-
ID1100 password recovery
My company just got in a used A10 Networks ID1100 and it is password protected. I tried the standard username of reset with the password being it's serial number within the first 15 seconds of the login prompt but it just kicks back "Login Incorrect" Do these units have a different password reset procedure? Any help would…
-
using wildcard certificate with one VIP and multiple domain names
Hi! I have a one VIP and I have a wildcard certificate. I would like to point server1.domain.fi, server2.domain.fi and server3.domain.fi to this same VIP address. Then when client makes a request to one of the domain names for example server1.domain.fi AX-device would connect the request to correct backend server. CLient…
-
Question on Service-least-connection Lb method
Hello everyone, I have a question regarding the Service-least-connection load balancing method. If I configure this and a new sevrer is added to the group, will there be a burst of connections to this server, as it has the fewest connections? If so, is there any way to prevent or mitigate this? Many thanks in advance! - Mat
-
WAF Event Logging
Hello, About WAF Event Logging, is there a way to get the "host" or the full URL in the logs instead of only the destination IP address? Here is a sample log message: Dec 22 17:13:03 CEF:0|A10|AX3200|2.7.1|WAF|http-check|2|src=20.20.25.10 spt=32462 dst=20.20.25.130 dpt=80 req="GET /tours/index.html HTTP/1.1" 0…
-
HTTPS Rewrite Failing
Hi, I'm trying to enable the following Aflex script to rewrite all HTTP responses from the web server to HTTPS. I keep getting a syntax error from the A10 on the line with "if {([HTTP::header "Location"] starts_with....". Can someone please help? when HTTP_REQUEST { # Force servers to not reply with compression…
-
How do I figure out what platform I am running
I am looking at the cli. How do I figure out what platform I am running on? sh bootimage show me what version of software. How do I see what platform (vThunder, some specific model of hardware) I am running?
-
Automated Class-List on AX series
I want to maintain Class-Lists by automated scripts on our AX 1030. As far as I know, this isn't possible (yet) by aXapi, so I made an attempt through some PowerShell scripting. What I'm trying to do, is scripting a SSH session to the device and exporting the class-list to an external location where we can edit the list.…
-
AX1000 cpu fans too loud
I've been trying to find a way to lower the fan speed to lower the noise a bit. Unit is sitting next to a desk station. As I'm not sure how to access the bios. These ax1000 are not like regular servers. I don't think an Intel q8400 requires this much air flow. I tried to access the unit through other software, but it just…
-
GSLB Link
I have an HA pair of AX3030's at data center 1, and another pair at data center 2. We are looking to establish a GSLB link between the 2 pairs. Do I need to have a layer 2 connection for the GSLB pair?
-
"[VCS]:aVCS daemon start running" msg
Hi all ! I'm new user in AX ADC 3200 and I don't have experience. In my AX 3200 log has the msg : Jan 22 2015 15:59:10 Notice [SYSTEM]:A cli session for user "admin" from 172.28.3.140 has been opened. Session ID assigned is 2. Jan 22 2015 15:59:04 Error [SYSTEM]:The user, admin, from the remote host, 172.28.3.140, failed…
-
aGalaxy error SNMPV1V2 Community failure
Hello, I'm with the following problem, I have 4 AX equipment and popped one aGalaxy server to monitor all the equipment together. I located the equipment by aGalaxy, I set the password of each device, but am having a error "Community SNMPV1V2 failure". when access the real servers in the SLB statistic flap aGalaxy he does…
-
Radius Integration
Hello there, i was trying to integrate my radius server with A10 SoftAX 2.7.1-P2(build: 57)so i can do authentication in A10 for my web server, i tried basic http and form based both unfortunately not working, below is my config, did i miss something? or what could be the reason?
-
Export and Import CA-Signed Certificate for SSL-Offload with HA
We have a pair of AXs in HA for an SSL Web application, CA-Signed Certificate will be used on AX for SSL-offload. --------------------------------------------------------------------------------------------------- From ADC Config guide: After the CSR is generated, send the CSR to the CA. After you receive the signed…
-
Support cycle
Hello, I would like to have some information about the support cycle used by A10 : - Frequency between new minor version (ex: between 2.7.2-P2 and 2.7.2-P3) - Frequency between new major version (ex: between 2.7.2 and 2.7.3) - Time support for a major version (ex: how long is support 2.7.2) - Time support for an equipment…
-
Error interface ve
putting in the IP interface ve following message; IP Address already configured on an inteface I have the IP management: 10.1.8.10 / 24 IP which will be applied to the Ethernet interface 2: 10.1.8.100 / 24 could help me.
-
Supporting IMAP IDLE - AX SLB
Has anyone implemented multiple IMAP servers behind the AX2500 or AX3030 SLB and created custom configuration to support the IMAP IDLE function? The IMAP IDLE spec is here: http://tools.ietf.org/html/rfc2177 My initial thinking was to create TCP and TCP Proxy templates (we support both IMAP and IMAPS through SSL offload on…
-
http health monitor to login on website
How can i make a http health monitor that does a login on a website. I've tried it with post health monitor using the following fields <input id="name" type="text" value="" name="org.apache.jetspeed.login.username"> <input id="password" type="password" name="org.apache.jetspeed.login.password" In the health monitor…
-
nat pool gateway usage to real servers
According the CLI reference the nat pool gateway option is used as follows: •For forward traffic (traffic from a client to a server), the NAT gateway is used if the source NAT address (the address from the pool) and the server address are not in the same IP subnet. But I see traffic to a (real) server out of the subnet of…
-
aXAPI certificate upload not working
Hellom I am trying to upload certificate using aXAPI REST Interface.I am using CXF util for Rest interaction.I have written following code.final String URL = "https://XXXXXXXXXXXX/services/rest/V2/?session_id=XXXXXXX&method=slb.ssl.upload&type=cert";WebClient client =…
-
Session Throttling / Bandwidth Limitting
Looking for some feedback on we can throttle sessions per source and at the same time control bandwidth per session. Here is what we are thinking.. Session Throttling / QoS (files.xyz.com) - (Bandwidth Pool) Limit bandwidth to 150Mbps all servers in group - (Per Session) Limit 2Mbps per session with burst to 5Mbps - (Per…
-
AX Stateful Firewalling
Hello, I have a question about Firewalling on the AX5100 If a packet is received on the inside interface of the AX5100’s, with only the TCP flag set, and there is no related session, will a session be created for this packet or will it be dropped. I can see the following from one of the AX manuals: AX_CLI_Ref_266GR1-2013…
-
HA and aVCS coexistence
hello community i am very new to A10 and to this community. so please bear with me. we are currently in the process of preparing a poc with A10 ADCs and i have a question related to the setup and especially to HA and aVCS. due to specific requirements from the customer we will implement two AX1030 in a HA deployment. now…
-
1/10 GE Fiber (SFP+) Backward Compatibility
Hello, Is the 1/10 GE Fiber (SFP+) on the TH/AX series is backward compatibility with 1G SFP? Br, Faisal
-
Multiple Default Gateways
Hi all, is it possible to create different default gateways for different virtual interfaces? For example: I have three virtual interfaces, all in different subnets. Can I now assign each Interface its own gateway? Currently, I only see the option to use several static routes or a default route for all interfaces. Regards,…
-
promiscuous
What is promiscuous VIP and why we enable promiscuous when we use wildcard VIP 0.0.0.0
-
TCP redirect
Hi, Is it possible to perform a tcp port redirect? For example, traffic arrives at a VIP on port 80 and will then be redirected to the servers on port 10000? Can something like this be realised using aflex?
-
vcs floating-ip
Hi, I've successfully configured vcs & vrrp-a on my a-10 devices. I can access the VIP on port 22 (ssh) but not on port 80 or 443. I tried to disable and enable web-service without success. Devices are running version 2.7.2-P2 Is there something I should enable to access the VIP on port 80 and 443 ? Regards, Jean-Christophe
-
aXAPI Examples on GitHub
If you are looking for some aXAPI examples you can now also find them on GitHub. If you want to contribute just fork and pull! :)
-
aFleX GitHub Repository
You can now also find aFleX example on GitHub. Which makes it even easier for you to use and add, just fork and pull! :)
-
Redirect HTTP to HTTPS and maintain original URL
Posted by kberton If you have a need to redirect all incoming HTTP requests to a Vport to HTTPS *and* also maintain the original URL info, then it can be done easily using aFlex. #redirect to HTTPS #maintain original host and uri when HTTP_REQUEST { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
