-
HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487) Attack Advisory
An emerging threat, the HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487), has been identified as a new application layer denial-of-service attack that brings a significant risk to network security. This vulnerability allows attackers to exploit the HTTP/2 protocol's design and any organizations running web, application,…
-
NTP sync in Harmony Controller
Hi community, How could I sync the NTP in the Harmony Controller with an A10 device?
-
Change mgmt ip in Harmony Controller
Howdy community, I have a cluster of A10 devices working with CGNAT, and also a Harmony Controller installed. I have changed the management ip in some A10 devices. My question is: how can I change the managements IPs in the Harmony Controller?
-
vcs Multicast IP address
Hi, installed the A10 V6 software in the Vpshere. VCS issue: After new build on A10 6.0.3 P2 the default multicast IP address (VCS config) is 224.0.1.210 (on V5 its 224.0.0.210) . VCS multicast IP address is 224.0.1.210. and it cause HA issue the standy by box become Standby-vMaster[1/2](NOLICENSE)> So we add the multicast…
-
Kafka service
Hi guys, Why does the Kafka service starts **** in the A10 Thunder device? I am using A10 Thunder as a CGNAT I had users unable to access social media pages, so we had to divert traffic to another device, Thanks
-
Factory reset hardware.
I am trying to factory reset my hardware. I will use the "system-reset" command, but will the license also disappear?
-
Clear DDoS Entries
Hi guys, I need to ask, if I clear the DDoS Entries in the A10 device, this is going to affect the production evironment? Thanks
-
Network port flap
I have 2 A10 thunder device in active passive cluster mode. We have 2 partitioned each node. Today all 4 ports in both the nodes went down and up again, causing services to move from one node to another and back again with massive service outage. What could be the issue
-
SCTP FW and RFC 5062
Hi all, A10 doc specifies about the SCTP FW, that “out-of-state packets and packets that fail packet anomaly checks per RFC 4960 are dropped.” But does anybody knows if it also remediates the vulnerabilities identified in RFC 5062 ? Thanks!
-
IP address in blacklist
Hi community, How could I clean up the ip addresses from the nat-pool which are in blacklists? I have issues with some users who can not open an specific url when they connect from FTTH home connection Is there a process I can follow up? Thanks
-
Aflex inside another Aflex
Hi I wonder if it is possible to use an Aflex inside another Aflex, for example when HTTP_RESPONSE { if { [HTTP::status] == 404 } { Aflex "ERROR-404" } } is this possible? Regards
-
slb template persist cookie template as command Aflex
How can I call an slb template persist cookie template as command in an HTTP event For example: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 192.168.1.10] } { pool example_server_group SLB slb template persist cookie "test" } }
-
Virtual Server UP/Down check via API
Hi all, I want to know is it possible to check if the slb virtual server is up or down via API ?
-
TCP default timeout on HTTP profile
Hello, I need help timeouts. We have a https virtual server, when i see its configuration "with-default" i see it has default tcp profile attached to it. As far as i know default tcp profile has idle timeout of 120secs. If i want to change this idle timeout to 300secs, how do I do it? Should i create a new TCP template…
-
Reporting problem
Can someone help me with this problem? Failed to push zone Vlada_vremen_1 configuration on devices. Error: Failed to configure zone on detector group: Failed to configure Zone Vlada_vremen_1 on detector: Number of reports enabled is above limit, must configure "reporting-disabled".
-
aGalaxy DDoS Protection
I'm currently encountering an issue with Galaxy NetFlow where I'm unable to view the netflow data, despite having checked and confirmed that the configuration is correct. Could someone kindly assist me with troubleshooting this matter? Any help would be greatly appreciated. Thank you!
-
Limit ID
Hello guys, Please I need to know, while setting a limit ID >user-quota tcp 2000 reserve 10 this means that 2000 ports will be the limit fot the whole NAT-POOL? (/24 mask) or per end user. And how can I check the if the user-quota has been exceeded? Thansk a lot
-
Version/Upgrade/Backup
Hello everyone, I'm unsure how to access the most recent version of the solution; currently, I'm on version 5.0.6.94. Could someone please clarify which version is the latest? Additionally, I'd appreciate guidance on upgrading to the latest version and backing up data on aGalaxy DDoS protection. Thank you!
-
Error HTTP
s.
-
Cookie Persistance
I have seen that some people prefer to use Aflex for cookie persistence, while others prefer to use an SLB template. Which do you think is the best?"
-
GSLB gateway failover
Hello I am trying to configure an A10 with 2 Internet Links to do response with a backup ip when gateway health check fails so I followed Multiple Gateway Links Configuration in the A10-GSLB.pdf but it´s not working This is an example of my configuration: gslb service-ip SIP-1 1.1.1.3 health-check HTTPS port 443 tcp…
-
Internet Access
Hello Does anyone know where I can request internet permission for the a10 network balancers and validate access?
-
session log is show reserve source and destination is ip 0.0.0.0 and client is not use web http
Hi, i check a box in log session is reserve source & destination is 0.0.0.0 and client says it cannot use web http quesion What could be the cause? Because when the client cannot use web http, the log session reserve source & destination will show the IP value 0.0.0.0.
-
How to Properly Move WordPress from HTTP to HTTPS
Hi, Everyone I am making a site on WordPress, I am new to Wordpress and want to know how can I move Wordpress from Http to Https. I have a new security site like (Face Recognition Online) and also looking for SSL security algorithm. So that I can save my sites from hacking or illegal use. Thanks
-
IPv4 users to IPv6 Public IP
Hi How do I set up a CGNAT where internal users are IPv4 and need to be NATed to IPv6? Do I have to configure it has a 44LSN and just change the nat pool with IPv6? I read TRSOL but I don´t find any related information Regards.
-
Remote connection by domains, IPs and URLs of A10
Hi. How to achieve a remote connection through domains, IP's and URLs that have been provided to us for a few days, we managed to install a Thunder 1040 and the client requires this information. You need to know the IP address of the harmony controller to be able to establish a remote connection and start its…
-
A10 network updates
Hi. Does anyone know where I can see what are all the public IPs and domains that the appliance seeks to connect for ACOS updates?
-
Harmony Controller
hi. How can I configure the A10 Harmony Controller from CLI or Web, have its IP address to connect it to the Internet
-
A10 Thunder
Hello! Where can I find CIS level documents for A10 Thunder 1040 or similar to do the hardening.
-
GSLB Site
Hi When the GSLB Gateway site fails, do the SIPs related to this site go down in the gslb zone?
-
GSLB Gateway transparent Health monitor validation
Hello How can I configure the A10 to validate the GSLB gateway using a Health check with transparent to 8.8.8.8? for example, like we do in slb server because by default GSLB gateway validation is an ICMP to the gateway IP but if the gateway is UP but does not have access to the Internet the A10 will not know so it will…