The Firewall On Our Load Balancer Is Blocking Good And Bad Requests On Convergence 2 And 3
(Doc ID 2218691.1)
Last updated on DECEMBER 02, 2024
Applies to:
Oracle Communications Convergence - Version 2.0 and laterInformation in this document applies to any platform.
Symptoms
The Firewall on our Load Balancer A10 is blocking good and bad requests on Convergence 2 and 3.
We are working on an upgrade to replace Convergence 2 with Convergence 3. In our new architecture we moved all functionality to GlassFish server and for redirection and balancing, we use a Load Balancer A10. For security reasons, we want to activate WAF (Web Application Firewall) on the A10 but the firewall is blocking both good and bad requests towards Convergence.
We use the following Load Balancer in our testing:
------------------------------------
Load Balancer A10 Networks
Model: TH4430S
ACOS: 64-bit version 2.7.2-P8, build 164
Firmware : 5.6
The version of Convergence 3 is 3.0.1.3.0.
The requests are blocked on both test environments for Convergence 2 and Convergence 3.
The WAF logs show errors of the following:
Mail access:
On the Convergence side, when a user tries to send an email, they get a popup that reads:
Unable to load https://FQHN/iwc/svc/wmap/msg.mjs?rev=3&sid=
status:0
When a user tries to access calendar, they get a popup that reads:
Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'https://FQHN/iwc/svc/wcap/get_calprops.wcap'
If we disable the WAF, everything works as expected.
Changes
Activated WAF on the A10 firewall.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |