APM Activesync iRule and PROFILE_RESTRICT_SINGLE_IP variable

Question

Hi,&nbsp;When configuring APM to authenticate Activesync connections, there are 2 solutions:&nbsp;enable irule _sys_APM_ExchangeSupport_main or _sys_APM_ExchangeSupport_mainconfigure exchange profile which enable one of these irule (or another one...)In these irule, there is the following code:&nbsp;if { ! [ info exists PROFILE_POLICY_TIMEOUT ] } {
    set PROFILE_POLICY_TIMEOUT            [PROFILE::access access_policy_timeout]
}
if { ! [ info exists PROFILE_MAX_SESS_TIMEOUT ] } {
    set PROFILE_MAX_SESS_TIMEOUT          [PROFILE::access max_session_timeout]
}
if { ! [ info exists PROFILE_RESTRICT_SINGLE_IP ] } {
    set PROFILE_RESTRICT_SINGLE_IP        1
}Why the irule does not retrieve PROFILE_RESTRICT_SINGLE_IP from [PROFILE::access restrict_to_single_client_ip] instead of setting it to 1 which create lots of active sync sessions from several different IPs?&nbsp;to set the variable before , I created the following irule:&nbsp;when HTTP_REQUEST priority 1 {
if { ! [ info exists PROFILE_RESTRICT_SINGLE_IP ] } {
        set PROFILE_RESTRICT_SINGLE_IP        [PROFILE::access restrict_to_single_client_ip]
    } 
}Is there best solution?&nbsp;

kai_wilke · Answer

Hi Stanislas,
since priority 1 is set. How about...
when HTTP_REQUEST priority 1 {
    set PROFILE_RESTRICT_SINGLE_IP  [PROFILE::access restrict_to_single_client_ip]
}

Cheers, Kai 😉

Forum Discussion

APM Activesync iRule and PROFILE_RESTRICT_SINGLE_IP variable

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

iRules variables in BIG-IP Next: behavior change

APM variable assign examples

Getting Started with iRules: Variables

iRule variable

Ipsec.lookupspi database variable

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS