For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Terry_Schmidt_1

Icon for Nimbostratus rank

Nimbostratus

Jun 10, 2014

access control iRule

I cannot seem to get an access control iRule working. I am trying to limit access to a virtual server to only two external IP addresses. I have copied and modified an iRule found on F5 support site b...

application delivery

BIG-IP Access Policy Manager (APM)

Terry_Schmidt_1

Icon for Nimbostratus rank

Nimbostratus

Jun 11, 2014

Thanks Cory, but I think we have solved this by using this code:

when CLIENT_ACCEPTED { if { not ( [class match [IP::client_addr] equals rtp_allow] ) } { reject } }

This has a Data Group (rtp_allow) with the two IP address in it that are to be allowed. In testing we were able to include my IP address in this Data Group and I was able to access the internal web server page and when my IP address gets removed from the Data Group the web page is not available.

Icon for Noctilucent rank

Noctilucent

Jun 11, 2014

That's a good scaling solution if you want to add more addresses to it moving forward. Glad to hear you got it working.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5