seconds Aug 12 12:51:10 JHHCF5 debug eca[7237]: 0162000c:7: [Common] 12.181.141.210:45214 (0x5bf14c28) nla_agent::logon, rc = STATUS_NO_LOGON_SERVERS (3221225566)Why the page /my.policy redirects users to /vdesk/hangup.php3 ?
Hello all, I have a problem with the APM, I have an application published and sometimes the users are unable to see the login page, instead of that they get the logout page. This is very strange because it doesn't happens all the times, only sometimes so for me this seems a cookie problem or something like that. I've been using the fiddler tool and I've seen that sometimes when the my.policy URL is called the F5 closes the connection and redirect the user to /vdesk/hangup.php3, also in the same GET I see the session cookies and it seems to be ok. There is no iRules that redirects the request to /vdesk/hangup.php3 and I've not modified the logon page code. Do you know why could this be happening?
Certificates implementation in "SSL forward proxy client and server authentication" scenario.
I want to implement SSL forward proxy client and server authentication, and I am not sure how certificates are implemented. How can it be done? I mean how do I have to implement client and server certificates in order to proxy/forward SSL traffic to a backend SSL server? I am using a BIG-IP LTM appliance.OTP Flood Attack mitigation
We have application which is sitting behind our F5 WAF, where application receiving high voulme of OTP request on server to generate OTP SMS by attacker. People receiving unwanted OTP message on their mobile. I have configured an iRule which limiting the request in 3 request in 5 min max and it is working. but attacker using different ISP ip to flood the OTP request. Can someone please assist here, how to mitigate such attack with help of F5 WAF policy.
