Forum Discussion
Kevin_Stewart
Sep 04, 2018Employee
You can only go as far as the Host name value, assuming the client presents a Server Name Indication (SNI) value in its TLS Client Hello message. You cannot see the request URI, for example, "/websso/*", unless you decrypt.
It's also rare that a browser client will submit an SNI value if it's using an IP address for the URL host.
But assuming the client always does send an SNI, you can indeed use LTM local traffic policies, which are included with LTM, to enable/disable access based on requested host name.
For a quick guide to configuring CPM policies: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/local-traffic-policies-getting-started-12-1-0/1.html