Home > F5 BigIP, Security > How F5 BigIP may expose your internal IPs

How F5 BigIP may expose your internal IPs

You need to be careful when you configure cookie-based persistence on F5 as by default you advertise this:

bigIP-persistance-cookie to the whole world. Which is not something you usually want to do 🙂

Here is how to decode the real IP from the highlighted number:

F5 SOL6917: Overview of BIG-IP persistence cookie encoding

(so the IP on the screenshot seems to be 10.7.33.103 if I did everything correctly)

And this is the fix- F5 SOL14784: Configuring BIG-IP cookie encryption (10.x – 11.x)

Advertisements
Categories: F5 BigIP, Security Tags: ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: