-
Edit aFlex redirect rule to play a bit nicer with URL
Hello, I am hoping there is an aFlex solution for what I'm trying to do - I currently have an aFlex rule that is: when HTTP_REQUEST { if { not([HTTP::host] equals "www.mydomain.com")} { HTTP::respond 301 "Location" "http://www.mydomain.com" } } Basically saying that if the user does not type www., a hard redirect will…
-
tcp-options
Hello, We're migrating our current LB from ACEs to A10. One particular Sfarm on ACE has the following option: parameter-map type connection TCP_IDLE_30 set timeout inactivity 1800 set tcp timeout half-closed 600 tcp-options selective-ack allow From Cisco: selective-ack - Allows the ACE to inform the sender about all…
-
Draining a Virtual Service
Hi All, I am setting a A10 vThunder running 4.01 for a Oracle forms instance.... the DBA team would like to drain the virtual service for when a maintenance window takes place. I have looked in to the Graceful shutdown either I'm not configuring it right or some thing else is happening because if I disable a server it just…
-
health monitor snmp
Hello, I need information about health monitor SNMP because I need to pass that configuration of CISCO to A10. Cisco: probe snmp snmp_tomcat7djwfp port 161 interval 3 faildetect 5 passdetect interval 5 community monsti oid iso.3.6.1.4.1.2021.8.1.101.1 type absolute max 666667 threshold 3000 A10; health monitor…
-
CLI command to display cert info
I need to keep track of several devices and their cert expiration dates. Is there a cli command to show me all the device certs with their expiration dates?
-
log unknown
Hello, Today I have a problem with A10 Networks version 2.7.1-P1. when I saw the information about "#show log", I didn't understand the problem because I never had seen the following information: Sep 21 2015 09:18:31 Notice [LOGGING]:A10LOGD received partition creation event from daemon. Sep 21 2015 09:18:31 Notice…
-
External Health monitor - check SNMP info from servers
Hello, I´m having the following requierement: Need to get the snmp information of the servers I´m load balancing, and when the CPU and MEMORY pass over 90%, put this server on maintenance mode, so won´t receives new clients, but still maintains the connection for currents clients. Then, after the CPU and memory decreases…
-
Health Monitor - POST xml
Mark Cronin -- 9/11/2015 Please can you help - I am trying to create a health script that POSTs an XML request to a server and expects a 200 OK code back. Here is the XML reqest <?xml version="1.0" encoding="utf-8" ?><Request type="Heartbeat"><Field name="ChainCode">191</Field><Field name="PropertyCode">191</Field><Field…
-
how to ssl offload ftp
Hello, I was wondering is it possible with firmware 2.7.2-P4 on a Thunder to ssl offload ftp. I tried it with the ftp-proxy type where i can assign een client ssl but if i do a telnet to port 990 i still get a plaintext response. With regards, Richard
-
Can I refer to an ACL within an aFlex?
Hi there, I have two pools that should explicitely be used depending on the clients source IP-adresses, and this already seems to works with the following aFlex example: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.10.10.0/24] } { pool POOL1 } else { pool POOL2 } } The problem is, that we have multiple…
-
Virtual service with https_redirect monitoring
Hello, We have a few VServices configured with an A-Flex script for https_redirect. When monitoring the VIP, this VService is shown as "Functional Running", with the green arrow and little red arrow on top. I believe this is because we dont have any Service Group associated, since its only redirecting taffic to another…
-
Controlling against the specific DNS query
Hi All, I have one private DNS server in ineternal area and one ACOS device. All of traffic destined to ACOS device. I looking for how to control the DNS request query to the public DNS in the internet. Drop the query from internal to internet and then show the internal user the warning page or redirect the qurey to…
-
SSl Insight not working
Hello Everyone, Please I'd appreciate your cooperation on this issue Currently I have two appliances connected as back to back for ssl insight, 1 internal and the other external, after making the configuration many times as per the guide, 443 is not working, I can reach http website, but nothing to https regarding the…
-
Backup ACOS 4 configuration using Api
Is there an example available that allows me to backup the system configuration of the A10 using ACOS 4 via aXapi?
-
ID1100 password recovery
My company just got in a used A10 Networks ID1100 and it is password protected. I tried the standard username of reset with the password being it's serial number within the first 15 seconds of the login prompt but it just kicks back "Login Incorrect" Do these units have a different password reset procedure? Any help would…
-
using wildcard certificate with one VIP and multiple domain names
Hi! I have a one VIP and I have a wildcard certificate. I would like to point server1.domain.fi, server2.domain.fi and server3.domain.fi to this same VIP address. Then when client makes a request to one of the domain names for example server1.domain.fi AX-device would connect the request to correct backend server. CLient…
-
Question on Service-least-connection Lb method
Hello everyone, I have a question regarding the Service-least-connection load balancing method. If I configure this and a new sevrer is added to the group, will there be a burst of connections to this server, as it has the fewest connections? If so, is there any way to prevent or mitigate this? Many thanks in advance! - Mat
-
WAF Event Logging
Hello, About WAF Event Logging, is there a way to get the "host" or the full URL in the logs instead of only the destination IP address? Here is a sample log message: Dec 22 17:13:03 CEF:0|A10|AX3200|2.7.1|WAF|http-check|2|src=20.20.25.10 spt=32462 dst=20.20.25.130 dpt=80 req="GET /tours/index.html HTTP/1.1" 0…
-
HTTPS Rewrite Failing
Hi, I'm trying to enable the following Aflex script to rewrite all HTTP responses from the web server to HTTPS. I keep getting a syntax error from the A10 on the line with "if {([HTTP::header "Location"] starts_with....". Can someone please help? when HTTP_REQUEST { # Force servers to not reply with compression…
-
bridge-vlan-group question
Hi Gurus, I'm testing a configuration with bridge-vlan-group and got the following Warning in the log: Mar 25 2015 14:05:57 Warning [ACOS]:<TEST> Potential loop detected on Port 3 VLAN 709 Src MAC 001f.a011.58a2 Dst MAC ffff.ffff.ffff Mar 25 2015 14:05:57 Warning [ACOS]:<TEST> Potential loop detected on Port 3 VLAN 710 Src…
-
How do I figure out what platform I am running
I am looking at the cli. How do I figure out what platform I am running on? sh bootimage show me what version of software. How do I see what platform (vThunder, some specific model of hardware) I am running?
-
Automated Class-List on AX series
I want to maintain Class-Lists by automated scripts on our AX 1030. As far as I know, this isn't possible (yet) by aXapi, so I made an attempt through some PowerShell scripting. What I'm trying to do, is scripting a SSH session to the device and exporting the class-list to an external location where we can edit the list.…
-
AX1000 cpu fans too loud
I've been trying to find a way to lower the fan speed to lower the noise a bit. Unit is sitting next to a desk station. As I'm not sure how to access the bios. These ax1000 are not like regular servers. I don't think an Intel q8400 requires this much air flow. I tried to access the unit through other software, but it just…
-
GSLB Link
I have an HA pair of AX3030's at data center 1, and another pair at data center 2. We are looking to establish a GSLB link between the 2 pairs. Do I need to have a layer 2 connection for the GSLB pair?
-
"[VCS]:aVCS daemon start running" msg
Hi all ! I'm new user in AX ADC 3200 and I don't have experience. In my AX 3200 log has the msg : Jan 22 2015 15:59:10 Notice [SYSTEM]:A cli session for user "admin" from 172.28.3.140 has been opened. Session ID assigned is 2. Jan 22 2015 15:59:04 Error [SYSTEM]:The user, admin, from the remote host, 172.28.3.140, failed…
-
aGalaxy error SNMPV1V2 Community failure
Hello, I'm with the following problem, I have 4 AX equipment and popped one aGalaxy server to monitor all the equipment together. I located the equipment by aGalaxy, I set the password of each device, but am having a error "Community SNMPV1V2 failure". when access the real servers in the SLB statistic flap aGalaxy he does…
-
Radius Integration
Hello there, i was trying to integrate my radius server with A10 SoftAX 2.7.1-P2(build: 57)so i can do authentication in A10 for my web server, i tried basic http and form based both unfortunately not working, below is my config, did i miss something? or what could be the reason?
-
Export and Import CA-Signed Certificate for SSL-Offload with HA
We have a pair of AXs in HA for an SSL Web application, CA-Signed Certificate will be used on AX for SSL-offload. --------------------------------------------------------------------------------------------------- From ADC Config guide: After the CSR is generated, send the CSR to the CA. After you receive the signed…
-
Support cycle
Hello, I would like to have some information about the support cycle used by A10 : - Frequency between new minor version (ex: between 2.7.2-P2 and 2.7.2-P3) - Frequency between new major version (ex: between 2.7.2 and 2.7.3) - Time support for a major version (ex: how long is support 2.7.2) - Time support for an equipment…
-
Error interface ve
putting in the IP interface ve following message; IP Address already configured on an inteface I have the IP management: 10.1.8.10 / 24 IP which will be applied to the Ethernet interface 2: 10.1.8.100 / 24 could help me.