-
Default Logging facility
Can you please let me know default logging facility both for system & audit logs? I have configured local7 both for system/audit and a remote host IP but not seeing any logs being sent to my remote syslog server. Thanks, Abhi
-
Healthcheck HTTP depndant on hostheader and header field ?
To do a check to a specific website hosted on a server, the server expects a specific hostheader and X-Forwarded-Proto:https. How can i add these in a healthcheck. can this be done in the host option of the healthcheck and then how to add X-Forwarded-Proto:https in the header Kind regards Igor
-
One web server, multiple URLs
Hi all, can somebody please advise me on the best approaches for the following two scenarios? I can't figure out whether aflex, http filters, WAF, or a combination of the three are the way to go. Scenario 1: One VIP reverse proxying one web server. This web server has several different websites with differing URLS (e.g…
-
Management Routing
Can you please confirm if the default gateway under management interface doesn't interfere with global/partition routing table?
-
Web Certificate with VRRP pair
Hello - I am updating the Web Certificate on our AX1030s which are configured for VRRP. From reading the instructions this looks to be a simple process but there was no mention of what to do if your AX1030s are configured as a VRRP pair. If I install the new Web Certificate on the Active member of the VRRP pair will it…
-
Running config for all the partitions
Is there a command to get the running config of all partitions from shared, something show run all-partitions ? If not how can i get the show run of all partitions ?
-
Failover Virtual server Configuration
Can you please let me know if A10 allows to configuration failover VIP? For Example: If i have a Virtual server ABC with backends X1/X2/X3, when all of them goes down, the traffic should be forwarded to a failover site where a different virtual server XYZ. That means XYZ should be configured as a failover virtual server to…
-
AXAPI v3.0: Upload ssl-cert and ssl-key
Hi everyone, I hope someone has played around with the new API and tried to upload a ssl certificate and key. I used the following Post request via self-written perl code:POST https://test-lb1a.boreus.de/axapi/v3/file/ssl-certAuthorization: A10 e12409be89bd30926fceea3c52d6c3Content-Length: 2777Content-Type:…
-
traffic-replication
I'm trying to set up a slb virtual-server that will receive syslog messages, and forward one copy to any member from a pool, and forward a second copy to a specific server that is not part of the pool. My pooled servers all replicate on the backend, so I only need to send one copy to it, but that server only retains about…
-
a10sdk-python - Adding members to a Service Group
Hello, I'm trying to add members to a Service Group using the a10sdk-python modules but can't get it to work. Here's my code:from a10sdk.core.slb.slb_server import Server
from a10sdk.core.slb.slb_server_port import Port
from a10sdk.core.slb.slb_service_group_member import Member def…
-
A10 persist source-ip with x-forwarded-for
Need to support persistent connection based on client IP behind a proxy: Clients[s] -> AccessProxy -> network -> A10 -> Servers[s] This implies that A10 needs to do persist source-ip based on the x-forwarded-for provided by the upstream AccessProxy for each client. In past without an AccessProxy in path we had used the…
-
Cacti Template A10
Hi support, Please, someboy can you help me about create graph cacti for to view current connections for each virtual server: I can do graph with whole snmp query but only can view first one query, the others query doesn´t can view on the graph. For example:…
-
Proxy_pass
Hello, We need to redirect a HTTPS url to an external url. The customer only needs to see the original url. What is the best way to do this? Can we use Aflex for this or do we need to use the proxy feature?. Example: https://www.originalweb.com -> https://redirectweb.com They now use <VirtualHost *:443> ServerName…
-
SSL CSR with SAN
Hello, We need to create a CSR with both CN and SAN fields filled with the same FQDN, because our SSL provider requires the fields to contain that info. Its not a wildcard, just a simple domain name. How can we do that on TH1030S with 2.7.2-P7-SP3(build: 3) ? Thank you
-
Console port on AX2600
I can't get the console ports on my AX2600 devices working. The standard Cisco pin-out is not working, so I am wondering if they use a special pin-out or something like that.
-
Multiple Server-SSL Template
Hi gurus, I am running A-10 on a cluster of TH1030S with version: 2.7.2-P7-SP3(build: 3) I have one virtual service configured with SNI on outside (Client-SSL Template) to handle multiple https web site on a single ip. Some web site have to be configured to SSL offloading while others have to be configured to "another" SSL…
-
Traffic Capture (pcap) on data plane
I'm using the filters and capture tools under diagnostics to try and capture data plane traffic but seem unable to. I can see only "control" traffic in the captures (heartbeats, server checks ...). Is there a way to capture the actual data traffic inside a certain partition?
-
vMaster inconsistent with vblade errors
Getting a bunch of these in the logs: vMaster is inconsistent with vBlade 0 Here is what I am seeing in the various vcs show commands: A10-1-Active-vMaster[1/1]#sh vcs summ VCS Chassis: VCS Enabled: Yes Chassis ID: 1 Floating IP: 10.1.99.100 Mask: 255.255.255.0 Multicast IP: 224.0.0.210 Multicast Port: 41217 Version:…
-
Server still in Disablel mode after graceful shutdwon expired
one of our server admins disbaled a server while there was still a user online. This activated the graceful shutdown and kept any further changes from being made. The timer has expired but the servers are still disabled. Besides rebooting the device, is there any other way to enable these servers on the A10 AX2500 again?
-
Adding additional VLAN tags to existin interfaces
My current configuration is listed below. I need to add VLAN 1910 to the Ethernet interfaces of 1 and 2 so they reside in both VLANs 910 & 1910. This needs to be done with little or no disruption the exist LAG and production network. Can this new VLAN 1910 be added and combined with VLAN 910 for both Ethernet interfaces 1…
-
Real Server NAT (South-North) when access Internet
Hi All, I need help on how to achieve source NAT for traffic originating from a real server and heading North to the Internet. I have set up our 3030s with basic Load Balancing, and using Source NAT Pool attached to various virtual services, which all works fine as expected to NAT incoming client traffic to the backend…
-
acos_migrate.pyc where can it be found
Where can i find acos_migrate.pyc. I want to do a trial run upgrade from 2.7.2x to 4.0.3 but i can't find the config migration script. Kind regards Igor
-
Port Translation without "no dest nat" option
Hello, I need to create a virtual port that translate port and dest. But the ACOS force me to check "no dest nat" first before allow me to check "port translation". So A10 can't translate port and dest in the same virtual port/service? Am I correct?
-
multicast log
Hello Multicast log exhaustively been continuously generated statement model: THunder930 version: 2.7.1-P6 show log : Warning [ACOS] : The total multicast packets 8212 per second on VLAN 36 has exceeded the configured limit of 1000
-
root account
Can we access a root account of Thunder platform?
-
Error [SCM]:JWT: result invalid
Hi All, can anyone shed any light on the following error message that I am seeing in the logs. I don't see any other log traffic. Just the this error message: Feb 29 2016 10:34:09 Error [SCM]:JWT: result invalid This has been ongoing for the last couple of days judging by log history. Thanks Ryan
-
Gre tunnel between a10 and server
How to configure a GRE tunnel on a10? My servers and the A10 are not in the same L2 network- But I would like to use DSR. I am have 2 options : ip-in-ip encapsulation or gre tunnel. Ip-in-ip is the best solution but my 2016 servers do not handle this encapsulation as expected. The only option left is gre tunnel. How to…
-
FPGA and Non-FPGA
what is the difference between the two?
-
Question for SHA256bit for SSH management
Hi all, Does Thunder Series support SHA256 for SSH management?
-
Health monitor SMTP
I am in a managed environment and they just converted from ACE to A10. I have no documentation and I understand there is a standard health monitor for SMTP. First, is there a confiuration guide available somewhere? If not, can someone please post the standard SMTP health monitor? Thank you, CO
