Forum Discussion
mjb109
Nimbostratus
NimbostratusAPM custom address space by client IP?
Hi all: Strange client requirement, but figured I'd ask as a thought experiment. What we'd like to do is use different split-tunnel address spaces depending on a client's location/IP. For example, i...
Juergen_Mang is spot on, it's pretty straightforward. You'd create:
- Two or more Network Access Lists that comply with your desired connectivity properties
- Create an *empty* item in a per-session access policy, name it "check client IP" or something
- Add branch rules to check the client IP. The Expression Builder has these built-in already.
- Branch to an Advanced Resource Assign that assigns the appropriate resource
mjb109Nimbostratus
NimbostratusI had considered that; unfortunately it relies upon a user to do the right thing. I was thinking more along the lines of an iRule with some logic like:
if client::IP == <Some list>; use profile 'foo'
else, use profile 'bar'
I guess another option would be to create the two tunnels, then a redirect VIP for all users that follows similar logic, but sends a redirect instead to get a user to the right endpoint.