-
Supporting IMAP IDLE - AX SLB
Has anyone implemented multiple IMAP servers behind the AX2500 or AX3030 SLB and created custom configuration to support the IMAP IDLE function? The IMAP IDLE spec is here: http://tools.ietf.org/html/rfc2177 My initial thinking was to create TCP and TCP Proxy templates (we support both IMAP and IMAPS through SSL offload on…
-
http health monitor to login on website
How can i make a http health monitor that does a login on a website. I've tried it with post health monitor using the following fields <input id="name" type="text" value="" name="org.apache.jetspeed.login.username"> <input id="password" type="password" name="org.apache.jetspeed.login.password" In the health monitor…
-
nat pool gateway usage to real servers
According the CLI reference the nat pool gateway option is used as follows: •For forward traffic (traffic from a client to a server), the NAT gateway is used if the source NAT address (the address from the pool) and the server address are not in the same IP subnet. But I see traffic to a (real) server out of the subnet of…
-
aXAPI certificate upload not working
Hellom I am trying to upload certificate using aXAPI REST Interface.I am using CXF util for Rest interaction.I have written following code.final String URL = "https://XXXXXXXXXXXX/services/rest/V2/?session_id=XXXXXXX&method=slb.ssl.upload&type=cert";WebClient client =…
-
Session Throttling / Bandwidth Limitting
Looking for some feedback on we can throttle sessions per source and at the same time control bandwidth per session. Here is what we are thinking.. Session Throttling / QoS (files.xyz.com) - (Bandwidth Pool) Limit bandwidth to 150Mbps all servers in group - (Per Session) Limit 2Mbps per session with burst to 5Mbps - (Per…
-
AX Stateful Firewalling
Hello, I have a question about Firewalling on the AX5100 If a packet is received on the inside interface of the AX5100’s, with only the TCP flag set, and there is no related session, will a session be created for this packet or will it be dropped. I can see the following from one of the AX manuals: AX_CLI_Ref_266GR1-2013…
-
HA and aVCS coexistence
hello community i am very new to A10 and to this community. so please bear with me. we are currently in the process of preparing a poc with A10 ADCs and i have a question related to the setup and especially to HA and aVCS. due to specific requirements from the customer we will implement two AX1030 in a HA deployment. now…
-
1/10 GE Fiber (SFP+) Backward Compatibility
Hello, Is the 1/10 GE Fiber (SFP+) on the TH/AX series is backward compatibility with 1G SFP? Br, Faisal
-
Multiple Default Gateways
Hi all, is it possible to create different default gateways for different virtual interfaces? For example: I have three virtual interfaces, all in different subnets. Can I now assign each Interface its own gateway? Currently, I only see the option to use several static routes or a default route for all interfaces. Regards,…
-
promiscuous
What is promiscuous VIP and why we enable promiscuous when we use wildcard VIP 0.0.0.0
-
TCP redirect
Hi, Is it possible to perform a tcp port redirect? For example, traffic arrives at a VIP on port 80 and will then be redirected to the servers on port 10000? Can something like this be realised using aflex?
-
vcs floating-ip
Hi, I've successfully configured vcs & vrrp-a on my a-10 devices. I can access the VIP on port 22 (ssh) but not on port 80 or 443. I tried to disable and enable web-service without success. Devices are running version 2.7.2-P2 Is there something I should enable to access the VIP on port 80 and 443 ? Regards, Jean-Christophe
-
aXAPI Examples on GitHub
If you are looking for some aXAPI examples you can now also find them on GitHub. If you want to contribute just fork and pull! :)
-
aFleX GitHub Repository
You can now also find aFleX example on GitHub. Which makes it even easier for you to use and add, just fork and pull! :)
-
Redirect HTTP to HTTPS and maintain original URL
Posted by kberton If you have a need to redirect all incoming HTTP requests to a Vport to HTTPS *and* also maintain the original URL info, then it can be done easily using aFlex. #redirect to HTTPS #maintain original host and uri when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
-
setting up keys for periodic backup?
Somewhat confused on the periodic backup option as there seems no way to setup keys (or not preferred a static user/password) between the a10 and the remote server where I want to send the system backup. This means that while SCP is listed it's not possible as it will request a password rendering an automatic backup…
-
Error when creating partition
Hi Gurus, I've a strange error when creating a new partition: shlbpr01-Active-affinity-def-vMaster[1/1](config)#partition PROD network-partition Creation of partition 'PROD' failed: Can not open WAF policy file. Note that partation is still created. Any ideas what is missing ? Thanks & Best Regards, Jean-Christophe
-
GSLB deployment stages explanation needed
Hello Gents, I'm new to A10's GSLB and have difficulties to make PoC for customer. Customer has toplology similar to those in attach. 2 ADCs must be deployed on the 2 different POPs where real servers deployed (WEB on POP1 and DNS on POP2). There is full ip connectivity between test PC on top of scheme and VIPs on the…
-
Health Checks in Multitenancy and DDNS in GSLB environment ?s - Training Class
Questions from our Customer Training Course: Health Checks in a multitenancy environment – how it interfaces with AX when recovering environment is not active? How to reduce the latency for failover? How to mitigate services for Dynamic DNS in a GSLB environment? Are there any benefits for DDNS in a GSLB environment?
-
add URI to request
How do I add a URI suffex to an HTTPS request using aFlex? https://domain.com (add /page/page1.htm) https://domain.com/page.page1.htm
-
Copy X-Forwarded-For into custom header
Hi, Does anyone know if there is a way to copy the source ip from "X-Forwarded-For" into a customer header? We're trying to preserve the true source IP from users after traffic is sent to our A10 from a proxy firewall and our application uses a custom header for specific functionality. I'd imagine this is plausible with…
-
aFleX: Bruce Force Attack Protection
Hi A10 vADC Community, I would like to share to the A10 vADC community a custom aFleX script created by an A10 SE(Jose S.). This aFleX script mitigates and protects the A10 ADC from BruteForce attacks. This is a very useful script and customizable based on parameter preference. I strongly suggest to implement this script…
-
bypass traffic on A10
Dear everyone, I have one AX3030. My boss requires to deploy A10 load balancing ADC: when A10 fails, all traffic will bypass A10 and the traffic will be no interrupted. Which mode deployment of A10 supports the above requirement? Thanks for support. Khang
-
Doable? VIP on one network, real servers on another
Hi Folks, I have my AX's in one-arm mode. Normally I create a VIP and set a Source NAT IP that are both on the same network as the real servers. EG. VIP 10.10.10.200, SNAT 10.10.10.199 to 10.10.10.200, and real servers 10.10.10.30 and 10.10.10.31. Is it possible to change the VIP to another network? EG. somewhere on…
-
Backup AX from script?
Posted by rvandermey Does anyone have a way to backup an AX via a script? I'd like to schedule a daily backup of the config. I've tried using plink.exe to automate an ssh session but I'm not having any luck. This is what I see when I use -v for verbose output: Connecting to 172.25.85.250 port 22 Server version:…
-
Force persistence to a server for testing
################################################# # # Test specific server in pool # (c) A10 Networks -- MP # v1 20140128 # ################################################# # # aFleX script that allows you to create easy # persistence to a specific server in a pool. # # To test: http:///test: # To stop: http:///notest # #…
-
making a http site https
Posted by jmaddox is there a "fill in the blank" aflex that can be used to rewrite hardcoded hrefs in ssl offloaded applications?
-
Comments in Class List how to?
Can you put a comment in a class list like you can with an aFlex. We have a large number of IP Addresses and I would like the ability to comment who they are #Example 210.54.2.83 /32 203.41.229.134 /32 157.155.224.6 /32 157.155.224.7 /32 is it s # or a ; for comments? thanks in advance Bryce
-
MS APP-V
Hi, Is anyone using A10's to load balance MS App-V streaming servers? I am struggling to find any documentation so was hoping someone may have already done this and could share their experience. Cheers Darren
-
CSR for Wildcard SSL Cert
Just submitted a tech support ticket for this. How would I generate a CSR to purchase a Wildcard SSL Cert? I've used SANS certs before and it is no different than purchasing any other cert, you just define the SANs on checkout at the CA. I think a wildcard might be different. Has anyone here used a Wilcard SSL Cert on the…