Forum Discussion

Jo_31162's avatar
Jo_31162
Icon for Nimbostratus rankNimbostratus
Jul 31, 2013

Users logging

Hi,

 

Is it possible to view (and log) with iRule a username of the clients that access an applicatrion server through the VIP on the BigIP with LTM module only?

 

Thank in advance

 

Brgds

 

config
design

4 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jul 31, 2013
    how can we get a username e.g. what authentication method is application using?
  • Jo_31162's avatar
    Jo_31162
    Icon for Nimbostratus rankNimbostratus
    Jul 31, 2013

    Hi nitass,

     

    authentication is performed via LDAP, standard 636 TCP port.

     

    Traffic flow is internal, client-to-VIP-to-server.

     

    Tks

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Jul 31, 2013
    sorry i still do not understand.

     

     

    just a quick question. if you run tcpdump/ssldump on bigip when user do authentication, will you see a username?
  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Jul 31, 2013
    The bigger question perhaps is if LDAP is traversing the VIP? You also said port 636, so assuming LDAPS? Is it an LDAP client passing through a port 636 VIP, or is this another protocol entirely and LDAP(S) used in another way?

     

     

    Just for semantics though, if this is an LDAP(S) VIP, and you're decrypting (and potentially re-encrypting) the SSL layer, then it would be possible to grab the BIND message in the LDAP stream. It's not intuitive, but it is possible.