05-08-2019 04:43 AM
Hi I'm having an issue with creating an Irule on our big ip f5 load balancer . Have anyone created an Irule that create persistance based off the CPM in the radius request.
Cisco’s Audit Session ID (also known as CPM Session ID) is a unique value that is calculated by the NAD based on its NAS-IP-Address, an incrementing counter value, and the session start timestamp
We want the CWA url to point to the VIP on the F5 but need to forward the https traffic to the same ins that served the radius request..
Any help appreciated, I have plenty of examples of persistance using client mac and source up but no Irule using audit-session-id
Solved! Go to Solution.
05-08-2019 02:42 PM
Not an answer to your post, but looks like session ID is not recommended per ISE + F5 guide. I understand that it will provide smoother load balancing than other attributes, but recommend using MAC address instead:
05-08-2019 02:42 PM
Not an answer to your post, but looks like session ID is not recommended per ISE + F5 guide. I understand that it will provide smoother load balancing than other attributes, but recommend using MAC address instead:
05-08-2019 07:46 PM
This is true but the mac address of the client end point when they get redirected is not available on the F5 to used to load balance.
The flow is this.
Client connects and radius packet is send from wlc to F5. Persistence is created using the Calling-station id and mac address from the WLC. When the client connects the mac address and calling station ID is different and the sessionization is broken.
This is why i need to Load balance on session-id.
The main objective is to have a global FQDN eg. contractor.domain.com sent back to the client to hide the psn fqdns
05-08-2019 09:58 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide