Thursday, November 10, 2016

F5 apm tips socpuppets

We found some issues in the  F5 APM  that could cause some issues. Here's a few pointers to take into considerations.


1: be aware of  various options that's available depending on the BIG-IP version that's installed









2:  for  RDP sessions and MS-IE browsers and to run the RDP session full screen "CTRL ALT BRK" might be required to size the screen fullsize



3: ensure  the  java-client is enabled for any webportal rdp applications  a must for macosx



4: Make sure you keep your java version current


5: if your using a BIG-IQ the  sshd and httpd access-allow with /32s can be problematic when attempting to  build trust with the BIG-IQ and the F5-LTM.  You might have to  eliminate the /32 entries and use a /24 mask


e.g  ( typical acl )





So if the  BIG-IQ display  can't establish trust , try ssh'ing from the BIG-IQ appliance direct to the F5 and see if you find any failures.  If so modify the  ACL  if your using any /32 for the BIG-IQ address.


And finally if you have client-side-checks looping you can disable the continous checks for the specific clientsidechecks





Ken Felix

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^
=(  @  @ )=
         o 

        /  \

No comments:

Post a Comment