Thursday, November 10, 2016

F5 apm tips socpuppets

We found some issues in the  F5 APM  that could cause some issues. Here's a few pointers to take into considerations.

1: be aware of  various options that's available depending on the BIG-IP version that's installed

2:  for  RDP sessions and MS-IE browsers and to run the RDP session full screen "CTRL ALT BRK" might be required to size the screen fullsize

3: ensure  the  java-client is enabled for any webportal rdp applications  a must for macosx

4: Make sure you keep your java version current

5: if your using a BIG-IQ the  sshd and httpd access-allow with /32s can be problematic when attempting to  build trust with the BIG-IQ and the F5-LTM.  You might have to  eliminate the /32 entries and use a /24 mask

e.g  ( typical acl )

So if the  BIG-IQ display  can't establish trust , try ssh'ing from the BIG-IQ appliance direct to the F5 and see if you find any failures.  If so modify the  ACL  if your using any /32 for the BIG-IQ address.

And finally if you have client-side-checks looping you can disable the continous checks for the specific clientsidechecks

Ken Felix

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=

        /  \

No comments:

Post a Comment