F5 XC and Azure FrontDoor
Hi all, I would like to ask for some advice how to configure application behind Azure FrontDoor on F5 XC solution. As Azure FD required valid SSL certificate to forward traffic we used on BIG-IP workaround with "WAF domain" where valid certificate was used and we were able to connect to the application from FD via AWAF. XC create DNS for virtual host (loadbalancer) in format ves-io-uuid.ac.vh.ves.io but address has not valid SSL certificate so FD is not able to connect. Does someone has certain experiences with such implementation? Another question is how do you recognize clients in such cases? Especially when one domain is behind Azure FD or another CDN and another is not. By default client is recognized by IP address so in case that traffic is forwarded via CDN/FD we need to change User Identifier from "Client IP Address" to different object, for example some header. But what about application what is not behind CDN. How it will be recognized? Can I combine it somehow on one vhost (loadbalancer)? Thank you.
SMPP IRULES that insert destination port in One Vip, as Port in Second Vip pool member
I have a 2-step situation with SMPP traffic. Aggregator Traffic---F5 (VIP 1) 10.1.1.1:* (eg 5102) F5 (SNAT IP) 10.1.1.2--- SMS FW 10.1.1.3:10000 SMS FW 10.1.1.3--- F5 (VIP 2) 10.1.1.4:10000 F5 (SNAT IP) 10.1.1.2--- SMSC 10.100.114.129:F5 VIP1 destination port (10.100.114.129:5102) How do i solve this using irules
Adding member 3 to an existing cluster
Hello, Currently, I have an on-premises cluster with two members, and authentication is handled via a remote Active Directory located within the organization. The third machine that will be added to the cluster will be located at the DR site. Is it possible to configure authentication only for the DR machine via Azure (Enterprise Application), without changing the authentication method for the two existing on-premises machines? Thanks in advanced
URL Redirect ? URL ReWrite ?
im still on my journey leanring nginx so forgive the stupid question. my goal is as follows: i want my clients to be able to browse to https://www.john.com/Greenlight in the clients browser i dont want the above to change, but i want to get the page load to populate actually from here. https://dev-assets.john.net/cdn/html2canvas/1.4.1/license.html i tried this, but its not working.. i think im close..but maybe not.. ############################################################ Greenlight redirect location /Greenlight { rewrite ^/Greenlight(/.*)$ $1 break; rewrite ^/Greenlight$ / break; proxy_pass https://dev-assets.john.net/cdn/html2canvas/1.4.1; proxy_set_header Host john-assets.alkami.net; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; try_files $uri $uri/ /license.html; } im thinking maybe i need a re-write statement... any guidance would be apprecited.Upgrading BIG-IP VE from version 14.x to 16.x
Hello, As our BIG-IP is in oracle cloud VM and our bigip is running 14.1.5.6V and we need to upgrade 16.x.x .kindly need your support and suggetion how to upgrade as im little bit new for upgrade in VM please share us procedure points step by step it will easy for me and suggest which version we have to go we need mature one Appriciate for your feedback
AWS WAF Rule F5-OWASP_Managed custom response
Hi! We are using AWS WAF managed rule 'F5-OWASP_Managed'. I would like to create a WAF custom response when requests are blocked by this rule. To do so I need to change the rule from block to count, and capture labels assigned by this rule in a WAF custom rule. When looking into the AWS WAF console I cannot see any labels assigned to this WAF rule? Can somebody please tell me if this rule assigns labels, and, which one? Thanks