Configure syslog server in F5 with an irule to see actual internet IP in syslog server
Hi, we are using Big IP 3900 version 10.2 , We had network topolgy in this way that we need to enable SNAT as AutoMap , For this reason we are not been able to see the actual Internet IP / Client IP , in the servers . We want configure an irule in such a way that it will log the actual Internet/Client IP and send it to the syslog server . For that should we need to configure syslog server in F5 , or it can be configured or forward through irule itself. Our mail Aim is to see only the Actual Internet/Client IP. Please help Thanks in Advance for the help
SSL errno 104 through F5 (vip), directly with curl ok
Hello community, I've the following configuration design within a virtual server configuration: - A virtual server will route the traffic based on the hostname within the request to different pools. - Client- and server SSL are enabled - The routing will been done with LTM policys instead of iRules. - There are five backend systems which should be accessible over the vs - SNAT is enabled Now, the problem is that from the five backends are only three backend systems are accessible. The other two systems don't work. Within the LTM policy I've additional enabled the "log" option to make sure that the routing will work. To find out what is going wrong, I've executed a curl and openssl query direct to the backend system from the F5 console. Connection can be established and I receive the 200 status code. If I do the same over the VIP of the configuration I receive the following error code: read:errno=104 These are my teststrings: openssl s_client -connect vip:443 GET /dialin/ HTTP/1.1 Host: lyncpool1 or 2 or 3 ... With lyncpool1 as the value for the host it will work and with lyncpool2 I receive the error code from above. The client SSL settings from the vip will been displayed. It seams that there is an issue/problem while talking SSL with the backend system which will not work. If I do the same with the original IP of the system instead of the VIP, each system are working fine. Have anybody an idea? I've just readed some threads within devcentral to similar problems but nothing helped my until now. Regards seilemor
iRule to change host headers.
Hi guys, first time on DC so apologies in advance if I'm doing something wrong. Please can you help with an issue I have. We have a website that is hosted externally on a server which hosts multiple websites. There is a requirement to SSL enable the communication to our website on this particular server. The web server hosting these multiple sites performs SSL but can't host a certificate for our website/domain. We're therefore changing the access model for this site so that the we perform Client SSL and Server SSL on the BIG-IP obviously hosting the cert for our domain on the BIG-IP. However, it looks like there is an issue when the BIG-IP sends the request to the server, in that, the server sends a reset. For example, hosted site of https://www.hosted.com/aon.asp. However, we want clients to reach https://www.mybigip.com, which would (as per the name) resolve to the VIP on our BIG-IP which would in turn load-balance to the IP of the hosted dom. I imagine we'll need to modify host headers using an iRule to when the HTTP request is made, but I'm not sure if I'll need to change the host headers on the way back in the HTTP response. Any help greatly appreciated. cheers, Steve.
How to check the support id.
Hi Guys, I am new for F5. Dome times users can able to access our clients network from outside. User provides us a support id. Now my query is how to check this support id in LTM and allow that URL so that user's can able to access the URL.Kindly help me to fix issue. Please tell me the steps. Regards Tan_Sal