Forum Discussion

swaminatha's avatar
Icon for Nimbostratus rankNimbostratus
Jul 21, 2021

Allow domains on outbound virtual server with AFM policy

Hi, We have a virtual server to forward traffic to the internet. We have a policy to block access on only ports 80 and 443. We woud like to replace the allowed destinations from IP address to a domain list. We do not have WAF license on the f5 but we do have APM license, can I leverage AFM or APM to allow domains only like

1 Reply

  • APM with can do this SWG (Secure Web Gateway), though more in a proxy style.


    AFM can do this with FQDN objects. although im not 100% how it deals with different IP resolutions.


    you could also do this with an irule and look at the Host header. shouldn't be that hard to build. though keeping such a list is some work i would say.