Creating Policy using Terraform
I have been trying to create a policy onto my F5 device but keep getting conflicting errors: This is my condition block: condition { http_cookie = true case_sensitive = true values = ["cookie_value"] } but i receive the error: operand 'http-cookie' selector 'all' is missing required parameter 'name'. but when I add all and name it gives me the error that name does no belong there. I have tried a bunch of different things but cannot figure it out. Can someone please help?
Outlook for mobile doesn't via APM doesn't work with Modern Authenication
Hello I configured Modern Authentication for Microsoft Exchange Server, which is published via F5 APM. We applied an APM policy for OWA to enforce MFA. To streamline authentication, we bypassed Autodiscover and ActiveSync from APM, directing traffic to the Exchange pool for Modern Authentication. While Outlook for desktop and native mail clients on iOS and Android worked seamlessly with Modern Authentication, Outlook for mobile continued to redirect to Basic Authentication. Interestingly, when APM is disabled, Outlook for mobile functions correctly with Modern Authentication. We've attempted to disable APM through iRules, but so far, none of our efforts have resolved the issue. Has anyone encountered a similar problem and found a solution? Thanks.
Installing a PKCS 12 File onto an F5 Device
I have been able to upload my pfx file to the devices downloads and such and checked using /mgmt/tm/util/bash. I have been trying to install it on the F5 device using: { "command": "install", "name": f"{appname}.geico.com", "from-local-file": f"/var/config/rest/downloads/{cert_file_name}" } But I receive the error, Error uploading certificate: {"code":400,"message":"Key management library returned bad status: -7, error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long","errorStack":[],"apiError":26214401} What can I change to correctly install?
iRule for X509 Subject
I have an iRule that is working and inserts a certificate DN into a header In the header the cert DN is inserted as: x-ssl-client-dn: C=<country >, O=<Org>, OU=<OU>, CN=<User name> the application owner wants changed to the following: x-ssl-client-dn: CN=<Usern Name> , OU=<OU> , O=<Org> , C= <Country) How can this be reversedUnable to create F5 in AWS via CFT - no internet access
Hello, I ma having bad times while creating deployment in AWS from templates without internet access: https://github.com/F5Networks/f5-aws-cloudformation-v2 I already deployed yaml and runtime package on apache server in VPC. Based on tcpdump, the F5s are doenloading configuration files correctly. But then there is some wget timeout in EC2 Console. I think its trying to download some other stuff, yet I have no idea how to modify the runtime package. Can even open it via tar or gzip. Does anyone know how to do this? Customer does not want to allow internet access and proxy is not supported by CFT templates. Thank you Best regards