Forum Discussion

Nova_201357

Nimbostratus

Mar 28, 2016

APM Dynamic ACL assignment from AD

Greetings! I had a static ACL applied to a Network Access Resource. In testing static assignment, it worked fine. So I took the same logic and formatted as a F5 ACL, put it in AD, in the test acc...

BIG-IP Access Policy Manager (APM)

dynamic acl

security

Brad_Parker

Cirrus

Mar 28, 2016

In my experience it needs to be a single line entry, not multi-line to work. You also can't put spaces between the rules. When you format it like this, does it load? What kind of error do you get if it doesn't? What does the APM log look like for the session? Also, you can look at the built acl with sessiondump -list

{ allow tcp any 10.100.32.15:3389 }{ allow tcp any 10.100.32.15:80 }{ allow tcp any 10.100.32.15:443 }{ allow udp any 10.100.1.84:53 }{ allow udp any 10.100.1.85:53 }{ deny ip any any }

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

APM Dynamic ACL assignment from AD

Recent Discussions

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

Problem with lets encrypt and redirect after update

where can find silverline ddos protect config guide?

iRule for client certificate verification and inserting CN

Related Content

APM variable assign examples

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

Mitigating OWASP API Security Risk: Mass Assignment using F5 XC Platform

Improve BIG-IP APM VPN speed with TLS dynamic record size

Resolving DNS, and dynamically selecting pool

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS