-
AX 1030 ADC - vBlade thread stopped
Got few warnings popup, what does these means? Significant? Warning [VCS] vBlade thread stopped Warning [VCS] vBlade thread: peer gone, reconnect (0) Warning [VCS] something wrong with the connection, try to reconnect Warning [VCS] vMaster(device 2) is gone:lack of heartbeats Warning [VCS] vBlade daemon SIGALRM is not…
-
Help with DNS Proxy
Hello, I am new to A10 and recently we started supporting a customer which has an AX1000 (I know it is old) and they want to use a feature that I think it is called DNS Proxy. They have a published service on two ISP links, so when, externally, you make a DNS query (nslookup) on the service you get both IPs but, when one…
-
Local log traffic is too heavy
Dera all, I have a strange message on my vThunder. I'm sending log messages to my syslog server to keep trace of the client connections, locally I log up to warning severity so I expect not overload my buffer, you can see my configuration in the screenshot attached. The problem is that I receive a lot of messages like…
-
mixed layer2 and layer3 environment
Hi, Can thunder support mixed transparent and route mode on the same chassis, or it's possible to do it between different ADPs. Thanks
-
Load Balance ADFS Servers
I am struggling with the following. we have two adfs server adfs1.company.com.au and adfs2.company.com.au. if i access them externally via adfs1.company.com.au or adfs2.company.com.au I can get there. if try to use adfs.company.com.au externally and hit the service group of SG_ADFS (has adfs1 and adfs2 in it) it never gets…
-
Powershell Commandlets for A10
IS there any plan for A10 to create powershell commands/commandlets? I'm in a Microsoft shop with the VSTS devl platform and Python is not a good fit. I'd like to automate the deployment process to include the A10.
-
Load balance LDAP servers
I'm trying to setup a simple VIP to load balance LDAP queries to a few internal ldap servers, however I can't create the servers because they already exist as AAM Authentication Servers. What's the best way to configure this? I require A10 to use Authentication servers for login portals for some VIPs, however I do also…
-
SLB Acl issues
I have an acl allowing access to SLB only from a specific hosts however i see that other IP's can also access the SLB. can you please check and let me know if there is anything else required from config perspective for locking down the access. access-list 10 permit host 1.1.1.1 access-list 10 permit host 2.2.2.2…
-
Mixed content not in a response
Hi All, I'm facing a problem with my vThunder version 2.7.2-P10(build:85). I have to publish an internal application that, after the login, build a dynamic content by xmlhttprequest. I made a simple configuration with https on the VIP and full reverse proxy through app switching in the http template pointing to the…
-
WAF URL Check not matching
I've setup a WAF template to try to only allow access to certain paths for a URL, and I think I've done this correctly, however I am having the connection reset by the WAF even when the path is the allowed one.show waf policyTotal WAF policy number: 15Max WAF policy file size: 256KName Syntax Template…
-
Don't Allow a URL containing an MS-DOS device name
Hi! I would like to use our AX1030 and aFlex to make sure that "Microsoft ASP.NET MS-DOS Device Name DoS"-requests get a 404.5 response "Microsoft ASP.NET MS-DOS Device Name DoS"-request have one of the following as a sequence in the URL: AUX CON PRN NUL COM1 LPT1 LPT2 LPT3 COM2 COM3 COM4 Any suggested way to solve this in…
-
NHLD: Application options dedicated for specific link
Hi Team: Setup:Next Hop Load Distributor Just want to ask, Is it possible to dedicate a specific application to use a specific ISP link? For ex. Skype traffic, all of the traffic from a skype client will only use ISP 1 link. Is this possible? if yes, how can we implement this. Looking forward to hearing from you soon.…
-
ax 2500 lb
Hey guys, Im a new user with the ax 2500 lb box. I have 2 of them in my company, already configured and everything. lately we needed to kill the power to move them to some other place and from that point one of the boxes became inaccessible, i cant login to it but i can use the strange ssh to login to it, currently i work…
-
Need to avoid DNS recursion for External user
i have a thunder 3030s and Configured DNS loadbalanceing but facing an issue vip is nat with public ip for external users.for internal user its working fine but we need to avoid the recursion for external users.external user only allowed its domain(example snskies.com). need a quick response
-
aGalaxy Tacacs setup
Setting up a new aGalaxy system. We are able to setup tacacs but there is only one option available for Authentication method (PAP) we use CHAP. the information in the help states there is more options but no where to change them. Currently on version: 3.2.2 b339 using a VM Any suggestions.
-
SNMP Traps v2
i have a thunder 3030s i have configured SNMP traps version2 works fine send traps on NMS but its send thousand of traps with in a hour i have customize the trap list but still 3030s box send thousand of traps.on NMS i have seen there have lots of Reputation of traps against single service
-
Login directly into "privilege mode"
I'm trying to configure A10 to change the default login to privilege mode and it doesn't seem to be working with login privilege mode command. Could you please let me know if i need any additional commands for this? Thanks, Abhi
-
AFLEX DEBUG
Hello, I'm working with AFLEX to set some attribute to cookie response, like HttpOnly and Secure. I've used Misha's work with some customization: # aFlex per HttpOnly e Secure # Basato su script di Mischa Peters <mpeters AT a10networks DOT com> # A10 Networks. # include esclusione di cookie per CSFR when RULE_INIT { set…
-
One VIP, several websites
Hi all, apologies for cross posting. I think this might get more luck in the AFlex forum rather than the General forum. can somebody please advise me on the best approaches for the following two scenarios? I can’t figure out whether aflex, http filters, WAF, or a combination of the three are the way to go. Scenario 1: One…
-
DNS Load Balancing (Issue with Round Robin Algorithm)
Hi I'm having some issues with DNS-Load Balncing. I'm using Thunder 3030s (ADC) right now and i'm on a beginner level. The configurations are quite simple (L-4). We need to load balance Port-53 Queries between 2 Real Servers. The issue that i'm having is that, when the VIP is hit. The request terminates on both Real…
-
Default Logging facility
Can you please let me know default logging facility both for system & audit logs? I have configured local7 both for system/audit and a remote host IP but not seeing any logs being sent to my remote syslog server. Thanks, Abhi
-
ms-chap authentication for radius
Hi, Is it possible to enable to MS-CHAP authentication for the Radius ? It seems to be using PAP and I would like to know if that can be changed Thanks
-
aFlex server selection by uri
Hi, I would need to do a aFlex script that would match www.domain.tld/test and then forward traffic only to one server ip-address, instead of loadbalancing with two servers. I have made the following aFlex script:# aFleX script for URL Rewrite# Direct /test to www1 10.0.01#when HTTP_REQUEST {if [HTTP::uri] contains…
-
Healthcheck HTTP depndant on hostheader and header field ?
To do a check to a specific website hosted on a server, the server expects a specific hostheader and X-Forwarded-Proto:https. How can i add these in a healthcheck. can this be done in the host option of the healthcheck and then how to add X-Forwarded-Proto:https in the header Kind regards Igor
-
One web server, multiple URLs
Hi all, can somebody please advise me on the best approaches for the following two scenarios? I can't figure out whether aflex, http filters, WAF, or a combination of the three are the way to go. Scenario 1: One VIP reverse proxying one web server. This web server has several different websites with differing URLS (e.g…
-
Management Routing
Can you please confirm if the default gateway under management interface doesn't interfere with global/partition routing table?
-
Web Certificate with VRRP pair
Hello - I am updating the Web Certificate on our AX1030s which are configured for VRRP. From reading the instructions this looks to be a simple process but there was no mention of what to do if your AX1030s are configured as a VRRP pair. If I install the new Web Certificate on the Active member of the VRRP pair will it…
-
puppet and a10 management
Hi all, I am new to A10 devices, so please forgive me if the question is stupid. Is there anyone using puppet for A10 management? Is there some plugin or module available for puppet? If not, what is the most used tool? Thank you very much
-
Running config for all the partitions
Is there a command to get the running config of all partitions from shared, something show run all-partitions ? If not how can i get the show run of all partitions ?
-
Failover Virtual server Configuration
Can you please let me know if A10 allows to configuration failover VIP? For Example: If i have a Virtual server ABC with backends X1/X2/X3, when all of them goes down, the traffic should be forwarded to a failover site where a different virtual server XYZ. That means XYZ should be configured as a failover virtual server to…
