security
14418 TopicsWhat is the best practice for migrating from iseries to rseries?
hi ,we plan to migrate to new r-series F5 (v15.1.x) from i-series legacy appliance v13.x.x. We will create the same vlans and IP address config, but the physical interfaces will be different. The new r-series appliance is already licensed. What is the best practice for this migration? option1: import the whole UCS file to new r-series appliance. after importing the ucs to new appliance, what are the next steps to complete the whole migration? option2: copy the config for every module, for example to copy ltm config first, then gtm, final AFW ...... can someone please advise, thanks in advance!43Views0likes4Commentswhat is this serial number b1:e5:bd:8f:2x:58:xx:27 in device certificate?
Hi, I saw the serial number of the device certificates looks like below. b1:e5:bd:8f:2x:58:xx:27 What is this serial number associated with the device? Seems it isn't a device interface mac address. can someone please advise? Thanks in advance!Solved37Views0likes2CommentsHow is CPU/Memory shared across Virtual Servers?
Greetings, Suppose we have two websites, example1.com and example2.com, both exposed to the internet through an F5 Big-IP. Now, let’s imagine an attacker launches a DDoS attack targeting example1.com. How does the F5 allocate resources in this scenario? Does it dedicate all available resources to manage the attack, potentially making example2.com unavailable as well, or is there a mechanism to limit resource allocation—for instance, capping at 70%—to ensure the other website remains operational? This might seem like a straightforward question, but I haven’t been able to find a clear answer. Thank you!41Views0likes2Commentswhy the device certificate verify failed when the device certificate is not expired?
hi, we have some GTM/DNS devices. One of them - DSN01 is shown down, but the error message is shown as below. SSL error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (336134278) the device certificate of DNS01 is still not expired. And can ping DNS01 external physical interface IP from other DNS nodes. On DNS01, other DNS nodes are shown online. Can someone please advise what the possible cause is? Can restarting big3d on DNS01 to resolve the issue? Thanks in advance!65Views0likes4Commentshow to allocate disk space to a single large tenant on r-series 5k
hi ,can someone please advise how to allocate disk space to a single large tenant on r-series 5k? By default, it is allocated 77GB only when creating a tenant. For r-series 5600, there are 427 GB for F5OS Tenant Disks . As we just deploy one single large tenant on this appliance, can we allocate the rest available F5OS Tenant Disk space to this tenant? please help advise, thanks in advance!Solved20Views0likes1Commentshould set hostname first on new F5 appliance before running setup utility?
hi , we are going to setup a new F5 appliance. I have one question regarding device certificate, should we set hostname first on new F5 appliance before running setup utility because the host name will be used in the device certificate enrollment? Please advise, thanks.25Views0likes1CommentHow many vCPU can be allocated to a Single Tenant on rseries 5600?
Hi, we want to create only a single tenant on rseries 5600. It seems only allow to allocate max 12 vCPUs and the rest 12 vCPU are reserved. Are the reserved CPUs used for running base OS- F5OS? Can someone please advise, thanks in advance! BTW, what is the meaning of the state "Provisioned" of Tenant?Solved17Views0likes1Comment