-
HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487) Attack Advisory
An emerging threat, the HTTP/2 Rapid Reset Vulnerability (CVE-2023-44487), has been identified as a new application layer denial-of-service attack that brings a significant risk to network security. This vulnerability allows attackers to exploit the HTTP/2 protocol's design and any organizations running web, application,…
-
informix database health monitor
hello colleagues, we have been asked to perform a balancing between Informix nodes and we are not using the normal health monitor tcp connection because the logs are filled with errors so we have to make a special one and I do not know if anyone has had the same problem and has managed to run any with python from the a10.…
-
AXSK-CSFP-SR Module Specifications
Dear A10 experts, I would appreciate your insights regarding the specifications of the AXSK-CSFP-SR SFP module. According to previous product information, this model is generally described as a 1Gbps (1000BASE-SX) SFP transceiver. However, the AXSK-CSFP-SR module we recently obtained has a label that clearly states “10Gig,…
-
aFlex for log mail from,to, on STARTTLS/TLS mails in ssl-proxy port
Hi, i'm new in this forum and with a10 aFlex. Device: A10 thunder 3030s Os: 2.7.2-P11(build: 77) I've configured a SMTP service in one VIP with two ports: 25 - SMTP 2530 - STARTTLS/TLS (port with ssl-client template in mode ssl-proxy) and (for GDPR law) need to log the ip, mail from, mail to, message id, ip from, vip,…
-
In the VRRP master backup synchronization group, the host cannot synchronize and configure to the st
We encountered a problem In the VRRP master backup synchronization group, the host cannot synchronize and configure to the standby running configuration. There is a synchronization configuration in the standby startup config. After executing the synchronization operation command on the host, the prompt is as follows…
-
A10 got a error http 301
Someone has had this kind of inconvenience I have the following topology A10 --> SW --> SERVERS I currently have 3 web servers, two of which are working normally, and have practically the same configuration as below. This is the config for the server that is not working. ! slb server server server-error 10.10.10.10 port 80…
-
Harmony Controller - APP Services.
I have my a10 thunder synced to a harmony controller SaaS account. I have been adding/removing VIPs since we are doing some tests, but in the harmony have begun to be displayed in the section Services--App Services, the duplicate VIPs of which I have already deleted several but still not updated in the Harmony Anyone has…
-
<server-name> redirected you too many times.
I want to make the configuration for the publication of 2 web services, I have made the same configuration for both services, with a server queries are performed normally but with the other I have the following error <server-name> redirected you too many times. This is the config, for both VIP (the name and IPs are…
-
Upload SSL certs via axapi v3.0
I have tried using the file/ssl-cert AXAPI 3.0 endpoint to upload an SSL cert, and have so far been unable to with either curl or Ansible. curl -k -X POST -v \ https://a10.example./axapi/v3/file/ssl-cert \ -H "Authorization: A10 ${SIG}" \ -H 'content-type: application/json' \ -d '{ "ssl-cert": { "file": "example.com.crt",…
-
DDOS exclusion settings
I have a question about the following settings. I want to exclude the source address 1.1.1.1 from DDoS protection, so I have configured the settings as follows. For UDP communication from 1.1.1.1 to 2.2.2.2, glid 20 or glid 10 is applied, and a traffic threshold exceedance is detected. Shouldn't glid 30 from the class-list…
-
How to inject Server Name Extension (SNI) on server-side based on HTTP Host by Aflex?
We are replacing the F5 load balancer. Could you please let me know how to implement this iRule using aflex or other methods? he client request SSL packet header does not contain SNI, and it needs to be extracted from the Host field of the HTTP packet header. F5 irules: when HTTP_REQUEST {set sni_value [getfield…
-
NHLD Publics IP
I want to perform an NHLD to be able to balance the Internet traffic of my internal users through three ISP links, but in the perimeter FW that is in front of the A10 there is the publication of their services. That is to say, there is a NAT which publishes its servers. What considerations should be taken to avoid moving…
-
Mode Trunk on A10
I am trying to make a Layer 2 configuration so that my A10 allows traffic from multiple VLANs on one interface, since I will connect it to a switch where my Internet outputs are and in my internal network I have multiple VLANs that I want to have Internet connection. This is the example of topology I would like to perform…
-
NTP sync in Harmony Controller
Hi community, How could I sync the NTP in the Harmony Controller with an A10 device?
-
How to fix A10 TPS high memory?
How to fix A10 TPS Device high memory issue? Could you please help?
-
GSLB
I am trying to implement a GSLB deployment with two data centers geographically located in different locations.\ How is the DNS configuration managed so that requests that reach the External DNS are taken to the A10 for resolution? Has anyone already done this type of deployment before? This is the topology I'm trying to…
-
Replace Citrix with A10 how to convert the configuration.
Hi, I have 9 services running on IBM WebSphere. Three of these services are using Layer 7 (HTTPS), while the other seven use Layer 4. Currently, all services are behind a Citrix load balancer, but we plan to replace it with a pair of A10 ADCs. All services are on the same VLAN. We will create a virtual Ethernet (VE)…
-
Activating the NG-WAF generates the Log
I am enabling NG_WAF on my V-port, adding the command generates the following LOG: A10(config-slb vserver-vport)#ng-waf Warning: Can't find ng-waf log. Some errors may not be detected. It is understood that once this command is executed and traffic is generated to the Virtual Server, this should be reported in the NG-WAF…
-
The Harmony Controller be installed above the RHEL 9
Can the Harmony Controller be installed above the RHEL 9?
-
A10 4430 beeping on boot
hi, A10 is returning error 9.9 and beeping Console dont appears booting, just beeping and 9.9 error
-
How to inject Server Name Extension (SNI) on server-side based on HTTP Host
We are replacing the F5 load balancer. Could you please let me know how to implement this iRule using aflex or other methods? he client request SSL packet header does not contain SNI, and it needs to be extracted from the Host field of the HTTP packet header. F5 irules: when HTTP_REQUEST { set sni_value [getfield…
-
A10 AX-1000 tried connecting console cable to configure but the process always like screen shoot
tried connecting console cable to configure but the process always like screen shoot attached The HDD and status always show orange status. HDD amber color is ON but with orange status. Always check memory when we connect the console to configure.
-
ADC virtual-server BGP RHI
Hi, I'm trying to do RHI with BGP. I configure BGP, with peer to a router, to redistribute flagged VIP. In the virtual server I do "redistribute vip". At the router I receive the route to the VIP. If the VIP is down I still reveive the route. I expected to do not receive the VIP route if the virtual-server is down. So my…
-
A10 WAF vs A10 Next-Gen WAF
May I ask some question? What is the different between A10 WAF vs A10 Next-Gen WAF? a cloud-based WAF? software-based WAF? hardware-based WAF? Could you please explain benefits of Next-Gen WAF?
-
Application Delivery Partitions (ADPs) and Next-Gen WAF
May I ask some questions? 1. Application Delivery Partitions (ADPs) The customer asked me. They create L3V partitions on the ADC. They found all physical network interface use for the L3V partitions. For example: One creates an L3V partition for Company A. Next one, creates an L3V partition for Company B. Company A L3V…
-
Using Passive FTP in vThunder
I, unfortunately, have an application that sits behind vThunder that uses passive FTP and am having trouble getting this to work. I can configure a single port and limit the application to a single port using passive ftp and the service works but I need to use all available ports in the passive FTP standards (49152-65534)…
-
Can't access GUI
I can access A10 CFW from CLI (admin/a10) but I can't access GUI (admin/a10) how can I do it for the GUI access? Interface Mangement IP address config finished. New create user account from CLI. New create user access web, access cli, access axapi (config from CLI) But I can't access GUI still now. Could you please help…
-
Can we test the ADC features on the A10 CFW?
The customer wants to test Web Application Firewall and load balancer feature on the A10 Thunder ADC. Currently, we do not have an A10 Thunder ADC physical appliance but do have an A10 Thunder 3350-E CFW. Can we test the ADC features on the A10 CFW? The customer specifically requests testing for the following ADC…
-
Configure VIP
Hi All, I have a model with Trunk, VLAN, LACP configured on 2 ports connecting to 2 Firewall servers and clients. However, from A10 I can ping the server and client. From the client I can ping the VE on A10, but cannot ping the VIP. Thanks
-
Can we control the A10 ADC license from Harmony Controller?
The following link is the GLM portal. Global License Manager (GLM) https://glm.a10networks.com/ Controller deployed offline (without access to GLM) can use Local License Manager (LLM) What is Local License Manger (LLM)? Can we control the A10 ADC license from Harmony Controller? Could you please help explain and confirm?
-
Harmony Controller license and FlexPool license are the same?
May I know the FlexPool license and Harmony Controller license are the same? Could you please explain and confirm?
