apm
36 TopicsAPM Portal access 401 error
Hi, I am trying to present vpshere web interface via F5 APM, page loads fine but after login it throws an error: [401] This request requires HTTP authentication I get the same error if I load vpshere using the ip address rather than the fqdn, which I believe is due to a check of the fqn somewhere within vsphere, Is there anyway around this? I have other portals presented that work fine (different vendor) and a lot of other apps on there so need to be a bit careful as to not break anything else, I presume the answer will be to try and rewrite the url using an irule?14Views0likes1CommentYubikey APM and AzureAD question
HEy I'm trying to add the ability to use yubikeys as hardware keys to my Saml/Azureid logins. I saw this doc for how to do it with okta. Application access using YubiKey Authentication with APM and Okta | DevCentral I was wondering if their were similar instructions for Azure AD. It seems like the okta integration relies on okta connecter supporting yubikey in v 16.0. We are currently running 16.1.5, but I don't see something similar in the Azure AD connector. I was wondering how other people have done this? Or if their was something I'm missing? We've been able to add yubikeys to ont eh Azure Ad side, but they never show up when we try to use them as a 2nd factor with The BIG IP Edge client.50Views0likes4CommentsAPM Import error: config version 15.1 is not compatible with BIGIP version 16.1
I would like to migrate all of our APM policies from old F5 platform (v15.1) to newer F5 platform (v16.1). I can migrate most of the objects, except for APM. I get an error message "Import error: config version 15.1 is not compatible with BIGIP version 16.1" when import on the newer F5. I noticed there is a file calledng-export.conf inside the exported .tar file. Can I modify the following setting to correct version like this? I'm not sure if there will be bunch of other settings that may be not compatible between version. #F5[Version:15.1] #F5[Build:15.1.10.3-0.0.12.0] To #F5[Version:16.1] #F5[Build:16.1.5-0.0.3.0] Have anyone done like this before?Solved59Views0likes3CommentsAPM - Capture Login sharepoint
Hello everyone, I need some help. I'm not very good with APM, but my question is: --- I have an application published in APM, and all accesses are OK. However, I received a request to publish the application in sharepoint (hyperlink). However, when placing the application hyperlink in sharepoint, the application is opening the long page (APM) and requesting login again. My challenge is: Collect the user logged into sharepoint and use it to perform SSO in my application, without the need to go through the Logon Page NOTE: Today, my Sharepoint and F5 APM is integrated with Active Directory (not Azure AD). Is it possible with APM to collect the user logged in to Sharepoint and perform SSO in the APP? Regards PauloSolved27Views0likes2CommentsAPM : is VMware Workspace One supported as an Endpoint Management System?
Hello, In the past, we added our on-premises Airwatch server in the Endpoint Management Systems list. We used this feature to check if the smartphones connecting to the VPN were properly enrolled. We used this feature only for a few users. We migrated to VMware Workspace One in SaaS mode but we forgot about this feature. Is VMware Workspace One supported as an Endpoint Management System? Could F5 APM connect to WSO API? When adding our WSO instance as Airwatch, we got a "General configuration error". Thank you Thomas33Views0likes3CommentsF5OS share APM VPN licence across tenant clusters
Hello, I have deployed a pair of r5900 series appliances. On these appliances, I have an Active/Standby tenant cluster of F5 BIG IP running with the APM module provisioned and an APM configuration dedicated to SSL VPN using the F5 Edge Client. The F5OS chassis are using 3 licences : r5900 Best bundle APM 1000 VPN Users (x2) This means that the production environment can handle up to 2000 concurrent users connected at the same time, on the APM-enabled BIG-IP tenants. My question is the following : Can I create 2 new tenants running BIG-IP with APM module and create a new APM configuration for VPN testing purposes ? How are the "APM 1000 VPN Users" licence shared across tenants running on the same r5900 chassis ? In the official F5OS documentation, I have noticed that every tenants inherits the licences provisionned on the F5OS chassis. But there is no explanation regarding the sharing of the VPN seats included in the APM VPN licences. Thank you.Solved90Views0likes4Commentsuser alert on apm logs
I try to trigger a command when a specific log is written on /var/log/apm It works on 2 different non prod big-ip, but on a third one in production it only works with /var/log/ltm logs. user_alert.conf "failed" is commun in my ltm logs. "New session" is commun in apm logs. So this works (triggered from ltm logs): alert test "failed" { exec command="logger -p local0.notice 'test'" } This doesn't (not triggered from apm logs): alert test "New session" { exec command="logger -p local0.notice 'test'" } Do you have any idea why?38Views0likes3CommentsHA Configuration (One in primary and One in DR)
Hi folks, I currently have HA pair (active/passive) in a primary data center and we are bringing up a DR. wondering can I split up the HA pair (One in primary and One in DR) and continue to have HA with utilizing different subnets? We are using multiple IPSEC tunnels to connect the sites so we are still working on whether we can extend subnets but if we can't I wanted to ask if different subnets are possible. Thank you any info is appreciated51Views0likes4Comments