Study Guides for 101 Exam
Hello all, a lot of old links on here with regards to the 101 exam. I am trying to find a guide for the 101 exam which is relevant for the 2021 version of the exam. If the old guides are still ok then great or if someone could please point me in the right direction. Many thanks, Geoff
Using the WAF instead of a jump server for ssh-tunneling?
Hello everyone, This is how it works at the moment: We go from server A, in the internal network, with a public IP via ssh to a jump server in the DMZ. From the jump server we then go on to server B in the secure zone. I am relatively new to this and have been given the task of seeing if the WAF can replace the jump server. We use Advanced Web Application Firewall, r2600 with BIG-IP 17.1.1.3 Is this possible and what do we need for it? Thank you in advance for your help ! Best regards.
SysLog UDP Load Balancing
Hello, 1st of all I require some guideline/suggestion here. I am configuring a Virtual Server from F5 listening on 514 and translating port to 8514 at backend servers. Idea is Systems will send the syslog through this F5 and F5 VIP will eventually send logs to Backend Syslog Connectors. Traffic Flow is like below Client >> F5 VIP_IP [ 2.2.2.2] ( Service Port 514 ) ( UDP Profile with FastL4 Profile ) -- >> Backend Syslog Connector 2.2.2.6, 7 on 8514 Port. Clearly to specify VIP IP and Backend IP are in the same subnet hence I do not need to enable SNAT. Also I was thinking if I enable SNAT at backend how do they identify actually who send the Log. What is the Guideline for this to make sure Syslog can see actual source and Syslog Servers follow return traffic through F5 ?. ( Note that Servers gateway are at Network Device not in F5 ) Also if I set monitor TCP or Gateway ICMP Pool Goes Down. Pool is live only if I set Monitor as UDP. Why is that ? How I should check that UDP Traffic is load balanced. But this is less important as I need to be sure about the Traffic Flow. Please advise. Below is the Virtual Server Config tmsh list ltm virtual Virtual_Server all-properties [api-status-warning] ltm/virtual, properties : deprecated : mobile-app-tunnel, urldb-feed-policy ltm virtual Virtual_Server { address-status yes app-service none auth none auto-lasthop default bwc-policy none clone-pools none cmp-enabled yes connection-limit 0 creation-time 2020-02-25:18:47:05 description "Supports Syslog" destination 2.2.2.2:514 enabled fallback-persistence none flow-eviction-policy none gtm-score 0 ip-protocol udp last-hop-pool none last-modified-time 2020-02-25:20:04:58 mask 255.255.255.255 metadata none mirror disabled mobile-app-tunnel disabled nat64 disabled partition Common per-flow-request-access-policy none persist none policies none pool SYSLOG_Pool profiles { fastL4 { context all } } rate-class none rate-limit disabled rate-limit-dst-mask 0 rate-limit-mode object rate-limit-src-mask 0 related-rules none rules none security-log-profiles none service-down-immediate-action none service-policy none source 0.0.0.0/0 source-address-translation { pool none type none } source-port preserve syn-cookie-status not-activated traffic-classes none traffic-matching-criteria none translate-address enabled translate-port enabled transparent-nexthop none urldb-feed-policy none vlans { vlan_222 } vlans-enabled vs-index 97 }
How does the BIG-IP process multiple LTM policies on a virtual server?
I have a LTM traffic policy on a virtual server that I use to perform hostname-based routing for 10 different applications. There is a rule for each app, and once there is a match on the hostname, no further rules are evaluated and traffic is forwarded appropriately. Hypothetically, let's say that instead of using a single policy and multiple rules, I created a new policy for each of the 10 apps, with each policy having only one rule to route traffic for a single app. If a request for App_1 comes through and the hostname matches the rule in Policy_1, would the rules in policies 2-10 be evaluated, or would the evaluation stop similar to what happens with a single policy and multiple rules? I'd love to hear any thoughts on this. I've been reading through the BIG-IP documentation but I haven't found anything yet, so any help would be greatly appreciated. :)When user goes through LB the server page has stripped information
I have created a pretty simple round robin load balancing for a user with three servers. As a part of this I also have DNS LB in place that sends the traffic to two VIPs that are connected to the three nodes in a pool I have created on my LTM F5. User accesses the LB DNS URL I provide via Https://<>.com > VIP > Pool > Nodes. There is a certificate applied to the clientssl and serverssl profiles attached to the VIPs. The user is able to get to their backend servers/nodes when going through the load balancer, but we are coming across an interesting issue. When the user goes through the F5 the server dashboard page they usually see is stripped of information on that dashboard. Typically, there would be tiles shown on the server dashboard, but it is just the basic UI and none of the tiles. When the user goes directly to their server, all the information/tiles are shown as normal. I have never experienced this problem before and am not sure how to prove out the F5 is causing the issue or how it is happening. Any insight would be greatly appreciated! *Attached file shows what I'm explaining.
Bypass "Bad unescape" in Body POST (ASM, POST, JSON)
Here the Block. As you can see is "%" is detected without encoding meaning. This is normal since the "%" is in the Body of the post as JSON data (see below) Of course if I disable the "Bad unescape" in " Learning and Blocking Settings" it works, but my Goal is to bypass using rule on parameter or similar, till now without success. Does anyone have a solution ? ======= JSON on POST Dody Request =======================
Check how long it takes for a request to switch from a pool member to another if one is not available
Hello there :) I'm trying to find out how long it takes a request to switch from a pool member to another if one is not available. For example : I have a configuration for load balancing that includes a pool with 2 members (A and B) Let's say Server 'A' is unable to handle a request, and so it should be transfered to Server 'B'. Is there any way to check the duration of this switch? How long it takes for the request to be transfered from A to B after A becomes unavailable? Thank you!
