DX NetOps

  • Private Community
 View Only

 CAPM and NFA sitting behind a F5 load balancer (providing https) - how to configure f5?

David DuPre's profile image
David DuPre posted Jan 26, 2021 05:32 PM
CAPM and NFA sitting behind a F5 load balancer that is providing Https:

Are there recommendations for how to configure the ports and rules for the F5 so that it will properly handle the Port Redirects from 8181 to 8381 caused by SSO?

Also, what about when a link is clicked that redirects to NFA with SSO authentication?

(Should we enable HTTPS on all hosts behind the F5? Can they be Self-Signed Certs?)

Thank you,
David
Richard Vernon's profile image
Broadcom Employee Richard Vernon posted Jan 27, 2021 09:52 AM

Since the load balancer is outside of CAPM, we do not have guidance on configuring this.

If you need assistance, you can contact your account team to arrange for Services, to help out.

As far as https, yes you can use self-signed certs, here is the info:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/performance-management/3-7/administrating/single-sign-on/set-up-https/enable-performance-center-to-use-ssl-manually/configure-the-port-and-website-for-https.html

..

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/network-flow-analysis/10-0-0/installing/initial-configuration/enable-https-for-ca-network-flow-analysis.html

Please let me know if this answers your questions.

Thanks,

Richard Vernon