VIP and Cluster ActiveGate

rmeli · ‎23 Aug 2019

We have a VIP sitting in front of a cluster of 2 cluster activegates. This VIP has a public ip address and will be used to collect Mobile, Browser RUM metrics. We have a certificate for the two cluster activegates. Do we install the certificate on the VIP as well?

skrystosik · ‎23 Aug 2019

If VIP can pass through SSL traffic to active gate, it should be enough. But more often is case when LB has own wildcat certificate and after it traffic is passed even with self signed one. Some of our client has F5 on front, after it traffic is passed with http without ssl.

You know that mobile application can report beacons to mobile app API endpoints and in such case you don't need cluster active gate? This is setting that can be turned on on applications settings. The same story is by default for web applications. Only agentless rum monitoring needs cluster active gate because there is no agent placed on We server.

Sebastian

Regards, Sebastian

rmeli · ‎27 Aug 2019

Sebastian, we now have a certificate on the F5. We haven't been able to test traffic flow yet. Can you explain more about your second paragraph please?

skrystosik · ‎27 Aug 2019

Look at those screens:

Herę you can Configure to accept data from mobile app on instrumented by OneAgent API. In słuch case you don’t need Cluster ActiveGate for this purpse.

Sebastian

Regards, Sebastian