Run mkdir over iControl REST for disappearing /var/config/rest/downloads/tmp
Hello, I am currently writing the code for automating our ssl cert deployment among other things. I upload files to the Bigip device to shared/file-transfer/uploads/ This only works when the directory /var/config/rest/downloads/tmp exists. I noticed this periodically is removed again. Is there a way I can run an mkdir over REST to fix this? Regards
Remote Logging of Log Files
I've configured F5 Big IP to send logs to a remote location. However it sends several messages. I know it is possible to configure log levels from 'Options' (critical, emergency, etc.) What I want to learn that, is it possible to configure remote logging such that sends only LTM logs (I mean logs written to /var/log/ltm file, only)?
BIGIP system can't access internet with proxy
Hi, I'm trying to configure a LTM cluster to access internet through a proxy. The goal is to re-activate licence in automatic mode. I tried to configure the proxy parameters with this SOL: "Optional: If the BIG-IP system connects to the Internet using a forward proxy server, set these system database variables. Type tmsh modify sys db proxy.host value hostname to specify the host name of the proxy server. Type tmsh modify sys db proxy.port value port_number to specify the port number of the proxy server." But when I click on reactivate licence I have a timeout. If anyone had a solution. Thanks
Which attack signature sets does contain others?
My application is running on Apache Tomcat and there is one signature set with such name. Of course, I enabled it. The question is should I also enable sets referred to e.g. Apache, Java Servlets? Or maybe required signatures are containing in Apache Tomcat set already?Network interface naming convention
I know that the naming convention that applies to network interfaces is s.p where s is the slot and p is the port, as in 1.1. When I check my Viprion I see thinks like 1/1.1 and 2/1.1 so I'd say that the naming convention in this case would be b/s.p where b is blade and it seems that slot is always 1 for each blade. Knowing all this I check now the network interfaces in my vCMP guests and I see thinks like 1/0.3, 1/0.4, 1/0.5 and 1/0.6 in one of the guests and 1/0.7, 1/0.8, 1/0.9 and 1/0.10 And I wonder, which is the naming convention for a vCMP system? It seems that ports 3,4,5,6 are assigned to first guest and 7,8,9,10 to the second one. Are port numbers 1 and 2 then reserved ports in any way? Why there are 4 ports? (has it something to do with the number of cores assigned to the guest? I'm trying to understand all this, and I'm not finding documentation about this subjects :(FIPS Errors
Hi I am seeing the following error being logged: iControlPortal.cgi[14845]: Checking for FIPS card.. FIPS open failed The device itself does not have FIPS installed: root@(device01)(cfg-sync Standalone)(Active)(/Common)(tmos) fips-util No supported FIPS device found How do I stop these errors from being generated?speed issue with VPN access
Hi all, We're using VPN access to internal network via APM access profiles and LDAP authentication. [F5 VE 11.4.1 - main tasks LTM (http-to-https VS redirect and SSL offload), device is not overloaded] Solution works fine but some users complaining about massive speed issue. To investigate the issue I set up a BIG-IP Edge Client on Win7 test box via ADSL connection (speedtest.net: latency=29ms,down=12Mbps,up=0.9Mbps). As soon as I connect via VPN speedtest.net results showing a massive drop (speedtest.net: latency=461ms,down=0.55Mbps,up=0.37Mbps). I have to admit that I don't have a detailed overview of the internal network but I know that Internet traffic passes through a proxy. Therefore I tried to 'eliminate' network topology and proxy by using "LAN Speed Test (Lite)" by Totusoft transfering test file to a share on a Win2008R2 box just two 'hops' behind the F5s internal subnet. The tool confirmed the bad throughput showing 0.85Mbps. Edge Client showed a throughput between 2.3Mbps (inbound) and 860Kbps (outbound) during the transfer (best values during write/read). It appears that the VPN is throttling the bandwidth so much but how can I find out for sure that it is the F5 VPN? Do I need to optimize the (network) access profile? We're not using a Client Traffic Classifier to limit the traffic. Any hint is much appreciated. cheers
