help
5 TopicsHelp with Setting up WAF in Guided Configuration - Route Configuration Issue
Hello F5 Community, I’m trying to set up the WAF functionality using the UI on my F5 device (version BIG-IP 17.1.1.3 Build 0.0.5 Point Release 3) in a clustered environment. I’m going through the steps as follows: Security -> Guided Configuration -> Web Application Protection -> Web Application Comprehensive Protection When I attempt to use this guided configuration, a list of prerequisites appears. The primary issue seems to be that there are no routes configured, even though my DNS and NTP are set up. I don’t fully understand why route configuration is necessary for this WAF setup or what it should entail. Additionally, if I try to bypass this warning and proceed with the deployment, I receive the following error message: “Error: <IP> not discovered in any device-group.” The F5 documentation doesn’t seem to cover this issue and I’m unsure how to resolve it. Could anyone help clarify: Why is route configuration required for WAF in this scenario? How should I proceed with configuring the necessary routes, or is there a workaround? If further information is needed, I’d be happy to provide it. Thank you very much for any guidance or resources you can offer!80Views0likes4CommentsF5 BIG-IP password is hashed during Form based Client Initiated SSO
Hi, I'm having trouble setting up a seemingly simple SSO configuration for a portal. I have an initial logon page with AD authentication and an SSO credential mapping block to expose the user credentials in the session variables session.sso.token.last.username and session.sso.token.last.password. The problem is that when the password is injected into the app's login page, it is hashed (example: $CK$$XVGtyxu5Eni4DyNzJlVz1+UK/7NIy+00). I've also tried enabling the "secure" option in the form's configuration, but when it is enabled, the only password the app receives is "f5-sso-token". I will attach a screenshot below with the APM configuration. Thanks in advance.Solved55Views0likes1CommentBig-IP Edge Client HELP!!!! SEH_Filter, UNHANDLED EXCEPTION!!! Code: 0xc000001d - Illegal instruction- ON windows 11 VM
Hello Folks, i am running the new MacBook with m1 chip and it requires that i can only run ARM based vm on it. I did find a windows 11 insider edition on ARM architecture. I got the windows 11 VM up and running and then installed the client downloaded from my company available publicly here. https://vpnconnect.bell.ca/vpn/public/share/BIGIPEdgeClient.exe The client starts up but then immediately closes after about 5s and in the logs the last error thrown is - Error 2021-11-24 3:34:46:061 Standalone SEH_Filter, UNHANDLED EXCEPTION!!! Look for F5CORE*.dmp files. Address: 0x71a0db00. Code: 0xc000001d - Illegal instruction earlier on a older laptop - i used to run a windows 7 vm on mac os and used the same client and same steps and it worked without any issues, but now with the new ARM architecture i can ONLY install windows 11 vm . so not sure if the issue is the architecture or windows 11 or something else? Please help suggest how I can proceed ? This is really critical I get the edge client working and connected on the windows 11 VM as i have apps that require the use of windows. Thanks in advance!!!811Views0likes0CommentsiRule redirect to another vip with same IP but diffrent port
Hi all, i need to set an iRule to a VS because we want to balance incoming traffic to a specific pool, but if the request have "/XXX" in the string, the connection has to be redirected to another VS with another application port; Here's what i mean: when HTTP_REQUEST { if {[HTTP::uri] equals "/XXX"} {HTTP::redirect "-IDK-"} else { use pool pool_SERVICE_PORT } } where "-IDK-" is for "I does not know what's proper" gimme an hand, pliiiiiiiiiis!Solved646Views0likes5Comments