-
AxAPI Export or Download example?
I'm wanting to snag the fixed-nat port mapping file periodically and save it elsewhere, or in a database. I have managed to get the list of files, but I can't seem to figure out the export command. Could someone by chance share an example of how this would be done? In a perfect world i'd like to hit the API, get the file…
-
How to set up Harmony Controller ?
In this article, we will look at how to set up Harmony Controller after activating Controller and Thunder licenses. The next steps are to: 1. Check Networking Pre-requisites 2. On-board Thunder to Harmony Controller 3. Viewing Analytics and Insights Step 1: Check Networking Pre-requisites Communication between Harmony…
-
How to get started with vThunder Free trial ?
In this article, we will look into how you can sign-up & quickly set up your vThunder free trial in 30 minutes. This trial allows you to explore and test the benefits of A10 application service capabilities Convergent Firewall (CFW), Application Delivery Controller (ADC), Carrier Grade Networking (CGN), and SSL Insight…
-
virtual-server with two service-group
Hi team I've a virtual server with a specify IP, but I need associate differentes service-group because the service will be use always the same IP. How I can associate for the same port (in my case 80) differents service-group for SLB? Thank you
-
CVE-2022-0778
A10 PSIRT says: To mitigate this issue for ACOS management plane, avoid importing / exporting files using the HTTPS transfer method. Does it include GUI operation, which ACOS works as HTTPS server and does not verify certification and accept EC parameters either.
-
Get started with Harmony Controller Trial
Harmony Controller offers single-pane-of-glass management and analytics for A10 secure application services, including A10 Thunder® ADC, SSLi®, CFW, and CGN across on-premises data centers and public, private, and hybrid cloud deployments. It improves agility and efficiency with automation, thus reducing the need for IT…
-
[T&C] Getting started with Thunder ADC configuration using Terraform
In this article, we will see how you can use the Infrastructure as Code (IaC) tool Terraform to configure the Thunder ADC. The current configuration of the Thunder ADC is as follows: vThunder#sh runn !64-bit Advanced Core OS (ACOS) version 5.2.1-p2, build 117 (Jul-10-2021,17:40) ! ip dns primary 8.8.8.8 ! timezone…
-
Management port
Hi team Im new with ACOS software. How I can setup the management port and assign an address IP? Thanks,
-
SSLi in perimeter
Has anyone placed SSli in perimeter with ISP cables connected to it. I need decrypted traffic for my proxy & Perimeter firewall. Re-encryption happens after perimeter firewall. Can I keep the NAT, ISP IP, routing in perimeter firewall itself. SSLi-Out would have ISP cables connected and recencryption happening
-
SSLi traffic bypass
does SSLi has any hardware bypass option. Incase a device failure happens SSLi bypass all traffic?
-
Problem with ip nat pool configuration not deletable
Hi Everyone We have a problem with our TH1030S cluster(two TH1030S, VRRP-A and VCS). Advanced Core OS (ACOS) version 4.1.4-GR1, build 78 . I can't erase the following ip nat pool configuration. ip nat pool 172.17.12.0 172.17.12.11 172.17.12.30 netmask /24 ``` #no ip nat pool 172.17.12.0 NAT pool is in use. Try again after…
-
APPLICATION ACCESS MANAGEMENT Deployment
Hello everyone! I was asked by my company to provided a solution to deploy 2nd factor authentication for our web applications, without having to recode the application. I know there's some platforms as auth0 that can be used for this, but I'm just trying to find if it's possible to do it with the equipment that we already…
-
How to fix this issue for CVE-2011-1473
How to fix this issue for CVE-2011-1473
-
What is solution of A10 for API?
Hi everyone, Our customer have a web service system communicate with mobile app via API (RESTful API protocol). Now they want to a solution of A10 to support and protect this API. I have informed that is aXAPI, right? Please give me some advice about this issues Thanks
-
Thunder Kubernetes Connector with Thunder ADC
In this article, we will see how Thunder Kubernetes Connector (TKC) can dynamically configure the Thunder ADC for load-balancing traffic to a Kubernetes cluster. Setup The K8s cluster consists of: Master: 172.16.1.12 Node: 172.16.1.13 Node: 172.16.1.14 The Pod network is 192.168.0.0/16. The K8s version is: $ kubectl…
-
Realtime Memory High Performance
Hi everyone, I have a TH3030S device always in high performance of Realtime Memory status (85% - 88%) Although I have not set anything, only set ip management. How can I fix it and what is the root cause? Best regards!
-
software is not updated. Error Communication error with LB process
Colleagues, please tell me, maybe someone has already encountered such a problem. after software update, 5.2.1 or 4.1.4 to Funder the system does not boot to the end, constantly in this mode: ACOS(LOADING) ACOS(config)(LOADING)#int management Communication error with LB process ACOS(config)(LOADING)#…
-
Microsoft Windows print spooler and any other Windows service health check Load Balance
Hi, anyone here know how to load balance printer spooler services in A10 ?
-
Controll CPU
Hi Experts, I have a TH3030S device which always in fully 100% CPU performance. Now I want to set Controll CPU is upto 2 cores and Data CPU is 6 cores. What do I can do via CLI or GUI. Best regards!
-
Thunder 4330
Please tell me where you can find information about the model: Thunder 4330 Thank you.
-
Command "trunk-group (id group) lacp" is not enable in partition
Hi experts, I have a trouble when i config in CLI the command "trunk-group" (ex: trunk-group 1 lacp) on Thunder 1030S device. It still actives in part shared, but not actives in part LV3. My configuraion is below: Netpo_Thunder_1030S#conf t Netpo_Thunder_1030S(config)#active-pa Netpo_Thunder_1030S(config)#active-partition…
-
[T&C] HTTP/HTTPS URL Filtering with Thunder ADC/CFW
In this article, we will look at how you can do HTTP/HTTPS URL filtering using Thunder CFW. Download and install web category license and database First, make sure you have the web category license on the Thunder device: vThunder#sh license-info…
-
SSL Secure Renegotiation
Hi, How configure SSL Secure renegotiation ? Regards
-
System restore API with scp
I'm able to take system backup using "/axapi/v3/backup/system" api as this api can take password. But there is no password attribute in "/axapi/v3/restore" API. Any help is greatly appreciated to restore using SCP. Thank you. Koti.
-
IIS + PHP + Chrome Issue
Hi! I try to load balance two PHP Servers, they are identical Php files. If use HTTPS L7 VIP every so often it experienced a logout. If use TCP L4 VIP every so often I get "server.com sent an invalid response" I try many Service Group Modes and persistence This only happens using Google Chrome Has anyone experienced…
-
http
Hey Guys, I need some help because I have some problem on ADC configuration, I have an external issl appliance perform the encryption and decryption(transparent), and im using a10 to forward the traffic to DLP through ICAP. When we configure tcp in SLB we can see the traffic passthrough a10, but when we configure HTTP we…
-
Unable to delete service-group
Please refer to the details below can delete unused service-group on standby device normally. l After a few days, I can delete several service groups, but there are still a few that can not be deleted. The same error message is displayed when deleting through gui. I think it may be related to current session. Oct 28 2021…
-
TACACS with Cisco ISE
I have been trying to set up TACACS authentication via Cisco ISE on an A10 ADC, but haven't been able to find much for configuration documentation, options and examples. Does anyone have any of these? Or know where I could find them? Any assistance would be greatly appreciated. Thanks
-
PAT with CGN NAT
hello i have A10 AX1030 on 4.1.4, build 332 and i configure CGN NAT on it my question is can i make some of my private IPs go over one of this CGN NAT pool let say i have public start IP x.x.x.3 end address x.x.x.254 is there any way to use x.x.x.200 for another private range
-
Servers and virtual servers
I want to ask if I can have the servers and slb virtual server from the same subnet ?