Category Archives: Security

Security configurations such as from ASA, IPS, NACS, ISR zone base firewall, VPN etc will be posted here.

Anyconnect VPN using local account

Network diagram Configure inside and outside interface ciscoasa(config)# int gi0/1 ciscoasa(config-if)# nameif outside INFO: Security level for “outside” set to 0 by default. ciscoasa(config-if)# ip address dhcp setroute ciscoasa(config-if)# no shut ciscoasa(config-if)# int gi0/0 ciscoasa(config-if)# nameif inside INFO: Security level … Continue reading

Posted in General stuffs, VPN | Tagged , , , , , | Leave a comment

bigip snat automap

You created a forwarder virtual server for your servers behind the bigip appliance to access the internet, your server could not get a respond back. You troubleshoot the problem and found that: Default route is configured in the bigip. You … Continue reading

Posted in F5, General stuffs | Tagged | Leave a comment

Upgrade bigip image in active/standby HA

Import the latest iso to both the active and standby bigip Install latest iso on standby bigip On command line: [root@bigip2:Standby:In Sync] config # tmsh root@(bigip2)(cfg-sync In Sync)(Standby)(/Common)(tmos)# /sys software image root@(bigip2)(cfg-sync In Sync)(Standby)(/Common)(tmos.sys.software.image)# install BIGIP-12.1.0.0.0.1434.iso volume HD1.1 HD1.1 currently … Continue reading

Posted in F5, General stuffs, High Availability | Tagged , | Leave a comment

bigip tcpdump

Capture inbound and outbound from an interface [root@bigip1:Active:In Sync] config # tcpdump -nni 1.1 This command disables ip address and port resolution and from interface 1.1. Capture inbound and outbound and filter by address and port [root@bigip1:Active:In Sync] config # … Continue reading

Posted in F5, General stuffs, Security | Tagged , , | Leave a comment

BIGIP virtual server status

Virtual server is enabled but is unavailable Although the virtual server is enabled, is unavailable. This is because a pool member has reached its connection limit. In this scenario two virtual servers were marked down by health monitor, and the … Continue reading

Posted in F5, General stuffs, High Availability | Tagged , , | Leave a comment

Exploring various load balancing method

Round Robin Least Connection (member) Ratio (member) Dynamic ratio This is a dynamic load balancing method, however the member or node need to have some monitoring agents installed to report the performance over time. Dynamic ratio uses the performance report … Continue reading

Posted in F5, General stuffs | Tagged | Leave a comment