How to use a BIG IP EDGE CLIENT for connecting to vpn using OTP --token-- from linux.
linux terminal f5fpc --start -b -x --host --nocheck --user --password but it gives connection failed. f5fpc -i Connection Status: logon failed As we are using OKTA to verfiy but here we don't have any option to give okta key, so can anyone please help regarding this, how to pass okta key to f5fpc command in linux. installed BIG-IP Edge linux client that install the f5fc command but I can't log on due to there isn't option for the OTP by CLI.
Debugging @ figuring out why suddenly an iRule doesn't work
Hi, Any hint or pointers how to dig this further? Below is sample iRule being use....it's actually to redirect http website to https version... only 1 doesn't work......the other 3 ok when HTTP_REQUEST { if {[HTTP::host] equals "www.websiteA.com"} { HTTP::redirect "https://www.websiteA.com" } if {[HTTP::host] equals "websiteA.com"} { HTTP::redirect "https://www.websiteA.com" } if {[HTTP::host] equals "www.websiteB.com"} { HTTP::redirect "https://www.websiteB.com" } if {[HTTP::host] equals "websiteB.com"} { HTTP::redirect "https://www.websiteB.com" } } Only redirect request from websiteA.com failed others than that all these below OK, successfully redirected to their https version... wwww.websiteA.com websiteB.com
iRules "Operation not supported" log errors
We want to insert a HTTP header with the following name "client-ip" in a HTTP Request which has the value of the Client Source IP address. But we also want to check if this header exist, and if it does, remove that header and insert a new one. Also if there are more than 1 client-ip headers, remove all those headers first. We made the following iRule, and that seems to work: when HTTP_REQUEST { if { [HTTP::header exists "client-ip"] } { foreach aHeader [HTTP::header client-ip] { HTTP::header remove client-ip } HTTP::header insert client-ip [IP::client_addr] } else { HTTP::header insert client-ip [IP::client_addr] } } But we see a lot of errors in the LTM log which looks like these: Sep 27 08:37:08 err tmm9[19631]: 01220001:3: TCL error: /Common/request_insert_client-ip - Operation not supported (line 7) invoked from within "HTTP::header insert client-ip [IP::client_addr]" Is the iRule causing this error, because "something" is wrong within the iRule content? If we look at the iRule statistics we see no errors in the execution of this iRule. We are running version 12.1.2-HF2 Any help would be appreciated. Hilleremove http::header
I have tryed to make an iRule, witch shoul remove some http::headers in the responce. when HTTP_RESPONSE { foreach header {"P3P" "p3p" "Server"} { HTTP::header remove $header } } the "Server" header is removed, witch indicates the iRule works... BUT the "P3P" is not ?? is it actual the LTM witch is setting the p3p header ? and why is there any other way to remove it ? it is actual present too times in the respond : Last-Modified: Mon, 02 Mar 2020 14:56:00 GMT P3P: CP="{}" P3P: CP="{}"
F5, HTTPD and Mod_jk and Tomcat full HTTPS
Hi, I have the following architecture : Client => F5 => HTTPD => Mod_jk => Tomcat 8 IE : HTTPS -> HTTPS-> HTTPS -> AJP/13 -> AJP/13/SSL Connector My application asks to the browser client a certificate to authenticate. The previous solution was to attach the client certificate to the header and, I don't know how, build a X509 Object with. But the previous application was running on jBoss and there was no httpd server between F5 and him. Do you think that there is a solution to make it works without using a level 4 SSL proxy ? (I've build a tomcat application that show header values and they are OK, but the attribute java.security.cert.X509Certificate is always null, except if I bypass F5) thank you very much, Best regards Yann Boulanger
Custom Message using iRule for Runtime Error
Our application throws a runtime error during few code testing in our Test lab. We do not want this error to be displayed when browsed externally via internet. I'm looking for an iRule that will present a custom message like 'Oops' whenever web server returns below error message - Server Error in '/' Application. Runtime Error